"...and you may quickly find yourself scrambling to justify a need for 750 GB of storage capacity."
With the amount of media stored on my server I can already justify a disk this size. The only downside is of course that you're going to need two of these for your mirror:(
Anyway, any bets how long 'till we hear the sounds of Battlestar Galactica from the adjoining stall as a co-worker takes a suspiciously long bathroom break?
And since it seems that they can achieve nothing without creating new laws, the public is continually being imprisoned within ever thicker legal walls and shackled with ever tighter legal chains.
Agreed. The problem with the constant creation of new laws is that after a while, everything becomes illegal. This means that the execution of justice now rests not with the judges and magistrates where it belongs, but with the police, whose original function is to simply arrest law breakers and bring them before the legal system. Since everything is illegal, the police must decide who to arrest and who to ignore, so in effect, they are deciding who is guilty and who is innocent. This merges back the explicit separation of the legal and enforcement arms. A state where the police function like this is called a police state. It's not the fact that they will arrest you for breaking some obscure law (which is probably unlikely), it's the fact that they can.
At Rio Tinto, the managers (and everyone else) have an acronym for this guidance - it's called QQRT. It stands for Quality, Quantity, Resources and Time. The QQRT model is used whenever someone asks you to do anything (and whenever you ask someone to do something).
Quality - The expected output/results of this task. Quantity - How much of the result is expected. Resources - The people, money, computing time, communications, documentation, courses etc that will allow you to achieve the end result. Time - The expected time it should take you.
So, if you are making coffee for someone, the QQRT would be Quantity - One Cup, Quality - White, two sugars, Resources - coffee machine and supplies in the kitchen, Time - preferably in the next 5 minutes. From this you've got everything you need to carry out the task.
Coffee is a simple example, but QQRT is used right the way up to large projects and serves as a quick guide for everyone to check it they have got everything they need.
SMTP is an outdated, insecure protocol which is ill-suited to modern email.
We need to replace it with a protocol which is authenticated at both ends. A friend and I came up with the following; which although not perfect and probably subject to a few tweaks is a step in the right direction.
J Random Hacker/Company/Joe Sixpack leases a domain name from J Random Registrar. Let's call it jrh.com
That registrar provides a private key and a public key pair based on the domain name.
The CMTP (or Complex Mail Transport Protocol - I made that up) server on jrh.com wants to send an email to target.com. It signs the outgoing message with the private key (ie puts a hash in the header - and you could base it on time and date or other arbitrary data to make sure there's no forgery) and then connects to target.com. target.com then asks jrh.com's registrar for jrh.com's public key (either that or it's propagated over DNS). If the pair match up, the email is accepted. If not it's dropped at the door. No questions asked.
During the phase in period, SMTP traffic could be configured for a 15 minute delay on each target server, whereas CMTP traffic is dealt with immediately. I compare it to how Telnet was slowly phased out in favour of its more secure replacement, SSH.
So, if a spam zombie Windows box is spewing out SMTP traffic in a CMTP world, most servers would drop it at the door. The spammers can't go to CMTP because:
1) They can't use a private key they made up because it's checked against the public key held at the registrar.
2) If they use the private key of a domain they hold (ie install it as part of the worm infection) when people get even 1 spam from them (yes 1 spam - it would be that unusual) the server just ignores mail sent with that signature.
The solution works because the motivation would be there for companies to prevent spam on their networks. As soon as they switch to CMTP, they get no spam over it. And eventually they will get no SMTP email at all. Just as nobody uses Telnet anymore, SMTP will die out if replaced with something better. You can make all the laws you like but at the end of the day, the SPAM solution is a technical one.
Even so, could you tell the difference between a real diamond and a similarly cut bit of leaded glass?
Next time you're near a good jeweler's shop, ask to see a comparison between diamonds and glass. The diamonds are instantly recognisable - they are duller and less sparkly than the cut glass due to their higher refractive index.
I think this might give you a good start, particularly the recipe for nitroglycerin.
<sarc> But of course those "stupid towelheads" in those "axis of evil" countries wouldn't already KNOW that this information is freely available. </sarc>
You have forward facing binocular vision (good for judging distances), strong legs and arms (for fighting), plenty of downward force available in your jaw which has canine teeth (for ripping flesh apart), opposable thumbs (for making and using tools and traps) and a highly intelligent brain capable of process thought (good for outsmarting dumb animals).
In short, your average human being is a nasty piece of nature's work. Add to that the predatory instinct we're all born with and I'm not surprised we kill each other on a regular basis.
I also don't have any control over the network infrastructure itself, just over our DHCP server.
Then, my friend, you are SOL.
You can't do what you're asking with this little control over the network.
Ideally, the way you want to do this is to put every computer on it's own VLAN. That means that every computer has a direct connection to your DHCP server (and then on the other side you can put your gateway's, nameservers etc and switch through to them). Doing this effectively cuts off direct access to each of the computers from each other. Seriously, for an ISP style service where you're providing Internet, it is highly dangerous to allow unrestricted access across the network.
Block every port at the switch by default. Then open ports 80, 25, 110, 21 and maybe some of the IM ports (that's a BIG maybe).
Turn off ICMP. It's not needed for normal users. Yes I know, it's a pain when you're troubleshooting, so turn it on temporarily if that machine has trouble.
Basically, the lockdown has to come from up on high. Locking down a network at the desktop level is folly, and leads to "security by agreement" (which is unenforceable - there's a reason network servers are protected physically). If any one of those desktops is compromised, you're back to square one. If any policies are in place, they must be enforced by the network infrastructure - which you don't control.
My advice - quit this position, and tell whoever is in charge that this can't be done, and that if they want a secure network it's going to take some money.
I've noticed over the last (at least) year or so that people are considering Google the de-facto standard for searches and information accessibility. I've also noticed that whenever somebody creates a project that is even slightly related to what Google does, everybody immediately looks at each other and says in a quiet whisper "Is that... allowed?"
It's a free market people. The Internet is just like any other marketplace and people are free to do whatever they like however they like. Google is just another player. Granted they are an enormously huge one, but they are a player nonetheless. They don't (yet) have a restrictive monopoly on searches, and there are no laws that say "Thou shalt not impinge on Google's turf".
It's not divisive pride. These people decided to do their own thing. Maybe they can even - shock horror - do it better than Google. I for one wish them the best of luck.
Remember, Google doesn't own the patent on innovation.
Seriously though anyone else see the irony in a linux distribution known for its LiveCD requiring manual editing of config files for upgrades?
Sorry, as I said, it was late at night.
You can do everything I just said graphically with Synaptic - I think someone already posted the instructions elsewhere in this thread.
No touching the command line, no editing of config files, no symlinking to a new distribution.
I'm not trying to get into a distro pissing contest, but I think normal people (ie people who do things like install software and run Windows Update all by themselves) could manage the upgrade.
Oh and just to head off "But normal people can't find the power switch omg lol!!!" trolls, yes I know grandma can't maintain her computer. She shouldn't be sorting through patches on her Windows box, and she shouldn't be upgrading from Warty to Hoary with no assistance. I mean your average white collar office worker who can stumble his way through an installation of MS Office could probably stumble his way through a Hoary upgrade after reading about it on the website.
Seriously, have you used Ubuntu, or are you just going on what I said?
Slashdot Mirror
It's posts like this that make me wish /. post points went higher than 5.
When I was a lad, all our games ran on Steam!
http://plif.andkon.com/archive/wc273.gif
"...and you may quickly find yourself scrambling to justify a need for 750 GB of storage capacity."
:(
With the amount of media stored on my server I can already justify a disk this size. The only downside is of course that you're going to need two of these for your mirror
Anyway, any bets how long 'till we hear the sounds of Battlestar Galactica from the adjoining stall as a co-worker takes a suspiciously long bathroom break?
Is that what the kids are calling it these days?
And since it seems that they can achieve nothing without creating new laws, the public is continually being imprisoned within ever thicker legal walls and shackled with ever tighter legal chains.
Agreed. The problem with the constant creation of new laws is that after a while, everything becomes illegal. This means that the execution of justice now rests not with the judges and magistrates where it belongs, but with the police, whose original function is to simply arrest law breakers and bring them before the legal system. Since everything is illegal, the police must decide who to arrest and who to ignore, so in effect, they are deciding who is guilty and who is innocent. This merges back the explicit separation of the legal and enforcement arms. A state where the police function like this is called a police state. It's not the fact that they will arrest you for breaking some obscure law (which is probably unlikely), it's the fact that they can.
"AFP/File Photo: Computer connected to the internet."
Just in case, ya know... You didn't know what a computer connected to the internet looked like.
Not to mention funny:
http://plif.andkon.com/archive/wc123.gif
At Rio Tinto, the managers (and everyone else) have an acronym for this guidance - it's called QQRT. It stands for Quality, Quantity, Resources and Time. The QQRT model is used whenever someone asks you to do anything (and whenever you ask someone to do something).
Quality - The expected output/results of this task.
Quantity - How much of the result is expected.
Resources - The people, money, computing time, communications, documentation, courses etc that will allow you to achieve the end result.
Time - The expected time it should take you.
So, if you are making coffee for someone, the QQRT would be Quantity - One Cup, Quality - White, two sugars, Resources - coffee machine and supplies in the kitchen, Time - preferably in the next 5 minutes. From this you've got everything you need to carry out the task.
Coffee is a simple example, but QQRT is used right the way up to large projects and serves as a quick guide for everyone to check it they have got everything they need.
...welcome our new 18 fingered overlords!
(yes I'm a daily vim user)
Keep up the fantastic work guys - vim is one of those apps which is actually a pleasure to use.
Hmm... didn't know Gene Ray posted to Slashdot...
That's Edwin S. Rubenstein, the other ESR!
The Australian is Australia's national level newspaper. It's quite well respected and generally deals with Australia wide events and news.
Sounds like £65,000 well spent to me.
Will this be the real end of innovation in videogames?"
Yes.
Wow that was an easy Ask Slashdot!
...unlimited energy , accelerate crop growth, desalinize and purify drinking water, obtain health benefits and provide air conditioning...
Now that's what I call REAL UTLIMATE POWER!!!!
The only solution to spam? Replace SMTP.
SMTP is an outdated, insecure protocol which is ill-suited to modern email.
We need to replace it with a protocol which is authenticated at both ends. A friend and I came up with the following; which although not perfect and probably subject to a few tweaks is a step in the right direction.
J Random Hacker/Company/Joe Sixpack leases a domain name from J Random Registrar. Let's call it jrh.com
That registrar provides a private key and a public key pair based on the domain name.
The CMTP (or Complex Mail Transport Protocol - I made that up) server on jrh.com wants to send an email to target.com. It signs the outgoing message with the private key (ie puts a hash in the header - and you could base it on time and date or other arbitrary data to make sure there's no forgery) and then connects to target.com. target.com then asks jrh.com's registrar for jrh.com's public key (either that or it's propagated over DNS). If the pair match up, the email is accepted. If not it's dropped at the door. No questions asked.
During the phase in period, SMTP traffic could be configured for a 15 minute delay on each target server, whereas CMTP traffic is dealt with immediately. I compare it to how Telnet was slowly phased out in favour of its more secure replacement, SSH.
So, if a spam zombie Windows box is spewing out SMTP traffic in a CMTP world, most servers would drop it at the door. The spammers can't go to CMTP because:
1) They can't use a private key they made up because it's checked against the public key held at the registrar.
2) If they use the private key of a domain they hold (ie install it as part of the worm infection) when people get even 1 spam from them (yes 1 spam - it would be that unusual) the server just ignores mail sent with that signature.
The solution works because the motivation would be there for companies to prevent spam on their networks. As soon as they switch to CMTP, they get no spam over it. And eventually they will get no SMTP email at all. Just as nobody uses Telnet anymore, SMTP will die out if replaced with something better. You can make all the laws you like but at the end of the day, the SPAM solution is a technical one.
Even so, could you tell the difference between a real diamond and a similarly cut bit of leaded glass?
Next time you're near a good jeweler's shop, ask to see a comparison between diamonds and glass. The diamonds are instantly recognisable - they are duller and less sparkly than the cut glass due to their higher refractive index.
I think this might give you a good start, particularly the recipe for nitroglycerin.
<sarc> But of course those "stupid towelheads" in those "axis of evil" countries wouldn't already KNOW that this information is freely available. </sarc>
I fail to see what this will achieve.
http://www.imdb.com/title/tt0151804/
Hey, I'm a natural predator.
Hehe. You sure are.
You have forward facing binocular vision (good for judging distances), strong legs and arms (for fighting), plenty of downward force available in your jaw which has canine teeth (for ripping flesh apart), opposable thumbs (for making and using tools and traps) and a highly intelligent brain capable of process thought (good for outsmarting dumb animals).
In short, your average human being is a nasty piece of nature's work. Add to that the predatory instinct we're all born with and I'm not surprised we kill each other on a regular basis.
I also don't have any control over the network infrastructure itself, just over our DHCP server.
Then, my friend, you are SOL.
You can't do what you're asking with this little control over the network.
Ideally, the way you want to do this is to put every computer on it's own VLAN. That means that every computer has a direct connection to your DHCP server (and then on the other side you can put your gateway's, nameservers etc and switch through to them). Doing this effectively cuts off direct access to each of the computers from each other. Seriously, for an ISP style service where you're providing Internet, it is highly dangerous to allow unrestricted access across the network.
Block every port at the switch by default. Then open ports 80, 25, 110, 21 and maybe some of the IM ports (that's a BIG maybe).
Turn off ICMP. It's not needed for normal users. Yes I know, it's a pain when you're troubleshooting, so turn it on temporarily if that machine has trouble.
Basically, the lockdown has to come from up on high. Locking down a network at the desktop level is folly, and leads to "security by agreement" (which is unenforceable - there's a reason network servers are protected physically). If any one of those desktops is compromised, you're back to square one. If any policies are in place, they must be enforced by the network infrastructure - which you don't control.
My advice - quit this position, and tell whoever is in charge that this can't be done, and that if they want a secure network it's going to take some money.
I've noticed over the last (at least) year or so that people are considering Google the de-facto standard for searches and information accessibility. I've also noticed that whenever somebody creates a project that is even slightly related to what Google does, everybody immediately looks at each other and says in a quiet whisper "Is that... allowed?"
It's a free market people. The Internet is just like any other marketplace and people are free to do whatever they like however they like. Google is just another player. Granted they are an enormously huge one, but they are a player nonetheless. They don't (yet) have a restrictive monopoly on searches, and there are no laws that say "Thou shalt not impinge on Google's turf".
It's not divisive pride. These people decided to do their own thing. Maybe they can even - shock horror - do it better than Google. I for one wish them the best of luck.
Remember, Google doesn't own the patent on innovation.
Seriously though anyone else see the irony in a linux distribution known for its LiveCD requiring manual editing of config files for upgrades?
Sorry, as I said, it was late at night.
You can do everything I just said graphically with Synaptic - I think someone already posted the instructions elsewhere in this thread.
No touching the command line, no editing of config files, no symlinking to a new distribution.
I'm not trying to get into a distro pissing contest, but I think normal people (ie people who do things like install software and run Windows Update all by themselves) could manage the upgrade.
Oh and just to head off "But normal people can't find the power switch omg lol!!!" trolls, yes I know grandma can't maintain her computer. She shouldn't be sorting through patches on her Windows box, and she shouldn't be upgrading from Warty to Hoary with no assistance. I mean your average white collar office worker who can stumble his way through an installation of MS Office could probably stumble his way through a Hoary upgrade after reading about it on the website.
Seriously, have you used Ubuntu, or are you just going on what I said?
It's fairly straightforward:
/etc/apt/sources.list
:wq [enter])
1) Grab a root console (Applications->System Tools->Root Console) and type the password for the first unprivilidged account on your system.
2) vi
3) Replace the lines that are marked thusly:
deb http://ubuntu.../ warty main
and type this instead:
deb http://au.archive.ubuntu.com/ubuntu hoary main restricted
deb-src http://au.archive.ubuntu.com/ubuntu hoary main restricted
deb http://au.archive.ubuntu.com/ubuntu hoary-updates main restricted
deb-src http://au.archive.ubuntu.com/ubuntu hoary-updates main restricted
(ignore Slashdot's anti-goatse domain display feature)
Note: this may be as simple as replacing every instance of warty with hoary - but I'm not sure.
3) Save the file (ie esc
4) type apt-get update
5) type apt-get dist-upgrade
6) Wait for everything to download, cross your fingers nothing breaks and enjoy.
disclaimer: it's late at night. I may have missed something...