Code signing provides some assurance that you are getting what you think you are getting, but it is not a panacea. Recall the Verisign certificate debacle Microsoft itself suffered a few years ago.
By accepting Verisign-signed code as legitimate, you are simply transfering your trust from the download site to Verisign. If Verisign doesn't do their job, you're still screwed.
I installed FireFox and Thunderbird on my parent's computer and they hated them. Their complaints seemed to boil down to the simple fact that they weren't Juno....sigh
A couple years ago, the hospital where I work replaced its medication dispensing machines (where the nurses get the medications for their patients) with new ones. The new machines run on Win2k -- not a stripped down, embedded version, but the full she-bang. About a week after the new machines were installed, they became infected with the latest exploit-de-jour (don't remember exactly which anymore) and became unusable. It was not pretty. Granted, this probably could have been avoided if things like IIS, Active-X, and such like had been disabled on the machines, but still it points to the danger in implementing a one-size-fits-all solution like Windows on a dedicated-purpose machine like these medication machines -- or ATMs for that matter.
I see a number of common threads between the Baroque Cycle and Cryptonomicon and wonder if your writing plans include extending into a future society with these threads (precious metals/economy, Europe/Southeast Asia, science/information, and of course Enoch Root)?
I suspect the world situation might have changed a tiny bit in the intervening 125+ years...
125 years ago, most of the countries in Europe were monarchies, with colonial empires, etc.
Do you not think this might be significant?
Re:Thousands per year
on
Paid To Spam
·
· Score: 2, Informative
I suspect it will be much less than that. Note that the Virtual MDA web site states that "Sendmails pays VirtualMDA users based on every CPU hour used." CPU time is not the same as the entire time your computer is switched on; only those CPU cycles used by their spamming software will accrue towards the $1/hr they offer. From my mail server:
last pid: 1164; load averages: 2.06, 2.03, 2.05 up 9+18:45:52 14:10:25
You can see that sendmail only accrued about a seconds worth of cpu time in the 9+ days it has been running here. Granted, a busy spam spewer would rack up cycles much faster, but it still wouldn't amount to the total length of time the computer has been running. I'd guess after a couple weeks of continuous spamming, you might have earned an hour or so of cpu time. Whoopee! Sign me up. Not.
This sounds very much like the "web map" feature of IBM's "Web Explorer" browser for OS/2 back in the early 90's. Web Map created an html page comprised of the links you had visited in that session, arranged in a heirarchical manner. I've not seen anything quite like it in other browsers.
I'm in graduate school and I've been using OOo for all my classes and have had no problems importing/exporting to Word or PowerPoint for my assignments.
We recently installed a computerized medication dispensing system at the hospital where I work. It is much like an ATM -- you sign on with a username and password, select a patient, and the medications prescribed for that patient are listed. Select a med and quantity, drawer opens and you're good to go. The database is stored centrally on a pharmacy computer, and the machine tracks inventory on each med so when it runs low they can send someone up to restock.
The system runs in Win2k, with all the superfluous cruft you mention: web browser, media player, yada, yada, yada. All this thing needs to do is validate the user, access a database, and open the proper drawer.
As it happens, shortly after they installed the system it picked up a Win32 virus from the network and all the machines in the building were disabled!
Does no one think of fitness for use when they design these things?
I find it interesting that according to the "conservative think tank The Progress & Freedom Foundation" government is supposed to "avoid entering markets where there are already private firms actively competing" yet in areas such as public education are expected to run more like businesses by controlling costs through program and staff cuts and so on.
C'mon now guys; you can't have it both ways. If you want them to act like businesses, you have to expect that they will explore "innovative options" like building their own fibre network and selling the excess bandwidth. That's just what a business would do in a similar situation, right?
"If Windows wasn't vulnerable until the patch was released, why was the patch released in the first place???"
While I agree with the sentiment that obscuring vulnerabilies cannot help security, to be fair I have to point out that the claim wasn't that "Windows wasn't vulnerable until the patch was released" but rather "Windows wasn't exploited until the patch was released."
I've had a few memorable jobs: I worked as a mechanic in a seasonal bike shop and the owner wanted to keep the shop open through the winter to sell ski equipment. Unfortunately, there was no heat in the shop. None. And in Wisconsin it gets cold in the winter. So the owner, in his benevolence, got a single kerosene heater for the shop. I spent the whole winter feeling like I'd been standing behind a bus all day, and it was still damn cold in there. I never took my jacket off at work, and only took off my gloves to work the cash register.
At the other end of the spectrum, I spent several years working as a (gas) welder in a factory. The nature of the work meant I had to wear a leather apron, long pants and long sleeve shirts year-round, even when the outside temperature was over 90F and even higher on the factory floor with dozens of welding torches going. I used to run a compressed air hose under my shirt and apron to keep some air moving next to my skin...
Don't you think that Mr Rowe could use the same logic as the MS lawyers and claim that MS is infringing on HIS good name? Perhaps he should demand that MS hand over the "microsoft.com" domain to him!
It makes as much sense as what the MS lawyers are doing.
Easilly adding people to a discussion who are not necessarily privvy everything else a group discusses is exactly what email gives you and usenet doesn't.
Sure it does. You can CC: to whomever you wish to include, and use "Reply All" to respond to them. Or if you have an nntp server available, you can just add the newsgroup name to the recpient list to move the whole works to nntp.
Itused to be that companies ran their own nntp servers for internal discussion, customer support, etc. Although these used the same software and protocols as usenet, the fact that they were local, not distributed meant there were in fact not usenet and all that implies.
I don't see that this "new" idea offers anything compellingly superior to what has already been available for years.
Eco is a scholar; it should be no surprise that he should speak as one. Is it not embarrassing that an Italian can speak English better than a native speaker?
Slashdot Mirror
Code signing provides some assurance that you are getting what you think you are getting, but it is not a panacea. Recall the Verisign certificate debacle Microsoft itself suffered a few years ago. By accepting Verisign-signed code as legitimate, you are simply transfering your trust from the download site to Verisign. If Verisign doesn't do their job, you're still screwed.
I installed FireFox and Thunderbird on my parent's computer and they hated them. Their complaints seemed to boil down to the simple fact that they weren't Juno. ...sigh
A couple years ago, the hospital where I work replaced its medication dispensing machines (where the nurses get the medications for their patients) with new ones. The new machines run on Win2k -- not a stripped down, embedded version, but the full she-bang. About a week after the new machines were installed, they became infected with the latest exploit-de-jour (don't remember exactly which anymore) and became unusable. It was not pretty. Granted, this probably could have been avoided if things like IIS, Active-X, and such like had been disabled on the machines, but still it points to the danger in implementing a one-size-fits-all solution like Windows on a dedicated-purpose machine like these medication machines -- or ATMs for that matter.
I see a number of common threads between the Baroque Cycle and Cryptonomicon and wonder if your writing plans include extending into a future society with these threads (precious metals/economy, Europe/Southeast Asia, science/information, and of course Enoch Root)?
I suspect the world situation might have changed a tiny bit in the intervening 125+ years...
125 years ago, most of the countries in Europe were monarchies, with colonial empires, etc.
Do you not think this might be significant?
I suspect it will be much less than that. Note that the Virtual MDA web site states that "Sendmails pays VirtualMDA users based on every CPU hour used." CPU time is not the same as the entire time your computer is switched on; only those CPU cycles used by their spamming software will accrue towards the $1/hr they offer. From my mail server:
last pid: 1164; load averages: 2.06, 2.03, 2.05 up 9+18:45:52 14:10:25
118 processes: 3 running, 114 sleeping, 1 zombie CPU states: 0.0% user, 99.2% nice, 0.8% system, 0.0% interrupt, 0.0% idle
Mem: 170M Active, 118M Inact, 89M Wired, 17M Cache, 61M Buf, 106M Free
Swap: 512M Total, 484K Used, 511M Free
PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU CPU COMMAND
79891 smmsp 2 0 1880K 1168K poll 0 0:14 0.00% 0.00% mimedef
636 smmsp -6 0 25880K 24908K piperd 0 0:08 0.00% 0.00% perl
835 smmsp -6 0 14304K 13812K piperd 0 0:03 0.00% 0.00% perl
73986 smmsp 2 0 2188K 984K select 1 0:01 0.00% 0.00% mimedef
243 smmsp 18 0 2384K 1224K pause 0 0:01 0.00% 0.00% sendmail
73986 smmsp 18 0 2388K 1760K pause 0 0:00 0.00% 0.00% sendmail
You can see that sendmail only accrued about a seconds worth of cpu time in the 9+ days it has been running here. Granted, a busy spam spewer would rack up cycles much faster, but it still wouldn't amount to the total length of time the computer has been running. I'd guess after a couple weeks of continuous spamming, you might have earned an hour or so of cpu time. Whoopee! Sign me up. Not.
At least this is a more honest approach to spamming than covertly installing spam spoftware via worms and other exploits.
:0 H:| send-mails|sendermailer|\w offer|wwwreports|activeserv ermail|citymailserver|\e mailserver|dedicatedemail servers|emaildeskserver|\r versgrab|instantvoicemailse rver|mailserver2Grab|\r biz|mailserverboss|sendm ails|mailserveruser|\v ers|openbsdmailservers| ourmailservers|ourskymail|\r ver|proofmailer|savedmessage| sqlemailserver|\v er|worldmailserver |yahoomailserver|\o odserversemail|foods erversemail|hotmailservers|\r vermail|myskymailserver|ntmail servers|worldwidemailserver|\o m|\| proudmailer)\.net) /dev/null
That said, "sendmails.com" has ahd a generous entry in my procmail spam recipes for some time now:
* ((4mails|emials|mailinthebox|mailnotice|mailspool
sendmial|wwwanswers|ww
cookmailserver|dedicated
fastmailserver|imailse
mailserver3Grab|mailserve
marksmailserver|myemailser
server|privatemailse
themailorderserver|turbomailser
airmailserver|fanmailserver|f
indiamailserver|ise
zapemailserver)\.c
(sendmails|dailyemail)\.org|\
(sendermailer
All those domains belong to sendmails.com and I suspect there are even more by now. I keep adding them all the time.
This sounds very much like the "web map" feature of IBM's "Web Explorer" browser for OS/2 back in the early 90's. Web Map created an html page comprised of the links you had visited in that session, arranged in a heirarchical manner. I've not seen anything quite like it in other browsers.
I'm in graduate school and I've been using OOo for all my classes and have had no problems importing/exporting to Word or PowerPoint for my assignments.
YMMV, of couse.
They also claim that MS Office is better because it uses XML. Who writes this stuff, anyway?
We recently installed a computerized medication dispensing system at the hospital where I work. It is much like an ATM -- you sign on with a username and password, select a patient, and the medications prescribed for that patient are listed. Select a med and quantity, drawer opens and you're good to go. The database is stored centrally on a pharmacy computer, and the machine tracks inventory on each med so when it runs low they can send someone up to restock.
The system runs in Win2k, with all the superfluous cruft you mention: web browser, media player, yada, yada, yada. All this thing needs to do is validate the user, access a database, and open the proper drawer.
As it happens, shortly after they installed the system it picked up a Win32 virus from the network and all the machines in the building were disabled!
Does no one think of fitness for use when they design these things?
I find it interesting that according to the "conservative think tank The Progress & Freedom Foundation" government is supposed to "avoid entering markets where there are already private firms actively competing" yet in areas such as public education are expected to run more like businesses by controlling costs through program and staff cuts and so on.
C'mon now guys; you can't have it both ways. If you want them to act like businesses, you have to expect that they will explore "innovative options" like building their own fibre network and selling the excess bandwidth. That's just what a business would do in a similar situation, right?
ChaoticChaos wrote:
While I agree with the sentiment that obscuring vulnerabilies cannot help security, to be fair I have to point out that the claim wasn't that "Windows wasn't vulnerable until the patch was released" but rather "Windows wasn't exploited until the patch was released."
There is a significant difference here...
Here's what NetCraft shows for SCO today:
OS, Web Server and Hosting History for www.thescogroup.com
OS Server Last changed IP address Netblock Owner
Linux Apache 3-Feb-2004 216.250.128.21 NFT
NetBSD/OpenBSD Apache 2-Feb-2004 216.250.128.21 NFT
And when you go to the the Netblock owner and peruse the SCO entries there, you see that 19 of the 22 SCO servers shown are apparently running linux.
You may draw whatever conclusions you wish from this... :-)
'nuff said, Darrel.
I've had a few memorable jobs: I worked as a mechanic in a seasonal bike shop and the owner wanted to keep the shop open through the winter to sell ski equipment. Unfortunately, there was no heat in the shop. None. And in Wisconsin it gets cold in the winter. So the owner, in his benevolence, got a single kerosene heater for the shop. I spent the whole winter feeling like I'd been standing behind a bus all day, and it was still damn cold in there. I never took my jacket off at work, and only took off my gloves to work the cash register.
At the other end of the spectrum, I spent several years working as a (gas) welder in a factory. The nature of the work meant I had to wear a leather apron, long pants and long sleeve shirts year-round, even when the outside temperature was over 90F and even higher on the factory floor with dozens of welding torches going. I used to run a compressed air hose under my shirt and apron to keep some air moving next to my skin...
Don't you think that Mr Rowe could use the same logic as the MS lawyers and claim that MS is infringing on HIS good name? Perhaps he should demand that MS hand over the "microsoft.com" domain to him!
It makes as much sense as what the MS lawyers are doing.
In fact, Pine has provided the same interface to email and usenet for ages.
So does Outlook, for that matter.
Easilly adding people to a discussion who are not necessarily privvy everything else a group discusses is exactly what email gives you and usenet doesn't.
Sure it does. You can CC: to whomever you wish to include, and use "Reply All" to respond to them. Or if you have an nntp server available, you can just add the newsgroup name to the recpient list to move the whole works to nntp.
Itused to be that companies ran their own nntp servers for internal discussion, customer support, etc. Although these used the same software and protocols as usenet, the fact that they were local, not distributed meant there were in fact not usenet and all that implies.
I don't see that this "new" idea offers anything compellingly superior to what has already been available for years.
How is this so much better than nntp and a threaded news client, both of wwhich have been availavle for many years?
Actually, the Progressive was scooped on this story by the Madison Press Connection. I have a copy of the PC issue with the story here...
Back in the late 80's I remember hearing a quite authoratative statement that modems would never be able to go faster than 9600bps.
Eco is a scholar; it should be no surprise that he should speak as one. Is it not embarrassing that an Italian can speak English better than a native speaker?
to use SCSI...