Domain: vanemery.com
Stories and comments across the archive that link to vanemery.com.
Comments · 11
-
Re:Ok great for beginners
Yes far different. X sucks for remote WAN stuff, vnc and freenx are better for that.
-
Re:What I learned from the article
This brings up an interesting idea. What if the ramdisk function was moved into the motherboard chipset?
OMFG! That's an AMAZING idea! This could dramatically change computing as we know it! The implications of this are, eh, well....
.... quite well understood. Somebody thought of this many years ago. Many, many, many years ago. It's called a (ahem) "ram disk" and uses system memory as if it were a drive with a software driver. Here's a howto for Linux - I did something similar with so-called "high memory" on a 80286 with DOS 3.x and ramdrive.sys - that 384k ram disk was small, but //FAST//!!!Sorry to break the news to you.
-
PGP/GPG - inherent legal problem?
I understand that in some countries, you are legally compelled to provide the keys to access files encrypted with PGP, GPG, etc. if the authorities demand access. If you refuse to produce a working key, or claim to be unable to do so, a judge is able to assume that you are deliberately hiding something.
Firstly, I wondered if anyone could confirm this? I have heard that it is the case for Britain at least, although I don't see how it can possibly be legally compatible with the presumption of innocence.
Secondly, I wanted to suggest that perhaps this is a reason not to use PGP, because PGP encrypted information can always be decrypted using the recipient's key - even many years after the message was originally sent. So law enforcement officers will be able to get old PGP-encrypted documents from your email account (probably even if you delete them, thanks to backup tapes). They'll then be able to force you to decrypt them, and if you don't, they can assume you are witholding the key because the files are full of terrorist plans or whatever.
I suggest that people should only use cryptosystems where the session keys are destroyed immediately after use, such as SSH and (possibly) some secure instant messaging services. Even if law enforcement officers use a wiretap to record everything sent by you over an SSH connection, and then seize your computers, they still can't recover the plaintext because the session keys have already been deleted. It's impossible for you, the suspect, to produce the keys, which should help your legal defense. Here's a way to chat securely by SSH.. if you need to transfer files, you can use SFTP. -
Re:Even worse
Actually, the main Linux file-systems support POSIX ACLs (a howto for fedora, there's also a nautilus plugin if you want gui stuff). It's just that few users have any use for it, so it tends to go unnoticed. Also, because of the ability to mount drives anywhere in the file system, you can chose where to use ACLs and where it's just useless complication. I've never had any use for ACLs though, so I haven't actually tried any of these things.
As for PowerShell, I think it's more like Python or Perl than an actual shell (not that Python or Perl are bad).
-
Bill of Rights, Crypto Communication ToolsUS Bill of Rights
[ Amendment IV ]
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.Want to read my stuff? Go ahead and crack it - no warrant necessary.
Get the rabbit installed on a machine behind your firewall
==> http://freenet.sourceforge.net/
Faster than freenet
==> http://www.i2p.net/
Encrypt Jabber
==> http://www.vanemery.com/Linux/Jabber/jabberd.html
Onion Routing
==> http://tor.eff.org/
Emerging Network To Reduce Orwellian Potency Yield
==> http://entropy.stop1984.com/
Free Internet telephony
==> http://skype.com/
GNU-ified P2p
==> http://www.gnu.org/software/gnunet/
DO NOT DENY yourself about 2 hours @ InfoAnarchy.org
OMG! ==> http://www.infoanarchy.org/wiki/index.php/Main_Pag e
LearnLearnLearnLearn ==> http://en.wikipedia.org/wiki/Cryptography
=================EMAIL ENCRYPTION===============
GPG (Free PGP)
==> http://gnupg.org/
Integrated with Thunderbird
==> http://enigmail.mozdev.org/
Mutt can't be beat as a mailreader and integrates GPG wonderfully.
==> http://mutt.blackfish.org.uk/
==> http://www.mutt.org/links.html
==> http://wiki.mutt.org/index.cgi?UserPages
!!! Please do not immediately send newly created keys to the keyservers (as many HOWTOs instruct new users to). They are already overflowing with "test keys" and other people's experiments from over the years THAT HAVE NO EXPIRATION and will never be deleted. These keys are "orphans" and most will never be used. As keyservers sync together, and most keys are never deleted once submitted - GET YOUR KEY SETUP CORRECTLY AND HAVE PRACTICE WITH IT BEFORE SENDING IT OFF TO THE KEYSERVERS!!! Otherwise storage requirements will continue to grow and using these in the future will become more difficult FOR ALL. Please, if you are just starting out with PGP or GPG or GnuPG or anything similar (the last two are in fact the same thing) use manual key distribution to begin (ascii armor your public key with
$ gpg --export --armor my@email.address.org
and copy and paste it into an email body or attach it to an email
$ gpg --export --armor my@email.address.org > myPubKey.txt
to gain practice with GPG before uploading your key. This way if you need to create another you won't have uploaded your mistakes. Many choices need to be made and it's worth getting things right before "going public" with your new digital ID. Experiment with yourself and a few different email accounts or with some friends first.)
SET AN EXPIRATION OF 2-5 YEARS OR SO AND MAKE SURE YOU HAVE YOUR PREFERENCES THE WAY YOU LIKE THEM BEFORE SENDING TO A KEYSERVER! Better yet is to HOST YOUR -
Re:There Is No Comparison
Does linux have fine-grained locking in its kernel?
Yes. Linux started moving away from the BKL long ago (which, according to Siracusa, is a new development in Tiger). Linux scales along the processor axis and process/thread axis, and latency is getting lower all the time. I don't see Mac OS X being used in 8-way configurations. The article benchmarks provides some evidence that OS X can't handle as many processes/threads as Linux and has higher latency than Linux (signal handling benchmark).Does linux have or support Access Control Lists?
Yes. Not only does it have them, it supports them as well. -
Re:then dont use itNow that is interesting how are you using the serial ports as an emulator, for local connections?
I'm using them as a serial console.
All my /etc/init files contain a line similar to this:s0:2345:respawn:/sbin/agetty -L 9600 ttyS0 vt100
Then, I take the laptop, plug in a null modem cable between it and the machine in question and run any serial comm software. Then login as usual. Of course, this only works on unix-like systems.
Also since most people here noticed I said most not all. I know serial is still used by some, and at work we have 3 parralell printers dot matrix printers. but personally I haven't owned a dot-matrix in 10 years. My only serial toy is my UPS. everything else is USB.
I noticed you said most, too. I was just giving a testimonial and a good reason to have a serial port.
Funny enough, one of the only USB devices I have is a USB->Serial adapter, because my laptop doesn't have a serial port!
Lots of other devices I have do make use of serial ports, though. Two Garmin GPS units and an OBD-II diagnostic reader, for instance.
I also have a parallel printer, but it has a micro print server conneting it to the network instead of a computer.
If I was designing a motherboard, I'd make everyone happy by finding a way to have some kind of removable modular ATX-style I/O connectors. You don't want the serial ports? Don't attach the adapters to the motherboard. Heck, there could be a jumper connection within the connector block itself that could tell the BIOS whether or not to even enable the port.
-
Re:ACL
ACL's are way overrated, but regardless have been available for linux for quit some time. I've used them before in Fedora and here is a nice tutorial on how to do so. The tutorial is for FC2 but works similarly for Fedora Core 3 too. Have fun. (use ext2, ext3, xfs, or jfs filesystems for ACL)
Regards,
Steve -
Bill of Rights, Crypto Communication ToolsUS Bill of Rights
[ Amendment IV ]
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.Want to read my stuff? Go ahead and crack it - no warrant necessary.
Get the rabbit installed on a machine behind your firewall
==> http://freenet.sourceforge.net/
Faster than freenet
==> http://www.i2p.net/
Encrypt Jabber
==> http://www.vanemery.com/Linux/Jabber/jabberd.html
Onion Routing
==> http://tor.eff.org/
Emerging Network To Reduce Orwellian Potency Yield
==> http://entropy.stop1984.com/
Free Internet telephony
==> http://skype.com/
GNU-ified P2p
==> http://www.gnu.org/software/gnunet/
DO NOT DENY yourself about 2 hours @ InfoAnarchy.org
OMG! ==> http://www.infoanarchy.org/wiki/index.php/Main_Pag e
LearnLearnLearnLearn ==> http://en.wikipedia.org/wiki/Cryptography
=================EMAIL ENCRYPTION===============
GPG (Free PGP)
==> http://gnupg.org/
Integrated with Thunderbird
==> http://enigmail.mozdev.org/
Mutt can't be beat as a mailreader and integrates GPG wonderfully.
==> http://mutt.blackfish.org.uk/
==> http://www.mutt.org/links.html
==> http://wiki.mutt.org/index.cgi?UserPages
!!! Please do not immediately send newly created keys to the keyservers (as many HOWTOs instruct new users to). They are already overflowing with "test keys" and other people's experiments from over the years THAT HAVE NO EXPIRATION and will never be deleted. These keys are "orphans" and most will never be used. As keyservers sync together, and most keys are never deleted once submitted - GET YOUR KEY SETUP CORRECTLY AND HAVE PRACTICE WITH IT BEFORE SENDING IT OFF TO THE KEYSERVERS!!! Otherwise storage requirements will continue to grow and using these in the future will become more difficult FOR ALL. Please, if you are just starting out with PGP or GPG or GnuPG or anything similar (the last two are in fact the same thing) use manual key distribution to begin (ascii armor your public key with
$ gpg --export --armor my@email.address.org
and copy and paste it into an email body or attach it to an email
$ gpg --export --armor my@email.address.org > myPubKey.txt
to gain practice with GPG before uploading your key. This way if you need to create another you won't have uploaded your mistakes. Many choices need to be made and it's worth getting things right before "going public" with your new digital ID. Experiment with yourself and a few different email accounts or with some friends first.)
SET AN EXPIRATION OF 2-5 YEARS OR SO AND MAKE SURE YOU HAVE YOUR PREFERENCES THE WAY YOU LIKE THEM BEFORE SENDING TO A KEYSERVER! Better yet is to HOST YOUR KEY ON YOUR WEBSITE (or try using http://biglumber.com/ instead to host your key and help c -
Re:Strengths and differences of this vs SELinux
Not really, SELinux is more about process ACLs.
What you're talking about is available on Linux as extended filesystem ACLs. Bit of info here
-
more info
Here's a "mini-HOWTO" that I found via google. I didn't read the whole thing, but it looks informative. Wikipedia's Ramdisk entry had links to two stripped down knoppix distros that could be loaded into a ramdisk - Damn Small Linux (50 mb), and Feather Linux (64 mb). I've never done anything with ramdisks (I'm a linux newbie, too) but they do sound pretty neat.