I was under the impression that is was more of a "You already have these procedures, but take extra care this week..." deal, rather than a "Let's teach you basic security fundamentals!" type of thing.
Sort of like saying "The roads are icing up, drive carefully." -- it's just a heads-up to remember to follow the procedures. Or so I hope...
To some extend, I do agree with you. However, I want to chip one thing in.
The speed limit on the highway where I live is 55 MPH. The average speed is about 70 MPH; you can do 80 MPH and be keeping up with the majority of the people at times. The police rarely do much, because someone going 55 while everyone else does 80 isn't a "good citizen" -- they're a hazard. Yes, 80 MPH may be dangerous, but someone going 55 in such circumstances is equally as dangerous.
What I'm saying can be summarized as such - without them knowing the prevailing circumstances and conditions, I really don't think they have any right to issue me a fine for speeding. (Note that I'm not debating the legality of this - it's in a contract, and you signed it. I'm merely discussing why no one should ever agree to a contract like this.)
I think I agree with you. I had to buy a Blender book just to figure out how to use the darned thing. The interface was "confusing".
However, once I took the time to learn it, I began to love it. It's actually extremely easy to use after you learn it, and, in addition, the fact that it uses OpenGL as an interface makes it both very small, and very platform-independent. And, even though everyone does tell me I'm strange, I don't think I'm the only one who thinks that Blender actually looks pretty good.
Anyway, to bring my rantings to a point, I think Blender is sort of like Linux -- to a newbie, it seems totally impossible and illogical, but once you learn it, it's the most innovative thing ever.
I have Adelphia's PowerLink service. For the first six months, it was up about 50% of the time, although, to their credit, they did have to do a major overhaul of the entire town's cable system. (They took over... another company that had taken over the cable system, and had left it in a sad state of disrepair.)
I now get 3 Megabits/sec download (being a cable modem, it, of course, varies, but I'm actually slightly over this sometimes -- I once got 3333kbps). I could understand download speed changing a lot, but what I don't get is my upload -- it's capped at 128 kbps, and I've never reached it. Sometimes in speed tests, I'm below 56kbps, other times I'm near 128 kbps. The download, though, is almost always consistent.
I do want to mention that... a.) Adelphia is now in bankruptcy, but continuing to operate; b.) Their customer support is a wee bit lacking. I'm sure there are some very knowledgable people there, but I tend to get the totally clueless ones. Teaching a computer tech what traceroute is and how you use it is painful. (And if anyone gets Adelphia, I suggest you run your own nameserver. That's a frequent cause of failure -- it arbitrarily goes down from time to time, while my connection stays up.)
Not too significant, but I might as well mention it: Their AUP strictly forbids running any sort of server. (They explicitly name any sort of server you could possibly think of, but also mention that the list is not all-inclusive.) However, I have a server running Apache and ssh hanging out on the web, and occasionally even use it; no one has ever said anything to me. I'm guessing it's the usual "We don't really care, but if Slashdot moves out of Exodus and onto your cable modem, we're going to kick you off," which is certainly understandable.
It sounds like you might be talking about the same studies I saw. Did it involve college students being used as test subjects, and, at the conclusion of the tests, each subject guessing it was a *totally* different time?
The conclusion seemed to be "Yep, the body has 25 (or maybe 27?) hour biorhythms," while the evidence given almost made it look like it varies significantly from person to person. Now I really want to track this information down, because I'm more curious than ever. I almost think it was mentioned in the discussions of an old Slashdot poll about sleep. *goes off to research*
I happen to have a GPS sitting on my desk, that I haven't touched in a long time. (I put some batteries in it a few weeks ago to figure out my lat/longitude...)
What I'm wondering is... Will any GPS work, or is this is a specific feature of your GPS? I know that GPS uses very accurate timing to get its information, but I've never seen a way of getting it from a GPS. (I have a Garmin GPS 3 {Plus | Pro} here, a pretty common model.)
Although, now that I think of it, my GPS has one slot on the back, that can be used for either power or an external data link. If you ask me, it's a STUPID design -- the one time you'd actually want to use external power would be... when you had it connected to a computer. (I don't suppose there's a "hack" to run power and data into it at once?)
While there's a 99.9% chance that the "25 hours" figure was a typo, it reminded me of an interesting factoid I've seen before...
The human body's "biorhythms" are apparently based on a 25-hour cycle. Now that I'm actually looking for it, I can't find any links to the research, but perhaps someone more "in the know" can provide this information, as I'm positive that I didn't imagine this fact. There've been some really interesting studies done on this and sleep, I wish I could find the link. (I suppose chances are slim that anyone else would happen to have bookmarked a URL for something about 25 hour biorhythms and sleep?) Can anyone help me out here?
For Debian users, it turns out that there's a Debian package for predict; a simple apt-get install predict
installs it.
As a ham interested in satellite work, I find this to be quite interesting. Ever since I 'upgraded' to Linux, I've had no satellite tracking software. (Although I never really used it under Windows, so I hadn't even noticed anything missing.)
A relatively simple, non-intellectual question, but I've always wondered -- just how many hits/how much bandwidth do you consume, and how many servers do you have to handle the load.
Pricewatch is a good site to go for to get a feel for pricing. People keep trying to drop their prices. I've heard horror stories of people being scammed from people using Pricewatch, but if you're just curious about pricing, it's a good reference. Figure a bit more money, though, if you want to buy your processor(s) in a real brick-and-mortar store.
Now, my question. I've got a dual Athlon system (Athlon MP 1600s). That Linux/Athlon bug thing continues to plague me, I think it's like the "agpgart" bug. Anyone reading this know if that's been fixed yet? I've been toying with the idea of building a new webserver, and want to really beef it up, but if Athlons still crash every couple days (mine seem to go about five days and crash, actually), I really don't want to invest the money. Does anyone know if there have been fixes to this, either with Linux, or with the actual chipset?
I'll totally skirt around the issue of what Slashdot should and shouldn't post, and say this:
I read this as "Linux Kernel 2.4.19 released," and was about to download it and install it on my box as a replacement for 2.4.16. Then I went to get a copy, and couldn't find it... Only then did I realized that it was the 2.5 series, not 2.4
Does anyone else find it absurd that they host the list of mirrors of their site... on their site?
I did, and created a simple PHP script that will redirect you to a random mirror site. (My list of hosts that it uses is everyone with something greater than a T1.) I have very little bandwidth, and am not really supposed to run a webserver on my cable modem anyway, but perhaps someone with a "real" server, with PHP support, could put this up. It's probably not the best-written program, but it works. If someone wants to put it up on their high-bandwidth site and post links, I think it would be a great way to offload traffic from the main server, especially for when "bigger" things are released that cause the main site to hover just below 100 Mbps...
<?php // select a mirror at random // I only have hosts with 10+ Mbit/sec here
Granted, not all OS X users are hardcore UNIX hackers, but I think having Apple pushing a *BSD derivative is a great way to stir up some more interest in it.
I'm a ham radio operator, and have a decent knowledge of FCC laws and stuff, but I'm stepping out a bit onto a limb here; correct me if I'm wrong.
I believe the purpose of the law was to prevent little children from casually flipping through the channels and encountering porn... (Since the child's parents are obviously not responsible for monitor what their children watch...
Assuming that I am correct in my understand, than the law is to prevent people from innocently stumbling across something obscene. However, it is illegal to listen to cellular phone transmissions. Futhermore, most phones (especially ones with Internet access) nowadays are digital. Therefore, to "accidentally" intercept this "obscene" mail, you'd have to first "accidentally" obtain an old (or "Export Only") police scanner, and "accidentally" reverse-engineer the digital modulation.
The above is made significantly more difficult by:
The DMCA
The fact that my phone is "RSA Secure"... Apparently digital phones are RSA encryped? (I never knew this until I got a Motorola cell phone, which has the RSA logo and trademark printed on the side of the box.)
So, anyway, if you go with the spirit of the law... I don't think they're really doing anything wrong. (Unless they can crack RSA really quickly, they can't really prove anything against Cingular... Though I suppose the fact that they could get away with it doesn't mean it's right...)
Do you think they really mean to have libc.so.1 up on their site? It sounds to me like whoever setup their webserver had no idea what they're doing; there's no reason why you'd need (want) to download libraries for Linux from a Patent Crap and Sue People comapny. Netcraft reports "The site www.panip.com is running Rapidsite/Apa/1.3.20 (Unix) FrontPage/4.0.4.3 mod_ssl/2.8.4 OpenSSL/0.9.6 on IRIX". (It's hosted at Verio.)
Leaving off the www gives "The site panip.com is running Web Servinator v0.3 (v.terbo) on FreeBSD." Their netblock is "E.D.G.E. Inc", in San Diego.
Note that I REALLY recommend that people NOT hack/DoS/otherwise mess with their site; that's only going to make things harder for the people they're suing. ("Your Honor, not only are these people violating our patent, but they're also deliberately causing massive DDoS attacks against our servers." Sure, that's a load of crap, but so's the lawsuit; the last thing they need is to try to defend themselves against two frivilous lawsuits, and the DoS thing would almost have some merit.
So my point is twofold:
Their webhosting seems rather crappy
You might think you're doing a favor by showing off your l33t hacking skills, but really, you're making things harder for the poor guy.
I think RoadRunner is getting themselves into more trouble then they think.
Let's say I post something to Usenet trolling, blasting Microsoft and making wild accusations against them. However, my "Organization" is "RoadRunner." While it may not mean anything legally, doesn't that at least partially imply that I'm speaking on behalf of RoadRunner, and, thus, making it seem like RoadRunner's official corporate stance is whatever nonsense I just accused Microsoft of?
For example, if you work at IBM (arbitrarily chosen company), and routinely send out mail voicing *your* opinion, you'll likely have something to the effect of "These opinions are my own, and not that IBM," so that people don't twist mail you send to your friend into IBM's official position on the issue.
Again, I don't know if this carries any legal weight, but I think RoadRunner is getting themselves into more than they bargained for. (Picture swarms of angry people blaming RoadRunner for whatever their customers post.)
I believe there is such a thing as "security through obscurity," but mainly only as part of a well-designed security model.
For example, if you have a webserver and a large netblock, and only have ssh listen on one IP outside of the netblock, you could argue that you're trying to protect your server through obscurity -- the way of getting a shell is "obscured." But obviously, this method isn't exactly extreme security, it just makes things slightly harder for a would-be {hacker | cracker}. Something like this should merely complement an existing security plan.
On a similar note, why do you think military/defense stuff is often kept secret? The obscurity makes things a little more secure, but the Army isn't useless if people figure out what they're doing.
Slashdot Mirror
Sort of like saying "The roads are icing up, drive carefully." -- it's just a heads-up to remember to follow the procedures. Or so I hope...
I'd better work on creating a large archive of this for future archeologists!
The speed limit on the highway where I live is 55 MPH. The average speed is about 70 MPH; you can do 80 MPH and be keeping up with the majority of the people at times. The police rarely do much, because someone going 55 while everyone else does 80 isn't a "good citizen" -- they're a hazard. Yes, 80 MPH may be dangerous, but someone going 55 in such circumstances is equally as dangerous.
What I'm saying can be summarized as such - without them knowing the prevailing circumstances and conditions, I really don't think they have any right to issue me a fine for speeding. (Note that I'm not debating the legality of this - it's in a contract, and you signed it. I'm merely discussing why no one should ever agree to a contract like this.)
However, once I took the time to learn it, I began to love it. It's actually extremely easy to use after you learn it, and, in addition, the fact that it uses OpenGL as an interface makes it both very small, and very platform-independent. And, even though everyone does tell me I'm strange, I don't think I'm the only one who thinks that Blender actually looks pretty good.
Anyway, to bring my rantings to a point, I think Blender is sort of like Linux -- to a newbie, it seems totally impossible and illogical, but once you learn it, it's the most innovative thing ever.
I now get 3 Megabits/sec download (being a cable modem, it, of course, varies, but I'm actually slightly over this sometimes -- I once got 3333kbps). I could understand download speed changing a lot, but what I don't get is my upload -- it's capped at 128 kbps, and I've never reached it. Sometimes in speed tests, I'm below 56kbps, other times I'm near 128 kbps. The download, though, is almost always consistent.
I do want to mention that... a.) Adelphia is now in bankruptcy, but continuing to operate; b.) Their customer support is a wee bit lacking. I'm sure there are some very knowledgable people there, but I tend to get the totally clueless ones. Teaching a computer tech what traceroute is and how you use it is painful. (And if anyone gets Adelphia, I suggest you run your own nameserver. That's a frequent cause of failure -- it arbitrarily goes down from time to time, while my connection stays up.)
Not too significant, but I might as well mention it: Their AUP strictly forbids running any sort of server. (They explicitly name any sort of server you could possibly think of, but also mention that the list is not all-inclusive.) However, I have a server running Apache and ssh hanging out on the web, and occasionally even use it; no one has ever said anything to me. I'm guessing it's the usual "We don't really care, but if Slashdot moves out of Exodus and onto your cable modem, we're going to kick you off," which is certainly understandable.
The conclusion seemed to be "Yep, the body has 25 (or maybe 27?) hour biorhythms," while the evidence given almost made it look like it varies significantly from person to person. Now I really want to track this information down, because I'm more curious than ever. I almost think it was mentioned in the discussions of an old Slashdot poll about sleep. *goes off to research*
What I'm wondering is... Will any GPS work, or is this is a specific feature of your GPS? I know that GPS uses very accurate timing to get its information, but I've never seen a way of getting it from a GPS. (I have a Garmin GPS 3 {Plus | Pro} here, a pretty common model.)
Although, now that I think of it, my GPS has one slot on the back, that can be used for either power or an external data link. If you ask me, it's a STUPID design -- the one time you'd actually want to use external power would be... when you had it connected to a computer. (I don't suppose there's a "hack" to run power and data into it at once?)
The human body's "biorhythms" are apparently based on a 25-hour cycle. Now that I'm actually looking for it, I can't find any links to the research, but perhaps someone more "in the know" can provide this information, as I'm positive that I didn't imagine this fact. There've been some really interesting studies done on this and sleep, I wish I could find the link. (I suppose chances are slim that anyone else would happen to have bookmarked a URL for something about 25 hour biorhythms and sleep?) Can anyone help me out here?
apt-get install predict
installs it.
As a ham interested in satellite work, I find this to be quite interesting. Ever since I 'upgraded' to Linux, I've had no satellite tracking software. (Although I never really used it under Windows, so I hadn't even noticed anything missing.)
A relatively simple, non-intellectual question, but I've always wondered -- just how many hits/how much bandwidth do you consume, and how many servers do you have to handle the load.
I'm flattered that people actually liked my idea, though. :)
Now I've got some entertainment for the night, too. ;)
Sweet! I'm glad to see that someone was actually able to use my code. :)
Pricewatch is a good site to go for to get a feel for pricing. People keep trying to drop their prices. I've heard horror stories of people being scammed from people using Pricewatch, but if you're just curious about pricing, it's a good reference. Figure a bit more money, though, if you want to buy your processor(s) in a real brick-and-mortar store.
Now, my question. I've got a dual Athlon system (Athlon MP 1600s). That Linux/Athlon bug thing continues to plague me, I think it's like the "agpgart" bug. Anyone reading this know if that's been fixed yet? I've been toying with the idea of building a new webserver, and want to really beef it up, but if Athlons still crash every couple days (mine seem to go about five days and crash, actually), I really don't want to invest the money. Does anyone know if there have been fixes to this, either with Linux, or with the actual chipset?
User Mode Linux
I read this as "Linux Kernel 2.4.19 released," and was about to download it and install it on my box as a replacement for 2.4.16. Then I went to get a copy, and couldn't find it... Only then did I realized that it was the 2.5 series, not 2.4
Does anyone else find it absurd that they host the list of mirrors of their site... on their site?
// select a mirror at random
// I only have hosts with 10+ Mbit/sec here
i nux/", "http:/ " , "http://www.llarian-net.lkams.kernen ux/", "http://www.ihets.lkams.kernel.org/pub/linux/", "http://www.mi n ux/", "http://www.valinux.lkams.kernel.org/pub/linux/", "http://www.uw-madisu x/", "http://www.csl-mirror.lkams.kernel.org/pub/lin
u x/", "http://www.ymbnet.lkams.kernel.org/pub/linux/", "http://www.themoes-us.lku x/", "http://www.teleglobe-us.lkams.kernel.org/pub/linu x// ");
I did, and created a simple PHP script that will redirect you to a random mirror site. (My list of hosts that it uses is everyone with something greater than a T1.) I have very little bandwidth, and am not really supposed to run a webserver on my cable modem anyway, but perhaps someone with a "real" server, with PHP support, could put this up. It's probably not the best-written program, but it works. If someone wants to put it up on their high-bandwidth site and post links, I think it would be a great way to offload traffic from the main server, especially for when "bigger" things are released that cause the main site to hover just below 100 Mbps...
<?php
$hosts = array("http://www.internap.lkams.kernel.org/pub/l
//www.netnitco.lkams.kernel.org/pub/linux
l.org/pub/li
idco.lkams.kernel.org/pub/linux/", "http://www.ftp-orst-edu.lkams.kernel.org/pub
/l
on.lkams.kernel.org/pub/lin
ams.kernel.org/pub/lin
", "http://www.secsup-org.lkams.kernel.org/pub/linux
$max = count($hosts);
$site = rand(0, $max);
header("Location: $hosts[$site]");
exit;
?>
Note that this code uses VERY little bandwidth, since all it sends is an HTTP redirect.
though sometimes it's hard to purchase.
I'm sure none of the developers would mind selling you a copy of their GPLed software, if you really had an urge to pay for it. *grin*
Granted, not all OS X users are hardcore UNIX hackers, but I think having Apple pushing a *BSD derivative is a great way to stir up some more interest in it.
I had thought of building a cheap x86 rackmount box with a TV card, and a lot of disk space, which could hopefully be done relatively cheaply.
I just found this on SourceForge: FreeVo. It looks like this, thrown onto a cheap Linux box, could make a good alternative?
I believe the purpose of the law was to prevent little children from casually flipping through the channels and encountering porn... (Since the child's parents are obviously not responsible for monitor what their children watch...
Assuming that I am correct in my understand, than the law is to prevent people from innocently stumbling across something obscene. However, it is illegal to listen to cellular phone transmissions. Futhermore, most phones (especially ones with Internet access) nowadays are digital. Therefore, to "accidentally" intercept this "obscene" mail, you'd have to first "accidentally" obtain an old (or "Export Only") police scanner, and "accidentally" reverse-engineer the digital modulation.
The above is made significantly more difficult by:
The DMCA
The fact that my phone is "RSA Secure"... Apparently digital phones are RSA encryped? (I never knew this until I got a Motorola cell phone, which has the RSA logo and trademark printed on the side of the box.)
So, anyway, if you go with the spirit of the law... I don't think they're really doing anything wrong. (Unless they can crack RSA really quickly, they can't really prove anything against Cingular... Though I suppose the fact that they could get away with it doesn't mean it's right...)
Leaving off the www gives "The site panip.com is running Web Servinator v0.3 (v.terbo) on FreeBSD." Their netblock is "E.D.G.E. Inc", in San Diego.
Note that I REALLY recommend that people NOT hack/DoS/otherwise mess with their site; that's only going to make things harder for the people they're suing. ("Your Honor, not only are these people violating our patent, but they're also deliberately causing massive DDoS attacks against our servers." Sure, that's a load of crap, but so's the lawsuit; the last thing they need is to try to defend themselves against two frivilous lawsuits, and the DoS thing would almost have some merit.
So my point is twofold:
BTW, what does YMMV stand for? I learned IANAL loooooong ago, but still can't figure out YMMV :)
Let's say I post something to Usenet trolling, blasting Microsoft and making wild accusations against them. However, my "Organization" is "RoadRunner." While it may not mean anything legally, doesn't that at least partially imply that I'm speaking on behalf of RoadRunner, and, thus, making it seem like RoadRunner's official corporate stance is whatever nonsense I just accused Microsoft of?
For example, if you work at IBM (arbitrarily chosen company), and routinely send out mail voicing *your* opinion, you'll likely have something to the effect of "These opinions are my own, and not that IBM," so that people don't twist mail you send to your friend into IBM's official position on the issue.
Again, I don't know if this carries any legal weight, but I think RoadRunner is getting themselves into more than they bargained for. (Picture swarms of angry people blaming RoadRunner for whatever their customers post.)
For example, if you have a webserver and a large netblock, and only have ssh listen on one IP outside of the netblock, you could argue that you're trying to protect your server through obscurity -- the way of getting a shell is "obscured." But obviously, this method isn't exactly extreme security, it just makes things slightly harder for a would-be {hacker | cracker}. Something like this should merely complement an existing security plan.
On a similar note, why do you think military/defense stuff is often kept secret? The obscurity makes things a little more secure, but the Army isn't useless if people figure out what they're doing.