OpenNTPD has clearly been written by someone who doesn't understand NTP. For example, it advertises incorrect root delay and disperson values, which can cause clients to fail to achieve a majority vote, or to pick the wrong peer to synchronise against. (Earlier versions were even worse, they advertised themselves as being at stratum 0, which could cause synchronisation loops; this has thankfully been fixed, but it doesn't inspire much confidence in the authors' competence.)
I've also found OpenNTP to fail to regulate the local clock on dodgy hardware (it would oscillate wildly, with an amplitude of 3 seconds or so), in situations where the reference ntpd coped just fine.
Linux configs vary a bit more in that v6 is not typically enabled by default
IPv6 is enabled by default on all Linux distributions known to me, and that has been the case for five years or so.
(Your confusion may stem from the fact that, unlike Windows, Linux distributions do not enable the Teredo protocol by default. But that's a different matter.)
we can't just 'toss this machine out and buy new' (it's a 175k machine) [...] newer versions of Windows don't support the software that run on these computers
So you invest $175,000 without making sure you'll get software updates?
Where is all the fucking Enterprise hardware and firmware updates to support it?.
Most large companies have been requiring IPv6-capable gear for the last 4 years or so, while the DoD mandages IPv6 support since 2005.
Because of that, most recent hardware and software is IPv6-capable. Cisco IOS, for example, has been doing IPv6 since 2001. Microsoft servers have been able to work over IPv6 since Server 2003. Mac OS X since 10.4, Linux since the 2.4 series.
If you're still stuck with IPv4-only hardware or software, it's your fault.
Serious questions about this law: is it connection based, or account holder based?
Subscriber based -- the disconnection is linked to the real-world identity of the subscriber. (In France, you cannot even buy a pre-paid telephone SIM without showing id.)
In case of the second: you're landlord and account holder of the Internet connection of the flat you let out, tenant downloads stuff, gets three strikes, and gets disconnected, will they also disconnect your personal connection?
Tor is not only for hiding your identity from the server; it's also useful for preventing your ISP from learning who you're connecting to, and for tunnelling aroud any firewalls that might be in place (as long as tor itself isn't blocked).
For example, I commonly use ssh over tor. Since I'm authentifying to the server, I'm obviously not hiding from it, but I prevent my ISP from knowing where I ssh to.
The magnet link contains a hash of the.torrent file, which happens to be the key to search for in the DHT (it's in the btid field of the magnet link). The local peer consults the DHT, and finds some peers that participate in the desired swarm; it then downloads the.torrent file from those peers. After checking that the torrent matches the expected hash, the local peer just does normal trackerless operation.
Actually, you don't even need the DHT. Most BitTorrent clients implement "local network discovery", a protocol extension that allows them to automatically and quickly discover peers participating in the same swarm on the local LAN segment. It's usually disabled by default, for obvious privacy reasons, so you'll want to hunt for the features in your preferences dialog.
Nowadays there is such thing as "trackerless torrents". No idea how it works, but it works.
It uses a technique known as a Kademlia Distributed Hash Table (DHT). It's a rather tricky algorithm, which turns out to work beautifully for this particular application.
Does it actually support it at that level, or does it (as I've heard) do the Android thing and just halt the application while in the background?
Er, no. Android does honest-to-god multitasking, with background applications running normally unless they choose to suspend themselves.
What's unusual about Android (for us desktop programmers) is that the OS goes into sleep as soon as nothing is running, so if your idle application needs the handset to remain awake (say, in order to receive network packets or to ring an alarm), it must program it to do so (using wake-locks or alarms). But as long as the handset is awake, it's real multitasking that's going on.
No, it isn't. The kernel is GPLv2, but that's just a tiny wee bit of Android. The user-space code uses a mixture of non-copyleft licences (mostly the APL).
the move of various other projects towards GPLv3 is only going to make this sort of problem worse.
Much as I dislike the GPL (and especially the GPLv3), that's nonsense.
This year IT students make up 10 per cent of the university's student intake with some 263,000 studying the subject.
Huh? The OU has 2.6 million students? 4% of the UK's population?
the university has some 25,000 students who have "paused" their IT studies.
The OU is a huge institution, but the 263,000 is the total number of students of all disciplines. This means that there are around 25,000 total IT students, and roughly the same number of "paused" ones.
Somebody mean spirited might conclude that while distance learning might work for Psychology and even Philosophy, it's not suitable for highly technical disciplines such as CS...
If you want to experiment with IPv6, I strongly recommend that you get yourself a router supported by OpenWRT and reflash it. This will also give you the ability to do all sorts of things that consumer routers usually don't do, such as traffic shaping, arbitrary subnetting, dynamic routing, or simply basic router functionality with fewer bugs.
No, it doesn't. This test is about seeing what happens when providers add AAAA records. On the 8th, look very carefully for issues with your network, and if you see anything strange, file bugs with your ISP.
The third zipfile contains no less than 443,000 lines of code (not counting a number of duplicates under _old), including ports to Virtual C++, Borland C and Gcc under Unix, different versions of the protocol parser, and so on. The few bits I've looked at are written competently and with confidence, there's none of the "this byte is 42 in all messages, I don't know why" that you'd expect in reverse-engineered code.
It's either a leak of Skype's code, or a decompilation; it's certainly not a reimplementation.
--jch
IOn a serious note, how is Year 2038 being dealt with?
64-bit arches are already not vulnerable, since time_t is 64 bits there.
If there are any 32-bit arches left in 2038, we'll deal with them in the same way we dealt with the 2GB limitation for file size: by defining new 64-bit datatypes (time64_t, struct timespec64, etc.) and a set of new system calls (time64, gettimeofday64, etc.), and allowing the C headers to transparently map the old names to the new system calls (as with -D_FILE_OFFSET_BITS=64).
Slashdot Mirror
OpenNTPD just ignored the leap second
OpenNTPD has clearly been written by someone who doesn't understand NTP. For example, it advertises incorrect root delay and disperson values, which can cause clients to fail to achieve a majority vote, or to pick the wrong peer to synchronise against. (Earlier versions were even worse, they advertised themselves as being at stratum 0, which could cause synchronisation loops; this has thankfully been fixed, but it doesn't inspire much confidence in the authors' competence.)
I've also found OpenNTP to fail to regulate the local clock on dodgy hardware (it would oscillate wildly, with an amplitude of 3 seconds or so), in situations where the reference ntpd coped just fine.
Folks, do yourself and everyone a favour -- run the reference NTP, run chrony, heck, run some SNTP client, but please avoid OpenNTPD.
Even the name Belarus means "White Russia".
No, it means White Ruthenia . (Rus' as opposed to Rossiya.)
--jch
Linux configs vary a bit more in that v6 is not typically enabled by default
IPv6 is enabled by default on all Linux distributions known to me, and that has been the case for five years or so.
(Your confusion may stem from the fact that, unlike Windows, Linux distributions do not enable the Teredo protocol by default. But that's a different matter.)
--jch
sudo apt-get install gogoc
More difficult to debug when it fails, but often yields better performance:
sudo apt-get install miredo
--jch
we can't just 'toss this machine out and buy new' (it's a 175k machine) [...] newer versions of Windows don't support the software that run on these computers
So you invest $175,000 without making sure you'll get software updates?
I rest my case -- it's your own fault.
--jch
Microsoft somehow has the power to make everyone cripple their implementation of Atom to 2GB or less RAM supported
Can you cite an article showing how Microsoft is responsible? Google 2 gb atom limit microsoft failed me.
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366778(v=vs.85).aspx
Where is all the fucking Enterprise hardware and firmware updates to support it?.
Most large companies have been requiring IPv6-capable gear for the last 4 years or so, while the DoD mandages IPv6 support since 2005.
Because of that, most recent hardware and software is IPv6-capable. Cisco IOS, for example, has been doing IPv6 since 2001. Microsoft servers have been able to work over IPv6 since Server 2003. Mac OS X since 10.4, Linux since the 2.4 series.
If you're still stuck with IPv4-only hardware or software, it's your fault.
--jch
The Mac was Jobs's baby.
Andy Hertzfeld might disagree.
--jch
--jch
Serious questions about this law: is it connection based, or account holder based?
Subscriber based -- the disconnection is linked to the real-world identity of the subscriber. (In France, you cannot even buy a pre-paid telephone SIM without showing id.)
In case of the second: you're landlord and account holder of the Internet connection of the flat you let out, tenant downloads stuff, gets three strikes, and gets disconnected, will they also disconnect your personal connection?
In principle, yes.
You may want to read http://en.wikipedia.org/wiki/HADOPI .
--jch
Tor is not only for hiding your identity from the server; it's also useful for preventing your ISP from learning who you're connecting to, and for tunnelling aroud any firewalls that might be in place (as long as tor itself isn't blocked).
For example, I commonly use ssh over tor. Since I'm authentifying to the server, I'm obviously not hiding from it, but I prevent my ISP from knowing where I ssh to.
-- jch
Yet another DVCS article that doesn't mention Bazaar at all.
Neither does it mention Darcs, Mercurial or GNU Arch.
-- jch (who prefers Darcs himself, but has been switching to Git for compatibility with the rest of the universe)
F[ine] magnet links, how do they work?
The magnet link contains a hash of the .torrent file, which happens to be the key to search for in the DHT (it's in the btid field of the magnet link). The local peer consults the DHT, and finds some peers that participate in the desired swarm; it then downloads the .torrent file from those peers. After checking that the torrent matches the expected hash, the local peer just does normal trackerless operation.
-- jch
With DHT, you wouldn't even need a tracker
Actually, you don't even need the DHT. Most BitTorrent clients implement "local network discovery", a protocol extension that allows them to automatically and quickly discover peers participating in the same swarm on the local LAN segment. It's usually disabled by default, for obvious privacy reasons, so you'll want to hunt for the features in your preferences dialog.
--jch
Nowadays there is such thing as "trackerless torrents". No idea how it works, but it works.
It uses a technique known as a Kademlia Distributed Hash Table (DHT). It's a rather tricky algorithm, which turns out to work beautifully for this particular application.
--jch
Does it actually support it at that level, or does it (as I've heard) do the Android thing and just halt the application while in the background?
Er, no. Android does honest-to-god multitasking, with background applications running normally unless they choose to suspend themselves.
What's unusual about Android (for us desktop programmers) is that the OS goes into sleep as soon as nothing is running, so if your idle application needs the handset to remain awake (say, in order to receive network packets or to ring an alarm), it must program it to do so (using wake-locks or alarms). But as long as the handset is awake, it's real multitasking that's going on.
-- jch
... while the code for Android is GPLv2,
No, it isn't. The kernel is GPLv2, but that's just a tiny wee bit of Android. The user-space code uses a mixture of non-copyleft licences (mostly the APL).
the move of various other projects towards GPLv3 is only going to make this sort of problem worse.
Much as I dislike the GPL (and especially the GPLv3), that's nonsense.
--jch
Huh? Ever heard of "the rest of the world"?
From About the OU :
-- jch
This year IT students make up 10 per cent of the university's student intake with some 263,000 studying the subject.
Huh? The OU has 2.6 million students? 4% of the UK's population?
the university has some 25,000 students who have "paused" their IT studies.
The OU is a huge institution, but the 263,000 is the total number of students of all disciplines. This means that there are around 25,000 total IT students, and roughly the same number of "paused" ones.
Somebody mean spirited might conclude that while distance learning might work for Psychology and even Philosophy, it's not suitable for highly technical disciplines such as CS...
-- jch
I have no idea what consumer routers support IPv6
Very roughly speaking, none.
If you want to experiment with IPv6, I strongly recommend that you get yourself a router supported by OpenWRT and reflash it. This will also give you the ability to do all sorts of things that consumer routers usually don't do, such as traffic shaping, arbitrary subnetting, dynamic routing, or simply basic router functionality with fewer bugs.
--jch
which makes this test totally useless.
No, it doesn't. This test is about seeing what happens when providers add AAAA records. On the 8th, look very carefully for issues with your network, and if you see anything strange, file bugs with your ISP.
The third zipfile contains no less than 443,000 lines of code (not counting a number of duplicates under _old), including ports to Virtual C++, Borland C and Gcc under Unix, different versions of the protocol parser, and so on. The few bits I've looked at are written competently and with confidence, there's none of the "this byte is 42 in all messages, I don't know why" that you'd expect in reverse-engineered code.
It's either a leak of Skype's code, or a decompilation; it's certainly not a reimplementation. --jch
I'll give props to RMS in this case.
So now he's set the precedent that when you pay for RMS' trip, you're entitled to dictate what he does in his free time. Smart move.
IOn a serious note, how is Year 2038 being dealt with?
64-bit arches are already not vulnerable, since time_t is 64 bits there.
If there are any 32-bit arches left in 2038, we'll deal with them in the same way we dealt with the 2GB limitation for file size: by defining new 64-bit datatypes (time64_t, struct timespec64, etc.) and a set of new system calls (time64, gettimeofday64, etc.), and allowing the C headers to transparently map the old names to the new system calls (as with -D_FILE_OFFSET_BITS=64).
--jch
I believe it's enabled by default on Windows. On Linux, you enable it by putting
in your /etc/sysctl.conf