Some while ago, my 14k4 modem (half a year
old) catched fire while sitting on my desk
doing nothing more than being switched on.
There was no smell; I just saw something
in the corner of my eyes blinking. In fact
it was a flame burning under the ventilation
holes of the device. It was really luck I was
there and could blow it out.
After some investigation I found that it
had been a capacitor catching fire inside.
I don't know what would have happened if I
had been in the bath or downstairs to talk
to my family for half an hour...
(The modem was sitting on a wooden desk
and its plastic case seemed to quite like
the heat.)
I replaced the capacitor and it is still
serving me well. But I really became cautious
with electronic equipment. Sometimes, you
really need something to happen or somebody
tell you about things like this before you
even think of some nice
little equipment possibly going "boom" and burning down
your house.
Of course, if the reason the case is off is so that you can point a desk fan at the innards, that's a different story.
... the problem being that if something
really catches fire (quite common
for electrolyt capacitors), the sparks will have great fun
flying all over your (wooden?) desk with the
latest printouts of your source code all over it.
I also did this for quite a while before
I thought about it. Now I guess that this is
even more dangerous.
At work they made a policy that ALL computers will be completely shut down at night after a monitor caught fire one night and burned out an office.
When I started to work in my current company,
I also started to try to convince everyone to
turn their monitors off when they left. Everyone
switched off their computers, but since manufacturers
stupidly have begun to remove power plugs for
monitors from the PC power supply, most of my
colleagues simply missed to turn it off.
(Remember: It goes black, and in most cases
there's only this little green LED turning
yellow if the monitor experiences signal loss.
Easy to miss.)
I think monitors are much more dangerous
left on than PCs are. In fact, AFAIK, in
my country you are even _required_ to turn
them off when you leave or you won't get a
damn buck from your fire insurance.
An imploding tube can be quite nasty.
That's also the reason why you should
never, ever place paper
on top of your monitors.
Also, these (physical) "screen savers"
made of fabric with funny pet's heads are
a really dumb and dangerous (we're talking
about fire!) idea. But ever tried to
explain this to secretaries?:-(
You are correct, but I must say that the Germanium diode you are talking about must be considered as an external source of randomness, since it's not something normally found in a computer.
It's as external as your network card is, which
(also) (still) isn't part of quite a big part of the
installed PC park.
Should be quite cheap to produce as a
USB plug, too, and could finally remove
this annoying "please move your mouse and
press some keys" entrophy gathering some
homebanking programs (and crypto key
generators) still require.
What I meant to say is that in today's personal computers, there is nothing truely random.
Behind the name 'FWH' = 'Firmware Hub' you'll find a chip that's not much else than a 4 Mbit EEPROM plus a tiny bit of active silicon. The EEPROM contains the motherboard and graphics BIOS and the active silicon is a random number generator."
There is even Linux support for this
(Character Devices -> Intel i8x0 Random Number generator support) and as far as a quick
search on the net shows it's also present
in the i815.
Although, but this is my perfectly personal
opinion, I wouldn't trust some blackbox random
number generator manufactured by Intel.
Re: At last I understand those Simpsons cartoons!
on
Animated Encryption
·
· Score: 2, Funny
When they all leap onto the sofa at the start of the episode it truly means something.
Now if only I could get a look at the decode manual . ..
Homer's hair. Nuff said.
And whenever they need to send a burst of data,
there always is some reason to show Homer in the
60s in the storyline, right?;-)
A computer can do pseudo randomness... but since it's not truly random there are ways to detect periodic repetitions and thus find the missing key to decrypt the message...
What you mean is probably: "Computers cannot
generate true random numbers in software".
Germanium diodes are said to generate real
random, chaotic electron flows if used in blocking
direction.
One usually uses a Germanium diode, places
an A/D converter past it and calls it "hardware
random number generator".
That said, scientists still aren't sure
whether there is such a thing like "true
random numbers" at all. Create your
own universe and maybe you will be able to
predict any "random" number that beings
within this universe try to create.
When Nimda was released, M$ had already released a patch for the vulnerability it exploited.
That clueless admins did not update it is not the fault of M$, any more than clueless admins not updating, say, OpenSSH or Apache is the fault of the OpenSSH/Apache guys.
We've come to a point where you need to check
any Microsoft patch very careful
before applying it, especially on productivity
servers. You had to check if it had
Dependencies on a special software version
Dependencies on other patches
Language dependencies
If there were any known incompatibilities
with this patch yet (nobody likes to apply the
newest patches just to fix hard to exploit
vulnerabilities just to realize that the patch
sent your perfectly working server to the
Big Wahooni, caused downtime and had you fetch
that backup tape - still not having fixed that
hole because you have to rewind to the last
working software version before the patch...)
Now you have to add an additional and probably
even more time-consuming step:
Check whether any legal changes will apply
to your perfectly working system after you install
a security patch that you really, really need.
Check back with your legal department (especially
in companies that run servers this might be
unavoidable) if you are even allowed
to install that bugfix.
Perhaps those people who did not apply this
or that fix to their systems had already other
problems other than just being dumb. We'll see
a lot more of this in the future with Microsoft
software.
Imagine the headlines: "$BIGCOMPANY's web
servers rooted because the latest Microsoft
"Service Pack" was still being checked by
$BIGCOMPANY's legal dept".
So corporate networks are illegal now thanks to the RIAA.
Please. You and everybody else who read the article can clearly see that your quote about networks being illegal is taken out of context.
Also "please". IMHO the RIAA forces
people to read their statements char-by-char
and out-of-context. Since, if you don't
do it, they will do it by themselves a couple
of weeks ahead.
I had a hard time today myself locating the
Java plugin for Mozilla/Win just to see this
game. After a really long time searching
for it on java.sun.com
I finally gave up and clicked the "download plugin
here" icon that Mozilla gave me. This JVM works
for Windows, although I'd liked it more to have
it downloaded by hand.
Yes, this is Off-Topic, I know.:-) But
this was the first time for weeks I really
wanted Java to see something on the 'net.
Mod me down if you like. One man, one $VOTE.;-)
The contest is already running for more than
a day, it was not started today:
According to
the contest's page the contest was
started on June 25th, 5pm local time.
More or less just nitpicking.:-) But
the programs have already played several
dozend matches. (and scored nearly exactly
1:1 the last time I had a look - 29 won by
Athlon, 29 won by Xeon, for example.)
The reason that the counters are at
"0" at the moment is that they are being
reset at about this time of day everyday.
Using your figures, a game costing $5 million
to program and bringing back $40 of profit per module would
mean that this game would have already brought in
production costs (just brainware) after selling
about 125,000 modules.
Anyone any stats for consoles like PS2,
Dreamcast et al?
[Poster said games would only cost
a "couple of dollars" a piece]
Aren't you forgetting those pasty-faced, caffeine-consuming individuals that produce the funny patterns of 1's and 0's on the DVD? What do you call them now... programmers? Most of the programmers I've talked to need to eat occasionally, and live somewhere with a roof.
Do you know of any console
game programmer that actually earns that much
money per game that it would be of any relevance
in the two-digit dollar range on a video game
actually sold? Remember, they sell ten thousand
if not hundred thousands of modules.
Most console companies try to get about
$50 per module, no matter what it did cost
to produce and no matter the quality.
Can't be coincidence.
sort(1) was one of my worst
on
Pet Bugs?
·
· Score: 1
I had to "port" one of my shell scripts in my
company to another machine (source was SunOS
with bash). The target platform was
Linux/SPARC, in fact RedHat 6.2 (with lots of
fiddling applied, but in core still RPM)
on a Sun Netra. (Pretty baby.:->)
But it didn't work. There was some data collection
mechanism that didn't give me a clue to why it
was failing (well, it didn't simply fail;
it just gave perfectly wrong results as
output).
Several hours later, even after "backporting"
it from bash to/bin/sh, while replaying all the
data flows in the script I found the bug.
The bug was in sort(1) from the
GNU textutils shipped with RedHat 6.2/SPARC.
When using the -n option to do
numeric sorting, this simply didn't work.
sort shifted some numbers around within
the data stream, but what went out was
far from sorted.
I couldn't even believe that and spent
some more time searching around for known
bugs in GNU textutils. When I didn't find
anything in the textutils ChangeLog that
matched this bug, I just tried to compile
a new package from scratch. Wonder - it
worked.
Maybe RedHat just used a broken compiler
for this default RPM, but this was a nasty,
nasty thing that cost me half a day.
(Would you expect something like sort(1)
to be broken on a system that has been
running and used for months?)
What if said liability only applied to commercial (for profit) software?
Microsoft is giving away Internet Explorer
for free. It wouldn't be affected in this
case.
Could it still be considered "commercial"?
If so, and even if GPL code writing programmers
wouldn't be liable, what about Linux distributors?
They also give away programs for free (download),
but make money from support and selling
documentation.
So if Microsoft would become liable for
distributing Internet Explorer, wouldn't
this affect RedHat, SuSE, and ${YOUR_FAVORITE_COMMERCIAL_DISTRIBUTION}, too?
There's also an even "easier" way to recover
data on a drive that you just overwrote. On a
physical level.
Drives don't (re-)write on exactly the same
grove. There's rather a physical range in which
a grove may exist.
The longer a drive is on, the warmer it gets
(at least within the first approx. 30 minutes).
The warmer it gets, thermic effects affect the
drive's mechanic. This causes it to expand over
time (and "shrink" if it gets cooler again).
So the position within the range where the
grove may exists moves.
So it's not wise to turn on a laptop in the
morning and instantly start some task to overwrite
all data. Because this will just overwrite the
data on the _inner_ range of each grove. Nearly
all data on the outer range is not overwritten
at all and can easily (well, "easily" compared
to other recovery technologies) be recovered.
So, not only overwrite the data several times,
but also overwrite it
Directly after power-on (just a few MB,
then let it cool down, then the next few MB...)
After some warming up
After warming up and some heavy disk activity
(random searches)
several times.
Not reliable, though, but already safer from
the physical level.
Sure. You could even better hear it
in the Middle Age. It was them whose houses
went "boom" in a periodic way.:-)
You try things out. Find out what happens, and see if it matches your theory. Refine and repeat.
Right and Wrong. Yes, you try things out.
But sending a sattelite into space that fires
a strong laser beam through atmosphere directly
to earth and "let's see what happens, if it
works or if something is destroyed on the way"
is not Science. It's vandalism.
And it's about fiddling with an atmosphere
that doesn't belong to a handful of scientists
here but billions of people. This is nothing
you play let's-see-what-happens with.
Sorry, I forgot another scenario, in
Today's Feared World Of Terrorism:
Big satellite takes light from the sun
to transform it into a big laser and fire
it down to some H2O plant.
Terrorists take small plane (one of these
remote-controllables), fill it with a huge
amount of "go-boom-if-ignited" stuff and
fly to the plant. A few metres over the ocean,
of course. You can't see something like this
on a radar.
(I even read an article about something
like this a few months ago. I think the
US Navy was thinking about doing exactly
this - solar driven little planes, remote
controlled, a little bit over the ocean,
had enough power to cross a whole ocean and
make pictures or deliver bombs to the other
side.)
Well, it would arrive unexpected, go
"boom", ignitioning all the Hydrogen and
Oxygen that this plant had produced...
A giant orbital laser that fires
to the ground into a giant salt water
swimmingpool.
What is the impact of fried birds dropping
onto this pool?
What can this concentrated energy do to
some of the earths outer layers that are
important for climate? Atmosphere, stratosphere,
and so on.
Impact on the ozone layer, which is already
(by definition, not by human interaction) quite
thin and easy to disturb?
What are they going to do with all the
Oxygenium? Since the air we breathe consists
to more than 70 percent of Nitrogen, not
Oxygene, simply freeing large volumes could
be problematic. (And can be quite a risk
for the installation itself. Think of
"no smoking".)
What if a mislead plane happens to fly
into the beam? A weather balloon?
Impact on clouds? Hitting them (and the
H2O within them) will also split the H2O,
and then Ozone will react from the Oxygenium
radicals. And: Ozone is only good in exactly
the right height over ground. Every Ozone
lower than that is poisonous and, in the
volumes we're talking about, could lead
to quite interesting weather effects within
these clouds.
Don't talk about what happens if this
cloud of ozone happens to drift over
some city. In cities, we usually call
this "smog" and try to avoid it.
Sulfur dioxide, raising up in clouds
from big cities or other things that burn
fuel (oil plants?) is known to react to
Sulfur Acid in the athmospere, with the help
of the power of sunlight. A while after,
we call this "sour rain" or "acid rain".
What amount of acid could react if a cloud
like this is hit by this _very_ strong
artificial sun?
Nice idea, but done by company scientists
for company scientists. IMHO, this could
cause far too many things to be implemented.
And, remember: "They" are not fiddling with
a x square miles big sector of air above their
installation. They're fiddling with the atmosphere that is shared by some billion of
people. There is hardly a thing like local effects
with wind, clouds, and weather. Ask your European
friend if he sometimes finds a thin layer of
very fine sand outside his house or on his
windows. This comes straight from the Sahara
desert in Africa. (No, I'm not kidding.)
When the reactor in Tchernobyl went "blob",
the radioactive dirt was distributed over half
of Europe, 1000s of kilometres, which still
ended up with enough dirt to have them throw
away every vegetable in their gardens.
And: Science doesn't have any data about
what happens to the very highest layers
above us when hit by a concentrated stream
of energy on a single point that is several
times stronger than the strong rays of the
real sun around it. It might well cause
something or, doing this several months
in a row, burn a hole into a layer of gases
that we not even know about yet.
We Just Don't Know.
you want to review a firewall? crack it... Show me times it took and what kiddie tools took it down or circumvented it because of a flaw in the firewall. bitching about how the scripts are written is clutching at straws and trying to add content to an already empty review.
Sometimes even on BugTraq it doesn't need an
actual exploit to be published to show people that
there might be serious security risks in a product, just by showing flaws in the actual
implementation of that product.
Remember: Some companies even claim that
it's better not to publish an actual exploit..
Secondly he complains of plain text passwords for the ppp passwords. This is not our doing. The passwords are stored in this format as pppd requires them to be in plain text in the two files. He also mentions that the permissions of these files are wrong. If he looked a little more closely he would have seen that they are in fact symlinks to the 2 real files, which do have the proper permissions on them."
Tsstss.. Look at this excerpt from the article
that this SmoothWall guy is complaining about:
The PPP-Daemon complains in the log file, every start, about the permissive reading rights to its password file, hard to imagine that the developers missed this one.
I also have a strange feeling about other
"security" options that they choose. For example:
Not using shadowed password files. They say it
wouldn't be neccessary since the only user
available is root anyway. But what is the _sense_
of not using shadowed password files? (And what
is the sense to require the user to be root
to configure the system? Even Apache is supposed
to be quite secure, but nobody will run it
as root because there still might
be holes. Impossible in a hacked-together
firewall distribution?) The bytes
in length on the harddisk they would have saved
would be a joke.
All in all, I believe there are some truth-
and insightful bits in the c't review, even
if the reviewer did a mistake.
btw: To complain that the passwords had
to be plaintext because PPPd and FreeSWAN
required it is complete nonsense for a
Firewall! Sources are available, so
why not add a patch to have the passwords
encrypted if this is supposed to become
a Firewall?
(Sorry, had to emphasize this, since this
is not some desktop distribution but supposed
to be a Firewall.)
Sol/x86 disappearing is not good
on
No Solaris 9 for x86
·
· Score: 3, Informative
It's not good. When starting to
work with Solaris in my company I really
enjoyed it to have a free Solaris8/x86 to
install it at one of my PCs at home in
parallel so I could hack it a bit and get
more used to it by playing around with
configuration options that I'd never dared
to play around with on the systems at work.
It would be _so_ good if one could also
do this with Solaris 9 at home, provided
your employer started to use 9 at work.
At least Solaris 8/x86 is still there.
Too bad this really fits with the news
from today that Sun has removed the download
links to Solaris 8.:-(((
Because Linux at home on your Average
Cheap Hardware doesn't help you to get
used to SunOS. IMHO it was quite a clever
idea from Sun to support Solaris on
cheap x86 hardware and give it away
for free, so more people had a look at it.
And for you at home, it is always a good
chance to know how as many as possible
different systems look and behave.
Yes, it's Unix. But if you've never
seen Solaris/SunOS before and only
hacked with Linux, you'd be amazed
how different the system is.
Slashdot Mirror
Some while ago, my 14k4 modem (half a year old) catched fire while sitting on my desk doing nothing more than being switched on.
There was no smell; I just saw something in the corner of my eyes blinking. In fact it was a flame burning under the ventilation holes of the device. It was really luck I was there and could blow it out.
After some investigation I found that it had been a capacitor catching fire inside. I don't know what would have happened if I had been in the bath or downstairs to talk to my family for half an hour...
(The modem was sitting on a wooden desk and its plastic case seemed to quite like the heat.)
I replaced the capacitor and it is still serving me well. But I really became cautious with electronic equipment. Sometimes, you really need something to happen or somebody tell you about things like this before you even think of some nice little equipment possibly going "boom" and burning down your house.
Sad, but true. Please take care out there.
I also did this for quite a while before I thought about it. Now I guess that this is even more dangerous.
When I started to work in my current company, I also started to try to convince everyone to turn their monitors off when they left. Everyone switched off their computers, but since manufacturers stupidly have begun to remove power plugs for monitors from the PC power supply, most of my colleagues simply missed to turn it off.
(Remember: It goes black, and in most cases there's only this little green LED turning yellow if the monitor experiences signal loss. Easy to miss.)
I think monitors are much more dangerous left on than PCs are. In fact, AFAIK, in my country you are even _required_ to turn them off when you leave or you won't get a damn buck from your fire insurance.
An imploding tube can be quite nasty. That's also the reason why you should never, ever place paper on top of your monitors.
Also, these (physical) "screen savers" made of fabric with funny pet's heads are a really dumb and dangerous (we're talking about fire!) idea. But ever tried to explain this to secretaries? :-(
It's as external as your network card is, which (also) (still) isn't part of quite a big part of the installed PC park.
Should be quite cheap to produce as a USB plug, too, and could finally remove this annoying "please move your mouse and press some keys" entrophy gathering some homebanking programs (and crypto key generators) still require.
Well, let me see, there is:
Intel's i810 chipset:
"The FWH - 82802
Behind the name 'FWH' = 'Firmware Hub' you'll find a chip that's not much else than a 4 Mbit EEPROM plus a tiny bit of active silicon. The EEPROM contains the motherboard and graphics BIOS and the active silicon is a random number generator."
There is even Linux support for this (Character Devices -> Intel i8x0 Random Number generator support) and as far as a quick search on the net shows it's also present in the i815.
Although, but this is my perfectly personal opinion, I wouldn't trust some blackbox random number generator manufactured by Intel.
Homer's hair. Nuff said.
And whenever they need to send a burst of data, there always is some reason to show Homer in the 60s in the storyline, right? ;-)
What you mean is probably: "Computers cannot generate true random numbers in software".
Germanium diodes are said to generate real random, chaotic electron flows if used in blocking direction.
One usually uses a Germanium diode, places an A/D converter past it and calls it "hardware random number generator".
That said, scientists still aren't sure whether there is such a thing like "true random numbers" at all. Create your own universe and maybe you will be able to predict any "random" number that beings within this universe try to create.
I think you're wrong here. Have a look at current Microsoft "security patch" EULAs.
We've come to a point where you need to check any Microsoft patch very careful before applying it, especially on productivity servers. You had to check if it had
Now you have to add an additional and probably even more time-consuming step:
Perhaps those people who did not apply this or that fix to their systems had already other problems other than just being dumb. We'll see a lot more of this in the future with Microsoft software.
Imagine the headlines: "$BIGCOMPANY's web servers rooted because the latest Microsoft "Service Pack" was still being checked by $BIGCOMPANY's legal dept".
Scary.
Also "please". IMHO the RIAA forces people to read their statements char-by-char and out-of-context. Since, if you don't do it, they will do it by themselves a couple of weeks ahead.
Sad, yes.
From the interview:
People saying things like this obviously aren't experiencing financial problems yet. ;-)
Still responding fine here for the last hours. Maybe it's just your network connection.
It's somewhat tough to bring heise.de down. :-)
These guys usually know what they're doing.
Good question. Really good question.
I had a hard time today myself locating the Java plugin for Mozilla/Win just to see this game. After a really long time searching for it on java.sun.com I finally gave up and clicked the "download plugin here" icon that Mozilla gave me. This JVM works for Windows, although I'd liked it more to have it downloaded by hand.
Yes, this is Off-Topic, I know. :-) But
this was the first time for weeks I really
wanted Java to see something on the 'net.
Mod me down if you like. One man, one $VOTE. ;-)
At least RAM and Mainboard configuration is here (German).
I don't think anyone'd need The Fish for tech details. ;-)
Short answer: RAM is 1GB on both boards, timings are slightly different.
The contest is already running for more than a day, it was not started today:
According to the contest's page the contest was started on June 25th, 5pm local time.
More or less just nitpicking. :-) But
the programs have already played several
dozend matches. (and scored nearly exactly
1:1 the last time I had a look - 29 won by
Athlon, 29 won by Xeon, for example.)
The reason that the counters are at "0" at the moment is that they are being reset at about this time of day everyday.
Using your figures, a game costing $5 million to program and bringing back $40 of profit per module would mean that this game would have already brought in production costs (just brainware) after selling about 125,000 modules.
Anyone any stats for consoles like PS2, Dreamcast et al?
Do you know of any console game programmer that actually earns that much money per game that it would be of any relevance in the two-digit dollar range on a video game actually sold? Remember, they sell ten thousand if not hundred thousands of modules.
Most console companies try to get about $50 per module, no matter what it did cost to produce and no matter the quality.
Can't be coincidence.
I had to "port" one of my shell scripts in my company to another machine (source was SunOS with bash). The target platform was Linux/SPARC, in fact RedHat 6.2 (with lots of fiddling applied, but in core still RPM) on a Sun Netra. (Pretty baby. :->)
But it didn't work. There was some data collection mechanism that didn't give me a clue to why it was failing (well, it didn't simply fail; it just gave perfectly wrong results as output).
Several hours later, even after "backporting" it from bash to /bin/sh, while replaying all the
data flows in the script I found the bug.
The bug was in sort(1) from the GNU textutils shipped with RedHat 6.2/SPARC. When using the -n option to do numeric sorting, this simply didn't work. sort shifted some numbers around within the data stream, but what went out was far from sorted.
I couldn't even believe that and spent some more time searching around for known bugs in GNU textutils. When I didn't find anything in the textutils ChangeLog that matched this bug, I just tried to compile a new package from scratch. Wonder - it worked.
Maybe RedHat just used a broken compiler for this default RPM, but this was a nasty, nasty thing that cost me half a day.
(Would you expect something like sort(1) to be broken on a system that has been running and used for months?)
Taught me something.
Microsoft is giving away Internet Explorer for free. It wouldn't be affected in this case.
Could it still be considered "commercial"? If so, and even if GPL code writing programmers wouldn't be liable, what about Linux distributors? They also give away programs for free (download), but make money from support and selling documentation.
So if Microsoft would become liable for distributing Internet Explorer, wouldn't this affect RedHat, SuSE, and ${YOUR_FAVORITE_COMMERCIAL_DISTRIBUTION}, too?
There's also an even "easier" way to recover data on a drive that you just overwrote. On a physical level.
Drives don't (re-)write on exactly the same grove. There's rather a physical range in which a grove may exist.
The longer a drive is on, the warmer it gets (at least within the first approx. 30 minutes). The warmer it gets, thermic effects affect the drive's mechanic. This causes it to expand over time (and "shrink" if it gets cooler again). So the position within the range where the grove may exists moves.
So it's not wise to turn on a laptop in the morning and instantly start some task to overwrite all data. Because this will just overwrite the data on the _inner_ range of each grove. Nearly all data on the outer range is not overwritten at all and can easily (well, "easily" compared to other recovery technologies) be recovered.
So, not only overwrite the data several times, but also overwrite it
several times.
Not reliable, though, but already safer from the physical level.
You may want to have a look at LyX with KDE user interface (KLyX) then (no binaries there; try this klyx page on rpmfind.net).
The LyX people write that it is currently unmaintained, but the last version I tried worked quite stable.
Sure. You could even better hear it in the Middle Age. It was them whose houses went "boom" in a periodic way. :-)
Right and Wrong. Yes, you try things out. But sending a sattelite into space that fires a strong laser beam through atmosphere directly to earth and "let's see what happens, if it works or if something is destroyed on the way" is not Science. It's vandalism.
And it's about fiddling with an atmosphere that doesn't belong to a handful of scientists here but billions of people. This is nothing you play let's-see-what-happens with.
Sorry, I forgot another scenario, in Today's Feared World Of Terrorism:
Big satellite takes light from the sun to transform it into a big laser and fire it down to some H2O plant.
Terrorists take small plane (one of these remote-controllables), fill it with a huge amount of "go-boom-if-ignited" stuff and fly to the plant. A few metres over the ocean, of course. You can't see something like this on a radar.
(I even read an article about something like this a few months ago. I think the US Navy was thinking about doing exactly this - solar driven little planes, remote controlled, a little bit over the ocean, had enough power to cross a whole ocean and make pictures or deliver bombs to the other side.)
Well, it would arrive unexpected, go "boom", ignitioning all the Hydrogen and Oxygen that this plant had produced...
Do terrorists read Slashdot?
A giant orbital laser that fires to the ground into a giant salt water swimmingpool.
What is the impact of fried birds dropping onto this pool?
What can this concentrated energy do to some of the earths outer layers that are important for climate? Atmosphere, stratosphere, and so on.
Impact on the ozone layer, which is already (by definition, not by human interaction) quite thin and easy to disturb?
What are they going to do with all the Oxygenium? Since the air we breathe consists to more than 70 percent of Nitrogen, not Oxygene, simply freeing large volumes could be problematic. (And can be quite a risk for the installation itself. Think of "no smoking".)
What if a mislead plane happens to fly into the beam? A weather balloon?
Impact on clouds? Hitting them (and the H2O within them) will also split the H2O, and then Ozone will react from the Oxygenium radicals. And: Ozone is only good in exactly the right height over ground. Every Ozone lower than that is poisonous and, in the volumes we're talking about, could lead to quite interesting weather effects within these clouds.
Don't talk about what happens if this cloud of ozone happens to drift over some city. In cities, we usually call this "smog" and try to avoid it.
Sulfur dioxide, raising up in clouds from big cities or other things that burn fuel (oil plants?) is known to react to Sulfur Acid in the athmospere, with the help of the power of sunlight. A while after, we call this "sour rain" or "acid rain". What amount of acid could react if a cloud like this is hit by this _very_ strong artificial sun?
Nice idea, but done by company scientists for company scientists. IMHO, this could cause far too many things to be implemented.
And, remember: "They" are not fiddling with a x square miles big sector of air above their installation. They're fiddling with the atmosphere that is shared by some billion of people. There is hardly a thing like local effects with wind, clouds, and weather. Ask your European friend if he sometimes finds a thin layer of very fine sand outside his house or on his windows. This comes straight from the Sahara desert in Africa. (No, I'm not kidding.)
When the reactor in Tchernobyl went "blob", the radioactive dirt was distributed over half of Europe, 1000s of kilometres, which still ended up with enough dirt to have them throw away every vegetable in their gardens.
And: Science doesn't have any data about what happens to the very highest layers above us when hit by a concentrated stream of energy on a single point that is several times stronger than the strong rays of the real sun around it. It might well cause something or, doing this several months in a row, burn a hole into a layer of gases that we not even know about yet. We Just Don't Know.
Fiddling with this is just stupid.
Sometimes even on BugTraq it doesn't need an actual exploit to be published to show people that there might be serious security risks in a product, just by showing flaws in the actual implementation of that product.
Remember: Some companies even claim that it's better not to publish an actual exploit..
Tsstss.. Look at this excerpt from the article that this SmoothWall guy is complaining about:
I also have a strange feeling about other "security" options that they choose. For example: Not using shadowed password files. They say it wouldn't be neccessary since the only user available is root anyway. But what is the _sense_ of not using shadowed password files? (And what is the sense to require the user to be root to configure the system? Even Apache is supposed to be quite secure, but nobody will run it as root because there still might be holes. Impossible in a hacked-together firewall distribution?) The bytes in length on the harddisk they would have saved would be a joke.
All in all, I believe there are some truth- and insightful bits in the c't review, even if the reviewer did a mistake.
btw: To complain that the passwords had to be plaintext because PPPd and FreeSWAN required it is complete nonsense for a Firewall! Sources are available, so why not add a patch to have the passwords encrypted if this is supposed to become a Firewall?
(Sorry, had to emphasize this, since this is not some desktop distribution but supposed to be a Firewall.)
It's not good. When starting to work with Solaris in my company I really enjoyed it to have a free Solaris8/x86 to install it at one of my PCs at home in parallel so I could hack it a bit and get more used to it by playing around with configuration options that I'd never dared to play around with on the systems at work.
It would be _so_ good if one could also do this with Solaris 9 at home, provided your employer started to use 9 at work. At least Solaris 8/x86 is still there.
Too bad this really fits with the news from today that Sun has removed the download links to Solaris 8. :-(((
Because Linux at home on your Average Cheap Hardware doesn't help you to get used to SunOS. IMHO it was quite a clever idea from Sun to support Solaris on cheap x86 hardware and give it away for free, so more people had a look at it. And for you at home, it is always a good chance to know how as many as possible different systems look and behave. Yes, it's Unix. But if you've never seen Solaris/SunOS before and only hacked with Linux, you'd be amazed how different the system is.