IBM could have "encrypted" their BIOS (double ROT13 anyone:-) and we'd all be using either $3000 486s, Macs, or some random brand of computer, each one of which would be massively expensive and require its own OS and software...
You could only watch television on an "approved" set, simply receiving a signal would be considered dangerous "piracy" and against the law. Oh, wait, it already is that way with satellite transmissions...
Taking apart your digital clock to scavenge the LCD for another proejct would be illegal as the circuit paths to activate the crystals are a content protection device.
Prescriptions drugs would be insanely expensive, as it would be illegal to reverse engineer a competitior's formula after the patent runs out (okay, so it's not digital, but if we're talking about reverse engineering in general).
Nobody would have ever heard of a little company called Microsoft. If not for the popularity of of clone PCs Windows probably would have never caught on.
D'oh! Should have read down farther... Just posted ; how to pull off the scheme you mentioned in your second paragraph (involving fake certs generated realtime and signed by a "trusted" CA).
The hardest part is figuring out the remote host name that was requested, as SSL is negotiated prior to the HTTP seesion starting, and most browsers will bitch and moan if the common name on the certificate doesn't match what was typed in the URL bar. But even this could be pulled off, either by guessing based on PTR lookups or using a background agent on the client's machine that the proxy could query to see what the browser was trying to access.
Oh, well, I am licensed by the Department of Redundancy Department;-)
Not necessarily. The only reason that your web browser doesn't complain when accessing a site with a certificate signed by Verisign is because Verisign's root certificate is installed by default. A man-in-the-middle attack is still possible though. Consider this:
Your employer has implemented PKI (for intra-company encrypted e-mail, VPN, etc) and has a root certificate for the company already installed in the user's trusted store (this is very common; on my network I even put a little program in the logon script that checks and installs the root certs if they're not already).
The proxy, upon receiving an HTTPS connection, doesn't know the hostname that the browser wants, but it does know the IP address and can probably make an educated guess by looking up the PTR record, which should be right 90% of the time. It can then generate a new certificate on the fly with its public key and the name of the remote server (and maybe even a bogus company name, etc.), using your organizaiton's private key to sign it.
It then connects to the remote site and negotiates an HTTPS connection with it as well, but as a client. Bingo, it can then proxy the traffic from the client to the server, decrypting it in the middle and spying on it, then re-encrypting it and sending it on to the remote server. Unless it guessed the remote hostname wrong (in which case the browser would pop up a warning that the name was different), since the remote certificate is signed by a trusted CA, the client would be none the wiser and get the little lock icon and everything. Only a pretty technically-savvy user might think to check the remote certificate and see who it's signed by.
Yes, read Page 3, "prior work". Seems he discovered SYN cookies after he had written the article...
It looks like the only difference between his "Genesis" thingy and SYN cookies is that he's using RC5 encryption, which is more computationally intensive than the MD5 hashes used by the Linux SYN cookie implementation...
Those aren't compiler warnings, they're suggestions...
Tricky on a router maybe, but a piece of cake on 29xx switches. The html/java files used for the management interface are stored directly in the flash filesystem. So you can just delete their files and put whatever.htms you want in there;-) You can even put a gzipped file called whatever.html.gz in the html directory and it will decompress it on the fly when the page is requested.
Exactly; same here. Doesn't everyone go through *all* the dialogs, context-menus, and preference items every time they get/install a new application?
I think that's the point of the argument... Should they have to? After all, most users don't bother changing anything from the defaults... Why do you think so many windows boxes have the same blue color scheme and cloud background?
I know what you mean... I use lynx where I can but there are so many pages that just absolutely break when viewed in text mode. Somebody mentioned "links" which has real table support, I may give that a try. Javascript would be nice since so many pages use that, but I'm probably already asking too much from a text based browser:)
Graphical would certainly be nice, but X barely runs on this box as it is... kfm actually doesn't run half-bad, but the version that I have is pretty out-of-date and is missing a lot of features.
Of course, I guess the correct Open Source answer would be to write it myself. But I don't have that much free time!:)
Okay, could somebody please point me toward a fully-functional standards-compliant open-source browser that works with 99.99% of web sites; oh and WITHOUT BLOAT? I don't like it any more than anyone else here, but sometimes the truth hurts...
Galeon maybe? It uses gecko, a kick ass engine, sure, but it still has a big memory footprint and doesn't work with quite everything yet... I think Opera's working on a Linux port, but it's not open source and core dumped immediately when I tried their beta. Grrr...
Suggestions anyone? I need something that will run on my 486 laptop without taking 5 years to load (6 months is acceptable as I know it's a slow machine).
"If a tree falls in the forest when no one's around, and hits a mime, does anyone care?" -- Gary Larson, the Far Side
Hee, hee, I've had this turned off for forever. It's under the advanced options and I never really knew what it did, but I didn't like the sound of "Userdata Persistence"...
Because, when you have two video cards, two sound cards, a RAID controller, a video capture/TV tuner card, an ethernet card, a modem, an extra serial expansion card, three hard drives, two CD-ROM drives (one is a CD-R), and an LS-120; a normal desktop case just doesn't have ROOM for all that STUFF...
The difference is that it is electronic. As is the unfortunate case with many things computer-related, a lot of people don't understand computers the way that we do; and people fear what they don't understand....sig goes here
We had a similar problem with ordering from Dell before they had the option to preload with Windows 2000... They wouldn't let us order a laptop with a drive bay CD-Burner and NT4 installed. We told them that we didn't really want NT4 and were going to wipe it out and put Windows 2k on it anyway for the (much cheaper) upgrade price, but they said that even though they could support that configuration (or it would be supported as soon as they updated their ordering process to include 2k), they couldn't enter the order like that. Never mind that the drive bay CD-Rs are simply IDE and EVERY IDE CD-R drive I have ever seen has ALWAYS worked perfectly under both NT4 and W2k... Anyway, we ended up just ordering it with 98 and paying more for the upgrade... Oh, well...
Paragraphs? We don't need no stinkin' paragraphs...
1. Convert the DeCSS source code to groups of three-number octects (000-255) representing the ASCII characters of the source.
2. For additional fun, before step one, invert the bits of the source code. Claim this is a copyright protection device and nobody can attempt to circumvent it under the DMCA.
3. Use a barcode printer to print out the resulting sequence of numbers in barcode format.
4. Give to a friend.
5. Friend scans barcodes with free scanner and Linux driver.
6. Friend converts source code back into original form, saves it in a file whose name starts with Metallica and ends with.mp3.
7. Publish the resulting file on Napster, Gnutella, Freenet, etc...
8. Lather, Rinse, Repeat.
.sig: Not all/. users with high UIDs are trolls dammit!
And the really scary part for Intel is that if AMD makes as big of a leap in technology from the Athlon to their next-generation processor (Sledgehammer?) as they did from K5 to K6 and K6 to Athlon, they will be seriously outgunned...
I definately agree on the Corel vs. Adboe argument here! The only exception is that I prefer PhotoPaint over Photoshop any day for professional-level image manipulation. They both have about the same level of power (and Corel seems to jump ahead in their new releases faster), but the PhotoPaint user interface is *SO* much nicer. Photoshop always reminds me of old MacOS applications... (maybe because that's where it came from). I never could understand why it's so popular.
Of course there's always GIMP, but how could I get away with running Linux at work?;)
Slashdot Mirror
IBM could have "encrypted" their BIOS (double ROT13 anyone :-) and we'd all be using either $3000 486s, Macs, or some random brand of computer, each one of which would be massively expensive and require its own OS and software...
You could only watch television on an "approved" set, simply receiving a signal would be considered dangerous "piracy" and against the law. Oh, wait, it already is that way with satellite transmissions...
Taking apart your digital clock to scavenge the LCD for another proejct would be illegal as the circuit paths to activate the crystals are a content protection device.
Prescriptions drugs would be insanely expensive, as it would be illegal to reverse engineer a competitior's formula after the patent runs out (okay, so it's not digital, but if we're talking about reverse engineering in general).
Nobody would have ever heard of a little company called Microsoft. If not for the popularity of of clone PCs Windows probably would have never caught on.
The Internet? Forget it.
D'oh! Should have read down farther... Just posted ; how to pull off the scheme you mentioned in your second paragraph (involving fake certs generated realtime and signed by a "trusted" CA).
The hardest part is figuring out the remote host name that was requested, as SSL is negotiated prior to the HTTP seesion starting, and most browsers will bitch and moan if the common name on the certificate doesn't match what was typed in the URL bar. But even this could be pulled off, either by guessing based on PTR lookups or using a background agent on the client's machine that the proxy could query to see what the browser was trying to access.
Oh, well, I am licensed by the Department of Redundancy Department ;-)
Not necessarily. The only reason that your web browser doesn't complain when accessing a site with a certificate signed by Verisign is because Verisign's root certificate is installed by default. A man-in-the-middle attack is still possible though. Consider this:
Your employer has implemented PKI (for intra-company encrypted e-mail, VPN, etc) and has a root certificate for the company already installed in the user's trusted store (this is very common; on my network I even put a little program in the logon script that checks and installs the root certs if they're not already).
The proxy, upon receiving an HTTPS connection, doesn't know the hostname that the browser wants, but it does know the IP address and can probably make an educated guess by looking up the PTR record, which should be right 90% of the time. It can then generate a new certificate on the fly with its public key and the name of the remote server (and maybe even a bogus company name, etc.), using your organizaiton's private key to sign it.
It then connects to the remote site and negotiates an HTTPS connection with it as well, but as a client. Bingo, it can then proxy the traffic from the client to the server, decrypting it in the middle and spying on it, then re-encrypting it and sending it on to the remote server. Unless it guessed the remote hostname wrong (in which case the browser would pop up a warning that the name was different), since the remote certificate is signed by a trusted CA, the client would be none the wiser and get the little lock icon and everything. Only a pretty technically-savvy user might think to check the remote certificate and see who it's signed by.
"Those aren't compiler warnings, they're suggestions."Those aren't compiler warnings; they're suggestions.
Yes, read Page 3, "prior work". Seems he discovered SYN cookies after he had written the article...
It looks like the only difference between his "Genesis" thingy and SYN cookies is that he's using RC5 encryption, which is more computationally intensive than the MD5 hashes used by the Linux SYN cookie implementation...
Those aren't compiler warnings, they're suggestions...Which is exactly why its UI sucks so much...
I always thought the Windows port looked like it wanted to be a Mac application... All those floating toolbars that get in the way
Tandy Center? Are you sure they didn't lose all their data when they got whacked by that tornado? :-P
/sbin/shutdown -h now
Good thing I barely watch any TV anymore... The entertainment industry has just really sucked lately anyway.
Will they be using this telescope to peer into the neighbor's bedroom and publish the pictures in a magazine...?
LOL! I SO wish I had mod points...
Tricky on a router maybe, but a piece of cake on 29xx switches. The html/java files used for the management interface are stored directly in the flash filesystem. So you can just delete their files and put whatever .htms you want in there ;-) You can even put a gzipped file called whatever.html.gz in the html directory and it will decompress it on the fly when the page is requested.
I think that's the point of the argument... Should they have to? After all, most users don't bother changing anything from the defaults... Why do you think so many windows boxes have the same blue color scheme and cloud background?
"Where's the any key?"
Graphical would certainly be nice, but X barely runs on this box as it is... kfm actually doesn't run half-bad, but the version that I have is pretty out-of-date and is missing a lot of features.
Of course, I guess the correct Open Source answer would be to write it myself. But I don't have that much free time! :)
Will work for a good .sig
Galeon maybe? It uses gecko, a kick ass engine, sure, but it still has a big memory footprint and doesn't work with quite everything yet... I think Opera's working on a Linux port, but it's not open source and core dumped immediately when I tried their beta. Grrr...
Suggestions anyone? I need something that will run on my 486 laptop without taking 5 years to load (6 months is acceptable as I know it's a slow machine).
"If a tree falls in the forest when no one's around, and hits a mime, does anyone care?" -- Gary Larson, the Far Side
Hee, hee, I've had this turned off for forever. It's under the advanced options and I never really knew what it did, but I didn't like the sound of "Userdata Persistence"...
rm -rf /
Why do people like towers?
Because, when you have two video cards, two sound cards, a RAID controller, a video capture/TV tuner card, an ethernet card, a modem, an extra serial expansion card, three hard drives, two CD-ROM drives (one is a CD-R), and an LS-120; a normal desktop case just doesn't have ROOM for all that STUFF...
:=)
"What's this quote thing?"
Yes, and are you really sure that you want to give AOL the ability to execute arbitrary code on your Linux box? I thought so...
.sigmentation fault: Core dumped
The difference is that it is electronic. As is the unfortunate case with many things computer-related, a lot of people don't understand computers the way that we do; and people fear what they don't understand... .sig goes here
Paragraphs? We don't need no stinkin' paragraphs...
1. Convert the DeCSS source code to groups of three-number octects (000-255) representing the ASCII characters of the source.
.mp3.
/. users with high UIDs are trolls dammit!
2. For additional fun, before step one, invert the bits of the source code. Claim this is a copyright protection device and nobody can attempt to circumvent it under the DMCA.
3. Use a barcode printer to print out the resulting sequence of numbers in barcode format.
4. Give to a friend.
5. Friend scans barcodes with free scanner and Linux driver.
6. Friend converts source code back into original form, saves it in a file whose name starts with Metallica and ends with
7. Publish the resulting file on Napster, Gnutella, Freenet, etc...
8. Lather, Rinse, Repeat.
.sig: Not all
slashcode: .sig not found
And will push to force people to use DeCAF...
Hmmmm... With this new memory-swapping ability might we finally see a PalmOS port of Nethack?
I definately agree on the Corel vs. Adboe argument here! The only exception is that I prefer PhotoPaint over Photoshop any day for professional-level image manipulation. They both have about the same level of power (and Corel seems to jump ahead in their new releases faster), but the PhotoPaint user interface is *SO* much nicer. Photoshop always reminds me of old MacOS applications... (maybe because that's where it came from). I never could understand why it's so popular.
;)
Of course there's always GIMP, but how could I get away with running Linux at work?