At my old job, we had a pager, cellular phone and laptop that changed hands weekly.
If you were on call that week, you got 8 hours of overtime pay, regardless of if you got 0 or 100 pages. Also, for any time you had to come in, you got a minimum of 4 hours pay, and anything over that was time and a half.
This is great for multiple reasons. First, you may not like getting paged, but getting a minimum of 4 hours pay was really nice. Just have to reboot an NT server? No problem! Cha-ching!
Second, the other departments knew of this policy, and we were only paged if it was *critical* since it really ate into IT's budget if the on-call person was paged. Basically, the person who was paging the on-call person had to have a good buisiness reason for the oncall person to come in, or even do anything.
The last, and most important, was the on-call person's ability to say "no". If this was one baffoon who couldn't get his e-mail working on a Sunday, we told him to call the Help Desk Monday. If a production server crashes, then the IT person comes in for sure.
Companies need to let IT be "in charge" like this and have the ability to help or deny help to users depending on the situation. This can lead to arguments of what "critical" is, but management needs to trust IT make these judgement calls, discuss the impact of those decisions later and learn from the decisions made and results viewed.
Since I've seen to many Outlook viruses out there in the past year or two, how about this time we create one that actually does something productive rather than wreak havok?
I say someone writes an Outlook virus that would have compressed copies of the DeCSS source code attached to the message. Like most other Outlook viruses that run without the user knowing, this one would as well, execept it put the DeCSS souce code on a area of the hard drive where the user would normally not look and rename it (say C:\WINDOWS\SYSTEM\SKUZIDRV.SYS).
Later, if need be, the file could be retreived through another e-mail to the same person (assuming they keep the same computer) if we find the number of copies out there dwindling. Again, another Outlook virus that would create a new message, attach the file and send it to a specified address.
Hey, maybe I should patent this! Remote File Storage and Retrevial Using Microsoft Outlook.
But surely it's latency that is of primary importance and bandwidth takes second place?
At first I thought you were right, but the more I thought about it, the more I feel the article is correct.
The best way to think of this is on high end systems. Think of a Sun Ultra Enterprise 450 with a couple gigs of RAM, a couple processors and a bunch large, memory and CPU intensive programs running.
You have 20 processes each which needs a slice of CPU time. Each time a process runs on the CPU, parts of the process are copied from RAM to the CPU to execute. That processes executes for its specified time slice, the kernel stops it, copies the results back to RAM, and then does it again with another process. Now imagine this happening hunderds of times per second! The memory bus gets even more saturated with more processors since there are more RAM to CPU copies and vice-versa.
This is where cache comes in. Part of the program that just executed is kept in the cache so the next time it's time slice comes around (ie: it's time to run on the CPU), there won't have to be a copy from RAM to the CPU. The CPU simply grabs it out of it's cache, thus freeing up bandwidth on the memory bus.
I think that articles like this have no purpose but for the authors to play with the stock market.
Perhaps you're right on this one. I just got finished reading about how foolish it is to buy Dell stock right now. From Dell's IPO up until it's peak at in 2000, their stock has gone up 8000%. Do you think they can repeat that? No way. If people are looking for a repeat of 8000% growth, they need their head examined.
However, abroad, there is a massive need for computers.
To a certain extent yes, but keep in mind what exactly the rest of the world is composed of. Do you think there will be overwhelming demand in Africa, China or the Eastern Bloc countries (Russia, it's satellites and former parts of Russia that are now independent) which are now Third World nations? IMO, the demand will be high (ie: everyone wants one), but few can afford one. The rest of the world is primarly composted of Second and Third World nations.
The only part of the world I cannot give an opinion on is Europe. Does anyone have any statistics as to what percentage of people own computers in Europe?
When complete, in 2006, the 16-nation project will have the interior volume of a 747 jumbo jet and stretch the length of a football field.
When I read this, it reminds me how little progress we've made when it comes to space travel
In 1969, the United States landed on the moon. That was over 30 years ago. We've just now gotten to the point where we have a space station the size of an airplane that's been around for years.
I'm one of those sci-fi nerds who can't wait to travel into space, colonize other planets and perhaps meet other intelligent life, but it shows that we still have a long way to go. Waiting for those vacations to other planets in our solar system like in Total Recall? Considering we only have a "vehicle" (well, a base, not really a vehice) large enough to hold a bunch of travellers (scientests and astronauts right now), it probably won't happen in our lifetimes.
If any of you are really interested in some practical and well thought out plans to colonize space, I would suggest picking up a copy of The Millennial Project: Colonizing The Galaxy in Eight Easy Steps by Marshall T Savage. It even gets into the geeky details (ie: numbers).
Even though the title has quite a name to live up to, the book has many, many great ideas to improve the efficency of space travel if only governments were to put some funding behind it and cooperate, along with some space travel ideas that science fiction has talked about for years.
I disagree. The hardware would require kernel drivers to work, and if a person has root access to change programs then they could change the kernel. It may be technically hard for them to do so, but it is still possible.
Exactly, anything is possible. That's why I'm careful when I use the word "impossible". In this statement, note I say "almost impossible".:)
A great point none the less (hackers tampering with the kernel drivers). Also see post 142 by Xenna where he or she points out that hackers could back door the driver as well.
Another blow against my "100% hacker proof system".:)
1 - Browser history files. These are many many many files, not just one or two. Would you enjoy it if someone stole your laptop and the was able to comb over which web sites you frequented? I sure wouldn't.
2 - E-mail. Same thing as above. You want someone reading your e-mail? No thanks for me.
3 - Personal IP (Intellectual Property). This being anything from a paper you're writing for school (someone else in the class might be happy to have a full or even half finished paper) to the new spy thriller novel you're almost done with.
4 - Personal documents. Again, I wouldn't want someone reading my budget, or my list of goals for the future ("become a fairy princess"). I also keep inventories of my posessions (my comic collection, my electronics, the hardware on all of my computers, etc) on my computer. If someone were to see that, my house would be a juicy target to break into.
5 - Any other computer file that you consider private. Anything from your goat pr0n to your "top secret Quake 3 config file".
Using an encrypted file sysytem is the best all in one solution, rather than encrypting individual files. This way, rather than individually encrypting 100 files, you can just move them to the encrypted partition, and you've got security without the hassle.
Would anyone know if there are any hardware level encryption devies that Linux supports?
As with most things, using hardware instead of software is faster (sometimes *much* faster), so this would not only be an answer to the speed problem that was posed, but also it would be very reliable (as opposed to encryption daemons that may die when the system runs out of swap, etc).
The other advantage is that hackers can't touch it. What if a hacker recompiled the binaries for your software encryption with a backdoor? Bad news, your formally encrypted partition is now fully accessable to the hacker or anyone who is aware of the backdoor. With a hardware solution, it's almost impossible to trojan and/or modify the hardware.
Ideas on the hardware solutions for disk encrption that are out there, and if so, which ones does Linux support?
You're correct about "solid default security configuration", but what *NIX OS (besides OpenBSD) comes with a good default security configuration?
As people have stated many times, in hundereds of posts before, it's the admins job to secure the box. I don't care if the *NIX I'm installing has a default root password of "password" and a 5 year old version of sendmail running on it. It's up to me to fix those things before I put it on a network.
Now, it can be argued that the vendor should fix these things. Sure, *NIX vendors should always put the latest versions of software in their distributions in order to prevent security breaches, but there are always exploits that come out after the CDs have been pressed and shipped. In which case (and it always is the case), it's up to the admin to apply the appropriate security patches.
So, no matter how good, bad or indifferent the default configuration of a machine is, it's up to the person who admins and/or installs the box to secure it for real.
Yes, lazy admins are the problem, but just to clarify, this isn't an "exploit".
These machines were hacked (in ways that any other machine would be hacked DNS, rpc.statd, sendmail, etc). The person that hacked the machine then put the DDoS software on the machine for later use.
Lazy admins are the issue since they did not take the appropriate measures to secure their boxes (applying patches, setting up a firewall, etc), but the actual DDoS software was installed as a result of the boxes being hacked. Hence, the DDoS software is the result and not the cause of the hacking.
Would 560 computers with OC3's attached to each one be enough for a DDoS? You bet it would.
Would 560 computers with cable modems (capped at 128 Kb/sec upstream) be enough for a DDoS? Probably not.
Also, keep in mind, this all depends on the target of the DDoS. 560 dialup machines with 56k modems would be enough to flood a few dialup connections, or perhaps a cable modem or DSL line.
Thus, as for the question "is is enough for a DDoS?" the answer is "it depends on the connections that the infected computers have and the target."
There really isn't much to say about this article execpt for good old rampant Slashdot speculation.
So some people found some trojans that could be used for DDoS attacks on a few hundered machines. Does this mean a DDoS is "brewing" or ready to be launched? Hardly.
In order to know if something was coming, we would actually have to talk to whomever put those trojans on the machines to see what their motivation is, and when they plan to use them. Unfortunatly, this will more than likely never happen.
For all we know, this could just be some script kiddies person cache of trojans to take over IRC channels, not DDoS a large site such as Yahoo! or Ebay. Heck, maybe is the BOFH Users Group out for revenge on companies that have had enought of their antics and fired them. Who knows?
So, is a new, massive DDoS brewing? Unless one of the people who planted these trojans tells us, or a DDoS actually happens, we'll never know.
I came from a small town where one convience store starting carding for lighters. So, what happened? All of the kids that smoked (or used lighters for other purposes) weren't too happy, so they went to the other end of the block to another convienence store where they didn't card. It was as simple as that.
One store put a restriction of sales in place, so the consumers simply went to another store, where there was no such restriction. The consumers were happy, the store that got new business was happy, and the store that was carding eventually stopped the practice, bringing back few if any of it's former customers.
I also see this as strange because isn't K-Mart only hurting themselves in this case? What do they have to gain financially? Carding will only bring fewer sales; those kids who were going to purchase a game and help K-Mark make profit before, can now not purchase that game, hurting both the consumer and K-Mart. Sure, K-Mart may receive applause from the anti-violent video game crowd, but isn't business about profits? And by enforcing this practice, K-Mart his hurting their profits.
The answer to this "problem" is quite simple: if you can't get it from retailer A, go to retailer B. The end result will be the same: happy consumer, new retailer gains business and the old, restrictive retailer loses business.
I assume you're asking if using some kind of "virtual machine" technology such as VMware degrades performance due to the fact the OS isn't accessing the hardware directly.
The answer, is yes. As for the level of performance degredation, that I couldn't tell you exactly, and would think it would vary between applications and OSes. You're correct, the more levels of software between a process (the kernel, an application, a daemon, etc), the slower that process is due to having to move through the layers to get the to actual hardware. Rather than go Application -> Kernel -> Hardware, a machine with VMware would go Application -> Kernel -> VMware -> hardware. One extra step, and thus a loss of performance, no matter how small.
Unless the software package (the VMware-esque program) is poorly written, the performance loss is usually not noticable to the end user based on experiences I've heard about. The large exception to this rule is games, where speed and direct hardware access are everything.
Doesn't this depend on when the patents were actually filed?
I say this because if VOS filed the patents after VMware or plex86 were released, then VMware or plex86 would have created the technology before VOS even existed, giving them the rights (I thought it was called "prior creation" or something like that, but I don't recall exactly).
Can anyone verify this for me? When the patent was issued and if VMware and plex86 were created before VOX?
I would also enjoy seeing the shell histories of the people who participated in this event.
When I seen intrusion detection and honeypot articles, the most interesting thing IMO is seeing the shell history of the intruder. Shell history is one of the best ways to actually see an intruder's train of thought step by step, uncensored. Getting in, obtaining root, cleaning the logs, setting up rootkits and trojans, etc.
The other thing I take much joy in reading is IRC logs of hackers (posted in some honeypot articles). I feel the IRC logs are the best insight as to which hackers are the real thing, and which ones are just script kiddies begging new spl0its off of the veterans and innovators.
This is yet another "I've always wondered...." question I have for all you Slashdot readers.
When we see stories about quantum leaps in computer technology, why are companies so slow to actually produce, implement, and sell it?
I feel releasing this technology now would not only benefit consumers, but help to drive down prices of other technologies. For example, if IBM released a processor built using this process today, I'm confident Intel's CPU price would drop.
So, what's keeping IBM from releasing hardware based on this technology in 1 to 2 years instead of 10 to 15? Ideas?
I've had a question about this for a while, and none of my friends can seem to answer it. So, I'm going to let the Slashdot give it a shot.
Is there any way to use additional processors or co-processors on a PC (x86) to run SETI @ Home clients?
For example, I have a Voodoo 2 (12 Megs of RAM) in my Linux box. Would there be some way to write a SETI client that uses the Voodoo's processors to run additional SETI clients/threads? This situation is pefect because unless I'm using a 3D program (Quake 3, Unreal Tournament, etc) the Voodoo is doing nothing.
The only reason I ask this question is because computers do math, it's a fact, just math all of the time. Why not have the SETI client use some of the great FPU (Floating Point Unit) on the graphics processors of a Voodoo card? Have the Voodoo do it's math on the Voodoo's processors rather than the PC's CPU.
Also, I don't see why this won't work for other things besides Voodoo cards. Any card that's strictly 3D, some NICs have a small co-processor for checksumming, or even a way to set the prioroity on the SETI client using a 2D/3D card (so 2D performance doesn't suffer when the user is using normal windowed applications).
guess what fuck stick, I'm going to sign up for that DSL, and I'm not going to use you as a referrer since you're such a moron. Thanks for the info, I hope you lose time and money.
Alright, I'll post something a little more on topic than "hot grits" this time.
First, please keep in mind that Gnutella doesn't have anything to do with getting around copy protection. Gnutella is simply a way to distribute files, no more, no less. Gnutella doesn't help crackers (please, no "hacker" vs "cracker" flames) break copy protection, just distribute the cracked files and/or utilties to crack those files.
Back in high school, I'd just borrow somebody's tape and copy it. There's always a way around copy protection.
You're 100% correct in that statement, as we have seen in the past. Copy protection methods have come and gone, and as of yet, none have withstood the ultimate test: time and ingenuity.
I feel the largest problem for the RIAA is they don't seem to have very much technical knowledge to employ in this argument. If they want to look at the issue from all sides, they should hire some geeks, have them research and report copy prevention techniques and ways around them in order to get a larger, "big picture" perspective of what they're "fighting" against.
The reason I say they should hire some geeks is becasue, quite simply, you'll never be able to make something that is 100% copy protected, and hopefully these geeks can enlighten them to this fact. Two cases in point: first, the drivers. That's right folks, the drivers. If any of you haven't heard about this theory before, decrypted data can be captured at the device driver level. All it takes is someone to write a modified Sound Blaster driver which will capture the data right before it's sent to the hardware (ie: sound card and speakers). The second case is capturing at the hardware level. This can be either as simple as putting a microphone up to your speakers and recording it back to the drive. Sure, not as good of quality, blah blah blah, but a copy none the less. The other example of capture at the hardware level is something I have seen on a few posts here on Slashdot as the past: digital or an alternative output from the sound device (sound card). Can't crack that encrypted music file? Play it and send the output to some sort of recording device (Sony Minidisc, Tape Player, input on another sound card on the machine, etc)
I hate to give them ideas, but here's what the RIAA really needs to do in order to take the next real step in copy protection: copy protection must be implemented at the hardware level. That's right, a special sound device (sound card) and perhaps output device (speakers, headphones, etc) that makes some sort of "secure" connection to eachother so that no decrypted data can be captured on the computer/device itself. Now, this still won't deter the old microphone method (you'll never be able to get around that one. If you can hear it, you can record it.), but it will deter the alternate output method, along with the driver method.
Oh yes, and please don't get me wrong. Copy protection at the hardware level wouldn't stop crackers, no siree Bob. It would make it harder, but keep in mind, the word "impossible" is a very strong, and often misused word.
Actually no, he didn't. According to this article on TheForce.net, Lucas is working on the DVD. The reperesentative from Lucasfilm Limited said yes, Lucas is working on a DVD, it's too early to say when it's going to be out or what will be on it, and that there will be NO Episode I Special Edition with the deleted scenes (however they may be included in the DVD, but it's too early to say).
No, I don't work for TheForce.net, but they're the most reliable and up to date site when it comes to Star Wars news that I have found.
I'm not saying this is unfair, or lying or a half truth or anything like that since Intel has MMX, but I feel it's a somewhat skewed view of things.
Nope, I never thought it wasn't fair. Please read the quote from my original post above.
I see it this way: When new generation Pentium, Sparc or Alpha processors come out, you don't have to recompile things to make them take advantage of the speed increase. Sure, recompiling them might make them faster, but with the Velocity Engine, you actually have to modify the program where as with the processors mentioned above, they can take advantage of the speed increase without any changes.
I do enjoy the fact that Photoshop can take advantage of this special feature with just a plugin, however I don't beleive the vast majority of applications can do this (a simple plugin).
That said, the G4 is still far ahead of twice-as-'fast' Pentium IIIs - several reviews have shown that, with Altivec-native programs like Photoshop, a G4 at 450MHz creams a Pentium III at 1GHz, by 30% in some instances. With Mac OS X on dual or quad G4s, and with much better G4s (dual altivec units, and deeper pipelining to allow higher clock speeds) coming this fall, the Mac platform's about to get a massive boost.
I've heard of this before. Are you referring to the "vector processing unit" or Velocity Engine? For those of you who haven't seen the benchmarks, here is a link to an article with a few benchmarks.
The only thing I don't like about this is the fact that in order to beat the PIII's, a special Photoshop plugin is required to make use of the Velocity Engine.
What does this mean? Quite simply, an application must specifically be written (or re-written) to take advantage of the Velocity Engine. I'm not saying this is unfair, or lying or a half truth or anything like that since Intel has MMX, but I feel it's a somewhat skewed view of things.
Many video cards are like this as well. I remember reading an interview with one of the programmers at iD (Gremme I beleive) where he stated the largest problem with game performance is having to write code that works with all sorts of video cards. Many individual cards such as 3Dfx have propritary APIs such as Glide that gives a great performance boost, but obviously Glide apps will only run on 3Dfx cards (wrappers non-withstanding).
Thus, I have nothing against Macs (hey, progress is progress, and people everyone likes or hates things for his or her own reasons), however I don't think that just Photoshop benchmarks with a plugin which makes use of a Mac specific co-processor tell the whole story.
Slashdot Mirror
At my old job, we had a pager, cellular phone and laptop that changed hands weekly.
If you were on call that week, you got 8 hours of overtime pay, regardless of if you got 0 or 100 pages. Also, for any time you had to come in, you got a minimum of 4 hours pay, and anything over that was time and a half.
This is great for multiple reasons. First, you may not like getting paged, but getting a minimum of 4 hours pay was really nice. Just have to reboot an NT server? No problem! Cha-ching!
Second, the other departments knew of this policy, and we were only paged if it was *critical* since it really ate into IT's budget if the on-call person was paged. Basically, the person who was paging the on-call person had to have a good buisiness reason for the oncall person to come in, or even do anything.
The last, and most important, was the on-call person's ability to say "no". If this was one baffoon who couldn't get his e-mail working on a Sunday, we told him to call the Help Desk Monday. If a production server crashes, then the IT person comes in for sure.
Companies need to let IT be "in charge" like this and have the ability to help or deny help to users depending on the situation. This can lead to arguments of what "critical" is, but management needs to trust IT make these judgement calls, discuss the impact of those decisions later and learn from the decisions made and results viewed.
Since I've seen to many Outlook viruses out there in the past year or two, how about this time we create one that actually does something productive rather than wreak havok?
I say someone writes an Outlook virus that would have compressed copies of the DeCSS source code attached to the message. Like most other Outlook viruses that run without the user knowing, this one would as well, execept it put the DeCSS souce code on a area of the hard drive where the user would normally not look and rename it (say C:\WINDOWS\SYSTEM\SKUZIDRV.SYS).
Later, if need be, the file could be retreived through another e-mail to the same person (assuming they keep the same computer) if we find the number of copies out there dwindling. Again, another Outlook virus that would create a new message, attach the file and send it to a specified address.
Hey, maybe I should patent this! Remote File Storage and Retrevial Using Microsoft Outlook.
But surely it's latency that is of primary importance and bandwidth takes second place?
At first I thought you were right, but the more I thought about it, the more I feel the article is correct.
The best way to think of this is on high end systems. Think of a Sun Ultra Enterprise 450 with a couple gigs of RAM, a couple processors and a bunch large, memory and CPU intensive programs running.
You have 20 processes each which needs a slice of CPU time. Each time a process runs on the CPU, parts of the process are copied from RAM to the CPU to execute. That processes executes for its specified time slice, the kernel stops it, copies the results back to RAM, and then does it again with another process. Now imagine this happening hunderds of times per second! The memory bus gets even more saturated with more processors since there are more RAM to CPU copies and vice-versa.
This is where cache comes in. Part of the program that just executed is kept in the cache so the next time it's time slice comes around (ie: it's time to run on the CPU), there won't have to be a copy from RAM to the CPU. The CPU simply grabs it out of it's cache, thus freeing up bandwidth on the memory bus.
I think that articles like this have no purpose but for the authors to play with the stock market.
Perhaps you're right on this one. I just got finished reading about how foolish it is to buy Dell stock right now. From Dell's IPO up until it's peak at in 2000, their stock has gone up 8000%. Do you think they can repeat that? No way. If people are looking for a repeat of 8000% growth, they need their head examined.
However, abroad, there is a massive need for computers.
To a certain extent yes, but keep in mind what exactly the rest of the world is composed of. Do you think there will be overwhelming demand in Africa, China or the Eastern Bloc countries (Russia, it's satellites and former parts of Russia that are now independent) which are now Third World nations? IMO, the demand will be high (ie: everyone wants one), but few can afford one. The rest of the world is primarly composted of Second and Third World nations.
The only part of the world I cannot give an opinion on is Europe. Does anyone have any statistics as to what percentage of people own computers in Europe?
When complete, in 2006, the 16-nation project will have the interior volume of a 747 jumbo jet and stretch the length of a football field.
When I read this, it reminds me how little progress we've made when it comes to space travel
In 1969, the United States landed on the moon. That was over 30 years ago. We've just now gotten to the point where we have a space station the size of an airplane that's been around for years.
I'm one of those sci-fi nerds who can't wait to travel into space, colonize other planets and perhaps meet other intelligent life, but it shows that we still have a long way to go. Waiting for those vacations to other planets in our solar system like in Total Recall? Considering we only have a "vehicle" (well, a base, not really a vehice) large enough to hold a bunch of travellers (scientests and astronauts right now), it probably won't happen in our lifetimes.
If any of you are really interested in some practical and well thought out plans to colonize space, I would suggest picking up a copy of The Millennial Project: Colonizing The Galaxy in Eight Easy Steps by Marshall T Savage. It even gets into the geeky details (ie: numbers).
Even though the title has quite a name to live up to, the book has many, many great ideas to improve the efficency of space travel if only governments were to put some funding behind it and cooperate, along with some space travel ideas that science fiction has talked about for years.
I disagree. The hardware would require kernel drivers to work, and if a person has root access to change programs then they could change the kernel. It may be technically hard for them to do so, but it is still possible.
:)
:)
Exactly, anything is possible. That's why I'm careful when I use the word "impossible". In this statement, note I say "almost impossible".
A great point none the less (hackers tampering with the kernel drivers). Also see post 142 by Xenna where he or she points out that hackers could back door the driver as well.
Another blow against my "100% hacker proof system".
Actually, there are many reasons IMO:
1 - Browser history files. These are many many many files, not just one or two. Would you enjoy it if someone stole your laptop and the was able to comb over which web sites you frequented? I sure wouldn't.
2 - E-mail. Same thing as above. You want someone reading your e-mail? No thanks for me.
3 - Personal IP (Intellectual Property). This being anything from a paper you're writing for school (someone else in the class might be happy to have a full or even half finished paper) to the new spy thriller novel you're almost done with.
4 - Personal documents. Again, I wouldn't want someone reading my budget, or my list of goals for the future ("become a fairy princess"). I also keep inventories of my posessions (my comic collection, my electronics, the hardware on all of my computers, etc) on my computer. If someone were to see that, my house would be a juicy target to break into.
5 - Any other computer file that you consider private. Anything from your goat pr0n to your "top secret Quake 3 config file".
Using an encrypted file sysytem is the best all in one solution, rather than encrypting individual files. This way, rather than individually encrypting 100 files, you can just move them to the encrypted partition, and you've got security without the hassle.
Would anyone know if there are any hardware level encryption devies that Linux supports?
As with most things, using hardware instead of software is faster (sometimes *much* faster), so this would not only be an answer to the speed problem that was posed, but also it would be very reliable (as opposed to encryption daemons that may die when the system runs out of swap, etc).
The other advantage is that hackers can't touch it. What if a hacker recompiled the binaries for your software encryption with a backdoor? Bad news, your formally encrypted partition is now fully accessable to the hacker or anyone who is aware of the backdoor. With a hardware solution, it's almost impossible to trojan and/or modify the hardware.
Ideas on the hardware solutions for disk encrption that are out there, and if so, which ones does Linux support?
You're correct about "solid default security configuration", but what *NIX OS (besides OpenBSD) comes with a good default security configuration?
As people have stated many times, in hundereds of posts before, it's the admins job to secure the box. I don't care if the *NIX I'm installing has a default root password of "password" and a 5 year old version of sendmail running on it. It's up to me to fix those things before I put it on a network.
Now, it can be argued that the vendor should fix these things. Sure, *NIX vendors should always put the latest versions of software in their distributions in order to prevent security breaches, but there are always exploits that come out after the CDs have been pressed and shipped. In which case (and it always is the case), it's up to the admin to apply the appropriate security patches.
So, no matter how good, bad or indifferent the default configuration of a machine is, it's up to the person who admins and/or installs the box to secure it for real.
Yes, lazy admins are the problem, but just to clarify, this isn't an "exploit".
These machines were hacked (in ways that any other machine would be hacked DNS, rpc.statd, sendmail, etc). The person that hacked the machine then put the DDoS software on the machine for later use.
Lazy admins are the issue since they did not take the appropriate measures to secure their boxes (applying patches, setting up a firewall, etc), but the actual DDoS software was installed as a result of the boxes being hacked. Hence, the DDoS software is the result and not the cause of the hacking.
Sorry, but I cannot agree with you.
Would 560 computers with OC3's attached to each one be enough for a DDoS? You bet it would.
Would 560 computers with cable modems (capped at 128 Kb/sec upstream) be enough for a DDoS? Probably not.
Also, keep in mind, this all depends on the target of the DDoS. 560 dialup machines with 56k modems would be enough to flood a few dialup connections, or perhaps a cable modem or DSL line.
Thus, as for the question "is is enough for a DDoS?" the answer is "it depends on the connections that the infected computers have and the target."
There really isn't much to say about this article execpt for good old rampant Slashdot speculation.
So some people found some trojans that could be used for DDoS attacks on a few hundered machines. Does this mean a DDoS is "brewing" or ready to be launched? Hardly.
In order to know if something was coming, we would actually have to talk to whomever put those trojans on the machines to see what their motivation is, and when they plan to use them. Unfortunatly, this will more than likely never happen.
For all we know, this could just be some script kiddies person cache of trojans to take over IRC channels, not DDoS a large site such as Yahoo! or Ebay. Heck, maybe is the BOFH Users Group out for revenge on companies that have had enought of their antics and fired them. Who knows?
So, is a new, massive DDoS brewing? Unless one of the people who planted these trojans tells us, or a DDoS actually happens, we'll never know.
Frankly, I don't see this as a large issue.
I came from a small town where one convience store starting carding for lighters. So, what happened? All of the kids that smoked (or used lighters for other purposes) weren't too happy, so they went to the other end of the block to another convienence store where they didn't card. It was as simple as that.
One store put a restriction of sales in place, so the consumers simply went to another store, where there was no such restriction. The consumers were happy, the store that got new business was happy, and the store that was carding eventually stopped the practice, bringing back few if any of it's former customers.
I also see this as strange because isn't K-Mart only hurting themselves in this case? What do they have to gain financially? Carding will only bring fewer sales; those kids who were going to purchase a game and help K-Mark make profit before, can now not purchase that game, hurting both the consumer and K-Mart. Sure, K-Mart may receive applause from the anti-violent video game crowd, but isn't business about profits? And by enforcing this practice, K-Mart his hurting their profits.
The answer to this "problem" is quite simple: if you can't get it from retailer A, go to retailer B. The end result will be the same: happy consumer, new retailer gains business and the old, restrictive retailer loses business.
I assume you're asking if using some kind of "virtual machine" technology such as VMware degrades performance due to the fact the OS isn't accessing the hardware directly.
The answer, is yes. As for the level of performance degredation, that I couldn't tell you exactly, and would think it would vary between applications and OSes. You're correct, the more levels of software between a process (the kernel, an application, a daemon, etc), the slower that process is due to having to move through the layers to get the to actual hardware. Rather than go Application -> Kernel -> Hardware, a machine with VMware would go Application -> Kernel -> VMware -> hardware. One extra step, and thus a loss of performance, no matter how small.
Unless the software package (the VMware-esque program) is poorly written, the performance loss is usually not noticable to the end user based on experiences I've heard about. The large exception to this rule is games, where speed and direct hardware access are everything.
Doesn't this depend on when the patents were actually filed?
I say this because if VOS filed the patents after VMware or plex86 were released, then VMware or plex86 would have created the technology before VOS even existed, giving them the rights (I thought it was called "prior creation" or something like that, but I don't recall exactly).
Can anyone verify this for me? When the patent was issued and if VMware and plex86 were created before VOX?
I would also enjoy seeing the shell histories of the people who participated in this event.
When I seen intrusion detection and honeypot articles, the most interesting thing IMO is seeing the shell history of the intruder. Shell history is one of the best ways to actually see an intruder's train of thought step by step, uncensored. Getting in, obtaining root, cleaning the logs, setting up rootkits and trojans, etc.
The other thing I take much joy in reading is IRC logs of hackers (posted in some honeypot articles). I feel the IRC logs are the best insight as to which hackers are the real thing, and which ones are just script kiddies begging new spl0its off of the veterans and innovators.
ok ok ok, last reply to my own post, I swear.
I kept saying "IBM" in the original post, when I really meant "IBM or any other company".
Apologies if it seems as if I'm just ripping on IBM here, but it's any company that has unreleased technology.
This is yet another "I've always wondered...." question I have for all you Slashdot readers.
When we see stories about quantum leaps in computer technology, why are companies so slow to actually produce, implement, and sell it?
I feel releasing this technology now would not only benefit consumers, but help to drive down prices of other technologies. For example, if IBM released a processor built using this process today, I'm confident Intel's CPU price would drop.
So, what's keeping IBM from releasing hardware based on this technology in 1 to 2 years instead of 10 to 15? Ideas?
I've had a question about this for a while, and none of my friends can seem to answer it. So, I'm going to let the Slashdot give it a shot.
Is there any way to use additional processors or co-processors on a PC (x86) to run SETI @ Home clients?
For example, I have a Voodoo 2 (12 Megs of RAM) in my Linux box. Would there be some way to write a SETI client that uses the Voodoo's processors to run additional SETI clients/threads? This situation is pefect because unless I'm using a 3D program (Quake 3, Unreal Tournament, etc) the Voodoo is doing nothing.
The only reason I ask this question is because computers do math, it's a fact, just math all of the time. Why not have the SETI client use some of the great FPU (Floating Point Unit) on the graphics processors of a Voodoo card? Have the Voodoo do it's math on the Voodoo's processors rather than the PC's CPU.
Also, I don't see why this won't work for other things besides Voodoo cards. Any card that's strictly 3D, some NICs have a small co-processor for checksumming, or even a way to set the prioroity on the SETI client using a 2D/3D card (so 2D performance doesn't suffer when the user is using normal windowed applications).
guess what fuck stick, I'm going to sign up for that DSL, and I'm not going to use you as a referrer since you're such a moron. Thanks for the info, I hope you lose time and money.
I beleive they weren't looking at the technical aspects of it, but the "file sharing over the Internet" aspect of it.
Alright, I'll post something a little more on topic than "hot grits" this time.
First, please keep in mind that Gnutella doesn't have anything to do with getting around copy protection. Gnutella is simply a way to distribute files, no more, no less. Gnutella doesn't help crackers (please, no "hacker" vs "cracker" flames) break copy protection, just distribute the cracked files and/or utilties to crack those files.
Back in high school, I'd just borrow somebody's tape and copy it. There's always a way around copy protection.
You're 100% correct in that statement, as we have seen in the past. Copy protection methods have come and gone, and as of yet, none have withstood the ultimate test: time and ingenuity.
I feel the largest problem for the RIAA is they don't seem to have very much technical knowledge to employ in this argument. If they want to look at the issue from all sides, they should hire some geeks, have them research and report copy prevention techniques and ways around them in order to get a larger, "big picture" perspective of what they're "fighting" against.
The reason I say they should hire some geeks is becasue, quite simply, you'll never be able to make something that is 100% copy protected, and hopefully these geeks can enlighten them to this fact. Two cases in point: first, the drivers. That's right folks, the drivers. If any of you haven't heard about this theory before, decrypted data can be captured at the device driver level. All it takes is someone to write a modified Sound Blaster driver which will capture the data right before it's sent to the hardware (ie: sound card and speakers). The second case is capturing at the hardware level. This can be either as simple as putting a microphone up to your speakers and recording it back to the drive. Sure, not as good of quality, blah blah blah, but a copy none the less. The other example of capture at the hardware level is something I have seen on a few posts here on Slashdot as the past: digital or an alternative output from the sound device (sound card). Can't crack that encrypted music file? Play it and send the output to some sort of recording device (Sony Minidisc, Tape Player, input on another sound card on the machine, etc)
I hate to give them ideas, but here's what the RIAA really needs to do in order to take the next real step in copy protection: copy protection must be implemented at the hardware level. That's right, a special sound device (sound card) and perhaps output device (speakers, headphones, etc) that makes some sort of "secure" connection to eachother so that no decrypted data can be captured on the computer/device itself. Now, this still won't deter the old microphone method (you'll never be able to get around that one. If you can hear it, you can record it.), but it will deter the alternate output method, along with the driver method.
Oh yes, and please don't get me wrong. Copy protection at the hardware level wouldn't stop crackers, no siree Bob. It would make it harder, but keep in mind, the word "impossible" is a very strong, and often misused word.
Actually no, he didn't. According to this article on TheForce.net, Lucas is working on the DVD. The reperesentative from Lucasfilm Limited said yes, Lucas is working on a DVD, it's too early to say when it's going to be out or what will be on it, and that there will be NO Episode I Special Edition with the deleted scenes (however they may be included in the DVD, but it's too early to say).
No, I don't work for TheForce.net, but they're the most reliable and up to date site when it comes to Star Wars news that I have found.
I'm not saying this is unfair, or lying or a half truth or anything like that since Intel has MMX, but I feel it's a somewhat skewed view of things.
Nope, I never thought it wasn't fair. Please read the quote from my original post above.
I see it this way: When new generation Pentium, Sparc or Alpha processors come out, you don't have to recompile things to make them take advantage of the speed increase. Sure, recompiling them might make them faster, but with the Velocity Engine, you actually have to modify the program where as with the processors mentioned above, they can take advantage of the speed increase without any changes.
I do enjoy the fact that Photoshop can take advantage of this special feature with just a plugin, however I don't beleive the vast majority of applications can do this (a simple plugin).
That said, the G4 is still far ahead of twice-as-'fast' Pentium IIIs - several reviews have shown that, with Altivec-native programs like Photoshop, a G4 at 450MHz creams a Pentium III at 1GHz, by 30% in some instances. With Mac OS X on dual or quad G4s, and with much better G4s (dual altivec units, and deeper pipelining to allow higher clock speeds) coming this fall, the Mac platform's about to get a massive boost.
I've heard of this before. Are you referring to the "vector processing unit" or Velocity Engine? For those of you who haven't seen the benchmarks, here is a link to an article with a few benchmarks.
The only thing I don't like about this is the fact that in order to beat the PIII's, a special Photoshop plugin is required to make use of the Velocity Engine.
What does this mean? Quite simply, an application must specifically be written (or re-written) to take advantage of the Velocity Engine. I'm not saying this is unfair, or lying or a half truth or anything like that since Intel has MMX, but I feel it's a somewhat skewed view of things.
Many video cards are like this as well. I remember reading an interview with one of the programmers at iD (Gremme I beleive) where he stated the largest problem with game performance is having to write code that works with all sorts of video cards. Many individual cards such as 3Dfx have propritary APIs such as Glide that gives a great performance boost, but obviously Glide apps will only run on 3Dfx cards (wrappers non-withstanding).
Thus, I have nothing against Macs (hey, progress is progress, and people everyone likes or hates things for his or her own reasons), however I don't think that just Photoshop benchmarks with a plugin which makes use of a Mac specific co-processor tell the whole story.