and every other alternative, which is the fact that it isn't qwerty. I know on the face of it is sounds like a stupid reason but there is logic in the stupidity...
As much as I would want to learn a faster method of typing. unless I can use the same keyboard everywhere I am (at home - easy, at college - hard, at work - you try asking your boss to switch), then I will never be able to learn the new keyboard layout because I'm frever switching back and to from a qwerty keyboard layout. As is mentioned in nearly every dvorak tutorial I have seen, you need to use the same layout all the time until you are proficient with the new layout. Switching back and to between layouts only lowers your typing speed in both layouts.
Now, if somebody could come up with a keyboard (cheaply, I dont want to sell my firstborn to type faster), that physically remaps the keys (so I can select US/UK keyboard layout in windows, but get a different layout on the actual keyboard), this would mean I could take this keyboard with me wherever I went (although on a palm it might be difficult), and use it in work, college, as well as at home, simpy unplugging the old keyboard and inserting the new without messing up the software settings that managers/admins won't hate you for 'hacking/cracking the network'.
its the popularity of the OS. Windows is so popular that nearly everyone who, to put it bluntly, can simply not use a computer uses windows. I'm not saying that there arent competent Windows system administrators and knowledgable users, what I am saying is that most people are using computers for a long time before they discover alternate operating systems, and usually need a little knowledge to switch.
This means that there are going to be more people using windows who dont know what a security hole is, let alone how to patch it.
Another problem with popular operating systems is just that. They are popular and have many more users. If 10% of all users (a simplification here) are vulnerable to an attack, then most of them will be windows users.
Possible solutions? Maybe microsoft could sell windows in a pink box and charge $2000, making it instantly less popular and having less users vulnerable to exploits:)
Seriously though, take for example the Morris worm of 1988, infected a network run by competent system administrators (the fact that it was UNIX is besdies the point.. or is it?:P), and the problem was patched within a couple of days. With the code red worm, most users didnt even know they had a web server, and even now I am getting hundreds of XXXX requests in my apache logs.
And now linux is gaining popularity... NOOOOOO.. shoo.. shoo.. we dont need more users...
Are there drugs that won't 'zombify' a person, but keep them focused?
Caffeine?
Of course, they can't ban cofee.. can they?
Re:IRC can be fixed easily.
on
Secure IRC?
·
· Score: 3, Informative
Those two points have already been implemented on IRC in some servers.
1) An authentication system exists in the form of nickserv (although optional, can be made to prevent other users from using your nick), and no other information would be released if the user does not provide it. The only information released would be the hostname/ip, which is solved by point 2...
2) I can't remember which ircd does it now (one of the dalnet/undernet ircd's?), but there is a hostname cloaking feature, which removes the last 2 parts of a persons ip, or the first part of their hostname, while leaving enough information to determine what ISP a person is using (useful for legitimate reasons, such as finding out what country a person is connecting from without needing to ask), it prevents script kiddies from obtaining enough information to DoS a user. However it is still possible (even with any ip address blocking) to determine a users address by using netstat on a shell. (This has been done an servers where public shell access is given on the same machine as the ircd)
The problems not solved by those two methods are firstly, no encrypted communications can be made.. anything sensitive could be sniffed, even over a DCC connection (the paranoid types, like me, who wave hi to echelon and its ilk during most sensitive 'private' irc chats). To solve this, client side scripts could be used to encrypt DCC communications, no new server needed.
The other problem is lag/netsplits. For some purposes (talking to a small group of friends), this could be solved by using a single-server 'network' (no netsplits) and no server to server lag.
Most of these solutions require setting up your own irc server, but this isnt too hard to do and is no less hassle than moving to a completely new, incompatible system.
Instead of having this counter-virus/worm attack the computer, have each computer (possibly as part of an anti-virus package, or windows itself (or installed with every linux distro)) contain a framework which allowed limited access to a computer by counter-viruses/worms voluntarily, and with safeguards to prevent abuse and overuse of bandwidth/resources etc..
Of course, there would be problems getting everyone to install the agent host, but if such an idea became accepted, then each counter-virus would run in a sandbox and be prevented from doing harm (set by the user).
If all these new wiz-bang features are implemented as extensions to the original API, then all the developer has to do (if he/she/they/it chooses to support the new features) is detect if the feature is available and add the code for it. If not, then just use the standard API.
Eventually, all the other manufacturers will catch up with the new features, and the extension will become integrated into the standard.
An analogy could be (think ye olde days) detection of a sound card, and only enabling sound if one is available.
If even that it too much work for the developer, then just dont support the new extension - the graphics will just look as pretty to the untrained (read consumers) eye.
... but also (surprise surprise!) Microsoft itself has sent letters to similar effect. While not directly threatening a raid, the letters preach on about companies who aren't legal having to face the consequences, and even includes a 'request' to audit your own company... presumably before they (or the BSA) do.
As for the BSA's letter, I say keep them coming... the more companies who are scared into running linux the better. And when the other companies find that linux isnt so bad after all, more and more will begin using open source/free software, not just because of a scare tactic, but because of its features.
With descriptions like that, I'm still not quite sure what this is..
as far as I can see, it appears to be merely a glorified version of slashboxes, with an index that updates itself.
I'm sure theres something else (the really nifty bit) that I'm missing.. just dont know what it is:/
If the UNIX term is simply based on some microsoft like money-coughing-up registration, then why not have a GNU term? (ironicaly a 'Not Unix' compliance).
Something like any unix like os that can run the GNU programs 'out of the box' is entitled to have GNU in the name..
Just assume that.kids was enforcable and only the nice non-offensive kid friendly sites would populate the.kids domain, what would this lead to?
Censor software would have the option to just allow sites withing the.kids domain, and we would have so called child friendly internet access where all access to any knowledge (my primary use for the internet is to find stuff that I wouldnt normally be taught in school/college) is forbidden in schools and public libraries.
What I meant by that is, if a piece of software isnt of good quality, then people simply wont use it, and use other software instead, whereas if a piece of software is of good quality, no bugs, actually works, etc... then more and more people will use it, the software will gain a reputation as being good, and it will gain a reputation of being good quality.
Of course, this doesnt apply to M$ windows, because for joe average user who doesnt even know how to hold a mouse properly, there isnt any other software to use apart form windows. But for those of us who dont like the quality of windows have decided to use other software (Linux etc..)
So in short, I dont think any QA statement is needed, and people will decide for themselves what is good and bad.
Okay... so we all sit here for 20 years reverse engineering the genome... and finally discover the 'source code' to making nice little humans, only to find the whole human race facing a lawsuit from {insert religious figure here} saying that that code was closed source, and the end-user-license was clearly on view in the Atlantis Legal Academy (which just happens to have sunk a few hundred thousand years back), with some wacky reverse engineering clause.....
Me and a friend devised a similar idea to defeat the UK's forced decryption bill. Now the one time pad idea is nothing new, but what it means is that you can decrypt the text into anything you want using a different key.
Again, you need a random stream, but this random stream isnt used as the key directly. This is used to generate a dummy key (which will decrypt to something you can show the police (or feds or whatever) - the dummy text), and the real key - which will decrypt to the real plaintext - the controversial material.
Heres the method...
K = Random one time pad (aka real key) P = Plain Text D = Dummy Text C = Cipher text KD = Dummy Key
C = P xor K (Normal method of encrypting a one time pad)
KD = C xor D (To get the dummy key - xor the ciphertext with the Dummy plaintext)
Now when asked to surrender your key - you give in the dummy key. The law enforcement agency decrypts the text as follows.
KD xor C = D
remember that:
KD = P xor K xor D
and
C = P xor K
so when you XOR KD and C, D pops out, and there is no way to prove that you have anything other than an innocent little message.
To get the real message - just XOR K and C - to get P.
Again - this method suffers from a number of problems, such as plaintext and dummytext need to be equal, the real key must be kept secret from law enforcement, the need for a random, one-use-only key, and a host of others that I may not have come across, but it works, and provided the key is random, and kept secret - there is nothing that can be done to prove you didnt supply the correct key.
There is also another possibility, but I am not sure that this would work as well:
Encrypt the text with a block cipher to get C, and then get the dummy key as usual. This has the advantage that you can use your normal encryption programs, and not need a one time pad for normal use, but you can claim that you _did_ use a one time pad, and supply the dummy key as usual. Provided the ciphertext was encrypted using a good algorithm, it should appear random, and there is no way to prove otherwise.
I am unsure as to whether using standard encryption methods leave some sort of signature as to what method was used, and if this is so, then the above method falls down.
>On an unrelated topic.. why hasn't anyone made a >portable real-time chat, like IRC or >ICQ/AIM, either through a cell phone or >other dedicated device yet? or have they? I'd >assume the technology is there for it already? I >think that would be insanely popular... >hell, I'd buy it. It's be good for deaf folks too.
Thats what SMS is for, of course, its not compatible with the hoards of ICQ users out there.. only compatible with the even larger mobile phone community...
of course, there's still the cost.. 12p (about 18 cents) per message on my phone, but if it was a little cheaper, I could easily see SMS becoming (already is?) like real time text chat..... all we need now is SMS to multiple users, without the monopolising bastards wanting 500 times the money to send SMSes to the 490 lamers and bots on the irc channels:)
All this talk about if certain clauses are illegal then the whole EULA is illegal reminds me of a small part of the GNU General Public License:
----------- 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. ------------
Now IANAL, but I think that if it were to happen (M$ court case, etc.. etc..) that some part of the GPL were made illegal, for example, if a piece of work is copyrighted, then no matter what the terms - it cant be copied (sounds like something the evil empire could conjour up and get made law), then all free software (Linux, GNU utilities, nearly every piece of software I use...) would be illegal, and the whole free software idea would break down...
Now that couldnt possibly happen in real life... could it?
> This smells alot like a big brother plan to me, but theoretically, if you can control your computer, couldn't your computer control you?
Not necessarily. At this moment you are controlling your computer with your hands, does that mean your computer can control your hands?
If something like this becomes possible, there is one more thing to think about... us normal 'joe public' people are discovering this sort of technology now, but the Government angencies and the like will have probably being researching this technology for years, going on to develop the mind control aspect and may already be using it on the unsuspecting population. This probably goes on to explain the popularity of McDonalds, Nike, and (ugh!) M$. 'cept that the M$ hating slashdotters (not generalising here;) ) will be immune to this.. so rest easily!
Boy am I paranoid!!!!
Someone let me know when PGPDisk - Brain drain edition comes out, or (better still) the linux-encryption-brain-patch..:)
I remember seeing somewhere that people were working on a Deep space protocol, a successor to TCP/IP that didnt need acknowledgements for every packet and avoiding the timeout problems.
The problem with thinking about internet in space is that we are going to need people at the other end, and unless there is a colony on mars, then there is no point in placing an internet link to one or two probes.
The same goes for interstellar networks, if (when) we advance far enough to colonise other solar systems, we will most likely have discovered a method to send signals faster than light (as well as Superluminal velocities in spacecraft). If not, and radio signals are our only method of communicating via computers, then it would work out far faster simply jumping in one of our little spceships and delivering the message by hand.
Thing is, when we get to the stage of travelling interstellar distances, we can just ask bug-eyed-bill and his space poodle how their species did it! (Assuming M$ and government philosophy of what they dont know, assume they are to stupid to know, and charge them for the priveledge, didnt take them over that is)
As far as I was aware, some (if not quite a bit of) internet traffic is already routed through sattelites as with telephone calls. Okay, so now you got the actual computer in space, but this is nothing groundbreaking. I mean, just think of all the extra NASA missions: STS-31337 - Astronauts launch to press reset button on blue-screened sattelite!
And for the script kiddies, the IP is 207.46.130.14. (The intelligent among you will realise that this is merely an elaborate plot to packet/slashdot the evil empires (aka M$) website.:P)
Slashdot Mirror
and every other alternative, which is the fact that it isn't qwerty. I know on the face of it is sounds like a stupid reason but there is logic in the stupidity...
As much as I would want to learn a faster method of typing. unless I can use the same keyboard everywhere I am (at home - easy, at college - hard, at work - you try asking your boss to switch), then I will never be able to learn the new keyboard layout because I'm frever switching back and to from a qwerty keyboard layout. As is mentioned in nearly every dvorak tutorial I have seen, you need to use the same layout all the time until you are proficient with the new layout. Switching back and to between layouts only lowers your typing speed in both layouts.
Now, if somebody could come up with a keyboard (cheaply, I dont want to sell my firstborn to type faster), that physically remaps the keys (so I can select US/UK keyboard layout in windows, but get a different layout on the actual keyboard), this would mean I could take this keyboard with me wherever I went (although on a palm it might be difficult), and use it in work, college, as well as at home, simpy unplugging the old keyboard and inserting the new without messing up the software settings that managers/admins won't hate you for 'hacking/cracking the network'.
although he was his own ISP so I dont know if that counts :/
Anyway, here's the link
Cookie anyone?
its the popularity of the OS. Windows is so popular that nearly everyone who, to put it bluntly, can simply not use a computer uses windows. I'm not saying that there arent competent Windows system administrators and knowledgable users, what I am saying is that most people are using computers for a long time before they discover alternate operating systems, and usually need a little knowledge to switch.
:)
:P), and the problem was patched within a couple of days. With the code red worm, most users didnt even know they had a web server, and even now I am getting hundreds of XXXX requests in my apache logs.
This means that there are going to be more people using windows who dont know what a security hole is, let alone how to patch it.
Another problem with popular operating systems is just that. They are popular and have many more users. If 10% of all users (a simplification here) are vulnerable to an attack, then most of them will be windows users.
Possible solutions? Maybe microsoft could sell windows in a pink box and charge $2000, making it instantly less popular and having less users vulnerable to exploits
Seriously though, take for example the Morris worm of 1988, infected a network run by competent system administrators (the fact that it was UNIX is besdies the point.. or is it?
And now linux is gaining popularity... NOOOOOO.. shoo.. shoo.. we dont need more users...
Are there drugs that won't 'zombify' a person, but keep them focused?
Caffeine?
Of course, they can't ban cofee.. can they?
Those two points have already been implemented on IRC in some servers.
1) An authentication system exists in the form of nickserv (although optional, can be made to prevent other users from using your nick), and no other information would be released if the user does not provide it. The only information released would be the hostname/ip, which is solved by point 2...
2) I can't remember which ircd does it now (one of the dalnet/undernet ircd's?), but there is a hostname cloaking feature, which removes the last 2 parts of a persons ip, or the first part of their hostname, while leaving enough information to determine what ISP a person is using (useful for legitimate reasons, such as finding out what country a person is connecting from without needing to ask), it prevents script kiddies from obtaining enough information to DoS a user. However it is still possible (even with any ip address blocking) to determine a users address by using netstat on a shell. (This has been done an servers where public shell access is given on the same machine as the ircd)
The problems not solved by those two methods are firstly, no encrypted communications can be made.. anything sensitive could be sniffed, even over a DCC connection (the paranoid types, like me, who wave hi to echelon and its ilk during most sensitive 'private' irc chats). To solve this, client side scripts could be used to encrypt DCC communications, no new server needed.
The other problem is lag/netsplits. For some purposes (talking to a small group of friends), this could be solved by using a single-server 'network' (no netsplits) and no server to server lag.
Most of these solutions require setting up your own irc server, but this isnt too hard to do and is no less hassle than moving to a completely new, incompatible system.
Instead of having this counter-virus/worm attack the computer, have each computer (possibly as part of an anti-virus package, or windows itself (or installed with every linux distro)) contain a framework which allowed limited access to a computer by counter-viruses/worms voluntarily, and with safeguards to prevent abuse and overuse of bandwidth/resources etc..
Of course, there would be problems getting everyone to install the agent host, but if such an idea became accepted, then each counter-virus would run in a sandbox and be prevented from doing harm (set by the user).
If all these new wiz-bang features are implemented as extensions to the original API, then all the developer has to do (if he/she/they/it chooses to support the new features) is detect if the feature is available and add the code for it. If not, then just use the standard API.
Eventually, all the other manufacturers will catch up with the new features, and the extension will become integrated into the standard.
An analogy could be (think ye olde days) detection of a sound card, and only enabling sound if one is available.
If even that it too much work for the developer, then just dont support the new extension - the graphics will just look as pretty to the untrained (read consumers) eye.
... but also (surprise surprise!) Microsoft itself has sent letters to similar effect. While not directly threatening a raid, the letters preach on about companies who aren't legal having to face the consequences, and even includes a 'request' to audit your own company... presumably before they (or the BSA) do.
As for the BSA's letter, I say keep them coming... the more companies who are scared into running linux the better. And when the other companies find that linux isnt so bad after all, more and more will begin using open source/free software, not just because of a scare tactic, but because of its features.
--
With descriptions like that, I'm still not quite sure what this is.. :/
as far as I can see, it appears to be merely a glorified version of slashboxes, with an index that updates itself.
I'm sure theres something else (the really nifty bit) that I'm missing.. just dont know what it is
http://www.lbl.gov/Science-Articles/Archive/pi-ran dom.html
If the UNIX term is simply based on some microsoft like money-coughing-up registration, then why not have a GNU term? (ironicaly a 'Not Unix' compliance).
Something like any unix like os that can run the GNU programs 'out of the box' is entitled to have GNU in the name..
Just assume that .kids was enforcable and only the nice non-offensive kid friendly sites would populate the .kids domain, what would this lead to?
.kids domain, and we would have so called child friendly internet access where all access to any knowledge (my primary use for the internet is to find stuff that I wouldnt normally be taught in school/college) is forbidden in schools and public libraries.
Censor software would have the option to just allow sites withing the
Not a good idea really is it?
What I meant by that is, if a piece of software isnt of good quality, then people simply wont use it, and use other software instead, whereas if a piece of software is of good quality, no bugs, actually works, etc... then more and more people will use it, the software will gain a reputation as being good, and it will gain a reputation of being good quality.
Of course, this doesnt apply to M$ windows, because for joe average user who doesnt even know how to hold a mouse properly, there isnt any other software to use apart form windows. But for those of us who dont like the quality of windows have decided to use other software (Linux etc..)
So in short, I dont think any QA statement is needed, and people will decide for themselves what is good and bad.
Okay... so we all sit here for 20 years reverse engineering the genome... and finally discover the 'source code' to making nice little humans, only to find the whole human race facing a lawsuit from {insert religious figure here} saying that that code was closed source, and the end-user-license was clearly on view in the Atlantis Legal Academy (which just happens to have sunk a few hundred thousand years back), with some wacky reverse engineering clause.....
Me and a friend devised a similar idea to defeat the UK's forced decryption bill. Now the one time pad idea is nothing new, but what it means is that you can decrypt the text into anything you want using a different key.
Again, you need a random stream, but this random stream isnt used as the key directly. This is used to generate a dummy key (which will decrypt to something you can show the police (or feds or whatever) - the dummy text), and the real key - which will decrypt to the real plaintext - the controversial material.
Heres the method...
K = Random one time pad (aka real key)
P = Plain Text
D = Dummy Text
C = Cipher text
KD = Dummy Key
C = P xor K (Normal method of encrypting a one time pad)
KD = C xor D (To get the dummy key - xor the ciphertext with the Dummy plaintext)
Now when asked to surrender your key - you give in the dummy key. The law enforcement agency decrypts the text as follows.
KD xor C = D
remember that:
KD = P xor K xor D
and
C = P xor K
so when you XOR KD and C, D pops out, and there is no way to prove that you have anything other than an innocent little message.
To get the real message - just XOR K and C - to get P.
Again - this method suffers from a number of problems, such as plaintext and dummytext need to be equal, the real key must be kept secret from law enforcement, the need for a random, one-use-only key, and a host of others that I may not have come across, but it works, and provided the key is random, and kept secret - there is nothing that can be done to prove you didnt supply the correct key.
There is also another possibility, but I am not sure that this would work as well:
Encrypt the text with a block cipher to get C, and then get the dummy key as usual. This has the advantage that you can use your normal encryption programs, and not need a one time pad for normal use, but you can claim that you _did_ use a one time pad, and supply the dummy key as usual. Provided the ciphertext was encrypted using a good algorithm, it should appear random, and there is no way to prove otherwise.
I am unsure as to whether using standard encryption methods leave some sort of signature as to what method was used, and if this is so, then the above method falls down.
>On an unrelated topic.. why hasn't anyone made a
:)
>portable real-time chat, like IRC or
>ICQ/AIM, either through a cell phone or
>other dedicated device yet? or have they? I'd
>assume the technology is there for it already? I
>think that would be insanely popular...
>hell, I'd buy it. It's be good for deaf folks too.
Thats what SMS is for, of course, its not compatible with the hoards of ICQ users out there.. only compatible with the even larger mobile phone community...
of course, there's still the cost.. 12p (about 18 cents) per message on my phone, but if it was a little cheaper, I could easily see SMS becoming (already is?) like real time text chat.....
all we need now is SMS to multiple users, without the monopolising bastards wanting 500 times the money to send SMSes to the 490 lamers and bots on the irc channels
All this talk about if certain clauses are illegal then the whole EULA is illegal reminds me of a small part of the GNU General Public License:
-----------
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
------------
Now IANAL, but I think that if it were to happen (M$ court case, etc.. etc..) that some part of the GPL were made illegal, for example, if a piece of work is copyrighted, then no matter what the terms - it cant be copied (sounds like something the evil empire could conjour up and get made law), then all free software (Linux, GNU utilities, nearly every piece of software I use...) would be illegal, and the whole free software idea would break down...
Now that couldnt possibly happen in real life...
could it?
> This smells alot like a big brother plan to me, but theoretically, if you can control your computer, couldn't your computer control you?
;) ) will be immune to this.. so rest easily!
:)
Not necessarily. At this moment you are controlling your computer with your hands, does that mean your computer can control your hands?
If something like this becomes possible, there is one more thing to think about... us normal 'joe public' people are discovering this sort of technology now, but the Government angencies and the like will have probably being researching this technology for years, going on to develop the mind control aspect and may already be using it on the unsuspecting population. This probably goes on to explain the popularity of McDonalds, Nike, and (ugh!) M$. 'cept that the M$ hating slashdotters (not generalising here
Boy am I paranoid!!!!
Someone let me know when PGPDisk - Brain drain edition comes out, or (better still) the linux-encryption-brain-patch..
I remember seeing somewhere that people were working on a Deep space protocol, a successor to TCP/IP that didnt need acknowledgements for every packet and avoiding the timeout problems.
The problem with thinking about internet in space is that we are going to need people at the other end, and unless there is a colony on mars, then there is no point in placing an internet link to one or two probes.
The same goes for interstellar networks, if (when) we advance far enough to colonise other solar systems, we will most likely have discovered a method to send signals faster than light (as well as Superluminal velocities in spacecraft). If not, and radio signals are our only method of communicating via computers, then it would work out far faster simply jumping in one of our little spceships and delivering the message by hand.
Thing is, when we get to the stage of travelling interstellar distances, we can just ask bug-eyed-bill and his space poodle how their species did it! (Assuming M$ and government philosophy of what they dont know, assume they are to stupid to know, and charge them for the priveledge, didnt take them over that is)
As far as I was aware, some (if not quite a bit of) internet traffic is already routed through sattelites as with telephone calls. Okay, so now you got the actual computer in space, but this is nothing groundbreaking.
:P)
I mean, just think of all the extra NASA missions: STS-31337 - Astronauts launch to press reset button on blue-screened sattelite!
And for the script kiddies, the IP is 207.46.130.14. (The intelligent among you will realise that this is merely an elaborate plot to packet/slashdot the evil empires (aka M$) website.