Slashdot Mirror
Slashback: Cables, Kernels, Crackers
Under the sea, a strange force was brewing ... Dag Willén, Group Leader, Superconducting Technologies at Denmark's NKT Research, wrote in regards to the recent story about superconducting cables in Denmark, saying "Info in english about this project can be found at www.supercables.com. (sorry for our "one-size" web design for 600x800 px, it was limited budget and talent.)"
Thanks, Dag.
Moving pictures of moving words Recently, a kernel summit took place, and many of the top kernel developers gathered in San Jose to wear funny hats, drink, and decide (or at least debate) on further directions for development of the Linux kernel. Chris DiBona pointed out there are now videos and sound recordings available for download, and you no longer need Real (as originally announced) to enjoy seeing and hearing all these smart people at work. Hopefully, these will one day be joined by Ogg versions as well;)
Don't trust malicious scumbags is part of "trust." AltGrendel writes "SecurityPortal has an article on how Apache.com was compromised. As the Billy Joel song says 'It's a matter of trust'." As always, Kurt Seifried is lucid and informative -- and brings up good points on protecting sites no matter how careful the admins are.
Do the people at that cable site not realize that most browsers provide some very functional scrollbars and they don't need to reimplement them?
Good point, in two directions:
:) Agreed re. the info density of text.
... pain. :( I've done enough hours of transcription to loathe it. I'm neither great nor terrible as a transcriptionist, but even with a pristine recording of clear speakers it's a nearly thankless task.
...
a) I would gladly have linked to text
b) transcription is a real
While the folks from the FSF were kind enough to transcribe RMS's recent talk at NYU and some others, the question of who would transcribe it is huge. Speech recognition tech may actually be *helpful* at this point, but not enough to just, say, feed this to ViaVoice and have it spit out text.
c) (OK an aside, but hey) when it comes to multi-speaker parts, where people are arguing or asking questions, sometimes there is a *lot* of info value in the tone, how the exchange goes, etc. The actual sound of the speech provides a lot of context sometimes
timothy
(you can believe that it is me, or think that it is someone pretending to be me, but I already wrote this, so I'm not logging in right now;))
What you need, my Anonymous friend, is one-time passwords. It's amazing how often this is overlooked. Using a Palm or other light pocket computer, store a list of 'disposable' passwords on it. This list should also be on the machine you wish to ssh into. Sometimes the passwords are generated dynamically using a shared secret algorithm, but randomly generated passwords are better, a bit like Xor encryption is still an order of magnitude more secure and effficient than PKI. So anyway, once you use one password, it is made void, so you have to use the next password on the list. Search freshmeat.net with "one time password" to find out more. Disabling sshd if too many incorrect passwords is a bad idea and could easily be used to DoS you. Also, this method is not invulnerable to MitM attacks, unless you use a single password for every character / line entered which will rapidly piss you off.
I allow ssh connections on the telnet port from 2 hosts at university to my box at home (outgoing ssh connections are blocked at the uni). My iptables/NAT router forwards that connection to "my" machine. If I type the wrong password twice, incoming ssh connections are blocked for 24 hours. While I'm reasonably certain that no-one is logging the keyboard, not a lot springs to mind about what I can do about that. root logins over ssh is disabled, and any connection to every other port is rejected. My point being, you don't have to "trust" every host on the internet. Maybe just a few.
Note the _zipped_ mp3s I think that says it all, don't you?
Actually, ZIPping an MP3 is a very good idea, when you consider that most corporate firewalls routinely block files with MP3 (and MPG, MOV, AVI) extensions.
And of course, even a 1% file size reduction will save precious bandwidth...
This sig left unintentionally blank.
Width=100% tags in tables are, in my opinion, bad design as they inevitably lead to wide columns and paragraphs and thus to the visitor having to move her head from side to side to read each line of text, rather than just moving the eyes. In short, bad user interaction. Nothing quite as awful as a single column of text spread 800 pixels across the browser page.
Also, small columns are better, but they're difficult to regulate with a variable page size. Column widths should not be variable, even if your page widths are. Make your non-text items variable if you have to do it: space, padding, margins, etc.
This is all besides the fact that every frigging time you re-size a window in Netscape, the frigging thing reloads the page.
Wordnik, a dictionary project which aims to collect
What about giving the option for text versions of presentations/speeches? Information density of compressed audio is woeful for speech :)
(Don't ask me who's going to transcribe it though.)
Cool, but useless.
Aha. So the solution is simple. Add an entry in the "User Agent" section of your Konq config for supercables.com.
On that note, a site just went up for info on sites that don't work in Linux browsers. Check it out at http://penguinfriendly.org/. It's pretty light right now because it only just went up.
everyone who knew that you should never ssh from any box that is not your desktop (and then only if it is known secure). Now hands down everyone who learnt this by reading the fucking manual. That's what I thought. Pitiful.
How we know is more important than what we know.
Thank you very much for your piss poor attempt at pretending you know someone about anything. "Trojaning the sshd binary" might be useful if you are trying to backdoor a system but has about zero effectiveness for sniffing ssh passwords. What the "guy" in this case did was backdoor the ssh binary (that's the client son) on a number of boxen that he witnessed people using to connect to various high profile sites. Why anyone would use ssh on a remote machine to connect to another remote machine is beyond the comprehension of any person with even the beginnings of a clue, (which you obviously do not). Go ahead and use your silly one time passwords or various length authorization keys. If you're clueless enough to use ssh on a box that you dont control (which essentially means any box you dont have physical access to and has less of a configuration than a firewall and you dont just run any random shit on -- ie no box that you own) then it is only a matter of time before you are owned, along with every other poor sucker who happens to use the same box as you (well, I suppose it is conceivable that the box you are connecting to could actually be *gasp* secure but I doubt it). Just give in, you're owned before you even opened Introduction to Network Security 101.
How we know is more important than what we know.
I'd say that the supercables site has bigger problems than its "one-size" design. It continuously reloads for me with konqueror and mozilla.
Superconduction of any currently used interconnect material currently in use is way too cold for silicon to be usable. Gain of all transistor types is basically a function of temperature, and only special supercondicting structures (squids, josephson junctions, etc.) work at these temperatures.
Silicon becomes unusable as a semiconductor much hotter than copper or aluminum superconduct.
But, What about a superconductor as a substrate?
In all the Niven stuff a current superconductor is a heat superconductor; Wouldn't that make overclocking easy!
A room temperature superconductor doesn't exist, but when it does, you could have a heat sink with a zero temperature coefficient. All heat would get dumped to the cooling source with no losses.
Truth isn't Truth - Guliani
liquid nitrogen at 75-80K (-198 to 193oC) I want to see liquid nitrogen at 193C :) They must have incredible pressure in thier cables.
"You can now flame me, I am full of love,"
What the bleeping heck... the javascript on supercables.com checks to see if you're running Netscape version 4.x, and if not basically does the equivilant of <FRAMESET onLoad="document.location.href = document.location.href">
I'm not sure why you would want to send every browser except netscape 4.x into an in infinite redirect loop, and I'm not sure why IE doesn't fall for it, but it sure is some strange programming.
Slashdot is jumping the shark. I'm just driving the boat.
At least with the Apche.org hack it took the work of somebody who was past the point of script kiddie. And it says nothing bad about the product Apache it self. Only that with large numbers of people and a little trust something bad will happen once and a while.
That's true anywhere in life.
By definition, a government has no conscience. Sometimes it has a policy, but nothing more. - Albert Camus
This is a brain exercise. but would it help to have a CPU with superconducting traces?
That way, you would have no slow down or loss of energy.
But it would require Liquic N2 to keep it cool, but you could do that with pressure.
That would be cool, a pressurized Mobo
Disable javascript before going to the site. They appear to have a bug which causes continual refreshes in Konq.
Not sure about other browsers.
Hats are a sort of head covering, often made of felt, cloth, or straw (though other materials are not unheard of). While they have some use as protection from rain or sun, they are more generally a social symbol. Many cultures place significance on their shape or ornamentation.
Sorry, I couldn't resist
--MarkusQ