This is very sad, but not unexpected. Every major construction project will have an estimated number deaths associated with it before it starts. Every skyscraper, every bridge, every tunnel, every road through bad terrain, and yes, every space mission.
Most people (other than the safety engineers and insurance folks) rarely stop and think about what it costs in human lives to move forward. But there is a cost.
In a perfect world it would never happen, but we are imperfect and it will always happen. People make mistakes. Equipment malfunctions. Bad weather. Mislabeled products. Acts of nature.
The people that do this work benefit their species; a true higher calling. Take a moment to think about their sacrifice and thank them.
Here in Joisey, should it happen dat some low life scum steals your identity, Vinnie pays dem a visit. He users der eyes for icepick holders, and shoves der kneecaps up der ass. Did I say Vinnie? I must have mispoke myself. Vinnie was at a party in Rhode Island, with a bunch of identity theft victims. You know, a support group. Dey all swears he was der. Dat was a terible ting dat happened to dat guy. Maybe he should retire now.
I remember the Web. That was when there were still ISPs and telecoms, right? Back when the big corporations tried to figure out how to triple, and quadruple charge for everything. When governments started taxing every packet. Back before the Mesh. Yeah, that sucked.
Instead of re-writing every protocol to look like IPSEC, couldn't we add a layer to the network stack between the transport layer and the IP layer to encrypt the IP payload? Then we wouldn't have to re-write all our old apps, wouldn't need to implement encryption in every app, and wouldn't need to try to hide the port numbers. If only there were such an IP-layer SECurity service...
The survey featured developers at enterprises, VARs and system integrators, and covered both client and server application development. According to the survey, the decline in Windows targeting by developers started in 2005, and has increased year-over-year as Linux matured and gained in popularity as an enterprise level OS.
The numbers quoted in that article are also a little different:
...the number of developers targeting Linux for their server- and client-side applications increased by 34% over the past year....the growth in Linux development came at the expense of Microsoft Windows, which decreased 12% from one year ago.
One of my banks has a bad SSL certificate configuration.
I emailed then to let them know. Their response? "Clear your cache and cookies".
I thanked them and explained that the problem wasn't on my end, that Verisign actually documented their problem and provided them with the URL. Their response? "Maybe the date on your computer is wrong, our certificates expire in 2011".
I again explained that it wasn't a certificate expiration issue, and in fact the certificate in question expired in 2009. Their response? "No one else is reporting the problem". I stopped reporting the issue, and we started moving money elsewhere.
The problem isn't so much that they didn't have a properly configured certificate, the problem was their response to a security issue. The ticket went back and forth several times (to multiple representatives), and there was no automatic escalation or intercept. The ticket was reporting a security matter, but again, there was no intercept. I can understand not having tier 1 customer support be security experts, but the exchange exposed a complete lack of proper security practices and procedures.
I am not now, nor have I ever been impressed with the security practices at any bank. Some are just not as bad as at others. They will never be permitted to lay hands on a computer of mine.
The 'sshfs --help' command will provide useful info on sshfs, and 'man encfs' will give you the details on encfs. There's always help at linuxquestions.org too.
AOL gives everyone that signs up for an IM account 100MB of web space, but the interesting thing is it's ssh accessible. That means that you can mount it with sshfs or sftp, making it a handy place to keep (encrypted) data that you access from multiple machines. For example,
sshfs userid@members.aol.com:/some/directory
The above (after responding to the password prompt) makes the 100MB available in your local "/some/directory/". The data is also web accessible at:
I find the space, even though small, very handy for storing small amounts of useful information. Using encfs on the sshfs mounted space allows remote access to things like server status/logs in a secure fashion, even when the machine is not directly SSH accessible.
While the implications of the issue are difficult to quantify, any of the following symptoms can occur:
* The system may stop responding to keyboard or mouse input.
* A system operating in a Microsoft Windows environment may generate a blue screen.
* A system operating in a Linux environment may generate a kernel panic.
This was the first I had heard of this; probably a good time to check for BIOS or microcode updates."
The HP link also indicates the nature of the problem, which should not be OS specific:
This Intel microcode update addresses an improper Translation Lookaside Buffer (TLB) invalidation that may result in unpredictable system behavior such as system hangs or incorrect data.
I'm surprised that no one has mentioned one of Fedora's major strengths; security. This is the primary reason that I use Fedora. The combination of security layers has made Fedora immune to many (all?) of the compromises/exploits in recent history.
While distributions like Ubuntu are more popular with end-users, I'm concerned that an exploit across such a popular (but security weak) distribution will paint all of Linux with an unfavorable brush.
The last time I tried Linux, it was a major bear to install. I tried multiple distros. SuSe wouldn't set up my internet, Fedora gave me a black screen (not even a command prompt), Ubuntu gave me a command prompt, but no GUI. Oddly enough, Debian Sarge came the closest to working (but no sound & no printer).
Under Windows, all the above worked except the printer (but it did work with my iBook). Windows has a large number of problems, bugs, and annoyances, but most of those aren't showstoppers. Linux, IME, has far fewer problems, but the ones it has often ARE showstoppers.
I had the same problem trying to install a retail copy of Windows XP on a Sony Vaio laptop. Nothing worked, the video was screwy, no network. I had no choice but to use the Sony OEM install, which had all their customized drivers. Linux (Fedora) on the other hand mostly worked (I needed to download and setup a video driver for 3D acceleration, but 2D was OK).
The point is that an anecdotal success or failure on an individual machine does not really tell you anything. End users rarely if ever perform an installation. If Dell's were available with Linux pre-installed, would end-users have a problem? I doubt it.
The thing is, even if it is illegal, they're safe. So long as they make sure to only apply that policy to people who aren't rich that is. If you make a normal salary, you have no access to the legal system. Laws only hurt you, you aren't wealthy enough for them to help you, so just buy another laptop!
That's incorrect. You only need to report the fraud to your State Attorney General and Commissioner of Consumer Affairs. My state lets you file online via their web page. The last time I did this (as an end-user, not a corporation), after exhausting all other escalations with the vendor, the problem was resolved in 48 hours.
If your state's organizations are not responsive, maybe you need to replace those folks with some that are.
It conducts electricity, so it will act as a Faraday shield. Considering that it's not particularly popular now, you can probably "secure" a room for considerably less that this paint will cost.
As far as I've been able to determine from friends and family in the teaching profession, the problem isn't so much compensation as it is walnut-brained administrators and parents.
If you make schools immune to civil lawsuits, put teachers ahead of parents and stop appointing the retarded friends and family of politicians as school administrators, you will have a functioning school system again. Parents that don't like that situation can take their kids to private school or home school them.
Stupid kids need to get left behind. Advanced kids need to get advanced placement. If you cater to the lowest common denominator, you get ignorant, bored, unchallenged kids that are disciplinary problems.
As far as I know, going back to 2000 at least, the internal (LAN) IP address range has always been configurable. However, on some routers that was not obvious. The DHCP range on some could not be configured, but if you changed the IP address of the router, the DHCP range 'inherited' the IP prefix. For example, by default:
Router: 192.168.1.1 DHCP Range: 192.168.1.100-150
Setting the router to "123.45.67.1" yielded:
Router: 123.45.67.1 DHCP Range: 123.45.67.100-150
The user interface left much to be desired, but the devices were configurable.
There is another downside. If you use the so called private IP ranges then by definition they are not routable. All properly configured routers on the internet ( there's got to be at least one;-) will not forward packets to or from a private range. This means that if your firewall/router is improperly leaking packets they won't go anywhere. If you use public IPs then the leaked packets will go somewhere. One of the first things your are supposed to do with a firewall is configure it so it doesn't forward any of the private address ranges.
That would be an implementation error, unrelated to the issue at hand.
Essentialy you can use public IPs but its not the way the IP system was designed. Public IPS are for the internet, private are for inside the private LAN.
You are confusing policy with protocol. The protocol implements no such restrictions.
In other words, by looking at the IP address contained in the payload, there's no way to tell that it was behind a NAT router or not simply because the IP address was not in a reserved range.
Erm, not really because the real point he was trying to make is that the public address that the packet came from matched the address in the payload - which he alleges is the real IP of the machine running Kazaa. In your case the IPs would not match - private vs public IPs are mostly irrelevant to this, (as was much of the deposition)
The addresses could match with NAT. If a specific NAT implementation prohibited the same IP address being use on the LAN side as the WAN side, a second level of NAT would allow it. In fact, with two levels of NAT, every LAN port on the router could be assigned the same internal address as the external WAN port. So not only doesn't the same IP indicate no router, it doesn't imply a one-to-one relationship.
There seems to be a common misconception, that I noted in the testimony, that you have to use one of the reserved IP address ranges on the LAN side of a NATed router. In fact, you can use any address at all (I do). The only downside to this practice is if you eventually have to move the NATed host(s) to the WAN side, they need to be re-addressed - and of course, that only applies to hosts with statically assigned IPs.
In other words, by looking at the IP address contained in the payload, there's no way to tell that it was behind a NAT router or not simply because the IP address was not in a reserved range.
Secondarily, since the computer interface IP address is in the packet payload, that is data that is being sent by an application. The application (whatever it was that was communicating with the P2P network) may:
- lie. It could be a hacked version of a P2P standard application, - allow user configuration of the IP address in the payload (if I remember correctly, some seem to), - be broken. I assume all versions of all applications that communicate on the indicated P2P network were not vetted for their proper functioning.
My county library makes books available for electronic checkout (essentially, a download). When you are done with the e-book, it's checked back into the library. This appears to be legal fair use in terms of copyright. My library also lends CDs and DVDs, however they have not - yet - made those available for electronic checkout due to the bandwidth considerations.
Perhaps the solution to P2P is a software system that provides the same serial re-use? Of course people can copy them illegally, just as they can with real books, CDs and DVDs. However, having the basic mechanism be in compliance with copyright laws would take the steam out "piracy" prosecution.
For example, if 5 million people just kept a CD/DVD in a drive and some new P2P software allowed serial re-use of that content by folks on the Internet, would that be in compliance? We could even make the library the clearance house for the content, by making our content (and bandwidth) available through the local library's online system. I can't see how this would be any less legal than a library is today. The only downside is that you'd have to wait for content to be on CD/DVD/E-Book. The upside is much greater availability of much higher quality material.
As a convicted monopoly, Microsoft's unsubstantiated claims intended to hinder the adoption of a competitor's product should be grounds for dragging Ballmer away in handcuffs. While nothing will be done in the U.S., other countries are free to deal with Microsoft. I'm curious to see what if anything results from this legally. A $1.5B fine here, a $1.5B fine there, pretty soon it adds up to real money.
Slashdot Mirror
This is very sad, but not unexpected. Every major construction project will have an estimated number deaths associated with it before it starts. Every skyscraper, every bridge, every tunnel, every road through bad terrain, and yes, every space mission.
Most people (other than the safety engineers and insurance folks) rarely stop and think about what it costs in human lives to move forward. But there is a cost.
In a perfect world it would never happen, but we are imperfect and it will always happen. People make mistakes. Equipment malfunctions. Bad weather. Mislabeled products. Acts of nature.
The people that do this work benefit their species; a true higher calling. Take a moment to think about their sacrifice and thank them.
Here in Joisey, should it happen dat some low life scum steals your identity, Vinnie pays dem a visit. He users der eyes for icepick holders, and shoves der kneecaps up der ass. Did I say Vinnie? I must have mispoke myself. Vinnie was at a party in Rhode Island, with a bunch of identity theft victims. You know, a support group. Dey all swears he was der. Dat was a terible ting dat happened to dat guy. Maybe he should retire now.
Thank goodness, I'm off the hook this once.
There is no spoon
(Looking back from the future)
I remember the Web. That was when there were still ISPs and telecoms, right? Back when the big corporations tried to figure out how to triple, and quadruple charge for everything. When governments started taxing every packet. Back before the Mesh. Yeah, that sucked.
One of my banks has a bad SSL certificate configuration.
I emailed then to let them know. Their response? "Clear your cache and cookies".
I thanked them and explained that the problem wasn't on my end, that Verisign actually documented their problem and provided them with the URL. Their response? "Maybe the date on your computer is wrong, our certificates expire in 2011".
I again explained that it wasn't a certificate expiration issue, and in fact the certificate in question expired in 2009. Their response? "No one else is reporting the problem". I stopped reporting the issue, and we started moving money elsewhere.
The problem isn't so much that they didn't have a properly configured certificate, the problem was their response to a security issue. The ticket went back and forth several times (to multiple representatives), and there was no automatic escalation or intercept. The ticket was reporting a security matter, but again, there was no intercept. I can understand not having tier 1 customer support be security experts, but the exchange exposed a complete lack of proper security practices and procedures.
I am not now, nor have I ever been impressed with the security practices at any bank. Some are just not as bad as at others. They will never be permitted to lay hands on a computer of mine.
The problem is that you need to pass the "--no-default-flags" to encfs. For example, I typically use:
/some/directory
/some/directory /some/decrypteddirectory
sshfs -o follow_symlinks,reconnect,workaround=rename user@members.aol.com:
followed by:
encfs --no-default-flags
The 'sshfs --help' command will provide useful info on sshfs, and 'man encfs' will give you the details on encfs. There's always help at linuxquestions.org too.
I'm not an "AOL user", but I do have an IM account. Signing up for AIM is the only requisite to get the space.
AOL gives everyone that signs up for an IM account 100MB of web space, but the interesting thing is it's ssh accessible. That means that you can mount it with sshfs or sftp, making it a handy place to keep (encrypted) data that you access from multiple machines. For example,
/some/directory
sshfs userid@members.aol.com:
The above (after responding to the password prompt) makes the 100MB available in your local "/some/directory/". The data is also web accessible at:
http://members.aol.com/userid/
I find the space, even though small, very handy for storing small amounts of useful information. Using encfs on the sshfs mounted space allows remote access to things like server status/logs in a secure fashion, even when the machine is not directly SSH accessible.
Two months ago, Intel introduced microcode updates for all systems with an Intel® Core(TM) 2 Duo processor. According to an HP Tech Support Document:
While the implications of the issue are difficult to quantify, any of the following symptoms can occur:
* The system may stop responding to keyboard or mouse input.
* A system operating in a Microsoft Windows environment may generate a blue screen.
* A system operating in a Linux environment may generate a kernel panic.
This was the first I had heard of this; probably a good time to check for BIOS or microcode updates."
The HP link also indicates the nature of the problem, which should not be OS specific:
This Intel microcode update addresses an improper Translation Lookaside Buffer (TLB) invalidation that may result in unpredictable system behavior such as system hangs or incorrect data.
I'm surprised that no one has mentioned one of Fedora's major strengths; security. This is the primary reason that I use Fedora. The combination of security layers has made Fedora immune to many (all?) of the compromises/exploits in recent history.
While distributions like Ubuntu are more popular with end-users, I'm concerned that an exploit across such a popular (but security weak) distribution will paint all of Linux with an unfavorable brush.
I had the same problem trying to install a retail copy of Windows XP on a Sony Vaio laptop. Nothing worked, the video was screwy, no network. I had no choice but to use the Sony OEM install, which had all their customized drivers. Linux (Fedora) on the other hand mostly worked (I needed to download and setup a video driver for 3D acceleration, but 2D was OK).
The point is that an anecdotal success or failure on an individual machine does not really tell you anything. End users rarely if ever perform an installation. If Dell's were available with Linux pre-installed, would end-users have a problem? I doubt it.
That's incorrect. You only need to report the fraud to your State Attorney General and Commissioner of Consumer Affairs. My state lets you file online via their web page. The last time I did this (as an end-user, not a corporation), after exhausting all other escalations with the vendor, the problem was resolved in 48 hours.
If your state's organizations are not responsive, maybe you need to replace those folks with some that are.
It conducts electricity, so it will act as a Faraday shield. Considering that it's not particularly popular now, you can probably "secure" a room for considerably less that this paint will cost.
As far as I've been able to determine from friends and family in the teaching profession, the problem isn't so much compensation as it is walnut-brained administrators and parents.
If you make schools immune to civil lawsuits, put teachers ahead of parents and stop appointing the retarded friends and family of politicians as school administrators, you will have a functioning school system again. Parents that don't like that situation can take their kids to private school or home school them.
Stupid kids need to get left behind. Advanced kids need to get advanced placement. If you cater to the lowest common denominator, you get ignorant, bored, unchallenged kids that are disciplinary problems.
Is this really that hard to understand?
As far as I know, going back to 2000 at least, the internal (LAN) IP address range has always been configurable. However, on some routers that was not obvious. The DHCP range on some could not be configured, but if you changed the IP address of the router, the DHCP range 'inherited' the IP prefix. For example, by default:
Router: 192.168.1.1
DHCP Range: 192.168.1.100-150
Setting the router to "123.45.67.1" yielded:
Router: 123.45.67.1
DHCP Range: 123.45.67.100-150
The user interface left much to be desired, but the devices were configurable.
Every consumer router I've tested, including Linksys, Netgear, Zyxel and Trendnet allow the configuration of the internal (LAN) address range.
The addresses could match with NAT. If a specific NAT implementation prohibited the same IP address being use on the LAN side as the WAN side, a second level of NAT would allow it. In fact, with two levels of NAT, every LAN port on the router could be assigned the same internal address as the external WAN port. So not only doesn't the same IP indicate no router, it doesn't imply a one-to-one relationship.
There seems to be a common misconception, that I noted in the testimony, that you have to use one of the reserved IP address ranges on the LAN side of a NATed router. In fact, you can use any address at all (I do). The only downside to this practice is if you eventually have to move the NATed host(s) to the WAN side, they need to be re-addressed - and of course, that only applies to hosts with statically assigned IPs.
In other words, by looking at the IP address contained in the payload, there's no way to tell that it was behind a NAT router or not simply because the IP address was not in a reserved range.
Secondarily, since the computer interface IP address is in the packet payload, that is data that is being sent by an application. The application (whatever it was that was communicating with the P2P network) may:
- lie. It could be a hacked version of a P2P standard application,
- allow user configuration of the IP address in the payload (if I remember correctly, some seem to),
- be broken. I assume all versions of all applications that communicate on the indicated P2P network were not vetted for their proper functioning.
My county library makes books available for electronic checkout (essentially, a download). When you are done with the e-book, it's checked back into the library. This appears to be legal fair use in terms of copyright. My library also lends CDs and DVDs, however they have not - yet - made those available for electronic checkout due to the bandwidth considerations.
Perhaps the solution to P2P is a software system that provides the same serial re-use? Of course people can copy them illegally, just as they can with real books, CDs and DVDs. However, having the basic mechanism be in compliance with copyright laws would take the steam out "piracy" prosecution.
For example, if 5 million people just kept a CD/DVD in a drive and some new P2P software allowed serial re-use of that content by folks on the Internet, would that be in compliance? We could even make the library the clearance house for the content, by making our content (and bandwidth) available through the local library's online system. I can't see how this would be any less legal than a library is today. The only downside is that you'd have to wait for content to be on CD/DVD/E-Book. The upside is much greater availability of much higher quality material.
As a convicted monopoly, Microsoft's unsubstantiated claims intended to hinder the adoption of a competitor's product should be grounds for dragging Ballmer away in handcuffs. While nothing will be done in the U.S., other countries are free to deal with Microsoft. I'm curious to see what if anything results from this legally. A $1.5B fine here, a $1.5B fine there, pretty soon it adds up to real money.
FUSE and sshfs meet your requirements. I've been using sshfs between 5 systems for a year now, and its operation has been flawless.