Slashback: Public, Anecdotes, Conclusions 274
How many anecdotes? Drestin writes "Looks like all the flame mail and traffic to WinInfo for the recent 'Windows more secure than Linux' article prompted it's author, Paul Thurrott, to reply with his opinion. He tells us to think with our heads, not our hearts."
Several readers complained about my original (since updated) headline, and they're all right. As Kathleen Ellis put it:
Here, why don't you pay? TheGeneration writes "Recently Salon had an article about public money being used to write private code (ie, for a university.) The article apparently moved Richard Stallman enough to write a response and opinion. Stallman sites his own reason for leaving MIT such as his inability to write free software while under their employ. Stallman discusses ways to sidestep University control of free software, and how to get admins to allow software developed under them to be licensed as free software.""I find this title to be rather misleading. Bugtraq is a security mailing list that happens to be archived on security focus' web site (it is also moderated by one of SecurityFocus' founders, but bugtraq content is not subjected to SecurityFocus editorial control), and WinInformant is really the one making the assertion, based on their analysis of Bugtraq list traffic.As an occasional SecurityFocus reader (and occasional writer), I am particularly concerned that your headline (and the attribution of the assertion to SecurityFocus) will make SecurityFocus look bad. As a professional in "the industry" and as someone who follows computer security very closely, I am confident most sensible members of the security community will quickly realize that the assertion is of extremely dubious merit and your attribution could make SecurityFocus look extremely foolish."
For your personal museum's display cases. airrage writes "As a follow-up to the early design docs for some of the earliest ATARI games. More fascinating, is the 30 Secrets of Atari. Did Jobs ever do any work? Finally, the creater of ATARI's adventure has a web site. Check out his work on virtual nano-technology and his presentation on creating Adventure. They sure didn't have much to work with did they?"
Connecting everything to everything. seanadams.com writes: "Our company has just published the firmware source code for our SliMP3 Ethernet MP3 player, previously reviewed on Slashdot. The firmware, written entirely in assembler, includes our super-compact TCP/IP stack for the 8-bit PIC microcontroller. The license allows for non-commercial use, so I hope this will be of interest to PIC hackers! If you're interested in experimenting with Ethernet and TCP/IP on the PIC, we will have an integrated PIC+CS8900 module and development kits available next month."
Next stop is telepathy. ruvreve writes "An update to a previous article featured here on Slashdot. Wellington is offering not only city-wide gigabit ethernet they are also offering wireless access. Currently it is still 11Mbps but plans are to make it 56Mbps down the road."
Not someone I'd want to mess with anyhow. yndrd writes "As a follow up to a previous Slashdot story about Harlan Ellison's feud with what he considers to be pirates of his work, Ellison has reached a settlement with Critical Path Inc. who will create software that enables Ellison to immediately delete postings of his work on the RemarQ service. The (somewhat) full article is here. He's still ready to rumble with America Online, the other party in his lawsuit."
The dirty side of quick n' dirty. nailgun writes: "http://www.maokhian.com/wireless/wap11.html has before-and-after oscilloscope traces of the spectra of a power-boosted (hacked) Linksys WAP. From the traces it is apparent that power-boosting does no good, since all (or nearly all) additional power is blasted out in neighboring frequencies. Boost your Linksys and you'll step on all other WAPs in the neighborhood. These are cool pictures too."
This took a survey to determine?An Anonymous Coward writes "Remember the Space Survey Thread? Where NASA was asking for our opinion on where to go in space? Well, the results are in. Lo and behold, we all want to go to Mars."
Planetary Society Poll on NASA (Score:3, Interesting)
The poll, alas, was only about robotic exploration priorities. The Planetary Society is dedicated to promoting robotic exploration off the planet and is mildly biased against such projects as the ISS and human exploration of Mars and the Moon. To support human exploration, join the National Space Society.
Note: I support the use of robots as precursors to sending the scientists and colonists. Both programs have merit, and provide me with a paycheck in the private sector.
Stallman and his inability to tell the truth (Score:2, Interesting)
Yeah, sure, Dick. Whatever. Live in your own little fantasy world.
Anyone else notice that he's dropped GNU/Linux altogether? Now it's just GNU. No credit given at all to the kernel. I guess it's just not important.
Funny, I didn't think Dick had a problem with people making money with software.
He isn't pro-Free software in the least. He is simply pro-GPL and anti-everything else.
It reminds me of Pres. Clinton when giving the speech to a group of seniors:
(paraphrase)
"Now we could give back all your money to use as you see fit."
<applause>
"But that wouldn't be a good idea because you might squander it."
<boos>
Everything he says sounds great until he gets to the punchline. Boo, Dick, Boo.
At least ... (Score:1, Interesting)
91% Male
53% were between 15 and 35
And 83% of respondants accessed the web several times a day.
This goes to prove my point, the geeks shall inherit the Earth.
123987.
That's not your head... (Score:3, Interesting)
I agree it's too bad he got a lot of "frothing" email. But I hardly think this response is a model of rationality either. He makes the point that compaines bet their future on Windows, and it wouldn't be true if it were "really so insecure." The same could be said about Linux. The fact that something is usuable does not mean it is more or less secure.
He states What I am trying to say is that Linux is not more secure than Windows. It's impossible.
That makes no sense. Of course it is possible for one system to be more secure than another. Maybe he means that you either are or aren't secure. OK, that's a valid point, but looking at the number of flaws discovered for a system in a given year gives you some idea of how likely it is that a new security flaw will be introduced in the future.
He also argues that fewer Linux vunerabilities are found because it is less widely deployed. I also think that this argument is invalid. Yes, fewer automated exploits are written against Linux vunerabilities because of this. Sure, this is why fewer Linux systems are broken into. However, I would argue that the communities of people who look for security vunerabilities on Windows and Linux are of comparable size, and large enough to find a comparable percentage of flaws.
The fact is, his original Short Take was simply blatantly incorrect in stating that for "the previous 5 years--for which the data is more complete--also shows that each year, Win2K and Windows NT had far fewer security vulnerabilities than Linux" The only way you can come up with that is by adding the numbers for each distrubution together, which is ridiculous (this same issue came up last summer).
Yes, the numbers show Win 2K beating RedHat last year. They also show a troubling increase in the number of Linux bugs in general. No, this issue shouldn't be dismissed out of hand. Yes, I'm sure a lot of people were offended by this article because they thought with their heart. However, I would hardly call putting out insultingly incorrect statements "thinking with your head"
nasa will be around forever (Score:2, Interesting)
First Easter Egg?? (Score:3, Interesting)
Is this the first recorded easter egg in software? Or were there prior ones?
Jobs and Wozniak? (Score:4, Interesting)
I've read Jobs is hard on his employees, but I've seen that some of the best and most successful leaders sometimes are.
Then I read this:
Now, over the years, partially due to misrepresentations of myself in the media, I've learned to take public reports with a grain of salt. Anyone have any confirmation or details on the above statement?
My opinion of Wozniak (which couldn't be higher), wouldn't be harmed; but my business admiration for Jobs would be seriously affected if this were true. I don't mind business people being harsh, as long as they're fair, and this most certainly wouldn't have been, if it were true.
(On the other hand, I've seen people with big egos justify in their own mind that they were due the majority of the benefit, while "worker bees" did all the work. So it might just be a case of that...)
-me
Changing WAP11 power output. (Score:4, Interesting)
Looking at different values and monitoring with wlanexpert [practicallynetworked.com] I see that on my WAP11s, near the factory setting the adjustment is very sensitive (i.e. small change in CR31 = large change in signal strength). The 20-30 values around it (maybe something like B0-C8 on the AP I have been testing) account for about 7-8dBm of difference.
CR31 settings outside this range have much less effect on signal strength - perhaps 1-2dBm.
I would be interested to know how clean the output is when the amplifier is set to the lowest amount (i.e. highest CR31 value) for the maximum signal strength measured.
I assume that above this value there will be a lot of distortion. (I'm not an RF engineer and would appreciate comments from anyone who is, but I assume it is similar to audio amplification - if so, imagine you have an amplifier and the inputs are turned up much louder than can be handled - the output doesn't get louder, it just gets more and more distorted. I assume that the situation here is similar.)
The question I would like to have answered is, at this value, is there still a serious amount of power into the sidebands? (Answering this requires access to a spectrum analyser - so this is just a question not a suggestion! Still, setting like this is at least not likely to cause worse problems than setting at 80, and isn't going to reduce the range).
Values below 80 react quite strangely, I didn't test very much since I found many values reducing power below the card's sensitivity (so I had to run up and down several flights of stairs to reset CR31 from the wired lan, which was very good exercise!). So...
I hope that everybody noted their default settings before modifying CR31 ;-) My two boxes (bought at the same time) came set to ...
c7-c7-c7-c7-c5-c3-c1-c1-bf-bf-bf-bf-bf-be
c7-c7-c7-c7-c7-c5-c3-c3-c1-c1-c1-c1-c1-c1
So this definitely seems to be done per-unit and not per-batch. (And, these are different to figures I've seen quoted in mailing list posts).
Presumably they are factory-tuned for the best trade-off between good range and a clean signal, without putting too much power into the sidebands, and probably with a safety margin so that this remains true while the unit ages and if it's operated in different temperatures (electronic components are not at exactly the rated value, they are usually within a certain tolerance, the software setting is to account for this - in other designs this might be done using, for example, variable resistors). And obviously the factory settings will be tuned to ensure that the unit is within FCC limits (for example, ensuring that transmissions stay within the ISM band so you're not broadcasting into licensed bands without a license, which you might be if you adjust CR31 without testing with proper equipment or filtering to remove out-of-band transmissions).
Head back to 1973 (Score:3, Interesting)
Looks like the first recorded easter egg was back in 1973 [eeggs.com]. Are there any eggs that pre-date this?
WAP 11 Dirty Output (Score:2, Interesting)