It ships with (an old version of) OpenWRT preinstalled. It doesn't get better/friendlier than that:)
Add a nice case (for instance from netgate.com - they have them but the page for that product seems to be broken right now, sigh) and powersupply (48V DC, netgate has them too).
Finally, add up to three minipci wifi cards (and make sure to get pigtails and antennas). A good vendor for that stuff is pcengines.ch; the Wistron DNMA92 Atheros 802.11a/b/g/n card is cheap at $26 and it uses the ath9k driver (no binary blobs). PCengines also has cheap pigtails and antennas.
All in all this costs quite a bit more than your run of the mill access point, but this puppy is a lot more powerful than your average access point.
We're at almost 200K tickets. RT scales fine, you just have to tune it a bit. And run it on PostgreSQL, and *definitely* tweak your PostgreSQL for performance.
In older versions, many indexes were missing by default. That may have been fixed more recently. Also, PostgreSQL 8.3 made a huge difference for us performance wise.
Apparently, nobody makes a standalone pointing stick.
I'm desperate enough that I'm considering scooping up a few keyboards from trashed Thinkpads and figuring out how to solder them up to a USB controller.
That might not be *so* hard. Used old Thinkpad parts are a dime a dozen these days, and easy to find on ebay.
I share your frustration - the Endurapro was actually pretty much the only keyboard I could find with integrated mouse when I bought it a few years back. Why isn't there more innovation in this space?
I actually prefer Unicomp's Endurapro. Same buckling springs, but with an integrated mouse. Saves me from carpal tunnel.... well that and a reasonably ergonomic desk setup. Endurapro at work, endurapro at home:)
The way Microsoft and the EU slug it out we might see Linux on the desktop before Microsoft gives in.
I sure hope it will help to move Linux further onto the Desktop (see nick;).
Yet I really hope Microsoft will see the light before there is some real damage done, so many are totally dependent on (the products of) this company.
What's the worst thing that can happen here? Microsoft banned from selling their software in the EU? Oh dear, that would be a disaster... not. It would not even affect the installed base of Microsoft software. Yawn. No real damage in my view - except perhaps for Microsoft, and to be honest, I could not care less.
As for your claims of 'having to run a web server on your dns server' - that's nonsense. If you're running a dynamic dns service, you might perhaps already *have* a web server?
Not on the DNS server, though! For all your talk of the "Unix way", your plan would turn a single-purpose DNS server into a web server, rsync server (if you want to use slave servers for redundancy), SSH server, and so on. I think the GP just wants his DNS server to be a DNS server. That sounds like a pretty good idea and more unix-y.
That's of course what I meant - you already have a web server, that is *not* running on your dns server.
DJB's software is "secure" because he can flat out deny vulnerabilities and all of his fans believe him and parrot it around for the rest of their servitude, despite there being realworld exploits for realworld configurations.
For us rational people, places like osvdb.org exist.
I don't have time for this nonsense. Do a search on osvdb.org for tinydns. Do one for djbdns. Any hits?
It tells me there are no results. What is your point, exactly? Who's the rational person here - you for claiming mythical security vulnerabilities that don't seem to exist in your 'resource for rational people' osvdb.org, or me for saying that djbdns is a piece of code that has a history of being very secure, with *no known security problems whatsoever*?
You can say a lot about DJB and his software, but you have to grant him that his code is very, very well written, and very secure.
No, I really don't have to. Since he's never actually released a program that supports more than 10% of the functionality of what it claims to replace, we have no idea whether he's capable of designing a large, secure system.
You're not listening are you? I'm saying that the software DJB writes is very, very well written and very secure. Period. I'm not claiming anything about 'functionality it claims to replace'.
Not that I don't take issue with the way you're phrasing the functionality argument, but I don't feel like wasting time. You have somewhat of a point there, with the large caveat that as far as I know DJB doesn't claim to replace anything at all - he just offers an alternative to Bind in the unix philosophy of writing software that does one thing and does it well.
As for your claims of 'having to run a web server on your dns server' - that's nonsense. If you're running a dynamic dns service, you might perhaps already *have* a web server?
Seriously. You sound like you have not understood the power of modularity - one of the fundamental aspects of unix-like systems that make them the powerful tool they are.
Your contention seems to be that those entire sets of applications are at least as secure as just using BIND in the first place, and frankly, I dismiss that out of hand. Even if you're a security expert and your particular setup is bulletproof, I doubt that the majority of people trying to juggle such a fragile setup are that capable. Ergo, DJBDNS is much less secure for the average person trying to get the same functionality that BIND ships with.
I'm not talking about the majority of people. I think you're reading a bit more in what I wrote than what I intended. I was merely taking objection to your outright dismissal of tinydns as a possible solution to this problem. I think that's not fair. Arguably, I wouldn't want people who are incapable of setting up tinydns in a secure way (it's not *that* hard) in charge of my DNS:)
There's a reason people hate DJBDNS. Instead of just implementing the mechanism that everyone else in the entire world uses, Dan wanted to be Dan so he wrote an incompatible mess and called it "good". Of course DJBDNS has a decent security record - it doesn't actually do anything. I'd wager large amounts of money that more systems have been compromised due to all the half-assed hackery required to give it half the features of BIND than because of BIND itself.
I would take that with a very large grain of salt. In fact, most of a salt container.
You've obviously never used tinydns/djbdns. It just works. It serves dns records, and it does that job well, and it's very secure. It doesn't have the poor code quality and 50 gazillion other features that have made Bind the, well, security nightmare that it has been. Admittedly things have been a *lot* better since Bind 9 came out - but wasn't there another security problem with Bind 9 a couple of months ago? I can't even *remember* when there was a security problem with any part of djbdns. You can say a lot about DJB and his software, but you have to grant him that his code is very, very well written, and very secure.
Anyway, back to the topic - I have been running a dyndns-style setup for years now using tinydns. I simply wrote a script that mimics the dyndns web update page, which means it's compatible with any dyndns client out there, provided one can set the server IP address (which most clients support now).
The script updates a database, from which the tinydns files are generated every minute. Of course you could make the script update your tinydns 'zone file' directly; one of the advantages of using tinydns is that its data format is easy to parse - which is about the last thing that can be said of Bind's zone file format...
This setup works like a charm for me and all my customers. It's one of those 'configure once and then forget about it' setups:)
That's completely incorrect. Would you call a dual-socket F AMD64 board *legacy*? I didn't think so.
EFI is a kludge. It's the same all 60's and 70's software design crap all over again. And it's proprietary. Intel has released some fairly insignificant parts of the specs, but the core is still locked up in heavily proprietary code.
Also, it's designed to force DRM on every user - read up on the 'sandbox model' in the EFI specs.
You don't want EFI. You want LinuxBIOS. Believe me.
As of a few weeks ago, the OLPC project isn't using LinuxBIOS anymore, they have moved to OpenFirmware from Sun, which was recently open sourced. Sorry to burst the bubble.
That's incorrect. The OLPC project is still using LinuxBIOS to boot the machine, but they are using OpenFirmware as a payload. I have seen both OpenFirmware and a linux kernel payload demonstrated on the OLPC revA developer boards. They chose OpenFirmware because it can fit in a smaller ROM chip.
If you don't understand what that means, just read up on things at http://linuxbios.org/
If I wanted to use Xen, I could run a distro w/ it installed or I could try patching my distro.
Excuse me? Do your research, dude. I've just installed a new AMD64 box, and installed Xen on it. No 'patching' of the distro required; just run the Xen kernel and install a few utilities. Dead simple. Check this tutorial, for instance:
That's Broadcom's wired gigabit interface. Has been *long* supported by the tg3 driver. Heck, Broadcom even has an alternative GPL'd driver for this interface downloadable from their website.
...is actually quite fantastic. I've bought lord knows how many laptops from them, with not a single dead pixel, ever. Never a failed hard drive, never a faulty component.
You must have been lucky. I've bought 5 or six machines from them in the last 5 years, and the last one (a 12" ibook) *has* a dead pixel. And they don't want to replace it because they think it's not very 'annoying'....
Well, I hate the DMCA, but it's new to me that it forces everybody to sell only DRM.
The problem is more complex than that. The DMCA (and the EUCD in the EU, for that matter) forbid breaking 'reasonable' technological protection measures. By law.
Most audio CDs sold in Europe have been crippled for years. Most new CDs selling in the US are now, too.
The RIAA and MPAA are trying desperately to get legislation passed that would *require* *mandatory* DRM. The broadcast flag is an evil example of this.
The DMCA/EUCD are just the first step.
I guess I should have had coffee before my first post;)
Try replacing the mini-pci wireless card on your laptop with another brand. 10 to 1 says your laptop won't boot unless your manufacturer also offers that exact card (same PCI-ID) with your same laptop model (or one sharing a bios).
It depends on the manufacturer. It's a prime example of DRM that is here, today, and a royal pain. IBM and HP lock down their laptops like this. Dell does NOT. See here for more info...
The x51V model (I think) has similar specs, and a faster Mhz processor (only 640x480 screen tho'); how do the two compare?
Well, I've never even considered one of those Dell toys, because they run a pretty buggy OS (I have a friend with an Axim, and he has been less than impressed with its (lack of) stability). Oh, and the OS is not Linux. In other words, the Axim's hackability is, well, pathetic.
On the upside, the Dell has a faster CPU, and a compact flash slot.
OS Server Last changed IP address Netblock Owner Linux Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a PHP-CGI/0.1b 29-Sep-2005 65.254.39.124 Global Net Access, LLC
Figures. Perfectly in line with the usual treacherous behaviour of the 'fair and balanced' political right.
Sure... Fox never hides anything, or lies, right? I mean, except for their super-biased, right-wing, crappy reporting. Well, no, I take that back. You can't call what Fox does reporting. Any resemblance with proper journalism has long, long gone. Fox is simply a mouthpiece for right-wing zealots who live in some sort of alternate universe where black is white and white is black. And the war in Iraq was totally justified ('these people threatened to kill my dad! Boo! They must be terrorists!') and going perfectly great (nevermind the civil war in Iraq, thousands of casualties, or the enormous budget deficit that is going to make us totally dependent on China, if it hasn't already).
Yeah, right.
Thanks, fox and friends. You're well underway to destroy our free society.
I'm wondering if Apple will go the way of Sony. Innovating firms have a tendency to be eaten up by firms who copy and then sell for a lower price. The only way to stop copiers is to create a closed format - basically kill competition before it happens - or to keep innovating to stay ahead of the copiers - easier said than done.
Let's see - the way of Sony. With a gigantic consumer electronics business, which used to make great stuff, but unfortunately is now reigned by a bunch of IDIOTS in the music and film units that have forced Sony to become pretty much irrelevant in the digital media sphere. Why? Persistently trying to push proprietary, crippled crap (ATRACKS, anyone?) - and then being surprised that nobody wants to buy it. Sony should be the one behind the iPod - it's a logical step from the walkman and discman history.
Sony is run by a bunch of idiots. I'm surprised the shareholders have not revolted a long time ago.
I'm guessing Steve Jobs understands this perfectly, and I'm pretty happy that Apple doesn't actually own any content business. Pixar is a totally separate company. As long as that stays the case, I don't see Apple become irrelevant the way Sony did anytime soon.
Slashdot Mirror
It ships with (an old version of) OpenWRT preinstalled. It doesn't get better/friendlier than that :)
Add a nice case (for instance from netgate.com - they have them but the page for that product seems to be broken right now, sigh) and powersupply (48V DC, netgate has them too).
Finally, add up to three minipci wifi cards (and make sure to get pigtails and antennas). A good vendor for that stuff is pcengines.ch; the Wistron DNMA92 Atheros 802.11a/b/g/n card is cheap at $26 and it uses the ath9k driver (no binary blobs). PCengines also has cheap pigtails and antennas.
All in all this costs quite a bit more than your run of the mill access point, but this puppy is a lot more powerful than your average access point.
We're at almost 200K tickets. RT scales fine, you just have to tune it a bit. And run it on PostgreSQL, and *definitely* tweak your PostgreSQL for performance.
In older versions, many indexes were missing by default. That may have been fixed more recently. Also, PostgreSQL 8.3 made a huge difference for us performance wise.
Apparently, nobody makes a standalone pointing stick.
I'm desperate enough that I'm considering scooping up a few keyboards from trashed Thinkpads and figuring out how to solder them up to a USB controller.
That might not be *so* hard. Used old Thinkpad parts are a dime a dozen these days, and easy to find on ebay.
I share your frustration - the Endurapro was actually pretty much the only keyboard I could find with integrated mouse when I bought it a few years back. Why isn't there more innovation in this space?
I actually prefer Unicomp's Endurapro. Same buckling springs, but with an integrated mouse. Saves me from carpal tunnel.... well that and a reasonably ergonomic desk setup. Endurapro at work, endurapro at home :)
Now, one missing feature is hardware, the swivel viewfinder, and I can't do anything to remedy that.
:)
You should have bought a Nikon Coolpix S10
The way Microsoft and the EU slug it out we might see Linux on the desktop before Microsoft gives in.
;).
I sure hope it will help to move Linux further onto the Desktop (see nick
Yet I really hope Microsoft will see the light before there is some real damage done, so many are totally dependent on (the products of) this company.
What's the worst thing that can happen here? Microsoft banned from selling their software in the EU? Oh dear, that would be a disaster... not. It would not even affect the installed base of Microsoft software. Yawn. No real damage in my view - except perhaps for Microsoft, and to be honest, I could not care less.
As always, Microsoft is its own worst enemy.
It tells me there are no results. What is your point, exactly? Who's the rational person here - you for claiming mythical security vulnerabilities that don't seem to exist in your 'resource for rational people' osvdb.org, or me for saying that djbdns is a piece of code that has a history of being very secure, with *no known security problems whatsoever*?
Stop wasting everybody's time.
Not that I don't take issue with the way you're phrasing the functionality argument, but I don't feel like wasting time. You have somewhat of a point there, with the large caveat that as far as I know DJB doesn't claim to replace anything at all - he just offers an alternative to Bind in the unix philosophy of writing software that does one thing and does it well.
As for your claims of 'having to run a web server on your dns server' - that's nonsense. If you're running a dynamic dns service, you might perhaps already *have* a web server?
Seriously. You sound like you have not understood the power of modularity - one of the fundamental aspects of unix-like systems that make them the powerful tool they are.
I'm not talking about the majority of people. I think you're reading a bit more in what I wrote than what I intended. I was merely taking objection to your outright dismissal of tinydns as a possible solution to this problem. I think that's not fair. Arguably, I wouldn't want people who are incapable of setting up tinydns in a secure way (it's not *that* hard) in charge of my DNSThere's a reason people hate DJBDNS. Instead of just implementing the mechanism that everyone else in the entire world uses, Dan wanted to be Dan so he wrote an incompatible mess and called it "good". Of course DJBDNS has a decent security record - it doesn't actually do anything. I'd wager large amounts of money that more systems have been compromised due to all the half-assed hackery required to give it half the features of BIND than because of BIND itself.
:)
I would take that with a very large grain of salt. In fact, most of a salt container.
You've obviously never used tinydns/djbdns. It just works. It serves dns records, and it does that job well, and it's very secure. It doesn't have the poor code quality and 50 gazillion other features that have made Bind the, well, security nightmare that it has been. Admittedly things have been a *lot* better since Bind 9 came out - but wasn't there another security problem with Bind 9 a couple of months ago? I can't even *remember* when there was a security problem with any part of djbdns. You can say a lot about DJB and his software, but you have to grant him that his code is very, very well written, and very secure.
Anyway, back to the topic - I have been running a dyndns-style setup for years now using tinydns. I simply wrote a script that mimics the dyndns web update page, which means it's compatible with any dyndns client out there, provided one can set the server IP address (which most clients support now).
The script updates a database, from which the tinydns files are generated every minute. Of course you could make the script update your tinydns 'zone file' directly; one of the advantages of using tinydns is that its data format is easy to parse - which is about the last thing that can be said of Bind's zone file format...
This setup works like a charm for me and all my customers. It's one of those 'configure once and then forget about it' setups
LinuxBIOS targets pre-EFI machines.
That's completely incorrect. Would you call a dual-socket F AMD64 board *legacy*? I didn't think so.
EFI is a kludge. It's the same all 60's and 70's software design crap all over again. And it's proprietary. Intel has released some fairly insignificant parts of the specs, but the core is still locked up in heavily proprietary code.
Also, it's designed to force DRM on every user - read up on the 'sandbox model' in the EFI specs.
You don't want EFI. You want LinuxBIOS. Believe me.
As of a few weeks ago, the OLPC project isn't using LinuxBIOS anymore, they have moved to OpenFirmware from Sun, which was recently open sourced. Sorry to burst the bubble.
That's incorrect. The OLPC project is still using LinuxBIOS to boot the machine, but they are using OpenFirmware as a payload. I have seen both OpenFirmware and a linux kernel payload demonstrated on the OLPC revA developer boards. They chose OpenFirmware because it can fit in a smaller ROM chip.
If you don't understand what that means, just read up on things at http://linuxbios.org/
If I wanted to use Xen, I could run a distro w/ it installed or I could try patching my distro.
Excuse me? Do your research, dude. I've just installed a new AMD64 box, and installed Xen on it. No 'patching' of the distro required; just run the Xen kernel and install a few utilities. Dead simple. Check this tutorial, for instance:
The perfect Xen setup on Debian/Ubuntu
both compiled without a hitch.
modconf will load either without a hitch.
but iwconfig still shows no wireless devices.
i probably need to feed it some addresses, but i'm just not sure what.
You're confused. The 57xx is a hard-wired gig-ethernet port.
The 43xx is a wifi card.
If you want 43xx drivers, try the latest linux kernel (2.6.17), which now has support for those devices it seems - not yet tried it though.
what about the Broadcom 57xx?
That's Broadcom's wired gigabit interface. Has been *long* supported by the tg3 driver. Heck, Broadcom even has an alternative GPL'd driver for this interface downloadable from their website.
Note that she only said that Apple's *proprietary DRM* is a pain.
I'm guessing she's all for DRM, as long as it is inter-operable.
That still puts her squarely in the evil pro-DRM camp.
After all the things she's done to us, her customers, I don't think I can ever trust that woman.
...is actually quite fantastic. I've bought lord knows how many laptops from them, with not a single dead pixel, ever. Never a failed hard drive, never a faulty component.
You must have been lucky. I've bought 5 or six machines from them in the last 5 years, and the last one (a 12" ibook) *has* a dead pixel. And they don't want to replace it because they think it's not very 'annoying'....
Well, I hate the DMCA, but it's new to me that it forces everybody to sell only DRM.
;)
The problem is more complex than that. The DMCA (and the EUCD in the EU, for that matter) forbid breaking 'reasonable' technological protection measures. By law.
Most audio CDs sold in Europe have been crippled for years. Most new CDs selling in the US are now, too.
The RIAA and MPAA are trying desperately to get legislation passed that would *require* *mandatory* DRM. The broadcast flag is an evil example of this.
The DMCA/EUCD are just the first step.
I guess I should have had coffee before my first post
There's absolutely nothing that would justify any legal intervention or any other meddling with the market in this case. Nobody is forcing DRM on you.
Just four letters for you. D-M-C-A.
Get real, man. DRM is being pushed on *everyone* through stupid, broken laws.
Try replacing the mini-pci wireless card on your laptop with another brand. 10 to 1 says your laptop won't boot unless your manufacturer also offers that exact card (same PCI-ID) with your same laptop model (or one sharing a bios).
It depends on the manufacturer. It's a prime example of DRM that is here, today, and a royal pain. IBM and HP lock down their laptops like this. Dell does NOT. See here for more info...
The x51V model (I think) has similar specs, and a faster Mhz processor (only 640x480 screen tho'); how do the two compare?
Well, I've never even considered one of those Dell toys, because they run a pretty buggy OS (I have a friend with an Axim, and he has been less than impressed with its (lack of) stability). Oh, and the OS is not Linux. In other words, the Axim's hackability is, well, pathetic.
On the upside, the Dell has a faster CPU, and a compact flash slot.
But my 770 is on backorder...
The front page of the website isn't obvious enough for you?
;)
No, quite good enough. Actually it's quite accurately headed:
ONLY ON FOX
Quite
http://www.techleadership.org/ was running Apache on Linux when last queried at 29-Sep-2005 14:57:28 GMT.
OS Server Last changed IP address Netblock Owner
Linux Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a PHP-CGI/0.1b 29-Sep-2005 65.254.39.124 Global Net Access, LLC
Figures. Perfectly in line with the usual treacherous behaviour of the 'fair and balanced' political right.
Sure... Fox never hides anything, or lies, right? I mean, except for their super-biased, right-wing, crappy reporting. Well, no, I take that back. You can't call what Fox does reporting. Any resemblance with proper journalism has long, long gone. Fox is simply a mouthpiece for right-wing zealots who live in some sort of alternate universe where black is white and white is black. And the war in Iraq was totally justified ('these people threatened to kill my dad! Boo! They must be terrorists!') and going perfectly great (nevermind the civil war in Iraq, thousands of casualties, or the enormous budget deficit that is going to make us totally dependent on China, if it hasn't already).
Yeah, right.
Thanks, fox and friends. You're well underway to destroy our free society.
I'm wondering if Apple will go the way of Sony. Innovating firms have a tendency to be eaten up by firms who copy and then sell for a lower price. The only way to stop copiers is to create a closed format - basically kill competition before it happens - or to keep innovating to stay ahead of the copiers - easier said than done.
Let's see - the way of Sony. With a gigantic consumer electronics business, which used to make great stuff, but unfortunately is now reigned by a bunch of IDIOTS in the music and film units that have forced Sony to become pretty much irrelevant in the digital media sphere. Why? Persistently trying to push proprietary, crippled crap (ATRACKS, anyone?) - and then being surprised that nobody wants to buy it. Sony should be the one behind the iPod - it's a logical step from the walkman and discman history.
Sony is run by a bunch of idiots. I'm surprised the shareholders have not revolted a long time ago.
I'm guessing Steve Jobs understands this perfectly, and I'm pretty happy that Apple doesn't actually own any content business. Pixar is a totally separate company. As long as that stays the case, I don't see Apple become irrelevant the way Sony did anytime soon.