The article seems rather confused on the subject of open-ness. They say:
The finished product, expected within months, will unabashedly favor Google applications and services. "What's being developed is unlikely to be easily transportable to Yahoo (YHOO) and other (service) providers," says Morgan Gillis, executive director of the LiMo Foundation
But then they state:
Consumers are potentially the biggest beneficiaries. Currently, many cellphone carriers limit the services and applications that their customers can use.
Ummmm.... it sounds like this new partnership is offering something that will, again, limit the services and applications that customers can use. Yes, it's another player in the market, and that kind of competition is a good thing... but having a phone providing Google-only services certainly doesn't qualify as "open" in my book.
I understand that they intend to make it easy for third party developers to make apps for this thing, but the above quote suggests that some components (in particular the Google apps) will be integrated at a level that third party apps won't be able to modify.
Again, I'm excited about the possibility of a new phone challenging the status quo in the cellphone market, but this effort hardly seems to be the drive towards openness that OpenMoko (and the now discontinued Greenphone) is driving towards.
And I'm not quite sure what the referenced Google graph is supposed to demonstrate. I suspect he's claiming the higher count and increase in hits for CentOS indicates more popularity, and lost revenues for Red Hat, but I see it as those needing to do their own support pretty much start with Google. Red Hat licensees will start with Red Hat support.
Not only that, but it's entirely possible that people who have Red Hat systems (and Red Hat support) but are looking for a quick answer might do searches on CentOS sites. Similarly if you have an Ubuntu system you may very well do searches on Debian support (or vice versa) since the answers are usually interchangeable.
As you said, if you have a supported Red Hat install, you're not very likely to be doing as many random Google searches in the first place. The rise in CentOS searches since its inception points to more interest in that distro, yes, but that by association also means more interest in Red Hat systems.
I should also note that when I played around with Fedora, I found it somewhat unstable (not trying to start a flamewar here!)... which in a sense made me wonder about Red Hat as a distro. But then my experiences with CentOS showed me how stable and well put-together it actually is, which increased my opinion of RHEL.
What I'm trying to say is, the fact that CentOS is such a solid distro is good publicity for Red Hat, because people get to sample the enterprise-quality polish and updating before they commit to support contracts. Red Hat's secret sauce has never been the binaries; it's always been the reputation for good support. And CentOS adds to this perception of a quality product; a net gain for Red Hat.
First, to clarify the summary, psychologists were not reading letters to congress (like a bedtime story for politicians), they were analyzing letters that had been sent to members of congress.
The results were that postal threats were more extreme than email threats. This is hardly surprising. The barrier to writing a snail mail letter is higher, so this inherently selects for the more passionate people (whether truly concerned about an issue, or incredibly angry, or truly dangerously threatening). Writing an email is so easy that just about anyone will do it if they are slightly bothered by something. As such, I would expect email to, statistically, have fewer of the "fringe cases" of people who are being truly mentally ill, and more "normal people" just venting (in a profane and disorganized way, apparently).
I do wonder a bit about the sample size, mind you. I would have thought that there would be far more emails than postal letters sent to members of congress (and far more 'threatening' ones, too), but instead they analyzed more conventional letters than email. I wonder if this is a result of the relative frequency of the two types of threats, or if the researchers had some other reason to focus on postal mail.
How do they generate fields that strong? Huge amounts of current with some type of active cooling? I always wondered that. They are basically "just" electromagnets: you pass a current through a loop of conducting material and it will generate a magnetic field around it (due to the movement of charge).
To make really powerful magnets, of course, you need to use some tricks, such as shaping the system to concentrate the field at a particular point. In machines like MRIs and NMRs, the magnet is typically cooled (e.g. to liquid helium temperatures) which makes it superconducting. This allows a very large current to be passed through the coil, which generates extremely large fields at the center.
In this current case, they describe the magnet as: "created by packing together dense, high-performance copper alloys and running a current through them". (See picture here.) The article doesn't say whether they cool the coil to reduce resistance, or whether it is purely the shape of the coil that produces the extremely high field.
Yes, of course light is an electromagnetic wave. Light, like all forms of EM radiation (gamma rays, IR, radio waves, etc.) is carried by photons, which are elementary particles that have no electric charge. Since they have no electric charge, they are not affected by electric or magnetic fields.
The reason photons are referred to as "electromagnetic radiation" is not because they are affected by EM fields, but because they are EM fields. The photon is the force carrying particle for the electromagnetic force. What that means is that electric and magnetic fields are in fact "made of" photons: in quantum field theory, their action is in fact described by the exchange of virtual photons.
Since electric and magnetic fields are carried by photons, it would make for a strange universe if the photon had an electric charge, and were affected by those fields. In effect, it would mean that the photon would couple to itself, leading to all kinds of strange effects, like rays of light bouncing off of each other or attracting each other (in vacuum). Such effects are not observed.
Notes:
1. As I mentioned before, it is possible for magnetic or electric fields to affect the propagation of a light ray indirectly through their action on a material. Light refracts through material interfaces because of differences in refractive index. For some materials, a magnetic or electric field can be used to modulate the refractive index, and thereby change the path a light ray takes through the material. But magnetic fields do not affect photons in vacuum.
2. Some theoretical work suggests that the action of extremely intense magnetic fields could polarize the virtual particles that exist in vacuum, and thereby slightly modify the effective vacuum refractive index. This would then be a case of a magnetic field affecting light. Such effects would only occur at massive field strengths (perhaps at the surface of a neutron star), and are as of yet experimentally unverified.
No, you're right. The summary is just awkwardly worded.
Light is not affected by magnetic (or electric) fields since photons are neutral (no charge). You cannot deflect light with a magnetic field alone (although applying magnetic or electric fields to some materials can alter their refractive index and thereby change the deflection of a light beam passing through that material).
The connection between "light" and "magnets" in this new work is actually that the team found a clever way to build a large (and powerful) magnet that has gaps in it. These ports allow laser light to be directed at a sample sitting in a very high electric field (and allow measurements of the light scattered from the sample).
While it may not seem to be a huge achievement to build a magnet with holes in it, you have to keep in mind that building a 25 T magnet is already a big challenge: doing it with the additional constraint that you want easy physical access to the region of maximum field strength is even harder. This new setup should allow for some cool experiments, since it can probe in real-time (using light) how materials behave under very high magnetic fields.
Some details, from the scientific article, about how it functions:
Amazingly, all four critical radio receiver components can be simultaneously implemented with a single carbon nanotube.... the entire radio consists of an individual carbon nanotube mounted to an electrode in close proximity to a counter electrode. A direct current (dc) voltage source, such as from a battery, is connected to the electrodes and powers the radio. Important for the radio's operation, the applied dc bias negatively charges the tip of the nanotube, sensitizing it to oscillating electric fields.
They describe how the operation of their system is quite different from conventional radios, since the nanotube become mechanically coupled (and physically vibrates) in response to the radio waves:
electromagnetic waves from an incoming radio transmission impinge upon the nanotube
forcing it to physically vibrate through their action on the charged tip. These vibrations are only significant when the frequency of the incoming wave coincides with the nanotube's flexural resonance frequency.
The reception is thus due to mechanical coupling, and demodulation occurs via field emission:
Mechanical vibrations of the nanotube modulate the field-emission current,[10]
which then serves as the easily detected electrical signal. Because the battery voltage source, rather than the incoming electromagnetic wave, powers the field-emission current, amplification of the radio signal is possible. Also, due to nonlinearities inherent in field-emission, demodulation of the radio signal occurs as well.
They also show that the resonant frequency of the nanotube can be altered. Coarsely, it can be tuned based on the length of the nanotube, and fine adjustments can be made by altering the bias voltage. One could imagine that in a real device, one would have an array of tubes of different lengths if one needed to cover a wide frequency range. (Other experiments on multi-wall nanotubes have actually shown that you can extend/retract the lengths of such assemblies, so perhaps one could design a device whose antenna has variable length hence variable mechanical properties.)
Although one can immediately imagine using such nano-antennas in order to send commands to nano-bots and so forth, it's worth mentioning that the present experiment required the nanotube antenna to be in a vacuum. Still, having a small evacuated (radio transparent) container for the nanotube wouldn't make it much larger.
There's some obscure latin phrase that describes that but I was unable to search it out. You're thinking of "Laches", which is indeed to "sleep on one's rights." It can indeed be used in cases where a party clearly knew of certain actions, but did not bring suit for those actions in a timely manner. Waiting to prosecute in order to trick your competition into committing themselves to using a patent (and thereby extract more money from them in the end) would seem to be illegal.
On the other hand, in this case the company in question apparently sued Cisco, who eventually settled. So they can probably claim that they were busy with other legal cases, and are now getting around to dealing with these infringers.
Maybe if enough scumbag IP holding companies extort enough money out of big corporations, those corporations will lobby congress to get the patent laws changed. Only if those big corporations are losing more money to patent trolls than they are gaining through their own patent litigation (or via the market exclusion that their patents afford them). The problem is that the big companies generally benefit from the current patent system overall, even if sometimes they have to pay some small troll.
Consider the Vonage situation. This company is being sued by all the large incumbents. The established companies have a stake in keeping patents strong, since they are able to use this legal system to shut down competition. Having to occasionally pay some other company for a patent they neglected to get first is just "the cost of doing business."
I, too, wish that companies would lobby for a sane patent system. But, the problem is that even if big companies lose some money to frivolous patents, they are still sufficiently in control of the system that they win even more money from their own frivolous patents. Waiting for big business to save us from this mess is a mistake.
Shall we build a Windows, Mac or Linux player? No-brainer, really, when the P2P distribution layer is Windows only. Sure... but isn't that backwards?
Generally you shouldn't pick your technology (programming language, toolkit, etc.) and then pick your audience based on what it supports. Instead, you should write out a list of requirements, and then pick the technology that satisfies all those needs. In this case, if one of the requirements was: "Must be available to all fee-paying persons with computer access (i.e.: must be platform agnostic)" then an OS-specific technology would never have been chosen in the first place.
I'm willing to give them the benefit of the doubt, and assume that this is a result of mis-management (e.g. not thinking very hard about requirements) rather than corruption (e.g. collusion with software companies), but in any case I question their planning process.
(And to those who may respond that "must support DRM" was one of the requirements in the initial design, and could only be satisfied using Windows-only software, I would then say that placing content protection above equal treatment of fee-paying users was, again, a poor design decision for an organization like the BBC.)
I agree. I would leave Slashdot if it became just another ad-encrusted site.
I think one of the problems is that businesses are almost always under pressure to expand. Merely maintaining the same revenue year by year is considered a failure, even though everyone is making good money (and even if the revenue is growing enough to offset inflation, and pay investors a reasonable return).
The obsession with expanding means that businesses are always trying to think in terms of "getting more customers" and "appealing to a wider base" and so forth. The problem is that there are already lots of companies (or websites in this case) that appeal to that generic audience. Adding yourself into that pool certainly doesn't guarantee increasing profits.
If Slashdot remains true to its roots, it will continue to do well, and to attract a very particular audience. Our numbers are actually growing, since each new generation will have some proportion of nerds/geeks who, upon discovering Slashdot, think to themselves "I have finally found people just like me! This place is great!" Of course Slashdot's readership won't grow as fast as something like Facebook that is designed to appeal to everyone... but that shouldn't be its focus.
In short, if Slashdot continues to pander to its unique demographic, it will continue to have a dedicated readership, and hence a guaranteed revenue stream.
Note that this change means that you can run multiple copies of OS X server on a single physical machine... as long as that machine is Apple-branded hardware. They are not permitting you to run OS X Server in an arbitrary virtual environment on arbitrary x86 hardware. The new license reads:
This License allows you to install and use one copy of the Mac OS X Server software (the "Mac OS X Server Software") on a single Apple-labeled computer. You may also install and use other copies of Mac OS X Server Software on the same Apple-labeled computer, provided that you acquire an individual and valid license from Apple for each of these other copies of Mac OS X Server Software.
(emphasis added)
That having been said, I have to wonder whether people will attempt to side-step this restriction. Once OS X Server and virtual solutions (like VMWare) are tweaked so as to allow easy virtualization, one would imagine it would be easy to move the virtual image to different (not Apple-branded) hardware. Then again, perhaps part of this collaboration with VMWare and Parallels is specifically to have hooks that will allow OS X Server to verify that the physical hardware is a genuine Apple machine.
Or maybe it's not a major concern, since the target market for OS X Server is large-scale businesses that typically abide by software license agreements. (Or am I being naive?)
if Leopard trusts the service (it's a root process, or it's signed with an acceptable crypto signature), it will have access through the firewall. Since Leopard ships with cryptographically-signed binaries/packages, I guess I'm not seeing the problem The problem is that the user asked the OS for a certain action ("block everything") and the OS didn't implement that action. This is basically a case of the OS saying "don't worry, I'm smarter than you and I know what to do"... which isn't a good policy when it comes to security. If a user tries to activate a firewall policy (because they happen to know a certain service is insecure, or not needed, or whatever), then the firewall should implement that policy.
You could argue that the 'Block all incoming connections' is badly worded, but you could argue that reading the documentation for a new firewall would be a useful thing to do as well. If the situation is indeed as you describe (that the problem here is just that the firewall is allowing certain connections that it "knows" are okay) then you're right: this isn't a security vulnerability, but rather a case of poor UI design. The UI is saying "I'm blocking all connections" even though it isn't. You're also right that in principle the user should educate themselves about their software. However the software should, as much as possible, not misrepresent what's going on. Saying "blocking all connections" and then allowing something to connect is a recipe for security mistakes.
Does Windows automagically disable this behavior? Good question. The comments in the bug report speculate that Windows either completely ignores this feature, or ignores the manufacturer values and uses its own values. (In either case, what's the point in having BIOS set defaults?)
A conspiracy theorist might suggest that the hardware manufacturers are intentionally adding a feature that causes the drives to fail eventually (but statistically outside of the manufacturer's warranty period), so that people have to buy more hardware. The more likely explanation is that the manufacturer set the defaults, but didn't notice that the values were unsafe because Windows ignores them.
Getting Ubuntu to override the defaults should be viewed as a short-term solution. Ultimately the hardware manufacturers should be setting default values that will not damage the hardware. Ideally they would design safeties into the hardware, which do sanity checks and reject ridiculous values.
First off, putting a launchpad link on the frontpage of Slashdot is bad form. Launchpad is for discussing and resolving bugs, and we're not helping by swamping that page. It might be better if people read the wiki that has been set up to summarize the issue.
In answer to your question about how this isn't Ubuntu's fault, apparently the problem is that the manufacturer sets certain default values for "aggressive power management" and enables this aggressive power management by default. Ubuntu's policy is to not change the manufacturer defaults, and simply uses them. Unfortunately these defaults are "too aggressive" and cause the hard drive to park/unpark too frequently.
But Ubuntu is not blameless. First of all, if Ubuntu can push out a patch that resets the manufacturer defaults to sane values (and this will save some people from hard drive failures), then it definitely should. Also, there is some discussion that perhaps an Ubuntu daemon is probing the hard disk too frequently, so that the hard-drive can't sit in the parked state for long enough to actually make it a useful feature.
Regardless of who is to blame, it would appear that the Ubuntu devs should push out a patch that forces systems to ignore the manufacturer values, and use settings that will protect the drive lifetime.
lets say Microsoft has a pro-windows or anti-Linux blog talking about how their company found that many Linux distros contain trojans. Now lets say these blogs are done with anonymous registration? Is this kosher? If by 'anonymous' you mean 'not publicly visible, but recorded somewhere' then yes, that's fine. Anyone can use the internet to say what they want. If what they publish on their site becomes a problem (spam, slander, etc.), then obviously there should be a procedure for finding out who owns the domain so that you can contact them with your concerns.
But there's no need for the "default public" policy that WHOIS historically operated on. Moreover, if someone like Microsoft wanted an anti-Linux site, it would be trivial for them to outsource its operation to some other company. The current WHOIS actually doesn't provides a robust mechanism for determining who runs and operates a domain name.
The problem is that WHOIS currently is a very weak system. The data it contains isn't accurate, isn't verified, and what few legitimate uses there are for the system could just as easily be accommodated in an "default private" system where requests for additional information about a domain require a little bit of processing (and notification to the domain owner about who is performing a formal lookup on them, and the stated reason for doing so).
Anti-virus software's main purpose, it would appear, is not to detect novel threats, but to limit the proliferation of established threats. And for it to perform this task, it needs to be continually updated with new virus definitions.
However, if every virus infection necessarily requires the exploiting of a security vulnerability... then it would seem that all the effort in designing and implementing a "virus signature update" system would be better spent designing and implementing a "uniform software update" system, so that the number of vulnerabilities on a computer is always as low as humanly possible.
I think most readers will recognize that this is precisely what Linux does: considerable effort is put into having a uniform package manager, so that software all gets updated routinely and uniformly (rather than expecting the user to separately update each of hundreds of apps with possible vulnerabilities). Rather than spend time worrying about getting the latest virus signature in the database, the coders worry about having all the code in the trusted repository being as bug-free as possible.
We know from dreams that the brain can process things quicker where our sense of time passing is not "real time" (ie, a dream that seems to go on for 30 minutes might take place in a MUCH shorter ammount of real time). Actually that is more folklore than fact. Here's a modern review of research in dreaming:
Alan S. Eiser "Physiology and Psychology of Dreams" Seminars in Neurology, vol. 25, No. 1, 2005. doi: 10.1055/s-2005-867078 According to that article:
There is evidence the dream is coextensive with the REM period and that the time length of dreams, as subjectively experienced by the dreamer and objectively rated by experimenters, is closely related to the real-time length of the corresponding REM period.
The idea that dreams are somehow accelerated with respect to normal time isn't substantiated. Yet for some reason it has taken root in pop science. As far as I know, the notion that the human mind can process information/sensations faster than real-time has not been established.
They will release Windows XP trimmed down but it will only run if it recognizes the hardware as XO That would be interesting, since there are well-established solutions for emulating the XO in a virtual image (mostly for development purposes). These could probably be adapted to run this modified Windows XP. I imagine that a trimmed-down XP running in a virtual machine would be very useful. It would run quickly and could thus easily fill the gap of running a few Windows apps on an otherwise FLOSS machine.
No doubt Microsoft would try to create license terms to prohibit such usage, but without cooperation from the hardware designers in the OLPC project, I'm not sure they will have any technical ability to lock-out their Windows XP version from being run in virtual machines.
Are you a lawyer? As I said in my previous post, I am certainly not a lawyer, so I may be way off-base here.
Actually, I wasn't so much trying to say that legalese has to be impenetrable and incomprehensible, but that it is generally carefully-written and detailed (such that is must be read equally carefully). I was pointing out that the GPLv3 (in my estimation) is no more "complex" than any other legal document I've had occasion to read (tenant agreements, loan agreements, software license agreements, etc.). In fact, the GPL has a very readable preamble which states quite clearly what the intention of the license is--something which not all contracts/licenses do. I was responding to the statement that the GPLv3 was "complex."
In any case, if any legal experts in the crowd can comment on whether the GPL is more or less complex than the status quo in the field, I'd be very interested.
Why do they think all the additional complexity of the GPLv3 is needed?
I'm not sure you can blame the complexity on the GPLv3 per se. The GPL is a legal document, and any legal document I've ever read has been extremely detailed and complex. The nature of the law (as it is currently practiced) requires that level of detail. In fact, many of the changes from v2 to v3 where a matter of cleaning up language and changing things so that they are robust with regard to modern legal interpretations.
And now you have all this extra language and extra penalties and extra permissions that, in my estimation, don't give you a better license.
Well, of course if you don't agree that the license is any better, then the additional complexity seems a waste. However I'm certainly convinced that software patents are a major threat to software (and open-source software doubly so), and the GPLv2 doesn't completely address patent issues. One purpose of GPLv3 was to be much more explicit about these patent issues, and to prevent people from using GPL code but then preventing others from also using the code via patent threats. Whether or not GPLv3 succeeds in that aim is a question I cannot answer (IANAL), but the objective of countering software patents is an important one, in my opinion.
So, in short, the complexity of the GPL is a necessary evil to the extent that it is a legal document attempting to prevent freedoms from being denied.
People have been claiming "new technology $foo is going to overwhelm the Internet!" for ages. Yet somehow the Internet keeps up.
Agreed. Yet it's important to keep in mind that part of "the Internet keeping up" is that the users modify their usage according to what technology allows. Now that it is possible to download video relatively quickly, people are doing it. But trying to stream high-def wouldn't work (either you'd have to wait a really long time to buffer or the video would stutter), so people basically don't do it. The distributors and the users modify their behavior to fit what's available (so automatically what's available is keeping up with current usage).
I'm not worried - especially since this guy just so happens to be offering to sell us a solution.
I agree that forecasting some doom & gloom about the Internet breaking is ridiculous. At a minimum we can keep our current level of technology/bandwidth and be just fine. But it's worth thinking about what kinds of new technologies would be enabled if the Internet were faster (in bandwidth and/or latency). I'm sure we can all imagine cool things we would do with faster net connections, and no doubt entire new applications we can't currently imagine would appear to use the new technology.
So, if this company's technology can actually improve speeds, we should be interested because it could provide new opportunities (and not because we are worried about some imagined crisis). Then again, I'm certainly as skeptical as you that this new technology will pan out as they claim (marketing campaigns that involve predictions of crisis are not needed if a technology is really as powerful as they claim).
It's highly probable that Theo is right. After reading the above post, it's highly probable he is a very abrasive and one sided individual. But this is a tech forum so I won't get into judging character.
This is off-topic but I'm going to say it anyway. After reading the email exchange I find Theo's style quite bothersome. He's a highly skilled hacker and I don't doubt his technical abilities. However his writing style is terrible for technical discussions:
1. He uses troll-like sentences that divert away from the technical discussion. E.g. he says "You are absolutely deluded, if not stupid, if you think that..." rather than just saying "It is incorrect to say that..." In each post, he throws in some needlessly inflammatory sentences and personal attacks.
2. He uses idioms and analogies that do more to confuse than to get a point across. E.g. he says "The security benefits are at the 'ability to buy a steak for dinner' level." It's not at all clear what useful information is added to the discussion with sentences like that.
3. He is dismissive in his responses to the point of being uninformative. If he had simply laid out his entire argument in the first email, then others could judge the quality of his logic. Instead he dismisses the entire discussion with things like: "You've seen something on the shelf, and it has all sorts of pretty colours, and you've bought it. That's all x86 virtualization is." This is supposed to be a technical discussion but instead he leaves all the details to the imagination.
4. He makes bold assertions without citations. He simply relies on his 'authority' (e.g. "Those of us who have experience with the gory bits of the x86 architecture...") rather than pointing out specifics. (For example, in this Slashdot thread, many people have posted links to actual examples of exploits where code was injected into the host OS. Why could he not have provided similar real-world data to back up his point?)
While we can all agree that the message/argument is more important than who delivers it, the means by which they deliver it absolutely has an effect on how quickly people will understand the logic. By being so inflammatory and dismissive, Theo turns an opportunity to educate others on security (and x86 hardware design) into a protracted back-and-forth where he mentions a few isolated facts per post. At the end of the day, he is right, and his argument is sound... but his style of discourse is very inefficient for convincing others of a technical point.
This doesn't just go for Theo. Many geeks have a superiority complex that causes them to be acerbic, arrogant, and dismissive in technical discussions. This is just a reminder that doing so merely causes the discussion to take longer than it would have otherwise.
We aren't specifically evolved do algebra either, and we (well, many of us) do a decent job at that. Humans are evolved to learn and adapt.
Absolutely. But Schneier's point is not that it is impossible for humans to think rationally about IT security, but that it does not 'come naturally' to the average person. The same is true of algebra and other branches of mathematics: humans in general have very advanced knowledge in these areas, but it is still quite easy to construct a mathematical problem that will trip up a layperson, because most people are not formally trained in mathematics, and will incorrectly invoke "common sense" when solving a problem.
The fact is that humans have an in-built "threat and probability analysis" system that was optimized to deal with "real world" situations like searching for food, avoiding predators, finding mates, etc. It is for this reason that gambling "works." People are easily tricked into believing that they can "beat the system" or "find a pattern." They believe that having rolled many sixes recently, they are "due for a 1 or a 2" even though the probability of rolling a particular number on a die is independent of previous rolls. This is because most of our in-built probability estimators assume chains of events are causally linked (which is a reasonable assumption in the "real world"--i.e. if it's been a long time since it has rained, it is indeed "due to rain soon").
In the realm of security, Schneier identifies certain assumptions that our minds make, which are actually fallacies when it comes to modern security (e.g. that a commonly occurring risk is less important than a rare risk).
We are not "built" to deal with modern security. As with advanced math, rather than rely on common sense (and its associated useless rhetoric) to set security policy, we need to have detailed arguments citing well-documented studies. We can indeed rise above our "programming," but far too many people don't bother trying--and continue to rely on common sense even when it is a demonstrably poor predictor.
Everybody should use the system they like and stop preaching and advocating. use trhe TOOL you like, not the bible you read.
Fair enough. However your post is somewhat dismissive, as if you're implying "I don't see the point of these kinds of articles" (if I'm putting words in your mouth, I apologize). To respond to that hypothetical implication: the point of such discussions is that there has to be some way for people to learn about alternatives.
I, for one, was once at a point where I was quite frustrated with my (Windows) experience. Only because people bothered to mention alternatives did I eventually discover that OSX and Linux solved many of the problems I was having.
As you can tell, I'm now a Linux user, so as you say my opinion is inherently biased towards enjoying Linux. So perhaps I gloss over some of the troubles I had along my migration path to Linux. Yet despite that, the experiences (both positive and negative) of people who have legitimately tried multiple operating systems are valuable to others. In fact, it's rather difficult to claim that the majority of Windows users are actually using "the right tool" because very few of them are aware of (much less have evaluated) the alternate tools out there. For many of them, their needs might actually be better served by a non-Windows OS.
I can understand a dislike of evangelical attempts to convert people... but there's nothing inherently wrong with describing, or even advocating, an alternative.
Slashdot Mirror
I understand that they intend to make it easy for third party developers to make apps for this thing, but the above quote suggests that some components (in particular the Google apps) will be integrated at a level that third party apps won't be able to modify.
Again, I'm excited about the possibility of a new phone challenging the status quo in the cellphone market, but this effort hardly seems to be the drive towards openness that OpenMoko (and the now discontinued Greenphone) is driving towards.
As you said, if you have a supported Red Hat install, you're not very likely to be doing as many random Google searches in the first place. The rise in CentOS searches since its inception points to more interest in that distro, yes, but that by association also means more interest in Red Hat systems.
I should also note that when I played around with Fedora, I found it somewhat unstable (not trying to start a flamewar here!)... which in a sense made me wonder about Red Hat as a distro. But then my experiences with CentOS showed me how stable and well put-together it actually is, which increased my opinion of RHEL.
What I'm trying to say is, the fact that CentOS is such a solid distro is good publicity for Red Hat, because people get to sample the enterprise-quality polish and updating before they commit to support contracts. Red Hat's secret sauce has never been the binaries; it's always been the reputation for good support. And CentOS adds to this perception of a quality product; a net gain for Red Hat.
First, to clarify the summary, psychologists were not reading letters to congress (like a bedtime story for politicians), they were analyzing letters that had been sent to members of congress.
The results were that postal threats were more extreme than email threats. This is hardly surprising. The barrier to writing a snail mail letter is higher, so this inherently selects for the more passionate people (whether truly concerned about an issue, or incredibly angry, or truly dangerously threatening). Writing an email is so easy that just about anyone will do it if they are slightly bothered by something. As such, I would expect email to, statistically, have fewer of the "fringe cases" of people who are being truly mentally ill, and more "normal people" just venting (in a profane and disorganized way, apparently).
I do wonder a bit about the sample size, mind you. I would have thought that there would be far more emails than postal letters sent to members of congress (and far more 'threatening' ones, too), but instead they analyzed more conventional letters than email. I wonder if this is a result of the relative frequency of the two types of threats, or if the researchers had some other reason to focus on postal mail.
To make really powerful magnets, of course, you need to use some tricks, such as shaping the system to concentrate the field at a particular point. In machines like MRIs and NMRs, the magnet is typically cooled (e.g. to liquid helium temperatures) which makes it superconducting. This allows a very large current to be passed through the coil, which generates extremely large fields at the center.
In this current case, they describe the magnet as: "created by packing together dense, high-performance copper alloys and running a current through them". (See picture here.) The article doesn't say whether they cool the coil to reduce resistance, or whether it is purely the shape of the coil that produces the extremely high field.
Yes, of course light is an electromagnetic wave. Light, like all forms of EM radiation (gamma rays, IR, radio waves, etc.) is carried by photons, which are elementary particles that have no electric charge. Since they have no electric charge, they are not affected by electric or magnetic fields.
The reason photons are referred to as "electromagnetic radiation" is not because they are affected by EM fields, but because they are EM fields. The photon is the force carrying particle for the electromagnetic force. What that means is that electric and magnetic fields are in fact "made of" photons: in quantum field theory, their action is in fact described by the exchange of virtual photons.
Since electric and magnetic fields are carried by photons, it would make for a strange universe if the photon had an electric charge, and were affected by those fields. In effect, it would mean that the photon would couple to itself, leading to all kinds of strange effects, like rays of light bouncing off of each other or attracting each other (in vacuum). Such effects are not observed.
Notes:
1. As I mentioned before, it is possible for magnetic or electric fields to affect the propagation of a light ray indirectly through their action on a material. Light refracts through material interfaces because of differences in refractive index. For some materials, a magnetic or electric field can be used to modulate the refractive index, and thereby change the path a light ray takes through the material. But magnetic fields do not affect photons in vacuum.
2. Some theoretical work suggests that the action of extremely intense magnetic fields could polarize the virtual particles that exist in vacuum, and thereby slightly modify the effective vacuum refractive index. This would then be a case of a magnetic field affecting light. Such effects would only occur at massive field strengths (perhaps at the surface of a neutron star), and are as of yet experimentally unverified.
No, you're right. The summary is just awkwardly worded.
Light is not affected by magnetic (or electric) fields since photons are neutral (no charge). You cannot deflect light with a magnetic field alone (although applying magnetic or electric fields to some materials can alter their refractive index and thereby change the deflection of a light beam passing through that material).
The connection between "light" and "magnets" in this new work is actually that the team found a clever way to build a large (and powerful) magnet that has gaps in it. These ports allow laser light to be directed at a sample sitting in a very high electric field (and allow measurements of the light scattered from the sample).
While it may not seem to be a huge achievement to build a magnet with holes in it, you have to keep in mind that building a 25 T magnet is already a big challenge: doing it with the additional constraint that you want easy physical access to the region of maximum field strength is even harder. This new setup should allow for some cool experiments, since it can probe in real-time (using light) how materials behave under very high magnetic fields.
Although one can immediately imagine using such nano-antennas in order to send commands to nano-bots and so forth, it's worth mentioning that the present experiment required the nanotube antenna to be in a vacuum. Still, having a small evacuated (radio transparent) container for the nanotube wouldn't make it much larger.
On the other hand, in this case the company in question apparently sued Cisco, who eventually settled. So they can probably claim that they were busy with other legal cases, and are now getting around to dealing with these infringers.
Consider the Vonage situation. This company is being sued by all the large incumbents. The established companies have a stake in keeping patents strong, since they are able to use this legal system to shut down competition. Having to occasionally pay some other company for a patent they neglected to get first is just "the cost of doing business."
I, too, wish that companies would lobby for a sane patent system. But, the problem is that even if big companies lose some money to frivolous patents, they are still sufficiently in control of the system that they win even more money from their own frivolous patents. Waiting for big business to save us from this mess is a mistake.
Generally you shouldn't pick your technology (programming language, toolkit, etc.) and then pick your audience based on what it supports. Instead, you should write out a list of requirements, and then pick the technology that satisfies all those needs. In this case, if one of the requirements was: "Must be available to all fee-paying persons with computer access (i.e.: must be platform agnostic)" then an OS-specific technology would never have been chosen in the first place.
I'm willing to give them the benefit of the doubt, and assume that this is a result of mis-management (e.g. not thinking very hard about requirements) rather than corruption (e.g. collusion with software companies), but in any case I question their planning process.
(And to those who may respond that "must support DRM" was one of the requirements in the initial design, and could only be satisfied using Windows-only software, I would then say that placing content protection above equal treatment of fee-paying users was, again, a poor design decision for an organization like the BBC.)
I agree. I would leave Slashdot if it became just another ad-encrusted site.
I think one of the problems is that businesses are almost always under pressure to expand. Merely maintaining the same revenue year by year is considered a failure, even though everyone is making good money (and even if the revenue is growing enough to offset inflation, and pay investors a reasonable return).
The obsession with expanding means that businesses are always trying to think in terms of "getting more customers" and "appealing to a wider base" and so forth. The problem is that there are already lots of companies (or websites in this case) that appeal to that generic audience. Adding yourself into that pool certainly doesn't guarantee increasing profits.
If Slashdot remains true to its roots, it will continue to do well, and to attract a very particular audience. Our numbers are actually growing, since each new generation will have some proportion of nerds/geeks who, upon discovering Slashdot, think to themselves "I have finally found people just like me! This place is great!" Of course Slashdot's readership won't grow as fast as something like Facebook that is designed to appeal to everyone... but that shouldn't be its focus.
In short, if Slashdot continues to pander to its unique demographic, it will continue to have a dedicated readership, and hence a guaranteed revenue stream.
That having been said, I have to wonder whether people will attempt to side-step this restriction. Once OS X Server and virtual solutions (like VMWare) are tweaked so as to allow easy virtualization, one would imagine it would be easy to move the virtual image to different (not Apple-branded) hardware. Then again, perhaps part of this collaboration with VMWare and Parallels is specifically to have hooks that will allow OS X Server to verify that the physical hardware is a genuine Apple machine.
Or maybe it's not a major concern, since the target market for OS X Server is large-scale businesses that typically abide by software license agreements. (Or am I being naive?)
You could argue that the 'Block all incoming connections' is badly worded, but you could argue that reading the documentation for a new firewall would be a useful thing to do as well. If the situation is indeed as you describe (that the problem here is just that the firewall is allowing certain connections that it "knows" are okay) then you're right: this isn't a security vulnerability, but rather a case of poor UI design. The UI is saying "I'm blocking all connections" even though it isn't. You're also right that in principle the user should educate themselves about their software. However the software should, as much as possible, not misrepresent what's going on. Saying "blocking all connections" and then allowing something to connect is a recipe for security mistakes.
A conspiracy theorist might suggest that the hardware manufacturers are intentionally adding a feature that causes the drives to fail eventually (but statistically outside of the manufacturer's warranty period), so that people have to buy more hardware. The more likely explanation is that the manufacturer set the defaults, but didn't notice that the values were unsafe because Windows ignores them.
Getting Ubuntu to override the defaults should be viewed as a short-term solution. Ultimately the hardware manufacturers should be setting default values that will not damage the hardware. Ideally they would design safeties into the hardware, which do sanity checks and reject ridiculous values.
First off, putting a launchpad link on the frontpage of Slashdot is bad form. Launchpad is for discussing and resolving bugs, and we're not helping by swamping that page. It might be better if people read the wiki that has been set up to summarize the issue.
In answer to your question about how this isn't Ubuntu's fault, apparently the problem is that the manufacturer sets certain default values for "aggressive power management" and enables this aggressive power management by default. Ubuntu's policy is to not change the manufacturer defaults, and simply uses them. Unfortunately these defaults are "too aggressive" and cause the hard drive to park/unpark too frequently.
But Ubuntu is not blameless. First of all, if Ubuntu can push out a patch that resets the manufacturer defaults to sane values (and this will save some people from hard drive failures), then it definitely should. Also, there is some discussion that perhaps an Ubuntu daemon is probing the hard disk too frequently, so that the hard-drive can't sit in the parked state for long enough to actually make it a useful feature.
Regardless of who is to blame, it would appear that the Ubuntu devs should push out a patch that forces systems to ignore the manufacturer values, and use settings that will protect the drive lifetime.
But there's no need for the "default public" policy that WHOIS historically operated on. Moreover, if someone like Microsoft wanted an anti-Linux site, it would be trivial for them to outsource its operation to some other company. The current WHOIS actually doesn't provides a robust mechanism for determining who runs and operates a domain name.
The problem is that WHOIS currently is a very weak system. The data it contains isn't accurate, isn't verified, and what few legitimate uses there are for the system could just as easily be accommodated in an "default private" system where requests for additional information about a domain require a little bit of processing (and notification to the domain owner about who is performing a formal lookup on them, and the stated reason for doing so).
Indeed.
Anti-virus software's main purpose, it would appear, is not to detect novel threats, but to limit the proliferation of established threats. And for it to perform this task, it needs to be continually updated with new virus definitions.
However, if every virus infection necessarily requires the exploiting of a security vulnerability... then it would seem that all the effort in designing and implementing a "virus signature update" system would be better spent designing and implementing a "uniform software update" system, so that the number of vulnerabilities on a computer is always as low as humanly possible.
I think most readers will recognize that this is precisely what Linux does: considerable effort is put into having a uniform package manager, so that software all gets updated routinely and uniformly (rather than expecting the user to separately update each of hundreds of apps with possible vulnerabilities). Rather than spend time worrying about getting the latest virus signature in the database, the coders worry about having all the code in the trusted repository being as bug-free as possible.
Alan S. Eiser "Physiology and Psychology of Dreams" Seminars in Neurology, vol. 25, No. 1, 2005. doi: 10.1055/s-2005-867078
According to that article: Actually this was established early on in the research on dreaming. See this article from 1957:
Dement W, Kleitman N. "The relation of eye movements during sleep to dream activity: an objective method for the study of dreaming." J Exp Psychol 1957;53:339-346
The idea that dreams are somehow accelerated with respect to normal time isn't substantiated. Yet for some reason it has taken root in pop science. As far as I know, the notion that the human mind can process information/sensations faster than real-time has not been established.
No doubt Microsoft would try to create license terms to prohibit such usage, but without cooperation from the hardware designers in the OLPC project, I'm not sure they will have any technical ability to lock-out their Windows XP version from being run in virtual machines.
Actually, I wasn't so much trying to say that legalese has to be impenetrable and incomprehensible, but that it is generally carefully-written and detailed (such that is must be read equally carefully). I was pointing out that the GPLv3 (in my estimation) is no more "complex" than any other legal document I've had occasion to read (tenant agreements, loan agreements, software license agreements, etc.). In fact, the GPL has a very readable preamble which states quite clearly what the intention of the license is--something which not all contracts/licenses do. I was responding to the statement that the GPLv3 was "complex."
In any case, if any legal experts in the crowd can comment on whether the GPL is more or less complex than the status quo in the field, I'd be very interested.
So, in short, the complexity of the GPL is a necessary evil to the extent that it is a legal document attempting to prevent freedoms from being denied.
So, if this company's technology can actually improve speeds, we should be interested because it could provide new opportunities (and not because we are worried about some imagined crisis). Then again, I'm certainly as skeptical as you that this new technology will pan out as they claim (marketing campaigns that involve predictions of crisis are not needed if a technology is really as powerful as they claim).
1. He uses troll-like sentences that divert away from the technical discussion. E.g. he says "You are absolutely deluded, if not stupid, if you think that..." rather than just saying "It is incorrect to say that..." In each post, he throws in some needlessly inflammatory sentences and personal attacks.
2. He uses idioms and analogies that do more to confuse than to get a point across. E.g. he says "The security benefits are at the 'ability to buy a steak for dinner' level." It's not at all clear what useful information is added to the discussion with sentences like that.
3. He is dismissive in his responses to the point of being uninformative. If he had simply laid out his entire argument in the first email, then others could judge the quality of his logic. Instead he dismisses the entire discussion with things like: "You've seen something on the shelf, and it has all sorts of pretty colours, and you've bought it. That's all x86 virtualization is." This is supposed to be a technical discussion but instead he leaves all the details to the imagination.
4. He makes bold assertions without citations. He simply relies on his 'authority' (e.g. "Those of us who have experience with the gory bits of the x86 architecture...") rather than pointing out specifics. (For example, in this Slashdot thread, many people have posted links to actual examples of exploits where code was injected into the host OS. Why could he not have provided similar real-world data to back up his point?)
While we can all agree that the message/argument is more important than who delivers it, the means by which they deliver it absolutely has an effect on how quickly people will understand the logic. By being so inflammatory and dismissive, Theo turns an opportunity to educate others on security (and x86 hardware design) into a protracted back-and-forth where he mentions a few isolated facts per post. At the end of the day, he is right, and his argument is sound... but his style of discourse is very inefficient for convincing others of a technical point.
This doesn't just go for Theo. Many geeks have a superiority complex that causes them to be acerbic, arrogant, and dismissive in technical discussions. This is just a reminder that doing so merely causes the discussion to take longer than it would have otherwise.
The fact is that humans have an in-built "threat and probability analysis" system that was optimized to deal with "real world" situations like searching for food, avoiding predators, finding mates, etc. It is for this reason that gambling "works." People are easily tricked into believing that they can "beat the system" or "find a pattern." They believe that having rolled many sixes recently, they are "due for a 1 or a 2" even though the probability of rolling a particular number on a die is independent of previous rolls. This is because most of our in-built probability estimators assume chains of events are causally linked (which is a reasonable assumption in the "real world"--i.e. if it's been a long time since it has rained, it is indeed "due to rain soon").
In the realm of security, Schneier identifies certain assumptions that our minds make, which are actually fallacies when it comes to modern security (e.g. that a commonly occurring risk is less important than a rare risk).
We are not "built" to deal with modern security. As with advanced math, rather than rely on common sense (and its associated useless rhetoric) to set security policy, we need to have detailed arguments citing well-documented studies. We can indeed rise above our "programming," but far too many people don't bother trying--and continue to rely on common sense even when it is a demonstrably poor predictor.
I, for one, was once at a point where I was quite frustrated with my (Windows) experience. Only because people bothered to mention alternatives did I eventually discover that OSX and Linux solved many of the problems I was having.
As you can tell, I'm now a Linux user, so as you say my opinion is inherently biased towards enjoying Linux. So perhaps I gloss over some of the troubles I had along my migration path to Linux. Yet despite that, the experiences (both positive and negative) of people who have legitimately tried multiple operating systems are valuable to others. In fact, it's rather difficult to claim that the majority of Windows users are actually using "the right tool" because very few of them are aware of (much less have evaluated) the alternate tools out there. For many of them, their needs might actually be better served by a non-Windows OS.
I can understand a dislike of evangelical attempts to convert people... but there's nothing inherently wrong with describing, or even advocating, an alternative.