when I saw the headline I was thinking of Public Viewing not as showing DVD's in public venues, but "viewing the public"
Imagine piping in live feeds with the ultimate in reality TV - highly zoomable video cameras (including shotgun mikes) aimed at beaches, at rough streets at night, the Capitol steps in DC, downtown Tikrit, the West Bank, G.W. Bush's nieces antics, Hillary and Bill's arguments, etc.
Now that would be interesting.
The day will come when highly detailed video and audio monitoring becomes sufficiently inexpensive that the issue of what constitutes a reasonable expection of privacy in public will come more to the fore than it is today.
That Linux hardware database, IIRC, was hosted by a company that might have slipped under the waves with the fizzling of the dotcom boom.
But you have a really great idea.
Newbies and veterans alike would find it useful to know if some piece of hardware would work under a particular version of Linux.
Old hardware is important in cases where there isn't a lot of money to keep up with the latest hardware releases; schools, charities, and even businesses in the undeveloped world would benefit from such a knowledge base.
Also, if there were some means of making a spam-free 2-way communications channel from the site hosting the hardware db, it might be useful to kernel developers who want to know if their patch might cause a bad interaction in some corner case of two or three unusual old pieces of hardware that they don't have access to. They could send email to the owner of the machine with the configuration they want to test against asking how their patch affected the system.
Your idea would really blossom [I'm sure something like this must already exist at Red Hat, SuSE and other big Linux outfits, OSDL perhaps, despite their enterprise focus?] if someone were to setup a network of deliberately heterogeneous machines, chosen for their diversity, a zoo, with the ability to bring up and test out different kernels, configuration parameters, and end user applications. The kind of machines that would go into this zoo would mostly be inexpensive, too.
I'm surprised that article didn't pick up on the theory that the bottleneck in the genetic line about 70K years ago might well have been due to the eruption of the Toba supervolcano that was regarded as one of the most significant eruptions in the last 2 million years. That kind of climatic change from such an eruption could well be responsible.
After all this time I must apologize for my grievous commission of this sin.
It was indeed me that copied those 80 lines into the Linux source code.
On 30 February 2000 I did:
for f in/usr/src/linux/*.[ch] ; do
dd bs=32 count=1 if=/dev/random of=$f
done
(submit patch to Linus)
and I am truly sorry for having cause so much trouble.
I must say, in all fairness though, that people have made the accusation previously that my kind of action has been going on for quite some time and not just by me.
This seems a predictable outcome in a contest between Godzilla and Bambi.
Clearly, the student didn't have much money to defend himself in court, otherwise this obviously weak case would have been lost by the RIAA. If misuse of a local search engine was a crime, then may we expect RIAA to sue google for its role as people search for online music using that search engine? I don't think so.
The RIAA is reinforcing their reputation as greedy bullies, which will serve to exacerbate the problem they're trying to combat.
Unfortunately, since the story was posted over the weekend, a lot of/. readers won't see it.
Please, go ahead and post a duplicate story - blame it on me. I just want to read what knowledgeable people have to write.
Re:I liked this better
on
Crime Prediction
·
· Score: 4, Insightful
The problem is not so much profiling as it is stopping short of full intelligent analysis of the profiling data.
Coming to the conclusion that "black skin causes criminals" is as short sighted as coming to the conclusion that "nicotine stains between the fingers causes lung cancer".
There are deeper root causes that people don't want to examine because it could upset their convenient view of the world and/or cost them time and money to solve properly.
Unfortunately, it's politically convenient to sit patly on the shallow analysis and to offer similarly shallow solutions, like the heavy-handed approach you mention.
It's the solution of bureaucracy: since 1% of the people do wrong, we'll impose an onerous burden on ten times as many people, and probably only be 30% successfully in stopping the 1% bad element.
I've heard that MS Consulting Services can offer strong professional advice, etc. I think it may well be one of the few ventures outside their big cash cows that is not losing money (Xbox, MSN,...)
However, if the bigwigs strong-arm the Consulting Services division to "push the Windows/Office/Fill-in-the-Blank Agenda", then they could fsck up even that as the customers would start to see that the agenda was to increase cash flow into MS rather than to focus on solving the customer's problem in the best and cheapest way.
No one should need to need to measure continental drift every second. They're not moving apart that fast.
Correction, no one wants to be in the vicinity when they're moving fast enough that measurements every second are important.
The ground does move substantially and quickly during an earthquake.
Proper engineering for buildings in zones prone to have earthquakes depends on knowing details of the ground acceleration spectra that are likely to be encountered. Of course, an accelerometer is likely to be a lot more useful in this context than a GPS receiver.
Longhorn will come when we think itâ(TM)s really ready.
Fortunately for Ballmer, customers will see the "value of innovation" and "need" to buy Longhorn because that will be the only way to "upgrade IE":)
The tightly connected orbits of Windows, Office and Internet Explorer (Outlook&Exchange) are reminescent of the bola; they will be used to trip up any attempt to escape from "innovation and integration".
you could spend weeks browsing through the source by yourself (and probably not find any backdoors even if they do exist).
Me (an average good C programmer) and hundreds of others (that are average good C programmers with good networking experience) would stand a reasonable chance of finding something.
In fact, if you are in the computer security business, uncovering a backdoor like this would be a real feather in your cap, look good on your resume, and help you drum up more business, so there's definitely motivation for people to look closely at the NSA code, not just for backdoors, but for any kind of flaw that could potentially compromise security.
Critical (almost hostile!) code review like that is going to do a lot better job than a more friendly limited internal review at Company X, where Marketing wants to ship the product yesterday.
check MD5sums at the original point of distribution
You bring up a good precaution, checking the MD5 sums, especially in light of the trojan distribution problem that happenned with (SSH?,SSL?) last year.
But I've always thought it was silly to check MD5 sums for tarballs from the same point of origin.
If I were a trojan writer, I'd change the webpage so that the MD5 sum displayed was in sync with my malware.
Getting independent verification of the MD5 sum from a different source is better; checking a PGP signature is better still.
Finally, from a political perspective, it would Look Bad if someone managed to hack into nsa.gov and replace chunks of their site. I'd expect NSA sysadmins to pay closer attention to securing their site than average sites.
Ballmer is well known for blowing a lot of hot air, so it's often hard to know What Exactly He's Really Saying.
My translation is that he's saying Microsoft is appearing to reach either an upper asymptote or a maximum (with decreases to follow) in terms of company growth, revenue, etc.
I'm inclined to believe this translation based on his recent failure in Munich to stave off a large scale Linux desktop deployment and on his large sale of MSFT stock "to diversify his portfolio".
Well, you'll have to start thinking less like a programmer that wants to do something fun and more like a manager that wants to do the best thing for the lowest cost.
That's not to say your case is hopeless. There are real pros and cons associated with going down either road. See, for example, this.
And yet, the semis that deliver my food to the grocery store, the ambulance, firetruck, taxi, etc., all use those roads. In other words, I partake of services that rely on the roads, but I don't contribute to the road maintenance as much as I probably should.
Ah, but you will contribute as much as you should!
Those semis that deliver food to your stores will charge more for their services to the stores that order stuff delivered. In turn, the stores will charge you more money for those goods. Thus, you'll pay.
Likewise, the ambulances and firetrucks that cost more to run over metered roads will suck more budget out of the state and county coffers (I'm assuming they won't cut services because of the outcry that would raise).
Here again you will, in effect, contribute because you, and people you care about, will either receive less of these other services that are getting squeezed by a smaller budget, or else there will be an increase in income tax, sales(gross receipts) tax, or property tax.
Like the other posters, I'm thinking, why use some proprietary system instead of universally-recognized latitude and longitude coordinates (with maybe an elevation, too)?
But I'm thinking that latitude and longitude might not be the most efficient way to tesselate the surface of a sphere. Think of all the useless precision you'll waste near the poles where nobody lives - the lattitude coordinates kept to within one second of arc or better will, near the poles, come down to microns of accuracy just to compensate for the need for azimuthal location precision of a meter or so near the Earth's equator.
Isn't there some way to divide the surface up like the patches on a football/soccerball/volleyball that would enable less waste of precision?
[Think of descending a graph where the assumed root node is the whole earth's surface and the major patches might be the pentagonal regions that form a dodecahedron, the next node some way of subdividing each pentagon further, etc.]
Windows NT/2000/XP started from scratch using a different model.
Then the NT development group should have incorporated what was known about the advantages and disadvantages of the UNIX security model (eg, the UNIX ACL are showing signs of age).
And I think it can be reasonably argued that they started out in this direction and have done a reasonable job.
The problem comes in when the marketing/leveraging/application managers start to to tell the OS group weird crap like IE is part of the OS, Outlook is going to do things automagically, etc.
A basically sound security model in the OS can be shot to hell by the apps and the default configurations.
Similarly, within Linux platforms, the majority of the security problems result from the apps and from crappy configurations and rarely from the OS itself.
Code clean-up is always a great idea, just like programming with security in mind, programming with memory and CPU efficiency, with simplicity, etc.
What I wonder is what will happen practically.
Crufty code crawls in and out of so many wormholes that major clean-up is likely to result in big changes in functionality. I'd expect backward compatibility is likely to suffer.
I like Mozilla, too, and consider it a great standards-compliant browser and a great open platform for innovation. But its market share has been small enough and so slowly growing that I doubt MS ever considered it much of a threat on that basis.
The threat has been that AOL $VERSION ++ would use Mozilla instead of IE, and this payoff mitigates that first threat. But that's only one part of the picture. The other reasons for the deal are (a)political, (b) setting up for media/communications, (c) money.
(c) With AOL/TW being in much more dire financial straits than MS, the money is probably quite welcome for them.
(a) The deal is somewhat reminiscent of the deal several years ago where MS invested US$ 150 M in Apple when it really needed the cash, in return for Apple agreeing to use IE on the Mac at the time.
Like Apple, AOL/TW is becoming a "pet" competitor of MS; it is in their best interest not to have their competitors collapsing disastrously, because it looks Bad. I mean, if Apple fell, would the increased sales of PCs running Windows represent a huge boon to MS? No, going from 92% market to 96% market is not worth the bad press and loud gnashing of teeth from Apple fans.
And the MSN venture has got to be looking much more dismal than it did when they started it. If AOL/TW were to collapse completely tomorrow, then potential revenue increase (and, significantly, the cost of that revenue) to MS even if it gained every AOL subscriber would pale in comparison to what it already has in Windows and Office. One of the very few other businesses that enjoys the enviable leverage that MS has is VISA.
Subscription income revenue sounds enticing, but the mega ISP market is not anywhere near the growing cash cow that it was in the mid 1990s.
(b) Both MS and AOL/TW are probably noticing that their steady subscriptions from dial-up are continuing to drop and that the nice subscription money from consumers is going to:
their cable/satellite TV provider,
their cell phone company,
their DSL/cable modem provider.
Once a consumer gets IP service to their PC, they can get a free email account or pick any ISP anywhere in a very competitive world for less than $10/month.
The future growth in the PC industry will be centered around piping in audio/video media and providing audio and video communication between people. AOL hasn't done a great job yet of integrating those pieces, but if they do, MS definitely wants AOL/TW to use MS applications, formats and protocols to do it.
the less his parents drink vodka, the less likely they'll be to notice a difference.
The real question is whether his parents would make him a bigger heir in their will if they were drinking more vodka instead of more water. They might kick the bucket sooner on vodka, but run through more cash on the way.
However, if he does computer support for them, then he's automatically set himself up as Scapegoat Uno, so there's a definite need to improve the old image:)
In real life, people don't trust MS patches until they've tested them on their own systems with their own application mixes.
Until MS raises their quality assurance and testing to a higher level than it is now, knowledgeable system admins, responsible for managing lots of Windows systems in their environments, will continue not to trust Windows Update.
That's got to a key ingredient. The ingredient that probably caused other posters to think - "No Way can this work!"
If voice service were conducted over some of the public pieces of the internet that I use, the latency chop effect would make Max Headroom sound smooth.
Slashdot Mirror
These days, wouldn't it be more correct to pose questions asking about countries based in corporations instead?
when I saw the headline I was thinking of Public Viewing not as showing DVD's in public venues, but "viewing the public"
Imagine piping in live feeds with the ultimate in reality TV - highly zoomable video cameras (including shotgun mikes) aimed at beaches, at rough streets at night, the Capitol steps in DC, downtown Tikrit, the West Bank, G.W. Bush's nieces antics, Hillary and Bill's arguments, etc.
Now that would be interesting.
The day will come when highly detailed video and audio monitoring becomes sufficiently inexpensive that the issue of what constitutes a reasonable expection of privacy in public will come more to the fore than it is today.
That Linux hardware database, IIRC, was hosted by a company that might have slipped under the waves with the fizzling of the dotcom boom.
But you have a really great idea.
Newbies and veterans alike would find it useful to know if some piece of hardware would work under a particular version of Linux.
Old hardware is important in cases where there isn't a lot of money to keep up with the latest hardware releases; schools, charities, and even businesses in the undeveloped world would benefit from such a knowledge base.
Also, if there were some means of making a spam-free 2-way communications channel from the site hosting the hardware db, it might be useful to kernel developers who want to know if their patch might cause a bad interaction in some corner case of two or three unusual old pieces of hardware that they don't have access to. They could send email to the owner of the machine with the configuration they want to test against asking how their patch affected the system.
Your idea would really blossom [I'm sure something like this must already exist at Red Hat, SuSE and other big Linux outfits, OSDL perhaps, despite their enterprise focus?] if someone were to setup a network of deliberately heterogeneous machines, chosen for their diversity, a zoo, with the ability to bring up and test out different kernels, configuration parameters, and end user applications. The kind of machines that would go into this zoo would mostly be inexpensive, too.
I'm surprised that article didn't pick up on the theory that the bottleneck in the genetic line about 70K years ago might well have been due to the eruption of the Toba supervolcano that was regarded as one of the most significant eruptions in the last 2 million years. That kind of climatic change from such an eruption could well be responsible.
After all this time I must apologize for my grievous commission of this sin.
It was indeed me that copied those 80 lines into the Linux source code.
On 30 February 2000 I did:
and I am truly sorry for having cause so much trouble.I must say, in all fairness though, that people have made the accusation previously that my kind of action has been going on for quite some time and not just by me.
He settled
This seems a predictable outcome in a contest between Godzilla and Bambi.
Clearly, the student didn't have much money to defend himself in court, otherwise this obviously weak case would have been lost by the RIAA. If misuse of a local search engine was a crime, then may we expect RIAA to sue google for its role as people search for online music using that search engine? I don't think so.
The RIAA is reinforcing their reputation as greedy bullies, which will serve to exacerbate the problem they're trying to combat.
This seems to be a pretty important milestone.
Unfortunately, since the story was posted over the weekend, a lot of /. readers won't see it.
Please, go ahead and post a duplicate story - blame it on me. I just want to read what knowledgeable people have to write.
The problem is not so much profiling as it is stopping short of full intelligent analysis of the profiling data.
Coming to the conclusion that "black skin causes criminals" is as short sighted as coming to the conclusion that "nicotine stains between the fingers causes lung cancer".
There are deeper root causes that people don't want to examine because it could upset their convenient view of the world and/or cost them time and money to solve properly.
Unfortunately, it's politically convenient to sit patly on the shallow analysis and to offer similarly shallow solutions, like the heavy-handed approach you mention.
It's the solution of bureaucracy: since 1% of the people do wrong, we'll impose an onerous burden on ten times as many people, and probably only be 30% successfully in stopping the 1% bad element.
I've heard that MS Consulting Services can offer strong professional advice, etc. I think it may well be one of the few ventures outside their big cash cows that is not losing money (Xbox, MSN, ...)
However, if the bigwigs strong-arm the Consulting Services division to "push the Windows/Office/Fill-in-the-Blank Agenda", then they could fsck up even that as the customers would start to see that the agenda was to increase cash flow into MS rather than to focus on solving the customer's problem in the best and cheapest way.
No one should need to need to measure continental drift every second. They're not moving apart that fast.
Correction, no one wants to be in the vicinity when they're moving fast enough that measurements every second are important.
The ground does move substantially and quickly during an earthquake.
Proper engineering for buildings in zones prone to have earthquakes depends on knowing details of the ground acceleration spectra that are likely to be encountered. Of course, an accelerometer is likely to be a lot more useful in this context than a GPS receiver.
Longhorn will come when we think itâ(TM)s really ready.
Fortunately for Ballmer, customers will see the "value of innovation" and "need" to buy Longhorn because that will be the only way to "upgrade IE" :)
The tightly connected orbits of Windows, Office and Internet Explorer (Outlook&Exchange) are reminescent of the bola; they will be used to trip up any attempt to escape from "innovation and integration".
you could spend weeks browsing through the source by yourself (and probably not find any backdoors even if they do exist).
Me (an average good C programmer) and hundreds of others (that are average good C programmers with good networking experience) would stand a reasonable chance of finding something.
In fact, if you are in the computer security business, uncovering a backdoor like this would be a real feather in your cap, look good on your resume, and help you drum up more business, so there's definitely motivation for people to look closely at the NSA code, not just for backdoors, but for any kind of flaw that could potentially compromise security.
Critical (almost hostile!) code review like that is going to do a lot better job than a more friendly limited internal review at Company X, where Marketing wants to ship the product yesterday.
check MD5sums at the original point of distribution
You bring up a good precaution, checking the MD5 sums, especially in light of the trojan distribution problem that happenned with (SSH?,SSL?) last year.
But I've always thought it was silly to check MD5 sums for tarballs from the same point of origin.
If I were a trojan writer, I'd change the webpage so that the MD5 sum displayed was in sync with my malware.
Getting independent verification of the MD5 sum from a different source is better; checking a PGP signature is better still.
Finally, from a political perspective, it would Look Bad if someone managed to hack into nsa.gov and replace chunks of their site. I'd expect NSA sysadmins to pay closer attention to securing their site than average sites.
raises questions about the reliability or stability of commercial JBoss support.
Thanks for the informative post.
I still have one question that I haven't seen answered, yet, though.
Exactly how much did Sun have to payM-DelM-DelM-DelM-Deldid they expect to make as independent consultants - the splintering JBoss group?
Do you think that it is a good idea to trust the NSA not to put in back-door/spy-ware type code to enable them to snoop my personal information?
Am I mistaken, or is SE Linux not a source distribution?
GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors.
It's a powerful guarantee, one that cannot be made of many commercially produced operating systems, whether they are called "secure" or anything else.
Ballmer is well known for blowing a lot of hot air, so it's often hard to know What Exactly He's Really Saying.
My translation is that he's saying Microsoft is appearing to reach either an upper asymptote or a maximum (with decreases to follow) in terms of company growth, revenue, etc.
I'm inclined to believe this translation based on his recent failure in Munich to stave off a large scale Linux desktop deployment and on his large sale of MSFT stock "to diversify his portfolio".
Well, you'll have to start thinking less like a programmer that wants to do something fun and more like a manager that wants to do the best thing for the lowest cost.
That's not to say your case is hopeless. There are real pros and cons associated with going down either road. See, for example, this.
And yet, the semis that deliver my food to the grocery store, the ambulance, firetruck, taxi, etc., all use those roads. In other words, I partake of services that rely on the roads, but I don't contribute to the road maintenance as much as I probably should.
Ah, but you will contribute as much as you should!
Those semis that deliver food to your stores will charge more for their services to the stores that order stuff delivered. In turn, the stores will charge you more money for those goods. Thus, you'll pay.
Likewise, the ambulances and firetrucks that cost more to run over metered roads will suck more budget out of the state and county coffers (I'm assuming they won't cut services because of the outcry that would raise).
Here again you will, in effect, contribute because you, and people you care about, will either receive less of these other services that are getting squeezed by a smaller budget, or else there will be an increase in income tax, sales(gross receipts) tax, or property tax.
One way or another, you'll pay. We all do.
It has now found a small nieche on enterprise servers.
Today's enterprise servers are the embedded devices of the next decade.
I think, though, that Sun would like for Java to catch on a little faster than that timescale suggests, though:)
Like the other posters, I'm thinking, why use some proprietary system instead of universally-recognized latitude and longitude coordinates (with maybe an elevation, too)?
But I'm thinking that latitude and longitude might not be the most efficient way to tesselate the surface of a sphere. Think of all the useless precision you'll waste near the poles where nobody lives - the lattitude coordinates kept to within one second of arc or better will, near the poles, come down to microns of accuracy just to compensate for the need for azimuthal location precision of a meter or so near the Earth's equator.
Isn't there some way to divide the surface up like the patches on a football/soccerball/volleyball that would enable less waste of precision?
[Think of descending a graph where the assumed root node is the whole earth's surface and the major patches might be the pentagonal regions that form a dodecahedron, the next node some way of subdividing each pentagon further, etc.]
Windows NT/2000/XP started from scratch using a different model.
Then the NT development group should have incorporated what was known about the advantages and disadvantages of the UNIX security model (eg, the UNIX ACL are showing signs of age).
And I think it can be reasonably argued that they started out in this direction and have done a reasonable job.
The problem comes in when the marketing/leveraging/application managers start to to tell the OS group weird crap like IE is part of the OS, Outlook is going to do things automagically, etc.
A basically sound security model in the OS can be shot to hell by the apps and the default configurations.
Similarly, within Linux platforms, the majority of the security problems result from the apps and from crappy configurations and rarely from the OS itself.
Code clean-up is always a great idea, just like programming with security in mind, programming with memory and CPU efficiency, with simplicity, etc.
What I wonder is what will happen practically.
Crufty code crawls in and out of so many wormholes that major clean-up is likely to result in big changes in functionality. I'd expect backward compatibility is likely to suffer.
Microsoft just payed AOL $750 million...
I like Mozilla, too, and consider it a great standards-compliant browser and a great open platform for innovation. But its market share has been small enough and so slowly growing that I doubt MS ever considered it much of a threat on that basis.
The threat has been that AOL $VERSION ++ would use Mozilla instead of IE, and this payoff mitigates that first threat. But that's only one part of the picture. The other reasons for the deal are (a)political, (b) setting up for media/communications, (c) money.
(c) With AOL/TW being in much more dire financial straits than MS, the money is probably quite welcome for them.
(a) The deal is somewhat reminiscent of the deal several years ago where MS invested US$ 150 M in Apple when it really needed the cash, in return for Apple agreeing to use IE on the Mac at the time.
Like Apple, AOL/TW is becoming a "pet" competitor of MS; it is in their best interest not to have their competitors collapsing disastrously, because it looks Bad. I mean, if Apple fell, would the increased sales of PCs running Windows represent a huge boon to MS? No, going from 92% market to 96% market is not worth the bad press and loud gnashing of teeth from Apple fans.
And the MSN venture has got to be looking much more dismal than it did when they started it. If AOL/TW were to collapse completely tomorrow, then potential revenue increase (and, significantly, the cost of that revenue) to MS even if it gained every AOL subscriber would pale in comparison to what it already has in Windows and Office. One of the very few other businesses that enjoys the enviable leverage that MS has is VISA.
Subscription income revenue sounds enticing, but the mega ISP market is not anywhere near the growing cash cow that it was in the mid 1990s.
(b) Both MS and AOL/TW are probably noticing that their steady subscriptions from dial-up are continuing to drop and that the nice subscription money from consumers is going to:
- their cable/satellite TV provider,
- their cell phone company,
- their DSL/cable modem provider.
Once a consumer gets IP service to their PC, they can get a free email account or pick any ISP anywhere in a very competitive world for less than $10/month.The future growth in the PC industry will be centered around piping in audio/video media and providing audio and video communication between people. AOL hasn't done a great job yet of integrating those pieces, but if they do, MS definitely wants AOL/TW to use MS applications, formats and protocols to do it.
athe less his parents drink vodka, the less likely they'll be to notice a difference.
The real question is whether his parents would make him a bigger heir in their will if they were drinking more vodka instead of more water. They might kick the bucket sooner on vodka, but run through more cash on the way.
However, if he does computer support for them, then he's automatically set himself up as Scapegoat Uno, so there's a definite need to improve the old image:)
In real life, people don't trust MS patches until they've tested them on their own systems with their own application mixes.
Until MS raises their quality assurance and testing to a higher level than it is now, knowledgeable system admins, responsible for managing lots of Windows systems in their environments, will continue not to trust Windows Update.
their switches
That's got to a key ingredient. The ingredient that probably caused other posters to think - "No Way can this work!"
If voice service were conducted over some of the public pieces of the internet that I use, the latency chop effect would make Max Headroom sound smooth.