Is there any way to encapsulate SLiRP(and PPPD) within a 7 bit channel? I tried something along the lines of uudecode | slirp | uuencode, but it (obviously) didn't function as desired.
Suggestions? I have a feeling a standard 7 bit stdin/stdout wrapper might be useful all over the place.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Twas a few weeks ago at work, whence I was determining how to solve a raft of remote access problems. Nothing was working, deadlines were coming...and then I remembered SLiRP. Oh my.
SLiRP is alot more valuable than you might think. For one thing, it provides a user-level NAT'd IP connection over any terminal link. Note, not just a modem link, but *anything*. Combined with SSH, SLiRP makes for an insanely slick VPN routable link that just *works*.
Even for dialup lines, SLiRP rocks. *Absolutely* no administrative headache getting an IP range in which to run PPP. No headaches at all.
I think you need to try to get ASPPP to work on Solaris to truly understand how painful PPP can be. Even pppd isn't too nice on Solaris. But slirp? Thunk. Work. First try.
I'm not just blowing smoke. At my work, there's a semi-decent chance we'll be deploying SLiRP *all over the place*, at *huge* companies, very soon, for precisely these reasons. It's fast, it's free, and it's astoundingly functional.
My shock at seeing my recently rediscovered PPP app of old up on Slashdot again is quite unnerving, but I can't complain. SLiRP has done me well.
One thing I'd request, if anybody's working on adding features--could somebody port in the MS-DNS code? I'm eventually going to be doing *alot* of GPL work involving SLiRP, but my stuff will end up much more high level.
I mentioned this in another thread, but bottom-line "Anonymous Posting Is Golden" evidence can be found at the following URLs, posted during the NSA Backdoor discussions:
The most pressing problem with IPV6 isn't that there aren't enough addresses--10^38 is a workable amount--it's that, as far as I've seen(and I beg anybody who knows better to correct me) there are no procedures in place to distribute those addresses in correct proportions.
Back in the early days of the net, Class A addresses with 16 million entries were tossed out. Why not? 16 million out of a few billion is nothing...of course, now with the advent of CIDR and the shortages of address space, those numbers are desperately needed.
The disturbingly unwieldy sizes of full-length IPV6 addresses would be less bothersome if I actually knew the plan by which those addresses would be distributed. Someone more qualified, please comment.
One final note--as far as I know, while IPV6 allows IPs to be compressed in presentation(i.e. 127.0.0.0.0.0.0.0.0.0.0.0.129.210.64.98 could compress down to 127::129.210.64.98, since the leading zeros can be presumed by subtracting the typed length from the fixed length), the actual packet requires the full spread. Won't this slow down routing to some degree, as the router needs to wait longer before receiving enough data to forward the packet to its destination? For that matter, shouldn't destination preceed source, for that exact reason?
OK, I'm going to go away now while some net.guru encluphonates me thoroughly.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Around eight months ago, I was hacking away at this economics essay regarding Open Source. With Linuxworld coming up, I chose to go around, soliciting opinions like any good annoying writer should.
I went to LinuxCare, spoke to Sifry, and received some interesting commentary. I walked up to the infamous Maddog, and had some nice flaws evicerated apart...then I went to the SCO booth.
Wow.
What you guys saw in that article wasn't just the ravings of a deluded marketroid. That's the corporate culture of SCO. I think SCO genuinely feels it owns Unix on Intel, and is desperately flummoxed that someone--anyone--would encroach on their domain.
SCO doesn't like Linux. That's not surprising. What's more interesting, arguably even fascinating, is the degree to which SCO Employees are public about this distaste. I mean, you know there are at least a few people in large corporations who believe very strongly in everything SCO has to degrade about Linux. But they're generally rather quiet about it.
SCO outscreams Microsoft--although, it's interesting to note that MS owns a chunk of SCO...
The question is: Is SCO the only company strong enough to wage those complaints(perhaps due to the MS connection?), or is it the only company weak enough to prevent its employees from spouting off?
I'd personally bet on the latter, but the former isn't altogether unfeasable.
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Re:That picture gives the wrong impression
on
911 Calls Linux
·
· Score: 1
Don't you hate it when you underestimate your opposition? Great post, Fastolfe.
Once you pull the pin, Mr. Grenade is no longer your friend.
In the 1980's, a movie called "I Know My First Name Is Steven" came out. Based on a true story of this kid who was kidnapped for like seven years.
A few months ago, a few campers over in Yosemite were killed by that kid's brother. Big international incident, since there was an exchange student murdered.
Nasty stuff. You act like people are never randomly killed in the woods...
Once you pull the pin, Mr. Grenade is no longer your friend.
I loved the Blair Witch project. Amazing movie, very unique, extremely powerful, quite impressive.
But.
I am incredibly disturbed by the complete and utter lack of attention being given the lead players in Blair Witch. While I fully accept that directors can be shortchanged in the media spotlight, Mike, Josh, and Heather did an *amazing* job.
First, these three acted excellently, with far more convincing performances than you're likely to see from most. Did anyone for a second not completely believe their *confusion*, their distrust, their pure fear? The directors did an outstanding job creating an environment in which the actors could shine, but we should not ignore the fact that these actors did shine, quite outstandingly.
They also spoke a damn nice script, considering their was no script to speak from. Again, the directors did beautifully defining scene outlines, but as Hollywood has much trouble learning, good storyboards do not a compelling story make. Edited with oscar-worthy aplomb, the cast's dialogue, while hokey at times, reflected the nature of stranded, real people in the middle of a disturbingly surreal environment.
Speaking of the editing, have we forgotten that the filmwork of the entire movie was also executed beautifully by these three? Granted, the footage would have worked *awfully* without the amazing work of the directors and editors, but done right their work was critical to the success of this film.
I don't want to take away from the stellar performance of the directors. But Heather, Josh, and Mike deserve more than they're getting.
Of course, there's a reason they're being left out of the loop(for now): The marketroids want people to believe the movie is real.
This happens to be a good thing.
Now I know this is going to make some of you yell and scream, but the fact was if I could have seen this two months ago with absolutely no prior knowledge, I would have been scared out of my fucking mind. Suspension of disbelief is far easier when there's no disbelief to suspend, and while it's somewhat dishonest, it's dishonesty in an environment where the entire industry is built upon creating the most convincing lies possible. Arnold Schwartzenegger is not a cyborg creature sent back through time, and Shitbrick didn't get it on with Stiffler's Mom.
Blair Witch bent the rules. Consider how much more they could have broken them. They could have divulged that BW was fake in September(imagine how pissed you'd be!). The way they did it, everybody going to the movie sorta heard some people saying it was real and some people not--not altogether perfect, but a giant aid to suspending disbelief and a huge contributor to the success of the movie.
If one of the big studios tried this, they'd hang us out to dry with their ability to simultaneously assail the public with their "this is a true story!!!!!!" message, unrebutted, on all media fronts. There would be no doubt, no undercurrent of truth. It'd be so overdone, so disastrous-in-retrospect, that the studio would have no choice but to attempt to suppress any news that the original movie was fake.
I don't have much more faith in the Big Studio's plans for harvesting Net sentiment. Blair Witch and The Matrix have set the standard for what makes an excellent movie site. (The Matrix comic strips, incidentally, are required viewing for any Matrix fan. They add to the movie immensely, and increase my respect for the universe they've developed immensely.)
If the Studio's can actually express more originality than they could press onto the Celluloid into the web site, great. I'm just afraid of fake web sites, fake web rings, and most of all, fake "o i saw this movie it r000led O MY GOD JOHN DOECAPRIO IS SOOOOOO HOT!" manufactured 15 year old geocities pages that are really hacked together by some marketroid committee.
What do they have to lose? The worst they could do is discredit the Internet as a medium for movie discussion...which hurts them, how? If they can't own it...destroy it.
I know not everybody in Hollywood thinks this way. I know that there are some very hard working and ethical people out there.
I also know that there a very real chance that the three actors/screenwriters/camerapeople will get shortchanged by a media looking to move on to some new summer flick. This must not occur. Sooner or later, the Blair Witch Three need to be recognized for their excellent work. It's only fair.
I've talked long enough. What do the rest of you have to say?
Yours Truly,
Dan Kaminsky DoxPara Research http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Fuck them! My hair is long and my sandals are worn. That's who I am. That's who all of us are. And we fucking wrote the software that Red Hat sells. We own the company in a far more real sense than any of the moneyed lords with sufficient "liquid net worth" to take part in the IPO. They're auctioning my software off on the New York Stock Exchange to the highest bidder, and I can't take part!
I'll have to integrate this stuff into that essay-cum-Linuxworld-Presentation. A major point I've been arguing is that those who suffer the direct effects of inferior software are more likely to create the fixes for various shortcomings than a body only indirectly connected to the financial pain. Almost all companies have a serious monetary stake in the stable operations of their computer software, and a growing number have realized that such a mission critical part of their business demands the elimination of propietary risks.
In the age of UCITA, open code may be the only thing you can trust. Buying software from companies that support false advertising, remote killswitches, and censorship is akin to hiring Hannibal Lector as your person plastic surgeon--or Master Chef.
Relevance? Consider the financial impact of Open Source on investors. Want your stock to do better? See a specific area of weakness that you percieve is reducing the value of your stock? Fix it. Yourself.
The amount of people funding OSS projects is about to increase...substantially. Fascinating.
See you at LinuxWorld!
Yours Truly,
Dan Kaminsky http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
So you're saying by expressing signals that appear to humans as reflective of internal emotions, Kismet is experiencing emotions?
Spoofing is a term applied when a process transmits information to another process reflecting some status about itself that is, in fact, not reflective of the true state. For example, IP Spoofing transmits false IP Source Header information. Samba does not spoof SMB, though--it really speaks it.
It's a bit of a grey line.
In humans, it turns out that the mere expression of an emotional state is enough to generate some aspects of that state internally. On a personal note, this is why I spent Senior Year of High School smiling like a hyena. Acting happy created happiness--strange but true. But Kismet doesn't act out externally as an expression of internal emotional states, or vice versa--there *are* no emotions to reflect, not in the human sense of the word. It's a spoof.
But try telling that to someone who is looking at a cute sad little doll that asks not to have its power disconnected.
What was it that the Star Trek authors argued? That sentience required consciousness, self-awareness, and intelligence? Good values. Nice values. But the ability to effectively convey emotions (and perhaps complex concepts) effectively is probably required for any creature to be recognized as sentient. Call it a bug in the Human OS if you need to. But it's true.
--Dan
Once you pull the pin, Mr. Grenade is no longer your friend.
Sometimes I think computer people Just Don't Get It.
Then I see this.
Now, alot of us geeks might whine and moan. "Oh, it's so cute. Die Jar Jar Die!" "The future of technology lies with...Terminator Furby." Whatever.
Outside of the cold, sterile world of gigabit routers and tab completion, a convincingly emotive device has been developed--artificially.
The importance of this is not to be underestimated. Large chunks of government policy are designed to protect animals with emotive properties. As a classic comedy routine went, "Sometimes I think the animals just all got in a line. 'What are you?' 'I'm a seal.' 'You're cute, honk that horn, we'll make sure nobody beats you with a club. Now what are you?' 'Cow. Moo.' 'GET ON THE TRUCK! You're a baseball glove.'"
Pet Rocks were quite the subversive satire on this maternal instinct.
Tamagotchi began the trend, and Furbies proved the consumer attraction, but I think it's the progeny of Kismet that will whip up quite a media frenzy. Who wouldn't think that the media has been waiting to report that a machine built by man doesn't want to die? It's a pent up desire; one that will be released at the first credible moment.
And along comes Kismet.
The key to Kismet really is that it spoofs emotion. Think about it for a second. The MIT guys "sniffed" humans with cameras, copied the protocol stream down to the transitions from one emotive signal to another, and (most importantly) parsed enough of the incoming emotistream to generate a seemingly interactive experience.
Shades of Eliza? Obviously. Eliza spoofed "Rogerian Psychology", where a person does nothing but ask the minimum amount of questions to keep you talking. Eliza took some aspect of human psychology and looped it on itself to create meaning to the user at the least possible computational cost.
Give Eliza and Kismet a love child equipped text to emotive speech and speech to text, and toss in a degree of anger, rage, and fear if the robot "believes" 1) it is to be deactivated(put a video sensor near the off switch) or 2) it is ignored for excessive periods of time, and a non-zero part of the population will believe it alive and as worth protecting as a cute baby seal.
Is it just me, or is it scary how much Hackerthink(spoof, parse, etc.) fits so many different situations? If you can talk to a single person in biotech for more than twenty mintues about their job and not realize they're utter hackers, you aren't paying attention. The same applies to psychologists. How many psych papers read like security bulletin? ("God refuses to patch. F1zRR has released Prozac 1.0 to compensate.")
If Kismet ever goes mainstream, the psychologists are going to have a field day. The technological revolution eliminated the need for menial workers. Kismet, scarily enough, could make shallow friendships far more awkward. "We don't do much more than talk like Kismet."
All this will go on until the media decides to flip public opinion around on its ear(thus making everybody tune in) saying "Are we nuts? This Kismet thing is NOTHING compared to humans! Deux Ex Humana!"
That's just my thoughts. It's late. I'm tired. I have to get up in four hours. Joy.
Send me comments. Or don't.
Once you pull the pin, Mr. Grenade is no longer your friend.
Geeks To Consumers: We Were Right After All
on
DIVX is dead
·
· Score: 5
An ounce of prevention saves a pound of cure, eh? Check out the press release:
All Divx discs, including those previously purchased by consumers and those remaining in retailer inventories, can be viewed on registered players anytime between now and June 30, 2001.
The significance of this cannot be overlooked. This is empirical proof that any system that places consumer property under the access control of a remote body can, will, and just did repossess control of those goods, despite the (promised!) expectations of the customer.
Told you so.
The Geek Community was quite clear on this: DiVX gives corporations excessive control over the viewing habits of customers, and was generally an awful idea. Truly, we have the media outlets and electronic stores--corporations in their own right--to thank for realizing the inevitable result of any technically dependant system such as DiVX and protecting as many consumers as possible from what the Geeks always recognized as Bad Mojo.
What can we learn from this? SDMI--the MP3 competitor--is flat out doomed to fail if it attempts any sort of protection dependant on contacting anyone anywhere for permission to play a song.
After decades of ripping off artists, lets hope they don't move onto ripping off consumers. (Again. Spoiler Signal What?)
Set up a cron process to output the results of whatever/proc entries you desire into a CSV formatted logfile. Use the tools of your choice to sort through the mass of data. If you need something new, pop into the Linux source and add a/proc entry with whatever you like.
In a slightly related note, Linux needs some new graphics libraries--GD is good, but it's not Excel. I have the distinct feeling GIMP is better suited to what we need. Sooner or later we won't have to jump to Excel to get quality graphs drawn.
Once you pull the pin, Mr. Grenade is no longer your friend.
If you don't want a site hacked, *period*, I suggest you consider a CD-R based server. Let all development occur on, well, development machines, burn a copy of the static site, and have the dynamic material imported in from a backend database.
Lets see how easy it is to hack a server where not even *root* can modify the configuration files.
I'm still waiting for an entire Linux distribution I can boot off a CD-ROM using either a floppy drive or a web site to cache settings. It'll be significantly easier to deal with these CD Lockboxes once the various kernel configs for a semi slow medium serving mechanism are developed.
There will be a few issues with switchovers under a CD-ROM system, incidentally. Updates are no longer a matter of FTPing; it's more along the lines of using Fake(beautiful app) to have two identical servers doing failover for eachother.
Fairness dictates I remind the reader that, no, this isn't 100% effective--a remote root compromiser might still be able to link into the running(but binary non-modifiable) process and somehow redirect some pointer mechanisms to manipulate what files are distributed on the website, but that's orders of magnitude more difficult than echo "THIS SITE SUX" > index.html .
Keep in mind, if you have a backend writable database it's going to be the next target. Intrusion detection on high, keptain.
Email me or visit my site if you want to discuss all this stuff further. If you have experience with ARP/ICMP spoofing attacks, I need you to read something I'm in the process of putting together. Ahhhhh yes, I'm geeking out on security as of late. (Can you tell?)
Yours Truly,
Dan Kaminsky DoxPara Research http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
People wonder why I'm so ascerbic against Netware. We've got students around here disconnecting their ethernet ports whenever they have work to do. We've got *FACULTY* doing that.
Not Good.
Once you pull the pin, Mr. Grenade is no longer your friend.
Ever notice how much your Win95/98 machines crash once you install Client32 on them?
Does the phrase "IFSVXD.VXD" mean anything to you? "Windows Protection Error"? Ever wonder why "MPREXE.EXE"(the MultiProtocol Router) crashes so much? Why your client systems are lagging?
Novell servers are rather brilliantly written. Their clients...well, didn't it take 'em a few years to write an uninstaller that didn't work? *YEAH*.
Once you pull the pin, Mr. Grenade is no longer your friend.
DoxPrint's a middleware tool I wrote to translate Network Neighborhood prints to Novell Netware prints. Should help with any migration attempt, considering you can leave all your (working) Novell print queues as they stand and move your clients to the exact same state they'll be in if you choose to move to another print platform. DoxPrint, with a *tiny* amount of coding(I'll even build it into the next version if you like), can allow one point of access to Netware printers, Samba printers, NT printers, and even Appletalk printers. Check it out, it might help ya.
If there is one thing I find darkly humorous in the entire Phantom Menace saga, it's been Taco. Poor Rob, split between Tux and the Dark Side, sharp and poignant words signifying each additional step towards the coming Linux Expo...someone should definitely catalog Rob's sayings. Maybe he needs professional help.
Star Wars Widows indeed.
...walking away, imagining Tux with a light saber cutting down the now Darth Taco for abandoning his calling as SlashDiety of the Linux Expo...
Quitting while he's (theoretically) ahead...
Dan Kaminsky DoxPara Research http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
I don't know why DoxPrint was moderated into hiding. I'd say mail Rob, but the poor guy gets enough mail. Whoever trashed the post--go away, censor.
(For those who didn't see the original post, DoxPrint lets you print to Novell printers over the Network Neighborhood, by having a Linux box in the middle translate between windows prints and Novell prints. Check it out, send me feedback, etc. I'll put together a FAQ once I have some Q to FA.)
Yours Truly,
Dan Kaminsky DoxPara Research http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
--- As for adding MP3.com, well, that's how litigation works. It seems highly unlikely that MP3.com will be found liable, but it will certainly impact their IPO. ---
Oh, beautiful. Playmedia becomes liable for damages for filing an intentionally frivolous lawsuit during the IPO period when MP3.COM theoretically might not even be able to defend itself(companies need to be QUIET before they open their IPO, lest the SEC say they're advertising.) Then the lawsuit gets ruled as utterly and knowingly malicious, and boom, mp3.com threatens to sue their pants off unless they drop the Nullsoft suit.
Nice.
Once you pull the pin, Mr. Grenade is no longer your friend.
1) The GIF/Unisys thing is a pretty awful situation that deserves to be redecided.
2) Unisys never had any dealings--as far as I know--with GIF developers. Contrast this with the probable fact that the AMP guy had some early communications w/ Justin Frankel and thus can be presumed to have consented-until-further-notice.
Once you pull the pin, Mr. Grenade is no longer your friend.
My best guess is that the creator of AMP is rather miffed that he didn't market his code well enough to profit from it, that he didn't get into business arrangements that would make him a partner(*cough* why was Nitrane even necessary), and now has been courted by lawyers who think they can wring large chunks of money out of the equation.
The MOST interesting part of the equation is Winamp licensing an engine from FFH. FFH will, IMHO, flip around and bend Playmedia over the proverbial legal bar questioning their chutzpah demanding legal protection over something that they ostensibly "stole" from FFH in the first place.
My "off the cuff" legal analysis of this situation will be that the judge will throw the entire case out, noting that Playmedia(and FFH) lost their claim over the *large* period of time they allowed WinAMP to spread. The Nullsoft guys will successfully argue that Playmedia knowingly allowed the code to be used, that any similarities in code were those that would be expected (by anybody, even Playmedia) from somebody who had seen the source code legally and had recreated it in a new technical system, and that to accept Playmedia's claim would be to usher in a new era of Contagion Litigation.
Contagion Litigation, related to submarine patents, occur when a given technology is allowed to spread contagiously, and when enough parties are infected, the legal nature of the product is reasserted and everybody is forced to pay. It's a form of fraud, obviously, since if each receptor of the "diseased code" had known the legal implication of using the technology before integrating into their systems they would have chosen an alternate route.
There's an element of beauty in all of this. Luckily, the autocratic nature of most courtrooms should cut through the BS rather quickly. I'm sure there's significant precedent against stuff like this.
Yours Truly,
Dan Kaminsky DoxPara Research http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
I'm looking for a good language to deal with a reasonably large(nearing 10K lines) CSV formatted database. It's the log database for the DoxPrint system that's running at my college. DoxPrint is a SambaNetware gateway that I'm releasing under the GPL By The Time You Read This(TM). Presently, the only way to get efficient information out of it is using contortions of grep, sort, uniq, and wc, or loading the database in Excel and having fun.
Should I try Rebol? Or what? I'd like the next version of DoxPrint to support Web Log Analysis, but I'm unsure which language I should cram to achieve that goal. Suggestions?
Yours Truly
Dan Kaminsky DoxPara Research http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
IDG has to deal with the Youth Culture around Linux, or else they'd probably be limiting to 16+, or even 18+. I BELIEVE that most non computer conventions are 18+.
Anyway, the point isn't that they refund the badge. Once it had been issued under non-fraudulent conditions, they were responsible for either honoring it or refunding the entire cost of the mistake. It's that whole "bait 'n switch" thing--they got you to come because you thought you could take your kid, then placed you in a situation to either lose a serious investment or find alternate accomodations for your child.
Of course, this wasn't malicious. I'm not from IDG, I'm just being realistic: this was a bureaucratic failure. Somewhere along the line the web site never got updated to read "no kids". It genuinely does cost more to admit children--we live in a rather disgustingly litigious society where parents will sue because their kid swallowed a piece of Trade Show Fluff. (WHAT DO YOU MEAN YOU GAVE A STRESS BALL TO A THREE YEAR OLD?!? THREE YEAR OLDS WILL EAT ANYTHING! I'LL SUE!)
The Cuteness Razor(Attractive people get their way) combines with the Motherly Instinct(Children must be protected) to create some nasty rules for the Law Of Unintended Consequences to work with.
Once you pull the pin, Mr. Grenade is no longer your friend.
Actually, if she had a badge, or even if she had been sent notification saying "you're invited here", it was illegal for them to refuse access to her once she arrived. The "access contract" was set once they provided paper notification that she was being allowed to go. If there had been prior notification during the sign up procedure that 12 year olds were presumptively ineligible to attend, the original signup would have occured under false pretenses, but by what you state this was not the case.
Long story short: Shoulda gone to management:-)
Once you pull the pin, Mr. Grenade is no longer your friend.
Slashdot Mirror
Is there any way to encapsulate SLiRP(and PPPD) within a 7 bit channel? I tried something along the lines of uudecode | slirp | uuencode, but it (obviously) didn't function as desired.
Suggestions? I have a feeling a standard 7 bit stdin/stdout wrapper might be useful all over the place.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Twas a few weeks ago at work, whence I was determining how to solve a raft of remote access problems. Nothing was working, deadlines were coming...and then I remembered SLiRP. Oh my.
SLiRP is alot more valuable than you might think. For one thing, it provides a user-level NAT'd IP connection over any terminal link. Note, not just a modem link, but *anything*. Combined with SSH, SLiRP makes for an insanely slick VPN routable link that just *works*.
Even for dialup lines, SLiRP rocks. *Absolutely* no administrative headache getting an IP range in which to run PPP. No headaches at all.
I think you need to try to get ASPPP to work on Solaris to truly understand how painful PPP can be. Even pppd isn't too nice on Solaris. But slirp? Thunk. Work. First try.
I'm not just blowing smoke. At my work, there's a semi-decent chance we'll be deploying SLiRP *all over the place*, at *huge* companies, very soon, for precisely these reasons. It's fast, it's free, and it's astoundingly functional.
My shock at seeing my recently rediscovered PPP app of old up on Slashdot again is quite unnerving, but I can't complain. SLiRP has done me well.
One thing I'd request, if anybody's working on adding features--could somebody port in the MS-DNS code? I'm eventually going to be doing *alot* of GPL work involving SLiRP, but my stuff will end up much more high level.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
I mentioned this in another thread, but bottom-line "Anonymous Posting Is Golden" evidence can be found at the following URLs, posted during the NSA Backdoor discussions:
3 /0940241&cid=13 3 /0940241&cid=79
http://www.slashdot.org/comments.pl?sid=99/09/0
http://www.slashdot.org/comments.pl?sid=99/09/0
Read these to understand why AC posts are excellent to have around.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
The most pressing problem with IPV6 isn't that there aren't enough addresses--10^38 is a workable amount--it's that, as far as I've seen(and I beg anybody who knows better to correct me) there are no procedures in place to distribute those addresses in correct proportions.
Back in the early days of the net, Class A addresses with 16 million entries were tossed out. Why not? 16 million out of a few billion is nothing...of course, now with the advent of CIDR and the shortages of address space, those numbers are desperately needed.
The disturbingly unwieldy sizes of full-length IPV6 addresses would be less bothersome if I actually knew the plan by which those addresses would be distributed. Someone more qualified, please comment.
One final note--as far as I know, while IPV6 allows IPs to be compressed in presentation(i.e. 127.0.0.0.0.0.0.0.0.0.0.0.129.210.64.98 could compress down to 127::129.210.64.98, since the leading zeros can be presumed by subtracting the typed length from the fixed length), the actual packet requires the full spread. Won't this slow down routing to some degree, as the router needs to wait longer before receiving enough data to forward the packet to its destination? For that matter, shouldn't destination preceed source, for that exact reason?
OK, I'm going to go away now while some net.guru encluphonates me thoroughly.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
A bit of history.
Around eight months ago, I was hacking away at this economics essay regarding Open Source. With Linuxworld coming up, I chose to go around, soliciting opinions like any good annoying writer should.
I went to LinuxCare, spoke to Sifry, and received some interesting commentary. I walked up to the infamous Maddog, and had some nice flaws evicerated apart...then I went to the SCO booth.
Wow.
What you guys saw in that article wasn't just the ravings of a deluded marketroid. That's the corporate culture of SCO. I think SCO genuinely feels it owns Unix on Intel, and is desperately flummoxed that someone--anyone--would encroach on their domain.
SCO doesn't like Linux. That's not surprising. What's more interesting, arguably even fascinating, is the degree to which SCO Employees are public about this distaste. I mean, you know there are at least a few people in large corporations who believe very strongly in everything SCO has to degrade about Linux. But they're generally rather quiet about it.
SCO outscreams Microsoft--although, it's interesting to note that MS owns a chunk of SCO...
The question is: Is SCO the only company strong enough to wage those complaints(perhaps due to the MS connection?), or is it the only company weak enough to prevent its employees from spouting off?
I'd personally bet on the latter, but the former isn't altogether unfeasable.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Don't you hate it when you underestimate your opposition? Great post, Fastolfe.
Once you pull the pin, Mr. Grenade is no longer your friend.
In the 1980's, a movie called "I Know My First Name Is Steven" came out. Based on a true story of this kid who was kidnapped for like seven years.
A few months ago, a few campers over in Yosemite were killed by that kid's brother. Big international incident, since there was an exchange student murdered.
Nasty stuff. You act like people are never randomly killed in the woods...
Once you pull the pin, Mr. Grenade is no longer your friend.
I loved the Blair Witch project. Amazing movie, very unique, extremely powerful, quite impressive.
But.
I am incredibly disturbed by the complete and utter lack of attention being given the lead players in Blair Witch. While I fully accept that directors can be shortchanged in the media spotlight, Mike, Josh, and Heather did an *amazing* job.
First, these three acted excellently, with far more convincing performances than you're likely to see from most. Did anyone for a second not completely believe their *confusion*, their distrust, their pure fear? The directors did an outstanding job creating an environment in which the actors could shine, but we should not ignore the fact that these actors did shine, quite outstandingly.
They also spoke a damn nice script, considering their was no script to speak from. Again, the directors did beautifully defining scene outlines, but as Hollywood has much trouble learning, good storyboards do not a compelling story make. Edited with oscar-worthy aplomb, the cast's dialogue, while hokey at times, reflected the nature of stranded, real people in the middle of a disturbingly surreal environment.
Speaking of the editing, have we forgotten that the filmwork of the entire movie was also executed beautifully by these three? Granted, the footage would have worked *awfully* without the amazing work of the directors and editors, but done right their work was critical to the success of this film.
I don't want to take away from the stellar performance of the directors. But Heather, Josh, and Mike deserve more than they're getting.
Of course, there's a reason they're being left out of the loop(for now): The marketroids want people to believe the movie is real.
This happens to be a good thing.
Now I know this is going to make some of you yell and scream, but the fact was if I could have seen this two months ago with absolutely no prior knowledge, I would have been scared out of my fucking mind. Suspension of disbelief is far easier when there's no disbelief to suspend, and while it's somewhat dishonest, it's dishonesty in an environment where the entire industry is built upon creating the most convincing lies possible. Arnold Schwartzenegger is not a cyborg creature sent back through time, and Shitbrick didn't get it on with Stiffler's Mom.
Blair Witch bent the rules. Consider how much more they could have broken them. They could have divulged that BW was fake in September(imagine how pissed you'd be!). The way they did it, everybody going to the movie sorta heard some people saying it was real and some people not--not altogether perfect, but a giant aid to suspending disbelief and a huge contributor to the success of the movie.
If one of the big studios tried this, they'd hang us out to dry with their ability to simultaneously assail the public with their "this is a true story!!!!!!" message, unrebutted, on all media fronts. There would be no doubt, no undercurrent of truth. It'd be so overdone, so disastrous-in-retrospect, that the studio would have no choice but to attempt to suppress any news that the original movie was fake.
I don't have much more faith in the Big Studio's plans for harvesting Net sentiment. Blair Witch and The Matrix have set the standard for what makes an excellent movie site. (The Matrix comic strips, incidentally, are required viewing for any Matrix fan. They add to the movie immensely, and increase my respect for the universe they've developed immensely.)
If the Studio's can actually express more originality than they could press onto the Celluloid into the web site, great. I'm just afraid of fake web sites, fake web rings, and most of all, fake "o i saw this movie it r000led O MY GOD JOHN DOECAPRIO IS SOOOOOO HOT!" manufactured 15 year old geocities pages that are really hacked together by some marketroid committee.
What do they have to lose? The worst they could do is discredit the Internet as a medium for movie discussion...which hurts them, how? If they can't own it...destroy it.
I know not everybody in Hollywood thinks this way. I know that there are some very hard working and ethical people out there.
I also know that there a very real chance that the three actors/screenwriters/camerapeople will get shortchanged by a media looking to move on to some new summer flick. This must not occur. Sooner or later, the Blair Witch Three need to be recognized for their excellent work. It's only fair.
I've talked long enough. What do the rest of you have to say?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Fuck them! My hair is long and my sandals are worn. That's who I am. That's who all of us are. And we fucking wrote the software that Red Hat sells. We own the company in a far more real sense than any of the moneyed lords with sufficient "liquid net worth" to take part in the IPO. They're auctioning my software off on the New York Stock Exchange to the highest bidder, and I can't take part!
Wow.
Open Source Economics takes a whole new turn...
I'll have to integrate this stuff into that essay-cum-Linuxworld-Presentation. A major point I've been arguing is that those who suffer the direct effects of inferior software are more likely to create the fixes for various shortcomings than a body only indirectly connected to the financial pain. Almost all companies have a serious monetary stake in the stable operations of their computer software, and a growing number have realized that such a mission critical part of their business demands the elimination of propietary risks.
In the age of UCITA, open code may be the only thing you can trust. Buying software from companies that support false advertising, remote killswitches, and censorship is akin to hiring Hannibal Lector as your person plastic surgeon--or Master Chef.
Relevance? Consider the financial impact of Open Source on investors. Want your stock to do better? See a specific area of weakness that you percieve is reducing the value of your stock? Fix it. Yourself.
The amount of people funding OSS projects is about to increase...substantially. Fascinating.
See you at LinuxWorld!
Yours Truly,
Dan Kaminsky
http://www.doxpara.com
Once you pull the pin, Mr. Grenade is no longer your friend.
So you're saying by expressing signals that appear to humans as reflective of internal emotions, Kismet is experiencing emotions?
Spoofing is a term applied when a process transmits information to another process reflecting some status about itself that is, in fact, not reflective of the true state. For example, IP Spoofing transmits false IP Source Header information. Samba does not spoof SMB, though--it really speaks it.
It's a bit of a grey line.
In humans, it turns out that the mere expression of an emotional state is enough to generate some aspects of that state internally. On a personal note, this is why I spent Senior Year of High School smiling like a hyena. Acting happy created happiness--strange but true. But Kismet doesn't act out externally as an expression of internal emotional states, or vice versa--there *are* no emotions to reflect, not in the human sense of the word. It's a spoof.
But try telling that to someone who is looking at a cute sad little doll that asks not to have its power disconnected.
What was it that the Star Trek authors argued? That sentience required consciousness, self-awareness, and intelligence? Good values. Nice values. But the ability to effectively convey emotions (and perhaps complex concepts) effectively is probably required for any creature to be recognized as sentient. Call it a bug in the Human OS if you need to. But it's true.
--Dan
Once you pull the pin, Mr. Grenade is no longer your friend.
Wow.
Sometimes I think computer people Just Don't Get It.
Then I see this.
Now, alot of us geeks might whine and moan. "Oh, it's so cute. Die Jar Jar Die!" "The future of technology lies with...Terminator Furby." Whatever.
Outside of the cold, sterile world of gigabit routers and tab completion, a convincingly emotive device has been developed--artificially.
The importance of this is not to be underestimated. Large chunks of government policy are designed to protect animals with emotive properties. As a classic comedy routine went, "Sometimes I think the animals just all got in a line. 'What are you?' 'I'm a seal.' 'You're cute, honk that horn, we'll make sure nobody beats you with a club. Now what are you?' 'Cow. Moo.' 'GET ON THE TRUCK! You're a baseball glove.'"
Pet Rocks were quite the subversive satire on this maternal instinct.
Tamagotchi began the trend, and Furbies proved the consumer attraction, but I think it's the progeny of Kismet that will whip up quite a media frenzy. Who wouldn't think that the media has been waiting to report that a machine built by man doesn't want to die? It's a pent up desire; one that will be released at the first credible moment.
And along comes Kismet.
The key to Kismet really is that it spoofs emotion. Think about it for a second. The MIT guys "sniffed" humans with cameras, copied the protocol stream down to the transitions from one emotive signal to another, and (most importantly) parsed enough of the incoming emotistream to generate a seemingly interactive experience.
Shades of Eliza? Obviously. Eliza spoofed "Rogerian Psychology", where a person does nothing but ask the minimum amount of questions to keep you talking. Eliza took some aspect of human psychology and looped it on itself to create meaning to the user at the least possible computational cost.
Give Eliza and Kismet a love child equipped text to emotive speech and speech to text, and toss in a degree of anger, rage, and fear if the robot "believes" 1) it is to be deactivated(put a video sensor near the off switch) or 2) it is ignored for excessive periods of time, and a non-zero part of the population will believe it alive and as worth protecting as a cute baby seal.
Is it just me, or is it scary how much Hackerthink(spoof, parse, etc.) fits so many different situations? If you can talk to a single person in biotech for more than twenty mintues about their job and not realize they're utter hackers, you aren't paying attention. The same applies to psychologists. How many psych papers read like security bulletin? ("God refuses to patch. F1zRR has released Prozac 1.0 to compensate.")
If Kismet ever goes mainstream, the psychologists are going to have a field day. The technological revolution eliminated the need for menial workers. Kismet, scarily enough, could make shallow friendships far more awkward. "We don't do much more than talk like Kismet."
All this will go on until the media decides to flip public opinion around on its ear(thus making everybody tune in) saying "Are we nuts? This Kismet thing is NOTHING compared to humans! Deux Ex Humana!"
That's just my thoughts. It's late. I'm tired. I have to get up in four hours. Joy.
Send me comments. Or don't.
Once you pull the pin, Mr. Grenade is no longer your friend.
An ounce of prevention saves a pound of cure, eh? Check out the press release:
All Divx discs, including those previously purchased by
consumers and those remaining in retailer inventories, can be viewed on
registered players anytime between now and June 30, 2001.
The significance of this cannot be overlooked. This is empirical proof that any system that places consumer property under the access control of a remote body can, will, and just did repossess control of those goods, despite the (promised!) expectations of the customer.
Told you so.
The Geek Community was quite clear on this: DiVX gives corporations excessive control over the viewing habits of customers, and was generally an awful idea. Truly, we have the media outlets and electronic stores--corporations in their own right--to thank for realizing the inevitable result of any technically dependant system such as DiVX and protecting as many consumers as possible from what the Geeks always recognized as Bad Mojo.
What can we learn from this? SDMI--the MP3 competitor--is flat out doomed to fail if it attempts any sort of protection dependant on contacting anyone anywhere for permission to play a song.
After decades of ripping off artists, lets hope they don't move onto ripping off consumers. (Again. Spoiler Signal What?)
Yours Truly,
Dan Kaminsky
DoxPara Research
effugas@best.com
Once you pull the pin, Mr. Grenade is no longer your friend.
Set up a cron process to output the results of whatever /proc entries you desire into a CSV formatted logfile. Use the tools of your choice to sort through the mass of data. If you need something new, pop into the Linux source and add a /proc entry with whatever you like.
In a slightly related note, Linux needs some new graphics libraries--GD is good, but it's not Excel. I have the distinct feeling GIMP is better suited to what we need. Sooner or later we won't have to jump to Excel to get quality graphs drawn.
Once you pull the pin, Mr. Grenade is no longer your friend.
If you don't want a site hacked, *period*, I suggest you consider a CD-R based server. Let all development occur on, well, development machines, burn a copy of the static site, and have the dynamic material imported in from a backend database.
Lets see how easy it is to hack a server where not even *root* can modify the configuration files.
I'm still waiting for an entire Linux distribution I can boot off a CD-ROM using either a floppy drive or a web site to cache settings. It'll be significantly easier to deal with these CD Lockboxes once the various kernel configs for a semi slow medium serving mechanism are developed.
There will be a few issues with switchovers under a CD-ROM system, incidentally. Updates are no longer a matter of FTPing; it's more along the lines of using Fake(beautiful app) to have two identical servers doing failover for eachother.
Fairness dictates I remind the reader that, no, this isn't 100% effective--a remote root compromiser might still be able to link into the running(but binary non-modifiable) process and somehow redirect some pointer mechanisms to manipulate what files are distributed on the website, but that's orders of magnitude more difficult than echo "THIS SITE SUX" > index.html .
Keep in mind, if you have a backend writable database it's going to be the next target. Intrusion detection on high, keptain.
Email me or visit my site if you want to discuss all this stuff further. If you have experience with ARP/ICMP spoofing attacks, I need you to read something I'm in the process of putting together. Ahhhhh yes, I'm geeking out on security as of late. (Can you tell?)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
Novell? NDS? NIMBLY.
People wonder why I'm so ascerbic against Netware. We've got students around here disconnecting their ethernet ports whenever they have work to do. We've got *FACULTY* doing that.
Not Good.
Once you pull the pin, Mr. Grenade is no longer your friend.
Ever notice how much your Win95/98 machines crash once you install Client32 on them?
Does the phrase "IFSVXD.VXD" mean anything to you? "Windows Protection Error"? Ever wonder why "MPREXE.EXE"(the MultiProtocol Router) crashes so much? Why your client systems are lagging?
Novell servers are rather brilliantly written. Their clients...well, didn't it take 'em a few years to write an uninstaller that didn't work? *YEAH*.
Once you pull the pin, Mr. Grenade is no longer your friend.
DoxPrint's a middleware tool I wrote to translate Network Neighborhood prints to Novell Netware prints. Should help with any migration attempt, considering you can leave all your (working) Novell print queues as they stand and move your clients to the exact same state they'll be in if you choose to move to another print platform. DoxPrint, with a *tiny* amount of coding(I'll even build it into the next version if you like), can allow one point of access to Netware printers, Samba printers, NT printers, and even Appletalk printers. Check it out, it might help ya.
http://doxpara.netpedia.net/doxprint.html
Once you pull the pin, Mr. Grenade is no longer your friend.
If there is one thing I find darkly humorous in the entire Phantom Menace saga, it's been Taco. Poor Rob, split between Tux and the Dark Side, sharp and poignant words signifying each additional step towards the coming Linux Expo...someone should definitely catalog Rob's sayings. Maybe he needs professional help.
Star Wars Widows indeed.
...walking away, imagining Tux with a light saber cutting down the now Darth Taco for abandoning his calling as SlashDiety of the Linux Expo...
Quitting while he's (theoretically) ahead...
Dan Kaminsky
DoxPara Research
http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
I don't know why DoxPrint was moderated into hiding. I'd say mail Rob, but the poor guy gets enough mail. Whoever trashed the post--go away, censor.
(For those who didn't see the original post, DoxPrint lets you print to Novell printers over the Network Neighborhood, by having a Linux box in the middle translate between windows prints and Novell prints. Check it out, send me feedback, etc. I'll put together a FAQ once I have some Q to FA.)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
---
As for adding MP3.com, well, that's how litigation works. It seems highly unlikely that MP3.com will be found liable, but it will certainly impact their IPO.
---
Oh, beautiful. Playmedia becomes liable for damages for filing an intentionally frivolous lawsuit during the IPO period when MP3.COM theoretically might not even be able to defend itself(companies need to be QUIET before they open their IPO, lest the SEC say they're advertising.) Then the lawsuit gets ruled as utterly and knowingly malicious, and boom, mp3.com threatens to sue their pants off unless they drop the Nullsoft suit.
Nice.
Once you pull the pin, Mr. Grenade is no longer your friend.
1) The GIF/Unisys thing is a pretty awful situation that deserves to be redecided.
2) Unisys never had any dealings--as far as I know--with GIF developers. Contrast this with the probable fact that the AMP guy had some early communications w/ Justin Frankel and thus can be presumed to have consented-until-further-notice.
Once you pull the pin, Mr. Grenade is no longer your friend.
My best guess is that the creator of AMP is rather miffed that he didn't market his code well enough to profit from it, that he didn't get into business arrangements that would make him a partner(*cough* why was Nitrane even necessary), and now has been courted by lawyers who think they can wring large chunks of money out of the equation.
The MOST interesting part of the equation is Winamp licensing an engine from FFH. FFH will, IMHO, flip around and bend Playmedia over the proverbial legal bar questioning their chutzpah demanding legal protection over something that they ostensibly "stole" from FFH in the first place.
My "off the cuff" legal analysis of this situation will be that the judge will throw the entire case out, noting that Playmedia(and FFH) lost their claim over the *large* period of time they allowed WinAMP to spread. The Nullsoft guys will successfully argue that Playmedia knowingly allowed the code to be used, that any similarities in code were those that would be expected (by anybody, even Playmedia) from somebody who had seen the source code legally and had recreated it in a new technical system, and that to accept Playmedia's claim would be to usher in a new era of Contagion Litigation.
Contagion Litigation, related to submarine patents, occur when a given technology is allowed to spread contagiously, and when enough parties are infected, the legal nature of the product is reasserted and everybody is forced to pay. It's a form of fraud, obviously, since if each receptor of the "diseased code" had known the legal implication of using the technology before integrating into their systems they would have chosen an alternate route.
There's an element of beauty in all of this. Luckily, the autocratic nature of most courtrooms should cut through the BS rather quickly. I'm sure there's significant precedent against stuff like this.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
Heh.
I'm looking for a good language to deal with a reasonably large(nearing 10K lines) CSV formatted database. It's the log database for the DoxPrint system that's running at my college. DoxPrint is a SambaNetware gateway that I'm releasing under the GPL By The Time You Read This(TM). Presently, the only way to get efficient information out of it is using contortions of grep, sort, uniq, and wc, or loading the database in Excel and having fun.
Should I try Rebol? Or what? I'd like the next version of DoxPrint to support Web Log Analysis, but I'm unsure which language I should cram to achieve that goal. Suggestions?
Yours Truly
Dan Kaminsky
DoxPara Research
http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
IDG has to deal with the Youth Culture around Linux, or else they'd probably be limiting to 16+, or even 18+. I BELIEVE that most non computer conventions are 18+.
Anyway, the point isn't that they refund the badge. Once it had been issued under non-fraudulent conditions, they were responsible for either honoring it or refunding the entire cost of the mistake. It's that whole "bait 'n switch" thing--they got you to come because you thought you could take your kid, then placed you in a situation to either lose a serious investment or find alternate accomodations for your child.
Of course, this wasn't malicious. I'm not from IDG, I'm just being realistic: this was a bureaucratic failure. Somewhere along the line the web site never got updated to read "no kids". It genuinely does cost more to admit children--we live in a rather disgustingly litigious society where parents will sue because their kid swallowed a piece of Trade Show Fluff. (WHAT DO YOU MEAN YOU GAVE A STRESS BALL TO A THREE YEAR OLD?!? THREE YEAR OLDS WILL EAT ANYTHING! I'LL SUE!)
The Cuteness Razor(Attractive people get their way) combines with the Motherly Instinct(Children must be protected) to create some nasty rules for the Law Of Unintended Consequences to work with.
Once you pull the pin, Mr. Grenade is no longer your friend.
Actually, if she had a badge, or even if she had been sent notification saying "you're invited here", it was illegal for them to refuse access to her once she arrived. The "access contract" was set once they provided paper notification that she was being allowed to go. If there had been prior notification during the sign up procedure that 12 year olds were presumptively ineligible to attend, the original signup would have occured under false pretenses, but by what you state this was not the case.
:-)
Long story short: Shoulda gone to management
Once you pull the pin, Mr. Grenade is no longer your friend.