The attack works because most TCP stacks tell you what time the sending machine thinks it is. Because manufacturing variations cause a unique time skew rate in each device, this gives you a way to identify a particular machine.
This vulnerability can be easily defeated by modifying the TCP stack so that it applies some (cryptographically secure) random variation into the outgoing timestamps. Running some software which disciplines the local clock and compensates for hardware clock drift (NTPD) should also help eliminate the vulnerability.
Even more to the point, how many phishing sites do you actually think are hosted on machines or domains the phisher actually owns? I'd wager that close to 100% of the sites are hosted on hacked machines.
I can see a lot of innocent people getting anally probed by the feds because their machines got hacked by a phisher. Do you really want a bunch of armed thugs breaking into your house and holding your family at gunpoint while they cart away every electronic device you own?
Having a search warrant executed on your property is not something you want to happen to you, especially if you didn't do anything wrong. It will take you YEARS and major lawyer bills to get your stuff back. If you think I'm making this up, re-read what happened to Steve Jackson Games during Operation Sun Devil:
On March 1 1990, the offices of Steve Jackson Games, in Austin, Texas, were raided by the U.S. Secret Service as part of a nationwide investigation of data piracy. The initial news stories simply reported that the Secret Service had raided a suspected ring of hackers. Gradually, the true story emerged.
More than three years later, a federal court awarded damages and attorneys' fees to the game company, ruling that the raid had been careless, illegal, and completely unjustified.
Don't try and pretend that having your life turned upside down for three years is no big deal.
will make a significant difference in bandwidth. You can also use the check_helo_access option to blacklist / whitelist domains and IP addresses. I reject about 10% of attempted spam at HELO or RCPT TO with a few simple rules.
E-mail is no different. I don't want penis enlargment material, because frankly I only have two normal sized hands. I should be able to prevent anyone trying to send me this stuff from connecting to my port 25.
This can easily be accomplished with existing software with a high degree of reliability. Postfix lets you bounce mail based on the result returned by an external filter; I'm sure most other MTAs have similar capabilities. It's trivial to configure Postfix + Spamassassin to bounce any penis enlargement message.
[The judge] declaring the punishment to not fit the crime
Call me naieve and idealistic, but I thought that judges were SUPPOSED to make sure the punishment fits the crime. I'm much more comfortable with a system where judges assign penalties on a case-by-case basis, taking into account all the variables than one where politicians force judges to impose blanket penalties blindly and indiscriminiately.
I don't think we've been able to find a technical method to stop spam that doesn't suck, so we've now gotta go the legal route.
Funny, I think that we haven't been able to find a legal method to stop spam that doesn't suck, so now we've gotta go the technical route. Spam is a technology problem and demands a technical solution.
The spam problem is largely due to the fact that SMTP inherently trusts the sender. We could end spam tomorrow if everyone abandoned SMTP and adopted a less trusting mail protocol with a robust sender authentication scheme. As with IPv6, the only obsticle to widespread adoption of a new protocol is human inertia, which is considerable (if not insurmountable).
Even using legacy SMTP, there are a number of highly effective technical solutions. I've been using spamassassin for over a year, and it catches well over 95% of the spam I get with zero false positives, and Thunderbird almost always detects the spam that SA misses.
Typically how much higher should my hourly rate be?
You should plan to triple your "target" salary if you're self-employed, because you're going to have to pick up a lot of things yourself (taxes, insurance, paid time off) that your employer normally would. Quarterly tax payments to IRS are a bitch.
If you want to emulate a $65,000 salary ($31.25/hr) you should probably be billing somewere in the neighborhood of $90/hr.
And since the author quit his job to do MT full-time, I find that disgusting.
Whatddaya mean? Megatokyo just wouldn't be the same without Piro whining about why the comic is late.
In defense of MT, you have to remember that the artwork is A LOT more detailed and less "cartoony" than most other webcomics out there. It's a very different style of drawing than most comics use, and I can appreciate that it takes more time to do it.
our society _still_ can't stand the idea our society _still_ can't stand the idea
It's not society -- it's just some vocal fringe elements who have a problem. However, because these nuts wear the mantle of religion, a lot of people are afraid to take them on.
In Europe the kings and their officials held all of the weapons. When someone was knighted that person was granted the right "to bear arms". The general population was not granted that right. That meant that the serfs were forever dominated by Lords unless some rapscallion like Cromwell showed up.
Not entirely accurate. "Bearing arms" in regard to knighthood referred to the right to carry a COAT OF ARMS, not weapons. Nor did the knightly/noble class at any time in the middle ages have an exclusive monopoly on weaponry -- the yeomanry (non-noble landowners) were always the mainstay of medieval armies, at least in terms of numbers if not effectiveness. Serfs, who were little more than slaves, were often prohibited from carrying arms, but even that was not universal.
With the rise of a wealthy middle class in the late middle ages / early Renaissance who could afford the trappings of nobility, many towns and cities adopted sumptuary laws. These laws regulated all manner of dress and apparel, not just weaponry. In this period it was not unusual for commoners to be prohibited from carrying SWORDS, not because they were weapons but because they were a symbol of nobility. Similarly, certian furs (EG, ermine) and even some dyes (purple) were typically reserved for the hereditary nobility.
The first pill costs four hundred million dollars.
Yeah, but it doesn't take anything close to $400M to produce the latest teenybop pop album.
A decade ago, you needed a multi-million dollar studio to produce CD quality audio. That's no longer true -- now you can produce identical results with WELL less than $100K in equipment.
Bah, it's still not as good as what you can get off Bittorrent. 15fps in a propriatary format? No thanks, I'll take something which I can burn to VCD and watch on my TV, thanks.
Of course, converting a PAL.avi into an NTSC.mpg in (S)VCD format took time as well as some playing around with transcode. I'd have paid a buck or two per episode to be able to just download an iso I could burn directly to disk.
Why wouldn't you just upgrade the amount of RAM in your machine, thus negating the need for a swap file?
Several reasons:
Hack Value. Never underestimate the allure of doing something simply because you can.
System limits. If you've already maxxed out your motherboard's RAM capacity and are still swapping, this is a useful hack. Some of us still have working 486's and first-gen Pentiums which can take a maximum of 128M of memory. Using an old 16M video card for swap on a box like that makes sense.
It really is quite sad to see how the people who have made two excellent computer RPG's (original Fallout and Arcanum) cannot succeed in the current computer game market.
Making kick-ass computer games and running a successful business are totally unrelated skills. In fact, one could convincingly argue that hacking skills and business skills are inversely proportionate to one another.
"We need wearable computers about as much as we need radioactive underware."
Actually, given the number of idiots in the world and the rate at which they are reproducing, a sterility-inducing fashion statement may be just what the species needs.
The expensive parts are the molded plastic case, the circuit board, the printhead, and the IC.
Are you nuts? Injection molded plastic is one of the cheapest materials known to man -- it's practically synonymous with cheap. The technology is so mature that even the initial set-up costs (the most expensive part of the operation) are dirt-cheap. You can get a short production run done for under $500, including tooling.
The simple electronics in a printhead cost pennies to make -- any engineering costs were paid for at least 15 years ago.
What is the best current linux distribution for slow computers, with plenty of RAM?
If you have time to burn, Gentoo. Gentoo lets you tweak everyting to your exact specifications. Of course, compiling everything on a slow machine would probably take several days to finish.
You can, of course, build a system image on a fast machine (using the parameters for the slow machine) and then copy the root and/boot filesystem over to the slow box. Or, you can set up distcc if you are really a masochist.
If you don't feel like spending a week waiting for everything to compile, start with a minimum install of Fedora Core 3 (only requires ISO #1) and then do:
yum -y install xfdesktop xffm firefox thunderbird
Yum should take care of satisfying all the other dependencies. I used this same basic procedure to setup a minimal desktop for houseguests to use on an ancient K6-III/450 with 384M RAM; performance is adequate for web browsing.
Other than changing initdefault to 5 in/etc/inittab, I'm pretty sure that's all I had to do. YMMV.
That's because the British entertainment industry actually respects talent and employs people who possess it, whereas Hollywood is focused almost entirely on cosmetic appearance.
Slashdot Mirror
This vulnerability can be easily defeated by modifying the TCP stack so that it applies some (cryptographically secure) random variation into the outgoing timestamps. Running some software which disciplines the local clock and compensates for hardware clock drift (NTPD) should also help eliminate the vulnerability.
I can see a lot of innocent people getting anally probed by the feds because their machines got hacked by a phisher. Do you really want a bunch of armed thugs breaking into your house and holding your family at gunpoint while they cart away every electronic device you own?
Having a search warrant executed on your property is not something you want to happen to you, especially if you didn't do anything wrong. It will take you YEARS and major lawyer bills to get your stuff back. If you think I'm making this up, re-read what happened to Steve Jackson Games during Operation Sun Devil:
Don't try and pretend that having your life turned upside down for three years is no big deal.For example you can use the smtpd_helo_restriction directive to whitelist/blacklist domains and IP addresses. Even using a few simple rules like:
will make a significant difference in bandwidth. You can also use the check_helo_access option to blacklist / whitelist domains and IP addresses. I reject about 10% of attempted spam at HELO or RCPT TO with a few simple rules.22/7 is even easier to remember, and is accurate enough (3 significant figures) for a BOTEC.
The spam problem is largely due to the fact that SMTP inherently trusts the sender. We could end spam tomorrow if everyone abandoned SMTP and adopted a less trusting mail protocol with a robust sender authentication scheme. As with IPv6, the only obsticle to widespread adoption of a new protocol is human inertia, which is considerable (if not insurmountable).
Even using legacy SMTP, there are a number of highly effective technical solutions. I've been using spamassassin for over a year, and it catches well over 95% of the spam I get with zero false positives, and Thunderbird almost always detects the spam that SA misses.
If you want to emulate a $65,000 salary ($31.25/hr) you should probably be billing somewere in the neighborhood of $90/hr.
In defense of MT, you have to remember that the artwork is A LOT more detailed and less "cartoony" than most other webcomics out there. It's a very different style of drawing than most comics use, and I can appreciate that it takes more time to do it.
With the rise of a wealthy middle class in the late middle ages / early Renaissance who could afford the trappings of nobility, many towns and cities adopted sumptuary laws. These laws regulated all manner of dress and apparel, not just weaponry. In this period it was not unusual for commoners to be prohibited from carrying SWORDS, not because they were weapons but because they were a symbol of nobility. Similarly, certian furs (EG, ermine) and even some dyes (purple) were typically reserved for the hereditary nobility.
If you can't vote for (or against) them, you and your opinions are completely irrelevant to a politician.
A decade ago, you needed a multi-million dollar studio to produce CD quality audio. That's no longer true -- now you can produce identical results with WELL less than $100K in equipment.
Of course, converting a PAL .avi into an NTSC .mpg in (S)VCD format took time as well as some playing around with transcode. I'd have paid a buck or two per episode to be able to just download an iso I could burn directly to disk.
In your twisted view of reality, libraries would be illegal.
The last thing anyone wants is for a nice portfolio of patents to fall into the hands of some company that specializes in patent barratry.
The simple electronics in a printhead cost pennies to make -- any engineering costs were paid for at least 15 years ago.
You can, of course, build a system image on a fast machine (using the parameters for the slow machine) and then copy the root and /boot filesystem over to the slow box. Or, you can set up distcc if you are really a masochist.
If you don't feel like spending a week waiting for everything to compile, start with a minimum install of Fedora Core 3 (only requires ISO #1) and then do:
Yum should take care of satisfying all the other dependencies. I used this same basic procedure to setup a minimal desktop for houseguests to use on an ancient K6-III/450 with 384M RAM; performance is adequate for web browsing.Other than changing initdefault to 5 in /etc/inittab, I'm pretty sure that's all I had to do. YMMV.
That's because the British entertainment industry actually respects talent and employs people who possess it, whereas Hollywood is focused almost entirely on cosmetic appearance.