Slashdot Mirror


User: vux984

vux984's activity in the archive.

Stories
0
Comments
10,772
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,772

  1. Why bother, seriously? Why? on Working With 2 ISPs For Home Networking? · · Score: 4, Informative

    Seriously? Is your network infrastructure -that- unreliable that its actually worth *doubling* your costs for redundancy?

    I have had maybe 10-15 hours of internet-only downtime in the last 8 years. Of that, maybe 4 hours affected me (ie I was awake and wanted to use the internet). I've had another 10-15 hours of power fail in the last 8 years, and even with backup power the internet was still down (routers, switches, etc in the upstream path weren't on backup power so keeping my 'modem' up isn't worth beans.

    In any case, I can see a lot of situations where it would be worth another $2500 over that period to have had internet access for those couple hours.

    If I were running servers (and I am), it might be worth it, but in practice its not worth the trouble. round-robin DNS just means every odd connection attempt fails if one of the links is down, and dynamic dns updates to take the downed link out of rotation would be great except most internet outages are over before dns updates are likely to propogate. So its just not effective.

    If I wanted -faster- downloads, that might be worth 2 connections, but that's not what you claimed your objective was. And even then, it usually won't make a specific download faster, but will rather let you do 2 at once at full speed (in the case of a large http or download for example which only uses one connection) which may or may not be what you need. Torrents, using multiple connections, will of course benefit from the extra bandwidth capacity.

    If you SERIOUSLY want redundancy, you might want to look at a router that can fail-over to dialup. That will actually stand of chance of being available during a power failure, and might not cost you extra in terms of service, since many ISPs give you some free dialup hours as part of your broadband. And the dialup infrastructure is often separate enough from the adsl/cable infrastructure that you'll be able to connect on dialup while adsl/cable is down.

  2. Re:When on /. did QoS become "gagging the Internet on Another Inventor of the Internet Wants To Gag It · · Score: 1

    Yes and you pay fort that elevated service. That's not the idea of packet shaping. Under their scheme, you pay the same amount for access and THEY decide which traffic (letter content in my analogy) is most important.

    'content' is a tricky word. They are looking at the packets and traffic patterns to categorize their 'application', not to derive meaning from their payload.

    In post office terms that would be akin to a world where we all dumped all of our mail at the post office in identical envelopes and they tried to separate out the first class mail from the periodicals by looking inside, and by looking at how many you dropped off and where they are going. They want to know if its a letter or a magazine in the envelope, they don't want to actually read either. Naturally if its encrypted they =can't= read it, but based on volume and flow patterns they can still reasonably accurately gauge application.

    Ideally, you could just stamp the envelope with its classification, and then they wouldn't have to open them to figure it out. The trouble with that, as I said previously, is that in a system where its all the same price, everyone will just stamp 'express maximum priority' on all their mail.

    So the ISP has a choice, they can continue to transmit all your mail at one rate, but you submit to letting them categorize it as best they can. Or you pay extra for priority traffic and they no longer need to look at it. If you want to send bulk mail priority, and your willing to pay for it, that's your prerogative.

    Which do you prefer?

  3. Re:When on /. did QoS become "gagging the Internet on Another Inventor of the Internet Wants To Gag It · · Score: 2, Insightful

    Do you want a postal service to decide how quickly to deliver letters based on their content?
    I don't know about you, but that's absolutely horrifying.

    Actually virtually all letters you send are a single application of 'first class mail'.

    Read up on the postal service, you might be surpised that in addition to first class mail, there are several other classes. In the US there is first class, periodicals, standard mail, bulk mail, parcel post, media mail (book rate), priority mail, registered mail, express mail, postal money orders, and a variety of other services and options.

    Different 'applications' have different rates, delivery time gaurantees, etc.

    Right now, ISPs are starting to do the same thing.

    Interestingly, by not charging a differential rate, but still sorting by application they are creating a problem for themselves, if they prioritize voip and de-prioritize p2p, the p2p people are going to try and have their p2p masquerade as voip. And we already see this happening...this is the game of cat-mouse we are currently dealing with, and its only going to get worse. And if bitcomet or whatever figures out a way of dodging the latest ISP throttle by having their traffic look like voip and gets the highest download speeds the p2p crowd will jump all over it to the detriment of everyone involved.

    QoS can't work if the ISPs apply it, but don't charge for it. Misbehaved applications/users/developers will try to get their traffic into a higher QoS class and use its performance advantage as a competitive advantage.

    The solution to the problem is in fact to charge different rates for different service classes. voip will be more expensive than http/pop/imap/smtp/im, which in turn will be more expensive than ftp/p2p. Voip will get through faster and at higher priority, http/pop/imap/smtp/im/irc will be a level below that, and then bulk p2p/ftp/streaming hidef video/etc will fill up the rest of pipe. Ideally rather than have the ISP choose the QoS level, applictions can choose their own.

    So SSL users should be able to pick what QoS level to use -- so if they are using p2p they can choose bulk to keep costs down, or choose real-time if they are doing voice communications.

  4. Re:When on /. did QoS become "gagging the Internet on Another Inventor of the Internet Wants To Gag It · · Score: 1

    How can you tell if someone is using a secure SSL connection for work related purposes (Email, large file transfers, terminal services) and someone that is using SSL for bit torrent?

    Volume of traffic alone is enough for most, and really if they throttle large file transfers in addition to p2p, that's hardly a bad thing.

    And how can you tell the difference between someone downloading the latest torrent of a Linus or BSD distro for their company server for his work and say someone downloading movies?

    You can't; but that isn't important. The point of throttling large file transfers and p2p and so on is to ensure that other more time-sensitive stuff gets through on time. If your legal p2p distro takes an extra minute or two to download to ensure a bunch of voip calls don't get scrambed, that is a perfectly reasonable allocation of the isp's resources.

    And if you can't, why would you take away preference to people not legitimately using P2P even and give it to those who quite possibly are illegally downloading using some old fashion method like FTP?

    What makes you think preference would be given to large file transfers over ftp?

    I'm just saying... If encrypted properly, you can't tell what people are downloading unless you are seeding. So they only solution would be to punish everyone regardless of its legitimacy.

    Its not 'punishment'. To use a car metaphor. Its the equivalent polite traffic, regular cars and trucks pulling over to the side of the road to let emergency vehicles by, and gigantic slow moving tractor trailers moving someones house pulling over to let regular cars by when they get piled up behind it.

    Its only 'punishment' if they get blocked entirely, or throttled back far more than is required for the higher priority traffic to get through.

    So like anything it can be used for evil, but its not inherently evil, and it even has some perfectly good uses.

  5. Re:So let me get this straight... on WTF? NC Offers to Replace 10,000 License Plates · · Score: 1


    Ten, fifteen years ago, no one would have been offended by WTF...

    You say that like its a fact or something. Take a look at this link... a little down the page it shows all the three letter combos that were banned in 1979, that would be what, 29 years ago...

    http://www.calpl8s.com/cpinfo.html

    Everything from ape to yep have been 'banned' for 30+ years. Sort of puts the whole wtf thing into perspective.

  6. Re:So let me get this straight... on WTF? NC Offers to Replace 10,000 License Plates · · Score: 1

    I have a sinking suspicion that said "little old lady" will get very upset at others who have elected to NOT exchange their WTF plates. It's really just intolerance no matter what.

    There is a big difference between being offended by what other people have on -their- cars and being offended by the what you are obligated to stick on YOUR car.

    Keep your perspective. Your are right, she probably is routinely offended by what she sees and hears from other peoples vehicles, and she'll just have to deal with that. But I fully support her desire not to have to affix something that is reasonably interpreted as offensive or vulgar on her own car.

    So a voluntary exchange is appropriate, while a recall wouldn't be. Seeing as that's what they've done, I have no real complaint.

    Besides, this is the list of 3 letters not in rotation (as of 2002) in California, for example. As you can see, there's a LOT of stuff on it. I couldn't even guess as to why some of them are on the list. It looks like the threshold for getting on the list is pretty low. So does it really matter if WTF is on the list now too?

    -sigh- The lameness filter prevents me from including the list...

    so... here's a link: http://www.calpl8s.com/cpinfo.html

    I mean, seriously, vux? usb? fan?

  7. Re:Among others on Supreme Court Holds Right to Bear Arms Applies to Individuals · · Score: 1

    Huge holes. Like, say, the idea that there should be just two political parties.

    That's not actually that big of a deal, Canada has 3-4 major parties but is essentially structured as the 'party in power' and the 'opposition party' in a number of areas. The party in power is the party that won the most seats in an election while the opposition party is the party that won the 2nd most seats in an election.

    The additional parties hold their seats, can introduce and vote on bills etc, but have a reduced role compared to the official opposition party.

    So my proposal, which presumes the involvement of two parties, can work in a situation with 3 or more. In this case the two parties would be the presidents party and the largest party that isn't the presidents.

    Alternatively you could prorate the vetoes between the various parties.

  8. Re:So let me get this straight... on WTF? NC Offers to Replace 10,000 License Plates · · Score: 5, Insightful

    They are offering to exchange them to any owner who is offended, they aren't recalling them.

    In the big scheme of things, I think this will be like hot coffee... where only a tiny tiny fraction ever come forward and get an exchange.

    Lots of 3 letter combos aren't issued, wtf got added to the list, and anyone who currently has it can have it exchanged without having to pay the usual fees for new plates.

    This is a non-issue.

  9. A couple ideas... on Can Any Router Guarantee Bandwidth For VoIP? · · Score: 1

    I have used my Linksys (not a WRT54G, so 'upgrading' it to Linux probably won't work) router's QoS feature to assign high priority to the MAC address of the Vonage box, low priority to the BitTorrent box, and medium quality to everything else,

    Check for firmware updates for your router. Consider purchasing a new router. At most it will help a bit.

    which helps a little, but not enough.

    As you've noticed, evidently.

    Is there a router out there that would allow me to reserve, say, 75-90kbps of bandwidth off the top for VOIP and never, ever allow any application to use that, regardless of whether there's a VOIP call going on at the moment or not?"

    Well, first off that would be a pretty stupid waste of capacity. And secondly, no, if the packets are flooding in from the outside, even if your router is rejecting them, they are still flooding in saturating the pipe.

    There are 2 things you can do:

    1) Throttle down your bittorrent at your end, to limit its download rate. That will keep peers from saturating your incoming link.

    2a) Contact your ISP and see if they offer QoS service, which means they will prioritize your VOIP packets through their network, and their routers.

    Shaw in Canada for example offers it for $10/mo

    http://www.shaw.ca/en-ca/ProductsServices/Internet/Internet+Explained/QoSVoIP.htm

    In theory this is the best solution. In practice, its somewhat controversial.

    Some have alleged shaw and other ISPs deliberately manipulate competitors voip traffic to promote its own voip offering. While this is possible, in my experience that isn't the case at all [at least with shaw].

    Others allege that its a 'scam' to let shaw squeeze more money out of people and has no effect. But to counter that I have heard of cases where people have found QoS made a big difference.

    Still others claim that QoS should be free and automatically applied to real-time apps like voip, video chat, etc and refuse to pay for it. But that's a separate economics issue.

    In my case (on Shaw) I use primus voip and have no trouble, except when torrenting, but throttling my torrents seems to generally resolve the issue, and I've never tried their QoS service. I also mostly torrent at night.

  10. So where can I reserve some TLDs? on ICANN Board Approves Wide Expansion of TLDs · · Score: 1

    I want google, apple, microsoft, dell, toshiba, ibm, sun, cocacola, kraft, xxx, java, porsche, ferrari, and slashdot, for starters. More to come shortly.

  11. Re:Among others on Supreme Court Holds Right to Bear Arms Applies to Individuals · · Score: 1

    So who do you think should appoint the SCOTUS justices, if not the President? I have mixed feelings about that myself, but I think it worked better in the past than it has in the past couple decades.

    I didn't suggest a solution there, because I really don't know. I agree that in the past appointments seemed less politically charged than they do now.

    And I think the solution lies somewhere in the direction you are contemplating.

    Now that I've given it more thought, I think it should approximate jury selection. Create a pool of eligible candidates (perhaps nominated by state governors), and then submit them to a voir dire like process where both sides can question them, veto some of them, giving more vetoes to the party NOT in power, and then from the pool that's left, let the president choose a candidate for senate approval...

    I'd give the party not in power more vetoes in exchange for letting the president choose a candidate from the remaining pool.

    So we have 50 states; that's 50 nominations, give the party in power 16 vetoes and the opposition 24 vetoes, and that leaves 10 people for the president to choose from. Odds are he'll be relatively moderate.

    That's just a first blush, I'm sure its got some big holes still.

  12. Re:Photos? You mean people use FB for photos too? on How Facebook Stores Billions of Photos · · Score: 2, Interesting

    I haven't used my ISP's mail since I lived on campus back in college. Before I got there, I did not use my dialup ISP's email service. Two reasons: a) email address lock-in; b) the interface sucks.

    re: a - the same applies gmail or any other provider.
    re: b - there was likely no 'gmail' when you were 'back in college on your dialup isp', and most people used standalone clients, many still have little need for webmail.

    Nowadays I've solved the lock-in problem by paying for a domain

    makes sense.

    and the sucky interface problem by having my MX records send all mail to a gmail account, The free-to-join, invasive, ad-supported gmail service works way better than any webmail, IMAP, or POP3 client I've found.

    To each their own.

    Personally I run a Linux server, with Scalix community edition, works great with my smart phone (push email support, address book sync, etc), has an excellent webmail client for the odd time I need one, and I mostly access my mail via Thunderbird. It works way better than any other solution I've found has no privacy implications, is ad free, and it meets my needs and principles better than anything else, including gmail.

    The cool thing about it though is that I can still send you a message without signing up for a gmail account. YOU can agree to their terms, and I can stand by mine, and we can still interact, exchange messages,

    Lock-in? Hardly. I'm also on MySpace. I also use email. I also use IM -- Pidgin, so I don't get locked in to a specific IM service. I also use usenet, web forums, feedback forms, web chat, on and on. Different tools for different tasks. Facebook excels at the task of clustering my friends and exposing information about them.

    You don't know what lock in is then.

    I don't have or want a facebook account. If all your friends had accounts at different social networking sites, how well would facebook excel at 'clustering your friends and exposing information about them'?

    It wouldn't.

    The only way facebook excels if everyone has a facebook account and agrees to facebooks terms of service.
    The only way email excels is if everyone has an email account. The difference is that we can get an email account on any service we like, or even host our own, and it makes no nevermind. No matter where I get my email account you can send it messages.

    While my refusal to submit to facebook means that I am excluded from that entirely because it won't interoperate with any other site. I know people with multiple accounts on multiple social networking sites, not because they have any desire to do so, but because each site gives them access to different groups of friends they can't access from the other site. THAT is the effect of LOCK-IN. I only need one email account to send to any other email provider. I might have multiple if I have a desire for multiple, but I don't need multiple.

    My information costs me nothing to give away. My money costs me money to give away. I'd rather pay for services using a currency that copies on write than one with a 1:1 opportunity cost. Not that I share everything, obviously. Some information will cost to give away - my SSN for example. But most everything about me - my relationship status, my mood, my hobbies - I gain value by giving this information freely.

    That's fine. To each their own. I however have little interest in submitting to facebooks terms of service. I publish what I want people to see on my websites. I'd be happy to integrate with facebook to the extent of letting people include me, message me, etc from their facebook account. But I don't want an account with facebook myself. But facebook is a closed system.

    IM is a service that started with ridiculous lock-in and closed standards. I still used it then. Eventually a service will arise to tie together your Facebook and Myspace networks just like Trillian or Pidgin did for IM.

    Trillian or Pidgin just lets you access your multiple accounts from a single applic

  13. Re:Among others on Supreme Court Holds Right to Bear Arms Applies to Individuals · · Score: 2, Insightful

    You're kidding, right? It's almost the exact opposite of the Habeus Corpus decision. The only justice to join with the majority in both cases is Kennedy. The other justices vote along strict idealogical lines when it comes to these kinds of decisions.

    So the GP was right, it sounds like 8 of 9 justices need to be cleaned out.

    Kennedy didn't join with the majority in both cases, Kennedy *DECIDED* both cases, as his vote decides which ideology gets the majority. We're lucky there is an apparent balance right now, but if we had just one more 'strict ideological justice' EVERY decision would fall according to that ideology, not the constitution.

    I greatly admire the supreme courts role in checks and balances. I've never thought it should be done by presidential appointment though. A few justices retire in the wrong administration and that's the end of any balance for decades.

  14. Re:Use debian? on Does an Open Java Really Matter? · · Score: 1


    That is a good point. LAMP became a one-checkbox install because it's FOSS. LAMJ could easily have been. Except it's not a very catchy acronym.

    Probably be something like LJAM (el jam)

  15. Re:Photos? You mean people use FB for photos too? on How Facebook Stores Billions of Photos · · Score: 2, Interesting

    Sure, that's a nice idea. But of course then you're paying for it, and most likely so must all your friends and family if they want to share its best features with you.

    Lets see, my ISP offers 'free' email, pop3, imap, and webmail access. They offer 'free' access to a reasonable number of usenet groups, and offer a small and fairly limited but entirely usable web hosting package, with tools to make it easy to setup multiple small websites, upload and share photos, and so on.

    Is it really 'free'? Of course not, its bundled in with my internet access so I'm paying for it. And while I have no gaurantee that my ISP isn't reading my email, and processing my hosted content, that isn't their business model, and they aren't pasting adds up in my site or in my email.

    I think a social network built on that model would not grow large. It might fill a niche, but it would have nowhere near the utility of a free-to-join network that promotes sharing information.

    You mean the model email and usenet and the web itself were built on couldn't reach the critical mass of users to be really interesting and useful? Give me a break.

    What makes a social networking site really great can't happen unless there are a lot of people using it.

    Sounds a lot like email, and that's worked out just fine.

    Lots of people using it. In fact, I can send messages to people at work, coordinate meetings, organize outings, exchange messages with friends, even grandparents. Some of them use ad-supported hosted services, some of them use paid services, some of them host their own services, all seamlessly interconnecting.

    Consider an acquaintance of mine, a person I met several years ago...

    I'm not arguing -against- social netorking. I'm arguing against accepting facebook lock-in, becoming a product, and selling your information in exchange for a features.

    Its a fallacy that the only way we can have services like social networking or instant messaging is via accepting ridiculous lock-in, and closed standards.

    Next thing you'll be telling me there is no way to create a modern fully featured multi-user operating system and application suites that could be downloaded and used for free without either paying exorbitant prices for licensing or signing all your rights to the data on your PC away.

    Oh wait... ;p

  16. Re:Web surfing drivers...just what we need on Chrysler To Offer Wireless Internet In 2009 Models · · Score: 1

    Unless that impact happens to be up your ass. I'm pretty sure you'd notice that.

    My point was actually that we should really be banning all those other harmful and widespread activities instead of singling out this relatively new, and for the next few years at least, nearly insignificant one.

  17. Re:What's the difference? on How to Save Mac OS X From Malware · · Score: 1

    Trouble is that home users are already administrators, who can add users to a machine. So why can't they add drivers for homemade devices to a machine?

    They should be able to do so. They should be able to sign drivers and then add them. Just like they can add a user.

    And just like adding a user, they would never be prompted to automatically do this simply because they entered a random userid/password into the login.

    That's my point. You have to go through the process of adding a user if you want to add a user; you should similiarly have to go through the process of signing code.

  18. Re:May I be the first to say on Children Concerned By Parents' Web Habits · · Score: 1

    There has been only 1 study that looked at kids weight and TV,
    Having them go outside had no effect on weight gain.

    Did the study also take a bunch of kids that did spend a lot of time outside and redirect them to sit in front of the TV instead?

    A child can be outside and not burn calories.

    While a child vegging in front of the TV is guaranteed not burn any.

    That said I don't dispute your point, moving a couch potato out onto a deck chair isn't much of an improvement. But its clear that I intended for the child be sent outside to be -active-.

    Also, it's about the experience, not how it is delivered. I would much rather have my child watching Nova then playing football.

    Overall the amount of quality programming on TV is dismal while football is at least consistently good exercise.

  19. Re:Web surfing drivers...just what we need on Chrysler To Offer Wireless Internet In 2009 Models · · Score: 5, Funny

    Considering the amount of shaving, texting, make-up applying, eating, and calling that already goes on in vehicles during rush hour, I'm not sure this feature should even be legal.

    Considering the amount of shaving, texting, make-up applying, eating, and calling that already goes on in vehicles during rush hour, I'm not sure anyone will notice the additional impact of this feature.

  20. Re:May I be the first to say on Children Concerned By Parents' Web Habits · · Score: 1

    While I do commend you for pouncing on my typo (it's a typo, honest, I know how to spell - my finger just slipped),

    probably sweaty fingers! go play with your kid!! ;)

    I really think that that a kid who's been playing outside would be more likely to be called sweaty than one who's vegging out in front of the TV.

    Yeah, while actually or immediately after playing outside, sure. But if its reached the point you've endearingly nicknamed your child 'sweaty', that's suggestive that even while vegging out in front of the TV the sweat is dripping off her forehead.

    [Nothing personal of course, I just couldn't resist... just the irony in the image your typo conjured up, that of a parent sending an obsese sweaty child called 'seaty' to go watch TV just completely cracked me up.]

  21. Re:May I be the first to say on Children Concerned By Parents' Web Habits · · Score: 4, Funny

    I'll be off the computer in a minute sweaty, go watch TV.

    Maybe you should send your kid outside to play instead of sitting on her fat ass watching TV.
    Then maybe one day you'll call her 'sweety' instead of 'sweaty'. :)

  22. Re:Photos? You mean people use FB for photos too? on How Facebook Stores Billions of Photos · · Score: 1

    I totally agree with you about how having friends on facebook is highly offensive and joining it will lead to identity theft and involuntary permanent incarceration in guantanamo bay.

    Not all of us are willing to 'join free services' that exist for the sole purpose of collecting our information, profiling us, and selling us to advertisers in exchange for stupid web shinys. I don't have a gmail account either for the same reason. Google collects enough data on me against my will, without me handing it to them on a silver platter.

    My neighbour tried to give facebook fake details, and mark zuckerberg showed up and stabbed him in the eye.

    The terms of service explicitly forbid giving fake details.

    Firstly, while I'm sure Zuckerberg doesn't have time to personally stab everyone in the eye, that really isn't the point. If one can't in good conscience agree to the terms of service of a site or service, one shouldn't use that service. So I don't.

    Secondly, even a facebook account with fake details would be pretty trivial to unmask simply by virtue of its location within the social network. There is no real anonymity unless I refuse to associate with my real friends and family, which rather defeats the use.

    I would consider a social networking product if one existed where I was the customer not the product.

  23. Re:Photos? You mean people use FB for photos too? on How Facebook Stores Billions of Photos · · Score: 4, Insightful

    If you used the service, you'd know that Facebook privacy settings are actually implemented very well.

    Given that I can't look at my sisters photos without signing up for an account I'd say her privacy is being 'protected' solely to induce all her friends and siblings to sacrifice theirs by joining facebook.

    I set up an account for my mother so she can look at all her siblings photos.

    You don't need facebook for that.

    and is really enjoying the ability to communicate with everyone.

    or that.

    But unlike AOL, Facebook is just a web page. There's no lock in - its more of a resource provider than a service provider.

    How exactly is requiring me to create and login to a facebook account to view content someone else wants me to be able to see not lockin?

    That's like requiring me to create a gmail account to receive email from people with gmail accounts. Or requiring me to sign up to AOL to see websites hosted by AOL. Facebook is pretty much the definition of lock-in.

  24. Re:Society is not an OS X vulnerability on Two Trojans For Mac OS X · · Score: 1

    On the basis that as a good administrator you are already backing up user files regularly, then you restrict any damage to "just" those files meaning that you still will have a core working system to restore back onto.

    1) The average PC doesn't have a good administrator.

    2) The real damage malware will do to a user has nothing to do with damaging files, its related to identity theft and data theft. Backups don't get you very far here.

    3) If you are doing proper backups, then a full system restore really isn't that much more work than a single profile restore. Its slightly more time consuming, but the average user doesn't really care.

    Please go read an appropriate book - this really is "standard" sysadmin stuff.

    So is the fact that most malware can do most of what it wants to do even if its confined to the user profile, so trumpeting about Linux/OSX's superior security model is almost irrelevant.

    Yet here we are...

  25. Re:Society is not an OS X vulnerability on Two Trojans For Mac OS X · · Score: 1

    I don't know OS X at all but if most people log in with administrator or root permissions like they do in Windows,

    1) Windows XP and previous default to administrator accounts. Windows Vista is more like Ubuntu, except it prompts you more often (mostly because tons of old XP and earlier software tries do things it really shouldn't need to do). There is a good REASON MS is trying to kill off XP.

    2) OS X is like Vista and Ubuntu.

    then it's a problem because the Trojan can do it's dirty work all over your system - otherwise it can just damage the same stuff that the user has write permissions to.

    'just' the stuff the user has write permissions? So, like, all his personal files, financial data, work data, email, pictures, compositions, contact list, his application preferences, and his personal start up tasks.

    Whew, good thing its restricted to 'just' that.