I know this is offtopic, but I couldn't find ksheff's email address to email him privately.
ksheff, it's clear that you have a lot of bitterness towards your wife. You've posted about her horrible spending habits twice in this thread.
Have you considered a divorce?
That would probably make you much happier. You would only have to lose half your possessions, instead of letting her spend away all of them. That's my best advice, to get out of a bad situation, and get your financial life back on the ground. Find a woman who loves you and not your money...
Super eurobeat from Avex and Konami unite in your DANCE!
This is almost exactly the same concept as the old anonymous FTP upload scanners. They both poll random IP addresses for poorly-configured servers that allow open access.
This program searches for Windows shares without a password, and an anonymous FTP upload scanner searches for world-writable upload directories on FTP servers that are also readable. Both have the same effect: allowing the server to be used by unauthorized third parties for anonymous file storage and retrieval.
This was very popular back in the early to mid 1990's, when anonymous FTP was the main way of transferring files on the Internet and security standards were low. Warez sites were just getting started, and most pirates didn't have the resources to put their own servers online full-time, so typically someone else's FTP site would be taken over to do the job.
I'm sure many sysadmins remember the surprise of seeing their disk space suddenly fill up over a weekend, all hidden under the... (three dots) directory...
Super eurobeat from Avex and Konami unite in your DANCE!
I believe that the only scores acceptable in the book are those that have been made in a tournament. It's assumed that the people running the tournament are keeping things fair and watching out for cheaters. You are NOT allowed to simply submit your score unverified.
A lot of the scores in the book are artifically low, that's why. Especially in the home video/computer games, I've seen much higher scores. But there's no way to prove you got the score legit, therefore they don't qualify for the book...
During some tournaments a few years ago, I managed to make it in, though, for a few pinball machines:-) (Josh Lehan)
Super eurobeat from Avex and Konami unite in your DANCE!
I like this sound clip. It is calming to listen to, especially when repeated quietly in the background. Very calming.
I wish the web page would have more information about how it was created. Which frequencies were recorded? Was it AM, FM, or some other technique? How were the sound waves generated from the raw data? If anybody has the answers, please post them.
Super eurobeat from Avex and Konami unite in your DANCE!
>...Next in the news: Teamsters organise developers at Microsoft... Ballmer slaps head and shouts, "Doh!"
That would be a great idea. CPU - Computer Programmers' Union!
The job market is still good, so the time for this has not yet come, but if it gets worse and there are more instances like this of employees getting shafted...
This is a ballot measure in Mendocino County, part of the Emerald Triangle in northern California, where I grew up. If I still lived there, I'd gladly vote for this! Check it out.
I'd be interested in what you think of the color calibration used by Splash products. They are print servers that hook up to a large color copier, and do color calibration as well as other things.
The calibration scheme used seems simple enough, using only a scanner, color strip, and the copier. Kodak makes high-accuracy color strips that have standard colors. The scanner scans that strip and is calibrated to it. Then, the copier spits out a sheet of paper with colored squares. That paper is placed on the scanner, along with the color strip, and they are compared and used to calibrate the copier against the color strip (via the already-calibrated scanner).
The computer is then calibrated to the same standard used by the color strip. Then, you can use the copier as a printer, to print accurate colors, as the system is then completely calibrated. Simple enough.
Unfortunately for the GIMP, this is patented. I work at Splash, programming Linux network stuff. This caught my eye, and I thought I'd add this to the discussion...
Cool! Bob Blick, my old Electronics teacher from high school, made Slashdot! When he was teaching, he was pretty much everyone's favorite teacher. Congratulations Bob.
Mendocino High School is an example of how all schools should be. Nothing like JonKatz's articles at all -- for schools like that, you will have to continue up the coast to Fort Bragg... yuck...
This has been done before, a while ago -- I remember reading about it on several DVD sites. Sony has also came out with a similar technique to use against people who "chip" their PlayStations to play imported discs. (Unlike DVD, the PlayStation has only 3 regions: US, EU, and Japan.)
The algorithm is simple: the disc has software that can ask the player if a given region is valid, and the player will answer Yes or No. (The DVD scripting language allows this, so DVD movies are considered software in this sense.)
First generation hacks simply modified the player to answer Yes for all regions. So, if a disc only checks for one region and then plays the content if the answer is Yes, this will work. Almost all DVD's and PlayStation games work this way.
Recent discs annoy the customer in a more robust way. They also ask the player if a given region is valid, and the player must answer Yes. When this is done, however, the disc will ask the player about other regions as well. The player must answer No for these regions! If it simply blindly answers Yes for all regions, the disc knows the player has been hacked, and will refuse to play.
Second generation hacks work around this, by allowing the customer to choose a single region to make valid. The player will answer Yes for only that region, and No to all others. The disadvantage is that the customer must manually get involved and remember to change the region before playing discs from different regions. However, there is no current way for the disc to detect a hacked player when this is done, as it will appear in software to be completely valid (as it is restricted to a single region).
A good DVD player, like the Apex, will do both! When set to "BYPASS", it is a first generation hack. When set to any of the 8 region codes, it is a second generation hack.
Hmm, it seems they've fixed the problems people mentioned (private address 10.0.0.1 being in the Netherlands, etc.).
What's funny is that if you put in a private address now, you see a pirate flag (skull and crossbones) appear! I guess they know what some people host on their own private networks:-)
This is somewhat old news... I'm surprised it's taken so long to be mentioned on Slashdot. In fact, it was mentioned months ago in the Wall Street Journal!
AARP is part of the AppleTalk protocol suite. It's basically AppleTalk ARP. (ARP is used on Ethernet and other LAN's, to correspond IP addresses with hardware addresses. AARP uses AppleTalk addresses instead of IP addresses.)
I saw it in the machine room of Navigist, an ISP that my friend once worked at. There were at least several dozen entries on it; it looked similar to those 7-layer protocol posters you see everywhere.
It differed from this graph, in that it was laid out vertically. The timeline went from top to bottom, starting around 1970 and going to the present. Linux is listed in the lower right as being inspired by/descended from Minix. The poster also has background art, either a cityscape at night, or some generic "inside my computer" artwork (I don't remember exactly).
Unfortunately, I do not remember the maker of that poster... would like to buy it if it's still available!
Hey, that was some NICE music that was spinning in the club! Any chance of putting a MP3 or RealAudio of the music online, or streaming the audio from future events?
This is somewhat old news, I (and many others) got DSL self-install over a year ago.
I got service from PacHell, in February 1999. It came with a static IP and bridged connection, back before they went to PPPoE. I couldn't be home for the installation, so got a self-install. PacHell, always the paradigm of efficiency, had to drive a technician out to my house to give me the box so I could install it.
The box contained an Alcatel 1000 ADSL modem (the defective version, ancient "AA" ROM's, but that's another story), a splitter box, an ethercard (generic "tulip", glued together by Kingston), and various cables.
My landlord did not allow me to change the outside wiring nor run new phone line, so I took my one working jack (under the bed) and stuffed my splitter there! I split the two wires from that jack into four; two pairs, one for voice and one for DSL. After much reading I discover that the DSL modem uses the outside two wires of the phone line (yellow and black), not the inside wires that are used for voice and everything else (red and green)! Changed the wires on the splitter box and was good to go.
Installed without a hitch, used a static IP for just over a year. After that, I moved, and lost my grandfathered static IP, and had to do PPPoE...
Unfortunately, the designers of IPv6 did something which seems disagreeable to me, and chopped the 128-bit address space of IPv6 in half!
There are no more subnets in IPv6 -- instead, everything is split into a 64-bit network ID and a 64-bit node ID.
So, every IPv6 network is going to need a 64-bit network ID... from the small networks you have at home, to the huge networks of the cable companies and DSL companies! I predict most IPv6 networks will have relatively few nodes in them, compared with the 64-bit node ID space, and there will eventually be a shortage of network ID's.
Why did they do this? Supposedly, the purpose of this is so that they can autoconfigure clients by using the 64-bit hardware address as the node ID. (This is a massive invasion of privacy, using your hardware address as a permanent "cookie" for your computer, even across different connections, but that's another thing to debate.)
By having such a huge address space for the node ID, the chance of collisions is almost none, and it becomes possible to keep the same node ID even while on multiple network ID's (as a multihomed host will be doing).
Still, I wish they would have thought about these two issues, address space and privacy...
I prefer to: use the domain of the spammer! That way, all the spam gets sent right back to the sender, where it belongs.
For example, when downloading RealAudio, use nospam@real.com. When downloading Acrobat Reader, use nospam@adobe.com.
For even more fun, use a username such as root or postmaster.
That way, bandwidth isn't wasted on the Internet, because the spam remains on the spammer's own system. And hopefully it will tell them that people aren't interested in receiving their spam...
Unfortunately, Yahoo does not let you block emails from certain addresses. (Perhaps it's addresses that also advertise on Yahoo?)
As an example, I get spam from "TRAFFIC" at websidestory.com -- this domain is unblockable from Yahoo Mail! Try it, you will find that the "Block Address" link does not even appear when you read an email from them...
I know it's offtopic, but I wanted to point out something about #3:
Most cities I know of where this has happened (Oakland, CA) have limits on the number of guns you can turn in (3 guns per person). So, gun dealers couldn't dump huge amounts of guns...
I'm really glad to see this! I remember reading a while ago about an increase in upload speed, to 45kbps. It was announced by a modem manufacturer, a year ago or so, then not implemented because they didn't see a demand for it. They suppressed it from the marketplace. I'm glad to see it become an official standard now! And at 48kbps instead of 45, a small bonus.
Having fast connect time (perhaps by skipping all those old legacy connection probes that are done) is another good idea, one that will sell well, especially with places that get frequent disconnects.
The third new thing they announced, Call Waiting standardization, is also something I've been hoping for a while to have. I remember having a 14.4 modem that always would disconnect when Call Waiting was received, but could be set to prevent this if desired (increase carrier loss wait time, I forgot the S-Register for this). The newer modems were "too good", just plowing right through the Call Waiting beep (regardless of their settings) so I missed some important calls back in the day.
Now, I have a DSL connection. Like a 56K modem, it is much faster downstream than upstream. Do you think there's a conspiracy here? Content providers don't want to make it easy for people to pirate or come up with their own ideas, so they lobby the industry to restrict upload speeds and condition people to only consider the download speed when choosing a connection service. I'm glad to see this official standard, it's a step in the right direction to restore upload speed!
I agree that something should be done about unsecured Telnet and FTP -- when I was in the dorms, my box was hacked, and used as a stepping stone for other attacks.
I had closed all security holes I knew about at the time. (Linux 0.99pl14, log in as username "-pfroot", you're in like Flynn!) But, the network was unswitched so I was still vulnerable to a sniffed password.
Telnet and FTP and POP3 probably won't go away anytime soon because they're everywhere, and this really helps when using someone else's computer (at an Internet cafe, for instance).
Tunneling is a good way to add some security to these protocols. SSH is good for tunneling, but it's hard to tunnel FTP because it opens new connections for each file.
Offtopic: I would *love* an extension to the FTP protocol that would allow files to be transferred inline, so that control and data would share the same connection. Something like "INLI length", in place of PORT or PASV, that would cause the next STOR or RETR to take place over the control connection, for the next length bytes. Has something like this already been done? If not, it seems easy enough to add...
Slashdot Mirror
I know this is offtopic, but I couldn't find ksheff's email address to email him privately.
ksheff, it's clear that you have a lot of bitterness towards your wife. You've posted about her horrible spending habits twice in this thread.
Have you considered a divorce?
That would probably make you much happier. You would only have to lose half your possessions, instead of letting her spend away all of them. That's my best advice, to get out of a bad situation, and get your financial life back on the ground. Find a woman who loves you and not your money...
Super eurobeat from Avex and Konami unite in your DANCE!
This is almost exactly the same concept as the old anonymous FTP upload scanners. They both poll random IP addresses for poorly-configured servers that allow open access.
This program searches for Windows shares without a password, and an anonymous FTP upload scanner searches for world-writable upload directories on FTP servers that are also readable. Both have the same effect: allowing the server to be used by unauthorized third parties for anonymous file storage and retrieval.
This was very popular back in the early to mid 1990's, when anonymous FTP was the main way of transferring files on the Internet and security standards were low. Warez sites were just getting started, and most pirates didn't have the resources to put their own servers online full-time, so typically someone else's FTP site would be taken over to do the job.
I'm sure many sysadmins remember the surprise of seeing their disk space suddenly fill up over a weekend, all hidden under the ... (three dots) directory...
Super eurobeat from Avex and Konami unite in your DANCE!
I believe that the only scores acceptable in the book are those that have been made in a tournament. It's assumed that the people running the tournament are keeping things fair and watching out for cheaters. You are NOT allowed to simply submit your score unverified.
A lot of the scores in the book are artifically low, that's why. Especially in the home video/computer games, I've seen much higher scores. But there's no way to prove you got the score legit, therefore they don't qualify for the book...
During some tournaments a few years ago, I managed to make it in, though, for a few pinball machines :-) (Josh Lehan)
Super eurobeat from Avex and Konami unite in your DANCE!
I like this sound clip. It is calming to listen to, especially when repeated quietly in the background. Very calming.
I wish the web page would have more information about how it was created. Which frequencies were recorded? Was it AM, FM, or some other technique? How were the sound waves generated from the raw data? If anybody has the answers, please post them.
Super eurobeat from Avex and Konami unite in your DANCE!
>...Next in the news: Teamsters organise developers at Microsoft... Ballmer slaps head and shouts, "Doh!"
That would be a great idea. CPU - Computer Programmers' Union!
The job market is still good, so the time for this has not yet come, but if it gets worse and there are more instances like this of employees getting shafted...
The War on Drugs is evil and pointless, and finally there's a chance to do something about it.
http://www.pacificsites.com/~mce/ Mea sureG.html
This is a ballot measure in Mendocino County, part of the Emerald Triangle in northern California, where I grew up. If I still lived there, I'd gladly vote for this! Check it out.
I'd be interested in what you think of the color calibration used by Splash products. They are print servers that hook up to a large color copier, and do color calibration as well as other things.
The calibration scheme used seems simple enough, using only a scanner, color strip, and the copier. Kodak makes high-accuracy color strips that have standard colors. The scanner scans that strip and is calibrated to it. Then, the copier spits out a sheet of paper with colored squares. That paper is placed on the scanner, along with the color strip, and they are compared and used to calibrate the copier against the color strip (via the already-calibrated scanner).
The computer is then calibrated to the same standard used by the color strip. Then, you can use the copier as a printer, to print accurate colors, as the system is then completely calibrated. Simple enough.
Unfortunately for the GIMP, this is patented. I work at Splash, programming Linux network stuff. This caught my eye, and I thought I'd add this to the discussion...
Cool! Bob Blick, my old Electronics teacher from high school, made Slashdot! When he was teaching, he was pretty much everyone's favorite teacher. Congratulations Bob.
Mendocino High School is an example of how all schools should be. Nothing like JonKatz's articles at all -- for schools like that, you will have to continue up the coast to Fort Bragg... yuck...
This has been done before, a while ago -- I remember reading about it on several DVD sites. Sony has also came out with a similar technique to use against people who "chip" their PlayStations to play imported discs. (Unlike DVD, the PlayStation has only 3 regions: US, EU, and Japan.)
The algorithm is simple: the disc has software that can ask the player if a given region is valid, and the player will answer Yes or No. (The DVD scripting language allows this, so DVD movies are considered software in this sense.)
First generation hacks simply modified the player to answer Yes for all regions. So, if a disc only checks for one region and then plays the content if the answer is Yes, this will work. Almost all DVD's and PlayStation games work this way.
Recent discs annoy the customer in a more robust way. They also ask the player if a given region is valid, and the player must answer Yes. When this is done, however, the disc will ask the player about other regions as well. The player must answer No for these regions! If it simply blindly answers Yes for all regions, the disc knows the player has been hacked, and will refuse to play.
Second generation hacks work around this, by allowing the customer to choose a single region to make valid. The player will answer Yes for only that region, and No to all others. The disadvantage is that the customer must manually get involved and remember to change the region before playing discs from different regions. However, there is no current way for the disc to detect a hacked player when this is done, as it will appear in software to be completely valid (as it is restricted to a single region).
A good DVD player, like the Apex, will do both! When set to "BYPASS", it is a first generation hack. When set to any of the 8 region codes, it is a second generation hack.
Why not make the large memory algorithms an option, that can be enabled by the user at will? That way, both algorithms can remain in place.
You could have something like these two kernel command lines:
linux mem=8M
linux mem=256G memalgo=large
Then, different users could pick the right one for their needs.
I sure hope the kernel doesn't fork. We do not need NetLinux, FreeLinux, OpenLinux...
Hmm, it seems they've fixed the problems people mentioned (private address 10.0.0.1 being in the Netherlands, etc.).
What's funny is that if you put in a private address now, you see a pirate flag (skull and crossbones) appear! I guess they know what some people host on their own private networks :-)
This is somewhat old news... I'm surprised it's taken so long to be mentioned on Slashdot. In fact, it was mentioned months ago in the Wall Street Journal!
Here's some sites:
http://divx.ctw.cc/
http://divx.vcdguide.com/
http://www.divx-digest.com/
A Google search on DivX ;-) will also prove fruitful. Don't forget the smiley, lest it be confused with Circuit City's failed format!
AARP is part of the AppleTalk protocol suite. It's basically AppleTalk ARP. (ARP is used on Ethernet and other LAN's, to correspond IP addresses with hardware addresses. AARP uses AppleTalk addresses instead of IP addresses.)
Speaking of software challenge and tremendous amounts of data...
Will SETI be allowed access to the telescope? I hope so...
There IS a poster made of this!
I saw it in the machine room of Navigist, an ISP that my friend once worked at. There were at least several dozen entries on it; it looked similar to those 7-layer protocol posters you see everywhere.
It differed from this graph, in that it was laid out vertically. The timeline went from top to bottom, starting around 1970 and going to the present. Linux is listed in the lower right as being inspired by/descended from Minix. The poster also has background art, either a cityscape at night, or some generic "inside my computer" artwork (I don't remember exactly).
Unfortunately, I do not remember the maker of that poster... would like to buy it if it's still available!
Hey, that was some NICE music that was spinning in the club! Any chance of putting a MP3 or RealAudio of the music online, or streaming the audio from future events?
How does this compare with the other ideas for traceback, one of which is at http://www.cs.washington.e du/homes/savage/traceback.html?
This paper has some good ideas...
This is somewhat old news, I (and many others) got DSL self-install over a year ago.
I got service from PacHell, in February 1999. It came with a static IP and bridged connection, back before they went to PPPoE. I couldn't be home for the installation, so got a self-install. PacHell, always the paradigm of efficiency, had to drive a technician out to my house to give me the box so I could install it.
The box contained an Alcatel 1000 ADSL modem (the defective version, ancient "AA" ROM's, but that's another story), a splitter box, an ethercard (generic "tulip", glued together by Kingston), and various cables.
My landlord did not allow me to change the outside wiring nor run new phone line, so I took my one working jack (under the bed) and stuffed my splitter there! I split the two wires from that jack into four; two pairs, one for voice and one for DSL. After much reading I discover that the DSL modem uses the outside two wires of the phone line (yellow and black), not the inside wires that are used for voice and everything else (red and green)! Changed the wires on the splitter box and was good to go.
Installed without a hitch, used a static IP for just over a year. After that, I moved, and lost my grandfathered static IP, and had to do PPPoE...
Unfortunately, the designers of IPv6 did something which seems disagreeable to me, and chopped the 128-bit address space of IPv6 in half!
There are no more subnets in IPv6 -- instead, everything is split into a 64-bit network ID and a 64-bit node ID.
So, every IPv6 network is going to need a 64-bit network ID... from the small networks you have at home, to the huge networks of the cable companies and DSL companies! I predict most IPv6 networks will have relatively few nodes in them, compared with the 64-bit node ID space, and there will eventually be a shortage of network ID's.
Why did they do this? Supposedly, the purpose of this is so that they can autoconfigure clients by using the 64-bit hardware address as the node ID. (This is a massive invasion of privacy, using your hardware address as a permanent "cookie" for your computer, even across different connections, but that's another thing to debate.)
By having such a huge address space for the node ID, the chance of collisions is almost none, and it becomes possible to keep the same node ID even while on multiple network ID's (as a multihomed host will be doing).
Still, I wish they would have thought about these two issues, address space and privacy...
I prefer to:
use the domain of the spammer!
That way, all the spam gets sent right back to the sender, where it belongs.
For example, when downloading RealAudio, use nospam@real.com . When downloading Acrobat Reader, use nospam@adobe.com .
For even more fun, use a username such as root or postmaster .
That way, bandwidth isn't wasted on the Internet, because the spam remains on the spammer's own system. And hopefully it will tell them that people aren't interested in receiving their spam...
Unfortunately, Yahoo does not let you block emails from certain addresses. (Perhaps it's addresses that also advertise on Yahoo?)
As an example, I get spam from "TRAFFIC" at websidestory.com -- this domain is unblockable from Yahoo Mail! Try it, you will find that the "Block Address" link does not even appear when you read an email from them...
I know it's offtopic, but I wanted to point out something about #3:
Most cities I know of where this has happened (Oakland, CA) have limits on the number of guns you can turn in (3 guns per person). So, gun dealers couldn't dump huge amounts of guns...
I'm really glad to see this! I remember reading a while ago about an increase in upload speed, to 45kbps. It was announced by a modem manufacturer, a year ago or so, then not implemented because they didn't see a demand for it. They suppressed it from the marketplace. I'm glad to see it become an official standard now! And at 48kbps instead of 45, a small bonus.
Having fast connect time (perhaps by skipping all those old legacy connection probes that are done) is another good idea, one that will sell well, especially with places that get frequent disconnects.
The third new thing they announced, Call Waiting standardization, is also something I've been hoping for a while to have. I remember having a 14.4 modem that always would disconnect when Call Waiting was received, but could be set to prevent this if desired (increase carrier loss wait time, I forgot the S-Register for this). The newer modems were "too good", just plowing right through the Call Waiting beep (regardless of their settings) so I missed some important calls back in the day.
Now, I have a DSL connection. Like a 56K modem, it is much faster downstream than upstream. Do you think there's a conspiracy here? Content providers don't want to make it easy for people to pirate or come up with their own ideas, so they lobby the industry to restrict upload speeds and condition people to only consider the download speed when choosing a connection service. I'm glad to see this official standard, it's a step in the right direction to restore upload speed!
I agree that something should be done about unsecured Telnet and FTP -- when I was in the dorms, my box was hacked, and used as a stepping stone for other attacks.
I had closed all security holes I knew about at the time. (Linux 0.99pl14, log in as username "-pfroot", you're in like Flynn!) But, the network was unswitched so I was still vulnerable to a sniffed password.
Telnet and FTP and POP3 probably won't go away anytime soon because they're everywhere, and this really helps when using someone else's computer (at an Internet cafe, for instance).
Tunneling is a good way to add some security to these protocols. SSH is good for tunneling, but it's hard to tunnel FTP because it opens new connections for each file.
Offtopic: I would *love* an extension to the FTP protocol that would allow files to be transferred inline, so that control and data would share the same connection. Something like "INLI length ", in place of PORT or PASV, that would cause the next STOR or RETR to take place over the control connection, for the next length bytes. Has something like this already been done? If not, it seems easy enough to add...
What are the new W2K SMP ports? I haven't heard of those yet.
Are they a well-known port number that can easily be blocked, like 137-139, or are they dynamic? I hope they are the former...