Rares Marian> Wait this is America... it's for the children. People think if they let fear run their lives willingly it will work out better compared to when governments used to do that forcibly.
You didn't even read the article. I quote:
The lessons this experiment may provide - including potential
insight on teaching techniques, the speech of children, and the application of software and hardware in novel environments - have been deemed important enough for the National Science Foundation to provide $1.8 million in funding grants.
This article has nothing to do with fear. If there's an emotion involved, it's hope: hope to learn how to teach more effectively.
Rares Marian> Morons.
The morons here are you and the moderators who gave you points for that.
(Incidentally, welcome to my foe list. Its prerequisite is an act of monumental stupidity.)
For what you do, it might be useless, but for people in Engineering and other fields, calculus is a VERY important subject. As a current CS major, I agree with what you say about descrete math and linear algebra, but I think you are discounting the need for Calculus.
Even in CS, you can't completely escape calculus. Asymptotic notation comes to mind. Whenever you talk about an algorithm being O(n), you're saying that the limit as n approaches infinity of T(n) = C*n, where C is an arbitrary constant. As I'm sure you know, limits are a fundamental building block of calculus. There are a fair number of tricks from calculus that I think become useful when trying to find the asymptotic behavior of complicated things (though I'm hardly an expert).
My other major is physics. No one questions that calculus is useful there. (I don't actually plan to use this major in the real world, though you never know. I just find it interesting to study.)
Umm, apparently some moderators don't realize this is a troll. The things he is talking about aren't even remotely relevant to this exploit, which is at a much lower level. And it's not even consistent:
In this post, he said:
Other simple techniques like removing all interpreted languages (java, Visual Basic, c# etc.) and replacing them with low level compiled code (C, of course) has generated speed increases upwards of 25% and also increase the security of the site as a side effect.
Writing websites in C is generally a very bad idea. It does horrible things to the security - introduces buffer overflow problems. And the speed increase, when it even exists (Java's performance is better than most people think), is not worth the extra programmer time.
Lets face it, all one has to do is take a quick look at the demand for certain skill sets on the net to get a pretty good feel for what's relevant today and I'm not sure c++ is anywhere on that radar screen. Most of my work as of late has been all Java and c#, with some legacy C programming done (on low level systems only of course, nobody would pay someone by the hour to have app level work done in C these days)
...so, apparently, he mostly uses the interpreted languages he just dissed stupidly.
The rest of the post is just stupid buzzwords:
For instance I was able to reduce the load time of a very well known and heavily traveled Fortune 500 website by moving all the graphics to black and white only, as they load on an average of Olog(n) faster than color graphics (where n is the number of pixels in the color graphic) thusly improving their UHCRF (unique hit customer retention factor) ratio by 35%!! I won't brag about the $10,000 bonus check I received from hitting that benchmark... heh.
More colors = more information = more time to download, but that O(log n) is stupid and wrong. And the other stuff is even more gibberish. This exploit has nothing to do with web applications, anyway.
An AC wrote: Oh, and OT, but this idiot can't write a sentance, there's no doubt he discovered this after falling asleep on the keyboard. fucking kids these days.:)
About a message containing:
Delfim Machado - dbcm@xpto.org
XPTO:: Portuguese OpenSource Community - http://lab.xpto.org
He's Portuguese. Could you have written that report as well in his language? I'm all for basic literacy, but I can speak English and a tiny bit of Spanish. I think anyone who can communicate in a language other than their native one is doing pretty well, even if the readers do have to struggle a bit.
8) Sent a reply with a deprecating tone, chastising the sender for working in computer support at a college and using Microsoft products.
That's where you screwed up. This worm forges the from address, as do many others. The "Undeliverable; contains a virus" replies I'm getting are worse than the copies of the worm itself. I can filter the worm; I can't as easily filter the many varied replies. If you want to send a reply, send it to postmaster@[1.2.3.4], where 1.2.3.4 is the IP in the first Received: header. They can figure out who sent it; you can't.
The "g" in 802.11g stands for "gamma", and no, the IEEE did not skip over proposals 802.11c, d, e, & f before settling on "g".
To the best of my knowledge, the "g" in 802.11g stands for "g". As you said, they're going through the letters sequentially. It's much the same as the "4" in "Linux 2.4" standing for "4"...the number following "3".
I bet I know the source of your confusion, though. People often use phonetic alphabets to say letters over radios, telephones, or whenever it's difficult to hear. Though it's not listed in that hyperlink, I think the American military uses "gamma" for "g", as do some other people. (It's better than "golf" because it's two syllables.) So you may have heard someone say it was "802.11 gamma" or "802.11g as in gamma".
I said: they're intending to verify that the holder of the certificate is doe0128935, which is a very different problem.
randombit said: True, but still fairly spoofable - how to check, for example, that that certificate request actually came from doe0128935 anyway? I suppose they could modify the AOL client so that when they first log in, it generates a private key and a cert reques and sends it to an AOL CA or something.
Yes, different != easy. That solution is about the best I could think of, either. I don't know how to grandfather existing users with any level of assurance.
randombit said: But in addition, consider that (according to another post), you can also use a Thawte certificate. I wouldn't be suprised if ANY certificate was accepted, in which case I just go out and issue myself a certificate for doe0128935.
Ugh. I hope not. If they don't verify the chain of trust, they've screwed up quite badly. (Not saying you're wrong, though.) But that's an implementation problem - I'm convinced that the concept is good, at least.
Lastly, are they seriously suggesting rolling out a full PKI for all AIM users? Again, details are light so I'm not sure this is what they mean, but it does seem to be implied. If so, someone needs to inform them of the harsh realities of PKI. Certs for AOL users wouldn't be too hard, since they already have addresses, CC #s, etc to let them (at least with reasonable probability) check on people's identity. But everybody else - forget it.
None of that is necessary. They're not intending to verify that the holder of the certificate is John Doe; they're intending to verify that the holder of the certificate is doe0128935, which is a very different problem. Certificates held with pseudonyms are still useful.
Finally, as Bruce Schneier frequently points out, it is unwise to use any security protocol that hasn't been publicly disclosed.
It's certainly unwise to depend on a security protocol that hasn't been publicly disclosed. In this case, I think that most users would send the same thing with or without encryption. Using a potentially-good/potentially-bad system is better than sending it in the clear.
It's the automatically part I object to.
Accidentally slipping 1mph over the limit is overlooked by policemen/women checking speeds with their radars, but wouldn`t be by an automatic system.
It`s the idea that justice is a simple boolean issue that bothers me.
That's funny, because I feel the opposite way - the current way is completely unfair and an automated system would be much, much better. There are a lot of people who can talk their way out of pretty much any ticket, and a lot of people who never can. It has to do with their personality, the police officer, how they look, and any number of factors that no one but the police officer will ever know. I want to see all that eliminated. And if people are breaking safety laws without being unsafe[*], then the laws should be changed. It is not right to have laws that reasonable people habitually break. It makes us take the entire system less seriously.
[*] And they certainly are. Around here, the speed limit is typically 25mph. People tend to drive 30-35 mph without compromising safety. If anything, many of the drivers I notice as being unsafe are moving more slowly than the rest of the traffic. They're just stupid; not being aware of their surroundings, driving unpredicably (not signalling, braking hard abruptly), etc.
I put everything related to a project into a single folder whenever possible and when the job is over, I take the time to archive it out to DVD or whatever. I delete all the "test files" ASAP (how many "finalfinal02_B.*'s do you have stashed away?).
My approach to these things is to use a version control system. This is great for several reasons:
It makes it really easy to work from different machines, which I do all the time. I've got my main desktop, my laptop, my firewall (which stores its configuration in version control), my dedicated server, plus my desktop and Linux machine at work. Oh and another firewall at my parents' house. Just "svn up" on a given machine and I've got the latest version of everything.
I can see all the history of everything without ever wondering if "finalfinal02_B.*" is really final, to use your example. Whenever I make a change, I make a log message. Usually a pretty short one (for text-ish files, the diff is often self-explanatory) but it's enough. I can pull any version easily, see what changed between two, etc.
I have lots and lots of data safety without much effort checking it in uploads it to my server, which is backed up every night to tape by my ISP. And I have working copies on many different machines, so at least the latest version of everything gets sent to another machine whenever I type "svn up" from it. It would take an act of God for me to lose my data.
It's easy! I tend to use the commandline tools, but there are good GUIs available, too. At work we use TortoiseCVS, which integrates with the Windows shell. There's also TortoiseSVN (based on Subversion), which is more advanced but a little more bleeding edge.
I actually use Subversion for not only code but also configuration files, school projects, anything really. The only thing I can think of that it probably wouldn't be suitable for is huge media files, where the storage space of the repository history might be prohibitive. You mentioned archiving to DVD, so you might fall into this category, but most people should give this method a try.
of course that was, in the end, one of the downfalls of that particular unit as it started to die, some bug in the system developed such that every so often it wouldn't stop cooking at the end of the cooking time, and pressing stop wouldn't stop it either, and as it had locked the door for safety, you couldn't open the door to turn it off either, only way to stop it when that happened was to either run down to the basement and hit the circuit-breaker, or heave the monster off the shelf (with the food still inside, usually something like soup if you had to do this) and unplug it.
No, that's not one of the downfalls of the unit. Your story demonstrates exactly why that final safeguard was necessary. It caused what would otherwise have been a huge safety hazard to instead be an annoyance. Would the other approach (something that hopefully switches off the magnetron instead of preventing the door from opening) have worked? Maybe, but you don't know that, and it's good that you don't.
Agreed, they're wonderful. I've got some I haven't seen in other replies here, so here are all of mine:
"g" - google
"gg" - google groups
"err" - Oracle error number search
"meta" - Oracle metalink search
"e2s" - English->Spanish dictionary
"s2e" - Spanish->English dictionary
"dict" - English dictionary
"cpan" - Perl module search
You could also do Bugzilla bug numbers, Amazon auction numbers, Microsoft/Apple/Whatever KnowledgeBase, any one website's search feature...the possibilities are endless.
> > "If I could re-theme my hardcoded windows GUI, themes would be the most important thing, ever. "
> You can re-theme it.
I disagree. Your screenshot shows that you can change the bitmaps. And that you can replace the shell. But that's not what I consider true theming.
First of all, theming should at least be able to change the size of widgets. In Windows, that's impossible. All the software is designed with absolute positioning of widgets, so changing the sizes of widgets would make the entire scheme fall apart. Java supports this - it has good layout managers, and they are commonly used. You can resize controls without making everything look horrible. There are other advantages to layout managers, also - fonts can change size (accessibility!) with less impact, there's better window resize behavior, etc. (Incidentally, I was really disappointed to see that OS X uses absolute positioning extensively. It has a really good UI, but there are low points.)
Second, themes should be able to change the look and the feel. You've changed the look. The feel of programs is the same. I really like to see a one-to-one correspondence to looks and feels. Ideally, all of the software on my computer would have the same, customizable, look and feel. But failing that, I hate it when things look different but behave the same, or look the same but behave differently.
I particularly hate the "native" themes that Mozilla, Java, gtk/Win32, etc. have. I see the mostly-native look and expect native behavior, but there are subtle differences that bother me all the time. Things like wheel button behavior not matching up.
I also dislike single application that goes against the grain with UI conventions. I let a few get away with it - cross-platform applications, mostly, especially ones with a relatively-common framework such as Java's Swing), but Winamp in particular bothers me. It looks horrible, its scrollbars are broken, etc. If they had just used the native widgets, they would have expended much less effort for a better result.
You would then need an additional comma after "Data".
Follow your own advice. If you put a comment after the subject if your sentence it'd read:
You, would then need an additional comma after "Data".
You put a comma after the name of the person whom you're addressing (listener? addressee? target?) if it's at the beginning of the sentence or before if it's at the end.
The subject gets no comma love. If he's also the one being addressed, he can get this:
There were a bunch of questions I didn't answer, and one I took a wild guess at but remember very well. I asked my math teacher about it the next day, he showed me how to figure it out, and I had guessed wrong. Months later, I was called in to the counselor's office, I had gotten 800 (perfect) on Math II.
You could have both missed that question and gotten an 800. There's a difference between a perfect raw score and a perfect standardized score, as mentioned in the article. You can actually miss up to three questions, IIRC, and still get an 800 on that section.
I'd agree, the SAT is a farce. From what I've seen, the ACT is a fair degree better at being consistent, although it definately seems to favor logically minded folks over creative folks.
As it should. I mean, really, who wants a testing board measuring creativity? How can you possibly hope to do that fairly in a standardized exam? Testing logical skills is really the only way to go. If students want to show a college they have creativity, they need to show something they've created, not a test score. And I think that happens; colleges definitely consider more than standardized test scores.
The CDO method seems very much superior, but completely unsupported...the properties Outlook sets on an Exchange server are to be dealt with only by Outlook. They won't even tell you what the constants are
The Messaging Application Program Interface (MAPI) provides a facility for assigning names to properties, for mapping these names to unique identifiers, and for making this mapping persistent. Microsoft Outlook writes many Outlook-specific fields into these named properties, with identifiers in the 8000-FFFE range. The Outlook Object Model is the only supported method of accessing these named properties. Access to these properties by using MAPI or Collaboration Data Objects (CDO) is not supported.
[...]
Named properties are generally used by clients as a way to add extra information to a message which is only to be used by that client. As such, none of the named properties used by Outlook clients are documented. The only supported way to retrieve these properties is through the Outlook Object Model, if they are exposed there.
You can see this is a pretty lousy way of doing things, and I think it's a pretty typical example of how things are in Microsoftland.
You can do basic stuff like "net start w3svc", most any part of iis can be controlled through vbscript (adding users, virtual domains, etc), I don't know if a PERL lib is available, but it certainly could be.
There is a Perl module available, called Win32::OLE. The name is somewhat obselete, but it does the latest ActiveX Automation Objects (or whatever they're called; I always forget). So you theoretically can do anything from Perl on Windows that you could from Visual Basic.
But I'd still say it's not nearly as powerful as on Unix, because the documentation for the Automation libraries is crap. It's damn near impossible to ever find any Microsoft library documentation that gives even a passing mention to error conditions. (This seems to be true even of.NET.) For this reason, it really stuns me that Microsoft software is as reliable as it is (and I don't think it's very reliable). I can't even imagine the mindset of such a large group of programmers that talk so little about the exceptional conditions. How you handle those is really what makes a system solid.
There are other problems, too. For example, I developed a script that populates a bunch of contact items on an Exchange server from a Visual Basic database. My two main choices were using CDO (Collaboration Data Objects) -> MAPI -> Exchange or Outlook Object Model -> Outlook -> MAPI -> Exchange. (MAPI is not directly accessible from Perl; only ActiveX Automation Objects are directly usable by Perl and VB, not ActiveX itself.) The CDO method seems very much superior, but completely unsupported...the properties Outlook sets on an Exchange server are to be dealt with only by Outlook. They won't even tell you what the constants are, though you can get most of them from third-party websites. It would have been too much of a pain. So I went the Outlook way...but there are just problems with scripting a GUI client. I couldn't run it overnight unless I left the machine logged in or locked (not completely logged out), since apparently Outlook wanted to access the GUI even when started by the script and displaying no windows. On a Unix system, the whole setup would be pretty much unthinkable...there would be an RFC describing the protocol, I could use the same libraries the mail client uses, it would be unthinkable for a client to store stuff on a server in a way incompatible with other clients, etc.
Re:They needed three days to figure this out?
on
Spam Meeting Wrap-up
·
· Score: 1
So you really think that the authors of Postfix, a highly regarded MTA, would make such a glaring error?
I assumed no such thing. I had expected the problem was in the description, and it was. I suppose what he said was technically correct, but he omitted an important point by not mentioning the "MAIL FROM" address used by the probe.
Sheesh. Pompous ass.
I don't care for your tone. If you had read my message at all carefully, you would have noticed that used qualifiers like "if your description is accurate"; it was not. Please take a little more care before you hurl insults at people.
Re:They needed three days to figure this out?
on
Spam Meeting Wrap-up
·
· Score: 1
The MAIL FROM address of the probe is "<>" (a la, a bounce message), so no loop occurs.
Ahh, that makes sense. I might give it a try, then. I also noticed earlier (when trying to figure out how they solved this problem, if they did) that it caches verifications. That's good; hopefully most of my legitimate mail won't result in extra hits then, as it tends to be from the same people.
OS X does not support ext2. It does support UFS, but not journaled.
Neither of those are journaled filesystems. In the first case, I think you mean ext3 (ext2+journaling). In the second case, UFS has SoftUpdates...which has a lot of the same benefits as journaling, but isn't the same thing.
OS X Jaguar does, however, support journaling with HFS+:
$ diskutil Disk Utility Tool ?2002, Apple Computer, Inc. Utility to manage disks and volumes. Most options require root access to the device
Usage: diskutil <verb> <options> <verb> is one of the following: ... enableJournal (Enable HFS+ journaling on a mounted HFS+ volume) disableJournal (Disable HFS+ journaling on a mounted HFS+ volume) ...
OS X does not have any journaling stuff in the GUI (OS X Server does), but the commandline tools support enabling it. My laptop runs with journaling.
Re:They needed three days to figure this out?
on
Spam Meeting Wrap-up
·
· Score: 1
I'm not familiar with SMTP, but if RCPT TO comes before RCPT FROM, there is no such loop. Think about it logically.
I am familiar with SMTP, and I did think about it logically. The sequence is HELO, MAIL FROM (there is no RCPT FROM; you don't send from a recipient; think about it logically), and then RCPT TO.
Please see RFC 821, which describes this sequence. There are examples.
For future reference, when you say things like "think about it logically", make damn sure you are and the person who you are saying it to isn't. Because seeing people secure in their stupidity really pisses me off.
Slashdot Mirror
think if they let fear run their lives willingly it will work out better
compared to when governments used to do that forcibly.
You didn't even read the article. I quote:
This article has nothing to do with fear. If there's an emotion involved,
it's hope: hope to learn how to teach more effectively.
Rares Marian> Morons.
The morons here are you and the moderators who gave you points for that.
(Incidentally, welcome to my foe list. Its prerequisite is an act of
monumental stupidity.)
Even in CS, you can't completely escape calculus. Asymptotic notation comes to mind. Whenever you talk about an algorithm being O(n), you're saying that the limit as n approaches infinity of T(n) = C*n, where C is an arbitrary constant. As I'm sure you know, limits are a fundamental building block of calculus. There are a fair number of tricks from calculus that I think become useful when trying to find the asymptotic behavior of complicated things (though I'm hardly an expert).
My other major is physics. No one questions that calculus is useful there. (I don't actually plan to use this major in the real world, though you never know. I just find it interesting to study.)
In this post, he said:
Writing websites in C is generally a very bad idea. It does horrible things to the security - introduces buffer overflow problems. And the speed increase, when it even exists (Java's performance is better than most people think), is not worth the extra programmer time.
In an older post, he said:
...so, apparently, he mostly uses the interpreted languages he just dissed stupidly.
The rest of the post is just stupid buzzwords:
More colors = more information = more time to download, but that O(log n) is stupid and wrong. And the other stuff is even more gibberish. This exploit has nothing to do with web applications, anyway.
About a message containing:
Delfim Machado - dbcm@xpto.org
XPTO:: Portuguese OpenSource Community - http://lab.xpto.org
He's Portuguese. Could you have written that report as well in his language? I'm all for basic literacy, but I can speak English and a tiny bit of Spanish. I think anyone who can communicate in a language other than their native one is doing pretty well, even if the readers do have to struggle a bit.
That's where you screwed up. This worm forges the from address, as do many others. The "Undeliverable; contains a virus" replies I'm getting are worse than the copies of the worm itself. I can filter the worm; I can't as easily filter the many varied replies. If you want to send a reply, send it to postmaster@[1.2.3.4], where 1.2.3.4 is the IP in the first Received: header. They can figure out who sent it; you can't.
To the best of my knowledge, the "g" in 802.11g stands for "g". As you said, they're going through the letters sequentially. It's much the same as the "4" in "Linux 2.4" standing for "4"...the number following "3".
I bet I know the source of your confusion, though. People often use phonetic alphabets to say letters over radios, telephones, or whenever it's difficult to hear. Though it's not listed in that hyperlink, I think the American military uses "gamma" for "g", as do some other people. (It's better than "golf" because it's two syllables.) So you may have heard someone say it was "802.11 gamma" or "802.11g as in gamma".
randombit said: True, but still fairly spoofable - how to check, for example, that that certificate request actually came from doe0128935 anyway? I suppose they could modify the AOL client so that when they first log in, it generates a private key and a cert reques and sends it to an AOL CA or something.
Yes, different != easy. That solution is about the best I could think of, either. I don't know how to grandfather existing users with any level of assurance.
randombit said: But in addition, consider that (according to another post), you can also use a Thawte certificate. I wouldn't be suprised if ANY certificate was accepted, in which case I just go out and issue myself a certificate for doe0128935.
Ugh. I hope not. If they don't verify the chain of trust, they've screwed up quite badly. (Not saying you're wrong, though.) But that's an implementation problem - I'm convinced that the concept is good, at least.
None of that is necessary. They're not intending to verify that the holder of the certificate is John Doe; they're intending to verify that the holder of the certificate is doe0128935, which is a very different problem. Certificates held with pseudonyms are still useful.
It's certainly unwise to depend on a security protocol that hasn't been publicly disclosed. In this case, I think that most users would send the same thing with or without encryption. Using a potentially-good/potentially-bad system is better than sending it in the clear.
That's funny, because I feel the opposite way - the current way is completely unfair and an automated system would be much, much better. There are a lot of people who can talk their way out of pretty much any ticket, and a lot of people who never can. It has to do with their personality, the police officer, how they look, and any number of factors that no one but the police officer will ever know. I want to see all that eliminated. And if people are breaking safety laws without being unsafe[*], then the laws should be changed. It is not right to have laws that reasonable people habitually break. It makes us take the entire system less seriously.
[*] And they certainly are. Around here, the speed limit is typically 25mph. People tend to drive 30-35 mph without compromising safety. If anything, many of the drivers I notice as being unsafe are moving more slowly than the rest of the traffic. They're just stupid; not being aware of their surroundings, driving unpredicably (not signalling, braking hard abruptly), etc.
My approach to these things is to use a version control system. This is great for several reasons:
I actually use Subversion for not only code but also configuration files, school projects, anything really. The only thing I can think of that it probably wouldn't be suitable for is huge media files, where the storage space of the repository history might be prohibitive. You mentioned archiving to DVD, so you might fall into this category, but most people should give this method a try.
No, that's not one of the downfalls of the unit. Your story demonstrates exactly why that final safeguard was necessary. It caused what would otherwise have been a huge safety hazard to instead be an annoyance. Would the other approach (something that hopefully switches off the magnetron instead of preventing the door from opening) have worked? Maybe, but you don't know that, and it's good that you don't.
You could also do Bugzilla bug numbers, Amazon auction numbers, Microsoft/Apple/Whatever KnowledgeBase, any one website's search feature...the possibilities are endless.
Sure have. Also Visual Basic. I don't know of any decent support for layout managers. Except third party things.
> You can re-theme it.
I disagree. Your screenshot shows that you can change the bitmaps. And that you can replace the shell. But that's not what I consider true theming.
First of all, theming should at least be able to change the size of widgets. In Windows, that's impossible. All the software is designed with absolute positioning of widgets, so changing the sizes of widgets would make the entire scheme fall apart. Java supports this - it has good layout managers, and they are commonly used. You can resize controls without making everything look horrible. There are other advantages to layout managers, also - fonts can change size (accessibility!) with less impact, there's better window resize behavior, etc. (Incidentally, I was really disappointed to see that OS X uses absolute positioning extensively. It has a really good UI, but there are low points.)
Second, themes should be able to change the look and the feel. You've changed the look. The feel of programs is the same. I really like to see a one-to-one correspondence to looks and feels. Ideally, all of the software on my computer would have the same, customizable, look and feel. But failing that, I hate it when things look different but behave the same, or look the same but behave differently.
I particularly hate the "native" themes that Mozilla, Java, gtk/Win32, etc. have. I see the mostly-native look and expect native behavior, but there are subtle differences that bother me all the time. Things like wheel button behavior not matching up.
I also dislike single application that goes against the grain with UI conventions. I let a few get away with it - cross-platform applications, mostly, especially ones with a relatively-common framework such as Java's Swing), but Winamp in particular bothers me. It looks horrible, its scrollbars are broken, etc. If they had just used the native widgets, they would have expended much less effort for a better result.
Follow your own advice. If you put a comment after the subject if your sentence it'd read:
You put a comma after the name of the person whom you're addressing (listener? addressee? target?) if it's at the beginning of the sentence or before if it's at the end.
The subject gets no comma love. If he's also the one being addressed, he can get this:
But "you" is the subject.
Of course it is. Let's dissect this sentence:
Not having the comma would completely distort the meaning of the sentence.
You could have both missed that question and gotten an 800. There's a difference between a perfect raw score and a perfect standardized score, as mentioned in the article. You can actually miss up to three questions, IIRC, and still get an 800 on that section.
As it should. I mean, really, who wants a testing board measuring creativity? How can you possibly hope to do that fairly in a standardized exam? Testing logical skills is really the only way to go. If students want to show a college they have creativity, they need to show something they've created, not a test score. And I think that happens; colleges definitely consider more than standardized test scores.
Ahh. I found the KnowledgeBase article I was looking for:
You can see this is a pretty lousy way of doing things, and I think it's a pretty typical example of how things are in Microsoftland.
There is a Perl module available, called Win32::OLE. The name is somewhat obselete, but it does the latest ActiveX Automation Objects (or whatever they're called; I always forget). So you theoretically can do anything from Perl on Windows that you could from Visual Basic.
But I'd still say it's not nearly as powerful as on Unix, because the documentation for the Automation libraries is crap. It's damn near impossible to ever find any Microsoft library documentation that gives even a passing mention to error conditions. (This seems to be true even of .NET.) For this reason, it really stuns me that Microsoft software is as reliable as it is (and I don't think it's very reliable). I can't even imagine the mindset of such a large group of programmers that talk so little about the exceptional conditions. How you handle those is really what makes a system solid.
There are other problems, too. For example, I developed a script that populates a bunch of contact items on an Exchange server from a Visual Basic database. My two main choices were using CDO (Collaboration Data Objects) -> MAPI -> Exchange or Outlook Object Model -> Outlook -> MAPI -> Exchange. (MAPI is not directly accessible from Perl; only ActiveX Automation Objects are directly usable by Perl and VB, not ActiveX itself.) The CDO method seems very much superior, but completely unsupported...the properties Outlook sets on an Exchange server are to be dealt with only by Outlook. They won't even tell you what the constants are, though you can get most of them from third-party websites. It would have been too much of a pain. So I went the Outlook way...but there are just problems with scripting a GUI client. I couldn't run it overnight unless I left the machine logged in or locked (not completely logged out), since apparently Outlook wanted to access the GUI even when started by the script and displaying no windows. On a Unix system, the whole setup would be pretty much unthinkable...there would be an RFC describing the protocol, I could use the same libraries the mail client uses, it would be unthinkable for a client to store stuff on a server in a way incompatible with other clients, etc.
I assumed no such thing. I had expected the problem was in the description, and it was. I suppose what he said was technically correct, but he omitted an important point by not mentioning the "MAIL FROM" address used by the probe.
Sheesh. Pompous ass.
I don't care for your tone. If you had read my message at all carefully, you would have noticed that used qualifiers like "if your description is accurate"; it was not. Please take a little more care before you hurl insults at people.
Ahh, that makes sense. I might give it a try, then. I also noticed earlier (when trying to figure out how they solved this problem, if they did) that it caches verifications. That's good; hopefully most of my legitimate mail won't result in extra hits then, as it tends to be from the same people.
Neither of those are journaled filesystems. In the first case, I think you mean ext3 (ext2+journaling). In the second case, UFS has SoftUpdates...which has a lot of the same benefits as journaling, but isn't the same thing.
OS X Jaguar does, however, support journaling with HFS+:
OS X does not have any journaling stuff in the GUI (OS X Server does), but the commandline tools support enabling it. My laptop runs with journaling.
I am familiar with SMTP, and I did think about it logically. The sequence is HELO, MAIL FROM (there is no RCPT FROM; you don't send from a recipient; think about it logically), and then RCPT TO.
Please see RFC 821, which describes this sequence. There are examples.
For future reference, when you say things like "think about it logically", make damn sure you are and the person who you are saying it to isn't. Because seeing people secure in their stupidity really pisses me off.