Wasn't Action Quake II just a mod for Quake II? There are plenty of great Quake III TCs.
Quake II was a decent game, but it only gently improved (if you can call it that) on Quake I. On the other hand, Quake III was a giant step forward (at least in terms of graphics and AI). IMO Q1 stands head and shoulders above 2 and 3, so de-empasize the "Quake 3" part of my ?!?!?!;)
The Pokemon games were really good. I'd place Pokemon red/blue under as my third or fourth favorite RPG of all time, and I didn't play it until I was 21.
The PDF spec is open, and fairly simple. I wrote my own PDF output code in less than a week, with the benefit that the PDFs were much smaller than those generated by general-purpose converters.
The marginal cost of all software is almost $0, because it costs almost nothing to copy bits. Just because Microsoft gouges you $X to do that copying doesn't mean that the bits are of any greater quality; Microsoft has poured loads of cash into developing its products, and the Free Software / Open Source folks have poured loads of volunteer time (and sometimes, cash) into developing their software. You might look at the amount of effort that has gone into creating each, and then try to apply the get-what-you-pay-for adage to that, but applying it to the price of the box on the shelf is ludicrous.
I'd say that humans over 0 are the biggest online gamers.
Re:Maybe time to drop this "securitier than thou"
on
Remotely Crash OpenBSD
·
· Score: 1
If they want a system with users, it helps to not turn then away by being rude and dismissive. Users are good for lots of goals, because users find, report, and sometimes fix bugs. If they want cooperation from other OS/app writers, it helps to be less competitive. I know these aren't *directly* on the list, but surely they contribute indirectly to the goals.
Just as you defend Theo's right to say things like that, should I not also have the right to call him on his attitude?
Whenever someone charges your credit card without authorization, you have the recourse of telling your credit card company to deny the charges. They'll start an investigation in which the charger will have to prove (to some measure of proof which probably varies from cc company to cc company) that you requested the charge and that the services/goods were rendered/delivered.
The few times I've done this (with American Express) I've gotten the charges refunded with very little work on my part. YMMV, but it has a good shot of working, and it puts the onus on MS Live to get the money rather than on you.
Assembly is an impediment to understanding high-level issues. While I agree 100% that any good CS program should include some discussion of assembly and systems programming (at least a few semesters), there is so much more to CS than systems hacking. There is no way that a whole modern CS curriculum should be taught in assembly language.
As a starting language it's really a matter of preference: the bottom-up method gets you really understanding the machine (and really yearning for more convenient tools), but it is a slow, painful start. The things you learn are less general and will be less applicable years down the line. On the other hand, learning a high level language can leave you in the dark about what's going on under the hood, which means that some aspects of what you're doing will seem like "magic". For you efficiency addicts, this can mean less efficient code. On the other hand, the world will have fewer efficiency addicts!
However, I think that assembly will turn a lot of people off of programming that could otherwise be interested in the subject and perhaps productive programmers, if not cowboy kernel hackers.
After all, who needs a bug to d0s someone from the face of the earth?
I dunno, man, winnuke was a big problem on our campus in 98(?). It's so much easier to crawl through a block of IPs sending a few packets than to DOS the whole netblock. You can even do it from a modem in a few minutes.
Re:Maybe time to drop this "securitier than thou"
on
Remotely Crash OpenBSD
·
· Score: 1
But they are "securitier than thou." You're pretty much asking them to change their focus, do you think that security is a bad goal?
Maybe you need to get out of this sports mentality and stop feeling inadequate when another "team" is doing better in one area than your favorite?
It's fine to have security as your focus. In fact, that's great. What turns me off is the attitude that OpenBSD is axiomatically more secure. The response from TdR shouldn't be "it's just a crash." It should be, "Man, we screwed up! It will be fixed right away. Good thing there seems to be no way to execute code." And then they should look at how this bug got in there, and figure out how they can make sure that kind of bug doesn't happen again.
IMO they should also get rid of this ridiculous "no (well, one) (remote) (root-privilege) holes (in the default install) in the last 7 years!" business. It's just too confrontational; how can we help but think of them as another "team" trying to beat us at the security "sport"?
I don't really understand how having more ports open makes you more visible for DOS. What kind of attack are you thinking of? Where some guy just picks a random IP address and port number and, if that port is open, starts sending packets?
Anyway, the whole point of this system is to make you less "visible" in the sense of fewer open-looking ports. Nobody said that the knocking ports have to even be listening; the kernel could be silently recording the SYN and responding with RST. This hides some unused ports (the ones you say increase "visibility") and also hides ports with real services on them--and THAT makes a difference.
Maybe time to drop this "securitier than thou" ?
on
Remotely Crash OpenBSD
·
· Score: 0, Troll
With the attitude those guys have, it's almost as amusing to hear about an OpenBSD exploit than a WinXP one!
My question is how much better is it than simply moving your services to non-standard ports?
Quite a bit better, since it is easy to scan 65k ports serially to see which ones are listening, but much harder to scan a jillion combination of port sequences to see which ones are listening.
God damn, if I hear one more of you go, "this is just security through obscurity!" I am going to puke. This is the same as cleartext passwords, which are pretty secure if (a) you know nobody is sniffing the network and (b) you know nobody is masquerading as the host you want to connect to. Of course those things aren't typically true, so this alone isn't very secure. But it does disguise your exchange which, contrary to what the security-through-obscurity folks are saying, does give you some small measure of security.
This is just a way of encoding some bit transfer in the IP protocol instead of in the beginning of whatever protocol you're using after the connection. You could also use it to send cryptographic credentials which could be as secure as any other protocol (plus some extra security by obscurity). The only problem with that is that you need a way to send back information via TCP (because most good authentication protocols are two-way), but I think you need that anyway in order to serialize your knocks.
Slashdot Mirror
Yeah, well, he was right to give up as soon as he got to that Zen planet or whatever. Man, I hated that shit.
The very ending was cute, though.
"... this is only the beginning of a complicated standards problem."
I think you mean, the beginning of the problem of trying to sell people something they don't want, and already get along fine without.
I'm pretty sure Doom and Quake would have been successes without demos.
Wasn't Action Quake II just a mod for Quake II? There are plenty of great Quake III TCs.
;)
Quake II was a decent game, but it only gently improved (if you can call it that) on Quake I. On the other hand, Quake III was a giant step forward (at least in terms of graphics and AI). IMO Q1 stands head and shoulders above 2 and 3, so de-empasize the "Quake 3" part of my ?!?!?!
The Pokemon games were really good. I'd place Pokemon red/blue under as my third or fourth favorite RPG of all time, and I didn't play it until I was 21.
The PDF spec is open, and fairly simple. I wrote my own PDF output code in less than a week, with the benefit that the PDFs were much smaller than those generated by general-purpose converters.
These voters are fucken insane.
Quake 2 beats both Quake 1 and Quake III?
Mario Kart 64 beats Super Mario Kart?!?!
The marginal cost of all software is almost $0, because it costs almost nothing to copy bits.
Just because Microsoft gouges you $X to do that copying doesn't mean that the bits are of any greater quality; Microsoft has poured loads of cash into developing its products, and the Free Software / Open Source folks have poured loads of volunteer time (and sometimes, cash) into developing their software. You might look at the amount of effort that has gone into creating each, and then try to apply the get-what-you-pay-for adage to that, but applying it to the price of the box on the shelf is ludicrous.
Yeah, ok, big deal... but did they descend from aliens?
One of the reasons to use linux is its lack of DRM. I'm sure I'm not alone in this sentiment.
I'd say that humans over 0 are the biggest online gamers.
If they want a system with users, it helps to not turn then away by being rude and dismissive.
Users are good for lots of goals, because users find, report, and sometimes fix bugs.
If they want cooperation from other OS/app writers, it helps to be less competitive. I know these aren't *directly* on the list, but surely they contribute indirectly to the goals.
Just as you defend Theo's right to say things like that, should I not also have the right to call him on his attitude?
Whenever someone charges your credit card without authorization, you have the recourse of telling your credit card company to deny the charges. They'll start an investigation in which the charger will have to prove (to some measure of proof which probably varies from cc company to cc company) that you requested the charge and that the services/goods were rendered/delivered.
The few times I've done this (with American Express) I've gotten the charges refunded with very little work on my part. YMMV, but it has a good shot of working, and it puts the onus on MS Live to get the money rather than on you.
Assembly is an impediment to understanding high-level issues. While I agree 100% that any good CS program should include some discussion of assembly and systems programming (at least a few semesters), there is so much more to CS than systems hacking. There is no way that a whole modern CS curriculum should be taught in assembly language.
As a starting language it's really a matter of preference: the bottom-up method gets you really understanding the machine (and really yearning for more convenient tools), but it is a slow, painful start. The things you learn are less general and will be less applicable years down the line. On the other hand, learning a high level language can leave you in the dark about what's going on under the hood, which means that some aspects of what you're doing will seem like "magic". For you efficiency addicts, this can mean less efficient code. On the other hand, the world will have fewer efficiency addicts!
However, I think that assembly will turn a lot of people off of programming that could otherwise be interested in the subject and perhaps productive programmers, if not cowboy kernel hackers.
After all, who needs a bug to d0s someone from the face of the earth?
I dunno, man, winnuke was a big problem on our campus in 98(?). It's so much easier to crawl through a block of IPs sending a few packets than to DOS the whole netblock. You can even do it from a modem in a few minutes.
But they are "securitier than thou." You're pretty much asking them to change their focus, do you think that security is a bad goal?
Maybe you need to get out of this sports mentality and stop feeling inadequate when another "team" is doing better in one area than your favorite?
It's fine to have security as your focus. In fact, that's great. What turns me off is the attitude that OpenBSD is axiomatically more secure. The response from TdR shouldn't be "it's just a crash." It should be, "Man, we screwed up! It will be fixed right away. Good thing there seems to be no way to execute code." And then they should look at how this bug got in there, and figure out how they can make sure that kind of bug doesn't happen again.
IMO they should also get rid of this ridiculous "no (well, one) (remote) (root-privilege) holes (in the default install) in the last 7 years!" business. It's just too confrontational; how can we help but think of them as another "team" trying to beat us at the security "sport"?
I don't really understand how having more ports open makes you more visible for DOS. What kind of attack are you thinking of? Where some guy just picks a random IP address and port number and, if that port is open, starts sending packets?
Anyway, the whole point of this system is to make you less "visible" in the sense of fewer open-looking ports. Nobody said that the knocking ports have to even be listening; the kernel could be silently recording the SYN and responding with RST. This hides some unused ports (the ones you say increase "visibility") and also hides ports with real services on them--and THAT makes a difference.
With the attitude those guys have, it's almost as amusing to hear about an OpenBSD exploit than a WinXP one!
This is a troll, right?
Simply opening up other ports does not make your system less secure; it's running insecure services on those ports that does.
My question is how much better is it than simply moving your services to non-standard ports?
Quite a bit better, since it is easy to scan 65k ports serially to see which ones are listening, but much harder to scan a jillion combination of port sequences to see which ones are listening.
God damn, if I hear one more of you go, "this is just security through obscurity!" I am going to puke. This is the same as cleartext passwords, which are pretty secure if (a) you know nobody is sniffing the network and (b) you know nobody is masquerading as the host you want to connect to. Of course those things aren't typically true, so this alone isn't very secure. But it does disguise your exchange which, contrary to what the security-through-obscurity folks are saying, does give you some small measure of security.
This is just a way of encoding some bit transfer in the IP protocol instead of in the beginning of whatever protocol you're using after the connection. You could also use it to send cryptographic credentials which could be as secure as any other protocol (plus some extra security by obscurity). The only problem with that is that you need a way to send back information via TCP (because most good authentication protocols are two-way), but I think you need that anyway in order to serialize your knocks.
I knew it would work!! ;)
Damn, I put my novel up online for free but hardly anyone buys it! Maybe you have to have a famous web site, too...
By "legacy and embedded systems" you mean, broadcast-flag enabled HDTV devices?
Yechh. Now we are only 50 years behind the "times" instead of 75.