Slashdot Mirror
Slashback: Cables, Kernels, Crackers
Under the sea, a strange force was brewing ... Dag Willén, Group Leader, Superconducting Technologies at Denmark's NKT Research, wrote in regards to the recent story about superconducting cables in Denmark, saying "Info in english about this project can be found at www.supercables.com. (sorry for our "one-size" web design for 600x800 px, it was limited budget and talent.)"
Thanks, Dag.
Moving pictures of moving words Recently, a kernel summit took place, and many of the top kernel developers gathered in San Jose to wear funny hats, drink, and decide (or at least debate) on further directions for development of the Linux kernel. Chris DiBona pointed out there are now videos and sound recordings available for download, and you no longer need Real (as originally announced) to enjoy seeing and hearing all these smart people at work. Hopefully, these will one day be joined by Ogg versions as well;)
Don't trust malicious scumbags is part of "trust." AltGrendel writes "SecurityPortal has an article on how Apache.com was compromised. As the Billy Joel song says 'It's a matter of trust'." As always, Kurt Seifried is lucid and informative -- and brings up good points on protecting sites no matter how careful the admins are.
What the hell? Kurt is someone who appeared one day with security credentials he wrote himself. Whether he's spouting garbage without bothering to research (debian version numbers), writing painfully bad fiction (that "Story of Jeff" horror), or just sitting at home gaining even more wait as he sits on his lazy ass all day, he's anything but lucid or informative.
He is the epitomy of what is wrong with the open source movement.
Recently, a kernel summit took place, and many of the top kernel developers gathered in San Jose to wear funny hats, drink, and decide (or at least debate) on further directions for development of the Linux kernel.
OK, the subject of the hats has come up before on Slashdot. Would anyone care to shed a little light on the subject for those of us who have no clue what you're talking about?
Thanks in advance
Do the people at that cable site not realize that most browsers provide some very functional scrollbars and they don't need to reimplement them?
Good point, in two directions:
:) Agreed re. the info density of text.
... pain. :( I've done enough hours of transcription to loathe it. I'm neither great nor terrible as a transcriptionist, but even with a pristine recording of clear speakers it's a nearly thankless task.
...
a) I would gladly have linked to text
b) transcription is a real
While the folks from the FSF were kind enough to transcribe RMS's recent talk at NYU and some others, the question of who would transcribe it is huge. Speech recognition tech may actually be *helpful* at this point, but not enough to just, say, feed this to ViaVoice and have it spit out text.
c) (OK an aside, but hey) when it comes to multi-speaker parts, where people are arguing or asking questions, sometimes there is a *lot* of info value in the tone, how the exchange goes, etc. The actual sound of the speech provides a lot of context sometimes
timothy
(you can believe that it is me, or think that it is someone pretending to be me, but I already wrote this, so I'm not logging in right now;))
What you need, my Anonymous friend, is one-time passwords. It's amazing how often this is overlooked. Using a Palm or other light pocket computer, store a list of 'disposable' passwords on it. This list should also be on the machine you wish to ssh into. Sometimes the passwords are generated dynamically using a shared secret algorithm, but randomly generated passwords are better, a bit like Xor encryption is still an order of magnitude more secure and effficient than PKI. So anyway, once you use one password, it is made void, so you have to use the next password on the list. Search freshmeat.net with "one time password" to find out more. Disabling sshd if too many incorrect passwords is a bad idea and could easily be used to DoS you. Also, this method is not invulnerable to MitM attacks, unless you use a single password for every character / line entered which will rapidly piss you off.
I allow ssh connections on the telnet port from 2 hosts at university to my box at home (outgoing ssh connections are blocked at the uni). My iptables/NAT router forwards that connection to "my" machine. If I type the wrong password twice, incoming ssh connections are blocked for 24 hours. While I'm reasonably certain that no-one is logging the keyboard, not a lot springs to mind about what I can do about that. root logins over ssh is disabled, and any connection to every other port is rejected. My point being, you don't have to "trust" every host on the internet. Maybe just a few.
Note the _zipped_ mp3s I think that says it all, don't you?
Actually, ZIPping an MP3 is a very good idea, when you consider that most corporate firewalls routinely block files with MP3 (and MPG, MOV, AVI) extensions.
And of course, even a 1% file size reduction will save precious bandwidth...
This sig left unintentionally blank.
Width=100% tags in tables are, in my opinion, bad design as they inevitably lead to wide columns and paragraphs and thus to the visitor having to move her head from side to side to read each line of text, rather than just moving the eyes. In short, bad user interaction. Nothing quite as awful as a single column of text spread 800 pixels across the browser page.
Also, small columns are better, but they're difficult to regulate with a variable page size. Column widths should not be variable, even if your page widths are. Make your non-text items variable if you have to do it: space, padding, margins, etc.
This is all besides the fact that every frigging time you re-size a window in Netscape, the frigging thing reloads the page.
Wordnik, a dictionary project which aims to collect
What about giving the option for text versions of presentations/speeches? Information density of compressed audio is woeful for speech :)
(Don't ask me who's going to transcribe it though.)
Cool, but useless.
The guy who rooted sourceforge and apache trojans the sshd binary to capture passwords. Based on what accounts he captures he targets those hosts.
So disable password authentication for starters and use keys. Or OTP technology.
Microsoft aggravates my tourettes syndrome.
What the author was talking about is the kernel compilation, witch is something that Joe AOL does not need to do, and quiute frankly he should not do. Kernel compilation is for high end users. It is done to fine tune the system to your needs throwing every thing you don't need out.
--
"take the red pill and you stay in wonderland and I'll show you how deep the rabbit hole goes"
[]'s Victor Bogado da Silva Lins
^[:wq
It's completely bloody useless in Lynx. Frames everywhere, javascript navigation.
If they had limited time and budget, why didn't they design a nice simple page? Why go to all the time and trouble of reinventing the wheel (or the scrollbar) when you can make a simple design which works on all browsers?
At least they didn't use Frontpage.
dave
Aha. So the solution is simple. Add an entry in the "User Agent" section of your Konq config for supercables.com.
On that note, a site just went up for info on sites that don't work in Linux browsers. Check it out at http://penguinfriendly.org/. It's pretty light right now because it only just went up.
There's this assumption that as an informed security concious user you know something about your own machine. If you dont then you might as well just telnet to the machine because you're beyond help.
How we know is more important than what we know.
everyone who knew that you should never ssh from any box that is not your desktop (and then only if it is known secure). Now hands down everyone who learnt this by reading the fucking manual. That's what I thought. Pitiful.
How we know is more important than what we know.
Thank you very much for your piss poor attempt at pretending you know someone about anything. "Trojaning the sshd binary" might be useful if you are trying to backdoor a system but has about zero effectiveness for sniffing ssh passwords. What the "guy" in this case did was backdoor the ssh binary (that's the client son) on a number of boxen that he witnessed people using to connect to various high profile sites. Why anyone would use ssh on a remote machine to connect to another remote machine is beyond the comprehension of any person with even the beginnings of a clue, (which you obviously do not). Go ahead and use your silly one time passwords or various length authorization keys. If you're clueless enough to use ssh on a box that you dont control (which essentially means any box you dont have physical access to and has less of a configuration than a firewall and you dont just run any random shit on -- ie no box that you own) then it is only a matter of time before you are owned, along with every other poor sucker who happens to use the same box as you (well, I suppose it is conceivable that the box you are connecting to could actually be *gasp* secure but I doubt it). Just give in, you're owned before you even opened Introduction to Network Security 101.
How we know is more important than what we know.
I'd say that the supercables site has bigger problems than its "one-size" design. It continuously reloads for me with konqueror and mozilla.
Dudes been dead for years.
Heard his face exploded, or something.
Truth isn't Truth - Guliani
Superconduction of any currently used interconnect material currently in use is way too cold for silicon to be usable. Gain of all transistor types is basically a function of temperature, and only special supercondicting structures (squids, josephson junctions, etc.) work at these temperatures.
Silicon becomes unusable as a semiconductor much hotter than copper or aluminum superconduct.
But, What about a superconductor as a substrate?
In all the Niven stuff a current superconductor is a heat superconductor; Wouldn't that make overclocking easy!
A room temperature superconductor doesn't exist, but when it does, you could have a heat sink with a zero temperature coefficient. All heat would get dumped to the cooling source with no losses.
Truth isn't Truth - Guliani
Some hats are made out of meat!
NOTE: That's a rip-off site. The original site (www.hatsofmeat.com) seems to have died... Bummer
Culture is more than commerce
liquid nitrogen at 75-80K (-198 to 193oC) I want to see liquid nitrogen at 193C :) They must have incredible pressure in thier cables.
"You can now flame me, I am full of love,"
What the bleeping heck... the javascript on supercables.com checks to see if you're running Netscape version 4.x, and if not basically does the equivilant of <FRAMESET onLoad="document.location.href = document.location.href">
I'm not sure why you would want to send every browser except netscape 4.x into an in infinite redirect loop, and I'm not sure why IE doesn't fall for it, but it sure is some strange programming.
Slashdot is jumping the shark. I'm just driving the boat.
I've been examining the existing kernel configuration system, and I have about concluded that the best favor we could do everybody involved with it is to take it out behind the barn and shoot it through the head.
Good to see someone's really doing something about making Linux easier to get going. Until the setup process involves sticking a CD in the machine and answering a few easy questions, getting Linux on the desktop will be too difficult for Joe Aol. So it's either a nice install process, or have it bundled with the machine.
Which is easier to achieve?
StuP
What? Noone else noticed? It's Apache.org, that had troubles. Apache.com is a site building custom computers...
In Soviet Washington the swamp drains you.
At least with the Apche.org hack it took the work of somebody who was past the point of script kiddie. And it says nothing bad about the product Apache it self. Only that with large numbers of people and a little trust something bad will happen once and a while.
That's true anywhere in life.
By definition, a government has no conscience. Sometimes it has a policy, but nothing more. - Albert Camus
And Mozilla.
Shave the Whales!
This is a brain exercise. but would it help to have a CPU with superconducting traces?
That way, you would have no slow down or loss of energy.
But it would require Liquic N2 to keep it cool, but you could do that with pressure.
That would be cool, a pressurized Mobo
Although I haven't tried the site myself, I would suspect that IE doesn't fall for it because if you look at it's browser ID string, it actually represents itself as Mozilla 4.0 (IE Compatible) or something like that. -- Joe
Disable javascript before going to the site. They appear to have a bug which causes continual refreshes in Konq.
Not sure about other browsers.