Quite hard to share repositories The repositories can be read using any WebDAV complient software.
Ever tried setting up a WebDAV server? That fits anybody's definition of hard. The Subversion team recognize this, so they allow you to access the repository over ssh too (thank goodness!). Problem is, everyone using ssh must log in to the same user account or the permissions get screwed up. So, yes, it's quite hard to share repositories in Subversion.
No distributed development If your talking about multiple servers like bitkeeper...
Um, yeah. OK, allow me to be slightly clearer: Subversion does not support decentralized development. Not at all. It's a major limitation.
No way to mark your branches (if you accidentally check out the directory containing your branches, you just got 50 gigs of 99.9% identical files...)
No distributed development
Pretty weak merging
Arch Good Points:
Extremely good distributed development
Super easy to share repositories
Pretty strong merging.
Very stable development
Arch Bad Points:
Forces you to give your projects weird names ("my-project--branch-1--1.1").
Forces each branch into a different top-level directory in your archive ("my-project--branch-2--1.1").
Doesn't feel anything like CVS.
Pretty slow (but they're working on it).
Somewhat difficult to resolve merge conflicts
I wish I could love Arch because distributed development absolutely rules. I could tolerate its bizarre command set, but I simply won't accept arbitrary (and ugly) constraints on what I name my projects and branches.
Verdict: I'm still using CVS. Subversion is very close to pleasing me enough to switch... I'll probably ditch CVS some time this year.
Store the recovery information outside the archive. Par2 works really well. You can configure how much redundancy you want (2% should be fine for occasional bit errors, 30% if you burn it to a CD that might get mangled, etc.). It's a work in progress, but it's already really useful.
That's easy: Early Metrowerks. Why did IDE quality peak in 1995?? An honorable mention is Think Pascal around 1989 (with TMON it was the best debugging environment ever).
Eclipse is coming close in the IDE department, but damn does it feel slow and clunky on my 2.4 GHz 512 MB RAM workstation. And all debuggers that I've seen simply suck.
Um, how about actually watching for cracking attempts? "My word, user jimj just tried to log in 100 times in less than 1 hour. Let's deny the IP address he's trying to log in from."
As far as I can understand, your argument boils down to "I don't like SPF because my systems are hideously insecure, I'm cool with them being used as open relays, and I don't feel like being a competent sysadmin"?
My domain is: mydomain.com Customer A is traveling and is using his e-mail of joe@mydomain.com However, I do IP filtering on my mail server (not SASL AUTH), for my dial-up pools. When Customer A is at hotel he must use their mail server to send mail out, so his mail will be rejected because the hotel mail server isn't listed in mydomain.com's SPF txt list.
I have yet to see an answer to this problem. Also I send a lot of mail from home but put mydomain.com in the From: header. Sending email is going to get a lot more difficult
The answer is to use a VPN. You want all mail that purports to be from your domain to pass through your domain's mail servers. Always. Put your laptop on your company's network (virtually) and more problems than just this one are solved.
Octave appeared to be a decent environment when I was doing a lot of Matlab. Another one that definitely merits a look is PDL -- the Perl Data Language.
I haven't used it yet but the next time I need to crunch a lot of data, that's the first thing I'm going to try. The expressivity of Perl along with strong matrices and decomposition? That could be quite choice.
How did you ever get +4 insightful?? Your post has a lot of strong words and zero substance. You spend some time complaining about SPF without backing anything up. Then you offer some rather tired suggestions:
Limit email amplification.
Great. How? People have been trying to do this since the mid-90s with little success. Remember that amplification is a very valuable feature of email ("send this message to everybody in marketing").
Require one of a number of pay or auth systems for email.
Ha. There are 5 companies out there trying to do exactly this (and incidentally become the for-pay email monopoly). Do you want to start company 6? All of them are doomed to failure, of course, because they all involve a central authority.
Whitelisting
Only works in a few very contrived situations (usually involving second email addresses or non-business-critical functions). Whitelisting, if adopted globally, would largely render email worthless.
[a set of IMAP extensions for clients to query whitelists]
Now this is simply insane. It has all of the problems that SPF does (think about it: every single one, plus it's much MUCH more bandwidth intensive). Then it introduces some of its own (like, too much shared information, IMAP's poor security record, etc.). You didn't think about this one very long, did you?
So, smart guy, how about some substance? Exactly what is wrong about the SPF RFC? Be sure to use more descriptive adjectives than "dumb", "useless" and "crap".
I know without a doubt what the next physical medium will be for me.
Zilch.
After getting used to my 60 GB MP3 player (swapped drives on my laptop and Archos) and ripping all my music into my computer, I'll never get up to go swap a (tape/cd/fingernail speck) again.
If each lane went 5mph faster than each previous lane, and people merged well (and early), then even in the very worst traffic situations, people would be moving.
Each lane 5 mph faster: good idea (as long as there are no left-hand entrances/exits). Merge well: yes. Merge early: wrong!
It sounds surprising but when people merge early, 3 or 4 cars from the merging lane get to pass for every car in the merged lane. The merged lane comes to a virtual standstill.
The only practical way to get a good zipper effect where an equal number of cars from each lane pass is to merge as late as you safely can.
I should do up a flash animation to show why this is true.:)
Vibrations are simply waves...If you have two waves if the right frequency/amplitude you can cause destructive interference, i.e., cause them to cancel.
Right. And at the very same time you're getting two waves to interfere destructively, 1/2 wavelength away, the same two waves are CONSTRUCTIVELY interfering. I.e. the sound is twice as loud.
With sound waves (depending on freq), that's usually a few inches or feet away. So, yes, you could theoretically cancel sound waves on a boat, but you'd better be alone and hold really damned still.
Noise cancelling headphones work because the headphones know exactly where your eardrum is at all times. It's easy to place the node right there.
AFAIK, nobody has gotten general-purpose active noise cancellation to work on anything larger than a set of headphones. Whoever does will make a fortune from homeowners living near highways and airports.
A year or two ago, I heard some sort of proposal to extend RFC 822 to add an additional step in processing and forwarding email to get rid of From header forging. It sounded simple and effective.
Let's say my MX is currently connected to internet host 199.199.199.199 receiving a message that the From header claims to be from "billg@microsoft.com" My machine would then query a server at microsoft.com (probably using some form of DNS) to ensure that 199.199.199.199 is indeed a server authorized to send mail as microsoft.com. If it's not, chances are very good that the message has forged headers and should be punished by SpamAssassin (or whatever).
Of all the proposals I've heard, this one is by far the most practical. Why haven't I heard anything since?
Funny -- just today I threw out the application for my voucher from the CA class action lawsuit.
In 1998, I bought a ThinkPad with Win98 installed. Apparently, this makes me eligible for $16 of Microsoft vouchers redeemable at major chains. I just needed to fill out a big honkin' form ripe for targeted marketing / mailing lists / etc. Why would they need anything more than my name and address??
The small print? By submitting the voucher I agree that Microsoft has been totally cleared of any wrongdoing and I will never pursue any other claim related to this against Microsoft in the future. For $16. Why bother?
I should have been a lawyer -- these are the only guys getting any money out of this settlement.
A sales guy at our company was insanely proud of his new cell phone (this was in 1999 -- the things were still somewhat new). He'd leave it at his desk with the annoying ringer turned all the way up, distracting our half of the office a few times each afternoon.
A friend had a dead cell phone of around the same color. We smashed the dead phone into unrecognizable pieces and took them into work. The next time the sales guy's phone went off and he wasn't at his desk, we quickly replaced his phone with the pieces, turned it off mid-ring, and banged hard on his desk a few times.
When he heard his ring cut off and the WHAM! WHAM! WHAM!, he came running. The look on his face when he saw the pieces was priceless.
And, bonus, he never left the phone at his desk any more.
This sounds like subharmonic oscillation in the inductor core used in the DC-DC converter.
It's funny that someone would think that this comment is funny.
A DC-DC converter converts one voltage (battery voltage) to another (operating voltage). They often work by converting the DC signal to AC oscillations, transforming, and then back to DC.
Subharmonic: a harmonic less than the fundamental frequency. The DC-DC converter switches at a frequency much higher than audible range so you could never hear its switching but you could hear subharmonics.
Inductor: Used to transform the AC current. An introductory electromagnetics text will describe how. Inductors are usually made of coils of wire. Transformers are just two coupled inductors.
Core: Winding the wire around an iron or more exotic core will increase the inductor's efficiency.
If there is damage (i.e. cracked inductor core), you might actually be able to hear the switching used to convert the DC voltages. The cure: replace the inductor.
2018 Sobig.F-infected messages. ClamAV+Amavis recognized all of them and sent them straight to the Spam.SobigF folder. I never even saw them. Beautiful.
On the other hand, I've had to wade through and delete 100+ erroneous messages telling me that I sent out a virus infected mail. The hell I did. I'm being buried in these warnings and -- because there's no standard way of generating warnings -- I can't filter them!
So, yeah, if you're sending virus warnings for inbound mail, you're essentially spamming people. ME. Cut it out. Only send virus warnings to your internal users if at all.
I highly doubt that the legalization of marijuana is a necessary topic when there are many other topics which should be discussed.
I disagree. I don't touch the stuff myself (makes me barf), but a friend of mine is a grower/wholesaler. He owns two large industrial warehouses full of lights and plants. He takes in about $15,000 to $60,000 A MONTH. It's hellishly difficult to launder, of course, so most of his fortune sits unspendable in offshore bank accounts.
It's absolutely insane that none of this is taxed or contributes to our economy in any way. California could sure use the help.
Why don't you try changing a single line of QMail source code and distributing your changes? Except you can't -- DJB explicitly prevents it. He's got a number of other weird clauses in there as well.
You clearly have a very different idea of free than most people. Thank goodness for Postfix!
Given that the letter was forged with Gary Kremen's stationary, a better example would be the second mechanic being handed a fake ID and being unable to determine that it was fake.
That's a terrible analogy. Letterhead != Authorized ID. It's like the second mechanic being handed a letter on the original owner's stationary, and then NOT so much as calling the original owner before letting the car go.
Hell yes you'd hold the garage accountable for the loss of the car.
Slashdot Mirror
That can't be right... Am I understanding correctly?
- Bob sends you an email.
- Your system sends a challenge message back.
- Bob's system sends you a challenge of his own
- According to you, your system automatically assumes that Bob is friendly and therefore allows his challenge through.
Now, what if Bob is actually a spammer? All he has to do is send you two spams and one will get through. Doesn't sound very effective to me...The repositories can be read using any WebDAV complient software.
Ever tried setting up a WebDAV server? That fits anybody's definition of hard. The Subversion team recognize this, so they allow you to access the repository over ssh too (thank goodness!). Problem is, everyone using ssh must log in to the same user account or the permissions get screwed up. So, yes, it's quite hard to share repositories in Subversion.
No distributed development
If your talking about multiple servers like bitkeeper...
Um, yeah. OK, allow me to be slightly clearer: Subversion does not support decentralized development. Not at all. It's a major limitation.
- Finger feel is very similar to CVS
- Flexible directory layout & tagging
- Extremely stable development.
Subversion Bad Points:- Database & log files take up a LOT of space.
- Quite hard to share repositories
- No way to mark your branches (if you accidentally check out the directory containing your branches, you just got 50 gigs of 99.9% identical files...)
- No distributed development
- Pretty weak merging
Arch Good Points:- Extremely good distributed development
- Super easy to share repositories
- Pretty strong merging.
- Very stable development
Arch Bad Points:- Forces you to give your projects weird names ("my-project--branch-1--1.1").
- Forces each branch into a different top-level directory in your archive ("my-project--branch-2--1.1").
- Doesn't feel anything like CVS.
- Pretty slow (but they're working on it).
- Somewhat difficult to resolve merge conflicts
I wish I could love Arch because distributed development absolutely rules. I could tolerate its bizarre command set, but I simply won't accept arbitrary (and ugly) constraints on what I name my projects and branches.Verdict: I'm still using CVS. Subversion is very close to pleasing me enough to switch... I'll probably ditch CVS some time this year.
Store the recovery information outside the archive. Par2 works really well. You can configure how much redundancy you want (2% should be fine for occasional bit errors, 30% if you burn it to a CD that might get mangled, etc.). It's a work in progress, but it's already really useful.
I almost modded you funny, then I re-read your message... are you serious???
...would you name some better IDEs..?
That's easy: Early Metrowerks. Why did IDE quality peak in 1995?? An honorable mention is Think Pascal around 1989 (with TMON it was the best debugging environment ever).
Eclipse is coming close in the IDE department, but damn does it feel slow and clunky on my 2.4 GHz 512 MB RAM workstation. And all debuggers that I've seen simply suck.
That's funny. There's a MAS as well. MAS looks like the one people are starting to settle on. Time will tell...
Um, how about actually watching for cracking attempts? "My word, user jimj just tried to log in 100 times in less than 1 hour. Let's deny the IP address he's trying to log in from."
As far as I can understand, your argument boils down to "I don't like SPF because my systems are hideously insecure, I'm cool with them being used as open relays, and I don't feel like being a competent sysadmin"?
The answer is to use a VPN. You want all mail that purports to be from your domain to pass through your domain's mail servers. Always. Put your laptop on your company's network (virtually) and more problems than just this one are solved.
I haven't used it yet but the next time I need to crunch a lot of data, that's the first thing I'm going to try. The expressivity of Perl along with strong matrices and decomposition? That could be quite choice.
How did you ever get +4 insightful?? Your post has a lot of strong words and zero substance. You spend some time complaining about SPF without backing anything up. Then you offer some rather tired suggestions:
Limit email amplification.
Great. How? People have been trying to do this since the mid-90s with little success. Remember that amplification is a very valuable feature of email ("send this message to everybody in marketing").
Require one of a number of pay or auth systems for email.
Ha. There are 5 companies out there trying to do exactly this (and incidentally become the for-pay email monopoly). Do you want to start company 6? All of them are doomed to failure, of course, because they all involve a central authority.
Whitelisting
Only works in a few very contrived situations (usually involving second email addresses or non-business-critical functions). Whitelisting, if adopted globally, would largely render email worthless.
[a set of IMAP extensions for clients to query whitelists]
Now this is simply insane. It has all of the problems that SPF does (think about it: every single one, plus it's much MUCH more bandwidth intensive). Then it introduces some of its own (like, too much shared information, IMAP's poor security record, etc.). You didn't think about this one very long, did you?
So, smart guy, how about some substance? Exactly what is wrong about the SPF RFC? Be sure to use more descriptive adjectives than "dumb", "useless" and "crap".
Yeah, me too. I always hated how mostly stable XFree86 is, and how I don't have to upgrade every week to the lastest version.
When have you ever needed to upgrade to the latest version of anything? If it works, then stick with it. Unless you're a Microsoft user, of course...
I know without a doubt what the next physical medium will be for me.
Zilch.
After getting used to my 60 GB MP3 player (swapped drives on my laptop and Archos) and ripping all my music into my computer, I'll never get up to go swap a (tape/cd/fingernail speck) again.
There won't be a next physical medium.
If each lane went 5mph faster than each previous lane, and people merged well (and early), then even in the very worst traffic situations, people would be moving.
:)
Each lane 5 mph faster: good idea (as long as there are no left-hand entrances/exits).
Merge well: yes.
Merge early: wrong!
It sounds surprising but when people merge early, 3 or 4 cars from the merging lane get to pass for every car in the merged lane. The merged lane comes to a virtual standstill.
The only practical way to get a good zipper effect where an equal number of cars from each lane pass is to merge as late as you safely can.
I should do up a flash animation to show why this is true.
Vibrations are simply waves...If you have two waves if the right frequency/amplitude you can cause destructive interference, i.e., cause them to cancel.
Right. And at the very same time you're getting two waves to interfere destructively, 1/2 wavelength away, the same two waves are CONSTRUCTIVELY interfering. I.e. the sound is twice as loud.
With sound waves (depending on freq), that's usually a few inches or feet away. So, yes, you could theoretically cancel sound waves on a boat, but you'd better be alone and hold really damned still.
Noise cancelling headphones work because the headphones know exactly where your eardrum is at all times. It's easy to place the node right there.
AFAIK, nobody has gotten general-purpose active noise cancellation to work on anything larger than a set of headphones. Whoever does will make a fortune from homeowners living near highways and airports.
A year or two ago, I heard some sort of proposal to extend RFC 822 to add an additional step in processing and forwarding email to get rid of From header forging. It sounded simple and effective.
Let's say my MX is currently connected to internet host 199.199.199.199 receiving a message that the From header claims to be from "billg@microsoft.com" My machine would then query a server at microsoft.com (probably using some form of DNS) to ensure that 199.199.199.199 is indeed a server authorized to send mail as microsoft.com. If it's not, chances are very good that the message has forged headers and should be punished by SpamAssassin (or whatever).
Of all the proposals I've heard, this one is by far the most practical. Why haven't I heard anything since?
Funny -- just today I threw out the application for my voucher from the CA class action lawsuit.
In 1998, I bought a ThinkPad with Win98 installed. Apparently, this makes me eligible for $16 of Microsoft vouchers redeemable at major chains. I just needed to fill out a big honkin' form ripe for targeted marketing / mailing lists / etc. Why would they need anything more than my name and address??
The small print? By submitting the voucher I agree that Microsoft has been totally cleared of any wrongdoing and I will never pursue any other claim related to this against Microsoft in the future. For $16. Why bother?
I should have been a lawyer -- these are the only guys getting any money out of this settlement.
You know it's a sweet project when it generates IRC logs like this one.
http://www.xouvert.org/irc/2003/10/27
A sales guy at our company was insanely proud of his new cell phone (this was in 1999 -- the things were still somewhat new). He'd leave it at his desk with the annoying ringer turned all the way up, distracting our half of the office a few times each afternoon.
A friend had a dead cell phone of around the same color. We smashed the dead phone into unrecognizable pieces and took them into work. The next time the sales guy's phone went off and he wasn't at his desk, we quickly replaced his phone with the pieces, turned it off mid-ring, and banged hard on his desk a few times.
When he heard his ring cut off and the WHAM! WHAM! WHAM!, he came running. The look on his face when he saw the pieces was priceless.
And, bonus, he never left the phone at his desk any more.
This sounds like subharmonic oscillation in the inductor core used in the DC-DC converter.
It's funny that someone would think that this comment is funny.
A DC-DC converter converts one voltage (battery voltage) to another (operating voltage). They often work by converting the DC signal to AC oscillations, transforming, and then back to DC.
Subharmonic: a harmonic less than the fundamental frequency. The DC-DC converter switches at a frequency much higher than audible range so you could never hear its switching but you could hear subharmonics.
Inductor: Used to transform the AC current. An introductory electromagnetics text will describe how. Inductors are usually made of coils of wire. Transformers are just two coupled inductors.
Core: Winding the wire around an iron or more exotic core will increase the inductor's efficiency.
If there is damage (i.e. cracked inductor core), you might actually be able to hear the switching used to convert the DC voltages. The cure: replace the inductor.
Later crays cooled themselves by using a liquid containing man made blood plasma that is used in blood transfusions.
Eew, gross. No. I mean, yes, flourinert is used as a plasma SUBSTITUTE during surgery, but it's entirely synthetic.
Here's a much better bit of trivia:
You can drink flourinert. In fact, if you oxygenate it, you can actually breathe the stuff (think of The Abyss).
My numbers in the last 24 hours:
2018 Sobig.F-infected messages. ClamAV+Amavis recognized all of them and sent them straight to the Spam.SobigF folder. I never even saw them. Beautiful.
On the other hand, I've had to wade through and delete 100+ erroneous messages telling me that I sent out a virus infected mail. The hell I did. I'm being buried in these warnings and -- because there's no standard way of generating warnings -- I can't filter them!
So, yeah, if you're sending virus warnings for inbound mail, you're essentially spamming people. ME. Cut it out. Only send virus warnings to your internal users if at all.
Thank you.
I highly doubt that the legalization of marijuana is a necessary topic when there are many other topics which should be discussed.
I disagree. I don't touch the stuff myself (makes me barf), but a friend of mine is a grower/wholesaler. He owns two large industrial warehouses full of lights and plants. He takes in about $15,000 to $60,000 A MONTH. It's hellishly difficult to launder, of course, so most of his fortune sits unspendable in offshore bank accounts.
It's absolutely insane that none of this is taxed or contributes to our economy in any way. California could sure use the help.
Completely free? Really?
Why don't you try changing a single line of QMail source code and distributing your changes? Except you can't -- DJB explicitly prevents it. He's got a number of other weird clauses in there as well.
You clearly have a very different idea of free than most people. Thank goodness for Postfix!
Given that the letter was forged with Gary Kremen's stationary, a better example would be the second mechanic being handed a fake ID and being unable to determine that it was fake.
That's a terrible analogy. Letterhead != Authorized ID. It's like the second mechanic being handed a letter on the original owner's stationary, and then NOT so much as calling the original owner before letting the car go.
Hell yes you'd hold the garage accountable for the loss of the car.