"Hello, my dear nephew Melvin. The last email was full of strange characters, something like nasot.56O^%#R&*^'"N%NOH. Do you think there's something wrong with my internet connection? Yours, Aunt Tillie"
-Or-
400 Bad Request
-Or-
RST
Confidentiality requires the other party to decrypt the message. And you can't cheat and send a plain-text copy to honor the legacy systems;)
I know you're just joking, but the linux gaming environment is not completely pots.
For one, you can play Blizzard's games (I know from experience that wc3, d2 and sc plus expansions all play; a friend has been running wow).
For two, there's a bunch of free FPS (Nexuiz) openarena, warsow, sauerbraten, tremulous), strategy (wesnoth, freeciv), arcade (noiz2sa and others by Kenta Cho) and role-playing (nethack) games.
If it was publicized as kiddie porn in any way, I don't care if she's 15 or a day shy of 18.
In my eyes (I'm 25 fwiw), most persons of age 15 are not---sexually speaking---children. Young is sexy for a good reason: youth correlates well with fertility.
That said, I wouldn't go out hitting on 15-year-olds due to the large age difference; for one because of the frowns and odd stares I'd attract, for two because I think I could have a meaningful relationship with very few of them.
Let's look at it this way: most 15-year-olds wanna fuck. Most of those do. I take that to mean it's natural for them to do it. They may be naive and less-than-careful in their choice of partners and practices, but they fuck. They're ready.
Lower the bar to titless girls and falsetto boys, and I'm we might start talking.
it's as simple as this: did you think, in good faith, that she was of age?
I'd think it's a good place to ask, as an addition, what a reasonable person would think and do. (ianal, tinla).
Caveat: how long does it take for the child porn consumers to put new practices into use?
Point 2: use a hash that doesn't suck. md5 was a dead horse ages ago. It's been turned to soil, and the plants that grew out of it have all died too. Use a newer hash.
Point 3: in fact, don't use a newer hash. Use several. When one gets broken, you still have the other five to rely on, so your findings are likely to be true; also, start using a new one to compensate for the death of the old one.
This scheme can work, just not for what it's used for, coming back to point 1.
Of course I haven't read the article, but one might suppose there's a hosts.txt along with the client. Whenever a new connection is made, the parties remember each other and add to the hosts.txt. There's some kind of sub-protocol that lets parties exchange peer information.
Probably some fancy math can show you that if you connect to 2, or 5, or log(n), or 1/(2^n)! random peers, you can reach everybody in your connected component with a ttl of O(f(n)) for some f, and your connected component will split with a probability of epsilon to the g(n)th.
That's kindasorta how gtk-gnutella goes about it, if memory serves.
Reporting a security hole is not noble, it's stupid.
I can't help but wonder how much the slashdot perception of the stupidity of reporting security holes to your sysadmins is due to selective reporting.
Ever noticed all the stories that say "User thanked for quietly reporting a subsequently fixed security problem"? Not exciting.
But it happens. I've reported a security issue to root, with three user names (!= my own) that I'd found the password to and the method I used. They said it was okay and they'd changed them, and later enabled/etc/shadow.
Trying-to-balance-out-the-selective-reporting'ly yours --Jonas K
The person who reports the crime is often the first suspect or person of interest.
Which is why you do it anonymously, with cutouts from magazine headlines [oh noes, teh police can identify your cut-and-paste gluing style]. If you want to send email, use tor and a one-time account.
While they have been unable to come up with anything compelling in terms of sequels for their major franchises.
Everytime I look, I see good things being said about LoZ Twilight Princess and SM Galaxy.
That's also my own experience: Z:TP sucked me in like a vacuum, playing it every spare moment, loving it all the way. The puzzles are just hard enough to push me without leaving me stomped for too long [nice graphics, well-composed music, same old story but with a nice twist; slightly less fun second time you play it, though].
The graphics, sound, level and boss design for SM Galaxy: awesome [I love(!!) the daredevil run of the stony guy in the circular arena]. I've got some bad things to say about controls and camera, but I may be the exception rather than the rule.
I bought and loved both, and I haven't played any of the previous games that much. Not compelling? It is subjective, but a lot of people hold a view different from yours.
(With apologies to Bob Novella) we should put billions of dollars into this!
(Go to www.theskepticsguide.org for a super-awesome science podcast, with a bit of geek culture leaking through the floorboards every now and again; Bob is one of the hosts).
They even build into the APIs current developers of their apps need to implement various features.
Let's analyze the grammar here: Subject: They Verb: build Object: subsentence
Subject: developers of their apps
Verb: need
Object: current
So you're saying there's an system call that moves charged electrons around between kernel space and user space? Awesome! That's gonna' come in handy for my boolean circuit simulator.
I, personally, would be THRILLED, if I could sit down at any broadband-connected PC in the world and get the same desktop and files that I have at home.
Run a VNC server on your box and carry around a vnc client on a usb stick.
Or: set up a http server with a password-protect area that gives you access to/. Set up ftp with anonymous write access (with/home/ftp a loopback mount of a 10-meg file), and write a simple web frontend. Set up mindterm so that you can ssh to your machine if need be. Use duct tape somewhere, just for completeness. That's what I use;)
Or lug around your laptop everywhere you go, and use sshfs back to your file server at home.
we wouldn't have a buzzword laden technique for dynamically changing the content on a web page withuot a full refresh.
The two-point-oh-ness is in the back-button-breaking communication with the server without doing a refresh. We've had javascript that could muck around with the page for some time now.
In an economy where knowledge, software, and creative work is paid for, you do have to have some legal protection for those works.
What you need is a way to incite people to add something valuable to the public domain.
Some create for their own benefit and share for the betterment of all. Some create and set free to drive up demand for a product or service they offer. But often (not always!) someone needs to pay the creator.
Say, for the sake of argument, that we all get taxed some more, and the Science and Useful Arts Council hands out contracts (i.e. money) to worthy applicants to produce a work. Upon completion, the work enters the public domain.
Let's see: creators have a chance to get paid if they're good. The work is free for all to use.
It seems like you don't have to grant exclusivity of rights for any period of time before letting works enter the public domain.
Would this model work in practice? I'm not convinced. But it hasn't been shown that the all workable models require taking away peoples' rights.
Copyright is an employment program: it's about creating jobs in music, writing, programming and others. Its current mechanism is very old, and I think it would do us all well to consider new mechanisms.
Slashdot Mirror
Let's play point-counterpoint :)
Flash: alternatives require hiring an engineer.
If you make the hack jobs write anything else, they're still going write hack jobs.
Then we could dump all these expensive programmers and get some work done.
You can't both has a cake and eated it too. Hire or fire expensive people?
Code: It's code centric. It shouldn't be. It should be design centric.
What does this mean? You draw a search button, write "the search button searches the site" in a spec file, and then the leprechauns do the hard work?
In fact, what is it that should be design-centric? The production process?
Please describe a design centric whatever-it-is and a code-centric whatever-it-is, and highlight the differences and similarities.
Proprietary Browsing: Every browser is different
The standards are open. The problem is not the proprietary nature of protocols or applications, but that the standards are not obeyed.
TLD: is US centric. Is insufficient. Is a mess.
It works. You might not like the pricing of names, or the control over the TLD namespace that the US has, but it works.
Argh. with the advent of CSS, AJAX, and Web2.0 everything is getting this creepy sameness.
What's the same across most sites that use these technologies? How were sites more different before the advent of these technologies.
--Jonas K
The way to fix it is to stop using it.
I think you only need to fix the interpipez.
Stop using SMTP: it's insecure, as men in the middle could learn the new password you've asked for. That should solve parts of the problem.
Next, since IPv4 has scaling problems, Twitter should be a role model and move to IPv6-only.
You know, he's onto something: that would make the internet much better ;)
--Jonas K
use some PGP
"Hello, my dear nephew Melvin. The last email was full of strange characters, something like nasot.56O^%#R&*^'"N%NOH. Do you think there's something wrong with my internet connection? Yours, Aunt Tillie"
-Or-
400 Bad Request
-Or-
RST
Confidentiality requires the other party to decrypt the message. And you can't cheat and send a plain-text copy to honor the legacy systems ;)
In exactly which cases did you plan to use pgp?
$ aptitude search ~sGames /dev/hda
$
$ sudo shred
I know you're just joking, but the linux gaming environment is not completely pots.
For one, you can play Blizzard's games (I know from experience that wc3, d2 and sc plus expansions all play; a friend has been running wow).
For two, there's a bunch of free FPS (Nexuiz) openarena, warsow, sauerbraten, tremulous), strategy (wesnoth, freeciv), arcade (noiz2sa and others by Kenta Cho) and role-playing (nethack) games.
And for three, you can always write your own :D
If it was publicized as kiddie porn in any way, I don't care if she's 15 or a day shy of 18.
In my eyes (I'm 25 fwiw), most persons of age 15 are not---sexually speaking---children. Young is sexy for a good reason: youth correlates well with fertility.
That said, I wouldn't go out hitting on 15-year-olds due to the large age difference; for one because of the frowns and odd stares I'd attract, for two because I think I could have a meaningful relationship with very few of them.
Let's look at it this way: most 15-year-olds wanna fuck. Most of those do. I take that to mean it's natural for them to do it. They may be naive and less-than-careful in their choice of partners and practices, but they fuck. They're ready.
Lower the bar to titless girls and falsetto boys, and I'm we might start talking.
it's as simple as this: did you think, in good faith, that she was of age?
I'd think it's a good place to ask, as an addition, what a reasonable person would think and do. (ianal, tinla).
--Jonas K
Point 1: absolutely true.
Caveat: how long does it take for the child porn consumers to put new practices into use?
Point 2: use a hash that doesn't suck. md5 was a dead horse ages ago. It's been turned to soil, and the plants that grew out of it have all died too. Use a newer hash.
Point 3: in fact, don't use a newer hash. Use several. When one gets broken, you still have the other five to rely on, so your findings are likely to be true; also, start using a new one to compensate for the death of the old one.
This scheme can work, just not for what it's used for, coming back to point 1.
Of course I haven't read the article, but one might suppose there's a hosts.txt along with the client. Whenever a new connection is made, the parties remember each other and add to the hosts.txt. There's some kind of sub-protocol that lets parties exchange peer information.
Probably some fancy math can show you that if you connect to 2, or 5, or log(n), or 1/(2^n)! random peers, you can reach everybody in your connected component with a ttl of O(f(n)) for some f, and your connected component will split with a probability of epsilon to the g(n)th.
That's kindasorta how gtk-gnutella goes about it, if memory serves.
I know this is a naive question, but how does a client find any peers to query without a centralized server to get a list from?
They query 224.0.0.1 :)
Real geeks brag about writing failed pilots!
had a solid grounding in economics
Would you mind explaining some of the background knowledge for those of us who haven't had the opportunity to familiarize ourselves with economics?
I can't give you anything back, except high-probability Informative moderation :)
--Jonas K
Reporting a security hole is not noble, it's stupid.
I can't help but wonder how much the slashdot perception of the stupidity of reporting security holes to your sysadmins is due to selective reporting.
Ever noticed all the stories that say "User thanked for quietly reporting a subsequently fixed security problem"? Not exciting.
But it happens. I've reported a security issue to root, with three user names (!= my own) that I'd found the password to and the method I used. They said it was okay and they'd changed them, and later enabled /etc/shadow.
Trying-to-balance-out-the-selective-reporting'ly yours --Jonas K
The person who reports the crime is often the first suspect or person of interest.
Which is why you do it anonymously, with cutouts from magazine headlines [oh noes, teh police can identify your cut-and-paste gluing style]. If you want to send email, use tor and a one-time account.
There, done. Next problem... Or not?
--Jonas K
Existing "virtual worlds" have two uses: gambling and sex.
Yes, but think of the possibilities, just within sex. Your avatar is not as physically limited as yourself. If not in real life, you can deliver
The Second Coming in Virtual Worlds
(Happy-to-be-distasteful'ly yours --Jonas K)
Small Vito Corleone face appears on the screen, with a speech balloon:
I'm de man around these parts. It looks like you're trying to reconfigure the Barzinis. I'mna make you an offer you can't refuse:
If you neednything, just come tode man.
While they have been unable to come up with anything compelling in terms of sequels for their major franchises.
Everytime I look, I see good things being said about LoZ Twilight Princess and SM Galaxy.
That's also my own experience: Z:TP sucked me in like a vacuum, playing it every spare moment, loving it all the way. The puzzles are just hard enough to push me without leaving me stomped for too long [nice graphics, well-composed music, same old story but with a nice twist; slightly less fun second time you play it, though].
The graphics, sound, level and boss design for SM Galaxy: awesome [I love(!!) the daredevil run of the stony guy in the circular arena]. I've got some bad things to say about controls and camera, but I may be the exception rather than the rule.
I bought and loved both, and I haven't played any of the previous games that much. Not compelling? It is subjective, but a lot of people hold a view different from yours.
--Jonas K
carbon nanotube-based color e-paper.
(With apologies to Bob Novella) we should put billions of dollars into this!
(Go to www.theskepticsguide.org for a super-awesome science podcast, with a bit of geek culture leaking through the floorboards every now and again; Bob is one of the hosts).
No it isn't!
What's the security boundary between customers based on?
Leprechauns.
They even build into the APIs current developers of their apps need to implement various features.
Let's analyze the grammar here:
Subject: They
Verb: build
Object: subsentence
Subject: developers of their apps
Verb: need
Object: current
So you're saying there's an system call that moves charged electrons around between kernel space and user space? Awesome! That's gonna' come in handy for my boolean circuit simulator.
-- Jonas K
and is now called Vuze.
Is that pronounced "vootse"? [remember the man you met on the Christmas Island]
If it's pronounced "views", it's even better. Although the collision is semantic as opposed to lexical, it does collide with Windows Vista.
--Jonas K
I, personally, would be THRILLED, if I could sit down at any broadband-connected PC in the world and get the same desktop and files that I have at home.
Run a VNC server on your box and carry around a vnc client on a usb stick.
Or: set up a http server with a password-protect area that gives you access to /. Set up ftp with anonymous write access (with /home/ftp a loopback mount of a 10-meg file), and write a simple web frontend. Set up mindterm so that you can ssh to your machine if need be. Use duct tape somewhere, just for completeness. That's what I use ;)
Or lug around your laptop everywhere you go, and use sshfs back to your file server at home.
--Jonas K
we wouldn't have a buzzword laden technique for dynamically changing the content on a web page withuot a full refresh.
The two-point-oh-ness is in the back-button-breaking communication with the server without doing a refresh. We've had javascript that could muck around with the page for some time now.
-- Jonas K
In an economy where knowledge, software, and creative work is paid for, you do have to have some legal protection for those works.
What you need is a way to incite people to add something valuable to the public domain.
Some create for their own benefit and share for the betterment of all. Some create and set free to drive up demand for a product or service they offer. But often (not always!) someone needs to pay the creator.
Say, for the sake of argument, that we all get taxed some more, and the Science and Useful Arts Council hands out contracts (i.e. money) to worthy applicants to produce a work. Upon completion, the work enters the public domain.
Let's see: creators have a chance to get paid if they're good. The work is free for all to use.
It seems like you don't have to grant exclusivity of rights for any period of time before letting works enter the public domain.
Would this model work in practice? I'm not convinced. But it hasn't been shown that the all workable models require taking away peoples' rights.
Copyright is an employment program: it's about creating jobs in music, writing, programming and others. Its current mechanism is very old, and I think it would do us all well to consider new mechanisms.
-- Jonas K
By such a scheme CowboyNeal famously calculated the highest possible prime
I've got some special pot that can make them even higher...
retrain users [...] how to support this new application ([...] train support people), then figure out how to deploy this
And none of this happens during the switch from Office 2003 to Office 2007? Poor users.
Yes, I really said "poor users". What do you mean "you're not a real sysadmin"? ;)