Monitors can die pretty spectacularly too, but usually don't. Nowadays they even have overfrequency protection (so you can't make them catch on fire with a bad XF86Config file) and the flybacks are jacketed in hard plastic instead of rubber, which cuts way down on the fire and electric shock hazard.
I'd like to know why Ted Tso and others are working on ext4?
Because he wants to. Some people play softball, some people write fs code. It's because they derive some satisfaction or enjoyment from it.
Those of us who run Ted's code (remember, he's the linux capabilities guy) benefit greatly from his activities, because he's smart and capable. But really, he's doing it for himself; he's a self-actualized human being.
No, AdvFS doesn't have that. No Unix OS uses a versioning FS as far as I know.
I used to use VMS about 18 years ago before switching to Unix, and I don't miss versioning. IMO it was a bit of a pain in the ass anyway. You just run out of space faster and then have to "purge" your old versions to claw space back, which runs the risk of deleting file versions that someone else might want to keep around. In other words, it's messy.
Why didn't you just implement a daily purge in your LOGIN.COM file? It'd only be three of four lines of DCL tops (just to make sure it only happened on the first login of the day).
If purging causes you to delete file versions someone else wanted to keep, you're doing it wrong.
Ghods, I miss versioning... it saved so much time and typing when writing large complex systems. I watch *nix programmers fiddling with CVS, SVN, etc. and I think how much easier OS-based versioning was... whatever floats your boat, though, I guess.
Not necessarily. With a really good versioning paradigm, quite the opposite, in practice.
In a solid versioning system you always know what you can delete. In a non-versioning system everybody has to assign a non-conflicting name or a separate storage space for prior versions of files, and humans don't use consistent naming, so one guy calls his backup files file.BAK and another calls 'em file.SAV1 with increasing numbers, etc.
In a VMS versioning system, for example, programmers code all day, then go home and the nightly backups run, and come in next morning and their login scripts execute purge/keep=2 on their code folders, and presto they have the two latest versions live with all preceding versions available from backup.
There are many other advantages, but the biggest one is preventing the duplicate file clutter that humans generate on non-versioning systems.
Why not? I admin'd and coded on VMS systems with native versioning file systems for decades, and I don't see any problem with running/var on a versioning fs. It's not like versioning is some out-of-control monster that will eat your head if you aren't armed with a bullwhip and a chair... it will do what you tell it to do, appending to files does not have to create a new version, and version management is trivial compared to the amount of file management and backup make-work it obviates.
People who haven't used a strong versioning system have no idea how wonderful it is (although I expect we'll see some folks telling me different any minute now). Most *nix filesytems are really very primitive; 30 year old paradigms like ugo-rwxrwxrwx and nesting ACLs.
I used to do that, and then I got a UPS instead and switched back to pure ext2. The performance hit from journalling is simply too high to tolerate. A decent UPS (pretty much anything made by APC) will prevent the crashes in the first place, solving the problem completely and without any unnecessary overhead. With UPS prices being as low as they are, there is no excuse for not having one, so I think that journalling will become obsolete in some near future.
Our industrial UPS (which is orders of magnitude more reliable than any APC product ever made) recently exploded, burnt, and shorted out the entire building's power. It spiked thousands of volts through the protected equipment and destroyed a half-dozen servers. The fire was fierce enough to cause our fm200 system (halon equivalent) to dump, which put out the fire before the main battery bank was breached.
This was the first time I've ever seen an UPS bigger than a Chrysler fail, but I've seen dozens of failures from those crappy little APC units. At one time I had a stack of burnt-out ones in my basement (I used to salvage the batteries for cash).
If your disaster survivability plan depends on any single piece of hardware never failing, it's no good. Offsite backup is your friend.
People over generalize 'lots of people with good ideas'. No one seems to be aware that if everyone has a good idea it merely becomes a mediocre idea as people set the baseline.
Excellent! I'm told that a local school board member recently said "I like to believe that all our teachers are above average" and someone in the audience said "apparently not our MATH teachers!".
Might be apocryphal, though, I wasn't actually there.
It's a risk you take any time you let someone else handle something for you. It's a risk you take, period. You're trying to tell me that you can guarantee no unplanned downtime if you were to handle it yourself?
I want 24 hours notice prior to any unscheduled downtime! And don't give me any of that technical mumbo jumbo, I have a SERVICE LEVEL AGREEMENT!
It's a risk you take any time you let someone else handle something for you.
Specifically, it's a risk you take anytime you use a free service for something critical. You can't have an enforceable service level agreement for a free service - in order to be binding, a contract has to involve consideration from both sides.
Having an "enforceable service level agreement" does not make things magically unbreakable.
One of the great business fallacies of our time...
A really smart provider will not sign a contract promising 100% uptime, but a stupid one will. Which one will deliver the better service? In practice, your real guarantee of reliability is quality work, and the best way to get quality work is hire the best and treat them well. Making them sign pieces of paper promising doom for failure does little or nothing useful.
I've been using Gmail all day, incidentally. Works fine for me - I've been corresponding with other gmail users no problem.
gimp is hardly a word in everyday usage for most people; it's not that unusual to form an association like that when there's no other experiences to dissipate it.
I suppose you are right, although I've heard the word all my life.
What's unusual is to project such an association on others, perhaps?
Are you being purposely obtuse or did you not read my posts?
Everybody has the same thought in mind when they hear the word "fuck". It's unambiguous and a cultural reference point for English speakers.
Normal people don't have a problem with the word "gimp", and normal people do not consider it in the same category as "fuck". You can theorize all you want, but them's the facts, brother. I talk about the Gimp all the time and no-one has ever flinched or giggled even once, because I don't work with people who have scary obsessions with obscure BD/SM terminology.
Of course, there aren't many "normal" people on slashdot... that's what makes it interesting!
Yeah, and "faggot" has also been used as an English term for a log for centuries. That doesn't mean I'm going to advocate for a software program named that to a bunch of middle-aged business people.
You forgot to add, a bunch of middle-aged business people who are surprisingly well informed about sadomasochistic sex scenes in ultraviolent movies.
Seriously, the scene you previously referred to is not a mainstream business cultural reference point. If everybody at your workplace instantly references Pulp Fiction when you say "gimp" that's not comparable to them referencing homophobia when you say "faggot". It means you are dealing with some individuals who are quite a bit more out of the beaten path than the people who named the Gimp. Those guys were college students in 1995 when they named the program, so it's conceivable that they actually named the program after Tarentino's violent porno, but for a businessman to still be thinking about it twelve years later is unusual, and for it to be taboo for an entire office is deeply weird.
To expand on your example, a faggot can be a stick or a cigarette, and is in common use for those meanings in some places. The US business world is of course not one of those places due to the history of acceptable homophobia in the male-dominated US workforce. Similarly, you should probably say "hot dog" instead of "weiner" in a schoolyard. The problem's not the word, it's the infantile environment.
I talk to people pretty much every day who use gimp for decorative purposes. Nobody bats an eye if you use the term. If your workplace has issues with the word "gimp", your workplace is fscked up. Seriously, despite my being marked "Troll" for saying so. I can and do refer to the Gimp in front of a class and it's never occurred to me to feel uncomfortable about it. Probably every word in the English language has at some time been used to reference something somebody found objectionable; can we not use the software "swing" because of the Stanford White sex scandal? Can we no longer use the term "dominant" to describe highly weighted genes? Must we refrain from building "suspension" bridges?
I can't come up with any more, because honestly I don't know very much about the BDSM subculture.
Not that there's necessarily anything wrong with that;)... but it's not something people reference in any workplace I've been comfortable in.
I'm not going to argue with you about it, though, I haven't anything more to add and it appears I will just be modded down anyway. I've got no objection to people using photoshop, I've got no objection to people watching twisted movies, I've got no axe to grind, and I'm sure you're a better judge of what's acceptable in your office than I am.
People laugh. But when I taught a web class for my company last year, that name kept me from using this as the recommended graphic program of choice (used Photoshop elements instead).
Wow, I'm glad I don't work for your company. I mean, I understand where you are coming from, but it's a shame you have to pander to corporate cluelessness in such a fashion.
"Gimp" is the normal name used by seamstresses for a particular craft material since the 15th century. It's sold in stores all over the world without anyone objecting. Really, normal people just don't have any problem with the word "gimp" except possibly when it's used as a pejorative to mock cripples.
If your co-workers are likely to assume that a software program is somehow associated with a sado-masochistic scene from a director renowned for his obsession with disturbing and violent imagery, I can only conclude they are either disturbingly obsessed with sadism, masochism and ultra-violent movies, or profoundly stupid. Either way, I wouldn't want to spend 8 hours a day with them. You have my sympathy.
Re:It really didn't have this?
on
GIMP 2.6 Released
·
· Score: 5, Insightful
Does he advertise projects he works on in his spare time as being comparable to Photoshop?
I've never seen any "advertisements" for the Gimp anywhere. I guess I haven't been paying attention.
That being said, the Gimp is comparable to Photoshop. You can compare anything to anything if you want, obviously. I myself enjoy comparing apples and oranges in my copious free time.
More importantly the Gimp is a free alternative to Photoshop, with different strengths and weaknesses. Both products seem to have a hellish learning curve, so you would be foolish to abandon Photoshop if you are already invested in it, and I suspect it'd be equally foolish to start an investment in Photoshop today when there is a free alternative available.
Quite a number of them, and they're not exactly sitting around typing in nmap command lines by hand, you know. They have automated tools to scan large sections of the internet for known vulnerabilities to exploit. They don't run "thousands" of portscans, they run millions.
Ah, there's part of the problem. I think of a portscan as being one invocation of a tool, you are thinking of it as one host being scanned. OK, that's orders of magnitude different, and your definition is likely more useful. Nonetheless, harking back the top posts in this conversation, I still don't see investigation as being inherently malicious; asking questions about bank security is not something that should be automatically cause one to be treated as a murderous bank robber, or even labeled as one.
And the fact that you haven't met many of them might have more to do with you not associating with criminals, hmm?
Well, my employer does send me to Defcon as part of my job. Most of the people I meet there are more curious than malicious. But it's true I don't spend all my time trawling the seamy underbelly of the Eastern European cracker scene.
How many of these port scans did you perform on ips you otherwise had no control over or relationship to?
That's a very good point. I almost never portscan IPs I don't need to talk to; it's a troubleshooting and investigatory procedure for me.
I see port scans come at my servers all day. Are you seriously trying to suggest that thousands upon thousands of "network professionals", and "top-notch app programmers" around the world are doing them on my servers for some non-malicious purpose? Sure my ISP is behind a couple as part of their legitimate network monitoring, and I've run a few myself, but the 99.99% majority hitting my servers are malicious.
The parent poster was correct.
I see your point, but you've got a pretty broad definition of malicious there. Is gathering information without causing you any harm really malicious? I usually require a greater burden of proof of maliciousness than "they looked at me, and I can't conceive of any other reason than they might want to hurt me".
But as I said, you definitely have a point; you may well even be right, though I don't think either of us has really proved anything.
And "thousands" over a career is somehow not a tiny fraction?
Well, you're not exactly using precise numbers, are you, but I was guessing that I am not the only person capable of portscans who is not actively malicious.
How many people do you think are out there maliciously portscanning? I've met way more normal computer professionals than psycho computer criminals that spend forty hours a week cracking. The few people that I have met who might fit that description are not heavy portscanners anyway, they sure aren't competing with Red Siren's daily (non malicious) portscans.
Red Siren probably hits ten thousand hosts a day, although I'm just guessing. Non-malicious college research projects and net surveys probably hit almost as many.
Perhaps you are using different metrics than me, but (absent real data) I'm betting there are fewer portscanning criminals than portscanning wage slaves on the Intartubes.
Unless you're performing a DoS isn't IP spoofing very counterproductive since you cant get a response?
If the target system's been infected from a webpage or email, you can send commands from a fake IP and receive responses on an anonymous channel such as IRC or an abandoned web forum.
Do you honestly think anything but the tiniest fraction of port scans are not malicious?
I've done thousands of port scans as part of my job. I've done four today, and I'm not even a networking guy any more. Most reasonably capable computer professionals will do hundreds if not thousands of non-malicious port scans during their careers.
How do you check port security? Ask your (possibly root-kitted) host with netstat? Ask the (possibly incompetent) sysadmins of the systems you're trying to check?
netcat and nmap are commonly used tools found on all competent network professionals' computers, and most sysadmins use nmap, and really top-notch app programmers keep it handy as well.
Can you for a moment outline your reasons that make you think ethnic (or sexistic or age-istic) profiling is wrong?
Sure, I can do that for you.
Smugglers and guerillas (the talent pool that terrorists have readily available) can test and measure the effects of profiling and defeat it completely. It's a trivial exercise, in fact - just spend a few days looking at who gets stopped and who doesn't.
I'm told that on I95 where it passes through Delaware, the drug smugglers discovered that profiling was being used. They then began hiring mules that fit the profile and having them transport just enough dope to have the police force fall over themselves with "yay profiling works" self-congratulation. Meanwhile, literally hundreds of pounds of dope were being moved by people who did not fit the profile - you can put a lot of cocaine in a station wagon full of screaming kids driven by a sweating, red-faced white guy.
The main victims were the poor schmucks who were purposely hired off the streets in Miami to be caught. Their recruiting, and the drugs that were seized, were just an overhead cost easily absorbed by the drug lords. But the secondary victims were the harmless brown-skinned folks with Florida tags who were harassed, and the tax payers whose money was being wasted.
Look, say I'm Omar Hooknose the Greasy, I kidnap your kids and strap dynamite to their bodies, then I have your atheistic European wife carry my luggage to Philly. She thinks she's smuggling drugs, but it's a pressure activated bomb. I'm sure I don't really need to point out the thousand other ways any half-witted moron can defeat profiling, since terrorists are provably capable of learning and planning.
Profiling will always appear to work, because it is in the best interests of the bad guys to feed human fodder into the profiling machine. But actually, it's just distracting resources and staff from the real threats. Profiling works in the best interests of terrorists, really.
Either search everyone to the same degree or randomly choose people for extra searching. Don't bother with racial or ethnic profiling, it is trivially easy to defeat.
Personally, I'm not afraid of terrorists. I would like the government to disband the TSA and stop all efforts to protect me and my family from terrorism. I think only cowards are afraid of terrorists, because terrorists are less effective than whiskey at killing Americans, and I'm not particularly afraid of whiskey.
Might that be because infinite data structures don't often exist in mainstream and/or commercial software applications?
Sure they do. On my computer, there's an infinite stream of ethernet frames arriving, an infinite stream of video frames leaving, an infinite stream of keyboard events arriving, etc.
I don't understand why you'd think of a stream as an infinite data structure. I'd think of it as a stream, optimally processed as a stream.
But I don't know Haskell, so perhaps I'm just confused by my own ignorance.
I have never found any practical use for the Fibonacci sequence. Ever. Not even for modeling snail shell formation for a malacologist, where you'd think it would be handy.
How do you parse a free form string that contains a person's name, typed in by someone being paid minimum wage, and determine the the probability that the name matches input from a cheap microphone? That's a better example, show me how Haskell makes that easier than some other language.
Thank you very much for the information; I don't have any way of knowing what Rogers is doing except by looking at the source IPs of incoming malicious traffic (since I'm outside their region) and that doesn't give me a very granular view. I can see that Adelphi, Rogers and AOL are all sourcing less crap these days, but I haven't any way to see how or why that came about.
I think the CEOs of corporations that harbor and enable spammer botnets should be flogged, tarred and feathered... are you listening Comcast? Rogers? Cox?
Rogers blocks all traffic on port 25 which doesnn't go to their own internal mail servers, and now requires authentication, even for mail that originates on their own network.
There's no reason a person should be forced to use their ISP's mail server - that's not the same thing as preventing spamming, it's like shooting someone's entire family to keep their dog from pooping in your yard (a strategy that will work, but it's not worth the collateral damage). On the other hand, it's wonderful that they are requiring SMTP auth, that's perfectly reasonably and significantly better than the approach Comcast is using in my area.
They won't relay unless you've specifically tied your reply-to address to your account, by means of creating an alias through their account management portal, and you're limited to a maximum of 8 aliases per e-mail address.
But restricting the paying customers who are good netizens is degrading the quality of the service without cause. If true competition is ever allowed in the market, ISPs who do this will be outcompeted. I personally am capable of running a mailserver with 100% uptime for a decade without a single outgoing spam (I've done exactly that on four corporate sites) so why should I be forced to use Rogers' relatively unreliable service?
They also routinely portscan you and have been known to shut people down for running servers or suspected virus infection.
Portscanning alone is insufficient to detect viruses, but it's a great first step and I applaud them for it. Unfortunately, the whole purpose of the Internet is to connect servers and users, so shutting down people for running servers is another huge degradation of service for good netizens.
I don't know about the others you listed, but Rogers has improved their security significantly.
It sounds like they are ahead of the pack (certainly much better than ISPs in my area) but it also sounds like they are still failing to identify the true problem and attack it. Are they competent enough to distinguish between me opening a netcat pipe on a random port to a guy who wants to send me some confidential financial data and a spammer who has infected an unpatched PC? They have the hardware to do this trivially - portscanning is great as one small part of a strategy but simply monitoring nameserver usage (for one example) is thousands of times more effective and far less intrusive.
Slashdot Mirror
Monitors can die pretty spectacularly too, but usually don't. Nowadays they even have overfrequency protection (so you can't make them catch on fire with a bad XF86Config file) and the flybacks are jacketed in hard plastic instead of rubber, which cuts way down on the fire and electric shock hazard.
I'd like to know why Ted Tso and others are working on ext4?
Because he wants to. Some people play softball, some people write fs code. It's because they derive some satisfaction or enjoyment from it.
Those of us who run Ted's code (remember, he's the linux capabilities guy) benefit greatly from his activities, because he's smart and capable. But really, he's doing it for himself; he's a self-actualized human being.
No, AdvFS doesn't have that. No Unix OS uses a versioning FS as far as I know.
I used to use VMS about 18 years ago before switching to Unix, and I don't miss versioning. IMO it was a bit of a pain in the ass anyway. You just run out of space faster and then have to "purge" your old versions to claw space back, which runs the risk of deleting file versions that someone else might want to keep around. In other words, it's messy.
Why didn't you just implement a daily purge in your LOGIN.COM file? It'd only be three of four lines of DCL tops (just to make sure it only happened on the first login of the day).
If purging causes you to delete file versions someone else wanted to keep, you're doing it wrong.
Ghods, I miss versioning... it saved so much time and typing when writing large complex systems. I watch *nix programmers fiddling with CVS, SVN, etc. and I think how much easier OS-based versioning was... whatever floats your boat, though, I guess.
That leads to space-bloat.
Not necessarily. With a really good versioning paradigm, quite the opposite, in practice.
In a solid versioning system you always know what you can delete. In a non-versioning system everybody has to assign a non-conflicting name or a separate storage space for prior versions of files, and humans don't use consistent naming, so one guy calls his backup files file.BAK and another calls 'em file.SAV1 with increasing numbers, etc.
In a VMS versioning system, for example, programmers code all day, then go home and the nightly backups run, and come in next morning and their login scripts execute purge/keep=2 on their code folders, and presto they have the two latest versions live with all preceding versions available from backup.
There are many other advantages, but the biggest one is preventing the duplicate file clutter that humans generate on non-versioning systems.
So, you want a Versioning file system? Just make sure you never let that run on /var.
Why not? I admin'd and coded on VMS systems with native versioning file systems for decades, and I don't see any problem with running /var on a versioning fs. It's not like versioning is some out-of-control monster that will eat your head if you aren't armed with a bullwhip and a chair... it will do what you tell it to do, appending to files does not have to create a new version, and version management is trivial compared to the amount of file management and backup make-work it obviates.
People who haven't used a strong versioning system have no idea how wonderful it is (although I expect we'll see some folks telling me different any minute now). Most *nix filesytems are really very primitive; 30 year old paradigms like ugo-rwxrwxrwx and nesting ACLs.
I used to do that, and then I got a UPS instead and switched back to pure ext2. The performance hit from journalling is simply too high to tolerate. A decent UPS (pretty much anything made by APC) will prevent the crashes in the first place, solving the problem completely and without any unnecessary overhead. With UPS prices being as low as they are, there is no excuse for not having one, so I think that journalling will become obsolete in some near future.
Our industrial UPS (which is orders of magnitude more reliable than any APC product ever made) recently exploded, burnt, and shorted out the entire building's power. It spiked thousands of volts through the protected equipment and destroyed a half-dozen servers. The fire was fierce enough to cause our fm200 system (halon equivalent) to dump, which put out the fire before the main battery bank was breached.
This was the first time I've ever seen an UPS bigger than a Chrysler fail, but I've seen dozens of failures from those crappy little APC units. At one time I had a stack of burnt-out ones in my basement (I used to salvage the batteries for cash).
If your disaster survivability plan depends on any single piece of hardware never failing, it's no good. Offsite backup is your friend.
People over generalize 'lots of people with good ideas'. No one seems to be aware that if everyone has a good idea it merely becomes a mediocre idea as people set the baseline.
Excellent! I'm told that a local school board member recently said "I like to believe that all our teachers are above average" and someone in the audience said "apparently not our MATH teachers!".
Might be apocryphal, though, I wasn't actually there.
Shark skin is to human flesh as a belt sander is to cheese.
Where's BadAnalogyGuy when you need him?
It's a risk you take any time you let someone else handle something for you.
It's a risk you take, period. You're trying to tell me that you can guarantee no unplanned downtime if you were to handle it yourself?
I want 24 hours notice prior to any unscheduled downtime! And don't give me any of that technical mumbo jumbo, I have a SERVICE LEVEL AGREEMENT!
It's a risk you take any time you let someone else handle something for you.
Specifically, it's a risk you take anytime you use a free service for something critical. You can't have an enforceable service level agreement for a free service - in order to be binding, a contract has to involve consideration from both sides.
Having an "enforceable service level agreement" does not make things magically unbreakable.
One of the great business fallacies of our time...
A really smart provider will not sign a contract promising 100% uptime, but a stupid one will. Which one will deliver the better service? In practice, your real guarantee of reliability is quality work, and the best way to get quality work is hire the best and treat them well. Making them sign pieces of paper promising doom for failure does little or nothing useful.
I've been using Gmail all day, incidentally. Works fine for me - I've been corresponding with other gmail users no problem.
gimp is hardly a word in everyday usage for most people; it's not that unusual to form an association like that when there's no other experiences to dissipate it.
I suppose you are right, although I've heard the word all my life.
What's unusual is to project such an association on others, perhaps?
Are you being purposely obtuse or did you not read my posts?
Everybody has the same thought in mind when they hear the word "fuck". It's unambiguous and a cultural reference point for English speakers.
Normal people don't have a problem with the word "gimp", and normal people do not consider it in the same category as "fuck". You can theorize all you want, but them's the facts, brother. I talk about the Gimp all the time and no-one has ever flinched or giggled even once, because I don't work with people who have scary obsessions with obscure BD/SM terminology.
Of course, there aren't many "normal" people on slashdot... that's what makes it interesting!
I googled "Milk Plus" and I found a lot more than the old Korova moloko I was expecting! Thanks for the corroborating evidence.
Can you spare some cutter, me brothers?
Yeah, and "faggot" has also been used as an English term for a log for centuries. That doesn't mean I'm going to advocate for a software program named that to a bunch of middle-aged business people.
You forgot to add, a bunch of middle-aged business people who are surprisingly well informed about sadomasochistic sex scenes in ultraviolent movies.
Seriously, the scene you previously referred to is not a mainstream business cultural reference point. If everybody at your workplace instantly references Pulp Fiction when you say "gimp" that's not comparable to them referencing homophobia when you say "faggot". It means you are dealing with some individuals who are quite a bit more out of the beaten path than the people who named the Gimp. Those guys were college students in 1995 when they named the program, so it's conceivable that they actually named the program after Tarentino's violent porno, but for a businessman to still be thinking about it twelve years later is unusual, and for it to be taboo for an entire office is deeply weird.
To expand on your example, a faggot can be a stick or a cigarette, and is in common use for those meanings in some places. The US business world is of course not one of those places due to the history of acceptable homophobia in the male-dominated US workforce. Similarly, you should probably say "hot dog" instead of "weiner" in a schoolyard. The problem's not the word, it's the infantile environment.
I talk to people pretty much every day who use gimp for decorative purposes. Nobody bats an eye if you use the term. If your workplace has issues with the word "gimp", your workplace is fscked up. Seriously, despite my being marked "Troll" for saying so. I can and do refer to the Gimp in front of a class and it's never occurred to me to feel uncomfortable about it. Probably every word in the English language has at some time been used to reference something somebody found objectionable; can we not use the software "swing" because of the Stanford White sex scandal? Can we no longer use the term "dominant" to describe highly weighted genes? Must we refrain from building "suspension" bridges?
I can't come up with any more, because honestly I don't know very much about the BDSM subculture.
Not that there's necessarily anything wrong with that ;) ... but it's not something people reference in any workplace I've been comfortable in.
I'm not going to argue with you about it, though, I haven't anything more to add and it appears I will just be modded down anyway. I've got no objection to people using photoshop, I've got no objection to people watching twisted movies, I've got no axe to grind, and I'm sure you're a better judge of what's acceptable in your office than I am.
People laugh. But when I taught a web class for my company last year, that name kept me from using this as the recommended graphic program of choice (used Photoshop elements instead).
Wow, I'm glad I don't work for your company. I mean, I understand where you are coming from, but it's a shame you have to pander to corporate cluelessness in such a fashion.
"Gimp" is the normal name used by seamstresses for a particular craft material since the 15th century. It's sold in stores all over the world without anyone objecting. Really, normal people just don't have any problem with the word "gimp" except possibly when it's used as a pejorative to mock cripples.
If your co-workers are likely to assume that a software program is somehow associated with a sado-masochistic scene from a director renowned for his obsession with disturbing and violent imagery, I can only conclude they are either disturbingly obsessed with sadism, masochism and ultra-violent movies, or profoundly stupid. Either way, I wouldn't want to spend 8 hours a day with them. You have my sympathy.
Does he advertise projects he works on in his spare time as being comparable to Photoshop?
I've never seen any "advertisements" for the Gimp anywhere. I guess I haven't been paying attention.
That being said, the Gimp is comparable to Photoshop. You can compare anything to anything if you want, obviously. I myself enjoy comparing apples and oranges in my copious free time.
More importantly the Gimp is a free alternative to Photoshop, with different strengths and weaknesses. Both products seem to have a hellish learning curve, so you would be foolish to abandon Photoshop if you are already invested in it, and I suspect it'd be equally foolish to start an investment in Photoshop today when there is a free alternative available.
Quite a number of them, and they're not exactly sitting around typing in nmap command lines by hand, you know. They have automated tools to scan large sections of the internet for known vulnerabilities to exploit. They don't run "thousands" of portscans, they run millions.
Ah, there's part of the problem. I think of a portscan as being one invocation of a tool, you are thinking of it as one host being scanned. OK, that's orders of magnitude different, and your definition is likely more useful. Nonetheless, harking back the top posts in this conversation, I still don't see investigation as being inherently malicious; asking questions about bank security is not something that should be automatically cause one to be treated as a murderous bank robber, or even labeled as one.
And the fact that you haven't met many of them might have more to do with you not associating with criminals, hmm?
Well, my employer does send me to Defcon as part of my job. Most of the people I meet there are more curious than malicious. But it's true I don't spend all my time trawling the seamy underbelly of the Eastern European cracker scene.
How many of these port scans did you perform on ips you otherwise had no control over or relationship to?
That's a very good point. I almost never portscan IPs I don't need to talk to; it's a troubleshooting and investigatory procedure for me.
I see port scans come at my servers all day. Are you seriously trying to suggest that thousands upon thousands of "network professionals", and "top-notch app programmers" around the world are doing them on my servers for some non-malicious purpose? Sure my ISP is behind a couple as part of their legitimate network monitoring, and I've run a few myself, but the 99.99% majority hitting my servers are malicious.
The parent poster was correct.
I see your point, but you've got a pretty broad definition of malicious there. Is gathering information without causing you any harm really malicious? I usually require a greater burden of proof of maliciousness than "they looked at me, and I can't conceive of any other reason than they might want to hurt me".
But as I said, you definitely have a point; you may well even be right, though I don't think either of us has really proved anything.
And "thousands" over a career is somehow not a tiny fraction?
Well, you're not exactly using precise numbers, are you, but I was guessing that I am not the only person capable of portscans who is not actively malicious.
How many people do you think are out there maliciously portscanning? I've met way more normal computer professionals than psycho computer criminals that spend forty hours a week cracking. The few people that I have met who might fit that description are not heavy portscanners anyway, they sure aren't competing with Red Siren's daily (non malicious) portscans.
Red Siren probably hits ten thousand hosts a day, although I'm just guessing. Non-malicious college research projects and net surveys probably hit almost as many.
Perhaps you are using different metrics than me, but (absent real data) I'm betting there are fewer portscanning criminals than portscanning wage slaves on the Intartubes.
Unless you're performing a DoS isn't IP spoofing very counterproductive since you cant get a response?
If the target system's been infected from a webpage or email, you can send commands from a fake IP and receive responses on an anonymous channel such as IRC or an abandoned web forum.
Do you honestly think anything but the tiniest fraction of port scans are not malicious?
I've done thousands of port scans as part of my job. I've done four today, and I'm not even a networking guy any more. Most reasonably capable computer professionals will do hundreds if not thousands of non-malicious port scans during their careers.
How do you check port security? Ask your (possibly root-kitted) host with netstat? Ask the (possibly incompetent) sysadmins of the systems you're trying to check?
netcat and nmap are commonly used tools found on all competent network professionals' computers, and most sysadmins use nmap, and really top-notch app programmers keep it handy as well.
Can you for a moment outline your reasons that make you think ethnic (or sexistic or age-istic) profiling is wrong?
Sure, I can do that for you.
Smugglers and guerillas (the talent pool that terrorists have readily available) can test and measure the effects of profiling and defeat it completely. It's a trivial exercise, in fact - just spend a few days looking at who gets stopped and who doesn't.
I'm told that on I95 where it passes through Delaware, the drug smugglers discovered that profiling was being used. They then began hiring mules that fit the profile and having them transport just enough dope to have the police force fall over themselves with "yay profiling works" self-congratulation. Meanwhile, literally hundreds of pounds of dope were being moved by people who did not fit the profile - you can put a lot of cocaine in a station wagon full of screaming kids driven by a sweating, red-faced white guy.
The main victims were the poor schmucks who were purposely hired off the streets in Miami to be caught. Their recruiting, and the drugs that were seized, were just an overhead cost easily absorbed by the drug lords. But the secondary victims were the harmless brown-skinned folks with Florida tags who were harassed, and the tax payers whose money was being wasted.
Look, say I'm Omar Hooknose the Greasy, I kidnap your kids and strap dynamite to their bodies, then I have your atheistic European wife carry my luggage to Philly. She thinks she's smuggling drugs, but it's a pressure activated bomb. I'm sure I don't really need to point out the thousand other ways any half-witted moron can defeat profiling, since terrorists are provably capable of learning and planning.
Profiling will always appear to work, because it is in the best interests of the bad guys to feed human fodder into the profiling machine. But actually, it's just distracting resources and staff from the real threats. Profiling works in the best interests of terrorists, really.
Either search everyone to the same degree or randomly choose people for extra searching. Don't bother with racial or ethnic profiling, it is trivially easy to defeat.
Personally, I'm not afraid of terrorists. I would like the government to disband the TSA and stop all efforts to protect me and my family from terrorism. I think only cowards are afraid of terrorists, because terrorists are less effective than whiskey at killing Americans, and I'm not particularly afraid of whiskey.
Might that be because infinite data structures don't often exist in mainstream and/or commercial software applications?
Sure they do. On my computer, there's an infinite stream of ethernet frames arriving, an infinite stream of video frames leaving, an infinite stream of keyboard events arriving, etc.
I don't understand why you'd think of a stream as an infinite data structure. I'd think of it as a stream, optimally processed as a stream.
But I don't know Haskell, so perhaps I'm just confused by my own ignorance.
I have never found any practical use for the Fibonacci sequence. Ever. Not even for modeling snail shell formation for a malacologist, where you'd think it would be handy.
How do you parse a free form string that contains a person's name, typed in by someone being paid minimum wage, and determine the the probability that the name matches input from a cheap microphone? That's a better example, show me how Haskell makes that easier than some other language.
Thank you very much for the information; I don't have any way of knowing what Rogers is doing except by looking at the source IPs of incoming malicious traffic (since I'm outside their region) and that doesn't give me a very granular view. I can see that Adelphi, Rogers and AOL are all sourcing less crap these days, but I haven't any way to see how or why that came about.
Rogers blocks all traffic on port 25 which doesnn't go to their own internal mail servers, and now requires authentication, even for mail that originates on their own network.
There's no reason a person should be forced to use their ISP's mail server - that's not the same thing as preventing spamming, it's like shooting someone's entire family to keep their dog from pooping in your yard (a strategy that will work, but it's not worth the collateral damage). On the other hand, it's wonderful that they are requiring SMTP auth, that's perfectly reasonably and significantly better than the approach Comcast is using in my area.
They won't relay unless you've specifically tied your reply-to address to your account, by means of creating an alias through their account management portal, and you're limited to a maximum of 8 aliases per e-mail address.
But restricting the paying customers who are good netizens is degrading the quality of the service without cause. If true competition is ever allowed in the market, ISPs who do this will be outcompeted. I personally am capable of running a mailserver with 100% uptime for a decade without a single outgoing spam (I've done exactly that on four corporate sites) so why should I be forced to use Rogers' relatively unreliable service?
They also routinely portscan you and have been known to shut people down for running servers or suspected virus infection.
Portscanning alone is insufficient to detect viruses, but it's a great first step and I applaud them for it. Unfortunately, the whole purpose of the Internet is to connect servers and users, so shutting down people for running servers is another huge degradation of service for good netizens.
I don't know about the others you listed, but Rogers has improved their security significantly.
It sounds like they are ahead of the pack (certainly much better than ISPs in my area) but it also sounds like they are still failing to identify the true problem and attack it. Are they competent enough to distinguish between me opening a netcat pipe on a random port to a guy who wants to send me some confidential financial data and a spammer who has infected an unpatched PC? They have the hardware to do this trivially - portscanning is great as one small part of a strategy but simply monitoring nameserver usage (for one example) is thousands of times more effective and far less intrusive.