I tried out zabbix this morning, as I'm always keen to try and improve our monitoring (we currently run a nagios 2.x system).
In-house, we only use rpm'd software, for ease of upgrading and maintenance, so I quickly found RHEL4 rpms for the various bits and loaded them up. Thats when the pain started - I found the post-rpm setup horribly broken, and gave up after an hour or so. The web frontend had to hacked to display, then the DB connection script had to be hacked for it to recognise the DB (which I also had to manually install). After all this, it started moaning about permissions, so i said f*** it.
Now, a lot of these issues may have been with the person who packaged the rpms, but for me it was a non-runner - building from source on my production servers doesn't happen.
I don't find nagios hard to configure - in fact all our admins (team of 15) find it ok, and only half of them are real linux admins, the rest are win32 background. Its object based config scheme seems pretty logical to me....
Actually, it was resealed pretty soon after discovery, and now operates with an airlock entrance. Only a handful of recearchers are allowed to enter it each month (3-4 IIRC). Although it is impossible to completly shield the enviroment, i think this team have done a pretty laudible job.
Check out the Movile Cave Project, a scientific project centering around a cave discovered by well drilling in Romania in 1986. The cave was significant because the life discovered in the water in the cave (which had no natural entrance and was so sealed off from the world) was based around a totally chemosynthetic ecosystem, where all energy came from chemicals produced and used by the creatures (no light involved - none available!). This small cave alone contained over 31 species that were new to science. It's pretty amazing what might be just under our feet...
The neat thing about making a business of selling robots is that the greed surrounding the desire to make money will motivate robot manufacturers to make sure that their products don't piss me off.
Hello? M$?? (replace 'robots' with 'software' for full effect...)
who to believe? - the BBC article states that the program never sent sms messages to premium rate numbers - it just sent SMS messages back to base if the version being used was unlicensed. This was a feature of the game, not introduced by crackers... Hardly what I'd call a virus...
As a stand alone tool the biometric scanners are not really ready
That I think is the big gotcha - they are not ready yet - as these technologies improve, and as more money is poured into these kinds of research, we will see marked improvements in these systems...
Well, I have to say that this exploit is particularly serious - but not the end of the world. I've every faith we'll see a fix fairly soon...
It's pretty bad because it has the end results of several techniques rolled into one handy package - URL spoofing, fake certs, browser highjacking...
Several workarounds being mentioned - using a non-standard toolbar (add at least one extra button/menu-item so you can identify a fake version...), and possibly a non-standard theme would work (though I'm not so sure about this one...)
Anyway, net result - firefox has a pretty bad security problem, with a fairly easy workaround, and no doubt a fix in the works... - how about not allowing remote sites to run XUL without first warning the user (with the option to turn this warning feature off of course - it's all about choice, right?)
This text is dedicated to the public domain, using a Creative Commons public domain dedication:
> Copyright-Only Dedication (based on United States law) > > The person or persons who have associated their work with this > document (the "Dedicator") hereby dedicate the entire copyright > in the work of authorship identified below (the "Work") to the > public domain. > > Dedicator makes this dedication for the benefit of the public at > large and to the detriment of Dedicator's heirs and successors. > Dedicator intends this dedication to be an overt act of > relinquishment in perpetuity of all present and future rights > under copyright law, whether vested or contingent, in the Work. > Dedicator understands that such relinquishment of all rights > includes the relinquishment of all rights to enforce (by lawsuit > or otherwise) those copyrights in the Work. > > Dedicator recognizes that, once placed in the public domain, the > Work may be freely reproduced, distributed, transmitted, used, > modified, built upon, or otherwise exploited by anyone for any > purpose, commercial or non-commercial, and in any way, including > by methods that have not yet been invented or conceived.
--
Greetings fellow pirates! Arrrrr!
I'm here today to talk to you about copyright, technology and DRM, I work for the Electronic Frontier Foundation on copyright stuff (mostly), and I live in London. I'm not a lawyer -- I'm a kind of mouthpiece/activist type, though occasionally they shave me and stuff me into my Bar Mitzvah suit and send me to a standards body or the UN to stir up trouble. I spend about three weeks a month on the road doing completely weird stuff like going to Microsoft to talk about DRM.
I lead a double life: I'm also a science fiction writer. That means I've got a dog in this fight, because I've been dreaming of making my living from writing since I was 12 years old. Admittedly, my IP-based biz isn't as big as yours, but I guarantee you that it's every bit as important to me as yours is to you.
Here's what I'm here to convince you of:
1. That DRM systems don't work
2. That DRM systems are bad for society
3. That DRM systems are bad for business
4. That DRM systems are bad for artists
5. That DRM is a bad business-move for MSFT
It's a big brief, this talk. Microsoft has sunk a lot of capital into DRM systems, and spent a lot of time sending folks like Martha and Brian and Peter around to various smoke-filled rooms to make sure that Microsoft DRM finds a hospitable home in the future world. Companies like Microsoft steer like old Buicks, and this issue has a lot of forward momentum that will be hard to soak up without driving the engine block back into the driver's compartment. At best I think that Microsoft might convert some of that momentum on DRM into angular momentum, and in so doing, save all our asses.
Let's dive into it.
--
1. DRM systems don't work
This bit breaks down into two parts:
1. A quick refresher course in crypto theory
2. Applying that to DRM
Cryptography -- secret writing -- is the practice of keeping secrets. It involves three parties: a sender, a receiver and an attacker (actually, there can be more attackers, senders and recipients, but let's keep this simple). We usually call these people Alice, Bob and Carol.
Let's say we're in the days of the Caesar, the Gallic War. You need to send messages back and forth to your generals, and you'd prefer that the enemy doesn't get hold of them. You can rely on the idea that anyone who intercepts your message is probably illiterate, but that's a tough bet to stake your empire on. You can put your messages into the hands of reliable messengers who'll chew them up and swallow them
Sure, but those will also mark virtually every legitimate email as spam, as WELL. Yeah, you can have 95% accuracy... but then you have to go through your hundreds of messages marked spam just to find your real email!
Rubbish - I've used thunderbird for many months now, with an account that gets quite a bit of spam. I have yet to see thunderbird make a wrong guess at whats spam and whats not. If anything, thunderbird is more likely to go the other way - allowing spam through - than deleting real email.
What I can't understand is why people would continue to share these programs once they realised they contained a trojan... The authors stopped sharing them because they found users were propogating them well enough anyway.
Surely any sane person would delete corrupted/malicous downloads from their shared directory?
I couldn't figure out how to save CD songs in their original.cda format for copying onto blank CDs. I've been spoiled by Apple's iTunes' ability to convert and copy in different formats. The software handled MP3s fine, however.
He couldn't save as.cda, but otherwise thought they were fine apps. The./story is a wee bit misleading on that front...
Slashdot Mirror
I tried out zabbix this morning, as I'm always keen to try and improve our monitoring (we currently run a nagios 2.x system).
In-house, we only use rpm'd software, for ease of upgrading and maintenance, so I quickly found RHEL4 rpms for the various bits and loaded them up. Thats when the pain started - I found the post-rpm setup horribly broken, and gave up after an hour or so. The web frontend had to hacked to display, then the DB connection script had to be hacked for it to recognise the DB (which I also had to manually install). After all this, it started moaning about permissions, so i said f*** it.
Now, a lot of these issues may have been with the person who packaged the rpms, but for me it was a non-runner - building from source on my production servers doesn't happen.
I don't find nagios hard to configure - in fact all our admins (team of 15) find it ok, and only half of them are real linux admins, the rest are win32 background. Its object based config scheme seems pretty logical to me....
oh, the pain.... it was only a dream, just a dream....
wow never got one of these before - i feel all warm and fuzzy....
This is just dumb - the same could be said for alcohol - does that mean that it's worthless to ask for ID in a bar?
Dave
Actually, it was resealed pretty soon after discovery, and now operates with an airlock entrance. Only a handful of recearchers are allowed to enter it each month (3-4 IIRC). Although it is impossible to completly shield the enviroment, i think this team have done a pretty laudible job.
Check out the Movile Cave Project, a scientific project centering around a cave discovered by well drilling in Romania in 1986. The cave was significant because the life discovered in the water in the cave (which had no natural entrance and was so sealed off from the world) was based around a totally chemosynthetic ecosystem, where all energy came from chemicals produced and used by the creatures (no light involved - none available!). This small cave alone contained over 31 species that were new to science. It's pretty amazing what might be just under our feet...
The neat thing about making a business of selling robots is that the greed surrounding the desire to make money will motivate robot manufacturers to make sure that their products don't piss me off.
Hello? M$?? (replace 'robots' with 'software' for full effect...)
In the increasingly useful gdesklets framewrok:e gories.php?f unc=gd_show_app&gd_app_id=171
http://gdesklets.gnomedesktop.org/cat
What about a case that changes colour with system load - "oops, the server has gone a funny lava-red color - we'd better leave the room!"
Dave
who to believe? - the BBC article states that the program never sent sms messages to premium rate numbers - it just sent SMS messages back to base if the version being used was unlicensed. This was a feature of the game, not introduced by crackers... Hardly what I'd call a virus...
... can I add the now? (doh!)
As a stand alone tool the biometric scanners are not really ready
That I think is the big gotcha - they are not ready yet - as these technologies improve, and as more money is poured into these kinds of research, we will see marked improvements in these systems...
Here's something kinda similar for CS papers, curtosy of the excellent citeseer:
http://citeseer.ist.psu.edu/articles.html
Dave
Where in the world are you getting your math from?
I thought everyone knew that 70% of statistics were made up on the fly...
Well, I have to say that this exploit is particularly serious - but not the end of the world. I've every faith we'll see a fix fairly soon...
It's pretty bad because it has the end results of several techniques rolled into one handy package - URL spoofing, fake certs, browser highjacking...
Several workarounds being mentioned - using a non-standard toolbar (add at least one extra button/menu-item so you can identify a fake version...), and possibly a non-standard theme would work (though I'm not so sure about this one...)
Anyway, net result - firefox has a pretty bad security problem, with a fairly easy workaround, and no doubt a fix in the works... - how about not allowing remote sites to run XUL without first warning the user (with the option to turn this warning feature off of course - it's all about choice, right?)
Dave
Ears are so cheap
Really - have you tried buying any recently?
Microsoft Research DRM talk
Cory Doctorow
cory@eff.org
June 17, 2004
--
This text is dedicated to the public domain, using a Creative Commons public domain dedication:
> Copyright-Only Dedication (based on United States law)
>
> The person or persons who have associated their work with this
> document (the "Dedicator") hereby dedicate the entire copyright
> in the work of authorship identified below (the "Work") to the
> public domain.
>
> Dedicator makes this dedication for the benefit of the public at
> large and to the detriment of Dedicator's heirs and successors.
> Dedicator intends this dedication to be an overt act of
> relinquishment in perpetuity of all present and future rights
> under copyright law, whether vested or contingent, in the Work.
> Dedicator understands that such relinquishment of all rights
> includes the relinquishment of all rights to enforce (by lawsuit
> or otherwise) those copyrights in the Work.
>
> Dedicator recognizes that, once placed in the public domain, the
> Work may be freely reproduced, distributed, transmitted, used,
> modified, built upon, or otherwise exploited by anyone for any
> purpose, commercial or non-commercial, and in any way, including
> by methods that have not yet been invented or conceived.
--
Greetings fellow pirates! Arrrrr!
I'm here today to talk to you about copyright, technology and DRM, I work for the Electronic Frontier Foundation on copyright stuff (mostly), and I live in London. I'm not a lawyer -- I'm a kind of mouthpiece/activist type, though occasionally they shave me and stuff me into my Bar Mitzvah suit and send me to a standards body or the UN to stir up trouble. I spend about three
weeks a month on the road doing completely weird stuff like going to Microsoft to talk about DRM.
I lead a double life: I'm also a science fiction writer. That means I've got a dog in this fight, because I've been dreaming of making my living from writing since I was 12 years old. Admittedly, my IP-based biz isn't as big as yours, but I guarantee you that it's every bit as important to me as yours is to you.
Here's what I'm here to convince you of:
1. That DRM systems don't work
2. That DRM systems are bad for society
3. That DRM systems are bad for business
4. That DRM systems are bad for artists
5. That DRM is a bad business-move for MSFT
It's a big brief, this talk. Microsoft has sunk a lot of capital into DRM systems, and spent a lot of time sending folks like Martha and Brian and Peter around to various smoke-filled rooms to make sure that Microsoft DRM finds a hospitable home in the future world. Companies like Microsoft steer like old Buicks, and this issue has a lot of forward momentum that will be hard to soak up without driving the engine block back into the driver's compartment. At best I think that Microsoft might convert some of that momentum on DRM into angular momentum, and in so doing, save
all our asses.
Let's dive into it.
--
1. DRM systems don't work
This bit breaks down into two parts:
1. A quick refresher course in crypto theory
2. Applying that to DRM
Cryptography -- secret writing -- is the practice of keeping secrets. It involves three parties: a sender, a receiver and an attacker (actually, there can be more attackers, senders and recipients, but let's keep this simple). We usually call these people Alice, Bob and Carol.
Let's say we're in the days of the Caesar, the Gallic War. You need to send messages back and forth to your generals, and you'd prefer that the enemy doesn't get hold of them. You can rely on the idea that anyone who intercepts your message is probably illiterate, but that's a tough bet to stake your empire on. You can put your messages into the hands of reliable messengers who'll chew them up and swallow them
Sure, but those will also mark virtually every legitimate email as spam, as WELL. Yeah, you can have 95% accuracy... but then you have to go through your hundreds of messages marked spam just to find your real email!
Rubbish - I've used thunderbird for many months now, with an account that gets quite a bit of spam. I have yet to see thunderbird make a wrong guess at whats spam and whats not. If anything, thunderbird is more likely to go the other way - allowing spam through - than deleting real email.
Will sony open source it?
Probably not
Will MS support it?
Eventually yes
Will they give these pens out for free?
No - did you get your computer for free?
Will anyone actually use it?
Yes
Any more inane questions?
The parent comment sickens me - as a long-time linux user, I welcome anytime a company thinks of us when releasing software (commercial or not).
Jeez, you're pissed just 'cos you might have to pay for software every now and again? come on...
What I can't understand is why people would continue to share these programs once they realised they contained a trojan... The authors stopped sharing them because they found users were propogating them well enough anyway.
Surely any sane person would delete corrupted/malicous downloads from their shared directory?
gtoaster - drag the music files to the "tracks" window pane and when done, press record.
How hard was that...
RTA:
.cda format for copying onto blank CDs. I've been spoiled by Apple's iTunes' ability to convert and copy in different formats. The software handled MP3s fine, however.
.cda, but otherwise thought they were fine apps. The ./story is a wee bit misleading on that front...
I couldn't figure out how to save CD songs in their original
He couldn't save as
Dave
The i missed a way to klick on those headlines and open a browser -- karamba does not support stuff like that.
<shameless-plug>
Then you should be using gdesklets, and the rss-grab aggregator - get it here
</shameless-plug>
~Dave