As far as I know, nobody has come up with a de facto distributed, anonymous replacement for trackers.
*ahem*BitTorrent uses the Kademila DHT for distributed tracking, and it works really, really well so far. I haven't used a centralized tracker for a year or so now. There's also peer exchange (PEX).
The trackers aren't the weak points of BitTorrent, and haven't been for years. The weak point is in.torrent distribution, with commenting/forum, seed/leach counts, search, etc. Magnet links partially resolve this by moving the.torrent files out to the DHT as well.
I managed to throw a leather ball to someone on another realm and get got to keep it, so you can do more than just send conjured items and dungeon drops.
I wouldn't worry about making anything under level 15 easier. Levels 5-15 are probably the most frustrating part of the whole game. Gear sucks, everything respawns way too fast, and you don't have many abilities to choose from to get yourself out of trouble.
That kind of statement is probably the most effective way to get a teenager to read anything. If you had said "please read my journals" he wouldn't have even looked at them, but now...
As the sibling said, try stripping the debug symbols. gcc stuffs its binaries with 'em. If I am not mistaken, it's a result of the philosophy behind gcc.
In my small amount of experience observing these types of ssh attacks, and even letting them into high-interaction honeypots to see what they do, there are four simple things that can be done to really cut down on the danger. Applying the first item, and any subset of the last three should be pretty good.
One, turn off root log in. Then they have to guess both a user name and a password. This would stop every single attack I have ever seen in my logs, since none of them have guessed a correct user account, let alone a correct password. It tries names like root, admin, apache, samba, so if you have these make sure they can't log in with ssh.
Two, use a decent password. A lot of people will tell you to take the inconvenient route of disabling password logins, saying they are dangerous. However, guessing over ssh is extremely slow, compared to a brute force attempt on a local machine. This means they really only get a chance to guess the most obvious passwords. If you trust all the passwords on the system to have decent strength, which is the case if, say, you are the only person logging into the machine, then you don't need to disable password logins.
Three, in case they did somehow figure out the name of an account that can log in, run DenyHosts. This will stop non-distributed attacks in their tracks, as they only get a few guesses.
Four, move the ssh port to something other than the default 22. I moved mine to 443 (https), since it's accessible from highly firewalled networks behind which I may be trapped, and people are already used to seeing encrypted traffic on that port. Ever since I did this, I haven't seen a single login attempt on my server other than myself. This means my server also wastes less time rejecting remote logins.
The ssh brute force bots I've seen are very stupid. I'm not really sure what the bot operators are doing. In my ssh honeypot where I have the root password set to "password", most bots won't ever guess it after thousands of attempts. Of the ones that do eventually guess the right password, most log out right away, then go right back to guessing root passwords again! Maybe trying to detect if it's a honeypot? Then there are ones that do log in and stop guessing, but they immediately log out and don't ever return (that is, no one has ever shown up and logged in without making guesses). Security researchers? Maybe marked my honeypot down for some future abuse? Maybe detected that it was a honeypot? I'm not sure what's going on with that.
There have been a few mistakes made, but nothing terribly important. The ones I know of can possibly be attributed to character confusion. For example, there was that TNG episode where they find Scotty trapped in a transporter buffer after an accident. When they free him he believes that Kirk has brought the Enterprise to come rescue him. However, Scotty had already witnessed what was believed to be Kirk's death in Star Trek: Generations, so Scotty should believe Kirk to be dead at that time.
But nowhere near as inconsistent as the bible, with its multiple, incompatible creation myths.:-)
I'd like to see that shortener database stored as a distributed hash table, and clients can either query it directly by joining the DHT or, as you said, use a service that exposes an simple API that queries DHT.
This is an article about subs that launch airplanes. Fucking airplanes! We're talking about something that's on the same level as a gun that shoots swords instead of bullets. This sort of thing can cause nerdgasms.
Heh, maybe the aXXo people should start signing their releases. Of course, if they ever go to trial it can bite them in the ass, like the wet bandit sink thing in Home Alone.
This sounds a bit like Berry's paradox: "Some natural numbers, like 2, are interesting. Some natural numbers, like 255610679 (I think), are not interesting. Consider the set of uninteresting natural numbers. If this set were nonempty, it would contain a smallest element s. But then s, would have the interesting property of being the smallest uninteresting number. This is a contradiction. So the set of uninteresting natural numbers must be empty."
So perhaps by the same logic there are no non-notable languages. Go! is notable merely because it's not notable.
We've had decentralized tracking for years now, based on the Kademila distributed hash table. As long as the.torrent creator didn't turn on the private flag DRM, this system works really well, and I think it tends to provide an even richer set of peers from which to choose.
We also have OpenBittorrent which is a tracker that has no idea what it's tracking, putting it in a safer legal position than trackers have normally been in. Any torrent can use that if they wish.
The legal bottleneck is in distributing the.torrent files themselves. This involves more than just distribution, too. You want to have user feedback to weed out malicious or fake torrents. You want to have up-to-date seeder/leacher information. This is the weak spot in BitTorrent right now. That's what makes TPB and Mininova and the like so important.
That's how The Little Red Book (Quotations from Chairman Mao Zedong) became the most widely printed book in the world. "The book's phenomenal popularity may be due to the fact that it was essentially an unofficial requirement for every Chinese citizen to own, to read, and to carry it at all times during the later half of Mao's rule, especially during the Cultural Revolution."
I still have to write destructors that clean up all the pointers to an object, and all garbage collection does is force me to call the destructor as a function, rather than a more clear 'delete' statement.
You're doing it wrong. (The GC does all that for you.) The only reason you would write a destructor is when the object is tied to an external resource that the GC doesn't manage, and you still wouldn't call the destructor directly.
Worse, it takes away my most powerful speed optimization tool: careful memory layout for best cache hit rates.
"The First Rule of Program Optimization: Don't do it. The Second Rule of Program Optimization (for experts only!): Don't do it yet." Find the bottlenecks later and rewrite them in C or something low level.
Garbage collection (or its cousin, reference counting) is what turns a 5 hour programming task into a 1 hour programming task.
I use Lynx for the occasion when a program has an http configuration which is binded only to the loopback device, and I want to give it a quick check over ssh.
Graphics cards are complex beasts whose drivers sit in the kernel where they could make mistakes. X has had it's various information leaks due to its complexity (keystroke leaking, etc). You know how when the Vista UAC pops up the screen does that blink? That's to deal with stuff like API driven clicks from real ones, operating at a different driver permission level or something. When installing a Firefox extension you have to wait for that 3 second pause so you can't accidentally strike enter for it, partly to mitigate problems with flawed windowing systems. The list goes on and on.
Graphics add a lot of complexity to the system, and increased system complexity introduces a lot of inevitable security and stability problems.
Slashdot Mirror
As far as I know, nobody has come up with a de facto distributed, anonymous replacement for trackers.
*ahem* BitTorrent uses the Kademila DHT for distributed tracking, and it works really, really well so far. I haven't used a centralized tracker for a year or so now. There's also peer exchange (PEX). The trackers aren't the weak points of BitTorrent, and haven't been for years. The weak point is in .torrent distribution, with commenting/forum, seed/leach counts, search, etc. Magnet links partially resolve this by moving the .torrent files out to the DHT as well.
I managed to throw a leather ball to someone on another realm and get got to keep it, so you can do more than just send conjured items and dungeon drops.
I wouldn't worry about making anything under level 15 easier. Levels 5-15 are probably the most frustrating part of the whole game. Gear sucks, everything respawns way too fast, and you don't have many abilities to choose from to get yourself out of trouble.
You should read up on copyleft sometime before making such foolish posts in the future.
Oh, and don't read my journals, you're too young.
That kind of statement is probably the most effective way to get a teenager to read anything. If you had said "please read my journals" he wouldn't have even looked at them, but now ...
I see what you did there.
It's what they did with Rhino.
On unix-like systems, the execution bit isn't determined simply by the filename.
As the sibling said, try stripping the debug symbols. gcc stuffs its binaries with 'em. If I am not mistaken, it's a result of the philosophy behind gcc.
Sadly, most people do work direct, and the tax money is taken from them before they get their check.
To quote Chris Rock, "That ain't a payment, that's a jack!"
All torrents are trackerless by default. You usually have to turn it.
As long as the private flag DRM isn't set, which prevents you from turning it on.
In my small amount of experience observing these types of ssh attacks, and even letting them into high-interaction honeypots to see what they do, there are four simple things that can be done to really cut down on the danger. Applying the first item, and any subset of the last three should be pretty good.
One, turn off root log in. Then they have to guess both a user name and a password. This would stop every single attack I have ever seen in my logs, since none of them have guessed a correct user account, let alone a correct password. It tries names like root, admin, apache, samba, so if you have these make sure they can't log in with ssh.
Two, use a decent password. A lot of people will tell you to take the inconvenient route of disabling password logins, saying they are dangerous. However, guessing over ssh is extremely slow, compared to a brute force attempt on a local machine. This means they really only get a chance to guess the most obvious passwords. If you trust all the passwords on the system to have decent strength, which is the case if, say, you are the only person logging into the machine, then you don't need to disable password logins.
Three, in case they did somehow figure out the name of an account that can log in, run DenyHosts. This will stop non-distributed attacks in their tracks, as they only get a few guesses.
Four, move the ssh port to something other than the default 22. I moved mine to 443 (https), since it's accessible from highly firewalled networks behind which I may be trapped, and people are already used to seeing encrypted traffic on that port. Ever since I did this, I haven't seen a single login attempt on my server other than myself. This means my server also wastes less time rejecting remote logins.
The ssh brute force bots I've seen are very stupid. I'm not really sure what the bot operators are doing. In my ssh honeypot where I have the root password set to "password", most bots won't ever guess it after thousands of attempts. Of the ones that do eventually guess the right password, most log out right away, then go right back to guessing root passwords again! Maybe trying to detect if it's a honeypot? Then there are ones that do log in and stop guessing, but they immediately log out and don't ever return (that is, no one has ever shown up and logged in without making guesses). Security researchers? Maybe marked my honeypot down for some future abuse? Maybe detected that it was a honeypot? I'm not sure what's going on with that.
There have been a few mistakes made, but nothing terribly important. The ones I know of can possibly be attributed to character confusion. For example, there was that TNG episode where they find Scotty trapped in a transporter buffer after an accident. When they free him he believes that Kirk has brought the Enterprise to come rescue him. However, Scotty had already witnessed what was believed to be Kirk's death in Star Trek: Generations, so Scotty should believe Kirk to be dead at that time.
But nowhere near as inconsistent as the bible, with its multiple, incompatible creation myths. :-)
I'd like to see that shortener database stored as a distributed hash table, and clients can either query it directly by joining the DHT or, as you said, use a service that exposes an simple API that queries DHT.
Yeah, if the ad-supported model actually worked they would be broadcasting all sorts of television stations over radio waves by now.
This is an article about subs that launch airplanes. Fucking airplanes! We're talking about something that's on the same level as a gun that shoots swords instead of bullets. This sort of thing can cause nerdgasms.
a showcase of the very worst, morally, psychologically, and emotionally, that humanity is capable of.
It gets even worse than 4chan in the dark corners of anonymous networks.
Heh, maybe the aXXo people should start signing their releases. Of course, if they ever go to trial it can bite them in the ass, like the wet bandit sink thing in Home Alone.
Slashdot is slightly better than the youtube/twitter rabble because its a site focused on technology (usually) and has a moderation system.
And full-fledged threading! I don't know how a group of people can have a useful online conversation without it.
This sounds a bit like Berry's paradox: "Some natural numbers, like 2, are interesting. Some natural numbers, like 255610679 (I think), are not interesting. Consider the set of uninteresting natural numbers. If this set were nonempty, it would contain a smallest element s. But then s, would have the interesting property of being the smallest uninteresting number. This is a contradiction. So the set of uninteresting natural numbers must be empty."
So perhaps by the same logic there are no non-notable languages. Go! is notable merely because it's not notable.
We've had decentralized tracking for years now, based on the Kademila distributed hash table. As long as the .torrent creator didn't turn on the private flag DRM, this system works really well, and I think it tends to provide an even richer set of peers from which to choose.
We also have OpenBittorrent which is a tracker that has no idea what it's tracking, putting it in a safer legal position than trackers have normally been in. Any torrent can use that if they wish.
The legal bottleneck is in distributing the .torrent files themselves. This involves more than just distribution, too. You want to have user feedback to weed out malicious or fake torrents. You want to have up-to-date seeder/leacher information. This is the weak spot in BitTorrent right now. That's what makes TPB and Mininova and the like so important.
That's how The Little Red Book (Quotations from Chairman Mao Zedong) became the most widely printed book in the world. "The book's phenomenal popularity may be due to the fact that it was essentially an unofficial requirement for every Chinese citizen to own, to read, and to carry it at all times during the later half of Mao's rule, especially during the Cultural Revolution."
I still have to write destructors that clean up all the pointers to an object, and all garbage collection does is force me to call the destructor as a function, rather than a more clear 'delete' statement.
You're doing it wrong. (The GC does all that for you.) The only reason you would write a destructor is when the object is tied to an external resource that the GC doesn't manage, and you still wouldn't call the destructor directly.
Worse, it takes away my most powerful speed optimization tool: careful memory layout for best cache hit rates.
"The First Rule of Program Optimization: Don't do it. The Second Rule of Program Optimization (for experts only!): Don't do it yet." Find the bottlenecks later and rewrite them in C or something low level.
Garbage collection (or its cousin, reference counting) is what turns a 5 hour programming task into a 1 hour programming task.
I use Lynx for the occasion when a program has an http configuration which is binded only to the loopback device, and I want to give it a quick check over ssh.
Graphics cards are complex beasts whose drivers sit in the kernel where they could make mistakes. X has had it's various information leaks due to its complexity (keystroke leaking, etc). You know how when the Vista UAC pops up the screen does that blink? That's to deal with stuff like API driven clicks from real ones, operating at a different driver permission level or something. When installing a Firefox extension you have to wait for that 3 second pause so you can't accidentally strike enter for it, partly to mitigate problems with flawed windowing systems. The list goes on and on.
Graphics add a lot of complexity to the system, and increased system complexity introduces a lot of inevitable security and stability problems.