Posts by Robert Brockway
71 posts • joined Wednesday 23rd January 2008 16:06 GMT
Electoral role
IANAL but by my reading I don't believe Julian Assange is eligible to be elected. The requirements are set out here:
http://www.aph.gov.au/About_Parliament/Senate/Powers_practice_n_procedures/guides/briefno19
In particular I think he fails criteria 3 under Candidates, which states "an elector entitled to vote or a person qualified to become an elector."
After you've been non-resident in Australia for too long you are automatically removed from the roll. You can only apply to be an 'eligible overseas elector' within three years of becoming non-resident. Assange has been gone for so long I think he must have been removed from the electoral roll and could not get back on it without returning to Australia to live. As such I think he is neither an elector entitled to vote, nor a person qualified to become an elector.
I could easily see this going to court for a decision.
Laws in space
Others have make some excellent responses to the article (new uses of the raw materials, materials could be used in space, etc). I didn't want to comment further there but I did want to make a point about the claim of ownership.
It is quite reasonable to conclude that once property rights in space become relevant, laws will appear to deal with them. A good example right here on Earth is the islands of Svalbard. Svalbard was not claimed by any state when citizens of various countries started exploiting its natural resources. Before long it becme clear that laws were needed on these islands in the interests of good order. The great powers gathered and agreed on a treaty to govern Svalbard. The country who was physically closest to Svalbard (Norway) would gain sovereignty and their laws would apply, but citizens of any signatory state would be allowed to live and work there to exploit the resources available on the islands. This treaty has operated well and been respecred by all signatory nations for nearly a century. The modern world is repleat with examples of laws and treaties being applied once there was a need. It is reasonable to assume that this would be the case with commercial space exploration & mining also.
I don't have an attachment to "preferred vendors", their ecosystems, ISVs and consultants and I've spent a career trying to convince others not to either. I have this weird idea about using the best tool for the job. Yes I use Puppet.
Let me join the chorus
The article is muddled. It makes major claims about the future of FOSS and mostly talks about the Linux kernel, a single FOSS project. The article further mixes in issues like monolithic vs micro- kernels.
I also want to note that while it is true that forks are fairly common, successful forks are not. Forking tends to be an unstable equilibrium - either the fork will fail or the original project will disappear following the fork. While it is true that there are examples of a fork and the original project going on to be successful this really occurs in a minority of cases
Re: I see what you did there!
> The problem with linux is fragmentation. It's both linux's strength and weakness. Valve can make games for
> linux but which flavour and distro?
That's not really a problem at all. You can statically link your binaries (removing any lib dependency and version problems) and use LSB and package managers to manage installation. Seriously, this is a non-issue.
It's ok. If we had that much energy we could build them a new habitat in orbit.
Re: So if it doesn't work...
It's very easy to say such things anonymously isn't it? I wonder if you speak to people like this face to face.
Prima facie evidence
Is speaking a foreign language prima facie evidence of intent to export the device to a foreign country? If she had stood in the store and said "This will be great back in Tehran" then they might have had some justification for declining to sell under export restrictions but to do so merely as a result of using a foreign language is ridiculous.
Posted in Hackers expose Citibank CEO's privates
Not in my countries
I have accounts with Credit Unions in two countries and have never encountered or heard of any limitations on what I can do through the CUs.
Other options
There are various other options too, like requiring multiple admins to agree to delete another admin (or perhaps this could be applied only in the case of the page creator).
Another option would be to only allow temporary suspensions of the creating account, not deletion. Most Hax0rs will get bored and forget to renew the suspension so the original account could be recovered. A legit business wanting to keep the original account suspended could do so indefinitely.
Posted in DNS hijack hits The Register: All well
Yeah sure :)
That's exactly what _they_ would say isn't it? :)
Posted in DNS hijack hits The Register: All well
Definitions
The problem is the term hacker has as many as three distinct meanings in computing:
(1) Originally someone who hacked out code. Not necessarily a compliment.
(2) Later it became a term used for a very good coder or someone who loved coding for its own sake.
(3) Later still it was used (largely by the media) to describe crackers, script kiddies and even blackhats.
The last two definitions are still in use. I avoid the term and always use an alternative as it is too easily misunderstood.
Not so rare
Actually misdiagnosed death isn't so uncommon. I saw a documentary on it maybe 20 or 30 years ago. It featured a guy who had been pronounced dead many times. He ended up inventing a wearable device that showed that he was still alive. I guess it was some sort of pulse meter. Truth is stranger than fiction and all that.
Posted in ISS crew man the lifeboat
Two capsules available
The ability to dock a second Soyuz was added a few years ago. That's why the crew compliment is now 6.
Oh they're fighting all right
The best hypothesis I've heard is this:
Trees like CO2 levels higher than grass does. The trees and grass have been in a war for millions of years, each side trying to alter the environment to their preferred cO2 level. The trees have recently deployed their ultimate weapon (humans) to drive up the CO2 levels and defeat the evil grass once and for all.
Make that 6.8 billion
The population hasn't been 6 billion for a decade. We're likely to top out at about 9-10 billion. This is itself a huge problem which gets little air time.
Cool dwarfs
Well said, and they did say it is the coolest brown dwarf known. I bet it gets invited to all the best parties.
Posted in Linux IRC server leaves backdoor open
Immunity
No OS is 'immune' to security threats because formal correctness cannot yet be established for anything as complicated as an entire OS. A small experimental kernel was formally proven correct recently however.
No mainstream OS even has a very high level of security.
I'm not pointing this as any particular person here but gosh our industry has a lot of clueless people to speak about topics they know nothing about.
The various reports on this problem are generally wrong on several levels. I won't go into them as I've already done that a few times and so have others.
What I will say is that methods to avoid source compromises like this are well understood and have been in use for as long as 20 years. You calculate hashes of the packages/archives (eg, using md5), keep the hashes in a seperate security domain and check them when you download. Package management systems usually automate the checking these days.
This problem occured because the people producing the package/archive didn't follow well known security procedures.
A title
"That said, no one is forcing you, dear Reg reader, to buy an iPad/Pod/Phone —"
Quite right which is why I don't own any of them. Apple's devices are too proprietary for me.
A well balanced article. I have one additional comment though:
For all that you say that you don't like the device, Apple still has your money. They don't care anymore. The same problem continues with Hollywood films. A lot of people believe they are turning our few good films but as long as people keep paying to see the rubbish films (often "because there's nothing else") then they will not be motivated to improve their products.
A title
You;'re correct that as a citzen you cannot be refused entry but they can _delay_ entry under a number of circumstances. Declining to answer the questions may even be an offence, infact I wouldn't be surprised at all if it was.
Anyway Senator Conroy's filter has already pre-determined how I'm going to vote at the next federal election.
Mandatory title
I've used IRC in the old days and then took a 10 year break. On returning to IRC I found that most of the valdals/trolls had moved on (same with Usenet). Freenode & OFTC have a very high signal to noise ratio. It's a world apart from the IRC of old.
Don't even go there
As a former police officer I have to say: Don't try to make a citizens arrest on a police officer. If you really suspect they may not be a real PO then ask to see their ID. A real PO will provide you with sufficient opportunity to establish their position.
If you disagree with the actions of a PO fight them in court. On the street they have all the power - court is a much more even playing ground.
Posted in Wikipedia springs free labor leak
Re: Well now, Wikipedia the Real Freetard #
Dear AC1, you really don't get open source do you? :)
Here's a hint: It isn't all about altruism. There are plenty of self serving reasons why it makes sense to share content (and code). I won't go in to them as they are widely reported.
Cheers,
Rob
Bad assumptions
The strength of *nix has always been that it made as few assumptions as possible. Claiming that Fedora is 'only a desktop OS' is an enormous assumption. They should not presume to know how the machine will be used.
Life expectancy
A lot of people here are mistaking average life expectancy with the age that most adults die. They are entirely different. People in ancient times routinely live in to their 60s and 70s.
Some years ago I read that the average lifespan of a Roman citizen circa 1AD was 21 years. Did this mean that a lot of people were dying around 21? No, most people who survived childhood made it in to their 60s. The difference is infant mortalty. Almost all of the advancement made in human lifespan has been by severely reducing infant mortality.
Not Hollywood
Interesting comments on lack of originality. There are plenty of original ideas out there but they aren't coming from Hollywood, in fact Hollywood is doing a good job of supressing them. Go look at independent cinema.
Re: PAYG Phone #
Alastair, they reported that the massive phone bill is a result of roaming charges. He would be _better off_ going PAYG in each location he travels to. Sure it means a new phone number every other day but that also protects him against his number being published.
Posted in Man hooks home into Twitter
Why twitter?
An email to SMS gateway would work just as well and would have the added advantage of being private.
Posted in Opera to take web back to the old days
@Publishers and Consumers
The main problem with delivery from a non-business connection is the lack of a static address. A lot of ISPs specifically forbid the running of services on these links in the AUP and port scan to check for compliance (normally excluding ssh). While asymmetric bandwidth is a contributing factor the upload speeds for most broadband links is more than fast enough for the popularity most sites would achieve.
@Pete
MS dominates the desktop for sure but it doesn't quite dominate the world. Go through a data centre sometime and checkout how many boxes are running Linux, FreeBSD or some other version of *nix.
Caveat: You'll probably have to ask the owners in most cases but some boxes always sport a Tux, Debian swirl or Beasty sticker.
Not surprising
As long as most organisations and individuals pay little or no attention to security what can we expect? Our entire society depends on secure computer systems and networks. It's time to pick up the game and be a little serious about security.
Huh?
"As usual, Nielsen doesn't share how it arrives at its numbers,..."
If I can't review their methodology I will assume their numbers came out off a lottery wheel.
@Ian Chard
Youre' quite right about how well known professional sysadmin organisations are, but it is tangential to the argument. FWIW, SAGE-AU is probably the one with the greatest relative success to date.
System Administration itself is a new profession and relatively unknown. We have to start somewhere building professionalism. Considering how important computers have become I expect we will see licensing of sysadmins within a few decades. Just as electricians are licensed today, so will sysadmins be in the future. The level of damage from abuse of the position will sooner or later require a step like this.
Time for a wake up call
I'm a professional sysadmin and I make a point of talking about the power inherent in the role with employers.
With very very few exceptions, a sysadmin can access any information on a system they have root access on (usually every system in the company) and can do so without detection. I strongly encourage professionalism in system administration and recommend membership in a relevant organisation (http://sage.org , http://sage-au.org.au , etc).
It's time more companies started looking for professional sysadmins who take their responsibilities and profession seriously. The more reliant our society becomes on computers the more important this becomes.
Forever is a long time
The author has made a classic mistake. He's mistaken some period of time for "forever". The computer desktop as we understand it today didn't exist 40 years ago and it might not exist in 40 years time. At the very least it will be very different to today.
If the author has suggested that MS might dominate the deskop for 10 or 20 years it would be worth arguing. But to say that no one else will ever replace MS. That just tells me the author needs to get a better perspective of the passage of time.
Th author is right that familiarity is what keeps people to MS-Windows at the moment. I had figured this out too. The thing is this familiarity changes over time. One example is netbooks which do sport Linux and are making people more familiar with the interface, but even that is immaterial for the reasons I mention above
Oh and that tech support example is unrealistic it does highlight an important point: If a company trains someone in how to do their job on an Linux system they should be no more or less happy than if they were trained to do their job on an MS-Win system. As long as they can do their job with the computer then the work is getting done.
Posted in Jimbo Wales ends death by Wikipedia
OSS methodology
It's funny that people keep saying that WP uses the OSS approach when it allows anyone to edit. It doesn't. Most OSS projects are very careful about who can commit changes. The "commit bit" is a sought after prize in some circles. The key here is that the project name has mindshare. To get your code into the project with a given name (LedgerSMB, Linux (kernel), Bash, or whatever) needs the blessing of a core team member.
Applying the OSS approach to WP would mean that someone who disagreed with the approach of WP could take the encylopedia content and start their own project. This is indeed possible (sans most images) but has rarely been done due to the amount of ground work involved.
@Australia, Western?
Ah yes Australia is a western country. The term doesn't really link to geography very well. I think the best definition is "Western European countries and countries inhabited primarily by the decendents of western europeans".
Things to come
Like a lot of people here I've been in IT a long time. I've seen the distinction between hardware & software blur and it has worried me. When we have devices that won't even boot because of a firmware bug then we have a serious problem. MS are just lucky that the thing is going to recover when the clock rolls over (as per their own reports). Expect to see more and more reports of devices that just break and won't boot following firmware or software updates.
Posted in Indian court urged to 'ban Google Earth'
Idiots
The bad guys will just Google Earth from outside India, or *shock* *horror* use a VPN from within India. We really need people with a clue to be in decision making roles.
Posted in New trojan in mass DNS hijack
@What about....
Unfortunately forcing use of trusted DNS servers will only fix a symptom of the problem. Imagine if the "dhcp trojan" started advertising itself as the default gateway via dhcp. It could do any funny business it wanted including changing data or redirecting to the wrong sites again.
Posted in New trojan in mass DNS hijack
VPN anyone?
The implication of a serious 'sploit in DHCP is broad. Essentially everyone would need to use IPSec to trust their own router - either that or always use a VPN.
Remember: "If it's not on, it's not on!"[1]
[1] This was a catchy anti-STD ad run in Australia (and perhaps elsewhere) in the early 90s.
Posted in NASA goes for Hubble back-up boot-up
@Adrian Challinor
Along with the replies already posted, it is important to remember that Hubble has only a limited power supply. Running Side B when it wasn't needed would consume power they can probably ill afford to waste. While I agree that testing backups is recommended on Earth I can understand why they never powered-up Side B in space.
On another topic...
My understanding was there were going to be no more shuttle trips to Hubble as the shuttle now needs to have a visual review of the heat shield at the ISS during each mission and it can't reach Hubble and the ISS during the same mission (due to lack of fuel). NASA must have revoked this rule at some point and I didn't notice. How did they argue that the shuttle was just as safe for re-entry without the review of the heat shield?
*** Bring back the old penguin icon ***
Something isn't adding up
I have a couple of concerns:
1) We have no details.
2) I can't find any corroborating discussion in places like Bugtraq. or Full Disclosure.
3) The problem (if it exists at all) sounds like one that would come from an implementational issue. Even if the DoS itself is fundamental to TCP, whether or not it is necessary to reboot to recover must be implementational.
It's worth noting that so many TCP stacks are based on the BSD Unix implementation that there have been previous problems which were implementational and yet impacted nearly all operating systems (eg, TCP sequence number prediction maybe 10 years ago).
Posted in Oz woman sold mobe with preloaded smut
Practically unheard of?
"Incidences like this are practically unheard of on new phones direct from the manufacturer. We'll decide on a course of action after the investigation is completed."
Practically unheard of? Exactly how many times have they received phones from the factory with pr0n on them?
Snr Sysadmin
A couple of comments here.
1) 486 using 240V (AC). Back home in Australia 240V is the standard.I still have a 386 & a 486 (in storage) that run on 240V. I moved to North America and was stunned to see special 240V runs were put in for "big iron". hahaha :)
2) There are reasons servers are put in server rooms: power consumption, temperature, security, etc.
Leaving a $25-80,000 server outside a server room is a pretty bad plan. It is at far too much risk of theft, damage, etc.
Just because it runs on 110V or whatever doesn't mean the desk has enough power points or that the local circuit can take the current demand. Did these guys even think this through?
Why is this news?
This problem is inherent to the way BGP works. The article itself even states this. Why is this news and why did it get airtime at Defcon?
"Pilosov's innovation is to forward the intercepted data silently to the actual destination, so that no outage occurs." Is that what passes for innovation these days?
BGP has always operated on human trust (for better or worse). If we decide we want to fix it fine but let's not make out this is news or in some way new.
Full disclosure
When Debian got r00ted a few years ago they did full disclosure. Dancing around the issue by not stating the reason for the outage just (1) makes me suspicious and (2) makes me assume the worst.
Debian GNU/Linux, Zeus uses it and you should too.
Re: Outsourced email doesn't need to imply lax security
Hi William. You are quite right. Security is a risk assessment. Suffering a DoS is likely a lot less damaging than having information stolen though. The DoS will end but stolen information is gone forever.
I use alpine to read my mail and the only way to my MTA is to authenticate ssh using RSA keys. The box is locked behind a firewall too. Yes I could suffer a loss of availability or utility but I have assessed the risk and determined that it is a good trade-off.
I'm a sysadmin who takes a lot of notice of security (as all sysadmins should, imho) and I was really surprised to see these security researchers making such basic mistakes.
