Since that last post is mod'ed up as informative I'll chip in with my anecdotal experience too, just to counter.:-)
We use Apache-SSL. We got Apache 1.3.12, iirc, on a pretty standard Redhat 6.1 (yeah I much prefer 6.2 too *g*) and it's never died. It seems plenty fast. I had no problems setting it up either, and Verisign's certificate installed fine.
Have to admit to not trying mod_ssl but I think the tone of the documentation was the deciding factor for me....
perhaps asimov is more your thing;) Still can't get over the fact that he invented the satelitte.
What's more I believe Arthur C. Clarke dreampt up the concept of the geostationary earth orbit communications satellite (two Ls, one T near each end)... OK I work in sat-comms but it seems like no-one can spell the word.
Yeah I find nmap pretty nifty too. My experience is that if a server has *any* ports open, __ and those aren't ports that one's ISP hijacks (kinda screws thing!):-( __ nmap -O has a pretty damn good guess at the OS (at least the family).
But if you subsititute tcpserver for inetd and limit ports to internal-side interface(s) then you simply won't have a port open, and nmap or anyone else won't find it. I'm not sure if cloaking is really cloaking if it just means not opening inet-side ports?
I only skimmed for now, but I'd reckon you have to alter the TCP stack in the kernel to change the SYN response, etc., to packets?? For example for a port to look totally closed to one person but not to another.
But then you would have to rely on IP to authenticate (at that stage anyway), which can be spoofed... hmm... nothing's ever easy, but these replacement servers sound interesting at least.
Convicted hackers should be *more* desireable from a corporate perspective as they have documentation substantiating their knowledge and are better able to "think like the enemy."
Whilst I agree with the fact that convicted hackers undoubtedly have certain proven skills, they also have another quality that IMHO makes them unhirable. They have no respect for authority.
While the job you offer them is "kool" or interesting maybe they'll work for you. But I don't believe you can trust them, or expect them to show any loyalty to your corporation.
If they get bored, or someone paying more comes along, whatever, they'll have no qualms using their privileged position within your organisation to do whatever damage they feel like.
I guess it's an argument you can apply to any convicted criminal, but maybe in this case the crime is particularly symptomatic of a lack of respect for society's boundaries.
Yep nice article, I like the part about going to see Wayne's World (II) with his son and seeing a character in that film is carrying one of his books:-)
I have come to Stevens pretty late, I didn't buy my first book until after his sad death. The improvement in my own understanding and craft is immense after reading his work. Quite often it's infuriating to read a technical book and have it pose more questions than it answers. With Stevens is very different. For me the UNP and APUE works are truly excellent.
This is a shame. When I saw Jurassic Park I was totally disappointed.. it was so hyped and the computer animation stood out to me just as much as that bouncing desk-lamp jumping on the beach ball. In fact worse.
In Star Wars, you could just tell that was a real plastic dustbin waddling around.. I personally didn't know if it was a person inside or a remote-controlled thing, but if they make a CG thing it would spoil the magic...
I think Kenny Baker himself puts it best:
if they don't use human beings these movies are in danger of looking like Disney cartoons...
Remember you're at the whim of whatever load balancer they possibly use, it might be currently balancing a lot on the Win2K machines for whatever reason. Best to run the tests from several source networks, over a period of time, say [plucks from air] daily for a week.
Now, if you look at the DNS for www.hotmail.com, it resolves to 6 address:
209.185.243.135, 209.185.243.7, 216.32.243.7, 216.33.151.7,
216.33.238.7, 64.4.10.7
Redirect wise, I am equally redirected to lc[1-6].law5.hotmail.passport.com.
Yes, you can build web sites that are interesting and full of eye-candy, yet still be fully
features-compliant such that it will work with all browsers
I dispute that. Your yourself had to add a caveat. You can't use frames, image maps or style sheets. Tables are a lottery.
It doesn't require a lot of extra work from the start, and is probably easier to
develop and maintain.
Probably implies you never actually tried. I am working on these issues at the moment, and you didn't convince me.
This is the whole point of HTML - the browser, whatever it may be, decides how to
render what you wrote
That maybe was the idea behind HTML at the start, but where have you been? What websites do you look at?! Every tag, every attribute, is co-erced and poluted to acheive layout effects by almost every site out there.
It's a noble aim to build a site that everyone can see, and also includes all the whizzy stuff that people on high-end machines expect to see.. but I simply disagree that it's easy.
building codes are legal statutes.. show me the law that says you must put ALT tags...
I guess we're arguing over where to draw a line.. you consider blind people a valid default defacto implied user of this site (or all sites, whatever), I guess I agree. I'm just not sure IBM can be expected to get everything right first time, and therefore it's a contractual matter between them and their client, if they wish to pass any costs on. I don't think it's disgusting, I think it's a mistake.
It has nothing to do with any laws or codes.
Maybe it should be though, that would be another matter, if we could legislate the RFCs into the statute books. I wonder, would it be SHOULD or MUST that was illegal to go against?:-)
IBM aren't saying they can't do it, they are saying, there's a cost involved.
So since there's no-one saying it's not technically feasible, I guess you are taking exception to the price IBM say it will cost.
How many pages on the site? How many images? How many megs of files. Does it use imagemap techniques that make ALT tages pretty useless anyway? I assume you know the answers to these questions, if you take exception to the cost IBM put forward.
I'm sure we could find someone who couldn't be catered for by most of these buildings.
If IBM were told to include ALT tags or asked to make the site accesible to text browsers and blind users, then they should fix it up free of charge.
If they weren't asked, the question is, should they have guessed.. perhaps the answer in this case is yes, but if something isn't stated clearly it's left to interpretation and different interpretations happen, later they are dealt with. I don't think that's "disgusting".
The language of the web is the language of the high-tech developed world. Whatever you think of the reasons, the merits or the future, the high-tech world now isn't South America, or vast parts of China or Asia. It's Western Europe and North America.
Feel free to counter with individual examples.. they are the exceptions that prove the rule.
As for the future, having the lead quite often assures dominance.
See mine and other posts about difference between fingerprints and watermarks...
I can recognise a piece of audio (from just a few seconds mostly:-) whatever file format, whether been played on the radio, CD, MP3 or 8-track, and with a 90% accuracy.
So why can't an algorithm.. this isn't a watermark, it's a fingerprint. Read the site carefully...
It's worth noting the differences between "watermark" and "fingerprint". A watermark is embedded within the bitstream, presumably inaudibly (or invisibly for an image). A fingerprint is like an MD5 hash, it takes the audio and generates a signature or fingerprint which identifies the track.
This technology is for generating fingerprints. i.e. it doesn't embed anything within the file. So it can't be used for tracking who ripped what CD.
They use something very similar to this at least here in the UK to generate radio airplay data. An automated system is fed the output of every monitored radio station, and recognises what songs are played by each.
There's some debate in my mind as to why if you accept something's illegal, you still want the right to link to it.
Would people be arguing so hard for the right to link to child porn? I don't think so. Because the right minded person agrees that child porn is wrong. So they can see the reasons why society might not want people to even link to it.
But in this case, what people don't accept is that DeCSS is wrong.
You have to choose your argument, is it a free speech one, or is it that DeCSS shouldn't be illegal?
In general when a law is seen as wrong, civil disobedience is the course of action the people take against it.
The issue of the absurdity of the ruling (links to links, search engines, etc.) is a side-issue in my opinion. The nature of the internet makes current legislative techniques pretty useless in all manor of areas, but that isn't the point here.
Probably because of the limited penetration of cable modem providers in the UK. We get NTL coming to the door, phoning up, etc., all the time trying to get us to take their TV/phone service, but ask them about cable modems, and it's "soon", "we'll get back to you", or mostly "what?!".
It is Energis, you dial an access code for calls, and a different access code for internet calls. It's true the analogue call goes through my BT local loop.
Anyone using surftime has to have BT too. My point, I think:-), was that the "freeserve time" offer doesn't use the BT Surftime IP or financial infrastructure.
Yes true indeed, the analogue signal goes thru my BT local loop, onto the Energis network. I really meant my internet connection doesn't go thru BT's surftime infrastructure, or use that package's billing structure.
Slashdot Mirror
We use Apache-SSL. We got Apache 1.3.12, iirc, on a pretty standard Redhat 6.1 (yeah I much prefer 6.2 too *g*) and it's never died. It seems plenty fast. I had no problems setting it up either, and Verisign's certificate installed fine.
Have to admit to not trying mod_ssl but I think the tone of the documentation was the deciding factor for me....
aww what did i do!?!
hello! what if another site responded to a reported compromise with that phrase?? the shoe's on the other foot now isn't it?
What's more I believe Arthur C. Clarke dreampt up the concept of the geostationary earth orbit communications satellite (two Ls, one T near each end)... OK I work in sat-comms but it seems like no-one can spell the word.
But if you subsititute tcpserver for inetd and limit ports to internal-side interface(s) then you simply won't have a port open, and nmap or anyone else won't find it. I'm not sure if cloaking is really cloaking if it just means not opening inet-side ports?
I only skimmed for now, but I'd reckon you have to alter the TCP stack in the kernel to change the SYN response, etc., to packets?? For example for a port to look totally closed to one person but not to another.
But then you would have to rely on IP to authenticate (at that stage anyway), which can be spoofed... hmm... nothing's ever easy, but these replacement servers sound interesting at least.
You might want to protect the & symbol with quotes or escape it...
Incidentally with wget -S (show headers) I noticed the redirection is to Location: http:/www.slashdot.org [sic] i.e. only one slash!
And the server? Microsoft-IIS/5.0 of course. :-)
i couldn't bring myself to put that *g*
Whilst I agree with the fact that convicted hackers undoubtedly have certain proven skills, they also have another quality that IMHO makes them unhirable. They have no respect for authority.
While the job you offer them is "kool" or interesting maybe they'll work for you. But I don't believe you can trust them, or expect them to show any loyalty to your corporation.
If they get bored, or someone paying more comes along, whatever, they'll have no qualms using their privileged position within your organisation to do whatever damage they feel like.
I guess it's an argument you can apply to any convicted criminal, but maybe in this case the crime is particularly symptomatic of a lack of respect for society's boundaries.
I have come to Stevens pretty late, I didn't buy my first book until after his sad death. The improvement in my own understanding and craft is immense after reading his work. Quite often it's infuriating to read a technical book and have it pose more questions than it answers. With Stevens is very different. For me the UNP and APUE works are truly excellent.
In Star Wars, you could just tell that was a real plastic dustbin waddling around.. I personally didn't know if it was a person inside or a remote-controlled thing, but if they make a CG thing it would spoil the magic...
I think Kenny Baker himself puts it best:
Now, if you look at the DNS for www.hotmail.com, it resolves to 6 address:
209.185.243.135, 209.185.243.7, 216.32.243.7, 216.33.151.7, 216.33.238.7, 64.4.10.7
Redirect wise, I am equally redirected to lc[1-6].law5.hotmail.passport.com.
Addresses:
lc1.law5.hotmail.passport.com (209.185.243.7)
lc2.law5.hotmail.passport.com (209.185.243.135)
lc3.law5.hotmail.passport.com (216.33.151.7)
lc4.law5.hotmail.passport.com (216.32.243.7)
lc5.law5.hotmail.passport.com (216.33.238.7)
lc6.law5.hotmail.passport.com (64.4.10.7)
Look familiar?
I wan't directed in 200 tries to anywhere other than law5, anyone know the significance of that?
I dispute that. Your yourself had to add a caveat. You can't use frames, image maps or style sheets. Tables are a lottery.
Probably implies you never actually tried. I am working on these issues at the moment, and you didn't convince me.
That maybe was the idea behind HTML at the start, but where have you been? What websites do you look at?! Every tag, every attribute, is co-erced and poluted to acheive layout effects by almost every site out there.
It's a noble aim to build a site that everyone can see, and also includes all the whizzy stuff that people on high-end machines expect to see.. but I simply disagree that it's easy.
I guess we're arguing over where to draw a line.. you consider blind people a valid default defacto implied user of this site (or all sites, whatever), I guess I agree. I'm just not sure IBM can be expected to get everything right first time, and therefore it's a contractual matter between them and their client, if they wish to pass any costs on. I don't think it's disgusting, I think it's a mistake.
It has nothing to do with any laws or codes.
Maybe it should be though, that would be another matter, if we could legislate the RFCs into the statute books. I wonder, would it be SHOULD or MUST that was illegal to go against? :-)
So since there's no-one saying it's not technically feasible, I guess you are taking exception to the price IBM say it will cost.
How many pages on the site? How many images? How many megs of files. Does it use imagemap techniques that make ALT tages pretty useless anyway? I assume you know the answers to these questions, if you take exception to the cost IBM put forward.
If IBM were told to include ALT tags or asked to make the site accesible to text browsers and blind users, then they should fix it up free of charge.
If they weren't asked, the question is, should they have guessed.. perhaps the answer in this case is yes, but if something isn't stated clearly it's left to interpretation and different interpretations happen, later they are dealt with. I don't think that's "disgusting".
Feel free to counter with individual examples.. they are the exceptions that prove the rule.
As for the future, having the lead quite often assures dominance.
I can recognise a piece of audio (from just a few seconds mostly :-) whatever file format, whether been played on the radio, CD, MP3 or 8-track, and with a 90% accuracy.
So why can't an algorithm.. this isn't a watermark, it's a fingerprint. Read the site carefully...
This technology is for generating fingerprints. i.e. it doesn't embed anything within the file. So it can't be used for tracking who ripped what CD.
They use something very similar to this at least here in the UK to generate radio airplay data. An automated system is fed the output of every monitored radio station, and recognises what songs are played by each.
Maybe people like it that there are some places on earth they can't be reached by phone.
Would people be arguing so hard for the right to link to child porn? I don't think so. Because the right minded person agrees that child porn is wrong. So they can see the reasons why society might not want people to even link to it.
But in this case, what people don't accept is that DeCSS is wrong.
You have to choose your argument, is it a free speech one, or is it that DeCSS shouldn't be illegal?
In general when a law is seen as wrong, civil disobedience is the course of action the people take against it.
The issue of the absurdity of the ruling (links to links, search engines, etc.) is a side-issue in my opinion. The nature of the internet makes current legislative techniques pretty useless in all manor of areas, but that isn't the point here.
Or should I just know?
Probably because of the limited penetration of cable modem providers in the UK. We get NTL coming to the door, phoning up, etc., all the time trying to get us to take their TV/phone service, but ask them about cable modems, and it's "soon", "we'll get back to you", or mostly "what?!".
Anyone using surftime has to have BT too. My point, I think :-), was that the "freeserve time" offer doesn't use the BT Surftime IP or financial infrastructure.
Yes true indeed, the analogue signal goes thru my BT local loop, onto the Energis network. I really meant my internet connection doesn't go thru BT's surftime infrastructure, or use that package's billing structure.