Every Jaz disk I had eventually died. The drive is now gathering dust, no longer worth buying media for. An LS120 or ZIP is certainly a possibility. The purpose is for being able to boot a rescue disk, and those are bootable. But a CDROM would be cool and some of my machines are out of 5 inch bay space, but do have 3 inch bay space remaining. It would mean I could service all my machines with one rescue CD.
So if someone breaks into my computer system and downloads what turns out to be a virus, and infects his own machine as a result, losing thousands of dollars of business due to lost or exposed documents, etc, he could sue me?
"The promise of the Internet was always one-to-one marketing, but nothing has ever proven it out. We're proving it out," Eagle said.
Uh... who promised that? The only thing I knew of the internet to promise was easier access to more information, not some ability for assholes to get in my face. This is the kind of stuff that makes me so glad I use Linux (same would go if I used BSD).
And do you think the incompetent admins that run the site would have believed someone who just said the site was insecure, but didn't back it up with facts?
That analogy does not fit. A more correct one would be:
Hi. I came by to visit you at your house yesterday, and when I knocked on the door, it just swung wide open. Did you know you have left it ajar? I yelled to see if you were at home, but you weren't. You know someone might steal the computer you have set up right at the front of the living room there. Well, I closed the door for you. Since I don't have your key I couldn't lock it. You really should try better to keep your door closed and locked, but if not, at least move the computer to your back room so someone less honorable coming along won't walk off with it.
Using the wrong analogy could leave people who just don't understand in the first place with a misunderstanding of it. As to the specific facts about the case with PDNS.COM, I don't know if I have them all or not. But based on what facts have been presented that I have read, my analogy is the correct one. The only reason 99.9% would say this guy is wrong is if they are judging him based on your flawed analogy. Common sense dictates that the case should be investigated. Maybe LinuxFreak.Org didn't really do a very good job of gathering the facts. But until they all are available, this is what we have to go on, and it makes the feds, idiot small town newspapers, and a certain sysadmin, look bad.
Way too often, you get hold of someone incompetent. When that happens, more likely they realize they're in over their heads and that their fanny is showing and it needs to be covered up. I've dealt with webmasters and sysadmins before, and usually things don't get taken care of. But in the cases where I was able to get hold of someone in management that gives a damn (even if he isn't a techie) things do usually get taken care of and often quite quickly. So in the current (sad) state of affairs, if you can get hold of someone higher up in management that can at least understand that their is a problem, that is the best way to do it. I do realize that may come down hard on someone at the bottom who may simply have made a typographical error. But in the majority of cases I've encountered, were I the management in charge with what I know about these things, at least one head would roll.
My first encounter with an incompetent sysadmin came many years ago when I was compiling an index of files located on public FTP servers. This was even before the Archie indexing system was set up. I gathered lists of servers from Usenet and ran an indexer on them. The indexes were made available by FTP. The indexes were re-run about weekly. There were about 4 FTP sites at JPL in the list. I received a threatening letter from a sysadmin at JPL "informing" me that I was accessing a "secure government computer without authorization". Secure my ass! It was wide open, had files of clearly public interest, had no files I could tell from their names (since I didn't actually download any) would be anything confidential or secret, and was advertised as a public server on Usenet. After a few exchanges of email with this sysadmin, it became apparent that he was not only totally incompetent and utterly inept, he wouldn't even lift a finger to even try to fix his security problem. Were it not for the fact that its often very hard to get rid of the incompetent in government, I would have tried to get this guy fired. Of course today it would only get me arrested. I did remove that server from the list. If only there had been a slashdot in those days, but there wasn't even a web.
The law is today basically covering up for administrator incompetence. An administrator mistake that leaves a site insecure is one thing. But trying to cover up the mistake, or otherwise avoid doing the job... is what is the indicator of the incompetence. We know about the bug in IIS that spawned life to a red worm. Microsoft even fixed it well before the worm started. The two Microsoft admin types I know had their servers all patched up and secure before the worm ever hit. But clearly there are hundreds of thousands of servers run by the incompetent.
Now that ultramode.txt is gone, does anyone have a program that will parse the RDF or XML format and produce human readable and/or script parseable output?
I would go back and follow up on my postings to see if there are any replies, and maybe make counter replies. To find mine in the thread I would click on the browser search icon to bring up a search box, enter my name, and search for posts with my name as the poster. From there I can see if there are any new replies.
My display format preference is "light".
Now I can't. The new design leaves out the poster name. Nothing to find. The only way I can see my name is if my post got moderated up and doesn't show as just a one liner. But people do reply to posts that don't get moderated up. Not everyone reads at level 5.
So how about putting the names back in on the one liner when the post isn't expanded? Or at least do so for one's own posts when logged in.
The max() and min() macros have been changed throughout the kernel to now use 3 arguments instead of 2. The new argument is the first, which is the type for the temporary variables used. This avoids problems with multiple references to data. Usually those get compiled out, but with variables of type volatile, they do not. But in since cases you don't want multiple fetches from volatile variables. The problem here is that the max() macro has one instance and the min() macro has two instances of being used inside the for() clause. Simply changing back to the 2 argument usage won't fix it because the macro is defined for 3. My patch just changes the 3 affected uses back to conventional C code.
Due to an invalid assumption about putting baces inside macros (specifically, the max() and min() macros, which were changed in 2.4.9) which might be present inside the for() clause (which exists in 3 places in the kernel, 2 of which apply to NTFS code), the NTFS code isn't compiling. I made this patch to fix it.
I haven't tried GCJ yet, but I don't see why it can't have include files, pre-processing, and make files. This is probably going to be the way I head into Java, because it will allow me to be productive.
I'm looking for a 3" CDROM drive that fits in a floppy drive bay. I'm still trying to shrink computers down smaller and smaller. I only need the CDROM drive in there at all to serve as a rescue disk (and a floppy won't hold enough for what I need).
Ironically, they seem to be the most reliable CDRs around. The manufacturers of the crappy ones, being so focused on making crap CDRs, they aren't getting into this, apparently. OTOH, I've only burned about 30 of them, but they are 100% reliable and the CDROM drives read them at full speed (no slowdowns and timeouts like the crappy ones).
If you restrict yourself to programming in a single language, that might be the case. I don't. I've been programming in C for nearly 20 years. I had programmed in assembly for 20 years with 13 of those years overlapped with C. I program in PHP today, and have been waiting for Java to make it to serious production capability (I think I see the light at the end of the tunnel now). If someone programs in only one language today, they might well still be programming in it in 10 years, but may also be programming in one or two other languages (to the extent they have the freedom to choose the language that is best for the project, as opposed to having it dictated by a committee of PHBs).
There are two kinds of developments: those that need object oriented, and those that don't. If course the real distinction is always fuzzy. OO is not a universal method for everything, but it certainly proves its worth for a lot.
That said, I think the difficulty people will have in understanding the shift to Java is because of the continuing confusion of referring to C/C++ together as if it were one language. C and C++ are not the same language for any practical consideration. Sure, you can write C and call it C++ and it will compile. But C++ is supposed to be something different than C, while giving you stuff C also has. But the distinction between the two kinds of developments mentioned above fall between C and C++. If you don't need OO for your project, then you write in C. Even if you compile it with a C++ compiler, it's still written as C.
I believe that Java is taking more from C++ than it is taking from C simply because more and more of those kinds of projects (applications) that need OO, do not need the facilities of C. While C++ has good abstractions, it's always been too easy to do it wrong and code like C. Java doesn't let you do that (as easily).
During the next economic boom cycle, more application projects will begin. Java will be more favored (if you believe all this, and I do). But that won't mean there will be a lot fewer things that need non-OO C... there will just be a lot more new needs for which Java is an excellent choice. The thing is, those are projects that would not have been done in C anyway; they might have been done in C++ or one of those proprietary languages.
For me, the biggest reason I stay with C programming, as opposed to going with C++ (for some, not all, since not all projects I do would benefit from OO at the coding level) is because C++ is C with the pluses. While some certainly see that as an advantage, I don't. I see C++ as some kind of hack and fear that what I might have coded in C++ would still be tainted with too much C-ism. It's not the OO part I'm worried about; it's the C part.
I look forward to taking the plunge into Java. I'll skip C++. Some things will still be done in C. The big reason I have not done so before, or used some other strongly-OO language (like Smalltalk) is because the environments those languages work in have been too "academic". Look at the early hacks just to run Java programs to see what I am referring to. With advances like gcc support for the Java language (and Sun effectively losing pedantic control over it), I'll be able to fit a project developed in Java into a production environment more easily. These advances are shifting the line which determines whether a project benefits from using Java, and improves the margin in favor of OO where C++ wasn't enough to do it.
In summary, Java will take some from C, more from C++, and it will do this mostly in all new large scale projects for which it is far better suited. The gains will be seen more in percentages, rather than in absolute numbers.
Re:Welcome to the Post-Internet Age
on
Rhythms Flatlines
·
· Score: 2
There are regional ones that don't have (capital sucking) nationwide infrastructure, such as IP Communications, which has already been anticipating the fall of Rythyms.
Some of these DSL providers, including Rhythms and North Point, had positioned their business plans in the direction of becoming a full CLEC and offering not only DSL, but everything else that a CLEC would offer, including voice and other data circuits. What they found is first there were too many of them fighting over the small market that would abandon the ILEC. Their DSL sales may have been going OK, but sales in other business plans were just not bearing fruit, yet they had invested lots of money overbuilding that structure. While DSL sales were happening, because of cut throat market posturing, profits from it were very small at best, and most likely negative anyway.
If a business plans to achieve 40% market share, can't be profitable with less than 25% share, and faces 9 competitors with the same plans, something's got to break. The smarter ones can live through it.
Re:Servers were never allowed out on cable
on
Broadband Crackdown
·
· Score: 2
I would suspect that each router into each segment has the access list to block it. That would explain why some places still don't have it blocked (haven't got it configured in all of them, yet). And yes, that could mean that within a segment, the traffic can still go through. Maybe this is why CR2 narrowed its scan range.
Every Jaz disk I had eventually died. The drive is now gathering dust, no longer worth buying media for. An LS120 or ZIP is certainly a possibility. The purpose is for being able to boot a rescue disk, and those are bootable. But a CDROM would be cool and some of my machines are out of 5 inch bay space, but do have 3 inch bay space remaining. It would mean I could service all my machines with one rescue CD.
Reminds me of what Germany was like back in '33
So if someone breaks into my computer system and downloads what turns out to be a virus, and infects his own machine as a result, losing thousands of dollars of business due to lost or exposed documents, etc, he could sue me?
Just install the secure patches, or find out what the patch is to protect against and find another way to do that. Did you block Code Red?
Uh ... who promised that? The only thing I knew of the internet to promise was easier access to more information, not some ability for assholes to get in my face. This is the kind of stuff that makes me so glad I use Linux (same would go if I used BSD).
And do you think the incompetent admins that run the site would have believed someone who just said the site was insecure, but didn't back it up with facts?
That analogy does not fit. A more correct one would be:
Using the wrong analogy could leave people who just don't understand in the first place with a misunderstanding of it. As to the specific facts about the case with PDNS.COM, I don't know if I have them all or not. But based on what facts have been presented that I have read, my analogy is the correct one. The only reason 99.9% would say this guy is wrong is if they are judging him based on your flawed analogy. Common sense dictates that the case should be investigated. Maybe LinuxFreak.Org didn't really do a very good job of gathering the facts. But until they all are available, this is what we have to go on, and it makes the feds, idiot small town newspapers, and a certain sysadmin, look bad.
Way too often, you get hold of someone incompetent. When that happens, more likely they realize they're in over their heads and that their fanny is showing and it needs to be covered up. I've dealt with webmasters and sysadmins before, and usually things don't get taken care of. But in the cases where I was able to get hold of someone in management that gives a damn (even if he isn't a techie) things do usually get taken care of and often quite quickly. So in the current (sad) state of affairs, if you can get hold of someone higher up in management that can at least understand that their is a problem, that is the best way to do it. I do realize that may come down hard on someone at the bottom who may simply have made a typographical error. But in the majority of cases I've encountered, were I the management in charge with what I know about these things, at least one head would roll.
My first encounter with an incompetent sysadmin came many years ago when I was compiling an index of files located on public FTP servers. This was even before the Archie indexing system was set up. I gathered lists of servers from Usenet and ran an indexer on them. The indexes were made available by FTP. The indexes were re-run about weekly. There were about 4 FTP sites at JPL in the list. I received a threatening letter from a sysadmin at JPL "informing" me that I was accessing a "secure government computer without authorization". Secure my ass! It was wide open, had files of clearly public interest, had no files I could tell from their names (since I didn't actually download any) would be anything confidential or secret, and was advertised as a public server on Usenet. After a few exchanges of email with this sysadmin, it became apparent that he was not only totally incompetent and utterly inept, he wouldn't even lift a finger to even try to fix his security problem. Were it not for the fact that its often very hard to get rid of the incompetent in government, I would have tried to get this guy fired. Of course today it would only get me arrested. I did remove that server from the list. If only there had been a slashdot in those days, but there wasn't even a web.
The law is today basically covering up for administrator incompetence. An administrator mistake that leaves a site insecure is one thing. But trying to cover up the mistake, or otherwise avoid doing the job ... is what is the indicator of the incompetence. We know about the bug in IIS that spawned life to a red worm. Microsoft even fixed it well before the worm started. The two Microsoft admin types I know had their servers all patched up and secure before the worm ever hit. But clearly there are hundreds of thousands of servers run by the incompetent.
Now that ultramode.txt is gone, does anyone have a program that will parse the RDF or XML format and produce human readable and/or script parseable output?
I would go back and follow up on my postings to see if there are any replies, and maybe make counter replies. To find mine in the thread I would click on the browser search icon to bring up a search box, enter my name, and search for posts with my name as the poster. From there I can see if there are any new replies.
My display format preference is "light".
Now I can't. The new design leaves out the poster name. Nothing to find. The only way I can see my name is if my post got moderated up and doesn't show as just a one liner. But people do reply to posts that don't get moderated up. Not everyone reads at level 5.
So how about putting the names back in on the one liner when the post isn't expanded? Or at least do so for one's own posts when logged in.
Now if only I could find a dual ethernet version I could make a mini-firewall.
The max() and min() macros have been changed throughout the kernel to now use 3 arguments instead of 2. The new argument is the first, which is the type for the temporary variables used. This avoids problems with multiple references to data. Usually those get compiled out, but with variables of type volatile, they do not. But in since cases you don't want multiple fetches from volatile variables. The problem here is that the max() macro has one instance and the min() macro has two instances of being used inside the for() clause. Simply changing back to the 2 argument usage won't fix it because the macro is defined for 3. My patch just changes the 3 affected uses back to conventional C code.
I made a patch to fix that.
Because it has no charismatic leader. And many people are simply afraid to upgrade it (more so than the kernel).
Due to an invalid assumption about putting baces inside macros (specifically, the max() and min() macros, which were changed in 2.4.9) which might be present inside the for() clause (which exists in 3 places in the kernel, 2 of which apply to NTFS code), the NTFS code isn't compiling. I made this patch to fix it.
I haven't tried GCJ yet, but I don't see why it can't have include files, pre-processing, and make files. This is probably going to be the way I head into Java, because it will allow me to be productive.
I'm looking for a 3" CDROM drive that fits in a floppy drive bay. I'm still trying to shrink computers down smaller and smaller. I only need the CDROM drive in there at all to serve as a rescue disk (and a floppy won't hold enough for what I need).
Ironically, they seem to be the most reliable CDRs around. The manufacturers of the crappy ones, being so focused on making crap CDRs, they aren't getting into this, apparently. OTOH, I've only burned about 30 of them, but they are 100% reliable and the CDROM drives read them at full speed (no slowdowns and timeouts like the crappy ones).
If you restrict yourself to programming in a single language, that might be the case. I don't. I've been programming in C for nearly 20 years. I had programmed in assembly for 20 years with 13 of those years overlapped with C. I program in PHP today, and have been waiting for Java to make it to serious production capability (I think I see the light at the end of the tunnel now). If someone programs in only one language today, they might well still be programming in it in 10 years, but may also be programming in one or two other languages (to the extent they have the freedom to choose the language that is best for the project, as opposed to having it dictated by a committee of PHBs).
There are two kinds of developments: those that need object oriented, and those that don't. If course the real distinction is always fuzzy. OO is not a universal method for everything, but it certainly proves its worth for a lot.
That said, I think the difficulty people will have in understanding the shift to Java is because of the continuing confusion of referring to C/C++ together as if it were one language. C and C++ are not the same language for any practical consideration. Sure, you can write C and call it C++ and it will compile. But C++ is supposed to be something different than C, while giving you stuff C also has. But the distinction between the two kinds of developments mentioned above fall between C and C++. If you don't need OO for your project, then you write in C. Even if you compile it with a C++ compiler, it's still written as C.
I believe that Java is taking more from C++ than it is taking from C simply because more and more of those kinds of projects (applications) that need OO, do not need the facilities of C. While C++ has good abstractions, it's always been too easy to do it wrong and code like C. Java doesn't let you do that (as easily).
During the next economic boom cycle, more application projects will begin. Java will be more favored (if you believe all this, and I do). But that won't mean there will be a lot fewer things that need non-OO C ... there will just be a lot more new needs for which Java is an excellent choice. The thing is, those are projects that would not have been done in C anyway; they might have been done in C++ or one of those proprietary languages.
For me, the biggest reason I stay with C programming, as opposed to going with C++ (for some, not all, since not all projects I do would benefit from OO at the coding level) is because C++ is C with the pluses. While some certainly see that as an advantage, I don't. I see C++ as some kind of hack and fear that what I might have coded in C++ would still be tainted with too much C-ism. It's not the OO part I'm worried about; it's the C part.
I look forward to taking the plunge into Java. I'll skip C++. Some things will still be done in C. The big reason I have not done so before, or used some other strongly-OO language (like Smalltalk) is because the environments those languages work in have been too "academic". Look at the early hacks just to run Java programs to see what I am referring to. With advances like gcc support for the Java language (and Sun effectively losing pedantic control over it), I'll be able to fit a project developed in Java into a production environment more easily. These advances are shifting the line which determines whether a project benefits from using Java, and improves the margin in favor of OO where C++ wasn't enough to do it.
In summary, Java will take some from C, more from C++, and it will do this mostly in all new large scale projects for which it is far better suited. The gains will be seen more in percentages, rather than in absolute numbers.
But who remains there that knows how to do it?
There are regional ones that don't have (capital sucking) nationwide infrastructure, such as IP Communications, which has already been anticipating the fall of Rythyms.
Some of these DSL providers, including Rhythms and North Point, had positioned their business plans in the direction of becoming a full CLEC and offering not only DSL, but everything else that a CLEC would offer, including voice and other data circuits. What they found is first there were too many of them fighting over the small market that would abandon the ILEC. Their DSL sales may have been going OK, but sales in other business plans were just not bearing fruit, yet they had invested lots of money overbuilding that structure. While DSL sales were happening, because of cut throat market posturing, profits from it were very small at best, and most likely negative anyway.
If a business plans to achieve 40% market share, can't be profitable with less than 25% share, and faces 9 competitors with the same plans, something's got to break. The smarter ones can live through it.
I would suspect that each router into each segment has the access list to block it. That would explain why some places still don't have it blocked (haven't got it configured in all of them, yet). And yes, that could mean that within a segment, the traffic can still go through. Maybe this is why CR2 narrowed its scan range.