Are you saying that when the current US Administration used the IRS to target groups it disagreed with politically, that that was "The will of the People?"
That it was "The will of the People" for the US Administration to send 2000 guns to Mexican drug lords?
The People can influence some policies of Government, but our power has become rather limited over the years.
Watermarking can be considered in addition to "secure document" techniques, such as password-protected PDF files. While technology cannot prevent piracy (and just as a printed magazine can be photocopied or scanned and shared), technology can remind users to behave. If each copy can be traced to the original user, those users should be disincented from piracy. Finding a balance between security and usability may be a more difficult issue to resolve.
Other citations? Care to cite any? I have seen nothing suggesting this was an "automated, routine request". If you have more information, please share.
It might help to understand that Mr. Volpe, a candidate for the leadership of the Liberal Party, accepted donations in the maximum amount allowable by law from 11-year-old kids. Details are available from Elections Canada. Current law in Canada does not permit election contributions to be given on behalf of someone else, so we can safely conclude that this was the kids' own money and not a company or parental donation in the kids' names.
Volpe's acceptance of these contributions was widely mocked and derided. The website cited in this thread was launched, and got a fair bit of coverage online.
Mr. Volpe subsequently decided to return the donations given by these kids. At about the same time, the website above had its DNS record SUSPD for one of many reasons (the Canadian Internet Registration Authority, CIRA cited a different reason in a press release (failure to provide valid Canadian contact information, as required by CIRA rules for a ".ca" domain) than that apparently given to the domain registrant (disrepute).
The interesting questions I find are (1) how influential were Volpe's minions in getting this site quashed, given that he was a member of the former Liberal government and CIRA operates under the authority of the Canadian Governmental department Industry Canada, and (2) what due process rights does any (".ca") domain owner have, given the speed with which this process executed (especially in light of all the legal expertise which is present on CIRA's board of directors, apparently not even bothering to ask for any court order or proper investigation against this site).
Except that there is basically no reason to believe that this DNS record was SUSPD because of residency concerns. There were three contact methods listed: email, telephone, and regular mail. The fastest of the three (email) apparently was successful, according to transcripts cited on the stephentaylor.ca site.
And as we note that the registrant had to contact the registrar to find out what happened would suggest that the registrar didn't even try to verify the validity of this registration but acted on other motivation than they are citing either to CIRA or to the contracting party (i.e. the registrant).
If you had bothered to look more closely, you would have noted that the "submit" button was basically inoperative. The site was a joke, and if you were foolish enough to type in your credit card number (or rather, your mommy's or your daddy's), it wouldn't have gone anywhere unless you also had a keyboard sniffer reporting your every move.
Knoppmyth is a great starting point, but it tends to dedicate your machine to the purpose.
Geeks should aim for MythTV on, say, a dual-head Debian system (e.g. full Debian; Knoppmyth is Debian-derived), providing "alt-tab" access to the desktop as well as the full set of mythplugins for the entertainment centre / Home Theatre projector (and "normal" desktop access on the other monitor for office applications). Drop the chassis in a back room and use an infrared repeater for the Remote (and the Keyboard and Mouse) to control all the components.
Broadcast video with PVR capability. Show a slideshow. Play DVDs. Select the Jukebox. Show Multimedia customer presentations (e.g. PPT or PDF files). Browse online content. Newsreader. Mail client. SIP Phone. Home automation. And More, if one so chooses.
It doesn't work. But lots of folks will claim that it does, or that it can, because lots of folks want to make money. And you can't make money claiming it doesn't work.
Plenty of folks have already suggested there are simply technical barriers to its success. Others have suggested legal barriers, or social barriers.
But the simple fact is that once you have enough data available, you can "mine" any result you want! Datamining is not about letting the data lead you to certain conclusions. It's all about trying to find things in the data that "hidden" - things that really aren't there when the data are properly analyzed.
It's akin to proving that lotteries aren't random, because some numbers come up more frequently than others. Or that a coin flip isn't random because 100 flips doesn't result in exactly 50 "heads".
Datamining is, generally, bunk science. (It should not, however, be confused with proper data analysis techiques, which are extremely useful and popular even today.)
I'd love to see the gTLDs reduced to just that: Generics.
You want to register ".ford" or ".honda"? Go for it. You're responsible for hosting your DNS servers, and participating in the root. Technically, it's not very pretty, since root becomes as crowded as, say, ".com" is today. But why should one commercial entity get to profit from buying the ".xxx" domain and selling its subdomains? At least if the root is open, everybody else gets to compete with their own TLD. And ICANN can auction off "challenged" or popular domains. (Intellectual Property and Trademark rights to a domain name would still apply, so auctions would only occur among entities with a legal right to the name.)
To be sure, the ccTLDs are already allocated, and there could be conflicts with two-letter domains and new countries (so perhaps.gm would be reserved for a ccTLD).
In the meantime, there is no reason for a ".xxx" domain.
When Amazon lets me pay for the storage, and have other registered users pay the bandwidth charges (plus my profit) to access my content, then they'll have an interesting business. Unless Google beats them to it.
As it is, online remote storage with ongoing upload, download, and storage fees hardly seems interesting.
So according to your theory, if Ubuntu simply updated their documentation and called this a feature, rather than fixing their code, this would be perfectly okay.
No. A security vulnerability giving a "regular" user full access to a machine is a security vulnerability no matter what the OS.
I'd put the emphasis on #2: that in order to exploit the vulnerability, you need some access to the machine.
Physical access will usually let you do nasty things on any machine. For example, reboot from a "live" CD, mount the existing drive as r/w, rewrite/etc/passwd to your liking, and do your damage. The message should always be that physical access leads to full unsecure access.
If you already have login privileges, you can already do a lot of damage to most systems, even if you don't have root permission. This doesn't diminish the seriousness of this problem, but it should keep it in context.
"No modern OS sets up an unpassworded root account by default, especially on a multiuser system. And if they did, there would be no expectation of security. Here, there is the expectation of security, and it is violated."
I'd tend to agree that WinXP isn't a "modern OS" but its large installed base and recent release date makes a strong counterargument. It's quite easy to set up XP with no password on any account, even one with "Admin" ("root") privileges.
As for this grave installer bug: does Breezy have any "default" userids which are viable for logins? Or does one have to know a userid/password combination in order to gain access to the system, in order to compromise it?
"It took many years for DVD catalogs to reach their current levels, and there are a number of titles that are still not available in DVD format."
A typical cinematic release flickers by at 24 frames per second (fps). Your typical television image runs 29.97 fps. Once the format conversions are done to adjust for frame rates, and widescreen versus pan-and-scan, the conversion of the content from DVD format to Blu-Ray or HD-DVD format is a pretty mechanical process.
But there is no reason to believe DVD will ever "die": CDs aren't dead, just limited in their capacity. For the forseeable future, some devices will be able to handle CDs. Others will be able to handle CDs and DVDs (DVDs using a different laser). Still others will be able to handle those two formats plus add a third laser (more towards the "blue" end of the spectrum) to handle either Blu-Ray or HD-DVD.
Only when the costs of an older technology exceed the costs of a more advanced technology (or the featureset is dramatically changed) will the older technology finally be abandoned by the masses.
We've had TV on cell phones in Canada for a couple months now, both from Bell Canada (Bell Mobility) and from Telus. No idea what the uptake rate has been, but the ads have certainly been pushing it.
If the test system was set up with one Pentium, and one Opteron Dual Core, the test wouldn't have fared any better (if only because it would have demanded motherboard support) but the system might make more sense to some.
The problem revealed in spades by the test is that similar processors are still different in significant ways, and that scheduling tasks in such an environment is a Difficult Thing to Do. (You want to allocate tasks to the processor best at handling that task, but under current programming approaches, certain other (processor) environmental data may have been collected (perhaps randomly) which biases that choice.)
I keep thinking my GPU is a separate - and very different - processor, but since it's not in the same scheduling environment, it doesn't... umm... "count".
The question, though, IMHO, is not whether 3 is better than 2, but whether addressing these scheduler limitations (to allow dissimilar processors within one scheduling environment) is a worthwhile task for computer scientists... or whether it should be addressed by the hardware folks (e.g. put three single-core Opterons on a board to get back to identical environments).
Slashdot Mirror
Are you saying that when the current US Administration used the IRS to target groups it disagreed with politically, that that was "The will of the People?" That it was "The will of the People" for the US Administration to send 2000 guns to Mexican drug lords? The People can influence some policies of Government, but our power has become rather limited over the years.
Watermarking can be considered in addition to "secure document" techniques, such as password-protected PDF files. While technology cannot prevent piracy (and just as a printed magazine can be photocopied or scanned and shared), technology can remind users to behave. If each copy can be traced to the original user, those users should be disincented from piracy. Finding a balance between security and usability may be a more difficult issue to resolve.
Other citations? Care to cite any? I have seen nothing suggesting this was an "automated, routine request". If you have more information, please share.
Volpe's acceptance of these contributions was widely mocked and derided. The website cited in this thread was launched, and got a fair bit of coverage online.
Mr. Volpe subsequently decided to return the donations given by these kids. At about the same time, the website above had its DNS record SUSPD for one of many reasons (the Canadian Internet Registration Authority, CIRA cited a different reason in a press release (failure to provide valid Canadian contact information, as required by CIRA rules for a ".ca" domain) than that apparently given to the domain registrant (disrepute).
The interesting questions I find are (1) how influential were Volpe's minions in getting this site quashed, given that he was a member of the former Liberal government and CIRA operates under the authority of the Canadian Governmental department Industry Canada, and (2) what due process rights does any (".ca") domain owner have, given the speed with which this process executed (especially in light of all the legal expertise which is present on CIRA's board of directors, apparently not even bothering to ask for any court order or proper investigation against this site).
And as we note that the registrant had to contact the registrar to find out what happened would suggest that the registrar didn't even try to verify the validity of this registration but acted on other motivation than they are citing either to CIRA or to the contracting party (i.e. the registrant).
If you had bothered to look more closely, you would have noted that the "submit" button was basically inoperative. The site was a joke, and if you were foolish enough to type in your credit card number (or rather, your mommy's or your daddy's), it wouldn't have gone anywhere unless you also had a keyboard sniffer reporting your every move.
Geeks should aim for MythTV on, say, a dual-head Debian system (e.g. full Debian; Knoppmyth is Debian-derived), providing "alt-tab" access to the desktop as well as the full set of mythplugins for the entertainment centre / Home Theatre projector (and "normal" desktop access on the other monitor for office applications). Drop the chassis in a back room and use an infrared repeater for the Remote (and the Keyboard and Mouse) to control all the components.
Broadcast video with PVR capability. Show a slideshow. Play DVDs. Select the Jukebox. Show Multimedia customer presentations (e.g. PPT or PDF files). Browse online content. Newsreader. Mail client. SIP Phone. Home automation. And More, if one so chooses.
Plenty of folks have already suggested there are simply technical barriers to its success. Others have suggested legal barriers, or social barriers.
But the simple fact is that once you have enough data available, you can "mine" any result you want! Datamining is not about letting the data lead you to certain conclusions. It's all about trying to find things in the data that "hidden" - things that really aren't there when the data are properly analyzed.
It's akin to proving that lotteries aren't random, because some numbers come up more frequently than others. Or that a coin flip isn't random because 100 flips doesn't result in exactly 50 "heads".
Datamining is, generally, bunk science. (It should not, however, be confused with proper data analysis techiques, which are extremely useful and popular even today.)
You want to register ".ford" or ".honda"? Go for it. You're responsible for hosting your DNS servers, and participating in the root. Technically, it's not very pretty, since root becomes as crowded as, say, ".com" is today. But why should one commercial entity get to profit from buying the ".xxx" domain and selling its subdomains? At least if the root is open, everybody else gets to compete with their own TLD. And ICANN can auction off "challenged" or popular domains. (Intellectual Property and Trademark rights to a domain name would still apply, so auctions would only occur among entities with a legal right to the name.)
To be sure, the ccTLDs are already allocated, and there could be conflicts with two-letter domains and new countries (so perhaps .gm would be reserved for a ccTLD).
In the meantime, there is no reason for a ".xxx" domain.
As it is, online remote storage with ongoing upload, download, and storage fees hardly seems interesting.
No. A security vulnerability giving a "regular" user full access to a machine is a security vulnerability no matter what the OS.
Most distros make it difficult, not easy, to set up Linux without a root password.
Google really is a useful thing. The tool you want is called "update-alternatives". See the comment about Azureus here: http://www.paulstamatiou.com/2005/10/24/how-to-ubu ntu-linux-for-novices/
Physical access will usually let you do nasty things on any machine. For example, reboot from a "live" CD, mount the existing drive as r/w, rewrite /etc/passwd to your liking, and do your damage. The message should always be that physical access leads to full unsecure access.
If you already have login privileges, you can already do a lot of damage to most systems, even if you don't have root permission. This doesn't diminish the seriousness of this problem, but it should keep it in context.
I'd tend to agree that WinXP isn't a "modern OS" but its large installed base and recent release date makes a strong counterargument. It's quite easy to set up XP with no password on any account, even one with "Admin" ("root") privileges. As for this grave installer bug: does Breezy have any "default" userids which are viable for logins? Or does one have to know a userid/password combination in order to gain access to the system, in order to compromise it?
"It took many years for DVD catalogs to reach their current levels, and there are a number of titles that are still not available in DVD format." A typical cinematic release flickers by at 24 frames per second (fps). Your typical television image runs 29.97 fps. Once the format conversions are done to adjust for frame rates, and widescreen versus pan-and-scan, the conversion of the content from DVD format to Blu-Ray or HD-DVD format is a pretty mechanical process. But there is no reason to believe DVD will ever "die": CDs aren't dead, just limited in their capacity. For the forseeable future, some devices will be able to handle CDs. Others will be able to handle CDs and DVDs (DVDs using a different laser). Still others will be able to handle those two formats plus add a third laser (more towards the "blue" end of the spectrum) to handle either Blu-Ray or HD-DVD. Only when the costs of an older technology exceed the costs of a more advanced technology (or the featureset is dramatically changed) will the older technology finally be abandoned by the masses.
http://www.telusmobility.com/on/wweb/mobile_tv_fa
http://www.bell.ca/shop/PrsShpWlsFnsGnd_Mobitv.pa
We've had TV on cell phones in Canada for a couple months now, both from Bell Canada (Bell Mobility) and from Telus. No idea what the uptake rate has been, but the ads have certainly been pushing it.
If the test system was set up with one Pentium, and one Opteron Dual Core, the test wouldn't have fared any better (if only because it would have demanded motherboard support) but the system might make more sense to some. The problem revealed in spades by the test is that similar processors are still different in significant ways, and that scheduling tasks in such an environment is a Difficult Thing to Do. (You want to allocate tasks to the processor best at handling that task, but under current programming approaches, certain other (processor) environmental data may have been collected (perhaps randomly) which biases that choice.) I keep thinking my GPU is a separate - and very different - processor, but since it's not in the same scheduling environment, it doesn't ... umm ... "count".
The question, though, IMHO, is not whether 3 is better than 2, but whether addressing these scheduler limitations (to allow dissimilar processors within one scheduling environment) is a worthwhile task for computer scientists ... or whether it should be addressed by the hardware folks (e.g. put three single-core Opterons on a board to get back to identical environments).