this is conceptually similar to http://bhami.com/rosetta.html, but my table focuses on design choices, specifically performance and security tuning, not daily operations.
note: i couldn't find a value for windows TCP FIN timeout (fin-wait-[12]). The TcpTimedWaitDelay that somebody else suggested is for the TCP TIME_WAIT.
You make good arguments, but reliability and storage capacities are only two of the issues involved.
The largest benefit is performance. Gamers invest so much in their system bus, cpu, and memory, but disk i/o is 5 orders of magnitude slower. if performance is key, a small investment in SCSI improves disk intensive apps considerably.
1. IDE requires CPU cycles. SCSI buses have embedded ICs that handle queuing of data and such, freeing the CPU to perform other tasks.
2. IDE channels are shared. Most IDE ribbons allow for two devices, but one device can talk on the channel at a time, much like CSMA/CD, whereas SCSI allows you to daisy-chain 7 or more devices to simultaeneously talk on the same channel.
3. IDE is not bidirectional. similar to (2), this causes read/writes to wait.
one reason that you didn't mention, that falls under reliability is SCA. this interface combines signalling, power input and data i/o, which enables hot-swappable SCSI drives, critical to any non-appliance or diskless system that requires high availability.
There was a thread (RE: TCP/IP skills) today on the security-focus pen-test mailing lists discussing something similar and I think the book Network Security Hacks is a perfect example. Each trick/hack demonstrates a high-level concept applicable to a single tool.
So, the argument is, is it sufficient to be well-versed in tools or is it more important to possess a strong understanding of the underlying protocols?
Of course, we could take it to another level and ask why there are so many books that take a bottom-up approach, as opposed to looking a security as a process and beginning the discussion of security using high-level goals. I'd be interested in a comprehensive book that looks at security by assessing risk, modelling threats, defining a TCB, and finally using the tools/technology that satisfy those requirements.
and I have to say that all of them have weak content.
I don't proclaim to be an expert by any means, but security cannot be administered in such small nuggets of mostly outdated tricks/hacks.
Example: Hack 40: Block OS Fingerprinting. It briefly mentions nmap's -O option and then immediately demonstrates a fairly complex pf filter on OpenBSD. Does the author explain _any_ of the valid and invalid TCP flags that nmap uses? no. Does the author explain any adverse affects of silently dropping _all_ traffic that is satisfied by this complex ruleset? no. Does the author ever mention passive OS fingerprinting? Does it even mention the simplest/non-intrusive methods used to fool active OS fingerprinters like changing the IP default TTL or manipulating the TCP initial sequence number generation parameters? How do we port these rulesets to ipfw? netfilter? PIX conduits? In short, for this rule to be the slightest bit useful, we must assume that it works perfectly (does not drop a single legitimate frame/packet/segment) and simply cut-and-paste this solution in to our bastion host and hope it works.
In that sense, you might as well be dealing with the Windows-centric mindset of cut-and-paste and hope it works.
the graduating student who has performed best in a particular subject area is given a book prize
You seem to imply that there are multiple subject areas, so I'll list multiple books, broken down by subject.
The assumption is that the student will actually want a copy of this book, which might not be the case with some other recommendations like The Art of War or Gödel, Escher, Bach.
Since the student is graduating, how about How Would You Move Mount Fuji?, by William Poundstone. It's subtitled "Microsoft's Cult of the Puzzle - How the World's Smartest Company Selects the Most Creative Thinkers" and describes the roots of logic questions in interviews (specifically Microsoft's notoriously difficult interviews).
Since you mentioned Java or Linux, we can probably assume that the student knows his Design Patterns and UNIX Power Tools. How about Hardware Hacking: Have Fun While Voiding Your Warranty, by Joe Grand, Ryan Russell, and Kevin Mitnick?
That is hard to say. Some Ad networks that were hit by this IIS problem had cascading problems throughout their distribution networks.
One site that I host (FreeBSD/Apache) has many banner ads and popups. The logic of the site layout though, loads the ads first, then the site, so we appeared to be down.
Also, the javascript used to spawn the popups were hosted externally also. Our XP users also went into an infinite loop of popups...
what did you use as your checksum? sniffing the wire from any IE googlebar session with give you the URI parameters in the GET request. the checksum algorithm used is the proprietary secret.
Most webmasters are interested in ranking changes for their website during the Google Dance. But, besides that, many also want to know about their new PageRank values. Normally, the Google Toolbar fetches the PageRank values from the data center that is specified by its IP address in the actual DNS record for www.google.com. Hence, when the Google Dance begins, the Toolbar usually displays the old PageRank values.
Google submits PageRank values in simple text files to the Toolbar. In former times, this happened via XML. The switch to text files occured in August 2002. The PageRank files can be requested directly from the domain www.google.com. Basically, the URLs for those files look like follows (without line breaks):
There is only one line of text in the PageRank files. The last cipher in this line is PageRank.
The parameters incorporated in the above shown URL are inevitable for the display of the PageRank files in a browser. The value "navclient-auto" for the parameter "client" identifies the Toolbar. Via the parameter "q" the URL is submitted. The value "Rank" for the parameter "features" determines that the PageRank files are requested. If it is omitted, Google's servers still transmit XML files. The parameter "ch" transfers a checksum for the URL to Google, whereby this checksum can only change when the Toolbar version is updated by Google.
The PageRank files that are requested by the Google Toolbar are cached by the Internet Explorer. So, their URLs and the checksums can simply been found out by having a look at the folder Temporary Internet Files. Knowing the checksums of your URLs, you can view the PageRank files in your browser. Since the PageRank files are kept in the browser cache and, thus, are clearly visible, and as long as requests are not automated, watching the PageRank files in a browser should not be a violation of Google's Terms of Service. However, you should be cautious. The Toolbar submits its own User-Agent to Google. It is:
Mozilla/4.0 (compatible; GoogleToolbar 1.1.60-deleon; OS SE 4.10)
1.1.60-deleon is a Toolbar version which may of course change. OS is the operating system that you have installed. So, Google is able to identify requests by browsers, if they do not go out via a proxy and if the User-Agent is not modified accordingly.
Now, let's see how we can get the new PageRank values. Taking a look at IE's cache, you will notice that the PageRank files are not requested from the domain www.google.com but from IP addresses like 216.239.33.102. Additionally, the PageRank files' URLs often contain a parameter "failedip" that is set to values like "216.239.35.102;1111" (Its function is not absolutely clear). However, it is pretty easy to get the new PageRank values. Simply modify the IP addresses in the URL so that the request goes to one of the data centers that already has the new index. The necessary information is given above.
The URI that google uses to phone home was reverse engineered in the past and google promptly changed its algorithm.
This is fairly easy to do since the google toolbar phones home for updates as well. and, well, you can't block the request since it defeats the functionality of having the pagerank feature enabled to begin with.
Though, otoh, I don't see any good reason for google preventing this functionality to spread to other browsers/os since they most likely value the surfing habits of more users more than any value from locking the pagerank to IE only.
Some notes on the "Who wrote Linux" Kerfuffle
on
More From Tanenbaum
·
· Score: -1, Redundant
Ken Brown's Motivation, Release 1.2 Background
On 20 May 2004, I posted a statement refuting the claim of Ken Brown, President of the Alexis de Tocqueville Institution, that Linus Torvalds didn't write Linux. My statement was mentioned on Slashdot, Groklaw, and many other Internet news sites. This attention resulted in over 150,000 requests to our server in less than a day, which is still standing despite yesterday being a national holiday with no one there to stand next to it saying "You can do it. You can do it." Kudos to Sun Microsystems and the folks who built Apache. My statement was mirrored all over the Internet, so the number of true hits to it is probably a substantial multiple of that. There were also quite a few comments at Slashdot, Groklaw, and other sites, many of them about me. I had never engaged in remote multishrink psychoanalysis on this scale before, so it was a fascinating experience. The Brown Book
I got an advance copy of Ken Brown's book. I think it is still under embargo, so I won't comment on it. Although I am not an investigative reporter, even I know it is unethical to discuss publications still under embargo. Some of us take ethics more seriously than others. So I won't even reveal the title. Let's call it The Brown Book. There is some precedent for nicknaming books after colors: The International Standard for the CD-ROM (IS 10149) is usually called The Red Book.
Suffice it to say, there is a great deal to criticize in the book. I am sure that will happen when it is published. I may even help out.
Brown's Motivation
What prompted me to write this note today is an email I got yesterday. Actually, I got quite a few:-) , most of them thanking me for the historical material. One of yesterday's emails was from Linus, in response to an email from me apologizing for not letting him see my statement in advance. As a matter of courtesy, I did try but I was using his old transmeta.com address and didn't know his new one until I got a very kind email from Linus' father, a Finnish journalist.
In his email, Linus said that Brown never contacted him. No email, no phone call, no personal interview. Nothing. Considering the fact that Brown was writing an explosive book in which he accused Linus of not being the author of Linux, you would think a serious author would at least confront the subject with the accusation and give him a chance to respond. What kind of a reporter talks to people on the periphery of the subject but fails to talk to the main player?
Why did Brown fly all the way to Europe to interview me and (and according to an email I got from his seat-mate on the plane) one other person in Scandinavia, at considerable expense, and not at least call Linus? Even if he made a really bad choice of phone company, how much could that cost? Maybe a dollar? I call the U.S. all the time from Amsterdam. It is less than 5 cents a minute. How much could it cost to call California from D.C.?
From reading all the comments posted yesterday, I am now beginning to get the picture. Apparently a lot of people (still) think that I 'hate' Linus for stealing all my glory (see below for more on this). I didn't realize this view was so widespread. I now suspect that Brown believed this, too, and thought that I would be happy to dump all over Linus to get 'revenge.' By flying to Amsterdam he thought he could dig up dirt on Linus and get me to speak evil of him. He thought I would back up his crazy claim that Linus stole Linux from me. Brown was wrong on two counts. First, I bear no 'grudge' against Linus at all. He wrote Linux himself and deserves the credit. Second, I am really not a mean person. Even if I were still angry with him after all these years, I wouldn't choose some sleazy author with a hidden agenda as my vehicle. My home page gets 2500 hits a week. If I had something to say, I could put it there.
When The Brown Book comes out, there will no doubt be a lot of publicity in the mainstream media. Any of you with conta
The power outage began in First Energy's Ohio operation. This company was the model for the film, "China Syndrome." Really. Then First Energy's Pennsylvania unit fumbled the power ball. These are the very same Homer Simpsons who melted Three Mile Island.
Next, Niagara-Mohawk blacked out and took down New York. Ni-Mo's claim to fame goes back to the 1980s. They built a nuclear plant, Nine Mile Point, a brutally costly piece of hot junk for which NiMo and its partner companies charged billions to New York State's electricity ratepayers.
To pull off this grand theft by kilowatt, the NiMo-led consortium fabricated cost and schedule reports, then performed a Harry Potter job on the account books. In 1988, I showed a jury a memo from an executive from one partner, Long Island Lighting, giving a lesson to a NiMo honcho on how to lie to government regulators. The jury ordered LILCO to pay $4.3billion and, ultimately, put them out of business.
I'm not surprised that the Three Stooges of the power industry knocked their heads together and blacked us out. What's surprising is that the US media is clueless about how we ended up with Larry, Moe and Curley in control of our nation's electronic lifeline.
Here's what happened. After LILCO was hammered by the law, after government regulators slammed Niagara Mohawk and dozens of other book-cooking, document-doctoring utility comanies all over America with fines and penalties totaling in the tens of billions of dollars, the industry leaders got together to swear never to break the regulations again. Their plan was not to follow the rules, but to ELIMINATE the rules. They called it "deregulation."
I would hardly consider the google toolbar to have a triumphant level of ethics.
Not only does google plant an "infinite" cookie (infinite in unix epoch land) to uniquely id each user, but it logs every web site you visit, every GET string from each of those sites, as well as each HTTP REFERER. In terms of contextual user-tracking, that's a fairly significant breach of user-privacy.
I realize that google makes their disclaimer very clear, but so do most other spyware companies. I also realize that we can all disable sending cookies to google as well. Unfortuneatly most anti-spyware products like spybot and ad-aware do not flag google's behavior as such, leaving many users in the dark regarding google's monitoring. I also realize that many people have personal firewalls, but the toolbar sends its requests to the same IP as each of the www sites at each of Google's 7 data centers... disabling the toolbar monitoring effectively disables your use of their web site.
Contrary to public belief, this has in fact been done many times in the short history of AI. ALVINN was the first system that I learned of in my college AI classes, but a quick search on google returned many more.
As a follow-up, it appears that the liability protection that was given for vaccines before the HSA was passed would be extended to vaccine ingredients, such as the disputed preservative thimerosal.
The Lieberman-Daschle amendment tried to strike this Republican substitute from the HSA, but didn't get enough support from the rest of Senate.
This year's Homeland Security Act grants liability protection to corporations which are currently involved in class action lawsuits regarding their products.
This provision gives liability protection to Eli Lilly and other pharmaceutical companies that make a mercury-based vaccine preservative (Thimerasol) that leads to autism in children. It is unclear if the bill pertains only to the "safety" of products, or if it will protect Bonzi in this case.
But anyhow, in addition to compromises to the Freedom of Information Act, exempting Homeland Security Dept from the Federal Advisory Committee Act (FACA), and other compromises to our privacy, the bill will seriously undermine corporate accountability,loaded with just about all the bells and whistles Republicans and corporations wanted.
If you set and export your shell environment variable CFLAGS="-m64", you already have native 64-bit support for Apache. The Sun SPARC architecture has been 64-bit for a long time now.
The "real" problem is getting all of your supporting modules to compile with 64-bit support as well. I've successfully compiled mod_php with the -m64 flag, but since our shop utilizes the Sleepycat Berkeley db3 library (which doesn't support the flag), we cannot build db3 support into mod_php.
Slashdot Mirror
Both Bush and Kerry have not submitted their NPAT (National Political Awareness Test), but a few dozen other presidential candidates have:
y .php?party_name=All
http://www.vote-smart.org/election_president_part
and the 2004 Presidential Candidates Sucks-Rules-O-Meter
rosetta stone: performance tuning
this is conceptually similar to http://bhami.com/rosetta.html, but my table focuses on design choices, specifically performance and security tuning, not daily operations.
note: i couldn't find a value for windows TCP FIN timeout (fin-wait-[12]). The TcpTimedWaitDelay that somebody else suggested is for the TCP TIME_WAIT.
You make good arguments, but reliability and storage capacities are only two of the issues involved.
The largest benefit is performance. Gamers invest so much in their system bus, cpu, and memory, but disk i/o is 5 orders of magnitude slower. if performance is key, a small investment in SCSI improves disk intensive apps considerably.
1. IDE requires CPU cycles. SCSI buses have embedded ICs that handle queuing of data and such, freeing the CPU to perform other tasks.
2. IDE channels are shared. Most IDE ribbons allow for two devices, but one device can talk on the channel at a time, much like CSMA/CD, whereas SCSI allows you to daisy-chain 7 or more devices to simultaeneously talk on the same channel.
3. IDE is not bidirectional. similar to (2), this causes read/writes to wait.
one reason that you didn't mention, that falls under reliability is SCA. this interface combines signalling, power input and data i/o, which enables hot-swappable SCSI drives, critical to any non-appliance or diskless system that requires high availability.
There was a thread (RE: TCP/IP skills) today on the security-focus pen-test mailing lists discussing something similar and I think the book Network Security Hacks is a perfect example. Each trick/hack demonstrates a high-level concept applicable to a single tool.
So, the argument is, is it sufficient to be well-versed in tools or is it more important to possess a strong understanding of the underlying protocols?
Of course, we could take it to another level and ask why there are so many books that take a bottom-up approach, as opposed to looking a security as a process and beginning the discussion of security using high-level goals. I'd be interested in a comprehensive book that looks at security by assessing risk, modelling threats, defining a TCB, and finally using the tools/technology that satisfy those requirements.
The fact that the submitter is one of two co-authors of Security Warrior speaks volumes about the quality of that book as well.
I have an O'Reilly Safari account and checked out several recent "security" titles:
- Network Security Hacks
- Network Security Assessment
- Security Warrior
and I have to say that all of them have weak content.
I don't proclaim to be an expert by any means, but security cannot be administered in such small nuggets of mostly outdated tricks/hacks.
Example: Hack 40: Block OS Fingerprinting. It briefly mentions nmap's -O option and then immediately demonstrates a fairly complex pf filter on OpenBSD. Does the author explain _any_ of the valid and invalid TCP flags that nmap uses? no. Does the author explain any adverse affects of silently dropping _all_ traffic that is satisfied by this complex ruleset? no. Does the author ever mention passive OS fingerprinting? Does it even mention the simplest/non-intrusive methods used to fool active OS fingerprinters like changing the IP default TTL or manipulating the TCP initial sequence number generation parameters? How do we port these rulesets to ipfw? netfilter? PIX conduits? In short, for this rule to be the slightest bit useful, we must assume that it works perfectly (does not drop a single legitimate frame/packet/segment) and simply cut-and-paste this solution in to our bastion host and hope it works.
In that sense, you might as well be dealing with the Windows-centric mindset of cut-and-paste and hope it works.
the graduating student who has performed best in a particular subject area is given a book prize
You seem to imply that there are multiple subject areas, so I'll list multiple books, broken down by subject.
The assumption is that the student will actually want a copy of this book, which might not be the case with some other recommendations like The Art of War or Gödel, Escher, Bach.
Since the student is graduating, how about How Would You Move Mount Fuji?, by William Poundstone. It's subtitled "Microsoft's Cult of the Puzzle - How the World's Smartest Company Selects the Most Creative Thinkers" and describes the roots of logic questions in interviews (specifically Microsoft's notoriously difficult interviews).
Since you mentioned Java or Linux, we can probably assume that the student knows his Design Patterns and UNIX Power Tools. How about Hardware Hacking: Have Fun While Voiding Your Warranty, by Joe Grand, Ryan Russell, and Kevin Mitnick?
Of course, it the student is a hardcore coder, you probably can't go wrong with the Art of Computer Programming, Volume 3, Volume 2, or Volume 1, by Donald Knuth. Or if the student is an Open Source or Free Software zealot, then The Cathedral and the Bazaar may be an obvious choice.
That is hard to say. Some Ad networks that were hit by this IIS problem had cascading problems throughout their distribution networks.
One site that I host (FreeBSD/Apache) has many banner ads and popups. The logic of the site layout though, loads the ads first, then the site, so we appeared to be down.
Also, the javascript used to spawn the popups were hosted externally also. Our XP users also went into an infinite loop of popups...
what did you use as your checksum? sniffing the wire from any IE googlebar session with give you the URI parameters in the GET request. the checksum algorithm used is the proprietary secret.
taken from http://dance.efactory.de/
- auto&p ://www.domain.com/
Most webmasters are interested in ranking changes for their website during the Google Dance. But, besides that, many also want to know about their new PageRank values. Normally, the Google Toolbar fetches the PageRank values from the data center that is specified by its IP address in the actual DNS record for www.google.com. Hence, when the Google Dance begins, the Toolbar usually displays the old PageRank values.
Google submits PageRank values in simple text files to the Toolbar. In former times, this happened via XML. The switch to text files occured in August 2002. The PageRank files can be requested directly from the domain www.google.com. Basically, the URLs for those files look like follows (without line breaks):
http://www.google.com/search?
client=navclient
ch=0123456789&
features=Rank&
q=info:htt
There is only one line of text in the PageRank files. The last cipher in this line is PageRank.
The parameters incorporated in the above shown URL are inevitable for the display of the PageRank files in a browser. The value "navclient-auto" for the parameter "client" identifies the Toolbar. Via the parameter "q" the URL is submitted. The value "Rank" for the parameter "features" determines that the PageRank files are requested. If it is omitted, Google's servers still transmit XML files. The parameter "ch" transfers a checksum for the URL to Google, whereby this checksum can only change when the Toolbar version is updated by Google.
The PageRank files that are requested by the Google Toolbar are cached by the Internet Explorer. So, their URLs and the checksums can simply been found out by having a look at the folder Temporary Internet Files. Knowing the checksums of your URLs, you can view the PageRank files in your browser. Since the PageRank files are kept in the browser cache and, thus, are clearly visible, and as long as requests are not automated, watching the PageRank files in a browser should not be a violation of Google's Terms of Service. However, you should be cautious. The Toolbar submits its own User-Agent to Google. It is:
Mozilla/4.0 (compatible; GoogleToolbar 1.1.60-deleon; OS SE 4.10)
1.1.60-deleon is a Toolbar version which may of course change. OS is the operating system that you have installed. So, Google is able to identify requests by browsers, if they do not go out via a proxy and if the User-Agent is not modified accordingly.
Now, let's see how we can get the new PageRank values. Taking a look at IE's cache, you will notice that the PageRank files are not requested from the domain www.google.com but from IP addresses like 216.239.33.102. Additionally, the PageRank files' URLs often contain a parameter "failedip" that is set to values like "216.239.35.102;1111" (Its function is not absolutely clear). However, it is pretty easy to get the new PageRank values. Simply modify the IP addresses in the URL so that the request goes to one of the data centers that already has the new index. The necessary information is given above.
tcpdump -s0 -X 'dst net (216.239/16 or 66.102/16) or dst host (nickstallman.net or www.nickstallman.net or seo.nickstallman.net)
outputs nothing.
If that's too noisy for your network segment, here are all of the google VIPs:
Domain IP Address
www-ex.google.com 216.239.33.100
www-sj.google.com 216.239.35.100
www-va.google.com 216.239.37.100
www-dc.google.com 216.239.39.100
www-ab.google.com 216.239.51.100
www-in.google.com 216.239.53.100
www-zu.google.com 216.239.55.100
www-cw.google.com 216.239.57.100
www-fi.google.com 216.239.41.100
www-gv.google.com 216.239.59.100
www-kr.google.com 66.102.11.100
www-mc.google.com 66.102.7.100
www-lm.google.com 66.102.9.100
Good point.
The URI that google uses to phone home was reverse engineered in the past and google promptly changed its algorithm.
This is fairly easy to do since the google toolbar phones home for updates as well. and, well, you can't block the request since it defeats the functionality of having the pagerank feature enabled to begin with.
Though, otoh, I don't see any good reason for google preventing this functionality to spread to other browsers/os since they most likely value the surfing habits of more users more than any value from locking the pagerank to IE only.
Ken Brown's Motivation, Release 1.2
:-) , most of them thanking me for the historical material. One of yesterday's emails was from Linus, in response to an email from me apologizing for not letting him see my statement in advance. As a matter of courtesy, I did try but I was using his old transmeta.com address and didn't know his new one until I got a very kind email from Linus' father, a Finnish journalist.
Background
On 20 May 2004, I posted a statement refuting the claim of Ken Brown, President of the Alexis de Tocqueville Institution, that Linus Torvalds didn't write Linux. My statement was mentioned on Slashdot, Groklaw, and many other Internet news sites. This attention resulted in over 150,000 requests to our server in less than a day, which is still standing despite yesterday being a national holiday with no one there to stand next to it saying "You can do it. You can do it." Kudos to Sun Microsystems and the folks who built Apache. My statement was mirrored all over the Internet, so the number of true hits to it is probably a substantial multiple of that. There were also quite a few comments at Slashdot, Groklaw, and other sites, many of them about me. I had never engaged in remote multishrink psychoanalysis on this scale before, so it was a fascinating experience.
The Brown Book
I got an advance copy of Ken Brown's book. I think it is still under embargo, so I won't comment on it. Although I am not an investigative reporter, even I know it is unethical to discuss publications still under embargo. Some of us take ethics more seriously than others. So I won't even reveal the title. Let's call it The Brown Book. There is some precedent for nicknaming books after colors: The International Standard for the CD-ROM (IS 10149) is usually called The Red Book.
Suffice it to say, there is a great deal to criticize in the book. I am sure that will happen when it is published. I may even help out.
Brown's Motivation
What prompted me to write this note today is an email I got yesterday. Actually, I got quite a few
In his email, Linus said that Brown never contacted him. No email, no phone call, no personal interview. Nothing. Considering the fact that Brown was writing an explosive book in which he accused Linus of not being the author of Linux, you would think a serious author would at least confront the subject with the accusation and give him a chance to respond. What kind of a reporter talks to people on the periphery of the subject but fails to talk to the main player?
Why did Brown fly all the way to Europe to interview me and (and according to an email I got from his seat-mate on the plane) one other person in Scandinavia, at considerable expense, and not at least call Linus? Even if he made a really bad choice of phone company, how much could that cost? Maybe a dollar? I call the U.S. all the time from Amsterdam. It is less than 5 cents a minute. How much could it cost to call California from D.C.?
From reading all the comments posted yesterday, I am now beginning to get the picture. Apparently a lot of people (still) think that I 'hate' Linus for stealing all my glory (see below for more on this). I didn't realize this view was so widespread. I now suspect that Brown believed this, too, and thought that I would be happy to dump all over Linus to get 'revenge.' By flying to Amsterdam he thought he could dig up dirt on Linus and get me to speak evil of him. He thought I would back up his crazy claim that Linus stole Linux from me. Brown was wrong on two counts. First, I bear no 'grudge' against Linus at all. He wrote Linux himself and deserves the credit. Second, I am really not a mean person. Even if I were still angry with him after all these years, I wouldn't choose some sleazy author with a hidden agenda as my vehicle. My home page gets 2500 hits a week. If I had something to say, I could put it there.
When The Brown Book comes out, there will no doubt be a lot of publicity in the mainstream media. Any of you with conta
not true.
10g is the average LD-50, the lethal dosage at which 50% of people would die.
and sometimes even 5 orders of magnitude:
ram access time is ~100ns
disk access time is ~10ms (10,000,000 ns)
POWER OUTAGE TRACED TO DIM BULB IN WHITE HOUSE
... snip ]
[ snip... ]
The power outage began in First Energy's Ohio operation. This company was the model for the film, "China Syndrome." Really. Then First Energy's Pennsylvania unit fumbled the power ball. These are the very same Homer Simpsons who melted Three Mile Island.
Next, Niagara-Mohawk blacked out and took down New York. Ni-Mo's claim to fame goes back to the 1980s. They built a nuclear plant, Nine Mile Point, a brutally costly piece of hot junk for which NiMo and its partner companies charged billions to New York State's electricity ratepayers.
To pull off this grand theft by kilowatt, the NiMo-led consortium fabricated cost and schedule reports, then performed a Harry Potter job on the account books. In 1988, I showed a jury a memo from an executive from one partner, Long Island Lighting, giving a lesson to a NiMo honcho on how to lie to government regulators. The jury ordered LILCO to pay $4.3billion and, ultimately, put them out of business.
I'm not surprised that the Three Stooges of the power industry knocked their heads together and blacked us out. What's surprising is that the US media is clueless about how we ended up with Larry, Moe and Curley in control of our nation's electronic lifeline.
Here's what happened. After LILCO was hammered by the law, after government regulators slammed Niagara Mohawk and dozens of other book-cooking, document-doctoring utility comanies all over America with fines and penalties totaling in the tens of billions of dollars, the industry leaders got together to swear never to break the regulations again. Their plan was not to follow the rules, but to ELIMINATE the rules. They called it "deregulation."
[
Article continued here
Be wary of Gates Foundation donations/charities.
We are all serfs on Microsoft's and Big Pharma's 'intellectual property.'
I would hardly consider the google toolbar to have a triumphant level of ethics.
Not only does google plant an "infinite" cookie (infinite in unix epoch land) to uniquely id each user, but it logs every web site you visit, every GET string from each of those sites, as well as each HTTP REFERER. In terms of contextual user-tracking, that's a fairly significant breach of user-privacy.
I realize that google makes their disclaimer very clear, but so do most other spyware companies. I also realize that we can all disable sending cookies to google as well. Unfortuneatly most anti-spyware products like spybot and ad-aware do not flag google's behavior as such, leaving many users in the dark regarding google's monitoring. I also realize that many people have personal firewalls, but the toolbar sends its requests to the same IP as each of the www sites at each of Google's 7 data centers... disabling the toolbar monitoring effectively disables your use of their web site.
Contrary to public belief, this has in fact been done many times in the short history of AI. ALVINN was the first system that I learned of in my college AI classes, but a quick search on google returned many more.
CMU ALVINN
US VISTA
Temple Report on Autonomous Vehicle Systems
google.com may be cool, but what good are they if they aren't even accessible? Google Down?
ok. i'll admit, i was quite astonished to see google returning HTTP 500 status codes.
low bandwidth
high bandwidth
As a follow-up, it appears that the liability protection that was given for vaccines before the HSA was passed would be extended to vaccine ingredients, such as the disputed preservative thimerosal.
p df
The Lieberman-Daschle amendment tried to strike this Republican substitute from the HSA, but didn't get enough support from the rest of Senate.
http://www.senate.gov/~gov_affairs/111502summary.
This year's Homeland Security Act grants liability protection to corporations which are currently involved in class action lawsuits regarding their products.
This provision gives liability protection to Eli Lilly and other pharmaceutical companies that make a mercury-based vaccine preservative (Thimerasol) that leads to autism in children. It is unclear if the bill pertains only to the "safety" of products, or if it will protect Bonzi in this case.
But anyhow, in addition to compromises to the Freedom of Information Act, exempting Homeland Security Dept from the Federal Advisory Committee Act (FACA), and other compromises to our privacy, the bill will seriously undermine corporate accountability,loaded with just about all the bells and whistles Republicans and corporations wanted.
If you set and export your shell environment variable CFLAGS="-m64", you already have native 64-bit support for Apache. The Sun SPARC architecture has been 64-bit for a long time now.
The "real" problem is getting all of your supporting modules to compile with 64-bit support as well. I've successfully compiled mod_php with the -m64 flag, but since our shop utilizes the Sleepycat Berkeley db3 library (which doesn't support the flag), we cannot build db3 support into mod_php.
Actually, you are mistaken. Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26
- 2002-0840
l
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN
Apache release notes here: http://www.apache.org/dist/httpd/Announcement.htm