Slashdot Mirror


User: Tom

Tom's activity in the archive.

Stories
0
Comments
10,601
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,601

  1. Re:So? on Patent 5,893,120 Reduced To Pure Math · · Score: 1

    Because running a marathon is exactly the same as running 420 100m dashes end-to-end? Yeah, right...

  2. Re:Last Resort on Tasmanian Dept. of Education Wants Anti-Virus for Linux, OS X · · Score: 2

    but I am not convinced about the need of an AV on each desktop, laptop etc.

    There are several papers out there describing malware spreading in corporate networks (full disclaimer: I wrote one of them). I'll give you a hint towards why you want AV on each and every machine: Because once your perimeter has been penetrated, the worst-case scenario for a well-crafted malware to infect your entire corporate network is measured in seconds. Give it the usual caveats because the worst-case scenario rarely happens in the real world, but even if you give it two orders of magnitude - can you contain an actively spreading infection in a few minutes?

    So, what's going to be cheaper (in a corporate context, everything boils down to money in the end)? The moderate cost of keeping AV installed and updated on all machines, or the cost of rebuilding the entire windows network - servers, clients, notebooks, everything? Oh, after taking down everything and putting the network into quarantine to make sure no infected devices remain? Do you even know how to do that or will you have to figure it out while doing it? How much downtime are we talking about here? Days or weeks? If you said anything with "hours", you are kidding yourself big time.

    Do the usual math: Sum up the best-, worst- and likely-scenario costs, multiply by a rough guess of chance of it happening per year and compare that to doing the usual AV routine. Oh, and don't forget to ask the CTO, CIO or CEO if he's willign to sign off on that risk. I'm very sure you'll have a signature on your AV purchase form long before you're halfway through the list of direct impacts for the other scenario.

    Because that's the other ugly truth about corporations: Someone has to make the decision, and the bigger your company is, the more risk-averse it usually is. Most importantly, human and also manager (for those of you who don't include PHBs in the "human" category) minds are famously bad at estimating unlikely, but dramatic risks, especially in regards to more probable but smaller risks.(*)
    So you will almost always get a moderate expense to prevent an unlikely, but catastrophic signed off easier than getting someone to sign off on the risk. If you have formal sign-off procedures. Just ignoring the risk by not doing something about it happens frequently and is a lot easier than accepting the risk, and totally not the same thing.

    (*) Which is one reason why many more people are afraid of flying than of driving, even though the chance to die in a car crash is about 1:6000 while the chance to die in a plane crash is about 1:1000000 (both per year, source).

  3. herd immunity on Tasmanian Dept. of Education Wants Anti-Virus for Linux, OS X · · Score: 2

    Read up on immunology and specifically the term "herd immunity".

    It's not just whether or not you are resistant to a virus, it is also if you help or hinder the spread. It takes surprisingly few non-vaccinated people in a population for an epidemic to get started. Because the spread of viruses, both biologically and in IT, is a numbers game. If the virus finds > 1.0 victims in its lifetime, it will spread and the number of infected hosts will steadily increase. Only if you manage to push down the infection rate to < 1.0 can you eliminate it.

    Anti-virus on a Mac or Linux system does not only protect the system itself, its purpose also is to protect other, for example windows, systems. You Linux may be immune to the Word macro virus, but if it can detect and kill it, that windows system you send it to doesn't get infected.

    If you know anything about how stuff spreads in a population, you positively don't want the stuff in your environment, not even on hosts that are immune.

    (edit: posting a 2nd time because /. stupid "plain old text" eats everything after the "lesser than" sign if you don't escape it...)

  4. herd immunity on Tasmanian Dept. of Education Wants Anti-Virus for Linux, OS X · · Score: 2

    Read up on immunology and specifically the term "herd immunity".

    It's not just whether or not you are resistant to a virus, it is also if you help or hinder the spread. It takes surprisingly few non-vaccinated people in a population for an epidemic to get started. Because the spread of viruses, both biologically and in IT, is a numbers game. If the virus finds > 1.0 victims in its lifetime, it will spread and the number of infected hosts will steadily increase. Only if you manage to push down the infection rate to not even on hosts that are immune.

  5. Re:So? on Patent 5,893,120 Reduced To Pure Math · · Score: 1

    In the long run, we're all dead.

    Mankind is a construct that survives beyond the death of its individual members, just like your body is a construct that survives the death of individual cells. It makes as much sense for societies to create rules that benefit it in terms longer than an individual life than it makes sense for you to invest into a future that none of the cells that make up your body today are going to live to see.

  6. Re:Good thing I don't use Apple products on Share Your iPhone Location Data Like You Mean It · · Score: 1

    Generating a database of APs does not require tracking you. The world doesn't revolve around you and almost everyone on the planet couldn't care less about anything you do, get over it.

  7. Re:Anonymous? on Share Your iPhone Location Data Like You Mean It · · Score: 1

    No, I think it is because few people are experts in anything. They have a rough idea that they treasure their privacy, but don't even know what exactly that is.

    I don't blame them, because you are being assaulted from all sides with conflicting messages. The one side tells you that you need to be paranoid about your privacy and the other side tells you "if you have nothing to hide..." - and very few people manage to get their bearings there. Without knowing what you want, it's hard to do anything about it.

    I don't think it really is all that difficult to figure out, but you have to cut through the bullshit first. And that means realizing an important truth: Everything is false. The paranoia they try to instill in you is just as false as the police-state-friendly meme. For me, the breakthrough was when I said: "But I do have something to hide!". The police-state advocates make that sound like it's a horrible thing, but it isn't. It's exactly what we call "privacy". And when you call them out on it, their whole argument falls apart. Because they have something to hide as well. None of them is willing to have their bedrooms under 24/7 surveilance and a public blog detailing their sex lives, for example.

    If you want to preserve your privacy, you first have to get a good idea of what your privacy is about.

    So is your privacy about where you are right now, or have been for the past week? And what level of privacy? Because like all things security it's not an all-or-nothing affair. I couldn't care less that my iPhone stores my locations for the past month, because that does not violate my desired level of privacy for that data. I would mind if that data were sent to Apple or posted on the Internet, because it is nobodys business where I travel. And I realize that not having the data in the first place would be the very best step to ensure that doesn't happen. But I also understand that the data serves a purpose with a positive effect for me. So weighing the pros and contras for me it's ok as long as I have reasonable assurance the data stays on the device. And when it comes to stealing the iPhone, or copying the data, I have much more sensitive data on it than my past locations.

    As I said: People freak out too easily. They'll whine that their visits to their mistress could be revealed through a location data profile, but ignore that having access to the device with the location data also means having access to the love SMSs or e-mails they exchange with her.

  8. submitter is an idiot on NSA Advises Upgrade To Windows 7 · · Score: 2

    This isn't "news", it's a bad blog rant.

    The paper is for home users, and they are right to focus on the 99% there that are covered by windos and OS X.

    And accusing the NSA of not supporting Linux is the most ridiculous thing I've heard in a decade. These are the guys that brought us SELinux, including fighting on our behalf to get an assurance that there won't be patent troubles with it.

    You can accuse the NSA of a lot of things, like covert surveilance and stuff, but certainly not of ignoring Linux. Heck, they even have a hardening guide for Red Hat on their list of official guides, just like they do for windos, OS X and Solaris.

  9. Re:So? on Patent 5,893,120 Reduced To Pure Math · · Score: 4, Insightful

    Politics has been indisturbed by the facts of the real world for as long as history allows us to judge. All you have to do is look beyond the Solons, Washingtons or whatever your countrys famous politicians are - the day-to-day dealings of politics is a horrible mess and always has been, and things like truth, fact or evidence are way down the list of things to worry about.

    The judicial branch is often quite a bit more pragmatic, but also caught up in its own world. The most important problem being that they try hard to be consistent, so change is hard to get. Once a higher court has decided on an interpretation of law, the lower courts usually don't disagree too much, and it requires a new case with new facts to get everyone to revisit the decision.

    Which is cool because it means good decisions stand and aren't easily challenged just because you have a lot of money. The problem is that it takes considerable time to get rid of bad decisions. In the long run, the system works very well, but in the short run, it often fails when new facts, ideas, technologies, etc. are involved.

  10. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 1

    I'd still stay away from Disney names. ;)

    Maybe everyone else thought of the 1977 movie. ;-) (to be honest, I had to look that up, but like most Disney stuff, there are a lot of other works on the same subject.

    "k-den-live". Sounds horrible but is fairly easy to say and to write correctly after having heard it.

    I'm sure almost everyone who only hears it would write down "Kaden live".

    The real problem is that product naming is really hard given that you don't want your product to be buried under millions of Google results for the same word in a different context, the namespace of easily-remembered names is limited and you ideally want a name that describes your product, as well.

    Absolutely. There's a reason there are marketing agencies specialized on just product names.

    Open source developers have long just looked for unique names that describe the program and are comfortable to type in a shell. Which is perfectly fine if you don't intend on competing with commercial software as it sidesteps a lot of issues you don't need to optimize for. Once you do compete on the market, however, you should consider a rebranding.

    Exactly what I keep saying in this thread: Make up your mind. If you write stuff for yourself and only publish it because others may find it useful, by all means use whatever name makes you feel good about it.
    If you write software for the mainstream because you want to immanentize the year of the Linux desktop, you have to do what the mainstream requires, and a good name is just one of those things.

  11. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 2

    You really should learn that taste is different.

    What makes you think that I don't know that?

    Taste certainly is different. Good design vs. bad design - not half as much a matter of taste as most people think. Design isn't the question of "which colour", but stuff like putting the light switch near the door instead of into the middle of the corridor.

    For me MacOS looks like eye candy with no functionality.

    I'm certain if you only look, then the eye candy is the most obvious thing. Use it for a while if you want to talk about usability ;-)

    MacOS [...] has only one mouse button and the horrible keyboard.

    Are you mistaking the user interface for the hardware that comes with the computer that the operating system that contains the user interface runs on? That's three layers off the target.

    Oh, also: Apple mice have had 2 buttons for years now. And yes, as an old Linux user I need at least three so I own a Logitech mouse for use with my iMac.

    Further, I have to yet encounter really bad UI design in Open Source projects.

    Too bad the Interface Hall of Shame was discontinued before Free Software became so popular, I'm sure there would be plenty of examples with detail explanations in it.

  12. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 1

    Dude, these people aren't GUI experts. Designing a GUI takes a different skill-set than that of creating quality code.

    Skill sets can be acquired. If you have the motivation and desire. Which is why I'm saying make up your mind. If you want to scratch your own itches, fine with me, just stop whining about Linux not making it into the mainstream. If you want to hit the mainstream, get the skills necessary for making that happen.

    The devs are not your bitches. Your not paying them. You don't have them under contract.

    You are not saying anything that's news in this thread. Again, I'm not saying "make stuff for me". I'm saying that if you want to go mainstream, then by definition you are making stuff for other people. So be clear about that and accept it - or don't do it and stop whining.

    You make stuff either for yourself or for others - never both. Sure, sometimes people find the stuff you make for yourself useful and use it, too. And sometimes you find your own product is something you like using yourself. But don't kid yourself thinking you can merge these two things. The only way to combine them is to make stuff that neither you nor anyone else really wants.

    So make up your mind, and stick with it. Scratch your own itch and tell the users that they're welcome to use the thing, and if they want to suggest improvements you're listen or not depending on your mood and they may be accepted or not depending on whether you think they're useful to you.

    And stop the damn whining that Linux isn't mainstream. Everything mainstream is because it is made for the mainstream.

    And his name is The Doctor, not Dr. Who, which is the name of the show. Nerd fail.

    True. It's sunday and I had an excellent saturday night, so I'm tired. Oh wait, is that another nerd fail? Damn, deeper down the gutter. Next I know I'll have to exchange my /. ID for something with more digits. :-)

  13. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 1

    Both true.

    And still - the similarity to a well-known name (movie or fairy tale, doesn't matter) is what makes it so easy to recall.
    And that I was wrong about the exact name - yes I was and still the #1 Google hit on my wrong term is the correct website.

    Does that tell you something about this name working?

  14. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 1

    Where the hell do they get the resources to do user testing?

    Friends and family.

    Sure, it won't reach the quality of a lab with testers selected to represent the target audience and paid to have patience and go through it all again and again - but it's a lot better than nothing, and still much better than testing only on yourself.

  15. Re:Good thing I don't use Apple products on Share Your iPhone Location Data Like You Mean It · · Score: 2

    They forget to add a USB port to their iPad. Users cry out. Next iteration has a USB port.

    Users discover Apple is tracking them! Users cry out! Next iOS update makes it so they wouldn't have been able to see it in the first place.

    Why the fuck do people continue to use Apple?

    You gave a good reason above. They listen to user demands. If they fuck up, they'll deny it for a while, and make it seem like it was their idea all along, but they'll make it better next release.

    No, the real reason is that they make damn good stuff. Same reason people continue to use Google despite everyone knowing they track everything they can and then some.

    Why the hell doesn't Apple want their users to see how they're being tracked and where they're being tracked?

    You make no sense. Apple doesn't track you - your phone does, the cell company does, probably some of the free hotspots you log into also keep logs that include your MAC address - you are barking up the wrong tree here, dude.

  16. Re:Anonymous? on Share Your iPhone Location Data Like You Mean It · · Score: 4, Insightful

    Depends on where you live. I have at least a dozen APs in my list here at home, at least two of them I know to be in the same building, just on different floors. Good luck pinpointing where exactly I live, even if you could fetch out my data set.

    If you're interested in me, there are a lot of easier ways to get my address.

    Really, I dig privacy and all that, but people do get freaked out too easily. Sure I have something to hide, everyone does. But the something is usually what I do, and not where I do it.

    And quite frankly, if you're upset about this data collection (on the device!), but you check in with FourSquare whenever you are anywhere at all, you're messed up.

    Reading someone's Twitter or Facebook postings would probably reveal more about them then checking out their location data. For the average american, I guess a visit to the local whorehouse is the worst that location data would reveal. Sure you don't want that to be public, but the end of the world it is not. Well, maybe the end of your marriage. Then again, if you do stuff that you positively don't want to be discovered, one of the things you do is turn off your mobile phone. That's not news. A guy working closely with the german equivalent of the secret service said 10 years ago that he turns off his mobile phone and takes out the battery routinely whenever he doesn't use it.

    Nothing here is new, except for the specifics of the individual event.

  17. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 1

    No, the primary reason UI design shouldn't be done by the coder is that to the coder it's clear box testing, he knows the architecture, the design and exactly what strings he's pulling in the code so to him it makes perfect sense. To the user this is a big black box, he doesn't know anything about the inner workings of it and has to rely on only what the UI tells him. You can't shed that extra information and pretend to know no more than a user, no matter how hard you try.

    Yes, that's another reason, though you can do end user testing to reach that goal if you don't have access to someone unfamiliar with the code.

    Sure UI experts would be great, but I think most UI designs would be a lot better if they were designed by someone who didn't know the code, who deliberately didn't take too many lectures from the coders on the inner workings, who wouldn't know much written in mailing lists and forums except basic tutorials. Here's the application, here's the documentation, does the UI make sense on its own?

    Actually, I think the problem is the development direction. Free Software is usually designed from functionality to interface, because you want to get something done, and when it's working you slap on an interface.

    Good software is designed from interface to code - the software needs to do something for the user, figure out how the process looks to the user first, then implement the technology.

    For simple parts, the difference between those two approaches is purely theoretical, but when you think about complex activities, it makes a considerable difference. Writing a GUI for an existing command-line script is sometimes more cumbersome than re-writing the whole thing with a GUI from the start.
     

  18. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 5, Insightful

    What is your problem dude? The program is for free and you can use it or not. Nobody is forcing you to use it.

    My problem is that it pains me to see so much talent wasted because the Free Software stuff is so often excellent quality with a crappy exterior. There's these V10 engines that can go 100 km on 3 litres with making hardly any noise - and they put them into Yugos.

    People rarely buy cars just for the engine. They want to sit comfortably in them and they want to drive them without a Ph.D.

    just fork the project and release it under a new name. You can even sell it with a new name and if you redesign the UI you can sell it with a new UI.

    I stopped contributing to Free Software development years ago when I realized that it's a net negative for me - I spent more time working on software than I spent actually using it. I did contribute quite a bit back then, but I also learnt that lots of Free Software people are too much in love with their projects to take a good advise - or patch. Which, again, is a perfectly ok attitude if you run the project to scratch your own itch. But then don't be surprised if the mainstream doesn't share your personal style.

    That's my main point. Make up your mind and decide what you want to be - scratching your own itches or making a mainstream product. You can't do both. And no, you can't do both no matter how much you try to argue that you can.

    Interesting, because that's the reason why I don't bother to use Windows anymore.

    *nod* yes, once you've been outside of the windows mindset for a while, you start to wonder how anyone can get any work done on that abomination of user masochism. I just found that Linux is better but not by enough, and especially that it copies way too much from windos, probably in an attempt to "win over" windos users, so I moved on to OS X and I've not looked back.

    I still love Linux to death - everywhere that doesn't have a GUI. All my servers run Debian, which means my company runs on Linux - but my development happens on OS X.

    And I love Free Software, I couldn't do without it. Firefox beats Safari any day. It's UI is still crap. It's ok because there aren't any better alternatives right now, apparently nobody has yet figured out how to do a really great browser UI. But ever since I've done some actual research and work on HCI, ironically started by an overlap of Gnome and my other professional interest, computer security (which suffers massively from the same "the user is stupid" hybris), I've become very sensitive to failures in UI design, many of whom most users probably don't notice consciously.

    But if you've ever used Keynote vs. Impress you know just how much of a difference some effort into UI design can make. And Keynote is far from perfect - but compared to Impress, you spend a considerable amount of time less on fighting with the interface. And don't even get me started on PowerPoint - if there's one piece of software that Dr. Who should throw into one of those gaps that eradicate it from all of history so nobody even remembers it, this is it. :-)

  19. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 4, Insightful

    Random gobbled-together words or terms, eh? Like for example ColdFusion, RoboHelp, Alcohol 120% etc.?

    You may have noticed that all of these are easy to pronounce and remember, and there are no "near-misses" that make as much sense. That's what a good name needs to be like. Kdenlive does not link to any known terms, which makes it hard to remember without additional mnemonic aids. "ColdFusion", just to pick one of the examples, does not make sense as a product name (which has nothing to do either with temperature or nuclear power), but it's two well-known, easily recalled terms. It is unique enough to be remembered, it is pronouncable without effort.

    Those are important things. That's how word-of-mouth works. "I found this great video editing tool. If only I could remember what it was called, Kenl-something or so." just doesn't cut it.

    Yes, there are stupid names in the commercial space. I must have missed the memo about it being a good idea to copy the failures.
    Yes, even if they are successful. You can be successful despite a stupid name. But why make it more difficult then it has to be?

    And there are good examples. Broadcast and Cinerella were great examples for naming. Cinerella especially works so well that I still remembered it without looking it up 7 or 8 years after I've last checked on it. I doubt anyone who doesn't use Kdenlive will remember "that video editing software" name even three weeks from now.

  20. Re:Open source names on Kdenlive 0.8 Adds Advanced Features for NLV Editing · · Score: 3, Insightful

    * Kdenlive is as good a name as Vegas when it comes to making sense for video editing.

    No, it isn't. It's part of the stupidity to name everything for KDE with a "K" or KD or even KDE at the beginning. A cheap and failed attempt to copy the "i" meme from Apple, but for various reasons it doesn't work half as good. Copying good marketing badly does not give you good marketing, and the "K" thing is just dumb.

    Names for products need to be pronouncable, easy to remember and difficult to confuse. "Kdenlive" falls on all three counts. For starters, it helps if they're actually, you know, names, not random gobbled-together parts of words.

    * Things aren't designed to confuse people. They are usually designed by one person, who may not be as good as UI design as a six person UX team at a large development shop. In some cases, I've discovered that the graphical interface is wonky, but the keyboard interfaces is amazingly smooth. Unfortunately, doing UI redesigns is a huge to-do for end users who have in many cases become very adept at the original UI of a software package.

    UI design is one of the most important parts of creating a good application, and the part most often ignored in the Free Software community. That's perfectly good if you are scratching your own itch, because in that case it must mostly be useful to and useable by you. And if you give it for free to the world, they can adapt to your style or die for all you care, because in the end you're writing the thing for your own need.

    What too few people have realized is that Free Software (or open source, whatever term works for you) is a horrible development model for software you write exclusively for other people. People need motivation to work on stuff. Creating something for yourself has its own intrinsic motivation, creating something for others doesn't.

    And designing something specifically different from how you like it best takes a lot of motivation, because you go against yourself, in a way. That's why good UIs are not designed by coders, but by UI experts - people who may not have a personal interest in this particular product, but who enjoy the general topic of UI design enough to have made it a job. That (plus the money) gives them the motivation required.

    Look around yourself and you'll notice how most Free Software is seriously lacking in UI design. It is quite often comparable or superior to commercial programs when it comes to functionality and features, but the UI commonly rates somewhere between "horrible" and "acceptable" and very rarely above that.

    And that's one of the main reasons that the "year of the Linux desktop" has never come. Mainstream people don't want to put up with that shit, they don't use their computer in order to gloat about technology, they use to get stuff done.

  21. Re:real data? on 77 Million Accounts Stolen From Playstation Network · · Score: 1

    I order stuff via credit card all the time without giving the vendor my address, when it's a digital download. The credit card company obviously knows who I am, but part of the service I pay them for is that they stand inbetween me and the vendor and tell the vendor "you don't need to know anything about this guy, if we verify the number is correct, then you know you'll get paid and that's all that should matter to you".

    Again, sometimes I see why they need it (if I order physical stuff, they obviously need an address to deliver to). But very often they ask for stuff that has no relation to the transaction. Usually out of laziness (same form for everything) or out of some strange desire to "know" me (euphemism for "sell higher qualified data").

  22. Re:real data? on 77 Million Accounts Stolen From Playstation Network · · Score: 1

    They don't teach reading comprehension in dumb school, I see. I did say "where I don't see what they need it for". Obviously if I want to verify that I am who I claim to be then I'll put in real data. Just I'll put in my real credit card where I order stuff and my real address when I want them to send me something.

  23. Re:Unencrypted = Stupid on 77 Million Accounts Stolen From Playstation Network · · Score: 1

    Encryption is not a panacea. If you can decrypt it, so can the guy who rooted you. It'll just take him a bit more time.

    Some data (like you said) can be one-way hashed, but not all of it.

  24. Re:Leaving PSN Down on 77 Million Accounts Stolen From Playstation Network · · Score: 1

    So why doesn't Sony patch the vulnerability and deploy new servers? Perhaps it's because they don't have any good backups to restore from..

    Or they don't know what the vulnerability is and don't want to risk it being cracked again within the hour of re-opening it?

  25. real data? on 77 Million Accounts Stolen From Playstation Network · · Score: 1

    You still put your real data into anything that doesn't actually need it (e.g. if you want something delivered, you obviously need to put in your real address) ?

    Seriously?

    Have they sent everyone to dumb school?

    The first rule of privacy is to not give people your data. Unless you understand why they need it. Very, very few online services need your birthdate, for example. I always put in a fake one (always the same, so it's easy to remember). Same for address and practically anything where I don't understand what they need it for but they insist on having it.

    The second rule, of course, should be that companies shouldn't request and store data that they don't actually need. Because all security, encryption and whatever else you have is always breakable. Not having the data is the only thing that's 100% safe.