I see your point. I don't understand why so many people here will feel jumpy on legal issue in this stage.
Free speech is so important in US, and it's even vital to those countries which have governemnts nailed their citizens accessing forbidden information.
I don't want to give examples as I don't want to see slashdot.org be banned for political reason in my country. Take a look at the article in Anonymizer for some clue, you'll understand why anonymous free speech is about life and death in other countries
Note: too bad anonymizer has a single point of place to be banned. I wish Freenet and other anonymous free speech project could get around this(and that's their intention).
Good point, but if it isn't distributing illegal stuffs, just for free speech, then restricting its existance would be a federal issue in US.
However, I'm not going to emphasis on US' laws. You may not realize how important anonymous channels of free speech is to other countries.
There are couples of countries you can name that will jail its citizens for distributing or merely reading news that are not welcomed by their governments.
People living in the demoncratic countries may not understand.
If you go on Debian IRC channels and demand support for Progeny, you'll get flamed.
I don't care who you are, you have no position to speak for Debian community as a whole.
Whoever comes to irc.debian.org 6667 for Linux related question, we'll help; questions concerning integration with windows and Linux we'll help; those questions related to Debian, e.g. Stormix and Progeny, we'll help. We even help RedHat users.
We don't have the same conservative and arrogance as in other brand-name specific channels.
Don't listen to this troll, welcome to ask in irc.debian.org. Come here you will understand. There indeed a couple of few arrogant bastards love to flame anybody for pleasure, but majority of us is willing to help as much as we can.
Don't ever put bad name and words of your own to our mouth. Troll.
The yacht and briefcase could be a bribe, but the cutting deal of investing in the country and free license for a period of time is a common business tactics of them.
My University has signed a deal to lock themselves with their free products for 5 years, and someone failed to notice that the contract includes restricting the signed organization from using 'competing products'. As a result, no new SUN workstations/server til it expires. Is it fun to use sparc 2 for parallel processing research or what.
I actually consulted lawyers if we could sue this idiot. Guess what - we can't sue people for their stupidity. *Grumble*
Often it can be impossible to get approval from management to upgrade like this with no testing
I can't agree more. Usually there are two type of management:
1) It's from Microsoft it should have no problem, APPLY IT ASAP!, as a side note if the box broken it's your fault. Question?
2) Test it before applying it to our mission critical *Lotus Notes* server! (Test?! How?!)
I previously work with manager of type 1). Usually I'd just lie and said it's applied, they couldn't tell the difference.
I now work with a manager of type 2), and hell, we buy an exactly duplication of the original NT server for testing. It's a SMP Xeon with RAID 5 build in. The cost to buy two servers+maintenance is even more than getting a much faster and stable UNIX box.
Any NT admin out there work with management style other than 1 and 2?
easier to install one monolithic service pack than hundreds of seperate patches to deal with specific security problems as is the norm on the UNIX side of things
You are one clueless programmer who knows so little about system administration but pretend to be an expert on it.
I've adminstered many UNIX system and none of them need to apply seperate patches. There are packages and application updates like NT's services patches, only better in a sense that they are well documented.
I believe you probably thought administer a UNIX is like administer a home-breed Linux. Nice try, but hell no. (Side note: Not all Linux has bad package management system. Debian GNU/Linux, on the other hand, offer package management even superior to some UNIX's.)
While you thought applying NT's patch is easier(it's not), it's no better than UNIX's. Even the latest NT services patches can't deal with exploits discovered months ago. Read other post for detail.
I'm absolutely sure you've not freaking idea how annoying is to apply NT/IIS patches. It has to reboot all the time, it'll screw up other things for no reason. You might risk wasting time to recover from backup because 'uninstall services patch' option sometime doesn't work
.
Its getting trite to point out how anti-MS the Slashdot trolls^H^H^H^H^H^Heditors are
The definition of trolls are those who attempt to give comment on something one has no clue about. Yes, you are exactly a troll.
You may be a good programmer, congratz. Just stay out of what you have no clue about, troll.
While most people would think it's bad, it's in fact the right direction a game box manufacturer must go.
Let look at the market in Japan. People have always been saying Sega technically made better box than PS, but PS still sold much more than Sega's boxes.
The major problem is that Sega actually have some x-rate games. I personally think it's kinda cool, but those parents(especailly in Japan) who made the purchase decision will frown upon these and buy PS for their kids instead.
A video game developer told me PS and Sega has sole right to decide which game should be released and which shouldn't, unlike the PC game market. Sega is responsible for the appearance of x-rate games in their series.
Microsoft knows that X-Box market would be like PC game market, where they would have problem restricting x-rated games publishing. Making censorware is a right direction for them for the market domination.
Unfortunately, currently even gifted C++ hackers can't make usable gui's for Linux - witness freeciv
Download IBM VisualAge for Java Entry Version for free here, quickly browse the first example in its tutorial, you could then start writing a pretty good GUI program without needing to write a single line of Java code, or have a slight knowledge Java language.
I can write an entire database access GUI front end without writing a line of code.
If I lied you can have my cat's first born child.
You might say it's all depending on the development program. Heck you can choose many other Java development programs but only Microsoft provide you with VB development program.
We opensource community is flexible, why not pick a better name when chance come?
How about 'SHIT'?
It can be 'SHell IT, or Shit HIT, whatever, it doesn't matter, I just found it work well with prefix 'OPEN'.
Even the name is registered trademark of something else, the registerer would be too busy dealing with overwhelming infringement cases. There were millions of such trademark misuses in Al's camp when Bush announced victory.
Even better, you can take the best of the situation when your boss consult you about system security, you can openly say:
In case you didn't know, Microsoft signed a contract with Transvirtual to support development of a GPL PersonalJava 1.1 compliant java envirnoment Kaffe. You can find the news here
However, don't dream that Microsoft dedicates to the growth of Java and GPL. Some conspiracists suspected that the whole things is to hurt Java development. The fact that Kaffe has not implemented java.security will help supporting the false claim "Java is not secure"
"Microsoft is throwing money at a small company trying to make some noise at JavaOne, the way they do every year,"Jim Mitchell, vice president of architecture and technology at Sun's JavaSoft division, said.
Thank you your insightful comment(but what did I said which cased you to write. ^_^).
The book review is about JSP and servlet. As a matter of fact a good JSP (which in turn compiled into java servlet) doesn't really require the client must have java enable.
Java has moving its focus from client-side to server-side year ago. In my opinion disabling Java applet wouldn't stop JSP and servlet, but it's bad thing indeed.
Installation of Linux on IBM ThinkPad is pretty painless. IBM is well known for his support to Linux community, and it reflects on every model of its ThinkPad.
Sometime the vulnerability might due to human mistake, or misconception. Most people would enable both RSA(public/private keys) authenticaion and Password Authentication when setting up a SSH server in *nix.
Enable password authentictaion is effectly breaking the security of RSA, introduce a easier method, or backdoor, to intrude.
Like, 1.2G installation of win2K which doesn't contain IRC, firewall tools, gcc, perl, cl, imap server, sql server, (real)dns server, web proxy, c++, Python, tcltk, etc. by default is not considered big.
It's quite an old news, please go to The Motives and Psychology of Black-hats in RootPrompt for detail.
Reading the IRC logs in the article you will find that there's one Pakistani hacker D1ck got caught in the honeypot, I suspected 'a group of suspected Pakistani hackers' is an overstatement, because the rest of the hackers are americans, say j4n3.
D1ck did say his main target was indian's website, but he did also initiate DDOS attack to some US websites, with the help of other US hackers.
In my point of view, it's more accurate to say "a group of US hackers and a pakistani hacker"
The ZDNet article does not mention how to build a honeypot, read Build a Honeypot for a hint.
During my research we used similar eye-tracking device to help changing the view point of an observer in a VR environment. Our subject of testing all induced nausea and vomitting
We failed to get more healthy subject to continue our research, we couldn't solve the problem in stablizing fast eye movement for use in control device. I am really interested in knowing what technology has they deployed to make it useful.
No...I am just a tutor of an University but I can tell OO is becoming part of their life now. I'm not sure whether it's due to we start teaching Java, instead of C++, 3 years ago.
In my humble opinions teaching OO with C++ is rather time-comsuming because I also need to teach them a lot of non-OO related things but essential to their project, like overloading, garbage collections, etc.
Of course, there are a lot of things in Java doesn't related to OO, but they could well create a good project without them.
The reasons for not using C/C++ is that, as mentioned by a lot of experts above, it can be a lot of ways to do the same thing, which make objective marking difficult. (Similar case on Perl, CLISP, etc.)
Java is a good choice(skipped boring reasons here), but not the best. As we all know Java specifications is being revised from time to time, though it's much more stable recently. But what if SUN's CEO revised the spec. in favour of his son's answers? (kidding)
I of course welcome the news as I'm a Java programmer myself, but I'd say ADA is a much better choice. It's stable(yet ancient ^_^), strong typed, well-defined OO.
Instead last JavaONE all we got was 'don't complain about Java, cause it is making all of you rich.'
I've never attend any seminars by SUN, read any JavaONE ads, really. What I said is from my personal experience, and you know it's true.
The fact that more and more big corps deploying Java and Java programmers get more pay has its own reason. I understand your denial on them as you don't believe all the figures. I wouldn't bring any of them to support my view, because, as I said, Java dose not need to compare with any other languages.
You might say Java is a hype. The hype was over two years ago, when people figured out Java can't do much better in GUI and animations. That's no problem, if its solely purpose is to wirte games, people wouldn't like it.
Lacking of security mind cam be a major invulnerability indeed.
A lot of people has installed sshd to enable security telnet-replacement. It surprises me when I found that a lot of people enable BOTH Password authentication and RSA authentication.
Their rationale is that they want to have higher security in RSA, and convenience in password authentication. Say they setup RSA authenication between their client at home and server at work, but the same user can also login from some other machine with password in case the machine hasn't been setup for RSA connection.
In fact password authentication effectively breaks the RSA in this case. Why would the hacker bother to temper with the RSA while the system can be intruded by tempering with the weaker password authentication?
Say you've implmented a very secured physical key-lock on a door, but you also allow people open the door by entering keycode on the keypad in case people forgot to bring key to open the lock(it happens). Enable both password and RSA authentication in sshd is more or less the same thing.
Of course, it's a way to restrict a group of people using RSA and another group using password authen., but it makes no sense enable both of them for a user.
More worse, many people still enable both authen, regardless what what I recommended....Is that concept so hard to understand?
Poorly you. From Score 3 funny, to score 2 troll, now score 1 troll. It woudn't be long before you become score -1 Troll Lord. (so would this post).
Your sin is talking about Java. Whether people saying good about java here, one'd be regraded as being sacasm(Funny) or blowing winds(troll).
JVM getting faster and faster? They don't believe it. Java 3D/2D for games? They havent' heard of such things.
It's true that in the present stat Java does not run a good games; but I do wish Java would never run any good games. We don't want Java running games and playing animation well, we want it to stay in Enterprise application area so that we can continue getting high pay.
Slashdot Mirror
I see your point. I don't understand why so many people here will feel jumpy on legal issue in this stage.
Free speech is so important in US, and it's even vital to those countries which have governemnts nailed their citizens accessing forbidden information.
I don't want to give examples as I don't want to see slashdot.org be banned for political reason in my country. Take a look at the article in Anonymizer for some clue, you'll understand why anonymous free speech is about life and death in other countries
Note: too bad anonymizer has a single point of place to be banned. I wish Freenet and other anonymous free speech project could get around this(and that's their intention).
Good point, but if it isn't distributing illegal stuffs, just for free speech, then restricting its existance would be a federal issue in US.
However, I'm not going to emphasis on US' laws. You may not realize how important anonymous channels of free speech is to other countries.
There are couples of countries you can name that will jail its citizens for distributing or merely reading news that are not welcomed by their governments.
People living in the demoncratic countries may not understand.
If you go on Debian IRC channels and demand support for Progeny, you'll get flamed.
I don't care who you are, you have no position to speak for Debian community as a whole.
Whoever comes to irc.debian.org 6667 for Linux related question, we'll help; questions concerning integration with windows and Linux we'll help; those questions related to Debian, e.g. Stormix and Progeny, we'll help. We even help RedHat users.
We don't have the same conservative and arrogance as in other brand-name specific channels.
Don't listen to this troll, welcome to ask in irc.debian.org. Come here you will understand. There indeed a couple of few arrogant bastards love to flame anybody for pleasure, but majority of us is willing to help as much as we can.
Don't ever put bad name and words of your own to our mouth. Troll.
The yacht and briefcase could be a bribe, but the cutting deal of investing in the country and free license for a period of time is a common business tactics of them.
My University has signed a deal to lock themselves with their free products for 5 years, and someone failed to notice that the contract includes restricting the signed organization from using 'competing products'. As a result, no new SUN workstations/server til it expires. Is it fun to use sparc 2 for parallel processing research or what.
I actually consulted lawyers if we could sue this idiot. Guess what - we can't sue people for their stupidity. *Grumble*
For your information, here is the link to the metamoderation
Often it can be impossible to get approval from management to upgrade like this with no testing
I can't agree more. Usually there are two type of management:
1) It's from Microsoft it should have no problem, APPLY IT ASAP!, as a side note if the box broken it's your fault. Question?
2) Test it before applying it to our mission critical *Lotus Notes* server! (Test?! How?!)
I previously work with manager of type 1). Usually I'd just lie and said it's applied, they couldn't tell the difference.
I now work with a manager of type 2), and hell, we buy an exactly duplication of the original NT server for testing. It's a SMP Xeon with RAID 5 build in. The cost to buy two servers+maintenance is even more than getting a much faster and stable UNIX box.
Any NT admin out there work with management style other than 1 and 2?
You are one clueless programmer who knows so little about system administration but pretend to be an expert on it.
I've adminstered many UNIX system and none of them need to apply seperate patches. There are packages and application updates like NT's services patches, only better in a sense that they are well documented.
I believe you probably thought administer a UNIX is like administer a home-breed Linux. Nice try, but hell no. (Side note: Not all Linux has bad package management system. Debian GNU/Linux, on the other hand, offer package management even superior to some UNIX's.)
While you thought applying NT's patch is easier(it's not), it's no better than UNIX's. Even the latest NT services patches can't deal with exploits discovered months ago. Read other post for detail.
I'm absolutely sure you've not freaking idea how annoying is to apply NT/IIS patches. It has to reboot all the time, it'll screw up other things for no reason. You might risk wasting time to recover from backup because 'uninstall services patch' option sometime doesn't work
.Its getting trite to point out how anti-MS the Slashdot trolls^H^H^H^H^H^Heditors are
The definition of trolls are those who attempt to give comment on something one has no clue about. Yes, you are exactly a troll.
You may be a good programmer, congratz. Just stay out of what you have no clue about, troll.
While most people would think it's bad, it's in fact the right direction a game box manufacturer must go.
Let look at the market in Japan. People have always been saying Sega technically made better box than PS, but PS still sold much more than Sega's boxes.
The major problem is that Sega actually have some x-rate games. I personally think it's kinda cool, but those parents(especailly in Japan) who made the purchase decision will frown upon these and buy PS for their kids instead.
A video game developer told me PS and Sega has sole right to decide which game should be released and which shouldn't, unlike the PC game market. Sega is responsible for the appearance of x-rate games in their series.
Microsoft knows that X-Box market would be like PC game market, where they would have problem restricting x-rated games publishing. Making censorware is a right direction for them for the market domination.
Unfortunately, currently even gifted C++ hackers can't make usable gui's for Linux - witness freeciv
Download IBM VisualAge for Java Entry Version for free here, quickly browse the first example in its tutorial, you could then start writing a pretty good GUI program without needing to write a single line of Java code, or have a slight knowledge Java language.
I can write an entire database access GUI front end without writing a line of code.
If I lied you can have my cat's first born child.
You might say it's all depending on the development program. Heck you can choose many other Java development programs but only Microsoft provide you with VB development program.
We opensource community is flexible, why not pick a better name when chance come?
How about 'SHIT'?
It can be 'SHell IT, or Shit HIT, whatever, it doesn't matter, I just found it work well with prefix 'OPEN'.
Even the name is registered trademark of something else, the registerer would be too busy dealing with overwhelming infringement cases. There were millions of such trademark misuses in Al's camp when Bush announced victory.
Even better, you can take the best of the situation when your boss consult you about system security, you can openly say:
"It needs shit."
"I don't get a shit of it."
"You really need shit."
"What shit do you get into?!"
"You want that shit?"
"Do you want shit with that"
"HOLY-I mean-OPENSHIT!!"
Ok, with hard feeling, we acknowledge your departure and accept the fact.
But we still want to know the reason behind your guys' departure. Is there a dark-hand behind all these?
Please?
In case you didn't know, Microsoft signed a contract with Transvirtual to support development of a GPL PersonalJava 1.1 compliant java envirnoment Kaffe . You can find the news here
However, don't dream that Microsoft dedicates to the growth of Java and GPL. Some conspiracists suspected that the whole things is to hurt Java development. The fact that Kaffe has not implemented java.security will help supporting the false claim "Java is not secure"
"Microsoft is throwing money at a small company trying to make some noise at JavaOne, the way they do every year,"Jim Mitchell, vice president of architecture and technology at Sun's JavaSoft division, said.
Thank you your insightful comment(but what did I said which cased you to write. ^_^).
The book review is about JSP and servlet. As a matter of fact a good JSP (which in turn compiled into java servlet) doesn't really require the client must have java enable.
Java has moving its focus from client-side to server-side year ago. In my opinion disabling Java applet wouldn't stop JSP and servlet, but it's bad thing indeed.
This is a good sources book which covers a lot of examples in JSP and servlet.
Besides, if you want to study Java, JSP and servlet from the ground up, Wrox's Java Server programming and Professional JSP are pretty good books.
Installation of Linux on IBM ThinkPad is pretty painless. IBM is well known for his support to Linux community, and it reflects on every model of its ThinkPad.
There are ThinkPad Configuration tools if you are interested
Above all, ThinkPad is reliable. You can see from the fact that second hand ThinkPad sell at pretty good price at Ebay.
Disclaimer: I'm an ex-employee of IBM and I really hate IBM but I still think ThinkPad is a great product.
Sometime the vulnerability might due to human mistake, or misconception. Most people would enable both RSA(public/private keys) authenticaion and Password Authentication when setting up a SSH server in *nix.
Enable password authentictaion is effectly breaking the security of RSA, introduce a easier method, or backdoor, to intrude.
Like, 1.2G installation of win2K which doesn't contain IRC, firewall tools, gcc, perl, cl, imap server, sql server, (real)dns server, web proxy, c++, Python, tcltk, etc. by default is not considered big.
It's quite an old news, please go to The Motives and Psychology of Black-hats in RootPrompt for detail.
Reading the IRC logs in the article you will find that there's one Pakistani hacker D1ck got caught in the honeypot, I suspected 'a group of suspected Pakistani hackers' is an overstatement, because the rest of the hackers are americans, say j4n3.
D1ck did say his main target was indian's website, but he did also initiate DDOS attack to some US websites, with the help of other US hackers.
In my point of view, it's more accurate to say "a group of US hackers and a pakistani hacker"
The ZDNet article does not mention how to build a honeypot, read Build a Honeypot for a hint.
During my research we used similar eye-tracking device to help changing the view point of an observer in a VR environment. Our subject of testing all induced nausea and vomitting
We failed to get more healthy subject to continue our research, we couldn't solve the problem in stablizing fast eye movement for use in control device. I am really interested in knowing what technology has they deployed to make it useful.
No...I am just a tutor of an University but I can tell OO is becoming part of their life now. I'm not sure whether it's due to we start teaching Java, instead of C++, 3 years ago.
In my humble opinions teaching OO with C++ is rather time-comsuming because I also need to teach them a lot of non-OO related things but essential to their project, like overloading, garbage collections, etc.
Of course, there are a lot of things in Java doesn't related to OO, but they could well create a good project without them.
The reasons for not using C/C++ is that, as mentioned by a lot of experts above, it can be a lot of ways to do the same thing, which make objective marking difficult. (Similar case on Perl, CLISP, etc.)
Java is a good choice(skipped boring reasons here), but not the best. As we all know Java specifications is being revised from time to time, though it's much more stable recently. But what if SUN's CEO revised the spec. in favour of his son's answers? (kidding)
I of course welcome the news as I'm a Java programmer myself, but I'd say ADA is a much better choice. It's stable(yet ancient ^_^), strong typed, well-defined OO.
Instead last JavaONE all we got was 'don't complain about Java, cause it is making all of you rich.'
I've never attend any seminars by SUN, read any JavaONE ads, really. What I said is from my personal experience, and you know it's true.
The fact that more and more big corps deploying Java and Java programmers get more pay has its own reason. I understand your denial on them as you don't believe all the figures. I wouldn't bring any of them to support my view, because, as I said, Java dose not need to compare with any other languages.
You might say Java is a hype. The hype was over two years ago, when people figured out Java can't do much better in GUI and animations. That's no problem, if its solely purpose is to wirte games, people wouldn't like it.
Lacking of security mind cam be a major invulnerability indeed.
A lot of people has installed sshd to enable security telnet-replacement. It surprises me when I found that a lot of people enable BOTH Password authentication and RSA authentication.
Their rationale is that they want to have higher security in RSA, and convenience in password authentication. Say they setup RSA authenication between their client at home and server at work, but the same user can also login from some other machine with password in case the machine hasn't been setup for RSA connection.
In fact password authentication effectively breaks the RSA in this case. Why would the hacker bother to temper with the RSA while the system can be intruded by tempering with the weaker password authentication?
Say you've implmented a very secured physical key-lock on a door, but you also allow people open the door by entering keycode on the keypad in case people forgot to bring key to open the lock(it happens). Enable both password and RSA authentication in sshd is more or less the same thing.
Of course, it's a way to restrict a group of people using RSA and another group using password authen., but it makes no sense enable both of them for a user.
More worse, many people still enable both authen, regardless what what I recommended....Is that concept so hard to understand?
In my humble opinion the JIT does not necessary included in JVM. Any ordinary browser does include JIT.
I wish the deployer of this tiny jvm(PDA, mobile) would not be so dumb as to skip including a JIT into its product. :)
Poorly you. From Score 3 funny, to score 2 troll, now score 1 troll. It woudn't be long before you become score -1 Troll Lord. (so would this post).
Your sin is talking about Java. Whether people saying good about java here, one'd be regraded as being sacasm(Funny) or blowing winds(troll).
JVM getting faster and faster? They don't believe it. Java 3D/2D for games? They havent' heard of such things.
It's true that in the present stat Java does not run a good games; but I do wish Java would never run any good games. We don't want Java running games and playing animation well, we want it to stay in Enterprise application area so that we can continue getting high pay.