No, I'm not aware of any Christian group who believe that the Bible was "dictated" by God, and that is the position of many Muslims. However, there are a lot of Christians who believe 2 Timothy 3:16; that is that all scripture is divinely inspired. The fact that the Bible's human authors were left to find their own words for God's thoughts is not, in the end, very different from dictation.
What you say about "parables and accounts" is a slightly different issue. The Bible and the Koran both contain passages which are not intended to be taken literally, or where the meaning is just obscure. However, the examples I gave were taken from the books of law, which appear to be the Israelites' legal code. I'm not aware of any other way you can interpret these books. I would like to know about any interpretation which does not impart harshness to God in the way that comes over on a naive reading.
What I was trying to show, though, was the danger of learning about Islam by reading pro-Christian blogs. I have noticed a process where some blogger decides to have a look at the Koran. He finds something that shows Islam in a bad light, so he posts it on his blog. Perhaps it sounds striking, and so it gets copied by lots of other people. Unfortunately no one bothers to ask a real Muslim how they actually interpret that part of the Koran.
My quotes from the Bible were meant to highlight the fact that a similar process could be applied to Christianity. I don't know of any Christians who advocate slavery, whether or not for thieves. Yet it is there, in the Bible, and could give people a wrong idea about what Christians think.
Under Sharia law, the scammers get a hand cut off
on
419 Scammer Gets Scammed
·
· Score: 2, Interesting
I don't think the scammers are going to be complaining too loudly. 419 scams are a form of theft, and under Sharia law thieves have a hand cut off. Pretty barbaric, but these days liberal Muslims would much rather have a modern legal and penal system.
Islam doesn't have a unique claim to this sort of barbarity. According to the Bible, if you find a thief breaking in, you can simply kill him. If he is caught later, and doesn't have sufficient funds to make restitution, he can be sold into slavery.
The people the scambaiters need to fear are not the proponents of Sharia law, but the scammers themselves. The scammers are, after all, simply organised criminals.
Sun are not "testing the waters". Instead they are continuing to follow their extremely successful strategy of the last few years. What Sun really don't want is a viable open source clone of Java, whether it is gcj or IKVM. So, every so often they make noises about open-sourcing things. This means that people think working on the open source Java clones is a waste of time. People also carry on working on open source Java applications, providing Sun with help that Microsoft can only dream of.
Why do you think Mono is now days away from a 1.0 release, while gcj and classpath are still lagging the current Java? Because everyone knew that Microsoft would never open-source.NET. The.NET system is probably better than Java, and we knew that if we wanted a free version we would have to write it ourselves.
This is the reason why Sun's strategy is, ultimately, misguided..NET and c# are very nice to develop with, there is a high quality open source version, and the platform has Microsoft's marketing clout behind it. Oops...
More sophisticated anti-tank weapons already carry two explosive charges in the same projectile. The first charge triggers any active defences, the second charge penetrates the tank.
The idea of electric armour is new, but armour has been active for a long time. It isn't just a chunk of metal. Tank armour is designed, oddly, to explode in a small scale, controlled way when hit. This tends to break kinetic energy weapons such as DU penetrators.
Warheads which are based on a shaped charge can ordinarily deliver their explosive force to a very small area. However, an explosion from the tank's armour itself can disrupt this, dispersing the blast harmlessly.
Presumably a tandem round is likely to penetrate the new armour in the same way. However, this is not the threat model it is protecting against. There is a lot of difference between an Iraqi insurgent with an RPG launcher, and a Western marine firing the latest anti-tank missile.
It's not quite as simple as this; you can read the relevant section of the Maastricht Treaty here. (Search the page for Article 189b.)
It's very complicated, but as far as I can understand it, there is parity between the Parliament and the Council of Ministers. If they can't agree, there is complete deadlock and the only option is to retain the current legal position (software patents being granted but which are potentially vulnerable to a legal challenge).
The danger in this decision by the Council is that Parliament will be persuaded to give in at some point. It only takes one lost vote and the directive will be adopted, in basically the original form proposed by the Commission. Also the beneficial amendments will be lost unless the Council can somehow be persuaded to agree to them.
The upside of the decision is that it has annoyed a lot of people who don't care about software patents. MEPs who care about the separation of powers in the EU are annoyed by the Council's actions, even though patent law may be a closed book to them.
Re:Like the UN would be any faster...
on
ICANN Meets Annan
·
· Score: 1
Non-political, are you kidding? You think that giving a TLD to Palestine isn't making a major political statement? I think it was the right political statement, but that's another thing.
In fact, the ICANN country codes are based on ISO 3166. It was the maintainers of ISO 3166 that gave Palestine a country code but not, for example, the Basque country or Chechnya.
Just out of interest, did you support Timothy McVeigh? As I understood it, he tried to kill as many "pigs" as possible, specifically the BATF officers who worked in the building he bombed.
I value my liberties as much as anyone else, but no Western country has reached the point where killing police officers could be described as resistance to oppression. Even the militias accepted that, McVeigh excepted. They were concerned about the future but they didn't feel that the present situation justified violence.
The Terrorism Act 2000 has several requirements for a computer break-in to be considered a terrorist act. It must be "designed seriously to interfere with or seriously to disrupt an electronic system" which would exclude some break-ins. For example, someone who just looked around would not be caught. DoS attacks are caught but the downloading of information may not be.
The act must also be "designed to influence the government or to intimidate the public or a section of the public" and be "for the purpose of advancing a political, religious or ideological cause". This is going to exclude the huge majority of computer crimes. Even some political hacks will be excluded. For example, when al-Jazeera's website was hacked, it was for the purpose of advancing a political cause. It was not, however, for the purpose of influencing the government. It was for the purpose of influencing the public, but this is not enough; notice the different wording for acts aimed at the government, and acts aimed at the population.
The DDoS attack on spamhaus.org is an interesting case. It clearly satisfies the first part of the test, seriously disrupting an electronic system. It is probably intended to intimidate people who are involved in campaigning against spam. Is spam a political or ideological cause? I don't know; I suspect only the courts would be able to answer that.
When you have your accident, I just hope you only kill yourself. 150mph isn't a safe speed unless you're on a racetrack. Perhaps it won't even be your fault, a car will change lanes in front of you without looking, something like that. At that speed you will die instantly.
I don't ride a bike now, but I used to have one rather than a car. I commuted into London on it every day, as well as doing longer journeys. They're great fun and I can totally understand why people want to ride too fast. Somehow it's fun, and the possibility of an accident seems too remote. Yet a lot of bikers do have accidents, often very serious ones.
People thinking of writing binary-only drivers should consider one thing. Linus has given his views, but he is only one of many copyright holders. Any one of those copyright holders could sue, and some of them take the view that all non-GPL kernel modules are a breach of copyright.
I think for me the test is whether there is a defined API. The FSF claim that dynamic linking to readline is sufficient to make a program a derived work. I disagree because readline has a defined API and you are really writing your program against that rather than against readline itself. Remember that there is another library (editline) which implements much of the same API. If it is true that a program using readline thereby becomes a derived work, it makes no sense. The program would become a derived work of readline and editline at the same time!
(This seems rather like Plato's theory of ideals: the "ideal readline" is the thing you are writing against, not the real implementations.)
In the kernel, I think you'd have more problems. If you could point to a generic spec like NDIS that you were writing against, that would be one thing. (I know Linux doesn't support NDIS drivers, it's just an example.) In practice I suspect the kernel is not documented to this extent, so you end up "modifying the kernel" rather than "writing against an API".
Nvidia may well have imported a lot of existing code, but that doesn't help them. It only takes one line of GPL code to "contaminate" the lot. There was bound to be some Linux-specific "glue" and that will be all that is required.
"Copyright law in the UK has never allowed people the automatic right to make back-ups."
Actually this is not true, Directive 91/250 explicitly recognises the right to make a backup copy.
"We have no written Constitution, in the sense that the US does, so the usual mechanism for overturning silly laws across the pond is out. There's nothing inherently wrong with this law in a legal sense: what it says sucks, but it was passed by the usual means."
You won't be able to challenge it under the Human Rights Act 1998, because it doesn't infringe on any fundamental right. The American case is a bit different because the Constitution talks about copyright explicitly. Our Human Rights Act is only interested in fundamental political rights such as freedom from torture. Much as we don't like the outcome in this case, this is the right answer. Democracies are governed by politicians, not the courts.
"Sure, we can hope that in time copyright law in the UK will be changed to reflect common sense (in particular, explicitly recognising various fair uses in the sense that US copyright law does)..."
Our copyright law works differently; it has a fixed list of fair-use type rights, rather than a generic doctrine that gets extended by the courts. Our law is more certain but less flexible, so it's hard to know which is best I think.
We already use IPv6, simply because it's more convenient. If you have multiple networks with 10.* or 192.168.* addresses, two things happen. Firstly it's very confusing, so you make mistakes and the routing stops working. Secondly you have to set up VPNs explicitly which is extra work.
With IPv6, none of this happens. All the organisations have an Internet connection, and that gives them the network part of the address. The host part of the address comes from the MAC address of the ethernet card. No room for confusion.
You might object that we had to go to the trouble of getting IPv6 Internet connections, but we didn't. IPv6 can be routed over IPv4. This means that we only need our regular Internet connections, and we don't have to run routing daemons or anything like that. The existing IPv4 infrastructure gets our packets from one site to another.
IPv6 is also much easier to configure because everything happens on the server. If a client has IPv6 enabled, all you have to do is plug it into the network and it will configure itself. Yes, in a way it's like DHCP, but the addresses don't change. This means that you can have long-lived DNS entries pointing to your boxes, that sort of thing, which you can't do easily with DHCP.
The one time I wouldn't use IPv6 is in a place with lots of old boxes that don't support it very well. But if you have modern Linux or BSD installations or Windows XP, enable it today. You won't regret it.
I'd quite like to set up a website which is only IPv6, to encourage people to upgrade (that is if I can't persuade Slashdot to drop support for legacy protocols). You only get to see the Dancing Kame if you are IPv6 enabled, but that probably isn't enough to tempt people to switch!
Have a look at the Terrorism Act 2000 (the latest UK anti-terrorist legislation). It's getting close... If the DoS attack can be said to be for the purposes of intimidating supporters of anti-spam legislation, they are probably caught.
By section 56, someone directing an organisation carrying out such a DoS attack is liable to life imprisonment.
Funny how the review just parrots the Skype claim that it uses "strong encryption". It probably isn't; designing strong cryptography is hard and requires peer review. They might be able to manage the former, depending on the skill sets of their developers. They certainly can't manage the latter with a closed protocol. Government security services have the determination and resources to do it, while invariably corporations don't, even ones the size of Microsoft.
Everyone thinks that governments are scared of Skype because it has "strong encryption". In fact it's probably the other way round. They're laughing because people think their Skype conversations are private, when they're not. This is much better for the government than a normal phone line, which can be tapped, but everyone knows it can be tapped.
It's commonly said that open source is more secure and less likely to contain spyware or trojans. If you can look at the code, they are plain for you to see, and they only work when they are secret. However, we can take this a stage further. A company like Microsoft is limited in what it can do. If they sell software with spyware which is too blatant, they could get sued, and their reputation could be damaged. They would not want this, because their reputation is one of their major assets.
For a company like Kazaa/Skype, this is irrelevant. If you know how to sue them, the RIAA would like to hear from you. Their reputation is already rock bottom as far as spyware goes. There is no incentive to stop them putting every kind of privacy-violating application in Skype. Perhaps you talk about cars on the phone, and next time you're using Kazaa you see adverts for cars...
I think it's a pity that the RIAA's antics have allowed the Kazaa (and Napster) inventors to dress up as Robin Hood. In fact their business model has been making money out of other people's content. This is, to my mind, much more unethical than using Kazaa as an end user, to share copyright files without the thought of financial gain. I don't actually know whether I consider it unethical to use Kazaa as an end user, that's a much harder question.
By doing this, the Kazaa inventors tell us that they are dishonest, unethical people. When someone tells me that, I try to make it a rule to believe them, and keep clear. It helps me avoid being cheated.
Finally, it's worth remembering that Skype want to create the kind of proprietary lock-in so limits the usefulness of text IM. We need VoIP to be free: free as in email, not free as in AIM.
We Brits pledge allegiance to the Queen, which is worse. On the other hand, your allegiance to the Queen is normally assumed. The vast majority of people go through their lives without having to pledge allegiance even once. You have to do it if you become a policeman, or a Member of Parliament, or a few other things.
Interestingly this became a problem in Northern Ireland. If you were a Protestant, you were happy to swear allegiance to the Queen. If you were a Catholic and saw yourself as Irish rather than British, it was a problem. As part of the Good Friday agreement, the oath was changed. You now join the "Police Service of Northern Ireland", not the "Royal Ulster Constabulary" and you are no longer required to swear allegiance to the Queen as you are in the rest of the UK.
We (the UK) forced Hubbard out by refusing to renew his visa. The Scientology headquarters used to be at Saint Hill Manor, about an hour's drive from where I live in London. After Hubbard left, Saint Hill remained an important Scientology centre, but the headquarters moved elsewhere. Clearwater in Florida, I think.
I've been to Saint Hill out of curiosity, but it gives me the creeps. There's something weird about seeing all these people talking bunk with such conviction.
(By the way, expect to get a hard sell if you go to any Scientology organisation. Don't give your real name or contact details, otherwise they will hassle you endlessly to buy courses. Also don't go if there's anything that would make you an easier mark, for example that you're feeling upset about something. A steady trickle of people join cults after visiting them in just such a sceptical frame of mind.)
This software is nowhere near polished enough to succeed in a corporate environment. I don't know why it's been called 1.0, but I'd say it was more at the stage of an early beta. You realise this as soon as it loads up. There are graphical elements that don't fit their boxes, so get cut off, that sort of thing.
The other thing I don't understand is that the menus look more like Tk than Qt. This means that it doesn't fit with other KDE applications, at the same time as looking rather worse.
Use Evolution if you want an Outlookalike, otherwise use Mozilla for mail and Tutos for tracking contacts and arranging meetings.
Obviously Frazier has been given a sentence which is outrageously out of proportion to his crimes. But let's think about things from a different point of view...
I live in an area which has its share of crime. Not crime like Frazier's, ordinary crime like vandalism, graffiti, burglaries and so on. The police are always hugely overstretched in trying to respond to these things. Now house burglaries cause far more distress than anything that Frazier did. Vandalism and the like take far more out of a neighbourhood than anything Frazier did.
Yet, Frazier is worthy of some massive surveillance operation. We are entitled to ask why limited police resources were used in this way.
It's tempting to dismiss this sort of announcement as "more of the same", "PR spin", and so on. Perhaps it is, but I don't want to get caught when the security spending starts to produce real fruit.
Think about the success of OpenBSD. In terms of security holes it's probably an order of magnitude better than other free operating systems, and Windows. This result was largely obtained through code auditing. If we aren't careful, in a few years, Microsoft will turn the tables on us. The code auditing they've done will have paid off, and we'll have it all still to do (for the typical Linux distribution, OpenBSD is different).
RFC 3268 describes the way you should use the Advanced Encryption Standard with SSL/TLS.
My experiences weren't at all like the ones described in the article, even though we certainly weren't codifying existing practice. No one threatened to leave and join a rival standards effort, even though AES over TLS is important for government contracts. Most of the argument was about the minutiae of the protocol. For example there was a long discussion about the padding type and cipher mode of operation.
The problem I had was that the process is horribly slow. There are a few people in the IETF who have a lot of work to do, and you tend to find yourself sitting in a queue for a long time.
That said, I think it was a very worthwhile thing to do. If we hadn't done AES through the IETF, no one could have interoperated. It wouldn't be a case of then codifying existing practice a few years on because it simply wouldn't work. The different TLS implementations need to use the same ciphersuite numbers for example. Much better to sort that out on an IETF mailing list than try to cobble something together in a series of bilateral discussions.
You might decompile one file and find a comment like this at the top:
* This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version.
Slashdot Mirror
No, I'm not aware of any Christian group who believe that the Bible was "dictated" by God, and that is the position of many Muslims. However, there are a lot of Christians who believe 2 Timothy 3:16; that is that all scripture is divinely inspired. The fact that the Bible's human authors were left to find their own words for God's thoughts is not, in the end, very different from dictation.
What you say about "parables and accounts" is a slightly different issue. The Bible and the Koran both contain passages which are not intended to be taken literally, or where the meaning is just obscure. However, the examples I gave were taken from the books of law, which appear to be the Israelites' legal code. I'm not aware of any other way you can interpret these books. I would like to know about any interpretation which does not impart harshness to God in the way that comes over on a naive reading.
What I was trying to show, though, was the danger of learning about Islam by reading pro-Christian blogs. I have noticed a process where some blogger decides to have a look at the Koran. He finds something that shows Islam in a bad light, so he posts it on his blog. Perhaps it sounds striking, and so it gets copied by lots of other people. Unfortunately no one bothers to ask a real Muslim how they actually interpret that part of the Koran.
My quotes from the Bible were meant to highlight the fact that a similar process could be applied to Christianity. I don't know of any Christians who advocate slavery, whether or not for thieves. Yet it is there, in the Bible, and could give people a wrong idea about what Christians think.
I don't think the scammers are going to be complaining too loudly. 419 scams are a form of theft, and under Sharia law thieves have a hand cut off. Pretty barbaric, but these days liberal Muslims would much rather have a modern legal and penal system.
Islam doesn't have a unique claim to this sort of barbarity. According to the Bible, if you find a thief breaking in, you can simply kill him. If he is caught later, and doesn't have sufficient funds to make restitution, he can be sold into slavery.
The people the scambaiters need to fear are not the proponents of Sharia law, but the scammers themselves. The scammers are, after all, simply organised criminals.
Sun are not "testing the waters". Instead they are continuing to follow their extremely successful strategy of the last few years. What Sun really don't want is a viable open source clone of Java, whether it is gcj or IKVM. So, every so often they make noises about open-sourcing things. This means that people think working on the open source Java clones is a waste of time. People also carry on working on open source Java applications, providing Sun with help that Microsoft can only dream of.
.NET. The .NET system is probably better than Java, and we knew that if we wanted a free version we would have to write it ourselves.
.NET and c# are very nice to develop with, there is a high quality open source version, and the platform has Microsoft's marketing clout behind it. Oops...
Why do you think Mono is now days away from a 1.0 release, while gcj and classpath are still lagging the current Java? Because everyone knew that Microsoft would never open-source
This is the reason why Sun's strategy is, ultimately, misguided.
More sophisticated anti-tank weapons already carry two explosive charges in the same projectile. The first charge triggers any active defences, the second charge penetrates the tank.
The idea of electric armour is new, but armour has been active for a long time. It isn't just a chunk of metal. Tank armour is designed, oddly, to explode in a small scale, controlled way when hit. This tends to break kinetic energy weapons such as DU penetrators.
Warheads which are based on a shaped charge can ordinarily deliver their explosive force to a very small area. However, an explosion from the tank's armour itself can disrupt this, dispersing the blast harmlessly.
Presumably a tandem round is likely to penetrate the new armour in the same way. However, this is not the threat model it is protecting against. There is a lot of difference between an Iraqi insurgent with an RPG launcher, and a Western marine firing the latest anti-tank missile.
It's not quite as simple as this; you can read the relevant section of the Maastricht Treaty here. (Search the page for Article 189b.)
It's very complicated, but as far as I can understand it, there is parity between the Parliament and the Council of Ministers. If they can't agree, there is complete deadlock and the only option is to retain the current legal position (software patents being granted but which are potentially vulnerable to a legal challenge).
The danger in this decision by the Council is that Parliament will be persuaded to give in at some point. It only takes one lost vote and the directive will be adopted, in basically the original form proposed by the Commission. Also the beneficial amendments will be lost unless the Council can somehow be persuaded to agree to them.
The upside of the decision is that it has annoyed a lot of people who don't care about software patents. MEPs who care about the separation of powers in the EU are annoyed by the Council's actions, even though patent law may be a closed book to them.
In fact, the ICANN country codes are based on ISO 3166. It was the maintainers of ISO 3166 that gave Palestine a country code but not, for example, the Basque country or Chechnya.
Just out of interest, did you support Timothy McVeigh? As I understood it, he tried to kill as many "pigs" as possible, specifically the BATF officers who worked in the building he bombed.
I value my liberties as much as anyone else, but no Western country has reached the point where killing police officers could be described as resistance to oppression. Even the militias accepted that, McVeigh excepted. They were concerned about the future but they didn't feel that the present situation justified violence.
The Terrorism Act 2000 has several requirements for a computer break-in to be considered a terrorist act. It must be "designed seriously to interfere with or seriously to disrupt an electronic system" which would exclude some break-ins. For example, someone who just looked around would not be caught. DoS attacks are caught but the downloading of information may not be.
The act must also be "designed to influence the government or to intimidate the public or a section of the public" and be "for the purpose of advancing a political, religious or ideological cause". This is going to exclude the huge majority of computer crimes. Even some political hacks will be excluded. For example, when al-Jazeera's website was hacked, it was for the purpose of advancing a political cause. It was not, however, for the purpose of influencing the government. It was for the purpose of influencing the public, but this is not enough; notice the different wording for acts aimed at the government, and acts aimed at the population.
The DDoS attack on spamhaus.org is an interesting case. It clearly satisfies the first part of the test, seriously disrupting an electronic system. It is probably intended to intimidate people who are involved in campaigning against spam. Is spam a political or ideological cause? I don't know; I suspect only the courts would be able to answer that.
When you have your accident, I just hope you only kill yourself. 150mph isn't a safe speed unless you're on a racetrack. Perhaps it won't even be your fault, a car will change lanes in front of you without looking, something like that. At that speed you will die instantly.
I don't ride a bike now, but I used to have one rather than a car. I commuted into London on it every day, as well as doing longer journeys. They're great fun and I can totally understand why people want to ride too fast. Somehow it's fun, and the possibility of an accident seems too remote. Yet a lot of bikers do have accidents, often very serious ones.
People thinking of writing binary-only drivers should consider one thing. Linus has given his views, but he is only one of many copyright holders. Any one of those copyright holders could sue, and some of them take the view that all non-GPL kernel modules are a breach of copyright.
I think for me the test is whether there is a defined API. The FSF claim that dynamic linking to readline is sufficient to make a program a derived work. I disagree because readline has a defined API and you are really writing your program against that rather than against readline itself. Remember that there is another library (editline) which implements much of the same API. If it is true that a program using readline thereby becomes a derived work, it makes no sense. The program would become a derived work of readline and editline at the same time!
(This seems rather like Plato's theory of ideals: the "ideal readline" is the thing you are writing against, not the real implementations.)
In the kernel, I think you'd have more problems. If you could point to a generic spec like NDIS that you were writing against, that would be one thing. (I know Linux doesn't support NDIS drivers, it's just an example.) In practice I suspect the kernel is not documented to this extent, so you end up "modifying the kernel" rather than "writing against an API".
Nvidia may well have imported a lot of existing code, but that doesn't help them. It only takes one line of GPL code to "contaminate" the lot. There was bound to be some Linux-specific "glue" and that will be all that is required.
"Copyright law in the UK has never allowed people the automatic right to make back-ups."
Actually this is not true, Directive 91/250 explicitly recognises the right to make a backup copy.
"We have no written Constitution, in the sense that the US does, so the usual mechanism for overturning silly laws across the pond is out. There's nothing inherently wrong with this law in a legal sense: what it says sucks, but it was passed by the usual means."
You won't be able to challenge it under the Human Rights Act 1998, because it doesn't infringe on any fundamental right. The American case is a bit different because the Constitution talks about copyright explicitly. Our Human Rights Act is only interested in fundamental political rights such as freedom from torture. Much as we don't like the outcome in this case, this is the right answer. Democracies are governed by politicians, not the courts.
"Sure, we can hope that in time copyright law in the UK will be changed to reflect common sense (in particular, explicitly recognising various fair uses in the sense that US copyright law does)..."
Our copyright law works differently; it has a fixed list of fair-use type rights, rather than a generic doctrine that gets extended by the courts. Our law is more certain but less flexible, so it's hard to know which is best I think.
No, spammers should be forced to pose for goatse.
We already use IPv6, simply because it's more convenient. If you have multiple networks with 10.* or 192.168.* addresses, two things happen. Firstly it's very confusing, so you make mistakes and the routing stops working. Secondly you have to set up VPNs explicitly which is extra work.
With IPv6, none of this happens. All the organisations have an Internet connection, and that gives them the network part of the address. The host part of the address comes from the MAC address of the ethernet card. No room for confusion.
You might object that we had to go to the trouble of getting IPv6 Internet connections, but we didn't. IPv6 can be routed over IPv4. This means that we only need our regular Internet connections, and we don't have to run routing daemons or anything like that. The existing IPv4 infrastructure gets our packets from one site to another.
IPv6 is also much easier to configure because everything happens on the server. If a client has IPv6 enabled, all you have to do is plug it into the network and it will configure itself. Yes, in a way it's like DHCP, but the addresses don't change. This means that you can have long-lived DNS entries pointing to your boxes, that sort of thing, which you can't do easily with DHCP.
The one time I wouldn't use IPv6 is in a place with lots of old boxes that don't support it very well. But if you have modern Linux or BSD installations or Windows XP, enable it today. You won't regret it.
I'd quite like to set up a website which is only IPv6, to encourage people to upgrade (that is if I can't persuade Slashdot to drop support for legacy protocols). You only get to see the Dancing Kame if you are IPv6 enabled, but that probably isn't enough to tempt people to switch!
:-) I wouldn't want to see them get life either. It's just an interesting factoid that these people are close to committing a terrorist crime.
In any case, the courts do have discretion, they are not required to give life imprisonment for that offence.
Have a look at the Terrorism Act 2000 (the latest UK anti-terrorist legislation). It's getting close... If the DoS attack can be said to be for the purposes of intimidating supporters of anti-spam legislation, they are probably caught.
By section 56, someone directing an organisation carrying out such a DoS attack is liable to life imprisonment.
Funny how the review just parrots the Skype claim that it uses "strong encryption". It probably isn't; designing strong cryptography is hard and requires peer review. They might be able to manage the former, depending on the skill sets of their developers. They certainly can't manage the latter with a closed protocol. Government security services have the determination and resources to do it, while invariably corporations don't, even ones the size of Microsoft.
Everyone thinks that governments are scared of Skype because it has "strong encryption". In fact it's probably the other way round. They're laughing because people think their Skype conversations are private, when they're not. This is much better for the government than a normal phone line, which can be tapped, but everyone knows it can be tapped.
It's commonly said that open source is more secure and less likely to contain spyware or trojans. If you can look at the code, they are plain for you to see, and they only work when they are secret. However, we can take this a stage further. A company like Microsoft is limited in what it can do. If they sell software with spyware which is too blatant, they could get sued, and their reputation could be damaged. They would not want this, because their reputation is one of their major assets.
For a company like Kazaa/Skype, this is irrelevant. If you know how to sue them, the RIAA would like to hear from you. Their reputation is already rock bottom as far as spyware goes. There is no incentive to stop them putting every kind of privacy-violating application in Skype. Perhaps you talk about cars on the phone, and next time you're using Kazaa you see adverts for cars...
I think it's a pity that the RIAA's antics have allowed the Kazaa (and Napster) inventors to dress up as Robin Hood. In fact their business model has been making money out of other people's content. This is, to my mind, much more unethical than using Kazaa as an end user, to share copyright files without the thought of financial gain. I don't actually know whether I consider it unethical to use Kazaa as an end user, that's a much harder question.
By doing this, the Kazaa inventors tell us that they are dishonest, unethical people. When someone tells me that, I try to make it a rule to believe them, and keep clear. It helps me avoid being cheated.
Finally, it's worth remembering that Skype want to create the kind of proprietary lock-in so limits the usefulness of text IM. We need VoIP to be free: free as in email, not free as in AIM.
We Brits pledge allegiance to the Queen, which is worse. On the other hand, your allegiance to the Queen is normally assumed. The vast majority of people go through their lives without having to pledge allegiance even once. You have to do it if you become a policeman, or a Member of Parliament, or a few other things.
Interestingly this became a problem in Northern Ireland. If you were a Protestant, you were happy to swear allegiance to the Queen. If you were a Catholic and saw yourself as Irish rather than British, it was a problem. As part of the Good Friday agreement, the oath was changed. You now join the "Police Service of Northern Ireland", not the "Royal Ulster Constabulary" and you are no longer required to swear allegiance to the Queen as you are in the rest of the UK.
We (the UK) forced Hubbard out by refusing to renew his visa. The Scientology headquarters used to be at Saint Hill Manor, about an hour's drive from where I live in London. After Hubbard left, Saint Hill remained an important Scientology centre, but the headquarters moved elsewhere. Clearwater in Florida, I think.
I've been to Saint Hill out of curiosity, but it gives me the creeps. There's something weird about seeing all these people talking bunk with such conviction.
(By the way, expect to get a hard sell if you go to any Scientology organisation. Don't give your real name or contact details, otherwise they will hassle you endlessly to buy courses. Also don't go if there's anything that would make you an easier mark, for example that you're feeling upset about something. A steady trickle of people join cults after visiting them in just such a sceptical frame of mind.)
This software is nowhere near polished enough to succeed in a corporate environment. I don't know why it's been called 1.0, but I'd say it was more at the stage of an early beta. You realise this as soon as it loads up. There are graphical elements that don't fit their boxes, so get cut off, that sort of thing.
The other thing I don't understand is that the menus look more like Tk than Qt. This means that it doesn't fit with other KDE applications, at the same time as looking rather worse.
Use Evolution if you want an Outlookalike, otherwise use Mozilla for mail and Tutos for tracking contacts and arranging meetings.
Obviously Frazier has been given a sentence which is outrageously out of proportion to his crimes. But let's think about things from a different point of view...
I live in an area which has its share of crime. Not crime like Frazier's, ordinary crime like vandalism, graffiti, burglaries and so on. The police are always hugely overstretched in trying to respond to these things. Now house burglaries cause far more distress than anything that Frazier did. Vandalism and the like take far more out of a neighbourhood than anything Frazier did.
Yet, Frazier is worthy of some massive surveillance operation. We are entitled to ask why limited police resources were used in this way.
The GIF patent expires tomorrow, too... Then you'll be able to use your animated GIFs without paying money.
It's tempting to dismiss this sort of announcement as "more of the same", "PR spin", and so on. Perhaps it is, but I don't want to get caught when the security spending starts to produce real fruit.
Think about the success of OpenBSD. In terms of security holes it's probably an order of magnitude better than other free operating systems, and Windows. This result was largely obtained through code auditing. If we aren't careful, in a few years, Microsoft will turn the tables on us. The code auditing they've done will have paid off, and we'll have it all still to do (for the typical Linux distribution, OpenBSD is different).
Laughing at your competitors is a risky strategy.
RFC 3268 describes the way you should use the Advanced Encryption Standard with SSL/TLS.
My experiences weren't at all like the ones described in the article, even though we certainly weren't codifying existing practice. No one threatened to leave and join a rival standards effort, even though AES over TLS is important for government contracts. Most of the argument was about the minutiae of the protocol. For example there was a long discussion about the padding type and cipher mode of operation.
The problem I had was that the process is horribly slow. There are a few people in the IETF who have a lot of work to do, and you tend to find yourself sitting in a queue for a long time.
That said, I think it was a very worthwhile thing to do. If we hadn't done AES through the IETF, no one could have interoperated. It wouldn't be a case of then codifying existing practice a few years on because it simply wouldn't work. The different TLS implementations need to use the same ciphersuite numbers for example. Much better to sort that out on an IETF mailing list than try to cobble something together in a series of bilateral discussions.
I thought Madonna MP3s had the most downloads... Oh, most downloaded program, right.