For scripting, maybe, unless you know the script isn't going to go off your box. For actual command-line interaction, give me zsh or give me death. "Compatibility" is no reason not to learn what fun *can* be had.
Because that would not be detecting viruses, that would be another form of bandwidth/traffic capping. Unless you can tell me what next month's virus-du-jour is going to be, heuristics are the best bet for protecting their own network.
> I wonder how big a city has to be smacked before that will will exist?
You're spot on. Show me *one* city that's been decimated by an extra-terrestrial object yet, and tell me the probability doesn't follow a power-law about expected size of obliterated area versus frequency, I dareya.:)
Well, quite. Sure I watched the first episode of the new series, the other week. Since then, I saw a handful of news articles touting it as a `great success' based on audience/viewer figures - all based on *JUST ONE SHOW*. So the past couple of weeks, I've missed it entirely, partly because I want to expose their "statistics", and partly because I'm not such a Dr Who fan anyway... Funny, I've not heard anything about repeat-viewing stats since..
Yeah, I got bored of cable when the set-top box blew up after a power-outage. Never replaced it. Went 6 months without watching telly of any sort.
Now I've got a mighty nice 28" telly, just the terrestrial channels only (this being the UK, so there's 5 of them) and a DVD-RAM recorder jobbie. I find this the perfect blend: I get to pre-program the recorder with what I want to watch a few days in advance, time-shift it to when I find convenient, and the rest of the time I've got a sufficient supply of DVDs if I ever want "entertainment". Let there be mental stimulation!
Yes, scoring is the answer, IMO. Actually, it doesn't have to be too late in the process, either - exim is quite capable of incorporating an SA lookup into its ACLs after things like sender-verification and anti-virus checks - just order them in increasing probable-resource-consumption.
As for the politics of the RBLs - there comes a point where IMO they cannot hide behind a blanket denial of responsibility - when they have a significant number of users (like MAPS) they have a moral responsibility to ensure the data they keep is fair and accurate. Subject to locale, you may have a law to enforce that point as well. I recommend a point of view that says "these people are publically saying untrue bad things about me", which is a reasonable definition of defamation - see http://www.cai-channelislands.org/article/articlev iew/2/1/2/ for example.
It is in the interests of fairness and accuracy of information that one *should* sue RBL companies. Anything that makes them get their act together to refine their message - for example, having a return-value that states how bad the offence is from "one reported bad mail from an unreliable source" up to "whole ISP is a bogus front for countless confirmed UBE operations" - is sensible.
The two attitudes that piss me right off are "but we're disclaiming responsibility for what you do with our database" (no, everyone *knows* how an RBL works), and "do you really want to support a spam-friendly ISP?" (no, but one or two customers of an ISP being clueless do not a spam-friendly-ISP make).
Probably all of the above. Erosion is the result of friction during fluid flow. If you don't have much gravity to speak of, you won't have much of an atmosphere, so you won't have much mass of particles being picked-up and flung around the scenery, so it won't erode as much.
What about customizing your preferences with google, to keep safe-search on, and how about using squidguard as well?
Plus if you work for a sensible company, they should understand the increased risk of allowing pr0n into their organization, that it could happen more accidentally now than previously. Notably, I've used google for a fair few years and never yet had anything undesirable show up by accident, myself, yet...
Well yes. It's a strange choice to have to make, whether to go with woody, stable+secure, testing or whatever, for one's latest server conversion. Recently, I've gone testing, simply because I want a handful of updates daily, rather than setting myself up for a whopping big jump of everything from libc6 and up in a few years' time.
The only trouble is, I sort of suspect that makes a mockery of Debian's stable or named-distribution releases, when that happens...
Not all universities are like that, at least not over here (UK).
I think the main problem is the lack of focus on the *level* at which security becomes a problem. When it's a buffer overflow, the risk is the OS gets compromised, so you patch the software. When it's a cross-site scripting attack, the risk is your privacy, and you're looking at all sorts of application-level security measures, from input-validation to WS-Security and above. Merely updating packages won't get you that, if the packages are horribly insecure in the first place.
Well, Office didn't have a *working* grammar checker the last time I looked, either - seemed to get every single instance of an apostrophe exactly *wrong*. Admittedly this is a few years ago, but hey...:)
I think the point is to have open data standards, and use a mixture of software to handle them for (non)-heterogeneity reasons - but this can be achieved entirely within the open-source/Free-software community, without commercial input at all, so I don't quite see that Brazil is necessarily going down the wrong line in being entirely pro-Open only.
Yeah, that's a possibility. Or whatever might be lying around on the desk, l33tified (if you're in need of a quick password, at least). Or go for initial letters of a phrase ("hds0tw":)
But still should use pwgen or uuencode -/dev/random instead:)
The definition of spam is that it's a usenet phenomenon, let's get that right for starters. The other forms of junk-mail that people talk about are either UBE or UCE, where you'll note "desire" doesn't come into it so much as unsolicited.
Imax has too few cinemas... especially here in the UK, if idiocy takes off over here as well:/
I take what you're saying about "just a business", but the question is *why* they're giving way to local opinion - if it's only 10% the local population that would avoid seeing the film, that's no reason to stop showing it altogether - you just accept that in these regions the audience may be only 90% the normal size. Now, if there's some threat of protest or possible violence, that'd be quite a different story.
Me, I now want to see these films. Honestly, I listened to Richard Dawkins and wife reading from his latest book last week in St Andrews, which was a statement of fact about what the theory of natural selection through evolution says - at least until the Q+A section at the end. I can't see why people stand up for literal Creationism which has *zero* evidence behind it versus honest scientific investigation - what's up, oh ye of little faith?
Well, yes & no, depending on whether that obeys laws of homogeneity and isotropy.
Why couldn't it've been something very very uniform in the Big Bang anyway? We don't have perfect uniformity (your existence is proof), nor is the microwave background perfectly uniform anyway, but *close enough*.
Considered testing? Especially, with what appears to be security-updates to testing as well these days?
I know, in general terms it makes a mockery of the design goal in having stable,testing,unstable the way they are: but in practice, something that I can use to apply updates weekly or security ones daily, with a continual smooth one-or-two-packages-a-fortnight rate for life, is really nice.
> why limit something that is only an issue if you are working against your users, instead of for them?
It's a valid question. These days we expect functionality (otherwise I'll just go install my own box...) as well. If you think you'll either have over-curious users or run much risk of outsiders getting in and wondering what this funny bit of punctuation:() {:&;:};: actually does... then you ulimit them.
A fairly drawn line is one that stops the greater majority of intentional cracks and DoS attempts, most unintentional stupidities, and doesn't impinge on functionality.
While I'm here, that article sucked: if all you can say is "20-odd vulnerabilities in 3 months" and ignore the advice you've just said, yourself, that "sure, vulnerabilities happen" - well, what kind of moron are you? They do indeed happen. What matters is that he's been able to count how many there were, and, if he were even slightly journalistically inclined, assess the *severity* of each of them as well.
You also have plenty enough ways of blocking email spam, but naff-all is provided for SMS filtering. I'd be quite happy to let only people in my address-book be able to send me messages, at least for some of the time, but where's the phone with that feature?
Quite, it's the great American way, isn't it? Celebrate lots of things a year, but all of them increasingly commercialised to the point of losing speciality. Everything gets commoditized sooner or later.
According to a friend of mine, Fedora Core already comes with SElinux.
People who take any pride in using their boxes properly tend to use SElinux or GRsecurity already.
Mail-servers, web-servers, browsers, and name-servers all come in multiple-process priv-dropping forms. (Or, better: don't bother fork()ing all over the place, just setuid() where you need to, to isolate modules of code in-process, for speed.) We have far more than just priv-dropping protections up our sleeve, too: propolice patches to GCC, kernel patches for virtualization (ctx, xen, UML),...
So quit pontificating and apply pressure on your favourite distribution purveyor(s) to include these things by default and get out and educate the mass of people who'll only turn GNU/Linux into the next Windoze yourself!
Slashdot Mirror
For scripting, maybe, unless you know the script isn't going to go off your box. For actual command-line interaction, give me zsh or give me death. "Compatibility" is no reason not to learn what fun *can* be had.
> Why not...
Because that would not be detecting viruses, that would be another form of bandwidth/traffic capping. Unless you can tell me what next month's virus-du-jour is going to be, heuristics are the best bet for protecting their own network.
> I wonder how big a city has to be smacked before that will will exist?
:)
You're spot on. Show me *one* city that's been decimated by an extra-terrestrial object yet, and tell me the probability doesn't follow a power-law about expected size of obliterated area versus frequency, I dareya.
Well, quite. Sure I watched the first episode of the new series, the other week. Since then, I saw a handful of news articles touting it as a `great success' based on audience/viewer figures - all based on *JUST ONE SHOW*. So the past couple of weeks, I've missed it entirely, partly because I want to expose their "statistics", and partly because I'm not such a Dr Who fan anyway... Funny, I've not heard anything about repeat-viewing stats since..
Yeah, I got bored of cable when the set-top box blew up after a power-outage. Never replaced it. Went 6 months without watching telly of any sort.
Now I've got a mighty nice 28" telly, just the terrestrial channels only (this being the UK, so there's 5 of them) and a DVD-RAM recorder jobbie. I find this the perfect blend: I get to pre-program the recorder with what I want to watch a few days in advance, time-shift it to when I find convenient, and the rest of the time I've got a sufficient supply of DVDs if I ever want "entertainment". Let there be mental stimulation!
> More 747s have crashed than space shuttles (yes, even after redesigns)
This may be, but
a) 747s are more common than shuttles
b) the loss of life is 100% in shuttle disasters so far.
Yes, scoring is the answer, IMO. Actually, it doesn't have to be too late in the process, either - exim is quite capable of incorporating an SA lookup into its ACLs after things like sender-verification and anti-virus checks - just order them in increasing probable-resource-consumption.
v iew/2/1/2/ for example.
As for the politics of the RBLs - there comes a point where IMO they cannot hide behind a blanket denial of responsibility - when they have a significant number of users (like MAPS) they have a moral responsibility to ensure the data they keep is fair and accurate. Subject to locale, you may have a law to enforce that point as well. I recommend a point of view that says "these people are publically saying untrue bad things about me", which is a reasonable definition of defamation - see http://www.cai-channelislands.org/article/article
It is in the interests of fairness and accuracy of information that one *should* sue RBL companies. Anything that makes them get their act together to refine their message - for example, having a return-value that states how bad the offence is from "one reported bad mail from an unreliable source" up to "whole ISP is a bogus front for countless confirmed UBE operations" - is sensible.
The two attitudes that piss me right off are "but we're disclaiming responsibility for what you do with our database" (no, everyone *knows* how an RBL works), and "do you really want to support a spam-friendly ISP?" (no, but one or two customers of an ISP being clueless do not a spam-friendly-ISP make).
Probably all of the above.
Erosion is the result of friction during fluid flow. If you don't have much gravity to speak of, you won't have much of an atmosphere, so you won't have much mass of particles being picked-up and flung around the scenery, so it won't erode as much.
What about customizing your preferences with google, to keep safe-search on, and how about using squidguard as well?
Plus if you work for a sensible company, they should understand the increased risk of allowing pr0n into their organization, that it could happen more accidentally now than previously. Notably, I've used google for a fair few years and never yet had anything undesirable show up by accident, myself, yet...
Well yes. It's a strange choice to have to make, whether to go with woody, stable+secure, testing or whatever, for one's latest server conversion. Recently, I've gone testing, simply because I want a handful of updates daily, rather than setting myself up for a whopping big jump of everything from libc6 and up in a few years' time.
The only trouble is, I sort of suspect that makes a mockery of Debian's stable or named-distribution releases, when that happens...
Not all universities are like that, at least not over here (UK).
I think the main problem is the lack of focus on the *level* at which security becomes a problem. When it's a buffer overflow, the risk is the OS gets compromised, so you patch the software. When it's a cross-site scripting attack, the risk is your privacy, and you're looking at all sorts of application-level security measures, from input-validation to WS-Security and above. Merely updating packages won't get you that, if the packages are horribly insecure in the first place.
Well, Office didn't have a *working* grammar checker the last time I looked, either - seemed to get every single instance of an apostrophe exactly *wrong*. Admittedly this is a few years ago, but hey... :)
I think the point is to have open data standards, and use a mixture of software to handle them for (non)-heterogeneity reasons - but this can be achieved entirely within the open-source/Free-software community, without commercial input at all, so I don't quite see that Brazil is necessarily going down the wrong line in being entirely pro-Open only.
Or do some work on gcj to bring it up to scratch, of course.
Yeah, that's a possibility. Or whatever might be lying around on the desk, l33tified (if you're in need of a quick password, at least). Or go for initial letters of a phrase ("hds0tw" :)
/dev/random instead :)
But still should use pwgen or uuencode -
Yeah, progress just means more bad things happening more often.
;)
Show me a real *use* of such eye-candy and I'll be interested. Meanwhile, I've got transparency where I need it - on macosx
The definition of spam is that it's a usenet phenomenon, let's get that right for starters. The other forms of junk-mail that people talk about are either UBE or UCE, where you'll note "desire" doesn't come into it so much as unsolicited.
How come I heard of e-scrabble long before I heard of Hasbro's own online version? Do they even *have* an equivalent of their own?
If not, they should STFU and pay Jared, otherwise you have a point.
Imax has too few cinemas... especially here in the UK, if idiocy takes off over here as well :/
I take what you're saying about "just a business", but the question is *why* they're giving way to local opinion - if it's only 10% the local population that would avoid seeing the film, that's no reason to stop showing it altogether - you just accept that in these regions the audience may be only 90% the normal size. Now, if there's some threat of protest or possible violence, that'd be quite a different story.
Me, I now want to see these films. Honestly, I listened to Richard Dawkins and wife reading from his latest book last week in St Andrews, which was a statement of fact about what the theory of natural selection through evolution says - at least until the Q+A section at the end. I can't see why people stand up for literal Creationism which has *zero* evidence behind it versus honest scientific investigation - what's up, oh ye of little faith?
Well, yes & no, depending on whether that obeys laws of homogeneity and isotropy.
Why couldn't it've been something very very uniform in the Big Bang anyway? We don't have perfect uniformity (your existence is proof), nor is the microwave background perfectly uniform anyway, but *close enough*.
Considered testing? Especially, with what appears to be security-updates to testing as well these days?
I know, in general terms it makes a mockery of the design goal in having stable,testing,unstable the way they are: but in practice, something that I can use to apply updates weekly or security ones daily, with a continual smooth one-or-two-packages-a-fortnight rate for life, is really nice.
> why limit something that is only an issue if you are working against your users, instead of for them?
:() { :&;:} ;: actually does... then you ulimit them.
It's a valid question. These days we expect functionality (otherwise I'll just go install my own box...) as well. If you think you'll either have over-curious users or run much risk of outsiders getting in and wondering what this funny bit of punctuation
A fairly drawn line is one that stops the greater majority of intentional cracks and DoS attempts, most unintentional stupidities, and doesn't impinge on functionality.
While I'm here, that article sucked: if all you can say is "20-odd vulnerabilities in 3 months" and ignore the advice you've just said, yourself, that "sure, vulnerabilities happen" - well, what kind of moron are you? They do indeed happen. What matters is that he's been able to count how many there were, and, if he were even slightly journalistically inclined, assess the *severity* of each of them as well.
Maybe this page would be worthwhile reading?
You also have plenty enough ways of blocking email spam, but naff-all is provided for SMS filtering. I'd be quite happy to let only people in my address-book be able to send me messages, at least for some of the time, but where's the phone with that feature?
Quite, it's the great American way, isn't it? Celebrate lots of things a year, but all of them increasingly commercialised to the point of losing speciality. Everything gets commoditized sooner or later.
I disagree...
...
According to a friend of mine, Fedora Core already comes with SElinux.
People who take any pride in using their boxes properly tend to use SElinux or GRsecurity already.
Mail-servers, web-servers, browsers, and name-servers all come in multiple-process priv-dropping forms. (Or, better: don't bother fork()ing all over the place, just setuid() where you need to, to isolate modules of code in-process, for speed.) We have far more than just priv-dropping protections up our sleeve, too: propolice patches to GCC, kernel patches for virtualization (ctx, xen, UML),
So quit pontificating and apply pressure on your favourite distribution purveyor(s) to include these things by default and get out and educate the mass of people who'll only turn GNU/Linux into the next Windoze yourself!