The number of spammer's IP's are relatively insignificant...
A possibility of success for SCO would see the resultant world-wide demand for IP addresses drop to a manageable level: Somewhere's about a hundred and seven, or so...
Re:Before all the flamers get in.
on
Qt On DirectFB
·
· Score: 1
C'mon.
X11 Rocks! If you want a PS2, buy one from Sony...
Any effectively secure database would be secured from the root operator. This si required by the DoD - the problems here have been worked out long ago. The machine itself should have Mandatory Access Controls, and the DB should implement cryptographic methods for transactional non-repudiation - with security principals independent of the underlying OS authentication.
The whole key infrastructure for this should be FIPS-140 compliant for hardware-based key modules, and require the coordinated actions of two or more actors in managing/engaging keys. There should be strict operational guidelines for the separation of roles in the management, deployment and retreival of these devices, and a separate role with an auditory function. The Auditory role needs a key that can reveal and validate any information on the system, yet create or modify nothing.
These controls are the only justifyable reason to implement 'electronic voting'. Cost? Give me a break! If free and fair voting is not worth paying premium prices for, what is? Do we have to pinch pennies for the land mines we drop on Afghan soil?
Without attempting to reach this benchmark, electronic voting is a fraud. It is a humbug of technophillic superstition used by sellers of snake-oil to dazzle the onlooker, while trusty assistant rob the crowd.
I'm afraid that I am reminded of the 18th-century French writer Charles de Montesquieu who said that "all nations have the governments they deserve."
I am afraid that sentiments like yours mask a great deal of indiferrence and intellectual laziness by the pretense of a realistic and 'no-nonsense' attitude.
It is a far-cry from the blanket assertion:
Can any online voting system be hacked? Yes.
to the validation for implementing systems which have a documentable history of being the worst possible of implementations. Those so far in evidence actually invite abuses!
It is irresponsible, derelict and probably mendacious of anyone advocating the adoption of newer vote collection technologies not to insist on addressing these specific allegations and their evidence. Any proposal which is advanced without a specific redress of these concerns should be considered suspect in motive. Ignorance of the basic issue - and its gravity - is not a possibility.
Online voting is being incouraged in the US because of its susceptibility to fraud, not its resistance. Check out Black Box Voting: Ballot-tampering in the 21st Century. These people are not Luddites. The bulk of the serious critcism here is coming from people who know the most about the technologies employed - therefore the most qualified to scrutinize, and least-likely to be baffled by obtuse claims and jargon.
Also look at This story and the related pages at The Scoop. The most widely deployed system in the US is based on MS Access (!?!), with NO controls for cryptographic storage, trasport, data integrity and/or non-repudiation.
Baaaa, Baaaa! Computers Better! Paper Worse! It's mere superstition by the Sheep-people.
Yeah, the Linux deal seams to just be the "whipping stick" for Sun here. Their interest is in pounding IBM's big backside.
Have you seen the level of acrimony between these companies over AIX vs. Solaris? The front of IBM's website is plastered with "Migrating from Solaris? It's Simple!"
If linux gets broken during the process, Sun is likely to care less.
GNU autoconf generates configure scripts that assume that if a library exists, it should be used. This is incorrect on IRIX, which keeps some old libraries around just for the sake of backward compatibility with very old programs. This alone breaks most of the GNU utilities on IRIX. To prevent this from happening, simply force GNU configure to explicitly ignore 'libsocket', 'libnsl', 'libgen' and 'libsun'. All these interfaces have their up-to-date entries in the standard C library libc.so on IRIX 6.x.
For example, when calling GNU configure you should use something like:
ac_cv_lib_gen_getmntent=no \
ac_cv_lib_sun=no \
ac_cv_lib_sun_getpwnam=no \
ac_cv_lib_sun_getmntent=no \
ac_cv_lib_sun_yp_match=no \
ac_cv_lib_socket=no \
ac_cv_lib_socket_main=no \
configure...
Note that this is just an example. Make sure to look at your config.cache (or equivalent) file after configuration, and inspect it for any suspicious ac_cv_lib... entries that match one of the libraries mentioned above and force them to no (or equivalent).
This is a fair warning, and the devil is in the details...
Yeah, If you dont't get every dependancy fetched locally first... Ouch. Go back to the fyp and retrieve libungif.x.x.tardist! O.K., now start over again...
It's a pity that compiling GNU and BSD sources aginst IRIX is such a black art. It seems that autoconf hurts you more than it helps on SGI. So, it is hand-editing Makefiles and trial/error, untill you aquire the knack for Irix.
If this weren't the case, there could have been a Fink for Irix 6.
I remember how I felt triumphant when I could finally build ssh 1.27, libpcap and nmap on an Indigo 2. That was many hours of effort, for a trivial task on Linux or even Solaris 2.6. Oh, well!
Such pretty blue boxes! Gobs of RAM and I/O. I still keep an affectionate spot for the things.
Uhhhh.. OSX doesn't use X. It has a native, non-netrwork display renderer called "Quartz": interactive PDF based, with OpenGL acceleration.
The buffer exploit is a Quartz problem, and entirely local.
There is an X implementation for OSX - it runs on Quartz, like Exceed or CygX run on Win GDI. It may be possible to send events to Quartz via the Aplle X server - but this is not shipped by Apple as a production code, and won't be until Panther. That is several months and many bug-fixes away!
I know how to "get in shape"...
The shape is "Round".
Still, it's not slot-loading...
A possibility of success for SCO would see the resultant world-wide demand for IP addresses drop to a manageable level: Somewhere's about a hundred and seven, or so...
X11 Rocks! If you want a PS2, buy one from Sony...
Their real case is a contract dispute with IBM.
This is why the make such scattershot claims.
I want to rude into space on the lowest bid or better, on onr of Dick Cheney's buddies!
2, 4, 6, 8!
Shred and then Incinerate!
As long as it's only tcsh...
:-)
I'm on Speakeasy (Covad) in SF. Total outage for several hours tonight. Probably a desparate, unscheduled scrample to get these Ciscos patched!
Always sucked.
Fits into a model of security where the 'remote' is a part of your "Trusted Computing Base."
Flawed, almost all-around.
He should tell her that his boyfriend is a very jealous biker...
I also think that Enlish people should eat irish babies... :-)
In fact, the only game I really play is "The Collossal Cave", unless pen-testing is a game...
You sir, have my vote!
The whole key infrastructure for this should be FIPS-140 compliant for hardware-based key modules, and require the coordinated actions of two or more actors in managing/engaging keys. There should be strict operational guidelines for the separation of roles in the management, deployment and retreival of these devices, and a separate role with an auditory function. The Auditory role needs a key that can reveal and validate any information on the system, yet create or modify nothing.
These controls are the only justifyable reason to implement 'electronic voting'. Cost? Give me a break! If free and fair voting is not worth paying premium prices for, what is? Do we have to pinch pennies for the land mines we drop on Afghan soil?
Without attempting to reach this benchmark, electronic voting is a fraud. It is a humbug of technophillic superstition used by sellers of snake-oil to dazzle the onlooker, while trusty assistant rob the crowd.
They have the same thing in San Mateo County. Jus' 2 Minutes south of San Francisco.
If I bring you back his ears?
I am afraid that sentiments like yours mask a great deal of indiferrence and intellectual laziness by the pretense of a realistic and 'no-nonsense' attitude.
It is a far-cry from the blanket assertion:
to the validation for implementing systems which have a documentable history of being the worst possible of implementations. Those so far in evidence actually invite abuses!http://www.blackboxvoting.com/
Inside A U.S. Election Vote Counting Program
Bald-Faced Lies About Black Box Voting Machines
It is irresponsible, derelict and probably mendacious of anyone advocating the adoption of newer vote collection technologies not to insist on addressing these specific allegations and their evidence. Any proposal which is advanced without a specific redress of these concerns should be considered suspect in motive. Ignorance of the basic issue - and its gravity - is not a possibility.
Also look at This story and the related pages at The Scoop. The most widely deployed system in the US is based on MS Access (!?!), with NO controls for cryptographic storage, trasport, data integrity and/or non-repudiation.
Baaaa, Baaaa! Computers Better! Paper Worse! It's mere superstition by the Sheep-people.
Have you seen the level of acrimony between these companies over AIX vs. Solaris? The front of IBM's website is plastered with "Migrating from Solaris? It's Simple!"
If linux gets broken during the process, Sun is likely to care less.
Then you can do all kinds of c00l stuff to kill people!
My friend... It is hard and cold out here amongst the jobless throng. Be careful. Don't jump from the frying pan!
Works every time? Not more than half...
There is a long-standing link from the freeware pages at SGI which states:
This is a fair warning, and the devil is in the details...
It's a pity that compiling GNU and BSD sources aginst IRIX is such a black art. It seems that autoconf hurts you more than it helps on SGI. So, it is hand-editing Makefiles and trial/error, untill you aquire the knack for Irix.
If this weren't the case, there could have been a Fink for Irix 6.
I remember how I felt triumphant when I could finally build ssh 1.27, libpcap and nmap on an Indigo 2. That was many hours of effort, for a trivial task on Linux or even Solaris 2.6. Oh, well!
Such pretty blue boxes! Gobs of RAM and I/O. I still keep an affectionate spot for the things.
The buffer exploit is a Quartz problem, and entirely local.
There is an X implementation for OSX - it runs on Quartz, like Exceed or CygX run on Win GDI. It may be possible to send events to Quartz via the Aplle X server - but this is not shipped by Apple as a production code, and won't be until Panther. That is several months and many bug-fixes away!