I feel sympathy for the techies, but not management. The formula is simple, it takes X employees to support Y number of users, regardless of the size of the organization. I can't help but feel they've skimped on employees at the expense of the customers a little too much for their future profitability.
I have found a vulnerability in CyberCash 3 where local users can do Bad Things.
I have tried many times to get an adequate response from then over the last two or three months. They do seem to be fairly clueless about security issues.
I will be submitting the details to BugTraq tomorrow. They have been warned.
Who cares if it's funny or not? The point is that focusing hate on it isn't necessary. I don't like Penny Arcade, but I don't think everybody should start an anti-PA campaign.
Everybody hates something. Even if only 0.001% of the computing population hates User Friendly, Dilbert or whatever it adds up. Do the math:
0.001% x really large number of people = not insignificant number of Haters
It's the cost of fame, realizing some people will hate you no matter what. Everything offends someone - including *the* Everything. Even being completely Politically Correct offends people.
Don't feel sorry for Illiad, I'm sure he likes what he does and realizes the Haters are in the minority. Feel sorry for the people that need to hate.
UF is hillarious to me. Do I care what Scott Kurtz of PvP thinks of UF? Hell no.
Perl is much like Lego... you can put almost anything almost anywhere. Just instead of innies and outties Perl has lots of punctation and even more context.
I think us geeks are happiest where we can code in peace. For some reason most people seem to think geeks want a busy high-tech city, but I don't think that's what they really want. Companies are attracted to high-tech cities, not necessarily the geeks.
To me the ultimate geek company would own a few large log cabins by a nice lake, with maybe each department in their own cabin. Not too far from home so the spouses won't feel abandoned, or maybe some would even like to live there. Give the cabins high-speed net access a Coke fridge and I...um, they.... would be blissful.
I want out of the city. Badly. I moved from a small city called Prince George half way up British Columbia to Vancouver, and I have found over the last few years the big city has just sucked the creative juices out of me.
Carmack is (of course) correct when he says you have to send some data a little before it can be seen, or else client-side prediction won't work. Imagine player A is *just* around the corner from player B, who is on a slower connection. Player A will then be able to see B before B sees A.
Yes, it would. Bandwidth is definitely the limiting factor, and in fact is the reason Carmack went with the "insecure" design.
Something like streaming MPEG can probably cut the bandwidth by a factor of 100 without any notificable effects. Only 9.6 T1s per user then:-). And if that's the case, a pair of 400kb/s just might do it.
There is no way to make software that runs on the client side totally secure. It is always possible to hack the client to your advantage because it runs on your computer, and you can fiddle the bits in your computer any way you want.
No matter what kind of proxy or checksummed client they use it'll be hackable because it's runnable. It's the same reason that copy-protection, secure audio formats and DVD can all be cracked... at some point code has to be executed that the user can change.
Even if Carmack does as ESR suggests and only send full world updates, that will not prevent a proxy that jumps every time a rocket is fired at your feet or any number of other subtle helpers.
The only solution might be to run all the code on the server. Yes, really. Imagine the client side just being a 2D graphical dumb terminal just drawing frames from the server. It can't be 3D because it would be hackable at the driver-level again.
I didn't say it would be easy, just the only way to make it truly secure.
Earlier today the tiny Deep Space 2 probes crashed into the Martian landscape. Shortly after they landed NASA called the project a resounding success, and proof the Millennium Program works. However, later in the day after analyzing the data from the probes the project was termed a "successful failure".
It has been reported to News At 11 that while the first probe returned all of the expected data, the second only transmitted on word then stop responding.
He has a very, very valid point here. Navigator crashing is why I still reboot to Windows so my wife can browse the web. Well, crashing and the hideously ugly fonts.
Mozilla, where are you?
Honestly, I used to use Navigator almost exclusively. Now I find that it's down to about 25% at work with IE5 the other 75%. Why? As much as I don't like Microsoft, IE5 is just better.
Navigator has fallen behind the technology curve. Whizzy features are no longer enough to satistfy the public, they need stability. The dating is over, it's time for marriage.
Mozzila may save the day, but it can't come soon enough.
Okay, can say I've done this exact thing. We started out prototyping on IIS and Access because we didn't have a decent Linux box yet and Access makes it easy to prototype databases. Our plan was always to go to Linux, but we were forced into it by IIS doing some freaky things.
The perl was a piece of cake to move over - we even switched to mod_perl along the way. The database, however, was a bit of a pain. We moved it first from Access to SQL 7, then used SQL 7s data export function to stuff it into Informix on the Linux box. It was a nightmare, there are so many things that just don't move across. Views, identifiers longer than 18 characters, etc.
My suggestions, from hard-won experience are:
Run a multiplatform web server, not IIS. Unless you're using ASP or such it should be simple. This is by far the best move we made - It was almost bearable to develop on NT once IIS was out of the way.
Clean up your database architecture and make your SQL portable. Don't assume TRUE == 1 or you can escape table names with [].
Move in stages. Get mySQL, Informix, Oracle, whatever running under NT and move the data to it first. Then move it to the Linux box when things have settled down. Same with switching web servers.
This is a good lesson in why to create portable applications. Just move in pieces and you'll gradually see your system get more and more stable, without getting above your head in new things to learn.
Okay, assume the DVD guys panic and rapidly implement some other way of "protecting their interests". Is there a way to crack it no matter what encryption they use?
What about doing something similar to what unfuck.exe does for the Microsoft "secure" audio? I mean, for a software DVD player what's stopping a program from capturing the images straight from the memory on the video card?
Okay, it would be a processor hog, but I'm sure it can be done. For software players, the data has to live somewhere on the system.
Okay, assume the DVD guys panic and rapidly implement some other way of "protecting their interests". Is there a way to crack it no matter what encryption they use?
What about doing something similar to what unfuck.exe does for the Microsoft "secure" audio? I mean, for a software DVD player what's stopping a program from capturing the images straight from the memory on the video card?
Okay, it would be a processor hog, but I'm sure it can be done. For software players, the data has to live somewhere on the system.
I'll give you the benefit of the doubt, and think you're only drunk.
Nobody said you have to monitor EVERYTHING. You don't need to build another Echelon, only a few select pieces. You might even be able to pick out which pieces to monitor because the transmittion will have to include where it came from.
Chill out, it's an idea - I'm not going to steal a billion dollars for you to build it. Who would have thought SETI@home could have processed all the data they had so quickly?
Slashdot Mirror
They are not required to provide fair coverage or to not ruin your evening. They can't make you watch.
So they hire someone to do nothing but deal with resumes, etc...
I feel sympathy for the techies, but not management. The formula is simple, it takes X employees to support Y number of users, regardless of the size of the organization. I can't help but feel they've skimped on employees at the expense of the customers a little too much for their future profitability.
UDP isn't about stopping voices from being heard - it's about stopping a denial of service attack. And that's exactly was excessive spam is.
I have found a vulnerability in CyberCash 3 where local users can do Bad Things.
I have tried many times to get an adequate response from then over the last two or three months. They do seem to be fairly clueless about security issues.
I will be submitting the details to BugTraq tomorrow. They have been warned.
It's good for a home system, average for a server. It's almost painful to have to reboot a box with over 110 days of update just to put it on a UPS...
Who cares if it's funny or not? The point is that focusing hate on it isn't necessary. I don't like Penny Arcade, but I don't think everybody should start an anti-PA campaign.
That's why I like the Far Side too... because I know everything in there is true. :-)
Dilbert offends all middle management and all technical writers. Why should it be okay to make fun of them?
Tasteful humour is about making fun in gentle ways - ways that reveal weaknesses but don't permanently scar.
I don't think UF, Dilbert or most strips do any real damage. A little humiliation keeps you humble.
Someone who can't take a little being made fun off is likely also someone who blames all of their mistakes on someone else.
Everybody hates something. Even if only 0.001% of the computing population hates User Friendly, Dilbert or whatever it adds up. Do the math:
0.001% x really large number of people = not insignificant number of Haters
It's the cost of fame, realizing some people will hate you no matter what. Everything offends someone - including *the* Everything. Even being completely Politically Correct offends people.
Don't feel sorry for Illiad, I'm sure he likes what he does and realizes the Haters are in the minority. Feel sorry for the people that need to hate.
UF is hillarious to me. Do I care what Scott Kurtz of PvP thinks of UF? Hell no.
Perl is much like Lego... you can put almost anything almost anywhere. Just instead of innies and outties Perl has lots of punctation and even more context.
I think us geeks are happiest where we can code in peace. For some reason most people seem to think geeks want a busy high-tech city, but I don't think that's what they really want. Companies are attracted to high-tech cities, not necessarily the geeks.
To me the ultimate geek company would own a few large log cabins by a nice lake, with maybe each department in their own cabin. Not too far from home so the spouses won't feel abandoned, or maybe some would even like to live there. Give the cabins high-speed net access a Coke fridge and I...um, they.... would be blissful.
I want out of the city. Badly. I moved from a small city called Prince George half way up British Columbia to Vancouver, and I have found over the last few years the big city has just sucked the creative juices out of me.
Carmack is (of course) correct when he says you have to send some data a little before it can be seen, or else client-side prediction won't work. Imagine player A is *just* around the corner from player B, who is on a slower connection. Player A will then be able to see B before B sees A.
The problem is that you can do cheating in the 3D rendering part - spikes pertruding from the model so you see the player through walls, for example.
Yes, it would. Bandwidth is definitely the limiting factor, and in fact is the reason Carmack went with the "insecure" design.
:-). And if that's the case, a pair of 400kb/s just might do it.
Something like streaming MPEG can probably cut the bandwidth by a factor of 100 without any notificable effects. Only 9.6 T1s per user then
Not that far off, when you think about it.
There is no way to make software that runs on the client side totally secure. It is always possible to hack the client to your advantage because it runs on your computer, and you can fiddle the bits in your computer any way you want.
No matter what kind of proxy or checksummed client they use it'll be hackable because it's runnable. It's the same reason that copy-protection, secure audio formats and DVD can all be cracked... at some point code has to be executed that the user can change.
Even if Carmack does as ESR suggests and only send full world updates, that will not prevent a proxy that jumps every time a rocket is fired at your feet or any number of other subtle helpers.
The only solution might be to run all the code on the server. Yes, really. Imagine the client side just being a 2D graphical dumb terminal just drawing frames from the server. It can't be 3D because it would be hackable at the driver-level again.
I didn't say it would be easy, just the only way to make it truly secure.
Tonight, on News at 11....
Earlier today the tiny Deep Space 2 probes crashed into the Martian landscape. Shortly after they landed NASA called the project a resounding success, and proof the Millennium Program works. However, later in the day after analyzing the data from the probes the project was termed a "successful failure".
It has been reported to News At 11 that while the first probe returned all of the expected data, the second only transmitted on word then stop responding.
"Ouch"
Stories like this should come with a warning from the Surgeon General.
I read it, and now my head hurts.
He has a very, very valid point here. Navigator crashing is why I still reboot to Windows so my wife can browse the web. Well, crashing and the hideously ugly fonts.
Mozilla, where are you?
Honestly, I used to use Navigator almost exclusively. Now I find that it's down to about 25% at work with IE5 the other 75%. Why? As much as I don't like Microsoft, IE5 is just better.
Navigator has fallen behind the technology curve. Whizzy features are no longer enough to satistfy the public, they need stability. The dating is over, it's time for marriage.
Mozzila may save the day, but it can't come soon enough.
The perl was a piece of cake to move over - we even switched to mod_perl along the way. The database, however, was a bit of a pain. We moved it first from Access to SQL 7, then used SQL 7s data export function to stuff it into Informix on the Linux box. It was a nightmare, there are so many things that just don't move across. Views, identifiers longer than 18 characters, etc.
My suggestions, from hard-won experience are:
This is a good lesson in why to create portable applications. Just move in pieces and you'll gradually see your system get more and more stable, without getting above your head in new things to learn.
Good luck.
Very true - I did not consider this.
Okay, assume the DVD guys panic and rapidly implement some other way of "protecting their interests". Is there a way to crack it no matter what encryption they use?
What about doing something similar to what unfuck.exe does for the Microsoft "secure" audio? I mean, for a software DVD player what's stopping a program from capturing the images straight from the memory on the video card?
Okay, it would be a processor hog, but I'm sure it can be done. For software players, the data has to live somewhere on the system.
Okay, assume the DVD guys panic and rapidly implement some other way of "protecting their interests". Is there a way to crack it no matter what encryption they use?
What about doing something similar to what unfuck.exe does for the Microsoft "secure" audio? I mean, for a software DVD player what's stopping a program from capturing the images straight from the memory on the video card?
Okay, it would be a processor hog, but I'm sure it can be done. For software players, the data has to live somewhere on the system.
I'll give you the benefit of the doubt, and think you're only drunk.
Nobody said you have to monitor EVERYTHING. You don't need to build another Echelon, only a few select pieces. You might even be able to pick out which pieces to monitor because the transmittion will have to include where it came from.
Chill out, it's an idea - I'm not going to steal a billion dollars for you to build it. Who would have thought SETI@home could have processed all the data they had so quickly?
The next cool thing is always 3-5 years off. Until we can use it in the real world, it's just an idea in some guys head.