I once wrote a $19 shareware program in the days before the internet. It was fully functional for 30 days. Other than the single popup when the program started, there was no nag screens. The key was a trivial 4 or 5 digit number based on the users name, and stored in a.ini file in a obvious location. If you wanted to extend the 30 days of the trial, you could simply delete the ini file. Despite the trivial nature of the protection, I still received a decent number of registrations. Remember, this was before the internet (and widespread use of email), and users had to actually write paper checks and snail mail them to me. I also snail mailed the keys to them.
If you wanted to distribute a registered version of the program, you could simply include the ini file from one that was already registered. However, my protection scheme also had one additional feature which protected against piracy, and has been very successfully used by a number of other venders. When you registered, the key was made from your name, and registered copies displayed your name in the window title. Thus, if you had a pirated copy, it would show someone elses name, and if you used the program a lot, having someone elses name would probably annoy you enough to go ahead and spend the $19 for your own copy. Similar techniques have worked very well for other shareware companies such as jpsoft and dreamquest software.
I have a safe with the combo supplied by the manufacturer. There is no way to change it, which supprised me. Of course, you also need a key. I hope they have more than a few of them...
600 Windows servers. Run TZEDIT instead of using the MS patch, and export the registry file with the changes. Same registry file works for Win2k and W2k3. Import it using regedit -s in a batch file, along with a reboot and deploy using NetIQ.
Total time to generate dst.reg: 15 minutes.
Total time to write batch file: 15 minutes.
Total time to deploy using NetIQ and scheduling reboots: About 1 week, but most is automated, and only a few hours actual work is required.
On the other hand, updating the Java classes and data dictionary in the Oracle databases on these servers will be pretty gnarly.
A spammer sets up a "bot-net" of compromised Windows computers, sometimes in the thousands.
The spammer configures the zombies to send out about 1,000 spams a day, which most computers can handle without the user noticing.
By using thousands of zombies, a spammer can send out millions of viagras a day, at almost no cost to himself.
If 99.9% of the spam is filtered or ignored, it doesn't matter to the spammer, as the.1% represents thousands of sales per day.
The trick is to target the one vulnerability all spammers have: A website to sell their goods. All spam messages have a link where you click to buy the viagra, invest in Nigerian hedge funds, etc.
This vulnerability could be renlentessly attacked by ISPs, where each filtered spam generates an automatic "opt out" message to the website contained in the email. Kind of like bluefrog, with attitude. The beauty of it is, unlike bluefrog, there is no single point the spammers can attack, since individual ISPs would be generating the opt out requests instead of a single website.
Right now, a spammer only has to process the requests from the spam that actually gets through and is responded to. If this is implemented, the spammer would have to process (or ignore) every spam sent out by one of his zombies. Kind of a Self-Denial of Service attack.
When you have to process 18,000 requests a day, your hardware and bandwidth costs are minimal. If you had to process all 18,000,000 your zombies sent out, your costs would be considerably higher, and it might make spamming somewhat less profitable.
Every one of us has something we use daily that generates massive supplies of waste heat - our car engines. Instead of releasing it to the atmosphere with radiators and fans, couldn't we convert some of it to electricity with some sort of small turbine? If we did that, we could use it to help power the car with a hybrid motor. Kind of like regenerative braking, but the energy source is constant. I would love to get that extra heat as torque for my Camaro! Maybe I could get on dragtimes.com
The big problem with "commodity hardware" is it breaks all the time. If a system is using a shared-nothing approach, then all of the commodity servers and storage arrays have to be available or the query will fail. Thus, if you have 10 servers and storage arrays participating in a shared-nothing approach, if any one of those servers goes down, the query will fail. Having a large amount of moving parts (commodity hardware) involved in any operation makes the MTBF go way down.
We are preparing for a large deployment (200+ sites) of Oracle RAC clusters on commodity hardware, in which we fully expect servers and the shared storage to fail on a regular basis. Our most recent test of this configuration involved yanking the power cord from the shared array while the database was up. It is a realistic test, and we expect to see something similar in production within a few months of deployment.
One of the biggest misconceptions about the redundancy technologies is that it is actually truly redundant. For example, that RAIDed storage array you have? The RAID protects against the failure of a single hard drive (more if you have hot spares). However, your database is toast if someone forgot to turn off write cache (the default on most arrays) and your battery goes bad. Or if your SAN "panics" and loses a 600GB LUN. Or if your controller goes bezerk and starts writing corrupt archivelogs without any error messages?
How to achieve redundancy:
Use different hardware. If you are using a commodity storage array for your primary storage, keep a copy of critical files like redologs and archivelogs on a different hardware type, like an external drive. If you use SAN as primary storage, use NAS for your backup files.
Use different sites. Don't use a venders hardware replication. Instead use something like Oracle Advanced Replication or a Dataguard standby databases.
Clusters protect against the failure of a server. RAID protects against the failure of a hard drive. Assume no redundancy in anything else and plan accordingly.
I would never deploy anything with a "shared-nothing" approach on commodity hardware. It is just too likely to fail.
I bought a 2000 S-10 pickup from them, and took it into Midas when the front brake started squeaking. I figured it needed new pads. I had about 2 weeks left under the 3 year warrenty, and things like brake pads typically aren't covered. The Midas guy told me the reason the pads were worn was because of the brake caliper, and advised me to take it to the dealer to see if the might cover some of the repair under warrenty. Not only did they cover 100% with no questions asked (remember, 2 weeks left on it), but also gave me a free rental car. The Midas guy charged me about $10 for the visit.
I have always given one months notice, and used all of that time for turnover, documentation, and training, every time. I have even been hired back to the same companies I left (for considerably more money) twice. If you do people good, good will usually come back to you.
I remember that too. When my Win95 upgrade got hosed, and I needed to reinstall it, I called Microsoft (you could actually call them on the phone then) and their tech was very helpful. In order to use the upgrade CD for a full reiinstallation, I had to:
C:\>dir > NTLDR
It worked great for a few years until I got a new computer
The last easy Windows install I had was about in 1998. Back then I also installed Red Hat 6 (anyone remember disk druid?), and what a PITA.
Now, things have changed. While every recent Windows installation has been a PITA (doesn't write boot sector, only will install 2nd HD as drive "E:", can't get video drivers to work with anything other than 640x480), about 30 reboots, etc), every Linux install (except one upgrade) I have done recently (Red Hat 8, SUSE 9 and 10, Mandrake 10, Linspire on 3 different systems) has been a piece of cake. All hardware detected, all applications installed in less than 1 hour. The hardest part of the Linux installations has been to change the CDs.
"The real problem is that hostnames are written back to front. JANET in the UK used to write hostnames in the correct order, so this story would have been on org.slashdot.it. At each stage, you have progressive refinement. Writing hostnames the opposite way to filesystem paths (including those written after the hostname) makes no sense, and is just bad UI design. It's probably too late to switch now, but it would be much easier for a user to spot that com.phisher.com.paypal/long_path was not the same as com.paypal/long_path than it is to spot that paypal.com.phisher.com/long_path is not the same as paypal.com/long_path. Once you have spent a long time looking at URIs, it is very easy to regard.com (or.org, or co.uk) as the separator between the hostname and the path."
I agree with everything here except the part about it probably being too late to change.
The only really significant part of a domain is the second and top levels, ie the "ebay.com" in signin.ebay.com. You could change the browsers to render the URLS with second level domain first, followed by the top level domain, then the hostname, ie ebay.com.signin. Maybe make it an option in the browser. Since this would be simply the way the browser renders the hyperlink and the location bar, you wouldn't have to change DNS or anything else. The most important part of the URL (ebay) would always be first, and would make phishing attacks much easier to spot.
I think the planet of Magrathea is about 6000 light years away. When Slartibartfast was designing the Fjords and subcontracting the installation of the fake dinasour fossils, the mice who were running the factory and building the Earth realized they had a major problem:
Someone had accidently made a typo on the decimal place in the progress bar subroutines, so instead of taking about 5 to 6 thousand years, the program would take 5 million years.
The project was hopelessy behind schedule, over budget, and doomed. The only thing the mice could do was push the project in time until the program had sufficent time to complete, even before Deep Thought had been created. Deep Thought and The Answer disapeared, lost in time forever. Postcards of Deep Thought suddenly became very valuable.
No one had heard of the answer until a woman asked the question "what do you get if you multiply 6 times 7?"
A website provider tried the same thing with me a few years ago. When it came time to renew a website that I didn't need, I didn't renew it, and my credit card had expired. They automatically "renewed" me anyway and sent the bill to a collection agency. I sent them a certified letter demanding the charges be removed with a 14 day deadline. If it was not, I would file suit and my laywers would contact them. I never heard from them again. Nothing on my credit report.
Many years ago, I tried to cancel my account online. It took me about a half hour, going through menus that asked "are you sure?", "no I mean are you really-really-sure?", etc. Finally, after the last confirmation screen, it displayed a 1-800 number to call. After waiting another half hour on AOL-hold, I got to talk to an ACTUAL PERSON, who canceled my account...
Or so I thought. AOL, of course continued billing my credit card. I had to change the credit card # to get rid of AOL.
Never give any company the option for automatic payments or renewal.
Way back in 92, when I started with Unix from a DOS environment, I couldn't believe how user hostile it was, especially vi. I went to such lengths to avoid it, I ftped files to the PC so I could edit them there. Equally fustrating was the current directory wasn't in your path, and you couldn't even change the system time without rebooting the server.
Anyway, I learned how to use vi and eventually became proficient in it. Now it is installed on all of my Windows servers, and I use it there too. Quite a few of our Windows programmers prefer vi. One even has slickedit configured to emulate it.
While most of our lines to our remote servers are pretty good, we have some that would make a 9.6 look good. Small and fast is always good, no matter how many CPU cycles you have. Have you ever downloaded any of Steve Gibsons utilities at grc.com? 20k for a Windows GUI program, even in this day.
As far as the other anoyances I originally had in Unix:
In Windows, one of our system admins accidently clicked on the desktop clock and changed the "AM" to "PM" on our central server. Under NT 4.0 this change took effect immediately, which no confirmation. We didn't know what happened until servers started going down for backups in the middle of the day.
Having the current directory in the path allows someone to create a "notepad.bat" file which might be tripped over by the admin and run code of the attackers choice. Of course there are so many other ways to bust a Windows box, this probably is not used much.
The old-school ways of doing things has much to recommend it. One of the things 9/11 taught me was everything we take for granted (power, water, food), we might not have in the future.
In addition to a good book on desktop Linux, it comes with a DVD with 7 distros. The DVD also has a bootable Knoppix distro, so you can try it on your computer without installing anything.
I currently use SUSE, which comes with Open Office and a ton of other applications on the DVD. Its YAST tool is the equivilent of Windows Control panel, and is about as easy to use.
I have not used Ubuntu, but from other posts it sounds like it is worth trying.
I have also used Linspire which also has a large library of software, like Ubuntu. It can be bought preinstalled on a computer from Fryes, Walmart, Microcenter and other places. Most of these systems cost about $200-$300 dollars. If you do buy one of these preinstalled systems, make sure you upgrade the memory to at least 512m.
I have found the installation of these distros on a bare-bones system to be easier than Windows, and it has never taken more than about 1/2 hour with any of them. In most cases, hardware (sound cards, network cards, cameras, etc) is recognized by the O/S directly, without having to install drivers for it. A notable exception is the 3D video cards, which are a PITA. If you want to play 3D games, make sure you get one from Nvidea or ATI, which provide Linux drivers for their cards.
I just cut and pasted parts of serveral webpages into OO, including tables, frames, graphics, etc. Just tried it, knew it wouldn't work right, because it has never worked right in MS Office. It worked perfectly in OO, all graphics, the page layout, everything... just with Control-C/Control-V. Then I saved it as a PDF file.
I guess there is a gap...
Slashdot Mirror
I wish I had some mod points so I could make this funny
Why the fsck is anyone still running telnet?
Sounds like something "Weird Al" Yankovic could use in his next CD. If he does, you might have to sue him for copyright infringment.
I once wrote a $19 shareware program in the days before the internet. It was fully functional for 30 days. Other than the single popup when the program started, there was no nag screens. The key was a trivial 4 or 5 digit number based on the users name, and stored in a .ini file in a obvious location. If you wanted to extend the 30 days of the trial, you could simply delete the ini file. Despite the trivial nature of the protection, I still received a decent number of registrations. Remember, this was before the internet (and widespread use of email), and users had to actually write paper checks and snail mail them to me. I also snail mailed the keys to them.
If you wanted to distribute a registered version of the program, you could simply include the ini file from one that was already registered. However, my protection scheme also had one additional feature which protected against piracy, and has been very successfully used by a number of other venders. When you registered, the key was made from your name, and registered copies displayed your name in the window title. Thus, if you had a pirated copy, it would show someone elses name, and if you used the program a lot, having someone elses name would probably annoy you enough to go ahead and spend the $19 for your own copy. Similar techniques have worked very well for other shareware companies such as jpsoft and dreamquest software.
I have a safe with the combo supplied by the manufacturer. There is no way to change it, which supprised me. Of course, you also need a key. I hope they have more than a few of them...
600 Windows servers. Run TZEDIT instead of using the MS patch, and export the registry file with the changes. Same registry file works for Win2k and W2k3. Import it using regedit -s in a batch file, along with a reboot and deploy using NetIQ.
Total time to generate dst.reg: 15 minutes.
Total time to write batch file: 15 minutes.
Total time to deploy using NetIQ and scheduling reboots: About 1 week, but most is automated, and only a few hours actual work is required.
On the other hand, updating the Java classes and data dictionary in the Oracle databases on these servers will be pretty gnarly.
The trick is to target the one vulnerability all spammers have: A website to sell their goods. All spam messages have a link where you click to buy the viagra, invest in Nigerian hedge funds, etc.
This vulnerability could be renlentessly attacked by ISPs, where each filtered spam generates an automatic "opt out" message to the website contained in the email. Kind of like bluefrog, with attitude. The beauty of it is, unlike bluefrog, there is no single point the spammers can attack, since individual ISPs would be generating the opt out requests instead of a single website.
Right now, a spammer only has to process the requests from the spam that actually gets through and is responded to. If this is implemented, the spammer would have to process (or ignore) every spam sent out by one of his zombies. Kind of a Self-Denial of Service attack.
When you have to process 18,000 requests a day, your hardware and bandwidth costs are minimal. If you had to process all 18,000,000 your zombies sent out, your costs would be considerably higher, and it might make spamming somewhat less profitable.
Every one of us has something we use daily that generates massive supplies of waste heat - our car engines. Instead of releasing it to the atmosphere with radiators and fans, couldn't we convert some of it to electricity with some sort of small turbine? If we did that, we could use it to help power the car with a hybrid motor. Kind of like regenerative braking, but the energy source is constant. I would love to get that extra heat as torque for my Camaro! Maybe I could get on dragtimes.com
If I remember right, it was a Mac.
The big problem with "commodity hardware" is it breaks all the time. If a system is using a shared-nothing approach, then all of the commodity servers and storage arrays have to be available or the query will fail. Thus, if you have 10 servers and storage arrays participating in a shared-nothing approach, if any one of those servers goes down, the query will fail. Having a large amount of moving parts (commodity hardware) involved in any operation makes the MTBF go way down.
We are preparing for a large deployment (200+ sites) of Oracle RAC clusters on commodity hardware, in which we fully expect servers and the shared storage to fail on a regular basis. Our most recent test of this configuration involved yanking the power cord from the shared array while the database was up. It is a realistic test, and we expect to see something similar in production within a few months of deployment.
One of the biggest misconceptions about the redundancy technologies is that it is actually truly redundant. For example, that RAIDed storage array you have? The RAID protects against the failure of a single hard drive (more if you have hot spares). However, your database is toast if someone forgot to turn off write cache (the default on most arrays) and your battery goes bad. Or if your SAN "panics" and loses a 600GB LUN. Or if your controller goes bezerk and starts writing corrupt archivelogs without any error messages?
How to achieve redundancy:I would never deploy anything with a "shared-nothing" approach on commodity hardware. It is just too likely to fail.
Chevy. (and also Midas)
I bought a 2000 S-10 pickup from them, and took it into Midas when the front brake started squeaking. I figured it needed new pads. I had about 2 weeks left under the 3 year warrenty, and things like brake pads typically aren't covered. The Midas guy told me the reason the pads were worn was because of the brake caliper, and advised me to take it to the dealer to see if the might cover some of the repair under warrenty. Not only did they cover 100% with no questions asked (remember, 2 weeks left on it), but also gave me a free rental car. The Midas guy charged me about $10 for the visit.
I have always given one months notice, and used all of that time for turnover, documentation, and training, every time. I have even been hired back to the same companies I left (for considerably more money) twice. If you do people good, good will usually come back to you.
I remember that too. When my Win95 upgrade got hosed, and I needed to reinstall it, I called Microsoft (you could actually call them on the phone then) and their tech was very helpful. In order to use the upgrade CD for a full reiinstallation, I had to:
It worked great for a few years until I got a new computer
The last easy Windows install I had was about in 1998. Back then I also installed Red Hat 6 (anyone remember disk druid?), and what a PITA.
Now, things have changed. While every recent Windows installation has been a PITA (doesn't write boot sector, only will install 2nd HD as drive "E:", can't get video drivers to work with anything other than 640x480), about 30 reboots, etc), every Linux install (except one upgrade) I have done recently (Red Hat 8, SUSE 9 and 10, Mandrake 10, Linspire on 3 different systems) has been a piece of cake. All hardware detected, all applications installed in less than 1 hour. The hardest part of the Linux installations has been to change the CDs.
I agree. There was another post on /. http://it.slashdot.org/article.pl?sid=07/01/26/132 5228 by TheRaven64 pertaining to phishing:
"The real problem is that hostnames are written back to front. JANET in the UK used to write hostnames in the correct order, so this story would have been on org.slashdot.it. At each stage, you have progressive refinement. Writing hostnames the opposite way to filesystem paths (including those written after the hostname) makes no sense, and is just bad UI design. It's probably too late to switch now, but it would be much easier for a user to spot that com.phisher.com.paypal/long_path was not the same as com.paypal/long_path than it is to spot that paypal.com.phisher.com/long_path is not the same as paypal.com/long_path. Once you have spent a long time looking at URIs, it is very easy to regard .com (or .org, or co.uk) as the separator between the hostname and the path."
I agree with everything here except the part about it probably being too late to change.
The only really significant part of a domain is the second and top levels, ie the "ebay.com" in signin.ebay.com. You could change the browsers to render the URLS with second level domain first, followed by the top level domain, then the hostname, ie ebay.com.signin. Maybe make it an option in the browser. Since this would be simply the way the browser renders the hyperlink and the location bar, you wouldn't have to change DNS or anything else. The most important part of the URL (ebay) would always be first, and would make phishing attacks much easier to spot.
I think the planet of Magrathea is about 6000 light years away. When Slartibartfast was designing the Fjords and subcontracting the installation of the fake dinasour fossils, the mice who were running the factory and building the Earth realized they had a major problem:
Someone had accidently made a typo on the decimal place in the progress bar subroutines, so instead of taking about 5 to 6 thousand years, the program would take 5 million years.
The project was hopelessy behind schedule, over budget, and doomed. The only thing the mice could do was push the project in time until the program had sufficent time to complete, even before Deep Thought had been created. Deep Thought and The Answer disapeared, lost in time forever. Postcards of Deep Thought suddenly became very valuable.
No one had heard of the answer until a woman asked the question "what do you get if you multiply 6 times 7?"
Then the Vogons arrived...
You can find get a Linux system at http://www.custombarebones.com/ for under $400.
A website provider tried the same thing with me a few years ago. When it came time to renew a website that I didn't need, I didn't renew it, and my credit card had expired. They automatically "renewed" me anyway and sent the bill to a collection agency. I sent them a certified letter demanding the charges be removed with a 14 day deadline. If it was not, I would file suit and my laywers would contact them. I never heard from them again. Nothing on my credit report.
Many years ago, I tried to cancel my account online. It took me about a half hour, going through menus that asked "are you sure?", "no I mean are you really-really-sure?", etc. Finally, after the last confirmation screen, it displayed a 1-800 number to call. After waiting another half hour on AOL-hold, I got to talk to an ACTUAL PERSON, who canceled my account...
Or so I thought. AOL, of course continued billing my credit card. I had to change the credit card # to get rid of AOL.
Never give any company the option for automatic payments or renewal.
Try slickedit or kedit. Kedit emulates IBM xedit on Windows, and includes almost all of the kedit and ISPF functions.
Slickedit runs on about any O/S and emulates everything including ISPF and VI.
You can get either at http://www.programmers.com./
Slickedit is more powerful but expensive. If you are using windows, kedit can be run from a floppy or pen drive, and is cheaper.
Way back in 92, when I started with Unix from a DOS environment, I couldn't believe how user hostile it was, especially vi. I went to such lengths to avoid it, I ftped files to the PC so I could edit them there. Equally fustrating was the current directory wasn't in your path, and you couldn't even change the system time without rebooting the server.
Anyway, I learned how to use vi and eventually became proficient in it. Now it is installed on all of my Windows servers, and I use it there too. Quite a few of our Windows programmers prefer vi. One even has slickedit configured to emulate it.
While most of our lines to our remote servers are pretty good, we have some that would make a 9.6 look good. Small and fast is always good, no matter how many CPU cycles you have. Have you ever downloaded any of Steve Gibsons utilities at grc.com? 20k for a Windows GUI program, even in this day.
As far as the other anoyances I originally had in Unix:
The old-school ways of doing things has much to recommend it. One of the things 9/11 taught me was everything we take for granted (power, water, food), we might not have in the future.
In addition to a good book on desktop Linux, it comes with a DVD with 7 distros. The DVD also has a bootable Knoppix distro, so you can try it on your computer without installing anything.
I currently use SUSE, which comes with Open Office and a ton of other applications on the DVD. Its YAST tool is the equivilent of Windows Control panel, and is about as easy to use.
I have not used Ubuntu, but from other posts it sounds like it is worth trying.
I have also used Linspire which also has a large library of software, like Ubuntu. It can be bought preinstalled on a computer from Fryes, Walmart, Microcenter and other places. Most of these systems cost about $200-$300 dollars. If you do buy one of these preinstalled systems, make sure you upgrade the memory to at least 512m.
I have found the installation of these distros on a bare-bones system to be easier than Windows, and it has never taken more than about 1/2 hour with any of them. In most cases, hardware (sound cards, network cards, cameras, etc) is recognized by the O/S directly, without having to install drivers for it. A notable exception is the 3D video cards, which are a PITA. If you want to play 3D games, make sure you get one from Nvidea or ATI, which provide Linux drivers for their cards.
I just cut and pasted parts of serveral webpages into OO, including tables, frames, graphics, etc. Just tried it, knew it wouldn't work right, because it has never worked right in MS Office. It worked perfectly in OO, all graphics, the page layout, everything... just with Control-C/Control-V. Then I saved it as a PDF file. I guess there is a gap...