FreeBSD is aimed at high end stuff. It has SMP and a bunch of perofromance twekaing that the other BSD's lack. That's why it was used for rendering Ccap for Titanic. I use OpenBSD and Linux personally.
If I were to conduct a large-scale DoS, I'd remember the ancient chinese wisdom I received from my Sensei while reflecting on the virtues of confusician network Kung-Fu in my Rice Paper(tm) meditation shack:
"Wise man may write Trin00 but any idiot with backhoe on Fiber Optic lines cause much packet loss."
I think that CERT is pointing fingers at the wrong people here. Relying on the site provider to filter hostile code from messages is naive and foolish. If a website can execute hostile code, someone WILL make a website to do it anyway. Browsers should not execute harmful code in the first place. Any code beyond trivial JavaScript needs to be cryptographically signed and then verified before being executed. Clients should warn if the code has not been signed with the certificate of the document owner (provided through a metatag [ yes i know this doesn't verify the document owner's identity ] ) itself. Pages should have the option of passing a metatag like "DisAllowTags 'IMG FONT SCRIPT EMBED'" to keep clients from attempting to parse certain tags and possibly execute code.
Although I have placed most of the blame on the browser, let me say that the client should not be the only line of defense. Servers that allow posting of external HTML should certainly filter images and scripted content.
I did like CERT's points about SSL and cookie poisoning. Has anyone generated proof of concept code or heard of this being exploited?
That's my $0.02. I'd like to hear opinions on providing
I look at MS's Linux Myths and I see that Forrester has released anti-linux stuff in the past. There is a footnote: "Forrester Research, Software Vendors Crown Server OS Kings, Aug. 31, 1999"
I currently go to school in Providence, RI. Here's my list of stuff that makes it geek-friendly:
The East Side. About 12 coffee shops within 5 blocks. Tons of ethnic food - two middle eastern restaurants literally a stone's throw apart. Two skate shops on the same block. Art festivals.
Colleges- Brown (Liberal. With pretty good CS despite liberal arts focus.) RISD (Art chicks.)
High Speed Internet Access- We got DSL and @Home.
WaterFire - Its cool
Lots of Local Computing Organizations- RIFUG (Free Unix Group), RILUG, OSFN (Freenet), Retro-computing society, ram chowder magazine....
Decent public transportation for a small city/state.
How come you guys don't come over and talk to us mere mortals when you drop by the Boston 2600 meeting? I've heard rumors its because we're (mostly) penguinheads and you guys are BSD/Solaris people?
Does this mean that my P0RN has been deregulated? Now all nations in every continent belonging to the WTO can have a fair shot at exporting their P0RN. Hmm. I wonder if the US porn industry would support a tariff on overseas electronic commerce (hard to enforce). The US industry could advocate sanctions cause they use child labor.
Despite all the media hype around the violence, I've been really excioted by the events in Seattle. Finally, it seems a large segment of the population has realized that fundamental issues, such as freedom of speech, freedom or assembly and the right to control their own government are what matter, not our own views on individual issues. The left and the right (outside of the mainstream) are both realizing that the ideas expressed in the Constitution should come before personal, moral and economic ideas. Perhaps one of the most enlightening things I heard (on tuesday) was that a local militia was considering entering the protest are to defend the protesters' rights to assemble and to free speech.
They're actually using Solaris x86 which I've heard isn't as stable as Solaris SPARC. Excellent setup, but I'd like to know if there's a way to make my Apache send a cached php page depending on cookie data.
DVD Audio is doomed. Sure, the quality rules. I'd like it. But people have a HUGE investment of money into the CD technology. People want their music to work on their car stero, their boom box and their computer. The high-end technoweenie consumer also dislikes DVD audio because it is not as portable as a handheld digital audio device (mp3man, rio, etc.). Can you imagine how much a DVDAudioMan would cost? And it would be very bulkly. You need decryption on the player. This isn't meant to start a flame war, but I think, despite the technical merits of it, DVD Audio is not a comercially viable technology. Perhaps the future of commercial audio recordings is in some encrypted mp3 standard.
Supposing I wanted to make some computer controlled robotics, what would be the best way to start? Has anyone found a Mindstorms (tm) like system but for controlling stuff hooked up to a computer through a C program. Like uhh #include
int main() {
robot arm(arm, 12, 120, 3, 2); /* 12 volts 120 hertz AC, 3 axis of movement, 2 other motors */
while (!arm.is_touching()) arm.move(1,1); // (move the arm 1 degree // along the x axis until it touches) arm.motor(2, +32767); // crush it return 0; }
This kind of system gives a small to medium size isp a chance to break the monopoly on broadband (DSL/Cable) Internet connections. In my area (SE RI/MA), (Cox) cable internet is unavailable, MediaOne RoadRunner is nonexistant, DSL is a year off, T1 is overpriced and ISDN is crappy. If an existing dialup isp implimented this technology, it would be a great way to move into the high bandwidth market. Someone doing this could force broadband companies to compete, which is good. What about security though? I assume they'll have link level encryption.
I fear problems like this. That's why I only use hardware that has established a record of reliability, like my 486/66. Gotta watch out for those newfangled processor bugs, like the Pentium Floating Point mantissa handling bug! If you need more speed just overclock your supercooled 486.
X is probably the best reason to use Linux on the desktop. I store all my porn on one machine and then have it display running on my 486/33 in my room with a projector. Its fun. Seriously though, X makes rmeote administration practical. I advise anyone who hasn't use X across their LAn for displaying stuff to do so.
BTW:: What is the difference between X.org X and XFree86?
I didn't see any stats on some kind of caching web proxy, but I'm interested in setting up some sort of caching proxy frontend to several diverse web servers. For the curious, here's what I want to set up.
The ability to map files from other servers into its url space.
I want to be able to control caching directives passed to the client. So like I could make files within/forum/ passed with no-cache to the client.
I would like the proxy to have basic methods of determining if a fresh copy of something needs to be fetched. So "If/forum/ not-cached by no-account in last 5 minutes, get new/forum/; But if client-is-user and not sent in last 3 minutes get a new forum for user"
I want to be able to manipulate cookies so that some files and cgis mapped within the server space can't get ones not intended for them (user server).
I want to be able to protect mapped URLs by password (at the load-balancer) and by ip.
How about running a https server and mapping the requests to unencrypted http servers
Here's what I want to use it to handle
A user box with some SUID user cgis and mostly static html (apache)
A Slashdot-like forum (apache w/ php/mysql)
A file archive server (thttpd)
A group of small webservers for displaying stats on from developer machines (thttpd)
A discussion forum on a mod_perl
A web-based email server (custom running on OpenBSD)
I would appreciate it if they would write an explanation of EXACTLY what information they stored. I don't care about my hardware specs. I do care if they grab my email, ip, hostname, username or personal gameplay info. (No... you cannot use my skills as a model for Quake AI)
Couldn't you just randomly add bursts of these commerical signals (but broadcast from all over the place) to basically add a lot of "noise" to the data. Sort of like/. at -1.
It seems like this measure would be one step ahead of implimenting a tracking system which would make everyone accoutnable to some central authority for all their actions on the web. Now we have some privacy, that is our names cannot easily be tied to us online. If this were implimented, our names would be tied to our actions. Just imagine this. A certain banner ad company gets your government || W3C manadated certificate. They figure out your name and do a quick credit check. Banner ad: "[your name]: Did you know that you're $65,535 in debt? Consolidate your debts. Click here." It only goes downhill from there. Suppose your employer wants to know dirt on you. They get a large content provider to tell them what websites you visit, what you search for, etc. Don't think that's possbile? Look at the number of sites Microsft Passport encompasses. Imagine if your Operating System Vendor tied your registration number for their product (and your name) into this sort of certificate when registering (or even installing) your OS and then integrated it into their Web browser. Ouch.
I am really stumped. Why would anyone pay $99 for a closed-source, unsupported, singl-architecture UNIX. Could someone wigh in on the merits of Tru64 vs. the various free UNIXs on Alpha. What Features does it have? Why should i run it (and pay $99)? xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]
I'm from Rhode Island. In our lame little state it is ILLEGAL to use false information aobut yourself on the net. Goodbye pseudonymity! Here is a shitty editorial on it xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]
Slashdot Mirror
FreeBSD is aimed at high end stuff. It has SMP and a bunch of perofromance twekaing that the other BSD's lack. That's why it was used for rendering Ccap for Titanic.
I use OpenBSD and Linux personally.
If I were to conduct a large-scale DoS, I'd remember the ancient chinese wisdom I received from my Sensei while reflecting on the virtues of confusician network Kung-Fu in my Rice Paper(tm) meditation shack:
"Wise man may write Trin00 but any idiot with backhoe on Fiber Optic lines cause much packet loss."
I think that CERT is pointing fingers at the wrong people here. Relying on the site provider to filter hostile code from messages is naive and foolish. If a website can execute hostile code, someone WILL make a website to do it anyway.
Browsers should not execute harmful code in the first place. Any code beyond trivial JavaScript needs to be cryptographically signed and then verified before being executed. Clients should warn if the code has not been signed with the certificate of the document owner (provided through a metatag [ yes i know this doesn't verify the document owner's identity ] ) itself. Pages should have the option of passing a metatag like "DisAllowTags 'IMG FONT SCRIPT EMBED'" to keep clients from attempting to parse certain tags and possibly execute code.
Although I have placed most of the blame on the browser, let me say that the client should not be the only line of defense. Servers that allow posting of external HTML should certainly filter images and scripted content.
I did like CERT's points about SSL and cookie poisoning. Has anyone generated proof of concept code or heard of this being exploited?
That's my $0.02. I'd like to hear opinions on providing
Perhaps we could add a kernel level JPEG decompression system to go with our kernel http. So now we can serve and view porn faster than everyone else.
I look at MS's Linux Myths and I see that Forrester has released anti-linux stuff in the past. There is a footnote: "Forrester Research, Software Vendors Crown Server OS Kings, Aug. 31, 1999"
How come you guys don't come over and talk to us mere mortals when you drop by the Boston 2600 meeting? I've heard rumors its because we're (mostly) penguinheads and you guys are BSD/Solaris people?
One of these STUPID cases should be taken all the way to the supreme court to set a precident.
Does this mean that my P0RN has been deregulated? Now all nations in every continent belonging to the WTO can have a fair shot at exporting their P0RN. Hmm. I wonder if the US porn industry would support a tariff on overseas electronic commerce (hard to enforce). The US industry could advocate sanctions cause they use child labor.
Despite all the media hype around the violence, I've been really excioted by the events in Seattle. Finally, it seems a large segment of the population has realized that fundamental issues, such as freedom of speech, freedom or assembly and the right to control their own government are what matter, not our own views on individual issues. The left and the right (outside of the mainstream) are both realizing that the ideas expressed in the Constitution should come before personal, moral and economic ideas.
Perhaps one of the most enlightening things I heard (on tuesday) was that a local militia was considering entering the protest are to defend the protesters' rights to assemble and to free speech.
They're actually using Solaris x86 which I've heard isn't as stable as Solaris SPARC.
Excellent setup, but I'd like to know if there's a way to make my Apache send a cached php page depending on cookie data.
DVD Audio is doomed. Sure, the quality rules. I'd like it. But people have a HUGE investment of money into the CD technology. People want their music to work on their car stero, their boom box and their computer. The high-end technoweenie consumer also dislikes DVD audio because it is not as portable as a handheld digital audio device (mp3man, rio, etc.). Can you imagine how much a DVDAudioMan would cost? And it would be very bulkly. You need decryption on the player.
This isn't meant to start a flame war, but I think, despite the technical merits of it, DVD Audio is not a comercially viable technology. Perhaps the future of commercial audio recordings is in some encrypted mp3 standard.
Supposing I wanted to make some computer controlled robotics, what would be the best way to start? Has anyone found a Mindstorms (tm) like system but for controlling stuff hooked up to a computer through a C program. Like uhh
/* 12 volts 120 hertz AC,
// (move the arm 1 degree
// along the x axis until it touches)
// crush it
#include
int main() {
robot arm(arm, 12, 120, 3, 2);
3 axis of movement, 2 other motors
*/
while (!arm.is_touching())
arm.move(1,1);
arm.motor(2, +32767);
return 0;
}
Weren't these the guys who made DOS4GW. Ahhh the early 90's.... first person shooters....mmm
I wonder if Microsoft has any stock in Rational. Perhaps a company Microsoft, Bill or Paul Allen owns stock in is a stockholder of Rational.
Is Visual Studio going to ditch J++ ocmpletely or will it still be available either licensed to MS or as an add on?
This kind of system gives a small to medium size isp a chance to break the monopoly on broadband (DSL/Cable) Internet connections. In my area (SE RI/MA), (Cox) cable internet is unavailable, MediaOne RoadRunner is nonexistant, DSL is a year off, T1 is overpriced and ISDN is crappy. If an existing dialup isp implimented this technology, it would be a great way to move into the high bandwidth market. Someone doing this could force broadband companies to compete, which is good.
What about security though? I assume they'll have link level encryption.
I fear problems like this. That's why I only use hardware that has established a record of reliability, like my 486/66. Gotta watch out for those newfangled processor bugs, like the Pentium Floating Point mantissa handling bug! If you need more speed just overclock your supercooled 486.
X is probably the best reason to use Linux on the desktop. I store all my porn on one machine and then have it display running on my 486/33 in my room with a projector. Its fun. Seriously though, X makes rmeote administration practical. I advise anyone who hasn't use X across their LAn for displaying stuff to do so.
BTW:: What is the difference between X.org X and XFree86?
- The ability to map files from other servers into its url space.
- I want to be able to control caching directives passed to the client. So like I could make files within
/forum/ passed with no-cache to the client. - I would like the proxy to have basic methods of determining if a fresh copy of something needs to be fetched. So "If
/forum/ not-cached by no-account in last 5 minutes, get new /forum/; But if client-is-user and not sent in last 3 minutes get a new forum for user" - I want to be able to manipulate cookies so that some files and cgis mapped within the server space can't get ones not intended for them (user server).
- I want to be able to protect mapped URLs by password (at the load-balancer) and by ip.
- How about running a https server and mapping the requests to unencrypted http servers
- Here's what I want to use it to handle
- A user box with some SUID user cgis and mostly static html (apache)
- A Slashdot-like forum (apache w/ php/mysql)
- A file archive server (thttpd)
- A group of small webservers for displaying stats on from developer machines (thttpd)
- A discussion forum on a mod_perl
- A web-based email server (custom running on OpenBSD)
Anyone have a solution for this?These should be better in the AM. Reply with new streams and webcams, please.
.wsdot.wa.gov/PugetSoundTraffic/cameras/imagehtml/ cctv117a.htm .asp a pbonline/scannerlive_sea.asx 8 000&file=filename.plsrtsp://kgw.solidweb .com/encoder/kgw-g2.rm
Cameras
http://www.historylink.org/gazette/g azette.htm
http://www
http://209.20.207.37/index.html
http://www.spaceneedle.com/view/livecam
http://www.seattleinsider.com/news/ cameras.html
Audio
http://128.95.10.82:8000/
ht tp://tm.intervu.net/template/smirror/ivtemplates/
http://www.shoutcast.com/sbin/ shoutcast-playlist.pls?rn=6416&addr=209.201.3.17:
I would appreciate it if they would write an explanation of EXACTLY what information they stored. I don't care about my hardware specs. I do care if they grab my email, ip, hostname, username or personal gameplay info. (No... you cannot use my skills as a model for Quake AI)
Couldn't you just randomly add bursts of these commerical signals (but broadcast from all over the place) to basically add a lot of "noise" to the data. Sort of like /. at -1.
It seems like this measure would be one step ahead of implimenting a tracking system which would make everyone accoutnable to some central authority for all their actions on the web. Now we have some privacy, that is our names cannot easily be tied to us online. If this were implimented, our names would be tied to our actions. Just imagine this. A certain banner ad company gets your government || W3C manadated certificate. They figure out your name and do a quick credit check. Banner ad: "[your name]: Did you know that you're $65,535 in debt? Consolidate your debts. Click here." It only goes downhill from there. Suppose your employer wants to know dirt on you. They get a large content provider to tell them what websites you visit, what you search for, etc. Don't think that's possbile? Look at the number of sites Microsft Passport encompasses. Imagine if your Operating System Vendor tied your registration number for their product (and your name) into this sort of certificate when registering (or even installing) your OS and then integrated it into their Web browser. Ouch.
I am really stumped. Why would anyone pay $99 for a closed-source, unsupported, singl-architecture UNIX. Could someone wigh in on the merits of Tru64 vs. the various free UNIXs on Alpha. What Features does it have? Why should i run it (and pay $99)?
xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]
I'm from Rhode Island. In our lame little state it is ILLEGAL to use false information aobut yourself on the net. Goodbye pseudonymity! Here is a shitty editorial on it
xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]