I think the default is to read: "(Use the Preview Button! Check those URLs!)"... so, I might just point out that the fink link is missing its http:// in front.
I have to point out the Invisible Irc Project as well. It lets any IRC client connect to a secure IRC network, since it works as a proxy/relay system instead of patching the clients.
The Register has an article about it as well.
Now this brings up the question on what teh chipset clause means for the industry. I know I have via chipsets on my Athlon boards, and it seems likely that VIA will keep producing theese, but what about the Intel market? Does this mean that there will be a player less in that market in five years? Its a rather long time, perhaps the current hardware model is obsoleted by then? MiniATX + integrated systems + Palladium (TPC, was that what it was called?).
Well, except that theese occurences may well be at an indefinite length into pi, so both finding it, and transmitting it, may well be far -LARGER- a number than the whole representation of the data. in fact its a big chance that it will be. (a limited length contra infinity will always be larger chance towards infinity than towards the limited length)
This paper appears to have a lot of good pointers to software writers, including a "recipie" to make cdr-dao read the faulty discs on all hardware readers that support it.
Will this lead to a new release of cdr-dao "soon" that incorporates theese suggestsions? will the apperantly "dead" cdparanoia also be updated? (yes, it did work good on plextor, but for other cd-roms, can it be made to work?)
I also wonder, how can theese suggestions be incorporated in the average cd player? things like xmms would probably need updating to the cd player module to handle some of theese. I know it's ugly hacking to go around broken hardware, but thats what we do in all other places....
Umm, this really isn't any different then source rpms. Customize an/etc/rpmc and/etc/rpm/macros then rebuild whatever rpm's you like from scratch.
actually, it is. given rpm based compiles, you cannot for example, disable cups support, diable nls, disable gnome hinting but keeping kde ones (for fluxbox, among others) disable all gif support. This is what makes the Gentoo Way so pleasant when you want finer-grained control.
We will release 1.4_beta as, unfortunately, gcc 3.2 was not ready in time.
the beta is binary incompatible with the final due to changes in gcc's c++ ABI since the snapshot was made.
There is to be expected a higher performance (some 5-20 % on the final binary, dependning on the code and platform) with up to 50% on the PPC side (loads of changes)
Generally, it means "rebuilding a lot of packages" or a reinstall, and a far increased performance.
Actually not. Gentoo does md5 checksumming as well, and unless you specifically override it (about the same way of *BSD) it will bail out and complain that the md5 sum mismatch.
besides, Gentoo also uses a set of Mirrors, and the files on the mirrors were ualtered.
People have a stigma that there should be one solution to every single problem out that. It's like that in the 3D space. There are purists that believe that when you 3D render a scene, the image must be perfect when they go to hit the render button. They don't undrestand that it is okay to divide up your 3D work into layers and tweak each one of those seperately (i.e. color correction or sharpening). I guess they feel that the render program should be a 'perfect simulation of light' and that they shouldn't have to 'fix an image'. They fail to see that the best simulation of light we have (reality) even needs to be touched up from time to time.
no. This "tewaking" only means that they have -failed- to get the correct result from their scene description in the first place, and that they must resort to manually tweaking the result instead of actually going back and modifying what was wrong in the first place.
You can and should modify your lightsources whenever you render something, because a 3D rendered scene is just that, 3D rendering. NOT a so called "perfect simulation of light" because that is left to the creator of the scene.
it is the scene creator that has to make sure he gets his lighting, world and all other factors correct for the desired result.
compressed filenames for one issue, also a whole lot of other news with the database format beeing changed.
and if you stop the complaints before looking deeper into things you might get some more info for yourself.
Hmm... It actually is possible to get windoze down.
once upon a time there was a program called windoze 3.1, that actually was fittable on a single disk and bootable as such... sure it was a hack, but it worked.
No, And that wasn't really my point(if now I had one:) What I meant was that a irregular/regular difference in the program(s)(including kernel) would add another step towards unique binaries for every computer they were compiled on(or if it could be made to work on binaries, but this would rather kill the point of doing it, since that would be repliciable far easier than a compile from source would)
And yes, I did understand Forrest's arguments(partly at least) but my rant was rather badly expressed in this matter. Sorry for causing misunderstandings.
And no, checksumming is not really irrelevant. If each program was evaluated before executed, it would cause an overhead in load time, yes, but would also decrease the probability of running an infected file. This would of course require a lot of implemention problems to get secure(or... close to that at least) but would in general add some protection. then again, much binary released software uses this sort of thing for protection against 'cracking', and patches or cracks still appear..
yet another rant. Continue in private: spider@darkmere.wanfear.com
This is OT. the subject here is as far as i can remember Viruses/malicious programs. not the basic security. If I dos my machine, I don't suffer permanent internal damage(ie, the email client doesn't eat my web server) but if I get a virus infection this might very well occur.
The suggestion that no two operating systems are to be exactly alike is also an interesting one, but hardly practical. Hm, I do think some kind of fingerprint could be created for each compiled kernel, Added and changed to some selected portions of code, this would make checksumming of the programs appear invalid if not having the right 'unopen' key. of course, this might also add some problems in detecting changed binaries(publisher spreading 'pure' binaries.) but would work fine in a OpenSource version. (A database over file checksums, a local key for the computer, something like that) so In part, it might actually be practical and do fix some possible virus infections. whee, finally managed to html format my post. sorry for the garbled ones before this....:)
What bothers me with this sort of approach is still not the attack on _my_ box, but what I will recive from the network. This antivirus cluster, how will one know that is not infected in itself? That would be one of the major security holes in this situation. Where to strike best when wanting a major payload cross the net? Yes, there. Make it ship 'antivirus' fixes that strike at some other code, or that are the virus itself. no system is ever secure in a network, and those systems will be the ones with the highest amount of crack attempts around, since the 'price' would be highest if they were cracked. (largest spread of your virus) well, more rambles... boy am I bored at work today.:)
interesting notion, though it would have some problems with the identifying codes. Like, how would the virus identify eachothers, and not just try to 'rape' your ppp dialer or email client? (yeah, kiddin') the point is, any identifying code built into a virus will likely be used against it in a very short time. sure, it could probably be well spread and already have given payload by the time, but... And, research in this area have already been done, tiny 'programs' in a secure box that live, and copy 'traits' from eachother, blending them for efficiency (they had a task, and combining them) this wasa fore stage to some internet worming research, afaik. it was featured in newsweek some years ago, sorry for not beeing more exact.
That would be most possible. Given the ease of actually finding a pattern in compiled software, you could (with some work) get a virus to look a lot (enough) like a crucial part of some software or other. (there are lots of data in a compiled kernel to find similar patterns in, and a virus can be small) in the beginning (If this actually comes to work theyäll have to find ways around it) it should be a fairly common approach to make your virus look like a known program, or a common part of the kernel (like, the ppp interface, or scsi...) thus causing the antivirus to either ignore the virus (it looks like known code) or kill the 'good' code as well (payload) In any case, I think this problem is avoidable with some work, but still might be exploited. (among several others)
Slashdot Mirror
actually its fairly painfree
.config from /usr/src/linux to /usr/src/linux-2.5.7?/, cd there and
/dev/pts (dont forget your filesystems either) devfs (which has changed, yeeey)
/boot....
;-)
emerge sync
emerge development-sources
(should pull in module-init-tools and set the system ready)
then copy
make oldconfig
Dont forget to enable VGA consoles, Slap in
make it install it (no make dep, finally) and copy the files into
still a bit hairy, but not really compared to building a virgin kernel in LFS
Am I the only one who wonder some about the game in question, since the first hit off google gives this rpg as a result.
I wonder when they start to blame Fallout....
Epiphany 0.7 compiled against Mozilla 1.3 here, The on-mouse-over reported the link as http://slashdot.org/fink.sf.net
I think the default is to read : ... so, I might just point out that the fink link is missing its http:// in front.
"(Use the Preview Button! Check those URLs!)"
I have to point out the Invisible Irc Project as well. It lets any IRC client connect to a secure IRC network, since it works as a proxy/relay system instead of patching the clients.
The Register has an article about it as well.
Now this brings up the question on what teh chipset clause means for the industry. I know I have via chipsets on my Athlon boards, and it seems likely that VIA will keep producing theese, but what about the Intel market? Does this mean that there will be a player less in that market in five years? Its a rather long time, perhaps the current hardware model is obsoleted by then? MiniATX + integrated systems + Palladium (TPC, was that what it was called?).
Well, except that theese occurences may well be at an indefinite length into pi, so both finding it, and transmitting it, may well be far -LARGER- a number than the whole representation of the data. in fact its a big chance that it will be. (a limited length contra infinity will always be larger chance towards infinity than towards the limited length)
This paper appears to have a lot of good pointers to software writers, including a "recipie" to make cdr-dao read the faulty discs on all hardware readers that support it.
Will this lead to a new release of cdr-dao "soon" that incorporates theese suggestsions? will the apperantly "dead" cdparanoia also be updated? (yes, it did work good on plextor, but for other cd-roms, can it be made to work?)
I also wonder, how can theese suggestions be incorporated in the average cd player? things like xmms would probably need updating to the cd player module to handle some of theese. I know it's ugly hacking to go around broken hardware, but thats what we do in all other places....
Umm, this really isn't any different then source rpms. Customize an /etc/rpmc and /etc/rpm/macros then rebuild whatever rpm's you like from scratch.
actually, it is. given rpm based compiles, you cannot for example, disable cups support, diable nls, disable gnome hinting but keeping kde ones (for fluxbox, among others) disable all gif support. This is what makes the Gentoo Way so pleasant when you want finer-grained control.
We will release 1.4_beta as, unfortunately, gcc 3.2 was not ready in time.
the beta is binary incompatible with the final due to changes in gcc's c++ ABI since the snapshot was made.
There is to be expected a higher performance (some 5-20 % on the final binary, dependning on the code and platform) with up to 50% on the PPC side (loads of changes)
Generally, it means "rebuilding a lot of packages" or a reinstall, and a far increased performance.
from
http://aluminumangel.org/attack/
you can get a Linux and a Windows version, im not 100% sure it works on linux/PPC but...
its OpenGL, puzzle style logic/pattern game... really addictive.
Actually not.
Gentoo does md5 checksumming as well, and unless you specifically override it (about the same way of *BSD) it will bail out and complain that the md5 sum mismatch.
besides, Gentoo also uses a set of Mirrors, and the files on the mirrors were ualtered.
Do you have a good suggestion on how this would be measured? Please, I'd love to try it out myself with the O(1)+preempt patches...
People have a stigma that there should be one solution to every single problem out that. It's like that in the 3D space. There are purists that believe that when you 3D render a scene, the image must be perfect when they go to hit the render button. They don't undrestand that it is okay to divide up your 3D work into layers and tweak each one of those seperately (i.e. color correction or sharpening). I guess they feel that the render program should be a 'perfect simulation of light' and that they shouldn't have to 'fix an image'. They fail to see that the best simulation of light we have (reality) even needs to be touched up from time to time.
no. This "tewaking" only means that they have -failed- to get the correct result from their scene description in the first place, and that they must resort to manually tweaking the result instead of actually going back and modifying what was wrong in the first place.
You can and should modify your lightsources whenever you render something, because a 3D rendered scene is just that, 3D rendering. NOT a so called "perfect simulation of light" because that is left to the creator of the scene.
it is the scene creator that has to make sure he gets his lighting, world and all other factors correct for the desired result.
Bah. Paintbrush artists.
compressed filenames for one issue, also a whole lot of other news with the database format beeing changed.
and if you stop the complaints before looking deeper into things you might get some more info for yourself.
Hmm... It actually is possible to get windoze down.
once upon a time there was a program called windoze 3.1, that actually was fittable on a single disk and bootable as such... sure it was a hack, but it worked.
Wasnt there some noise on AOL and their page with much about the same thing?
Hmm... Around... say ten minutes? all they'd need to do was change the #declare GPF_TIME_OUT = 10; to something else...
Well, article seemd ok enough, and I must say that I look forward to the USB suport, as well as the improved 3D support(whatever they mean by that...)
karma -=1;
No, And that wasn't really my point(if now I had one :) What I meant was that a irregular/regular difference in the program(s)(including kernel) would add another step towards unique binaries for every computer they were compiled on(or if it could be made to work on binaries, but this would rather kill the point of doing it, since that would be repliciable far easier than a compile from source would)
... close to that at least) but would in general add some protection.
And yes, I did understand Forrest's arguments(partly at least) but my rant was rather badly expressed in this matter. Sorry for causing misunderstandings.
And no, checksumming is not really irrelevant. If each program was evaluated before executed, it would cause an overhead in load time, yes, but would also decrease the probability of running an infected file.
This would of course require a lot of implemention problems to get secure(or
then again, much binary released software uses this sort of thing for protection against 'cracking', and patches or cracks still appear..
yet another rant. Continue in private: spider@darkmere.wanfear.com
This is OT. the subject here is as far as i can remember Viruses/malicious programs. not the basic security. If I dos my machine, I don't suffer permanent internal damage(ie, the email client doesn't eat my web server) but if I get a virus infection this might very well occur.
Sorry for the OT rant. Moderate us both down.
The suggestion that no two operating systems are to be exactly alike is also an interesting one, but hardly practical. :)
Hm, I do think some kind of fingerprint could be created for each compiled kernel, Added and changed to some selected portions of code, this would make checksumming of the programs appear invalid if not having the right 'unopen' key. of course, this might also add some problems in detecting changed binaries(publisher spreading 'pure' binaries.) but would work fine in a OpenSource version. (A database over file checksums, a local key for the computer, something like that)
so In part, it might actually be practical and do fix some possible virus infections.
whee, finally managed to html format my post. sorry for the garbled ones before this....
What bothers me with this sort of approach is still not the attack on _my_ box, but what I will recive from the network. This antivirus cluster, how will one know that is not infected in itself? That would be one of the major security holes in this situation. Where to strike best when wanting a major payload cross the net? Yes, there. Make it ship 'antivirus' fixes that strike at some other code, or that are the virus itself. no system is ever secure in a network, and those systems will be the ones with the highest amount of crack attempts around, since the 'price' would be highest if they were cracked. (largest spread of your virus) well, more rambles... boy am I bored at work today. :)
interesting notion, though it would have some problems with the identifying codes. Like, how would the virus identify eachothers, and not just try to 'rape' your ppp dialer or email client? (yeah, kiddin') the point is, any identifying code built into a virus will likely be used against it in a very short time. sure, it could probably be well spread and already have given payload by the time, but... And, research in this area have already been done, tiny 'programs' in a secure box that live, and copy 'traits' from eachother, blending them for efficiency (they had a task, and combining them) this wasa fore stage to some internet worming research, afaik. it was featured in newsweek some years ago, sorry for not beeing more exact.
That would be most possible. Given the ease of actually finding a pattern in compiled software, you could (with some work) get a virus to look a lot (enough) like a crucial part of some software or other. (there are lots of data in a compiled kernel to find similar patterns in, and a virus can be small) in the beginning (If this actually comes to work theyäll have to find ways around it) it should be a fairly common approach to make your virus look like a known program, or a common part of the kernel (like, the ppp interface, or scsi...) thus causing the antivirus to either ignore the virus (it looks like known code) or kill the 'good' code as well (payload) In any case, I think this problem is avoidable with some work, but still might be exploited. (among several others)