Slashdot Mirror

solitas writes "NASA isn't just "going back to the drawing boards" to get back to the Moon, they're also going through the museums and archives so that the new engineers can rediscover/learn how it was done the first time." From the article: "Some old Apollo engineers are even being brought back on a contract basis to work with the young folks, some of whom were not even born when the Saturn V was flying lunar missions. The new manned exploration project, called Constellation, is deliberately drawing upon lessons from the past as the space agency works to meet a congressional deadline of flying the Ares rocket ... In fact, NASA Administrator Michael Griffin has described the new program as 'Apollo on steroids.'"

Phoenix-IT writes "How many of you remember the classic strategy game Archon? Curve Software is remaking the original game for DirectX with support for network play. Distribution details are undetermined. There are long term plans to port to Macintosh and UNIX environments, but no details at the moment. The game is not open source because it contains some of the original 8-bit code, which was donated to the project, but a public beta might be on the way!"

A not-so anonymous Anonymous Coward would like to put this query before you: "I'm not a fan of Windows, and never have been, but I am a fan of the x86 architecture. I really like Linux, but there are still a few issues that are keeping me from switching completely. I really like Mac OS X but I don't want to drop $2000 on a computer that is only as fast as an x86 computer at half the price. Darwin, Mac OS X's unix-ish core, has been ported to x86 and Microsoft's upcoming Longhorn OS seems to be disliked by everyone but Microsoft. If Apple released Mac OS X to compete with Longhorn, would you switch?"

benna writes "The New Scientist reports, 'The Big Bang sounded more like a deep hum than a bang, according to an analysis of the radiation left over from the cataclysm. Physicist John Cramer of the University of Washington in Seattle has created audio files of the event which can be played on a PC. "The sound is rather like a large jet plane flying 100 feet above your house in the middle of the night," he says.' Apparently the idea for the project came from an 11 year old."

linuxizer writes "I've been poking around in Penn's Library for most of my Freshman year, looking up copyright statistics. What I found is basically what many suspected all along: extending and strengthening copyright terms has little effect on actual innovation. Perhaps most fascinating is the strong 40-year upward trend in registrations which is sharply broken in 1991 with a precipitous decline. Also included are some interesting observations about the RIAA's data. The numerous graphics should be well-enough explained that you don't need to go to the data files, but they are included if needed."

mnemonic writes "How are hundreds of air, ground and sea units simulated in a multiplayer flight simulation with high fidelity, all the while maintaining a smooth framerate for dialup users? Two network protocols, a hybrid server-client peer to peer architecture (the latter of which is reportedly used by Doom 3) are only some of what it takes to keep Falcon 4.0, a beast of a game, playable online."

deque_alpha writes "The Gentoo Linux distribution has been forked by a group of Gentoo developers and community members. This fork is being placed under the control of the non-profit Zynot Foundation, which will "hold the source code, trademarks, and any other intellectual property developed by and for its community." The goals of the fork include improving stability and cross-platform reliability to bring the Gentoo-developed technology to the enterprise and embedded arenas." Another reader points out Zack Welch's long article at Zynot.org on reasons for forking the Gentoo distribution.

Black Diamond asks: "I know I'm not up to speed on cell phone encryption, but I was wondering, are there any cell phones that let you handle the encryption from your end of things? Something along the lines of a phone you hook up to your computer to input specific encryption keys for specific contacts, as well as a private key for yourself. Is such a thing plausible, or should you trust the standard encryption that comes on some cell phones nowadays?"

Aluminum Tuesday writes "During a raging internal debate over whether to fork out for the new Gameboy Advance SP, I came across the Korean GP32, a handheld console that looks superior to the GBA in every way. It's capable of emulating the GBA, Super Nintendo, Commodore 64, etc. plus there's a SCUMMVM engine for Monkey Island games and a Java VM. Seems to have a huge online following. It runs its own OS, and there are programs capable of playing divx/mp3 files, though there's also a Linux port on the way. Not too expensive either. (99UKP / 149USD) That's a UK supplier; they ship worldwide, though I found this more expensive American supplier too. (179USD)" Gotta catch 'em all!

bigboyofeq writes "The Budapest University of Technology and Economics is hosting the 3rd 24-hour programming contest. For the first time, it's open for teams from all over the world. The winner team gets 4000 Euros, so it's worth a look. When I took a look at the pictures of the previous years, I got really excited. They are available here (comments are in Hungarian)."

redfenix writes " Here, there, and everywhere, the words "Internet Tax" are being uttered with intentions of bolstering state budgets. It may be inevitable that products purchased on the net will be taxed someday. The real question is: can the fragile internet economy really help local tax economies now?"

mnemonic writes "DigitalVideoEditing.com has posted its third Mac vs. PC comparison, dealing with performance in After Effects and Photoshop, graphics applications one might expect the Mac to be significantly faster in. It should be noted that the author, Charlie White, is a long-time PC supporter and disliker of Macs, though, as he shows, this preference is for as legitimate reasons as the ones devoted Mac users cite to disparage PC's. Ace's Hardware has another comparison that goes further in depth into the specifics of the G4, P4 and Athlon processors. As when comparing any two pieces of hardware, it's important to think not only of the relationship between performance and specification, but performance and price."

Meshach writes "The globe and mail has an article about how yahoo is starting to charge for their email service. Payment is not mandatory but if you don't pay you have many restrictions on your accont. It says that while many are angry about the change enough people are paying that it is helping Yahoo rebound from their slump. This seems like a recent trend in e-business." The conventional wisdom around web stuff that's been free, but converts to pay is that "they die off, no one wants to use it anymore etc etc", but I think what people fail to realize is that for many businesses, less people is *just fine*, if those people are paying.

vwbus writes "The guys at Muropaketti have taken a brand new Pentium 4 2.80GHz chip, bought a pint or so of liquid nitrogen and overclocked it to an astounding 3.917GHz. The Finns describe how they put together the system on their web page, and luckily there are a whole set of pictures which demonstrate exactly what they've done, so you don't need to understand Finnish to figure it out. The pictures show wisps of nitrogen evaporating from the jar sitting on top of the CPU, and they publish some SiSoft figures to demonstrate the kind of speeds they attained." The folks at Muropaketti have had a lot of practice with this cooling method.

Tonight Slashback brings you updates (below) on the video card ATi isn't really putting out, home-brewed electronic multi-room temperature control, NPR's linking policy, and more. Enjoy!

Welcome to the Fantasy Hardware League Regarding our post on the allegedly upcoming Radeon 8500 MAXX, reader eyelove yu writes: "This pic is fake, as many people have suspected. HardOCP.com (on front page) quoted Rubeena Hussein of ATi as saying,'"We have no current intentions of making this or similar boards.'"

Soon we will be able to assemble an entire system created in Photoshop. Yay.

Or you could roll down the windows ... vt@home writes: "As a followup to the earlier story, here is a system that not only allows to monitor the temperature throughout the house and draw nice charts, but also does already have computer controlled vents and even allows to control the A/C unit. Basically, this is a do-it-yourself zoning system, for under $500. Of course, the source is GPLd ;)"

Next week, the sidewalks will practically be free for public use. juanfe writes: "It's not like they really had any power to enforce their previous one, but NPR modified their Terms of Use on June 27. Now, linkers do not have to submit a form asking for permission, but NPR "reserve the right to withdraw permission for any link". More commentary from others.

Nothing like hundreds of angry bloggers threatening to withhold membership contributions to their local station."

Raising a stink to the power of 10. Snarfangel writes "After seeing Yet Another Slashdot Article extolling the virtues of meretricious metrification ("Isn't it Time for Metric Time?"), I decided to fight back the only way I know how -- by subjecting an innocent website to the Slashdot effect: This site goes into great detail about the importance of being Ernst (or at least Max Karl Ernst Ludwig) Planck, especially his system of units that only depend the fundamental constants of the universe -- the speed of light, the gravitational constant, the Planck constant, and the charge of the electron. With appropriate scaling, you get a unified measurement system that is not only more logical than Le Systeme International d'Unites, but is also much better for calculating physics problems in your head.

After all, if we are going to go to all the effort to change our measurement system, why not use that same effort and get the system *right* the first time?"

On a different note, Colin LeMahieu writes "I noticed your post on metric time. I stumbled across this while looking for various computer timing related articles and found it pretty interesting. This might not be as popular as metric time, but it seems to make more sense. The whole system is based on time as a fraction of a day; it even has the scientific measurment on how to re-produce the time, as with any scientific measurement."

Anonymous Coward writes "Hoy! There is some crazy guy who is all set to prove that the value of the mathematical constant Pi is same for all dimensions. He has calculated Pi for the 4th dimension - and it..it's almost equal - 3.1447817532635 wheras the calculated value of Pi in 2 dimensions (circle) is 3.1416999189943. Math nerds can calculate the percentage error. The project is on SourceForge.net and they even have an online version "

deque_alpha asks: "I am a system administrator for a small K-12 public school district. I am taking over after a bunch of goofballs have really messed things up, the technology department is in utter disarray. I have near infinite problems, but the hairiest are with people sucking up what little bandwidth we have, introducing virii, downloading warez, and generally causing problems with P2P file sharing programs. I don't generally have a problem with these programs, but they are not an appropriate use of the limited bandwidth of a K-12 institution as they provide little in the way of an educational resource, not to mention the legal liability they potentially introduce. The rub lies in that these people are teachers, and I have virtually no policy to back me up if I come down on them, but shutting them down is neccesary to maintain harmony (and legality) on the network. I don't have the authority to pen new policies myself, and my supervisor cannot to be counted on to do it either. Have any of you been in this position before? How would you approach solving it without totally alienating your users? How do you broach the subject of introducing new policies with supervisors?"

YttriumOx writes: "Eyetech Ltd, a UK based company now has the AmigaOneG3SE for prerelease to developers. Anyone who's been craving a PPC motherboard for either Linux or the New AmigaOS can put their orders in now. The developers prerelease board comes with a TurboLinux PPC CD. While this system is targetted at Amiga owners wanting new hardware, there's no reason for anyone needing a good PPC solution for Linux can't get their hands on one. You've got until the 24th of March if you want a prerelease board (note that the only difference between it and the final board is that the ROM chip in the final board will be an AmigaOS4 ROM where as it's an OpenPPC BIOS in the developers board. Exact specifications of the board can be found here." This is also a good solution for people who want to use Linux on a PowerPC but do not want to buy an Apple machine. Price for the "beta" board is $450 and final will be $500.

Slashback brings you tonight updates and amplifications on the Treo portable drive, recent Higgs Boson findings, finding LDP documentation authors, and more. Author! Author! (Uhh ... author?) Providing a timely update to the Debian / LDP licensing snafu unmadindu writes: "The LDP requests people (even if they are not LDP authors)who are reading this message to forward it to their respective LUG mailing lists. Maybe some of the 'unreachable authors' are still in those LUG lists."

Yup. Sure looks prime to me, yessir. Cesaro writes: "BBC is reporting that the largest prime number yet found has been verified. This number is 4,053,946 digits and took them almost 2 years to find on the GIMPS distributed system. More information can be had here"

This punishment may have to be let out for certain crimes. A semi-anonymous reader wrote to point out that implications of the recent Windows virus Goner may have broader implications than were previously clear. "With word that the new 'Goner' email virus was quickly spreading across the globe, 41 U.S. states and six European countries today announced that anyone caught creating or purposefully distributing a computer virus will be prosecuted under hate crime statutes for intentionally targeting 'people of stupidity.'

The trouble with sounding too good to be true ... Greg Titus writes "As a followup to yesterday's story about the Treo MP3 player (touted as iPod competition) ... Check out the Treo web site this morning (http://www.treoplayer.com/): 'Due to issues beyond Hy-Tek Manufacturing and e.Digital Corporation's control, Hy-Tek has discontinued production of the current Treo design.'"

Getting at the guts of a Linn. thegadgetman, in a fit of "blatant bit of self-promotion" with some more information about the technology that runs the recently-featured (and incredible looking) Linn KiVOR.

"The Linn KiVOR is the first of an ever increasing number of companies adopting our XiVA software for powering the next-generation of media appliances. Built from the start to run on Linux (now running 2.4 series kernel) XiVA blends hard disk technology, advanced software design and embedded Internet technology to provide amazing features.

As well as OEMing our technology, we have our own range of hard-disk audio products - our SoundServers. The M1000 is a range that goes up to 16 outputs and 3 hard-disk, and our S1000 range includes intuitive TV interface and a range up to 3 outputs. All the current products feature professional quality audio cards from Midiman. All these feature the XiVA-Link protocol which has been adopted by many of the major Home Automation controllers (AMX, Crestron etc), and is used by our XiVA-Producer PC application for meta-data editing and MP3 transfer. We also have software for automatic generation of Pronto CCF files, and an application that turns a Visor (with IR booster) into a graphical remote control that contains a listing of all the albums on the server.

Our recently launched XiVA-Net portal is the exciting new Internet based entertainment service from Imerge! It is dedicated to delivering entertainment to the new wave of internet-connected AV products. It will enable you to find out more about the music and artists you love as well as thousands you have not yet had the chance to listen to. XiVA-Net will allow you to buy music, book concert tickets and get the latest music news and gossip from the comfort of your living room. see our web-sites (http://www.imerge.co.uk http://xiva-net.com and http://www.xiva.com) for full details"

Are there no sections? Can they not delve? Since many people have submitted this story, please note that an interesting story on the Higgs Boson, or, perhaps better said, on the lack of Higgs Boson ran in the science section, and is worth checking out.

Reader Bob Johnson wrote this detailed review of Hacking Exposed followup Hacking Linux Exposed -- especially in light of the various color-coded Windows viruses still on the loose, this might be a good present for your your local Windows administrator as well, but both Bob and the authors are clear: GNU/Linux systems may be more resistant, but are not immune to cracking. Hacking Linux Exposed author Brian Hatch, James Lee, George Kurtz pages 566 publisher Osborne/McGraw-hill rating 8.5 reviewer Bob Johnson. ISBN 0072127732 summary The definitive Linux/Unix security and hacking text; follows in the full-disclosure footsteps of Hacking Exposed. What it is

While the recent Code Red worms and their offspring have taken center stage, it is not time for Linux administrators to sit on their behinds and say 'told you so.' Yes, our Unix systems may have been immune, but let us not forget the flurry of worms that came after Ramen made the scene early this year.

Most folks have heard of Hacking Exposed, the ground-breaking security book that is now coming out with a 3rd edition. One of the HE authors, George Kurtz, teamed up with two leading security experts to bring us Hacking Linux Exposed which was released in April of this year.

Hacking Linux Exposed teaches you about security from the cracker's point of view. to give you all you need to know to protect your own systems. It is written by security experts who have seen these attacks in the wild and have been protecting their own systems from them. It gives many examples of attacks, but it also teaches you how attacks of various forms occur in general, giving you a true understanding of vulnerabilities current, future, and theoretical.

The book itself is organized into four parts, each discussing a specific aspect of system security in depth.

Contents Part I begins with Unix permission models, such as passwords, file (user/group/other) modes, capabilities, limits, and other security features built into Linux. Though the authors claim this chapter is 'to get those Windows users up to speed' I found details about things I didn't know about, having been administering Linux systems for several years.

The authors then move onto proactive measures that can be taken to protect your system, under the theory that you shouldn't be reading the entire book before you start securing your systems. This section primes you with security procedures that will be referenced later in the book multiple times, and keeping it all contained seems a very logical organization. Topics include log analysis, system security scanners, hardening tools and patches. The chapter is ended with a step-by-step discussion of what to do should you suffer a break-in. While they strongly suggest a reinstall, and describe all the problems and pitfalls that brings, they acknowledge when business needs may conflict, and how to deal with differing requirements.

Rounding out the first part we move onto a chapter showing how crackers find out information about your machines and network. Naturally it includes the standard port-scanning tools, ping sweepers, and OS detection software, as well as network (in)security scanners such as SAINT, Nessus, and SARA. New administrators will learn a lot from discussions of information leakage through SNMP, DNS, whois, and even newsgroups. I believe this is the only book I have ever read to start a chapter with a piece of email Spam for educational purposes.

Part II talks about how crackers can get into your machine from the outside. We begin with a chapter entitled "Social Engineering, Trojans, and Other Hacker Trickery." This chapter is dedicated to various methods that are not necessarily code-related. The social-engineering angle is broken down into several categories, explaining the human insecurities that are most effective at getting people to give out inappropriate access or information, complete with frighteningly simple examples. The discussion of Trojans reminds us that everything may not be what it seems, such as the trojaned version of tcpd back in 1999, and explains how not to be taken advantage of by using checksums, pgp signatures, and the like. It ends with a discussion of worms. A discussion of the Ramen worm is included (the book was published very soon after this worm was released) as is a prediction that other worms may be on the horizon, which turned out to be all too true.

Next we move onto physical attacks that are used to gain access to systems, or helpful information. You are reminded how lax your office environment is (yes, we all have at least one sticky note with some password, somewhere) perhaps more than necessary. However when discussing console access, the authors return to instantly-implementable countermeasures to keep folks from walking up, rebooting, and dropping into single user mode, including a bit on encrypted filesystems.

Next comes a chapter devoted to attacks launched over the network. True to the overall style of the book, this isn't simply a list of the various POP/IMAP/Sendmail hacks over the years, but rather examples of different classes of attacks, such as wardialing, X servers, buffer overflows, denial of service attacks, sniffers, and automated password guessers. The information provided should help you prevent the known attacks and those that haven't been written yet that operate on similar principles.

The last chapter of Part II discusses attacks based on abuse of the network and network protocols themselves. We learn about abuses of DNS, routing protocols, and advanced sniffing and session hijacking that can be used to funnel your traffic through an attacker's machine without your knowledge, often without any loss in service. Man in the middle attacks against SSH and SSL are also well explained, and critical for anyone to understand before blindly clicking 'ok' to PKI-based warnings. The chapter ends with a discussion of the hazards IP-based trust relationships, and how to properly implement ingress and egress filtering.

All the topics to this point have been geared to keeping the attacker off of your system. In Part III, the authors move on to how an attacker that has already gotten onto your machine in some way will ultimately hack the root account.

We begin with PATH and permissions problems, insecurities with suid/sgid and custom root-run scripts, and common problems with poor sudo configuration (including a script you could use to allow limited editing of /etc/passwd via sudo safely.) It continues with local buffer overflow, format string vulnerabilities, race conditions, and hard/symbolic link problems. A very good chapter for anyone writing code, in addition to security administrators.

Chapter 9 is devoted to password cracking techniques and programs, such as Crack, John the Ripper, and pointers to useful word lists. Shadow passwords, including expiration information, is explained, as well as other systems that use passwords such as Apache .htpasswd files. Lastly, they describe good methods of choosing and enforcing strong passwords via PAM.

Chapter 10 shows you all the evils an attacker can do to your system after having cracked root. This chapter reads like a ringing wake-up call if you think a machine can be properly resecured once it has been compromised. The authors show some simplistic methods a hacker can use to maintain access, such as modifications of .rhosts, read/write nfs exports, and suid root shells, to more advanced methods such as the use of SSH authorized_keys which are suprisingly still not part of most script-kiddies arsenal. It then moves onto several methods of creating a network-accessible root shell (a wacky custom one is written in perl and netcat). The rest of the chapter is devoted to trojaning a system by replacing/recompiling new versions of system programs (netstat/ls/etc) which can be used to hide an attacker's activities. Loadable kernel modules which can do the same, but are potentially undetectable are discussed, complete with code. This chapter could have been titled 'How to build your own rootkit' given the detail they provide.

The last main part of the book discusses firewalls, web, mail, and ftp servers in detail. The server room is still where Linux is most often deployed, and the authors decided to give extensive detail about how to secure these commonly-provided services.

Chapter 11 discusses mail and ftp security, services that are most frequently run by the buggiest of software. However, the authors don't waste their time listing the insecurities that have existed in each product over the years (which would have taken several books) but instead look at current problems in implementations and the protocols themselves. For the mail section, it was refreshing to see that Postfix and Qmail were given equal air time along with Sendmail The authors described attacks that affect Sendmail, Postfix, and Qmail, showing the necessary fix for each mail server. The FTP section began the actual workings of the FTP protocol in both Active and Passive modes to allow you to understand the problems with the protocol itself and how it can be used for FTP bounce attacks, penetrating poorly-designed firewalls, and how data hijacking can occur.

Chapter 12 discusses both webserver configuration issues (Apache being the most prominent) and server-side dynamic content insecurities. The authors show you how to trim overly-permissive configuration options that are enabled by default, protect your HTTP authentication files, tighten proxy settings, decide where symlinks are appropriate, and more. The CGI (mod_perl, etc) section does a good job of showing you common pitfalls you or the programmers you support make every day that can lead to a compromise.

The last chapter of the book discusses how you can enable access controls and firewall rules to keep the bad guys off of your machine. They discuss TCP Wrappers along with inetd, xinetd, and even how to integrate them into your own daemons. They give detailed examples of how you can implement packet filters on your machine. It was nice to see iptables described as prominently as ipchains, especially since the 2.4 kernel was barely out when they released the book.

The last section of the book is the appendices. The first discusses the package management systems of various Linux distributions (RedHat, Debian, Slackware) and how to install/upgrade/verify your packages. The next details how to see what services you are running and how to turn them off, again describing distribution-specific methods where appropriate. The last appendix consists of three actual-hack case studies. If you've read Hacking Exposed then you're familiar with the 1-2 page case study at the beginning of each chapter. Here they included much lengthier case studies, including the code the attackers used. The increased length works much better, and provides a good view into these attacker's methods.

Presentation This book is very well organized, and includes the right combination of discussion and code. They made frequent use of special 'Caution', 'Note' and 'Tip' graphics to emphasis specific issues, and each attack begins with a 'Risk Rating' that lets you understand which attacks should be secured first as you attempt to implement all the countermeasures they make. No issue was brought up without a specific countermeasure you can implement today.

Many security books out there focus on various tools available to attackers, and read like a shopping cart with occasional text interspersed. This book focuses on the attack methods themselves, rather than the tools. As such it contains information about cracking programs where appropriate, and reads more like an educational journey of hacking methods. When many similar tools are available, only a few are described in depth, and eliminating duplication when possible, leaving you with the right information to decide which tool or tools are best for you.

One of the things that I really appreciated about this book is how the authors will start off topics with home-grown examples before discussing advanced security tools. For example, the authors give you a simple shell script that could function as a crude file integrity checker to provide you a clear method of understanding the concept before going onto detailed configuration examples of tripwire, Aide, and others. While they do not take up much space for these primers, usually half a page or so, they are excellent examples of speaking through code, rather than magician wave-of-the-hand explanations.

Conclusion Hacking Linux Exposed is a very good read. It does a great job of staying focused and interesting, without skimping on the actual details you need to secure your systems and understand the threats. The countermeasures are real and specific, allowing administrators to use this book as a tool to secure their own systems.

At many times I wished that the book were more Unix-centric than simply Linux centric. Many of the issues are similar, and the countermeasures would simply be broken down into *BSD vs Linux vs Solaris, etc. However that would have made reading the countermeasures a bit more difficult. As it is, many of the issues have similar or identical countermeasures, regardless of OS, so administrators should be able to extend what is said to their Unix OS of choice without too much trouble.

The Linux focus allows the authors to get much more in depth than they were able to in Hacking Exposed, which was disjointed at times, unable to really probe each issue. However the opposite is also true --- since they wanted to focus on Linux-specific attacks, they do not go into general attacks, such as JavaScript, cross site scripting, and other browser-related problems, for example. For these types of attacks you should look elsewhere. I think keeping the focus clean is very much worth it.

Beginning administrators may find some of the lead-up lacking in places. For example someone who is not very knowledgeable about IP may have trouble understanding some of the sophisticated network abuses and malformed packets described. However this is to be expected. This book is not standalone, nor should it be. If the HLE authors included enough information to adequately describe every nuance of IP packets then that'd be a disservice to those who already have a copy of W. Richard Stevens, and would needlessly add weight to a book that is supposed to stay focused on hacking.

The book has a website that includes all the source code in the book, released under the GPL, as well as some tools they wrote which they didn't feel belonged in the book itself. They also have book corrections on the website, as well as sections they had wished to put in the book that were rejected by the editor, such as their stance on the "Hacking vs Cracking" semantics debate, and why "Linux is Securable" (as opposed to Windows.) Needless to say, these folks won't be employed by Microsoft in the near future.

I highly recommend this book. You'll have ready-to-implement measures that can keep you busy for some time securing your systems. You'll learn a lot on the journey. And I look forward to seeing "Hacking Windows 2000 Exposed" later this year --- I can only assume it'll say "Install Linux."

You can purchase this book at FatBrain.

Luti asks: "Does anyone know of a company that sells 802.11 dongles, or a PCMCIA card that has both a regular RJ-45 connector and an 802.11 antenna? I need to be able to connect my laptop at school (wireless), and at home through my server (due to price most likely wired). I just can't see the point in either a.) buying 2 pcmcia cards for their current prices, one 802.11 and one regular 10/100mbps, or b.) buying an 802.11 card and base station, or even a second card for peer to peer . Any suggestions? Anyone else in my position?" Interesting thought. I'm sure there are hardware manufacturers making these. Has anyone tried some of these out? What were your experiences, especially with regards to OS support?

keegnotrub writes: "Mandrake just dumped 8.1 Beta on their servers. Along with updated software (KDE 2.2, kernel 2.4.8, etc) they have reworked their control center to include many new features." Word to the wise: there are some reactions to this beta -- as well as a list of known bugs and fixes -- at mandrakeforum.com. What I'd like to know is if a Wacom Intuos USB tablet will work out-of-the-box on 8.1, since I just bought a refurbed one ;)

Jon Bardin asks: "I am currently living in a dorm at the University of South Florida. The dorms come wired straight to the Internet and my connection is pretty zippy, because I have seen 2 megabytes per second download speed. I was wondering if there was a way, with the new fancy 2.4 Linux kernel, that I could shotgun at least two of the eight ethernet ports in my suite together, as to effectively double or quadruple my download speed. It doesnt have to be a Linux solution either its just all this talk about the fancy TCP/IP stack and firewalling has me thinking about things. The ethernet ports are configured by DHCP and are reasonably static... I got a new IP when I got back from winter break. so any help would be greatly appreciated." This question gets asked a lot. I wasn't quite sure if this was possible for the 2.2.x kernels, but I figure it might be time to ask this now that 2.4 has been released.

Dennis Bottaro writes: "The ruins of the two cities lay virtually undisturbed 30 feet beneath the surface of the bay, Herakleion and Menouthis are now being revealed as among the most exciting finds in the history of marine archaeology."

krogoth asks: "I'm working on a project with another programmer from Germany, and I and the person who runs our CVS server are in North America. This means that in the last 1-2 months, the other programmer and the CVS server have been online once, and that's not good enough. Is there any way to access a CVS server while it's offline (or at least have a commit/update ready to go)? The easiest way I can think of to do this would be e-mail... but then I don't have the time or knowledge to find out how to modify the server. The CVS server is running on Windows." Now this is an interesting idea. How difficult would it be to change the CVS client and daemon so that it would be possible queue up commits thru e-mail when the server is unavailable? Would any of you find this useful?

Along with an adventuring band of others, tmatysik writes: "Came across this article in the New Zealand Herald the other day. Seems that Weta Digital is now moving over to Linux for the rendering work on Lord of the Rings. Two quotes from the article especially caught my eye: [1)] 'We were able to get the SGI 1200 servers for about $15,000 each or $7500 a processor, and they run more than twice as fast as the [$40000] Octanes for pure rendering.' [and 2)] 'Just by putting in a Linux processor, the price to do a frame is up to a tenth of the cost as on an SGI workstation [running SGI's Irix operating system] so the things we can attempt are more complex.'" Update: 08/27 09:35 PM by CT : Rebecca from WetaFX sent us pictures of the team, and the mighty stack that shall render lord of the rings.

Spiral Man writes: "There has been a lot of talk lately about Linux on handheld and embeded device. One interest of particular interest to me is in-dash computers for cars. Probably the most important app for one of these (aside from the CD player) would be a navigation and trip planing package such as DeLorme's Street Atlas, and Microsoft's Streets USA. My question is: Are there any apps, or even plans to write apps like this for Linux. Preferably these would use a commercial, or at least well updated, street database, and would have to be able to track you current location with a GPS." Especially considering the coming flood of GNU/Linux-based handhelds and dashboard computers, this question will be one of the toughies for folks who want to use Free software wherever possible, but who also want the capabilities in applications like Streets USA. Are there any competitors out there in the Free world?

grimmy asks: "I've been looking around freshmeat at the floppy-Based Linux distro's, and would like some input on what fellow /. Readers think is the best one for older systems. I'm in need of a way to get a small NAT/firewall box running for my home lan with the dilemma of having very little HD space. Any recommendations would be great." [If it doesn't have to be Linux, you might find PicoBSD attractive. Does all you want, and is a doddle to reconfigure for other tasks too - nik]

Stargazer writes "Well, looks like people are having problems with Quake's release under the GPL. It's not a conflict with the license, but rather, mean-spirited people are now creating clients which give them an unfair advantage, to say the least. John Carmack ponders this problem in his .plan file, and offers, unfortunately, a closed-source solution. "

Jeffrey Starr writes "Loki Entertainment Software is posting on their web site that Civilization: Call to Power for Linux will be released April 26. " Hemos got on the beta testers list so I played it a bit last night. Its a strange feeling- I haven't played a "real" (you know what I mean *grin*) game under Linux besides Quake and Doom. It gave me warm fuzzies. I hope everyone follows the trail the Loki is blazing over there. They did a good job.

Pawee wrote in to note that GNOME has appeared over at Download.com. Interesting new mirror I guess. Wonder what other open source stuff will pop up now.

JarrodL asks: "I have a large-screen TV, which just happens to have an ethernet cable running directly behind it. I got to thinking - Would it be possible to have some kind of set-top X terminal? As I see it, the advantages of having a dedicated X terminal on the TV are that it doesn't take away one of my screens, it can run at the resolution of the TV (rather than trying to cram 800x600 into s display which doesn't support it) and it is extremely cross-platform. I remember hearing that someone hacked an N64 to be an X terminal - does anybody know about that? Ideas, anyone? "

Sacrifice sent us a link to mp3.com where you can read that GoodNoise has decided to GPL FreeAmp. It's cool that companies think this is viable. And as encoders are being developed abroad, and we'e got a player. You can't keep online audio down. Hope the record companies pay attention and embrace this stuff.