You forget the whole point of 1984, and systems like the panopticon or RIAA lawsuits here in the US.
The point of implementing one of these systems is not to spy on/catch everyone on earth. (As many people have pointed out, that is infeasible and counterproductive.) Instead, they are designed to change the population's behavior by introducing the possibility that the authorities may be watching.
So, if you go by point (3), and stop 'saying the wrong thing' in public, you've given up your freedom of speech, and the system is working as intended.
That's not to say that these wireless mics are being installed in a way that violates privacy, or is designed to limit political speech; I have no idea.
However, if the UK starts to arrest political dissidents on a regular basis, it might make sense to start thinking about the microphones in a different way.
Personally, when it comes to applying surveliance systems to the general population, I think it is better to err on the side of caution. The damage these systems could cause if abused is often much greater than any benefit they could provide. Therefore, it makes sense to minimize the potential for abuse.
Re:Very "interesting" quote...
on
Gates on Google
·
· Score: 1
Given that Microsoft's long term strategy is to leverage its Windows monopoly to slowly bleed Google of users, I find it amazing that Google keeps propping up Windows' monopoly status.
Sure, Google's web site works under Firefox, but their installable software is Windows-only (unless they have some stuff for Mac OS). I can see where it would be difficult to port to Apple (since Mac OS already has integrated search tools, and Apple is good at getting UI's right), but it shouldn't be very difficult to port to Linux.
If they want to compete with Microsoft, they should help undermine its operating system business. The more fronts Microsoft must compete on, the more resources they must dump into innovative products, and the better it is for their competition (and customers).
On the other hand, if the google search API is done correctly, Open Office and/or the Gnome/KDE desktop will eventually contain the integrated search features that Microsoft is adding to Longhorn. Perhaps Google would rather let non-MS OS vendors control their own desktop interfaces.;)
I don't know, if Wharf weren't a Klingon, they would have had a murder on their hands... how many soap opera characters are killed by their girlfriends with a knife?
Maybe if you get in such a fight, and the audience thinks its funny, its not a soap. (Or maybe its just a very bad soap. Either way, DS9 is off the hook, I guess.)
marrying your mother's sister's brother's cousin, who turns out to be an evil twin of your uncle's CEO type stuff in that show
They saved that for Battlestar Gallactica. The only difference is that there's even less of a biological relationship between the characters and their cylon girlfriends, and there's an unending supply of evil twins...
Most of the candle/firelight stuff was in TNG. I'm still not sure how to fit in the whole Wharf and Dax thing toward the end of DS9. Neither of them seem to be the CEO type.;)
The basic idea is that NAFTA allows corporations to sue foreign governments if the corporation can show that a foreign law is costing them profits, or the opportunity to make a profit. For instance, a Canadian mining firm sued the US because it wanted to strip mine a US park...even though there weren't enough minerals in the ground to break even!
The article contains many other examples, as does this one. (The second article is from 1999; this has been going on for a long time...)
As long as there is money to be made, I suspect we'll see abuses of this sort, whether they target the environment, privacy rights, IP laws, or whatever else people can think of.
It wasn't just about communism and the cold war. It was also strongly anti-fascist. Think of all of the episodes where Kirk shut down a perfectly functioning society run by some sort of computer that played the role of benevolent dictator...
Enterprise had some tie in with current political events too. (I'm not a big enterprise fan) They had the episode where the captian tortured a prisoner for information (it was aired after the complaints about guantanamo started), and the whole series was based upon an unexpected 'terrorist' strike by a nearly unknown enemy that used guerilla tactics, and targeted civilians. (Al Queda?)
There was also the theme that they weren't quite responsible for their actions because they faced a new challenge. That always bothered me, since the enterprise crew could have looked to past precedents from military and maritime law. Also, it's one of Bush's favorite excuses (think about the phrases "new kind of war," "geneva convention doesn't apply to this situation", etc, etc...)
I think enterprise had a lot going for it. The thing that ruined it for me were the long, arduous subplots that span multiple seasons. Yes, it worked for Bab 5 (and Battlestar Galactica), but Bab 5 was a well thought out soap opera. If I wanted to watch a soap opera, I wouldn't tune into star trek.
This is a really old idea. Initially, the idea was to run some system memory or drive cache off of a battery. Then, a portion of memory would remain persistant across reboots. The memory would act as the flash memory in the article does, except that it would be normal system memory, so it would be fast, but you would have to worry about battery failure.
I'd like to see something like this in the linux kernel. You could imagine having it support spooling reads and writes from any type of block device to any other block device.
Then, you could just plug flash into your system, or you could use battery backed up ram. If you want good redundancy, you could use a fast raid 1 setup and slowly spool data to raid 5. There are quite a few pre-existing products that do all of these things already, but they are generally expensive, or not widely available. I don't see why any of it couldn't be done in the operating system with standard components, though...
Where I live, PC's up to around 200 MHz. (original Pentium and below) are effectively free. You want one? Look around, hand over a sixpack of beer, and you have one.
Now with a $170 budget, I can get you a (used) PC that includes monitor, and beats the crap out of any thin client you can find for same money.
I thought this until I tried it with my old 366MHz laptop. VNC at 1024x768 was sort of tolerable with an 8-bit color depth after I messed around with compression options. The problem is that the system is too slow to (a) uncompress highly compressed data and (b) to utilize enough of the 100MBit connection to handle an uncompressed stream. There is a sweet spot between a and b, but it's kind of hard to find. I didn't try windows terminal server, since the server was a linux system. Synchronous protocols like X11 (LBX) or NX were totally unusable.
NX is great for running over slow connections (sub-cable modem), but it doesn't seem to drop frames if the CPU can't keep up... I don't know though, I'm not an expert in this stuff.
Anyway, it looks like the big advantage of the Ndiyol is that they've done a lot of work to come up with a custom protocol and/or cheap hardware set-up that actually work out of the box for $170. I noticed that they ship with 2MB of RAM. Also, they plan to move the whole thing on to one chip... that should cut cost significantly.
If they can get full screen video streaming + sound to work, and provide a connector that lets me plug in a remote control, I'm putting one of these in my living room. Assuming that it can run in hot environments, it would outperform all of the sub $2,000 systems that I've been able to find on the market these days.
(I've been trying to find something that can run as a mythtv frontend, and be silent, small and stable in a 95F room. There are probably some systems out there, but it is really hard to find out the operating temperature range or noise level of prebuilt computer systems.)
I'm not sure I understand the invasion of privacy thing... isn't that already going on in the US? Maybe the parent should be modded "funny"...;)
If they are tracking down on BT as a technology in China, it might be because they are worried that BitTorrent is being used to bypass China's filtering firewall.
I'm not sure that makes very much sense, since.torrent files are typically served by web servers, and China can already (try to) block objectionable web servers. Still, it's a decent theory.
I see this as a three pronged approach by Microsoft.
Take a new, innovative direction in security. In the long run, they can cripple windows until it cannot be useful enough for a virus/work author to target. (If you are an end user, see the next point.)
Microsoft understands that some "enterprise" applications like nmap or ping require a modern operating system. Therefore, maybe a special "enterprise' version of XP (with all the functionality of Windows XP SP1) is in the works. It will only cost a 'little' more than XP Pro. Maybe they'll use the average of the price of XP Pro and 2003 server...
If everyone signs their code with an MS approved key, the code that results will be non-malicious and bug free. (Look at ActiveX!) Code in the kernel runs faster. (Especially since it bypasses the.NET VM!) Therefore, application developers can simply write at kernel level. This has the added benifit of being really, really, hard to get right. We all know that virus authors are complete idiots, and professional software developers are willing to jump through arbitrarily high hoops to deal with arbitrary bugs/limitations in Windows, so there is no downside to further obfuscating it's API's.
By extrapolating this reasoning over the next few years, we can see that other dangerous operations will be moved into the kernel. For instance, preventing user-space code from writing files in binary mode will prevent malicious third party software from writing invalid application data. (This way, the terrorists that wrote Open Office will not be able to crash Office XP any more...this also kills off polymorphic viruses that spool the outgoing versions of themselves to disk!)
Finally, they can set all of C:\Proram Files and C:\Windows read only, unless you write your installer as a kernel level driver. This will further protect the system from malicious applications.
This combined with a few hundred ill-advised random hacks will lock down the dangerous administrator accout. If any customer complaints are generated, they'll simply have the default user run everyting in a cooperative-multitasking, in-kernel setting. It will be like Windows 3.0, but secure.
Maybe they'd be better off if they moved away from this idea that pushing application code into the kernel is a good idea...
Pay Pal's security is terrible, and they have a bad habit of seizing money from people's accounts without launching a proper investigation. If someone successfully compromised SPI's bank account, their Pay Pal account would certainly be broken into.
For more information about why Pay Pal should not be used for large amounts of money, google for "pay pal complaints".
On the other hand, SPI should accept some form of electronic payment... Credit cards, maybe?
Google is making so much money because of its keen business sense and superior technology, not their "Do no evil" clause.
I disagree. Recent user studies have used "anonymized" searches from multiple search engines to judge the quality of search results. The "anonymized" searches were presented in a generic format that did not identify the search engine that produced them. Participants in the studies were asked to rank the quality of the results. If I remember correctly, Google came in first, but only by a very small margin. I don't remember the name of the study, or else I would link to it.:(
Assuming that other companies can produce search results that are competitive with Google, Google needs to maintain a good reputation, and continue to produce high quality secondary services like Google Maps if they want to keep their market share.
If they started to behave irresponsibly (eg: selling page rank, or compromising the usability of their interface to allow for more advertising), one of their competitors could easily steal the market from them. (MSN search comes to mind. *shudder*)
Having said that, I really respect Google's business practices, and wish them well in the future. I just hope their management continues to plan for a few years into the future. I've seen too many good companies trade their reputation for short term profits by abusing their customers, or by cheapening their product. (Personally, I don't see why everyone is so upset about Google's addition of animation to their graphical ads, but that's me...)
The vast majority of commercially available finger print readers can be fooled as follows:
Find a reader that has been used before, so someone's left a valid finger print on it.
Place a piece of thin paper over the reader.
Press gently to warm the paper up
The reader sees a ghost of the last finger print, and the temperature sensor sees warmth + a pulse, so you're in.
I think there was an episode of McGyver where he used black paper and dusted for prints on the reader to increase contrast, but that isn't really necessary.
More recently, this trick, which uses gelatin and requires access to the original finger was published, and seems to fool the really, really high end readers for about $10.
I wonder if you could make a mold for the gelatin from a picture of the finger print and off the shelf components. If you had an old laser printer that dumped a think layer of toner onto a piece of transparency film, that might be enough, but there's probably a better/cheaper way to do it using chemical etching, or something like that...
Personally, I'm perfectly happy with ssh certificates for my authentication needs. If I cared about security more, I would disable password authentication for my accounts, so that the SSH key is required. The key itself is password protected, and stored in an unshared directory on my laptop.
In order to get access to the certificate, you need to break into my laptop or office (which is probably easy), but at that point, it doesn't matter what sort of authentication scheme I use... The password protection adds some security against script kiddies, since they would need to install a key sniffer on my system, or try to brute force it once they obtained a copy of my private key.
I run ssh-agent, so I get single sign-in for all of the unix systems I have access to, including ones that are in different administrative domains, and without any trusted centralized party to manage authentication.
Key authorities are expensive, and could be abused. Remember Microsoft Passport? Ignoring the fact that it was insecure, it was also a huge privacy problem, since it allows microsoft to track user behavior across multiple web sites, and applications (eg MSN Messenger). Do you want Bill Gates or Slammer 2006 to be able to send everyone you know a list of everything you bought/read last year? Do you want that information to be stored in a centralized repository without government regulation?
Multiple administrative domains really kill biometric and password based systems. If you use your atm card or thumbprint to buy groceries, then you are giving the grocery
store everything it needs to fake your thumbprint or use your ATM card for fraudulant purposes. Now, if you use your thumbprint or the same pin for security sensitive data, you are effectively giving the grocery clerk the security sensitive data...
I think Bruce Schneier is right, passwords are obsolete. IMHO, biometrics are just expensive passwords that cannot be changed, and that are more easily stolen. If you're worried about security, run SSH, and set it up correctly. If you can't run SSH, use SSL/HTTPS certificates or something similar. If you want to use untrusted hardware, then get a USB dongle, and don't trust the hardware.;)
Mounting the fan this way would help, but it seems difficult to scale up to multiple drives. On my home system, I have two hard drives in large CD-ROM bays and want to mount one low speed fan that blows air past the drives from the front of the case to the back.
I've jerry-rigged this already with some tape. The CPU temperature dropped by 20F, and the hard drive's temperature dropped to room temperature + 5F. (I also opened up the front of the case which probably helped a lot...)
The problem is that the installation looks terrible, and is noisy, since the fan is exposed to the outside of the case. Also, I don't really trust the tape to hold up over time.
I would like to do something that is more permanent and that is completely internal.
Hard drives have screw holes on the bottom that can be used for mounting, but these holes aren't used by the hard drive brackets that I have.
Perhaps one of them could be used to mount an 80mm fan like this, entirely inside of the case. (Some other case fan would be needed to provide fresh air, but this would make sure that the drives had air-flow.)
Here's the tricky part. I've drawn the fan so that it is flush with the cd-rom and the top of the case. It turns out that standard 80mm fans actually do take up all of the space. So, what type of commonly available, cheap mounting bracket will connect one of the screw holes on the bottom of the drive to the mounting hole on the fan? I think the best way to go is to pick something that will bend, and then use 2-4 of them to keep the fan from moving. Any ideas?
Windows XP Professional and most variants of Linux support multiple processors and thus multiple threads of execution. In fact, Windows XP Pro is capable of working with a total of four execution threads
Is XP Pro really limited to 4 cpus? I wish my copy of Linux 2.6.11 Home Edition supported SMP... If only I'd forked over another $75 to Linus!;)
Anyway, in response to the parent, I'm pretty sure the reason that most people see an improvement with WinXP and hyperthreading is that hyperthreading subverts Windows's braindead scheduling policy.
(Unless they've changed this recently) By default, Windows puts CPU hungry jobs in the foreground, so if you're running multiple apps, the only one that responds well is the one updating its progress bar.
With multiple cores, you need to have at least one cpu intensive job per core before the scheduler can get in the way of interactive tasks.
I've always wondered what the "Schedule the CPU for my applications" vs. "Schedule the CPU for system services" toggle actually did. The services choice might lower the priority of processes that are CPU intensive. (If that is all that it does, it should increase responsiveness when you multitask, and I doubt it would have much effect on games or multimedia, but I could be wrong.)
I haven't noticed many image quality problems on my soon to be retired free 19" color set, although it was hard to set up nvtv correctly. I've since decided that my ancient 20" Dell Trinitron Monitor^H^H^H "HDTV" is a better option.
The monitor does 1600x1200@85Hz well, but that leads to bad 'stair stepping' artifacts on images with thin, straight lines, like anime.
1280x960 (twice 640x480, the resolution the PVR-250 is set to capture at) looks much better, and is still usable for web browsing, etc.
An HDTV tuner card would complicate matters since I'd need to pick a resolution that made sense after letterboxing... Ideally it would switch resolutions depending on whether it was playing NTSC, DVD or HDTV.
I also had to use xgamma to brighten up the image, since TV's have a higher gamma value than monitors, and the "brightness/contrast" adjustments on the monitor don't compensate for that.
The 150 and 250 both do hardware encoding and software decoding. The 350 does hardware decoding. This isn't a big deal, since X (at least with nvidia cards) supports accelerated video decoding under linux. (The most important thing is support for hardware scaling) On the other hand the 350 is handy if you don't have a tv-out port on your video card.
The 250 comes with a remote.
The PVR-250 is a good choice under linux since it works with MythTV and the remote is supported. On the other hand, the drivers are in beta.
Also, I looked at the sample screenshots, and the PVR-150 card seems to be misconfigured. I don't see those artifacts under MythTV with my PVR-250.
.NET does this for Managed Code on Windows and with an incredibly fine grained (and extensible) set of permissions.
I haven't seen the.NET stuff, so I shouldn't really comment, but 'incredibly fine grained' has me worried. I'd like to see a system that an average (joe-six-pack) user could use. Maybe
I would put one in for the registry, but I still think that sharing the registry across apps is a terrible idea. Maybe a box like this:
[] Store settings and files on my hard drive
The last option would give it a sandboxed directory, while "My Files" would let it out of the sandbox. I'm no HCI expert, this can't be that hard to define in a way that is intuitive to end users.
Application Impact Management - coming in Windows Longhorn
Check out the knoppix linux kernel patches. They already provide all of the kernel mechanisms needed for this.;) I looked at AIM, and it seems to be a similar mechanism.
I'm not sure that it goes far enough, however, as the description here:
makes it sound like the app can still nuke the user-account registry, and also makes it sound like the app's access to directories other than Program Files (and probably windows) is still unrestricted. To me, this seems to be more or less the equicalent to installing untrusted apps under a user's home directory under linux. (AIM's usability is probably better them manually installing stuff to home directories, but linux splits user configurations into seperate files, so they can be broken/repaired seperately.)
I would like a mechanism that is a bit more powerful, and deals with malicious softare that is attempting to access personal information or improperly access resources that I don't think it needs. SELinux provides a lot of hooks to deal with this sort of thing, but it is not easy to customize.
At least the dialog guards against the most common types of viruses and security holes. Sure, most users will blindly type in a password if a software installer asks them to, but what about an e-mail attachment or random internet site?
It would be better if the OS provided customizable permissions (grant networking access seperately from hard drive access, for example), but I've yet to see a good security setting setup or user interface to allow that sort of thing...
It would also be nice if you could 'spoof' root access to trick software into thinking it has full access to your system.
For instance, the OS could intercept all calls to update files outside of a folder called "buggy-app" on the desktop, and use an overlay file system and copy-on-write to store the changes in a special directory. Only the spoofed program would use the files that it created and modified, and the changes it performed could be reversed by deleting the stuff the OS put in/tmp...
Add this to restricting read access to sensitive user information, and this could be a first step toward sandboxing applications.
There's plenty to learn if you want to use windows.
You need to constantly upgrade IE, avoid malicious sites, learn which activeX warnings to click 'no' on, install anti-virus software, lock down your mail client, or learn to "view source" before clicking links in email, figure out which office features are correctly supported by newer/older versions of office, etc, etc.
Most people that ask me windows questions are having trouble with security or hardware trouble. I have similar problems with hardware under the two OS'es. (I only buy stuff that's supported under Linux.) As for security, there's no comparison.
Most of the people I work with (all Computer Science grad students, in other words, expert users) that run Windows XP have had their systems infected with viruses / spyware at least once over the last two years. I don't know anyone that's had this happen under Linux over that time period, and I know more Linux users than Windows users.
Why? It's simple. Linux software tends to be relatively secure by default, both in user interface terms, and in terms of underlying technology (for example, there is no activeX, and most software comes from a centralized, audited repository). Also, since Linux has a smaller user base, it is less of a target for phishing attacks, browser hijacks, worms, etc.
Besides, I "just turn on the machine and surf the web" once I have the OS installed, and last I checked, the infamous Debian installer worked much better in a dual-boot environment than the XP one.
(XP moves the equivalent of fdisk/mbr to the install disk, and the install disk hangs on boot if the partition table has been edited by debian. Also, XP refuses to leave some space at the beginning of the hard drive, preventing you from placing linux's boot partition in front of the @#$%! 8.4G bios limitiation that apparently still applies on some new computers. So much for assuming 'I'll have Linux create a boot partition 50Gig into the disk and install grub, I can just restore the MBR if necessary...')
No, in practice, debit cards are not covered by the zero liability plan. From VISA's site:
*Covers U.S.-issued cards only. Visa's Zero Liability policy does not apply to commercial card or ATM transactions, or to PIN transactions not processed by Visa. See your Cardholder Agreement for more details.
**Cardholders should always regularly check their monthly statements for transaction accuracy. Financial institutions may impose greater liability on the cardholder if the financial institution reasonably determines that the unauthorized transaction was caused by the gross negligence or fraudulent action of the cardholder--which may include your delay for an unreasonable time in reporting unauthorized transactions.
Before you think 'I can keep my PIN secret, so what's the problem?', try to figure out how a transaction was processed by looking at your bank statement. Was it credit or debit? What network processed the transaction?
I recently had my VISA card used fradulantly, and was stuck footing the bill.
The 'call this number if your card is lost or stolen' number on the back of the card didn't work. Apparently, the organization that I contacted does not handle debit cards.
The charge was for $40; the zero liability plan applies to the first $50 of fradulant transactions.
Of course, my bank "didn't know" how the charges were made, and ATM/pin transactions are not covered, so I couldn't take advantage of the Zero Liability policy without paying the bank to figure it out for me.
I found that the vendor (McAfee) was totally unresponsive (I never managed to contact a human being after trying for a few hours), so I could not obtain any information about the transaction (I thought I would get an IP address or a shipping address. Yeah, right!)
The bank wanted to charge well over $100 to 'launch an investigation', which would be billed as an initial cost plus an hourly fee, and could drag on indefinitely.
VISA charges vendors a few percentage points of every purchase you make. If the per-transaction fees aren't being used to combat fraud on the network, or even to maintain contact information for a handful of major vendors, what are they for?
If the average amount of a transaction is $5, and Visa takes 1% (two very low estimates), that's costing the vendor $0.05. For what? Sending a few kilobytes of data over an encrypted line? Running a (really expensive!?!) database transaction?
I've been dumping around a bit over 1% of my income into this network for years. If federal tax is 20%, that's roughly as much as I've put into the department of education and department of transportation, combined!
At this point, I think I'll just carry cash, since its less of a hassle. If I get mugged, I'm out $100, and that's it. With a VISA card, I get to negotiate with my bank over who is liable for what, and there is a huge risk of electronic fraud. Besides, using cash keeps prices lower, and most businesses are happy to accept it.
Slashdot Mirror
You forget the whole point of 1984, and systems like the panopticon or RIAA lawsuits here in the US.
The point of implementing one of these systems is not to spy on/catch everyone on earth. (As many people have pointed out, that is infeasible and counterproductive.) Instead, they are designed to change the population's behavior by introducing the possibility that the authorities may be watching.
So, if you go by point (3), and stop 'saying the wrong thing' in public, you've given up your freedom of speech, and the system is working as intended.
That's not to say that these wireless mics are being installed in a way that violates privacy, or is designed to limit political speech; I have no idea.
However, if the UK starts to arrest political dissidents on a regular basis, it might make sense to start thinking about the microphones in a different way.
Personally, when it comes to applying surveliance systems to the general population, I think it is better to err on the side of caution. The damage these systems could cause if abused is often much greater than any benefit they could provide. Therefore, it makes sense to minimize the potential for abuse.
Given that Microsoft's long term strategy is to leverage its Windows monopoly to slowly bleed Google of users, I find it amazing that Google keeps propping up Windows' monopoly status.
Sure, Google's web site works under Firefox, but their installable software is Windows-only (unless they have some stuff for Mac OS). I can see where it would be difficult to port to Apple (since Mac OS already has integrated search tools, and Apple is good at getting UI's right), but it shouldn't be very difficult to port to Linux.
If they want to compete with Microsoft, they should help undermine its operating system business. The more fronts Microsoft must compete on, the more resources they must dump into innovative products, and the better it is for their competition (and customers).
On the other hand, if the google search API is done correctly, Open Office and/or the Gnome/KDE desktop will eventually contain the integrated search features that Microsoft is adding to Longhorn. Perhaps Google would rather let non-MS OS vendors control their own desktop interfaces. ;)
I don't know, if Wharf weren't a Klingon, they would have had a murder on their hands... how many soap opera characters are killed by their girlfriends with a knife? Maybe if you get in such a fight, and the audience thinks its funny, its not a soap. (Or maybe its just a very bad soap. Either way, DS9 is off the hook, I guess.)
I used to think that NAFTA made a fair amount of sense until corporations started to use it as a way to avoid environmental regulations in order to make a quick buck.
The basic idea is that NAFTA allows corporations to sue foreign governments if the corporation can show that a foreign law is costing them profits, or the opportunity to make a profit. For instance, a Canadian mining firm sued the US because it wanted to strip mine a US park...even though there weren't enough minerals in the ground to break even!
The article contains many other examples, as does this one. (The second article is from 1999; this has been going on for a long time...)
As long as there is money to be made, I suspect we'll see abuses of this sort, whether they target the environment, privacy rights, IP laws, or whatever else people can think of.
It wasn't just about communism and the cold war. It was also strongly anti-fascist. Think of all of the episodes where Kirk shut down a perfectly functioning society run by some sort of computer that played the role of benevolent dictator...
Enterprise had some tie in with current political events too. (I'm not a big enterprise fan) They had the episode where the captian tortured a prisoner for information (it was aired after the complaints about guantanamo started), and the whole series was based upon an unexpected 'terrorist' strike by a nearly unknown enemy that used guerilla tactics, and targeted civilians. (Al Queda?)
There was also the theme that they weren't quite responsible for their actions because they faced a new challenge. That always bothered me, since the enterprise crew could have looked to past precedents from military and maritime law. Also, it's one of Bush's favorite excuses (think about the phrases "new kind of war," "geneva convention doesn't apply to this situation", etc, etc...)
I think enterprise had a lot going for it. The thing that ruined it for me were the long, arduous subplots that span multiple seasons. Yes, it worked for Bab 5 (and Battlestar Galactica), but Bab 5 was a well thought out soap opera. If I wanted to watch a soap opera, I wouldn't tune into star trek.
Anyway, that's my two cents. ;)
This is a really old idea. Initially, the idea was to run some system memory or drive cache off of a battery. Then, a portion of memory would remain persistant across reboots. The memory would act as the flash memory in the article does, except that it would be normal system memory, so it would be fast, but you would have to worry about battery failure. I'd like to see something like this in the linux kernel. You could imagine having it support spooling reads and writes from any type of block device to any other block device. Then, you could just plug flash into your system, or you could use battery backed up ram. If you want good redundancy, you could use a fast raid 1 setup and slowly spool data to raid 5. There are quite a few pre-existing products that do all of these things already, but they are generally expensive, or not widely available. I don't see why any of it couldn't be done in the operating system with standard components, though...
NX is great for running over slow connections (sub-cable modem), but it doesn't seem to drop frames if the CPU can't keep up... I don't know though, I'm not an expert in this stuff.
Anyway, it looks like the big advantage of the Ndiyol is that they've done a lot of work to come up with a custom protocol and/or cheap hardware set-up that actually work out of the box for $170. I noticed that they ship with 2MB of RAM. Also, they plan to move the whole thing on to one chip... that should cut cost significantly.
If they can get full screen video streaming + sound to work, and provide a connector that lets me plug in a remote control, I'm putting one of these in my living room. Assuming that it can run in hot environments, it would outperform all of the sub $2,000 systems that I've been able to find on the market these days.
(I've been trying to find something that can run as a mythtv frontend, and be silent, small and stable in a 95F room. There are probably some systems out there, but it is really hard to find out the operating temperature range or noise level of prebuilt computer systems.)
I'm not sure I understand the invasion of privacy thing... isn't that already going on in the US? Maybe the parent should be modded "funny"... ;)
.torrent files are typically served by web servers, and China can already (try to) block objectionable web servers. Still, it's a decent theory.
If they are tracking down on BT as a technology in China, it might be because they are worried that BitTorrent is being used to bypass China's filtering firewall.
I'm not sure that makes very much sense, since
By extrapolating this reasoning over the next few years, we can see that other dangerous operations will be moved into the kernel. For instance, preventing user-space code from writing files in binary mode will prevent malicious third party software from writing invalid application data. (This way, the terrorists that wrote Open Office will not be able to crash Office XP any more...this also kills off polymorphic viruses that spool the outgoing versions of themselves to disk!)
Finally, they can set all of C:\Proram Files and C:\Windows read only, unless you write your installer as a kernel level driver. This will further protect the system from malicious applications.
This combined with a few hundred ill-advised random hacks will lock down the dangerous administrator accout. If any customer complaints are generated, they'll simply have the default user run everyting in a cooperative-multitasking, in-kernel setting. It will be like Windows 3.0, but secure.
Maybe they'd be better off if they moved away from this idea that pushing application code into the kernel is a good idea...
Pay Pal's security is terrible, and they have a bad habit of seizing money from people's accounts without launching a proper investigation. If someone successfully compromised SPI's bank account, their Pay Pal account would certainly be broken into.
For more information about why Pay Pal should not be used for large amounts of money, google for "pay pal complaints".
On the other hand, SPI should accept some form of electronic payment... Credit cards, maybe?
It's unofficial DeCSS (really libdvdcss) packages already come from France. (Thanks Marillat!)
I disagree. Recent user studies have used "anonymized" searches from multiple search engines to judge the quality of search results. The "anonymized" searches were presented in a generic format that did not identify the search engine that produced them. Participants in the studies were asked to rank the quality of the results. If I remember correctly, Google came in first, but only by a very small margin. I don't remember the name of the study, or else I would link to it. :(
Assuming that other companies can produce search results that are competitive with Google, Google needs to maintain a good reputation, and continue to produce high quality secondary services like Google Maps if they want to keep their market share.
If they started to behave irresponsibly (eg: selling page rank, or compromising the usability of their interface to allow for more advertising), one of their competitors could easily steal the market from them. (MSN search comes to mind. *shudder*)
Having said that, I really respect Google's business practices, and wish them well in the future. I just hope their management continues to plan for a few years into the future. I've seen too many good companies trade their reputation for short term profits by abusing their customers, or by cheapening their product. (Personally, I don't see why everyone is so upset about Google's addition of animation to their graphical ads, but that's me...)
- Find a reader that has been used before, so someone's left a valid finger print on it.
- Place a piece of thin paper over the reader.
- Press gently to warm the paper up
- The reader sees a ghost of the last finger print, and the temperature sensor sees warmth + a pulse, so you're in.
I think there was an episode of McGyver where he used black paper and dusted for prints on the reader to increase contrast, but that isn't really necessary. More recently, this trick, which uses gelatin and requires access to the original finger was published, and seems to fool the really, really high end readers for about $10.I wonder if you could make a mold for the gelatin from a picture of the finger print and off the shelf components. If you had an old laser printer that dumped a think layer of toner onto a piece of transparency film, that might be enough, but there's probably a better/cheaper way to do it using chemical etching, or something like that...
Personally, I'm perfectly happy with ssh certificates for my authentication needs. If I cared about security more, I would disable password authentication for my accounts, so that the SSH key is required. The key itself is password protected, and stored in an unshared directory on my laptop.
In order to get access to the certificate, you need to break into my laptop or office (which is probably easy), but at that point, it doesn't matter what sort of authentication scheme I use... The password protection adds some security against script kiddies, since they would need to install a key sniffer on my system, or try to brute force it once they obtained a copy of my private key.
I run ssh-agent, so I get single sign-in for all of the unix systems I have access to, including ones that are in different administrative domains, and without any trusted centralized party to manage authentication.
Key authorities are expensive, and could be abused. Remember Microsoft Passport? Ignoring the fact that it was insecure, it was also a huge privacy problem, since it allows microsoft to track user behavior across multiple web sites, and applications (eg MSN Messenger). Do you want Bill Gates or Slammer 2006 to be able to send everyone you know a list of everything you bought/read last year? Do you want that information to be stored in a centralized repository without government regulation?
Multiple administrative domains really kill biometric and password based systems. If you use your atm card or thumbprint to buy groceries, then you are giving the grocery store everything it needs to fake your thumbprint or use your ATM card for fraudulant purposes. Now, if you use your thumbprint or the same pin for security sensitive data, you are effectively giving the grocery clerk the security sensitive data...
I think Bruce Schneier is right, passwords are obsolete. IMHO, biometrics are just expensive passwords that cannot be changed, and that are more easily stolen. If you're worried about security, run SSH, and set it up correctly. If you can't run SSH, use SSL/HTTPS certificates or something similar. If you want to use untrusted hardware, then get a USB dongle, and don't trust the hardware. ;)
Mounting the fan this way would help, but it seems difficult to scale up to multiple drives. On my home system, I have two hard drives in large CD-ROM bays and want to mount one low speed fan that blows air past the drives from the front of the case to the back.
I've jerry-rigged this already with some tape. The CPU temperature dropped by 20F, and the hard drive's temperature dropped to room temperature + 5F. (I also opened up the front of the case which probably helped a lot...)
The problem is that the installation looks terrible, and is noisy, since the fan is exposed to the outside of the case. Also, I don't really trust the tape to hold up over time.
I would like to do something that is more permanent and that is completely internal.
Hard drives have screw holes on the bottom that can be used for mounting, but these holes aren't used by the hard drive brackets that I have.
Perhaps one of them could be used to mount an 80mm fan like this, entirely inside of the case. (Some other case fan would be needed to provide fresh air, but this would make sure that the drives had air-flow.)
Here's the tricky part. I've drawn the fan so that it is flush with the cd-rom and the top of the case. It turns out that standard 80mm fans actually do take up all of the space. So, what type of commonly available, cheap mounting bracket will connect one of the screw holes on the bottom of the drive to the mounting hole on the fan? I think the best way to go is to pick something that will bend, and then use 2-4 of them to keep the fan from moving. Any ideas?
Is XP Pro really limited to 4 cpus? I wish my copy of Linux 2.6.11 Home Edition supported SMP... If only I'd forked over another $75 to Linus!
Anyway, in response to the parent, I'm pretty sure the reason that most people see an improvement with WinXP and hyperthreading is that hyperthreading subverts Windows's braindead scheduling policy.
(Unless they've changed this recently) By default, Windows puts CPU hungry jobs in the foreground, so if you're running multiple apps, the only one that responds well is the one updating its progress bar.
With multiple cores, you need to have at least one cpu intensive job per core before the scheduler can get in the way of interactive tasks.
I've always wondered what the "Schedule the CPU for my applications" vs. "Schedule the CPU for system services" toggle actually did. The services choice might lower the priority of processes that are CPU intensive. (If that is all that it does, it should increase responsiveness when you multitask, and I doubt it would have much effect on games or multimedia, but I could be wrong.)
I haven't noticed many image quality problems on my soon to be retired free 19" color set, although it was hard to set up nvtv correctly. I've since decided that my ancient 20" Dell Trinitron Monitor^H^H^H "HDTV" is a better option.
The monitor does 1600x1200@85Hz well, but that leads to bad 'stair stepping' artifacts on images with thin, straight lines, like anime.
1280x960 (twice 640x480, the resolution the PVR-250 is set to capture at) looks much better, and is still usable for web browsing, etc.
An HDTV tuner card would complicate matters since I'd need to pick a resolution that made sense after letterboxing... Ideally it would switch resolutions depending on whether it was playing NTSC, DVD or HDTV.
I also had to use xgamma to brighten up the image, since TV's have a higher gamma value than monitors, and the "brightness/contrast" adjustments on the monitor don't compensate for that.
- The 150 and 250 both do hardware encoding and software decoding. The 350 does hardware decoding. This isn't a big deal, since X (at least with nvidia cards) supports accelerated video decoding under linux. (The most important thing is support for hardware scaling) On the other hand the 350 is handy if you don't have a tv-out port on your video card.
- The 250 comes with a remote.
The PVR-250 is a good choice under linux since it works with MythTV and the remote is supported. On the other hand, the drivers are in beta.Also, I looked at the sample screenshots, and the PVR-150 card seems to be misconfigured. I don't see those artifacts under MythTV with my PVR-250.
.NET does this for Managed Code on Windows and
.NET stuff, so I shouldn't really comment, but 'incredibly fine grained' has me worried. I'd like to see a system that an average (joe-six-pack) user could use. Maybe
;) I looked at AIM, and it seems to be a similar mechanism.
= /library/en-us/dnlong/html/leastprivlh.asp
with an incredibly fine grained (and extensible) set of permissions.
I haven't seen the
"this application has access to:"
[] Networking
[] My Files
[] Multimedia devices (Camera, microphone, etc)
I would put one in for the registry, but I still think that sharing the registry across apps is a terrible idea. Maybe a box like this:
[] Store settings and files on my hard drive
The last option would give it a sandboxed directory, while "My Files" would let it out of the sandbox. I'm no HCI expert, this can't be that hard to define in a way that is intuitive to end users.
Application Impact Management - coming in Windows Longhorn
Check out the knoppix linux kernel patches. They already provide all of the kernel mechanisms needed for this.
I'm not sure that it goes far enough, however, as the description here:
http://msdn.microsoft.com/library/default.asp?url
makes it sound like the app can still nuke the user-account registry, and also makes it sound like the app's access to directories other than Program Files (and probably windows) is still unrestricted. To me, this seems to be more or less the equicalent to installing untrusted apps under a user's home directory under linux. (AIM's usability is probably better them manually installing stuff to home directories, but linux splits user configurations into seperate files, so they can be broken/repaired seperately.)
I would like a mechanism that is a bit more powerful, and deals with malicious softare that is attempting to access personal information or improperly access resources that I don't think it needs. SELinux provides a lot of hooks to deal with this sort of thing, but it is not easy to customize.
At least the dialog guards against the most common types of viruses and security holes. Sure, most users will blindly type in a password if a software installer asks them to, but what about an e-mail attachment or random internet site?
/tmp...
It would be better if the OS provided customizable permissions (grant networking access seperately from hard drive access, for example), but I've yet to see a good security setting setup or user interface to allow that sort of thing...
It would also be nice if you could 'spoof' root access to trick software into thinking it has full access to your system.
For instance, the OS could intercept all calls to update files outside of a folder called "buggy-app" on the desktop, and use an overlay file system and copy-on-write to store the changes in a special directory. Only the spoofed program would use the files that it created and modified, and the changes it performed could be reversed by deleting the stuff the OS put in
Add this to restricting read access to sensitive user information, and this could be a first step toward sandboxing applications.
There's plenty to learn if you want to use windows.
/mbr to the install disk, and the install disk hangs on boot if the partition table has been edited by debian. Also, XP refuses to leave some space at the beginning of the hard drive, preventing you from placing linux's boot partition in front of the @#$%! 8.4G bios limitiation that apparently still applies on some new computers. So much for assuming 'I'll have Linux create a boot partition 50Gig into the disk and install grub, I can just restore the MBR if necessary...')
You need to constantly upgrade IE, avoid malicious sites, learn which activeX warnings to click 'no' on, install anti-virus software, lock down your mail client, or learn to "view source" before clicking links in email, figure out which office features are correctly supported by newer/older versions of office, etc, etc.
Most people that ask me windows questions are having trouble with security or hardware trouble. I have similar problems with hardware under the two OS'es. (I only buy stuff that's supported under Linux.) As for security, there's no comparison.
Most of the people I work with (all Computer Science grad students, in other words, expert users) that run Windows XP have had their systems infected with viruses / spyware at least once over the last two years. I don't know anyone that's had this happen under Linux over that time period, and I know more Linux users than Windows users.
Why? It's simple. Linux software tends to be relatively secure by default, both in user interface terms, and in terms of underlying technology (for example, there is no activeX, and most software comes from a centralized, audited repository). Also, since Linux has a smaller user base, it is less of a target for phishing attacks, browser hijacks, worms, etc.
Besides, I "just turn on the machine and surf the web" once I have the OS installed, and last I checked, the infamous Debian installer worked much better in a dual-boot environment than the XP one.
(XP moves the equivalent of fdisk
No, in practice, debit cards are not covered by the zero liability plan. From VISA's site:
*Covers U.S.-issued cards only. Visa's Zero Liability policy does not apply to commercial card or ATM transactions, or to PIN transactions not processed by Visa. See your Cardholder Agreement for more details.
**Cardholders should always regularly check their monthly statements for transaction accuracy. Financial institutions may impose greater liability on the cardholder if the financial institution reasonably determines that the unauthorized transaction was caused by the gross negligence or fraudulent action of the cardholder--which may include your delay for an unreasonable time in reporting unauthorized transactions.
Before you think 'I can keep my PIN secret, so what's the problem?', try to figure out how a transaction was processed by looking at your bank statement. Was it credit or debit? What network processed the transaction?
I recently had my VISA card used fradulantly, and was stuck footing the bill.
The 'call this number if your card is lost or stolen' number on the back of the card didn't work. Apparently, the organization that I contacted does not handle debit cards.
The charge was for $40; the zero liability plan applies to the first $50 of fradulant transactions.
Of course, my bank "didn't know" how the charges were made, and ATM/pin transactions are not covered, so I couldn't take advantage of the Zero Liability policy without paying the bank to figure it out for me.
I found that the vendor (McAfee) was totally unresponsive (I never managed to contact a human being after trying for a few hours), so I could not obtain any information about the transaction (I thought I would get an IP address or a shipping address. Yeah, right!)
The bank wanted to charge well over $100 to 'launch an investigation', which would be billed as an initial cost plus an hourly fee, and could drag on indefinitely.
VISA charges vendors a few percentage points of every purchase you make. If the per-transaction fees aren't being used to combat fraud on the network, or even to maintain contact information for a handful of major vendors, what are they for?
If the average amount of a transaction is $5, and Visa takes 1% (two very low estimates), that's costing the vendor $0.05. For what? Sending a few kilobytes of data over an encrypted line? Running a (really expensive!?!) database transaction?
I've been dumping around a bit over 1% of my income into this network for years. If federal tax is 20%, that's roughly as much as I've put into the department of education and department of transportation, combined!
At this point, I think I'll just carry cash, since its less of a hassle. If I get mugged, I'm out $100, and that's it. With a VISA card, I get to negotiate with my bank over who is liable for what, and there is a huge risk of electronic fraud. Besides, using cash keeps prices lower, and most businesses are happy to accept it.