Domain: false.net
Stories and comments across the archive that link to false.net.
Comments · 8
-
It's not that simpleAs others have pointed out, the e-mail is very likely to be fake. I see another problem with the article.
When his message came, the Taliban had just fled, Northern Alliance soldiers had taken over his village, and everybody rushed to barbers to cut off their beards and to nearby holes and hiding spots to dig up their Walkmen, VCRs, TVs, CD players, and -- in Junis's case -- his ancient Commodore, one of four in the village. Cafes had popped up all over, with impromptu dances and parties everywhere
Surely life has improved tremendously in the few days since the Taliban left Kabul. And certainly many people are enjoying new (old) freedoms. However, your description is a gross exaggeration -- "everybody", "everywhere". Resistance groups like the RAWA have already expressed concern that life under groups like the Northern Alliance will be like life in Afghanistan was in the years before 1996 -- still brutal and repressive, just not in the extreme. While the picture of people shaving their forced beards off in masses or playing music and partying is certainly relieving, it is contrasted by a reality of executions/murders and, likely, rape. (Also, to be sure, many people are quite happy with their beards and appreciated the censorship and repression by the Taliban, much like many Germans supported the nazis completely.) Save the picture of "liberated Afghanistan" for the day when Afghanistan is actually liberal.
Fortunately, the US government seems to be pushing for a secular Afghanistan, but do not be satisfied just because the Taliban are going into guerilla mode. The Northern Alliance are merely the lesser evil.
-
Reed: "how I'm dealing with Theo being obnoxious"Quote from Darren Reedin reply to Bill Corrigan's reply to the original message:
If OpenBSD had a more reasonable leadership as do FreeBSD/NetBSD, then maybe this would never have happened. This is not a vendetta thing, it is just how I'm dealing with Theo being obnoxious.
Hmmm... not a vendetta.. right... -
Reed: "how I'm dealing with Theo being obnoxious"Quote from Darren Reedin reply to Bill Corrigan's reply to the original message:
If OpenBSD had a more reasonable leadership as do FreeBSD/NetBSD, then maybe this would never have happened. This is not a vendetta thing, it is just how I'm dealing with Theo being obnoxious.
Hmmm... not a vendetta.. right... -
competition in baby mulching business...
Seems that someone figured out that OpenBSD is making the play for the lucrative baby mulching business and they're using ipf as a roadblock to these ends...
from Darren Reed:
IPFilter no longer available... -
The license for IPFilters hasn't changed
For the benefit of people who didn't read Monday's posts on this subject here is a link to the key post in that discussion.
Or you can cut out the middleman and go to Darren Reed's comment that that post links to. -
could this be worse than MS?
According to the author..."The licence has only ever granted right to redistribute/use, not modify. "
Dang...it looks like I can't submit those patches to that major security hole I found...I guess I will just have to exploit everyone til they learn. ;-)
No..but seriously...having an "open source" product without having the ability to modify kinda makes it a bad model. This creates a dependency on the author of the product to get a patch out. IANAL...but this seems worse than MS...because if you are relying on something that has 1 main author in this model...you technically could only get a fix from him/her. At least MS has a team of maintenance developers in case one is in the hospital.
As always...please correct me if I interperted this incorrectly. -
Once again slashdot panics without the facts...
This license applies only to certain test releases releases etc, that the author posts for testing purposes doesn't want in general distribution.
Information from Darren Reed on this appears at this URL:
http://false.net/ipfilter/2001_05/0458.html
Link to above URL -
Overkill is your Friend
There is always the concern that one defense or nother will have a hole. I personally would advocate using a different OS for your firewall, as well, in this case OpenBSD and ipfilter is my favorite, than you use for your interior workstations.
Configure ipfilter in a nice and paranoid fashion, ensure via nmap that no services are addressable, (inetd, portmap, etc, etc.. )
/then/ go about placing ipchains input rules on your interior boxen.The idea is, even if there is a vunerability found in the firewall box, there is a different type of wall protecting your secured hosts. ipfilter is also available for FreeBSD, in case you find OpenBSD a little too user/hardware-hostile.
For more info on ipfilter visit The IPFilter HOWTO and The IPFilter Mailing-Lists.
(Zealotry Notice, *BSD-fanatic who wouldn't trust ipchains with Bill Gate's homepage, but understands that Helix is addictive.)