No, use testing - even in production, it's actually very good.
Yes. I'd really like to see thousands of people running a platform in production where you'll never know, *when* a security update to some broken software is released.
Spamming is illegal throughout the European Union - I don't get hardly any spam from Europe (I get about 60 a day!), and if I get some, I am entitled to cash 250 Euros from the spammer... it works!
This seems to be wishful thinking. The only country within the EU having laws against UCE is Austria. All other countries do not have *laws* against UCE, although the courts in several countries (i.e. Germany) normally rule against UCE, if the sender is challenged in court.
But: There's not many people who want to stand the risc of going to court over UCE, as it canbe quote expensive if the court rules against you.
As the article states, this scheme will make most CD-ROM drives unable to play the discs IN AUDIO MODE.
Then these CDs aren't CD-Audio anymore (Red Book), so they shouldn't be allowed to sell them as CD-Audio (with the label on it).
My DVD-ROM is labeled "supports CD-Audio", so when it fails to play these CDs, they're faulty.
Version 1: Flash Vos? virtualizes the disk device only. Thus, a single disk device can be partitioned into multiple virtual disks, with a separate OS
installed in each virtual disk. Each installed OS is oblivious to the others, and Flash Vos? Super O/S resides in the BIOS, above the OS level. Only one
OS at a time can actually run on the computer. To switch OS's, the user must exit the currently running OS, change the active partition of the disk
using Flash Vos? Super O/S, and reboot the new OS. This method of switching OS's may be termed a "cold swap".
This looks like a BIOS-Bootmanager, it just activates the partition the OS you're interested in resides on, then let's you boot from that partition. Magic indeed.
Version 2: Flash Vos? Super O/S can checkpoint the active state of the current OS, allowing a rapid changeover ("hot swap") to another OS without
halting and rebooting. The active state of the current OS is saved on disk, and the new OS is resumed in the exact state in which it was last saved.
Aah, a BIOS based bootmanager with APM - The state of your work is saved to disk, then you reboot.
Version 3: Flash Vos? Super O/S virtualizes the main memory and I/O resources, allowing multiple OS images and applications to reside in separate
portions of the main memory. This means that the user can instantly switch to another active OS, via Flash Vos? Super O/S.
Okay, that looks like a VMware done in hardware. Each OS is given a slice of the available RAM in which it can reside and run. You can switch between different Virtual-Machines. Okay, ther is no emulation layer in here, as all OSes are running on the actual hardware. When switching OSes, the OS you're switching from has to release all Hardware - that seems to be interesting. But that is "Phase III", so I wouldn't hold my breath.
Version 4: Flash Vos? Super O/S fully virtualizes, multiplexes, and schedules all physical resources, allowing concurrent execution of multiple OS's
and their applications, including communication and shared storage between OS's.
Can't wait for that one - does anyone need a nice bridge? I own one I could sell:)
I haven't seen it posted here, so I try to put some things into perspective:
AOL is not an ISP, AOL is an Online Service. An ISP just routes packets or stores stuff for a limited time (like newsgroups or proxy-servers). Well, they also store Webpages for their customers - and the customer is liable for unlawful content.
Now to AOL: AOL is a bit more than a packet shifter, AOL is a "Content Provider". They might for example offer a forum related to popular music. Now this forum (and its content) is a Value Added Service for AOL Users - no one outside from AOL can use this forum. And all those forums have one thing in common: They are (somehow) moderated by AOL or by people AOL "hires" to moderate.
And here lies the conflict with german law. All these forums are handled by an editorial staff paid by AOL. So AOL is responsible for all the stuff which is written/posted/whatever in these forums. AOL does know what is in these forums as soon as content is posted there.
Any normal ISP doesn't know about the content of the webpages it hosts, or the newsgroups it carries. When they get to know about content whih breaches the law, they have to delete it also. But they are not required to check on this content by themselves - there's no edotorial staff there.
So please: Before you condemn german law as being stupid (yeah, it is), please don't mix Online Services with ISPs.
If it had been an ISPs customer, who had these files on his webpages, he would have been the one being sued. On knowing the content of this webpage, the ISP would be required to shut it down, but they wouldn't have been liable for this content.
By the way, the text window on the posting page is way too small;-)
Share and Enjoy,
Ralph
Re:How do we explain the problem to the public?
on
More on LinDVD
·
· Score: 1
So here's a challenge: who can come up with a single sentence, say no more than 20 words, which explains why a propietary DVD player for Linux is not sufficient?
Because it won't work on my PPC/ALPHA/SPARC/WHATEVER.
This is not a Linux Player, this probably will be a Linux-x86-Player.
I'm still wondering: Do they rely on the UDF-Patches? Or how are they getting the content from the DVD?
It appears that etoy may have been exploiting the resembilance between etoy and etoys to confuse potential investors. This is not just another big company stealing a website, this is possible fraud.
Maybe you would like to tell us how they wanted to do that without the ability to travel in time? etoy.com was registered in Oct. 1995, while etoys.com didn't register their domain before Nov. 1997.
It's close to impossible to foresee that a big Toystore is going to use a domain exceedingly similar to your domain 2 years in advance - or did I miss something?
I recall CYGNUS was going for a name change, with a Linux box as a prize for the lucky one who would think up a compelling name (uh, and the stock symbol - so much for 'privately owned company'). Most wanted it to stay just as it was - Cygnus. Apparently, the name change came from where it wasn't expected. So, who gets the Linux box?!?
Yes, but it saves you the hassle of blocking 2 ISPs on your Mailserver;-)
Funny thing is, that that's exactly what I thought when I read about the merger. Most spam I get (and which does not come from.tw or.my - although the Taiwanese begin reacting to complaints) comes from earthlink, mindspring isn't that far from the top either.
Let them merge with uunet, and despamming your mailbox is as easy as baking cake.
I'm not really following the Kernel-Mailinglist (just what people forward to me), and I wonder, if there will be a stable and working ISDN-Driver in there.
Seems to me, that Linus somehow is pretty pissed at the attitude of the ISDN-Developers, who seem to release only Big Driver Chunks, when it is close to a feature freeze.
Any updates on that (I need a working ISDN-Driver)?
Microsoft's semi-proprietary almost-XML, more likely.
Well, XML may be an open standard, but who knows, what I'd like to put into the DTD for my Format?
But yes, you're right, XML is an even worser buzzword than linux at the moment.
Ralph
Re:Someone Wanna Grab that Palm Pilot?
on
Password Overload
·
· Score: 1
How secure is that? Can you get PGP for the Palm?
Nope, there is a small utility for the palm called "Secret!", which does all this. It keeps all the stuff stored crypting it wiht TripleDes (yes, it's not that secure). It even has a TAN-Mode (for those of you into homebanking).
Neat, I keep all my passwords (and the root-passwords of our customers machines) stored in it.
Doing this is also quite a reminder to not forget your Palm anywhere;-)
The question needs to be, are 'they' going after: 1. Labor unions ? 2. Communists ? 3. Jews ? 4. Catholics ?
Nope, they are directly going after you, leaving out all these groups. As said before: The attitude "as long as I don't do anything wrong I don't care" will cost you your privacy faster then you can say "Why me?"
Related to that: At the end of may Janet Reno wrote a note to the german minister of justice about the issue of exporting strong cryptography.
Germany, as well as most other countries in the European Union allow the export programs using strong cryptography, as long as they are in the Public Domain.
Janet Reno opposed to that, saying that this weakens the Wassenaar treaty, which was signed by more than 30 countries world wide.
For the complete article - and Janet Reno's letter - go here (by telepolis, an online magazine published by the Heise-Verlag, which also publishes c't).
Sorry, only available in german, maybe you want to babelfish it.
Sorry, there is no (I wonder why) german page available, the results can be found in c't 13/99 on pages 186 and following.
Short summary: This test shows, that Linux+Apache outperforms NT as a webserver if there is only one NIC to handle. It also shows, that the number of processors daoesn't matter that much, when using Linux as the host sytsem for apache. NT runs much better than Apache on Linux, when more then one NIC has to be served - which might be the result of not having a multi-threaded IP-stack under Linux.
Setup one Linux box as an NIS server and the others as NIS clients or backup servers. All user managment etc is handled from the main server machine.
Errm, guys? We were talking about security here... Sure, you can use NIS and NFS to have the same account on each of those 8 boxes with setting it up only once, but NIS is a security breach par excellence (speaking of passwords going round the Network uncrypted, every one can read the password map etc.)
You may try NIS+, which is far worse to install and maintain, but it is somewhat more secure - and there is no NIS+-Server for Linux.
But yes, you might check out OpenLDAP and Coda as a Filesystem, but I don't see any Coda servers for Linux either.
So: If you only have trusted users in your network environment - go for NIS (and be sure, that noone from outside your network is allowed to NIS).
UDP because of some stupid morons, who can't post right?
Okay, I haven't read any of the BIG-8 groups for two years now, so I can't comment on the damage(!) done by AOL users there, but in de.* you'll mostly find some stupid (or falsely quoted or whatever) postings by AOLers, but you'll find significantly more idiots using Outlook Express or any incarnation of Mozilla. So what do you want to do against that?
UDP against Microsoft users? UDP against Netscape users?
UDP is what you do if an ISP does damage to the net, due to spamhosting (see the (proposed) UDP against PSI - the only active UDP I can remember lately ist the one against netcom (which has been cancelled)), AOL does not do that - you might want to take a look how many of those UCEs which are apparently from AOL aren't (same goes for hotmail or juno).
If you are fed up with Postings from AOL, then put aol.com into your killfile and don't accept any Mail from AOL users. If more and more people are doing this, some people who now are with AOL will change to another ISP (and I hope for you, that these are only the users who are worthwile reading).
But I can't see AOL trying to actively destroy the usenet at the moment.
As I said: I'd like to have a more responsive Abuse team at AOL (maybe Afterburner likes to leave erols.com?) and I want restricted test accounts. But these are my wishes (and those test accounts are mostly misused for UCE, not for spam or velveeta) and no reason for an UDP.
Ralph
No, I don't work for AOL, I just don't like the lynch mob which has built up behind the Proponents of this RfD.
Hopefully the threat alone will cause AOL to make some changes
There's something you might miss, when reading a "bablefished" translation of the RfD: The RfD asks the admins to issue an UDP for the de.* hierarchy in Usenet, not banning AOL completely (which would be a quite senseless thing to discuss about in a de.*-only RfD).
It is not even clear, which kind of UDP should be issued, a passive one (where the newsfeeds won't take any postings coming from AOL) or an active one (where any AOL-Postings will be canceled on sight).
Furthermore the RfD talks about many issues, which aren't related to Usenet at all (not reacting on messages sent to abuse@aol.com, sending UCE from AOL test accounts), so many admins (and users) can't agree on issuing an UDP for those points.
Next: The actual reason for posting this RfD is a guy (calling himself Seltzer-McKensey) who is actually destroying four newsgroups in the de.*-hierarchy (de.etc.finanz.*) by posting hundreds of postings there monthly. AOL doesn't react to this (neither by calling them, nor through e-mails sent to abuse@aol.net). They tried to ban him from posting, but this guy just switches to his next AOL-CD and goes on posting.
But through this guy alone, the technical funtionality of Usenet is not harmed, so that's no reason for an UDP. And many of the admins and users in Germany (or in de.* which is international) take the same standpoint. There's idiots with each ISP, AOL has the problem of their non-restricted testing accounts.
Now, before anyone accuses me of standing in for the enemy;-) - I would like to see those AOL test accounts being restricted (no posting without verification of the person who uses an account), I also would like AOL to actually react to mails to abuse@aol.net, not just having their ignorebot giving me replies. And that they can restrict those accounts has been shown some weeks ago: Without being a verified user with AOL, you can't send any e-mail attachments.
But I don't think that the mentioned points in the RfD qualify for issuing an UDP (and I don't quite see, what an UDP limited to one hierarchy could do). UDP is the last resort against an ISP, and I don't see, that this last resort should be used against AOL at the moment.
If UDP, then hierarchy-wide and not local to one hierarchy. If UDP then for reasons everyone will understand, but not for those. Otherwise there should be an UDP against deja.com right now, for the same reasons (or take any other company which allows webbased posting without checking on the users).
Gates says "I really don't think in the commercial market, we'll see it [compete with Windows] in any significant way".
And he's just right there: Linux doesn't need to compete commercially with Windows. It's nice, that all the big Software Companies are now porting the important Applications over to Linux, but you don't have to use them and still have a very nice Operating System (and working environment) on your hands.
And I think, that that's exactly the point Bill doesn't get: Linux is out for world domination, but not to sell more copies than Windows. It is no competition in terms of stock market or whatever, Linux just quietly takes over niches (and lately even Desktop space) where Windows has roamed before.
Well, it's his own fault if he is only able to think about "commerce, commerce, commerce" nowadays. I suppose, that sometimes one could feel sorry for him.
Slashdot Mirror
Yes. I'd really like to see thousands of people running a platform in production where you'll never know, *when* a security update to some broken software is released.
Ralph
This seems to be wishful thinking. The only country within the EU having laws against UCE is Austria. All other countries do not have *laws* against UCE, although the courts in several countries (i.e. Germany) normally rule against UCE, if the sender is challenged in court.
But: There's not many people who want to stand the risc of going to court over UCE, as it canbe quote expensive if the court rules against you.
Ralph
Then these CDs aren't CD-Audio anymore (Red Book), so they shouldn't be allowed to sell them as CD-Audio (with the label on it).
My DVD-ROM is labeled "supports CD-Audio", so when it fails to play these CDs, they're faulty.
Just my $.02
Ralph
From their Homepage:
This looks like a BIOS-Bootmanager, it just activates the partition the OS you're interested in resides on, then let's you boot from that partition. Magic indeed.
Aah, a BIOS based bootmanager with APM - The state of your work is saved to disk, then you reboot.
Okay, that looks like a VMware done in hardware. Each OS is given a slice of the available RAM in which it can reside and run. You can switch between different Virtual-Machines. Okay, ther is no emulation layer in here, as all OSes are running on the actual hardware. When switching OSes, the OS you're switching from has to release all Hardware - that seems to be interesting. But that is "Phase III", so I wouldn't hold my breath.
Can't wait for that one - does anyone need a nice bridge? I own one I could sell :)
Ralph
Assuming, that approximately 25% of Usenet traffic is text, they need around 30 Gigs a day just for storage.
Now add to that space for the index, redundance, maybe several databases for speed (serving many users at once) - and it's more than a couple of gigs.
Ralph
AOL is not an ISP, AOL is an Online Service. An ISP just routes packets or stores stuff for a limited time (like newsgroups or proxy-servers). Well, they also store Webpages for their customers - and the customer is liable for unlawful content.
Now to AOL: AOL is a bit more than a packet shifter, AOL is a "Content Provider". They might for example offer a forum related to popular music. Now this forum (and its content) is a Value Added Service for AOL Users - no one outside from AOL can use this forum. And all those forums have one thing in common: They are (somehow) moderated by AOL or by people AOL "hires" to moderate.
And here lies the conflict with german law. All these forums are handled by an editorial staff paid by AOL. So AOL is responsible for all the stuff which is written/posted/whatever in these forums. AOL does know what is in these forums as soon as content is posted there.
Any normal ISP doesn't know about the content of the webpages it hosts, or the newsgroups it carries. When they get to know about content whih breaches the law, they have to delete it also. But they are not required to check on this content by themselves - there's no edotorial staff there.
So please: Before you condemn german law as being stupid (yeah, it is), please don't mix Online Services with ISPs.
If it had been an ISPs customer, who had these files on his webpages, he would have been the one being sued. On knowing the content of this webpage, the ISP would be required to shut it down, but they wouldn't have been liable for this content.
By the way, the text window on the posting page is way too small ;-)
Share and Enjoy,
Ralph
Because it won't work on my PPC/ALPHA/SPARC/WHATEVER.
This is not a Linux Player, this probably will be a Linux-x86-Player.
I'm still wondering: Do they rely on the UDF-Patches? Or how are they getting the content from the DVD?
Ralph
Maybe you would like to tell us how they wanted to do that without the ability to travel in time? etoy.com was registered in Oct. 1995, while etoys.com didn't register their domain before Nov. 1997.
It's close to impossible to foresee that a big Toystore is going to use a domain exceedingly similar to your domain 2 years in advance - or did I miss something?
Ralph
Take a look at www.corenic.net - or www.iana.org, you'll find the informations about alternative registrars there.
It's no problem to get a new domain without using nsi.
Ralph
Redhat. And yes, it's Caldera OpenLinux 2.3.
Ralph
Yes, but it saves you the hassle of blocking 2 ISPs on your Mailserver ;-)
Funny thing is, that that's exactly what I thought when I read about the merger. Most spam I get (and which does not come from .tw or .my - although the Taiwanese begin reacting to complaints) comes from earthlink, mindspring isn't that far from the top either.
Let them merge with uunet, and despamming your mailbox is as easy as baking cake.
Just my 2 cents,
Ralph
Seems to me, that Linus somehow is pretty pissed at the attitude of the ISDN-Developers, who seem to release only Big Driver Chunks, when it is close to a feature freeze.
Any updates on that (I need a working ISDN-Driver)?
Ralph
Well, XML may be an open standard, but who knows, what I'd like to put into the DTD for my Format?
But yes, you're right, XML is an even worser buzzword than linux at the moment.
Ralph
Nope, there is a small utility for the palm called "Secret!", which does all this. It keeps all the stuff stored crypting it wiht TripleDes (yes, it's not that secure).
It even has a TAN-Mode (for those of you into homebanking).
Neat, I keep all my passwords (and the root-passwords of our customers machines) stored in it.
Doing this is also quite a reminder to not forget your Palm anywhere ;-)
Ralph
Nope, they are directly going after you, leaving out all these groups. As said before: The attitude "as long as I don't do anything wrong I don't care" will cost you your privacy faster then you can say "Why me?"
Related to that: At the end of may Janet Reno wrote a note to the german minister of justice about the issue of exporting strong cryptography.
Germany, as well as most other countries in the European Union allow the export programs using strong cryptography, as long as they are in the Public Domain.
Janet Reno opposed to that, saying that this weakens the Wassenaar treaty, which was signed by more than 30 countries world wide.
For the complete article - and Janet Reno's letter - go here (by telepolis, an online magazine published by the Heise-Verlag, which also publishes c't).
Sorry, only available in german, maybe you want to babelfish it.
Ralph
The (yep!) english article can be found here.
Sorry, there is no (I wonder why) german page available, the results can be found in c't 13/99 on pages 186 and following.
Short summary: This test shows, that Linux+Apache outperforms NT as a webserver if there is only one NIC to handle. It also shows, that the number of processors daoesn't matter that much, when using Linux as the host sytsem for apache.
NT runs much better than Apache on Linux, when more then one NIC has to be served - which might be the result of not having a multi-threaded IP-stack under Linux.
Read ;-)
Ralph
Sure, you can use NIS and NFS to have the same account on each of those 8 boxes with setting it up only once, but NIS is a security breach par excellence (speaking of passwords going round the Network uncrypted, every one can read the password map etc.)
You may try NIS+, which is far worse to install and maintain, but it is somewhat more secure - and there is no NIS+-Server for Linux.
But yes, you might check out OpenLDAP and Coda as a Filesystem, but I don't see any Coda servers for Linux either.
So: If you only have trusted users in your network environment - go for NIS (and be sure, that noone from outside your network is allowed to NIS).
Ralph
As said: these are four groups out of close to 400 in the de.* hierarchy. That's not really AOL destroying usenet, is it?
;-)
There's morons and aggressive people with every ISP, although most ISPs are quicker to react against those people.
Yes, free trial accounts are evil (tm), and Seltzer-McKenzie is changing his trial CDs faster than other people do change their underwear.
But that's no reason for an UDP, is it?
BTW: public@dana.de doesn't get that many UCEs, and not all of them are from AOL.
Plus, there is not that much content on this mailing list (and it is only closely related to usenet
Ralph
Okay, I haven't read any of the BIG-8 groups for two years now, so I can't comment on the damage(!) done by AOL users there, but in de.* you'll mostly find some stupid (or falsely quoted or whatever) postings by AOLers, but you'll find significantly more idiots using Outlook Express or any incarnation of Mozilla. So what do you want to do against that?
UDP against Microsoft users? UDP against Netscape users?
UDP is what you do if an ISP does damage to the net, due to spamhosting (see the (proposed) UDP against PSI - the only active UDP I can remember lately ist the one against netcom (which has been cancelled)), AOL does not do that - you might want to take a look how many of those UCEs which are apparently from AOL aren't (same goes for hotmail or juno).
If you are fed up with Postings from AOL, then put aol.com into your killfile and don't accept any Mail from AOL users. If more and more people are doing this, some people who now are with AOL will change to another ISP (and I hope for you, that these are only the users who are worthwile reading).
But I can't see AOL trying to actively destroy the usenet at the moment.
As I said: I'd like to have a more responsive Abuse team at AOL (maybe Afterburner likes to leave erols.com?) and I want restricted test accounts. But these are my wishes (and those test accounts are mostly misused for UCE, not for spam or velveeta) and no reason for an UDP.
Ralph
There's something you might miss, when reading a "bablefished" translation of the RfD: The RfD asks the admins to issue an UDP for the de.* hierarchy in Usenet, not banning AOL completely (which would be a quite senseless thing to discuss about in a de.*-only RfD).
It is not even clear, which kind of UDP should be issued, a passive one (where the newsfeeds won't take any postings coming from AOL) or an active one (where any AOL-Postings will be canceled on sight).
Furthermore the RfD talks about many issues, which aren't related to Usenet at all (not reacting on messages sent to abuse@aol.com, sending UCE from AOL test accounts), so many admins (and users) can't agree on issuing an UDP for those points.
Next: The actual reason for posting this RfD is a guy (calling himself Seltzer-McKensey) who is actually destroying four newsgroups in the de.*-hierarchy (de.etc.finanz.*) by posting hundreds of postings there monthly. AOL doesn't react to this (neither by calling them, nor through e-mails sent to abuse@aol.net). They tried to ban him from posting, but this guy just switches to his next AOL-CD and goes on posting.
But through this guy alone, the technical funtionality of Usenet is not harmed, so that's no reason for an UDP. And many of the admins and users in Germany (or in de.* which is international) take the same standpoint. There's idiots with each ISP, AOL has the problem of their non-restricted testing accounts.
Now, before anyone accuses me of standing in for the enemy ;-) - I would like to see those AOL test accounts being restricted (no posting without verification of the person who uses an account), I also would like AOL to actually react to mails to abuse@aol.net, not just having their ignorebot giving me replies. And that they can restrict those accounts has been shown some weeks ago: Without being a verified user with AOL, you can't send any e-mail attachments.
But I don't think that the mentioned points in the RfD qualify for issuing an UDP (and I don't quite see, what an UDP limited to one hierarchy could do). UDP is the last resort against an ISP, and I don't see, that this last resort should be used against AOL at the moment.
If UDP, then hierarchy-wide and not local to one hierarchy. If UDP then for reasons everyone will understand, but not for those. Otherwise there should be an UDP against deja.com right now, for the same reasons (or take any other company which allows webbased posting without checking on the users).
Ralph
And he's just right there: Linux doesn't need to compete commercially with Windows. It's nice, that all the big Software Companies are now porting the important Applications over to Linux, but you don't have to use them and still have a very nice Operating System (and working environment) on your hands.
And I think, that that's exactly the point Bill doesn't get: Linux is out for world domination, but not to sell more copies than Windows. It is no competition in terms of stock market or whatever, Linux just quietly takes over niches (and lately even Desktop space) where Windows has roamed before.
Well, it's his own fault if he is only able to think about "commerce, commerce, commerce" nowadays. I suppose, that sometimes one could feel sorry for him.
Ralph
Yeah, but think of the money you (or your great-great-.......-great-Grandchildren) can sell this book for, when Y10K comes along ;-)
If there is still money then. Cobol surely is gonna stick around that long.
Ralph
Whoah,
;-).
what happened to the US-Dollar? It's DM 52,36 at amazon.de, which used to be somewhat like 30 to 32 bucks.
Nah, even that's way to expensive for a book by Gates. I read "The Road Ahead" when I found it for DM 8,50 (around $5 - before Inflation
How about them trademarking "Spammer's Heaven", "Clueless Providing" and "Me Too" also?
;-)
Now that at least would have something to do with inventings stuff concerning the net
Ralph