Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
User Journal

Journal: HP ships Linux on its netbooks quietly

Journal by 140Mandak262Jamuna
HP is including Linux in its 110 series of netbooks that are shipping now. It goes by various names QuickWeb or Instant Web. When you power on these netbooks, they boot into a splashtop linux instance. The OS is locked down and only the predefined applications could be run. They are browser, photo viewer, music player, skype and some file browser to view files on USB drives. WiFi works. Then if the you want Windows7 or WinXP, you press a button and the machine boots to a full Windows machine.

The Linux part can not see the hard disk of the machine. I just got the machine yesterday and have not poked around much to know how much it can be hacked. The browser is Firefox, I have not even checked to see if I can install noscript on it.

For most users of netbook, this is a very good deal. When you are in a public wifi in a coffee shop or an airport, you are guaranteed not to pick up a virus. I am not saying Linux is more secure or FireFox is more secure. Simply if you stay within QuickWeb or InstantWeb, there is no way any file can be written to the Windows disk at all!

This is such a big brand differentiation and it can be touted to high degree. But HP for some strange reason is very quiet about this feature in its ads and press releases. From business stand point, every company would strive for brand differentiation so that they dont compete on price alone. Quite strange HP is so silent about it. People are spending on purchase and subscriptions to antivirus software. All that revenue could be targeted by selling a device that is guaranteed not to be infected. Once many users realize that they rarely boot to full windows, they and their circle of friends and family would become more receptive to cheaper plain net access devices in various form factors.

I am very sure Microsoft is giving HP hell for this move behind the scenes. Is it the first sign of PC vendors growing a back bone? Or the lackluster promotion of this feature bodes ill for such an experiment? I wonder.

User Journal

Journal: Security concerns over Port 4567 of Verizon FiOS

Journal by 140Mandak262Jamuna
Submitted to Ask Slashdot: I got my home connection upgraded to Verizon FiOS. I am getting a blazing fast connection 20Mbps clocked by three different sites. But one important thing about it is that, the router/modem that must be used for this is supplied by Verizon and it leaves port 4567 open on the WAN site. Quick googling shows that it is a port used by Actiontec, OEM vendor to Verizon, to upgrade the firmware automatically. The router is, in fact, running a server and presents a user name password dialog to the whole world. I used Grc.com to verify that the port is really open to the entire world, not just to the Verizon servers alone.

Though Actiontec claims this port could not exploited I have quite a few concerns about it. If that password is cracked, hackers can upload a cracked version of the firmware and disable all protections at the router. I tried putting another router behind the verizon router but then my speed drops to 10Mbps. Thinking of getting a switch with firewall or configure the second router as a switch to protect my computers in case the Verizon router gets hacked.

I really would like to know the protections against password cracking on the router. How many failed logins are allowed per minute, per hour, per day, per week? Verizon knows which of its banks of servers are authorized to upgrade the firmware on the routers. Should it simply filter out all traffic to these ports originating from any other IP address? And why is the firmware upgrade initiated by an inbound call? Why cant the routers initiate a peridic check and look up their home servers and get a firmware upgrade? I don't like the way Verizon is implementing the automatic firmware upgrade. I fear someday soon somebody is going to crack that password and the hackers are going to get a million bots all with 20 Mbps connection to the world. Even if you are not a Verizon FiOS customer, you will be affected then.

User Journal

Journal: Privacy concerns with social networking sites

Journal by 140Mandak262Jamuna
140Mandak262Jamuna writes " This company tries to become a social website by allowing its registered users to construct their family trees. The idea seems to be once a vast tree is created the users will be able to find their rich and famous relatives etc. I could imagine this being a very useful service to many people. One of my relatives added my name to his tree and geni created an account in my name and added me to the tree and notified me about it. The email had options to opt out of more spam from them. I had a talk with my relative and expressed my concern about adding vast quantities of private info about our lives to a searchable, indexable database owned by some for-profit company over which we have absolutely no control. As it is the net has so much of our public information. Why compound the problem by adding our private information as well?

Looks like it had an impact and my relative decided to close his account and destroy the tree. But geni claims they need my permission to destroy my account. Is it reasonable for a company that bribes its users with free family tree service in exchange for private info about people to follow a opt-out policy? Shouldn't they be required to notify me and get my consent before they add my name? I have received invites from other social networking sites, but they all require me to create an account first. If I ignore the email, I hope, they would not add me to their databases. Probably they will just sell my email address to spammers and stop with that.

I believe there is neither a technological or legal solution to this problem. A new geni.com could easily be run by Russian mafia outside US borders and thumb their noses at us. I think the only solution is social. They are using social engineering to pry private info from the public by offering some service or the other for free. We need to educate the public about the implications of succumbing to the temptations by them. Today if I set up a stand in a fairground and ask people to give the names, addresses and phone numbers of their relatives and friends in exchange for small token gifts the response would not be overwhelming. Somehow people believe it is wrong to tell strangers such information. But set up the same stand in the internet and people are punching in the email addresses of their friends and relatives like gangbusters. What would it take to educate the public about the menace to privacy these companies pose?"

User Journal

Journal: JKR, goblins and *IAA 1

Journal by 140Mandak262Jamuna
In the latest book, The Deathly Hallows by JKR I came across a very interesting passage. Don't worry, this is not a spoiler. It does not reveal any plot details.

"You don't understand, Harry, nobody could understand unless they have lived with the goblins. To a goblin, the rightful and true master of any object is its maker, not the purchaser. All goblin-made objects are, in goblin eyes, rightfully theirs."

"But if it was bought ---"

"---then they would consider it rented by one who had paid the money. They have, however, great difficulty with the idea of goblin-made objects passing from wizard to wizard. [snip] I believe he thinks, as do the fiercest of his kind, that it ought to have been returned to the goblins once the original purchaser died. They consider our habit of keeping goblin-made objects, passing them from wizard to wizard without further payment, little more than theft."

I thought it is remarkably similar to the way a slashdotter would describe the mind set of *IAA people about CDs and DVDs! Has JKR expressed any opinion about *IAA and its tactics?

User Journal

Journal: Telcos reject govt subsidy to serve rural areas!

Journal by 140Mandak262Jamuna
Before you break out the champaigne bottles, please note the story is about Indian telcos. According to The Economist , the government put up a pool of money to subsidize expansion of mobile phones to rural India and invited bids from the mobile phone companies. Most companies are bidding zero, and one negative!. "But something rather odd happened in India: in 38 of the 81 regions on offer, many mobile operators bid zero. In other words, they asked for no subsidies at all. In 15 regions, India's biggest operator, Bharti Airtel, even offered to pay. As a result, barely one-quarter of the 40 billion rupees ($920m) available in subsidies is likely to be allocated." says the article. The article says the companies will still benefit by the subsidy because atleast some of the infrastructure will be paid for by the pool funded by Universal Service Funds, a kind of tax on mobile phone service elsewhere.

The article goes further to say that now the Governments of these devloping nations like Chile, India, Brazil etc are looking to subsidize/build district level (regions the size of counties in USA) wi-fi broadband. Contrast this with what the telcos are doing to rural America. They are arm-twisting the State governments to prohibit (slashdot) municipalities and rural counties from building WiFi networks to serve their communities.

User Journal

Journal: MSN search default on Lenovo. 1

Journal by 140Mandak262Jamuna
Lenovo has agreed to install MSN search toolbar as default search engine. The article also says more "Microsoft plans to announce more such partnerships in the coming months and has several in the works, Osmer said, declining to specify. Microsoft also may start packaging its search tool bar with some of its software downloads, he said."

Interestingly, compared to the last time when rammed Internet Explorer down the throat of all customers and vendors, this time the vendors seem to understand the real benefit of being "default browser" or "default search engine." The article says that Dell demanded its pound of flesh to install MSN as the default search engine.

I think the landscape (should have made a creative pun with netscape here) has changed a lot since the last browser war. Vendors know the deal. Customers seem to be more informed. Atleast in some circles people are noticing the deletrious effects of vendor lock. It is real or it is just an illusion created by the herd moving from one vendor lock to a different vendor lock? In this case from MSFT to GOOG?

Microsoft

Journal: DOT bans Microsoft?

Journal by 140Mandak262Jamuna
Citing the cost and compatibility issues, US Dept of Transportation has banned or racheted back the installation of Office 2007, IE7 and Vista.

Schmidt says the Transportation Department hasn't ruled out upgrading its computers to Windows Vista if all of its concerns about the new operating system -- the business version of which was launched late last year -- can be resolved. "We have more confidence in Microsoft than we would have 10 years ago," says Schmidt. "But it always makes sense to look at the security implications, the value back to the customer, and those kind of issues."

To me it looks like a ploy to wangle a better price from Microsoft than a serious attempt to get truly interoperable system for them.

Microsoft

Journal: Google Moves into Microsoft terriotry, at last.

Journal by 140Mandak262Jamuna
As expected Google announced that it is going to sell Office suite as a subscription service.

The link

I expected them to sell "application server in a box" with maintenance contracts. That will assure the companies that their data never leaves their control. Big companies would not allow their data to be saved in a third party server with independant logs of files subject to discovery and subpoena etc. But what google offers seems to be the higher level service than the free service but the data is stored in Google servers. May be this is a move by Google to pick the low hanging fruits, establish a large user base documents in the ODF format and capture the market of "I want my data anywhere, I dont care if you store it" people.

But in the long term, Google must sell "all-your-applications-in-this-box" server to companies. What Google is peeling away will not make a dent in the revenue picture of Microsoft in the near future. These users might have used MS applications, but either they are using old obsolete versions without upgrading or using bootleg versions. But if millions of users move to this application and move to ODF, MS wont be able to play the game of ever changing file formats and macro-api changes to keep the competition out. Once a standard that is really neutral and not controlled by any one company takes hold, free market will make sure there are some competition. Still MS will end up with a substantial market share but there will be alternatives for the users.

Space

Journal: World is going to end in 2036

Journal by 140Mandak262Jamuna
UN urged to take action to avert asteroid collision in 2036. http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10424822

The collision could wipe out a country the size of England the article says.

Things like hitting them with a bomb or flying a spacecraft into them - you just do not know what the results of that are going to be." Scientists now favour deploying so-called 'Gravity Tractors', small spacecrafts that would travel close to a speeding asteroid and, with their own gravitational pull, try to drag it onto a different path.

It is just 2007, less than 29 years. There is simply not enough time for UN to make a decision.

Microsoft

Journal: Microsoft getting taste of its own medicine.

Journal by 140Mandak262Jamuna
Apple is claiming that Vista is corrupting iPods and advising people to wait for the new release of iTunes.

Microsoft used to play such tactics to sabotage competing software vendors. Everyone remembers the slogan, "DOS is not done till DR-DOS wont run". It created the impression that competing software is buggy and not backward compatible while MS products are guaranteed to work smoothly. Those were the days when it could kill companies and startups by merely issuing a press release, "Microsoft is considering a project to do XYZ" and all the venture capital for companies planning to that particular XYZ would instantly vanish. Even established companies would spend so much of their resource keeping upto date with the ever changing GUI and API of MS, and MS would laugh at them and keep changing it and spend its resources to create new features and make it more and more incompatible with the rest.

Now, there may be nothing to the story that iPods are corrupted by Vista. It could be intentional idea deep inside Microsoft skunk works nostalgic about those days. Or may be there is nothing wrong and those who are complaining of Vista corrupting their iPods did something stupid. Or it could be an unintentional bug. It could even be true that MS's update will fix the issues and make iPod really secure. But Apple is doing to MS what MS did to others. By creating the FUD that Vista is deliberately corrupting the beloved iPod, with its 90 million installations, it could put a damper on the speed of adoptation of Vista. All it takes is one top CEO saying, "Dont buy any new laptops for my (fortune 500) company till it is guranteed that my iPod will work flawlessly." Such things will cascade and PC vendors will feel the pressure.

I think Apple is just a Microsoft wannabe. It uses heavy doses of DRM to keep it incompatible with the rest of the world. Microsoft is doing it in the corporate office software market. Apple is doing it in the music business. Both companies engage in FUD. Let us just hope these two battle each other while some other standard complying nice companies emerge to take over computing. Yeah. I must be dreaming.

United States

Journal: Astronaut charged with kidnapping

Journal by 140Mandak262Jamuna
Well, here is the bizarre story of an astronaut, a married mother of three no less, getting a crush on fellow astronaut and doing crazy things. But what caught my eye was that "emails" were discovered along with some physical artefacts. Are emails and their print outs one and the same? Do we need a course on Eastern Relgions to understand when the emails and their physical representations coalesce to become "one with the universe"?

Link: http://news.yahoo.com/s/ap/20070206/ap_on_re_us/astronaut_arrested;_ylt=As4pWcVg1TafjIgo_EjaMkas0NUE;_ylu=X3oDMTA2Z2szazkxBHNlYwN0bQ--

Relevant passage Inside Nowak's vehicle, which was parked at a nearby motel, authorities uncovered a pepper spray package, an unused BB-gun cartridge, latex gloves and e-mails between Shipman and Oefelein. They also found a letter "that indicated how much Mrs. Nowak loved Mr. Oefelein," an opened package for a buck knife, Shipman's home address and hand written directions to the address, the arrest affidavit said.

One of the chief duties of the mathematician in acting as an advisor... is to discourage... from expecting too much from mathematics. -- N. Wiener

Working...