Not quite right. Audi is tied closely to Volkswagen (part of the VAG, or Volkswagen Automotive Group, along with Lamborghini, and sharing ties to VW's close sibling Porsche). You may be thinking of Opel (with ties to Lotus) for GM's European influences. They also have close ties to Toyota and Suzuki.
The car world isn't cut and dried. Most people wouldn't hesitate to call Dodge an American company, yet it's part of Daimler-Chrysler (German-American). Daimler-Chrysler also owns Mercedes Benz. As well, Dodge has close ties to Mitsubishi. Dodge Stealth == Mitsubish 3000GT; also several cars have carried the DSM moniker, for Diamond (Mitsubishi) Star (Dodge/Chrysler) Motors. More, just because a company is American or Japanese or German doesn't mean that's where their cars are built. GM builds lots of cars in Canada. Volkswagen built its new Beetle (which has ended its run) in Mexico. Honda/Acura and Toyota/Lexus build quite a few American-market cars in America. What, then, should you buy to ensure American jobs? A GM car (American company) built in Canada, or a Honda car (Japanese company) built in Kentucky?
No, you know what happens? Goods become cheaper and better. I don't have to pay through the nose because some guy thinks he should get $40/hour just to enter numbers into some data base or make a powerpoint presentation. Things become more affordable, more people can afford them, and everyone's quality of life goes up. THAT is what happens.
Even if prices are cut in half or less, how do you plan to pay for those goods with no money? Stuff may get cheaper, but if there aren't any jobs for you, or the jobs you can get pay so much less, then you're not going to be able to afford an appreciably larger amount of stuff. And we all know that it's Stuff that increases the quality of living.
Also, I'm willing to bet that while some products may be cheaper, other costs will not change. How do you decrease your rent or utility bills by farming out the labor to other countries? If I make $50K/year, pay $800/mo for rent, and can buy shoes for $100, I'm better off than if I make $20K/year, pay $800/mo for rent, and can buy shoes for $20.
When there's a compelling reason to upgrade. Those fall into two categories:
The kernel fixes a previous security problem, or
The kernel provides new features that you require for your product (not "want", but "need").
Any other reason is superfluous, especially for a server machine.
Is there a way I can easily use the old configuration?
The kernel config writes a.config file in the source root. Use that. If you patch rather than grabbing completely new sources, you won't even need to worry about copying that file around (unless you do a make mrproper, which you probably don't need to do unless stuff starts breaking during compile).
I must say I am very reluctant to upgrade the kernel.. especially when I don't have physical access to the machine. But I would of course love to the the fastest and most secure server as possible. Just curious what rules and procedures others use.
Years ago, back when the kernel was being updated nearly every other week rather than once every few months (2.0/2.2 time frame), I would always download the very latest kernel and compile that. Coincidentally, I was also learning Linux at the time, so I didn't mind spending time on stuff like that, and I was in school which meant a lot more free time. These days, my only linux box is a server, so unless there's a security fix I'm inclined to just leave the box alone. It's certainly easer not to upgrade than it is to upgrade.
I don't know. What I do know is that I like sftp because it's the familiar commandline ftp interface, yet more secure. I like things easy, so given the choice between learning how to properly use scp and using sftp which I already know, I choose the latter.
First of all, I don't see the problem about putting the *public* key of an ssh server in the registry... it is called a "public" key for a reason.
Sure it's a public key, but do you really want people to know what hosts you've been ssh'ing to if you're doing this from someone else's machine or (worse!) a public machine? As well, if it's someone else's machine (my assumption is that's what you were talking about, else there'd be no reason to remove putty in the first place), be considerate and don't leave random crap in their registry.
Secondly, you can easily clean up everything putty has put in the registry by using the -cleanup switch. (e.g. putty -cleanup)
That I didn't know. I guess it's true that you learn something new every day. And I've been using putty for 3+ years!
One problem: Putty will put keys in the registry (HKCU\Software\SimonTatham\Putty\SshHostKeys). You can easily delete that if you know that it's there. You could also hack the source code to put the keys somewhere else, or not store the keys at all (I've hacked the source code to do alpha blending, and while it wasn't the cleanest code base ever, it was understandable after a while). Anyway, my point is that if you're truly paranoid you'll have to do more than just delete the bin when you're done.
Also, you'll need putty's sftp client if you want to do it right. That's another exe you need to download. And don't forget to enable sftp on your server as well.
I've never used Smoothwall, instead doing all of that by hand (setting up a firewall, DHCP; haven't bothered with dyndns though, since I used to have static IPs and now that I don't I haven't found a need to connect to my home PCs yet). The way I would've setup your topology would have been to set a given IP to the PS2's mac rather than just getting a random IP, and then setup appropriate firewall rules for that IP. The rest of the internal network would have its own separate rules.
Then again, I didn't want to add more NICs than was reasonably necessary (as another poster pointed out, you could've done all of this with a single NIC, but two NICs is the sweet spot IMHO). Maybe Smoothwall makes it more difficult to do this (can't assign specific IPs by MAC, perhaps? or can't assign specific rules to a given IP?) and so the third NIC route was the easiest method, or maybe you just wanted to play around. I don't know. Whatever works.
And just for kicks, my own setup looks something like this:
Cable modem goes into a switch.
My main linux box connects to the switch and does firewalling (custom iptables script) and NAT (custom iptables script) among other stuff (DHCP with IPs assigned by MAC and no dynamic IPs for unrecognized MACs, fetchmail and internal exim server with spamassassin through procmail, local cvs, ssh and sftp, etc).
The second NIC in the linux box connects to another switch for my internal wired/wireless network.
I have another linux box and my main XP desktop on the wired portion of the internal network, and my laptop on the wireless portion.
And finally, the reason for the initial switch between the cable modem and the linux box is for my XBox.
Like you, I didn't want to have to putz around with opening ports for a gaming console, but I took a slightly different approach. I pay Comcast another couple $ per month for a second dynamic IP, and have the XBox directly online (no NAT or firewall to get in the way).
I put three nics in a Pentium 90 that I found on a trash heap. One nic goes to my RR cable modem, one nic goes to my switch and one nic is for my son's Playstation 2.
What was your reasoning behind adding a NIC specifically for the PS2? It should work fine just connecting to your switch, and assuming you have DHCP running for your internal network it won't even require any setup for the PS2. Plus, you can get an XBox as well and plug that into the switch, and have both running at the same time.
I'm sure you had a reason for that layout, I just can't figure out what it could be. Enlighten me?
I'm going to assume you meant "yields" when you wrote "yeilds". However, I don't think you meant to imply that Jason gives over possession of or surrenders his chainsaw, especially since you called it toothless. Instead, Jason handles [his toothless chainsaw] with skill and ease. That the chainsaw is toothless is the point; while he may be skilled at wielding his chainsaw, it's completely ineffective.
They are just trying to make a buck and do it all in one foul swoop.
Though I appreciate that SCO's tactics may be foul, the phrase you're looking for is one fell swoop, as used by Shakespeare. And while you may feel that the use of "foul" may be an appropriate exchange in this case, I assure you that fell is much more so. Observe:
fell, adj.
Of an inhumanly cruel nature; fierce: fell hordes.
You can order Outlook standalone from MS, as long as you have Exchange CALs.
Or, you can order Outlook by itself even if you don't have Exchange CALs. Without a CAL, you can't talk to an Exchange server, but you can still buy and use Outlook with Exchange.
Nobody buys Outlook for it's lame single-user PIM facilities.
I do. Well, I bought it because it's my preferred e-mail client and not so much for the PIM facilities. (blah blah Outlook viruses and crap blah blah whatever. Outlook 2K (with a service pack) and newer have been blocking nasty attachments for several years now, and with spam assassin on the server side and Outlook running in the Restricted zone on the client side, I have little to worry about.) However, if I would actually use my Pocket PC for PIM stuff, I'd certainly sync it against my Outlook PIM. Just because I don't do that doesn't mean it's not a good feature.
I did worse than that. Given Tolkien's fondness of subtitles ("The Hobbit, or There and Back Again"), I figured it was one single title called Farmer Giles of Ham, the Adventures of Tom Bombadil Leaf by Niggle and Smith of Wooton Major, implying that Tom Bombadil Leaf (whoever that is) has a secret identity as Farmer Giles of Ham, and his adventures would be written in the second person by two guys named Niggle and Smith from some fictional Wooton Major somewhere in Middle Earth. I couldn't quite figure out how that translated into four different stories. My guess was that it would be like The Silmarillion, where it's technically a single book, but it's really a whole bunch of different stories.
Punctuation is good. Use it to avoid these kinds of mistakes. And while we're at it, punctuation can be bad, too. It's not a case of more == better, but correct use == readable.
Re:Frustratingly typical day in the life of Micros
on
Yet Another Windows Worm
·
· Score: 2, Insightful
That's simply not true. If it were then I'd accuse windows newbies as well of doing the same thing by installing IIS.
Except that newbies have done that as well. They installed Windows 2000, and for some reason installed IIS (because they were playing around in the optional components install, or something like that). Then, when Code Red, Nimda, et al hit big, they got hammered because they weren't up to date. They weren't up to date because they didn't know they were running IIS.
You problem is with newbies, not the mythical "everything install" that no newbie uses that I've ever seen.
I hang out in EFnet's #Linux on occassion. I've been there for years. Several years back, it was quite common to see a newbie say, "I chose to install everything, because I didn't know what the other options did," or, "I didn't want to miss something, because I don't know how to install new software yet, so I chose to install everything." My problem isn't with newbies. They don't know any better. My problem is (well, "was" until some distros got their heads out of their asses) with distros that have stupid defaults. Something like BIND should only be started if it's specifically requested. The act of installing BIND is not necessarily a request to run it. (replace "BIND" with any other software that most people have no need to run, if you think I'm picking on BIND too much)
I don't know anything about linux, but couldn't you theoretically write a virus that disabled the file protection crap at the kernal level so it didn't matter if you were root or not?
Probably, but that would be a lot of work. More likely, you could just use one of the many local root exploits over the years. There have been quite a few, and I'd bet there are lots of people that are still vulnerable ("A local exploit? But I'm the only user on this system. I'm not going to bother with it."). Of course, now you have to find some way to get the user to run your script or executable that exploits the bug, but I'm sure there are ways to do that (even if it's just social engineering, which is what a lot of Windows e-mail viruses do). And then you're in, with root permission.
And of course, even without root permissions you can still screw stuff up. How about a virus that destroys all of your documents/mp3 files/pr0n? You don't need root access to do that if your user has write access to it already (and you surely do, or how could you update your documents/mp3 files/pr0n without always going to root?). And worse, there are distros like Lindows that encourage you to run as root (well, it used to, does it still do that?), which would make compromising it even easier. Of course, there's probably only a couple tens of thousands of people running Lindows, compared to millions upon millions of Windows users. What hax0r would waste his time on such a small target?
Re:Frustratingly typical day in the life of Micros
on
Yet Another Windows Worm
·
· Score: 5, Insightful
And if they didn't repell attacks, that would be almost good too.
Because there's nothing quite like a 100,000 machine-strong DDoS network of Redhat machines on cable modems. I hope you meant that if machines are not repelling attacks, then that would prompt bug fixes. However, as you see in the Windows world, most attacks are targetted at already-fixed issues. The machines that get infected are the ones that didn't stay up to date (or in lots of cases a few years ago, were running software they shouldn't be running, like personal Redhat machines running BIND because it was installed and started by default in an "install everything" scenario, the installation option used by most newbies because they're afraid of missing something during the initial install and not knowing how to install it later).
No, successful virus/worm/hax0r infections are never desired. Better for the issues to be found by competent and moral ("moral" being that they don't use the exploit maliciously) people before a major virus or worm is written. There are excellent patch distribution channels for both Windows and Linux these days. People really should use them. And for production servers that don't use them because they need to do validation before deploying the fix, they need to get off their asses and do the validation. There's no excuse for a 2 year old bug causing issues now. That's 1 year, 11 months, and 3 weeks of laziness (assuming it takes about a week to do a validation and deploy the fix and any resulting changes).
It reminds me of when I was 13 years old, and was at the stereo store waiting to plunk down some of my hard earned paper route money for a duel cassete deck (these things used to be expensive), and the sales person went on a long lecture about how if I used this to make copies of my freinds tapes I'd be ruining it for everyone, and if I did that, someday you wouldn't be able to buy duel tape decks.
I can't say i miss m4 (although I know real sendmail admins don't bother with wimpy scripting languages), sendmail also served it's purpose back in the day.
M4 got a really bad reputation thanks to Sendmail. It really is a very nice preprocessor once you learn a few of its idiosyncracies (most annoying is that there are separate characters for begin and end quotes). Aside from Sendmail, my main exposure to M4 is using it as a preprocessor for SQL code. It's great being able to include files in my SQL code, and write macros for common operations. Sure, I could've gotten the same functionality by using the CPP or Perl, but in the former case M4 is much more powerful than CPP, and the latter case would require quite a bit more work than just plugging in M4.
The moral of the story? M4 doesn't suck. Sendmail sucks because of its arcane usage of M4.
yeah, I know... probably not the safest thing to do, but port 25 is blocked from coming in... it's local only
Why bother with the firewall rule? Bind exim to your local interfaces only (127.0.0.1, whatever private IP you use for your internal LAN). If no service is running on a port, you don't need to worry. Firewall it anyway, if you like, but that's just redundant.
I also use Exim 3 on Debian, coming from using Postfix for the longest time. In fact, the only reason why I switched from Postfix to Exim is because I switched ISPs (no DSL at my new house) and couldn't run my own mail server anymore. Because of that, I moved my domain to a hosting company and needed to use SASL to send mail through their smtp servers. Well, setting up SASL with Postfix in Debian was a major pain in the ass. I never got it working quite right (always ended up with it saying there was no valid mech or some such), so I blew away postfix and installed Exim. Guess what? Exim did SASL right out of the box (.deb), and all I had to do was make one or two very minor changes to a (highly readable) config file. I thought Postfix was great for ease of use, and it certainly is compared to Sendmail. However, Exim is another step beyond that.
A couple of years ago, I wouldn't have switched. I'd have spent as much time as necessary banging on Postfix to make it work with SASL. Now, I switched because it was much easier than wasting time on Postfix.
You don't need a palm pilot?:) Your schedule may be the same, but when you multiply 4-5 classes by up to 5 assignments each per week (give or take, whatever) that becomes a scheduling nightmare. Add on top of that any work schedule you might have, and a palm organizer becomes essential.
Bah. Even though I had a WinCE device (won it in a contest) my last year of college, I never really bothered to use it for scheduling. I found that a combination of half-way decent memory (ie, drinking but no drugs) and making friends in my classes (unless you change majors, the friends you make freshman and sophomore years will be in almost of your classes junior and senior year, and you all can work out class schedules around each other) worked much better than trying to keep my PDA up to date. The assignments/tests that I did miss were all in elective classes that I didn't share with my engineering friends. I found that those "issues" were easily resolved by being a good bullshit artist (and once, even by telling the truth!). Of course, you need other skills besides being able to bullshit. For instance, if you bullshit your professor into believing that the reason you didn't turn in your paper is because you forgot it at home, and that you'd bring it to his office hours that evening, you better damned well be able to push out a decent-quality 10 page paper in 2-3 hours.
The only other major tip I have is to use your professors' office hours. They have them for a reason. I didn't figure this one out until junior year, but when I did I set aside time to go to office hours for the more difficult or more important classes. Not only will you get more insight into what you're learning and tips on the homework, but you'll get to know the professor. More importantly, s/he will get to know you. Think of it as practicing the networking skills you're going to need in the real world. Also, professors generally are more likely to give extensions on assignments if they know you. It won't work if you try to get an extension on every assignment, but I could usually get three or four extensions per semester for myself and my friends (we would all get together and go to office hours at the same time, often followed up with beers at the local Irish pub).
As far as having a laptop stolen, how about one of those security devices lock onto a laptop and make a LOUD noise when they are moved?
Right, because we all know how well that idea worked for car alarms...
whats wrong with winamp 3???? I kinda like it.... needs some work on the backend, but overall its good.
Well, it's just horribly bloated and slow compared to Winamp 2. The plugin architecture seems overly complex, if technically better in design than Winamp 2's (though Winamp 2's design of using standard DLLs and Windows messages for communication meant that any language capable of making a C-readable DLL and sending Windows messages could be used for writing a plugin; with Winamp 3, you're pretty much stuck using C++). Overall, it really doesn't do much more than Winamp 2, but it does it slower and buggier. I'll revisit Winamp3 after another major revision or two, but for now Winamp 2 is my preferred music media player.
Oh, yeah, and part of my dislike of Winamp 3 is the haphazard way in which alpha transparency was added. Control over alpha blending your windows seems half-assed. I may be biased, though.
I think that the laywers see justins Rebellious streak, but also realize that he does good work and is worth the keep.
Justin certainly is smart, but AOL bought Nullsoft for one thing -- Winamp. So why does Winamp 3 suck so bad?
My take on the situation is that Justin doesn't like being part of AOL. However, rather than refusing the sale of Nullsoft back in the day, he accepted the sale, collected copious amounts of money, and is now slacking off/eating away at AOL from the inside. That would explain why the newest version of Nullsoft's main asset sucks so bad, and why Justin keeps releasing software like this that pisses off AOL (Gnutella, that little app that blocked ads in AIM, WASTE).
...what kind of in-game effect urination will produce?:D
Hopefully not something along the lines of Postal 2. There's just something wrong with a game that allows (encourages!) you to urinate on things (kill an old lady, then urinate on her!).
the PowerPad and PowerGlove Nintendo put several years ago? this seems like the next step in that direction ("physical gaming")
"Several years ago"? Try almost a decade and a half! There have been other attempts since then. Anybody remember the Genesis Activator Ring (at the bottom of the page)? Also, there have been numerous fishing poles, golf clubs, baseball bats, skateboards, snowboards, etc. And one could probably even lump steering wheels/pedals in this category as well, since a good set will accurately mimic the act of driving.
Slashdot Mirror
Also Jaguar and Volvo.
Not quite right. Audi is tied closely to Volkswagen (part of the VAG, or Volkswagen Automotive Group, along with Lamborghini, and sharing ties to VW's close sibling Porsche). You may be thinking of Opel (with ties to Lotus) for GM's European influences. They also have close ties to Toyota and Suzuki.
The car world isn't cut and dried. Most people wouldn't hesitate to call Dodge an American company, yet it's part of Daimler-Chrysler (German-American). Daimler-Chrysler also owns Mercedes Benz. As well, Dodge has close ties to Mitsubishi. Dodge Stealth == Mitsubish 3000GT; also several cars have carried the DSM moniker, for Diamond (Mitsubishi) Star (Dodge/Chrysler) Motors. More, just because a company is American or Japanese or German doesn't mean that's where their cars are built. GM builds lots of cars in Canada. Volkswagen built its new Beetle (which has ended its run) in Mexico. Honda/Acura and Toyota/Lexus build quite a few American-market cars in America. What, then, should you buy to ensure American jobs? A GM car (American company) built in Canada, or a Honda car (Japanese company) built in Kentucky?
Even if prices are cut in half or less, how do you plan to pay for those goods with no money? Stuff may get cheaper, but if there aren't any jobs for you, or the jobs you can get pay so much less, then you're not going to be able to afford an appreciably larger amount of stuff. And we all know that it's Stuff that increases the quality of living.
Also, I'm willing to bet that while some products may be cheaper, other costs will not change. How do you decrease your rent or utility bills by farming out the labor to other countries? If I make $50K/year, pay $800/mo for rent, and can buy shoes for $100, I'm better off than if I make $20K/year, pay $800/mo for rent, and can buy shoes for $20.
Why run make twice when you could run it once? Also, it's a good idea to run the "clean" target, especially if you used a patch.
When there's a compelling reason to upgrade. Those fall into two categories:
Any other reason is superfluous, especially for a server machine.
The kernel config writes a .config file in the source root. Use that. If you patch rather than grabbing completely new sources, you won't even need to worry about copying that file around (unless you do a make mrproper, which you probably don't need to do unless stuff starts breaking during compile).
Years ago, back when the kernel was being updated nearly every other week rather than once every few months (2.0/2.2 time frame), I would always download the very latest kernel and compile that. Coincidentally, I was also learning Linux at the time, so I didn't mind spending time on stuff like that, and I was in school which meant a lot more free time. These days, my only linux box is a server, so unless there's a security fix I'm inclined to just leave the box alone. It's certainly easer not to upgrade than it is to upgrade.
I don't know. What I do know is that I like sftp because it's the familiar commandline ftp interface, yet more secure. I like things easy, so given the choice between learning how to properly use scp and using sftp which I already know, I choose the latter.
Sure it's a public key, but do you really want people to know what hosts you've been ssh'ing to if you're doing this from someone else's machine or (worse!) a public machine? As well, if it's someone else's machine (my assumption is that's what you were talking about, else there'd be no reason to remove putty in the first place), be considerate and don't leave random crap in their registry.
That I didn't know. I guess it's true that you learn something new every day. And I've been using putty for 3+ years!
One problem: Putty will put keys in the registry (HKCU\Software\SimonTatham\Putty\SshHostKeys). You can easily delete that if you know that it's there. You could also hack the source code to put the keys somewhere else, or not store the keys at all (I've hacked the source code to do alpha blending, and while it wasn't the cleanest code base ever, it was understandable after a while). Anyway, my point is that if you're truly paranoid you'll have to do more than just delete the bin when you're done.
Also, you'll need putty's sftp client if you want to do it right. That's another exe you need to download. And don't forget to enable sftp on your server as well.
I've never used Smoothwall, instead doing all of that by hand (setting up a firewall, DHCP; haven't bothered with dyndns though, since I used to have static IPs and now that I don't I haven't found a need to connect to my home PCs yet). The way I would've setup your topology would have been to set a given IP to the PS2's mac rather than just getting a random IP, and then setup appropriate firewall rules for that IP. The rest of the internal network would have its own separate rules.
Then again, I didn't want to add more NICs than was reasonably necessary (as another poster pointed out, you could've done all of this with a single NIC, but two NICs is the sweet spot IMHO). Maybe Smoothwall makes it more difficult to do this (can't assign specific IPs by MAC, perhaps? or can't assign specific rules to a given IP?) and so the third NIC route was the easiest method, or maybe you just wanted to play around. I don't know. Whatever works.
And just for kicks, my own setup looks something like this:
Like you, I didn't want to have to putz around with opening ports for a gaming console, but I took a slightly different approach. I pay Comcast another couple $ per month for a second dynamic IP, and have the XBox directly online (no NAT or firewall to get in the way).
What was your reasoning behind adding a NIC specifically for the PS2? It should work fine just connecting to your switch, and assuming you have DHCP running for your internal network it won't even require any setup for the PS2. Plus, you can get an XBox as well and plug that into the switch, and have both running at the same time.
I'm sure you had a reason for that layout, I just can't figure out what it could be. Enlighten me?
I'm going to assume you meant "yields" when you wrote "yeilds". However, I don't think you meant to imply that Jason gives over possession of or surrenders his chainsaw, especially since you called it toothless. Instead, Jason handles [his toothless chainsaw] with skill and ease. That the chainsaw is toothless is the point; while he may be skilled at wielding his chainsaw, it's completely ineffective.
(emphasis added by me)
Though I appreciate that SCO's tactics may be foul, the phrase you're looking for is one fell swoop, as used by Shakespeare. And while you may feel that the use of "foul" may be an appropriate exchange in this case, I assure you that fell is much more so. Observe:
Or, you can order Outlook by itself even if you don't have Exchange CALs. Without a CAL, you can't talk to an Exchange server, but you can still buy and use Outlook with Exchange.
I do. Well, I bought it because it's my preferred e-mail client and not so much for the PIM facilities. (blah blah Outlook viruses and crap blah blah whatever. Outlook 2K (with a service pack) and newer have been blocking nasty attachments for several years now, and with spam assassin on the server side and Outlook running in the Restricted zone on the client side, I have little to worry about.) However, if I would actually use my Pocket PC for PIM stuff, I'd certainly sync it against my Outlook PIM. Just because I don't do that doesn't mean it's not a good feature.
I did worse than that. Given Tolkien's fondness of subtitles ("The Hobbit, or There and Back Again"), I figured it was one single title called Farmer Giles of Ham, the Adventures of Tom Bombadil Leaf by Niggle and Smith of Wooton Major, implying that Tom Bombadil Leaf (whoever that is) has a secret identity as Farmer Giles of Ham, and his adventures would be written in the second person by two guys named Niggle and Smith from some fictional Wooton Major somewhere in Middle Earth. I couldn't quite figure out how that translated into four different stories. My guess was that it would be like The Silmarillion, where it's technically a single book, but it's really a whole bunch of different stories.
Punctuation is good. Use it to avoid these kinds of mistakes. And while we're at it, punctuation can be bad, too. It's not a case of more == better, but correct use == readable.
Except that newbies have done that as well. They installed Windows 2000, and for some reason installed IIS (because they were playing around in the optional components install, or something like that). Then, when Code Red, Nimda, et al hit big, they got hammered because they weren't up to date. They weren't up to date because they didn't know they were running IIS.
I hang out in EFnet's #Linux on occassion. I've been there for years. Several years back, it was quite common to see a newbie say, "I chose to install everything, because I didn't know what the other options did," or, "I didn't want to miss something, because I don't know how to install new software yet, so I chose to install everything." My problem isn't with newbies. They don't know any better. My problem is (well, "was" until some distros got their heads out of their asses) with distros that have stupid defaults. Something like BIND should only be started if it's specifically requested. The act of installing BIND is not necessarily a request to run it. (replace "BIND" with any other software that most people have no need to run, if you think I'm picking on BIND too much)
Probably, but that would be a lot of work. More likely, you could just use one of the many local root exploits over the years. There have been quite a few, and I'd bet there are lots of people that are still vulnerable ("A local exploit? But I'm the only user on this system. I'm not going to bother with it."). Of course, now you have to find some way to get the user to run your script or executable that exploits the bug, but I'm sure there are ways to do that (even if it's just social engineering, which is what a lot of Windows e-mail viruses do). And then you're in, with root permission.
And of course, even without root permissions you can still screw stuff up. How about a virus that destroys all of your documents/mp3 files/pr0n? You don't need root access to do that if your user has write access to it already (and you surely do, or how could you update your documents/mp3 files/pr0n without always going to root?). And worse, there are distros like Lindows that encourage you to run as root (well, it used to, does it still do that?), which would make compromising it even easier. Of course, there's probably only a couple tens of thousands of people running Lindows, compared to millions upon millions of Windows users. What hax0r would waste his time on such a small target?
Because there's nothing quite like a 100,000 machine-strong DDoS network of Redhat machines on cable modems. I hope you meant that if machines are not repelling attacks, then that would prompt bug fixes. However, as you see in the Windows world, most attacks are targetted at already-fixed issues. The machines that get infected are the ones that didn't stay up to date (or in lots of cases a few years ago, were running software they shouldn't be running, like personal Redhat machines running BIND because it was installed and started by default in an "install everything" scenario, the installation option used by most newbies because they're afraid of missing something during the initial install and not knowing how to install it later).
No, successful virus/worm/hax0r infections are never desired. Better for the issues to be found by competent and moral ("moral" being that they don't use the exploit maliciously) people before a major virus or worm is written. There are excellent patch distribution channels for both Windows and Linux these days. People really should use them. And for production servers that don't use them because they need to do validation before deploying the fix, they need to get off their asses and do the validation. There's no excuse for a 2 year old bug causing issues now. That's 1 year, 11 months, and 3 weeks of laziness (assuming it takes about a week to do a validation and deploy the fix and any resulting changes).
(emphasis added by me)
I guess the two decks in the player could have been in a prearranged, formal combat between two persons, usually fought to settle a point of honor, but I highly doubt it. I'm sure you meant it was composed of two usually like or complementary parts instead. Too bad you didn't say that.
M4 got a really bad reputation thanks to Sendmail. It really is a very nice preprocessor once you learn a few of its idiosyncracies (most annoying is that there are separate characters for begin and end quotes). Aside from Sendmail, my main exposure to M4 is using it as a preprocessor for SQL code. It's great being able to include files in my SQL code, and write macros for common operations. Sure, I could've gotten the same functionality by using the CPP or Perl, but in the former case M4 is much more powerful than CPP, and the latter case would require quite a bit more work than just plugging in M4.
The moral of the story? M4 doesn't suck. Sendmail sucks because of its arcane usage of M4.
Why bother with the firewall rule? Bind exim to your local interfaces only (127.0.0.1, whatever private IP you use for your internal LAN). If no service is running on a port, you don't need to worry. Firewall it anyway, if you like, but that's just redundant.
I also use Exim 3 on Debian, coming from using Postfix for the longest time. In fact, the only reason why I switched from Postfix to Exim is because I switched ISPs (no DSL at my new house) and couldn't run my own mail server anymore. Because of that, I moved my domain to a hosting company and needed to use SASL to send mail through their smtp servers. Well, setting up SASL with Postfix in Debian was a major pain in the ass. I never got it working quite right (always ended up with it saying there was no valid mech or some such), so I blew away postfix and installed Exim. Guess what? Exim did SASL right out of the box (.deb), and all I had to do was make one or two very minor changes to a (highly readable) config file. I thought Postfix was great for ease of use, and it certainly is compared to Sendmail. However, Exim is another step beyond that.
A couple of years ago, I wouldn't have switched. I'd have spent as much time as necessary banging on Postfix to make it work with SASL. Now, I switched because it was much easier than wasting time on Postfix.
Bah. Even though I had a WinCE device (won it in a contest) my last year of college, I never really bothered to use it for scheduling. I found that a combination of half-way decent memory (ie, drinking but no drugs) and making friends in my classes (unless you change majors, the friends you make freshman and sophomore years will be in almost of your classes junior and senior year, and you all can work out class schedules around each other) worked much better than trying to keep my PDA up to date. The assignments/tests that I did miss were all in elective classes that I didn't share with my engineering friends. I found that those "issues" were easily resolved by being a good bullshit artist (and once, even by telling the truth!). Of course, you need other skills besides being able to bullshit. For instance, if you bullshit your professor into believing that the reason you didn't turn in your paper is because you forgot it at home, and that you'd bring it to his office hours that evening, you better damned well be able to push out a decent-quality 10 page paper in 2-3 hours.
The only other major tip I have is to use your professors' office hours. They have them for a reason. I didn't figure this one out until junior year, but when I did I set aside time to go to office hours for the more difficult or more important classes. Not only will you get more insight into what you're learning and tips on the homework, but you'll get to know the professor. More importantly, s/he will get to know you. Think of it as practicing the networking skills you're going to need in the real world. Also, professors generally are more likely to give extensions on assignments if they know you. It won't work if you try to get an extension on every assignment, but I could usually get three or four extensions per semester for myself and my friends (we would all get together and go to office hours at the same time, often followed up with beers at the local Irish pub).
Right, because we all know how well that idea worked for car alarms ...
Well, it's just horribly bloated and slow compared to Winamp 2. The plugin architecture seems overly complex, if technically better in design than Winamp 2's (though Winamp 2's design of using standard DLLs and Windows messages for communication meant that any language capable of making a C-readable DLL and sending Windows messages could be used for writing a plugin; with Winamp 3, you're pretty much stuck using C++). Overall, it really doesn't do much more than Winamp 2, but it does it slower and buggier. I'll revisit Winamp3 after another major revision or two, but for now Winamp 2 is my preferred music media player.
Oh, yeah, and part of my dislike of Winamp 3 is the haphazard way in which alpha transparency was added. Control over alpha blending your windows seems half-assed. I may be biased, though.
Justin certainly is smart, but AOL bought Nullsoft for one thing -- Winamp. So why does Winamp 3 suck so bad?
My take on the situation is that Justin doesn't like being part of AOL. However, rather than refusing the sale of Nullsoft back in the day, he accepted the sale, collected copious amounts of money, and is now slacking off/eating away at AOL from the inside. That would explain why the newest version of Nullsoft's main asset sucks so bad, and why Justin keeps releasing software like this that pisses off AOL (Gnutella, that little app that blocked ads in AIM, WASTE).
Hopefully not something along the lines of Postal 2. There's just something wrong with a game that allows (encourages!) you to urinate on things (kill an old lady, then urinate on her!).
"Several years ago"? Try almost a decade and a half! There have been other attempts since then. Anybody remember the Genesis Activator Ring (at the bottom of the page)? Also, there have been numerous fishing poles, golf clubs, baseball bats, skateboards, snowboards, etc. And one could probably even lump steering wheels/pedals in this category as well, since a good set will accurately mimic the act of driving.