Older blog entries for RyanMuldoon (starting at number 37)

gregf: Why not just back up session data to a server? That would be pretty cool, actually. The bulk of the work would be to figure out if there is an existing protocol that is good enough, or if you need to design a new one. ACAP or LDAP servers might work for the back-end. For a proof-of-concept, you might want to consider writing a GConf backend that can do network saving. That would be pretty cool.
yakk: unfortunately, it isn't "the will of the people" to just try Osama Bin Laden. I actually have faith that the administration has plenty of evidence that he did it....it is just that people want blood. I wish that we could take the course of action that you suggest, but it will never happen. Bush is being told that he'll lose re-election if he just goes after a single arrest. People want a war, and that's what he'll give them. Unfortunately, people only want war after the media has done an excellent job of building bloodlust (for example, the Discovery channel had a program entitled "Know your enemy" two nights ago....it was about Afghanistan). I want justice, not death. I refer you to chapter 14 of a People's History of The United States - "War is the Health of the State."
Home Entertainment ramblings

Lately, I have decided to marry the two things I spend any money on: home entertainment and computer hardware. I want to upgrade to a (dual?) athlon box in the next couple of months, abandoning my still-capable dual celeron 366 machine. I realized that I'm still going to have a lot of parts left over from that upgrade. I am also moving into a new apartment with my friends, and I will be one of the few people with any money for setting up some kind of home entertainment system. My goal for the year is to get a decent mid-sized tv, and a dvd player. If I'm lucky, I'd like us to also get a receiver and a 5.1 speaker system. The downside to this is that I will only have a DVD player from which to play music. So, I want to take my current computer and turn it into an MP3 jukebox of sorts. The goals/constraints are as follows:

  • Easy for non-computer people to use
  • Network-connected
  • should double as an MP3 server for the house
  • Icecast server?
  • Should plug into the normal A/V system
  • should be easy to make new playlists
  • Ideally, it should have a remote
  • Should be cheap to do

The hard part is going to be how I make it easy to use...I don't want to have to have a monitor. But I *do* have a voodoo3 card with a tv-out. So it could plug into the TV or something. But that still is unappealing. And I don't want a full-size keyboard. Probably the best idea is to have a web-based interface that other computers in the house can access, to build up playlists. Then a remote control to do normal stereo functions. Bonus points would be if it could work from a universal remote. Anyway, that's my little hardware project that I want to undertake in a couple months. If anyone has any ideas on this, I'd be interested in hearing them. ;-)
apw: It seems like you are oversimplifying the problem space to an enormous degree. For instance, if I present you with a valid cert, how do you know that it is actually mine? If we have no pre-defined trust relationship, you can't know. But then let's say we do have a pre-defined trust relationship, and someone identifying themselves as me with my cert tries to make some kind of transaction with you. This requires you to trust me in two very important (but distinct) ways: first, you need to trust that I am technically competent enough to keep my private keys to myself. And second, you need to trust that I am reliable enough a person that I am not going to give someone else my private key. It's not as simple as saying "lets all get smart cards and make browser plugins" - it is a rich and complicated area of research. If it were an easy problem, it would be solved by now. People have been working on this for a couple decades. It's good to think about, but please realize that there is a lot of hard work still to be done. And it isn't all just technological. If you're aiming to have a solution to counter Passport, there are a number of existing projects to look into. I'm involved in the Internet2 web-iso and Shibboleth projects, for example. I know that there are many others. Just some food for thought.

Negative Certs: I have mixed feelings about negative certs. They may not be appropriate for Advogato, but in terms of a trust metric, they do make a lot of sense. Trust is not just measured in positive amounts. There should be a difference between ambivalence (Observer) and active distrust. If I have had a dealing with someone, and they acted in a dishonorable manner somehow, I should be able to publish that fact, to help others judge whether or not that person can be trusted.

As I've said, this probably does not make sense for Advogato. Ambivalence is adequate. Unless you think that someone stole code and published it as their own, and is a no-talent hack that has convinced everyone of their greatness, there is no need for negative certification. But I think that negative certs are extremely useful when transactions come into play. Any time someone actively violates a trust relationship, that should be noted. In the coming future of peer to peer transactions, I want to make sure that I'm only dealing with trustworthy people.

I had a kind of cool thought - combining UDDI with a trust graph, so I always find the best service provider. For that to work, though, negative certs need to be taken into consideration. Once you get to something like this, trust becomes more complicated. You have to consider *how* you trust someone. Trust is not all-encompassing. How we represent that is going to be an interesting policy issue. I could go on, but this is a rant for another day. ;-)

jamesh:The free software CA idea is interesting. I have been thinking about issues surrounding Certificate Authorities a good deal recently. Pretty much all of the projects I am working on at work end up requiring certificates all over the place. Servers need them, but people also need some form of them. Since these are all higher education projects, it seems like a lot of people will be using this stuff once it is finished. The licenses on the projects are all Free, but I'm worried about the tens of thousands of needed certificates. It doesn't seem like that aspect of things scales very well. But I do think that absolute certificates are needed, rather than an advogato-style trust metric, since in this case trust is a binary issue. Trust is a hard problem....you have to implement a system where you can be sure that no untrustorthy people get trust, but it can't be overly hard to use, or cost too much, and ideally no trustworthy person should be denied trust.

School is all done with now, and has been for a few weeks. I am now working for my school's IT department, in the Architecture group. It is turning out to be a pretty cool job. I am working on several Internet2 projects, like MACE-dir, eduPerson, and Shibboleth. The work is really interesting, and I am enjoying the opportunity to do design analysis and such. Also, a very nice aspect of doing work for higher education is that everything I write is Free Software. So it is a pleasant work environment.

I have also just started my DVD collection. I bought Almost Famous, High Fidelity, American Beauty, and Fight Club. Now I am in the process of deciding what other movies I should get, and what versions of those movies are the good ones to get. Beyond the annoyance with CSS and Region Encoding, DVD consumers are really taken for a ride in terms of releasing multiple versions of the same movie. Some movies have a normal version, a collectors edition, and an ultimate edition. I can understand a movie-only cheap version, and a special/collector's edition, but having multiple enhanced version is frustrating. And then you also have to consider quality of transfers, etc. I love the higher quality of DVDs though, and I certainly can't go back to VHS. I intentionally held off on buying movies until I started collecting with DVDs. To make myself feel better about buying DVDs, I am buying used copies off of half.com, so I don't support the MPAA's DVD policies. The flip side is that I am also not supporting the actors or writers, but they get so little anyway, it doesn't make a difference. Too bad I can't decide where my money goes in terms of royalties.

Phoon: Be careful with the line of reasoning that you are using. While, yes, there are some instances where someone is accused of rape without having actually raped someone, I promise you that this is a very, very small percentage of the cases reported - let alone the uncounted numbers of rapes that are never reported. You have to realize that the victim of rape suffers a great deal from just reporting the rape - they don't really want other people to know about it. Bringing charges is not a simple matter, and decisions to are not made flippantly. And, as someone else has said, rape is not about sex. Rape is flat-out violence. Rape is violating someone in the worst way possible. That has nothing at all to do with sex, which is a mutual exchange. I am sure (or, at least I hope) that you are a decent person - just please, I urge you, to carefully think about such things. Hopefully you will come to the conclusion that some things are simply beyond reproach.

Until today, I've stuck to writing diary entries solely about computer-related topics and fairly light conversation. But, I really can't let myself ignore comments like this. I wouldn't feel very good about myself if I did. So, for those of you reading this that find this discussion off-topic, sorry. But, just like RMS says that economics is something to worry about once freedom is assured, the world of computers is something we can worry about once our basic human rights have been assured. I worry that some very smart-seeming people in various online communities are so involved with computers that they fail to see the world around them, and all of the very serious problems that need to be addressed. It is great to have strong ethics with software, but unless you also have strong ethics in the real world, it doesn't matter much.

Phoon: I really hope that you don't believe what you wrote. 90% of rape claims being false? That really disturbed me to read such a thing. If anything, the much more likely scenario is a large percentage of rapes go unreported, because the victim feels that they are somehow responsible, or that they were "asking for it." I'm sure that there are a few reported rape cases that are not true, but that goes for any crime out there. Innocent people are accused sometimes. BUT, I beg of you, don't trivialize something as serious as a rape charge. If anything, we should be working towards creating an environment where it is more ok for a victim to bring charges against a rapist. Rape it pretty much the worst thing that you can do to someone. Even comparing it to something like intellectual property rights is disturbing. If someone takes source code that I license with a less restrictive free software license, like BSD, they are in no way stealing. It was my choice to offer my code that way, and not be in a position to demand contributions. But claiming that this is somehow remotely similar to the trauma one goes through with being raped is just horribly wrong. Computers, and even intellectual property, are a really small part of life. There are many more serious problems in the world. I see too many people in forums like this or slashdot forget that while it is great to notice injustice in the world of intellectual property, we can only do that out of extreme luxury of circumstance. Have some perspective on life.

It's been a long time since I've written. Oops. I have been pretty busy with school, and my life in general, to do much computer type stuff. I have been trying to go on MonkeyTalk every day and help out a little bit - it's nice because I can help a bunch of people with minimal effort, as most of their questions are pretty easy. MonkeyTalk is a great idea, as simple as the implementation may be.

I'm writing here to basically vent my frustration. Slashdot has an article slamming Ximian, Eazel, the FSF, and GNOME. These are among the few organizations that I have any amount of respect for in the whole linux "community." And it bothers me to see them slammed so unfairly. What makes it worse is that I can imagine how shitty it must be to be those individuals that such slams are directed at. Working really hard on something, and being proud of your work, then watching everyone rip it to pieces for no good reason can't be a very rewarding experience. As I posted on slashdot, I am becoming increasingly saddened by all of this. People care less and less about Freedom, and more and more in entitlement and things being no cost and convenient. It is becoming rather self-destructive. I wonder if it is people that have been (at least peripherally) involved in the Free Software world for a while getting somehow disillusioned, or if it is a new batch of people that never took the time to understand the tenets of Free Software so they don't understand how the dynamic is supposed to work. I think it is the latter. Ah well. I'm just going to try and let it not bother me so much.

28 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!