> Note that the method above gets rid of NDRs for nonexistent users
This is not true.
Let's see what really happens.
You send an e-mail from your e-mail client to your e-mail providers mailserver.
Your providers mailserver accepts your e-mail, without being able to check the if the address you are sending to is a valid address, because it's not one of the domains on your providers mailserver.
You provider then tries to deliver that e-mail to the recipients-domain mailserver.
It contacts that mailserver, that mailserver says this is not a valid address and your providers mailserver will generate an NDR and send it back to you.
These are the NDR's you do want to have.
This is your normal everyday NDR, if your provider would not let any e-mail in from the outside with a sender for the domains they host, unless authenticated, etc. then why not deliver those ? The e-mail stayed within the providers own mailsystem and came from a user it trusts.
I think those are the ones you want to receive, are easily checked (or kept inside a seperate mail system) and should receive.
I don't think just dropping all NDR's is a good option, you have to have an alternative.
The real problem is with how NDR's are handled when it can't be just rejected during the SMTP-conversation.
It would be better to have a 'ndr for:' in the SMTP-protocol as NDR-specific replacement for 'mail from:'.
Then we would actually be able to do the DKIM/SPF checks. on NDR's.
If you think you even need to click on a popup to get infected, your misinformed.
Just visiting any page can get you infected with IE (depending on the security updates you have and the way they are trying to exploit them, ofcourse). The majority doesn't need any interaction with the user.
BTW Apple has been changing parts and pieces of the gui every release and I think it's lost it's consistency. Also Mac OS X is an upgrade treadmill as well. With Apple you'll have to buy a new version every 1 or 2 releases. If you don't you can't run the newer versions of the software that come out. They used to come out every 6 months or so, but now they are at 1 ones a year. With the other OS's you don't need to pay for updates/upgrades (think service packs ?) that often. But then again an official full version of Windows is more expensive.
That's just my opinion ofcourse, I do hope you like KUbuntu.:-)
If you're talking about ECC-errors the first that come to mind are errors in ECC-memory, which most workstations don't have. And atleast all servers should too, but not all of them do.
It's actually pretty scary we have so little data protection, but then again, a lot of people don't make backups. And from those that do, a lot of them have never even checked if what they can do a restore would actually work.
I think so too. To many times I've been able to fix Windows with a Linux bootdisk when Windows wasn't able to fix it self with Microsoft or Windows tools. So I really doubt it was hardware.
I just can't see the need for a redesign of IP, what you want already is possible with IPv6 and oppurtunistic IPsec.
The problem is not the design, it's with the people operating the systems.
If we all use oppurunistic IPsec and fix the SMTP-protocol, by using a new (version of) the protocol on a new port-number.
Then we're quiet far, I don't see any reason for any1 needing anything else.
You want bandwidth guarantees, you pay for it... you can do so already now, just check out the business DSL's, you can have whatever you want.
Maybe we should add some extra extensions to IPv6 to improve some thing, it's possible. Then do it now. IPv6 isn't used as much yet.
If you want a new and improved TCP, go ahead, just get a protocol-number allocated and away we go.
There are already a lot of alternatives for TCP, just look at the Linux-kernel configuration.
I only see a lot of ways to make a less free internet, that only some big countries and companies want.
I for one would prefer to see less root-servers in the US and more.com or.net tld-servers controlled by other entities than just Verisign.
And my answer is yes to move ICANN to switserland, I'm all for it.
Maybe it would be good if fibers would be spread around more, instead of having the fibers of a lot of organisations in the same trench, when going from one city to an other.
If DNSSec wasn't such a monstrocity to implement _right_ then it might have been of more use.
But at this point it's already hard to have people use secure recursive DNS-implementations, so I don't think DNSSec will make it big any time soon.
Yes, do implement more TCP-MD5 at the BGP-routers, that's a good start.
So what is really needed is a way to force people to move to the better systems that are already available.
And the market isn't one of them, because you need incentive. I can think of only one right now.
Force all new mobile devices sold by law in the EU, US, China and Japan for example to be IPv6 only. They can for car-manufacturers to add seat-belt right ? Then why not IPv6 for mobiles ?
That way, there is an incentive to have more websites IPv6 capable and start people thinking about IPv6 at the ISP-level, maybe we'd finally get there that way.
If I remember correctly, of which I'm not completely sure I do, someone compiled it with the Intel's compiler at some point, to test all the gcc-extensions when they were added to the Intel compiler.
If you really want to know, you should look in a kernel-mailinglist archive looking for the Intel compiler.
Actually the US government uses Linux and Windows and maybe more and they do have access to the source of both.
Who said you buy your hardware for just running your current applications.
Buying a system that can use/be upgraded to above 4GB of memory probably isn't a bad idea in that light.
For months now I've been running such a system and I will be for a very long time.
OK, I'll bite.
Myth #3: the more people have an OS that supports DRM, the more likely the entertainment industry is to use it.
The more likely the Vista OS will be the only OS being able to use it.
No thank you.
----
I would almost say:
"3D applications that are prone to stressing hardware or crashing the OS", Vista it self is a 3D application.
But I won't.
I agree layer3 is an easier setup for any failover or whatever else reason you might want more links.
But spanning tree can still be usefull for when someone creates a loop by accident.
But then again, it may stay undetected.
So it depends on what your prefereences are.
With some changes is an understatement.
They are playing more nice these days, just see:
http://www.webkit.org/
Although I believe the KDE/khtml folks and webkit/safari/s60 folks haven't completely re-merged there code.
If I'm not mistaken: /etc/nsswitch.conf is the file that specifies the order in which files, databases (like LDAP) or NIS, etc. are handled.
> not every distro of linux uses shadow passwords (think debian or netbsd)
/etc/debian_version /etc/shadow /etc/shadow
leen@debian64:~$ cat
4.0
leen@debian64:~$ ls -lA
-rw-r----- 1 root shadow 1171 2007-08-17 01:41
> Note that the method above gets rid of NDRs for nonexistent users
This is not true.
Let's see what really happens.
You send an e-mail from your e-mail client to your e-mail providers mailserver.
Your providers mailserver accepts your e-mail, without being able to check the if
the address you are sending to is a valid address, because it's not one of the
domains on your providers mailserver.
You provider then tries to deliver that e-mail to the recipients-domain mailserver.
It contacts that mailserver, that mailserver says this is not a valid address and
your providers mailserver will generate an NDR and send it back to you.
These are the NDR's you do want to have.
This is your normal everyday NDR, if your provider would not let any e-mail in from
the outside with a sender for the domains they host, unless authenticated, etc. then
why not deliver those ? The e-mail stayed within the providers own mailsystem and
came from a user it trusts.
I think those are the ones you want to receive, are easily checked (or kept inside a
seperate mail system) and should receive.
I don't think just dropping all NDR's is a good option, you have to have an alternative.
The real problem is with how NDR's are handled when it can't be just rejected
during the SMTP-conversation.
It would be better to have a 'ndr for:' in the
SMTP-protocol as NDR-specific replacement for 'mail from:'.
Then we would actually be able to do the DKIM/SPF checks. on NDR's.
> SUNW (The stock ticker symbol) = Stanford University Network Workstation.
>
> Sun (the company) = Sun Microsystems.
>
Then why not use the obovious SUNM ?
If you think you even need to click on a popup to get infected, your misinformed.
:-)
Just visiting any page can get you infected with IE (depending on the security updates you have and the way they are trying to exploit them, ofcourse). The majority doesn't need any interaction with the user.
BTW Apple has been changing parts and pieces of the gui every release and I think it's lost it's consistency. Also Mac OS X is an upgrade treadmill as well. With Apple you'll have to buy a new version every 1 or 2 releases. If you don't you can't run the newer versions of the software that come out. They used to come out every 6 months or so, but now they are at 1 ones a year. With the other OS's you don't need to pay for updates/upgrades (think service packs ?) that often. But then again an official full version of Windows is more expensive.
That's just my opinion ofcourse, I do hope you like KUbuntu.
I'm pretty sure you also use gcc, then why not use powerdns-recursor ? I'm pretty sure it has the same license.
:-)
Ohh, euh... I think I know what the problem is.
Please, please, please, could you implement a good swapcontext and getcontext
implementation for the BSD's ?
You most be kiding, most filesystem do NOT do checksums, just check this page:
y stems
http://en.wikipedia.org/wiki/Comparison_of_file_s
If you're talking about ECC-errors the first that come to mind are errors in ECC-memory, which most workstations don't have. And atleast all servers should too, but not all of them do.
It's actually pretty scary we have so little data protection, but then again, a lot of people don't make backups. And from those that do, a lot of them have never even checked if what they can do a restore would actually work.
I think so too. To many times I've been able to fix Windows with a Linux bootdisk when Windows wasn't able to fix it self with Microsoft or Windows tools. So I really doubt it was hardware.
Hmmm...
Newer Windows versions (like Vista) might not run old Windows games and wine might still be able to run them.
It wouldn't be a big surprise.
There is a simple answer to that question:
Because the BBC also shows content they did not create.
If you don't know, why don't you just take a look:
/ basics/
http://www.opensolaris.org/os/community/zfs/demos
I've heard LinuxBios can boot Windows
The IPv6 transition could have been done better, but I'm afraid it's a bit late for that.
For meaningfull discussion of that point, take a look at what djb says:
http://cr.yp.to/djbdns/ipv6mess.html
I just can't see the need for a redesign of IP, what you want already is possible with IPv6 and oppurtunistic IPsec.
.com or .net tld-servers controlled by other entities than just Verisign.
The problem is not the design, it's with the people operating the systems.
If we all use oppurunistic IPsec and fix the SMTP-protocol, by using a new (version of) the protocol on a new port-number.
Then we're quiet far, I don't see any reason for any1 needing anything else.
You want bandwidth guarantees, you pay for it... you can do so already now, just check out the business DSL's, you can have whatever you want.
Maybe we should add some extra extensions to IPv6 to improve some thing, it's possible. Then do it now. IPv6 isn't used as much yet.
If you want a new and improved TCP, go ahead, just get a protocol-number allocated and away we go.
There are already a lot of alternatives for TCP, just look at the Linux-kernel configuration.
I only see a lot of ways to make a less free internet, that only some big countries and companies want.
I for one would prefer to see less root-servers in the US and more
And my answer is yes to move ICANN to switserland, I'm all for it.
Maybe it would be good if fibers would be spread around more, instead of having the fibers of a lot of organisations in the same trench, when going from one city to an other.
If DNSSec wasn't such a monstrocity to implement _right_ then it might have been of more use.
But at this point it's already hard to have people use secure recursive DNS-implementations, so I don't think DNSSec will make it big any time soon.
Yes, do implement more TCP-MD5 at the BGP-routers, that's a good start.
So what is really needed is a way to force people to move to the better systems that are already available.
And the market isn't one of them, because you need incentive. I can think of only one right now.
Force all new mobile devices sold by law in the EU, US, China and Japan for example to be IPv6 only. They can for car-manufacturers to add seat-belt right ? Then why not IPv6 for mobiles ?
That way, there is an incentive to have more websites IPv6 capable and start people thinking about IPv6 at the ISP-level, maybe we'd finally get there that way.
Just my thoughts...
You mean coLinux ?
Who said they are so special ?
Maybe we all have those abilities, they just need to be unlocked:
http://www.mindpowernews.com/005.htm
Going by the all the other comments of I'd say: no, it's only randomized when loaded the first time.
resist the blob !.
If I remember correctly, of which I'm not completely sure I do, someone compiled it with the Intel's compiler at some point, to test all the gcc-extensions when they were added to the Intel compiler.
If you really want to know, you should look in a kernel-mailinglist archive looking for the Intel compiler.
It's because you need 5 windows servers to do the job of 1 Linux server. ;-)
Seriously: pretty much nobody really looks at what the servers are actually doing.