I suspect Blackawton P.S (the first author) is Blackawton Primary School rather than a person.

If you watch the video in the Supplemental data you'll see that the referee comments relate to the referees who reviewed a funding application for the project which was rejected, rather than the reviewers of the final paper.

Which is well and good but unless you have a certificate authority which only ever grants certificates to people who are not part of the ISP or the music industry, it's more or less useless for this purpose.

I don't see how that follows at all. The point about a signing authority is that as long as you trust the authority then you can check that a given site certificate really belongs to that site. It's not sufficient to substitute another site's certificate, even if it's one signed by the same authority.

To compromise the system then CertsRUs would have to issue a signed certificate for thepriatebay.org to the RIAA. Whilst the tinfoil hat bridge may choose to believe that this might happen I can't see it. As soon as this was discovered (and the signatures from the RIAA certificate for thepiratebay.org and the real cert for that site would differ, so they would be disovered) then CertsRUs would rapidly be removed from the list of trusted signing authorities for a vast chunk of the internet, at which point their business goes down a hole.

If you RTFA, you'll see that the reason that they wanted to do the no password for signed packages was because if you always have to type in your password to install something, after awhile you just get in the habit of typing in your password whenever that little window pops up.

Actually the reason for this is that there is a more fundamental rewrite of the DeviceKit and PackageKit systems in Fedora underway which will eventually allow more flexible allocation of system admin privileges to different classes of user. This is a good thing.

However - when F12 was released this rewrite was only partially complete. The backend systems were pretty much all in place but the front end which allows the editing of rules and the assignment of roles had not been written. Fedora was therefore shipped with a default set of rules.

Under the new system the previous behaviour of asking for the root password, but allowing the option to not be asked for it again in future had been removed (for fear of creating a 'make it up as you go along' security policy). The decision therefore had to be made to either allow console (not remote) users to install signed packages with no authentication required, or to require the root password for every install. The developers chose the first option. This has now been changed to the second option.

I'm kind of ambivalent about the light this sheds on Fedora. It's a bad thing to have happened, but it was sorted out quickly and there is now much discussion about setting up a firmer security policy so this won't happen again. Mistakes happen, but as long as they are spotted and corrected then we should all just move along.

It depends when you last jailbroke your iPhone. I did a jailbreak early on. I installed openSSH and changed the default password. I then found out that the phone entered an infinite loop of restarting the home screen and had to be forcibly restored.

The problem appears to be that the passwd binary on the phone is (deliberately?) broken so it generates incorrect hashes for the password entered. If you actually want to change your password then you need to jump through some hoops to change it without using the usual passwd command.

We're sorry - "OMGCancer panic" (c) is copyrighted and owned by FOXNews

I think the Daily Mail may have some prior art on that topic...

What things can OS X do better, than no other OS can do?

Can't speak for anyone else, but in my case my reason for having an OSX laptop is that hibernate/suspend works better than on any other laptop I've ever seen. It's quick and I never have to mess about with restarting services/programs/networks when it restarts. That alone is enough to get me to use it.

Did ya know that DNA does not a virus make?

Are you sure about that...?

I was in a team handing out CDs in the UK and we spent the morning honing our approach tactics to not scare people off. Some people will never stop for someone in a bright green t-shirt handing out CDs, but plenty of others could be persuaded.

What we found was:

* "Have some free software" = FAIL

You can just see the alarm bells going off in their heads, and frankly I don't blame them.

* Hide the CDs under a leaflet!

If you try to give people a CD they often blank you. If you give them a leaflet wrapped around the CDs they'll more often take it. Once they had it in their hand then they usually stop to ask what all this other stuff is.

* Talk about software freedom day first

Don't say you're handing out CDs, say you're promoting an international event - then let them have the discs.

* Hold a balloon.

Don't ask me why, but I got much higher take up from people when holding a balloon when handing out CDs. Maybe I was less threatning that way? We also found that having a load of balloons on the stall brought kids over and you could talk to their parents whilst they were there.

Things we plan to do next year.

1) Have more software for Macs. Maybe we hit an unusual demographic but we had lots of Mac users stop and talk to us and neither of the discs we had (OpenDisk and Ubuntu live CD) would work in a Mac. We'll add freeSmug next year.

2) Helium balloons and free sweets. Brings families over without any further sales pitch being required.

3) Free internet access. Not sure if we can arrange this but a big sign offering free internet access and a load of laptops with 3G dongles running linux. Would attract people over and let them try linux out at the same time.

I've done these events for the last three years and we've had a good reaction from the public each year. I'd stronly encourage people to get involved next year as it's a great way to talk to people about why they might want to use free software and what's available.

Please tell that to the slashdot maintainers. The site currently looks like crap in Safari 4 (did so as well in Safari 3), with colored dots (friend / foe / blabla) and strange widgets all over the place. The "Reply to this" button is also rendered broken, and i don't know what else as well. WTF is going on with /. at the moment? Huge public beta test?

That was annoying the hell out of me too. I found that if I add http://c.fsdn.com/sd/cs_sic_controls_new.png to my adblock list then the random graphics disappear (as do some other bits, but I'll live with that).

How did this not get picked up and fixed already on a site this big??

Can't they just as well play the DVD???

I suggest you try playing a 20 second clip from the middle of a commercial DVD sometime to see how practical it is. Thanks to the inclusion of unskippable logos, trailers and informative films telling you how downloading music is stealing and makes you a criminal, it takes forever to actually get to the content. Whoever came up with the idea of locking DVD player controls should be made to try to start up Toy Story for an audience of 100 impatient toddlers and see how good an idea it seems then.

We could insist that all educational DVD players don't implement these controls, but then that would break the DMCA and we're back to square one.