VNC's built-in security is not great. You set one password per machine (if you administering a bunch, you'll probably set it to be the same on all) and you can create a registry entry to specify IP ranges which are permitted to connect. Beyond that, you need to get in to installing OpenSSH and tunnelling VNC through that. By default, VNC doesn't allow loopback connections so you have to change something in the registry so it'll tunnel.
What I also do is leave the VNC service set to Manual, then use something like Computer Mangement(a Win2k tool) to start the service when I want to use it.
My routine goes like this: find out user's computername (let's say "luser28"),run "compmgmt.msc/computer:luser28", start VNC service, run VNCviewer and paste in the computername as the VNC Server address (netbios names will get resolved to IP), enter the VNC password (plus domain login if I'm not looking over a logged-in user's shoulder) and I'm in. When I'm done I bring computer management to the front and stop the service. Starting the service remotely requires local admin rights on the machine so if a cracker can do that, we're already screwed.
There are also a number of ways to execute programs remotely without resorting to login scripts, psexec.exe comes to mind.
VMWare and VirtualPC for Windows exist to solve the same problems. If you can get away will running Linux in a virtual machine, those are your choices. The appeal of VirtualPC is 1) made by a "name" company who have lots of experience doing the even harder task of hardware emulation on a different processor (which could appease the "datacenter" people) and 2) configuration is a lot simpler. Since Connectix released the 4.2 patch, which fixed the screwed up "virtual switch" (lets you assign an IP to the guest OS instead of sharing the host's IP behind a NAT), VirtualPC has been pretty good.
I like the sound of using a cygwin-based solution even better but if it's possible, I don't know how to do it.
Sony Vaios and an increasing number of other laptops (Dells) have IEEE 1394 aka FireWire ports *but* they are 4 pin ports unlike Apple laptops' and iPod 6 pin ports. You need the 6 pin port for the iPod's cool feature of being able to recharge through FireWire. Plus, the FireWire cable doubles as the cable to connect to the iPod's wall wart when you want to use that! How cool is that?
So those laptops could have the fast transfer but not the recharge. And if an mp3 player *does* come with USB2, will it be able to recharge over that connection? I know USB can carry power but I don't think it's spec'ed to carry enough to do a recharge in a reasonable amount of time.
It seems a lot of people overlook this extra feature of FireWire. It's less of an issue for geeks but for most people, anything which means one less wire on their desk, one less wall wart, is a good thing.
I don't remember the self-executing programs from that book so I'd say it's not a big part of the book. It's a good book tho', dealing with First Contact, galactic cultures and way future tech.
Network Simplicity makes a Windows installer based on Cygwin and OpenSSH which can makes it about as easy as installing any Windows program. The whole install is less than 4MB.
The character was called "Die Fledermaus" in the comic book. Intially I was unhappy when I learned the character was changed but now I just think it's funny.
Your future looks pretty grim because you're a fucking asshole. So schools are a system, fine. You have a problem with systems and you're a CS major? Go answer the door, it's irony knocking. Your description of this system is so simplistic I have to wonder how you can get your head around a program more complex than "Hello world."
Maybe you're not at the best college but since all we have to go on is what you say, it's more likely the problem is with you. Your ridiculous generalization about faculty show you have zero respect for any of them (which therefore makes any positive gesture by your classmates "ass-kissing") so naturally you don't gain anything from the experience. But still you're getting the degree because you're either totally full of shit or too afraid to live by what you believe.
flame off.
Re:Subscriptions should add value
on
Slashdot Updates
·
· Score: 1
I hadn't thought of the problem of selecting the @slashdot address. In my case I'd be tickled to have my userid@slashdot but userids can have illegal characters for email addresses. You could swap characters as in your example, underscore for space, but it doesn't address the problem of some userids making for crappy email addresses. Probably a lot of old-timers would be happy but it would be a dis-incentive for newcomers to subscribe if their chances of getting the email address they wanted was small.
Of course Slashdot != AOL or Hotmail so the odds of getting the address you want are a lot better.
As for killfiling comments based on poster's IP seems like a bad idea. You'd have to have the IP stored in the comment/s record, where it could potentially be extracted for nefarious reasons. You could also potentially connect an anonymous post with a non-anonymous post.
I would think killfiling userids would be a lot easier. Of course when people repeatedly create accounts to troll, you could never keep up with your killfile. There would probably have to be a cap on the number of userids in your killfile list. I cap would be less annoying if the page which listed your killfile show how many days had past since the user had posted. That would simplify removal of a discarded userid from your killfile.
Perhaps you could achieve the same effect by having the option to set comments by users with low enough karma to -1.
The determined troll will always find a way so it's important to not screw up the whole system in an arms race against them.
On a more positive note, you could add a "Buddy List" so particular users stood out in a thread. A buddy's userid could be in a different color and if a buddy commented on a story, there could be a "B" displayed next to "Read More" on the front page.
Re:Subscriptions should add value
on
Slashdot Updates
·
· Score: 2, Interesting
As a longtime reader, I'm very wary of any subscription option which makes a current feature subscription-only. The biggest concern with any subscription plan is it will drive away all the readers and with a community site like/. without the readers, it is nothing. Some of the newest features,
1. I like the idea of a @slashdot forwarding address (real mailboxes are too expensive to run well). I don't know what you mean by "no dynamic content" on a web page
2. There are lots of good ideas for better filtering but few seem to have wide popularity. They'd have to implement a lot of options to please enough subscribers.
3. Buying a +1 is a bad idea, having $x of disposably income has no bearing on the quality of one's posts. The point of moderation is to help the audience find their way to the best the community has to offer. Monkey around with that and you hurt the quality of the site.
4. This is a recently implemented option, and a very good one. Despite my first comment above, I think this is new enough to be changed to a subscribers-only option without hurting the draw of the site.
5. A good idea, anything that helps me get past what I've read between reloads is good.
6. This goes too far in voliating my first point about changing the non-paying user's experience of the site. Providing subscribers *addtional* options is a better idea.
7. Bad idea, watch the number of comments drop like a stone with the number of readers and ad revenue close behind.
8. I know little of the story submission process to really know what impact this would have. My impression is the majority of stories do not come from repeat submitters so you'd be cutting off most of the stories that make it through.
What does Slashdot provide readers?
1. Editors of the story submissions which could be improved at the low level, spelling, fact checking but is under-appreciated at the high level submission selection. IMO Kuroshin's process is different but not better than Slashdot's small group.
2. reader comments which are highly variable in quality but not short on "good" ones
3. A backend and interface which makes reading and commenting fairly easy. If you've been around long enough, it's easy to remember when the signal to noise ratio was better but its seemingly easy to forget how crappy most community web sites were to read and participate in. Slashdot has shared this beyond its own domain not only through Slashcode but also through inspiring countless clones with similar look 'n feel.
Granted, spawning the Slashdot Way for community web sites is something that's done. I don't expect Slashdot to be the source of the next major advancement in, well, anything, technologically. Rather, I expect it to maintain its standards, incrementally improve technologically, and try to remain "relevant."
How much I would pay for a subscription to Slashdot naturally depends on what's offered. My measuring stick is my Wired subscription. I pay $12/year for Wired. It's filled with a buttload of ads and it's not as good as it used to be but it's permanent, easy to look at, cheaper than it used to be, and a decent number of those ads are interesting/informative/funny. I could see myself paying that much for Slashdot. However I haven't paid for online content yet so it's hard to be certain.
Re:Subscriptions should add value
on
Slashdot Updates
·
· Score: 1
Abosolutely. Real mailboxes cost real money for storage of email, more clock cycles for email composition screens, cookie managment, email managment, mail filters (tho' filters would be nice on a forward as well), etc. Plus if/. actually stored mail they'd have to dump their cheesy, insecure authentication for something beefier with SSL.
A forwarding system would be another line in (paid) user prefs, a sendmail box to handle the forwarding, bandwidth for the email and some management of the box. There would certainly be some expense to it but it would probably be enough of a draw to more than pay for itself.
Re:You don't need to go fast -
on
Biking @ 80 MPH
·
· Score: 1
I see business men riding to work on their bikes in a suit and dress shoes in traffic on a 90 degree morning
This is a major part why I don't bike to work. Even before I was fat, when I was in pretty good shape (at least cardiovascularly), it took very little to make me sweat. If I biked to work (less than 2 miles), I would come to work very damp regardless of what the weather was like. In the U.S., it's frowned upon to have an odor, I know I don't like smelling people.
Even if B.O. is less of an issue in Tokyo (culturally), I bet those business men have more appropriate facilities for cleaning up at work. A restroom sink and electric hand dryer do not cut it.
I think your cheapest option is going to be 2 PC cards, one for each connection type.
If your laptop has a built-in modem which is in a mini PCI slot, you may be able to pop it out and install a mini PCI Ethernet or even wireless card (tho' I think its best to buy the wireless pre-installed so there's an antenna built-in).
Orinoco has USB and ethernet converters but they aren't really built for portability.
Xircom has their RealPort and RealPort2 products which combine different communications options. Their RealPort2 line includes Ethernet (naturally), bluetooth, and wireless data for mobile phones but no WiFi. They do make a WiFi card but its got the ordinary PC card form factor.
The need for an external antenna may be part of why they don't have a WiFi RealPort card, the whole point of that product line is to have ports which are unobtrusive, flush with the laptop case. Or maybe they just can't squeeze all the electronics in yet.
They never said 10.1 would be available for download, because of its size. The $20 charge is what they've charged for years in the Up-To-Date program which was how you got the current MacOS if your new Mac came with the previous version. For instance when I got a PowerMac 6500, it came with 7.5.5 but 7.6 had already come out. By sending a card and $20, they sent me a full 7.6 installation CD. If you adjust for inflation, you could say their fee has gone down:)
My understanding is the $20 gets you a full 10.1 CD. What I'd like to see is an upgrade-only CD which could cost less (or nothing) and be passed out at Apple Stores and places like college computer stores then duplicated and shared by whoever cares to.
Ditto, sudo is your friend. There are a couple of things to be aware of. First, you can tell sudo to log to a separate file if that's what you want. Second, sudo has a -s switch which gives the user a shell for root. If they use that you won't have a log of what was done in the shell. I believe the use of -s can be disabled.
There's also the good ol'.history file, you could do something archive the.history file for root.
Until last year, there was a lab around here running their own mail server on a NeXT cube running sendmail 1.0! While the length of its tour of duty was impressive, once the spammers found it, it was all over. There was no one left to support it (if there ever really was) so they just took it offline and used a different machine to redirect the old addresses.
Windows NT has had user level security for something like 8 years. Windows 2000 added the "runas" command which is a lot like "su" and some other improvements. What they both lack is sufficiently restricted permissions by default and don't discourage putting user accounts in the Administrators. Since Win2k, having an account in only the Users group and applying the Basic security template, makes it reasonably restricted.
For instance, you cannot open an iMac without violating the warranty
That's not true. You can add RAM yourself, especially in the Indigos and newer which switched from SO-DIMMs to standard 168pin DIMMs. Yes, RAM from Apple is more expensive than most of the RAM you find from third party vendors. The same is true for every other major manufacturer out there.
From a stock install? I don't know. I use an MS provided tool called uptime.exe. It works on NT4SP4 and newer (no Win9x tho').
Uptime is a simple command line tool that analyzes a single server for reliability and availability information. It can work locally or remotely. In its simple form, the tool will display the current system uptime. An advanced option allows you to access more detailed information such as shutdown, reboots, operating system crashes, and Service Pack installation.
Classic shouldn't go away, Classic should be around for a long time. People should be able to run their old Mac software on a current machine. What should go away is the *need* to run Classic for common tasks. All current Mac developers should Carbonize or, even better, rebuild as Cocoa all their apps. But there's lots of software that people use that won't get Carbonized and the users shouldn't be penalized for that.
Your point about the insane forfeiture laws in the US for drug crimes is well taken but I think landlords are exempt. If drugs were found in a rented room of your house, the house could be seized (arrested actually) but an apartment building couldn't. Could you imagine the feds seizing an entire apartment building in the projects? Where do you draw the line between apartment building and house? I don't know, but such lines are drawn in many areas of the law.
Slashdot Mirror
The Hillary Rosen phone call starts about 29 minutes into the interview.
She's stupid and baiting.
You still create/edit a file called "hosts" (make sure there's no 3 letter extension) but it lives in a different place.
File content:
0.0.0.0 goatse.cx
File location:
Win95/98/ME - C:\windows\
WinNT/2000/XP - C:\WINNT\system32\drivers\etc\
Reboot to make it take effect.
VNC's built-in security is not great. You set one password per machine (if you administering a bunch, you'll probably set it to be the same on all) and you can create a registry entry to specify IP ranges which are permitted to connect. Beyond that, you need to get in to installing OpenSSH and tunnelling VNC through that. By default, VNC doesn't allow loopback connections so you have to change something in the registry so it'll tunnel.
/computer:luser28", start VNC service, run VNCviewer and paste in the computername as the VNC Server address (netbios names will get resolved to IP), enter the VNC password (plus domain login if I'm not looking over a logged-in user's shoulder) and I'm in. When I'm done I bring computer management to the front and stop the service. Starting the service remotely requires local admin rights on the machine so if a cracker can do that, we're already screwed.
What I also do is leave the VNC service set to Manual, then use something like Computer Mangement(a Win2k tool) to start the service when I want to use it.
My routine goes like this: find out user's computername (let's say "luser28"),run "compmgmt.msc
There are also a number of ways to execute programs remotely without resorting to login scripts, psexec.exe comes to mind.
I like the sound of using a cygwin-based solution even better but if it's possible, I don't know how to do it.
Sony Vaios and an increasing number of other laptops (Dells) have IEEE 1394 aka FireWire ports *but* they are 4 pin ports unlike Apple laptops' and iPod 6 pin ports. You need the 6 pin port for the iPod's cool feature of being able to recharge through FireWire. Plus, the FireWire cable doubles as the cable to connect to the iPod's wall wart when you want to use that! How cool is that?
So those laptops could have the fast transfer but not the recharge. And if an mp3 player *does* come with USB2, will it be able to recharge over that connection? I know USB can carry power but I don't think it's spec'ed to carry enough to do a recharge in a reasonable amount of time.
It seems a lot of people overlook this extra feature of FireWire. It's less of an issue for geeks but for most people, anything which means one less wire on their desk, one less wall wart, is a good thing.
I don't remember the self-executing programs from that book so I'd say it's not a big part of the book. It's a good book tho', dealing with First Contact, galactic cultures and way future tech.
http://www.networksimplicity.com/openssh/
It's primarily for adding sshd as a service but it includes ssh which can be run on the command line.
The character was called "Die Fledermaus" in the comic book. Intially I was unhappy when I learned the character was changed but now I just think it's funny.
Your future looks pretty grim because you're a fucking asshole. So schools are a system, fine. You have a problem with systems and you're a CS major? Go answer the door, it's irony knocking. Your description of this system is so simplistic I have to wonder how you can get your head around a program more complex than "Hello world."
Maybe you're not at the best college but since all we have to go on is what you say, it's more likely the problem is with you. Your ridiculous generalization about faculty show you have zero respect for any of them (which therefore makes any positive gesture by your classmates "ass-kissing") so naturally you don't gain anything from the experience. But still you're getting the degree because you're either totally full of shit or too afraid to live by what you believe.
flame off.
I hadn't thought of the problem of selecting the @slashdot address. In my case I'd be tickled to have my userid@slashdot but userids can have illegal characters for email addresses. You could swap characters as in your example, underscore for space, but it doesn't address the problem of some userids making for crappy email addresses. Probably a lot of old-timers would be happy but it would be a dis-incentive for newcomers to subscribe if their chances of getting the email address they wanted was small.
Of course Slashdot != AOL or Hotmail so the odds of getting the address you want are a lot better.
As for killfiling comments based on poster's IP seems like a bad idea. You'd have to have the IP stored in the comment/s record, where it could potentially be extracted for nefarious reasons. You could also potentially connect an anonymous post with a non-anonymous post.
I would think killfiling userids would be a lot easier. Of course when people repeatedly create accounts to troll, you could never keep up with your killfile. There would probably have to be a cap on the number of userids in your killfile list. I cap would be less annoying if the page which listed your killfile show how many days had past since the user had posted. That would simplify removal of a discarded userid from your killfile.
Perhaps you could achieve the same effect by having the option to set comments by users with low enough karma to -1.
The determined troll will always find a way so it's important to not screw up the whole system in an arms race against them.
On a more positive note, you could add a "Buddy List" so particular users stood out in a thread. A buddy's userid could be in a different color and if a buddy commented on a story, there could be a "B" displayed next to "Read More" on the front page.
As a longtime reader, I'm very wary of any subscription option which makes a current feature subscription-only. The biggest concern with any subscription plan is it will drive away all the readers and with a community site like /. without the readers, it is nothing. Some of the newest features,
1. I like the idea of a @slashdot forwarding address (real mailboxes are too expensive to run well). I don't know what you mean by "no dynamic content" on a web page
2. There are lots of good ideas for better filtering but few seem to have wide popularity. They'd have to implement a lot of options to please enough subscribers.
3. Buying a +1 is a bad idea, having $x of disposably income has no bearing on the quality of one's posts. The point of moderation is to help the audience find their way to the best the community has to offer. Monkey around with that and you hurt the quality of the site.
4. This is a recently implemented option, and a very good one. Despite my first comment above, I think this is new enough to be changed to a subscribers-only option without hurting the draw of the site.
5. A good idea, anything that helps me get past what I've read between reloads is good.
6. This goes too far in voliating my first point about changing the non-paying user's experience of the site. Providing subscribers *addtional* options is a better idea.
7. Bad idea, watch the number of comments drop like a stone with the number of readers and ad revenue close behind.
8. I know little of the story submission process to really know what impact this would have. My impression is the majority of stories do not come from repeat submitters so you'd be cutting off most of the stories that make it through.
What does Slashdot provide readers?
1. Editors of the story submissions which could be improved at the low level, spelling, fact checking but is under-appreciated at the high level submission selection. IMO Kuroshin's process is different but not better than Slashdot's small group.
2. reader comments which are highly variable in quality but not short on "good" ones
3. A backend and interface which makes reading and commenting fairly easy. If you've been around long enough, it's easy to remember when the signal to noise ratio was better but its seemingly easy to forget how crappy most community web sites were to read and participate in. Slashdot has shared this beyond its own domain not only through Slashcode but also through inspiring countless clones with similar look 'n feel.
Granted, spawning the Slashdot Way for community web sites is something that's done. I don't expect Slashdot to be the source of the next major advancement in, well, anything, technologically. Rather, I expect it to maintain its standards, incrementally improve technologically, and try to remain "relevant."
How much I would pay for a subscription to Slashdot naturally depends on what's offered. My measuring stick is my Wired subscription. I pay $12/year for Wired. It's filled with a buttload of ads and it's not as good as it used to be but it's permanent, easy to look at, cheaper than it used to be, and a decent number of those ads are interesting/informative/funny. I could see myself paying that much for Slashdot. However I haven't paid for online content yet so it's hard to be certain.
Abosolutely. Real mailboxes cost real money for storage of email, more clock cycles for email composition screens, cookie managment, email managment, mail filters (tho' filters would be nice on a forward as well), etc. Plus if /. actually stored mail they'd have to dump their cheesy, insecure authentication for something beefier with SSL.
A forwarding system would be another line in (paid) user prefs, a sendmail box to handle the forwarding, bandwidth for the email and some management of the box. There would certainly be some expense to it but it would probably be enough of a draw to more than pay for itself.
This is a major part why I don't bike to work. Even before I was fat, when I was in pretty good shape (at least cardiovascularly), it took very little to make me sweat. If I biked to work (less than 2 miles), I would come to work very damp regardless of what the weather was like. In the U.S., it's frowned upon to have an odor, I know I don't like smelling people.
Even if B.O. is less of an issue in Tokyo (culturally), I bet those business men have more appropriate facilities for cleaning up at work. A restroom sink and electric hand dryer do not cut it.
People also choose hardware RAID for greater reliability, OS independence, OS simplicity, and in some cases hotswap-ability of drives.
I think your cheapest option is going to be 2 PC cards, one for each connection type.
If your laptop has a built-in modem which is in a mini PCI slot, you may be able to pop it out and install a mini PCI Ethernet or even wireless card (tho' I think its best to buy the wireless pre-installed so there's an antenna built-in).
Orinoco has USB and ethernet converters but they aren't really built for portability.
Xircom has their RealPort and RealPort2 products which combine different communications options. Their RealPort2 line includes Ethernet (naturally), bluetooth, and wireless data for mobile phones but no WiFi. They do make a WiFi card but its got the ordinary PC card form factor.
The need for an external antenna may be part of why they don't have a WiFi RealPort card, the whole point of that product line is to have ports which are unobtrusive, flush with the laptop case. Or maybe they just can't squeeze all the electronics in yet.
Merriam-Webster sez
The Republican fight for "states' rights" *was* a federalist fight.
My understanding is the $20 gets you a full 10.1 CD. What I'd like to see is an upgrade-only CD which could cost less (or nothing) and be passed out at Apple Stores and places like college computer stores then duplicated and shared by whoever cares to.
Ditto, sudo is your friend. There are a couple of things to be aware of. First, you can tell sudo to log to a separate file if that's what you want. Second, sudo has a -s switch which gives the user a shell for root. If they use that you won't have a log of what was done in the shell. I believe the use of -s can be disabled.
.history file, you could do something archive the .history file for root.
There's also the good ol'
Until last year, there was a lab around here running their own mail server on a NeXT cube running sendmail 1.0! While the length of its tour of duty was impressive, once the spammers found it, it was all over. There was no one left to support it (if there ever really was) so they just took it offline and used a different machine to redirect the old addresses.
Windows NT has had user level security for something like 8 years. Windows 2000 added the "runas" command which is a lot like "su" and some other improvements. What they both lack is sufficiently restricted permissions by default and don't discourage putting user accounts in the Administrators. Since Win2k, having an account in only the Users group and applying the Basic security template, makes it reasonably restricted.
That's not true. You can add RAM yourself, especially in the Indigos and newer which switched from SO-DIMMs to standard 168pin DIMMs. Yes, RAM from Apple is more expensive than most of the RAM you find from third party vendors. The same is true for every other major manufacturer out there.
Classic shouldn't go away, Classic should be around for a long time. People should be able to run their old Mac software on a current machine. What should go away is the *need* to run Classic for common tasks. All current Mac developers should Carbonize or, even better, rebuild as Cocoa all their apps. But there's lots of software that people use that won't get Carbonized and the users shouldn't be penalized for that.
Your point about the insane forfeiture laws in the US for drug crimes is well taken but I think landlords are exempt. If drugs were found in a rented room of your house, the house could be seized (arrested actually) but an apartment building couldn't. Could you imagine the feds seizing an entire apartment building in the projects? Where do you draw the line between apartment building and house? I don't know, but such lines are drawn in many areas of the law.