Or, maybe the police decide to track where you go by reading license plates off of each of the cameras that they have up to detect speeders or light runners.
In fact, we have a licenseplate-reading system like this in.nl
Video cameras record your license plate when you pass a portal, then record it again when you pass the next portal, say after 1 km. The images are stored and processed electronically.
Your average speed is calculated and you're fined if you were speeding.
Some argue that this system is fairer than using speedtrap cameras that record only 'an incident', not 'your general behaviour'.
Others argue that "traject-controle" as the system is called here is a clear invasion of privacy (since they necessarily need to keep a record of your license plate during the 1km you're driving).
The same system can be used to check for people without valid insurance, who 'forgot' the mandatory APK car checkup or those who neglected to pay their road taxes.
The possibilities are endless... In other words, where willl this end?
> > Just look at MS-Word and "auto-correct" which > > changes "Teh" to "The".
> Sounds like you should have RTFM'ed. Takes 5 seconds > to setup exceptions to autocorrect rules and > you'll never have that problem again.
IMHO, AutoCorrect is a prime example of a counter-intuitive feature that takes control away from the user.
I type a key on the keyboard; it appears on screen. That is a basic assumption I made about using computers. In fact, it is a key element in my mental map of computers.
AutoCorrect takes that basic assumption away.
AutoCorrect makes me feel I need to "fight" the computer.
IMHO, things that take control away from the user should not be switched on by default. Maybe AutoCorrect should pop up one of those annoying Assistants the first time, and ask you if you want to relinquish control of your keyboard;)
As a counter-example, I like the 'squiggly underline' as displayed by the spellchecker a lot better. It leaves me in control (I can choose to ignore it with no ill effects).
I've been a ClearCase administrator for a couple of years, and I really liked ClearCase. But there are some drawbacks to the points you bring up:
1. Clearcase is integrated into the OS and the repositories are actual filesystems
...Which makes life hell if you need to upgrade the OS. Our production servers should be kept on the same OS and patch level as a matter of policy. With all these different OS/Patch requirements for applications like ClearCase, keeping your environment sane becomes a major nightmare.
Furthermore, there are serious performance issues which have prompted some development teams to use Snapshot views instead, negating many of the advantages ClearCase brings (through the MVFS).
2. Clearmake
ClearMake is nice when people work on relatively dynamic code which is shared 'early and often'. The DO Config Record lookups can swamp your DB-server though.
I liked the "automatic dependency generation" in ClearMake (config records). No more 'make deps';)
Again, with Snapshot views ClearMake loses its charm.
3. Real branches
ClearCase is definitely not the only tool supporting "Real branches";)
Just my 0.01 (that would have been 2.20371 cents in ye olde days...)
Applied to the commercial and OSS world, that
would mean that software wouldn't come out nearly as often: I'm guessing one major OS upgrade every 5-6 years, if that.
That's an interesting point.
At work (large company in.nl), we still run NT4 and Office 97 on our Windows desktops. Only now are we planning to migrate to Win2K and Office2K...
Large companies are generally not interested in keeping up with the latest and greatest from Redmond. In fact, a release schedule of 2 to 3 years with intermediate bugfixes would probably fit quite nicely in our corporate IT policy.
For some people, compiling everything from source may indeed be fun/feasable. However, as your farm becomes larger you'll learn to LOVE package management.
That's why we've standardized on RedHat for server-type Linux stuff. Yes, I know that other distros are/might be better in some areas, but you have to make a choice.
RedHat has good marketing, hence good visibility on the higher levels of management. That's important too.
Oh, and don't assume we're not Hardcore UNIX just because we install our Solaris boxen from binaries (*Yuck! Binaries!*);)
A method for inducing cats to exercise consists of directing a beam of invisible light produced by a hand-held laser apparatus onto the floor or wall or other opaque surface in the vicinity of the cat, then moving the laser so as to cause the bright pattern of light to move in an irregular way fascinating to cats, and to any other animal with a chase instinct.
Yup, a bright pattern of invisible light. Certainly something worth of patenting;)
I doubt cats would be fascinated by something they clearly cannot see...
Squid in accelerator mode should do this. You will have to tell it to use the host header though.
Ah. I was looking at it purely from a webserver (Apache) perspective. Thanks, I'll go and read up on Squid... I've been using that as a forward proxy for a while, but never thought of using that as a reverse proxy.
In the HTTP/1.0 spec, sending a "Host:" header with your GET request was optional. In HTTP/1.1, it became mandatory.
This means that all requests from your browser to websites will look something like this:
GET/index.html HTTP/1.1
Host: mydomain.dom
<nl>
This is kind of similar to using a proxy; you need to tell your browser to use a proxy. The browser will then send 'absolute URLs' instead of 'relative URLs' as in my example above. That way, the proxy knows which server you are really trying to reach.
I think that name-based virtual hosting is a great thing (I run 3 domains off my single IP).
Unfortunately, I can only run 1 SSL-capable secure website on that same IP address since the SSL handshake needs to complete before the request is interpreted at the HTTP level.
And I have another issue: I want to run a "reverse proxy" (multiple physical webservers, possibly running different OS's) with name-based virtual hosting. I haven't found a way of doing that [with Apache] yet.
Unfortunately, someone already offers this service. Check out myinternet.com; they call it MyMonitor. I prefer to call it "Domain Hijacking"...
The service *might* be used for good purposes, but I fear that the spammer-types will soon adopt this kind of "Domain Hijacking" to make an easy buck off of legitimate domain owners.
Your description suggests that libsafe is for protecting *outdated* systems against *stack* overflows.
Actually it provides wrappers around potentially dangerous system calls ( e.g. strcpy() ), so it helps protect against buffer overruns in all the (dynamically linked) software running on the system.
IMHO, the biggest feature is, that it does not require code instrumentation or even re-linking of the software, something that other solutions do usually require.
This means that problems can be prevented in many cases.
Slashdot Mirror
Or, maybe the police decide to track where you go by reading license plates off of each of the cameras that they have up to detect speeders or light runners.
.nl
In fact, we have a licenseplate-reading system like this in
Video cameras record your license plate when you pass a portal, then record it again when you pass the next portal, say after 1 km. The images are stored and processed electronically.
Your average speed is calculated and you're fined if you were speeding.
Some argue that this system is fairer than using speedtrap cameras that record only 'an incident', not 'your general behaviour'.
Others argue that "traject-controle" as the system is called here is a clear invasion of privacy (since they necessarily need to keep a record of your license plate during the 1km you're driving).
The same system can be used to check for people without valid insurance, who 'forgot' the mandatory APK car checkup or those who neglected to pay their road taxes.
The possibilities are endless... In other words, where willl this end?
> > Just look at MS-Word and "auto-correct" which
;)
> > changes "Teh" to "The".
> Sounds like you should have RTFM'ed. Takes 5 seconds
> to setup exceptions to autocorrect rules and
> you'll never have that problem again.
IMHO, AutoCorrect is a prime example of a counter-intuitive feature that takes control away from the user.
I type a key on the keyboard; it appears on screen. That is a basic assumption I made about using computers. In fact, it is a key element in my mental map of computers.
AutoCorrect takes that basic assumption away.
AutoCorrect makes me feel I need to "fight" the computer.
IMHO, things that take control away from the user should not be switched on by default. Maybe AutoCorrect should pop up one of those annoying Assistants the first time, and ask you if you want to relinquish control of your keyboard
As a counter-example, I like the 'squiggly underline' as displayed by the spellchecker a lot better. It leaves me in control (I can choose to ignore it with no ill effects).
Just my EUR 0.025...
I've been a ClearCase administrator for a couple of years, and I really liked ClearCase. But there are some drawbacks to the points you bring up:
;)
;)
1. Clearcase is integrated into the OS and the repositories are actual filesystems
...Which makes life hell if you need to upgrade the OS. Our production servers should be kept on the same OS and patch level as a matter of policy. With all these different OS/Patch requirements for applications like ClearCase, keeping your environment sane becomes a major nightmare.
Furthermore, there are serious performance issues which have prompted some development teams to use Snapshot views instead, negating many of the advantages ClearCase brings (through the MVFS).
2. Clearmake
ClearMake is nice when people work on relatively dynamic code which is shared 'early and often'. The DO Config Record lookups can swamp your DB-server though.
I liked the "automatic dependency generation" in ClearMake (config records). No more 'make deps'
Again, with Snapshot views ClearMake loses its charm.
3. Real branches
ClearCase is definitely not the only tool supporting "Real branches"
Just my 0.01 (that would have been 2.20371 cents in ye olde days...)
--
Gxis!
Ed.
That's an interesting point.
At work (large company in .nl), we still run NT4 and Office 97 on our Windows desktops. Only now are we planning to migrate to Win2K and Office2K...
Large companies are generally not interested in keeping up with the latest and greatest from Redmond. In fact, a release schedule of 2 to 3 years with intermediate bugfixes would probably fit quite nicely in our corporate IT policy.
Just my EUR 0.01 ;)
--
Gxis!
Ed.
For some people, compiling everything from source may indeed be fun/feasable. However, as your farm becomes larger you'll learn to LOVE package management.
;)
That's why we've standardized on RedHat for server-type Linux stuff. Yes, I know that other distros are/might be better in some areas, but you have to make a choice.
RedHat has good marketing, hence good visibility on the higher levels of management. That's important too.
Oh, and don't assume we're not Hardcore UNIX just because we install our Solaris boxen from binaries (*Yuck! Binaries!*)
You can try MS ISA Server for a while (trial version is downloadable). I've played with it, and it seems to contain a nice packet filter.
But for production, I'd rather use a proven (and free!) solution such as FreeBSD, Linux or OpenBSD.
Gxis!
Ed.
Kudos to Zack Brown for creating a readable abstract from the discussions on linux-kernel!
A method for inducing cats to exercise consists of directing a beam of invisible light produced by a hand-held laser apparatus onto the floor or wall or other opaque surface in the vicinity of the cat, then moving the laser so as to cause the bright pattern of light to move in an irregular way fascinating to cats, and to any other animal with a chase instinct.
Yup, a bright pattern of invisible light. Certainly something worth of patenting ;)
I doubt cats would be fascinated by something they clearly cannot see...
--
Gxis!
Ed.
Why does nobody mention that these fuel cells emit dangerously large concentrations of dihydrogen monoxide?
What, are they out of their minds? It is a well-known fact that large concentrations of dihydrogen monoxide can be lethal!
...
--
Gxis!
Ed.
Squid in accelerator mode should do this. You will have to tell it to use the host header though.
Ah. I was looking at it purely from a webserver (Apache) perspective. Thanks, I'll go and read up on Squid... I've been using that as a forward proxy for a while, but never thought of using that as a reverse proxy.
--
Greetings,
Ed.
In the HTTP/1.0 spec, sending a "Host:" header with your GET request was optional. In HTTP/1.1, it became mandatory.
/index.html HTTP/1.1
This means that all requests from your browser to websites will look something like this:
GET
Host: mydomain.dom
<nl>
This is kind of similar to using a proxy; you need to tell your browser to use a proxy. The browser will then send 'absolute URLs' instead of 'relative URLs' as in my example above. That way, the proxy knows which server you are really trying to reach.
I think that name-based virtual hosting is a great thing (I run 3 domains off my single IP).
Unfortunately, I can only run 1 SSL-capable secure website on that same IP address since the SSL handshake needs to complete before the request is interpreted at the HTTP level.
And I have another issue: I want to run a "reverse proxy" (multiple physical webservers, possibly running different OS's) with name-based virtual hosting. I haven't found a way of doing that [with Apache] yet.
--
Greetings,
Ed.
Unfortunately, someone already offers this service. Check out myinternet.com; they call it MyMonitor. I prefer to call it "Domain Hijacking"...
The service *might* be used for good purposes, but I fear that the spammer-types will soon adopt this kind of "Domain Hijacking" to make an easy buck off of legitimate domain owners.
"End of the Internet predicted. Film at 11."
Greetings,
Ed.
Option 1 is not that relevant, I think. It's not glibc itself, but the programs that use certain library functions that are defective.
Option 2 would be *very* nice to have though...
--
Greetings,
Ed.
Your description suggests that libsafe is for protecting *outdated* systems against *stack* overflows.
Actually it provides wrappers around potentially dangerous system calls ( e.g. strcpy() ), so it helps protect against buffer overruns in all the (dynamically linked) software running on the system.
IMHO, the biggest feature is, that it does not require code instrumentation or even re-linking of the software, something that other solutions do usually require.
This means that problems can be prevented in many cases.
All in all, a nice piece of work...
--
Greetings,
Ed.
Imagine trying to sell a computer today that didn't have lowercase!
;)
They do. It's called WebTV