use of mplayer for full screen divx (as in the ads) = bad
Losing 8 megs isn't really much. I run mplayer full screen on my "media box" all the time, which is an IBM Aptiva, PIII 450 with 96 megs of RAM, and it does so just fine. mplayer doesn't use *that* much memory.
And I'm using a cheap video card (not shared memory though) using the vesa output (something that should work about the same on any modern video chip). Not to mention the other tasks that box is always doing (firewall/gateway, network file server, Apache/PHP/MySQL pretty much idling but still using RAM).
There's a big difference between decoding and displaying MPEG video (Divx), and playing 3D games which require intense GPU processing. We had full-screen MPEG video back in the 486 days. Not as high quality, sure, but even the Weezer video on the Win95 CD wasn't all that bad, and worked nicely on a DX or, better yet, a Pentium system...
I agree that sometimes extra fees really frustrate me. It's always annoying when you see a price for something, and it seems cheap enough, until the time comes to pay and it's 10% to 30% more than you had planned. Perhaps my fault for not reading the fine print.
However, this part of the article annoys me:
The FTC has taken action against firms that haven't disclosed some fees, but the last such case was in 2001, when the agency settled deceptive advertising charges with Gateway Inc. and Juno Online Services Inc. The agency said both firms promoted free Internet service, even though some consumers incurred substantial long-distance charges to go online. (my emphasis)
Now, unless Gateway/Juno led the customer to believe that they would be making a local call, which I doubt to be the case -- then this is the customer's fault.
In fact, I've never, ever seen an ad for internet service that didn't have the standard disclaimer about "phone charges may apply" or what have you...
There were other instances in the article that were just a bit over the top, but the long distance charges for internet service one really just got to me. Why is that their responsibility?
If I give you my phone number, and tell you that I will gladly talk you through a problem or situation for free -- is it my fault if you run up your LD bill in the process? Now, adding the word Internet to the mix makes the average tech-phobe lose all common sense, and suddenly they were tricked with all these technical terms. Like "telephone" and "long distance". *sigh*
Heh, I'd like to see that!!!...throwing bricks at my windows...
Now, I can certainly relate, but wouldn't this destroy what could have been a perfectly good Linux box? I mean, physically harming the... uh... oh, you mean those GLASS things?
You are totally correct. My parent's ISP (Earthlink) blocks port 25 so that "spammers can't send email". The end result is that spammers just use another port and everyone else is inconvenienced.
The spam they are generally trying to block is the kind sent from the connection directly to your mail server. IOW, many spammers run their own SMTP server *on the dynamic IP*. They can't just "use another port" in that case.
Many SPAMs are sent this way, from AOL accounts and other big ISPs. Earthlink decided to block port 25 to prevent just this type of SPAM (same reason we have the DUL).
Now of course if they are using an actual SMTP server somewhere, then it's not Earthlink's problem. They don't need to use port 25. They can just send directly from the server, via an SMTP server, a web interface, or manually via ssh/telnet. But no spam (for the most part) will be sent directly from the Earthlink connection.
ISP's that block ports can go screw themselves.
And that's your right. You do not have to use Earthlink. I used to use Earthlink before I got DSL, and at first this pissed me off, but I got over it pretty quickly. IMO you should use your ISPs SMTP server anyway, there's no need to relay through your own server. Using this, there's no reason to even run a relay on your server. Incoming local mail only.
Blocking SMB OTOH shouldn't be done IMO, but again, you do not have to purchase their services if you feel they are placing unnecessary restrictions on it. Honestly, blocking SMTP and SMB would not cause me to find another provider. Only when it interferes with what I want to do (say, blocking common game server ports or whatever) would I look to someone else for service.
I imagine that's about as often or less often than a typical Linux user upgrades their machine.
One of the differences here is that I can upgrade any part of my Linux systems that I want. My main Linux box is running RedHat 6.2, but with a 2.4.19 kernel, many many upgraded user-space tools, ext3 filesystem, updated glibc, rpm 4.x, etc...
With Windows you get all or nothing. If I want remote desktop on my Windows box, I have to upgrade all of Windows. I'm sure there are a few things in XP I wouldn't mind having, but I am sticking with Win2k until I see a reason to upgrade (so we agree for the most part:)
Another poster mentioned that Office 11 will not support Windows 98. If this is true (this is the first I'd heard of it myself), then this extends even further than the OS.
Unless a business did the upgrading by themselves (that is, without purchasing from RedHat), then I don't really see why it's so much cheaper.
Linux kernel and software upgrades can be rolled out pretty easily if you have a standardized base. A web host I used to work for runs a few dozen Linux servers, and most updates are scripted and automated. It takes the SysAdmin a day or three to fully test a major upgrade on his dev boxes, and once he's sure it's all going to work, he rolls them out to all of the servers in an hour or so.
This goes for kernel updates, library updates, Apache/other major software packages, etc. I believe they are running a RedHat 6.2 base as well, but again with most everything updated; it's practially a custom distro at this point.
While this isn't an "OS Upgrade" in the normal sense, updating the kernel and most major software tools accomplishes the same job, but can be better because you know exactly what is changing. How many times have you had to hunt for an option because the latest Windows version changed it's name or location yet again?
Anyway, granted server updates and desktop OS updates are two different things. There will be no user re-training with the server updates (for the most part)...
A Linux-savy IT crew isn't very cheap.
Neither is a competent Windows admin or team. Not just an MCSE, but one who really truly knows how to properly and securely run a Windows server. I think in the end, for the same level of competence, you come out about even here in either case.
Unless you count all the overtime the Windows admins spend fixing BSOD errors and... oh, nevermind:p
It's a shame, however, that third parties have to hack in extended desktop support externally for Windows...
I've run multiple monitors since Win98. In those days the support was pretty poor, but mostly due to applications being unaware of the new situation. Some apps today have issues, but it's becoming rare.
Under Win2k, the multiple-monitor support is great. I have never used third-party software to do this, nor was I aware that any existed (or was necessary).
I used to have issues with certain games and full-screen video, but this seems to have worked itself out over a couple service packs/driver updates/whatever.
I run 3 Voodoo3 cards (all PCI) and an S3 Savage4 (AGP but absolute junk), on 2 17" and two 14" monitors (just because I could... I hate extra unused hardware;) I run different resolutions and refresh rates.
I can do full-screen video on any of the screens, and games work great on whichever monitor I designated as my "primary monitor" (no longer bound by what BIOS says as was the case w/Win98).
I ran xinerama on RedHat 7.2 a while back, and if setup correctly it does work well. You can't change anything (resolution, placement) without editing XF86Config and restarting X, but I rarely felt the need to do that. Still, even more X11 apps have issues than Windows apps...
I guess I'll go read the article and see what I'm missing with third party software...
Actually there is some encoding done, but not for protection reasons. EFM (Eight-to-Fourteen Modulation) represents every byte as a 14-bit number. The bits are arranged to maximize bandwidth usage and more evenly distribute the bits (so you don't have stretches where there are no pits/bumps on the disc).
The encoding is as simple as a lookup table, and is again designed only to maximize bandwidth. You can actually fit more data using 14 bits representing each byte than you can with 8, simply due to the physical characteristics of the media. Found a link with a bit of info. I guess technically Modulation is the word, but it is a form of encoding.
And there is some error correction in this (CIRC), also described at the link (not in much detail though).
I agree with your other points, though. These CDs can't be redbook compliant. I believe the redbook standard covers all aspects of the CD, from the data itself to the physical medium, though I haven't researched that in quite some time...
On that note, some newer Sony car stereos (two I have experience with, one from 1997 and one 2001) still have a very difficult time with burned CDs (yet I can play an audio CDRW in my $25 portable). Only if I burn at 2x and on particular brands of media (oddly, Sony CD-R's aren't one of them) will they play reliably.
I'm sure these "copy-protected" CDs would have trouble with these Sony units as well. I would have thought Sony of all people would have more robust CD units by now, but apparenlty they're using cheap (out-dated?) components... most CD/DVD players sold these days will read anything you can throw at them.
Honestly, I would use Visual Studio only as a deveopment environment -- but NOT rely on it. The other platforms will be easy enough to just use whatever text-editor the developers are comfortable with.
I tried Intel's compiler for the first time today on Windows, and it's far superior to the one that comes with VC 6.0... it integrates nicely with the IDE (remember, the IDE is just an IDE, the compiler is a command-line utility) and -- in my case (fourier transforms, MP3 decoding) it produces code that is a LOT faster (though compile time is slower, output is larger...)
Point being, there is no reason (ever) to tie yourself to visual studio. It's a glorified text editor, really, and as long as you keep it that way (stay away from MFC et al) then it won't introduce any problems with cross-platform programming. I personally run a couple of (private) cross-platform projects, and the best advice is to treat code as code. Don't rely on any of VS's magic, just use it as an environment that lets you edit text and compile with the push of the F7 key.
Noone has mentioned it so far, but Yahoo mail has a Bulk Mail folder. SPAM is automatically sent there, and I have yet to see a single false positive (and false negatives are quite rare as well).
The system works surprisingly well. I checked the FAQ and it doesn't go into any detail about how it works, but I wouldn't doubt if something like this is being used.
I've been thinking, and it seems that this could potentially have a lot of use, aside from Spam filtering. Perhaps a mail client could let you categorize email in general (SPAM, Business-related, forwarded stuff from AOL users, etc), and learn how to spot and organize things.
I'm putting this (either the POPfile or bogofilter) into place with a modified SquirrelMail, just to give it a good run; I might try and modify it to also categorize other types of email, just to see if something like that could work.
I could easily see a mail client (web-based or otherwise) that lets you drag mail to specific folders, and eventually learns how to do this for you (and of course you can always correct it by simply dragging to another folder, which also contributes to the learnig process)...
After reading this article my mind is just spinning with ideas... Bayesian search engines... perhaps speech/voice recognition applications... classifying text/html/doc files... organize songs (processing the lyrics)... ugh, I should stop now:)
If you had just clicked the POPFile link, you would see the explanation.
I also highly recommend this link, as it goes into quite a lot of detail on this filtering technique. After reading it, I am going to give the Perl variation a shot.
Why could they even get additional money by a bank?...
This analogy is simply rediculous. Anyone with any technical knowledge could very easily cap the bandwidth on the ISP end of things. It's really quite simple, and can be done with just about any router, intelligent switch, or software firewall...
The bank analogy just doesn't fit at all. Banks keep cash on hand in case it is needed. There is no reason to block the bandwidth on the client end of the connection, period.
I don't know first hand of course, but I don't doubt that at least some of these "examples" are just average Joe's who downloaded something to "optimize your connection", possibly not knowing that what they were doing was illegal (or a "cybercrime", I so hate that word).
But in any case, this whole thing is rediculous. Maybe I'll email this ISP and tell them what I think, and perhaps CC the FBI. Or maybe not, I already lost interest in this about an hour after it was posted a few months ago. Damned short attention span! Why am I posting again?
Mandrake is compiled for i586, so you're gonna have to at least drop a pentium in to those old mobos...
Ugh, you caused me to remember purchasing a Pentium Overdrive chip for a Packard Bell desktop many a year ago... of course the CPU was soldered onto the main board, and I had to return the Pentium upgrade...
In the V3 mod, I really like the CD-ROM modification. I've seen many case mods, but I haven't seen this before.
Basically the CD-ROM runs open, painted nicely, and under a plexiglass opening in the top. You can watch the disc spin. Very nice, something I will keep in mind if/when I get around to doing a case mod.
I also like the heavy use of those $6 rope-lights. Much cheaper/more flexible than neon, though they do get warm (I have one, it's like 35 watts and runs on house current)...
What do you think Equifax, Experian, and TransUnion make their money from?
Why should I care? I don't work for them (nor would I). But more importantly:
How on earth is a bank or other institution supposed to know if you're a good credit risk if they can't get personally identifiable information about you?
While I'm not the person you were replying to, I suspect he meant without permission. When you sign a credit application, you are giving them permission both to obtain a credit report, and to report information to the credit agencies.
I would absolutely love for there to be a law requiring explicit permission before distributing or utilizing any personally identifiable information. Want to share my information with your partners? Ask my permission first. I don't care if they are subsidiaries or whatever, those loopholes need to be closed IMO.
Likewise, it should *always* be opt-in. It should be illegal for a company to require that you permit them to distribute your personal information in order to provide service (unless this is a necessary part of the service). In other words, it would be illegal to refuse service because you choose to exercise your rights on this (rights that you would have under this law).
Regarding the article... don't criminals and law enforcement typically use guns made by the same manufacturers? Aren't radar detectors often made by the same companies that make radar speed detection devices? Police radios and scanners?
Playing both sides of an issue is not uncommon, but the fact that the phone companies are creating tons of business for themselves that would otherwise not exist (and only serve to piss off consumers) is terrible IMO. But they do it for one reason: they can.
...in case you missed it in the hurry to flame me.
I wasn't trying to flame, honestly. I wasn't aware of the Register's article when I posted that (nor did I see the other replies to your post). I was just curious why you (and a few others) had posted comments with the numbers swapped. Both sources that I read said something different, so again I was curious.
Now you've answered my question. No harm, no foul:)
Now of course the 14000 lines in the.Net application...
I'm extremely curious, as many people have mis-quoted this figure. Where did you get this information? Is there another article that quotes this incorrectly?
The.NET solution only had 2096 lines, while the J2EE one had 14,000+ lines of code...
So much for Microsoft's write tons of shit code and hope for the best mentality:p
Oh, one interesting fact, "the.NET version required 14,004 lines of code, while the Java version featured 2,096."
Hm... the PDF document, as well as this page, both say the opposite:.NET had 2,096 LOC, while J2EE required 14,004 LOC. The dreambean link goes into detail about why the J2EE solution has so much more code, etc...
It looks like you were quoting something -- where did you copy that quote from? Or was it just a misquote from memory?
Actually, I kinda assumed that the press@ address is, most likely, an alias that points to a similar Arabic-worded address. I could see that easily. If you have visitors from English-speaking countries, you'd have an English contact address (just like how they have an English version of the site).
If the site weren't slashdotted I'd try to find the corresponding "Contact" link on the Arabic version, to verify this...
The article didn't say that the username/password was a 5-letter *English* word -- just that it was 5 letters. That "press" happens to also be 5 letters is probably just coincidence, as if it were press/press I'm sure it would have been hacked a long, long time ago...
Unsurprisingly, bloggers are not thrilled, even though they ruefully admit that the log spamming may falsely boost their ranking on some search engines.
So how is this, exactly? Search engines (think Google) may boost pages that are heavily linked to, but sending false referers to the website does *not* affect Google's rankings in any way.
Google goes by how many pages in its index contain a link to a site. It doesn't care what is in the site's logs, it wouldn't have any way to know this.
I agree that this doesn't, on the surface, seem to be a good idea. My question is this: don't some DDoS attacks spoof the source IP anyway? I believe that this is easily done, as long as you don't care about getting a return value. Being attacked in this manner would cause the victim to "push back" against another unsuspecting victim...
After all, it is better to learn from the mistakes of others than from your own, right?;)
It is better. It is also very rare. Most people (especially programmers) that I know have to learn things the hard way, myself included. Sometimes, you can be told "no, don't do it that way" over and over and over, and still want to do it that way until you realize, the hard way, why you maybe should have listened.
Or maybe that's just me, and the weirdo's I hang with...:p
Disabling ICMP on the actual webserver box, sure. But this box should, IMO, be behind a firewall, ensuring that only the specified ports are forwarded to the webserver.
ICMP should be enabled on the firewall.
Banks dont need crackers mapping there network with NMAP.
nmap works just fine without receiving ICMP requests; it's just one more flag to specify to nmap telling it not to ping the host first. Thinking otherwise is giving yourself a false sense of security.
Since they have ICMP disabled that means they have a compident security officer.
Not necessarily true. It means they heard somewhere that "blocking ICMP requests makes you more secure", which by itself is not true at all. The only thing this gives you is a tiny bit of protection against a very specific type of DOS attack (ping flooding etc).
I hope you don't judge the competancy of an admin by something as simple as this... I know an admin who blocks ICMP, runs a firewall, but was rooted because he ran an unpatched wu-ftpd open to the world. Was he competant? I mean, he did block ICMP requests after all...
You certainly can disable ICMP ping/trace requests *without* disabling ICMP Fragmentation Needed and other requests, thus remaining within accepted standards, if you're worried about being ping-flooded. Blocking ICMP all together goes against commonly accepted standards, and does not make you more secure. I'm sorry if this goes against something you heard or read somewhere...
I do recall there being one issue, with Mozilla/Netscape specifically, where the filename it prompts you to save is the filename of the *script*. But we got around this using mod_rewrite. So a link like this:
[unique-id]-filename.zip
becomes:
script.php?id=[unique-id]
And, since the browser is seeing "...zip" as the filename, it prompts with the correct default "Save As" filename. That's what we actually did for the Excel file, we just linked to (eg) Report.xls, which was actually a script.
Personally, I say go with the symlink idea. It's probably the easiest for you to change from your current setup; simply change your 'cp' command to 'ln -s'... the deletion of the link, downloading of the link, etc will work just the same as if it were truly a redundant copy of the file.
Of course Apache must be set to follow symlinks; don't forget to check that first.
The borwser/platform issues arise with writing headers to the client. There is NO 100% method for doing so.
Tell me this: what is different between your script writing headers, and the Apache server writing headers, to describe the content about to be sent?
Honestly, use 'wget' or 'lynx -dump' and really examine the headers that are sent when you download a file. Apache is sending those headers. This is what tells the browser what is being sent, and it's the *only* thing telling the browser what is being sent.
Simply mimic those headers (substituting the proper filename and size etc), and the browser will happily prompt the user to download.
We built an inventory system for a manufacturer, and having pre-built Excel reports was one of their requirements. We simply send an HTML table, but sending the headers to appear as a.xls file binary attachment. Guess what? Either the user is prompted to download the "xsl file", or the browser runs Excel (depending on the user's settings).
It just takes some trial and error, but the biggest clue is to look at the headers that are sent when you actually download a file directly. The browser doesn't know (or care) whether it's a binary webserver program, or a bash shell script, sending the headers.
And if that's too much work, again, create a symlink:
ln -s filename.zip [unique-id]-filename.zip
And give a hyperlink to the symlink. That's about as simple as it gets. In Windows you could probably create a "shortcut", but I really don't know/care about that. If you're running Unix, you have a ton of options here.
I know First Union (who either bought, or was bought by Wachovia) works in Opera, Mozilla, and Konqueror, and works well (tables properly aligned, etc).
Note that some sites don't check the brower string at all. Instead, they do the proper thing, and simply force a specific (or minimum) encryption level (say, 128 bit).
The ones that check the UA string for a specific browser or set of browsers, are denying potential customers access. I can't stand when they do that.
Simply forcing a minimum encryption level is all that is needed IMO. It should not matter what browser you are using, if it's SSL-, forms-, and tables-capable, and perhaps JavaScript-capable, then it should be just fine.
Hell, I'd love to see an online banking site with a "lite" or "text" version, for smaller (but SSL-capable) devices...
Slashdot Mirror
use of mplayer for full screen divx (as in the ads) = bad
Losing 8 megs isn't really much. I run mplayer full screen on my "media box" all the time, which is an IBM Aptiva, PIII 450 with 96 megs of RAM, and it does so just fine. mplayer doesn't use *that* much memory.
And I'm using a cheap video card (not shared memory though) using the vesa output (something that should work about the same on any modern video chip). Not to mention the other tasks that box is always doing (firewall/gateway, network file server, Apache/PHP/MySQL pretty much idling but still using RAM).
There's a big difference between decoding and displaying MPEG video (Divx), and playing 3D games which require intense GPU processing. We had full-screen MPEG video back in the 486 days. Not as high quality, sure, but even the Weezer video on the Win95 CD wasn't all that bad, and worked nicely on a DX or, better yet, a Pentium system...
I'm just rambling again...
I agree that sometimes extra fees really frustrate me. It's always annoying when you see a price for something, and it seems cheap enough, until the time comes to pay and it's 10% to 30% more than you had planned. Perhaps my fault for not reading the fine print.
However, this part of the article annoys me:
The FTC has taken action against firms that haven't disclosed some fees, but the last such case was in 2001, when the agency settled deceptive advertising charges with Gateway Inc. and Juno Online Services Inc. The agency said both firms promoted free Internet service, even though some consumers incurred substantial long-distance charges to go online. (my emphasis)
Now, unless Gateway/Juno led the customer to believe that they would be making a local call, which I doubt to be the case -- then this is the customer's fault.
In fact, I've never, ever seen an ad for internet service that didn't have the standard disclaimer about "phone charges may apply" or what have you...
There were other instances in the article that were just a bit over the top, but the long distance charges for internet service one really just got to me. Why is that their responsibility?
If I give you my phone number, and tell you that I will gladly talk you through a problem or situation for free -- is it my fault if you run up your LD bill in the process? Now, adding the word Internet to the mix makes the average tech-phobe lose all common sense, and suddenly they were tricked with all these technical terms. Like "telephone" and "long distance". *sigh*
I'm done now...
...reinforced windows...
...throwing bricks at my windows...
Heh, I'd like to see that!!!
Now, I can certainly relate, but wouldn't this destroy what could have been a perfectly good Linux box? I mean, physically harming the... uh... oh, you mean those GLASS things?
need more coffee...
You are totally correct. My parent's ISP (Earthlink) blocks port 25 so that "spammers can't send email". The end result is that spammers just use another port and everyone else is inconvenienced.
The spam they are generally trying to block is the kind sent from the connection directly to your mail server. IOW, many spammers run their own SMTP server *on the dynamic IP*. They can't just "use another port" in that case.
Many SPAMs are sent this way, from AOL accounts and other big ISPs. Earthlink decided to block port 25 to prevent just this type of SPAM (same reason we have the DUL).
Now of course if they are using an actual SMTP server somewhere, then it's not Earthlink's problem. They don't need to use port 25. They can just send directly from the server, via an SMTP server, a web interface, or manually via ssh/telnet. But no spam (for the most part) will be sent directly from the Earthlink connection.
ISP's that block ports can go screw themselves.
And that's your right. You do not have to use Earthlink. I used to use Earthlink before I got DSL, and at first this pissed me off, but I got over it pretty quickly. IMO you should use your ISPs SMTP server anyway, there's no need to relay through your own server. Using this, there's no reason to even run a relay on your server. Incoming local mail only.
Blocking SMB OTOH shouldn't be done IMO, but again, you do not have to purchase their services if you feel they are placing unnecessary restrictions on it. Honestly, blocking SMTP and SMB would not cause me to find another provider. Only when it interferes with what I want to do (say, blocking common game server ports or whatever) would I look to someone else for service.
I imagine that's about as often or less often than a typical Linux user upgrades their machine.
:)
... oh, nevermind :p
One of the differences here is that I can upgrade any part of my Linux systems that I want. My main Linux box is running RedHat 6.2, but with a 2.4.19 kernel, many many upgraded user-space tools, ext3 filesystem, updated glibc, rpm 4.x, etc...
With Windows you get all or nothing. If I want remote desktop on my Windows box, I have to upgrade all of Windows. I'm sure there are a few things in XP I wouldn't mind having, but I am sticking with Win2k until I see a reason to upgrade (so we agree for the most part
Another poster mentioned that Office 11 will not support Windows 98. If this is true (this is the first I'd heard of it myself), then this extends even further than the OS.
Unless a business did the upgrading by themselves (that is, without purchasing from RedHat), then I don't really see why it's so much cheaper.
Linux kernel and software upgrades can be rolled out pretty easily if you have a standardized base. A web host I used to work for runs a few dozen Linux servers, and most updates are scripted and automated. It takes the SysAdmin a day or three to fully test a major upgrade on his dev boxes, and once he's sure it's all going to work, he rolls them out to all of the servers in an hour or so.
This goes for kernel updates, library updates, Apache/other major software packages, etc. I believe they are running a RedHat 6.2 base as well, but again with most everything updated; it's practially a custom distro at this point.
While this isn't an "OS Upgrade" in the normal sense, updating the kernel and most major software tools accomplishes the same job, but can be better because you know exactly what is changing. How many times have you had to hunt for an option because the latest Windows version changed it's name or location yet again?
Anyway, granted server updates and desktop OS updates are two different things. There will be no user re-training with the server updates (for the most part)...
A Linux-savy IT crew isn't very cheap.
Neither is a competent Windows admin or team. Not just an MCSE, but one who really truly knows how to properly and securely run a Windows server. I think in the end, for the same level of competence, you come out about even here in either case.
Unless you count all the overtime the Windows admins spend fixing BSOD errors and
It's a shame, however, that third parties have to hack in extended desktop support externally for Windows...
;) I run different resolutions and refresh rates.
I've run multiple monitors since Win98. In those days the support was pretty poor, but mostly due to applications being unaware of the new situation. Some apps today have issues, but it's becoming rare.
Under Win2k, the multiple-monitor support is great. I have never used third-party software to do this, nor was I aware that any existed (or was necessary).
I used to have issues with certain games and full-screen video, but this seems to have worked itself out over a couple service packs/driver updates/whatever.
I run 3 Voodoo3 cards (all PCI) and an S3 Savage4 (AGP but absolute junk), on 2 17" and two 14" monitors (just because I could... I hate extra unused hardware
I can do full-screen video on any of the screens, and games work great on whichever monitor I designated as my "primary monitor" (no longer bound by what BIOS says as was the case w/Win98).
I ran xinerama on RedHat 7.2 a while back, and if setup correctly it does work well. You can't change anything (resolution, placement) without editing XF86Config and restarting X, but I rarely felt the need to do that. Still, even more X11 apps have issues than Windows apps...
I guess I'll go read the article and see what I'm missing with third party software...
What do you mean, encoding?
Actually there is some encoding done, but not for protection reasons. EFM (Eight-to-Fourteen Modulation) represents every byte as a 14-bit number. The bits are arranged to maximize bandwidth usage and more evenly distribute the bits (so you don't have stretches where there are no pits/bumps on the disc).
The encoding is as simple as a lookup table, and is again designed only to maximize bandwidth. You can actually fit more data using 14 bits representing each byte than you can with 8, simply due to the physical characteristics of the media. Found a link with a bit of info. I guess technically Modulation is the word, but it is a form of encoding.
And there is some error correction in this (CIRC), also described at the link (not in much detail though).
I agree with your other points, though. These CDs can't be redbook compliant. I believe the redbook standard covers all aspects of the CD, from the data itself to the physical medium, though I haven't researched that in quite some time...
On that note, some newer Sony car stereos (two I have experience with, one from 1997 and one 2001) still have a very difficult time with burned CDs (yet I can play an audio CDRW in my $25 portable). Only if I burn at 2x and on particular brands of media (oddly, Sony CD-R's aren't one of them) will they play reliably.
I'm sure these "copy-protected" CDs would have trouble with these Sony units as well. I would have thought Sony of all people would have more robust CD units by now, but apparenlty they're using cheap (out-dated?) components... most CD/DVD players sold these days will read anything you can throw at them.
Honestly, I would use Visual Studio only as a deveopment environment -- but NOT rely on it. The other platforms will be easy enough to just use whatever text-editor the developers are comfortable with.
I tried Intel's compiler for the first time today on Windows, and it's far superior to the one that comes with VC 6.0... it integrates nicely with the IDE (remember, the IDE is just an IDE, the compiler is a command-line utility) and -- in my case (fourier transforms, MP3 decoding) it produces code that is a LOT faster (though compile time is slower, output is larger...)
Point being, there is no reason (ever) to tie yourself to visual studio. It's a glorified text editor, really, and as long as you keep it that way (stay away from MFC et al) then it won't introduce any problems with cross-platform programming. I personally run a couple of (private) cross-platform projects, and the best advice is to treat code as code. Don't rely on any of VS's magic, just use it as an environment that lets you edit text and compile with the push of the F7 key.
Noone has mentioned it so far, but Yahoo mail has a Bulk Mail folder. SPAM is automatically sent there, and I have yet to see a single false positive (and false negatives are quite rare as well).
:)
The system works surprisingly well. I checked the FAQ and it doesn't go into any detail about how it works, but I wouldn't doubt if something like this is being used.
I've been thinking, and it seems that this could potentially have a lot of use, aside from Spam filtering. Perhaps a mail client could let you categorize email in general (SPAM, Business-related, forwarded stuff from AOL users, etc), and learn how to spot and organize things.
I'm putting this (either the POPfile or bogofilter) into place with a modified SquirrelMail, just to give it a good run; I might try and modify it to also categorize other types of email, just to see if something like that could work.
I could easily see a mail client (web-based or otherwise) that lets you drag mail to specific folders, and eventually learns how to do this for you (and of course you can always correct it by simply dragging to another folder, which also contributes to the learnig process)...
After reading this article my mind is just spinning with ideas... Bayesian search engines... perhaps speech/voice recognition applications... classifying text/html/doc files... organize songs (processing the lyrics)... ugh, I should stop now
If you had just clicked the POPFile link, you would see the explanation.
I also highly recommend this link, as it goes into quite a lot of detail on this filtering technique. After reading it, I am going to give the Perl variation a shot.
Why could they even get additional money by a bank?...
This analogy is simply rediculous. Anyone with any technical knowledge could very easily cap the bandwidth on the ISP end of things. It's really quite simple, and can be done with just about any router, intelligent switch, or software firewall...
The bank analogy just doesn't fit at all. Banks keep cash on hand in case it is needed. There is no reason to block the bandwidth on the client end of the connection, period.
I don't know first hand of course, but I don't doubt that at least some of these "examples" are just average Joe's who downloaded something to "optimize your connection", possibly not knowing that what they were doing was illegal (or a "cybercrime", I so hate that word).
But in any case, this whole thing is rediculous. Maybe I'll email this ISP and tell them what I think, and perhaps CC the FBI. Or maybe not, I already lost interest in this about an hour after it was posted a few months ago. Damned short attention span! Why am I posting again?
Mandrake is compiled for i586, so you're gonna have to at least drop a pentium in to those old mobos...
Ugh, you caused me to remember purchasing a Pentium Overdrive chip for a Packard Bell desktop many a year ago... of course the CPU was soldered onto the main board, and I had to return the Pentium upgrade...
In the V3 mod, I really like the CD-ROM modification. I've seen many case mods, but I haven't seen this before.
Basically the CD-ROM runs open, painted nicely, and under a plexiglass opening in the top. You can watch the disc spin. Very nice, something I will keep in mind if/when I get around to doing a case mod.
I also like the heavy use of those $6 rope-lights. Much cheaper/more flexible than neon, though they do get warm (I have one, it's like 35 watts and runs on house current)...
What do you think Equifax, Experian, and TransUnion make their money from?
Why should I care? I don't work for them (nor would I). But more importantly:
How on earth is a bank or other institution supposed to know if you're a good credit risk if they can't get personally identifiable information about you?
While I'm not the person you were replying to, I suspect he meant without permission. When you sign a credit application, you are giving them permission both to obtain a credit report, and to report information to the credit agencies.
I would absolutely love for there to be a law requiring explicit permission before distributing or utilizing any personally identifiable information. Want to share my information with your partners? Ask my permission first. I don't care if they are subsidiaries or whatever, those loopholes need to be closed IMO.
Likewise, it should *always* be opt-in. It should be illegal for a company to require that you permit them to distribute your personal information in order to provide service (unless this is a necessary part of the service). In other words, it would be illegal to refuse service because you choose to exercise your rights on this (rights that you would have under this law).
Regarding the article... don't criminals and law enforcement typically use guns made by the same manufacturers? Aren't radar detectors often made by the same companies that make radar speed detection devices? Police radios and scanners?
Playing both sides of an issue is not uncommon, but the fact that the phone companies are creating tons of business for themselves that would otherwise not exist (and only serve to piss off consumers) is terrible IMO. But they do it for one reason: they can.
...in case you missed it in the hurry to flame me.
:)
I wasn't trying to flame, honestly. I wasn't aware of the Register's article when I posted that (nor did I see the other replies to your post). I was just curious why you (and a few others) had posted comments with the numbers swapped. Both sources that I read said something different, so again I was curious.
Now you've answered my question. No harm, no foul
Now of course the 14000 lines in the .Net application...
.NET solution only had 2096 lines, while the J2EE one had 14,000+ lines of code...
:p
I'm extremely curious, as many people have mis-quoted this figure. Where did you get this information? Is there another article that quotes this incorrectly?
The
So much for Microsoft's write tons of shit code and hope for the best mentality
Oh, one interesting fact, "the .NET version required 14,004 lines of code, while the Java version featured 2,096."
.NET had 2,096 LOC, while J2EE required 14,004 LOC. The dreambean link goes into detail about why the J2EE solution has so much more code, etc...
Hm... the PDF document, as well as this page, both say the opposite:
It looks like you were quoting something -- where did you copy that quote from? Or was it just a misquote from memory?
Actually, I kinda assumed that the press@ address is, most likely, an alias that points to a similar Arabic-worded address. I could see that easily. If you have visitors from English-speaking countries, you'd have an English contact address (just like how they have an English version of the site).
If the site weren't slashdotted I'd try to find the corresponding "Contact" link on the Arabic version, to verify this...
The article didn't say that the username/password was a 5-letter *English* word -- just that it was 5 letters. That "press" happens to also be 5 letters is probably just coincidence, as if it were press/press I'm sure it would have been hacked a long, long time ago...
Unsurprisingly, bloggers are not thrilled, even though they ruefully admit that the log spamming may falsely boost their ranking on some search engines.
So how is this, exactly? Search engines (think Google) may boost pages that are heavily linked to, but sending false referers to the website does *not* affect Google's rankings in any way.
Google goes by how many pages in its index contain a link to a site. It doesn't care what is in the site's logs, it wouldn't have any way to know this.
Just an observation...
I agree that this doesn't, on the surface, seem to be a good idea. My question is this: don't some DDoS attacks spoof the source IP anyway? I believe that this is easily done, as long as you don't care about getting a return value. Being attacked in this manner would cause the victim to "push back" against another unsuspecting victim...
Or am I missing something (or just wrong)?
After all, it is better to learn from the mistakes of others than from your own, right? ;)
:p
It is better. It is also very rare. Most people (especially programmers) that I know have to learn things the hard way, myself included. Sometimes, you can be told "no, don't do it that way" over and over and over, and still want to do it that way until you realize, the hard way, why you maybe should have listened.
Or maybe that's just me, and the weirdo's I hang with...
Well I hope they disable ICMP
Disabling ICMP on the actual webserver box, sure. But this box should, IMO, be behind a firewall, ensuring that only the specified ports are forwarded to the webserver.
ICMP should be enabled on the firewall.
Banks dont need crackers mapping there network with NMAP.
nmap works just fine without receiving ICMP requests; it's just one more flag to specify to nmap telling it not to ping the host first. Thinking otherwise is giving yourself a false sense of security.
Since they have ICMP disabled that means they have a compident security officer.
Not necessarily true. It means they heard somewhere that "blocking ICMP requests makes you more secure", which by itself is not true at all. The only thing this gives you is a tiny bit of protection against a very specific type of DOS attack (ping flooding etc).
I hope you don't judge the competancy of an admin by something as simple as this... I know an admin who blocks ICMP, runs a firewall, but was rooted because he ran an unpatched wu-ftpd open to the world. Was he competant? I mean, he did block ICMP requests after all...
You certainly can disable ICMP ping/trace requests *without* disabling ICMP Fragmentation Needed and other requests, thus remaining within accepted standards, if you're worried about being ping-flooded. Blocking ICMP all together goes against commonly accepted standards, and does not make you more secure. I'm sorry if this goes against something you heard or read somewhere...
Replying to my own post, but...
I do recall there being one issue, with Mozilla/Netscape specifically, where the filename it prompts you to save is the filename of the *script*. But we got around this using mod_rewrite. So a link like this:
[unique-id]-filename.zip
becomes:
script.php?id=[unique-id]
And, since the browser is seeing "...zip" as the filename, it prompts with the correct default "Save As" filename. That's what we actually did for the Excel file, we just linked to (eg) Report.xls, which was actually a script.
Personally, I say go with the symlink idea. It's probably the easiest for you to change from your current setup; simply change your 'cp' command to 'ln -s'... the deletion of the link, downloading of the link, etc will work just the same as if it were truly a redundant copy of the file.
Of course Apache must be set to follow symlinks; don't forget to check that first.
The borwser/platform issues arise with writing headers to the client. There is NO 100% method for doing so.
.xls file binary attachment. Guess what? Either the user is prompted to download the "xsl file", or the browser runs Excel (depending on the user's settings).
Tell me this: what is different between your script writing headers, and the Apache server writing headers, to describe the content about to be sent?
Honestly, use 'wget' or 'lynx -dump' and really examine the headers that are sent when you download a file. Apache is sending those headers. This is what tells the browser what is being sent, and it's the *only* thing telling the browser what is being sent.
Simply mimic those headers (substituting the proper filename and size etc), and the browser will happily prompt the user to download.
We built an inventory system for a manufacturer, and having pre-built Excel reports was one of their requirements. We simply send an HTML table, but sending the headers to appear as a
It just takes some trial and error, but the biggest clue is to look at the headers that are sent when you actually download a file directly. The browser doesn't know (or care) whether it's a binary webserver program, or a bash shell script, sending the headers.
And if that's too much work, again, create a symlink:
ln -s filename.zip [unique-id]-filename.zip
And give a hyperlink to the symlink. That's about as simple as it gets. In Windows you could probably create a "shortcut", but I really don't know/care about that. If you're running Unix, you have a ton of options here.
I know First Union (who either bought, or was bought by Wachovia) works in Opera, Mozilla, and Konqueror, and works well (tables properly aligned, etc).
Note that some sites don't check the brower string at all. Instead, they do the proper thing, and simply force a specific (or minimum) encryption level (say, 128 bit).
The ones that check the UA string for a specific browser or set of browsers, are denying potential customers access. I can't stand when they do that.
Simply forcing a minimum encryption level is all that is needed IMO. It should not matter what browser you are using, if it's SSL-, forms-, and tables-capable, and perhaps JavaScript-capable, then it should be just fine.
Hell, I'd love to see an online banking site with a "lite" or "text" version, for smaller (but SSL-capable) devices...