I realize that you could set up iptables to deny
RELATED connections to reserved ports, but in the case of ip_conntrack_ftp specifically why add them at all? I haven't had a chance to brush up on RFC959, so I could be wrong, but it seems like we could reasonably assume that no legitimate connection will request a PORT or PASV connection to a reserved port, so why place them as RELATED?
This is unrealistic. The error was committed at the design phase. The system shouldn't even ask the client what the price should be, and therefore shouldn't have to check whether or not the client modified the price. The only things the shopping cart should put in the form at all are: item numbers, quantity of items, identity of the buyer, possibly an order number (picking this using a cryptographically strong random number generator is a plus). That is all the client has the authority to change.
The principles of secure design aren't new. The basic paper on the subject is Saltzer and Schroeder's paper from 1975.
I am going to complain because the Fedral government is stealing money from the states that should be used for building roads and then redistributing it to states that meet their unconstitutional guidelines. The Constitution specifically limits the Fedral government from passing any law that is not provided for within the Constitution. A minimum DUI cutoff is not there, so in order to enforce this illegal provision the government steals money from its taxpayers and then gives it back to states that obey its not-quite-laws.
Additionally I don't see any way that the distribution of Fedral highway funding is dependent on any census data other than counting people. The main way that highway funding is distributed is based on whether or not states comply with fedral standards in several places. Even if they did use census data I fail to see how that would help highway planning better than collecting agregate road usage data using traffic counters.
On top of this I fail to see how filling out a question about my race and a second question about having hispanics in my house is helping the Fedral government with any program, legitimate or not, that does not discriminate on the basis of race.
4 crashes in a month? That's a crash per week. That sure as heck isn't "nearly no problems." If Linux did that that often I'd be switching to BSD or Solaris, and I don't care how shady the programs running were. The OS has no buisness letting a user space program bring it down.
In the past six years that I've been using Linux I've had a total of maybe 20 crashes. I have intentionally run DOS attacks on my own machines to see how hard it is to get back control and intentionally misconfigured hardware to see how the machine would respond. Every one of those crashes was caused by faulty hardware or pre-beta kernel patches (such as agpgart over a year ago).
My production servers were down only when they were being moved and had an average uptime of 150 days or so.
(I was also running a web and mail server on a 486DX/33. Try that with Windows.)
I had heard that W2K was stable, now you a MS zealot are bragging that you only had one crash per week. There is no way I would consider running a system so unstable for my personal systems.
I personnally have never claimed that Linux is as easy to learn as Windows. I do find it a great deal easier to use. I don't have to reboot to change IP addresses, I can easily change the MTU on a specific route, I can quickly and easily map the same ethernet card to three ip addresses. I can quickly do things on a nice, advanced, command line. I don't give a damn if it's easy to use. Plug and play slows down the boot process. When RedHat introduced it to Linux, I turned it off. I know my hardware and I compile my kernels to support it exactly. Cute menus to configure things can sacrifice the readability of the configuration files. If easy to learn sacrifices easy for an advanced user to use, I don't want it in Linux.
After paying the modest fee you also must sign a contract agreeing only to use the ferry operator's bus service when you reach the other side, only to eat at restaurants approved by the ferry operator, and only to stay at lodging owned by him
The ferry owner has been known to take unethical and illegal action in order to keep down competition
The ferry owner stole his ferry from someone else
I don't know if I'd try to build my own ferry, but I'd think twice about using his.
If this is the same system I heard about a few months ago then it is designed to be used as part of a missle defense system. There is no way that a human is going to accurately aim at an ICBM and pull the trigger. You need a computer for that sort of precision. (or a storm trooper)
How did you build it? Apparently your compiler was binary too.
My first linux distro (based on the 1.2.10 kernel), was compiled entirely from source using a cross compiler on a Solaris SPARC5 system. There are several ways to build a distribution completely from scratch. Another option would be to use a DOS/Windows to Linux cross compiler.
The page title is "You are forbidden to read this." Additionally the hosting site is www.pigdogs.org and there is nothing else on the server at all related to it. I would say you can be almost certain that it is a joke.
My number one problem is probably that Java is
purely object oriented. We have already had SmallTalk and the NeXT as examples of why you shouldn't do something in a purely OO manner.
Java can't do implied casting. If I want to add 5 to an Integer I first have to cast one of them. This is retarded.
Not whitespaced. When I first heard that Python respected whitespace I was fairly pessimistic, but I always indent correctly anyway. There is no reason to keep the old, broken, method of explicit groupings.
Re:Get automatically sorted out
on
Spambot Poisoner
·
· Score: 1
I just wanted to say that you are not the only one with this type of experience. My address (with the nospam kept) gets hardly any SPAM. I also create one time addresses to give to companies that might sell my address and have a filter that matches the "To" address to the sender and rejects the mail if my address has been sold...
Even figuring the fact that it's a $380 savings to go with a Mac initially you don't include the upgrade cost. When I upgraded from my PPro 200 to a PIII 750 it cost around $700, because all I bought was a new CPU, motherboard, and RAM. If I had upgraded my Mac it would have been $1549 for a brand new mac because I couldn't keep all of my peripherals. Admittedly this doesn't effect the average consumer, but it is a big deal to me.
There is no law against accessing what you already own. DeCSS is a tool for accessing, not copying.
Go read the DMCA. Under the DMCA, it is illegal to circumvent, for any reason, an encryption system that was designed to protect copyrighted data. This is exactly what the defense did. This law goes too far and inhibits what we've come to know as "fair use", but it was not this judge's place to decide that. He was only to decide if the DMCA was broken.
I dismissed this "study" at once because one would expect to find more security holes in an Open Source system. The use of peer review implies that more holes are found (and reported, and patched) than with out peer review.
After reading it, though, it is much less acurate than I initially thought. The statistics he uses compare the aggregate Linux data to to the Windows NT4.0 OS data. This means that if an error is found in Apache there are reports for RedHat 6.2 i386, 6.1 i386, 6.0 i386, 6.1 sparc, 6.2 sparc, 6.1 alpha, 6.2 alpha, TurboLinux 6.0.2, TurboLinux 4.4, and possibly Mandrake, yielding as many as 9 reports for one bug. If, however, a bug is found in IIS, it doesn't even really apply to the NT data at all, because those numbers only include what was packed with the OS (not II/S, Internet Explorer 5, or BackOffice or any of the Service Packs).
If we compare RedHat 6.0 i386 to MS Windows NT4.0 with IE5, BackOffice 4.5, and IIS5 we have 177 bugs for Windows and 21 for RedHat. I would say Linux isn't standing to bad by those numbers (which are still a horrible metric of security performance)
I've been using/. for what seems like about 3.5 years now, when I first started there were practically no trolls and about one first post for every three or four articles. I used to think that the comments were often more informative than the articles. I remember when Rob added the ability to have a user account and to not view articles by certain authors. At the time this seemed like it was done entirely for people like me who didn't want to even see anything by Jon Katz, but around this time there were starting to be almost as many useless posts as informative ones. Then he added this moderation thing. Since then I have always had my threshold set at 3 and have never had a problem with much noise being on slashdot.
Slashdot already has a self-policing system, I don't know if the same could work for E-bay or not. If you lower your noise threshold, you get should expect to get lots of noise.
On http://www.apple.com/developer or anywhere else. I've found a third-party commercial addon that will do it by dynamically messing with the kernel, but that is hardly an acceptable way of doing it. I have a Mac, I need the MTU changed and AFAIK _it_can't_be_done_.
and niether should anything else. Datagrams are by nature unreliable. Anyone who believes otherwise needs to go right now to someone in protocol research and tell them the solution to the two generals problem.
NFS is stateless and works by sending the same datagram repeatedly until it receives an aknowledgement. That is, IMHO, a terrific use of UDP and shows the lack of need for a so called reliable datagram protocol. For a datagram protocol to be reliable it will have to send (and cache) some sort of packet number or something and then send a response back. You could already do the same thing by doing your own packet number chaching and acknowledgement with UDP.
For some strange reason, a large majority of the public favors Microsoft.
It's not a very strange reason. Microsoft has a lot of support in the media, which it gives lots of money to, and Microsoft makes statements essentially saying that this judgement shows that if you make a product that is popular enough the government can break you up. The justice department, on the other hand, has made no effort to counter this incorrect assertion. I have in the last week heard some very intelligent people who haven't really been following the case make statements saying they were scared of the precedent this set and that they felt it was wrong of the government to break up MS just because they got so popular. MS is throwing lots of money into making public perception that it was wronged because it got so popular. If someone (DOJ?) doesn't come out and explain loudly that it is because they committed product tying and abused market power, both of which are illegal, that MS was broken up then the public will continue to favor MS. That said, judges don't have a record of curryingto the whim of the public so I don't expect it matters much as far as the outcome of the case is concerned.
Well, I don't like anyone forcing someone to use one program in order to use another, regardless of what they do with Nautilus Eazel is unable to commit the sin Microsoft is guilty of. If approached by a vendor who wished to ship Nautilus Eazel does not reasoably have the choice to tell them they can't ship another web browser. I can see the exchange now: Big Corporation: We want to ship Gnome on our computers Gnome: Okay, but if you put another web browser on the machines we won't give it to you. Big Corporation: Oh, well I guess even though we don't want to we will have to use your brower because we can't survive without Gnome
Yeah... right. You can't very well abuse market power if you don't have it. Even if Nautilus comes with a web browser it's designers don't have the clout to force the removal of all others.
That said integrating the web browser with the OS was a stupid move and it made the OS even more bloated and less stable than it already was. It was done solely to push the browser on the market with product tying and would be highly disadvantageous for anyone without MS's market share to do. Nautilus may well choose to integrate a web browser, but if it does it will most likely be modular so that one could remove it and free the extensive memory segment a modern browser occupies.
Having used FlashComm, BellSouth.net and Telocity I would advise you to ditch FlashComm right now if at all possible. If they have not yet hooked you up they are probably in breach of contract. If you have the choice don't allow them to finish hooking you up. Tell them their service has been pitiful and you want out right now. Here's what I know about DSL providers at the moment, FlashComm was horrible and always delivered weeks behind schedule. BellSouth.net was generally on time, but their service was pitiful and the connection was always being dropped (plus it was that awful PPPoE stuff), I have nothing but good things to say about Telocity. They had me hooked up in less than a month, they didn't make me sign a contract at all, they gave me a static IP and explicitly allow me to run an internal network over their service. Also in my agreement with them it says that if I ever move they will transfer the connection (with the same IP) to my new place of residence at no cost to me. They also have very easy setup instructions for PCs, Macs, and *nixs. I highly recommend anyone getting DSL get Telocity.
Insiders pronounce the x in TeX as a Greek Chi, not as an 'x' so that TeX rhymes with the word blecchhh. It's the 'ch' sound in Scottish words like loch or German words like ach; it's a Spanish 'j' and a Russian 'kh'. When you say it correctly to your computer, the teminal my become slightly moist.
Reading Slashdot, I find a lot of Linux arrogance (Setting the max MTU packet size is easy under Linux, just edit the correct text file with a command that EVERYONE should know).
No one argued that everyone should know the syntax of ifconfig (or even that ifconfig exists), but after about 10 minutes of reading (probably less since if you knew what an MTU was and that you had to change it, you've probably already read most of the stuff I'd suggest) one can set it.
The argument was that no matter how much you study, at no point can anyone set the MTU in MacOS. It simply cannot be done. If the minimum MTU along the route is less that the MTU of the attached device the MTU will not be set correctly, no matter how well you know MacOS.
How many Linux hackers do you run into who have graduated from college?
Linus Torvalds, Alan Cox, and Donald Becker come to mind. I would venture a guess that the percentage of graduate degree holders among Linux hackers[1] is more than twice that of the general population. In fact of the Linux users I know close to half are college graduates, about half are in college and around 10 percent or so are under 18.
Acording to a demographic study done by Linux Today magazine, their average reader is a 32 year old employed professional. Acording to Slashdot poll the mode user is in their 20s. I base the rest of my estimates on known developers in the Linux community. Admittedly the accuracy of all of these figures can be questioned as can any statistical data, but you seem to offer no justification what-so-ever for your portrayal of the Linux community.
[1] I'm using this term to refer to anyone who has contributed code to the Linux kernel. As Linux is a kernel and you seemed to be using hacker to indicate a programmer.
Maybe that's the whole point. The NSA isn't just about keeping security out of the hands of Americans. They have for a long time assisted American buisness in keeping their information secure as they regard this as helping national security. If they release an open source secure OS then a lot of researchers are going to be intrested and their intrests in securing American buisness will be furthered.
Slashdot Mirror
I realize that you could set up iptables to deny RELATED connections to reserved ports, but in the case of ip_conntrack_ftp specifically why add them at all? I haven't had a chance to brush up on RFC959, so I could be wrong, but it seems like we could reasonably assume that no legitimate connection will request a PORT or PASV connection to a reserved port, so why place them as RELATED?
ed is the standard text editor, after all.
The principles of secure design aren't new. The basic paper on the subject is Saltzer and Schroeder's paper from 1975.
I am going to complain because the Fedral government is stealing money from the states that should be used for building roads and then redistributing it to states that meet their unconstitutional guidelines. The Constitution specifically limits the Fedral government from passing any law that is not provided for within the Constitution. A minimum DUI cutoff is not there, so in order to enforce this illegal provision the government steals money from its taxpayers and then gives it back to states that obey its not-quite-laws.
Additionally I don't see any way that the distribution of Fedral highway funding is dependent on any census data other than counting people. The main way that highway funding is distributed is based on whether or not states comply with fedral standards in several places. Even if they did use census data I fail to see how that would help highway planning better than collecting agregate road usage data using traffic counters.
On top of this I fail to see how filling out a question about my race and a second question about having hispanics in my house is helping the Fedral government with any program, legitimate or not, that does not discriminate on the basis of race.
In the past six years that I've been using Linux I've had a total of maybe 20 crashes. I have intentionally run DOS attacks on my own machines to see how hard it is to get back control and intentionally misconfigured hardware to see how the machine would respond. Every one of those crashes was caused by faulty hardware or pre-beta kernel patches (such as agpgart over a year ago). My production servers were down only when they were being moved and had an average uptime of 150 days or so. (I was also running a web and mail server on a 486DX/33. Try that with Windows.) I had heard that W2K was stable, now you a MS zealot are bragging that you only had one crash per week. There is no way I would consider running a system so unstable for my personal systems.
I personnally have never claimed that Linux is as easy to learn as Windows. I do find it a great deal easier to use. I don't have to reboot to change IP addresses, I can easily change the MTU on a specific route, I can quickly and easily map the same ethernet card to three ip addresses. I can quickly do things on a nice, advanced, command line. I don't give a damn if it's easy to use. Plug and play slows down the boot process. When RedHat introduced it to Linux, I turned it off. I know my hardware and I compile my kernels to support it exactly. Cute menus to configure things can sacrifice the readability of the configuration files. If easy to learn sacrifices easy for an advanced user to use, I don't want it in Linux.
- Around 60% of people reach the other side
- After paying the modest fee you also must sign a contract agreeing only to use the ferry operator's bus service when you reach the other side, only to eat at restaurants approved by the ferry operator, and only to stay at lodging owned by him
- The ferry owner has been known to take unethical and illegal action in order to keep down competition
- The ferry owner stole his ferry from someone else
I don't know if I'd try to build my own ferry, but I'd think twice about using his.If this is the same system I heard about a few months ago then it is designed to be used as part of a missle defense system. There is no way that a human is going to accurately aim at an ICBM and pull the trigger. You need a computer for that sort of precision. (or a storm trooper)
My first linux distro (based on the 1.2.10 kernel), was compiled entirely from source using a cross compiler on a Solaris SPARC5 system. There are several ways to build a distribution completely from scratch. Another option would be to use a DOS/Windows to Linux cross compiler.
The page title is "You are forbidden to read this." Additionally the hosting site is www.pigdogs.org and there is nothing else on the server at all related to it. I would say you can be almost certain that it is a joke.
I just wanted to say that you are not the only one with this type of experience. My address (with the nospam kept) gets hardly any SPAM. I also create one time addresses to give to companies that might sell my address and have a filter that matches the "To" address to the sender and rejects the mail if my address has been sold...
Well, what do you expect them to say? Microsoft has the trademark on "Innovative" :-)
Even figuring the fact that it's a $380 savings to go with a Mac initially you don't include the upgrade cost. When I upgraded from my PPro 200 to a PIII 750 it cost around $700, because all I bought was a new CPU, motherboard, and RAM. If I had upgraded my Mac it would have been $1549 for a brand new mac because I couldn't keep all of my peripherals. Admittedly this doesn't effect the average consumer, but it is a big deal to me.
Go read the DMCA. Under the DMCA, it is illegal to circumvent, for any reason, an encryption system that was designed to protect copyrighted data. This is exactly what the defense did. This law goes too far and inhibits what we've come to know as "fair use", but it was not this judge's place to decide that. He was only to decide if the DMCA was broken.
After reading it, though, it is much less acurate than I initially thought. The statistics he uses compare the aggregate Linux data to to the Windows NT4.0 OS data. This means that if an error is found in Apache there are reports for RedHat 6.2 i386, 6.1 i386, 6.0 i386, 6.1 sparc, 6.2 sparc, 6.1 alpha, 6.2 alpha, TurboLinux 6.0.2, TurboLinux 4.4, and possibly Mandrake, yielding as many as 9 reports for one bug. If, however, a bug is found in IIS, it doesn't even really apply to the NT data at all, because those numbers only include what was packed with the OS (not II/S, Internet Explorer 5, or BackOffice or any of the Service Packs).
If we compare RedHat 6.0 i386 to MS Windows NT4.0 with IE5, BackOffice 4.5, and IIS5 we have 177 bugs for Windows and 21 for RedHat. I would say Linux isn't standing to bad by those numbers (which are still a horrible metric of security performance)
Slashdot already has a self-policing system, I don't know if the same could work for E-bay or not. If you lower your noise threshold, you get should expect to get lots of noise.
On http://www.apple.com/developer or anywhere else. I've found a third-party commercial addon that will do it by dynamically messing with the kernel, but that is hardly an acceptable way of doing it. I have a Mac, I need the MTU changed and AFAIK _it_can't_be_done_.
NFS is stateless and works by sending the same datagram repeatedly until it receives an aknowledgement. That is, IMHO, a terrific use of UDP and shows the lack of need for a so called reliable datagram protocol. For a datagram protocol to be reliable it will have to send (and cache) some sort of packet number or something and then send a response back. You could already do the same thing by doing your own packet number chaching and acknowledgement with UDP.
It's not a very strange reason. Microsoft has a lot of support in the media, which it gives lots of money to, and Microsoft makes statements essentially saying that this judgement shows that if you make a product that is popular enough the government can break you up. The justice department, on the other hand, has made no effort to counter this incorrect assertion. I have in the last week heard some very intelligent people who haven't really been following the case make statements saying they were scared of the precedent this set and that they felt it was wrong of the government to break up MS just because they got so popular. MS is throwing lots of money into making public perception that it was wronged because it got so popular. If someone (DOJ?) doesn't come out and explain loudly that it is because they committed product tying and abused market power, both of which are illegal, that MS was broken up then the public will continue to favor MS. That said, judges don't have a record of curryingto the whim of the public so I don't expect it matters much as far as the outcome of the case is concerned.
Big Corporation: We want to ship Gnome on our computers
Gnome: Okay, but if you put another web browser on the machines we won't give it to you.
Big Corporation: Oh, well I guess even though we don't want to we will have to use your brower because we can't survive without Gnome
Yeah ... right. You can't very well abuse market power if you don't have it. Even if Nautilus comes with a web browser it's designers don't have the clout to force the removal of all others.
That said integrating the web browser with the OS was a stupid move and it made the OS even more bloated and less stable than it already was. It was done solely to push the browser on the market with product tying and would be highly disadvantageous for anyone without MS's market share to do. Nautilus may well choose to integrate a web browser, but if it does it will most likely be modular so that one could remove it and free the extensive memory segment a modern browser occupies.
Having used FlashComm, BellSouth.net and Telocity I would advise you to ditch FlashComm right now if at all possible. If they have not yet hooked you up they are probably in breach of contract. If you have the choice don't allow them to finish hooking you up. Tell them their service has been pitiful and you want out right now. Here's what I know about DSL providers at the moment, FlashComm was horrible and always delivered weeks behind schedule. BellSouth.net was generally on time, but their service was pitiful and the connection was always being dropped (plus it was that awful PPPoE stuff), I have nothing but good things to say about Telocity. They had me hooked up in less than a month, they didn't make me sign a contract at all, they gave me a static IP and explicitly allow me to run an internal network over their service. Also in my agreement with them it says that if I ever move they will transfer the connection (with the same IP) to my new place of residence at no cost to me. They also have very easy setup instructions for PCs, Macs, and *nixs. I highly recommend anyone getting DSL get Telocity.
Insiders pronounce the x in TeX as a Greek Chi, not as an 'x' so that TeX rhymes with the word blecchhh. It's the 'ch' sound in Scottish words like loch or German words like ach; it's a Spanish 'j' and a Russian 'kh'. When you say it correctly to your computer, the teminal my become slightly moist.
No one argued that everyone should know the syntax of ifconfig (or even that ifconfig exists), but after about 10 minutes of reading (probably less since if you knew what an MTU was and that you had to change it, you've probably already read most of the stuff I'd suggest) one can set it.
The argument was that no matter how much you study, at no point can anyone set the MTU in MacOS. It simply cannot be done. If the minimum MTU along the route is less that the MTU of the attached device the MTU will not be set correctly, no matter how well you know MacOS.
Linus Torvalds, Alan Cox, and Donald Becker come to mind. I would venture a guess that the percentage of graduate degree holders among Linux hackers[1] is more than twice that of the general population. In fact of the Linux users I know close to half are college graduates, about half are in college and around 10 percent or so are under 18.
Acording to a demographic study done by Linux Today magazine, their average reader is a 32 year old employed professional. Acording to Slashdot poll the mode user is in their 20s. I base the rest of my estimates on known developers in the Linux community. Admittedly the accuracy of all of these figures can be questioned as can any statistical data, but you seem to offer no justification what-so-ever for your portrayal of the Linux community.
[1] I'm using this term to refer to anyone who has contributed code to the Linux kernel. As Linux is a kernel and you seemed to be using hacker to indicate a programmer.
Maybe that's the whole point. The NSA isn't just about keeping security out of the hands of Americans. They have for a long time assisted American buisness in keeping their information secure as they regard this as helping national security. If they release an open source secure OS then a lot of researchers are going to be intrested and their intrests in securing American buisness will be furthered.