It's annoying to have to remember to hit numlock before you type in an IP address. I'm at the point where I can hit numlock automatically but now half the time I end up turning it off instead of on. Looking at the LED before I hit numlock doesn't work because the LEDs are not allways accurate right after boot (I don't know whether that's a problem with the BIOS, kernel or KVM).
Actually the certification for this course is the RHCT which is a half way point in getting a RHCE. (Or another way to think about it is that it's equivelent to 2 or 3 MCSE certifications.)
Bruce Sterling is smart person and an interesting author but I think he missed the point.
I went to an anti-war march in the States. There were a lot of people in the march whose politics I don't agree with. Most of the people probably. But the point was that everyone marching agreed that the war with Iraq is wrong.
To me the march wasn't about long term policy so much as it was about immediate threat of war.
Bruce claims technology makes it easy to gather a "million networked marchers on demand". However, the rest of the article talks about how these groups can't find common ground on any other issues. I think it is the prospect of war that makes it easy.
Actually in this case Microsoft released a second patch that made you vulnerable again. If I was in charge and my databases weren't infected I would fire my stupid, lazy admin.
(Actually, that's not true. Responsable admins don't put Microsoft products on the open internet so they shouldn't have been infected.)
It is estimated that a gazillion fish die every day from cold. This new jet engine provides a wonderful means of transportation and enriches the lives of nearby sea food.
Where is the complete list of all patches, with downloaded links?
It should be the law that all software companies need to keep a public record of vulnerabilities in their software for a year. If the software is sold in box sets it should include a have a URL printed on the outside of the box where people can find the list. This would provide financial motivation for companies to write secure software.
At first I sent the errors to the lists but that was too hard to track which bugs were real etc. Now I have a web page with the results. I am on the kerneljanitors mailing list and they fix the bugs. Randy Dunlap has been especially helpful. I will get a static IP and a bandwith boost tomorrow and then I'll email lkml so that the web page becomes better known.
You could write a checker script for the for loop using smatch. Email the smatch-discuss list if you have any proplems.
I think that checking code as you write it is a great idea.
The Stanford Checker is great. I was blown away when I read their papers last year. Their checker is not released yet, so I wrote a similar checker (smatch.sf.net) based on their publications.
The poster mentions Lint, but I did not have any success using Lint on the kernel sources. The source is too unusual.
Also Lint does not look for application specific bugs. For example, in the Linux kernel you are not supposed to call copy_to_user() with spinlocks held. It took me about 10 minutes to modify one my existing scripts to check for that in the Linux kernel last Monday. It found 16 errors. (It should have found more but I was being lazy.)
A lot of the time, you can't tell what will be a common error until you try looking for it. One funny thing was that there were many places where people had code after a return statement. On the other hand, I didn't find even one place where '=' and '==' were backwards.
It's fascinating stuff playing around with this stuff. I have been learning a lot about the kernel through playing around with Smatch.
The real story is that Maureen O'Gara and LinuxGram deliberately spread the false rumour about SCO. The only reason I can think of is that they must dislike SCO.
If you read O'Gara's article carefully she says that she presumed that SCO was going to go after Linux users. She only talked to one person at SCO who thought the idea was retarded. He said going after Linux users would be "suicide." After that most people would probably decide they had presumed incorrectly but O'Gara likes to go with the most damaging thing she can presume even if it's wrong.
The day after the article SCO said: "SCO has no desire to take legal action against fellow Linux vendors."
But the rumour had already spread. Stupid reporters took O'Gara's speculations and said, "It was reported that SCO was planning to sue Linux users."
>>And the Australian PM has what say in this conflict???
It's as much Australia's business to attack Iraq as it is for the US to attack Iraq. I heard that Australia is considerring a preemptive attack on North Korea, Zimbabwe and France.
Perhaps by next fall I'll be ready to do something like that. For smatch to be really useful that's the way to go.
Right now I keep on changing the intermediate format and trying new things. Once it gets included then you have to worry about backwards compatability etc...
I don't think any of the things he listed as vectors for a new Linux virus are realistic. There are too many different mail clients and instant messangers. On the other hand sendmail, apache, or bind would make great vectors. Even if their security is good all it takes is one flaw. And nobody is perfect.
It's my understanding that you can't get sued for knowing a trade secret. You can get sued if when you violate a contract by spreading a trade secret or if you use a trade secret for profit.
Clearly Pavlovich didn't violate a contract. I don't think he used it for profit either. And since no one violated a contract to write DeCSS then it still wouldn't be illegal even if he did make a profit.
I thought that it was interesting that DeCSS was linked to on cnet. Clearly they feel the same way.:)
Any idiot can learn how to use a blasted mouse or Word Processor. But I still wasted many hours doing homework on this in college. And I was in computer science.
What they should teach is programming so that children can really understand them.
Unfortunately in America the teachers union opposes educating or hiring computer teachers for budget reasons.
I've never used flash so I may be completely wrong.
If you think about flash as a programming language instead of web animations, it opens a number of possibilities. For example, themes could be written in flash. You could animate all kinds of things in the desktop. Flash could be integrated with VB.
Slashdot Mirror
That would be my deepest dream.
It's annoying to have to remember to hit numlock before you type in an IP address. I'm at the point where I can hit numlock automatically but now half the time I end up turning it off instead of on. Looking at the LED before I hit numlock doesn't work because the LEDs are not allways accurate right after boot (I don't know whether that's a problem with the BIOS, kernel or KVM).
It's time to say no to numlock.
Actually the certification for this course is the RHCT which is a half way point in getting a RHCE. (Or another way to think about it is that it's equivelent to 2 or 3 MCSE certifications.)
They did an experiment with this in Britain 2 years ago. A million school children jumped up and down for a minute. I found this article about it.
Bruce Sterling is smart person and an interesting author but I think he missed the point.
I went to an anti-war march in the States. There were a lot of people in the march whose politics I don't agree with. Most of the people probably. But the point was that everyone marching agreed that the war with Iraq is wrong.
To me the march wasn't about long term policy so much as it was about immediate threat of war.
Bruce claims technology makes it easy to gather a "million networked marchers on demand". However, the rest of the article talks about how these groups can't find common ground on any other issues. I think it is the prospect of war that makes it easy.
Actually in this case Microsoft released a second patch that made you vulnerable again. If I was in charge and my databases weren't infected I would fire my stupid, lazy admin.
(Actually, that's not true. Responsable admins don't put Microsoft products on the open internet so they shouldn't have been infected.)
In Europe Mickey and Goofy are much funnier. Mickey is a smart detective type character.
You are correct. The LWN article on this just became available to non-subscribers and you can read it here:http://lwn.net/Articles/20741/
(BTW. Everyone should subscribe to LWN. It's an exceptional value)
It is estimated that a gazillion fish die every day from cold. This new jet engine provides a wonderful means of transportation and enriches the lives of nearby sea food.
Where is the complete list of all patches, with downloaded links?
It should be the law that all software companies need to keep a public record of vulnerabilities in their software for a year. If the software is sold in box sets it should include a have a URL printed on the outside of the box where people can find the list. This would provide financial motivation for companies to write secure software.
RedHat 7.2 is pretty old... I said rude things about it myself when it was released.
But 8.0 is rather nice.
I'm not sure if the video situation is any better but the rest of the operating system is a lot more pleasant.
>Did you get the bugs that you found fixed?
At first I sent the errors to the lists but that was too hard to track which bugs were real etc. Now I have a web page with the results. I am on the kerneljanitors mailing list and they fix the bugs. Randy Dunlap has been especially helpful. I will get a static IP and a bandwith boost tomorrow and then I'll email lkml so that the web page becomes better known.
You could write a checker script for the for loop using smatch. Email the smatch-discuss list if you have any proplems.
I think that checking code as you write it is a great idea.
The Stanford Checker is great. I was blown away when I read their papers last year. Their checker is not released yet, so I wrote a similar checker (smatch.sf.net) based on their publications.
The poster mentions Lint, but I did not have any success using Lint on the kernel sources. The source is too unusual.
Also Lint does not look for application specific bugs. For example, in the Linux kernel you are not supposed to call copy_to_user() with spinlocks held. It took me about 10 minutes to modify one my existing scripts to check for that in the Linux kernel last Monday. It found 16 errors. (It should have found more but I was being lazy.)
A lot of the time, you can't tell what will be a common error until you try looking for it. One funny thing was that there were many places where people had code after a return statement. On the other hand, I didn't find even one place where '=' and '==' were backwards.
It's fascinating stuff playing around with this stuff. I have been learning a lot about the kernel through playing around with Smatch.
The real story is that Maureen O'Gara and LinuxGram deliberately spread the false rumour about SCO. The only reason I can think of is that they must dislike SCO.
h tm
If you read O'Gara's article carefully she says that she presumed that SCO was going to go after Linux users. She only talked to one person at SCO who thought the idea was retarded. He said going after Linux users would be "suicide." After that most people would probably decide they had presumed incorrectly but O'Gara likes to go with the most damaging thing she can presume even if it's wrong.
The day after the article SCO said: "SCO has no desire to take legal action against fellow Linux vendors."
But the rumour had already spread. Stupid reporters took O'Gara's speculations and said, "It was reported that SCO was planning to sue Linux users."
Here is a factual article:
http://www.practical-tech.com/business/b01162003.
>>And the Australian PM has what say in this conflict???
It's as much Australia's business to attack Iraq as it is for the US to attack Iraq. I heard that Australia is considerring a preemptive attack on North Korea, Zimbabwe and France.
It's only logical after all.
That's such rubbish pop-psych you should be embarrassed. Most of the artists I know have very good computer skills.
That's funny, we already made him a poster boy for the good guys.
A mild mannered child genius who defeated the multi-nation corporation's encryption so he could watch dvds under Linux.
You can't invent a better story than that.
This morning I saw the article hoverred my mouse over the URL just to make sure it wasn't a LinuxGram article.
Now that I have time to read it, I can see that it is a LinuxGram article after all and by Maureen O'Gara no less.
I'm not sure if there are any salt grains large enough for the articles she writes.
Perhaps by next fall I'll be ready to do something like that. For smatch to be really useful that's the way to go.
Right now I keep on changing the intermediate format and trying new things. Once it gets included then you have to worry about backwards compatability etc...
If you liked the Stanford Checker, but you want something that is a little bit crappier then you should try out Smatch.
As far as I can tell, it's the functional equivelent of the Stanford Checker, but it not as elegant or complete.
Also I wrote it.
Assasin was pretty good and I really liked their original game as well.
I don't think any of the things he listed as vectors for a new Linux virus are realistic. There are too many different mail clients and instant messangers. On the other hand sendmail, apache, or bind would make great vectors. Even if their security is good all it takes is one flaw. And nobody is perfect.
>they caught the guy too
You just summed up the difference between using a credit card at a restaurant and using one online.
I do not think he is paranoid. Three months after CodeRed first appeared, one out of ten "secure" or "comercial" IIS websites were still infected. (Note the word "secure" as in encryption and the word "infected" as opposed to merely "vulnerable".)
It's my understanding that you can't get sued for knowing a trade secret. You can get sued if when you violate a contract by spreading a trade secret or if you use a trade secret for profit.
:)
Clearly Pavlovich didn't violate a contract. I don't think he used it for profit either. And since no one violated a contract to write DeCSS then it still wouldn't be illegal even if he did make a profit.
I thought that it was interesting that DeCSS was linked to on cnet. Clearly they feel the same way.
Any idiot can learn how to use a blasted mouse or Word Processor. But I still wasted many hours doing homework on this in college. And I was in computer science.
What they should teach is programming so that children can really understand them.
Unfortunately in America the teachers union opposes educating or hiring computer teachers for budget reasons.
I've never used flash so I may be completely wrong.
If you think about flash as a programming language instead of web animations, it opens a number of possibilities. For example, themes could be written in flash. You could animate all kinds of things in the desktop. Flash could be integrated with VB.