The blogger "rescued" a fact that the poster tried to suppress. Shall I search Slashdot to see how many times this has been discussed with approval when some corporation or "big media" pulls the same stunt?
No, you missed the point entirely. The poster "suppressed"/pulled back his previous posting only as a gesture of cooperation with the Mozilla security team. He stated very clearly that had the blogger pointed to a public source where he found his copy of the original blog entry, he would in fact confront the Mozilla team with that evidence and/or make his own posting public again.
This is precisely why posting only the original blog entry (without any other information) was unhelpful, at best.
Anyway, let's get back to your point regarding supression of security advisiories vs. corporate supression of "bad publicity" (a la Diebold). Frankly, these are apples and, well, sour grapes.
Supressing a bug report with security implications (or general descriptions about a security-related problem) for the purpose of keeping black hats in the dark has a great deal of traction in various security teams (such as that of Mozilla, Debian, and others). Posting detailed description of a problem until the vendor has come up with a solution (or at least had a chance to do so, subject to a timeout) serves only to accellerate the development of exploits.
As he tried to convey in the article, the issue is not whether he can be faulted or not (and indeed, he can; then again, you can expect that many/most bug submitters would make "mistakes" like these).
The quote, however, deals with someone who submitted for his weblog a word-for-word copy of his original bug report, without any comments, return address, or source. That goes a bit beyond useless and unhelpful, IMHO; that borders on disrespectful. At the very least, as he is saying, if that person indeed wanted full disclosure, he should point to where he found the copy of the text, so that the Mozilla security team could be made aware of it.
Overall a well written article, certainly a lot more thoughtful than your comment.
And none of the ones that you're listing as attackable -- SMTP, DNS, HTTP, etc ship on, say, a Red Hat Linux box or have for years (once the userbase stopped being all sysadmins)
To be accurate, SMTP (via Sendmail) is enabled by default in RedHat 9, though it only listens on the loopback interface.
Moreover, the following other services are enabled by default (though they may be protected by "iptables" if you use the "lokkit" setup): IPP (via cupsd), LPD (via BSD lpd), portmap (!), and sshd.
Nonetheless, that's an astonishing improvement over previous RedHat sins, even as late as v6.2, where a machine was guaranteed to be 0wn3d within 15 minutes of gaining internet access, courtesy of wu-ftpd.
Oh, and I'm running postfix on my RH box, nicely packaged and all, and you can certainly install sendmail on Mac OS X, just like you can on any other *IXes. It's not *that* uncommon to use something from fink or something that doesn't come stock with OS X -- the only person that I personally know that uses OS X on a home machine runs Apache 2 on it, for instance.
Sure. I run OSXvnc for one thing (basically so that I can share one keyboard/mouse by using "x2vnc" from my Solaris box in the middle to my Mac on the left (and do a similar thing for my Debian box on the right)). Earlier, I used my Mac at home as my internet gateway, and installed Exim on it to receive my mail. Etc.
This is irrelevant, however, to the discussion at hand. Here we were talking about default configurations, in systems as they are shipped. Like it or not, that's how 75% of users will leave them.
My point is that it's absurd to compare a traditional *IX box of ten years ago to a Mac OS X box of today.
Well, you made that comparison, not me. Anyway, my point is that even today, most UNIX and Linux (including RedHat) systems come shipped with lots of services enabled by default, with the exception of Mac OS X (and OpenBSD).
Don't misunderstand, more serious stuff than this is pretty much standard fare for Windows (and sometimes on UNIX/Linux to, cf. "wu-ftpd", "bind", and "sendmail") - but for the Mac OS X platform, a flaw as "exploitable" as this is pretty unique.
Err -- OS X isn't going to be better off than UNIX/Linux, as it's open to almost all attacks that those platforms are. If FreeBSD can get nailed via sendmail, so can OS X.
The difference is in services enabled by default. No TCP/IP services are enabled by default under Mac OS X. Even SSH - if you want to be able to SSH to your OS X box, you first need to enable "Remote Login" in the Network settings of your Systems preferences.
Moreover, Mac OS X ships with Postfix, not Sendmail. Postfix has a better track record w.r.t. security.
Though it is true that it also ships with BIND, the name services are only available if you turn on "Internet Connection Sharing", and only for those interfaces that are "internal" (i.e. those you share your external connection with). The external connection still does not listen on UDP/53 or TCP/53.
Those other *IX platforms have been around for more years, so they have a larger security history. This is the kind of misleading credit that OS X gets that's a bit frusterating to me, since it really does not help folks make intelligent decisions.
You are misunderstanding the gist of what I was saying. Most 'standard' UNIX systems (with the exception of OpenBSD) come with a bunch of services that are applicable to server machines enabled, such as SMTP, DNS, HTTP, etc.. Mac OS X, while having "learned" in the sense that it includes the more secure alternatives of available software, also leave these services disabled by default.
I get the impression (only from the/. blurb so far) that this hole is, by orders of magnitude, more serious than anything reported for Mac OS X previously.
Most "vulnerabilites" previously reported for Mac OS X have been largely theoretical, obscure, and hardly any real threat (at least, when compared to the pretty high threshold of threat before anyting is considered a "flaw" in the Windows world).
Don't misunderstand, more serious stuff than this is pretty much standard fare for Windows (and sometimes on UNIX/Linux to, cf. "wu-ftpd", "bind", and "sendmail") - but for the Mac OS X platform, a flaw as "exploitable" as this is pretty unique.
'Course, if will probably be taken care of within a few days via "software update", if not already.
SpamAssassin gives a negative score to IP addresses listed in the IronPort bonded sender program. This has several times prevented my wife's email from her work address (at Charles Schwab) to our home machine from being mistakenly blocked; because she uses MS Outlook with "custom" stationaries, SA normally gives a pretty high score to her mail based on content checks alone.
The idea is similar to Habeas - use this service if your business is legitimate; spammer abuse will be dealt with by the provider (in this case, IronPort will take their deposit, and remove them from the whitelist).
I like this service. It is not a magic bullet, but one among many checks that is quite effective in more accurately block spam and only spam.
I would figure your device needs 440W. At 220V you pull 2A to get that. You drop the Voltage to 205V and your device now pulls just under 2.15A.
In a simple device, the resistance is roughly constant (up to a certain point). When you decrease voltage, then the current draw actually decrease as well, thereby reducing the power consumption to the 2nd degree.
In your example, a device that draws 440W at 220V (i.e. 2.0A) has a resistance of 0.5 ohms. When you lower the voltage to 109V, that yields
(209V/220V)*2.0A = 1.9A
and
209V*1.9A = 397W
(Ignoring the fact that 1VA is not quite the same as 1W, due to inductance/capacitance).
Re:Some things are unstoppable
on
Spam Bits
·
· Score: 1
1.) SPAM
From our perspective as receivers, they are not unstoppable. SpamAssassin does a pretty good job (as do other filters), better yet if integrated into your MTA so filtering happens at SMTP connection time.
2.) P2P
Why would you want to stop that? (I have never used a P2P app, but I cannot figure out why it is something that should be "stopped" in the first place).
3.) Pop ups
Use ABBMSIE (Any browser but Microsoft Internet Explorer). For instance, Mozilla based browsers (Mozilla, Firefox, Camino, Galeon...), KHTML based browser (Konqueror, Safari), Opera & all provide "popup blocking" -- reject popups that are not specifically a result of a user action (such as clicking on a link).
4.) Virus
Use AOSBMSW (Any Operating System But Microsoft Windows). Nuff said.
Re:I can't stand it anymore!
on
Spam Bits
·
· Score: 2, Insightful
If Linux were as popular as Windows is today, it would be just as plagued by security holes.
First, wrong. Apache runs 60%-70% of the world's web servers, yet MS II has far more security holes (at least judging by # of exploits). Following your logic, this would not be the case.
Second, what that generates spam zombies is not really "security holes" in general, but more than anything, a particular type of exploit, namely viruses (virii?). These are nearly exclusive to Windows. (Indeed, by some accounts, Linux installations on the internet are more exploited than Windows installations -- discounting viruses. Take it with a grain of salt, but you get the idea - we are not talking about "security" in general).
Third, even though Windows may be more widely used by home users than Linux, most crackers ("evil hackers") are more familiar with the world of UNIX and Linux -- typically these OSes are their own tools of choice. Moreover, the source code for Linux (and *BSD) is widely available, and so any holes are much easier to find. (You saw that based only a tiny fraction of the Windows source code, leaked to only a tiny fraction of the worlds cracker population, several new "critical" exploits surfaced within days, if not hours).
When you're talking about large enterprise installations, or installations where people want the backing or support of a company, Linux does cost money - ie: Red Hat Enterprise Linux. Yeah, you can download new packages and install updates, but it's easier to use RHN, etc.
This is an oft-repeated argument "against" Linux, however it is a misrepresentation.
First, a number of different Linux distributions (most notably Debian, but also Gentoo, Connectiva...) offer incredibly streamlined update processes (much more so than, say, Windows or even RHN). Not only for fixes and security enhancements to an already-released "base" version of the OS, but also to update to a newer version of the OS (Debian Woody -> Sarge, for instance).
Second, commercial support for Linux - including completely free distributions such as Debian -- is available. Although this will be of importance to some "large enterprise installations" wrt. "buy-in" (read: in the mind of PHBs), it turns out to be less important than overall stability and maintainablity of the software in the long run. After all, the best support you can get for an OS is one you don't have to resort to.
More importantly, both Linux and Windows have signficant "market shares" in settings where commercial support matters less, or not at all. A typical home user will not typically call Microsoft when s/he encounters problems -- s/he has been trained/conditioned not to do so by now. (Basically, they charge an arm and a leg on top of the cost of the OS and rarely, if ever, provide any actual help). A home user is much more likely to search for the answer via Goole, or in online discussions -- environments in which Linux support far exceeds support for Windows.
This test alone would not do, of course. But integrated into filtering software such as SpamAssassin, it would probably be one of the more reliable (high positive/negative score) tests.
Why all the anger? Look at the subject line of your postings in this thread, for a hint.
Anyway, you say:
Can you provide sources for your school cost figures? And do those figures include the cost of all the admins that run the schools?
Here is an annual report from the San Carlos school district (in San Mateo), quoting expenditures per student as $4068 (end of page 2). The total cost (including administration) is $5210.
Application forms for a whole bunch of schools nationwide that applied for the "No Child Left Behind" grant (which, for public schools, include expenditures per child) in 2003 can be seen here.
A list of San Mateo private elementary schools (on whose sites you generally find tuition schedules) is here. As an example, to enroll a student in grades 1-5, 5 full days per week, at "Challenger School", is $13,585.
I stand corrected, esp. re: my overall impression of (lack of) government waste. I surely knew that a lot of waste had to come from using M$ products, but did not know that was CA policy, or that the Oracle debacle is even worse than what was said in the media, given that Oracle was not even the DB plaform that agencies were using..
Thanks for your perspective. Very enlightening (in a dark sort of way...)
Take the infamous CA recall & the "governator"'s plea to "identify and terminate" the excessive governement waste, his contention that a 45% increase in state spending since the.com boom surely points to a less and less efficient government.
As it turns out, all of the increase, and then some, is due to increased medicaid spending (due to a larger retired population and even more due to increased drug costs).
Take the example of private / public elementary schools. In a typical private school, the money spent per pupil is $15,000 per year; in the San Mateo school district (in one of the more affluent parts of CA), the expenditure per student is $5000. And yes, that includes administration.
The notion of a big heavy bureaucratic government apparatus that does nothing but suck up money is probably true to some extent, but not by a far shot as true as popular notion will have it. Moreover, it is far less overhead in governments (federal, state) than in corresponding private industries (education, health care, even road constructions).
Mac OS X does what I have long wanted to see in a UNIX system, parallell/dependent startup. For instance, "vtun" depends on "tunnel.kext" and "networking", but both "tunnel.kext" and "networking" can be started simultaneously. Also, the "StartupParameters.plist" meta-information file has some parameters related to order preference ("early", "late", and so on).
An article describing a similar concept for Linux can be seen at IBM DeveloperWorks.
Since when does 'a lot' have to mean 'the majority'? What the original poster said is true, a lot of spammers are based overseas.
The context was that Alan Ralsky stands out as low-hanging fruit, by virtue of being based in the US -- as opposed to 'a lot' of spammers being based overseas.
Reality is that 70-80% of the world's spam originate in the US (again, according to SpamHaus). Hence, this motivation alone is not enough. (Though it is true that Alan is also #2 on SpamHaus' list of the most notorious spammers).
Again the arms race problem: This might work for a while, but once the spammers see a certain level of blocking, they can adjust their spam to circumvent it.
In this case they could start including (hidden, web-bug style) links to popular webmail sites, like hotmail. If you start blocking all messages with links to hotmail, you are probably going to miss some e-mail that you want!
Also, many times the URLs contained in an e-mail points to a cracked Windoze box, which has been turned into a WWW server by the spammer. (Often, but not always, listening on strange port numbers).
Once again: an application is not an OS. An OS is not an application. This has nothing to do with any all-encompassing "DRM system"; it's a function of dvdplayer.app.
No, screen capturing under OS X is a function of the OS, exposed through the Grab.app application.
That said, there may well be a technical reason why you cannot capture frames from their DVD player - images may be sent directly to the video card by the application, without going through the Aqua graphical library routines.
Again: no. The open source portions of OSX are BSD, not GPL. Apple was under no obligation beyond acknowledging that portions of the OS were copyrighted by the Regents of the University of California.
This is not true for all OSS software they include. For instance, 'gcc' (included on the XCode CD) and 'emacs' are not only covered under the GPL, but are GNU projects. KHTML (a component used in the Safari web browser) is also covered under GPL.
This is one of the very best "OS Review" articles I've ever come across - especially the way that it brings in all aspects of history, influences, etc to address ignorance & common misconceptions.
[ "$1" ] || usage "You must supply the criminal's email address"
email=$1 domain=${email##*@} mxname=$(host -t mx "$domain" | sed -ne 's/.* \(.*\)/\1/p') mxaddr=$(host -t a "$mxname" | sed -ne 's/.* \(.*\)/\1/p') netblock=$(whois "$mxaddr"|sed -ne 's/[^(]*(\([^)]*\).*/\1/p|tail -1) netowner=$(whois "$netblock")
echo "Your next step is to issue a subpoena against the following party - probably an ISP." echo "They need to give you the current user of the IP address $mxaddr." echo "(This may very well point back to the same ISP)." echo "This party, in turn, must turn over the identity of the email account."
I agree. I sometimes have to turn off Safari's pop-up blocker (which makes me enjoy the fact that it's a preference that's right in the main menu and I dont have to open any preference panes or anything).
That's why you should use Camino instead of Safari. It offers selective pop-up blocking - the ability to allow unrequested pop-ups for a selected sites. (It also offers selective cookie acceptance.. allow them from 'google.com', but not from 'doubleclick.net', for instance).
Slashdot Mirror
No, you missed the point entirely. The poster "suppressed"/pulled back his previous posting only as a gesture of cooperation with the Mozilla security team. He stated very clearly that had the blogger pointed to a public source where he found his copy of the original blog entry, he would in fact confront the Mozilla team with that evidence and/or make his own posting public again.
This is precisely why posting only the original blog entry (without any other information) was unhelpful, at best.
Anyway, let's get back to your point regarding supression of security advisiories vs. corporate supression of "bad publicity" (a la Diebold). Frankly, these are apples and, well, sour grapes.
Supressing a bug report with security implications (or general descriptions about a security-related problem) for the purpose of keeping black hats in the dark has a great deal of traction in various security teams (such as that of Mozilla, Debian, and others). Posting detailed description of a problem until the vendor has come up with a solution (or at least had a chance to do so, subject to a timeout) serves only to accellerate the development of exploits.
As he tried to convey in the article, the issue is not whether he can be faulted or not (and indeed, he can; then again, you can expect that many/most bug submitters would make "mistakes" like these).
The quote, however, deals with someone who submitted for his weblog a word-for-word copy of his original bug report, without any comments, return address, or source. That goes a bit beyond useless and unhelpful, IMHO; that borders on disrespectful. At the very least, as he is saying, if that person indeed wanted full disclosure, he should point to where he found the copy of the text, so that the Mozilla security team could be made aware of it.
Overall a well written article, certainly a lot more thoughtful than your comment.
-tor
To be accurate, SMTP (via Sendmail) is enabled by default in RedHat 9, though it only listens on the loopback interface.
Moreover, the following other services are enabled by default (though they may be protected by "iptables" if you use the "lokkit" setup): IPP (via cupsd), LPD (via BSD lpd), portmap (!), and sshd.
Nonetheless, that's an astonishing improvement over previous RedHat sins, even as late as v6.2, where a machine was guaranteed to be 0wn3d within 15 minutes of gaining internet access, courtesy of wu-ftpd.
Sure. I run OSXvnc for one thing (basically so that I can share one keyboard/mouse by using "x2vnc" from my Solaris box in the middle to my Mac on the left (and do a similar thing for my Debian box on the right)). Earlier, I used my Mac at home as my internet gateway, and installed Exim on it to receive my mail. Etc.
This is irrelevant, however, to the discussion at hand. Here we were talking about default configurations, in systems as they are shipped. Like it or not, that's how 75% of users will leave them.
Well, you made that comparison, not me. Anyway, my point is that even today, most UNIX and Linux (including RedHat) systems come shipped with lots of services enabled by default, with the exception of Mac OS X (and OpenBSD).
Err -- OS X isn't going to be better off than UNIX/Linux, as it's open to almost all attacks that those platforms are. If FreeBSD can get nailed via sendmail, so can OS X.
The difference is in services enabled by default. No TCP/IP services are enabled by default under Mac OS X. Even SSH - if you want to be able to SSH to your OS X box, you first need to enable "Remote Login" in the Network settings of your Systems preferences.
Moreover, Mac OS X ships with Postfix, not Sendmail. Postfix has a better track record w.r.t. security.
Though it is true that it also ships with BIND, the name services are only available if you turn on "Internet Connection Sharing", and only for those interfaces that are "internal" (i.e. those you share your external connection with). The external connection still does not listen on UDP/53 or TCP/53.
You are misunderstanding the gist of what I was saying. Most 'standard' UNIX systems (with the exception of OpenBSD) come with a bunch of services that are applicable to server machines enabled, such as SMTP, DNS, HTTP, etc.. Mac OS X, while having "learned" in the sense that it includes the more secure alternatives of available software, also leave these services disabled by default.
http://www.mozilla.org/projects/camino/
...
IMHO the best Mac OS X browser out there, even more so than Safari. Faster, per-site cookie policies, per-site popup blocking,
Be sure to get the latest snapshot release (updated daily), as the 0.7 release is getting a bit old.
Tts look and feel is more consistent with other Mac OS X apps (such as Mail.app) than Safari. (Safari looks more like a Finder window.)
I get the impression (only from the /. blurb so far) that this hole is, by orders of magnitude, more serious than anything reported for Mac OS X previously.
Most "vulnerabilites" previously reported for Mac OS X have been largely theoretical, obscure, and hardly any real threat (at least, when compared to the pretty high threshold of threat before anyting is considered a "flaw" in the Windows world).
Don't misunderstand, more serious stuff than this is pretty much standard fare for Windows (and sometimes on UNIX/Linux to, cf. "wu-ftpd", "bind", and "sendmail") - but for the Mac OS X platform, a flaw as "exploitable" as this is pretty unique.
'Course, if will probably be taken care of within a few days via "software update", if not already.
-tor
IPv6 provides other means to prevent IP spoofing (a prerequisite for TCP reset attacks).
SpamAssassin gives a negative score to IP addresses listed in the IronPort bonded sender program. This has several times prevented my wife's email from her work address (at Charles Schwab) to our home machine from being mistakenly blocked; because she uses MS Outlook with "custom" stationaries, SA normally gives a pretty high score to her mail based on content checks alone.
The idea is similar to Habeas - use this service if your business is legitimate; spammer abuse will be dealt with by the provider (in this case, IronPort will take their deposit, and remove them from the whitelist).
I like this service. It is not a magic bullet, but one among many checks that is quite effective in more accurately block spam and only spam.
Yeah, sorry.
On the bright side, the errors in my ways got modded up 2 points on Slashdot! I guess you can't really have an uncritical mind around here...
-tor
In a simple device, the resistance is roughly constant (up to a certain point). When you decrease voltage, then the current draw actually decrease as well, thereby reducing the power consumption to the 2nd degree.
In your example, a device that draws 440W at 220V (i.e. 2.0A) has a resistance of 0.5 ohms. When you lower the voltage to 109V, that yields
and(Ignoring the fact that 1VA is not quite the same as 1W, due to inductance/capacitance).
1.) SPAM From our perspective as receivers, they are not unstoppable. SpamAssassin does a pretty good job (as do other filters), better yet if integrated into your MTA so filtering happens at SMTP connection time. 2.) P2P Why would you want to stop that? (I have never used a P2P app, but I cannot figure out why it is something that should be "stopped" in the first place). 3.) Pop ups Use ABBMSIE (Any browser but Microsoft Internet Explorer). For instance, Mozilla based browsers (Mozilla, Firefox, Camino, Galeon...), KHTML based browser (Konqueror, Safari), Opera & all provide "popup blocking" -- reject popups that are not specifically a result of a user action (such as clicking on a link). 4.) Virus Use AOSBMSW (Any Operating System But Microsoft Windows). Nuff said.
If Linux were as popular as Windows is today, it would be just as plagued by security holes.
First, wrong. Apache runs 60%-70% of the world's web servers, yet MS II has far more security holes (at least judging by # of exploits). Following your logic, this would not be the case.
Second, what that generates spam zombies is not really "security holes" in general, but more than anything, a particular type of exploit, namely viruses (virii?). These are nearly exclusive to Windows. (Indeed, by some accounts, Linux installations on the internet are more exploited than Windows installations -- discounting viruses. Take it with a grain of salt, but you get the idea - we are not talking about "security" in general).
Third, even though Windows may be more widely used by home users than Linux, most crackers ("evil hackers") are more familiar with the world of UNIX and Linux -- typically these OSes are their own tools of choice. Moreover, the source code for Linux (and *BSD) is widely available, and so any holes are much easier to find. (You saw that based only a tiny fraction of the Windows source code, leaked to only a tiny fraction of the worlds cracker population, several new "critical" exploits surfaced within days, if not hours).
-tor
This is an oft-repeated argument "against" Linux, however it is a misrepresentation.
First, a number of different Linux distributions (most notably Debian, but also Gentoo, Connectiva...) offer incredibly streamlined update processes (much more so than, say, Windows or even RHN). Not only for fixes and security enhancements to an already-released "base" version of the OS, but also to update to a newer version of the OS (Debian Woody -> Sarge, for instance).
Second, commercial support for Linux - including completely free distributions such as Debian -- is available. Although this will be of importance to some "large enterprise installations" wrt. "buy-in" (read: in the mind of PHBs), it turns out to be less important than overall stability and maintainablity of the software in the long run. After all, the best support you can get for an OS is one you don't have to resort to.
More importantly, both Linux and Windows have signficant "market shares" in settings where commercial support matters less, or not at all. A typical home user will not typically call Microsoft when s/he encounters problems -- s/he has been trained/conditioned not to do so by now. (Basically, they charge an arm and a leg on top of the cost of the OS and rarely, if ever, provide any actual help). A home user is much more likely to search for the answer via Goole, or in online discussions -- environments in which Linux support far exceeds support for Windows.
This test alone would not do, of course. But integrated into filtering software such as SpamAssassin, it would probably be one of the more reliable (high positive/negative score) tests.
-tor
Anyway, you say:
Here is an annual report from the San Carlos school district (in San Mateo), quoting expenditures per student as $4068 (end of page 2). The total cost (including administration) is $5210.
Application forms for a whole bunch of schools nationwide that applied for the "No Child Left Behind" grant (which, for public schools, include expenditures per child) in 2003 can be seen here.
A list of San Mateo private elementary schools (on whose sites you generally find tuition schedules) is here. As an example, to enroll a student in grades 1-5, 5 full days per week, at "Challenger School", is $13,585.
I stand corrected, esp. re: my overall impression of (lack of) government waste. I surely knew that a lot of waste had to come from using M$ products, but did not know that was CA policy, or that the Oracle debacle is even worse than what was said in the media, given that Oracle was not even the DB plaform that agencies were using..
Thanks for your perspective. Very enlightening (in a dark sort of way...)
Yep.
.com boom surely points to a less and less efficient government.
Take the infamous CA recall & the "governator"'s plea to "identify and terminate" the excessive governement waste, his contention that a 45% increase in state spending since the
As it turns out, all of the increase, and then some, is due to increased medicaid spending (due to a larger retired population and even more due to increased drug costs).
Take the example of private / public elementary schools. In a typical private school, the money spent per pupil is $15,000 per year; in the San Mateo school district (in one of the more affluent parts of CA), the expenditure per student is $5000. And yes, that includes administration.
The notion of a big heavy bureaucratic government apparatus that does nothing but suck up money is probably true to some extent, but not by a far shot as true as popular notion will have it. Moreover, it is far less overhead in governments (federal, state) than in corresponding private industries (education, health care, even road constructions).
Mac OS X does what I have long wanted to see in a UNIX system, parallell/dependent startup. For instance, "vtun" depends on "tunnel.kext" and "networking", but both "tunnel.kext" and "networking" can be started simultaneously. Also, the "StartupParameters.plist" meta-information file has some parameters related to order preference ("early", "late", and so on).
An article describing a similar concept for Linux can be seen at IBM DeveloperWorks.
Sounds like that may be what Gentoo does?
The context was that Alan Ralsky stands out as low-hanging fruit, by virtue of being based in the US -- as opposed to 'a lot' of spammers being based overseas.
Reality is that 70-80% of the world's spam originate in the US (again, according to SpamHaus). Hence, this motivation alone is not enough. (Though it is true that Alan is also #2 on SpamHaus' list of the most notorious spammers).
-tor
Also, many times the URLs contained in an e-mail points to a cracked Windoze box, which has been turned into a WWW server by the spammer. (Often, but not always, listening on strange port numbers).
For instance:
http://shopping.yahoo.com%01@%31%39%32%2e%31%36
I know what you mean. I saw "The Crying Game" too.
-tor
No, screen capturing under OS X is a function of the OS, exposed through the Grab.app application.
That said, there may well be a technical reason why you cannot capture frames from their DVD player - images may be sent directly to the video card by the application, without going through the Aqua graphical library routines.
This is not true for all OSS software they include. For instance, 'gcc' (included on the XCode CD) and 'emacs' are not only covered under the GPL, but are GNU projects. KHTML (a component used in the Safari web browser) is also covered under GPL.
-tor
This is one of the very best "OS Review" articles I've ever come across - especially the way that it brings in all aspects of history, influences, etc to address ignorance & common misconceptions.
Good Job!
-tor
I managed to get a hold of the source code for the internet address verifier. Here goes:
."
#!/bin/bash
usage()
{
[ "$1" ] && echo "$0: $*" >&2
echo "Usage: $0 " >&2
exit 1
}
[ "$1" ] || usage "You must supply the criminal's email address"
email=$1
domain=${email##*@}
mxname=$(host -t mx "$domain" | sed -ne 's/.* \(.*\)/\1/p')
mxaddr=$(host -t a "$mxname" | sed -ne 's/.* \(.*\)/\1/p')
netblock=$(whois "$mxaddr"|sed -ne 's/[^(]*(\([^)]*\).*/\1/p|tail -1)
netowner=$(whois "$netblock")
echo "Your next step is to issue a subpoena against the following party - probably an ISP."
echo "They need to give you the current user of the IP address $mxaddr."
echo "(This may very well point back to the same ISP)."
echo "This party, in turn, must turn over the identity of the email account
echo "$netowner"
That's why you should use Camino instead of Safari. It offers selective pop-up blocking - the ability to allow unrequested pop-ups for a selected sites. (It also offers selective cookie acceptance.. allow them from 'google.com', but not from 'doubleclick.net', for instance).