I just realized today that there is an enormous population of internet-literate people out there who never grew up during the Cold War. An entire collection of slashdot posters who don't remember when the world was divided into East and West. Kids for whom "MAD" and "Nuclear Winter" belong more in the Fantasy section, and who never had to wonder about how these terms might one day apply to their lives.

Of course, that's what happens as time goes on. I was born well after the era of "duck and cover", my favorite memory of the moon landings is The Onion's "coverage", and I don't remember the Soviet invasion of Afghanistan.

Even so, I start to get this feeling that people are forgetting those days. Not that I blame them. There are plenty of things from those times that bear forgetting. It's no coincidence that Charles Stross's "A Colder War", an insane worst-case scenario of the Cold War, is the only short story I've ever read that gave me nightmares.

But there are a lot of good things from that time, too. Among the good things from the Cold War that people are rapidly putting behind them is the whole purpose and reason that we fought a forty-year global struggle and put modern civilization under the constant threat of catastrophic war. Just why were the Russians so reprehensible in the first place? I've known some Russians, even been good friends with some, and they always seemed just fine.

What was the difference between East and West? Of course, this is slashdot, and so you'll never get a simple answer when a complex answer will do. Not that this problem only exists on slashdot. Plenty of people will tell you that it was about ideology, or economic systems, or simply a power struggle between the two great powers of the age. They are probably right, too. But for me, growing up in the 80s, watching movies about people escaping into West Germany and having my Saturday morning cartoons interrupted by live coverage of Tienanmen Square, the difference between East and West always boiled down to freedom.

The word "Freedom" is incredibly vague and flexible. To one person, a slave is free if he willingly made the choice to become a slave. To another person, a person is not free unless he has the right to a telephone. But the Cold War was ultimately a war of freedom, vague or not.

During my childhood, a picture of the East built up in my mind. On that part of the planet, you could be jailed for criticizing the government. Police would break your door down in the night and ransack your house if you were a suspect. The cliched "Papers, please!" The government choosing your job for you. No travel without a permit. No leaving the country at all, unless the government trusted that you would be coming back.

The picture I paint above is probably wrong in many respects. I do not begin to claim that it is accurate, but it is what existed in my mind at the time.

Of course, the West in general and the United States in particular was the exact opposite. The police could not search your home without a warrant. You can feel safe criticizing the government, even the President, in your home, on the street, or even in a nationally-distributed newspaper. If you were stopped by the police, you could refuse to allow them to search you, and they'd have to listen unless they were sure they had a reason that would stand up in court. No permits or papers or anything needed to go from one end of the country to the other. No need to ask anybody's permission before leaving the country. Nobody would follow you around because of your political affiliations. Nobody would tap your phone lines because you liked Russian music. Nobody would rummage through your library records searching for Communist ties. A place where "because I feel like it" was good enough reason to be wandering around somewhere at two in the morning. Innocent until proven guilty.

Just as it happens for everybody, the world became more complicated as I grew older. Black versus white blurs into shades of gray. I learned of McCarthy, of the excesses in Vietnam. I learned that not everybody was an unhappy, oppressed slave in Communist countries. I learned about racial profiling and Big Business, about monopolies and environmental disasters and Syphilis studies.

But even through it all, the US remains a place that strives for freedom. Of course, we don't have perfect freedom, even if such a thing could exist, but we strive for it. It is the entire reason and purpose for this country's existence, even if we do a bad job of it sometimes.

Neal Stephenson puts in nicely in The Diamond Age:

"That we occasionally violate our own stated moral code," Major Napier said, working it through, "does not imply that we are insincere in espousing that code."

"Of course not," Finkle-McGraw said. "It's perfectly obvious, really. No one ever said that it was easy to hew to a strict code of conduct. Really, the difficulties involved-the missteps we make along the way-are what make it interesting. The internal, and eternal, struggle, between our base impulses and the rigorous demands of our own moral system is quintessentially human. It is how we conduct ourselves in that struggle that determines how we may in time be judged by a higher power."

This post is for everybody who's ever questioned the need for anonymity, everybody who's ever stated a preference for catching terrorists over following proper judicial procedure, and everybody who thinks more intrusive airport security is worth it. Many people have forgotten, or never remembered, the fundamentals of what freedom is all about. It's not about being rich, or safe, or cared for. It's not about stifling technology. It's not about prohibiting companies from making their products secure, and it's not about spurning anonymity because it might help child pornographers. It's about being free to speak your mind, run your life, and be without persecution. In the end, it's about not having to justify your own actions just because they're different. In a free society, you don't have to justify your desire not to be identified, your desire to be free from searches, or your desire for privacy.

No one wants other people messing around with their computer when they're away from their desks, but what can you do? It's not practical to log out every time you want to go for a cup of coffee, so many people put a password lock on their screensaver instead.

This is much more convenient, but it has a serious Achilles' heel: if you are in an environment where many people have logins on your computer, such as an office with centralized login (NIS, ActiveDirectory/Kerberos, LDAP, OpenDirectory, NetInfo, etc) where everyone has an account on every computer, then anyone can use their own login to disable your locked session. The only record of this will be an entry in /var/log/secure.log, which is only useful after the fact -- provided that the person who logged in didn't know to cover their tracks.

For a lot of people, this probably defeats the purpose of locking the screen to begin with; until & unless Apple provides a way to change this behavior, it may be wise to avoid the screen saver lock and fully log out of the system whenever you will be away from your computer for a long time (lunch break, overnight, etc).

Addendum:

This may only work for Admin users, which would be a lot less serious than I was thinking at first. I need to test that...

It occurs to me that the recent Safari/Help security issue in OSX could be broader than is being generally portrayed so far.

Consider: the fundamental issue here is that an OSX web browser -- Safari in the original reports, but apparently also Mozilla etc -- is acting as a broker for any URI that the user may come across, delegating the request out to external handler programs. Whether those external programs handle their URIs safely may be an open question.

The problem isn't really that Safari or Help is broken, but that the interaction between them, arising from the URI handling mechanism on OSX, is leading to Unintended Consequences.

OSX can handle many different URI namespaces, some of which seem to be used nowhere other than OSX. I'm having a hard time finding an exhaustive list of the URI protocols that OSX supports, but a partial list includes, in no particular order:

http://
https://
ftp://
mailto://
ssh://
telnet://
aim://
afp://
nfs://
smb://
sherlock://
itms://
daap://
help://

So far, I can think of published vulnerabilities in the telnet:// and now help:// protocols, but is that the end of it, or is the whole framework vulnerable to these sorts of attacks?

I have a hunch that we're just seeing the thin edge of the wedge...

There may be nothing to this, but it seems interesting anyway. I recently bought a PowerMac G5, and when I registered it with Apple, I was offered a free subscription to MacWorld. When signing up for the subscription, one of the questions you're asked is which Apple product you purchased most recently -- and one of the items on the list was "iMac G5". Does the MacWorld marketing department know something that the rest of us don't, yet? Very interesting...

Addendum:
A version of this story was picked up on Slashdot's home page.

GarageBand looks okay and all, but they totally dropped the ball on the name. For one thing, they broke then "clever" iName scheme that the rest of the iLife suite uses. For another thing, they missed a chance to get an oblique 80s punk rock reference, which clearly all software should aim for. How could they have fixed this?

iRock

Or if they wanted to go for that trendy leetspeek "we meant to mis-spell that, thankyouverymuch", they could have used...

iRockz

Is it too late to go put new label stickers on the packaging, and to change out the strings in the software? I hope it's not too late...

Joe - Wow, Pretty good Jim Morrison impersonation there.
Rod - Yeah, I hope those guys have a good sense of humor and don't take us to court.
Joe - Uh, what's the court?
Rod - Never mind that,
Joe - Oh, you mean like the People's Court?
Rod - Well, that's another story; the important thing here is you gotta ask me how I'm gonna get down to the shore.
Joe - Uh, how you gonna get down to the shore?
Rod - Funny you should ask, I've got a car now.
Joe - Oh wow, how'd you get a car?
Rod - Oh my parents drove it up here from the Bahamas.
Joe - You're kidding!
Rod - I must be, the Bahamas are islands, okay, the important thing now, is that you ask me what kind of car I have.
Joe - Uh, what kinda car do ya' got?
Rod - I've got a BITCHIN CAMARO!

++++

Yes, this is a repost, but dammit I think it's funny... :-)

Ooh, good line, must share:

"It's not the voting that's democracy, it's the counting."
--Tom Stoppard

Not that it's cool to whine about moderation, but what exactly was wrong with these two comments?

Someone was complaining in the Boston's Big Dig Finally Open thread about the lack of pedestrian access to the new Zakim Bridge, and seeing as I was lucky enough to have a chance to ask the project's chief engineer that exact question, I thought I might share what I learned. And yet an explanation as given to me straight from the horse's mouth, as it were, is "overrated", while someone complaining that the reason sounds like "bullshit" is left as is.

Moderate however you want, but I'm not a troll, and when I can't be funny, I do try to be constructive in the threads I participate in. This isn't the first time this has happened in the past month or two though -- maybe someone just doesn't like me or something. Oh well...

Seen on the Slashdot footer right now:

Live Free or Live in Massachusettes.

Do I take it that the joke here is that the charming libertarian wackos from New Hampshire are too dumb to spell the name of their next door neighbor? :-)

Dear Aunty Slashdot,

Like many people, my wife and I have digital cameras that can record short mpeg video files in addition to traditional jpeg stills. Like any still camera, taking photos with the camera held vertically is a perfectly conventional thing to do, if the subject matter being photographed would be better framed that way. Caught up in the moment though, we've also got some video files that were shot this way, and fixing these is proving to be much harder to correct. Does anyone know of a good, relatively painless way to rotate video files so that they're right side up? As video-capable digital cameras become more common, this is a feature that I'd assume an increasing number of people will want.

I'd prefer some kind of freeware approach to this, but so far haven't found anything that seems like it will help. It seems like ImageMagick might be the most promising tool, if I can get the mpeg2vidcodec_v12 plugin working on my Mac (lots of make test errors so far...), but even then will it be as simple as a convert -rotate 90 > video.mov ? So far, I can't even get to that point with the IM toolkit. CinePaint (nee FilmGimp) didn't seem to want to open *.MOV files to begin with, which confused me as I thought that was the whole point of CinePaint. I've also looked into mjpegtools, mpgtx, VirtualDub and TMPGenc, but none of them seems able to do rotate the contents of video files. I was able to open a sideways video file as a series of hundreds of separate still images in Adobe ImageReady, but even with that program's automation tools (and my admittedly shaky grasp of how to use them), rotating them all & stitching it back into one file seems like it'll be annoying. I've also tried Apple's iMovie, but it seems to be geared towards stitching together a collection of video clips rather than manipulating the contents of any given clip in any significant way. I don't have any other commercial software available, and am not that interested in shelling out possibly hundreds for the kind of "pro" software that might work but would be overkill for my usual needs.

As an added bonus, it would be nice to be able to convert individual frames to JPEGs for making thumbnails, or ranges of frames into low-resolution GIF/MNG animations. I have a hunch that the ability to do that may fall out of any solution to the bigger problem, so I'm putting off worrying about this for now, but would like to be able to do it eventually.

Does anyone know of a good way to rotate video files? I realize that the proportions of the converted file will be "wrong", but I don't care -- they're low resolution files meant only for viewing on my computer or maybe a web page, and if I ever want to put the files on a television screen then I can just put up with the vertical letterboxing. So far, the only approach that seems to have any traction at all is to find a way to treat the file as individual frames, rotate one by one, then stitch it back together -- but that seems annoying, particularly if the file also has an audio component that has to be kept track of. Still, for lack of tools to do it any other way, that's the best approach I've been able to come up with. Can anyone suggest something better?

Dear aunty Slashdot,

Does anyone here understand how Mozilla / Firebird's current security module system works? In particular, does anyone know what's up with the "software security device"?

My fiancee's computer -- a WinXP laptop with no user account passwords (it's just two of us using it, and we trust each other) -- keeps throwing these annoying dialog windows demanding that you "Please enter the master password for the Software Security Device." whenever you take Firebird to a web page with a username & password.

The catch though is that no password I can think of as a likely candidate works. A bit of Googling points to a couple of semi-promising solutions, and while all the ones I've found so far talk about Linux, the general description of the issue seems to be spot on. The workaround -- enter the Linux login account -- doesn't seem to apply here: there is no Windows system login for this account, and leaving the password field blank doesn't work either.

Following on from the Mandrake advice, I tried opening up Firebird's dialog window for the security device settings (go to Tools -> Options, then Advanced -> Certificates -> Manage Security Devices [there's a disclaimer that this is subject to move around in future releases]). This brings up a cryptic dialog window with the "Device Manager" (yay! trusted computing IN OUR TIME), with a hierarchy of cryptically labelled "Security Modules and Devices" on the left (e.g. NSS Internal PKCS #11 Module -> Software Security Device), some cryptic "details" and "values" in the middle panel, and a column of cryptic buttons over on the right. (For a crypto system, they've got being cryptic nailed :-/ ).

With those right-side buttons, three seem to do with managing what appears to be the equivalent of OSX's Keychain ("Login", "Change Password", and "Load"), but again if you click on any of those you get asked for the master password -- the lack thereof being the rabbit I'm chasing down this hole. There's also a button labelled "Enable FIPS", but there seems to be no indication of what happens when you click it or what FIPS stands for (if in fact it's an acronym in the first place).

Hilariously, there's also a "Help" button on the bottom of the dialog, but it doesn't seem to be hooked up to anything. Har har har.

----

So, the QUESTION:

Where did this thing come from, and how can one either fix or disable it? If it's like Keychain, and provides some kind of encrypted safekeeping for sensitive form data, I have no problem with doing it "right" and working logged into the subsystem. As it is now though, it's just getting in the way, and I can't figure out how to reliably get it to go away and stay away.

I say "reliably", because on some sites I get the dialog almost every time I follow a link, while on others it's just at the initial login -- I assume that this has to do with how accounts are being managed on the server, but haven't been ablle to pin down what's going on there. One annoyance per site I could deal with, but repeating it all the time like this is really getting on my nerves...

Any help wins an ice cream cone -- TIA :-)

So, much to the delight of every liberal in America, Rush Limbaugh has been caught in a wonderful pair of fuckups this week -- blatant racism, and abuse of a drug that can cause deafness (which it just so happens he came down with a sudden case of a year or two ago -- curious, eh?).

The drug article ran in my new favorite magazine, the National Enquirer. The online version of the Enquirer article doesn't have all the details, but I was thumbing through the paper version in the supermarket yesterday, and it has a copy of an email he sent to his dealer in Florida.

Apparently, Rushie's email address is <rprivate@eibnet.com>.

Again: Rush Limbaugh's private email address is, according to that bastion of journalistic integrity second only to Slashdot, <rprivate@eibnet.com>.

Not that I'm advocating that anyone abuse that nugget of information or anything -- that would be *wrong*, and only commie pinko liberal traitors would want to get this Great Natural Treasure upset -- but if anyone thinks of anything amusing to do with that nugget of information, this commie pink liberal traitor would be your Friend Forever.

I love my Apple computers. I have a G4 tower in the back room. I have powerbook that I injured a while back but still serves me faithfully. I have a newton 2100 in my pack, a broken newton 2100 and another old newton in storage. I have a Mac Classic, a perfoma, and all manner of half assembled portables and desktops. I reluctantly gave up my Apple /// because of space considerations, and I regret it to this day.

It has been a strange ride over these 20 years. Shape tables on the Apple ][. A EPROM burner in another Apple ][ to program an EEPROM for use in a Z80 controller for flight. Printing WYSIWYG documents for the first time from a Mac to an imagewriter. Horrible fonts and resolution. Embarrassing. But such excitement to not have to embed the Epson codes directly into the AppleWriter document.

And then Macs that actually ran fast enough to do work. And then Macs with harddrives, separate monitors, expandable innards. Appletalk replaced with ethernet. And then SCSI gone and all my stuff had to be replaced with Firewire stuff.

But through all this time I have never felt betrayed. Until today. Yesterday I happily installed the MacOS update. I have complained a bit in the past week about the fact that they combined security and feature updates, and I hope they have learned from this experience, even though the probably have not, but i am over it. Sort of.

But today I noticed something strange. Moving advertisements on my web pages. Could it be that my preferences for images got messed up? No, checked my pref files everything as I left it. Could it be that more sites are manually changing images? Unlikely but i looked at the page source just to be sure. No, nothing there. The source for the web pages is essentially what it has been for these sites. Check for flash, try some scripts, then give up with a static images. So could it be Flash? I don't have flash on my computer. It eats up too much time. Do a search for the file, not there. Forgot where the file was stored, so i just go back to double checking preferences and the source of the web pages. Maybe I missed something. It sure looks like flash, though.

Finally get a brainstorm and go to the macromedia site. Yep, it starts playing a flash movie. I definitely have been infected by the annoyware virus. But how, and where it is? I finally find a web page with the directory location. It is in the library directory. Not the user one, but the main one. The one that needs administrator access. Find the file, check the date. It was the date and time I installed the MacOS update.

Now, i have no proof that the update came with a flash payload. I could have accidently installed it some other way. All I have is circumstantial evidence and i do not want to make false accusations. But the install time was during the time i was installing the update. I go through great pains not to install flash and avoid sites that require it.

On the other hand flash is becoming tricky, and someone may have set up a trojan that got it onto my computer. Could have been Apple could have been someone else.

And the only thing that the knowledge base lists is Safari enhancements. Which of course brings a whole separate set of problems, like what if I don't want to use Safari.

I am telling you. I am so close to getting a Intel piece of crap, installing Linux on it, and just running the command line with the occasional X for the rest of my life. It was not so bad when all we had was the command line.

So, SCO's out to destroy things that I love and that I've spent years of work on, paid and unpaid. Microsoft and Sun are funding the SCO legal/PR attack. I'm outraged. And if you're reading this, you probably feel the same way.

What to do?

(1) Work on an open source project. If you're a programmer, you already know how you can help. If you can write doco, review the documentation and send documentation patches. If you can translate documentation into another language, ask around for projects that need help in the language that you write in. If you can help test CVS versions, do that. If you know how to write a good bug report, do that.

(2) Do background research. Any bit of fact might be useful to IBM's lawyers or LinuxTag's lawyers or Red Hat's lawyers. More importantly, these facts might be useful to the trade press, who work on a much smaller budget than IBM's legal budget!

Start by reading groklaw and get a feel for what's useful. Then hit the search engines and look for things. When you are presenting research, keep your opinion percentage low, and your facts and references high.

(3) Move to Utah and register to vote in time for jury selection for the trial in 2005. IBM is paying relocation expenses; talk to your IBM co-ordinator for details.

(4) If you need an outlet, use Slashdot for the outlet, and use other communication channels for real news and information that might actually help protect our work.

(5) If someone contacts you and claims to be, or be speaking for, a member of the Linux community who is committing illegal acts against SCO: respond to the second part of that message, not the first. Either hang up and keep your mouth shut, or turn the message over to the proper law enforcement agencies.

That's it, really. "Do something positive for an open source project" takes just a few words to way, but can take lots and lots of time to execute.

According to Macworld UK, Be, Inc. has settled its antitrust suit against Microsoft for $23 million. Microsoft, typically, admits no wrongdoing in the settlement. Readers may recall that Be, maker of the BeOS operating system, brought their suit against the Microsoft back in February 2002. At the time this suit was brought, it was becoming obvious that the US government's antitrust suit against Microsoft was not going to result in any significant punishment for the convicted monopolist. Some observers felt Be's claims that Microsoft's vendor contracts excluded competitors from the market was a stronger case than the browser bundling aspect that the US department of justice pursued, but in the end it seems that Be no longer had the resources to complete the trial. With this case abandoned, the best hopes for a remedy to the Microsoft monopoly now seem to be in the European courts, or with a possible regime change in the USA in 2005.

It looks like the staff at E-Commerce Times have come up with a wonderful new logo for SCO articles, as scaled down to icon size by Google News (and I've stashed a backup of, just in case).

It shouldn't be a Caldera logo anymore anyway. I think a picture of someone shooting themself in the foot is much more apropos.

...now that I think about it, the better thing to do would be to edit the Monty Python foot used for the humor articles, and add firearms as needed. Thus binding in the whole tragi-comic nature of the situation in one fell swoop.