I don't have the time to hack this modification to Xvnc, but wouldn't it be possible to change it and the viewer to be rootless?
This would require a slight extension to the RFB protocol to be able to send window size updates at any time, as well as a client that could support multiple distinct windows. Each time an X client opens a new window, the Xvnc server would send a new geometry/window ID to the client.
There's probably a more elegant way to do this (perhaps a control connection and multiple RFB connections, a la FTP). Just some thoughts from someone who refuses to use non-rootless X servers on Win32.:)
I have a dell 2000FP LCD monitor that I'm using with an analog input right now. The image looks fine at 1600x1200 with my old matrox millenium II card.
I'm curious to see if anyone has gotten the 2000FP's DVI input to work with more modern 3D cards at 1600x1200 in Linux. In particular, I'd like to know which cards actually work at this resolution in DVI mode. Thanks!
This has already happened. Customers who buy large machines to consolidate tons of small servers onto one or more larger, more expensive and reliable systems, have found this. It's not only the hardware configuration, but also software. If you run vendor X's software on your machine, you can only run vendor X's software on that machine. Install anything else and you risk losing your support contract.
In some limited cases (e.g. servers that cost a million bucks), this makes a lot of sense. It's a configuration that you know will work. If it doesn't work, you know that your configuration is supported by your vendor, can be replicated and can be debugged.
I think we'd both agree that this sort of limitation is bad for average (home) PCs. Maybe my desktop or my personal web server can handle a little downtime. A machine that handles revenue for my company is an entirely different matter. That machine has to work and I'm willing to accept limitations on what I can do with it in order to guarantee that it will function.
Not to mention, the bug that actually causes X to crash isn't in mozilla, but a support library for the X server, itself. Mozilla may have been patched, but the root cause is still there and can be trigged by other applications. I don't call that "fixed". Here's a bugtraq post on the real problem:
It makes very little sense to me that an application should be able to bring down the X server because it made a library call with an obviously bad parameter. If the library can verify it, it should. Furthermore, it should return an error value and Mozilla should check it. It shouldn't have to abort().
So maybe AT&T has made up for the cost of the cable modems, but not the cost of maintaining their network. So they no longer need to charge extra for leasing a modem, but they need to recoop charges from everyone to pay for the network. 24 months * $10 = $240, which should pay for a pretty nice cable modem.:-)
I don't see why people who own their cable modems have to have a devine right to lower priced service, particularly if it doesn't cost the cable company more.
And at the age of 16, (some?) Amish are encouraged to try technology, drugs, etc... for a few years and are then given the choice of returning to Amish traditions. Here's an interview on the topic (interview one one who decided NOT to go back) from This American Life a few weeks ago:
I have noticed that when the microwave is on (and my laptop is in the kitchen with me), things like telnet sessions on 802.11 work fine. However, applications that require transfering longer packets (for instance, MP3 streams) get clobbered. I suspect that this because the longer the packet is, the greater chance it has of being corrupted.
Do Jornada's still have the reset button on the top of the keyboard, right next to the left shift key?
It didn't take long for me to realize why the designers put it there. I crashed a new one several times in a period of about 15 minutes. Granted, this was my roommate's toy, three years ago. I hope the robustness of the hardware/wince has gotten better since then, but this was somewhat disconcerting.
I'd disconnect the reset button from the motherboard, if possible. A pair of scissors can also help render the reset button useless. I do this to protect against myself.:-)
As far as the CD-ROM drive goes, you might be able to write a little program that locks the drive. If you're doing this under Windows, this documentation looks helpful (beware, the lameness filter added spaces to the URL):
> Why don't they already prevent use of pre-SP1 patches then?
Probably because they're changing their policy now, not yesterday, and they'd have to re-qualify and re-release older patches in order to do this. That's a big deal.
> I can only see the Service Pack blocking software updates by means of collaberation with Windows Update. It can't see it preventing use of patches created in the future that it can't know about yet without scanning all executables run on the system for a tell tale "MS Official Patch" signature or whatever.
I don't see how windows update needs to be a part of this. Every patch has an integrated installer. Why can't Microsoft (a) require SP1 to be installed (certainly not unheard of in the world of software patches) and (b) require that SP1 has validated the installation key? I don't see where the Windows Update utility needs to fit in here. There are plenty of other variants on this idea. You could also have each patch check the validity of the registration number, just as the service pack must do. This is probably not a complex check.
So, what, MS is morally obligated to give their software away for free to keep the Internet secure?
Sure, why not? They are releasing a buggy product that periodically becomes a menace to the internet (pirated or not). They should take steps to correct the damage that has been caused because of their product. These patches aren't costly in comparison to the damage that a swarm of infected XP machines could cause. In the same way that we have support services for drug users (in many cases, drug use is illegal), the internet community should make updates available so that these users won't be a menace to me or themselves.
The problem with Code Red wasn't software pirates, it was (and is) ordinary users who either don't know enough to keep their bug patches up-to-date, or don't care.
The point is now, they can't keep their patches up-to-date. I think that is a crime. We still have X thousand machines infected with Code Red (I recently from some Berkeley research that X ~= 2). X will be much larger for future attacks because of this change.
Permitting and even encouraging unpatched machines is a bad policy. Pirated software or not, the machines are a hazard to local networks and the internet as a whole. They serve as launching points and targets for worms and viruses. I believe it is irresponsible to leave these machines on the internet, but it is even more responsible to deny them patches. If not for the sake of their machine, then for the sake of MY machine and my email quota.
This is similar giving fresh needles to drug users. It is not just to protect the users, but also those around them who would otherwise share dirty needles. Is it just helping the pirates (drug users)? No way! It's better for the your network (your adventureous son/daughter), too.
I understand that some people would prefer not to deal with these problems in this way and it's okay to disagree. I'm surprised to see my comment moderated as a troll. Everyone take off your blinders for a second and think a little about the problem.
Microsoft has made a horrible mistake in this update. It disables further updates/patches for users who run XP with pirated activation numbers. I think this is horribly irresponsible, because the people who pirate are probably never going to pay for the full product. As a result, not only will they suffer from not having security udpates, but the rest of the internet will suffer from their vulnerable machines when the next Code Red comes around.
Personally, I do not run unlicensed software, but the people I know who do pirate software are more than willing to run a vulnerable machine, rather than pay money to keep from being a public nuisance.
It's not just stupid users. Maybe they buy a copy machine like the Xerox DocuTech. It's a powerful high-end copier. It's also not just a copy machine. It has an NT box and a Sparc running Solaris built into it. It also comes out of the manufacturer, wide open with security holes, trivial passwords and unpatched software. If you try to patch them and then ever have as service issue (don't tell me that things don't break), Xerox will gladly reinstall all of the loaded software. Bye bye, patches and passwords.
It's not just stupid users. Somebody chose this machine for the business and it's something that they NEED in order to function. Not only that, they may not have a (practical) way to keep it secure when you look at how the machine is really used. I'd sugggest reading the entire thread, because there are more juicy details into the security problems and politics associated with big machines like these.
To throw another wrench at you: MP may also mean Message Passing. Such a machine may only communicate via messages over some interconnect (e.g. a network). Each machine has its own private memory address space and hardware resources. It's what you generally think of when you think "cluster". This is entirely different from a shared memory multiprocessor, where all of the processors have access to a global address space.
Just because IBM sells something doesn't mean it's blessed. Take this RISKS story:
http://catless.ncl.ac.uk/Risks/12.44.html#subj7
The RISKS digest has a lot of good material. Like any journal, mailing list, bulletin site, etc... that allows opinon there are going to be things that you might not agree with. I'll admit that that particular article wasn't one of the highlights of the list. The author does have good points, however. OSS is generally NOT put up to the same design methodology or testing standards as the software running on a Boeing 777. There is a big difference from using a Linux workstation to handin a CS assignment (upon which my life does not depend) and having Linux make sure flaps still work. After all, you aren't going to download and install the latest kernel patch for your flaps between takeoff and landing.
It handles dependencies by stalling, if necessary. A true VLIW wouldn't do this. Intel took a whole bunch of good architecture ideas, and then tied themselves to a wall with requirements for compatibility and a desire to shove more features into the package.
You'd think that starting out with a new architecture/ISA, they'd at least try to keep it simple and then let it grow hairy with age.:)i
How much heat do the XBoxes generate? Are they going to become unstable if you put too many in a warm room? I have never seen an XBox, but I remember hearing about a lot of heat-related problems with the PS2 when it first came out.
Here at CMU, we have dollar movies 4 times a week in a theater with good sound. We also have a wireless network throughout campus. In the past, I have been guilty of bringing my laptop to movies so I can code while waiting in line (shouldn't I be talking with friends? Maybe). I haven't done this in a long time, however.
I saw a number of other people with laptops and I found it incredibly distracting -- even before the movie, when the lights are on. When the lights are out, it's even worse. It's not like a cell phone that runs four times before someone finally shuts it off. If you sit behind it, you can't help but glance at the glowing screen. It doesn't matter whether you're in the row just behind the person, or twenty rows back, it's still annoying.
I'd also say similar things about people who bring their laptops to class and browse the web without listening, while in the front row, but I'm rambling now.:) In short, be polite. If you don't want to watch the movie or participate in class, go to sleep or go away. Don't distract the rest of us who care.
Slashdot Mirror
I don't have the time to hack this modification to Xvnc, but wouldn't it be possible to change it and the viewer to be rootless?
:)
This would require a slight extension to the RFB protocol to be able to send window size updates at any time, as well as a client that could support multiple distinct windows. Each time an X client opens a new window, the Xvnc server would send a new geometry/window ID to the client.
There's probably a more elegant way to do this (perhaps a control connection and multiple RFB connections, a la FTP). Just some thoughts from someone who refuses to use non-rootless X servers on Win32.
It's probably a tax writeoff.
I have a dell 2000FP LCD monitor that I'm using with an analog input right now. The image looks fine at 1600x1200 with my old matrox millenium II card.
I'm curious to see if anyone has gotten the 2000FP's DVI input to work with more modern 3D cards at 1600x1200 in Linux. In particular, I'd like to know which cards actually work at this resolution in DVI mode. Thanks!
This has already happened. Customers who buy large machines to consolidate tons of small servers onto one or more larger, more expensive and reliable systems, have found this. It's not only the hardware configuration, but also software. If you run vendor X's software on your machine, you can only run vendor X's software on that machine. Install anything else and you risk losing your support contract.
In some limited cases (e.g. servers that cost a million bucks), this makes a lot of sense. It's a configuration that you know will work. If it doesn't work, you know that your configuration is supported by your vendor, can be replicated and can be debugged.
I think we'd both agree that this sort of limitation is bad for average (home) PCs. Maybe my desktop or my personal web server can handle a little downtime. A machine that handles revenue for my company is an entirely different matter. That machine has to work and I'm willing to accept limitations on what I can do with it in order to guarantee that it will function.
http://online.securityfocus.com/archive/1/276350
It makes very little sense to me that an application should be able to bring down the X server because it made a library call with an obviously bad parameter. If the library can verify it, it should. Furthermore, it should return an error value and Mozilla should check it. It shouldn't have to abort().
So maybe AT&T has made up for the cost of the cable modems, but not the cost of maintaining their network. So they no longer need to charge extra for leasing a modem, but they need to recoop charges from everyone to pay for the network. 24 months * $10 = $240, which should pay for a pretty nice cable modem. :-)
I don't see why people who own their cable modems have to have a devine right to lower priced service, particularly if it doesn't cost the cable company more.
And at the age of 16, (some?) Amish are encouraged to try technology, drugs, etc... for a few years and are then given the choice of returning to Amish traditions. Here's an interview on the topic (interview one one who decided NOT to go back) from This American Life a few weeks ago:
http://www.thislife.org/ra/213.ram
I have noticed that when the microwave is on (and my laptop is in the kitchen with me), things like telnet sessions on 802.11 work fine. However, applications that require transfering longer packets (for instance, MP3 streams) get clobbered. I suspect that this because the longer the packet is, the greater chance it has of being corrupted.
This particular Jornada was what they now call a "handheld PC". At the time, I wasn't aware of any "pocket PC" models (ones without a minikeyboard).
Do Jornada's still have the reset button on the top of the keyboard, right next to the left shift key?
It didn't take long for me to realize why the designers put it there. I crashed a new one several times in a period of about 15 minutes. Granted, this was my roommate's toy, three years ago. I hope the robustness of the hardware/wince has gotten better since then, but this was somewhat disconcerting.
I'd disconnect the reset button from the motherboard, if possible. A pair of scissors can also help render the reset button useless. I do this to protect against myself. :-)
k b; EN-US;q168180
As far as the CD-ROM drive goes, you might be able to write a little program that locks the drive. If you're doing this under Windows, this documentation looks helpful (beware, the lameness filter added spaces to the URL):
http://support.microsoft.com/default.aspx?scid=
> Why don't they already prevent use of pre-SP1 patches then?
Probably because they're changing their policy now, not yesterday, and they'd have to re-qualify and re-release older patches in order to do this. That's a big deal.
> I can only see the Service Pack blocking software updates by means of collaberation with Windows Update. It can't see it preventing use of patches created in the future that it can't know about yet without scanning all executables run on the system for a tell tale "MS Official Patch" signature or whatever.
I don't see how windows update needs to be a part of this. Every patch has an integrated installer. Why can't Microsoft (a) require SP1 to be installed (certainly not unheard of in the world of software patches) and (b) require that SP1 has validated the installation key? I don't see where the Windows Update utility needs to fit in here. There are plenty of other variants on this idea. You could also have each patch check the validity of the registration number, just as the service pack must do. This is probably not a complex check.
Permitting and even encouraging unpatched machines is a bad policy. Pirated software or not, the machines are a hazard to local networks and the internet as a whole. They serve as launching points and targets for worms and viruses. I believe it is irresponsible to leave these machines on the internet, but it is even more responsible to deny them patches. If not for the sake of their machine, then for the sake of MY machine and my email quota.
This is similar giving fresh needles to drug users. It is not just to protect the users, but also those around them who would otherwise share dirty needles. Is it just helping the pirates (drug users)? No way! It's better for the your network (your adventureous son/daughter), too.
I understand that some people would prefer not to deal with these problems in this way and it's okay to disagree. I'm surprised to see my comment moderated as a troll. Everyone take off your blinders for a second and think a little about the problem.
Personally, I do not run unlicensed software, but the people I know who do pirate software are more than willing to run a vulnerable machine, rather than pay money to keep from being a public nuisance.
http://online.securityfocus.com/archive/1/273029
It's not just stupid users. Somebody chose this machine for the business and it's something that they NEED in order to function. Not only that, they may not have a (practical) way to keep it secure when you look at how the machine is really used. I'd sugggest reading the entire thread, because there are more juicy details into the security problems and politics associated with big machines like these.
You could even embed a virus inside an MP3! Winamp might even execute it in a vulnerable webbrowser for you:
0 20 4/284.html
http://msgs.securepoint.com/cgi-bin/get/bugtraq
Remove the space that slashdot lovingly inserts in the URL.
To throw another wrench at you: MP may also mean Message Passing. Such a machine may only communicate via messages over some interconnect (e.g. a network). Each machine has its own private memory address space and hardware resources. It's what you generally think of when you think "cluster". This is entirely different from a shared memory multiprocessor, where all of the processors have access to a global address space.
Just because IBM sells something doesn't mean it's blessed. Take this RISKS story:
http://catless.ncl.ac.uk/Risks/12.44.html#subj7
The RISKS digest has a lot of good material. Like any journal, mailing list, bulletin site, etc... that allows opinon there are going to be things that you might not agree with. I'll admit that that particular article wasn't one of the highlights of the list. The author does have good points, however. OSS is generally NOT put up to the same design methodology or testing standards as the software running on a Boeing 777. There is a big difference from using a Linux workstation to handin a CS assignment (upon which my life does not depend) and having Linux make sure flaps still work. After all, you aren't going to download and install the latest kernel patch for your flaps between takeoff and landing.
It handles dependencies by stalling, if necessary. A true VLIW wouldn't do this. Intel took a whole bunch of good architecture ideas, and then tied themselves to a wall with requirements for compatibility and a desire to shove more features into the package.
:)i
You'd think that starting out with a new architecture/ISA, they'd at least try to keep it simple and then let it grow hairy with age.
How much heat do the XBoxes generate? Are they going to become unstable if you put too many in a warm room? I have never seen an XBox, but I remember hearing about a lot of heat-related problems with the PS2 when it first came out.
Here at CMU, we have dollar movies 4 times a week in a theater with good sound. We also have a wireless network throughout campus. In the past, I have been guilty of bringing my laptop to movies so I can code while waiting in line (shouldn't I be talking with friends? Maybe). I haven't done this in a long time, however.
:) In short, be polite. If you don't want to watch the movie or participate in class, go to sleep or go away. Don't distract the rest of us who care.
I saw a number of other people with laptops and I found it incredibly distracting -- even before the movie, when the lights are on. When the lights are out, it's even worse. It's not like a cell phone that runs four times before someone finally shuts it off. If you sit behind it, you can't help but glance at the glowing screen. It doesn't matter whether you're in the row just behind the person, or twenty rows back, it's still annoying.
I'd also say similar things about people who bring their laptops to class and browse the web without listening, while in the front row, but I'm rambling now.
Not if AT&T has its way. One cable with everything, including phone. :-)
"Is that liquid nitrogen?"
-- Asked as the older guy is cutting a slice of a solid, frozen object