Oh, and for bonus points...how about another connect to allow this network KVM to function as a floppy boot device? IE, I would transfer a floppy image (say a BIOS update or a Ghost boot disk) to the KVM from my workstation, reboot and have the remote system boot to the "Floppy" on the KVM. Then I "eject" the floppy and reboot into the normal mode.
I forgot that floppy swapping is another big reason I've had to make wasteful trips to the server room, which I would like to eliminate.
Wouldn't it be nice if you had a box you could tack onto your existing system to pump the basic IO over your existing CAT-5 wiring? My ideal unit would have the following
Input jumper for power switch control
Input jumper for reset button control
Light sensor for power light
Light sensor for HDD light
Light sensor for Link light
Light sensor for Act light
Serial PS/2 port for keyboard
Serial PS/2 port for mouse
15-pin RGB port for monitor
Here's how it would work. You mount the box on the back of your server unit and connect your power and reset buttons to the unit and connect the unit to the reset/power jumpers on the motherboard. You stick the light sensors near the respective LEDs. You wire up the KVM to the unit and optionally plug the local devices into the unit.
Now, the unit is a little linux box that takes the input and sends it over the network (now we're using VNC) to my remote session. The bonus is that I can still see the unit if it's crashed (the VNC service or the whole dang box). I can boot into the BIOS and make changes. I can run utilites and so on from DOS sessions. Plus, I can click a button and reset the box, or power it down. If I connect to the session and see no image, I can see if the power light is on or if there is any hard drive/network activity.
I can think of about a billion times in my techie lifespan that I've wished for such a device. Yes, I know there devices you can use to remotely power off a computer. Yes, I know I could setup a webcam to monitor some lights. Yes, I know VNC gets me most of the way there.
But it's not cost effective to buy one of these for each server. I would rather have one box that could control 4/8/16 boxes. It's just a standard KVM with some extra inputs attached to its own dedicated Linux box!
So please, Linksys, Belkin...whoever...can't someone please build this, or show me a link to something like this?
When are MS, Sony and others going to learn that any sort of system like this will be broken? They should take a tip from the gaming industry
Which tip would that be? The tip where I am forced to insert a perticular CD-ROM every time I want to play a game? And swap for another CD when I want to play a different game? And waste one of my precious IDE devices on a drive that can only hold about 700MB of information (eg, one game) instead of 100000MB (eg, every game)?
Or do you mean the tip where they deliberately use bad sectors and audio subchannels to copy protect a physical CD so that I can't make a backup copy and so if it gets scratched I have to send away for a new one?
Before you hand the gaming industry their halos, put away that easy to install, bloat-free, no CD check game rip you downloaded off IRC and go buy the same game in your local computer store. I guarantee you'll be as fed up as I am.
I know you are referring to the fact that games no longer play this "what word is on page 3" BS but despite the fact that the gaming industry claimed they dropped those kind of games "because we love our customers and don't want to hassle them" the real reason is that a) they weren't effective since you could just photocopy the page/keywheel/chart and b) they could be cracked/patched around anyway and c) the gaming industry was moving to CDs, which was copy protection enough since CDs were SO HUGE and SO IMPOSSIBLE to copy/distribute.
Now that CDs are about as easy/cheap to copy as the old floppy disks, we are starting to see the exact same crap. In case you are too young to remember this floppy games (Arkanoid comes to mind) used bad sectors on the game floppy to prevent someone from making a copy the same way the new CDZilla/etc protected CDs do.
As CloneCD images become more rampant, I fully expect to see game publishers making Internet registration mandatory so they can play the same kind of copy protection games they used to play with funny symbols in the manual. Of course, they will be completely ineffective at stopping piracy, but they will be yet another annoyance that customers are forced to endure from the wonderful, trusting folks in the gaming industry.
I remember back a couple years ago when eBay frauds were big news...some article was suggesting that whenever possible involve the US Mail system. Have them mail you a quote, or mail payment information or such.
The thing about it is, mail fraud is a federal crime which much higher penalties than other forms of fraud (Internet fraud being generally unclassified). If you get ripped off online, you can try to complain to your local police, or the police in the criminal's jurisdiction (if you can find it) but you will probably get nothing.
In you involve the mail system, then the it becomes a federal issue that is tackled by the Office of the Postmaster General and/or the FBI?
Don't quote me on this, but it would be definitely something to ask your local post office about. If a seller is legit, they should have no problem putting some information on paper and mailing it to you, right?
Other than that...the other thing that was suggested is use a credit card. Paypal had a big fight with credit card agencies on whether people can dispute Paypal charges for fraudulent auctions, but I seem to remember that the courts came down on the side of consumers (yes they could dispute) forcing Paypal to get insurance.
Sorry I couldn't find a link, but maybe it helps narrow down your searching?
The whole problem with DRM, in my opinion, is the flawed mentality behind pay-per-use. Pay-per-use is complete BS. Movies with plot twists like The Crying Game or Being John Malkovich can really be only watched once before losing significant effect. On the other hand, some songs can be listened to over and over again without you getting sick of them.
I would love to see a future where DRM divides media into "pools" of content and creates connetions between pools.
For example, Paying $X fee adds a movie to my pool. It doesn't matter if I go see it in a theater, or on video, or streaming from a website...i forever have the right to watch that movie whenever and whereever I choose. I see this adding value because it creates a huge market for alternate formats.
Let's say I'm offended by foul language. The studio may not see the value in marketting a movie below an R rating. However, on the other side of things...if some small company wants to create a PG version of the movie, they can't because they don't own the rights. Under the pool system, I pay the fee to add the movie to my pool, and then I go get it from whoever I want. That may be the studio's distribution company releasing the R-rated version on DVD, or it may be that small company's PG version on VCD.
Content pools also need to cover all media forms. If I pay into a pool for a song, that should give me the rights to the video, the lyrics, the songsheet, etc. Studio wants to release bonus footage for a movie already out? That's fine except everyone already in the content pool for that movie thanks to previous purchase automatically gets access.
Pools also need to overlap based on real-world relationships. I should be allowed to cross into other pools. For example, it is logical that if my sister owns a CD, I could listen to it. I technically have access through her. So my content pool would also include the ability to access anything in the content pools of my friends and family. The only difference is that it would not extent to anyone who had me listed as friends or family. IE, I can "borrow" a song that my friend purchased, but a non-mutual friend could not then "borrow" that same song from me. Or perhaps they could, but they would have to have an additional "extra generation" fee to be paid.
Content pools should also be linked topically to provide additional value. For example, purchasing the pool of an extire favorite series, like Simpsons or Star Trek. Or even larger, a Sci-Fi or Animation pool to inclusely give me access to everything at once. Considering how there are not addtional costs, it makes sense for companies to offer wholesale licensing to their entire collection. Media distribution and mass production are completely separate. Yes I'll have to pay for the CD, but if I can do it myself, I can save myself some money. If there's a market to release it in vinyl, someone can do that.
The key to this whole paradigm is separating content from format. There needs to be companies that make money from producing content and other companies that make money from distributing content and NOT BOTH. If I found a better way to distribute things, I should be allowed to walk out tomorrow and make a company to do it. I don't have to worry about licensing, that burden is on the user. Someone comes across my media, they whip over to the DRM warehouse, at it to their pool, and then enjoy my version.
- JoeShmoe
Re:You have never worked in corporate have you ?
on
GOVNET In the Works
·
· Score: 2, Informative
No, I have worked in corporate IS/IT and here's my experience:
If there is a business need to someone with a leather chair, and a nice enough view...then it will happen. I had to install AOL countless times working in corporate environments (big fun since NT was also the standard and AOL doesn't play nice on NT). Why? Because I wanted to keep my job. "I'm sorry sir, but installing AOL would breach security" is a nice technically sound position, but you need to have someone with the letters "VP" in his title to back that up or the question is "why can't you make it work with AOL and be secure?"
I just think it's impossible to prevent crossovers between GOVNET/Internet because users are going to balk at having two boxes on their desk. Someone, somewhere is going to present a business case for Internet access (how are the GOVNET techies supposed to download drivers unless everything is mirrored internally?) and once that happens I'm positive they won't be smart enough to have an air firewall between them. Multiply that risk by the number of agencies involved and I think the chance of someone making a mistake and leaving a window open are quite good.
Which, again, brings me to my main point...will a separate network make GOVNET security weak? Will they be lazy? Or will they have a properly secured Internet-ready network AND have the separated network security layer to boot?
- JoeShmoe
Re:This is the dumbest thing I've ever heard of
on
GOVNET In the Works
·
· Score: 2
I don't think that will work. Governement agencies run all sorts of crazy crappy proprietary programs. There are few standards so it's pretty much left up to each individual agency (or even region by region) to pick and choose what they want to use. They probably aren't just doing e-mail or they could make do by giving every government employee a two-way pager and be done with it.
If businesses aren't quite ready to embrace thin clients, I can't imagine the government being so on the ball technically that they are even aware that's an option. Besides, if it runs TCP/IP then there is some way it can be hacked. It may take physical tampering on the site, but where there's a will, there's a way. Building that wall gives a false sense of security.
- JoeShmoe
This is the dumbest thing I've ever heard of
on
GOVNET In the Works
·
· Score: 5, Insightful
This is our government's security expert? This is his big plan to keep government data safe?
The Internet is everywhere. It's so purvasive that there is zero chance you can have any isolated network. The second some low-level government flunkie at the Bureau of Railroad Employee Retirement signed onto AOL to check his e-mail, boom, there's a gateway.
My thinking is that they plan to use GOVNET as an excuse to be lazy. Everything will have minimal authentication because there's no way big bad hackers can get on the network, right? Except that any PC on the network can easily become a gateway. There are plenty of examples of "private" and "secure" networks that were breached through classic hacking techniques like social engineering and wardialing.
This is stupid. What bout PPTP/VPN? Why can't they just make a virtual network that runs over the Internet like every other business is doing? The infrastructure costs are minimal because you aren't running redundant wiring. It's just as secure, in fact, it's more secure because you are going to be extra paranoid about things like password schemes and encryption levels if it has to survive some public data transfer points.
A few years ago, AOL tried to market this to companies. They called it EOL for Enterprise OnLine. Basically, for a fixed fee per user, all your employees got AOL accounts and access to a private keyword with your company's Intranet.
Except no one but Century21 ever signed up, as I suspect they got a good deal for being a test case. No one saw the point when security, done properly, is going to produce a much more versitile and cheaper result.
To make an analogy, this guys is suggesting that every government office get a tin can and a string so that they can communicate securely because there's alwaye the potential for someone to tap the phone lines.
Because I'm trading one piece of proprietary software for another. Let's say AOL does something to break eNetBot (like they did to MSN Messenger several times)...well I will be SOL if eNetBot Inc. can't fix it in a timely fashion.
Contrary to what you may think, I don't have a problem with someone making money off this piece of software. But can't I still be allowed to lament the fact that the underlying information isn't available? Compare this eNetBot thing to what the original article was about.
Original article is a document explaining how the AOL protocol is formatted, as well as some basic functions to demonstrate usage. Five out of five stars. eNetBot doesn't explain anything but offers me an alternative to the piggish AOL client for e-mail. Nice, but still only four out of five stars. Thus, my pity comment.
I'd much prefer a website that went something like "here's how to write your own interface to access your AOL Mail via the website...oh by way if you're interested I've already written one and you can have it for $X".
Yes, this is very, very good. That's a very smart idea. Seeing as how AOL caved to the pressure to have a webmail system, it seems only logical that someone would rip apart the HTML and figure out all the FORM POST commands necessary to fill in the proper boxes on AOL's mail page.
http://www.enetbot.com/ for those also curious.
Pity it's $20 shareware, but this is very good. That takes care of request A from my post...now can any clever soul provide a solution for converting/importing previous mail?
In my opinion, logging on and enjoying AOL's so-called services was never 1/10 of the problem as their stupid crappy propritary mail system.
Back around 1996 or so, I was part of an AOL beta program that released a MAPI interface for AOL mail servers. IE, you could add the AOL mail server to your Outlook config and download your AOL mail right into Outlook.
Of course, the AOL exec freaked out when they considered how many eyeballs their advertisers would lose if everyone uninstalled the AOL client and kept their mail via Outlook. So the program was canned, and I was unfortunately too short-sighted to save a copy of that MAPI tool before the area was closed down.
Ever since, I've been trying to get my sister/parents/grandparents off AOL. Not to mention that AOL never supported Windows NT because they couldn't figure out how to install their stupid AOL Adapter TCP shunt thing. So for years my relatives were forced to run a crappy 16-bit (Win 3.11) version of the AOL client for the sole purpose of checking e-mail.
AOL's mail service is terrible but a lot of people don't want to change their e-mail addresses. If you really want to do a great services to help newbies move beyond their AOL shackles...please, I implore you:
A) Reverse engineer the AOL mail protocol so that external programs can at least READ AOL mail (sending, unsending, and AOL custom features are optional)
B) Reverse engineer the AOL mail database (local copy of stored mail) so that it can be imported into another program.
Even after I got a couple family members to switch over to Hotmail, they still have to use the AOL client to read their old mail. It's that or save it all as flat text and lose all the important header information.
Also, a bonus to reverse engineering the AOL mail database would be the ability to sync mail with your Palm. The AOL client for Palm is 400KB and can only dial-up, not sync.
Please post reply if you know of any project working on the AOL mail/database formats. Thank you!
The main problem is it's in the middle of nowhere (Mapquest link [mapquest.com] ), about 50 miles from Topeka. Paying the local loop charges for dedicated (and redundant) Internet access is probably going to cost a fortune
And it doesn't for HavenCo/Sealand? Which is easier...running a line on dry (flat) land or over a body of water?
Besides, this type of situtation is what wireless is for. Come to think of it, HavenCo/Sealand uses wireless for a couple of their links (IIRC).
The real question...when the FBI comes knocking...will they be able to get in? I don't know if they have the equipment to take out a 47-ton door...but you better fill that silo with food and supplies because the second you step out you are theirs.
When working on a major (2000 PC) rollout for a customer, we had a large number of Maxtor drives fail within the first week (on the order of every other drive). We ultimately found that all of the drives shared a similar make/model and serial range.
Eventually tracking it back through the vendor (Compaq) we found other customers reporting the same thing. Compaq was of the opinion that someone in the warehouse probably dropped the pallet and didn't tell anyone. The drives were run through the assembly process and ended up being sprinkled around many different orders. It was only when we ran the 2000-unit rollout at enough attention was given to notice the common factors.
What you are talking about sounds very similar. Pallet drops happen a lot when warehouses cheap out on forelift operators, or worse try to train some minor tech how to operate one. It could be that IBM isn't really paying attention to the "big picture" in this situation. They are probably replacing the drives on a case-by-case basis. Unless a major customer orders a huge quantity that then turns out to have a high percentage of failure, I doubt IBM would notice.
For my experience, I've only owned on IBM drive (not at the computer that has it now, but it is an old 3.2GB model). For three years now it has been reporting "immenent failure" to my SMARTII BIOS and I have yet to have it actually go bad. I just tend not to use them because they generally cost more and I don't have any problem doing a shop-n-swap when cheap "on sale" drive blows chunks.
Oh, true, I should have qualified that. NT4:SP3 is what I install standard from my installation source. I very rarely even bother to apply SP6 (7 now?) because I don't need Access Y2K bugfixes and I refuse to touch NTFS 5.0 with a ten foot pole at the end of another ten foot pole.
I made the mistake of copying some data to a NTFS 5.0 drive, got an error message, rebooted and found my $volume had become corrupt. Microsoft's attitude was "Shit Happens, restore from backup". That's all fine well and good, if the hard drive had physically died I would have accepted the data loss...but Microsoft's whole attitude is that it's more important to have new features than reliability. Backups should never been my first line of defense. The OS should have the smarts to recover SOME portion of the data. Given that OnTrack EasyRecovery wasn't able to find anything, I had to lose the data...but I swore I would never again touch NTFS 5.
Wasn't there a similar article a couple years ago that shows conclusively that Windows NT 4.0 was faster than Windows 2000 and a wide range of tasks?
I think Windows NT 4.0 marked Microsoft's pinnacle of acheivement. If it wasn't for the lack of USB support I would have never upgraded. Even for a server role, there are a lot of USB devices that a modern server needs to access (like DSL modems, many newer UPS's, cameras for security, additional serial/parallel devices, etc).
Why oh why can't someone develop a third party solution? Or does one exist? DirectX and translucency I can do without...but USB is just too useful to do without.
I think it is especially embarassing that Microsoft/Netscape cannot grandularize the ActiveX or JavaScript functionality. Your choices are "Run All" or "Run None". There needs to be a way to differetiate between normal redirection (which is often used by legit sites)or pop ups (which is of course used in advertising) and those malicious elements such as "On Back" or "On Close" or "Maximize Full Screen with no buttons anywhere". I cannot stand it when I have a button in my taskbar that refuses to respond to a right-click Close command. That kind of control interferes with my GUI and should not be tolerated.
Optional in the sense that a good ol' fashioned photo ID would be sufficient. I wouldn't *have* to have this national ID. The existing infrastructure would remain. But if I wanted to consolidate everything, I would have the option to replace all my current cards with one single national card.
Yes, I meant "optional" in that the law that allows for the creation of said national ID should be written to prevent this kind of encroachment.
If should be illegal for any business or individual to refuse to provide a good or service because you fail to provide a national ID.
I'm not saying it wouldn't be more difficly...but there is some website out there that chronicles the life of someone trying to live without a SSN. It takes more work and a lot of letter writing but it works.
This should be the same way. National ID if you have it, SSN/Drivers license/Credit card if you don't.
How is this any less secure than someone getting ahold of my SSN? The SSN is already the holy grail of indentity theft.
From you SSN I can get your name and current address. From that I can get a copy of your birth certificate, which gives me your birthdate and birthplace as well as your mother's maiden name.
99% of all security questions ask your SSN, your birthdate, your birth city and your mother's maiden name. That's why (as far as bank/CC applications are concerned) my mother's maiden name is something like 45gfyte33. If they tru to give me grief about not using my real mother's maiden name I tell them I'm an orphan.
If I know your SSN I can steal your identity. Of course, having more information saves me the time of having to write snail mail to the Social Security Administration but in this society, where everything is keyed to a single nine-digit number, no one is secure.
But this is not what I'm suggesting. Look at the front of your credit card. Count the numbers (15, 16, whatever). Now flip it over. In the area where you put your signature you'll find a number printed. Count the digits. There will be three extra, your credit card number plus three extra digits. That's your credit card's "PIN" number (I think it's called a CCV2 number or something). Banks have this number. You have this number. But someone who dumpster dives or hacks into a CC database won't have this number because it is never stored as part of the transaction.
There doesn't just have to be one CCV2 code. There could be like twenty. Or why not let me pick one for each function? I can give a different one to every vendor, and that way I can track where it was stolen. And if it is stolen, everything else is secure.
PINs saved the banking industry from massive amounts of identity theft and basically made ATMs possible. PIN numbers aren't the most secure thing, but like I said, they are no worse than what we currently have.
One unique ID that can log me into my systems, allow people to contact me, allow me to make purchases and make the coffee machine brew exactly the way I like it? Sign me up!
This is no different than what we have now with Social Security Number, Driver's License, MasterCard, IP Address. The difference is that all these numbers aren't interchangable.
Security issues? Use PINs or biometrics. Big Brother issues? Allow users to control their database entried, or opt-out entirely.
I don't find this very comforting. Right now IBM and Sun are behind Linux because it is the lesser of three evils, at least as I understand it.
Evil #1 maintaining and supporting an ancient proprietary UNIX distribution that small companies can't afford and big companies would replace if they could.
Evil #2 go crawling back to Microsoft to apologize and sign on as an official NT solution provider, adding your valuable bits to the great big gogglymuck of code that will run on everything from toasters to the NSA supercomputers.
Evil #3 toss everything out there and hope for a repeat of the early 80s when opening the BIOS and hardware caused the creation of a huge goods and services market.
Right now IBM is investing heavily into Linux because it's the best option. If Linux gains a majority marketshare, then IBM as an early adoptor will be in a comfy position. Having a smaller piece is okay if the pie is enormous.
BUT
If SSSCA passes and the cost of compliance with Linux/OpenSource becomes prohibitive, it's no longer the best option. In which case IBM will either SSSCA patch AIX and move on with that, or decide to port DB2 and everything else to 2000 Datacenter and push that.
IBM/Sun are happy to be fair weather friends to Linux but I SERIOUSLY doubt they are willing to throw money at Congressmen on its behalf.
They are a sympathic cause. Why do you think they have gambling? Because it was called the "Vegas Casinos Make Billions, Why Can't We" Act? No, it was "Indian Self-Reliance". All of the major casino groups lobbied like mad to try to get people to vote against it, but it was tough to make it look like they were victims. The Indian leaders talked about all the jobs, schools, medicine and food it would bring them. Casinos had to try to sidetrack the issue and dwell on the fact that Indians didn't have to pay taxes on their income, wah wah.
So, if the Indian nations want to try to get self-reliance by forming an electronic economy, lawmakers are going to have a tough time siding with their traditional lobbyists. Who wants to appear to be trouncing on the already impoverished Indian nations to line the pockets of a few select media corporations? I think it would be an interesting way to test the laws, and that's why I would encourage people to investigate this.
Slashdot Mirror
Oh, and for bonus points...how about another connect to allow this network KVM to function as a floppy boot device? IE, I would transfer a floppy image (say a BIOS update or a Ghost boot disk) to the KVM from my workstation, reboot and have the remote system boot to the "Floppy" on the KVM. Then I "eject" the floppy and reboot into the normal mode.
I forgot that floppy swapping is another big reason I've had to make wasteful trips to the server room, which I would like to eliminate.
- JoeShmoe
Before you yell out VNC, follow me...
Wouldn't it be nice if you had a box you could tack onto your existing system to pump the basic IO over your existing CAT-5 wiring? My ideal unit would have the following
Input jumper for power switch control
Input jumper for reset button control
Light sensor for power light
Light sensor for HDD light
Light sensor for Link light
Light sensor for Act light
Serial PS/2 port for keyboard
Serial PS/2 port for mouse
15-pin RGB port for monitor
Here's how it would work. You mount the box on the back of your server unit and connect your power and reset buttons to the unit and connect the unit to the reset/power jumpers on the motherboard. You stick the light sensors near the respective LEDs. You wire up the KVM to the unit and optionally plug the local devices into the unit.
Now, the unit is a little linux box that takes the input and sends it over the network (now we're using VNC) to my remote session. The bonus is that I can still see the unit if it's crashed (the VNC service or the whole dang box). I can boot into the BIOS and make changes. I can run utilites and so on from DOS sessions. Plus, I can click a button and reset the box, or power it down. If I connect to the session and see no image, I can see if the power light is on or if there is any hard drive/network activity.
I can think of about a billion times in my techie lifespan that I've wished for such a device. Yes, I know there devices you can use to remotely power off a computer. Yes, I know I could setup a webcam to monitor some lights. Yes, I know VNC gets me most of the way there.
But it's not cost effective to buy one of these for each server. I would rather have one box that could control 4/8/16 boxes. It's just a standard KVM with some extra inputs attached to its own dedicated Linux box!
So please, Linksys, Belkin...whoever...can't someone please build this, or show me a link to something like this?
- JoeShmoe
When are MS, Sony and others going to learn that any sort of system like this will be broken? They should take a tip from the gaming industry
Which tip would that be? The tip where I am forced to insert a perticular CD-ROM every time I want to play a game? And swap for another CD when I want to play a different game? And waste one of my precious IDE devices on a drive that can only hold about 700MB of information (eg, one game) instead of 100000MB (eg, every game)?
Or do you mean the tip where they deliberately use bad sectors and audio subchannels to copy protect a physical CD so that I can't make a backup copy and so if it gets scratched I have to send away for a new one?
Before you hand the gaming industry their halos, put away that easy to install, bloat-free, no CD check game rip you downloaded off IRC and go buy the same game in your local computer store. I guarantee you'll be as fed up as I am.
I know you are referring to the fact that games no longer play this "what word is on page 3" BS but despite the fact that the gaming industry claimed they dropped those kind of games "because we love our customers and don't want to hassle them" the real reason is that a) they weren't effective since you could just photocopy the page/keywheel/chart and b) they could be cracked/patched around anyway and c) the gaming industry was moving to CDs, which was copy protection enough since CDs were SO HUGE and SO IMPOSSIBLE to copy/distribute.
Now that CDs are about as easy/cheap to copy as the old floppy disks, we are starting to see the exact same crap. In case you are too young to remember this floppy games (Arkanoid comes to mind) used bad sectors on the game floppy to prevent someone from making a copy the same way the new CDZilla/etc protected CDs do.
As CloneCD images become more rampant, I fully expect to see game publishers making Internet registration mandatory so they can play the same kind of copy protection games they used to play with funny symbols in the manual. Of course, they will be completely ineffective at stopping piracy, but they will be yet another annoyance that customers are forced to endure from the wonderful, trusting folks in the gaming industry.
- JoeShmoe
STILL waiting for FDM-ROM to hit the market...
http://www.constellation3d.com
- JoeShmoe
I remember back a couple years ago when eBay frauds were big news...some article was suggesting that whenever possible involve the US Mail system. Have them mail you a quote, or mail payment information or such.
The thing about it is, mail fraud is a federal crime which much higher penalties than other forms of fraud (Internet fraud being generally unclassified). If you get ripped off online, you can try to complain to your local police, or the police in the criminal's jurisdiction (if you can find it) but you will probably get nothing.
In you involve the mail system, then the it becomes a federal issue that is tackled by the Office of the Postmaster General and/or the FBI?
Don't quote me on this, but it would be definitely something to ask your local post office about. If a seller is legit, they should have no problem putting some information on paper and mailing it to you, right?
Other than that...the other thing that was suggested is use a credit card. Paypal had a big fight with credit card agencies on whether people can dispute Paypal charges for fraudulent auctions, but I seem to remember that the courts came down on the side of consumers (yes they could dispute) forcing Paypal to get insurance.
Sorry I couldn't find a link, but maybe it helps narrow down your searching?
- JoeShmoe
The whole problem with DRM, in my opinion, is the flawed mentality behind pay-per-use. Pay-per-use is complete BS. Movies with plot twists like The Crying Game or Being John Malkovich can really be only watched once before losing significant effect. On the other hand, some songs can be listened to over and over again without you getting sick of them.
I would love to see a future where DRM divides media into "pools" of content and creates connetions between pools.
For example, Paying $X fee adds a movie to my pool. It doesn't matter if I go see it in a theater, or on video, or streaming from a website...i forever have the right to watch that movie whenever and whereever I choose. I see this adding value because it creates a huge market for alternate formats.
Let's say I'm offended by foul language. The studio may not see the value in marketting a movie below an R rating. However, on the other side of things...if some small company wants to create a PG version of the movie, they can't because they don't own the rights. Under the pool system, I pay the fee to add the movie to my pool, and then I go get it from whoever I want. That may be the studio's distribution company releasing the R-rated version on DVD, or it may be that small company's PG version on VCD.
Content pools also need to cover all media forms. If I pay into a pool for a song, that should give me the rights to the video, the lyrics, the songsheet, etc. Studio wants to release bonus footage for a movie already out? That's fine except everyone already in the content pool for that movie thanks to previous purchase automatically gets access.
Pools also need to overlap based on real-world relationships. I should be allowed to cross into other pools. For example, it is logical that if my sister owns a CD, I could listen to it. I technically have access through her. So my content pool would also include the ability to access anything in the content pools of my friends and family. The only difference is that it would not extent to anyone who had me listed as friends or family. IE, I can "borrow" a song that my friend purchased, but a non-mutual friend could not then "borrow" that same song from me. Or perhaps they could, but they would have to have an additional "extra generation" fee to be paid.
Content pools should also be linked topically to provide additional value. For example, purchasing the pool of an extire favorite series, like Simpsons or Star Trek. Or even larger, a Sci-Fi or Animation pool to inclusely give me access to everything at once. Considering how there are not addtional costs, it makes sense for companies to offer wholesale licensing to their entire collection. Media distribution and mass production are completely separate. Yes I'll have to pay for the CD, but if I can do it myself, I can save myself some money. If there's a market to release it in vinyl, someone can do that.
The key to this whole paradigm is separating content from format. There needs to be companies that make money from producing content and other companies that make money from distributing content and NOT BOTH. If I found a better way to distribute things, I should be allowed to walk out tomorrow and make a company to do it. I don't have to worry about licensing, that burden is on the user. Someone comes across my media, they whip over to the DRM warehouse, at it to their pool, and then enjoy my version.
- JoeShmoe
No, I have worked in corporate IS/IT and here's my experience:
If there is a business need to someone with a leather chair, and a nice enough view...then it will happen. I had to install AOL countless times working in corporate environments (big fun since NT was also the standard and AOL doesn't play nice on NT). Why? Because I wanted to keep my job. "I'm sorry sir, but installing AOL would breach security" is a nice technically sound position, but you need to have someone with the letters "VP" in his title to back that up or the question is "why can't you make it work with AOL and be secure?"
I just think it's impossible to prevent crossovers between GOVNET/Internet because users are going to balk at having two boxes on their desk. Someone, somewhere is going to present a business case for Internet access (how are the GOVNET techies supposed to download drivers unless everything is mirrored internally?) and once that happens I'm positive they won't be smart enough to have an air firewall between them. Multiply that risk by the number of agencies involved and I think the chance of someone making a mistake and leaving a window open are quite good.
Which, again, brings me to my main point...will a separate network make GOVNET security weak? Will they be lazy? Or will they have a properly secured Internet-ready network AND have the separated network security layer to boot?
- JoeShmoe
I don't think that will work. Governement agencies run all sorts of crazy crappy proprietary programs. There are few standards so it's pretty much left up to each individual agency (or even region by region) to pick and choose what they want to use. They probably aren't just doing e-mail or they could make do by giving every government employee a two-way pager and be done with it.
If businesses aren't quite ready to embrace thin clients, I can't imagine the government being so on the ball technically that they are even aware that's an option. Besides, if it runs TCP/IP then there is some way it can be hacked. It may take physical tampering on the site, but where there's a will, there's a way. Building that wall gives a false sense of security.
- JoeShmoe
This is our government's security expert? This is his big plan to keep government data safe?
The Internet is everywhere. It's so purvasive that there is zero chance you can have any isolated network. The second some low-level government flunkie at the Bureau of Railroad Employee Retirement signed onto AOL to check his e-mail, boom, there's a gateway.
My thinking is that they plan to use GOVNET as an excuse to be lazy. Everything will have minimal authentication because there's no way big bad hackers can get on the network, right? Except that any PC on the network can easily become a gateway. There are plenty of examples of "private" and "secure" networks that were breached through classic hacking techniques like social engineering and wardialing.
This is stupid. What bout PPTP/VPN? Why can't they just make a virtual network that runs over the Internet like every other business is doing? The infrastructure costs are minimal because you aren't running redundant wiring. It's just as secure, in fact, it's more secure because you are going to be extra paranoid about things like password schemes and encryption levels if it has to survive some public data transfer points.
A few years ago, AOL tried to market this to companies. They called it EOL for Enterprise OnLine. Basically, for a fixed fee per user, all your employees got AOL accounts and access to a private keyword with your company's Intranet.
Except no one but Century21 ever signed up, as I suspect they got a good deal for being a test case. No one saw the point when security, done properly, is going to produce a much more versitile and cheaper result.
To make an analogy, this guys is suggesting that every government office get a tin can and a string so that they can communicate securely because there's alwaye the potential for someone to tap the phone lines.
Re-freakin-diculous.
- JoeShmoe
You ask, why is it a pity?
Because I'm trading one piece of proprietary software for another. Let's say AOL does something to break eNetBot (like they did to MSN Messenger several times)...well I will be SOL if eNetBot Inc. can't fix it in a timely fashion.
Contrary to what you may think, I don't have a problem with someone making money off this piece of software. But can't I still be allowed to lament the fact that the underlying information isn't available? Compare this eNetBot thing to what the original article was about.
Original article is a document explaining how the AOL protocol is formatted, as well as some basic functions to demonstrate usage. Five out of five stars. eNetBot doesn't explain anything but offers me an alternative to the piggish AOL client for e-mail. Nice, but still only four out of five stars. Thus, my pity comment.
I'd much prefer a website that went something like "here's how to write your own interface to access your AOL Mail via the website...oh by way if you're interested I've already written one and you can have it for $X".
- JoeShmoe
Yes, this is very, very good. That's a very smart idea. Seeing as how AOL caved to the pressure to have a webmail system, it seems only logical that someone would rip apart the HTML and figure out all the FORM POST commands necessary to fill in the proper boxes on AOL's mail page.
http://www.enetbot.com/ for those also curious.
Pity it's $20 shareware, but this is very good. That takes care of request A from my post...now can any clever soul provide a solution for converting/importing previous mail?
- JoeShmoe
In my opinion, logging on and enjoying AOL's so-called services was never 1/10 of the problem as their stupid crappy propritary mail system.
Back around 1996 or so, I was part of an AOL beta program that released a MAPI interface for AOL mail servers. IE, you could add the AOL mail server to your Outlook config and download your AOL mail right into Outlook.
Of course, the AOL exec freaked out when they considered how many eyeballs their advertisers would lose if everyone uninstalled the AOL client and kept their mail via Outlook. So the program was canned, and I was unfortunately too short-sighted to save a copy of that MAPI tool before the area was closed down.
Ever since, I've been trying to get my sister/parents/grandparents off AOL. Not to mention that AOL never supported Windows NT because they couldn't figure out how to install their stupid AOL Adapter TCP shunt thing. So for years my relatives were forced to run a crappy 16-bit (Win 3.11) version of the AOL client for the sole purpose of checking e-mail.
AOL's mail service is terrible but a lot of people don't want to change their e-mail addresses. If you really want to do a great services to help newbies move beyond their AOL shackles...please, I implore you:
A) Reverse engineer the AOL mail protocol so that external programs can at least READ AOL mail (sending, unsending, and AOL custom features are optional)
B) Reverse engineer the AOL mail database (local copy of stored mail) so that it can be imported into another program.
Even after I got a couple family members to switch over to Hotmail, they still have to use the AOL client to read their old mail. It's that or save it all as flat text and lose all the important header information.
Also, a bonus to reverse engineering the AOL mail database would be the ability to sync mail with your Palm. The AOL client for Palm is 400KB and can only dial-up, not sync.
Please post reply if you know of any project working on the AOL mail/database formats. Thank you!
- JoeShmoe
Turning a hose on your school.
"Attention students, school is cancelled because the classroom has melted."
- JoeShmoe
The main problem is it's in the middle of nowhere (Mapquest link [mapquest.com] ), about 50 miles from Topeka. Paying the local loop charges for dedicated (and redundant) Internet access is probably going to cost a fortune
And it doesn't for HavenCo/Sealand? Which is easier...running a line on dry (flat) land or over a body of water?
Besides, this type of situtation is what wireless is for. Come to think of it, HavenCo/Sealand uses wireless for a couple of their links (IIRC).
The real question...when the FBI comes knocking...will they be able to get in? I don't know if they have the equipment to take out a 47-ton door...but you better fill that silo with food and supplies because the second you step out you are theirs.
- JoeShmoe
When working on a major (2000 PC) rollout for a customer, we had a large number of Maxtor drives fail within the first week (on the order of every other drive). We ultimately found that all of the drives shared a similar make/model and serial range.
Eventually tracking it back through the vendor (Compaq) we found other customers reporting the same thing. Compaq was of the opinion that someone in the warehouse probably dropped the pallet and didn't tell anyone. The drives were run through the assembly process and ended up being sprinkled around many different orders. It was only when we ran the 2000-unit rollout at enough attention was given to notice the common factors.
What you are talking about sounds very similar. Pallet drops happen a lot when warehouses cheap out on forelift operators, or worse try to train some minor tech how to operate one. It could be that IBM isn't really paying attention to the "big picture" in this situation. They are probably replacing the drives on a case-by-case basis. Unless a major customer orders a huge quantity that then turns out to have a high percentage of failure, I doubt IBM would notice.
For my experience, I've only owned on IBM drive (not at the computer that has it now, but it is an old 3.2GB model). For three years now it has been reporting "immenent failure" to my SMARTII BIOS and I have yet to have it actually go bad. I just tend not to use them because they generally cost more and I don't have any problem doing a shop-n-swap when cheap "on sale" drive blows chunks.
- JoeShmoe
Oh, true, I should have qualified that. NT4:SP3 is what I install standard from my installation source. I very rarely even bother to apply SP6 (7 now?) because I don't need Access Y2K bugfixes and I refuse to touch NTFS 5.0 with a ten foot pole at the end of another ten foot pole.
I made the mistake of copying some data to a NTFS 5.0 drive, got an error message, rebooted and found my $volume had become corrupt. Microsoft's attitude was "Shit Happens, restore from backup". That's all fine well and good, if the hard drive had physically died I would have accepted the data loss...but Microsoft's whole attitude is that it's more important to have new features than reliability. Backups should never been my first line of defense. The OS should have the smarts to recover SOME portion of the data. Given that OnTrack EasyRecovery wasn't able to find anything, I had to lose the data...but I swore I would never again touch NTFS 5.
- JoeShmoe
Actually, to be a proper Haiku, it must involve something about the seasons. I suggest:
Swarm of rich lawyers
Peer to peer is frozen fast
Filesharing winter
- JoeShmoe
Wasn't there a similar article a couple years ago that shows conclusively that Windows NT 4.0 was faster than Windows 2000 and a wide range of tasks?
I think Windows NT 4.0 marked Microsoft's pinnacle of acheivement. If it wasn't for the lack of USB support I would have never upgraded. Even for a server role, there are a lot of USB devices that a modern server needs to access (like DSL modems, many newer UPS's, cameras for security, additional serial/parallel devices, etc).
Why oh why can't someone develop a third party solution? Or does one exist? DirectX and translucency I can do without...but USB is just too useful to do without.
- JoeShmoe
I think it is especially embarassing that Microsoft/Netscape cannot grandularize the ActiveX or JavaScript functionality. Your choices are "Run All" or "Run None". There needs to be a way to differetiate between normal redirection (which is often used by legit sites)or pop ups (which is of course used in advertising) and those malicious elements such as "On Back" or "On Close" or "Maximize Full Screen with no buttons anywhere". I cannot stand it when I have a button in my taskbar that refuses to respond to a right-click Close command. That kind of control interferes with my GUI and should not be tolerated.
- JoeShmoe
Optional in the sense that a good ol' fashioned photo ID would be sufficient. I wouldn't *have* to have this national ID. The existing infrastructure would remain. But if I wanted to consolidate everything, I would have the option to replace all my current cards with one single national card.
- JoeShmoe
Yes, I meant "optional" in that the law that allows for the creation of said national ID should be written to prevent this kind of encroachment.
If should be illegal for any business or individual to refuse to provide a good or service because you fail to provide a national ID.
I'm not saying it wouldn't be more difficly...but there is some website out there that chronicles the life of someone trying to live without a SSN. It takes more work and a lot of letter writing but it works.
This should be the same way. National ID if you have it, SSN/Drivers license/Credit card if you don't.
-JoeShmoe
How is this any less secure than someone getting ahold of my SSN? The SSN is already the holy grail of indentity theft.
From you SSN I can get your name and current address. From that I can get a copy of your birth certificate, which gives me your birthdate and birthplace as well as your mother's maiden name.
99% of all security questions ask your SSN, your birthdate, your birth city and your mother's maiden name. That's why (as far as bank/CC applications are concerned) my mother's maiden name is something like 45gfyte33. If they tru to give me grief about not using my real mother's maiden name I tell them I'm an orphan.
If I know your SSN I can steal your identity. Of course, having more information saves me the time of having to write snail mail to the Social Security Administration but in this society, where everything is keyed to a single nine-digit number, no one is secure.
But this is not what I'm suggesting. Look at the front of your credit card. Count the numbers (15, 16, whatever). Now flip it over. In the area where you put your signature you'll find a number printed. Count the digits. There will be three extra, your credit card number plus three extra digits. That's your credit card's "PIN" number (I think it's called a CCV2 number or something). Banks have this number. You have this number. But someone who dumpster dives or hacks into a CC database won't have this number because it is never stored as part of the transaction.
There doesn't just have to be one CCV2 code. There could be like twenty. Or why not let me pick one for each function? I can give a different one to every vendor, and that way I can track where it was stolen. And if it is stolen, everything else is secure.
PINs saved the banking industry from massive amounts of identity theft and basically made ATMs possible. PIN numbers aren't the most secure thing, but like I said, they are no worse than what we currently have.
- JoeShmoe
...if it's optional.
One unique ID that can log me into my systems, allow people to contact me, allow me to make purchases and make the coffee machine brew exactly the way I like it? Sign me up!
This is no different than what we have now with Social Security Number, Driver's License, MasterCard, IP Address. The difference is that all these numbers aren't interchangable.
Security issues? Use PINs or biometrics. Big Brother issues? Allow users to control their database entried, or opt-out entirely.
I look forward to one card wallets.
- JoeShmoe
I don't find this very comforting. Right now IBM and Sun are behind Linux because it is the lesser of three evils, at least as I understand it.
Evil #1 maintaining and supporting an ancient proprietary UNIX distribution that small companies can't afford and big companies would replace if they could.
Evil #2 go crawling back to Microsoft to apologize and sign on as an official NT solution provider, adding your valuable bits to the great big gogglymuck of code that will run on everything from toasters to the NSA supercomputers.
Evil #3 toss everything out there and hope for a repeat of the early 80s when opening the BIOS and hardware caused the creation of a huge goods and services market.
Right now IBM is investing heavily into Linux because it's the best option. If Linux gains a majority marketshare, then IBM as an early adoptor will be in a comfy position. Having a smaller piece is okay if the pie is enormous.
BUT
If SSSCA passes and the cost of compliance with Linux/OpenSource becomes prohibitive, it's no longer the best option. In which case IBM will either SSSCA patch AIX and move on with that, or decide to port DB2 and everything else to 2000 Datacenter and push that.
IBM/Sun are happy to be fair weather friends to Linux but I SERIOUSLY doubt they are willing to throw money at Congressmen on its behalf.
- JoeShmoe
They are a sympathic cause. Why do you think they have gambling? Because it was called the "Vegas Casinos Make Billions, Why Can't We" Act? No, it was "Indian Self-Reliance". All of the major casino groups lobbied like mad to try to get people to vote against it, but it was tough to make it look like they were victims. The Indian leaders talked about all the jobs, schools, medicine and food it would bring them. Casinos had to try to sidetrack the issue and dwell on the fact that Indians didn't have to pay taxes on their income, wah wah.
So, if the Indian nations want to try to get self-reliance by forming an electronic economy, lawmakers are going to have a tough time siding with their traditional lobbyists. Who wants to appear to be trouncing on the already impoverished Indian nations to line the pockets of a few select media corporations? I think it would be an interesting way to test the laws, and that's why I would encourage people to investigate this.
- JoeShmoe