Slashdot Mirror


User: 4of12

4of12's activity in the archive.

Stories
0
Comments
3,485
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,485

  1. Re:Isn't that the point? on Study Finds Low Use Of Steganography On Internet · · Score: 4, Insightful

    There hasn't been much need for steganography so far.

    But if encryption is outlawed, then steganography will enjoy considerable growth as people find that the only way to secure their data is to hide the fact that they are doing so.

    With regards to Bin Laden, I continue to maintain that his use of high tech is overstated. (But making such statements is probably a great way to get government funding for fun stuff, make it look like "we're doing something", etc.)

    Low-tech means of infrequent verbal communications, not in Western language and frequently not conducted over electronic means, are more than sufficient to hide covert activities.

    Yeah, I can just see ObL and his gang firing up the diesel generators in their rural Afghan camp, setting up their satellite cell phones to upload and download complicated set of instructions that have been steganographically encoded. Give me a break. There are easier ways for him to communicate that are far less risky.

  2. Re:Scary Tech on Fighting For Privacy With Art and Words · · Score: 2

    Unless the glasses are surgically implanted onto your face, it's really not that big a deal.

    Kinda like Clockwork Orange and the scene where "rehabilitation" is done by forcing the eyes open while visual and audio environment is provided.

    It's almost that bad already with these Expletive above-the-urinal advertisements!

  3. What a Great Lesson to Teach! on Colleges Work To Block Net in Class · · Score: 2, Interesting

    "some classrooms at Bentley have technology that allows teachers to capture a student's e-mails or instant messages and display them on a large screen for the whole class to see.

    Hmmm...like this lesson will be: We don't respect your privacy.

    Would those promulgating these lessons be as ready to open up their own private lives to public examination?

    More importantly, their current class of students will be in charge of running everything about 25 years from now.

    Is this manner of running roughshod over individual privacy how they would want those students to run the country in the future?

  4. XM vs DirecTV 800? on Satellite Radio Is Officially Here · · Score: 4, Interesting

    I've really enjoyed the piped music coming in on the channel 8?? range on DirecTV. It's commercial free, and they display the artist/title/CD/label on the screen for your information (which is more than I'll say about most FM stations that just assume you know).

    But of course it's a stationary service, rooted to my home system.

    It would be nice if I could just receive those same audio channels from DirecTV in my car, on my personal CD/MP3 player/tuner instead of having to subscribe to yet another service. The BW requirements seem minimal enough in principle but perhaps there's no convenient way of extracting just those channels from their feed with a dinky antennae?

    Of course, another alternative might be if cell phone time comes down in price enough so that we can stream audio over the web via WAP(?)

  5. Re:Individual vs Enterprise License Agreements on Microsoft: The Next Investigations · · Score: 2

    Anyway, the October 1 date you mention used to be correct. Microsoft backed down from it though a few weeks after they announced it because corporations complained that they didn't have time to budget the expense of "getting current" and wouldn't be able to afford to do that and switch to Software Assurance. This article, erroneously, still mentions the October 1 date.

    I recall reading this deferment till Feb 2002, too.

    IIRC, the delay will allow companies some time to budget for this XP upgrade. In government, it's pretty hard to push a new big expenditure throught the pipeline at the last minute prior to close out of a fiscal year at the end of September.

    Probably the wise practical "choice" will be to purchase the upgrade licenses but not actually deploy until necessary, maybe months or years down the line when things have been tested for compatibiity across the suite of apps that must coexist.

    It's pretty ludicrous. If I had to "Upgrade" my car for reasons of maintaining compatibility with "Oil Filter 2002", having "Tires 1998" work improperly with "Car 2000", etc., I think I'd be plenty peeved.

  6. I Like Your Hat! on Philip Zimmermann and 'Guilt' Over PGP · · Score: 4, Interesting

    [That would be the "Phil's Pretty Good Software" hat.]

    Questions:

    Do you see any reasonable chances for success for a truly free and open system of certification authorities that would enable large numbers of people to exchange ideas and money in a way they would trust and yet simultaneously permit them privacy and anonymity?

    What is your opinion of Hailstorm?

  7. Re:Gartner Leads Way on Gartner Group Suggests Dumping IIS For Now · · Score: 2

    Gartner Leads Way

    Heh.

    Well, I suppose that Gartner wields a lot of influence among the consumers of IT evaluations that have more money than time in which to acquire the expertise.

    But - and especially in this forum - this is not exactly a rocket science revelation.

    The hassles of IIS administration have been widely known among IT worker bees for sometime. I guess it just takes a while for the information to trickle up.

    Now if those Gartner reports were only released about 1 year earlier than they are, then they might be a little more timely and useful!

  8. Re:Not possible, lower class vices need cash on How Feasible is a Cash-Less Society? · · Score: 1

    For me it's about privacy for the sake of privacy. I don't want to give it up now, because I might need it later.

    What, someone on Slashdot has aspirations of running for political office in the future?

  9. Individual vs Enterprise License Agreements on Microsoft: The Next Investigations · · Score: 4, Insightful

    I'm not the one in charge of purchasing the Enterprise License Agreements at MyCorporation, but I've read some articles in the Register and elsewhere that indicate that MS has a pricing policy that makes XP cheaper if it is purchased before a specific cut-off date that is looming rapidly. If you upgrade to XP later, subsequent Agreements will be more expensive.

    I get the impression, too, that most corporations have been trying all they can to standardize on Win2K and are not interested in hearing about this carrot and stick ploy on XP pricing.

    Of course, as time proceeds and our new users buy laptops with XPSP4 and Outlook 2004 that "works best with" XP and clunky with Win2K, our corporate IT support people will be coerced into a position where their wallets will have to crack open a bit wider to do that upgrade or suffer the wrath of users wondering why "we're behind the times".

    If it didn't hurt so much financially, it would be pretty funny. Now that MS has dominated the market, the only revenue growth opportunity left to them is to force their customer's to upgrade more frequently!

  10. Re:Was crypto used? on Blaming Encryption · · Score: 2

    Incidently, I recall that a few months ago during the election campaign dubya had some trouble answering the question who the president of pakistan was. I hope his knowledge of this area has improved somewhat by now.

    No need for George to memorize those hard names - for two reasons.

    1. That's what Dick Cheney is for.
    2. The name of the President of Pakistan is likely to change in very short order if news reports are correct about the difference between the Pakistani President's siding with U.S. policy and his population's grass roots support for the Taliban.

    Where that leaves the nukes currently in the possession of Pakistan is the big question.

  11. Re:Smaller market share? on Is the Unix Community Worried About Worms? · · Score: 2

    You are right on and ought to be modded up.

    Following your line further, the real danger is that as *nix attempts to become more popular by becoming "easier to use", it will succumb to some of the same pitfalls that plague MS.

    I have to hope that we can prove the old adage wrong - you know the one - every programmer does - I forget who said it first

    "If you make your program so simple that even a fool can use it, be assured that only fools will use it."
  12. Re:what next? on MS FrontPage Restricts Free Speech II (It's True!) · · Score: 2

    Fortunately, there's nothing in the GPL that prohibits you from disparaging the GPL, Linux, or any of the applications that you are using.

  13. Lesson One on Is the Unix Community Worried About Worms? · · Score: 2
    1. Learn from OpenBSD to go over code with a 5 micron comb.
    2. Get rid of as many exploits as you can before your market share gets to 90%. (Still have some time here:)

    The biggest obstacle, AFAICT, is making solid security Ease-Zee.

    Certainly many commercial outfits haven't successfully solved this problem yet and there are still plenty of opportunities for spoofed trojans with fake internal certifications.

    I mean, when I download a package, it usually contains its own references to valid signatures, etc. Or, the md5 signature is kept in another file, but on the same ftp server.

    Better are package maintainers that digitally sign their products. I'd like to see more of that, maybe in conjunction with multiple certifying authorities that can verify the signator's credentials. I don't need a system that compromises the anonymity of me or the package writer - just something that verifies that a package originated with a consistent unique individual.

    Do modern CD distros of GNU/Linux and other OS come with anything like a set of multiple certifying authorities where package writers can register signatures in multiple places to minimize the chances that a fake can be passed off on innocent downloaders?

  14. Scyld on Wanted: Turn-Key 10-Node Beowulf Cluster · · Score: 2

    Haven't dealt with them directly, but I believe they have Don Becker, one of the Beowulf pioneers.

    I think they have developed a system to help provide a single system image, along the lines of MOSIX, but not MOSIX, IIRC. This can help managing such a cluster which could otherwise be like managing 10 separate machines - a hassle.

  15. Re:Hmmm... not sure how to take the article on Linux on the Desktop · · Score: 2

    So yeah you can replace Win2k with Linux for a business user workstation, but I personally don't think that you should. At least not yet.

    I agree completely.

    I think KDE and Gnome are excellent desktops for even the typical business users, so that's one box checked. But there are a couple more critical items IMHO.

    I'm not ready to stake my reputation on a transition to Linux until several more key items are a little further along than now:

    1. Evolution (or equivalent email/PIM organizer)
    2. Mozilla 0.9.9 (something fast, standard, that doesn't crash much (or Galeon, Konqueror, Kameleon)
    3. StarOffice 6.0 (something with less integration that 5.2, with standard XML file formats and better compatibility with MS Office formats; maybe KOffice) Something with better Excel compatibility.
    For now, a Linux desktop is a great way for a SOHO to save some bucks if they have someone with some technical expertise and some time and not a lot of cash. Maybe that's why I got the impression this review was for a client in Thailand where you can get more people per dollar than in the industrialized world.

    For the general corporate desktop in the U.S., I think about 6-8 months from now should provide the point at which Linux is really a great option for the majority that don't want to be too close to the bleeding edge. Until then, for many users the transition from Windows is more uncomfortable than the dollar savings alone can justify.

  16. Re:Not a math guy.... on Linux on the Desktop · · Score: 2

    It costs to deploy Linux. Deployment costs include licensing (the only free thing in Linux), hardware, and support (anybody else want to add to this list?).

    Yep. User training on new tools is definitely another cost and not a trivial one. Practically, I think Linux would be a no-brainer choice except for the investment of user training in existing MS products.

    Some of these cost comparisons are interesting not only from the standpoint of the specific environments Win2K vs RH 6.2, but also from the general perspective.

    That is, few people know what it really costs to change OS environment because of all the far-reaching implications in terms of training and support. And, because the OS changes most environments have experience with are less radical: NT4 to 2K, for example.

    Along the same lines, very few IT organizations really understand all of their current costs. The costs of keeping with the existing environment.

    These costs includes the usual well-known costs of licensing, hardware, IT support staff time, costs of training classes for users, but also includes less tangible items like how much time do the secretaries spend changing fonts in Outlook or fidgeting with Word documents to get them to look right. They get benefits from these applications, too, that should be considered in the overall cost assessment, but those are usually pretty well explained by marketing brochures and advertisements.

    Fortunately for the sales of MS products, the training costs are frequently absorbed by someone besides the corporation buying the licenses. Many secretaries take classes in Word, Excel, etc at their own expense to make themselves more marketable to employers. If all of these costs were made visible, then I think a better basis for comparison could be made.

  17. Pardon my Cynicism on MS Sez Hailstorm To Play Nice With Others · · Score: 2

    "In an interview late yesterday, an executive working on the project said the company is open to an industry group--such as those already controlling Kerberos and other Internet technologies--taking the lead role if it becomes necessary. ."

    But I suspect that as events unfold it will be found that an impartial central authority will hold us back from getting the full user experience of MS Innovation.

    Certainly it has been the case that standard Kerberos was found "insufficient" for Active Directory and required "improvement".

    Don't get me wrong. I'm not saying that standards are never in need of improvement. I'm just saying that I don't want the improved standard to be controlled by an entity with other interests. Interests that can conflict with the kind of impartiality and pure technical focus that such standards control deserves.

  18. Re:We need more people like this on Hacker Tinkering With Yahoo Stories · · Score: 2

    e.g. the U.S. government -- aren't relying on Yahoo! News for information.

    Good news: The U.S. government doesn't rely on Yahoo! News as its primary source of information.

    Bad news: The U.S. government is strongly influenced by the U.S. general population, many of whom do rely on news sources as reliable as Yahoo! News

    News for Yahoos. Because Brittney Matters.
  19. Updated on Poll Says Most Americans Favor Crypto Backdoors · · Score: 2

    According to this MSNBC article, "72 percent of Americans believe that anti-commercial passenger airliner laws would be 'somewhat' or 'very' helpful in preventing a repeat of last week's terrorist attacks on New York's World Trade Center and the Pentagon in Washington, D.C."

    Makes about as much sense.

  20. Communication, Not the Data, is Important on File Sharing: Decentralizing, Open-Source Fasttrack · · Score: 2

    It couldn't be stopped.

    Well, I could easily imagine a nice P2P network application with all kinds of redundant encrypted floating data being established. Using open software with clear standards that anyone is free to implement.

    Then, when some appropriate knee-jerk cause of the day comes along (terrorism || pedophiles || endangerment of someone's large revenue stream), I can see government action requiring ISPs to put in place blocks on standard ports and handshaking attempts by the P2P application. Purely, because some individual could use it for nefarious purposes is sufficient to get the P2P application banned legally or banned de facto from burdensome heavy-handed indiscriminate restrictions.

    Then, in essence, your P2P application would become useless to the great large user base that it really needs in order to be effective. Sure the data is floating around on a few servers, but if no-one can connect to those servers, then it's as if the data did not exist.

    Is this what is happenning under more authoritarian regimes now? I would speculate that only the technically sophisticated Chinese citizens are able to routinely work around government-mandated restrictions on internet usage. It could happen here, too.

  21. Re:.com will be around for a long time to come on No One Wants The Not-Coms · · Score: 2

    Noone. You *can't* register just surnames.

    Then, I suppose the many other thousands of latecomers to .name registration will be disappointed to find

    john.smith.name
    is already taken?
  22. Authority and Responsibility on A New Kind of War · · Score: 2

    Reminds me of a saying from a movie not long ago. Wish I could remember which one!

    "Yes, you've got the responsibility and authority. Now, what are you going to do with it?"

    Assume the U.S. is now in charge of governing Afghanistan. What are you going to do with it?

    Even a wounded animal can wreak vengeance. It will take some serious thinking to reconstruct a country in a way that benefits everyone.

    For example, bulldozing mosques in Kabul to make way for a video store and a McDonald's may not be the best way to win the hearts and minds of the populace. Recall that ObL used his personal fortune to build houses for the widows and orphans of the struggle years ago. Take a lesson.

  23. Re:I'm ashamed to say it, but I agree with RMS on Stallman: Thousands Dead, Millions Deprived of Liberties · · Score: 2

    The people who favored key escrow claimed that terrorists would use encryption. They are now in a stronger position to ask for key escrow again.

    In which case, it is time to bring rational inquiry to the debate. (I know, I know, it ruins all of the fun of an uninformed and emotional debate.)

    First, how much evidence do we really have that ObL was using encryption rather, than, say, low-tech pre-arranged signals like those used by the French Underground over BBC during WW2? You know,

    "Mr. Green likes to eat oranges at midnight."
    , (pick favorite Koran quote), etc. right over the telephone. The degree to which encryption has streamlined the operation of crime and terrorist networks is overstated; it is hypothesized more out of fear and ignorance of how these networks really work.

    Secondly, if commercially-available encryption products are known to have backdoors, why would ObL, Scarfo, or any other individual needing to hide information even think of relying on such inherently-crippled tools? You certainly wouldn't. Neither would they.

    If you ask me, most of the stupid terrorists and stupid criminals can be caught through the introduction of less-intrusive measures, rather than by making it difficult for the 99% of law-abiding people to keep their information and communication truly private.

    Privacy may not be a fundamental liberty explicitly guaranteed in the United States Constitution, but IMHO, the right not to be subjected to unreasonable search and seizure is tantamount to the same thing. And I will take the interpretation of the spirit of the law to the letter of the law any day.

  24. Re:George Bush and the M$ case on Why The U.S. Surrendered To Microsoft · · Score: 2

    NT is a flavor of UNIX (twisted and corrupted though it may be).

    Hmmm...that does certainly stretch the imagination. IIRC, NT was initially written by the author of VMS.


    can't get personnel for

    Hidden in here is the crux of the problem. And it relates back to what an earlier poster had said about "ease of use".

    No one in this forum seriously doubts the power, flexibility, robustness of UNIX.

    But if you're honest, you'll also admit that sysadmin talent that knows how to edit Perl on an Apache webserver is rarer and more costly that finding people that "have seen" IIS running on NT enough to get it to some semblance of working.

    Do you think the U.S. military has the mentality that it should even know enough to pay for quality people?

    Many have already observed managerial incompetence in the mility procurement process. Do we honestly think they will suddenly become any more enlightened about procuring the most talented individuals if they are unable to procure the right OS?

  25. Not Necessarily Scalable! on Mozilla's 100,000th Bug · · Score: 2

    Just because Bugzilla works well for a large project like Mozilla with many developers and many reported bugs does not necessarily qualify it for "scalable".

    It only proves its utility for a particular large project.

    My group has been looking to find a good bug management system that is truly scalable. By that I mean one that works as easily for a small project with a few developers as for a very large project.

    The differences are that a very large project might be able to afford to have one person whose full time activity is managing some piece of complex bug tracking or issue management software, be it some commercial offering or be it Bugzilla.

    I am so tired of products being sold and bought purely on the long list of "features" without any regard for usability. Can anyone produce a product with an appreciation that the casual user, reporting a bug once for some piece of software, does not want to be overburdened in having to spend hours or days climbing the learning curve for Yet Another Software Application.

    Scalability to the low end as well as the high end wins marks in my book.

    While I've been skeptical of Bugzilla for being no more than a Pile 'O Perl Scripts, I must admit it is doing well for Mozilla, having used it once to submit a bug and gotten subsequent emails indicating the progress being made on the bug (even if the progress was a message to the effect that the bug was morally equivalent to something else and that I was too stupid to realize it - that's OK).

    But has Bugzilla been used successfully for smaller projects? And for users/bug reporters that are not necessarily the same as developers?