Slashdot Mirror

Even better man apt_preferences.

Pretty graphics are information.

Applying ALT tags to images used as navigation elements is wise and good. Applying ALT tags to every single image is STOOPID. Some things cannot be rendered in words.

Building a cyclotron is not that difficult technically, but finding all the needed material might be(high voltage for the magnet, and especially the vacuum pump able to get it down to about 10^-5 atmospheres...) In all cases, it certainly is an interesting project to take up if you have interest in physics, as it touches a lot of different fields of physics and teaches you a thing or two about how simple it can be to make such a complicated experiment work in theory, while being such a pain in the friggin a** in practice...

Building a cyclotron is not that difficult technically, but finding all the needed material might be(high voltage for the magnet, and especially the vacuum pump able to get it down to about 10^-5 atmospheres...) In all cases, it certainly is an interesting project to take up if you have interest in physics, as it touches a lot of different fields of physics and teaches you a thing or two about how simple it can be to make such a complicated experiment work in theory, while being such a pain in the friggin a** in practice...

Building a cyclotron is not that difficult technically, but finding all the needed material might be(high voltage for the magnet, and especially the vacuum pump able to get it down to about 10^-5 atmospheres...) In all cases, it certainly is an interesting project to take up if you have interest in physics, as it touches a lot of different fields of physics and teaches you a thing or two about how simple it can be to make such a complicated experiment work in theory, while being such a pain in the friggin a** in practice...

see http://www.citi.umich.edu/u/provos/systrace/ for details.

It looks like a promising idea. My only concerns are :
1 - performances
2 - setting up a policy file requires a good knowlwedge of system calls, and not many programmers (not to speak of users or sysadmins) have that. The interactive policy setup helps a little, but it is _you_ that have to say 'yes' or 'no'.

There is no need to speculate in how it works when you can just go to the webpage and have a look yourself. http://www.citi.umich.edu/u/provos/systrace/

For system services that change privileges based on some internal state (like authentication), sandboxing does not work very well. In that case, you want to use Privilege Separation.

On the other hand, if you have some global restrains, like root may never log in, you can use systrace to enforce them.

A combination of both methods will give you a good fit.

For system services that change privileges based on some internal state (like authentication), sandboxing does not work very well. In that case, you want to use Privilege Separation.

On the other hand, if you have some global restrains, like root may never log in, you can use systrace to enforce them.

A combination of both methods will give you a good fit.

What they're doing here is simple and clever. The idea is to run an executable, trap it's privileged system calls, and then create a policy file (call to uid map) from the run. After the policy is in place and the executable is run again, the system promotes the calls listed in the policy to the appropriate privilege level. Any new privileged calls generate an error, as they're most likely a security breach or some part of the executable that never got executed the first time.

A sample apache policy is here: http://www.citi.umich.edu/u/provos/systrace/usr_sb in_httpd.

systrace

As long as you're installing freetype2, you can make sure to fix the bytecode interpreting

...The difference on RedHat8

As long as you're installing freetype2, you can make sure to fix the bytecode interpreting

...The difference on RedHat8

Touche. You are right, of course; homonyms, heteronyms, homophones and homographs are rampant throughout the language. They follow no easily classified patterns and wreak havoc with clear communication, though they do provide fodder for punsters and poets. But that is no reason to add another.

I think the kind of functionality you may be looking for is obtainable with systrace
Or check out Niels Provos' page

OpenBSD has systrace to restrict system calls, as does NetBSD and it is being ported to linux as well. there exists a systrace implementation on NetBSD which eliminates all setuid/setgid binaries - http://mail-index.netbsd.org/source-changes/2002/1 0/12/0006.html

it almosts seems that secure unix systems want to be capability systems.

I don't know where you're from and I'm not a lawyer, but...

In America we have this thing called Habeaus Corpus (sp? actual name?!?) that prevents a person from being tried for a crime that was commited before it became illegal. While I don't agree with the original poster, I don't agree with your logic either.

I would say if the police had to have a warrant to use the technology, like they do when they put a phone tap/other surviellance, then I don't have a problem with it. Just a thought....

~Dan
http://sitemaker.umich.edu/dan.coughlin
http://www.pbase.com/efatapo

It supports very comprehensive policy creation to determine which system calls are allowed for a specific application. You can actually create your policies on the fly. A graphical popup will inform you about potential policy violations.

You can use it to restrict access to the file system, or allow only certain users to connect to the network or accept network connections, etc.

It is a great tool to improve the security of your system and available for GNU/Linux, NetBSD and OpenBSD.

Get it here

Here are a just a few others off top on my head (all of those have existed for several years):

• U. of Toronto's NetLab
• U. of Michigan School of Information
• Berkeley Center for Globalization and Information Technology
• Berkeley Center for Information Technology and Marketplace Transformation

In the traditional surgery, the flap is cut with a mechanical blade. This causes most of the complications involved with the procedure. In the new procedure, they use an ultrafast pulse laser to cut the flap, which is cleaner and more accurate. Intralase is the company currently manufacturing the machines.

At my fine institution they have instituted something similar. Common P2P ports bound for the internet (not the campus network) have their priority throttled down during peak periods, on the basis that it probably isn't for academic use. Also similar to UCI, they don't modify the contents of the packets.

Ah, you see, Scientology is not like other religions, that's what they admit themselves. But the real reason why they're different is how they publish information.

Other religions give their religious texts away free of charge, but Scientology decided to give it away through losing a number of court cases, accidentally giving away the the documents freely as part of legal paperwork. Other religions spread the word by choice, this religion spreads the word by shooting themselves to the foot all the time.

This won't work with HFS because of the file forks. If you use UFS with OS X, the file forks appear as normal files. Eg, if you have a file named "foo", "._foo" is the resource fork. I don't know where they keep the finder fork, and I've never cared to investigate.

Here's a tip if you have to use OS X for a file server of any kind: use two partitions (or two disks), one HFS and one UFS. The OS and any applications are installed on the HFS partition and all data goes on UFS. Use HFS for the OS because a lot of stuff breaks when running under UFS and UFS performance is still roughly twice as bad as HFS in 10.2 (run your own little benchmarks if you don't believe me). Keep user data on UFS so you can use tools like tar, rsync, etc. to back up and manipulate files. Remember, tar won't work on most HFS files (those with forks). If you're deploying OS X Server, you should definitely keep user data on a separate partition anyway since any tiny little mistake (eg, LDAP typo in Directory Assistant) will require a reformat-reinstall.

Another tip: if you create a tarball off a UFS filesystem and then untar that onto a HFS filesystem, it will preserve the forks correctly. This has come in quite useful in making "setup" scripts for end-user machines, where all the applications to install are stored in tarballs created on a UFS machine and you can untar them onto the target HFS machine (the advantage is that you can script this - add in a couple of niutil commands and you can recreate a user machine in a couple minutes from one script).

I have a couple of OS X Server machines (bosses like the GUI user management stuff). I just tried rsync over NFS to a Linux box and it works fine since the data is on a UFS partition on the OS X Server box. PITA to set up an NFS share remotely (since I don't have Macs at home -> no Remote Desktop, no usable VNC servers for OS X -> have to do it over ssh -> must figure out how NFS exports are stored in netinfo -> gnashing of teeth), but it works and I might try this little trick next week since we're not doing anything systematic for backups on the OS X boxen.

Also, radmind is a great tool for managing filesystems of OS X client machines. It supports HFS (by using AppleSingle internally).

We have a couple of MP3s available on the site.

Oddly, the web stats show that we are getting thousands of downloads of these songs each month, most of which are from Italy. Yes I find this strange. It must be kind of like how David Hasslehoff is popular in Germany.

Course: How To Build a Slashdottable Site
Today's Lesson: Use full-sized pictures (resized with IMG WIDTH), rather than thumbnails.
Example of the Day: GeoWall Gallery Page

You can send out a bad copy once, but if well-known and trusted copies already exist on the network you are not going to be able to replace these with bad copies, the self-verification does not prevent the single-point attack you describe, it prevents the propogation of this attack throughout the network. If an attacker serves up bad files (ones that do not match the SHA1 hash advertised) then the downloader should treat the host as malfunctioning and query a more reliable source. The downloading agent does not need to unpack the file and see what is inside, it just checks the SHA1 hash and then can simple assume that there was a transmission error and try another source. Eventually the malicious node will be trimmed from everyone else's peer list and a new node identity will have to be generated and the game starts again.

This single attack costs the attacker as much as it does the downloader (and you can bet the RIAA is paying more per MB of data sent than someone downloading the data via a DSL or cable modem line) and a few simple changes to the system like favoring trusted peers (ones who have not given you mismatched hash/payload data) as the first nodes to query and only moving down the local reputation food chain if you need to expand your query or search for alternate sources. Unless an attacker can pretend to be a vast majority of the nodes in the system it is not going to be able to make this attack scale-up in the manner you suggest.

There is a difference between an attack that works on a single download and an attack that would be viable for a network-wide assault. The case you and Mr. Chen bring up here is clearly in the first category, an inconvenience for individual users but not something that will be a significant problem for the network as a whole.

Moderation and peer reputation require some method of recording "ratings" of users on the network. Something not present in the current Gnutella network. But if implemented, it would have to be distributed as well. This means that there, at some point, must be a blind trust between clients to complete these "ratings". That blind trust will lead to poisioning of the ratings system and make it worthless.

"Ring of trust" simply does not work in a distributed environment that is truly open to anyone. Closed distributed environments, or virtually closed environments within an open environment would be the only way. However new users would not be able to enter them and that is how Gnutella keeps itself alive.

Which is why I think that things like Raph Levien's work in reputation systems (and actually coding up working examples of such a system, see refs below) are rather attractive because they solve this specific problem in a rather elegant fashion and make such simplistic attacks much more difficult and expensive to pull off. [Here's a quick hint: Have you ever noticed that most people seem to care about Roger Ebert's opinion rather than yours when it comes to what movies to go see? This is because distributed trust system can deal with voter flooding attacks by limiting how much influence comes from untrusted sources.]

You seem to think, Mr. McCoy, that there are obvious solutions. Yet you really don't present any nor do you present any existing real-world examples.

One of the problems I addressed in the original paper was the fact that it was poorly researched in certain aspects. It seems that everyone is too lazy to actually do any research these days, but since spending five minutes doing google searches on various terms related to reputation systems seems to be too much work for either you or Mr. Chen, here is a quick summary of a few minutes work (although I selected papers that I am familiar with after google returned a hit).

1) For starters look at Google itself. Google is the single biggest distributed reputation system in the internet. That is what a pagerank is, the "repuation" of a particular link for a particular subject using link count as the voting mechanism. It can be attacked and subverted on a small scale as various Google-juicing experiments prove, but it is also very effective at filtering out these attacks (see some of the Scientology google-juicing wars to see how hard it is to really influence a massively distributed reputatioon system implemented my people who know how to pick the best ideas from current research and invent a few of their own.

2) EBay seller rankings. These can also be attacked and tweaked, but even when money is involved (making the incentive for dishonest behavior very high, much more so than any p2p system will ever have to deal with) EBay manages to keep fraud to a manageable level and recent research into seller/buyer identity-blinding and reputation cluster filtering can make the seller ranking system even more attack-resistant.

3) Amazon buyer ratings and recommendations. Yet another example of a real-world distributed trust management system.

4) Advogato is a community forum site that implements some of Raph's Ph.D. work in reputaitons and distrubted trust management to create a flow-constrained reputation system that has some very good attack-resistance characteristics. Raph has been running Advogato using his distrubted trust metric for several years now.

5) Pattie Maes' agents group at MIT, specifically the Yenta reputation clustering system but just about everything to come out of this group is a source of good ideas and practical research in this area.

6) Check out some of the available research bibliographies (like this) and places like citeseer for other research in the subject.

One thing you will notice about these real-world examples is that none of the systems tries to be "perfect", just good enough to get the job done.

not yet. These cars are actually nothing like the cars we drive yet. There are several obstacles to overcome before they become in widespread use

1) These cars can only hold one person, and they can barely hold one person. It is really uncomfortable, barely tolerable. Weight is a huge factor; carrying many people is a big problem

2) These things are expensive! (Mainly the solar panels)

3) The maximum speed of most cars (which is actually rapidly improving) is barely high enough for the highway.

4) You can only drive so far in the night. The batteries arent that strong

5) The super-sleek designs cannot be used if these cars are going to cary more people/things. (they need more power to overcome the resistance of the air)

for more info, here is the website of arguably the best north american team. it's full of info

Fermi's paradox doesn't do it for me, although it is a neat way of looking at the problem.

It's too neat, and that's my problem with it. There are just so many other variables. Like stick no FTL in there. Or no "cryo-sleep". Or not even any way of reliably going, say, past 0.3 C for any kind of duration. And let's face it, interstellar empires of the kind that Fermi was suprised weren't knocking on doors, need one or more of those things to exist. At least "life as we know it" "knocking on doors" type galactic empires. As far as "life not as we know it" goes, I'm not even sure we could detect them if they were living on the Moon. Their goals, communication methods, etc. would surely be truly alien.

I'm not convinced. Maybe everyone goes "Dyson". Or to achieve true technological mastery you must achieve a kind of "spiritual" way of working in large groups that knocks you out of the "galactic resource race", (another prerequisite for Fermi) think of your own reasons, we sure haven't figured any of even the stuff I've listed out yet. Not that these are even close to my favourite explanations. but they serve, I think.

There are other famous "equations" Sagan's or Baugher's, which tends to show nothing more, I guess, than that Clarke's famous axiom, which he attributes wisely to "Anonymous" is usually pretty spot on.

Or are they simply breeding something which looks like Smilodon? If they're starting with related species they should end up with something very similar.

Clouded leopard, anyone? Of all the modern cats, it has the longest canines in proportion to its body. If the can make a bulldog out of a wolflike creature, they could make a semi-Smilodon out of a clouded leopard.

The Sometimes Wacky Awsome Haiku Generator (S.W.A.H.G.) can be found here.

Unfortunatly, it's 0.5 MB of C++ rather than 2 lines of Perl but is capable of taking any literature source and converting it to Haikus, the examples from Moby Dick and Dracula show its potential, although they have a tendency to repeat the same word as the ending of the second and third lines. I'm going to run some of the 15,000 words of system documentation I have just finished writing through it to see what happens...

The Sometimes Wacky Awsome Haiku Generator (S.W.A.H.G.) can be found here.

Unfortunatly, it's 0.5 MB of C++ rather than 2 lines of Perl but is capable of taking any literature source and converting it to Haikus, the examples from Moby Dick and Dracula show its potential, although they have a tendency to repeat the same word as the ending of the second and third lines. I'm going to run some of the 15,000 words of system documentation I have just finished writing through it to see what happens...

As always it is difficult to discern the technical details of how a system works from a news article. If you are interested, I urge you to read the technical paper. My papers

FYI, the data sits on the disk encrypted and in the page cache decrypted. Keep in mind this is a technical paper and a research prototype and not a product.

This confirms everything that annoys me about Lindoze. Lindoze has taken everything we love about Linux and OSS and made into a "Den of Robbers" (Matthew 21:13, RSV). I believe Lindoze will be gone before you know it.

instructions:
Click the video monitor on the splash page, then (in the pop-up window) select the "Midi Glove" clip from the enormous pull-down menu under the screen.

He knows ALGOL.

A connected campus is a great idea. A paperless one is both misguided and unrealistic. Not only is there a HUGE legacy of paper materials that wouldn't be cost-effective to digitize, but paper also provides numerous affordances that digital media (at least for now) do not. Looks like someone over there needs to read The Myth of the Paperless Office. Oh, wait. I forgot, they won't have any books. At least there's a lot of online material about the challenges of digital preservation that they might want to peruse.

Oops--my cat jumped on the keyboard and submitted my post before I got into my favorite Scott Charney anecdote. Back in the U. Mich. days, Scott and I were discussing userspace security in the Win32 API. Scott wanted a little bit of time to think over my suggestion about modifications to msgsrv32.dll, so I excused myself. As I stood up to leave Scott said "Your barn door is open". Before I could look down to check, Scott yanked on my waistband and poured a bowl of hot grits down my pants. It was sticky and hot.

Oliver u r teh TRLOL.

I went to University of Michigan with Scott Charney and he's a really cool guy. A little background info is in order here. I really hope that he improves the Microsoft security record, and I really think he's enough of a go-getter to do just that.

we spruced up the code so every once in awhile when the user least expected it, an ANSI animation of the Energizer Bunny [energizer.com] would come marching across the screen

This reminds me of NetBunny an old Mac system extension that if installed on a group of macs on a LAN would send the bunny marching across the LAN moving from screen to screen.

I would strongly disagree with your comment.

Up until a few hundred years ago science and arts were one of the same. Looking back trough the course of history a hell of a lot of famous inventors, scientists and mathematicians were also artists.
Look at things like the works of Leonardo Davinci , the elements or any old biology book you care to mention.

Just because you have a high level of creativity and inspiration doesn't mean that you can't do the math or apply engineering first principles to a project.
Sure, some of the projects out there will be purely created artistically, and some may be enginered(very hard to do with software!) but a lot of projects and probably most of the best ones will be a mix of artistic inspiration and creativity, and engineering principles.

Personally when I start to code on the 'Unknown' I play around with a few creative ideas, then re work those creative ideas into an well designed piece of software.

:w

:w

I'm suprised no one has pointed out systrace yet. Granted, it's not for linux, only OpenBSD and NetBSD at this point, but it seems to be a very promising move in the ACL world. As one other poster commented, the most difficult challenge with any heavily ACL'ed environment is configuring the ACL's and making sure you didn't miss something. It's an extremely tedious process that requires a lot of reloads until it's done right.

Systrace eliminates much (but not all) of that initial trial period with a method of analyzing processes and watching what permissions for what resources they need and generating ACL's based on 'normal' use. This interactive mode ~greatly~ simplifies the otherwise length process of configuring the kind of security modules being discussed.

It's right. The quoted verses are from the King James Version. You can find an online copy of the book of Ezekiel here.

from the sybase announcement:

. . . the Act requires that all depository financial institutions and broker dealers must know the true identity of their customers and the source of their funds . . .

The potential for abuse here is incredible. Meanwhile, our institutions of research and higher education are ready to do their part to help the U.S. government digest all of this lovely information: National Academies: Universities to play key roles in response to terrorism

Most of the measures mentioned in that article seem reasonable, but I'm worried about the "data mining" initiative. If you can mine data looking for "terrorists," you can mine for just about anything else, such as potential political opposition.

Also consider: given the plethora of intricate financial disclosure requirements, a list of one's political opponents and vast mountains of data available for mining, it would be no trouble at all to neutralize the opposition.

Imagine what the dirty tricksters of the Nixon administration could have done with a system like "PATRIOT".

. . .

And I thought that Win2k support for smartcards was especially for remote authentication, say on a laptop. I'm not sure what you mean by physical access, perhaps local access?

You are partly right, no CAL is required for _anonymous_ access to Win2k. Reassuring isn't it? :-)

I should have clarified my point a bit - in a heterogenous LAN / WAN it's not always practical to use Win2k services for all authentication. Quite apart from the expense of CALs, replicating ActiveDirectory to LDAP is a complete PITA. At a considerable price you can buy meta - directory products e.g. from SUN One and Novell to accomplish this more easily. For many instances you simply do not need to deliver NT services such as file and print or authentication to _everyone_ so then a meta - directory starts to feel like over - kill. Having *nix based smartcard tools, sans CAL costs can be a major project boon, for obvious reasons.

As I understand it, contrary to your asertion, Cert Services under Win2k offers X.509 support for the web _and_ smartcard services. Integration is the key - either a massive boon if you wish to standardise, or a liability with the licensing cops if you mix up your distinctions :). Here's a quote http://www.microsoft.com/technet/treeview/default. asp?url=/TechNet/prodtechnol/windows2000serv/deplo y/depopt/2000cert.asp :

Microsoft® Windows® 2000 Certificate Services offers customers an integrated public key infrastructure (PKI) that enables the secure exchange of information across the Internet, extranets, and intranets. Certificate Services verifies and authenticates the validity of each party involved in an electronic transaction and lets domain users log on to a domain using the additional security provided by smart cards.

And some evidence that they are inseparable can be found by a search for KB Q228831 "Cannot Overwrite Smart Card Key During Certificate Services Setup" at their site, which appears broken now.

A Laptop would not normally remote authenicate,except for web e.g., when on the move, so I don't see your point exactly, unless you mean that the laptop should be forced to call home to auth for OS login (useful to reduce risk damage from theft, and quite possible under Win2k). Smartcards are very useful for local access control under Win2k Workstation, standalone, which was my point. It's possible to use EFS to encrypt your data and locally install a X.509 cert locally to a machine, use that cert to authenticate your SSH sessions (hah!, finally back on topic :) and then use _without_ paying for more CAL's a neato smart card to secure _remote_ device access. Yup, there are subtle potential security flaws in that, as with any chain - of - systems but if your interest is not to move from machine to machine, and you keep an aggressive CRL for use with your SSH accounts, this idea is fairly useful, and way better than standard SSH + login and password. On a laptop especially you need every protection you can get :)

Hope that clears up any confusion arising from my tiredness last night. If you simply want to manage X.509 and CRLs, there are many third party or free tools to accomplish this. If you're just setting out, I recommend you spend your money and time learning how the infrastructure works, then worry about implementations later. Knowledge wil make you free of any ties to a particular OS, or at least save you from the worst rent charges ;) For certs, he "X.509 style Guide" (sorry no link, Google is there for you), is a fine place to start. For some Smartcard background, take a gander here, for example : http://www.citi.umich.edu/projects/smartcard/

As a few people have mentioned OpenSSH is supported on Windows via CygWin. What hasn't been mentioned is that OpenSSH supports smartcards through the use of libsectok. I use it with Schlumberger Cyberflex Access cards.

I don't know whether libsectok has been built on Windows before, but it uses the standard /dev/tty interface so it should be too difficult to get working.

Using tables as a formatting crutch is bad enough. Using tables to emulate images? Are you kidding? That example page is over 30kB and the source is completely unreadable, not to mention nowhere close to valid HTML. What ever happened to HTML representing the structure of a document?

All that aside, the real problem with this technique is that it absolutely destroys any accessibility that previously existed. If you want to see a page that uses CSS for appearance and HTML for structure, try mine.