Um, no. 604800000 milliseconds is only a week when stupid programmers hard code constants and do date calculations that don't take leap seconds and leap years into account.
Apple's unwillingness to release software updates for anything other than the iPod hardware currently available for sale has disuaded me from purchasing any other hardware from Apple. I fail to understand how audio bookmarks or similar features in the latest software release would not work properly on my generation-three iPod (though I can understand how support for additional codecs would be difficult). While my technical opinion of Apple's hardware remains high, especially when it comes to laptop computers, I refuse to do business with Apple if this is their attitude towards their customers.
when (0) other people are doing all of the boring detail work and (1) you are actually allowed to take someone to court (and win). And for you net.security wannabees out there, forensics == boring, painstaking, CYA detail work and internal politics == VIPs surfing kiddie pr0n don't get hauled off to jail. Very, very frustrating.
But then again, who here watches CSI and thinks it's an accurate representation of an exciting career in criminal forensics?
God, what I wouldn't give for a slashbot who didn't quote verbatim the source web site without giving proper attribution (at least use BLOCKQUOTE). And if I had a dime for every story whose description as submitted by the user included a sentance directly from the web site as if it were their own, I would be a rich man today.
While I am a big fan of people not slandering me, and while I don't think it's usually a good idea to shout "Fire" in a crowded theater, some of the high court's arguments sound a little like Bill Clinton asking what the meaning of "is" is. I mean, ruling that a form of expression is not speech? So if we don't like how the Constitution or its amendments read, we just redefine the words to mean what we like? I'm not a strict constructionist (or whatever the hell kind of law it is where you have to interpret the Constitution according to the way "the Founding Fathers" intended), but these kinds of arguments sound specious to me.
But that's just my uninformed opinion. I could be wrong.
How is bounds checking inefficient if it protects you from nasty off-by-one errors and evil buffer overflows? Or are you one of those short-sighted programmers who believes cheap CPU clock time is more important than very expensive human time (i.e. time wasted dealing with crappy programming languages and debugging stupid bounds problems, or worse, money lost because a critical bit of information was destroyed, altered, or disclosed due to a buffer overflow vulnerability)?
And yes, those were both rhetorical questions. I am sick and tired of crappy, bug-ridden software that doesn't do proper input and bounds checking. As far as I'm concerned, it's the programmers fault, either because she didn't write the bounds checks in manually or because he's not using a modern programming language (where "modern" == "not a glorified assembler"). You all aren't Mel, who can write practically perfect programs while sleepwalking, so don't give me a load of crap about how bloated your program would be if it was actually written properly. As a computer security guy, I am sick and tired of cleaning up after the exploits you all apparently work so hard to code into your software.
Thanks for the links. Unfortunately, while Colin Percival recently began providing updates for FreeBSD 5.x, he only builds updates for X86 architectures. The KDE and GNOME binary packages are likewise X86-only. But none of this matters even on X86, because if you are regularly cvsupping ports, up-to-date binary packages are not usually available. For example, the latest www/apache2 binary for FreeBSD 5.2.1 is Apache 2.0.48, which is vulnerable to denial of service attacks, yet 2.0.50 is in the current version of ports. Not that "portupgrade -a" is difficult to use, just time consuming and occasionally broken.
By the way, have you ever run into problems where portinstall doesn't install or mis-calculates dependencies (even when compiling from source)? If I install lang/cmucl, misc/compat4x won't get installed, even though it is a dependency. Subsequent portupgrade commands complain about misc/compat4x missing, even though (strangely enough) cmucl has no problems. I don't know if it is a problem with portutils, pkgtools, ports, or the cmucl package itself. I'm open to any suggestions. I've also seen portupgrade complain about dependencies when required packages rev, e.g. portupgrade complaining about missing wget 1.9 for Nessus, when wget 1.8 was installed but not yet updated.
Try FreeBSD out first. It has the nicest installer. Then take a spin through NetBSD and OpenBSD. The installers aren't as pretty, but the rest of the operating system is configured and operated pretty much the same across all of the BSDs. In general, I am very impressed with the state of documentation. There are numerous resources on the web (e.g. the FreeBSD handbook and documentation project), and the manual pages are unusually complete compared to your typical Linux distribution.
You should probably dedicate a disk to this procedure, as configuring dual boot (duel boot?) can require some wizardry. They all run very nicely under VMware.
Where BSD falls down is on the availability of current binary updates. On FreeBSD 5.x, incremental security updates must be applied to the source code, then the O/S is re-compiled. The whole procedure is easy, in the sense that you type about five short commands to execute the whole update and build procedure, but it is very time consuming, especially on older hardware. Ports are even "worse": If you want to be current, you will most likely be building ports from scratch (also very time consuming when they upgraded to X.org, heh).
Dennis Ritchie, who has worked at the Labs since 1967, was central to both projects. He is revered as the
inventor of C, and, with Ken Thompson, as the co-inventor of Unix.
Why do people use "invent" when they really mean "write"?
I know just enough physics to be intrigued by your "electric universe" links, but the web site seems a little hokey. Is this an up-and-coming theory, or is it like cold fusion?
All the guy's talking about is egress filtering, and I too wish more people did it. Thankfully, some ISPs have gotten a clue and started filtering individual outbound services (e.g. SMTP) or installed intrusion prevention systems at their NAPs (e.g. RoadRunner Business Class, who block my portscans, the bastards). Unfortunately, egress filtering, like ingress filtering, requires detailed knowledge of your network in addition to appropriate Acceptable Use Policies, and your typical business or residential customers rarely have that depth of understanding.
You can't do this if your ISP is blocking port 25 out and forcing you to go through its own mailrouters.
What about VPN? I POP my work email to my laptop, but every time I check mail, I'm on the VPN so as to avoid any (well-meaning) transport filtering along the way. Besides, the admins of the mail system in question haven't figured out SMTP/TLS, POP3S, or IMAPS yet, and I don't want my unencrypted login going out over the Internet.
Forcing students to meet some very sensible minimum computer security requirements (such as up-to-date anti-virus and operating system software) will not limit their academic freedom or ability to express themselves in anyway, so what's the problem? Other technical solutions that would warrant investigation include separating academic and administrative network resources (my alma mater had the administrative systems on a separate physical network) and performing regular "un-cooperative" vulnerability assessments of the student and residential networks (i.e. a safeties-off penetration test with Nessus or similar).
Now, if we were discussing unfiltered Internet access for said students, I could see room for several good arguments (e.g. granting students the ability to develop Internet-accessible systems, but balancing that against the abuse of these projects to affect the instution or other students or other Internet-connected systems, etc.) But "Academic freedom" doesn't free a student of basic adult responsibilities. Just as an institution issues students keys for their doors and badges for building access and passwords for their email, an institution should teach a student to be a responsible network citizen by issuing them anti-virus software. This is not unreasonable. So why the "Ask Slashdot"?
In fact, backwards compatibility was one of the PS/2's selling points. I didn't want to have to buy yet another console in order to play some of the older games, like Jedi Power Battles or Metal Gear Solid.
But you're a moron. Of course, you're getting viruses on your system. You are explicitly disabling your firewall.
Re-install XP off the net, as you started, but once you've completed the install, turn on the built-in Internet Connection Firewall and leave it on. Install whatever RoadRunner gives you, connect to the Internet, and start your updates. I'm not aware of any flaws in ICF, but if you're really paranoid, buy (or build) a stand-alone firewall and put your nacent Windows box behind it.
I was on AT&T for about two years, T-Mobile for a year, and am now on Sprint PCS.
AT&T sucked. Their sales reps lied about their handsets' capabilities (e.g. the handset could receive, but not send, text messages). I had consistently poor reception. Their telephone support was awful. And, most damning of all, they didn't have any decent service plans.
T-Mobile had better customer support and superior technology. I still wish I had my Ericcson T-68i handset. I haven't had a better phone since. Their service plans were better than AT&T...I finally had free nights and weekends! Unfortunately, starting in November last year, I continuously received "network busy" messages on my handset and was unable to make or receive calls. I even tried another handset. Needless to say, no matter how good their plans, support, or handsets, consistently missed phone calls for three months suck and I switched to Sprint. As best I can tell, their cells in my area are over capacity. Joy.
I've been on Sprint PCS since mid-January. The customer support has been OK, and there haven't been any major problems with the handset. The Internet access is surprisingly good. Coverage is good, though I've noticed the phone drops calls occasionally (maybe when moving between cells?). Every time the handset's dropped a call or reported the network's busy, I've been able to immediately redial. My only complaint is that I don't like the flip part of my phone.
Life is full of disappointments. "End to end" is dead. You're going to have to suck it up and pay for commercial Internet connectivity in order to get out of the ghetto. Where I live, business-class cable connections start at around USD 175 per month. If you're lucky, your commercial ISP might even let you update the reverse DNS entries for your IP allocations.
97X was the only good station in town. I cried when I found out they sold their broadcast license. I desperately want to like the new station, especially because many of the old DJs are still there, but it just doesn't seem like they're playing the same mix of stuff as before. They used to have the weirdest, coolest playlists. Thanks to them, I discovered the Disposable Heros of Hipoprisy and Michael Franti, amongst many others. Now, it seems like all I listen to are the two college radio stations (thank god for the X-Star network, Father what's-his-name at Xavier, the Regents of NKU, Echos, the BBC, NPR, and PRI) and the one classical station in town (and it's "only" decent, but not stellar like the long lamented and the dearly departed WNIB, both formerly in sweet home Chicago).
Ah well. Clear Channel and friends can suck on chocolate salty balls for all I listen to them any more. At least there's still Shoutcast and streamripper and iTunes+iPod.
Why does it seem like everyone assumes that if something is alive, it will have DNA? Admittedly, science fiction shouldn't be my primary source for information on biology, but even the news article implies that most biologists assume that alien creatures (or even possibly undiscovered creatures here on Earth) will have DNA. In my (admittedly uneducated) mind, it's like saying all computers will be programmed in C, a ridiulous proposition.
Is it that difficult for you to ignore distractions? Perhaps it's because I come from a large and noisy family, but I have no problem tuning noises and distractions out, especially when augmented by headphones and a CD player. Also, you're in a LAB. Often, teams of people are working together in a lab, and this means sometimes spirited discussions of the work at hand.
Of course as someone who is frequently told to be quieter, I guess my threshold for "loud and distracting" is higher than most. C'est la vie.
"Not being (socially) happy" is a risk that can be managed, just like "getting killed on the way to work" or "being defrauded" or "getting fired". I would say that not giving a shit about something is roughly equivalent to accepting a risk as the cost of doing business. Some times, remaining in business becomes too risky, so one plans an "exit strategy", to push the analogy a little.:)
Re: "cognitive distortions". Most people don't realize that reality is largely arbitrary, and that the only reason we have anything in common with one another is because relatively similar chemical processes are occuring in our bodies given relatively similar starting conditions [/handwave]. It really trips people up when you start messing around with this chemistry and end up fundamentally changing perceptions, e.g. ergot root and visions of God, or the drug that causes near death experiences. It is pretty sad that most (bad) sci fi authors and lame-ass counter-revolutionary types make a lot of hay out of this simple realization. Heh. That was a pun. Get it? Bah, never mind.
Well, that was fun, but I really ought to get back to doing something important, like work or something. More Pils, please, "Bob"!
I like the analogy that mathematician used: The Electoral College is like the world series. The winning baseball team isn't the team that can score the most runs; it's the team that wins the most games. The Electoral College forces candidates to win *states*, instead of winning in New York City, Chicago, Los Angeles, etc. (because that's where the most voters are).
Slashdot Mirror
I don't need that xmodmap crap. I swapped the clock and lctrl lines in /usr/local/share/syscons/keymaps/us.kbd, and I set
inUm, no. 604800000 milliseconds is only a week when stupid programmers hard code constants and do date calculations that don't take leap seconds and leap years into account.
Give Giant AntiSpyware a try. I am most impressed with their research center.
Apple's unwillingness to release software updates for anything other than the iPod hardware currently available for sale has disuaded me from purchasing any other hardware from Apple. I fail to understand how audio bookmarks or similar features in the latest software release would not work properly on my generation-three iPod (though I can understand how support for additional codecs would be difficult). While my technical opinion of Apple's hardware remains high, especially when it comes to laptop computers, I refuse to do business with Apple if this is their attitude towards their customers.
when (0) other people are doing all of the boring detail work and (1) you are actually allowed to take someone to court (and win). And for you net.security wannabees out there, forensics == boring, painstaking, CYA detail work and internal politics == VIPs surfing kiddie pr0n don't get hauled off to jail. Very, very frustrating.
But then again, who here watches CSI and thinks it's an accurate representation of an exciting career in criminal forensics?
God, what I wouldn't give for a slashbot who didn't quote verbatim the source web site without giving proper attribution (at least use BLOCKQUOTE). And if I had a dime for every story whose description as submitted by the user included a sentance directly from the web site as if it were their own, I would be a rich man today.
While I am a big fan of people not slandering me, and while I don't think it's usually a good idea to shout "Fire" in a crowded theater, some of the high court's arguments sound a little like Bill Clinton asking what the meaning of "is" is. I mean, ruling that a form of expression is not speech? So if we don't like how the Constitution or its amendments read, we just redefine the words to mean what we like? I'm not a strict constructionist (or whatever the hell kind of law it is where you have to interpret the Constitution according to the way "the Founding Fathers" intended), but these kinds of arguments sound specious to me.
But that's just my uninformed opinion. I could be wrong.
How is bounds checking inefficient if it protects you from nasty off-by-one errors and evil buffer overflows? Or are you one of those short-sighted programmers who believes cheap CPU clock time is more important than very expensive human time (i.e. time wasted dealing with crappy programming languages and debugging stupid bounds problems, or worse, money lost because a critical bit of information was destroyed, altered, or disclosed due to a buffer overflow vulnerability)?
And yes, those were both rhetorical questions. I am sick and tired of crappy, bug-ridden software that doesn't do proper input and bounds checking. As far as I'm concerned, it's the programmers fault, either because she didn't write the bounds checks in manually or because he's not using a modern programming language (where "modern" == "not a glorified assembler"). You all aren't Mel, who can write practically perfect programs while sleepwalking, so don't give me a load of crap about how bloated your program would be if it was actually written properly. As a computer security guy, I am sick and tired of cleaning up after the exploits you all apparently work so hard to code into your software.
</rant>
Thanks for the links. Unfortunately, while Colin Percival recently began providing updates for FreeBSD 5.x, he only builds updates for X86 architectures. The KDE and GNOME binary packages are likewise X86-only. But none of this matters even on X86, because if you are regularly cvsupping ports, up-to-date binary packages are not usually available. For example, the latest www/apache2 binary for FreeBSD 5.2.1 is Apache 2.0.48, which is vulnerable to denial of service attacks, yet 2.0.50 is in the current version of ports. Not that "portupgrade -a" is difficult to use, just time consuming and occasionally broken.
By the way, have you ever run into problems where portinstall doesn't install or mis-calculates dependencies (even when compiling from source)? If I install lang/cmucl, misc/compat4x won't get installed, even though it is a dependency. Subsequent portupgrade commands complain about misc/compat4x missing, even though (strangely enough) cmucl has no problems. I don't know if it is a problem with portutils, pkgtools, ports, or the cmucl package itself. I'm open to any suggestions. I've also seen portupgrade complain about dependencies when required packages rev, e.g. portupgrade complaining about missing wget 1.9 for Nessus, when wget 1.8 was installed but not yet updated.
Try FreeBSD out first. It has the nicest installer. Then take a spin through NetBSD and OpenBSD. The installers aren't as pretty, but the rest of the operating system is configured and operated pretty much the same across all of the BSDs. In general, I am very impressed with the state of documentation. There are numerous resources on the web (e.g. the FreeBSD handbook and documentation project), and the manual pages are unusually complete compared to your typical Linux distribution.
You should probably dedicate a disk to this procedure, as configuring dual boot (duel boot?) can require some wizardry. They all run very nicely under VMware.
Where BSD falls down is on the availability of current binary updates. On FreeBSD 5.x, incremental security updates must be applied to the source code, then the O/S is re-compiled. The whole procedure is easy, in the sense that you type about five short commands to execute the whole update and build procedure, but it is very time consuming, especially on older hardware. Ports are even "worse": If you want to be current, you will most likely be building ports from scratch (also very time consuming when they upgraded to X.org, heh).
Why do people use "invent" when they really mean "write"?
Jon Katz
I know just enough physics to be intrigued by your "electric universe" links, but the web site seems a little hokey. Is this an up-and-coming theory, or is it like cold fusion?
All the guy's talking about is egress filtering, and I too wish more people did it. Thankfully, some ISPs have gotten a clue and started filtering individual outbound services (e.g. SMTP) or installed intrusion prevention systems at their NAPs (e.g. RoadRunner Business Class, who block my portscans, the bastards). Unfortunately, egress filtering, like ingress filtering, requires detailed knowledge of your network in addition to appropriate Acceptable Use Policies, and your typical business or residential customers rarely have that depth of understanding.
What about VPN? I POP my work email to my laptop, but every time I check mail, I'm on the VPN so as to avoid any (well-meaning) transport filtering along the way. Besides, the admins of the mail system in question haven't figured out SMTP/TLS, POP3S, or IMAPS yet, and I don't want my unencrypted login going out over the Internet.
Forcing students to meet some very sensible minimum computer security requirements (such as up-to-date anti-virus and operating system software) will not limit their academic freedom or ability to express themselves in anyway, so what's the problem? Other technical solutions that would warrant investigation include separating academic and administrative network resources (my alma mater had the administrative systems on a separate physical network) and performing regular "un-cooperative" vulnerability assessments of the student and residential networks (i.e. a safeties-off penetration test with Nessus or similar).
Now, if we were discussing unfiltered Internet access for said students, I could see room for several good arguments (e.g. granting students the ability to develop Internet-accessible systems, but balancing that against the abuse of these projects to affect the instution or other students or other Internet-connected systems, etc.) But "Academic freedom" doesn't free a student of basic adult responsibilities. Just as an institution issues students keys for their doors and badges for building access and passwords for their email, an institution should teach a student to be a responsible network citizen by issuing them anti-virus software. This is not unreasonable. So why the "Ask Slashdot"?
In fact, backwards compatibility was one of the PS/2's selling points. I didn't want to have to buy yet another console in order to play some of the older games, like Jedi Power Battles or Metal Gear Solid.
But you're a moron. Of course, you're getting viruses on your system. You are explicitly disabling your firewall.
Re-install XP off the net, as you started, but once you've completed the install, turn on the built-in Internet Connection Firewall and leave it on. Install whatever RoadRunner gives you, connect to the Internet, and start your updates. I'm not aware of any flaws in ICF, but if you're really paranoid, buy (or build) a stand-alone firewall and put your nacent Windows box behind it.
I was on AT&T for about two years, T-Mobile for a year, and am now on Sprint PCS.
AT&T sucked. Their sales reps lied about their handsets' capabilities (e.g. the handset could receive, but not send, text messages). I had consistently poor reception. Their telephone support was awful. And, most damning of all, they didn't have any decent service plans.
T-Mobile had better customer support and superior technology. I still wish I had my Ericcson T-68i handset. I haven't had a better phone since. Their service plans were better than AT&T...I finally had free nights and weekends! Unfortunately, starting in November last year, I continuously received "network busy" messages on my handset and was unable to make or receive calls. I even tried another handset. Needless to say, no matter how good their plans, support, or handsets, consistently missed phone calls for three months suck and I switched to Sprint. As best I can tell, their cells in my area are over capacity. Joy.
I've been on Sprint PCS since mid-January. The customer support has been OK, and there haven't been any major problems with the handset. The Internet access is surprisingly good. Coverage is good, though I've noticed the phone drops calls occasionally (maybe when moving between cells?). Every time the handset's dropped a call or reported the network's busy, I've been able to immediately redial. My only complaint is that I don't like the flip part of my phone.
Life is full of disappointments. "End to end" is dead. You're going to have to suck it up and pay for commercial Internet connectivity in order to get out of the ghetto. Where I live, business-class cable connections start at around USD 175 per month. If you're lucky, your commercial ISP might even let you update the reverse DNS entries for your IP allocations.
97X was the only good station in town. I cried when I found out they sold their broadcast license. I desperately want to like the new station, especially because many of the old DJs are still there, but it just doesn't seem like they're playing the same mix of stuff as before. They used to have the weirdest, coolest playlists. Thanks to them, I discovered the Disposable Heros of Hipoprisy and Michael Franti, amongst many others. Now, it seems like all I listen to are the two college radio stations (thank god for the X-Star network, Father what's-his-name at Xavier, the Regents of NKU, Echos, the BBC, NPR, and PRI) and the one classical station in town (and it's "only" decent, but not stellar like the long lamented and the dearly departed WNIB, both formerly in sweet home Chicago).
Ah well. Clear Channel and friends can suck on chocolate salty balls for all I listen to them any more. At least there's still Shoutcast and streamripper and iTunes+iPod.
Why does it seem like everyone assumes that if something is alive, it will have DNA? Admittedly, science fiction shouldn't be my primary source for information on biology, but even the news article implies that most biologists assume that alien creatures (or even possibly undiscovered creatures here on Earth) will have DNA. In my (admittedly uneducated) mind, it's like saying all computers will be programmed in C, a ridiulous proposition.
Is it that difficult for you to ignore distractions? Perhaps it's because I come from a large and noisy family, but I have no problem tuning noises and distractions out, especially when augmented by headphones and a CD player. Also, you're in a LAB. Often, teams of people are working together in a lab, and this means sometimes spirited discussions of the work at hand.
Of course as someone who is frequently told to be quieter, I guess my threshold for "loud and distracting" is higher than most. C'est la vie.
Risk management.
"Not being (socially) happy" is a risk that can be managed, just like "getting killed on the way to work" or "being defrauded" or "getting fired". I would say that not giving a shit about something is roughly equivalent to accepting a risk as the cost of doing business. Some times, remaining in business becomes too risky, so one plans an "exit strategy", to push the analogy a little. :)
Re: "cognitive distortions". Most people don't realize that reality is largely arbitrary, and that the only reason we have anything in common with one another is because relatively similar chemical processes are occuring in our bodies given relatively similar starting conditions [/handwave]. It really trips people up when you start messing around with this chemistry and end up fundamentally changing perceptions, e.g. ergot root and visions of God, or the drug that causes near death experiences. It is pretty sad that most (bad) sci fi authors and lame-ass counter-revolutionary types make a lot of hay out of this simple realization. Heh. That was a pun. Get it? Bah, never mind.
Well, that was fun, but I really ought to get back to doing something important, like work or something. More Pils, please, "Bob"!
I like the analogy that mathematician used: The Electoral College is like the world series. The winning baseball team isn't the team that can score the most runs; it's the team that wins the most games. The Electoral College forces candidates to win *states*, instead of winning in New York City, Chicago, Los Angeles, etc. (because that's where the most voters are).