1. Get PGP, such as from http://www.gnupg.org/ or http://www.nai.com.
2. Create your "key" (automatic) and password protect it. The key sits as a file on your disk, and you can only access it with your password.
3. Sign the document. For example, I've signed this message by copying the text into the clipboard, hit "sign" onthe PGPTools app, typed my password, then pasted back into the box. Presto!
I, too, am a CTO. On the other hand, I've been on the cusp of being fired at every job I've had. I've been a conceited, arrogant, SOB, and those were my good qualities. Sure, my technology prowess in my field is second to none (oops, being conceited again:-), but that doesn't mean I'm as effective at my job as I could be.
A lot of posters to Slashdot have the same qualities:-) A lot of it is simple "maturity", younger people rarely have it, but usually think they do. Another part of it is understanding a concept from another person's point of view, which few geeks are willing to do.
Business reasons are often like peacock feathers: utterly stupid and wasteful from any logical perspective, yet somehow evolution seems to favor them. Businesses that survive do things in a "business" manner. Geeks in a business environment are always telling management how stupid they are for putting such big feathers on a peacock, when better solutions exist. And geeks know they are absolutely right, thus the problem.
Marc was simply one of those geeks (making assumptions by extrapolating from my own experience). BTW, so were Steve Jobs and Bill Gates. Jobs got pushed out of Apple for much the same reasons. In Jobs' case, he conflicted with management until he was pushed out. It wasn't an issue if Jobs was right or wrong, only that his geekness made him incompatible with those who ran the company. However, once geeks like Jobs and Gates start running the place, they actually prove that their non-business-practices have merit.
The problem for geeks/nerds everywhere is that business is much like the military: to become a leader, you have to prove that you are a good follower, even those two skills aren't directly related. For geeks to get into a position of power (in order to implement the ideas that they know are right), they have to stop being so difficult and arrogant, even when it is obvious that management are idiots.
Of course, OpenSource often does an end-run around business, but it doesn't mean you'll get the $$$ or the babes going that route:-)
I think everyone will eventually get their own webpage, not just geeks. For example, I created my own web-site (RobertGraham.com) simply as a way to avoid spam (I made the mistake of signing up with the Netcom ISP where they require you to receive spam as part of their agreement). It's more useful than one would suppose, and not simply as a means of putting useless junk up there. For example, I've stopped showing people physical pictures, but instead simply put them up on my website and give people a link. (For example, I almost got myself killed in a car accident recently, and some friends/family wanted to see pictures of the totalled car.
The whole process gives a whole new dimension to e-mail and general communication, with this posting as an example. I've started to think and communicate in hypertext.
The changes sound pretty good. You know, there is a philosophical point behind this: you're still debugging it. A while back there was a posting on how Slashdot is ushering in a "new era" and explained how Slashdot's system is better than traditional news. I thought it was bunch of hooey, because it missed the key point: Slashdot is not better because of any feature it has now, it is better because it is dynamic and evolving to be better.
Another philosophical point is that you are striving to create a system that maintains dynamic equilibrium. The system you are programming isn't silicon but grey matter. You are balancing all our (the readers) conflicting e-motional responses in order to balance the system just right. I find it fascinating how simple decisions (like if you were to remove Anonymous Coward) have unpredictable effects that unbalance the system.
In any case, here are my suggestions:
Put up a stats page. I've got Karma=3 right now ('cause I rarely post). How does that compare to everyone else? I want stats! I want encouragement to post well so that I can get higher karma than my friends! Just like SETI@Home/Distributed.net, this could be the carrot you are looking for to encourage people to post well to begin with.
Let me moderate my own posts, as described here. Sometimes I've posted things that I later wanted to retract (primarily, because some later post clarified something and I realize that my original posting was completed without merit). Please give me a chance to moderate down without hitting my Karma before anybody else moderates me down. Conversely, sometimes I post some really good stuff. Please let me add some kicker to it that only moderators can see where I can say "Hey, moderator, this was a really good post". This think this reaches equilibrium, because if I hilite posts which moderators think are crap, they might strike back with a -1 rather than a +1.
I've approached this problem in many ways. First, as other Slashdotters have commented, you don't need any special notice; you own the copyright regardless, and that means you can ask anybody at any time to remove the copy from their website.
I go futher and track my document. I put a 1-bit GIF file embedded in my document that links back to my server. This tracks people who simply mirror the document through the Referer field.
Then, I put interesting spelling and wording in the document. This allows me to track the document via AltaVista and other search engines.
The philosophical standpoint here is that any document you create is the start of a meme. I use these techniques to shepard my meme through the web. From this perspective, the Copyright notice is important for works that you want to be essentially in the public domain: it still gives you control over the basic process.
I'm a little confused. The article that suggests my posting get bumped, itself gets bump to 2, but mine (which I think is very helpful bit of signal in the noise) remains at 1. Not that I really want to get bumped; I'm just a little curious as to how/. works.
The clients tell the server what version they are long before the server sends the buffer overflow packet. Microsoft chooses to emulate the WIN32 client because it has a lot more features than other clients.
To verify, take a sniffer and capture a trace file of the connection sequence. Only when connecting with the v2 Win32 client will you see this particular packet contents being sent.
Most messenging protocols are peer-to-peer and client-server. 90% of a messenger protocol has to deal with issues other than sending messages, for which peer-to-peer would make sense. This includes the ability for you to find your buddies in the first place. If I travel to Europe and dialin with my notebook, how are you going to find me except through a common server?
Even peer-to-peer messenges have problems. One of which is that this remove anonimity; what happens with lots of protocols like IRC is that cr/hackers nuke/flood other people's IP address. Not to mention the problem of when both sides are behind firewalls/proxies, and thus cannot create a direct connection between each other.
The full geeky explanation is at http://www.robertgraham.com/pubs/aol-e xploit. Basically, in one of the login packets, AOL sends more data than the client expects, causing the buffer overflow, which then changes some of the values in response packet.
I submitted this to/. right after the Bugtraq posting came out (last Tuesday). One wonders why/. rejects the technical details but accepts the mainstream press, especially since nerds typical hate the mainstream press for being either devoid of technical details, or getting them wrong.
Yes, it is a buffer-overflow exploit. The article had a factual error in it. The server sends more data than the client expects; a field 0x0100 bytes long is sent 0x0118 bytes of data. To read the original technical analysis, go to http://www.robertgraham.com/pubs/aol-e xploit.
Easy answer: drop a Token Ring and Ethernet card in your Linux box and route between them. If routing gets ornery, then use proxy ARPs.
Problem: This is easy if you are using TCP/IP, but if you want access to other things, like NetBEUI, AppleTalk, SNA, etc., then you are screwed.
Problem: If you are using TCP/IP and you only get one IP address, then assign completely unrelated IP addresses to the Linux box (like 192.0.2.5 and 192.0.2.6). Then turn on "Proxy ARPs", which tells your box to respond to ARPs for the machine(s) behind it. Then use the "route" command to hard-code routes back-and-forth through the box.
You can "bridge" instead of "route". Routing, as described above, analyzes the IP packet, and strips off the Ethernet/TokenRing headers. Conversely, briding ignores the IP contents and does some translation magic to convert between Ethernet and Token Ring. The conversion algorithm is straight forward. There have been briding programs for DOS for ages, and there might be ones for Linux. Writing one on libpcap wouldn't be too hard -- if you knew what you were doing and were intimately conversent with the protocols.
Even a Win95/Win98/WinNT box would be pretty easy to set up for routing in much the same way. It supports proxy ARPs, hard-wired routing, and the like. It probably has better support for Token Ring.
How do you force a CPU to handle an individual NIC? I know how to set the processor affinity in user mode, but how do I do this trick? (I ask because I want to actually do it). Thanks
Slashdot Mirror
-----BEGIN PGP SIGNED MESSAGE-----
q sBG+2N9RKZYAoOfb
Hash: SHA1
PGP is real easy.
1. Get PGP, such as from http://www.gnupg.org/ or http://www.nai.com.
2. Create your "key" (automatic) and password protect it. The key
sits as a file on your disk, and you can only access it with your
password.
3. Sign the document. For example, I've signed this message by
copying the text into the clipboard, hit "sign" onthe PGPTools app,
typed my password, then pasted back into the box. Presto!
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
iQA/AwUBN9ohzksZIfi0CwoYEQLPXQCfV6WcS1W4vQRE36T
eBoSVXvogutiQwBYWlAx4Ucf
=KKO8
-----END PGP SIGNATURE-----
A lot of posters to Slashdot have the same qualities :-) A lot of it is simple "maturity", younger people rarely have it, but usually think they do. Another part of it is understanding a concept from another person's point of view, which few geeks are willing to do.
Business reasons are often like peacock feathers: utterly stupid and wasteful from any logical perspective, yet somehow evolution seems to favor them. Businesses that survive do things in a "business" manner. Geeks in a business environment are always telling management how stupid they are for putting such big feathers on a peacock, when better solutions exist. And geeks know they are absolutely right, thus the problem.
Marc was simply one of those geeks (making assumptions by extrapolating from my own experience). BTW, so were Steve Jobs and Bill Gates. Jobs got pushed out of Apple for much the same reasons. In Jobs' case, he conflicted with management until he was pushed out. It wasn't an issue if Jobs was right or wrong, only that his geekness made him incompatible with those who ran the company. However, once geeks like Jobs and Gates start running the place, they actually prove that their non-business-practices have merit.
The problem for geeks/nerds everywhere is that business is much like the military: to become a leader, you have to prove that you are a good follower, even those two skills aren't directly related. For geeks to get into a position of power (in order to implement the ideas that they know are right), they have to stop being so difficult and arrogant, even when it is obvious that management are idiots.
Of course, OpenSource often does an end-run around business, but it doesn't mean you'll get the $$$ or the babes going that route :-)
The whole process gives a whole new dimension to e-mail and general communication, with this posting as an example. I've started to think and communicate in hypertext.
Another philosophical point is that you are striving to create a system that maintains dynamic equilibrium. The system you are programming isn't silicon but grey matter. You are balancing all our (the readers) conflicting e-motional responses in order to balance the system just right. I find it fascinating how simple decisions (like if you were to remove Anonymous Coward) have unpredictable effects that unbalance the system.
In any case, here are my suggestions:
Most people put a copyright notice on their work that also states that any copy must contain the copyright notice. This what I do on my documents (example: http:// www.robertgraham.com/pubs/network-intrusion-detect ion.html#copyright).
I go futher and track my document. I put a 1-bit GIF file embedded in my document that links back to my server. This tracks people who simply mirror the document through the Referer field.
Then, I put interesting spelling and wording in the document. This allows me to track the document via AltaVista and other search engines.
The philosophical standpoint here is that any document you create is the start of a meme. I use these techniques to shepard my meme through the web. From this perspective, the Copyright notice is important for works that you want to be essentially in the public domain: it still gives you control over the basic process.
I'm a little confused. The article that suggests my posting get bumped, itself gets bump to 2, but mine (which I think is very helpful bit of signal in the noise) remains at 1. Not that I really want to get bumped; I'm just a little curious as to how /. works.
The buffer overflow is only run on WIN32 clients.
The clients tell the server what version they are long before the server sends the buffer overflow packet. Microsoft chooses to emulate the WIN32 client because it has a lot more features than other clients.
To verify, take a sniffer and capture a trace file of the connection sequence. Only when connecting with the v2 Win32 client will you see this particular packet contents being sent.
Read the technical analysis at http://www.robertgraham.com/pubs/aol-e xploit
Most messenging protocols are peer-to-peer and client-server. 90% of a messenger protocol has to deal with issues other than sending messages, for which peer-to-peer would make sense. This includes the ability for you to find your buddies in the first place. If I travel to Europe and dialin with my notebook, how are you going to find me except through a common server?
Even peer-to-peer messenges have problems. One of which is that this remove anonimity; what happens with lots of protocols like IRC is that cr/hackers nuke/flood other people's IP address. Not to mention the problem of when both sides are behind firewalls/proxies, and thus cannot create a direct connection between each other.
The full geeky explanation is at http://www.robertgraham.com/pubs/aol-e xploit. Basically, in one of the login packets, AOL sends more data than the client expects, causing the buffer overflow, which then changes some of the values in response packet.
The update is currently in beta and will probably be released next week. In any case, the intrusion is now listed.
I submitted this to /. right after the Bugtraq posting came out (last Tuesday). One wonders why /. rejects the technical details but accepts the mainstream press, especially since nerds typical hate the mainstream press for being either devoid of technical details, or getting them wrong.
Yes, it is a buffer-overflow exploit. The article had a factual error in it. The server sends more data than the client expects; a field 0x0100 bytes long is sent 0x0118 bytes of data. To read the original technical analysis, go to http://www.robertgraham.com/pubs/aol-e xploit.
Easy answer: drop a Token Ring and Ethernet card in your Linux box and route between them. If routing gets ornery, then use proxy ARPs.
Problem: This is easy if you are using TCP/IP, but if you want access to other things, like NetBEUI, AppleTalk, SNA, etc., then you are screwed.
Problem: If you are using TCP/IP and you only get one IP address, then assign completely unrelated IP addresses to the Linux box (like 192.0.2.5 and 192.0.2.6). Then turn on "Proxy ARPs", which tells your box to respond to ARPs for the machine(s) behind it. Then use the "route" command to hard-code routes back-and-forth through the box.
You can "bridge" instead of "route". Routing, as described above, analyzes the IP packet, and strips off the Ethernet/TokenRing headers. Conversely, briding ignores the IP contents and does some translation magic to convert between Ethernet and Token Ring. The conversion algorithm is straight forward. There have been briding programs for DOS for ages, and there might be ones for Linux. Writing one on libpcap wouldn't be too hard -- if you knew what you were doing and were intimately conversent with the protocols.
Even a Win95/Win98/WinNT box would be pretty easy to set up for routing in much the same way. It supports proxy ARPs, hard-wired routing, and the like. It probably has better support for Token Ring.
Do you need any protocol but TCP/IP?
How do you force a CPU to handle an individual NIC? I know how to set the processor affinity in user mode, but how do I do this trick? (I ask because I want to actually do it). Thanks
The following site has list of basic links:
http://www.networkice.com/advice/OS/UNIX/
(Yahoo-ish format, but links are much better reviewed and more relavent).