I did a quick search for DroidWall on the market and two things stood out to me. First, it only blocks cellular internet. Wifi is still wide open. Second, it requires you root your phone.
I've noticed a lot of people have developed this mentality that you should assume everyones phone is rooted/jail broken then discuss usage of the thing as if that's the case. I'm fully capable of rooting my phone, but I don't want to. It's a damn hassle, and I just want to use the thing.
So no, DroidWall is not an appropriate solution for the issue this article is about. Not even close.
When the word "must" is used in a RFC it tends to have a very specific meaning. The DNS specification is very general because it was designed to be capable of being used for other things beyond resolving internet hostnames.
If you are using DNS for what most of the world uses it for, internet hostnames, then to inter-operate, as the RFC says, "The labels must follow the rules for ARPANET host names."
Perhaps part of the confusion is that the issue of what constitutes a valid FQDN is not a DNS specification issue. DNS is simply used to resolve the names, and it's very general in how it works. The rules predate the DNS protocol. For example on page 2 of RFC 608 is this description:
in which will be the official Host Name, a string obtained through negotiation between the Host and the NIC, governed by these constraints:
up to 48 characters drawn from the alphabet (A-Z), digits (0-9), and the minus sign (-)... specifically, no blank or space characters allowed;
no distinction between upper and lower case letters;
the first character is a letter;
the last character is NOT a minus sign;
no other restrictions on content or syntax.
Considering these SSL certificates are being validated against internet hostnames then I'd say it's perfectly reasonable to use the rules for such hostnames when performing validation. No \0's allowed.
Crap, slashdots junk filter wouldn't let me use massive amounts of > and <. To see what that was suppose to look like visit rfc1035 and visit section 2.3.1. It's on page 7.
You really went to all of this trouble, spent time looking through rfcs, and even quoted sources which I must respect, but, respectfully, you are misunderstanding what you are reading.
A "label" in the domain name system is simply a string. A completely generic entity with a maximum length of 63 bytes. It does indeed have no limits on what that string can contain.
Further a domain name is represented as a sequence of labels. The root domain is represented as a null label, but a null label is a 0 length label. While that technically does equate to a label with a single 0 byte, semantically it is not the same thing as a null terminated empty string.
As for the rules behind the legal characters in a host name I will follow your lead and quote RFC1035:
> The labels must follow the rules for ARPANET host names. They must > start with a letter, end with a letter or digit, and have as interior > characters only letters, digits, and hyphen. There are also some > restrictions on the length. Labels must be 63 characters or less.
If you want it spelled out even more clearly they provide this as well:
>::= | " " > >::= | "." > >::= [ [ ] ] > >::= | > >::= | "-" > >::= | > >::= any one of the 52 alphabetic characters A through Z in > upper case and a through z in lower case > >::= any one of the ten digits 0 through 9
Any domain name validator should be written using the logic provided by the RFC when dealing with labels that define a host name
Now, labels are used for other things. For example, the email address in the SOA field or the string in a TXT field. The email address mailbox part has a much wider range of valid characters, and a TXT record is completely arbitrary. Labels are used for any string in a DNS packet.
cruise control should be tied to GPS and central traffic control networks and automatically shut down for everybody when conditions make it unsafe.
I will resist such automation with all my strength as will many others. If you tried to do that to me I'd hack the cruise control system.
I agree maintaining a drivers license should be much more difficult (though not much more expensive as some people advocate. The ability to earn one should be based on demonstrating skill not wealth). However, your fallacy is that use of cruise control implies the lack of skill or ability to control your vehicles speed.
Maintaining a constant speed is something I do well manually. Anyone with half a brain can do it well. Your eyesight can help you predict changing conditions and begin adjustment before changes affect your speed, and your sense of balance can fine tune it from there. Piece o' cake.
Using cruise control properly is also a skill, though. Ask your typical cruise junkie (you know, the ones that'll pass a car with a relative speed difference of a meter per minute without temporarily accelerating) if they know you can use the accelerator normally with cruise on, and when you let off it'll drop back down to your cruise speed. Ask them if they know how to pause cruise to slow down then resume, and if you really want to get them ask them to name every action that can do so (tap brakes, shift to neutral, some cruise control systems have a dedicated pause control, etc).
Properly using it means I can program my preferred speed into the engine then adjust to changing conditions as needed to speed up or temporarily slow down. This is no more difficult or error prone than not using it. It's restrictions on usefulness are even built in. Cruise control pretty much isn't an option if the road in front of you isn't clear. This pause, manually control your speed, and resume when able.
Anyways, long rant to basically say "cruise control is not evil, people who abuse it are."
That's interesting. Usually I'm of the mindset please chase me as a self defense legal defense would allow me to relieve some stress without doing time for homicide. It's a win-win.
... in the press release. Did anyone actually read it? There was a little faq, and one of the questions was why. The answer was cause the GPL says so. That this is shocking to anyone is amazing. Who cares? They provided GPL'd code so linux can run in their hypervisor. Good for them.
Re:How many soldiers die if 187 F-22s aren't enoug
on
F-22 Raptor Cancelled
·
· Score: 1
Here's a novel thought... _if_ that times comes, BUILD MORE
If you want to go old school and look at still running text muds, medievia's chaotic player kill sections are even meaner. You _will_ lose a level (sometimes more than 1), and in the roughest spots you can have all of your equipment stolen by other players. That's a huge loss in invested time, but the opposite is also true. Things get really insane in large PvP brawls in these areas. Entire "clans" will be de-leveled and all their members stripped of their best equipment.
It's amazing how much of an adrenaline rush plain old text can give...
Fair enough, and I do not mean to belittle your extensive and admirable testing efforts.
However, I would like to say fixed font sizes in CSS are nearly as bad. This severely hampers usability and accessibility. Most browsers will let users override that, but ideally they should not need to. Many sites these days even include icons on the site itself to increase or decrease the relative font size of the entire site and set it via cookie.
If your code is so hopelessly dependent on font size you're doing it wrong. I can screw up your site simply by adjusting my default font and font size in the browser. A good design should account for that and be able to cope. It should be fluid and respond properly to changes in viewing area size and fonts.
If you're busy doing fixed size per pixel designs just make your site a single img tag or embed a pdf in a object tag and be done w/ it. No testing needed.
When your target execution environment is a multi-tasking OS you should assume the worst and try to play nicely with others. Just machine might have 2GB of RAM doesn't mean your app should use all of it or even a large part of it.
Please us smaller paragraphs. I honestly couldn't get past the first few lines as it all started to blur together. You wrote a lot so I hope I'm correct in assuming you'd like people to read it. Please, in the future, make such posts easier to read.
So then my linksys router with built in fully functioning out of the box 6to4 support is what... ? I didn't even know about it until I noticed I was connecting to ipv6 irc servers.
It's stunning how many people commenting on this story haven't the slightest idea what they are talking about, yet feel compelled to chime in anyways. Even by slashdot standards it's hard to read.
Some guy before you tried to claim that the hypervisor runs as ring 0 and "pushes" the kernel to ring 1. Nearly all just run all code in ring 3 and employ a combination of interrupt/exception catching and inline code scanning/patching. The ones using hardware virt just run in ring -1 as god intended.
Another armchair bios writer tried to argue about how no mere mortal could comprehend the bios well enough to inject malicious code into it. That gave me a good chuckle.
Don't get me wrong, my intent is not to berate you specifically, but I had to reply to one post in this thread, and I got as far as yours before I gave up on reading any more.
As for your claim, the need to virtualize all hardware known to man was quite funny. Yes all VMware vm's see an amd pcnet32 card. VMware is not virtualization. It only performs one type of virtualization. Hell, many would argue it's not even the best approach.
A tiny hypervisor can be written with the only purpose of its existence being to simply exist. It can only run a single OS (virtualization does not demand the ability to run multiple operating systems), and it can happily look the other way as that OS accesses all of the hardware on the system natively. The only reason vmware has to give a shit is because it wants to run multiple OSs and give them all a network card. This theoretical hypervisor doesn't need to fullfill any purpose or perform any function. It can be a dumb piece of software that just allows the single guest OS to execute without ever interrupting it or getting in the way.
Despite the hypervisor being dumb, it has complete control. It can potentially do whatever it pleases with impunity.
CFL bulbs are usually sold as X Watt _equivalent_ since people are use to associating wattage with brightness. E.g. the CFL's I use are 6500K "100 watt", but only 100 watt in that they, in theory, produce similar light as a 100 watt incandescent. In practice it's closer to maybe a 60 watt. The different light temperature might also lower perceived brightness as well.
Funny, every brick and mortar store I've been to carries all but the Neuros players. The Neuros players are interesting in that their firmware is open source. I could walk into a Best Buy right now and pick up the newest Cowon, iRiver, or Sansa players, and all 3 of them blow the iPod away in capabilities.
I'll admit Apple's exceptional marketing has managed to make everyone equate mp3 player with iPod, but outside of the reality distortion field we're having a blast.
The newest firmware even plays FLAC:) I have a 4GB clip and I love it. OLED screen, mp3/wma/vorbis/flac support, usb mass storage, usb charging, fm tuner, fantastic battery life, AND it's tiny. Great stuff.
The hardware support is impressive too. Everything from Sansa and Neuros to iRiver and Cowon support both the vorbis and flac codecs. The only major missing player is Apple. Considering over half of my collection is ripped or downloaded in these formats, that is why Apple is not received a dime from me.
Has it really not crossed your mind that perhaps your experience is unique? Maybe you have a bad font or font handling library somewhere that is incorrectly reporting size that is atypical.
Maybe some other obscure combination of things that a tiny few people have causes this, and everyone that has experienced it is just assuming _everybody_ does and that _clearly_ nobody is paying attention. Screw a bug report, obviously everyone can see this issue and it's just been ignored.
Get over yourself. The KDE devs are the most responsive people I've ever dealt with including companies that are paid 5 figures a month for enterprise class support, but they cannot respond if they are not notified. They do not have huge farms of systems sporting every possible combination of hardware and software. They rely on proper reporting and triaging.
deflation increases the cost to employee workers as well as the value of currently held debt. You'll find yourself out of a job and nobody left to buy that super cheap food from in the worst case scenario deflationary economy.
KDE is based on Qt. There are not separate versions of Qt. There is one version of Qt, and _you_ choose which license you want to abide by. The KDE app/library need only be licensed with a license that is compatible with one of the available Qt licenses. The kde libraries have been LGPL for a long time, but you still needed a Qt license if you wanted to develop a closed source app because Qt was GPL or commercial only.
Slashdot Mirror
I did a quick search for DroidWall on the market and two things stood out to me. First, it only blocks cellular internet. Wifi is still wide open. Second, it requires you root your phone.
I've noticed a lot of people have developed this mentality that you should assume everyones phone is rooted/jail broken then discuss usage of the thing as if that's the case. I'm fully capable of rooting my phone, but I don't want to. It's a damn hassle, and I just want to use the thing.
So no, DroidWall is not an appropriate solution for the issue this article is about. Not even close.
When the word "must" is used in a RFC it tends to have a very specific meaning. The DNS specification is very general because it was designed to be capable of being used for other things beyond resolving internet hostnames.
If you are using DNS for what most of the world uses it for, internet hostnames, then to inter-operate, as the RFC says, "The labels must follow the rules for ARPANET host names."
Perhaps part of the confusion is that the issue of what constitutes a valid FQDN is not a DNS specification issue. DNS is simply used to resolve the names, and it's very general in how it works. The rules predate the DNS protocol. For example on page 2 of RFC 608 is this description:
in which will be the official Host Name, a
string obtained through negotiation between the Host and the
NIC, governed by these constraints:
up to 48 characters drawn from the alphabet (A-Z), ... specifically,
digits (0-9), and the minus sign (-)
no blank or space characters allowed;
no distinction between upper and lower case letters;
the first character is a letter;
the last character is NOT a minus sign;
no other restrictions on content or syntax.
Considering these SSL certificates are being validated against internet hostnames then I'd say it's perfectly reasonable to use the rules for such hostnames when performing validation. No \0's allowed.
Crap, slashdots junk filter wouldn't let me use massive amounts of > and <. To see what that was suppose to look like visit rfc1035 and visit section 2.3.1. It's on page 7.
http://tools.ietf.org/html/rfc1035
You really went to all of this trouble, spent time looking through rfcs, and even quoted sources which I must respect, but, respectfully, you are misunderstanding what you are reading.
A "label" in the domain name system is simply a string. A completely generic entity with a maximum length of 63 bytes. It does indeed have no limits on what that string can contain.
Further a domain name is represented as a sequence of labels. The root domain is represented as a null label, but a null label is a 0 length label. While that technically does equate to a label with a single 0 byte, semantically it is not the same thing as a null terminated empty string.
As for the rules behind the legal characters in a host name I will follow your lead and quote RFC1035:
> The labels must follow the rules for ARPANET host names. They must
> start with a letter, end with a letter or digit, and have as interior
> characters only letters, digits, and hyphen. There are also some
> restrictions on the length. Labels must be 63 characters or less.
If you want it spelled out even more clearly they provide this as well:
>
>
>
>
>
>
>
>
>
>
>
>
>
> upper case and a through z in lower case
>
>
Any domain name validator should be written using the logic provided by the RFC when dealing with labels that define a host name
Now, labels are used for other things. For example, the email address in the SOA field or the string in a TXT field. The email address mailbox part has a much wider range of valid characters, and a TXT record is completely arbitrary. Labels are used for any string in a DNS packet.
cruise control should be tied to GPS and central traffic control networks and automatically shut down for everybody when conditions make it unsafe.
I will resist such automation with all my strength as will many others. If you tried to do that to me I'd hack the cruise control system.
I agree maintaining a drivers license should be much more difficult (though not much more expensive as some people advocate. The ability to earn one should be based on demonstrating skill not wealth). However, your fallacy is that use of cruise control implies the lack of skill or ability to control your vehicles speed.
Maintaining a constant speed is something I do well manually. Anyone with half a brain can do it well. Your eyesight can help you predict changing conditions and begin adjustment before changes affect your speed, and your sense of balance can fine tune it from there. Piece o' cake.
Using cruise control properly is also a skill, though. Ask your typical cruise junkie (you know, the ones that'll pass a car with a relative speed difference of a meter per minute without temporarily accelerating) if they know you can use the accelerator normally with cruise on, and when you let off it'll drop back down to your cruise speed. Ask them if they know how to pause cruise to slow down then resume, and if you really want to get them ask them to name every action that can do so (tap brakes, shift to neutral, some cruise control systems have a dedicated pause control, etc).
Properly using it means I can program my preferred speed into the engine then adjust to changing conditions as needed to speed up or temporarily slow down. This is no more difficult or error prone than not using it. It's restrictions on usefulness are even built in. Cruise control pretty much isn't an option if the road in front of you isn't clear. This pause, manually control your speed, and resume when able.
Anyways, long rant to basically say "cruise control is not evil, people who abuse it are."
That's interesting. Usually I'm of the mindset please chase me as a self defense legal defense would allow me to relieve some stress without doing time for homicide. It's a win-win.
... in the press release. Did anyone actually read it? There was a little faq, and one of the questions was why. The answer was cause the GPL says so. That this is shocking to anyone is amazing. Who cares? They provided GPL'd code so linux can run in their hypervisor. Good for them.
Here's a novel thought... _if_ that times comes, BUILD MORE
If you want to go old school and look at still running text muds, medievia's chaotic player kill sections are even meaner. You _will_ lose a level (sometimes more than 1), and in the roughest spots you can have all of your equipment stolen by other players. That's a huge loss in invested time, but the opposite is also true. Things get really insane in large PvP brawls in these areas. Entire "clans" will be de-leveled and all their members stripped of their best equipment.
It's amazing how much of an adrenaline rush plain old text can give...
Fair enough, and I do not mean to belittle your extensive and admirable testing efforts.
However, I would like to say fixed font sizes in CSS are nearly as bad. This severely hampers usability and accessibility. Most browsers will let users override that, but ideally they should not need to. Many sites these days even include icons on the site itself to increase or decrease the relative font size of the entire site and set it via cookie.
It took microsoft 10 years to kind of fully support HTML4 and CSS2 w/ IE8. Another 10 for CSS3 and HTML5 would fit historical records.
If your code is so hopelessly dependent on font size you're doing it wrong. I can screw up your site simply by adjusting my default font and font size in the browser. A good design should account for that and be able to cope. It should be fluid and respond properly to changes in viewing area size and fonts.
If you're busy doing fixed size per pixel designs just make your site a single img tag or embed a pdf in a object tag and be done w/ it. No testing needed.
When your target execution environment is a multi-tasking OS you should assume the worst and try to play nicely with others. Just machine might have 2GB of RAM doesn't mean your app should use all of it or even a large part of it.
Please us smaller paragraphs. I honestly couldn't get past the first few lines as it all started to blur together. You wrote a lot so I hope I'm correct in assuming you'd like people to read it. Please, in the future, make such posts easier to read.
cat foo | grep ...
seriously?
So then my linksys router with built in fully functioning out of the box 6to4 support is what... ? I didn't even know about it until I noticed I was connecting to ipv6 irc servers.
It's stunning how many people commenting on this story haven't the slightest idea what they are talking about, yet feel compelled to chime in anyways. Even by slashdot standards it's hard to read.
Some guy before you tried to claim that the hypervisor runs as ring 0 and "pushes" the kernel to ring 1. Nearly all just run all code in ring 3 and employ a combination of interrupt/exception catching and inline code scanning/patching. The ones using hardware virt just run in ring -1 as god intended.
Another armchair bios writer tried to argue about how no mere mortal could comprehend the bios well enough to inject malicious code into it. That gave me a good chuckle.
Don't get me wrong, my intent is not to berate you specifically, but I had to reply to one post in this thread, and I got as far as yours before I gave up on reading any more.
As for your claim, the need to virtualize all hardware known to man was quite funny. Yes all VMware vm's see an amd pcnet32 card. VMware is not virtualization. It only performs one type of virtualization. Hell, many would argue it's not even the best approach.
A tiny hypervisor can be written with the only purpose of its existence being to simply exist. It can only run a single OS (virtualization does not demand the ability to run multiple operating systems), and it can happily look the other way as that OS accesses all of the hardware on the system natively. The only reason vmware has to give a shit is because it wants to run multiple OSs and give them all a network card. This theoretical hypervisor doesn't need to fullfill any purpose or perform any function. It can be a dumb piece of software that just allows the single guest OS to execute without ever interrupting it or getting in the way.
Despite the hypervisor being dumb, it has complete control. It can potentially do whatever it pleases with impunity.
CFL bulbs are usually sold as X Watt _equivalent_ since people are use to associating wattage with brightness. E.g. the CFL's I use are 6500K "100 watt", but only 100 watt in that they, in theory, produce similar light as a 100 watt incandescent. In practice it's closer to maybe a 60 watt. The different light temperature might also lower perceived brightness as well.
Funny, every brick and mortar store I've been to carries all but the Neuros players. The Neuros players are interesting in that their firmware is open source. I could walk into a Best Buy right now and pick up the newest Cowon, iRiver, or Sansa players, and all 3 of them blow the iPod away in capabilities.
I'll admit Apple's exceptional marketing has managed to make everyone equate mp3 player with iPod, but outside of the reality distortion field we're having a blast.
The newest firmware even plays FLAC :) I have a 4GB clip and I love it. OLED screen, mp3/wma/vorbis/flac support, usb mass storage, usb charging, fm tuner, fantastic battery life, AND it's tiny. Great stuff.
The hardware support is impressive too. Everything from Sansa and Neuros to iRiver and Cowon support both the vorbis and flac codecs. The only major missing player is Apple. Considering over half of my collection is ripped or downloaded in these formats, that is why Apple is not received a dime from me.
Has it really not crossed your mind that perhaps your experience is unique? Maybe you have a bad font or font handling library somewhere that is incorrectly reporting size that is atypical.
Maybe some other obscure combination of things that a tiny few people have causes this, and everyone that has experienced it is just assuming _everybody_ does and that _clearly_ nobody is paying attention. Screw a bug report, obviously everyone can see this issue and it's just been ignored.
Get over yourself. The KDE devs are the most responsive people I've ever dealt with including companies that are paid 5 figures a month for enterprise class support, but they cannot respond if they are not notified. They do not have huge farms of systems sporting every possible combination of hardware and software. They rely on proper reporting and triaging.
Funny, I've been using opensuse 11.0 for about 5 months now, and not once have I had a need to use the terminal for anything.
deflation increases the cost to employee workers as well as the value of currently held debt. You'll find yourself out of a job and nobody left to buy that super cheap food from in the worst case scenario deflationary economy.
KDE is based on Qt. There are not separate versions of Qt. There is one version of Qt, and _you_ choose which license you want to abide by. The KDE app/library need only be licensed with a license that is compatible with one of the available Qt licenses. The kde libraries have been LGPL for a long time, but you still needed a Qt license if you wanted to develop a closed source app because Qt was GPL or commercial only.