Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Regulatory capture (Score 1) 191

Regulatory capture is the relevant mechanism.

To which I humbly ask, for an organization which result is easier to achieve: success or failure?

Now, given the fact that we tend to elect as representatives those who openly subvert the intentions of the standing institutions of government, then as they twist the already plunged keys-of-good-faith from our nation like a dagger in the side, proceed to sell short public opinion in the very organization they swore to uphold, all the while riding the 24/7 rating-making-machine straight into their next election like a prophetic hero, how reasonably can we expect success?

Comment Re:he's right (Score 2) 680

The way to mastery typically involves teaching. =)

While teaching could be a speciality, I hold that it is an essential skill. If one cannot teach others, it is hard to imagine that this person could correctly teach himself correctly in the first place. In addition, teaching others helps remove personal biases and provides new opportunities to reconsider the original assumptions/axioms, without which we reach lower plateaus.

And so it is said that the good idea will stand the tests of time. I used to think that this required sheer technical correctness. Perhaps, at most, I was half correct. Now I believe that in addition to technical correctness, the rhetoric (aesthetic/attractiveness) of an idea determines reception. No idea matters if none listen. Form and function, rhetoric and logic... =)

Cheers

Comment Re:Many eyes make bugs / backdoors shallow (Score 5, Informative) 536

It seems that link may have been /.ed. They are doing precisely as you say.

Here is a dump of the information, last I had it.

IRC: irc.freenode.net #openbsd
Twitter: OpenBSDGate

The etherpad (most detailed and up to date):
OPENBSD IPSEC STACK VERIFICATION

Original Email:

http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

The code:

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_input.c
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.c

Misc:

What other software includes the OpenBSD IPSEC implementation?

Not Linux:
Triaging Linux; git clone git://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git
Initial commit 6c55c29fa, Oct 2002, Alexey Kuznetsov
Does not appear to be derived from the above? (checking strings from ipsec_input.c version 1.54.2.3, Oct 2002). Neither copyright information nor comment strings match. Linux's IPSec implementation looks original.
'git log -p --grep=IPSEC' on the above clone shows complete history for the period.

Communications:
IRC: irc.freenode.net #openbsd
Twitter: OpenBSDGate
PublicPad (this document); http://piratenpad.de/condition-beige

Press:

http://blogs.forbes.com/taylorbuley/2010/12/14/fbi-accusedipsec-of-decade-old-cryptography-code-conspiracy/
http://bsd.slashdot.org/story/10/12/15/004235/FBI-Alleged-To-Have-Backd

We have never allowed US citizens or foreign citizens working in the US
to hack on crypto code (Niels Provos used to make trips to Canada to
develop OpenSSH for this reason), so direct interference in the crypto
code is unlikely. It would also be fairly obvious - the crypto code
works as pretty basic block transform API, and there aren't many places
where one could smuggle key bytes out. We always used arcrandom() for
generating random numbers when we needed them, so deliberate biases of
key material, etc would be quite visible.
oored-OpenBSDs-IPSEC-Stack
http://www.reddit.com/r/programming/comments/elw0x/allegations_regarding_openbsd_ipsec_fbi_backdoors/
http://www.metafilter.com/98547/Subject-Allegations-regarding-OpenBSD-IPSEC

Docs:

http://web.archive.org/web/20000621015208/www.netsec.net/gsa.html
https://www.gsaadvantage.gov/ref_text/GS35F0040K/GS35F0040K_online.htm
http://web.archive.org/web/19980101000000-20040101235959*sh_re_sr_1nr_30/http://www.netsec.net/*
http://web.archive.org/web/20000816024729/www.netsec.net/ltr_doj.html

Source Contributors:
Jason: http://www.linkedin.com/in/jasonwright

Possibility #1: (eldragon)
http://www.openbsd.org/cgi-bin/cvs

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.c.diff?r1=1.25;r2=1.41;f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.c.diff?r1=1.28;r2=1.29;f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.c.diff?r1=1.30;r2=1.31;f=h
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.c.diff?r1=1.40;r2=1.41;f=h
http://nixdoc.net/man-pages/openbsd/man9/m_inject.9.html
http://fxr.watson.org/fxr/source/kern/uipc_mbuf.c?v=OPENBSD#L925

The wiki:
OPENBSD IPSEC CODE AUDIT

Original Post http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

inet code repo http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/

etherpad for collaboration http://piratenpad.de/condition-beige

Current Status: Backdoor is NOT confirmed. 2010/12/14 21:34

The allegations are very broad. They may not even be true. At this time, the authenticity of the e-mail from Mr. Perry has not been proven. (2010/12/14 22:01)

Please link to any information you may have so that the community can keep up with this important issue.

This wiki was set up by #openbsd IRC channel and is not “official.”

Reviews In Progress

Mephux and Terracotta http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ip_ah.h?r1=1.24.2.1#rev1.24.2.1

Flagged For Concern

None Yet

Reviews With An Outcome

None Yet

Comment Re:On the contrary (Score 1) 1020

It is a strange phenomenon, indeed. I was just wondering about this myself. Truly, does it take one to know one? Are the most informed of criminal affairs not the criminals themselves? We speak and write best about those things we know. We come to know some things only after the intimacy of doing. Those who best know what is amiss with the world most likely have been an active part of that aspect for the last 40 years. Willingly or not, I suppose it is what is.

Comment Re:Lynx!--Mod parent up (Score 1) 347

Indeed there are such people who will only resort to an outdated version of Firefox when lynx fails. I used to think that this was misguided or Luddite. Though I have come to appreciate the simplicity of user interfaces, especially those that work with lynx. The basis for my appreciation stems from technical uses of the web, typically involved in some sort of literature search, which were faster and easier to do using the lynx/telnet interfaces.

Someone above has been posting about focusing on the best user experience as opposed to just using web interfaces for everything. I am not a web developer but this intuitively makes sense to me as a web user and hardware developer. If we use the right tool for the job, it shows in the end via ease of use and quantity of use. Cheers

Comment Re:Result (Score 1) 809

I'm curious. Are you in the States right now? I would like to know why and how Switzerland has its personal accountability complex, which is awesome, and Americans have the no accountability complex? I figured it might be something related to mandatory service, common experiences, same-team kind of stuff so the disillusionment could at least be standardized. =)

Cheers

Comment Re:Result (Score 1) 809

You really have no idea what you're talking about. I hate starting comments like that, because it makes people defensive, but alas I have other things I need to do today. If there were one thing I could change about America, it would be a mandatory service much like that employed in Switzerland.

Sure, you are a better programmer than soldier. So what? Half of the USAF does nothing but sit behind computer screens all day. Violence is the least of what we can do to serve our country and represent the nation's best interests.

The point that I'd like to make is really this: we are a divide states of America. We do not know how lucky and resourceful we really are. I've seen people who sell drugs on the streets because that's all they know. By and large, their negative attitude toward America and the opportunity available is shared by most citizens. We talk about "them" and "their" government holding "us" down in some way or another. The fallacy is that we /are/ the government. We are the United States of America. When our politicians fail us, we are supposed to get pissed and stay pissed until we get what we want: their heads on a spike.

I invite you not to respond to this post with yet another post but instead, a trip to Zurich, Switzerland. Contact some of the folks on http://www.couchsurfing.org/ so that you may be hosted by a proper Suisse, and learn. They are older and wiser as a culture with a penchant for excellence and perfection. They are the best program management/system integrators in our little planet. Truly, some of what makes them who they are is the mandatory service and the fact that every Suisse household has a standard issue military weapon and, at the end of every year, freshly shipped ammunition from the government for it. Interesting, indeed.

Cheers

Comment Re:Oh, look! (Score 1) 888

This assumes, as you stated, that every life is important, but additionally that each life is valued equally. Herein lies the basis for those who studying foreign policy. When resources become scarce, when issues cross borders, when violence becomes polarized in over-populated areas... when do you start to value some lives more than others and how do you do it. It sucks, but if we can't take care of ourselves reasonably well first, there is little use in offering help to anyone.

Comment Re:Why a 100K would be needed from Bill to fund th (Score 2, Funny) 259

Yeah, cause those poor beautiful people in Sweden are... so... poor... because they lack the infinite bliss that is what, Baconnaise(TM)?

Actually, I'm pretty sure Benjamin was talking about "public provisions made for the poor" and not merely public provisions made for the commonwealth.

http://www.thedailyshow.com/video/index.jhtml?videoId=225113&title=the-stockholm-syndrome
http://www.thedailyshow.com/video/index.jhtml?videoId=225126&title=the-stockholm-syndrome-pt.-2

Comment Re:where have I heard this before? (Score 1) 177

Don't worry about it. They will get meta-moderated and in the future not get as many mod points. Eventually.

In the mean time, feel free to expound upon the most difficult aspect of the copyright dialogue: how to compensate original authors.

Certainly the moral aspect of taking someone's work for free, representing it as your own, and then profiting tremendously from it is plain as day wrong.

However, let's complicate it a bit. Take each of these as a "What if?" scenario:
The original author is dead.
The "rights" were transferred to an organization that will never die, like his family or corp.
The original work is obscure.
Other work is independently achieved.
The work is too expensive for someone to "buy".
The work is used, but not for profit.
The work is used, new work is made and the original cited.

The list goes on, though it should show some of the key inherent problems with material value and ownership. Attributing material value to an idea seems fraught with philosophical peril.

What is ownership, anyway? Just some government given attribute that allows us to take from others.

Being your usual polite Midwestern guy, I would prefer to solve to problem by getting people to willingly remove money from their wallets for my work, as opposed to some government enforced law decreeing so. The solution to copy-cats is fairly easy: keep creating. They may have taken your fish today, but you still know how to fish and they don't.

How we ought to legislate copy-rights and other such weird concepts such as intellectual property, I have no idea. So long as the government doesn't spend much money on it and it's so unenforceably broken (like now), it's fine.

In the current system, the low hanging fruit seems to be 1) spending less tax money on the problem overall, 2) decreasing the copyright lifetime, 3) protect individuals, not corporations, 3) simple policy, 4) provide swift and immediate judgments.

Slashdot Top Deals

Just about every computer on the market today runs Unix, except the Mac (and nobody cares about it). -- Bill Joy 6/21/85

Working...