No one is forcing you to distribute your code under the GPL. If you want to use GPLed code, you're gonna have to GPL your code, but no one is forcing you to use GPLed code either. I don't see your problem here. You still have the freedom to not say something. Just don't use GPLed code in your software. It really is that simple.
Another troll. The first poster (you?) claimed that since it was GPLed, the code was not freely redistributable. Name me a situation where the GPL stops you from distributing the code? It may prevent you from hoarding the code, but if that is what he (you?) meant, I can only assume he/you would have written that. Once again, I'll assume you're trolling, or perhaps english isn't your first language.
Huh? The CODE is freely-redistributable. Binaries might not be, but the code always will be. Presumably you're not that dumb, and you're just trolling.
What about cellular phone radio waves that pass through my property? I can't legally do with those as I will. I suspect something similar will happen to this technology. That way, only the "responsible" feds will be able to use it.
Basically, before you do something, think: does this say "I love you and want to do things to make you happy" or "I have to do this for you, since you're obviously incapable"
Its quite simple. And if I ever see another guy get out of a car, walk around and open the passenger door for a woman, I'm gonna be sick.
I wonder if various internet polls appreciate being mentioned on slashdot? Suddenly, their votes quadruple, mostly all in one direction. Not that these surveys are remotely representative to begin with, but post slashdot mention, they are bound to be MUCH less so. 5:15.. time to sleep.
Sigh. This is EXACTLY what java's promise was. Go look at HotJava and the rhetoric about applets when it was first introduced. JITs like IBM's have pretty much removed the performance issues, so the blame is now squarely Sun and Micrsoft's for screwing up crossplatform browsing.
Go get a good debugger. Now think: The software decoder has to decrypt it's key into memory to use it. It wouldn't have mattered if Xing had encrypted their key, it just would have take a bit longer. Even if someone figures out how to make software that confuses every known debugger out there, you can still run the decoder in an emulator like BOCHS and get the key that way. The only way to securely distribute digital media would require tamper-proof hardware (impossible) or authentication schemes like DIVX (annoying, and probably still not secure).
If you would use PGCC on a live server, you certainly would be allowed to touch one of mine. The author of PGCC is on the egcs (err.. gcc 3.0) team; all "safe" optimizations are rolled into gcc. PGCC is mostly an experimental playground for new ideas. Using it on a production server is insanity. Are you running 2.3.35 on your production boxes? Why not, its faster!
I've never used Z.E.N. but for remotely installing software, how about a special samba share with the install files and a batch file? The workstations could run a program that keeps track of how long the screensaver has been up, and if its been idle more than x amount of time, it checks for new.bat files on the share, and runs them.
You could make this program as simple or as sophisticated as you please. I would look into programs that keep track of registry changes and installed files. Then you could install the software on a test machine, and prepare something analagous to a.rpm of the program, and put that on the server for distribution.
Of course, you'd have to make damn sure that the maching serving this special directory isn't compromised, but you should be doing that anyway.
This was all kind of a spur of the moment type idea, but it seems workable. comments?
ext2fs supports append only files using chattr, this patch most likely adds securelevels back to 2.2 (it was in 2.0, but disappeared in 2.1 for some reason). The securelevel, once raised, cannot be lowered, and with a raised securelevel, not even root can do potentially dangerous things. Things like removing the +i (immutable) or +a (append only) attribute from files. To be secure, it must also disallow access to the raw drive partition, and/dev/mem. You might also want to look into kernel patches that make the stack non-executable, and place NULLs in library addresses. These can't stop buffer-overflow attacks, but it certainly makes them more difficult. Every extra layer of security helps.
These measures are important for multi-user boxes, but are rather restrictive for your personal workstation.
To be extra paranoid, you want to run something like tripwire, with the database, the (staticly linked) tripwire binary, and your kernel (without loadable module support) on a write protected floppy. If you're looking at measures that extreme however, I would highly recommend evaluating OpenBSD, as it has been audited, and tends to take a much more proactive stance on security.
The same amount of work put into an OpenBSD box and a Linux box will leave the OpenBSD box much more secure. The out of box security of an OpenBSD install tends to be greater than that of the average linux distribution.
No matter what you do, there is no excuse for not keeping up with known bugs in the software you're running, and applying patches in a timely manner. Good luck!
If your computer can use the key to decrypt the stream in software, you can watch it decrypt its own code in Softice or something similar, and get the key. The encyrpted code just made things more difficult. Without some kind of tamper-proof hardware there is NO WAY to do 100% secure digital media distribution.
more importantly, an advisory will come out for FreeBSD, and theo will follow up with "This has been fixed in OpenBSD since 1997" or something similar. Very impressive.
not this one again. you're being misleading by omission. allow me to rephrase your statement to make it correct: "the performance differences are huge for packet filtering applications that use BPF (berkley packet filter)."
Berkely packet filters? BSD unix? hmmmm....
Did you know that Linux is faster than FreeBSD at running Linux kernel modules?
This "benchmark" gets the "no shit, that's absolutely useless" award.
When I first read it, it made perfect sense to me. I have a video card that is pretty noisy electrically, and if I put it anywhere near the soundcard, I get a terrible hum on the output.
The moral of this story is: always put your sound card as far away from everything else as possible. or get a card with SPDIF out, and use it.
You misunderstand. Walk into your local software store, and I bet you could count the apps written with VB on one hand. The reason VB is so highly ranked in this survey is because of in-house developers writing one off hacks (what else can you do in VB?). No one writes real applications that have any kind of long term maintenence requirements in VB.
The reason VB is so popular is that people who don't have the skills to be a real developer can wire together components to make simple applications, especially database frontends. Companies can pay these VBers a lot less than a software engineer would demand, so they're happy too.
Personally, I don't see much difference between the "new" (web page) crackers and the "old" (copy protection) crackers. Both require basic assembly knowledge, and the ability to use a debugger. And lots and lots and lots and lots of time on your hands. Obviously I am ignoring those amazing buffer overruns exploits where people manage to get code in through a function that strips out all characters but '9' 'a' and 'q', but your average exploit is not that impressive an achievement. Nor is your average software crack. I fully expect to be flamed by the script kiddies and the h4x0r groupies. Please at least attempt to keep it coherent.
As long as we're playing conspiricy games, go look for any info from apple on www.spec.org. Apple/Motorola isn't represented past the 604e. Do you wonder why Apple wouldn't be touting their "supercomputers" on as close to an objective platform as we have for these things? The rule to automatically ignore all marketing claims is especially true with apple. They make nice machines (especially laptops), but their marketing department gets the award for most out of control almost-lies.
While you are quite correct about performance of a 667Mhz 21264 beating the pants off of this chip, the notion that a 450Mhz G4 will beat a 700Mhz PIII at anything but the most contrived of benchmarks is a testament to the reality distorting power of Apple's marketing department.
"Computer Science" shouldn't focus too heavily on any one programming language. The operating system is completely irrelevant unless you're actually hacking on it. A UNIX administration class, while possibly very useful, is not Computer Science.
Slashdot Mirror
No one is forcing you to distribute your code under the GPL. If you want to use GPLed code, you're gonna have to GPL your code, but no one is forcing you to use GPLed code either. I don't see your problem here. You still have the freedom to not say something. Just don't use GPLed code in your software. It really is that simple.
Another troll. The first poster (you?) claimed that since it was GPLed, the code was not freely redistributable. Name me a situation where the GPL stops you from distributing the code? It may prevent you from hoarding the code, but if that is what he (you?) meant, I can only assume he/you would have written that. Once again, I'll assume you're trolling, or perhaps english isn't your first language.
Huh? The CODE is freely-redistributable. Binaries might not be, but the code always will be. Presumably you're not that dumb, and you're just trolling.
What about cellular phone radio waves that pass through my property? I can't legally do with those as I will. I suspect something similar will happen to this technology. That way, only the "responsible" feds will be able to use it.
Jeff Kuester, an atlanta based patent/IP laywer has collected some info on this very topic: www.kuesterlaw.com
Its an excellent resource.
Basically, before you do something, think: does this say "I love you and want to do things to make you happy" or "I have to do this for you, since you're obviously incapable"
Its quite simple. And if I ever see another guy get out of a car, walk around and open the passenger door for a woman, I'm gonna be sick.
I wonder if various internet polls appreciate being mentioned on slashdot? Suddenly, their votes quadruple, mostly all in one direction. Not that these surveys are remotely representative to begin with, but post slashdot mention, they are bound to be MUCH less so. 5:15.. time to sleep.
Can we ask this lawyer about the issues involved in a Linux software-only DVD decoder?
Sigh. This is EXACTLY what java's promise was. Go look at HotJava and the rhetoric about applets when it was first introduced. JITs like IBM's have pretty much removed the performance issues, so the blame is now squarely Sun and Micrsoft's for screwing up crossplatform browsing.
Go get a good debugger. Now think: The software decoder has to decrypt it's key into memory to use it. It wouldn't have mattered if Xing had encrypted their key, it just would have take a bit longer. Even if someone figures out how to make software that confuses every known debugger out there, you can still run the decoder in an emulator like BOCHS and get the key that way. The only way to securely distribute digital media would require tamper-proof hardware (impossible) or authentication schemes like DIVX (annoying, and probably still not secure).
If you would use PGCC on a live server, you certainly would be allowed to touch one of mine. The author of PGCC is on the egcs (err.. gcc 3.0) team; all "safe" optimizations are rolled into gcc. PGCC is mostly an experimental playground for new ideas. Using it on a production server is insanity. Are you running 2.3.35 on your production boxes? Why not, its faster!
I've never used Z.E.N. but for remotely installing software, how about a special samba share with the install files and a batch file? The workstations could run a program that keeps track of how long the screensaver has been up, and if its been idle more than x amount of time, it checks for new .bat files on the share, and runs them.
.rpm of the program, and put that on the server for distribution.
You could make this program as simple or as sophisticated as you please. I would look into programs that keep track of registry changes and installed files. Then you could install the software on a test machine, and prepare something analagous to a
Of course, you'd have to make damn sure that the maching serving this special directory isn't compromised, but you should be doing that anyway.
This was all kind of a spur of the moment type idea, but it seems workable. comments?
ext2fs supports append only files using chattr, this patch most likely adds securelevels back to 2.2 (it was in 2.0, but disappeared in 2.1 for some reason). The securelevel, once raised, cannot be lowered, and with a raised securelevel, not even root can do potentially dangerous things. Things like removing the +i (immutable) or +a (append only) attribute from files. To be secure, it must also disallow access to the raw drive partition, and /dev/mem. You might also want to look into kernel patches that make the stack non-executable, and place NULLs in library addresses. These can't stop buffer-overflow attacks, but it certainly makes them more difficult. Every extra layer of security helps.
These measures are important for multi-user boxes, but are rather restrictive for your personal workstation.
To be extra paranoid, you want to run something like tripwire, with the database, the (staticly linked) tripwire binary, and your kernel (without loadable module support) on a write protected floppy. If you're looking at measures that extreme however, I would highly recommend evaluating OpenBSD, as it has been audited, and tends to take a much more proactive stance on security.
The same amount of work put into an OpenBSD box and a Linux box will leave the OpenBSD box much more secure. The out of box security of an OpenBSD install tends to be greater than that of the average linux distribution.
No matter what you do, there is no excuse for not keeping up with known bugs in the software you're running, and applying patches in a timely manner. Good luck!
Yeah, but can you safely dip your finger in it like you can with Liquid N? Can you tell I just finished my superconductivity lab?
Its a very odd feeling to dip your finger into a liquid, pull it out, and find your finger completly dry.
Quick disclaimer: Dip and remove quickly. Yes it feels neat, but it will feel much less neat if you don't yank that finger out quick-like.
If your computer can use the key to decrypt the stream in software, you can watch it decrypt its own code in Softice or something similar, and get the key. The encyrpted code just made things more difficult. Without some kind of tamper-proof hardware there is NO WAY to do 100% secure digital media distribution.
more importantly, an advisory will come out for FreeBSD, and theo will follow up with "This has been fixed in OpenBSD since 1997" or something similar. Very impressive.
not this one again. you're being misleading by omission. allow me to rephrase your statement to make it correct: "the performance differences are huge for packet filtering applications that use BPF (berkley packet filter)."
Berkely packet filters? BSD unix? hmmmm....
Did you know that Linux is faster than FreeBSD at running Linux kernel modules?
This "benchmark" gets the "no shit, that's absolutely useless" award.
When I first read it, it made perfect sense to me. I have a video card that is pretty noisy electrically, and if I put it anywhere near the soundcard, I get a terrible hum on the output.
The moral of this story is: always put your sound card as far away from everything else as possible. or get a card with SPDIF out, and use it.
All hail SuperMojo!
You misunderstand. Walk into your local software store, and I bet you could count the apps written with VB on one hand. The reason VB is so highly ranked in this survey is because of in-house developers writing one off hacks (what else can you do in VB?). No one writes real applications that have any kind of long term maintenence requirements in VB.
The reason VB is so popular is that people who don't have the skills to be a real developer can wire together components to make simple applications, especially database frontends. Companies can pay these VBers a lot less than a software engineer would demand, so they're happy too.
Delphi is similar, but sucks a lot less.
Personally, I don't see much difference between the "new" (web page) crackers and the "old" (copy protection) crackers. Both require basic assembly knowledge, and the ability to use a debugger. And lots and lots and lots and lots of time on your hands. Obviously I am ignoring those amazing buffer overruns exploits where people manage to get code in through a function that strips out all characters but '9' 'a' and 'q', but your average exploit is not that impressive an achievement. Nor is your average software crack. I fully expect to be flamed by the script kiddies and the h4x0r groupies. Please at least attempt to keep it coherent.
As long as we're playing conspiricy games, go look for any info from apple on www.spec.org. Apple/Motorola isn't represented past the 604e. Do you wonder why Apple wouldn't be touting their "supercomputers" on as close to an objective platform as we have for these things? The rule to automatically ignore all marketing claims is especially true with apple. They make nice machines (especially laptops), but their marketing department gets the award for most out of control almost-lies.
While you are quite correct about performance of a 667Mhz 21264 beating the pants off of this chip, the notion that a 450Mhz G4 will beat a 700Mhz PIII at anything but the most contrived of benchmarks is a testament to the reality distorting power of Apple's marketing department.
"Computer Science" shouldn't focus too heavily on any one programming language. The operating system is completely irrelevant unless you're actually hacking on it. A UNIX administration class, while possibly very useful, is not Computer Science.
You want the Creative Labs Dxr2 drive, and a utility called remoteselector. Much more information is available at: dvd underground