I think here, most of the discussion is about using a router which does NAT; that lets you share the single IP address that your cable or DSL Internet provider gives you with any number of computers in your house.
Firewalls protect your network from the outside world. If you have an IIS server with the CodeRed bug, a firewall is the difference between spending an evening cleaning up your server or going to see a good movie. There have been numerous bugs in all versions of Windows, many of which a firewall protects against. If you *do* get your machine cracked, a firewall will make it harder for somebody to take advantage of that, since they will not be able to easily initiate connections to your machine.
I have very little faith in a software-based firewalls for Windows, like the ones you see on software shelves. In order for software to process your packets, they must have already arrived on your system, and I don't really trust that portion of Windows, let alone the software itself.
Unless you know a reasonable amount about security and are pretty faithful about applying hotfixes as they come out, I would be very leery of doing this. It exposes your Win2K machine directly to the Internet, which will expose your filesharing ports. If you install IIS, or some other produce installs IIS, there's another security risk to watch for. On our NT server here at work, at least 10 different off-the-shell software packages listen on a TCP or UDP port by default; all of those are potential security risks.
On my networks at least, it's the Windows boxes I'm worried about protecting; I would not put them in front of a firewall if there was anything at all I could do instead. If you do have a Win2K box directly on the Internet, follow the NSA guidelines for securing it (don't have them here, but a google search will pull them up quickly).
I'd recommend getting a standalone NAT/firewall box instead of this. They're for the most part setup and forget, and do a reasonable job of making your network secure by default (as long as passwords are secure and it can't be configured from the Internet side). Using a full computer makes your network insecure by default, and unless you know what you're doing, I'd avoid it.
Try using dhcpcd instead of pump (the default DHCP client with RedHat). I had bad luck with pump and the NetGear DHCP server. dhcpcd should be on your OS CD. Email me if you'd like a copy of my scripts.
For 1, I think people who are non-computer experts recognize that they have to pay more for everything computer-related, just as somebody who is not a car expert has to pay more for everything car-related. If you aren't an expert, you pay for somebody else's expertise in putting things together; if you are, you just use your own expertise.
For 2, it's all in presentation. You don't give away a CD in stores, then have a 900-number for support; you sell a CD bundled with support and a nice box. Or you have software available free for download, but you have to register if your want support.
Lots of companies have succesfully made money from Free Software this in lots of ways. Cygnus (before they were bought by RedHat) made much of their money from hardware manufacturers who wanted gcc ported to their architecture. Ghostscript made much of theirs from selling specialized licenses to printer manufacturers. Redhat made much of theirs by putting Linux and a bunch of packages together on a couple CDs, compiling everything, and making sure it all works together.
If you paid for it by credit card, dispute the charge.
If you don't have any luck, make a pain in the ass of yourself, and maybe they'll find it's just easier to take it back than to put up with you.
If that doesn't work, sue them in small claims court. Should just take up an afternoon of your time, and will cost the store *way* more than the price of the game.
If that still doesn't work, go exchange the game for another copy of the same game every couple days. Again, pretty soon it will have cost the store more not to have accepted your return than to have just accepted it to begin with. I'm sure their policy allows exchanging defective games, and the game is pretty clearly defective.
When people complain that Microsoft, or any company for that matter, is a "monopoly", they generally mean that it's violatint the Sherman antitrust act. The antitrust act was written specifically to deal with Andrew Carnegie's bastardly ways in the early days of the steel industry. He received no assistance from the government, but rather than trying to come up with better pricing or a better product than his competitors, he would do things like buy the train company near his competitors, then refuse to ship their steel.
The Act doesn't deal with government-regulated monopolies at all; it doesn't have to. If the monopoly is given by the government, it can simply be taken away by the government.
Instead, it was created to make things that are unfair, hurt competition, and hurt consumers illegal. One of the things it makes illegal is for a company with an inordinantly large market share in one market (like Microsoft has with Windows in the operating system market) use that to force out competitors in any other market (like the market for Web browsers, firewalls, or CD burning software). And one of the things that makes a company an abusive monopoly is when it gets large enough that it can do things like this with no consequences from the marketplace.
It couldn't be incorporated into the main Wine source code. That's the point; unless they find enough people willing to sponsor the code, it won't go into Wine. Once they do find them, it will go in. Until it's a part of Wine, it can't be included in distributions. It's part of the incentive to contribute.
They're using the same license as Ghostscript, only GS automatically turns GPL after a year or two.
It's really not that hard to turn on WEP, even for your non-31337 mom. You go to the configurator software, select to password-protect the network, go to the client, type in the password. Pretty straightforward. Your bank account is secured by a PIN, your Internet mail account is secured by a password, same concept. It would be interesting, though, to sell hardware bundles with pre-configured WEP keys, so that people who didn't want to go to the trouble could spend a few extra bucks and have some security.
The biggest hurdle is poor key-management. WEP only supports a fixed key, that the base station and all clients need to know. That means that if you have to change the key on the base station and all of the clients at the same time. It also means that if somebody visits your office and wants to use the wireless network, you have to give them the WEP key. In a large organization, it can be pretty difficult to distribute a new key to dozens, hundreds, or thousands of users.
WEP has some workarounds for some of this, like letting the base station accept several keys simultaneously, but key management is still difficult.
I use an Apple Airport on my Linux/Windows network at home. It cost about $300 direct from Apple, and I configure it with the Java-based Airport Configurator
from either OS. Works great, really cheap, and has support for modem or Ethernet. I use the Ethernet at home, and it's small enough I can take it with me places and use the modem. I use it at my fiance's apartment so both of us can share the modem, and I've used it on consulting jobs before where easy mobility of my laptop is convenient.
The vast majority of the security issues (including the one in this article) are simply that the network wasn't configured securely. I haven't seen any real-world attacks against networks that run WEP; the few I have seen have been brute-force decryption of packets. I haven't seen or heard of any attacks where packets were tunneled via a VPN over the wireless network.
As long as you're willing to read up on the security issues and take the time to configure your wireless stuff securely, you should be OK.
I worried about this for a few weeks after I first encountered one of those pads, and eventually decided the risk was entirely on the store and not on me.
As several other people have pointed out, it is just as easy to steal and misuse a paper signature as a digital image of one.
The problem is that it is impossible for the store using these devices to distinguish between a real image of a signature and a forged one (imagine a device spliced in between the signature pad and the cash register with record/playback functions).
But the store is the one that wants proof that I actually made the purchase. If they choose to have extremely weak proof, that doesn't really hurt me very much at all. Certainly no more than the fact that stores rarely check signatures, and certainly aren't well-trained enough to detect even a mediocre forgery. In either of these circumstances, if the store tried to insist I had really signed a sales slip, we'd end up in court, experts would testify that their proof is very weak, and that would be that.
Which is why your PDA currently can't store thousands of hours of music and hundreds of thousands of images. And HTML versions of all of the O'Reilly books and all the RFCs. And (display permitting) full-length movies. And a several-hundred-meg "working set" of documents you may need access to on the road. And a backup of your hard drive, just in case.
Sure, these things aren't vital, but they're certainly not useless.
You have to look at one to understand. Here's this elegant little cube, sitting a few inches above your desk in a clear tube, more powerful than the large, traditional desktop computer next to it . . .
. . . and coming out of it is basically 3 plates worth of spaghetti, which connect it to keyboard, mouse, monitor, speakers, etc., flopping all over the desk.
You'll notice in the ads, they never show the cables. That's because the cube isn't nealy as cool-looking with them.
Assuming that they are running a GPL program they have modified, there is absolutely no violation. They are free to modify GPL programs and use them, just not to distribute them.
It's making the product available that requires the source to be released.
The idea of the GPL is that nobody should run code that they don't have source code to. So if the NSA wants to rewrite Linux and only use it internally, they have the source code to their modifications, and it's find both legally and in the spirit of the GPL. But if they try to give it to the general public without source, then the public is being asked to run code for which they don't have the source, and that IS a GPL violation.
If you're genuinely curious about this, you might want to check out the various documents that the FSF has on their Web page, in particular the GNU Manifesto and the GPL itself.
That study was pretty weak...According to the guy on NPR, they studied 500 people for 3 years. I don't think you'd even be able to see a correlation between smoking and cancer with such a small sample and short time frame.
Slashdot Mirror
I think here, most of the discussion is about using a router which does NAT; that lets you share the single IP address that your cable or DSL Internet provider gives you with any number of computers in your house.
Firewalls protect your network from the outside world. If you have an IIS server with the CodeRed bug, a firewall is the difference between spending an evening cleaning up your server or going to see a good movie. There have been numerous bugs in all versions of Windows, many of which a firewall protects against. If you *do* get your machine cracked, a firewall will make it harder for somebody to take advantage of that, since they will not be able to easily initiate connections to your machine.
I have very little faith in a software-based firewalls for Windows, like the ones you see on software shelves. In order for software to process your packets, they must have already arrived on your system, and I don't really trust that portion of Windows, let alone the software itself.
Get a good dedicated firewall.
Unless you know a reasonable amount about security and are pretty faithful about applying hotfixes as they come out, I would be very leery of doing this. It exposes your Win2K machine directly to the Internet, which will expose your filesharing ports. If you install IIS, or some other produce installs IIS, there's another security risk to watch for. On our NT server here at work, at least 10 different off-the-shell software packages listen on a TCP or UDP port by default; all of those are potential security risks.
On my networks at least, it's the Windows boxes I'm worried about protecting; I would not put them in front of a firewall if there was anything at all I could do instead. If you do have a Win2K box directly on the Internet, follow the NSA guidelines for securing it (don't have them here, but a google search will pull them up quickly).
I'd recommend getting a standalone NAT/firewall box instead of this. They're for the most part setup and forget, and do a reasonable job of making your network secure by default (as long as passwords are secure and it can't be configured from the Internet side). Using a full computer makes your network insecure by default, and unless you know what you're doing, I'd avoid it.
Try using dhcpcd instead of pump (the default DHCP client with RedHat). I had bad luck with pump and the NetGear DHCP server. dhcpcd should be on your OS CD. Email me if you'd like a copy of my scripts.
For 1, I think people who are non-computer experts recognize that they have to pay more for everything computer-related, just as somebody who is not a car expert has to pay more for everything car-related. If you aren't an expert, you pay for somebody else's expertise in putting things together; if you are, you just use your own expertise.
For 2, it's all in presentation. You don't give away a CD in stores, then have a 900-number for support; you sell a CD bundled with support and a nice box. Or you have software available free for download, but you have to register if your want support.
Lots of companies have succesfully made money from Free Software this in lots of ways. Cygnus (before they were bought by RedHat) made much of their money from hardware manufacturers who wanted gcc ported to their architecture. Ghostscript made much of theirs from selling specialized licenses to printer manufacturers. Redhat made much of theirs by putting Linux and a bunch of packages together on a couple CDs, compiling everything, and making sure it all works together.
If you don't have any luck, make a pain in the ass of yourself, and maybe they'll find it's just easier to take it back than to put up with you.
If that doesn't work, sue them in small claims court. Should just take up an afternoon of your time, and will cost the store *way* more than the price of the game.
If that still doesn't work, go exchange the game for another copy of the same game every couple days. Again, pretty soon it will have cost the store more not to have accepted your return than to have just accepted it to begin with. I'm sure their policy allows exchanging defective games, and the game is pretty clearly defective.
You may also want to look at the book "Bad Software: What to Do When Software Fails".
Good luck!
This is simply untrue.
When people complain that Microsoft, or any company for that matter, is a "monopoly", they generally mean that it's violatint the Sherman antitrust act. The antitrust act was written specifically to deal with Andrew Carnegie's bastardly ways in the early days of the steel industry. He received no assistance from the government, but rather than trying to come up with better pricing or a better product than his competitors, he would do things like buy the train company near his competitors, then refuse to ship their steel.
The Act doesn't deal with government-regulated monopolies at all; it doesn't have to. If the monopoly is given by the government, it can simply be taken away by the government.
Instead, it was created to make things that are unfair, hurt competition, and hurt consumers illegal. One of the things it makes illegal is for a company with an inordinantly large market share in one market (like Microsoft has with Windows in the operating system market) use that to force out competitors in any other market (like the market for Web browsers, firewalls, or CD burning software). And one of the things that makes a company an abusive monopoly is when it gets large enough that it can do things like this with no consequences from the marketplace.
It couldn't be incorporated into the main Wine source code. That's the point; unless they find enough people willing to sponsor the code, it won't go into Wine. Once they do find them, it will go in. Until it's a part of Wine, it can't be included in distributions. It's part of the incentive to contribute.
They're using the same license as Ghostscript, only GS automatically turns GPL after a year or two.
Yikes...Thanks for the heads-up, I'll make sure to keep mine on ice. :-)
It's really not that hard to turn on WEP, even for your non-31337 mom. You go to the configurator software, select to password-protect the network, go to the client, type in the password. Pretty straightforward. Your bank account is secured by a PIN, your Internet mail account is secured by a password, same concept. It would be interesting, though, to sell hardware bundles with pre-configured WEP keys, so that people who didn't want to go to the trouble could spend a few extra bucks and have some security.
The biggest hurdle is poor key-management. WEP only supports a fixed key, that the base station and all clients need to know. That means that if you have to change the key on the base station and all of the clients at the same time. It also means that if somebody visits your office and wants to use the wireless network, you have to give them the WEP key. In a large organization, it can be pretty difficult to distribute a new key to dozens, hundreds, or thousands of users.
WEP has some workarounds for some of this, like letting the base station accept several keys simultaneously, but key management is still difficult.
The vast majority of the security issues (including the one in this article) are simply that the network wasn't configured securely. I haven't seen any real-world attacks against networks that run WEP; the few I have seen have been brute-force decryption of packets. I haven't seen or heard of any attacks where packets were tunneled via a VPN over the wireless network.
As long as you're willing to read up on the security issues and take the time to configure your wireless stuff securely, you should be OK.
That would actually make the code not Open Source, because of Part 5 of the Open Source Definition:
5. No Discrimination Against Persons or Groups
The license must not discriminate against any person or group of persons.
> In the same sense, do we keep the bodies of past
> leaders just so that we remember their mistakes
> and not repeat them?
Well, Russia still has Lenin's body preserved and on display, AFAIK . . .
I worried about this for a few weeks after I first encountered one of those pads, and eventually decided the risk was entirely on the store and not on me.
As several other people have pointed out, it is just as easy to steal and misuse a paper signature as a digital image of one.
The problem is that it is impossible for the store using these devices to distinguish between a real image of a signature and a forged one (imagine a device spliced in between the signature pad and the cash register with record/playback functions).
But the store is the one that wants proof that I actually made the purchase. If they choose to have extremely weak proof, that doesn't really hurt me very much at all. Certainly no more than the fact that stores rarely check signatures, and certainly aren't well-trained enough to detect even a mediocre forgery. In either of these circumstances, if the store tried to insist I had really signed a sales slip, we'd end up in court, experts would testify that their proof is very weak, and that would be that.
See:
http://www.mozilla.org/releases/mozilla0.8/
It's under the "what's new", as the very last item. Put the code fragments there in your
~/.mozilla/defaults/prefs.js
file.
I bet your character coding is set wrong. Look in the View menu, under Character Coding, and make sure it is not set to something strange.
Which is why your PDA currently can't store thousands of hours of music and hundreds of thousands of images. And HTML versions of all of the O'Reilly books and all the RFCs. And (display permitting) full-length movies. And a several-hundred-meg "working set" of documents you may need access to on the road. And a backup of your hard drive, just in case.
Sure, these things aren't vital, but they're certainly not useless.
Sure. Look at mod_perl, newer versions of PHP, and (I think) the Java-Apache project.
When you put it that way, I think I'd rather have the leeches then my plane dropping out of the sky . . .
It won't stop individuals from doing it, but it will make it impossible for RedHat to include it on their CDs. I assume that is their goal.
You have to look at one to understand. Here's this elegant little cube, sitting a few inches above your desk in a clear tube, more powerful than the large, traditional desktop computer next to it . . .
. . . and coming out of it is basically 3 plates worth of spaghetti, which connect it to keyboard, mouse, monitor, speakers, etc., flopping all over the desk.
You'll notice in the ads, they never show the cables. That's because the cube isn't nealy as cool-looking with them.
And you should use GNUS, the Free mail/newsreader that comes with EMACS. :-)
Assuming that they are running a GPL program they have modified, there is absolutely no violation. They are free to modify GPL programs and use them, just not to distribute them.
The idea of the GPL is that nobody should run code that they don't have source code to. So if the NSA wants to rewrite Linux and only use it internally, they have the source code to their modifications, and it's find both legally and in the spirit of the GPL. But if they try to give it to the general public without source, then the public is being asked to run code for which they don't have the source, and that IS a GPL violation.
If you're genuinely curious about this, you might want to check out the various documents that the FSF has on their Web page, in particular the GNU Manifesto and the GPL itself.
http://www.cs.colostate.edu/~dzubera/2600faq.html# newgames
That study was pretty weak...According to the guy on NPR, they studied 500 people for 3 years. I don't think you'd even be able to see a correlation between smoking and cancer with such a small sample and short time frame.