Amelio wanted to host MacOS on top of the NT kernel. Freakin' idoit.
All I have to say is; next time you set up a Windows or Linux box, and you're a few days into it, know that you could have done this all in 15 minutes on a mac.
I love the fact that grep, openssh, perl and apache are standard with the current macos, and I don't have to spend any time cursing xfree getting it to work for me. Apple is or at least will be the known universe's largest distributor of UNIX.
Penguin and VA will never get in the hands of a 5 year old kid. But starting in september, some of those kids will go to school and notice, emacs, VI, gcc, apache and gnu/bsd in their classroom.
If you want to raise a nation of hacker kids; kids who find their own uses for technology, then you realize that Apple matters.
And even if you don't buy into that, you might dig the peace of mind gained by not being forced to give your personal info to passport.
I dig OmniWeb a LOT. It allows me to use regeps to blacklist ad servers. I haven't seen an ad from a given server a second time in over a month.
These are the standard regeps all perlers know and love. I can also filter out all images that are not from the server I typed in, and all images that have file sizes common to ads.
Sorry/., but your banner ads don't show up in my browser. BWAHahahahahaha!!! As a result,/. perfomance has incresed dramatically.
...indirectly. Fact of the matter is that given a free story from Associated Press, and one from the New York Times (also free, but registration required), I will choose the AP story because it's more convenient. So the paying for a site directly, every time you go, may never get off the ground, because there are site's that don't charge and have the same stuff. The exception is pr0n, where they pretty much all started pay per use at the same time, but gnutella is starting to reverse that.
Cable TV beat this by making cable usage functionally equivalent to flipping normal channels. would you pay for cable if it meant a convoluted process every time you flipped a channel...like a patch bay?
The keenbeans of industry realize this, and know that the one place they can reliably charge for content is in the service bills. I spend more money on DSL than cable, movies, print and whatnot each month.
It's equivalent, only instead of per use payment, it's aggregated payment.
Given this context, it's a lot easier to understand the AOL Time-Warner merger. They want to get paid for access to media, so they merge with the largest provider of access, and live off the service bills.
Sony is the most hypocritical of the people embracing this kind of billing. Their music division is crying foul about mp3, but their electronics division is making money from mp3's. If you download Sony Music's mp3's from napster, and burn them on a Sony CD-R drive, you are indirectly paying Sony for those mp3's, because the money ends up in the same place, eventually, that it would had you paid for the mp3 directly...especially if the reason you bought the CD-R in the first place was to burn their music, and wouldn't have otherwise (which is usually the case for consumers these days).
So yeah, people are going to be reluctant to charge for content which is nearly identicle to the free stuff, because people will stop coming to their site. However, a site investing in the infrastructure needed to get to their site can charge their viewers indirectly, and still seem like a free service to their audience.
The first time I saw one of those Java Phones, I understood why France Telecom sunk a bunch of dough into Jabber. Imagine being able to send messages to AIM, yahoo, msn and all the others via yer cell phone. Imagine further, that your friends or company have a private jabber server, and you connect via SSL
Yep, encrypted chat and IM on a server you control, connecting via your cellphone, wouldn't that be lovely (voice chat too?). Especially if your private jabber server was hosted by havenco.
When photography was gaining popularity, the painters and the fine art establishment derided it as not being an art form in that anybody could push a button and make a portrait. Now, we have a divergence where the modern and post modern painters have gotten less and less attached to reality in their imagery, and photographers are manipulating natural phenomena to create art.
This was a major theme in a prerequisite class I had to take (history of communication and technology) as a multimedia art major in college.
Yep, not only do a lot of artists and academics in the field of art consider digital technology as an artistic tool, universities teach is as focus on top of a core fine art curriculum.
It's easy to think of the art establishment as forward thinking, but they are humans, and as such, as stubborn and rooted in their ways as any establishment.
Create, show your work. In 50 years, we'll be the ones reminding them that they failed to take art history to heart.
Fact is, we'll find ANY reason to keep people in space. Yes, there is valuable research going on in ISS, but that's just their day job.
I think, deep down, we all know that the real reason that we have astronauts and cosmonauts in space is to keep manned spaceflight alive.
Really. Politics and economics need a reason for us to be up there. But those are fallacious mechanisms we place on ourselves. we want people in the far reaches, wherever that might be. It makes us feel comfortable as a species - being able to do what the other beasts can not. That's really what this is all about.
I for one think that Tito's vacation was a very necessary distraction from the notion of science in space. We'd all speculated and maybe even fantacized of a vacation in space. Tito did what needed to be done. He demonstrated that there is tangible market demand for space tourism.
Think back to the 50's if you can (lord knows I can't. Correct me if I'm wrong). Air travel, especially on a jet, was for the rich. Look at the newsreels. How many yokels do you see? Thought so. But over the years, it became accessible to the common man. I can book a flight from San Francisco to LA for $40. You can't even take a family of 4 to a movie for that much nowadays.
So it will be with space. the market for space tourism and travel will increase. As such, spacecraft will be mass produced, and prices will be cheaper. Corporations, seeking more bang for the buck, will drive prices down even cheaper.
And as such, the price of research will drop. Dennis tito might have cost us a week of research, but he may have saved us billions in research costs.
The inability to recognize this long term trend is a black eye for NASA. They are smart people, they should have seen how this would further their cause. Instead, they chose to take it personally, and for that, they get negative brownie points in this voter's book.
NASA has gotten so entrenched in it's scientific mission as a survival strategy that it has forgotten why we even started a space program: People look up at night and know that the universe has more to offer than this planet, and they want to be part of it. If they grasp and nourish that simple fact, there's no telling the scale by which humanity can progress.
How am I supposed to use IP based authentication on a moving target user? It's hard enough authenticating PPP(oE)/dhcp users. hosts.allow would have to become a process to let legitimate users in, and as such, security is weakened. What if the process freaks out, segfaults, zombies.....what about IP spoofing as eggshell code?
Do I have to prompt for a kerberos session every time the IP changes during a session? How easy would it be to hijack the session by fooling the stack into thinking that it legitimately changed to the attacker's IP? How easy would it be to DoS via spoofing parts of the protocol?
Frequency hopping radios are nifty, but we're not talking about beaming light. IP is much more complicated, and has more weak points.
This whole public debate is the part after JC is killed, and Brutus and Marcus Antonius are trying to sway the crowd.
Perens's response is Brutus. Mundie's is Marcus Antonius. If we want to win this battle (if indeed we care...they could be picking a fight so we exhaust our arguments...or to make us look like a bad idea so they can get UCITA passed) we're going to have to go after people's hearts. A person is smart, but the public is mindless. The intellectual route is a dead end.
Anyway. Brush up on your Shakespear. We're going about this entirely the wrong way. You don't win the confidence of Joe Sixpack with prose that reads like PERL.
This is valuable not because it fixes a hole. It's valuable because it makes the community look cool.
Think about it. In the 'doze world, there's MS, the sheep...er..users, the Vendors and the hackers on a bad day. There is no sense of community...if you help your friend....you're likely breaking some kind of law.
On the other hand, with Open Source, here's an instance where some lone hacker takes a paradigm and smacks it upside the head for our mutual benefit. This is wonderful PR!!!
Just when MS gave a speech about how Open Source OS's are insecure, and the community aspects are negligible at best, this guy kills both birds with one stone. And it didn't cost any of us a "beer" dime.
You just can't buy publicity like that. I think I'll start preaching "Random acts of kind InfoWar". Really....this whole thing is a head scratcher we could use to our advantage.
Oh my gosh, what a bunch of spaghetti logic. What these luminaries really should have done is all chip in for a real PR flack, because they just exposed a hand of jokers.
Seriously. The "this is the kind of dialog [paraphrased]" quote says it all. MS employs some of the brightest spin doctors in the biz. The Mundie speech was probably engineered to elicit this very response, so that the spin doctors could get inside the Open Source PR thought cycle.
Now that this watered down, weak screed from inexperienced open media warriors has laid down exactly where they're inept at a media fight, MS now knows exactly how to attack. And their media army is quite more experienced at this sort of thing.
What needs to be done is the assembly of a proficient, professional PR effort. We in no way could outspend them in an attack or a push, but we certainly could employ or at least get volunteer skilled spin people to defend and counterstrike. Part of the MS spin strategy might be to distract or otherwise deplete the heroes of our cause. A third party needs to be esatblished to insulate the media efforts from the actual operations of Open Source.
This "Old monkish coder" as PR flack will only take us so far....and if overextended....maybe painted into a corner.
The points brought up in the article are all very good ones that needed to be expressed. Their delivery, however, was wholly incompetent. We need somebody on this who knows how to craft rhetoric to it's full potential and impact. Something that an 8th grader could read and understand, and bring out the Henry Flemming in all of us.
Friend of mine and I thought this one up to get around this problem. What you do is have them save to a specific volume on the network. However, Every time you do things to the directories, it triggers scripts. This is almost a no-brainer on macos with folder actions in applescript, and I suppose you could to the same with VBS as well.
So when they Mount the networked volume, what really happens is a script does a cvs checkout for them, then they see the mounted drive locally. Then they save, folder action converts.doc to RTF,.XLS to tab seperated...this way the eloi can use.doc...but you're still using text formats you can use with cvs.
You can do a commit after that, or when they unmount the volume...a script does a checkin/commit. Season to taste.
So that's it....basically, you use scripts to abstract the user from CVS. The happy beneifit is by using text formats...you clean all the macro virii out of your data.
Intel and Apple have both admitted it in their digital hub rhetoric. Desktop pc's are losing their sex appeal. Rich Gold from Xerox Parc's "Ubi-Comp" is the way things are going. For recent terms...that's ubiquitous computing. "puters are all around us. Cell Phones, Palms...Microwave Ovens.
Do they run on x86....hell no. the only ubiquitous computing machine that could benefit from that 20+ year old architecture is a toaster...'cause the heat could do some good there.
Own a tivo?....guess what...you have a Linux PowerPC box in your house that you rely on more than your x86 Linux box.
That's how this is going to go down. You're going to buy all these gadgets that have nifty comm features. the PowerPC takes a whole lot less energy and MHZ to be just as powerful as an x86. Guess what Linux will be in your embedded systens....the one who sucks less.....power that is.
The other end of this fork is the lifespan of hardware. x86 PC's usually are useful for 3 years before bloat renders them useless. Macs usually take 6 years to be annoyingly slow.
Seriously...I bought the Mac I'm typing this on in 1996. It was only a month ago that I had to switch to SuSE on it to keep it tolerable.
so yeah. If your goal is world domination of Open Source...then x86 Linux is a pitfall. The landscape is moving away from PC's and into nifty gadgets running PPC or ARM.
Stop wasting your time with that packard bell in the dumpster and focus on todays cool tech. embedded Linux on PPC...and some cool desktop hardware as well
I don't necessarily think that cDc's implementation of the whoopass-crypto laden needle-in-haystack p2p app is any better or worse than the others could be. Back Orifice isn't the best of it's kind.
Currently, freenet's the 500lb gorilla of these. Crowds is cool. Hell, bolt some new host discovery tools on gnutella and use stunnel, that should be fun.
Currently the landscape has 3 variables. Encryption to hide what's being said, neat discovery protocols to hide who's serving, and transport protocols to hide who's requesting/recieving. Combined, the protocols can serve to counter traffic analysis attacks.
These things have already been thought out. It's some pretty nifty math. But all the implementations of this scheme have some fundamental weaknesses (theory/practice all over again).
The first is assuming that people will actually use them. I seriuosly doubt many people outside the geek, IP and gov community even know about freenet, crowds or such nifty things. If only a few people are using it, then they are automatically suspect, and can be attacked in other ways (tempest, wiretaps, room bugs), thus defeating the scheme.
The second is the number of apps/protocols doing this. Name 4 version 1.0, ready for prime time implementations that have been deployed widespread for consumer use...thought so. For a repressive gov or corp, it's like playing whack-a-mole with only 1 hole for the mole to pop out of.
This is where cDc comes in. The fact that the people who keep the closest eye on this kind of thing (us) heard about it from BBC says a lot. This is going to be all over the tv news. Everybody's going to know about this. Where freenet and crowds work on integrity and discovery of information, the mere idea that cDc is working on this increases the availability of the information to the defensive player. This is done through manipulation of open information sources. Brilliant.
As a result, the others who've been working on this for a while are going to become more motivated to work on their apps so that cDc doesn't steal their fire. How would you feel if you did all the basic research for this, spent years developing it, and then a bunch of drugged out, ascii art typin' wierdo's pulled the rug out from under you? I think cDc's app is going to make it so the whack-a-mole game is a whole lot more difficult. There will be more than one app/protocol simply because all the current projects will get more attention. For example: look at the current p2p landscape post napster smack-down. The other protocols are doing quite well. I would say to the effect that even though judge Patel ruled in favor of RIAA, p2p won. Thank you, RIAA, for enforcing a move away from cruft. Now we are more able to thwart you.
I don't know what cDc's app will be like, but I do know that as a platonic perfect object, it's going to be a resounding success by filling in a lot of the weaknesses of the practice of encrypted p2p. With Freenet and Crowds having worked out the theory.
My first Linux distro was from Apple and released under the GPL (MkLinux), so the author is way wrong about not giving back. If it weren't for their doing that, I would never have been able to learn linux (for lack of an x86 box) for several more years. There have been times in Apple's history where they were releasing more versions of Unix for their hardware than MacOS. Apple's tech honcho (Avie T.) was one of the guys who helped INVENT mach, he should certainly be afforded to use his own work, and rightfully, thanks to the Open Source license it's released under, it's legal to do so.
MPEG-4's file format is based on QuickTime 3, they had to fight tooth and nail to get their open format used for that standard as opposed to Microsoft's. The only thing stopping a GPL'd quicktime player is the 3rd parties which own the codec's. As a matter of fact, I think there ARE QuickTime players for Linux. If the codec owners would release maybe a decode only version for GPL'd OS's maybe under the LGPL, then we'd have a complete QuickTime player on good terms. It's mostly out of Apple's hands.
Anybody can download and have their way with Darwin. There are parts of NuKernel in OS X, which until Darwin, were proprietary. In fact, Darwin Streaming Server (rtp/rtsp) is free (beer and speech) for streaming your media, where Real charges you. Imagine that, a corporation making you pay to speak, we don't see our author complaining about that.
I would have to agree that this article is malicious flaimbait. This is one instance in which I would support Apple's team of evil lawyers filing a libel suit. The article is ill-informed and accuses the company of deceptive trade practices ("Big Lie"...isn't that what Hitler called propaganda?). It is clearly designed to damage the company's reputation and it's appalling to see it come from a professional news outlet.
sunrpc, portmap, inetd - brickhouse is bad for you
on
Cracking OSX
·
· Score: 2
being a bay area.com casualty, I've spent the last few months searching for jobs and staring at/var/log/messages on my border router. These ports get scanned constantly on my DSL pool:
23
53
111
113
137-139
The problem is OS X can't go to the bathroom without running some part of sunrpc. So there's port 111 for ya. Sometimes OS 9 has 113 open, so we won't call that one new. I've compiled and run samba on OS X, so there's 137-139.
Great pains should be made to make sure hosts.deny is set to ALL: ALL (my personal creed) with hosts.allow being the mechanism for letting people in. inetd should be replaced with xinted, and all the portmap stuff should be bound to localhost if a single machine, internal NIC if in an NFS environment.
Brickhouse is a nifty GUI for IPFW....but the pitfalls of using it are that when you run it...you actually end up with more ports open than if you hadn't run it in the first place. The firewalling rules Apple put in place out of the box are pretty decent. I ran brickhouse on the public beta a while back, and ended up with EVERY port above 1024 open...whereas nmap showed just a handful of ports open before. Things may have changed in recent months...but the big problem is still there...the people using it don't know what the fsck they're doing and likely will do themselves more harm than good by tweaking with the rules.
A lot of people will attatch their machine directly to the net via modem...so tripwire/MD5 yer getty's and login.
But that's a home environment. In a corporate environment, there's a pretty heinous version of the world readable shadow/passwd exploit, where netinfo can be made to give up all the logins/shadows for the entire company from one box, with user level access. This is if you're using directory services to propegate user info through your company's machines.
It remains to be seen how it could be countermeasred (it's suppsed to be a local exploit, but once you get a shell...you're local). Things that come to mind are one time passwords, or using the built in voice authentication. Maybe a combination of the 2.
In any case...this IS an new OS. Even though it's been around for a while in various incarnations...it's kind of a bazzar consensus of Mach, next, bsd, mklinux and nuKernel. My advice is for inexperienced users not to attatch this OS directly to the net until it's been in the wild for a while.
I think the real intresting thing is the acknowlegement that sport is as much intellectual as pysical. It's not the physical act of sport that's the interesting thing...It's the means by which we organize our sporting activity based on what we can do that wins the day. I remember passing runners who were better than me on the downhill simply because I knew to relax and bound. They tried to run faster, I ran smarter.
In any case, it's all just amusement. I'm just glad that we have a physically non-violent way of thinking about how to get things done; and this helps
I've already seen a few negative posts about this. MAN...didn't y'all hang on the demoscene!?
Getting together with other geeks to play and geek out is an essential part of our community. I don't care if you need to haul yer machine or not....brave that bright "Sun" thing, locomote yerself to yer nearest gathering o' geeks and make some friends.
Seriously. A friend probably introduced you to Open Source....gaming too. Might as well see if you can hook up with the fantastic 4 or the superfriends to make things better instead of scratching your head, looking at make errors and wondering where the other geeks are.
I can't make it to Deutschland, but if you wanna hang in the sf east bay....maybe we can coordinate something cooler, bigger and lovelier.
what if the wage flunkies in the store don't know this is going on? You can ask all you want, but their answer is moot. Besides, if you ask this kind of question, you'll be scrutinized by actual store detectives in addition to the 'lectric eye.
Be careful that whatever video hardware you're unsing's audio (if any) isn't recording. If you record both their image and audio, it's illegal (in the US) and the evidence will be stricken. That would suck. Take whatever means you must to keep from recording audio.
Multicastings real killer app is amplification per node and cacheing remotely on nodes. I'll bet $50 US that I can multicast as successfully if not better (depending on switch) with a pentium 75 from a home DSL line than you can with your cluster.
The reason is that this is a throughput and amplification problem, not a computing one. Your cluster has to communicate through soda straws of bandwidth compared to the througput you can get on one mainboard. 1 Gbs is not as fast as 6 Gbs, which is slower than a G4's mainboard.
Once the output stream leaves the box (this really is just I/O) you send it to a node which sends it to a bunch of nodes, then those nodes do the same ad infinitum. Kinda like in "Waynes World" when Wayne does the whole "telephone" speech, with nifty visuals.
In short...using your cluster for this is a waste of computing power, and is hobbled by the connections between boxen.
I've been "Bleeding six colors" since '85. If you think OS X is un-maclike, then you don't know what the mac is about at all.
It isn't about popup folders. It isn't about the control strip.
The MacOS is a software manifestation of this ideal:
Your tools should be extremely powerful, intuitive, elegant, and above all else, when you need them to, they should get the fsck out of your way!!!
The Classic MacOS accomplised this. Mac OS X takes this ideal further than most people ever dreamed.
Just because it doesn't look or act exactly the same, doesn't make it un-maclike. On the contrary, I believe the differences in OS X make it more maclike than the original.
Slashdot Mirror
Amelio wanted to host MacOS on top of the NT kernel. Freakin' idoit.
All I have to say is; next time you set up a Windows or Linux box, and you're a few days into it, know that you could have done this all in 15 minutes on a mac.
I love the fact that grep, openssh, perl and apache are standard with the current macos, and I don't have to spend any time cursing xfree getting it to work for me. Apple is or at least will be the known universe's largest distributor of UNIX.
Penguin and VA will never get in the hands of a 5 year old kid. But starting in september, some of those kids will go to school and notice, emacs, VI, gcc, apache and gnu/bsd in their classroom.
If you want to raise a nation of hacker kids; kids who find their own uses for technology, then you realize that Apple matters.
And even if you don't buy into that, you might dig the peace of mind gained by not being forced to give your personal info to passport.
I dig OmniWeb a LOT. It allows me to use regeps to blacklist ad servers. I haven't seen an ad from a given server a second time in over a month.
/., but your banner ads don't show up in my browser. BWAHahahahahaha!!! As a result, /. perfomance has incresed dramatically.
These are the standard regeps all perlers know and love. I can also filter out all images that are not from the server I typed in, and all images that have file sizes common to ads.
Sorry
...indirectly. Fact of the matter is that given a free story from Associated Press, and one from the New York Times (also free, but registration required), I will choose the AP story because it's more convenient. So the paying for a site directly, every time you go, may never get off the ground, because there are site's that don't charge and have the same stuff. The exception is pr0n, where they pretty much all started pay per use at the same time, but gnutella is starting to reverse that.
Cable TV beat this by making cable usage functionally equivalent to flipping normal channels. would you pay for cable if it meant a convoluted process every time you flipped a channel...like a patch bay?
The keenbeans of industry realize this, and know that the one place they can reliably charge for content is in the service bills. I spend more money on DSL than cable, movies, print and whatnot each month.
It's equivalent, only instead of per use payment, it's aggregated payment.
Given this context, it's a lot easier to understand the AOL Time-Warner merger. They want to get paid for access to media, so they merge with the largest provider of access, and live off the service bills.
Sony is the most hypocritical of the people embracing this kind of billing. Their music division is crying foul about mp3, but their electronics division is making money from mp3's. If you download Sony Music's mp3's from napster, and burn them on a Sony CD-R drive, you are indirectly paying Sony for those mp3's, because the money ends up in the same place, eventually, that it would had you paid for the mp3 directly...especially if the reason you bought the CD-R in the first place was to burn their music, and wouldn't have otherwise (which is usually the case for consumers these days).
So yeah, people are going to be reluctant to charge for content which is nearly identicle to the free stuff, because people will stop coming to their site. However, a site investing in the infrastructure needed to get to their site can charge their viewers indirectly, and still seem like a free service to their audience.
Freehand 10 is native on OS X and Illustrator is not. Now I have a Reason to switch instead of wait. Bad move.
The first time I saw one of those Java Phones, I understood why France Telecom sunk a bunch of dough into Jabber. Imagine being able to send messages to AIM, yahoo, msn and all the others via yer cell phone. Imagine further, that your friends or company have a private jabber server, and you connect via SSL
Yep, encrypted chat and IM on a server you control, connecting via your cellphone, wouldn't that be lovely (voice chat too?). Especially if your private jabber server was hosted by havenco.
When photography was gaining popularity, the painters and the fine art establishment derided it as not being an art form in that anybody could push a button and make a portrait. Now, we have a divergence where the modern and post modern painters have gotten less and less attached to reality in their imagery, and photographers are manipulating natural phenomena to create art.
This was a major theme in a prerequisite class I had to take (history of communication and technology) as a multimedia art major in college.
Yep, not only do a lot of artists and academics in the field of art consider digital technology as an artistic tool, universities teach is as focus on top of a core fine art curriculum.
It's easy to think of the art establishment as forward thinking, but they are humans, and as such, as stubborn and rooted in their ways as any establishment.
Create, show your work. In 50 years, we'll be the ones reminding them that they failed to take art history to heart.
studionext.com...quicktime format
Fact is, we'll find ANY reason to keep people in space. Yes, there is valuable research going on in ISS, but that's just their day job.
I think, deep down, we all know that the real reason that we have astronauts and cosmonauts in space is to keep manned spaceflight alive.
Really. Politics and economics need a reason for us to be up there. But those are fallacious mechanisms we place on ourselves. we want people in the far reaches, wherever that might be. It makes us feel comfortable as a species - being able to do what the other beasts can not. That's really what this is all about.
I for one think that Tito's vacation was a very necessary distraction from the notion of science in space. We'd all speculated and maybe even fantacized of a vacation in space. Tito did what needed to be done. He demonstrated that there is tangible market demand for space tourism.
Think back to the 50's if you can (lord knows I can't. Correct me if I'm wrong). Air travel, especially on a jet, was for the rich. Look at the newsreels. How many yokels do you see? Thought so. But over the years, it became accessible to the common man. I can book a flight from San Francisco to LA for $40. You can't even take a family of 4 to a movie for that much nowadays.
So it will be with space. the market for space tourism and travel will increase. As such, spacecraft will be mass produced, and prices will be cheaper. Corporations, seeking more bang for the buck, will drive prices down even cheaper.
And as such, the price of research will drop. Dennis tito might have cost us a week of research, but he may have saved us billions in research costs.
The inability to recognize this long term trend is a black eye for NASA. They are smart people, they should have seen how this would further their cause. Instead, they chose to take it personally, and for that, they get negative brownie points in this voter's book.
NASA has gotten so entrenched in it's scientific mission as a survival strategy that it has forgotten why we even started a space program: People look up at night and know that the universe has more to offer than this planet, and they want to be part of it. If they grasp and nourish that simple fact, there's no telling the scale by which humanity can progress.
How am I supposed to use IP based authentication on a moving target user? It's hard enough authenticating PPP(oE)/dhcp users. hosts.allow would have to become a process to let legitimate users in, and as such, security is weakened. What if the process freaks out, segfaults, zombies.....what about IP spoofing as eggshell code?
Do I have to prompt for a kerberos session every time the IP changes during a session? How easy would it be to hijack the session by fooling the stack into thinking that it legitimately changed to the attacker's IP? How easy would it be to DoS via spoofing parts of the protocol?
Frequency hopping radios are nifty, but we're not talking about beaming light. IP is much more complicated, and has more weak points.
Golly, didncha all read Julius Caesar???
This whole public debate is the part after JC is killed, and Brutus and Marcus Antonius are trying to sway the crowd.
Perens's response is Brutus. Mundie's is Marcus Antonius. If we want to win this battle (if indeed we care...they could be picking a fight so we exhaust our arguments...or to make us look like a bad idea so they can get UCITA passed) we're going to have to go after people's hearts. A person is smart, but the public is mindless. The intellectual route is a dead end.
Anyway. Brush up on your Shakespear. We're going about this entirely the wrong way. You don't win the confidence of Joe Sixpack with prose that reads like PERL.
This is valuable not because it fixes a hole. It's valuable because it makes the community look cool.
/var/log/messages NOW!!!
Think about it. In the 'doze world, there's MS, the sheep...er..users, the Vendors and the hackers on a bad day. There is no sense of community...if you help your friend....you're likely breaking some kind of law.
On the other hand, with Open Source, here's an instance where some lone hacker takes a paradigm and smacks it upside the head for our mutual benefit. This is wonderful PR!!!
Just when MS gave a speech about how Open Source OS's are insecure, and the community aspects are negligible at best, this guy kills both birds with one stone. And it didn't cost any of us a "beer" dime.
You just can't buy publicity like that. I think I'll start preaching "Random acts of kind InfoWar". Really....this whole thing is a head scratcher we could use to our advantage.
oh.....check
Oh my gosh, what a bunch of spaghetti logic. What these luminaries really should have done is all chip in for a real PR flack, because they just exposed a hand of jokers.
Seriously. The "this is the kind of dialog [paraphrased]" quote says it all. MS employs some of the brightest spin doctors in the biz. The Mundie speech was probably engineered to elicit this very response, so that the spin doctors could get inside the Open Source PR thought cycle.
Now that this watered down, weak screed from inexperienced open media warriors has laid down exactly where they're inept at a media fight, MS now knows exactly how to attack. And their media army is quite more experienced at this sort of thing.
What needs to be done is the assembly of a proficient, professional PR effort. We in no way could outspend them in an attack or a push, but we certainly could employ or at least get volunteer skilled spin people to defend and counterstrike. Part of the MS spin strategy might be to distract or otherwise deplete the heroes of our cause. A third party needs to be esatblished to insulate the media efforts from the actual operations of Open Source.
This "Old monkish coder" as PR flack will only take us so far....and if overextended....maybe painted into a corner.
The points brought up in the article are all very good ones that needed to be expressed. Their delivery, however, was wholly incompetent. We need somebody on this who knows how to craft rhetoric to it's full potential and impact. Something that an 8th grader could read and understand, and bring out the Henry Flemming in all of us.
Friend of mine and I thought this one up to get around this problem. What you do is have them save to a specific volume on the network. However, Every time you do things to the directories, it triggers scripts. This is almost a no-brainer on macos with folder actions in applescript, and I suppose you could to the same with VBS as well.
.doc to RTF, .XLS to tab seperated...this way the eloi can use .doc...but you're still using text formats you can use with cvs.
So when they Mount the networked volume, what really happens is a script does a cvs checkout for them, then they see the mounted drive locally. Then they save, folder action converts
You can do a commit after that, or when they unmount the volume...a script does a checkin/commit. Season to taste.
So that's it....basically, you use scripts to abstract the user from CVS. The happy beneifit is by using text formats...you clean all the macro virii out of your data.
Intel and Apple have both admitted it in their digital hub rhetoric. Desktop pc's are losing their sex appeal. Rich Gold from Xerox Parc's "Ubi-Comp" is the way things are going. For recent terms...that's ubiquitous computing. "puters are all around us. Cell Phones, Palms...Microwave Ovens.
Do they run on x86....hell no. the only ubiquitous computing machine that could benefit from that 20+ year old architecture is a toaster...'cause the heat could do some good there.
Own a tivo?....guess what...you have a Linux PowerPC box in your house that you rely on more than your x86 Linux box.
That's how this is going to go down. You're going to buy all these gadgets that have nifty comm features. the PowerPC takes a whole lot less energy and MHZ to be just as powerful as an x86. Guess what Linux will be in your embedded systens....the one who sucks less.....power that is.
The other end of this fork is the lifespan of hardware. x86 PC's usually are useful for 3 years before bloat renders them useless. Macs usually take 6 years to be annoyingly slow.
Seriously...I bought the Mac I'm typing this on in 1996. It was only a month ago that I had to switch to SuSE on it to keep it tolerable.
so yeah. If your goal is world domination of Open Source...then x86 Linux is a pitfall. The landscape is moving away from PC's and into nifty gadgets running PPC or ARM.
Stop wasting your time with that packard bell in the dumpster and focus on todays cool tech. embedded Linux on PPC...and some cool desktop hardware as well
sets, limit, for, analog
this is sooooo flawed, and will cost them billions
I don't necessarily think that cDc's implementation of the whoopass-crypto laden needle-in-haystack p2p app is any better or worse than the others could be. Back Orifice isn't the best of it's kind.
Currently, freenet's the 500lb gorilla of these. Crowds is cool. Hell, bolt some new host discovery tools on gnutella and use stunnel, that should be fun.
Currently the landscape has 3 variables. Encryption to hide what's being said, neat discovery protocols to hide who's serving, and transport protocols to hide who's requesting/recieving. Combined, the protocols can serve to counter traffic analysis attacks.
These things have already been thought out. It's some pretty nifty math. But all the implementations of this scheme have some fundamental weaknesses (theory/practice all over again).
The first is assuming that people will actually use them. I seriuosly doubt many people outside the geek, IP and gov community even know about freenet, crowds or such nifty things. If only a few people are using it, then they are automatically suspect, and can be attacked in other ways (tempest, wiretaps, room bugs), thus defeating the scheme.
The second is the number of apps/protocols doing this. Name 4 version 1.0, ready for prime time implementations that have been deployed widespread for consumer use...thought so. For a repressive gov or corp, it's like playing whack-a-mole with only 1 hole for the mole to pop out of.
This is where cDc comes in. The fact that the people who keep the closest eye on this kind of thing (us) heard about it from BBC says a lot. This is going to be all over the tv news. Everybody's going to know about this. Where freenet and crowds work on integrity and discovery of information, the mere idea that cDc is working on this increases the availability of the information to the defensive player. This is done through manipulation of open information sources. Brilliant.
As a result, the others who've been working on this for a while are going to become more motivated to work on their apps so that cDc doesn't steal their fire. How would you feel if you did all the basic research for this, spent years developing it, and then a bunch of drugged out, ascii art typin' wierdo's pulled the rug out from under you? I think cDc's app is going to make it so the whack-a-mole game is a whole lot more difficult. There will be more than one app/protocol simply because all the current projects will get more attention. For example: look at the current p2p landscape post napster smack-down. The other protocols are doing quite well. I would say to the effect that even though judge Patel ruled in favor of RIAA, p2p won. Thank you, RIAA, for enforcing a move away from cruft. Now we are more able to thwart you.
I don't know what cDc's app will be like, but I do know that as a platonic perfect object, it's going to be a resounding success by filling in a lot of the weaknesses of the practice of encrypted p2p. With Freenet and Crowds having worked out the theory.
Yay cDc!
My first Linux distro was from Apple and released under the GPL (MkLinux), so the author is way wrong about not giving back. If it weren't for their doing that, I would never have been able to learn linux (for lack of an x86 box) for several more years. There have been times in Apple's history where they were releasing more versions of Unix for their hardware than MacOS. Apple's tech honcho (Avie T.) was one of the guys who helped INVENT mach, he should certainly be afforded to use his own work, and rightfully, thanks to the Open Source license it's released under, it's legal to do so.
MPEG-4's file format is based on QuickTime 3, they had to fight tooth and nail to get their open format used for that standard as opposed to Microsoft's. The only thing stopping a GPL'd quicktime player is the 3rd parties which own the codec's. As a matter of fact, I think there ARE QuickTime players for Linux. If the codec owners would release maybe a decode only version for GPL'd OS's maybe under the LGPL, then we'd have a complete QuickTime player on good terms. It's mostly out of Apple's hands.
Anybody can download and have their way with Darwin. There are parts of NuKernel in OS X, which until Darwin, were proprietary. In fact, Darwin Streaming Server (rtp/rtsp) is free (beer and speech) for streaming your media, where Real charges you. Imagine that, a corporation making you pay to speak, we don't see our author complaining about that.
I would have to agree that this article is malicious flaimbait. This is one instance in which I would support Apple's team of evil lawyers filing a libel suit. The article is ill-informed and accuses the company of deceptive trade practices ("Big Lie"...isn't that what Hitler called propaganda?). It is clearly designed to damage the company's reputation and it's appalling to see it come from a professional news outlet.
being a bay area .com casualty, I've spent the last few months searching for jobs and staring at /var/log/messages on my border router. These ports get scanned constantly on my DSL pool:
23
53
111
113
137-139
The problem is OS X can't go to the bathroom without running some part of sunrpc. So there's port 111 for ya. Sometimes OS 9 has 113 open, so we won't call that one new. I've compiled and run samba on OS X, so there's 137-139.
Great pains should be made to make sure hosts.deny is set to ALL: ALL (my personal creed) with hosts.allow being the mechanism for letting people in. inetd should be replaced with xinted, and all the portmap stuff should be bound to localhost if a single machine, internal NIC if in an NFS environment.
Brickhouse is a nifty GUI for IPFW....but the pitfalls of using it are that when you run it...you actually end up with more ports open than if you hadn't run it in the first place. The firewalling rules Apple put in place out of the box are pretty decent. I ran brickhouse on the public beta a while back, and ended up with EVERY port above 1024 open...whereas nmap showed just a handful of ports open before. Things may have changed in recent months...but the big problem is still there...the people using it don't know what the fsck they're doing and likely will do themselves more harm than good by tweaking with the rules.
A lot of people will attatch their machine directly to the net via modem...so tripwire/MD5 yer getty's and login.
But that's a home environment. In a corporate environment, there's a pretty heinous version of the world readable shadow/passwd exploit, where netinfo can be made to give up all the logins/shadows for the entire company from one box, with user level access. This is if you're using directory services to propegate user info through your company's machines.
It remains to be seen how it could be countermeasred (it's suppsed to be a local exploit, but once you get a shell...you're local). Things that come to mind are one time passwords, or using the built in voice authentication. Maybe a combination of the 2.
In any case...this IS an new OS. Even though it's been around for a while in various incarnations...it's kind of a bazzar consensus of Mach, next, bsd, mklinux and nuKernel. My advice is for inexperienced users not to attatch this OS directly to the net until it's been in the wild for a while.
osxtalk.com is an OSX slashcode site
I think the real intresting thing is the acknowlegement that sport is as much intellectual as pysical. It's not the physical act of sport that's the interesting thing...It's the means by which we organize our sporting activity based on what we can do that wins the day. I remember passing runners who were better than me on the downhill simply because I knew to relax and bound. They tried to run faster, I ran smarter.
In any case, it's all just amusement. I'm just glad that we have a physically non-violent way of thinking about how to get things done; and this helps
I've already seen a few negative posts about this. MAN...didn't y'all hang on the demoscene!?
Getting together with other geeks to play and geek out is an essential part of our community. I don't care if you need to haul yer machine or not....brave that bright "Sun" thing, locomote yerself to yer nearest gathering o' geeks and make some friends.
Seriously. A friend probably introduced you to Open Source....gaming too. Might as well see if you can hook up with the fantastic 4 or the superfriends to make things better instead of scratching your head, looking at make errors and wondering where the other geeks are.
I can't make it to Deutschland, but if you wanna hang in the sf east bay....maybe we can coordinate something cooler, bigger and lovelier.
tack
what if the wage flunkies in the store don't know this is going on? You can ask all you want, but their answer is moot. Besides, if you ask this kind of question, you'll be scrutinized by actual store detectives in addition to the 'lectric eye.
Be careful that whatever video hardware you're unsing's audio (if any) isn't recording. If you record both their image and audio, it's illegal (in the US) and the evidence will be stricken. That would suck. Take whatever means you must to keep from recording audio.
Multicastings real killer app is amplification per node and cacheing remotely on nodes. I'll bet $50 US that I can multicast as successfully if not better (depending on switch) with a pentium 75 from a home DSL line than you can with your cluster.
The reason is that this is a throughput and amplification problem, not a computing one. Your cluster has to communicate through soda straws of bandwidth compared to the througput you can get on one mainboard. 1 Gbs is not as fast as 6 Gbs, which is slower than a G4's mainboard.
Once the output stream leaves the box (this really is just I/O) you send it to a node which sends it to a bunch of nodes, then those nodes do the same ad infinitum. Kinda like in "Waynes World" when Wayne does the whole "telephone" speech, with nifty visuals.
In short...using your cluster for this is a waste of computing power, and is hobbled by the connections between boxen.
I've been "Bleeding six colors" since '85. If you think OS X is un-maclike, then you don't know what the mac is about at all.
It isn't about popup folders. It isn't about the control strip.
The MacOS is a software manifestation of this ideal:
Your tools should be extremely powerful, intuitive, elegant, and above all else, when you need them to, they should get the fsck out of your way!!!
The Classic MacOS accomplised this. Mac OS X takes this ideal further than most people ever dreamed.
Just because it doesn't look or act exactly the same, doesn't make it un-maclike. On the contrary, I believe the differences in OS X make it more maclike than the original.