How many of you, if you discovered a buffer overflow situation that would let you enter a command string on such a system, would know what to do?
Not many, so the only exploiters will be hostile corporations and governments. And maybe a few discruntled former employees working in places where they can test on compatible hw.
But if someone do crack your os/390 webserver, how many can fix that program? And how many can fix the mainframe after the hackers did their worst to it? Someone who makes such an effort won't be doing it for nothing. And yes - it has happened already.
Lets see, back in 1980 they predicted that the mainframe would be gone in 10 years, because of the mini and super-mini computers. What happened? The mainframes got more powerful and continued to sell.
This is way too common. Someone predicts "X will soon surpass Y and therefore replace it!" They fail to see that Y will develop as X develops.
They predicted that RAM would replace harddisk too. Sure - a 1999 MB of RAM is cheaper than a 1980's MB of disk, and my 1999 machine indeed have more RAM than my 1980 machine had disk. I still use harddisks though...
Its a lot harder to yank out two hundred power cords than one.
Come on! Anybody who ever saw a mainframe knows they thought of that one. First, these things are usually installed without a pull-able socket. You don't fit a mainframe in your building, you fit the building & infrastructure around the mainframe's needs.
Second, they don't allow any fool near the machines, that helps uptime too.
You'd think the advantages of drums would still apply today.
They do. But disk has a serious advantage - space! Consider the space taken up by a drum of any size. Now fill that space with a stack of platters instead - a lot more surface in the same space. That's the disk advantage.
Drums were made that had a head per track. That trick works with disks too - no advantage. The only disadvantage I see with disks is the variable speed due to varying diameter - but disk makers seems to solve that one just fine.
Solid state heads, one per track, stationary. No seek time, blast the data out in parallel.
Nostalgia. I have seen magnetic drums designed like that. One head per track - only one moving part which is the drum itself. It had a 10ns access time, which is impressive for a device from sometimes in the 50's or 60's.
Well, not so impressive considering this wasn't used as "disk", it was the machine's main memory. The "RAM" of the time was used for registers only, as each bit of ferrite core was big enough to be seen.
I am curious how noisy those suckers are going to be.
Drives will go silent soon enough - up the spin rate a bit and the frequency goes into ultrasound - above what we hear. The only noise then will be head movement.
Re:Like Democracy, choice yeilds two majorities ..
on
Gnome 1.1.4 Released
·
· Score: 1
I believe that Marx said that his philosophy would only be applicable after capitalism/industrialism had reached its peak
Marx was a bit naive. He extrapolated how bad capitalism could get, and figured out that people couldn't live with that so there would/should be revolution. All sorts of doomsday people do the same thing.
What usually happens is that people see the problems before they get out of hand. Then policy changes - gradually. Trade unions took care of the "easily replaceable" workers. Others specialiced and became well-paid.
Lets see: They have no electromagnetical interaction, so they pass through anything easily. They have the weak interaction, so you might be able to upset radioactive processes if you could concentrate enough stuff in one place. This has lots of uses.
Why are people so desperate to get smallish computers? There's plenty of room for a 20" screen in a briefcase - assuming it is flat of course. And a real keyboard instead of those joke things in today's portables. A keyboard is supposed to be signigicantly wider than a sheet of paper, about as wide as the baseline of the 20" screen. There's no problem using such a thing as a laptop either, just keep it reasonably flat and lightweight.
A lot of people don't seem to want to run devel kernels for fear of them crashing.
Some of them are indeed fine. 2.3.39 have over a month of uptime for me. I have seen 2.3.18 and 2.3.46 wipe out filesystems though, so they aren't all safe. If you want a safe experiment, consider 2.3.39
Linux users, you brag so often about the cleanliness and speed of your OS against the bulky Windows... then why do you keep using one the worst language in the world
Nothing wrong with C - something's wrong with those who believe they have to recompile everything now and then. Any sane makefile setup will compile only what needs compiling, making C compilations nice and quick.
<I>A language that is so unreadable that there's a contest of code offuscation ?</I> Exists because C is popular, clear C code is definitely possible, and of course I can write pascal so bad that nobody can read it - but there are so few pascal programmers to impress out there...
<I>When I read a comment "if it crash try to compile without the speed optimization" </I> Broken for sure. But compilers get fixed. And pascal has the same problems from time to time, 16-bit delphi had a lot of "don't do that" type problems.
Also, they said old Pentiums were used. Would comparing the two operating systems on such old machines be a fair comparison?
Of course, as long as both os'es was tested with the same kind of hardware. Old pentiums are as reliable as new machines. No problem there, they are slow though. Slowness is not a reliability problem. Crashes are, and the old machines don't crash in much different ways than new ones. Not that it matters much, <B>both</B> os'es ran the old hw, any hw problem inherent in old machines would strike both.
Linux failed once in this test, no need for NT to fail much more except if it really is worse.
IPv6 doubles the average packet size for real time protocols with small packet sizes, like VoIP, which I specifically mentioned as an example. VoIP data is transmitted in very small packets, because delays must be kept to a minimum. Using IPv6 would double your bandwidth requirements.
IPv6 was designed with less delay in mind, so you may be able to put more data in each packet and suffer less. IPv4 is checksummed and possibly fragmented at each router, IPv6 isn't. So IPv6 routers can be built with less delay. You may, for example, start transmitting a packet before you received all of the header. Less delay on every router quickly add upp for long distances.
But is that really true? If every router refused to pass packets that clearly lie about their origin, IP spoofing would be a lot harder to do.
This isn't even the problem. A distributed DOS attack don't need spoofing at all. Just break into 1000 sites, then have each point 50 browsers at your target. Instant overload, no spoofing.
Filtering doesn't help. The attacker doesn't bother with bouncing strange packets. He simply breaks into tons of systems using an automated tool. He can then make each of those breakable systems attack - from perfectly valid addresses. Tracing back to the broken systems will be trivial, but the attacker doesn't care as it isn't his broken systems. Innocent people who has easily crackable machines gets all the heat.
Would changing to IPv6 help eliminate these type of attacks? From what I read of the specs on IPv6, all the data needed to track a packet from destination right down to the MAC address is included in the packet.
Nope. First, IPV6 don't need to contain any MAC addresses. Second, you would merely track down the compromised systems. You can do that already using IPV4. It doesn't help, unless having a crackable machine becomes illegal. Third, these people are breaking rules already and wouldn't worry a bit about putting fake info in their IPV6 packets. Possibly causing trouble for some third party as well when angry but clueless sysadmins are misled onto them.
Is vulnerability to DDoS-type attacks due to a flaw in the design of TCP or IP, or is the design of a network that's inherently resistant to such attacks an unsolved problem? Is it possible to imagine a fix that would address this, or a protocol that wouldn't be vulnerable even when many machines are compromised?
This has nothing to do with IP, or even computers. Parts of the phone system get blocked from time to time in the same way - for example when a popular TV show advertises a phone number. "Call inn first to get a prize..."
So there is no solution as long as thousands of machines are available for breaking in. Fixing that still leaves stuff like "Tomorrow is the day when <I>everybody</I> looks at the MS website" or "Lets <I>all</I> call their shitty ordering number simultaneously" The only difference is that the latter two cases require cooperation by an interest group, while the DDOS attack simply require the "cooperation" of crackable machinery.
A ton of money flows into Amazon every day. In the Oct, Nov, and Dec 1999, they took in about $676 million. So 2 hours of downtime could cost them 676m/90 days/24 hours * 2 hours = $626,000, over $5,000 a minute.
You can't use math like that. Sure - they expected that revenue during the 2 hours. What happened to those who couldn't buy? They didn't <I>all</I> run to a competitor. Some did what you always do with net trouble: waited, and tried again. Amazon probably had a period with slightly more sales than normal right after the attack, due to people catching up. Sure they lost some, but not all!
If the foreign government doesn't cough up the damages you seize their assets in your country. The US did it with Iran after the shah was deposed. Apart from the embassy and consulates though (which are inviolate) the US doesn't actually have any assets in France.
You're forgetting private property. I don't think it'll happen, but they could theoretically seize property owned by american companies.
"Espionage ruined an Airbus contract? Lets confiscate some planes, office buildings and factories then..."
Unlikely in the extreme, but they certainly have ways if they want to. A lawyer might complain that this property isn't owned by the american government which did the spying. This is easily countered by the american people being responsible for electing their own government (it's a democracy after all) and american corporations are largely owned by american people.
This sort of argument wouldn't surprise me if it came from a socialist country like France. The reason they (probably) won't is the obvious trade war (or worse) that would follow.
Slashdot Mirror
How many of you, if you discovered a buffer overflow situation that would let you enter a command string on such a system, would know what to do?
Not many, so the only exploiters will be hostile corporations and governments. And maybe a few discruntled former employees working in places where they can test on compatible hw.
But if someone do crack your os/390 webserver, how many can fix that program? And how many can fix the mainframe after the hackers did their worst to it? Someone who makes such an effort won't be doing it for nothing. And yes - it has happened already.
Lets see, back in 1980 they predicted that the mainframe would be gone in 10 years, because of the mini and super-mini computers. What happened? The mainframes got more powerful and continued to sell.
This is way too common. Someone predicts "X will soon surpass Y and therefore replace it!" They fail to see that Y will develop as X develops.
They predicted that RAM would replace harddisk too. Sure - a 1999 MB of RAM is cheaper than a 1980's MB of disk, and my 1999 machine indeed have more RAM than my 1980 machine had disk. I still use harddisks though...
Its a lot harder to yank out two hundred power cords than one.
Come on! Anybody who ever saw a mainframe knows they thought of that one. First, these things are usually installed without a pull-able socket. You don't fit a mainframe in your building, you fit the building & infrastructure around the mainframe's needs.
Second, they don't allow any fool near the machines, that helps uptime too.
Hmm silly little ol' me thought that IBM's mainframe division lost millions because of those PCs but I guess I was wrong.
Mainframes lost to pc's because pc's are usually better home/office workstations than a terminal connected to some mainframe.
That don't change the fact that there are still big jobs around that a mainframe does better than any pc.
Good point.
And if I want a cool robot to follow me around - I'll buy/make one who looks like a robot. Wheels, wires, blinking leds, and so on.
I agree whole-heartedly that IE5 is in every aspect superior to Netscape Communicator.
Except for those that don't use windows. IE is of no interest, netscape is usable although it could be better of course.
Oops. Make that 10 ms, not ns.
You'd think the advantages of drums would still apply today.
They do. But disk has a serious advantage - space! Consider the space taken up by a drum of any size. Now fill that space with a stack of platters instead - a lot more surface in the same space. That's the disk advantage.
Drums were made that had a head per track. That trick works with disks too - no advantage. The only disadvantage I see with disks is the variable speed due to varying diameter - but disk makers seems to solve that one just fine.
Solid state heads, one per track, stationary. No seek time, blast the data out in parallel.
Nostalgia. I have seen magnetic drums designed like that. One head per track - only one moving part which is the drum itself. It had a 10ns access time, which is impressive for a device from sometimes in the 50's or 60's.
Well, not so impressive considering this wasn't used as "disk", it was the machine's main memory. The "RAM" of the time was used for registers only, as each bit of ferrite core was big enough to be seen.
I am curious how noisy those suckers are going to be.
Drives will go silent soon enough - up the spin rate a bit and the frequency goes into ultrasound - above what we hear. The only noise then will be head movement.
I believe that Marx said that his philosophy would only be applicable after capitalism/industrialism had reached its peak
Marx was a bit naive. He extrapolated how bad capitalism could get, and figured out that people couldn't live with that so there would/should be revolution. All sorts of doomsday people do the same thing.
What usually happens is that people see the problems before they get out of hand. Then policy changes - gradually. Trade unions took care of the "easily replaceable" workers. Others specialiced and became well-paid.
So what can we do with the WIMPs?
Lets see: They have no electromagnetical interaction, so they pass through anything easily. They have the weak interaction, so you might be able to upset radioactive processes if you could concentrate enough stuff in one place. This has lots of uses.
Why are people so desperate to get smallish computers? There's plenty of room for a 20" screen in a briefcase - assuming it is flat of course. And a real keyboard instead of those joke things in today's portables. A keyboard is supposed to be signigicantly wider than a sheet of paper, about as wide as the baseline of the 20" screen. There's no problem using such a thing as a laptop either, just keep it reasonably flat and lightweight.
I think if Slashdot is going to get in the business of announcing minor software updates
I agree that minor updates don't have a place here. Some would argue that the inclusion of devfs is major stuff though.
A lot of people don't seem to want to run devel kernels for fear of them crashing.
Some of them are indeed fine. 2.3.39 have over a month of uptime for me. I have seen 2.3.18 and 2.3.46 wipe out filesystems though, so they aren't all safe. If you want a safe experiment, consider 2.3.39
Linux users, you brag so often about the cleanliness and speed of your OS against the bulky Windows... then why do you keep using one the worst language in the world
Nothing wrong with C - something's wrong with those who believe they have to recompile everything now and then. Any sane makefile setup will compile only what needs compiling, making C compilations nice and quick.
<I>A language that is so unreadable that there's a contest of code offuscation ?</I>
Exists because C is popular, clear C code is definitely possible, and of course I can write pascal so bad that nobody can read it - but there are so few pascal programmers to impress out there...
<I>When I read a comment "if it crash try to compile without the speed optimization" </I>
Broken for sure. But compilers get fixed. And pascal has the same problems from time to time, 16-bit delphi had a lot of "don't do that" type problems.
Also, they said old Pentiums were used. Would comparing the two operating systems on such old machines be a fair comparison?
Of course, as long as both os'es was tested with the same kind of hardware. Old pentiums are as reliable as new machines. No problem there, they are slow though. Slowness is not a reliability problem. Crashes are, and the old machines don't crash in much different ways than new ones. Not that it matters much, <B>both</B> os'es ran the old hw, any hw problem inherent in old machines would strike both.
Linux failed once in this test, no need for NT to fail much more except if it really is worse.
IPv6 doubles the average packet size for real time protocols with small packet sizes, like VoIP, which I specifically mentioned as an example. VoIP data is transmitted in very small packets, because delays must be kept to a minimum. Using IPv6 would double your bandwidth requirements.
IPv6 was designed with less delay in mind, so you may be able to put more data in each packet and suffer less. IPv4 is checksummed and possibly fragmented at each router, IPv6 isn't. So IPv6 routers can be built with less delay. You may, for example, start transmitting a packet before you received all of the header. Less delay on every router quickly add upp for long distances.
But is that really true? If every router refused to pass packets that clearly lie about their origin, IP spoofing would be a lot harder to do.
This isn't even the problem. A distributed DOS attack don't need spoofing at all. Just break into 1000 sites, then have each point 50 browsers at your target. Instant overload, no spoofing.
Filtering doesn't help. The attacker doesn't bother with bouncing strange packets. He simply breaks into tons of systems using an automated tool. He can then make each of those breakable systems attack - from perfectly valid addresses. Tracing back to the broken systems will be trivial, but the attacker doesn't care as it isn't his broken systems. Innocent people who has easily crackable machines gets all the heat.
Would changing to IPv6 help eliminate these type of attacks? From what I read of the specs on IPv6, all the data needed to track a packet from destination right down to the MAC address is included in the packet.
Nope. First, IPV6 don't need to contain any MAC addresses. Second, you would merely track down the compromised systems. You can do that already using IPV4. It doesn't help, unless having a crackable machine becomes illegal. Third, these people are breaking rules already and wouldn't worry a bit about putting fake info in their IPV6 packets. Possibly causing trouble for some third party as well when angry but clueless sysadmins are misled onto them.
Is vulnerability to DDoS-type attacks due to a flaw in the design of TCP or IP, or is the design of a network that's inherently resistant to such attacks an unsolved problem? Is it possible to imagine a fix that would address this, or a protocol that wouldn't be vulnerable even when many machines are compromised?
This has nothing to do with IP, or even computers. Parts of the phone system get blocked from time to time in the same way - for example when a popular TV show advertises a phone number. "Call inn first to get a prize..."
So there is no solution as long as thousands of machines are available for breaking in. Fixing that still leaves stuff like "Tomorrow is the day when <I>everybody</I> looks at the MS website" or
"Lets <I>all</I> call their shitty ordering number simultaneously" The only difference is that the latter two cases require cooperation by an interest group, while the DDOS attack simply require the "cooperation" of crackable machinery.
Considering that the targets of these attacks have been large corporations and such I ask this.
You might as well ask "why should the average citizen care about shoplifters hitting large supermarket chains, large banks robbed, and so on?"
The same answers applies.
A ton of money flows into Amazon every day. In the Oct, Nov, and Dec 1999, they took in about $676 million. So 2 hours of downtime could cost them 676m/90 days/24 hours * 2 hours = $626,000, over $5,000 a minute.
You can't use math like that. Sure - they expected that revenue during the 2 hours. What happened to those who couldn't buy? They didn't <I>all</I> run to a competitor. Some did what you always do with net trouble: waited, and tried again. Amazon probably had a period with slightly more sales than normal right after the attack, due to people catching up. Sure they lost some, but not all!
If the foreign government doesn't cough up the damages you seize their assets in your country. The US did it with Iran after the shah was deposed. Apart from the embassy and consulates though (which are inviolate) the US doesn't actually have any assets in France.
You're forgetting private property. I don't think it'll happen, but they could theoretically seize property owned by american companies.
"Espionage ruined an Airbus contract? Lets confiscate some planes, office buildings and factories then..."
Unlikely in the extreme, but they certainly have ways if they want to. A lawyer might complain that this property isn't owned by the american government which did the spying. This is easily countered by the american people being responsible for electing their own government (it's a democracy after all) and american corporations are largely owned by american people.
This sort of argument wouldn't surprise me if it came from a socialist country like France. The reason they (probably) won't is the obvious trade war (or worse) that would follow.