One thing i like with DSL is the added security (yes i know it's not perfect) of router NAT. when you have an OS that you know needs securing, like WinXP, spending all day downloading patches over a modem just leaves you vulnerable. If someone made a matchbook sized computer with an RJ11 on one side, an RJ45 on the other, and a very simple distro that knew how to do dialup in the middle, i'd recommend and buy for anyone i know who still used dialup.
Thank being said, anyone have any tips for security?
I don't like AT&T, and get free phone service from work anyway. I like having a computer in my pocket, and was thinking about the touch. I'd hate to buy and then a week later have a hardware refresh
In the rare cases you can find tapes, they're cheaper than CDs. WHen CDs came out, i remember hearing the labels say something along the lines of "they're expensive now, but once we mass distribute, they'll be cheaper than tapes". It sill hasn't happened. I'm not sure why a tape which has at a minimum:
2 case sides, two 2 part spindles, a tape leader, the tape substrate, the electromagnetical coating that actually records the data, 2 rollers, the metal thing to push against the read head and the sponge to not scratch the tape, and 2 clear windows, possbly 5 screws if the case doesn't snap together, possibly 2 inserts if the case is clear
is easier and cheaper to manufacture than a CD, especially know that CDs get more economies of scale than tapes. The fact that AOL switched from floppies to CDs probably also shows that CD manufacture is cheaper (though i'm sure it wasn't the only motivation in the switch.)
As far as the CD being an arbitrary price point, i remember when Public Enemy came out with "There's a Poison Going On". Their album was $8 for a download, $10 for an autographed CD. Once their label imploded (they were true pioneers in internet distribution, though a bit too early and the infrastructure wasn't ready for them yet) the same, non-autographed CD was sold in Virgin for 17.95. I'm not sure why virgin deserved the 7.95 (or more, depending on the value you put on the autograph) price delta.
As an aside, people don't recognize that Public Enemy was one of the first bands to really use the internet. They have several blogs and websites, released Bring The Noise 2000 on the internet for free (before the label made them take it down), released the single Swindler's Lust for free, and for Revolverlution, pre-released some tracks and asked for the remixes to be sent back to them, and included a pretty good remix (plus the original of course) of "Give the Peeps what they Need" on the Revolverlution disk.
I remember reading once that a good measure of a society would be to compare the density of the artists, entrepreneurs, and engineers (the creatives) with the lawyers (people who redistribute) and accountants (people who count and quantify). Patent law and the number of people sued for things that look stupid right on the surface convince that the quote has some relevance.
This is not the first kernel bug exposed by gcc. The egcs fork of 2.9 series compilers exposed some bugs, and distros had to have a kgcc package that was back versioned to 2.8 to compile the kernel, the rest of the OS was the mainline egcs.
It's not as if 4.3 is going to magically end up in a distro, entering ninja style without warning. Any distro vendor who adds 4.3 and does not have a patched kernel will have some kgcc equivalent.
If you add a new compiler, put it in/opt, and keep using the system compiler for your kernel.
I read the book. It's awesome. I've seen the trailers for the movie, it seems they've already taken liberties, sucks, because the book didn't seem liked it needed them.
The MIT scam was not card counting. Card counting tracks probabilities of cards based on what's been dealt. The technique in the book was knowing exactly what a card in a shuffle would be. If the dealer lets you see the tail card and you get to cut the cards alone and you are skilled enough to cut the cards to count to card you saw and you can track the card count through all the cards and deals and the card is a 'big' card (face or ace) that can affect a hand wildly for better or worse, then you can adjust your bet for that one hand based on you knowing that one card. Most advantageous is when you have tracked a face card and you know you will bust the dealer. It also works better with a team, at least where you can control all nodes at the table. You and the other person can then use the count to force the card to either one of the hands, or the dealer.
This is harder to track than card counting, because you play normally most hands, just bet big (and somewhat out of character, which helped lead to their downfall) every once in a while and win big.
The one thing that struck me most in reading the book is that they really never understood human nature, specifically humans working for the casino. They kept on saying "well, we're not cheating" and expected there to be no problems. You're taking massive amounts of money from casinos - they don't like that. They seemed totally unaware of the dangers they faced, physically.
Office. What's the lock-in/network effects here? The office file format, ubiquity, and the UI. Google wants to take over this space, not that they want to sell office apps, but they want the docs to be more under their control, both with an open standard (which violates the office format lockin) and be able to see more docs (google docs). The best part for Google is, they don't even need to have the best app available. They just want the open format, and google doc part. Want to sue Writely? go ahead. Want to use openOffice? hey, we got a nice plug in for you. One Google gears goes ahead, google docs will be even more transparent. Office is in for a fight here. It won't be tomorrow, but it will slowly kill office dominance, and i feel microsoft knows it. As first in this thread said, SAP won't fix this.
The OS itself. What is an OS? it allows you to do things. It controls local storage. Hmm, writely and google docs obviates some of the need for this. What do most people use this for? Web browsing (firefox homepage, google plug in, google gears, google toolbar, google browser sync, gspace), email (gmail) and office style apps (writely et al.). If you strip away the geek terms for an os (direct control over drivers, kernel space vs user space) and just talk about what and end user finds useful, we already have close to a google os - it just happens to be an overlay on whatever os you have. Google already has an OS, it's kernel is Firefox, and it can work for a large subset of the population.
Even scarier... I remember someone had created a IPTABLES -- web proxy that turned pictures upside down for the leechers. A few doses of goatse or tubgirl should scar them for life.
Decent analogy, but I've always seen the 'Clock speed in computers is like Horsepower in Cars' analogy better.
A lot of Horsepower, like a high clock, has some correlation to performance, but there are always confounding factors so you can not compare two machines clock for clock, HP for HP. For computers: bus speed, bus width, how much memory, etc. For cars: gearing, car weight, torque curve, transmission type and shifting speed, etc.
Redline is more of a side effect. A high redline will possibly give higher horsepower depending on the torque curve, but why use a side effect (redline) instead of using the direct quantity (HP).
Anti-virus software's main purpose, it would appear, is not to detect novel threats, but to limit the proliferation of established threats. And for it to perform this task, it needs to be continually updated with new virus definitions. Somewhat. It also does some heuristics to predict certain things. These are always going to be hard, you're essentially trying to find out what abnormal is on a machine that is worth most when it is most flexible and has no hard definition of normal. Apps change, and with it, what's normal changes. If i'm an OS, how do i determine if the info that this app is sending is my pic for an IM, or secret data to a Identity Thief?
However, if every virus infection necessarily requires the exploiting of a security vulnerability... then it would seem that all the effort in designing and implementing a "virus signature update" system would be better spent designing and implementing a "uniform software update" system, so that the number of vulnerabilities on a computer is always as low as humanly possible. This is more complex than you make it out to be. There are several fronts to attack. You can fix bugs in software so software that exploits bugs can't work. You can make design changes in software to minimize attacks. Remember, outlook viruses are doing EXACTLY what Microsoft programmed Outlook to do, run attachments when you doubleclicked on them, and the app associated happened to be able to do anything to your system, including send mail. If someone made a Linux mail app that did '/bin/bash file.sh' whenever if someone clicked on file.sh would be doing exactly what you asked for, but also destroying system security. Phishing scams do what the software was intended to do.
I think most readers will recognize that this is precisely what Linux does: considerable effort is put into having a uniform package manager, It's not uniform, there are several package managers, and several front ends on top of that. Even if we all used RPM or apt or whatever, layout differences config file differences will mean that there is not one central repository, each distro still needs their own customizations.
so that software all gets updated routinely and uniformly (rather than expecting the user to separately update each of hundreds of apps with possible vulnerabilities). I think you conflate two points here. Having one respository for apps is more of a distro thing, it depends on how much third party stuff you install. My fedora install, for example, has several repos, not one single one. A single repo also promotes a software monoculture, which can have negative effects on security.
The other way you can update several apps is when they share a common base library. This helps in that you update several apps when you update the lib, but has a downside that several apps, maybe each with different attack vectors, are vulnerable until you do.
Rather than spend time worrying about getting the latest virus signature in the database, the coders worry about having all the code in the trusted repository being as bug-free as possible. Again, security is not just the absence of exploitable bugs, it's proper design as well. Microsoft products have a long history of being exploitable when working as designed. There really needs to be a new security model created. Remember that Windows and UNIX both have had networking bolted on well after the initial design. UNIX spread well because it was a simple model, and therefore easy to port. This simplicity has some downsides when the simple model is easily exploitable. Windows has been designed to be "easy to use", but some design decisions are horrible when measured against their security implications.
"Thus, no one shall do to Disney what Disney did to the Brothers Grimm." -Lessig
It should be notable that most creative works build on top of existing works, like how Disney drew a lot of content and inspiration from the brothers grimm. So the current culture of copyright severely impeded creativity.
Interesting enough, the Brother's Grimm may have "Disneyfied" the originals. This weeks straightdope draws the originals as pretty gruesome
"In theory, there's no difference between theory and practice. In practice, there always is."
I thought of this quote when I read the first story on how it "flew" in simulation. The real world can throw an infinite state machine at you, have you modeled it completely?
I'm thinking that this could possibly make it a little harder for prosecutors. A defendant could, in theory, state that his confession was under duress from this "tool". Since there are no marks, it's hard to prove either way. I'm guessing the jury would never put much credence to this though. interesting to see how this plays out.
The impression we get from TV crime drama is out of touch with reality. For lack of resources or otherwise, even violent crimes don't get the attention CSI portrays.
Similar story here. I was mugged at gunpoint once. Was scared shitless because I truly only had a dollar on me, and i was worried they'd shoot me because they got out of their warm van (was late fall in chicago) and only got a buck.
They were in a relatively rare car (the original Toyota minivan, never sold here because wasn't the right car for American market) and I got a partial plate. Cops were "well, you didn't get a full plate, so we can't search" in a way that told me the statement wasn't about technical search limitations, he just wasn't gonna do it.
Not quite. There was a book I read recently about some MIT kids that had a system that did not involve card counting. It involved: seeing the tail card of a deck because of a faulty shuffle cutting (a players, not dealer's cut) with precision so you know how far deep in the deck that card is. Then you just play normal strategy until that card comes up. Depending on what it is (ace, face card) you try to steer it to your or the dealer's hand where it will cause the most damage. Most hands you just play normal, then on some (seemignly random hand) you bet large and lucky and boom. In the beginning, the casinos knew something was fishy, but didn't know exactly what, since they didn't play as card counters.
The simple solution was tighter deals (not showing the tail card) and having both a player and the dealer cut.
The slogan for IT stories, as opposed to "news for nerds, stuff that matters" is
it is what it is Hmm, weird to have a quote from "Boogie Nights" as the slogan for IT.
GLIBC allows you to create hooks for the standard mem functions (malloc/realloc/free). Remember that g++ still calls these under new/delete so it works for C++ also.
One of our guys coded up a simple shared lib that can be loaded with LD_PRELOAD that sets simple hooks of printing memory locations for new/realloc/delete. He then wrote a perl script that kept track of these things and spit out anything that was malloc'ed and not realloc'ed or free'd.
I can't post it, because technically it's not my code it's my company's. But his shared lib code is just 300 lines long, and shouldn't be hard to duplicate. The perl log filter is even more straighforward. Each malloc gets saved. Each free removes the malloc. Each realloc removes the old malloc and adds a new one. Anything left over is a leak.
Override __malloc_initialize_hook with a pointer to your init_function. In your init_function, save the old functions at __malloc_hook __free_hook __memalign_hook and __realloc_hook and substitute your own. Now write your replacement functions, in it, do your logging and temporarily replce the old hooks and call the original functions, replace with your hook on the way out to get the next call. All of the hooks should be wrapped in a mutex to help re-entrancy problems.
It's not a full memory detector, just does leaks, but it's non-intrusive, requires no recompiles, and is the best way we have to leak detect our huge server long running code.
In these filings you have to state EVERYTHING you may ever think of that could even slightly affect your stock price, or bear the brunt of a multi-million dollar shareholder lawsuit later if it hiccups in the slightest. The fact that they stated this doesn't imply any amount of actual fear of the GPL, just that it's something they need to be aware of.
Not quite "nothing to see here, move along" but definitely not a tabloid headline.
"We do now face the challenge of figuring out how to move, I'll say, the whole programming ecosystem of personal computing up to a new level where they can reliably construct large-scale applications that are distributed, highly concurrent, and able to utilize all this computing power," Hmm:
(where I have superuser privileges but not unilateral control over what root's environment looks like) I get a nasty old Bourne shell with no history, no completion, etc. If I were to change root's shell to bash or zsh, I'd run the risk of breaking system admin scripts that assume I'm using the default shell. The prohibition against using the default shell has nothing to do with shell scripts and a lot more to do with system stability. Solaris usually is installed with/etc/ and/sbin on a very small root partition, with the idea it's easier to do backups and maintain this minimal partition in case of absolute disaster. Things on here have absolute minimal dependencies. Bourne shell is static linked, the only such binary in all of Solaris, to make sure you have a shell available when the shit hits the fan. Bash (which has been part of default install since 2.8 days) uses too many things in/usr/lib for Sun to use in recovery mode. The bad part for you is you're stuck with compromises; it's purposely featureless for 1% of the time you're toeast, but the account is used 99% of the time for other reasons.
There are work-arounds. FreeBSD also has/bin/sh as default shell for root. They get around the convenience issue by having a shadow account toor that has a uid of 0 and a different shell (csh - ick, but i guess it makes sense considering the history of Berkeley and CSH).
you can also use sudo to get to root, and have your sudo command exec a different shell. This gives the added benefit of logging and a bit of more fine grained control.
As far as script being weird because of your default shell, I'd be interested to hear on how that can happen. The only way i can think of would be if you sourced into your current shell invocation instead of running a script. I don't think any Solaris scripts do that. If you guys do that, then you have the responsibility to make sure it runs in any bourne derived (bash, ksh, zsh, etc) script. This can't be Sun's fault.
Slashdot Mirror
One thing i like with DSL is the added security (yes i know it's not perfect) of router NAT. when you have an OS that you know needs securing, like WinXP, spending all day downloading patches over a modem just leaves you vulnerable. If someone made a matchbook sized computer with an RJ11 on one side, an RJ45 on the other, and a very simple distro that knew how to do dialup in the middle, i'd recommend and buy for anyone i know who still used dialup.
Thank being said, anyone have any tips for security?
I don't like AT&T, and get free phone service from work anyway. I like having a computer in my pocket, and was thinking about the touch. I'd hate to buy and then a week later have a hardware refresh
I'm not sure why a tape which has at a minimum:
2 case sides, two 2 part spindles, a tape leader, the tape substrate, the electromagnetical coating that actually records the data, 2 rollers, the metal thing to push against the read head and the sponge to not scratch the tape, and 2 clear windows, possbly 5 screws if the case doesn't snap together, possibly 2 inserts if the case is clear
is easier and cheaper to manufacture than a CD, especially know that CDs get more economies of scale than tapes. The fact that AOL switched from floppies to CDs probably also shows that CD manufacture is cheaper (though i'm sure it wasn't the only motivation in the switch.)
As far as the CD being an arbitrary price point, i remember when Public Enemy came out with "There's a Poison Going On". Their album was $8 for a download, $10 for an autographed CD. Once their label imploded (they were true pioneers in internet distribution, though a bit too early and the infrastructure wasn't ready for them yet) the same, non-autographed CD was sold in Virgin for 17.95. I'm not sure why virgin deserved the 7.95 (or more, depending on the value you put on the autograph) price delta.
As an aside, people don't recognize that Public Enemy was one of the first bands to really use the internet. They have several blogs and websites, released Bring The Noise 2000 on the internet for free (before the label made them take it down), released the single Swindler's Lust for free, and for Revolverlution, pre-released some tracks and asked for the remixes to be sent back to them, and included a pretty good remix (plus the original of course) of "Give the Peeps what they Need" on the Revolverlution disk.
I remember reading once that a good measure of a society would be to compare the density of the artists, entrepreneurs, and engineers (the creatives) with the lawyers (people who redistribute) and accountants (people who count and quantify).
Patent law and the number of people sued for things that look stupid right on the surface convince that the quote has some relevance.
This is not the first kernel bug exposed by gcc. The egcs fork of 2.9 series compilers exposed some bugs, and distros had to have a kgcc package that was back versioned to 2.8 to compile the kernel, the rest of the OS was the mainline egcs.
/opt, and keep using the system compiler for your kernel.
It's not as if 4.3 is going to magically end up in a distro, entering ninja style without warning. Any distro vendor who adds 4.3 and does not have a patched kernel will have some kgcc equivalent.
If you add a new compiler, put it in
I read the book. It's awesome. I've seen the trailers for the movie, it seems they've already taken liberties, sucks, because the book didn't seem liked it needed them.
The MIT scam was not card counting. Card counting tracks probabilities of cards based on what's been dealt. The technique in the book was knowing exactly what a card in a shuffle would be. If the dealer lets you see the tail card and you get to cut the cards alone and you are skilled enough to cut the cards to count to card you saw and you can track the card count through all the cards and deals and the card is a 'big' card (face or ace) that can affect a hand wildly for better or worse, then you can adjust your bet for that one hand based on you knowing that one card. Most advantageous is when you have tracked a face card and you know you will bust the dealer. It also works better with a team, at least where you can control all nodes at the table. You and the other person can then use the count to force the card to either one of the hands, or the dealer.
This is harder to track than card counting, because you play normally most hands, just bet big (and somewhat out of character, which helped lead to their downfall) every once in a while and win big.
The one thing that struck me most in reading the book is that they really never understood human nature, specifically humans working for the casino. They kept on saying "well, we're not cheating" and expected there to be no problems. You're taking massive amounts of money from casinos - they don't like that. They seemed totally unaware of the dangers they faced, physically.
What are Microsoft's two biggest cash cows:
Office. What's the lock-in/network effects here? The office file format, ubiquity, and the UI. Google wants to take over this space, not that they want to sell office apps, but they want the docs to be more under their control, both with an open standard (which violates the office format lockin) and be able to see more docs (google docs). The best part for Google is, they don't even need to have the best app available. They just want the open format, and google doc part. Want to sue Writely? go ahead. Want to use openOffice? hey, we got a nice plug in for you. One Google gears goes ahead, google docs will be even more transparent. Office is in for a fight here. It won't be tomorrow, but it will slowly kill office dominance, and i feel microsoft knows it. As first in this thread said, SAP won't fix this.
The OS itself. What is an OS? it allows you to do things. It controls local storage. Hmm, writely and google docs obviates some of the need for this. What do most people use this for? Web browsing (firefox homepage, google plug in, google gears, google toolbar, google browser sync, gspace), email (gmail) and office style apps (writely et al.). If you strip away the geek terms for an os (direct control over drivers, kernel space vs user space) and just talk about what and end user finds useful, we already have close to a google os - it just happens to be an overlay on whatever os you have. Google already has an OS, it's kernel is Firefox, and it can work for a large subset of the population.
Even scarier...
I remember someone had created a IPTABLES -- web proxy that turned pictures upside down for the leechers. A few doses of goatse or tubgirl should scar them for life.
Due to processing demands of Postscript, it had the highest speed 68000 available in an Apple product, besting all the Macs of the time.
Decent analogy, but I've always seen the 'Clock speed in computers is like Horsepower in Cars' analogy better.
A lot of Horsepower, like a high clock, has some correlation to performance, but there are always confounding factors so you can not compare two machines clock for clock, HP for HP. For computers: bus speed, bus width, how much memory, etc. For cars: gearing, car weight, torque curve, transmission type and shifting speed, etc.
Redline is more of a side effect. A high redline will possibly give higher horsepower depending on the torque curve, but why use a side effect (redline) instead of using the direct quantity (HP).
The other way you can update several apps is when they share a common base library. This helps in that you update several apps when you update the lib, but has a downside that several apps, maybe each with different attack vectors, are vulnerable until you do. Rather than spend time worrying about getting the latest virus signature in the database, the coders worry about having all the code in the trusted repository being as bug-free as possible. Again, security is not just the absence of exploitable bugs, it's proper design as well. Microsoft products have a long history of being exploitable when working as designed. There really needs to be a new security model created. Remember that Windows and UNIX both have had networking bolted on well after the initial design. UNIX spread well because it was a simple model, and therefore easy to port. This simplicity has some downsides when the simple model is easily exploitable. Windows has been designed to be "easy to use", but some design decisions are horrible when measured against their security implications.
Interesting enough, the Brother's Grimm may have "Disneyfied" the originals. This weeks straightdope draws the originals as pretty gruesome
With all the hosts behind firewalls and NATs, id be interested in the number, and the methodology of estimation.
How's that go?
"In theory, there's no difference between theory and practice. In practice, there always is."
I thought of this quote when I read the first story on how it "flew" in simulation. The real world can throw an infinite state machine at you, have you modeled it completely?
Slashdot | 10000 Cameras Ineffective At Deterring Crime
and i live in chicago, sigh....
I'm thinking that this could possibly make it a little harder for prosecutors. A defendant could, in theory, state that his confession was under duress from this "tool". Since there are no marks, it's hard to prove either way. I'm guessing the jury would never put much credence to this though. interesting to see how this plays out.
Similar story here. I was mugged at gunpoint once. Was scared shitless because I truly only had a dollar on me, and i was worried they'd shoot me because they got out of their warm van (was late fall in chicago) and only got a buck.
They were in a relatively rare car (the original Toyota minivan, never sold here because wasn't the right car for American market) and I got a partial plate. Cops were "well, you didn't get a full plate, so we can't search" in a way that told me the statement wasn't about technical search limitations, he just wasn't gonna do it.
I believe this is just a re-badged version of Disgruntled Coworker.
Not quite. There was a book I read recently about some MIT kids that had a system that did not involve card counting. It involved:
seeing the tail card of a deck because of a faulty shuffle
cutting (a players, not dealer's cut) with precision so you know how far deep in the deck that card is.
Then you just play normal strategy until that card comes up. Depending on what it is (ace, face card) you try to steer it to your or the dealer's hand where it will cause the most damage. Most hands you just play normal, then on some (seemignly random hand) you bet large and lucky and boom. In the beginning, the casinos knew something was fishy, but didn't know exactly what, since they didn't play as card counters.
The simple solution was tighter deals (not showing the tail card) and having both a player and the dealer cut.
GLIBC allows you to create hooks for the standard mem functions (malloc/realloc/free). Remember that g++ still calls these under new/delete so it works for C++ also.
One of our guys coded up a simple shared lib that can be loaded with LD_PRELOAD that sets simple hooks of printing memory locations for new/realloc/delete. He then wrote a perl script that kept track of these things and spit out anything that was malloc'ed and not realloc'ed or free'd.
I can't post it, because technically it's not my code it's my company's. But his shared lib code is just 300 lines long, and shouldn't be hard to duplicate. The perl log filter is even more straighforward. Each malloc gets saved. Each free removes the malloc. Each realloc removes the old malloc and adds a new one. Anything left over is a leak.
Override __malloc_initialize_hook with a pointer to your init_function. In your init_function, save the old functions at __malloc_hook __free_hook __memalign_hook and __realloc_hook and substitute your own. Now write your replacement functions, in it, do your logging and temporarily replce the old hooks and call the original functions, replace with your hook on the way out to get the next call. All of the hooks should be wrapped in a mutex to help re-entrancy problems.
It's not a full memory detector, just does leaks, but it's non-intrusive, requires no recompiles, and is the best way we have to leak detect our huge server long running code.
In these filings you have to state EVERYTHING you may ever think of that could even slightly affect your stock price, or bear the brunt of a multi-million dollar shareholder lawsuit later if it hiccups in the slightest. The fact that they stated this doesn't imply any amount of actual fear of the GPL, just that it's something they need to be aware of.
Not quite "nothing to see here, move along" but definitely not a tabloid headline.
Pick any one...
There are work-arounds. FreeBSD also has
you can also use sudo to get to root, and have your sudo command exec a different shell. This gives the added benefit of logging and a bit of more fine grained control.
As far as script being weird because of your default shell, I'd be interested to hear on how that can happen. The only way i can think of would be if you sourced into your current shell invocation instead of running a script. I don't think any Solaris scripts do that. If you guys do that, then you have the responsibility to make sure it runs in any bourne derived (bash, ksh, zsh, etc) script. This can't be Sun's fault.
Every time I try to send a message in AIM, i get:
Unable to send message: In local permit/deny
Ny clues? I tried upgrading from gaim, even wiped out my ~/.gaim dir, no help.