VIA again? The steady rain of Linux problem reports tracked back to odd behavior from VIA chipsets has kept me from trying out any of AMD's newer designs, since the only boards I can find for them are always lumbered with VIA parts.
I love my Matrox Millennium II, old though it is. Next time I buy a non-bargain-basement card it will be a Matrox.
Those cheap ATI 7000 cards that were on deep discount everywhere a while back are good for office type WinXP boxes, though. They beat the pants off the SiS 530 onboard display hardware they replaced.
Indeed, his failure rate seems excessive. My decade-old Orchid Fahrenheit 1280 is still going strong, even after I risked destruction by filling the open DIP memory sockets myself without any discernible static protection.:-O
"A local namespace is just as convenient for the user...."
Until the user moves to a different host. Why do people *always* forget this?
Re:The problem is that DNS is trying to be Google
on
DNSSEC: Good Enough?
·
· Score: 1
"URLs were never intended to be things that people could guess off the top of their heads based on what they were looking for - and they are really bad at it."
Uh? I'm looking for Toyota Motor Co. "http://www.toyota.com/" works. Lookit the cars!
I'm looking for Purdue University. "http://www.purdue.edu" works. Financial aid? classes? it's right there.
I'm looking for the U.S. executive mansion, the "White House". "http://www.whitehouse.gov" works. There's GWB big as life.
Looks like I'm 3 for 3. Gee, I'm really bad at guessing URLs -- I can't seem to do better than 100%.
Well, *I* am an end user (in addition to sysadmin, programmer, etc.) and *I* type in domain names all the time. Where exactly does ssh keep bookmarks, for example?
As for people who think web==internet, who cares about them? The tools *I* use will be crocked, and the way *I* use them will be made pointlessly hideous. We'll wind up inventing another DNS layer on top of the mess just to get back sensible names.
News flash: Win2k SP2+ and WinXP *already have* the code needed to run updates automagically. We use it here and it works quite well. A couple of Registry tweaks is all they need to turn it on.
HOWEVER we also run MS' Software Update Service, which lets us set up a local mirror of the Windows Update patch kits and decide which ones we'll allow the managed stations to fetch. We can test patches first and block any that seem troublesome. I wouldn't turn on automatic patch installation without this review.
Having said all this, I don't think that push-patching will be accepted by those home users who are aware of it. Having a PC that belongs to the company managed by people you could actually go yell at is a lot different from having your *personal property* adjusted without your consent by some faceless company a thousand miles away. The effort being spent on this scheme should be redirected toward teaching some of their coders basic sanitation (like, if you don't allocate net buffers from the stack, you won't facilitate any embarrassing stack-smashing exploits, duuh).
I don't suppose they announced a *reason* for it?
on
Palm Reveals New Name
·
· Score: 1
"I can't find PALM! Have they been delisted??? OMG, WHAT HAPPENED?!?!?!"
"Here's one. Oh, wait, it says Palm One, is this some el-cheapo ripoff? Excuse me -- where are the real Palms?"
Beats me why these people go on and on about brand recognition and then throw their brand down the toilet every couple of years so they can start all over again with a new one.
"It looks like the outbreak continues to get worse and worse, with no real end in sight until people can patch their systems."
Huh, it took me five minutes to fetch and apply the patch over dialup. Of course, if I'd waited to be infected, then I'd have to d/l the cleaner too. So, ten minutes. How hard could it be?
Incidentally, IIRC the folks with real statistics say that the rate of new infections is DEcreasing.
Mr. Smirnoff also got a lot of mileage out of exaggerating the culture shock experienced as a result of moving from the USSR to the USA. {something we take for granted}! What a country!
He appeared on several episodes of _Night Court_ and got to work in some of his standup gags. It was fun.
"University of Washington not only "supports" secure IMAP, POP, and SMTP -- they *require* it."
Well, of course *they* would!:-)
"Also, no FTP or telnet connections... all SSH. Pretty smooth, and the users get along just fine. What excuse do other institutions have for not implementing and enforcing similar policies?"
Duuh, look through the RFCs which extend SMTP until you come to STARTTLS.
The actual problem is that you don't know (until delivery) whether each SMTP hop actually used TLS. So I'll still use OpenPGP regardless. But I'd like to see wider use of TLS by SMTP servers. It's called defense in depth.
(Heck, I'd just like to see my ISP accept CHAP logons. )-:
Indeed. See the comment about how most ISPs' email services are insecure. (No TLS) Be the first to offer secure mail transport and own the market!
There are all sorts of little things that the big boys are too lazy to market because they won't make 900% profit in the first 100 hours. Offer those improvements and the money that some are willing to pay for them will become yours.
I keep thinking I'll find the time to try a different approach: build a filter for procmail that simply strains out all text/html bodyparts and all defined HTML tags in text/plain bodyparts before delivery. Based on experience I figure this will remove absolutely nothing that I wanted or needed to see, and if the resulting message is empty then I know what it was.
Oh, yeah, I also need to have it rip out ms-tnef bodyparts, preferably triggering some derisive sound as it does so.
You missed number 3: codify proper handling of personal data. Like, if any organization other than the SSA accepts your SSN as proof of identity, you win and they eat the loss. Many so-called identification practices are weaker than a beginning programming student's first attempt at cryptography. We need some standards *with teeth* to fix that.
I don't want to generate paper for the vote counters. That'd be a step backward from our mechanical registers. I want *something* -- scribble it on a diskette, store it in a smart card, print an encrypted packet on paper, whatever -- that *I take away with me*, independent of how the machine reports votes to the tally office. Something that can be compared, unambiguously and as many times as necessary, with the official records so that disputes can be resolved.
It won't do much for the total, since a lot of people would either not bother or not be able to justify the expense of the medium, but it would help those who do use it to feel secure that their individual votes were accurately recorded, which a system carried out largely by invisible means makes very difficult. I trust the mechanical system because every aspect of its operation is observed and tested by several people with divergent interest in the results, and they (theoretically) keep each other, and the system, mostly honest. How are they gonna do that with a system which cannot be observed?
I must agree that the punch card system used in Florida was, um, lacking both in security and in user-interface best practices. In fact, if I were asked to design a system to cause the maximum amount of confusion and miscounting, I can imagine nothing "better" than a manual punch card system.
Slashdot Mirror
At least I'll be able to learn, at last, what it is that Joe Carioca considers the equivalent of, "as you Americans say, 'what's cookin?'"
VIA again? The steady rain of Linux problem reports tracked back to odd behavior from VIA chipsets has kept me from trying out any of AMD's newer designs, since the only boards I can find for them are always lumbered with VIA parts.
"...StarWars references...."
You mean _Spaceballs_, of course. Dark Helmet was Rick Moranis' hilariously inept evil-overlord character.
And I think that that Citadel of Dread stuff is a nod to..._The Cineverse Cycle_ (by Craig Shaw Gardner IIRC), a great spoof of...B movies.
The Question is obviously, "why am I perfectly happy drinking this muck from a Lipton's teabag?"
Although Bigelow's Constant Comment is a nice change now and then.
as IIRC Asimov put it.
Or:
"Open the pod bay doors, HAL."
"I don't think so, Dave."
"Awright, it's time for MORE POWER!!!"
Kaboom!
Oh, great. See Gerrold's _When HARLIE Was One_ to see what happens when you allow ten-state logic into your designs. :-)
Nah, the Newtonian Mechanics' Union just sued them instead.
I love my Matrox Millennium II, old though it is. Next time I buy a non-bargain-basement card it will be a Matrox.
Those cheap ATI 7000 cards that were on deep discount everywhere a while back are good for office type WinXP boxes, though. They beat the pants off the SiS 530 onboard display hardware they replaced.
Indeed, his failure rate seems excessive. My decade-old Orchid Fahrenheit 1280 is still going strong, even after I risked destruction by filling the open DIP memory sockets myself without any discernible static protection. :-O
"A local namespace is just as convenient for the user...."
Until the user moves to a different host. Why do people *always* forget this?
"URLs were never intended to be things that people could guess off the top of their heads based on what they were looking for - and they are really bad at it."
Uh? I'm looking for Toyota Motor Co. "http://www.toyota.com/" works. Lookit the cars!
I'm looking for Purdue University. "http://www.purdue.edu" works. Financial aid? classes? it's right there.
I'm looking for the U.S. executive mansion, the "White House". "http://www.whitehouse.gov" works. There's GWB big as life.
Looks like I'm 3 for 3. Gee, I'm really bad at guessing URLs -- I can't seem to do better than 100%.
"Back when we didn't have DNS, pathalias was our dear friend. Gone, but not forgotten!"
Not gone, either. I still have it and use it occasionally.
BTW, two words: "host table". I remember....
"Ever watch end users?"
Well, *I* am an end user (in addition to sysadmin, programmer, etc.) and *I* type in domain names all the time. Where exactly does ssh keep bookmarks, for example?
As for people who think web==internet, who cares about them? The tools *I* use will be crocked, and the way *I* use them will be made pointlessly hideous. We'll wind up inventing another DNS layer on top of the mess just to get back sensible names.
News flash: Win2k SP2+ and WinXP *already have* the code needed to run updates automagically. We use it here and it works quite well. A couple of Registry tweaks is all they need to turn it on.
HOWEVER we also run MS' Software Update Service, which lets us set up a local mirror of the Windows Update patch kits and decide which ones we'll allow the managed stations to fetch. We can test patches first and block any that seem troublesome. I wouldn't turn on automatic patch installation without this review.
Having said all this, I don't think that push-patching will be accepted by those home users who are aware of it. Having a PC that belongs to the company managed by people you could actually go yell at is a lot different from having your *personal property* adjusted without your consent by some faceless company a thousand miles away. The effort being spent on this scheme should be redirected toward teaching some of their coders basic sanitation (like, if you don't allocate net buffers from the stack, you won't facilitate any embarrassing stack-smashing exploits, duuh).
"I can't find PALM! Have they been delisted??? OMG, WHAT HAPPENED?!?!?!"
"Here's one. Oh, wait, it says Palm One, is this some el-cheapo ripoff? Excuse me -- where are the real Palms?"
Beats me why these people go on and on about brand recognition and then throw their brand down the toilet every couple of years so they can start all over again with a new one.
"It looks like the outbreak continues to get worse and worse, with no real end in sight until people can patch their systems."
Huh, it took me five minutes to fetch and apply the patch over dialup. Of course, if I'd waited to be infected, then I'd have to d/l the cleaner too. So, ten minutes. How hard could it be?
Incidentally, IIRC the folks with real statistics say that the rate of new infections is DEcreasing.
..._Mutant 59: The Plastic Eaters_?
Or that story I heard about, that ends with the termite "holding in its jaws a glittering crumb of steel."
Mr. Smirnoff also got a lot of mileage out of exaggerating the culture shock experienced as a result of moving from the USSR to the USA. {something we take for granted}! What a country!
He appeared on several episodes of _Night Court_ and got to work in some of his standup gags. It was fun.
"University of Washington not only "supports" secure IMAP, POP, and SMTP -- they *require* it."
:-)
Well, of course *they* would!
"Also, no FTP or telnet connections... all SSH. Pretty smooth, and the users get along just fine. What excuse do other institutions have for not implementing and enforcing similar policies?"
MS Exchange?
Duuh, look through the RFCs which extend SMTP until you come to STARTTLS.
The actual problem is that you don't know (until delivery) whether each SMTP hop actually used TLS. So I'll still use OpenPGP regardless. But I'd like to see wider use of TLS by SMTP servers. It's called defense in depth.
(Heck, I'd just like to see my ISP accept CHAP logons. )-:
"Why not start your own business, then?"
Indeed. See the comment about how most ISPs' email services are insecure. (No TLS) Be the first to offer secure mail transport and own the market!
There are all sorts of little things that the big boys are too lazy to market because they won't make 900% profit in the first 100 hours. Offer those improvements and the money that some are willing to pay for them will become yours.
I keep thinking I'll find the time to try a different approach: build a filter for procmail that simply strains out all text/html bodyparts and all defined HTML tags in text/plain bodyparts before delivery. Based on experience I figure this will remove absolutely nothing that I wanted or needed to see, and if the resulting message is empty then I know what it was.
Oh, yeah, I also need to have it rip out ms-tnef bodyparts, preferably triggering some derisive sound as it does so.
You missed number 3: codify proper handling of personal data. Like, if any organization other than the SSA accepts your SSN as proof of identity, you win and they eat the loss. Many so-called identification practices are weaker than a beginning programming student's first attempt at cryptography. We need some standards *with teeth* to fix that.
You misunderstand.
I don't want to generate paper for the vote counters. That'd be a step backward from our mechanical registers. I want *something* -- scribble it on a diskette, store it in a smart card, print an encrypted packet on paper, whatever -- that *I take away with me*, independent of how the machine reports votes to the tally office. Something that can be compared, unambiguously and as many times as necessary, with the official records so that disputes can be resolved.
It won't do much for the total, since a lot of people would either not bother or not be able to justify the expense of the medium, but it would help those who do use it to feel secure that their individual votes were accurately recorded, which a system carried out largely by invisible means makes very difficult. I trust the mechanical system because every aspect of its operation is observed and tested by several people with divergent interest in the results, and they (theoretically) keep each other, and the system, mostly honest. How are they gonna do that with a system which cannot be observed?
I must agree that the punch card system used in Florida was, um, lacking both in security and in user-interface best practices. In fact, if I were asked to design a system to cause the maximum amount of confusion and miscounting, I can imagine nothing "better" than a manual punch card system.