To all programmers out there, I'll fix your bugs at 5x the rate you do, for a mere 2x your salary. I specialize in array overruns because you're an idiot, pointer misalignments throwing low-level hardware exceptions because you're an idiot, calculation errors due to incorrect operator precedence and casting at inappropriate stages because you're an idiot, and multithread bugs because you're an idiot.
Well, I'm an idiot, anyway. None of the sins you listed are commonly committed by me, however. In some cases they're impossible using the language and tools I'm presently using, but in most cases, because I've always been rather paranoid about the low-level stuff since I did a lot of OS internal work where that sort of thing could send an entire company home for the afternoon.
Not to say that I do bug-free work, just am more subtle in my bugs.
However, the last major corporate job I had, didn't want that level of quality and frequently dinged me for it. All they wanted was for me to "Git 'R Dun!"
It's not like they were a major financial institution or anything. Oh wait...
It's true that a lot of people here are vocal anti-theists. But the problem with placing one group's theological texts on a par with observed scientific data is that it gives force of authority towards respecting that particular religon while denigrating the weight of objectively-observed data. And, for that matter of other religions and their concepts of how we got here.
Might as well have education formally endorse homeopathy or the Vaccine Controversy.
Please explain to me how an understanding or lack thereof of evolution impacts my ability to program computers? To be a successful photographer? To be a lawyer? To be a nuclear engineer? Build a bridge? A writer? In fact, any profession other than 'scientist studying evolution'.
I have never in 10 years of being a very successfully software engineer ever needed to know how old the planet it or where people came from to do my job. It's just never come up. I don't need to know about evolution to build a database or a webpage or a high performance processing system. I have needed to go look up Keplar's equations, figure out how to convert from sidereal time to SI time, model the atmosphere, and parse proc. Age of the earth? Never comes up. Did human's evolve from monkeys? Never comes up. Is there a god? Never comes up.
Seriously. Get over yourselves. The origins of life are not critical knowledge to the vast majority of the population.
Are they learning basic math, physics, reading skills? Those are actually important and widely applicable skills.
Ah! But CRITICAL THINKING! Really? Evolution is the only theory that allows you to impart the skill of critical thinking onto children? Reading literature and building robots don't do this?
The more things you're ignorant of, the more people tend to think you're probably ignorant of your specialty as well.
You don't have to be an expert on topics like evolution, but if you're blatantly uninformed, the impression you project is extreme nerdiness. Boring, narrowly-focused, and limited.
In fact, some have defined one of the differences between being a genius and being a nerd as the breadth of their knowledge. Geniuses are interested in almost everything. They can spare the brainpower and they don't dismiss anything outside their specialty as unimportant. Einsten was a nuclear theorist, but he spent time thinking on why rivers meander, why wet sand underfoot behaves like it does, how yo-yo's work and much more.
Radically? I'd say not from a layman's point of view. The biggest that happened in my lifetime is probably finding organ details of dinosaurs that indicate they weren't cold-blooded like modern lizards.
It shouldn't be a surprise that so many species have gone unknown, especially as far back as the Cambrian period. The odds of a creature being fossilized are very low after all.
I'm not sure that being endothermic was such a shock to me.
Question: is there any mechanism by which you can push that back up the line? As in, "Hey, I'm getting bogus requests from you. Can you see which of your users are sending vast quantities of DNS (or NTP) requests aimed at me, and perhaps inform the users that they are violating your terms of service?"
I assume that hosting such an attack is a TOS violation from most ISPs, though I've certainly heard from Slashdotters who feel that their packets are their own business, and that their ISP should be required to carry them.
Sadly, no. In the case of UDP, only the first router in the chain can do anything. The other routers cannot really tell what the upstream path of a UDP packet was.
And since government agencies have been reported to participate in DDOS attacks, I would not be surprised to learn that some of those agencies had even activated exploits in other people's router microcode to press-gang them into participating unknown to their owners.
Not that you have to be a government agency to do that. It's mainly the difference between ordinary hackers finding and exploiting versus ordering the manufacturer to leave backdoors in the products.
If enough people had routers set to block outbound source IPs foreign to their networks, it would help reduce the volume of attacks, but too many routers are in the hands of people who have slightly less knowledge of of to configure them than they do of operating a toaster.
Nah. Oracle would rather kill Solaris than let that happen.
Good riddance... Solaris is nothing special or unique, at least these days. It's best feature was that it ran on Sparc based hardware, which when Sun Micro Systems was in it's heyday said "Rock Solid reliability". So if you wanted something to run for a decade or two, you purchased Sun hardware which locked you into Solaris. Now days, who cares about Solaris? Running Solaris on X86 hardware it is pointless because it buys you nothing in reliability while costing you in obscurity. Just go to a stable Linux distribution.
The ONLY reason you field Solaris now, is if your customer demands it or your legacy application is not easily ported. The one possible exception to this might be if you are putting up an Oracle cluster.
Solaris is going to die... It probably should too.
Actually, Solaris had several good features. It had much better resource management than Linux does, and the introduction of Solaris Zones allowed a high-performance VM environment while minimizing the amount of gratuitous replication of resources. Basically, sort of a chroot jail + COW filesystem with service level controls.
Sadly, however, the Solaris admins where I worked were never trained to take advantage of those features, so eventially Solaris got booted in favor of lots of Linux and Windows boxes.
I have an analog countdown timer. And a very obnoxious mechanical buzzer.
But a previous poster who lives in an apartment complex made a good point. If you're doing laundry in your own home and the laundry room isn't too isolated from where you're spending your time, in-unit annunciators are fine. On the other hand, if you're using a laundromat in a completely separate building, getting an SMS when the cycle is done means that you could be doing better things with your time than sitting in the laundromat.
"don't set off the lawn sprinklers if it's going to rain".
Actually, by law, people in my state are required to have rain sensors installed as part of their systems. Although from what I've seen, businesses don't.
What frustrates me is that I could do a fairly satisfactory job of automating my home. I have suitable control and sensor devices. But the available program control modules to orchestrate them are over-priced and unreliable.
These computers are parts of botnets that exist for a long time. Send the infected customers an email about their infection, containing the offer to fix it (for a certain price) and a deadline when they will be cut off if they do not get this fixed.
Because the offending packets are UDP, they can (and do) employ bogus response IPs. The IPs of their victims, in fact - which is how the reflection occurs. The botnet machines send out small judas packets to DNS servers all over the world. The DNS servers think that these are legitimate queries from the victim machine and send out large quantities of DNS data to the victims. Hence, the other name: amplification.
The problem is, the fix I had to employ was to physically replace the co-opted DNS servers with more advanced equipment because the system software that was on them had no throttling capabilities nor was is capable of recognizing and rejecting suspicious queries.
It's only a "free" site if you consider that the time and effort that the participants put into it is valueless. And "Beta" is not a term generally used to mean "trial balloon". It usually means, Next Week In Production (unless you're Google, in which case "Next Week" can be removed).
The advertisers pay for the hosting services and infrastructure, but without content, the product is nothing. So users have a definite interest in keeping the site usable and comfortable.
I haven't actually seen the Beta yet, but if it's truly keeping with recent trends in other products towards removal of commonly-used features and insertion of empty glitz, as some anti-Beta whingers have asserted, I can see why there is cause for a major uproar.
We have a lot of self-professed Libertarians here, they chant the mantra claiming that if you don't like service pick a competitor. Consider Digg. That's basically the route that Digg went down, its users fled and Digg dug its own grave. There aren't so many competitors for Slashdot that its users want it too to be ruined, so they're trying to ensure that it doesn't go that route.
I don't often counsel this in the IT world, but if it ain't broke...
If it ain't broke, it must run at least as well as Friendster.... Right? Or maybe it runs as well as Altavista? Geocities? Need some more examples of services that failed to change at the right time? No one said "f--- this beta friendster s---, I'm going to facebook because I dont like this any more", did they? Nope, they said "well hell, 10 of my friends just joined facebook, what am I doing on friendster?" and the rest is history.
There's one critical difference, though. One group lost membership by failing to adapt when competitors started sucking their members away. The other group, however, chased members away. Slashdot seems to be falling into that second category.
It's only a "free" site if you consider that the time and effort that the participants put into it is valueless. And "Beta" is not a term generally used to mean "trial balloon". It usually means, Next Week In Production (unless you're Google, in which case "Next Week" can be removed).
The advertisers pay for the hosting services and infrastructure, but without content, the product is nothing. So users have a definite interest in keeping the site usable and comfortable.
I haven't actually seen the Beta yet, but if it's truly keeping with recent trends in other products towards removal of commonly-used features and insertion of empty glitz, as some anti-Beta whingers have asserted, I can see why there is cause for a major uproar.
We have a lot of self-professed Libertarians here, they chant the mantra claiming that if you don't like service pick a competitor. Consider Digg. That's basically the route that Digg went down, its users fled and Digg dug its own grave. There aren't so many competitors for Slashdot that its users want it too to be ruined, so they're trying to ensure that it doesn't go that route.
I don't often counsel this in the IT world, but if it ain't broke...
You do realize that there's a difference between unit systems used in the USA and unit systems invented by Americans (assuming that there are any)?
The original complaints were coming from people in countries where neither of the above applied and was merely a courtesy conversion for them.
Regardless of what units you use, however, the temperature spreads listed for Sochi don't match for sub-tropical America anywhere near sea level. And when you go to Orlando, don't expect to ski on Space Mountain.
For the benefit of people who using non-murican units:
52 degrees F = 12 C (approx) 75 degrees F = 25 C (approx)
Never mind their actual latitude, from spending most of my life within 5 degrees of the tropics, about the only time we see 75 degrees in summer is in the middle of a heavy thunderstorm. Even the lows are more likely to be in the 80s (25-30 C) during summer months.
Getting a route announced is more difficult than spoofing a source address. Also, if you manage to convince the routers between the multiplying DNS server and you that there IS a route back, you will get the flood, not your victim.
Note that MOST providers already discard spoofed source packets from their customers.
Unfortunately, as my logs amply demonstrated, on a network the size of the Internet, "most" isn't nearly enough. And if the "provider" was a military or rogue ISP installation, they would likely be part of the attack.
That actually could be solved with proper router configuration. For example, don't route traffic sourced from a router that has no route back to the source address. Case by case exceptions if well justified by the source.
Who says there's no route back? The route back is merely bogus.
If you mean that the response address doesn't match the source address, well, it wouldn't the minute it made its first hop. Which means that every router in the world would have to be 100% trustworthy.
DNS is an example of a UDP (User Datagram Protocol),
DNS can use UDP, yes, but it can also use TCP, so as an example of "a UDP", it is quite poor.
He was talking about DNS reflection attacks, which is done via the primary DNS protocol, which is UDP-based. The attacker puts the victim's IP address in the source IP portion of the packet and requests a large quantity of information so that the DNS server will send it to the victim. Scale this up for DDOS on the victim. Since the attack is UDP-based, there's no requirement for the sender's IP to match the packet's sender ID.
I spent a lot of time last summer fending off that stuff, since my older machines didn't have suitable throttling capabilities, and in fact, finally had to move DNS to newer hardware because while my hardware had the power, there wasn't any suitable software to enforce it.
The one thing that puzzled me at the time was the choice of victims, since they weren't the expected big name targets. After recently hearing how GCHQ has been DDOS'ing political targets, I've been wondering, though.
It has been tried many times. I'm staring right now at a vintage box on my bookshelf containing the Amiga Vision program, which was precisely that sort of drag-drop-drool tool. It was intended primarily for multi-media application development, and I liked it, but it obviously never shoved COBOL aside.
It's not the only attempt. I also have an old Scientific American on another shelf that features the Icon language, similarly illustrated by wiring together pictures of stuff. On a more modern note, I have a GUI tool named "Spoon" that allows me to design data extract/transform/load processes using the Pentaho Kettle utility. That one I'm still using, and fairly frequently.
There were attempts using OLE/COM and JavaBeans. Nothing ever became the "killer app-builder".
The primary reason for this seems to be that all of the GUI software design programs are doing declarative-style programming, and while declarative programming has some very powerful advantages, sooner or later you hit the limits of what wiring together pre-supplied components can give you in terms of function, performance, and flexibility. And then you have to fall back to the old text-based modes, which ultimately convert into machine text (binary code).
Management would just love to find a true D-D-D software design tool suitable for general production use. They could get rid of those nasty old overpriced third-world programmers and go straight to untrained monkeys. Or draw out complex systems in their spare time on the back of a napkin and hand them to a flunky. After all, "All You Have To Do Is..."
But the Silver Bullet continues to elude them. No such tool has ever been found.
...can be decrypted if the provider goes belly-up or does an Amazon-style "1984" on them.
Don't wait, do it now. Download calibre and some plugin tools, and deDRM is just a drag'n'drop operation. There is no need to use it to manage your books if you don't want to, you can just use it as a "storage shed" for your uncrippled books.
Actually, I bypass the middleman and decrypt directly.
I know I'm the odd one out, but I never could get excited about Calibre. I have other tools, and they may not be drag-drop-drool simple, but they're easy enough and allow me to do just about anything I want to any format I want.
Incidentally, I just read that Adobe has dropped the "drop dead" deadline, although they're still pushing the new DRM scheme for the long term.
As for microtransactions, I dislike them too - but I think this is one area where the bitcoins (or rather a better one that's more "inflationary" like dogecoin) can find a niche. I understand Reddit uses dogecoins quite happily as "tips" as that currency is deigned to generate coins to encourage spending rather than hoarding. As a result, people actually spend them on little things.... like articles you appreciated.
Like I said, however, a lot of times when I need resources most it's when I can least afford them. Whether it's one horrendous annual fee or the Death of a Thousand Cuts makes no difference, really. I prefer being able to pay what I can when I can. Some people won't pay anything anytime, but the deadbeats are with us always.
DuckDuckGo, Google, Yahoo, even Bing it doesn't matter who your preferred search engine is. I just used Google as an example.
Of course they do. It is patently absurd statements like this that make political discussions on/. so nonproductive.
They just don't have the same definition for the subjective term "fairness" that you do. For example, they think it is fair that if you work hard and make a lot of money that you should get to keep it. Others think that forcing people who work hard to make a lot of money to give their money to other people so they can enjoy it too is fair.
It's the same nonsense with the argument about who supports "torture". Nobody disagrees on the obvious things like the Iron Maiden or the rack, but if someone doesn't believe that waterboarding is torture then they are accused of blanket support for turture, even though they certainly don't hold that opinion.
Try saying "it's not FAIR!" on something and see how quickly they respond:
Slashdot Mirror
To all programmers out there, I'll fix your bugs at 5x the rate you do, for a mere 2x your salary. I specialize in array overruns because you're an idiot, pointer misalignments throwing low-level hardware exceptions because you're an idiot, calculation errors due to incorrect operator precedence and casting at inappropriate stages because you're an idiot, and multithread bugs because you're an idiot.
Well, I'm an idiot, anyway. None of the sins you listed are commonly committed by me, however. In some cases they're impossible using the language and tools I'm presently using, but in most cases, because I've always been rather paranoid about the low-level stuff since I did a lot of OS internal work where that sort of thing could send an entire company home for the afternoon.
Not to say that I do bug-free work, just am more subtle in my bugs.
However, the last major corporate job I had, didn't want that level of quality and frequently dinged me for it. All they wanted was for me to "Git 'R Dun!"
It's not like they were a major financial institution or anything. Oh wait...
It's true that a lot of people here are vocal anti-theists. But the problem with placing one group's theological texts on a par with observed scientific data is that it gives force of authority towards respecting that particular religon while denigrating the weight of objectively-observed data. And, for that matter of other religions and their concepts of how we got here.
Might as well have education formally endorse homeopathy or the Vaccine Controversy.
Please explain to me how an understanding or lack thereof of evolution impacts my ability to program computers? To be a successful photographer? To be a lawyer? To be a nuclear engineer? Build a bridge? A writer? In fact, any profession other than 'scientist studying evolution'.
I have never in 10 years of being a very successfully software engineer ever needed to know how old the planet it or where people came from to do my job. It's just never come up. I don't need to know about evolution to build a database or a webpage or a high performance processing system. I have needed to go look up Keplar's equations, figure out how to convert from sidereal time to SI time, model the atmosphere, and parse proc. Age of the earth? Never comes up. Did human's evolve from monkeys? Never comes up. Is there a god? Never comes up.
Seriously. Get over yourselves. The origins of life are not critical knowledge to the vast majority of the population.
Are they learning basic math, physics, reading skills? Those are actually important and widely applicable skills.
Ah! But CRITICAL THINKING! Really? Evolution is the only theory that allows you to impart the skill of critical thinking onto children? Reading literature and building robots don't do this?
The more things you're ignorant of, the more people tend to think you're probably ignorant of your specialty as well.
You don't have to be an expert on topics like evolution, but if you're blatantly uninformed, the impression you project is extreme nerdiness. Boring, narrowly-focused, and limited.
In fact, some have defined one of the differences between being a genius and being a nerd as the breadth of their knowledge. Geniuses are interested in almost everything. They can spare the brainpower and they don't dismiss anything outside their specialty as unimportant. Einsten was a nuclear theorist, but he spent time thinking on why rivers meander, why wet sand underfoot behaves like it does, how yo-yo's work and much more.
Radically? I'd say not from a layman's point of view. The biggest that happened in my lifetime is probably finding organ details of dinosaurs that indicate they weren't cold-blooded like modern lizards.
It shouldn't be a surprise that so many species have gone unknown, especially as far back as the Cambrian period. The odds of a creature being fossilized are very low after all.
I'm not sure that being endothermic was such a shock to me.
Putting feathers on T-Rex, however...
I don't know personally anyone who believe in the literal truth of the various holy books lying around.
I could introduce you to a large number of people in my town, then, if you're feeling left out.
I always though the Fundamentalist position was that fossils were put there by God, so as to test the faith of hapless followers.
Colour me surprised.
Thank goodness neither position has anything to do with the real world.
You haven't read the Book of Job? Satan was allowed to put them there by God to test the faithful.
It's a joint effort.
Question: is there any mechanism by which you can push that back up the line? As in, "Hey, I'm getting bogus requests from you. Can you see which of your users are sending vast quantities of DNS (or NTP) requests aimed at me, and perhaps inform the users that they are violating your terms of service?"
I assume that hosting such an attack is a TOS violation from most ISPs, though I've certainly heard from Slashdotters who feel that their packets are their own business, and that their ISP should be required to carry them.
Sadly, no. In the case of UDP, only the first router in the chain can do anything. The other routers cannot really tell what the upstream path of a UDP packet was.
And since government agencies have been reported to participate in DDOS attacks, I would not be surprised to learn that some of those agencies had even activated exploits in other people's router microcode to press-gang them into participating unknown to their owners.
Not that you have to be a government agency to do that. It's mainly the difference between ordinary hackers finding and exploiting versus ordering the manufacturer to leave backdoors in the products.
If enough people had routers set to block outbound source IPs foreign to their networks, it would help reduce the volume of attacks, but too many routers are in the hands of people who have slightly less knowledge of of to configure them than they do of operating a toaster.
Nah. Oracle would rather kill Solaris than let that happen.
Good riddance... Solaris is nothing special or unique, at least these days. It's best feature was that it ran on Sparc based hardware, which when Sun Micro Systems was in it's heyday said "Rock Solid reliability". So if you wanted something to run for a decade or two, you purchased Sun hardware which locked you into Solaris. Now days, who cares about Solaris? Running Solaris on X86 hardware it is pointless because it buys you nothing in reliability while costing you in obscurity. Just go to a stable Linux distribution.
The ONLY reason you field Solaris now, is if your customer demands it or your legacy application is not easily ported. The one possible exception to this might be if you are putting up an Oracle cluster.
Solaris is going to die... It probably should too.
Actually, Solaris had several good features. It had much better resource management than Linux does, and the introduction of Solaris Zones allowed a high-performance VM environment while minimizing the amount of gratuitous replication of resources. Basically, sort of a chroot jail + COW filesystem with service level controls.
Sadly, however, the Solaris admins where I worked were never trained to take advantage of those features, so eventially Solaris got booted in favor of lots of Linux and Windows boxes.
Can I have that in a car analogy instead?
.
Yeah, it's like us realizing the inevitability of NASCAR turning into robot wars as Google perfects the self-driving car....
More like seeing Amazon come in the middle of the night and replacing their SUVs with LeCars, from the sound of it.
Last I checked my wet laundry didn't start to mold after just six hours. But I guess the IoT could be helpful for people with early state Alzheimer's,
Mold, maybe not. But those of us in warmer climes can see - or at least smell - it get really sour after only about 3.
I have an analog countdown timer. And a very obnoxious mechanical buzzer.
But a previous poster who lives in an apartment complex made a good point. If you're doing laundry in your own home and the laundry room isn't too isolated from where you're spending your time, in-unit annunciators are fine. On the other hand, if you're using a laundromat in a completely separate building, getting an SMS when the cycle is done means that you could be doing better things with your time than sitting in the laundromat.
"don't set off the lawn sprinklers if it's going to rain".
Actually, by law, people in my state are required to have rain sensors installed as part of their systems. Although from what I've seen, businesses don't.
What frustrates me is that I could do a fairly satisfactory job of automating my home. I have suitable control and sensor devices. But the available program control modules to orchestrate them are over-priced and unreliable.
These computers are parts of botnets that exist for a long time. Send the infected customers an email about their infection, containing the offer to fix it (for a certain price) and a deadline when they will be cut off if they do not get this fixed.
Because the offending packets are UDP, they can (and do) employ bogus response IPs. The IPs of their victims, in fact - which is how the reflection occurs. The botnet machines send out small judas packets to DNS servers all over the world. The DNS servers think that these are legitimate queries from the victim machine and send out large quantities of DNS data to the victims. Hence, the other name: amplification.
The problem is, the fix I had to employ was to physically replace the co-opted DNS servers with more advanced equipment because the system software that was on them had no throttling capabilities nor was is capable of recognizing and rejecting suspicious queries.
It's only a "free" site if you consider that the time and effort that the participants put into it is valueless. And "Beta" is not a term generally used to mean "trial balloon". It usually means, Next Week In Production (unless you're Google, in which case "Next Week" can be removed).
The advertisers pay for the hosting services and infrastructure, but without content, the product is nothing. So users have a definite interest in keeping the site usable and comfortable.
I haven't actually seen the Beta yet, but if it's truly keeping with recent trends in other products towards removal of commonly-used features and insertion of empty glitz, as some anti-Beta whingers have asserted, I can see why there is cause for a major uproar.
We have a lot of self-professed Libertarians here, they chant the mantra claiming that if you don't like service pick a competitor. Consider Digg. That's basically the route that Digg went down, its users fled and Digg dug its own grave. There aren't so many competitors for Slashdot that its users want it too to be ruined, so they're trying to ensure that it doesn't go that route.
I don't often counsel this in the IT world, but if it ain't broke...
If it ain't broke, it must run at least as well as Friendster.... Right? Or maybe it runs as well as Altavista? Geocities? Need some more examples of services that failed to change at the right time? No one said "f--- this beta friendster s---, I'm going to facebook because I dont like this any more", did they? Nope, they said "well hell, 10 of my friends just joined facebook, what am I doing on friendster?" and the rest is history.
There's one critical difference, though. One group lost membership by failing to adapt when competitors started sucking their members away. The other group, however, chased members away. Slashdot seems to be falling into that second category.
It's only a "free" site if you consider that the time and effort that the participants put into it is valueless. And "Beta" is not a term generally used to mean "trial balloon". It usually means, Next Week In Production (unless you're Google, in which case "Next Week" can be removed).
The advertisers pay for the hosting services and infrastructure, but without content, the product is nothing. So users have a definite interest in keeping the site usable and comfortable.
I haven't actually seen the Beta yet, but if it's truly keeping with recent trends in other products towards removal of commonly-used features and insertion of empty glitz, as some anti-Beta whingers have asserted, I can see why there is cause for a major uproar.
We have a lot of self-professed Libertarians here, they chant the mantra claiming that if you don't like service pick a competitor. Consider Digg. That's basically the route that Digg went down, its users fled and Digg dug its own grave. There aren't so many competitors for Slashdot that its users want it too to be ruined, so they're trying to ensure that it doesn't go that route.
I don't often counsel this in the IT world, but if it ain't broke...
I hate to break it to you, but Farenheit was NEVER an American...
http://en.wikipedia.org/wiki/Daniel_Gabriel_Fahrenheit
You do realize that there's a difference between unit systems used in the USA and unit systems invented by Americans (assuming that there are any)?
The original complaints were coming from people in countries where neither of the above applied and was merely a courtesy conversion for them.
Regardless of what units you use, however, the temperature spreads listed for Sochi don't match for sub-tropical America anywhere near sea level. And when you go to Orlando, don't expect to ski on Space Mountain.
For the benefit of people who using non-murican units:
52 degrees F = 12 C (approx)
75 degrees F = 25 C (approx)
Never mind their actual latitude, from spending most of my life within 5 degrees of the tropics, about the only time we see 75 degrees in summer is in the middle of a heavy thunderstorm. Even the lows are more likely to be in the 80s (25-30 C) during summer months.
Getting a route announced is more difficult than spoofing a source address. Also, if you manage to convince the routers between the multiplying DNS server and you that there IS a route back, you will get the flood, not your victim.
Note that MOST providers already discard spoofed source packets from their customers.
Unfortunately, as my logs amply demonstrated, on a network the size of the Internet, "most" isn't nearly enough. And if the "provider" was a military or rogue ISP installation, they would likely be part of the attack.
That actually could be solved with proper router configuration. For example, don't route traffic sourced from a router that has no route back to the source address. Case by case exceptions if well justified by the source.
Who says there's no route back? The route back is merely bogus.
If you mean that the response address doesn't match the source address, well, it wouldn't the minute it made its first hop. Which means that every router in the world would have to be 100% trustworthy.
DNS can use UDP, yes, but it can also use TCP, so as an example of "a UDP", it is quite poor.
He was talking about DNS reflection attacks, which is done via the primary DNS protocol, which is UDP-based. The attacker puts the victim's IP address in the source IP portion of the packet and requests a large quantity of information so that the DNS server will send it to the victim. Scale this up for DDOS on the victim. Since the attack is UDP-based, there's no requirement for the sender's IP to match the packet's sender ID.
I spent a lot of time last summer fending off that stuff, since my older machines didn't have suitable throttling capabilities, and in fact, finally had to move DNS to newer hardware because while my hardware had the power, there wasn't any suitable software to enforce it.
The one thing that puzzled me at the time was the choice of victims, since they weren't the expected big name targets. After recently hearing how GCHQ has been DDOS'ing political targets, I've been wondering, though.
It has been tried many times. I'm staring right now at a vintage box on my bookshelf containing the Amiga Vision program, which was precisely that sort of drag-drop-drool tool. It was intended primarily for multi-media application development, and I liked it, but it obviously never shoved COBOL aside.
It's not the only attempt. I also have an old Scientific American on another shelf that features the Icon language, similarly illustrated by wiring together pictures of stuff. On a more modern note, I have a GUI tool named "Spoon" that allows me to design data extract/transform/load processes using the Pentaho Kettle utility. That one I'm still using, and fairly frequently.
There were attempts using OLE/COM and JavaBeans. Nothing ever became the "killer app-builder".
The primary reason for this seems to be that all of the GUI software design programs are doing declarative-style programming, and while declarative programming has some very powerful advantages, sooner or later you hit the limits of what wiring together pre-supplied components can give you in terms of function, performance, and flexibility. And then you have to fall back to the old text-based modes, which ultimately convert into machine text (binary code).
Management would just love to find a true D-D-D software design tool suitable for general production use. They could get rid of those nasty old overpriced third-world programmers and go straight to untrained monkeys. Or draw out complex systems in their spare time on the back of a napkin and hand them to a flunky. After all, "All You Have To Do Is..."
But the Silver Bullet continues to elude them. No such tool has ever been found.
They just don't have anyone with enough brains to understand THEY HAVE TO HAVE A REAL REASON.
Like, for example, that the president lied about blowjobs.
...can be decrypted if the provider goes belly-up or does an Amazon-style "1984" on them.
Don't wait, do it now. Download calibre and some plugin tools, and deDRM is just a drag'n'drop operation. There is no need to use it to manage your books if you don't want to, you can just use it as a "storage shed" for your uncrippled books.
Actually, I bypass the middleman and decrypt directly.
I know I'm the odd one out, but I never could get excited about Calibre. I have other tools, and they may not be drag-drop-drool simple, but they're easy enough and allow me to do just about anything I want to any format I want.
Incidentally, I just read that Adobe has dropped the "drop dead" deadline, although they're still pushing the new DRM scheme for the long term.
Try DuckDuckGo instead of Google.
As for microtransactions, I dislike them too - but I think this is one area where the bitcoins (or rather a better one that's more "inflationary" like dogecoin) can find a niche. I understand Reddit uses dogecoins quite happily as "tips" as that currency is deigned to generate coins to encourage spending rather than hoarding. As a result, people actually spend them on little things.... like articles you appreciated.
Like I said, however, a lot of times when I need resources most it's when I can least afford them. Whether it's one horrendous annual fee or the Death of a Thousand Cuts makes no difference, really. I prefer being able to pay what I can when I can. Some people won't pay anything anytime, but the deadbeats are with us always.
DuckDuckGo, Google, Yahoo, even Bing it doesn't matter who your preferred search engine is. I just used Google as an example.
Republicans don't believe in fairness.
Of course they do. It is patently absurd statements like this that make political discussions on /. so nonproductive.
They just don't have the same definition for the subjective term "fairness" that you do. For example, they think it is fair that if you work hard and make a lot of money that you should get to keep it. Others think that forcing people who work hard to make a lot of money to give their money to other people so they can enjoy it too is fair.
It's the same nonsense with the argument about who supports "torture". Nobody disagrees on the obvious things like the Iron Maiden or the rack, but if someone doesn't believe that waterboarding is torture then they are accused of blanket support for turture, even though they certainly don't hold that opinion.
Try saying "it's not FAIR!" on something and see how quickly they respond:
"Life isn't fair".