Clive Feather: His position must surely be under scrutiny by the internet community.
The UK "internet community" cannot vote, assuming you mean UK internet users as the community. You can only vote in nominet elections if you are nominet member, which costs £1000+ per annum.
... Tom's Hardware found that using an original Pentium I with floating point errors for your web server would cause a mathematical error in common forum code and could lead to duplication of stories...
4 SQL servers running at hosted environment. All up, and un-affected.
2 SQL boxes in the office, which talk to remote clients, all up and un-affected.
And the SQL box at home, up and running.
Of course the fact there there's a URL beside my username should at least give you one pointer, there's a SQL server in that IP block. But if you can't even work out how to get an IP range from a URL I suggest you go back to script kiddy school.
Remember to all: This isn't about bashing Micro$oft per se, but rather bashing sysadmins who expose a database out on the net.
Actually it should be about moron admins who don't subscribe to alert lists for the software they administer, and don't apply patchs that are 5 months old.
There's no reason a database server's protocol port should ever be exposed to the public Internet!
No reason? Really? What about distributed servers taking to a central database? Desktop software that queries a remote database? Remote administration of a remote database? All legitimate reasons.
What the heck was it doing open in the first place?
Because sometimes you need to connect to SQL from somewhere outside the local LAN? For example, we have SQL passed logging services running in Sydney that connect back to a SQL server in London. Of course, inbound connections are limited to the correct address range.
If you run Microsoft SQL Server, make sure the public internet can't access it.
What a pathetic overkill response. If you're running SQL server, make sure it's patched. When the last set of bind exploits came out no-one said "Unplug all your DNS servers", why is this any different?
SQL is easy to secure, and the guidelines are well known
Make sure you do not have a blank SA password. You can either run SQL in NT authentication mode (preferred) or mixed mode. Mixed mode exposes you to password attacks.
MSDE (The desktop edition) is installed, by default with a few pieces of software, including Visio Enterprise, MacAfee's centralised virus admin thingy (hey, I've only just woken up, I can't remember the name ), FlipFactory (an automated video encoding system) and others. There is no user interface to MSDE, you'd have to install SQL tools from a "grown up" installation, then add it as a new server, then set the SA password.
Consider dropping built in stored procedures like xp_cmdshell, xp_regwrite.
Run SQL as a limited service account, not as localsystem
And of course, patch it when patches appear
Re:JVM actually has more languages than .NET (CLR)
on
The Future of Java?
·
· Score: 1
But out of those hundred or so, how many are "useful" to every day developers?
Great, there's a LOGO compiler, lets use that to write our new CRM system
But then people with Mac/*NIX/Set top boxes are cut out of the loop because MS doesn't do players for those platforms, and they won't release the codec details for others to use because then someone could code an alternative streaming server.
Media Player for the Mac, Media Player 6.4 for Solaris and Media Player for CE are all available. Don't forget Microsoft just started offering the WM9 codecs and DRM for license. If the codec is, as reported, cheaper than MPEG4, I wonder who will win that little war.
Not that anyone uses the DNS LEO entries (RFC 1876).
This allows DNS names (and thus via rDNS, IPs) to store longitude, latitude, even elevation. (I did have a nice diagram here, but the ever so shit lameness filter said I had too much whitespace). The entries themselves look like this
loiosh.kei.com. LOC 42 21 43.528 N 71 05 06.284 W 12m
kei.com. LOC 42 21 43.528 N 71 05 06.284 W 12m 30m
vrx.net. LOC 43 40 N 79 25 W 30m
But, of course, DNS on a host doesn't allow for all that stalking you can do should amihotornot start supporting this on a per URL basis....
Once your ISP allows people to test then maybe you'll get off the list of IPs that block open relay testing.
RBL results : 127.0.0.4, Test blockers: Null routed all access
So, exactly why is you, or your ISP afraid to be tested? Oh I see, your stance may be relay testing may well be illegal. Well tough. If someone turns up at your turn and asks for entry you would ask for identification. Your IPs stance in banning relay check connections is equivilant to not producing identification, but demanding entry anyway.
Until you can prove that you're not a spammer then don't expect your RBL status to change, and for those people that block on that status, you won't get through.
Also, Java isn't exactly a competitor's product; it's also an attempt at an industry-wide open standard
Java? Open standard? Step away from the crack pipe . Java isn't open. It's controlled by Sun, who refuse to release it for standardisation to ISO or ANSI. The Java "standard" is whatever Sun says it is. Hell, even the.Net framework and C# are ISO standards now but Java is not.
Nothing stupid about intertrusts designs? Bullshit.
I, and others worked for over a year with the intertrust SDKs, it never worked. Despite having Nguyen come over and try to tell us it did work, along with the tech monkeys, and dealing hand in hand with the EU intertrust teams (including the fools that left a certain development house to join intertrust), it still never worked.
The WMA packaging didn't work. The promised email DRM didn't arrive. The Office documents DRM didn't arrive.
InterTrust produced nothing but vapourware and overly broad patents.
One of the companies I used to work for signed an exclusive deal with InterTrust (marketing winning over technical - idiots), after spending 1.5 years trying to get any InterTrust technology to work, and listening to them say "Any day now", and "It will work on Win2k soon", they starting laying people off.
It never worked. So, like all internet boom companies that had ideas, but just vapourware, they are reduced to suing everyone in sight. This is one I want to see Microsoft win.
Filtering still costs... and other thoughts.
on
ISP Chief on Spam
·
· Score: 3, Informative
have it pretty bad since their SMTP servers are often being hijaaked to send email that nobody wants.
If an ISP is running an open relay, then they deserve to get highjacked. There's no excuse for that these days.
However, filtering at the SMTP level, whilst useful, still isn't a complete solution. Why not? Well
Even if you drop the connection after the HELO/EHLO, your bandwidth is still being used. A lot of spamware doesn't even cope with dropped connections, or user not found messages, and will still sit there, attempting to send, using your bandwidth.
No filtering is perfect. Either it doesn't catch enough, or it deletes too much. Simply tagging mail, and not deleting means your disk space is still being used to store the spam until your users decide what to do with it.
DNS based RBLs are wonderful. I use them (stats are at oberon.idunno.org/spam/, but how much do you trust the black list providers? Then, of course, you have people suing the black list providers, who then bow out because it's easier than mounting a defence.
"Free speech". Yes, we know free speech doesn't apply to spam, or to those of us outside the US, but the idiotic mindset of a spammer doesn't seem to realise that my private property negates their right to talk to me. And thus more legal threats begin.
So, what to do? Small ISPs will have problems. Spammers sign up with credit cards, do a spam run, and flee. So, you have the credit card number, FINE THEM. Put that in your contract.
What can be done about the big boys hosting spammers, Verio, Exodus et al? Block them at the routers.
I currently have the Mobile Real One on my Nokia phone (why no cry on slashdot to keep and to keep Real and its proprietary Real Media out of the mobile phones market?).
Unfortunately, none of the UK networks allow UDP in or out on their GPRS connections, so I can't actually stream.
As a new article is posted in a section, the front page is update to have that article in it. So whatever acrticle is newest in Technology will be in the Technology section of the front page.
Slashdot Mirror
The UK "internet community" cannot vote, assuming you mean UK internet users as the community. You can only vote in nominet elections if you are nominet member, which costs £1000+ per annum.
... Tom's Hardware found that using an original Pentium I with floating point errors for your web server would cause a mathematical error in common forum code and could lead to duplication of stories ...
Tell that to Sun : "write once, run anywhere"
4 SQL servers running at hosted environment. All up, and un-affected.
2 SQL boxes in the office, which talk to remote clients, all up and un-affected.
And the SQL box at home, up and running.
Of course the fact there there's a URL beside my username should at least give you one pointer, there's a SQL server in that IP block. But if you can't even work out how to get an IP range from a URL I suggest you go back to script kiddy school.
Actually it should be about moron admins who don't subscribe to alert lists for the software they administer, and don't apply patchs that are 5 months old.
That sounds so fucking retarded. Could it possibly be true?
No, it's not. SQL2000 has always prompted for a password. SQL2k SP3 also checks for blank passwords. You can override it however.
SQL7 didn't force you to use a password, but from SP2 up you are warned that SA is blank.
No reason? Really? What about distributed servers taking to a central database? Desktop software that queries a remote database? Remote administration of a remote database? All legitimate reasons.
Because sometimes you need to connect to SQL from somewhere outside the local LAN? For example, we have SQL passed logging services running in Sydney that connect back to a SQL server in London. Of course, inbound connections are limited to the correct address range.
If you run Microsoft SQL Server, make sure the public internet can't access it.
What a pathetic overkill response. If you're running SQL server, make sure it's patched. When the last set of bind exploits came out no-one said "Unplug all your DNS servers", why is this any different?
SQL is easy to secure, and the guidelines are well known
And of course, patch it when patches appear
But out of those hundred or so, how many are "useful" to every day developers?
Great, there's a LOGO compiler, lets use that to write our new CRM system
We already get inkjet cartridge spam and penis enlargement spam. Someone will combine the two ...
ENLARGE YOUR PENIS
With our PENIS CARTRIDGE REFILL
sob.
Media Player for the Mac, Media Player 6.4 for Solaris and Media Player for CE are all available. Don't forget Microsoft just started offering the WM9 codecs and DRM for license. If the codec is, as reported, cheaper than MPEG4, I wonder who will win that little war.
Start up Kazza (lite), start downloading a file.
Open up a command line and run netstat
You get the IPs you are downloading from clearly displayed.
Now track those IPs via RIPE, ARIN and APNIC and you know the ISP, send legal letter, then errr, profit?
Not that anyone uses the DNS LEO entries (RFC 1876).
This allows DNS names (and thus via rDNS, IPs) to store longitude, latitude, even elevation. (I did have a nice diagram here, but the ever so shit lameness filter said I had too much whitespace). The entries themselves look like this
loiosh.kei.com. LOC 42 21 43.528 N 71 05 06.284 W 12m
kei.com. LOC 42 21 43.528 N 71 05 06.284 W 12m 30m
vrx.net. LOC 43 40 N 79 25 W 30m
But, of course, DNS on a host doesn't allow for all that stalking you can do should amihotornot start supporting this on a per URL basis ....
My ass
Once your ISP allows people to test then maybe you'll get off the list of IPs that block open relay testing.
RBL results : 127.0.0.4, Test blockers: Null routed all access
So, exactly why is you, or your ISP afraid to be tested? Oh I see, your stance may be relay testing may well be illegal. Well tough. If someone turns up at your turn and asks for entry you would ask for identification. Your IPs stance in banning relay check connections is equivilant to not producing identification, but demanding entry anyway.
Until you can prove that you're not a spammer then don't expect your RBL status to change, and for those people that block on that status, you won't get through.
Also, Java isn't exactly a competitor's product; it's also an attempt at an industry-wide open standard
Java? Open standard? Step away from the crack pipe . Java isn't open. It's controlled by Sun, who refuse to release it for standardisation to ISO or ANSI. The Java "standard" is whatever Sun says it is. Hell, even the .Net framework and C# are ISO standards now but Java is not.
Which would have been in NT4.0/Windows Media 6.4 days, with DRM1 for Windows Media. So, a wait for 3 years?
I, and others worked for over a year with the intertrust SDKs, it never worked. Despite having Nguyen come over and try to tell us it did work, along with the tech monkeys, and dealing hand in hand with the EU intertrust teams (including the fools that left a certain development house to join intertrust), it still never worked.
The WMA packaging didn't work. The promised email DRM didn't arrive. The Office documents DRM didn't arrive.
InterTrust produced nothing but vapourware and overly broad patents.
It never worked. So, like all internet boom companies that had ideas, but just vapourware, they are reduced to suing everyone in sight. This is one I want to see Microsoft win.
have it pretty bad since their SMTP servers are often being hijaaked to send email that nobody wants.
If an ISP is running an open relay, then they deserve to get highjacked. There's no excuse for that these days.
However, filtering at the SMTP level, whilst useful, still isn't a complete solution. Why not? Well
So, what to do? Small ISPs will have problems. Spammers sign up with credit cards, do a spam run, and flee. So, you have the credit card number, FINE THEM. Put that in your contract.
What can be done about the big boys hosting spammers, Verio, Exodus et al? Block them at the routers.
No no, AOL centralises all the spam on the internet.
"Mr President, there seems to be a large flow in identical messages"
"Ah, must be terrorist code. Let me see it"
It says "Increase your penis size."
or
"Mr President, thousands of americans are visiting this web site every day, www.goatse.cx".....
Real.
I currently have the Mobile Real One on my Nokia phone (why no cry on slashdot to keep and to keep Real and its proprietary Real Media out of the mobile phones market?).
Unfortunately, none of the UK networks allow UDP in or out on their GPRS connections, so I can't actually stream.
Of course if you're a terrorist by running an open network, so is the US Senate... :)
Actually no.
As a new article is posted in a section, the front page is update to have that article in it. So whatever acrticle is newest in Technology will be in the Technology section of the front page.