I highly recommend reading "Code and Other Laws of Cyberspace" for an intelligent, and at times disheartening, look at the issues involved here. It really comes down to political action if some of the nasty things coming down the pike are to be avoided. In the early days the internet wasn't on the political radar screen, and the people building it made some sensible decisions that gave us the freedom we enjoyed until recently. Now though, the big money is involved so the politicians are all over the issue "like Oprah on a baked ham" (Simpsons). If we don't stand up and be counted then soon "protecting the children", otherwise known as making the web safe for big business, will put an end to what we've come to love.
And just to play devil's advocate a little more: do you think the cable companies would have sat idly by while the phone companies were raising prices? Why would cable companies have cared? Without cheap data over voice lines the internet would never have got to the point where anyone saw any point in offering any sort of access. When all there was was usenet (etc.) there wasn't a whole lot of cable company interest then. BTW No regulation by government just means regulation by corporations. If cable companies get to be the only people who have access to their wires you'll soon find that you have to use some proprietary stuff "to protect the children and improve security" to get on line, no connecting any of that "unauthorized/unsecure" open source code to their lines. (Remember when only Bell made phones, no, I suppose you don't)
Here's a case where either slashdot was taken for a ride cause they didn't do their homework, or they had some axe to grind in the dispute. So, after the hysterical headline, based on one side only of the story, they post a little link to the other side. Slashdot needs to stand up and say they were wrong, and explore more fully what is really going on here, which would be interesting and illuminating. Everything is not always golden in the world of open source. Since, in many cases there isn't, or didn't used to be, a whole lot of money involved, the ego reward is much more important for some people. And that can lead to some long running and bitter disputes. And next time, before putting fingers to keyboard, please engage brain.
The telnet and ftp implementations they offer do provide session encryption. However, to get hold of these you have to be a US/Canadian citizen and email them. Getting the source looks even more difficult.
Here are some actual figures, not just speculation, from our web sites. See if you think these are heavyweight or lightweight.
mod_perl with raven ssl is about 14 meg a child process
mod_perl without raven ssl but same application is about 8 meg a child process
Of course process size gradually increases overtime (due to caching by embperl) so we kill processes using the cleanup handler phase at 20 meg.
We are certainly trading development speed and ease for code size/runtime speed. But, we are aware of doing this, it didn't just sneak up on us, and for what we're doing it's the right choice.
Yep, more overreaction. The people producing Mosiac are not idiots, they're not get rich quick merchants and they have actual experience producing software that is used to evaluate threads made to federal judges etc. The book "The Gift of Fear" written by the founder is most interesting. He certainly does not think that just because you are different you are dangerous.
It is likely that the program will be able to successfully identify people who will act violently. And this is a very good thing.
The two obvious problems are false positive results, and the way those "identified" are treated. Unfortunately that's going to be in the hands of the same sort of people who thing evolution is a bad idea.
I think the program itself is a very good idea. It even probably works. What needs careful handling is who gets profiled and what happens to those that the program "identifies". That's where people's efforts need to be concentrated instead of on pointless venting against profiling.
This sort of thing demonstrates clearly why governments want to control individuals access to encryption. It has been said by various people that you have nothing to worry about because it would no be practical for governments to monitor all communications in this sort of trolling operation. Apparently people were wrong.
The y2k problem was caused mainly by shorted sighted management who wouldn't listen when told of problems to come. Certifying the programmers won't guarantee a better product when management still sets deadlines the programmers know can't be met without skimping on something (and that's generally testing)
Slashdot Mirror
I highly recommend reading "Code and Other Laws of Cyberspace" for an intelligent, and at times disheartening, look at the issues involved here. It really comes down to political action if some of the nasty things coming down the pike are to be avoided. In the early days the internet wasn't on the political radar screen, and the people building it made some sensible decisions that gave us the freedom we enjoyed until recently.
Now though, the big money is involved so the politicians are all over the issue "like Oprah on a baked ham" (Simpsons). If we don't stand up and be counted then soon "protecting the children", otherwise known as making the web safe for big business, will put an end to what we've come to love.
And just to play devil's advocate a little more: do you think the cable companies would have sat idly by while the phone companies were raising prices?
Why would cable companies have cared? Without cheap data over voice lines the internet would never have got to the point where anyone saw any point in offering any sort of access. When all there was was usenet (etc.) there wasn't a whole lot of cable company interest then.
BTW No regulation by government just means regulation by corporations. If cable companies get to be the only people who have access to their wires you'll soon find that you have to use some proprietary stuff "to protect the children and improve security" to get on line, no connecting any of that "unauthorized/unsecure" open source code to their lines. (Remember when only Bell made phones, no, I suppose you don't)
Here's a case where either slashdot was taken for
a ride cause they didn't do their homework, or they had some axe to grind in the dispute. So, after the hysterical headline, based on one side only of the story, they post a little link to the other side. Slashdot needs to stand up and say they were wrong, and explore more fully what is really going on here, which would be interesting and illuminating. Everything is not always golden in the world of open source. Since, in many cases there isn't, or didn't used to be, a whole lot of money involved, the ego reward is much more important for some people. And that can lead to some long running and bitter disputes.
And next time, before putting fingers to keyboard, please engage brain.
The telnet and ftp implementations they offer do provide session encryption. However, to get hold of these you have to be a US/Canadian citizen and email them. Getting the source looks even more difficult.
Here are some actual figures, not just speculation, from our web sites. See if you think these are heavyweight or lightweight.
mod_perl with raven ssl is about 14 meg a child process
mod_perl without raven ssl but same application is about 8 meg a child process
Of course process size gradually increases overtime (due to caching by embperl) so we kill processes using the cleanup handler phase at 20 meg.
We are certainly trading development speed and ease for code size/runtime speed. But, we are aware of doing this, it didn't just sneak up on us, and for what we're doing it's the right choice.
Yep, more overreaction. The people producing Mosiac are not idiots, they're not get rich quick merchants and they have actual experience producing software that is used to evaluate threads made to federal judges etc. The book "The Gift of Fear" written by the founder is most interesting. He certainly does not think that just because you are different you are dangerous.
It is likely that the program will be able to successfully identify people who will act violently. And this is a very good thing.
The two obvious problems are false positive results, and the way those "identified" are treated. Unfortunately that's going to be in the hands of the same sort of people who thing evolution is a bad idea.
I think the program itself is a very good idea. It even probably works. What needs careful handling is who gets profiled and what happens to those that the program "identifies". That's where people's efforts need to be concentrated instead of on pointless venting against profiling.
This sort of thing demonstrates clearly why governments want to control individuals access to encryption. It has been said by various people that you have nothing to worry about because it would no be practical for governments to monitor all communications in this sort of trolling operation. Apparently people were wrong.
Hopefully the following (found via google) will help.
http://www.ssc.com/lj/issue36/console.html
The y2k problem was caused mainly by shorted sighted management who wouldn't listen when told of problems to come. Certifying the programmers won't guarantee a better product when management still sets deadlines the programmers know can't be met without skimping on something (and that's generally testing)