But my point still holds. Sun wants to maintain backward compatibility. Period. That's separate from suck-add implementations of the PAM authentication method. And you're lucky. Last time I administrated Solaris boxes (other than my home workstation), I was stuck with Solaris 7. Trust me, that hurt.
nis implementations that pass these crypt values around the network just makes keeping them inaccessible to users a nightmare.
I feel your pain. That's going to be a difficult one to solve though. How does a user authenticate on a network if they can't pass their hash? One could add public key encryption on top of the authentication protocol, but one slip up in key management and the whole deck of cards collapses. After all, how long will it be until we see a worm that uses distributed power to begin generating all possible MD5 hashes? A daunting task to be sure, but certainly not beyond the current state of computing power.
Because Sun guarantees that every piece of software ever written for Solaris will continue to work in new versions. Some would say that they're penalizing the rest of us for those few users still using 10 year old programs. And yet, there's something to be said for "working out of the box".
You're paying your Unix admins anyway. You might as well have them do something more useful than playing NeTrek all day while the system happily chugs along.
Sometimes you can just do "ypcat -k passwd" and get the hashes anyway.
Just tried it on my Solaris box. I received the error "the domainname hasn't been set on this machine." A security flaw in NIS domains perhaps? That would certainly make the "insider" problem far worse.
If I understand the article correctly, they're using serious computer power to develop a database of all passwords and their resulting hashes. In doing so, they can reverse engineer any hash back into a password via a 1 to 1 lookup. The only problem is that the attacker still needs physical access to your password hashes. In other words, this is much more serious for "insider" hacks where a system user wants root control.
Correct me if I'm wrong, but wasn't the point of moving the hashes from passwd to another root protected file (like "master.passwd") to prevent this sort of problem?
I won't argue with you about the energy conversion. Brown's work is extremely "pie-in-the-sky", None the less, weak nuclear force generators could have tremendous potential for portable devices such as cell phones and laptops. For example, a cell phone chews somewhere between 10-30 watts. If you could build a small generator (or "battery") that is ~20% efficient, you'd only need about 100-300 grams of SR-90 for power. Especially if you aimed a bit above the "standby" draw and dumped the energy into a battery. This would allow you to use less material and slow charge the battery.
I'm a trained member of the scientific community
Would you mind emailing me? I'm just now figuring out some of the stuff I blew off in high school physics, and there's an issue with beta radiation and electricity that's driving me nuts. I've asked a few people so far, but no one seems to know the answer (probably because they know electrical engineering, but not the physics of radiation). My email address is:
If you think you are going to crack iron oxide with a 75 watt RTG source, I wish you luck. But don't expect to be breathing much oxygen.
If you hook enough together you could get the power necessary. That being said, I was being a smart ass in the first place, so we won't let the facts get in the way.:-)
I'm extremely skeptical of the Nucell claims.
As you should be. The primary thing that gives it credence is that the inventor was a respected member of the scientific community. His later invention is being successfully used to reprocess nuclear waste. And yet, until I see a working prototype, I'm not going to get my hopes up.
As to the power output, you need to calculate the kinetic output, not the thermal output. His invention works by decelerating electrons (or protons) in the same way that a generator converts rotary motion to electricity. A particle decelerator if you will. That doesn't mean that it actually works as advertised, but that's the theory behind it.
That's funny, because I never used the word "reactor". I said "nuclear generator". Check my original post if you don't believe me. Of course, it would be even cooler if we took a few of these up with us. 7.5 kW, here I come! That is, if I can get the damn oil companies to leave me alone.
How dare you be so ungrateful! That coal is a precious artifact taken directly from the sunken Titanic itself! You should be spending every day telling people how YOU have a piece of the most important history ever! More interactive... BAH!
In the late 80s I remember it being a well regarded popular 'fact' that 100MHz was the absolute limit for the speed of a CPU.
Given the technology of the day, it was. Statements like that usually come with a caveat like "unless we develop new fabrication technology".
Not too many years later I remember much discussion about hard drives for personal computers being physically unable to go much higher than 1GB.
That was a technical limitation of the PC BIOS and the FAT16 file system. New standards for ATAPI devices were introduced and the barrier was broken. There was never a "it can't be done" statement, simply a "this is a serious inconvenience" statement.
Let's not forget "I think there is a world market for maybe five computers" from the chairman of IBM in 1943
In 1943, he was correct. It's silly to extend his statement all the way to the 1980s and beyond. That's like me saying that "the space program does not need more than 5 space shuttles". Of course that will change in the future!
You're taking statements out of context and making them into nonexistent errors.
The last box on this page is fascinating. I also happen to agree with it. If B&B had actually planned this story arc, we wouldn't have such stinkers are last week's "Boredom Street". I keep hoping that things will turn around for the show, but in my heart I know better.
You know, I was waiting for a response like this. Has Slashdot lost all it's humor? Let me explain the joke.
You see, "Enterprise" was such a piss poor series that they had to "spice it up" by adding in some sort of story arc. (The fact that there's no planned arc to the "story arc" is apparently beside the point.) This story arc was supposed to help "Enterprise" reconnect with the Star Trek fan base. In reality they simply annoyed everyone all that much more. Thus the basis of my joke is that they're doing the same bullshit to Galactica that they did to "Enterprise".
Oh, and I have no doubt that they'll "spin off" into a series in which they'll suddenly "discover evidence of Earth". TV execs seem to be kind of stupid these days. They filibuster any and all good show concepts (even if they're shoe-ins!) then if they actually get around to producing it, they "re-imagine" to add T&A in place of the story line. Of course, at that point they actually have something on the air, so they work quickly to milk it for everything it's worth before they cancel it citing "low ratings".
I'd REALLY love to know what the hell these execs are thinking. No, scratch that. It's probably best I don't know....
...half way through the season they'll figure out that they're loosing ratings and have the characters suddenly stumble upon evidence of the Xinidi^H^H^H^H^H^H Earth and begin a quest to find it. Then they'll destroy some of the deepest elements of the show by using them in throw-away lines.
Really? Last I checked, there were several already there. Sure, that pesky scientific equipment wouldn't run anymore, but when compared to breathing...
The solution is simply to set the default L&F to the system L&F (Gnome in this case). All Java applications that don't have a custom L&F will then conform to the desktop. Since it's a one line change in a properties file, I'm surprised Sun didn't already do it.
Programs like JDiskReport use their own L&F but can be customized to match the desktop.
Because they were brought up on different charges. The initial charges were "assault and battery" (which they were acquitted of), the later charges were "violation of civil rights" which they were found guilty of. Thus double-jeopardy was never violated.
No, I'm saying that a charge that would normally be unenforceable, would be enforceable if there was public support. You have to understand that the US government system is designed with the concept that all systems are flawed. Because they are flawed, every system has checks and balances between the systems in order to make sure that no one system can fail or take control.
In this case, the justice system may fail in its zeal to protect the innocent. Thus the public will step in and allow justice to be served if needed. If justice is wrongly served, the public may make known their displeasure and force the proceedings to fail. But only if the public had a say in the first place. Serious crimes (such as murder) will still complete their trial no matter what the public thinks. However, public pressure can make sure that the proceedings are equitable to all parties.
And if the justice system STILL incorrectly returns results, and the executive branch of government disagrees, a pardon may be handed to the convicted.
It's not a perfect system, but it's not supposed to be a perfect system. It's a system that tries to balance all the factors in a fashion that maintains individual freedoms to the best of our abilities while still completing its task. Attempts to perfect the law result in uncorrectable failures such as this DeCSS case.
I think you're referring to Illinois. The problem was not wrongful deaths, it was a large number of death penalties being overturned. The governor wanted to know WHY so many wrongful convictions were occurring before he allowed the program to continue. I don't know if he has yet reinstated the program.
I believe that's precedent, not law. Constitutional law prevents a retrial. I don't know the details of the case, but my guess is that the Supreme Court would find that the defendant failed to receive "a fair and impartial trial" which is a violation of *his* rights. The fact that he could land in prison after a retrial, or that he could find himself faced with tampering charges, is simply a side effect of holding up the "spirit of the law" within the "letter of the law".
But my point still holds. Sun wants to maintain backward compatibility. Period. That's separate from suck-add implementations of the PAM authentication method. And you're lucky. Last time I administrated Solaris boxes (other than my home workstation), I was stuck with Solaris 7. Trust me, that hurt.
nis implementations that pass these crypt values around the network just makes keeping them inaccessible to users a nightmare.
I feel your pain. That's going to be a difficult one to solve though. How does a user authenticate on a network if they can't pass their hash? One could add public key encryption on top of the authentication protocol, but one slip up in key management and the whole deck of cards collapses. After all, how long will it be until we see a worm that uses distributed power to begin generating all possible MD5 hashes? A daunting task to be sure, but certainly not beyond the current state of computing power.
The DEFAULT is still DES/crypt. Why not change it
Because Sun guarantees that every piece of software ever written for Solaris will continue to work in new versions. Some would say that they're penalizing the rest of us for those few users still using 10 year old programs. And yet, there's something to be said for "working out of the box".
You're paying your Unix admins anyway. You might as well have them do something more useful than playing NeTrek all day while the system happily chugs along.
Sometimes you can just do "ypcat -k passwd" and get the hashes anyway.
Just tried it on my Solaris box. I received the error "the domainname hasn't been set on this machine." A security flaw in NIS domains perhaps? That would certainly make the "insider" problem far worse.
If I understand the article correctly, they're using serious computer power to develop a database of all passwords and their resulting hashes. In doing so, they can reverse engineer any hash back into a password via a 1 to 1 lookup. The only problem is that the attacker still needs physical access to your password hashes. In other words, this is much more serious for "insider" hacks where a system user wants root control.
Correct me if I'm wrong, but wasn't the point of moving the hashes from passwd to another root protected file (like "master.passwd") to prevent this sort of problem?
If you could build a small generator (or "battery") that is ~20% efficient, you'd only need about 100-300 grams of SR-90 for power.
Err... that should read ~10% efficient. We need 10-30 Watts, ergo 100-300. Damn slippery fingers.
I won't argue with you about the energy conversion. Brown's work is extremely "pie-in-the-sky", None the less, weak nuclear force generators could have tremendous potential for portable devices such as cell phones and laptops. For example, a cell phone chews somewhere between 10-30 watts. If you could build a small generator (or "battery") that is ~20% efficient, you'd only need about 100-300 grams of SR-90 for power. Especially if you aimed a bit above the "standby" draw and dumped the energy into a battery. This would allow you to use less material and slow charge the battery.
I'm a trained member of the scientific community
Would you mind emailing me? I'm just now figuring out some of the stuff I blew off in high school physics, and there's an issue with beta radiation and electricity that's driving me nuts. I've asked a few people so far, but no one seems to know the answer (probably because they know electrical engineering, but not the physics of radiation). My email address is:
j b a n e s 'at' t e c h i e . c o m
Just remove the spaces and replace 'at' with @.
Thanks!
If you think you are going to crack iron oxide with a 75 watt RTG source, I wish you luck. But don't expect to be breathing much oxygen.
:-)
If you hook enough together you could get the power necessary. That being said, I was being a smart ass in the first place, so we won't let the facts get in the way.
I'm extremely skeptical of the Nucell claims.
As you should be. The primary thing that gives it credence is that the inventor was a respected member of the scientific community. His later invention is being successfully used to reprocess nuclear waste. And yet, until I see a working prototype, I'm not going to get my hopes up.
As to the power output, you need to calculate the kinetic output, not the thermal output. His invention works by decelerating electrons (or protons) in the same way that a generator converts rotary motion to electricity. A particle decelerator if you will. That doesn't mean that it actually works as advertised, but that's the theory behind it.
That's funny, because I never used the word "reactor". I said "nuclear generator". Check my original post if you don't believe me. Of course, it would be even cooler if we took a few of these up with us. 7.5 kW, here I come! That is, if I can get the damn oil companies to leave me alone.
What can I say? You win some, you loose some.
:P
My day job pays more anyway.
I found this letter for you:
Dear shystershep,
How dare you be so ungrateful! That coal is a precious artifact taken directly from the sunken Titanic itself! You should be spending every day telling people how YOU have a piece of the most important history ever! More interactive... BAH!
Love,
Santa
In the late 80s I remember it being a well regarded popular 'fact' that 100MHz was the absolute limit for the speed of a CPU.
Given the technology of the day, it was. Statements like that usually come with a caveat like "unless we develop new fabrication technology".
Not too many years later I remember much discussion about hard drives for personal computers being physically unable to go much higher than 1GB.
That was a technical limitation of the PC BIOS and the FAT16 file system. New standards for ATAPI devices were introduced and the barrier was broken. There was never a "it can't be done" statement, simply a "this is a serious inconvenience" statement.
Let's not forget "I think there is a world market for maybe five computers" from the chairman of IBM in 1943
In 1943, he was correct. It's silly to extend his statement all the way to the 1980s and beyond. That's like me saying that "the space program does not need more than 5 space shuttles". Of course that will change in the future!
You're taking statements out of context and making them into nonexistent errors.
The last box on this page is fascinating. I also happen to agree with it. If B&B had actually planned this story arc, we wouldn't have such stinkers are last week's "Boredom Street". I keep hoping that things will turn around for the show, but in my heart I know better.
*sigh*
You know, I was waiting for a response like this. Has Slashdot lost all it's humor? Let me explain the joke.
You see, "Enterprise" was such a piss poor series that they had to "spice it up" by adding in some sort of story arc. (The fact that there's no planned arc to the "story arc" is apparently beside the point.) This story arc was supposed to help "Enterprise" reconnect with the Star Trek fan base. In reality they simply annoyed everyone all that much more. Thus the basis of my joke is that they're doing the same bullshit to Galactica that they did to "Enterprise".
Oh, and I have no doubt that they'll "spin off" into a series in which they'll suddenly "discover evidence of Earth". TV execs seem to be kind of stupid these days. They filibuster any and all good show concepts (even if they're shoe-ins!) then if they actually get around to producing it, they "re-imagine" to add T&A in place of the story line. Of course, at that point they actually have something on the air, so they work quickly to milk it for everything it's worth before they cancel it citing "low ratings".
I'd REALLY love to know what the hell these execs are thinking. No, scratch that. It's probably best I don't know....
...half way through the season they'll figure out that they're loosing ratings and have the characters suddenly stumble upon evidence of the Xinidi^H^H^H^H^H^H Earth and begin a quest to find it. Then they'll destroy some of the deepest elements of the show by using them in throw-away lines.
Really? Last I checked, there were several already there. Sure, that pesky scientific equipment wouldn't run anymore, but when compared to breathing...
No problem! You can take a nuclear generator with you and crack the Iron Oxide to produce oxygen! See? No problem. :-D
(Yes, I'm being a smart-ass. Deal with it.)
A 3? I think the Slashdot Universe is going to implode! Run for your lives!!!
The Gnu ASsembler ought to be enough for everyone.
I despise the GNU AS syntax. Sure, it may be more "standard", but it's very difficult to read and keep track of. NASM syntax is much, much nicer.
The solution is simply to set the default L&F to the system L&F (Gnome in this case). All Java applications that don't have a custom L&F will then conform to the desktop. Since it's a one line change in a properties file, I'm surprised Sun didn't already do it.
Programs like JDiskReport use their own L&F but can be customized to match the desktop.
So the question is: if someone is guilty of murder, why wouldn't the public oust the DA for losing the case in the first place?
Unless the DA used the Chewbacca prosecution, who would you be angry at? The DA or the sleazy lawyer who defended the murderer?
Oh, and I should point out that only two of the four police officers were convicted of violating civil rights. The other two were cleared.
Because they were brought up on different charges. The initial charges were "assault and battery" (which they were acquitted of), the later charges were "violation of civil rights" which they were found guilty of. Thus double-jeopardy was never violated.
No, I'm saying that a charge that would normally be unenforceable, would be enforceable if there was public support. You have to understand that the US government system is designed with the concept that all systems are flawed. Because they are flawed, every system has checks and balances between the systems in order to make sure that no one system can fail or take control.
In this case, the justice system may fail in its zeal to protect the innocent. Thus the public will step in and allow justice to be served if needed. If justice is wrongly served, the public may make known their displeasure and force the proceedings to fail. But only if the public had a say in the first place. Serious crimes (such as murder) will still complete their trial no matter what the public thinks. However, public pressure can make sure that the proceedings are equitable to all parties.
And if the justice system STILL incorrectly returns results, and the executive branch of government disagrees, a pardon may be handed to the convicted.
It's not a perfect system, but it's not supposed to be a perfect system. It's a system that tries to balance all the factors in a fashion that maintains individual freedoms to the best of our abilities while still completing its task. Attempts to perfect the law result in uncorrectable failures such as this DeCSS case.
I think you're referring to Illinois. The problem was not wrongful deaths, it was a large number of death penalties being overturned. The governor wanted to know WHY so many wrongful convictions were occurring before he allowed the program to continue. I don't know if he has yet reinstated the program.
I believe that's precedent, not law. Constitutional law prevents a retrial. I don't know the details of the case, but my guess is that the Supreme Court would find that the defendant failed to receive "a fair and impartial trial" which is a violation of *his* rights. The fact that he could land in prison after a retrial, or that he could find himself faced with tampering charges, is simply a side effect of holding up the "spirit of the law" within the "letter of the law".