Slashdot Mirror

Well, fortunately I've never put anything embarrassing up....

Tapeworm Contagion Protocol/Infestation Protocol

Hey, if we filter RSS packets for the IP Evil Bit, we should be safe, yes?

Do not taunt datacenter...or is that Happy fun ball?

They use sh standard for user accounts, csh for root.
That's flamebait! See Csh Considered Harmful. Solaris uses Bourne shell for root and user accounts, by default. Bash is installed if you install the full (SUNWCXall) package cluster.
Solaris scales to more than 64 CPUs - certainly 96, presumably higher in principle (though the biggest Sun server, AFAIK, goes to 96 CPUs)

Well, that is if SPF can be considered "redefining email", rather than a simple extra DNS-based check (that doesn't alter SMTP). Hardly what I'd call "redefining", but then I generally don't call myself an "idiot" either.

Yes, it would be nice if ISPs would all act in the interest of common good of everyone (rather then self-interested profit, laziness or incompetence). That certainly sounds like a "better" solution, much like communism seemed better social system than capitalism. Saddly, depending on all ISPs to cooperate is doomed to failure, for much the same reasons communism doesn't really work.

RFC-wise, it is RFC 2476 which is intended to address this problem. If you read only the abstract, you will see it clearly explains that SMTP was intended to be used for transfer, not submission, as people are doing today. You'll likely insist using RFC2467 message submission is not a hard requirement... but there is certainly an RFC which addresses the perfered way to submit email.

I would in turn challenge you to quote any current RFC which specifically suggests a SMTP client should spoof the sender envelope. Or for that matter to actually complain about the extreme difficulty or cost of complying with RFC2467 message submission.

But what really matters, in practice, is the willingness of other SMTP servers to accept your spoofed messages. Many spam filters now take into consideration blocklists of IP ranges knows to be residential IP ranges. Because you have not noticed any sign of that (yet) does not means it doesn't exist. To prove the point, here are a couple links:

http://www.nl.sorbs.net/faq/dul.shtml

http://www.spampalforums.org/phpBB2/viewtopic.php? p=35957&

You can easily find many, many more using google. It is true that some servers are blocking or filtering messages that originate from dynamic or residential IP numbers, and evidence of this is easy to find on-line, as people who can't communicate seek help.

But you can deny it all you like. You can claim spoofing is fully RFC compliant despite RFC2467's recommendation to use message submission. You can call SPF and similar systems "redefining email". You can even call anyone who disagrees an "idiot" if you like. But eventually, enough of your spoofed messages will go undelivered that you'll have to upgrade to proper message submission or some other way that is ultimately accepted by your intended receipients.

This is the changing reality of email in the face of spammers and malware. Deny it all you like.

telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 localhost ESMTP Sendmail 8.11.7p1+Sun/8.11.7; Mon, 20 Jun 2005 17:00:47 -0500 (CDT)
helo some.domain
250 localhost Hello some.domain [127.0.0.1], pleased to meet you
mail from: me@slashdot.org
250 2.1.0 me@slashdot.org... Sender ok
rcpt to: someone@somewhere.com
250 2.1.5 someone@somewhere.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
Subject: This is the subject line
CC: somecc.recipients
this is a spoofed message
.
250 2.0.0 j5KM2SH21915 Message accepted for delivery
quit
221 2.0.0 localhost closing connection
Connection closed by foreign host.

This isn't anything special, it's how SMTP is designed to work. If you're interested in verifying the sender of messages you had better look into digital signatures.

Depending on how permissive (misconfigured) the SMTP server is, it may not do things like check that sender and recipient addresses are legit, do open relaying, etc.

If you're interested in SMTP, go check out RFC 281.

=)

I must admit I had never figured that port 0 was valid but I can't see any reason in RFC 793 - Transmission Control Protocol that prohibits port 0 being used and IANA's port number document merely says that it is "reserved".

However :

# sshd -p 0 -D
Bad port number.

it might be a neat hack if firewalls skip port 0 or some such

Your router may block the unreachables - that's a common lockdown step. But it is also correct behavior for the router on the destination net to send an ARP, determine that nobody is listening at that IP address, and reply to sender with the icmp dest unreachable (ICMP Type 3, Code 1). There's also a net unreachable that I haven't run into, Type 3, code 0.

http://www.faqs.org/rfcs/rfc792.html
"Gateways in these networks may send destination unreachable messages to the source host when the
destination host is unreachable."

If an ACL blocks the traffic with a reject (vs. drop) then typically it's an ICMP destination host administratively prohibited (Type 3, Code 10)

Frankly, I'm a little amazed that no one has called you on your utter bullshit yet.

Because 15-20% of piercings involve unforeseen complications (excessive bleeding, permanent deformation, infection and dental/gum/sense-of-taste damage with respect to tongue piercing),

Please provide a credible source for that percentage. I've seen you cite it twice but neither time have you offered a source for it. Further, I challenge you to find one case of "sense-of-taste damage" due to a tongue piercing.

not least due to the lack of proper medical training by the people who carry out this sort of cosmetic surgery.

I assume this applies to women with pierced ears as well? If you say it doesn't, please consider that most mainstream ear piercings are done by forcing a blunt object through the ear with a plastic (read: can't be sterilized) device similar to a hole punch that is then reused on everyone else that wanders into the store. Compare this to piercing the ear, or anything else, with a sterile, single-use needle by someone who's had far more training than the average jewelry store employee.

Please educate yourself before spouting off like this in the future. A couple good places to start are the rec.arts.bodyart FAQ and BME (NSFW).

Everyone knows that you just have to check the evil bit. (Some terrorists may be sophisticated enough to tamper with the evil bit but if they use Windows, the lack of the bit will stick out like a sore thumb.)

RFC 1149 - Standard for the transmission of IP datagrams on avian carriers>

as to the other allusion please read this Godwin's Law FAQ

As for regular Orthodox Jews, to claim that "a large proportion of Orthodox Jewry believe Zionism is wrong" is disingenuous in the extreme. You know all those settlers that think the occupied territories should be annexed by Israel? Most are religious. Was there a U-turn in opinion in 1948? I don't think so.

Oh, one last thing. Next time you make inflammatory, false remarks about history, politics, or indeed anything at all, why don't you post in a non-anonymous way? That way I might not completely lack any respect for you. Just a thought.

Godwin's Law invoked PRIOR to the first post!

This is incredible! Someone obviously has the FAQ
--
Don\'t fight Firefox! Let FireFox fight YOU!

2. What happens if we're actually talking about Nazis?

Then you've already invoked Godwin's Law, and the chances are that your thread isn't going to last all that much longer as a sane discussion. Them's the breaks.

eval -> 01100101011101100110000101101100
evil -> 01100101011101100110100101101100

Google has obviously turned off the Evil Bit.

Not really.

Godwin

> Did you just turn "Asymptote" into a verb?!?!?

You probably didn't know, but all nouns can be verbed. And of course, all verbs can be nouned too. Its even jargon filed.

Well since SEQUEL stood for 'Structured English Query Language' (which seems VERY language specific) I figured that SQL was just 'Structured Query Language.'

But SQL was just a shortening of SEQUEL for legal reasons...

Godwin's Law
Meme, Counter-meme
How to post about Nazis and get away with it - the Godwin's Law FAQ

Ok, call your grandmother up and ask her if she has done any of the stuff you mentioned above. Call up any of the "normal" users and find out if they have ever ftped a file, exchanged files through AIM, or used a vpn.

What I propose is offering a NAT connection as default, but let the user opt out of it. If you have a REASON to have a public ip address, more power to you. Most of the dialup/cable/dsl users don't have a use for it.

These are the users I'm talking about. If you're using a vpn, ftping, or transferring files, you probably know you need a public ip address.

ftping to an old server that doesn't support passive connections? That's have to be an OLD OLD OLD ftp server as the RFC for passive ftp was passed in 1994. FTP servers that don't support passive connections are not RFC compliant.

you CAN transfer data directly between two users behind most nats without needing to set up port forwarding etc its just that app designers have been slow to adopt the methods reqired.

the teqniques needed are in RFC 3489

the main issue is that to use it you have to do everything over udp and that requires far more programmer effort to do well than tcp.

His claim is that the profit motive is required to drive innovation. But a simple fact refutes his claim: UNIX preceded Windows. A large part of the original Unix OS was open source. From the link:

Later, Doug McIlroy would write of this period [McIlroy91]: "Peer pressure and simple pride in workmanship caused gobs of code to be rewritten or discarded as better or more basic ideas emerged. Professional rivalry and protection of turf were practically unknown: so many good things were happening that nobody needed to be proprietary about innovations". But it would take another quarter century for all the implications of that observation to come home.

There really are other motives besides money!

I agree with your calculations, assuming that the particles behave like an ideal gas (though I think you answers are 3/2 too high).
This puzzled me too, so I did a bit of googling, and found Effect of solar wind on temperature of space.
So basically, yes, the particles have that temperature, but the density is so low that the temperature is still gonna be around the microwave background of 2.7K

And what happens if the Evil Bit gets flipped in the download?

Good? Bad? I'm the guy with the gun.

Expanding on a previous comment: A 1970's IBM project, System/R, developed "Structured English Query Language" shortened to "SEQUEL", and later changed to SQL. The CORRECT pronunciation of "SQL" is still "sequel". Saying "ess kew ell" is the sign of a newbie. Not that there's anything wrong with newbies, until they get fresh about things they don't know about. See e.g. http://www.faqs.org/docs/ppbook/c1164.htm

your spam filter would reject unsolicited emails without this "stamp"

That doesn't make any sense - how exactly does the spammer *know* that the mail has been rejected?

If you say "because of the bounces", allow me to introduce you to the concept of forged mail headers

Spammers don't care *right now* if their spam actually reaches someone. Why would they caring just because people started using "e-stamps"?

Um http://www.faqs.org/faqs/windows-emulation/wine-fa q/....that's what the e stands for. Sure it's a set of local APIs.....that allow you to emulate windows programs.

Where to begin with the jokes?

But penguins cannot fly!

Great! Now we can re-shoot Hitchcock's "The Birds" with the [RI|MP]AA as the stars!

Now I'll have to wash all those core dumps off my car!

SQUAWCK! We are the Borg. SQUAWCK! Resistance is futile! SQUAWCK! 4 of 99 wants a cracker! SQUAWCK!

A robotic parrot/web server is the perfect gift for a data pirate - when will ThinkGeek carry them?

Do they use RFC 1149?

I'm a very happy bunny, syncing my Tungsten E to both JPilot and gnome-pilot, as the mood takes me. This is on Debian unstable running Linux 2.6.

Things to beware: when you plug in your palmtop, it'll create two /dev/ttyUSB devices. You want to put the second one into your apps (so it creates /dev/ttyUSB0 and /dev/ttyUSB1; you use ttyUSB1).

Secondly, if you sync to multiple apps, don't try to run more than one at once, as it will make the dye run. Don't do this.

If it stops working for no reason, check that it hasn't got itself tied up and created two sets of devices (so you think it's ttyUSB1, but it thinks it's ttyUSB3, for instance).

I believe I pulled most of this information out of http://www.faqs.org/docs/Linux-HOWTO/PalmOS-HOWTO. html , which is rather good.

"It is mathematically impossible to create a program compressing without loss *all* files by at least one bit."

My point was that eventually there's a point where compression can't do any more. We'll probably never see a compression algorithm that shrinks a full-length movie to 4MB while maintaining its original quality, for example.

NextSTEP was always based on gcc, so it didn't cost them to bundle it with the OS. (well, the only cost was that they discovered that it would require them to release the source for the Objective C front end, but that was a one time cost, not per unit)

Irix didn't have a bundled compiler. It was actually worse than most because the header files (/usr/include) came with the unbundled compiler, so you couldn't easily get a third party replacement like gcc.

In the mid-80's USL's license scheme charged vendors more to sell with a compiler and with troff, so many of them unbundled their compilers. Some of them (those assuming that most of their customers needed a compiler.) paid USL the extra money, got a volume discount, and continued bundling the comiler. Since a good portion of Sun's customers were buying their workstations for things like CAD workstations, passing on USL's price increase wouldn't have made sense.

NextSTEP was always based on gcc, so it didn't cost them to bundle it with the OS. (well, the only cost was that they discovered that it would require them to release the source for the Objective C front end, but that was a one time cost, not per unit)

Irix didn't have a bundled compiler. It was actually worse than most because the header files (/usr/include) came with the unbundled compiler, so you couldn't easily get a third party replacement like gcc.

In the mid-80's USL's license scheme charged vendors more to sell with a compiler and with troff, so many of them unbundled their compilers. Some of them (those assuming that most of their customers needed a compiler.) paid USL the extra money, got a volume discount, and continued bundling the comiler. Since a good portion of Sun's customers were buying their workstations for things like CAD workstations, passing on USL's price increase wouldn't have made sense.

Refer to the third truth.

You want to use IP datagrams on avian carriers. Have your dissidents encrypt their messages memory cards, strap them on a pigeon and send them over to a friend outside who acts as a bridge with the internet. The friend does the reverse. This is actually a high bandwidth network. Just make sure you run like hell if the pigeon doesn't make it, you never know...

http://tor.eff.org/

It is free software from the EFF. It is an anonymous socks proxy.

Blade Runner featured a lot of photographs, as that was one of the characteristics of Replicant psychology. However, the specific photgraph in question was, in fact, meant to be holographic.

The back cover is a color still from an aborted sequence in which Leon's photo turns out to be a hologram that shows Batty's head turning (Cinefex no. 9, July 1982).

You may also recall the photograph of the little girl and her mother that "moved" for a second.

the last I heard, polygamy was not part of the established Christian denominations

Hmmm, maybe they need to review their Old Testament?

(Not a Mormon or Christian, but I identify as polyamorous.

telnet www.slashdot.org 80

telnet www.slashdot.org 80

http://www.faqs.org/docs/artu/ch05s02.html

• RFC 3143 - Known HTTP Proxy/Caching Problems
• RFC 2068 - Hypertext Transfer Protocol -- HTTP/1.1 (see sections 8.1.3 and 13, 14.9 and 15)

• RFC 3143 - Known HTTP Proxy/Caching Problems
• RFC 2068 - Hypertext Transfer Protocol -- HTTP/1.1 (see sections 8.1.3 and 13, 14.9 and 15)

As a web developer, I've actually found that the best way to reduce page load time is highly aggressive caching - like telling the browser with headers to use a cached copy if it has one, and closing the connection.

Why would you close the connection? If you have a 304 Not Modified response for an HTML document, chances are the client will still want that connection around to get the stylesheets, images, etc. All you are doing by closing the connection is forcing the client to open a new connection.

Now what would make the web *really* fast would be some kind of CVS system, so the browser can say which version it has cached, and you send a diff to update to the most recent version.

See RFC 3229. It's not usually feasible because hosts and caches have to store revision histories, and it's rarely worth the complexity.

Prodigy? CompuServe? I think they may want to consider yet another update.

They're both still around. CompuServe is now part of AOL, and Prodigy is now SBC Internet. But yes, I agree that the wording needs updated for the fact that all commercial ISPs go to the same Internet (and not President Bush's other internets).

Please modify parent -1 "Should have googled obvious question". The Fortran FAQ answers: http://www.faqs.org/faqs/fortran-faq/

From the FORTRAN FAQ (http://www.faqs.org/faqs/fortran-faq/) :

FORTRAN and C have different semantics. A FORTRAN optimizer knows more about aliasing, function interactions, and I/O. A C optimizer has to infer or compute such information. C bigots typically have neither written such optimizers nor worked with folks who do it for a living, and are prone to dismiss such arguments as being petty and neolithic. FORTRAN programmers are often a bit more in touch with high performance computing, and are unwilling to bet that heavily on compiler wizardry.

There is a vast body of existing FORTRAN code (much of which is publically available and of high quality). Numerical codes are particularly difficult to "vet", scientific establishments usually do not have large otherwise idle programming staffs, etc. so massive recoding into any new language is typically resisted quite strongly.

Fortran tends to meet some of the needs of scientists better. Most notably, it has built in support for: - variable dimension array arguments in subroutines - a compiler-supported infix exponentiation operator which is generic with respect to both precision and type, *and* which is generally handled very efficiently or the commonly occuring special case floating-point**small-integer - complex arithmetic - generic-precision intrinsic functions

Nonsense. Even today, given sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead.

Our old story on VoIP Wiretapping

Interestingly in U.S., there are serious legal restrictions on the use of wiretaps by police agencies. The Supreme Court has consistently held that wiretaps qualify as searches under the Fourth Amendment.

Article on related topic of Open Internet Wiretapping: Carnivore

IETF (Internet Engineering Task Force) policy on wiretapping which says: The IETF restates its strongly held belief, stated at greater length in [RFC 1984], that both commercial development of the Internet and adequate privacy for its users against illegal intrusion requires the wide availability of strong cryptographic technology.

Another issue: Is Dialing Into a Conference Call an Interception?