Slashdot Mirror

5917698154
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

1182021410
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

10604950724
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

8975823972
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

7584318488
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

6838745939
Here is your navigator : Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

3368513944
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows 98)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

8596385130
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows 98)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

7369756360
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows 98)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

7515482293
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

9361037224
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

6722437867
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

2980591721
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

6524460562
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

2668901396
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

1886491672
Here is your navigator : Mozilla/4.7 [en] (X11; U; Linux 2.2.3 i686)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

3082166927
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

6166270629
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

319320611
Here is your navigator : Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

554285544Here is your navigator : Mozilla/5.0 (Windows; N; Win98; en-US; m14) Netscape6/6.0b1
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

Here is your navigator : Mozilla/5.0 (Windows; N; Win98; en-US; m14) Netscape6/6.0b1
Just a security hole of Slashdot. You can find this kind of hole in all sites which has a forum. I think that in site like e-trade you can make some people asks for stocks.
You can contact me there : Krakus.Irus à voila.com
If you want to retry.
If you want to know more.

Very unfair. The term "lie" indicates that I was deliberately misinforming people. That is certainly not true. I was using the term that the people I've seen talk about this Linux feature use. I will admit I have not spent the time to really understand "capabilities" or "privileges".

You are welcome to cite references to your distinction between "privileges" and "capabilities".

A few links:

Pavel's capabilities page

Linux Weekly News listing of Linux capabilities as of 2.2.13.

Secure-programs-how to contains a lot of security related information, including references to the POSIX standards. The POSIX information looks a little dated though.

This link from kernel-traffic indicates that there are several different concepts of what "capabilites" are, and gives some details about what each style consists of.

Let me be clear, I don't know much about capabilities, but I know that they are talked a LOT about on lkml. Simply calling me a liar and saying that it's "privileges" not "caps" doesn't really help educate anyone.

Some highlights:

• If Windows is also on the computer, DrakFont gives the user access to his Windows fonts under Linux.
• Enhanced USB support for modems, printers, Zip drives
• i810 based video cards now supported
• ATA 66 (UDMA 66) interface
• For professional environments, now shipping ReiserFS, a new journalized file system
• All Helix Code GNOME improvements incorporated

Some of the stuff in the previous version (7.0), was framebuffer support, SuperMount (which automatically mounts removable media), security levels (eg., 4 & 5 default to no externally accessible services - you have to turn them on yourself), and DiskDrake, which allows you to resize fat/fat32 partitions at install time (and is FREE!).

They've always been pentium-compiled and have always had a strong focus on shipping with a slick KDE desktop. They also appear to have more solid releases than Red Hat, and release often, so you can run stable-but-recent (as opposed to Debian, where you've got a years-old stable release system or recent unstable system).

There's a good article at LWN - http://lwn.net/2000/features/Linux Mandrake.phtml and, of course, information all over Linux Mandrake's website. ;)

• The cost is for the final system, which includes an eventual replacement of the current nodes and the addition of lots more of them.

• Don't forget the I/O subsystem as well.

• Don't forget the onsite engineer

I can't resist pointing out that LWN wrote an article about this cluster, complete with pictures....

Saw this a couple months ago. It gives some nice perspective on how guys who are presumably used to dealing with well-though-out UI feel about Microsoft's efforts.

lwn.net/980212/a/shuttle.html

It does a little explaining, though I'm not sure there is an absolute justification given. Again, as you said, if you don't like it, don't use it.

Consideration is a legal concept which describes something of value that is given in exchange for a performance or a promise to perform. The presence of consideration distinguishes contracts from gifts. Consideration can be a promise to do something there is no legal obligation to do, or a promise to not do something there is a legal right to do. Promises to exchange money, goods, or services are forms of consideration. All parties in an agreement must give consideration in order to create a contract, but courts typically do not look at the adequacy of consideration unless there is evidence of some type of wrongdoing by the party benefiting most from the contract.

It's on http://lwn.net/2000/features/LinuxMandrake.phtml

If they're not using dual procs, then I find it hard to believe that it's more powerful than this.

Quote from site: The FSL cluster (called "Jet") currently consists of 276 nodes, organized into three long banks. The nodes are unmodified, off-the-shelf Compaq Alpha systems with 667 MHz processors and 512 MB of memory.

...but then again I ain't no hexpert. Anybody care to comment?

Wonder how come this didn't make it to Slashdot (no, I didn't submit it, but strange that noone did?)

Anyone anxious to take the 2.4 plunge, but wondering what has changed might want to take a look at http://lwn.net/1999/0819/a/wwol2_4.html . It somewhat dated -- August of 1999 (anyone know where to find one more recent?), but hopefully most of its content will still be valid.

--

I'd just like to say that linsider isn't the only investment site focusing on linux companies. there are a few like OSInvestor, LinuxStockNews, and LWN's Stock Page, to name only 3.

devfs is in.

devfs = Device File System. Instead of makedev and having dozens and dozens of device files in /dev/, 99% of which you don't use (ya sure, I have 20 ide partitions. And 5 sound cards. And 9 SCSI CD-ROM drives...), you mount /dev as devfs, and only see the devices you have. Simplifies life a great deal. More info at the devfs overview. Devfs has existed as a patch for a good time now but Linus had issues with it.

Congratulations to Richard Gooch on his efforts over all this time and his tireless dedication to getting in into the kernel. Hats off to you.

This is a great point. Once his code is released, any future patents on the idea could be shot down via prior art, AND all the messiness with HURD/*BSD could have been avoided. Not to mention the point that IBM's been doing this for 20 years, as mentioned in another posting, so this patent in itself is probably flawed.

He stated in his email that he a) wanted to avoid paying royalties to someone else to use his idea and b) has had to pay extensive legal fees for getting the patent.

It seems like he's traded the POSSIBILITY of paying a huge legal bill for the FACT of a huge legal bill.

If someone tried to patent it later on and collect royalties, he might have to pay an attorney to shoot down the claim then (via prior art), OR a big company using RTLinux in a product would have sic'd their legal department on the fradulent claiment - saving Victor the hassle & expense. Either way - there's a good chance he'd never pay a cent.

his is the first technical information on this attack that I've run into. Everything else I've seen seems to be targeted to the non-geek crowd.

Check out some of these links for a more "technical" report.

Linux Daily News had Slashdot scooped on this issue by more than an hour, and I submitted this half an hour ago. It was promply rejected. I sort of wonder why Slashdot is now the last news source to get anything, even when it's about them.

One could always do what Linus did for backing up his work --sharing it with the world. I heard he didn't have a tape drive for many years until he was given an Alpha, but his work could always be found somewhere on the internet in good hands.

The internet will always save your best work and discard the junk.

Note that not every Microsoft security vulnerability out there is listed, either. Do a search on vunlerabilities by vendor for Microsoft at Security Focus, which is at http://www.securityfocus.com to see all 235 vulnerabilities listed, most of which Slashdot missed.

Good resources for Linux security news, specifically, are Linux Weekly News at http://lwn.net/ and its continually updated Daily Edition at http://lwn.net/daily/ For additional resources you can visit Linux.Com's security section at http://www.linux.com/security

Note that not every Microsoft security vulnerability out there is listed, either. Do a search on vunlerabilities by vendor for Microsoft at Security Focus, which is at http://www.securityfocus.com to see all 235 vulnerabilities listed, most of which Slashdot missed.

Good resources for Linux security news, specifically, are Linux Weekly News at http://lwn.net/ and its continually updated Daily Edition at http://lwn.net/daily/ For additional resources you can visit Linux.Com's security section at http://www.linux.com/security

Linuxs security modell needs improving, too.
Quoted from lwn.net
"...goes on to point out that the problems fixed in that Red Hat's recent update to lpd were originally reported in this advisory, dated ... October of 1997? Ouch."


Read the whole story

Anyway, as the song goes, "Whatever it is, I'm against it!" :-)

---

In answer to roblimo's question, I find that Linux Weekly News (www.lwn.net) already does an excellent job of such roundups. This isn't something slashdot needs to duplicate.

As Michael H. Warfield points out in this linux-kernel message, it's a golden opportunity to get IPSEC into the 2.4 kernel, and US-based Linux distributors can now bundle PGP, SSH, etc., with their next versions.

Maybe the spooks (or at least, the spook-meisters) are doing a 180 turn on how to deal with cryptography distribution, from "don't let anyone else have it" to "if everyone else has it, we want it, too".
--
"But, Mulder, the new millennium doesn't begin until January 2001."

Can you comment on possibilities for developments relating to transaction processing and database management systems?

"For instances" to make this clearer include:

• RHAT has apparently been putting work into the availability of raw partitions that the major DBMS vendors prefer to the use of native filesystems.

  Ala SCT-RAW , raw i/o patches

• TP monitors such as BEA Tuxedo as well as message queueing systems such as IBM MQSeries.

  There's one "libre" option, Isect

There may be some bullshit in this article, but it is not entirely bullshit. For instance, Red Flag Linux apparently does indeed exist, as a Google Linux search will reveal. Linux Weekly News covered it in this article back in August of last year. It also refers to an article in ComputerWorld China (in Chinese, of course).

Now that I've got the "Informative" part of this comment out of the way, I'll add the "Flamebait": For the Chinese government to use a Linux-based OS does not demean Linux. There are millions of people in the world who use Linux-based systems already. Some number of these people are assholes; this does not make Linux an assholes' operating system. Some number of them beat their spouses or children; this does not make Linux a domestically violent operating system. By now there's probably been a serial killer or two who's used Linux ... does this make Linux the operating system of serial killers?

It is true that by using a more efficient, less crash-prone operating system, the Chinese government may become more efficient itself. In theory, this could be bad for the Chinese people: an efficient tyranny is likely worse than an inefficient one. However, I suspect that this would be more than balanced by the fact that involvement with Linux has the potential to lead to greater integration of China with the Net: how are they to keep up with new software developments if they don't have connectivity? And greater integration with the Net might very well lead to the spread of democratic ideals in the Chinese population, especially in the technologically adept population sectors who are most likely to come in direct contact with Linux-based systems.

Finally, I must add the following: China (says the Guide) is big. Really really big. You may have thought Texas was the epitome of big-itude, but that's just peanuts to China. China has big history, big culture, and lots of other big things too. The Chinese civilization has survived other bogus and tyrannical dynasties, and it will survive the "Mao Dynasty" as well. Right now things are obviously getting a bit shaky over there -- the Falun Gong crackdown indicates to me that the regime is scared of imminent popular uprising. In some sense, wouldn't adoption of Linux (and all that it entails) throw that much more Blessed Chaos into the mixture?

There may be some bullshit in this article, but it is not entirely bullshit. For instance, Red Flag Linux apparently does indeed exist, as a Google Linux search will reveal. Linux Weekly News covered it in this article back in August of last year. It also refers to an article in ComputerWorld China (in Chinese, of course).

Now that I've got the "Informative" part of this comment out of the way, I'll add the "Flamebait": For the Chinese government to use a Linux-based OS does not demean Linux. There are millions of people in the world who use Linux-based systems already. Some number of these people are assholes; this does not make Linux an assholes' operating system. Some number of them beat their spouses or children; this does not make Linux a domestically violent operating system. By now there's probably been a serial killer or two who's used Linux ... does this make Linux the operating system of serial killers?

It is true that by using a more efficient, less crash-prone operating system, the Chinese government may become more efficient itself. In theory, this could be bad for the Chinese people: an efficient tyranny is likely worse than an inefficient one. However, I suspect that this would be more than balanced by the fact that involvement with Linux has the potential to lead to greater integration of China with the Net: how are they to keep up with new software developments if they don't have connectivity? And greater integration with the Net might very well lead to the spread of democratic ideals in the Chinese population, especially in the technologically adept population sectors who are most likely to come in direct contact with Linux-based systems.

Finally, I must add the following: China (says the Guide) is big. Really really big. You may have thought Texas was the epitome of big-itude, but that's just peanuts to China. China has big history, big culture, and lots of other big things too. The Chinese civilization has survived other bogus and tyrannical dynasties, and it will survive the "Mao Dynasty" as well. Right now things are obviously getting a bit shaky over there -- the Falun Gong crackdown indicates to me that the regime is scared of imminent popular uprising. In some sense, wouldn't adoption of Linux (and all that it entails) throw that much more Blessed Chaos into the mixture?

LWN (the source of this story, uncredited as per the norm on Slashdot) has a fairly consistent habit of presenting the original email it received, pretty much unchanged. That means whatever .sig you attach ends up in the email.

I don't know why they have this policy, but I doubt it was a conscious effort by ESR to put the "propoganda" (as you put it) in an article about the DVD CCA.

Anyway, it's debatable that the mere presentation of statistics is propoganda. It's up to you to interpret them however you like.

Redhat just put out an update for sharutils.

Anyone else see any last minute updates?

According to LWN 108.

"...where the forms could be automatically read, via the RF interface, without even opening the envelopes."

Er, what's to stop me from swiping your mail (somewhere in the chain there's bound to be a weak link, or even from within the mail system itself, we know how dependable they are) and reading it myself? I realize that Census records aren't that interesting, although I'm sure many corporations would love the market research. But if that sorta thing caught on: what if your taxes were filled via paper computer? Sounds like an easy way to get confidential information out of unsuspecting victims.

And anyway, why send a paper computer (which would cost more than paper, and takes a while to reach the destination) when you can send email (with an attachment if need be)? This might be a good idea in a very small amount of applications (in areas where email isn't a viable option for security reasons, for instance), but it seems like it has been outdated by more recent, cheaper, and faster alternatives. Once encryption reaches the right levels, we should be able to do much of what he suggests online (in fact, we already can). If you factor in the fact that all the technology in that paper computer could easily be built into the wall next to your front door (or anywhere), it seems like getting computer-paper mail would be a waste of resources. Factor in portable computers (both PDAs and the more techno-keen wearable computers) and e-books and you have a pretty small market.

I think that, sad as it may be, the market for paper computers is almost past. It would have been a perfect technology for the transition to a more technologically integrated culture (read: computers built into the infrastructure and daily life, but they're so inconspicuous you hardly notice them), but since we seem to be on the road there already--see the computer touchphone, the on-hand PC and driving with night vision--I don't think it's going to work in this late stage. I'm sorry for Jim, but I just don't think he's gonna have luck with the invention. Damn cool invention though.