Recent Comments

Asimov's essay nailed 2014 civilization's fascination with gadgetry and the frivolous uses of same, aided by incredible advances in communication bandwidth and technology. "There will be lots of robots around, but they won't be very good." Wow! He also predicted similar advances in mechanical engineering, but those have been slower than he anticipated, perhaps more because of economic and financial reasons than scientific/technological know-how.

He thought we'd have colonies on the moon by now; the fact that we don't is something the rest of us should regret, not Asimov.

I'm not a big science fiction fan but I did read some Asimov when I was in school. He wasn't the kind of literary writer you could stack up against the authors who publish stories in The New Yorker, but he was an excellent craftsman who wrote to inform, provoke, and entertain readers at the same time. And always with a friendly touch.

http://orp1.com/
Try the ORP1

Everything about him makes me ill, from his time at MS to his patent troll scam to his bloated soulless cookbook to his appearance.

Is there any hope that this failure in court is the beginning of the end for his "IV" extortion scam? I'm a pessimist by nature so I doubt it, but at least there's hope.

Patenting a budget alert and personalized web sites... for heaven's sake.

Whoa, Pipedot allows ACs now? That was the only reason I was avoiding the place in favor of Soylent.

Very nice change!

Well, sadly most Linux distributions tend to *not activate* some exploit mitigation. I don't know about the Linux router firmwares but last time I checked they even used some old kernel versions that didn't even had some of these mitigations. Personally I use an OpenBSD on an old ALIX board for a long time. Too bad pfsense is based on FreeBSD instead of OpenBSD, otherwise it would be an ideal candidate.

For hardware, I would recommend either the ALIX boards http://www.pcengines.ch/ (there is a new APU model) or Mikrotik routerboards http://routerboard.com/

Time to look into open-source firmware. Replacing oem with, eg, dd-wrt would mitigate this sort of thing, wouldn't it? I'm honestly asking.

this is indeed deliberate, maybe on NSA order? As a consequence Netgear, Cisco, Linksys and the other US network gear suppliers should be avoided as home and in enterprise equipment from now on

Nothing special comes to my mind about contemporary writers at this moment, but in a general way, I would say any book that has an oppressive or totalitarian technological setting.

For anyone who has read several SF books, what has been going on these last years can be scary :
-- Megacorps like Google who buy companies in many different tech domains.
-- Flying drones (armed or monitoring) become widespread.
-- General spying by governments, together with megacorps. They even stopped denying or justifying.
-- Personal spying devices like Google glass for a start, but sooner or later, it could be implants.
-- Genetic manipulation, or at least selection, that slowly starts.
-- Medias: hard to say how they will evolve. Anyway, their interest seems to keep the people fed with the most easy and idiotic content in order to sell the most advertisement time to corporations.
-- Worst of all : most people gladly welcoming those devices and actions.

I must forget or fail to see a few other points, but if you add the next thing coming: Internet of Things, you have almost everything you need for any dark SF.

I confess the Asimov's are the Spousal Unit's. He's also an avid collector and reader of scifi anthologies (and has, in the past, taught a Science Fiction Literature course). He's a fan of the Asimov mags. Whether that means they're good, I can't say, but I do think he has better and more diverse taste in literature than I, so I'm inclined to think there's something in those Asimov mags worth reading.

If you're looking for BSD hosting - and it doesn't sound like you are, I'm using rockvps for www.dictatorshandbook.net and I'm really happy with it. Or maybe I'm happy with BSD. Either way, I'm happy.

Wow man - great looking book shelf, with what looks like lots of good stuff to read. Is that Asimov mag as good as it was reputed to be?

Yes their customer service is outstanding.

I must've read some Kurzweil at some point, as we've got plenty of scifi laying around (I have no excuse for being so scifi illiterate/ignorant), though I cannot recall. I'll definitely try to track that series down.

Perhaps it's more difficult to recognize those long-term, far future predictions as they must, necessarily, be more removed from our current existence and therefor tend to be seen as "mere" fiction rather than as something potentially eventually achievable presented within a fictional framework. It's a lot easier to look like a prophet when predicting the near-possible almost-now. One doesn't have to wait as long, for a start.

Ray Kurzweil? I'd hate to think Howey Hugh's Wool Trilogy is our future, though we're probably capable of it. (Great series, Wool, by the way). Interesting that this guy is considered a futurist, when his vision of the future only seems to be a few product cycles away, so 4-5 years at best. Is no one thinking long-term anymore, or is there no profit in that these days?

I'd be surprised if there are any hosts offering 8 cores at $20 a month. That's insanely over provisioned in my opinion. Although I'm not sure what the competition is doing either. This looks far better deal than what I'm paying, although I'm happy where I'm at and Linode doesn't offer FreeBSD hosting anyway.

I don't know about current authors and predictions for the next 50 years, and I am very much looking forward to what others contribute to this conversation. When I've gone back and reread some Gibson novels years after I first read them, though, I've sometimes been surprised at how prophetic some aspects of them seem (he hardly qualifies as a utopian, mind you). The same is true of some Stross, though that's really likely more a case of catching an emerging trend and expanding on where it might logically progress.

Ok, people, hit me with a reading list. I need some horizons expanded.

Indeed. I find myself in the odd position of rooting for Capitol One. It's heartening and satisfying to learn the judge had the wisdom to see these patents for the nothing they were and to prevent this case from going to a jury trial. Had it gone before a jury, I'm not so confident the outcome would've been as good.

It was interesting to note, in Ars' writeup, that several of IV's much-touted "inventors" are themselves patent lawyers.

I have enjoyed the yearly discount for the past three years... sad to see this go... but there is a certain amount of inertia with regard to researching and perhaps switching to another host service, so Linode may be calculating that most of their clients will just stay put... price was not my only or even main criteria when choosing to go with Linode...

I used to live on an orchard. Rule of thumb was that cherries to 7 years to produce fruit, and could blossom before that. Article sounds bogus -- "wonders of science" type of thing.

--

Floyd

Just-Think-It.com

Die, patent trolls, die. This is a public service announcement on behalf of the tech-using world, who is sick of this kind of crap.

Well, knowing nothing about what's going on behind the scenes, at first glance is this nothing more than a business optimization? Perhaps they found that typical users needed nothing more than X but were actually getting Y, and if they adjusted they could fit more customers into their existing hardware resources?

That doesn't make it right of course, but would help explain what's going on. Not too late for a competitor to swoop in with a better deal and steal away customers - it's what keeps the business world honest and on their toes.

No screenshots then.

One very interesting takeaway from the article is that many of IV's much-touted "inventors" are patent lawyers themselves.

I like where BerkeleyNextgenDaemon was going. How about BerkeleyExtensibleNextgenDaemon(BEND) :)

It's true, and fixing this problem is one of the main motivations of wayland. Actually, wayland also fixes screengrabbing spyware, as graphics buffers are private to the applications and must be explicitly shared by them if desired.

In X there is no security, whatever has access to the server is fully trusted.

Like, uhm, brainstorming fro the top of my head... Wayland ... or ... Mir?

all of the themes for E17 suck donkey balls.

'Bundy' is an awful name that only evokes Al Bundy of Married with Children fame.

So, you have never heard of Ted Bundy?

Interestingly, the Thunar file manager under xfce (Xubuntu 8.10) is doing something that Gnome's and KDE's file managers are not doing: It will flag the desktop launcher file as potential malware and thus prevent execution via a simple click.

XFCE ftw! And that was back in 2008!

Hrm. While what I wrote makes sense, I should have added that ultimately it is highly difficult and truly unreasonable to retain control of every single piece of code that runs on your machine. All that needs to happen in this case is for some code somewhere to write a single line into an easily writable file in someone's home directory to start logging. That is a flaw, we can do better than that.

Eh, I disagree. It is expected behavior, and it is indeed well known. Nonetheless, it is wrong. An application with user privilege should never have such complete control of an application running with root privileges in a sane, secure environment. Allowing that is asking for privilege escalation. The fact that input information is made so readily available to otherwise unrelated programs just makes it worse.

Back in ~2009 there was a bit of a stir involving the sheer ease of getting the window managers KDE and GNOME to run unintended programs using .desktop files . As far as I can tell, it still works. This is a real problem, with potentially nasty consequences.

...and lets not forget that you can use it to charge phones... which has its own problems...

like people phoning and texting you all the time until you develop mental disorders...
or cell phone use in cars and numerous deaths due to distracted driving...

I'm scared to learn what uses you would come up with for a bean bag? :)

I've been on 12.04 till now, but as soon as I have time to migrate I'm keen to see the latest innovations. I'm particularly interested in the new support added for high dpi displays because I really like the trend towards better display technologies, e.g., IPS, high dpi, etc.

I love making music -- the best kind is just with song, body percussion, etc. because it can be so spontaneous -- you don't need any special equipment.

This hardware innovation seems incredibly cool... I wonder how much it will cost and what kind of setup one will need to make it part of an afternoon jam session....

Don't change your distribution just because you want another desktop environment. You can simply install Xfce and Co. on top of Ubuntu and then get to choose before the login automatically. I never got the point of Kubuntu/Xubuntu/Edubuntu whatever. Stay with Ubuntu LTS as it's well supported.

Wow, that'd be cool if done right. Have Ubuntu with Unity, KDE, Gnome 3 and Xfce each on 10 machines. It would be very interesting what students would prefer to pick over time. Neglect the first weeks as everyone needs to try everything though.

Apart from that, here are some thoughts: Mint has some weird update strategy that some called less secure than Ubuntu. I would certainly pick Ubuntu 14.04 LTS right now because you don't have to care about anything for 5 years update wise. You can install KDE, Gnome, Mate, Xfce or whatever else you like on top of that base system. Whatever distro you chose in the end, I'd also stay with a Debian base, it's well supported and documented and now even Valve deploys Steam on it which might get students more interested.

X and Windows are different. Under X the display belongs to the user not the system. That's not a security flaw, it's a design decision. It's also why it's so easy for X to display programs that are running on other systems and so hard to view desktops running on other systems.

Sure things like VNC blur the distinction, but it's still there.

She's describing expected behavior. I don't see anything resembling "an inherent security flaw" in either X or Windows. If you don't trust the programs running in your user environment, you surely shouldn't expect additional security in an elevated privilege window inside that environment.

Also, the part about Windows doing anything different is complete BS. The article "Running Vista Every Day!" shows her clear lack of understanding on what UAC is doing.

The web's moved on a bit since slashdot was new. Anything without Ajax seems old-fashioned now.
Check out http://dev.soylentnews.org/ - they're experimenting with dynamic loading comments.

I think those are valid concerns. I share them, actually. I *do* know that while these comment sections remain pretty sparse, the site is very easy to look at. I thought I'd be happy and nostalgic about early Slashcode, but I am now finding it visually jarring, and I am not sure why. Looks aren't everything, of course. Hoping the user/reader wins as 2014 unfolds.

This sort of thing has been known for a very long time -- for instance, the reason why most modern login managers restart the X server when you log out is to prevent somebody from leaving a program running that can access the next user's screen or keystrokes. Since the X Window protocol allows applications to find out about keypress events, it's not surprising that if you can run an arbitrary application then you can run a keylogger.

There are lots of keyloggers available for Windows, too; I'm not sure why the author thinks that this is somehow Linux-specific. She obviously is pushing her pet "Qubes OS" project.

Well, I've got plenty of desktops to test with. I could almost put a different distro on every desktop in the lab and then just see which one gets the most use!

I'm assuming it's the same for isc-dhcp server. It looks like Bind 10 had a dhcp server bundled in there, which is now broken out into a project called Kea. I got rid of Bind years ago, so I'm more curious about whatever Kea is.

So they're at "T" with Trusty Tahr. That leaves six more versions before they either have to think of a new naming scheme or restart at "A." Any insight into what they're thinking they'll do?

That's kind of the issue: the author points out you can use the xtest application to essentially record keystrokes as they happen, even from someone typing into a root terminal. Her preference is for apps to be unable to communicate with each other, as I understand it, and she claims Windows Vista and up do a better job of addressing this weakness.

X is from a time when flexibility was considered more important than security. So I'm not surprised it is weak in this respect.

If you create a second login session at the display manager, I think that would be shielded from the first: they would be talking to the same X server, but to different displays. If I understand X correctly, snooping is possible between applications connected to the same display (X display, not a physical monitor).

I add, not because I think it's a great solution for you but because I can't resist: Bodhi Linux is Ubuntu-based but with E17 (Enlightenment) as a desktop, and it's really lovely. It's just different enough that your teachers wouldn't be comfortable with it, but try it on your own equipment and see what a great distro it really is.

I hear almost nothing about Edubuntu these days and wonder how active its community is. Mint on the other hand, is all over the news. I thought one of the advantages of Edubuntu was the fact that you could turn machines into thin clients. Doesn't seem like that's advantageous to you so maybe Mint is a good choice?

These days I would think the "ditch XP" movement on hardware that's basically still good should lead to a lot of Linux installs. One can only hope!

Now I'm really confused - will BIND9 and BUNDY then be "competing" products in the open source sense? Will they address different issues or usage scenarios? Also, even if the name has the magic combination of letters, 'Bundy' is an awful name that only evokes Al Bundy of Married with Children fame. How about BooNDoggle? BorNDangerous? BerkeleyNextgenDaemon? Just a starting point.

I think ISC is actually only ending development of BIND 10, and it is this tree that is being renamed to Bundy and transferred to GitHub. As ISC notes in the article, BIND 9 is a separate project for which there is no mention of development ending, so I assume this to mean they will continue to develop BIND 9.