Hopefully it's not a password you have used anywhere else.
These people definitely have a copy of the old database, and thus salted password hashes. Anyone logging in right now is also providing their clear-text password and confirmation if it is the correct password, as well as their IP.
Between the two facts that the government would have spent the time cracking the hashes without much concern over the cost, plus the banner ads that would complicate a sting type operation, it's looking less like a government honeypot.
Still, we know very little about these new admins. We know the original admins are aware of this and do not approve, and we have been told (by the new admins) that they were given a backup of the database and website for safe keeping in case the original admins needed it to resurrect the site, which has not been disputed by the original admins.
IANA has recently reserved the IP block 100.64.0.0/10 for use with carrier grade NAT. An entire/10! 100.64.0.0 to 100.127.255.255 - just over 4 million IPs.
This block exists purely to interconnect two RFC1918 IP blocks which have a chance of conflicting. If the ISP decided to use 10.0.0.0/8 internally, then they wouldn't be able to connect any customers who's NAT router also used the 10.0.0.0 IP space. Similar problems arise with the 256 blocks of 253 IPs within 192.168.0.0/16
There is a new class of network middleware gear designed to sit between the real Internet and the customers which links them all together using that 100.64.0.0 block. Each cable modem / DSL modem's WAN IP is within this private block, as is the new router gear designed for massive state tables. It also does some interesting tricks to keep DNS working.
The routers are designed to take a single/24 block of routable Internet addresses to share with all those natted WAN ports, which of course will turn right around and NAT your single private 100.64 IP with all your own devices on traditional RFC1918 IPs.
255 public Internet IP addresses shared with 4,194,302 private IP addresses, or 16,448 private IPs per single Internet IP.
For a guess of 20k, you are amazingly close! Far closer than 4-16
Almost every bill of this kinda that is excuse they give for needing it is to help prevent child porn. I mean Really? Is that the best they can come up with to push this kinda crap through?
It doesn't need to be the best they could claim, it just needs to be good enough to work. And unfortunately, it is.
No politician wants the possibility of others claiming you aren't against child porn, or worse to claim your vote assisted child porn. You could very likely get a law passed allowing you to rape little children while video taping it, so long as you can spin anyone voting against you as not trying to prevent child porn.
Nothing shuts down the brains of most people like the terms "child porn" and "terrorist".
If he actually did any of those things, he wouldn't have ended up on the black list. I've repeatedly explained the lists do not work in the manor he has claimed. He even posted URLs that confirm everything I said.
It's not my job to convince anyone otherwise, so I'm finished with that conversation.
I certainly do know what I am talking about. As for being insulting, short of a complete and utter mistake on the part of spamhaus for incorrectly listing you (I'm not going to pretend any automated system is perfect), most would agree I said nothing that wasn't deserved.
Proper filtering would have prevented that unfortunate problem. It's not like I blamed you personally for the infection or made some stupid comment about windows or something. Just having an infection reaching out to a C&C server isn't enough to get listed, the botnet has to be seen getting commands and/or controls from you in order to get listed.
I'm sorry you couldn't get yourself delisted quickly, but attacking spamhaus just makes you sound like the douche. Neither the DDoS against them nor the infection on your network were their fault!
Regarding being listed, their spam and C&C lists are kept quite separate, and use different technologies as well - mail servers rarely if ever speak BGP to see if an IP is on the C&C-BL.
My mail server uses the CBL DNS list as one weighted metric to block incoming email from IPs listed for sending spam. My edge routers use the C&C BGP list to null route IPs listed as hosting C&C servers.
To get listed for C&C activity, a trojan would need to be able to connect with you to something hosting a C&C server.
This either happens by having an infected webserver that trojans are connecting on to get commands from, or from being a supernode of a botnet P2P network. These both result from lack of proper filtering, just allowing inbound connections instead of outbound to port 25
Other than the DDoS preventing you from telling them you got rid of the infected machine, everything still worked as intended.
You need to understand that attacking spamhaus only makes it sound like you either don't understand the reason they list IPs, or that you have some grudge against them because the rest of us choose to protect our networks against exactly this type of thing.
An infected machine in my network got our company on the XBL the morning the DDOS started.
Please stop being lazy and inconsiderate, add the two firewall rules to your router to stop attacking the internet.
Allow outbound dest port 25 from your mail servers IP. DENY outbound dest port 25 (from everything else)
You wouldn't have that problem, that infection wouldn't be attacking all of our systems, and you wouldn't be making such stupid comments about a blacklist that rightfully listed you.
It's beyond ridiculous. Back in Jan I tried installing an Office 2003 basic, and kept getting errors during online activation. Couldn't ping Microsofts server, and a traceroute showed a router upstream was returning ICMP "network administratively down" messages.
Ok, so telephone activation it is. The first guy claimed ignorance and told me his computer was down so he couldn't look up a code, and to try again in a bit in case the server is over loaded. Sure, OK. An hour later, same results. This time the phone rep told me there was a retroactive change in policy for office 2003 that happened the first of this year, you are now only allowed one installation per key and zero reinstalls. Including for HD failures, as was the case here (our previous base system image didn't include office, as not every PC needed it)
So the fact it was installed to a HD that died once was one install too many. They refused to reactivate it and told me to purchase a newer Office 365 subscription (HA!)
Our ERP client won't even work with access 2007, let alone anything newer or a web based product you can't pass DDE messages into.
Honestly, if it wasn't for the fact this is at my place of work, I would have pirated it in an instant with zero remorse.
However in the past 5 years, we've gone from a 100% microsoft shop run by my predecessor, to what is currently about 75% windows / 25% linux, and with the exception of Outlook, I've gotten us down almost to 50/50% on MS office / LibreOffice. Thankfully I have 250 Outlook 2007 licenses from the open license program, so they don't require activation.
When the entire front office and all the managers need to run reports out of ERP, at least until the vendor updates the crap to use a real reporting engine, we're a bit stuck. The sad part is, it was only about 2-3 months ago they released a point-version that (barely) installs and runs on anything newer than XP! Access to.net screen conversion is still 9 months down the road!
I'm in the same boat as you, and currently figuring out how to get our XP dependent ERP stack up to Win 7. Fortunately I have a similar setup, still not as nice as an apt package manager would be, but for Windows I'd never expected this level of automation.
However with the whole BYoD crap I, and I'm sure you too, get pestered about all the time, I thought I'd share what made my life easier dealing with iPhones and iPads. To be honest, I haven't seen this level of configuration since blackberry.
(PS, if you or anyone knows of anything like this for Android, I would love to hear about it. That is the last system that is a thorn in my side to support)
Contrast that to when we get a new iPad in. No PXE booting, no easy configuration through the network. No management tools that are worth a tin shit. I have to physically enter all that information in. Can't even swap in a replicated hard drive since it can't be taken apart. Loading from a USB stick? Hahah... No we have to go through the "cloud" for everything.
Check out the Apple iPhone Configuration Utility - About or Windows download page and any one of the many MDM (mobile device manager) servers for the backend.
You create various "profiles", which are signed and/or encrypted XML files with a.mobileconfig extension. Think Active Directories Group Policy for iOS.
I've made quite a few of these configs and have them posted on a sub-website on the Intranet, as well as keep handy to forward as email attachments. On iOS if you click one in a browser or as an attachment, it will display what parts of the system it will change, and if it can be removed, requires a password, or can't be removed (except via factory reset - think company owned devices) You just click accept, and if you only use required values the entire setup is done. Alternately you can mark some things as user provided (like domain username, and AD password) and you're prompted for those in one screen after confirming to install it.
I have one with our Exchange servers settings (which I admit is so simple to setup this one isn't really needed), two different ones for each VPN endpoint server, one that contains our wireless "guest" network settings as well as how to handle channel hopping and roaming between APs keeping sessions alive over wpa2-enterprise, all of our Sharepoint shared resources that can be linked in, as well as our public contact book.
These are available (in my case, user removable) for any employee to use to better utilize our resources without me having to setup anything.
Further, and at this point I'm probably starting to sound like an ad or something, still..
If we actually had company owned iOS devices, you can go as far as restricting any/all settings apps and extensions, pre-install your own apps, only allow apps on a whitelist to install, or even to not be able to install apps at all. It can redirect all iCloud services to internal services, or simply disallow them. iOS can link into active directory (via LDAP), and CalDav / CardDav, and have your x500 certificates installed
You can even do things currently only cellular carriers are privlidged to do, such as put apps or web shortcuts on springboard and not allow them to be removed or even repositioned. It even lets you reconfigure the cellular radio settings, changing the APN, GRPS, and a proxy that all data communications passes through.
You can reconfigure and push out settings updates over the air as well. About the only thing I don't think you can do is push app installs over the cell network, you have to wait until they are back on the wifi for that.
While I personally have been fortunately enough to never had to touch the blackberry enterprise server, Apple seriously went out of their way to rival BES in what you can do using these policies.
Incidentally, I confirmed last weekend that Office 2000 works on Windows 8. I'm good.
That you very much for that. I actually had scheduled testing Office 2000 on Windows 7 this week at work, which is at least now one less thing to worry about working around. (Old crusty ERP systems, massive dependencies on all sorts of MS products, and frightening hard coded bits n bobs - makes for a slow migration off XP:/ )
The best part of Office 2000 is you don't need to activate it, which means you CAN still use it. Unlike Office 2003 and 2007, for which Microsoft has shut down the online activation server for, and refuses to reactivate 2003 via phone anymore. As if our 150 Office 2003 licenses screamed out in terror all at once and then were null routed.
You are correct there is no such thing as a permit to jam, and that they can't actively jam. But to the issue of if they want to block it, there are other means to do so and those means are fine.
I mean to point out that the desire to block the radio signal isn't the problem and can even be done the right way. It was specifically the active transmitting that was the problem.
Which really is the best way.
With how people treat property, I can see some people desiring to prevent particular RF upon it. And as long as they don't affect or interfere with anyone else at all (intentionally or otherwise) I don't really see any moral issue with letting them do so.
Of course active jammers simply blast out RF at high wattage, typically bleeding over into other frequencies. There's just few realistic ways to use one and NOT affect someone else. Those few exceptions are the only reason the devices shouldn't be out right illegal to buy.
As with all good things in life, it's how you use it that counts.
My 26 year old brother in law is pretty annoyed because he spends a lot of his free time tinkering with big blocks of them and now he can't get anymore.
Have your brother in law google for "neocube" or even "spherical rare earth magnets" They are still available for sale from lots of other venders, both in similar sets as buckyballs and in bulk (the latter sounds more reasonable for him from your description)
Re:Or we're the cavities formed posthumously?
on
Iceman Had Bad Teeth
·
· Score: 1
Does that huge savings factor in the cost of credit monitoring services after Sony releases your personal info and credit card to the public?
What about the months of downtime during which you won't be able to use the PS4 let alone watch netflix, because some kids hack into and take down their network?
I don't see how spreading out parts of a system that operate in the many GHz range is going to help performance.
But that is why they are doing this, to not spread them out like we are right now, to avoid the performance problems we have right now.
In your computer, your CPU is in one package, the RAM in another, the GPU in another. They all attach to extremely long wires on a device known as a mother board.
Instead of having one wafer with 1000 CPUs on it, broken apart and packaged in huge plastic boxes to be connected to other components over very long wires like we currently do, they will have one wafer with 1000 different chips on it each a component of a computer.
Instead of the CPU being hundreds of mm away from the RAM, they plan on putting them within 1mm of each other on the same wafer.
Your entire computer will consist of a wafer being able to fit in a plastic package smaller than your current CPU, except it will be everything on your motherboard and that is plugged into that motherboard, all in one chip.
If our mess of huge wires on motherboards lets us reach 10ghz with liquid cooling right now, imagine when the circuits are thousands of times shorter using this new method.
The same reason a particle right next to the event horizon feels the black holes gravity stronger than a different particle, say one in your own body, which is very far away from the black hole and thus not pulled on it as much (aka at all)
Are you claiming the particle near the black hole gets pulled in, and magically the particle in your own body light years away should also get pulled in? Then why are you asking why your body particle doesn't get sucked in too?
The answer is distance. Gravity is stronger the less of it you have.
In what you quoted, the mater particle was closer and got sucked in, while the antimatter particle was further and far enough away NOT to be sucked in.
Replace either of those particles with the opposit, make them both matter, or both antimatter.. or just flip both. The exact same thing will happen. The trait of being antimatter or just matter has no effect on it.
Thanks for the tips. I'm definitely very interested in ram disk-ing them, and going read-only for normal operations.
I actually do use IDE to CF adapters already, although just as a direct HD replacement for the C: drive. Some of the DOS systems can't address disks(well, partitions) larger than 2gb anyway.
In one case the 98 system drives a 6 foot vinyl cutter machine, and the data files are created in a client program on an XP desktop. But the cutter software and drivers work with a custom PCI card that, along with a serial port, tell the machine what to do. I can't get either the core software or drivers to work under 2k or newer. I currently use a CF card (plenty of backup cards in the desk next to it) for the C drive, which I can reimage to a bad or new card (bad as in windows broke itself, or someone broke windows) D: is a spinny disk still. 98 USB support is pretty crappy, but I use that none the less to transfer files to it. (a different driver for each brand flash drive, really?) but have always wanted to try and get a network link up to the file server, even if read only and one way. I've been putting it off until I had a better setup for the whole thing to implement anyway, and this certainly qualifies.
Also, three of our five surface mount assembly lines have pcb screen printer machines still on DOS. These guys use a couple ISA IO cards to drive the actual hardware. This I've managed to virtualize using a usb2isa adapter and virtualbox. Which also let me add networking support through the host, and all running on modern hardware with a linux kernel as the host.
After going the CF as C: route for awhile, it was still annoying using the on-board software to create machine programs when the nice GUI app was so much easier to use. Now a CIFS mount puts a file server folder on the host pc, which is mounted as a drive letter under the VM, with the C: drive being a copy-on-write setup (I posted about that method earlier up in the thread)
I even have a 95 computer driving an xray machine (for detecting defects in mosfet chips) where the software has the most stupid thing I've ever seen in my life, making it a pain to moderalize. The software doesn't use real timing loops, but hard coded 'for' loops of a fixed length, and uses this for bit-banging purposes on the serial control lines. The CPU must be an Intel Pentium (one), and must be between 75mhz and 120mhz. Any faster, or slower, and the timing loops are off too far for it to communicate with the machine properly. The thing was already an old install when I got there, with no backups of course, misplaced serial keys, and the company that made it is no longer in business. I'm completely at a loss what to do on this thing to avoid using the existing install, or virtualize it in any way to keep the timing proper.
So far I've resorted to a clonezilla backup image which was converted into a restore cd. Drop the cd in, reboot, hit enter two or three times and wait a minute. When it's done restoring it reboots back to windows. Apparently they have to do this at least once a month (but at least no longer eats up my time!)
On one hand, these things are quite the pain in the side to have to keep running. On the other, most of these things are so expensive it's actually pretty cost effective to spend numerous hours of my time with such bandaid solutions.
At this point the easier and faster it is for the operators to do a restore, the better!
Hell, I'd love to see just creative and competent un-paid-for review of a given video game. Between the thirst for ad money, and pressure from gaming companies? Damn, you know?
Definately wading into offtopic I know, but would you settle for creative, comedic, nostalgic, and un-paid-for-by-gaming-companies?
The closest I know of, and one of my personal favorites, is the angry video game nerd
Certainly not on the same level (or even game) as Siskell and Ebert, but entertaining in a different way none the less, and it is obviously a work of love and not money.
I just wanted to see if you've ever played with BartPE before?
It's main function is to take a windows xp (or 2k i believe) installation cd, a folder of special packages to include, and optional custom config files (ie network settings) all as input.. and gives you a bootable ISO image as output.
Obviously it's meant to create a boot cd/dvd, but using syslinux similar to how you do, one can boot that ISO directly off a USB flash device as well. Flash makes it fast, and easy to overwrite the ISO for any system upgrades. No optical media slowdown either. ISO makes it read only while running from a RAM disk, so is quite fast.
For just running a web browser, it at least gives you a slightly newer kernel and base system to build upon.
Still, I'll have to play around with your method too, as I have some old legacy 95 and 98 boxes at work I need to keep alive for the foreseeable future, where in some of those cases virtualization isn't an option. (I've managed to virtualize custom ISA cards, but can't say the same for custom PCI cards)
For VirtualBox, the method I use is slightly different but gives similar results in the end. This must be done from the command line with the vboxmanage.exe tool, I'm not aware of a GUI way to do it.
I have a 'template' VM with fully setup windows and configured how I want it. Then I make a new 'guest' VM (from scratch) and copy the template disk image to a new name (cloned, from virtual media manager), from template.vdi to guestbox.vdi, and then I use a command line tool to set the new disk image immutable, so it can not be changed again.
Then point the guest vm to the guestbox.vdi image under settings -> storage.
Each time the VM boots, disk writes go into a seperate copy-on-write file, which gets deleted once the VM is powered down. A "revert" action takes as long as a delete command unlinking an inode.
When I need to make updates, I do that in my template vm, then copy over the vdi setting it immutable again. Copy the new guest image over the old one, and the VM is updated.
Slashdot Mirror
Chips can't be radioactive if produced from material free of radioactive material.
No, but if you made potato chips out of the element Lead and then ate them, you would die from a whole new set of reasons.
Hopefully it's not a password you have used anywhere else.
These people definitely have a copy of the old database, and thus salted password hashes.
Anyone logging in right now is also providing their clear-text password and confirmation if it is the correct password, as well as their IP.
Between the two facts that the government would have spent the time cracking the hashes without much concern over the cost, plus the banner ads that would complicate a sting type operation, it's looking less like a government honeypot.
Still, we know very little about these new admins.
We know the original admins are aware of this and do not approve, and we have been told (by the new admins) that they were given a backup of the database and website for safe keeping in case the original admins needed it to resurrect the site, which has not been disputed by the original admins.
But what if it's 20,000 customer's on an IP?
You're a lot closer than you realize.
IANA has recently reserved the IP block 100.64.0.0/10 for use with carrier grade NAT. /10! 100.64.0.0 to 100.127.255.255 - just over 4 million IPs.
An entire
This block exists purely to interconnect two RFC1918 IP blocks which have a chance of conflicting.
If the ISP decided to use 10.0.0.0/8 internally, then they wouldn't be able to connect any customers who's NAT router also used the 10.0.0.0 IP space. Similar problems arise with the 256 blocks of 253 IPs within 192.168.0.0/16
There is a new class of network middleware gear designed to sit between the real Internet and the customers which links them all together using that 100.64.0.0 block.
Each cable modem / DSL modem's WAN IP is within this private block, as is the new router gear designed for massive state tables. It also does some interesting tricks to keep DNS working.
The routers are designed to take a single /24 block of routable Internet addresses to share with all those natted WAN ports, which of course will turn right around and NAT your single private 100.64 IP with all your own devices on traditional RFC1918 IPs.
255 public Internet IP addresses shared with 4,194,302 private IP addresses, or 16,448 private IPs per single Internet IP.
For a guess of 20k, you are amazingly close! Far closer than 4-16
Almost every bill of this kinda that is excuse they give for needing it is to help prevent child porn. I mean Really? Is that the best they can come up with to push this kinda crap through?
It doesn't need to be the best they could claim, it just needs to be good enough to work. And unfortunately, it is.
No politician wants the possibility of others claiming you aren't against child porn, or worse to claim your vote assisted child porn.
You could very likely get a law passed allowing you to rape little children while video taping it, so long as you can spin anyone voting against you as not trying to prevent child porn.
Nothing shuts down the brains of most people like the terms "child porn" and "terrorist".
If he actually did any of those things, he wouldn't have ended up on the black list.
I've repeatedly explained the lists do not work in the manor he has claimed.
He even posted URLs that confirm everything I said.
It's not my job to convince anyone otherwise, so I'm finished with that conversation.
I certainly do know what I am talking about. As for being insulting, short of a complete and utter mistake on the part of spamhaus for incorrectly listing you (I'm not going to pretend any automated system is perfect), most would agree I said nothing that wasn't deserved.
Proper filtering would have prevented that unfortunate problem. It's not like I blamed you personally for the infection or made some stupid comment about windows or something.
Just having an infection reaching out to a C&C server isn't enough to get listed, the botnet has to be seen getting commands and/or controls from you in order to get listed.
I'm sorry you couldn't get yourself delisted quickly, but attacking spamhaus just makes you sound like the douche.
Neither the DDoS against them nor the infection on your network were their fault!
Regarding being listed, their spam and C&C lists are kept quite separate, and use different technologies as well - mail servers rarely if ever speak BGP to see if an IP is on the C&C-BL.
My mail server uses the CBL DNS list as one weighted metric to block incoming email from IPs listed for sending spam.
My edge routers use the C&C BGP list to null route IPs listed as hosting C&C servers.
To get listed for C&C activity, a trojan would need to be able to connect with you to something hosting a C&C server.
This either happens by having an infected webserver that trojans are connecting on to get commands from, or from being a supernode of a botnet P2P network.
These both result from lack of proper filtering, just allowing inbound connections instead of outbound to port 25
Other than the DDoS preventing you from telling them you got rid of the infected machine, everything still worked as intended.
You need to understand that attacking spamhaus only makes it sound like you either don't understand the reason they list IPs, or that you have some grudge against them because the rest of us choose to protect our networks against exactly this type of thing.
An infected machine in my network got our company on the XBL the morning the DDOS started.
Please stop being lazy and inconsiderate, add the two firewall rules to your router to stop attacking the internet.
Allow outbound dest port 25 from your mail servers IP.
DENY outbound dest port 25 (from everything else)
You wouldn't have that problem, that infection wouldn't be attacking all of our systems, and you wouldn't be making such stupid comments about a blacklist that rightfully listed you.
No problem!
Here is the PDF pieces of CARDIAC:
http://web.mit.edu/kmill/www/hardware/hardware.html
Additionally, you can purchase an original kit for $15 from:
http://www.scientificsonline.com/cardiac-illustrated-computation-aid.html
I still have mine on a bookshelf at home. It was an amazing little kit to me when I was 15, and still no less impressive today.
Enjoy!
If you don't want such stories posted here, why on earth did you just add an additional 4 "desired" points to it telling Slashdot you DO want more???
All the fundamental constants are specified in a config file. Just edit it, reboot the universe, and you're golden.
Gah! Not another universe that doesn't accept the HUP signal!!
And it was just starting to get an uptime worth bragging about.
It's beyond ridiculous.
Back in Jan I tried installing an Office 2003 basic, and kept getting errors during online activation.
Couldn't ping Microsofts server, and a traceroute showed a router upstream was returning ICMP "network administratively down" messages.
Ok, so telephone activation it is. The first guy claimed ignorance and told me his computer was down so he couldn't look up a code, and to try again in a bit in case the server is over loaded.
Sure, OK. An hour later, same results.
This time the phone rep told me there was a retroactive change in policy for office 2003 that happened the first of this year, you are now only allowed one installation per key and zero reinstalls. Including for HD failures, as was the case here (our previous base system image didn't include office, as not every PC needed it)
So the fact it was installed to a HD that died once was one install too many. They refused to reactivate it and told me to purchase a newer Office 365 subscription (HA!)
Our ERP client won't even work with access 2007, let alone anything newer or a web based product you can't pass DDE messages into.
Honestly, if it wasn't for the fact this is at my place of work, I would have pirated it in an instant with zero remorse.
However in the past 5 years, we've gone from a 100% microsoft shop run by my predecessor, to what is currently about 75% windows / 25% linux, and with the exception of Outlook, I've gotten us down almost to 50/50% on MS office / LibreOffice.
Thankfully I have 250 Outlook 2007 licenses from the open license program, so they don't require activation.
When the entire front office and all the managers need to run reports out of ERP, at least until the vendor updates the crap to use a real reporting engine, we're a bit stuck. .net screen conversion is still 9 months down the road!
The sad part is, it was only about 2-3 months ago they released a point-version that (barely) installs and runs on anything newer than XP! Access to
I'm in the same boat as you, and currently figuring out how to get our XP dependent ERP stack up to Win 7. Fortunately I have a similar setup, still not as nice as an apt package manager would be, but for Windows I'd never expected this level of automation.
However with the whole BYoD crap I, and I'm sure you too, get pestered about all the time, I thought I'd share what made my life easier dealing with iPhones and iPads.
To be honest, I haven't seen this level of configuration since blackberry.
(PS, if you or anyone knows of anything like this for Android, I would love to hear about it. That is the last system that is a thorn in my side to support)
Contrast that to when we get a new iPad in. No PXE booting, no easy configuration through the network. No management tools that are worth a tin shit. I have to physically enter all that information in. Can't even swap in a replicated hard drive since it can't be taken apart. Loading from a USB stick? Hahah... No we have to go through the "cloud" for everything.
Check out the Apple iPhone Configuration Utility - About or Windows download page
and any one of the many MDM (mobile device manager) servers for the backend.
You create various "profiles", which are signed and/or encrypted XML files with a .mobileconfig extension.
Think Active Directories Group Policy for iOS.
I've made quite a few of these configs and have them posted on a sub-website on the Intranet, as well as keep handy to forward as email attachments.
On iOS if you click one in a browser or as an attachment, it will display what parts of the system it will change, and if it can be removed, requires a password, or can't be removed (except via factory reset - think company owned devices)
You just click accept, and if you only use required values the entire setup is done. Alternately you can mark some things as user provided (like domain username, and AD password) and you're prompted for those in one screen after confirming to install it.
I have one with our Exchange servers settings (which I admit is so simple to setup this one isn't really needed), two different ones for each VPN endpoint server, one that contains our wireless "guest" network settings as well as how to handle channel hopping and roaming between APs keeping sessions alive over wpa2-enterprise, all of our Sharepoint shared resources that can be linked in, as well as our public contact book.
These are available (in my case, user removable) for any employee to use to better utilize our resources without me having to setup anything.
Further, and at this point I'm probably starting to sound like an ad or something, still..
If we actually had company owned iOS devices, you can go as far as restricting any/all settings apps and extensions, pre-install your own apps, only allow apps on a whitelist to install, or even to not be able to install apps at all.
It can redirect all iCloud services to internal services, or simply disallow them.
iOS can link into active directory (via LDAP), and CalDav / CardDav, and have your x500 certificates installed
You can even do things currently only cellular carriers are privlidged to do, such as put apps or web shortcuts on springboard and not allow them to be removed or even repositioned.
It even lets you reconfigure the cellular radio settings, changing the APN, GRPS, and a proxy that all data communications passes through.
You can reconfigure and push out settings updates over the air as well. About the only thing I don't think you can do is push app installs over the cell network, you have to wait until they are back on the wifi for that.
While I personally have been fortunately enough to never had to touch the blackberry enterprise server, Apple seriously went out of their way to rival BES in what you can do using these policies.
Unfortunately some
Incidentally, I confirmed last weekend that Office 2000 works on Windows 8. I'm good.
That you very much for that. I actually had scheduled testing Office 2000 on Windows 7 this week at work, which is at least now one less thing to worry about working around. :/ )
(Old crusty ERP systems, massive dependencies on all sorts of MS products, and frightening hard coded bits n bobs - makes for a slow migration off XP
The best part of Office 2000 is you don't need to activate it, which means you CAN still use it.
Unlike Office 2003 and 2007, for which Microsoft has shut down the online activation server for, and refuses to reactivate 2003 via phone anymore.
As if our 150 Office 2003 licenses screamed out in terror all at once and then were null routed.
I suppose I was unclear too.
You are correct there is no such thing as a permit to jam, and that they can't actively jam.
But to the issue of if they want to block it, there are other means to do so and those means are fine.
I mean to point out that the desire to block the radio signal isn't the problem and can even be done the right way. It was specifically the active transmitting that was the problem.
Which really is the best way.
With how people treat property, I can see some people desiring to prevent particular RF upon it. And as long as they don't affect or interfere with anyone else at all (intentionally or otherwise) I don't really see any moral issue with letting them do so.
Of course active jammers simply blast out RF at high wattage, typically bleeding over into other frequencies. There's just few realistic ways to use one and NOT affect someone else.
Those few exceptions are the only reason the devices shouldn't be out right illegal to buy.
As with all good things in life, it's how you use it that counts.
They were fined for active jamming. There is nothing wrong with passive blocking.
Quite a few industrial buildings constructed with steal walls already do this inadvertently, and there is nothing illegal about it.
However once you start actively transmitting signals you are not licensed to do, that is when you cross the line to breaking the law.
My 26 year old brother in law is pretty annoyed because he spends a lot of his free time tinkering with big blocks of them and now he can't get anymore.
Have your brother in law google for "neocube" or even "spherical rare earth magnets"
They are still available for sale from lots of other venders, both in similar sets as buckyballs and in bulk (the latter sounds more reasonable for him from your description)
Charlie Wilcox said it best
Does that huge savings factor in the cost of credit monitoring services after Sony releases your personal info and credit card to the public?
What about the months of downtime during which you won't be able to use the PS4 let alone watch netflix, because some kids hack into and take down their network?
It's like spending a dollar to save a penny...
I don't see how spreading out parts of a system that operate in the many GHz range is going to help performance.
But that is why they are doing this, to not spread them out like we are right now, to avoid the performance problems we have right now.
In your computer, your CPU is in one package, the RAM in another, the GPU in another. They all attach to extremely long wires on a device known as a mother board.
Instead of having one wafer with 1000 CPUs on it, broken apart and packaged in huge plastic boxes to be connected to other components over very long wires like we currently do, they will have one wafer with 1000 different chips on it each a component of a computer.
Instead of the CPU being hundreds of mm away from the RAM, they plan on putting them within 1mm of each other on the same wafer.
Your entire computer will consist of a wafer being able to fit in a plastic package smaller than your current CPU, except it will be everything on your motherboard and that is plugged into that motherboard, all in one chip.
If our mess of huge wires on motherboards lets us reach 10ghz with liquid cooling right now, imagine when the circuits are thousands of times shorter using this new method.
by Kittenman (971447)
or maybe the simpler version
1: Become little old lady
2: Profit!
You have a strange definition of "simpler" my friend
The same reason a particle right next to the event horizon feels the black holes gravity stronger than a different particle, say one in your own body, which is very far away from the black hole and thus not pulled on it as much (aka at all)
Are you claiming the particle near the black hole gets pulled in, and magically the particle in your own body light years away should also get pulled in? Then why are you asking why your body particle doesn't get sucked in too?
The answer is distance. Gravity is stronger the less of it you have.
In what you quoted, the mater particle was closer and got sucked in, while the antimatter particle was further and far enough away NOT to be sucked in.
Replace either of those particles with the opposit, make them both matter, or both antimatter.. or just flip both. The exact same thing will happen. The trait of being antimatter or just matter has no effect on it.
Thanks for the tips. I'm definitely very interested in ram disk-ing them, and going read-only for normal operations.
I actually do use IDE to CF adapters already, although just as a direct HD replacement for the C: drive. Some of the DOS systems can't address disks(well, partitions) larger than 2gb anyway.
In one case the 98 system drives a 6 foot vinyl cutter machine, and the data files are created in a client program on an XP desktop. But the cutter software and drivers work with a custom PCI card that, along with a serial port, tell the machine what to do. I can't get either the core software or drivers to work under 2k or newer.
I currently use a CF card (plenty of backup cards in the desk next to it) for the C drive, which I can reimage to a bad or new card (bad as in windows broke itself, or someone broke windows)
D: is a spinny disk still.
98 USB support is pretty crappy, but I use that none the less to transfer files to it. (a different driver for each brand flash drive, really?) but have always wanted to try and get a network link up to the file server, even if read only and one way. I've been putting it off until I had a better setup for the whole thing to implement anyway, and this certainly qualifies.
Also, three of our five surface mount assembly lines have pcb screen printer machines still on DOS.
These guys use a couple ISA IO cards to drive the actual hardware. This I've managed to virtualize using a usb2isa adapter and virtualbox. Which also let me add networking support through the host, and all running on modern hardware with a linux kernel as the host.
After going the CF as C: route for awhile, it was still annoying using the on-board software to create machine programs when the nice GUI app was so much easier to use.
Now a CIFS mount puts a file server folder on the host pc, which is mounted as a drive letter under the VM, with the C: drive being a copy-on-write setup (I posted about that method earlier up in the thread)
I even have a 95 computer driving an xray machine (for detecting defects in mosfet chips) where the software has the most stupid thing I've ever seen in my life, making it a pain to moderalize.
The software doesn't use real timing loops, but hard coded 'for' loops of a fixed length, and uses this for bit-banging purposes on the serial control lines.
The CPU must be an Intel Pentium (one), and must be between 75mhz and 120mhz.
Any faster, or slower, and the timing loops are off too far for it to communicate with the machine properly.
The thing was already an old install when I got there, with no backups of course, misplaced serial keys, and the company that made it is no longer in business.
I'm completely at a loss what to do on this thing to avoid using the existing install, or virtualize it in any way to keep the timing proper.
So far I've resorted to a clonezilla backup image which was converted into a restore cd.
Drop the cd in, reboot, hit enter two or three times and wait a minute. When it's done restoring it reboots back to windows.
Apparently they have to do this at least once a month (but at least no longer eats up my time!)
On one hand, these things are quite the pain in the side to have to keep running.
On the other, most of these things are so expensive it's actually pretty cost effective to spend numerous hours of my time with such bandaid solutions.
At this point the easier and faster it is for the operators to do a restore, the better!
Hell, I'd love to see just creative and competent un-paid-for review of a given video game. Between the thirst for ad money, and pressure from gaming companies? Damn, you know?
Definately wading into offtopic I know, but would you settle for creative, comedic, nostalgic, and un-paid-for-by-gaming-companies?
The closest I know of, and one of my personal favorites, is the angry video game nerd
Certainly not on the same level (or even game) as Siskell and Ebert, but entertaining in a different way none the less, and it is obviously a work of love and not money.
Just thought I'd share.
That is quite an interesting solution!
I just wanted to see if you've ever played with BartPE before?
It's main function is to take a windows xp (or 2k i believe) installation cd, a folder of special packages to include, and optional custom config files (ie network settings) all as input.. and gives you a bootable ISO image as output.
Obviously it's meant to create a boot cd/dvd, but using syslinux similar to how you do, one can boot that ISO directly off a USB flash device as well.
Flash makes it fast, and easy to overwrite the ISO for any system upgrades. No optical media slowdown either.
ISO makes it read only while running from a RAM disk, so is quite fast.
For just running a web browser, it at least gives you a slightly newer kernel and base system to build upon.
Still, I'll have to play around with your method too, as I have some old legacy 95 and 98 boxes at work I need to keep alive for the foreseeable future, where in some of those cases virtualization isn't an option.
(I've managed to virtualize custom ISA cards, but can't say the same for custom PCI cards)
Thank you.
For VirtualBox, the method I use is slightly different but gives similar results in the end.
This must be done from the command line with the vboxmanage.exe tool, I'm not aware of a GUI way to do it.
I have a 'template' VM with fully setup windows and configured how I want it.
Then I make a new 'guest' VM (from scratch) and copy the template disk image to a new name (cloned, from virtual media manager), from template.vdi to guestbox.vdi, and then I use a command line tool to set the new disk image immutable, so it can not be changed again.
vboxmanage modifyhd whereever/guestbox.vdi --type immutable
Then point the guest vm to the guestbox.vdi image under settings -> storage.
Each time the VM boots, disk writes go into a seperate copy-on-write file, which gets deleted once the VM is powered down. A "revert" action takes as long as a delete command unlinking an inode.
When I need to make updates, I do that in my template vm, then copy over the vdi setting it immutable again. Copy the new guest image over the old one, and the VM is updated.