Is that it's so likely that someone else will point out EXACTLY the same thought you have.
Not that I disapprove of his methods exactly. But talk about doublespeak. --
#!/bin/sh
# Note: this is untested code written ad-hoc
# in a slashdot comment box. You decide
# how much you want to trust it.
#
# Usage: lspinstaller <version-of-kernel> <previous-version-of-kernel>
# Must run as root.
# answering "no" to new kernel features is not necessarily what you want, but it's a good place to start
yes n | make oldconfig
mv Makefile Makefile.configged
# I find it's always a good idea to tag kernels with your hostname so you can tell what they're meant for
sed s/EXTRAVERSION =/EXTRAVERSION = `hostname`/ Makefile
make dep clean bzImage modules modules_install
# if you use lilo, this automatically runs it.
# if you use grub, do it manually I guess.
installkernel $0-`hostname` arch/$ARCH/boot/bzImage System.map
echo Windo^H^H^H^H^HLinux has finished installing your new software. Press any key to reboot, but ctrl-alt-delete will probably be more effective.
Reason is the tool to use to change opinions?not censorship. [ . . . ] if the government censors you today, I could be next tomorrow, perhaps for an entirely different reason. That?s why it is so important to uphold the principle, even when in practice it is difficult to do so. There?s no challenge involved in defending someone you agree with; the stretch is standing up for your opponent?so that everyone?s rights are preserved.
This could even go further, in my mind. It's not just that we must defend our own rights by defending someone else's. Free speech gives rise to reason. Nobody knows the full story; it is only through hearing those who disagree with you that you come to understand the flaws in your own argument, and reconcile them. Free speech, and the ability to hear those who you disagree with and disapprove of, isn't just the companion of reason; it is the origin of reason. --
Correct me if I'm wrong. I'm neither a physicist nor a computer scientist, but I have read about the stuff.
First of all, the key is generated on both sides by reading a random string of photons. Quantum entanglement causes this to happen simultaneously at both ends. Because this stream of photons is truly random, the key is truly random, and there is no "Moore's law crack" possible. You can trivially generate a megabyte-long key if you want to. Good luck trying every combination.
Then a test message is encrypted with that key and sent over ordinary communication channels. If the recipient is able to decrypt the test message with the key he received, then it follows that he has the correct key. Therefore, the key was not snooped, because Heisenberg says if the key was observed in transmission, it would have come out garbage at the other end. On the other hand, he might try his key and get garbage. Then he knows the key was snooped in transmission; he simply tells the sender there's a problem. Nothing has been compromised, the spy has only seen a test message.
If his key is working, then the real data is encrypted with the key and sent, also over ordinary communication channels. It no longer matters if the link is being snooped, because the key has already been sent securely. --
The more regulation, the more chance the ISPs will be awarded common carrier status. Which means they can't be told to shut down a user because of what he's posting, and the spinelessness of ISPs will cease to be a barrier to free spech on the Internet. If the user paid, he gets his 'net time.
--
I remember reading that SHA (Secure Hashing Algorithm) was being developed as a replacement for MD5 because there was a known attack which allowed you to produce an identical MD5SUM given a different set of bits.
A web search could probably reveal what the attack is. Now it may well turn out that you'd need a couple of GB of fake-aim.exe to equal one aim.exe. --
Its interesting to me that the anti-authority script kiddies are going to eventually be the reason and the justification for the authorities monitoring everything we do online. 31337 d00d!
This is such a common attitude: that bad people like script kiddies are fucking us over. "If only they'd stop!" Um, telling them to stop isn't going to make a difference. Let's look at the problem from another approach: secure in the knowledge that script kiddies exist in large numbers wherever teenagers and miscreants have computers, let's try and protect ourselves from them. If this product does something to ameliorate it without invading our privacy, awesome! If it does something to ameliorate the problem while invading our privacy, well, you should be using encryption anyway, because the only thing that's more certain than miscreants causing trouble is g-men and other authorities cracking down on everyone's rights to get their way.
You can't pretend either problem will go away if we just understood it a little better, if we only made the poor script kiddies feel more loved or held our protest signs a little higher for the g-men to see. Accept these things as constants, and work with the solutions that are offered. --
the unfortunately, that's not very funny at all department. They wouldn't get these awards if they weren't representing some honest-to-god evil invasion of privacy. --
I've finally jettisoned the last vestiges of Windows from my home network. Yet at work, I have no choice but to run Windows. It is our development environment, and our Linux porting effort isn't finished yet (it isn't my job to do the port, or it would be finished!). At home I've made a lot of choices about which apps I use, and when I come into work, I want compatibility with those apps. I use Galeon at home, but I can't run it at work, so I'm forced to use two different browsers (Mozilla on Win32, Galeon on gnome-libs). At home, I use LyX to write documentation and gvim to code. At home I have to use Word or gvim. Fortunately Wine allows me to run Lotus Notes in both places, or I'd have no email at home.
What this project gives me is the ability to standardize all my environments on a set of good, free apps - Linux apps. --
As has been pointed out here numerous times, MySQL is missing important features, especially in the area of atomic transactions, that SQL Server has always had. SQL Server is not a bad database - because it was originally based on Sybase, which is a good database. The bad part about SQL Server is that you gotta run it on NT.
I haven't read a whole lot of Dave, but is he always this unintelligible? Form complete, non-run-on sentences, man! How can he expect us to take his message seriously when he can't even communicate it clearly -- especially when a large part of the message seems to be "Microsoft can bite my ass." The message itself invites scorn if it's not backed up by firm arguments, and presenting it in such a garbled way renders his arguments useless.
To anyone reading this: learn how to communicate, or don't bother to learn how to code. --
Since ancient Egyptian times, our memories have been deteriorating. Why? Because with the advent of cuneiform tablets, we no longer had to remember how many bushels of barley we were owed for the barley beer we produced.
Next thing you know, we'll be writing down stories instead of passing them down verbally from mother to daughter, as is proper. Think of the chaos that will ensue.
I blame big industry - the mule-herders and temple-builders always trying to find ways to squeeze one last giant stone wheel out of their customers.
--
You coworker's problem is that he has an incomplete understanding of "nothing to hide". He means "I have nothing to hide from the law." This may be true, but I doubt it. Nearly every human being over the age of 20 has committed a crime of some sort for which they have gone unpunished, be it jaywalking, illegally going through a stop light at 2 am when he wasn't paying attention, stealing a pen from an unwatched desk, etc. But let's assume the government's motivation for punishing those types of crimes remains what it is today - zero.
Does your coworker ever pick his nose? Does he ever secretly read books written by Rush Limbaugh and assert that he is a Democrat to gain peer acceptance? Does he ever laugh at racist jokes?
Does your coworker ever dislike the government's policy about something? Has he ever felt morally obligated to disobey that policy because it was so heinous? There is a thing called Civil Disobedience - in America we regard it as a duty to disobey unjust laws. True, Civil Disobedience is supposed to be a public act, but the practical side of Civil Disobedience is that it can gain momentum by offering the anonymity of the group - anonymity which can be taken away when we let this kind of technology be used by those who govern.
And if we've learned anything with/., it's that if a technology can be used to do something, it will be. If a DNA database exists, it will be used by people who want to pick out political dissidents. It will be used whether you want them to or not, whether that use is "legal" or not, it will be used because it CAN be used. Our governments have the power to access this technology, to use it for nefarious purposes, and therefore they will. Maybe they'll get caught, but they'll do it.
Did you believe those websites when they said your credit card information would be securely stored where no cracker could ever possibly get to it? Do you believe them now? Now ask yourself - do you believe the DNA database will be uncrackable? Do you believe no one can be smart enough, or bribe enough people, or have the right friends, to get access to this knowledge?
And once access is gained, does your coworker KNOW everything that can be done with it? I don't. Neither do you. Neither does he. But I didn't know the flags set on your TCP packets could be used to tell what OS sent the packet, either, and therefore used to figure out how to crack the machine - now I do. All information given away gives away power. And this is an egregious amount of information - this is YOU, down to your toenails.
No. This makes a lot of sense. "Clean" fixes needing major revisions belong in 2.(5?). 2.4 is now open for "making what's there a little better". That means quick hacks, and getting stuff stable as quickly as possible.
It's called maintenance branch vs. development branch. My company does the same thing, and it works wonderfully. --
Anyway, if the only problem with this system is it shoots down pigeons, I think we could put one in the air over NYC and do the city population a favor. --
I know, because I'm writing one. There's money to be made on games these days, and you don't have to sell the box the game comes in to do it. It's all about multiplayer environments these days. People want human interaction.
You know what that means don't you? Subscription sales. You give away the source to the game client (hey maybe even the server), set up your world (this should take the most time - this is where you add value, besides the actual server hardware itself) and invite people to play your free client in your world for a trial month. If they like it, pay.. $8 a month for the service. Make sure the world isn't always static (I'm not talking Evercrack here, they've made an obscene amount of money on a pretty crappy service) so players have a reason to come back month after month, year after year, and voila, you have an open-source game that makes business sense.
You don't lose anything by giving away the source; any potential competitors have to flesh out their own world and put up their own server hardware and offer the support that you will provide (because you're not Blizzard, you don't just leave your customers in the lurch when the game breaks down). And some other company did this, and their game looked great, hey I'd play it. Variety is always good, and their code will get back into your codebase. If someone uses your engine to create a fantasy game service, and someone else uses it to create a space game service, they've nailed 2 different, minimally-competing niches. --
They will probably end up restoring something from backup to appease people, but the damage has already been done regardless. Here's what they're faced with on the backup situation:
- Most likely this has been widespread for a few days, as it usually takes a day or two for something like this to bubble up to Blizzard admins, let alone Slashdot.
- Most likely 99% of the Blizzard players are unaffected. This sounds like a hack somebody used from the regular game client, not somebody who r3wted a battle.net realm server. Therefore, they could only do damage one player at a time, and the vast majority of players aren't worth messing with even as an exercise in vandalism.
- Most likely this has been going on in SOME form for more than a few days, as the person who discovered the exploit wouldn't be likely to tell the world immediately. One person messing around in this fashion would be unlikely to be noticed - even if someone reported the problem immediately they would get jerked around by admins who thought they were lying to get their stuff back. It's easy to believe that Blizzard admins get lots and lots and lots of spurious "fix my character!" requests every day.
This leaves them with a gaping question: which backups do they restore?
(Assuming they even have an option.)
-The entire player database back to the point where the hack was first reported? That's screwing 99% of players out of a week's work to help the 1%. Even doing a full restore back a day or two would be a PR disaster. Can't do that.
- Hand-selected characters who reported the hack? How do they differentiate from the people who actually got toasted and the sea of voices claiming they lost stuff illegally when in fact they got killed/lost gear legitimately? This is at least a good move PR-wise, because they'll only have to put up with minor bitching from the people who decided not to jump on the bandwagon. But it becomes completely unfeasible if they make an effort to investigate every claim. The less investigating they do, the more freeloading that will occur.
Any way Blizzard handles this, the hackers have done their damage. Sorry Blizzard, should have spent more time debugging your code and less time trying to pack 2 million players into a space built for 100k... --
Slashdot Mirror
Is that it's so likely that someone else will point out EXACTLY the same thought you have. Not that I disapprove of his methods exactly. But talk about doublespeak.
--
#!/bin/sh
/usr/src
$ 0.tar.gz
# Note: this is untested code written ad-hoc
# in a slashdot comment box. You decide
# how much you want to trust it.
#
# Usage: lspinstaller <version-of-kernel> <previous-version-of-kernel>
# Must run as root.
ARCH=i386
cd
wget ftp://ftp.kernel.org/pub/linux/kernel/v2.4/linux-
# make sure we only have a linux-oldversion dir
rm linux || mv linux linux-$1
tar xvfz linux-$0.tar.gz
mv linux linux-$0
ln -s linux-$0 linux
# recover our kernel configuration
cp linux-$1/.config linux-$0/.config
cd linux-$0
# answering "no" to new kernel features is not necessarily what you want, but it's a good place to start
yes n | make oldconfig
mv Makefile Makefile.configged
# I find it's always a good idea to tag kernels with your hostname so you can tell what they're meant for
sed s/EXTRAVERSION =/EXTRAVERSION = `hostname`/ Makefile
make dep clean bzImage modules modules_install
# if you use lilo, this automatically runs it.
# if you use grub, do it manually I guess.
installkernel $0-`hostname` arch/$ARCH/boot/bzImage System.map
echo Windo^H^H^H^H^HLinux has finished installing your new software. Press any key to reboot, but ctrl-alt-delete will probably be more effective.
--
This could even go further, in my mind. It's not just that we must defend our own rights by defending someone else's. Free speech gives rise to reason. Nobody knows the full story; it is only through hearing those who disagree with you that you come to understand the flaws in your own argument, and reconcile them. Free speech, and the ability to hear those who you disagree with and disapprove of, isn't just the companion of reason; it is the origin of reason.
--
Correct me if I'm wrong. I'm neither a physicist nor a computer scientist, but I have read about the stuff. First of all, the key is generated on both sides by reading a random string of photons. Quantum entanglement causes this to happen simultaneously at both ends. Because this stream of photons is truly random, the key is truly random, and there is no "Moore's law crack" possible. You can trivially generate a megabyte-long key if you want to. Good luck trying every combination. Then a test message is encrypted with that key and sent over ordinary communication channels. If the recipient is able to decrypt the test message with the key he received, then it follows that he has the correct key. Therefore, the key was not snooped, because Heisenberg says if the key was observed in transmission, it would have come out garbage at the other end. On the other hand, he might try his key and get garbage. Then he knows the key was snooped in transmission; he simply tells the sender there's a problem. Nothing has been compromised, the spy has only seen a test message. If his key is working, then the real data is encrypted with the key and sent, also over ordinary communication channels. It no longer matters if the link is being snooped, because the key has already been sent securely.
--
Make sure to panic now. Get it out of the way.
--
ee lzip
--
The more regulation, the more chance the ISPs will be awarded common carrier status. Which means they can't be told to shut down a user because of what he's posting, and the spinelessness of ISPs will cease to be a barrier to free spech on the Internet. If the user paid, he gets his 'net time.
--
I remember reading that SHA (Secure Hashing Algorithm) was being developed as a replacement for MD5 because there was a known attack which allowed you to produce an identical MD5SUM given a different set of bits. A web search could probably reveal what the attack is. Now it may well turn out that you'd need a couple of GB of fake-aim.exe to equal one aim.exe.
--
This is such a common attitude: that bad people like script kiddies are fucking us over. "If only they'd stop!" Um, telling them to stop isn't going to make a difference. Let's look at the problem from another approach: secure in the knowledge that script kiddies exist in large numbers wherever teenagers and miscreants have computers, let's try and protect ourselves from them. If this product does something to ameliorate it without invading our privacy, awesome! If it does something to ameliorate the problem while invading our privacy, well, you should be using encryption anyway, because the only thing that's more certain than miscreants causing trouble is g-men and other authorities cracking down on everyone's rights to get their way.
You can't pretend either problem will go away if we just understood it a little better, if we only made the poor script kiddies feel more loved or held our protest signs a little higher for the g-men to see. Accept these things as constants, and work with the solutions that are offered.
--
the unfortunately, that's not very funny at all department. They wouldn't get these awards if they weren't representing some honest-to-god evil invasion of privacy.
--
What this project gives me is the ability to standardize all my environments on a set of good, free apps - Linux apps.
--
http://www.cfp2000.org/workshop/materials/projects -dns.html
--
Go with PostGreSQL instead.
--
To anyone reading this: learn how to communicate, or don't bother to learn how to code.
--
Surely XML will suffice.
--
Shell Hopefully Having no Holes
--
Next thing you know, we'll be writing down stories instead of passing them down verbally from mother to daughter, as is proper. Think of the chaos that will ensue.
I blame big industry - the mule-herders and temple-builders always trying to find ways to squeeze one last giant stone wheel out of their customers.
--
In the future, please only post if you're going to rip on Slashdot's editors. Thank you.
--
Does your coworker ever pick his nose? Does he ever secretly read books written by Rush Limbaugh and assert that he is a Democrat to gain peer acceptance? Does he ever laugh at racist jokes?
Does your coworker ever dislike the government's policy about something? Has he ever felt morally obligated to disobey that policy because it was so heinous? There is a thing called Civil Disobedience - in America we regard it as a duty to disobey unjust laws. True, Civil Disobedience is supposed to be a public act, but the practical side of Civil Disobedience is that it can gain momentum by offering the anonymity of the group - anonymity which can be taken away when we let this kind of technology be used by those who govern.
And if we've learned anything with /., it's that if a technology can be used to do something, it will be. If a DNA database exists, it will be used by people who want to pick out political dissidents. It will be used whether you want them to or not, whether that use is "legal" or not, it will be used because it CAN be used. Our governments have the power to access this technology, to use it for nefarious purposes, and therefore they will. Maybe they'll get caught, but they'll do it.
Did you believe those websites when they said your credit card information would be securely stored where no cracker could ever possibly get to it? Do you believe them now? Now ask yourself - do you believe the DNA database will be uncrackable? Do you believe no one can be smart enough, or bribe enough people, or have the right friends, to get access to this knowledge?
And once access is gained, does your coworker KNOW everything that can be done with it? I don't. Neither do you. Neither does he. But I didn't know the flags set on your TCP packets could be used to tell what OS sent the packet, either, and therefore used to figure out how to crack the machine - now I do. All information given away gives away power. And this is an egregious amount of information - this is YOU, down to your toenails.
Don't let them just take it.
--
Is this the end of sex as we know it?
Just because one dipshit doesn't like Netscape do we have to get stories proclaiming the death of ... ?
--
It's called maintenance branch vs. development branch. My company does the same thing, and it works wonderfully.
--
Anyway, if the only problem with this system is it shoots down pigeons, I think we could put one in the air over NYC and do the city population a favor.
--
You know what that means don't you? Subscription sales. You give away the source to the game client (hey maybe even the server), set up your world (this should take the most time - this is where you add value, besides the actual server hardware itself) and invite people to play your free client in your world for a trial month. If they like it, pay .. $8 a month for the service. Make sure the world isn't always static (I'm not talking Evercrack here, they've made an obscene amount of money on a pretty crappy service) so players have a reason to come back month after month, year after year, and voila, you have an open-source game that makes business sense.
You don't lose anything by giving away the source; any potential competitors have to flesh out their own world and put up their own server hardware and offer the support that you will provide (because you're not Blizzard, you don't just leave your customers in the lurch when the game breaks down). And some other company did this, and their game looked great, hey I'd play it. Variety is always good, and their code will get back into your codebase. If someone uses your engine to create a fantasy game service, and someone else uses it to create a space game service, they've nailed 2 different, minimally-competing niches.
--
Wouldn't an advanced alien species measures things in meters? Or have they not converted over yet, either?
--
- Most likely this has been widespread for a few days, as it usually takes a day or two for something like this to bubble up to Blizzard admins, let alone Slashdot.
- Most likely 99% of the Blizzard players are unaffected. This sounds like a hack somebody used from the regular game client, not somebody who r3wted a battle.net realm server. Therefore, they could only do damage one player at a time, and the vast majority of players aren't worth messing with even as an exercise in vandalism.
- Most likely this has been going on in SOME form for more than a few days, as the person who discovered the exploit wouldn't be likely to tell the world immediately. One person messing around in this fashion would be unlikely to be noticed - even if someone reported the problem immediately they would get jerked around by admins who thought they were lying to get their stuff back. It's easy to believe that Blizzard admins get lots and lots and lots of spurious "fix my character!" requests every day.
This leaves them with a gaping question: which backups do they restore? (Assuming they even have an option.)
-The entire player database back to the point where the hack was first reported? That's screwing 99% of players out of a week's work to help the 1%. Even doing a full restore back a day or two would be a PR disaster. Can't do that.
- Hand-selected characters who reported the hack? How do they differentiate from the people who actually got toasted and the sea of voices claiming they lost stuff illegally when in fact they got killed/lost gear legitimately? This is at least a good move PR-wise, because they'll only have to put up with minor bitching from the people who decided not to jump on the bandwagon. But it becomes completely unfeasible if they make an effort to investigate every claim. The less investigating they do, the more freeloading that will occur.
Any way Blizzard handles this, the hackers have done their damage. Sorry Blizzard, should have spent more time debugging your code and less time trying to pack 2 million players into a space built for 100k...
--