I think it is a smart move to just go with the "bumpy" Klingon design.
Yeah, but how do you reconcile that with the DS9 version of "Trouble with Tribbles?" where it's outright said that TNG klingons don't look like TOS ones?
This guy is woefully misinformed, and completely stupid.
Anyone who is subscribed to Bugtraq knows that eEye has already responded to him, and the bottom line is that Code Red is not based (in any small part) on the eEye security bulletin.
This proves that the guy is completely wrong.. because Code Red wasn't based on the eEye bulletin, that means that the "black hats" already knew about the vulnerability.
Like scientists, security professionals rely on an existing body of work. If the only people who had access to this body was the vendors, it would slow down the white hats, making the entire situation worse, not better.
Is the slack CD just another of those fancy 'I wanna install Linux' installs or can I do whatever I want?
Slack allows you to do whatever you want.
When selecting packages (in expert mode) the text goes something like "Packages marked with an asterisk are required for your system to run. however, it IS your system..."
If you know what you're doing, you can even install slack without the installer - the packages are split into categories (base, games, X, KDE, Gnome, network, development, etc...) you can just tar -xvzf the files onto a new partition or subdir (if, for example, you're creating a root NFS for diskless terminals)
This is the main reason that Slack is my distro of choice..
It's an arbritrary-length math library, allowing for (more or less) unlimited length numbers. From the webpage:
GMP is a free library for arbitrary precision arithmetic, operating on signed integers, rational numbers, and floating point numbers. There is no limit to the precision except the ones implied by the available memory in the machine GMP runs on.
'Net-enabled features' is vague, but it doesn't say 'everything to do with the Internet'.
That's the whole point.
You can probably make an educated guess as to what 'Net-enabled features' means - but 99% of the computer-buying public (ie. the very users that MS is targeting) won't. They will read that, and assume that they need Passport to USE the internet (after all, it came up when they told the computer that they wanted to use the internet.)
When I see crap like this, I am immediately reminded of the phrase "replace the word 'internet' with the word 'telephone', and see if it still makes sense."
What they fail to realise is that the internet is a communications medium. Just like the telephone.
The two have remarkable similarities: they are both large-scale networks, designed to facilitate information flow across large or small distances. (In fact the only real technical difference is that the telephone was designed to transmit sound, and the internet was designed to transmit data.)
When someone says "How do you make money off the internet?" - just replace that with "How do you make money off the telephone?"
Try it with this article - once you put everything in context, you'll see just how stupid the quotes are.
Now this sounds kind of suspicious. Does anyone have any actual konwledge of what they can do?
Yes, this has shown up on/. a couple of times..
I read an independant review that said they were full of it. The reviewer took a couple of hundred images (some porn, some not porn), had a perl script rename them to a random filename, and ran their software on it. The result was that it had a less than 1% success rate.
Using obsurity as a security method does hurt your security, because it provides a false sense of security..
In his example (hiding the port your IIS server is running on) - it may protect you from a script kiddie. By hiding the port number, you might think "oh, it's unlikely that someone will find this." - which is a very bad thing, because if it's there, someone will.
Obscurity is ALWAYS a bad thing, because it leads to a false sense of security.
One other nitpick is that keeping a password secret isn't obscurity - it's a method of authentication. (I am me because I know my password.) Obscurity is hiding the existence of something.
Not only should the test be "blind", but it should also include the original (uncompressed) recording as one of the samples, to ensure the impartiality of the listeners.. (Just think, if someone said that the original sounded the worst, how much stock would you put into the rest of their ratings?)
When I first started using MAPS (circa Sendmail 8.8), I wanted to use both the DUL and the RBL.. unfortuately, there was no documentation on configuring Sendmail to use both (it was one or the other, and I'm not enough of a sendmail.cf guru to figure it our for myself..)
So I contacted MAPS, and asked them if they offered a "combined" list - I got a polite reply saying that they would be doing that in the future, but it would be a for-pay service.. but they happily included instructions on how to make sendmail use both lists...
Now, when I got this letter, I said "This is great - I would happily pay a small fee for this service."
Then they released their pricing structure, and I was shocked.. it was completely unrealistic.. it would cost more to subscibe to the RBL+ than spam costs us in bandwidth..
It's quite simple now - MAPS has priced itself out of the market. I am willing to pay for the service, but not what MAPS is charging.
It is now cheaper for us to receive spam than to block it. How twisted is that?
Speaking from a Unix-only background, I think that storing the data at the server is a good idea, from the point of view of portability.
99% of everything I do is stored in a central place - because I'm guaranteed that nomatter where I am, I have access to it. When I'm at home, I SSH into my work machine, and run a remote X session - I hence have access to all my email, bookmarks, works in progress, etc.
I set this up at home, too (for my wife, who uses windows exclusively).. I install the Netscape profile on a shared drive on my home server.. much to the delight of my wife when her HD got toasted.. "Oh, you mean I can just use your computer, and I don't lose any of my email or address books? That's Amazing!"
I do however, agree with you to a point - the problem is not the idea (storing the data in a central place), but the implementation - not keeping a backup; one stored on the local drive, as in your example, would be ideal..
Not every software company has this implementation problem, though - IIRC, Diablo2 keeps a copy of your Realm character on your local HD, in case of corruption at the central server
OK, I haven't checked out the numbers for Cable, but I provision DSL for a living, and your numbers are WAY out of whack.. As a note, I have a cable modem at home, and the best I can get is 1.8Mbps.
DSL bandwidths are typically in the range of 144kbps-1.5Mbs
All the gear that I've used (Paradyne, Cisco, and 3COM) goes from 512Kbps to 8Mbps, depending on distance to the CO. That's quite a difference from your numbers. We only do business accounts (no bandwidth cap), but the local telco here caps "residential" accounts at 4Mbps.
I realize that you're just making a generalization (and that you know that it's a generalization,) but I've never seen DSL gear that has a max. speed of 1.5Mbps; Can you tell me which equipment you're quoting?
Here's an idea.. turn off IdentD lookups on your machine.. (ie. with WuFTPD, it's the -I command line switch - but you're not running WuFTPD, are you?:o)
It won't stop morons who complain about active FTP sessions, but it should cut down on the Ident lookup complaints.. (Do you really need Ident info anyway?)
It must be rather obvious to everyone that Japan has invented, created and developed many things.
It's not obvious to me. Can you give some examples of the inventions that have come out of Japan in the last 100 years?
The way I see it, Japan is good at taking existing inventions, and making them better - not at inventing them in the first place.
Some examples that come to mind are Television, IC's (or computers in general), and telephones (any sort of telecommunications).. these were all invented in the west, but are typically manufactured in Asia.. Even the Walkman (arguably the biggest invention to come from Sony) is just taking an existing product and making it portable..
Can you give me some examples of Japanese inventions?
Suppose you had a server in another office (maybe in another town) and one of the "helpful" office people decides that he doesn't like the brand of network card installed, so he replaces it with one of his own..
You come in on Monday morning, and everybody is screaming at you because the server will no longer talk to the network..
It's nice to be able to dial in (you do have a modem in those remote machines, right?) do a dmesg and look for notification that the driver was loaded properly..
Now, I know this isn't a (hugely) likey possibility, but there has been more than one occasion when I've needed to know what was in a remote box, and checking dmesg remotely was MUCH faster than physically going to the box.
It's just an example of a good reason to keep the information available somewhere (/proc isn't very good for this, because it tells you what's happening now, but it won't tell you what happened while the machine was booting.)
Who's to say that it's not a 1 PPM problem that won't affect the system again for another hour/day/month/year? Once the packets are flowing again, then you can relax and take the time to root cause the problem and fix it.
And who's to say that the problem that's being experienced will be fixed by a reboot?
We had a server running, one of the things it did was SMB sharing - one of the drives (the one dedicated to non-critical SMB shares, in fact) died.. This box was doing MUCH more than SMB - it was also our internal DHCP, and DNS server
I was out, and one of our MS guys decided "I don't know what all these error messages mean, but I can't see my windows drives, so I'll just reboot it." Because the drive was dead, the machine wouldn't boot. He took the WHOLE DAMN DEPARTMENT OUT - nobody had DNS, and when people's windows machines stopped working, the solution was (guess what?) REBOOT them - so THEY stop talking to the network altogether.
Now, the kicker is that the drives in this machine were hot pluggable. If the reboot hadn't happened, I could have swapped in a new drive, restored from last night's tape backup, and people could have continued working. Instead, because the machine was rebooted the whole department was down for several hours.
The mantra stands - REBOOTING WILL NOT FIX THE PROBLEM. And if you reboot before you know what the problem is, then not only don't you know if it will help at all, but you also don't know if it will make the situation worse.
sometimes getting back online as fast as possible is more important.
That's the trap - there is no guarantee that rebooting will do this - and you might just be screwing it even worse.
Getting back online as fast as possible involves solving the problem first - REBOOTING WILL NOT FIX THE PROBLEM.
it may have resolved the problem for a short while
Even though you think you're saying the opposite of what I said, you've hit the nail squarely on the head - rebooting never fixes any problem.
It may temporarily fix the symptom, but the problem is still there.
It is possible for routers, Linux boxes, etc to crash.
Yes, it is. But if they crash, it's for a reason - perhaps there is a bug in the configuration, or firmware; or perhaps it's hardware.. but what's important is that rebooting will not actually fix the problem, all it will do is temporarily alleviate the symptom.
If the problem is with the configuration, then you fix the configuration. If there is a bug in your software, you fix that. If it's hardware, you replace the faulty hardware. If it's firmware, you upgrade the firmware (or replace the unit with a different model, from a manufacturer who actually does quality testing.)
But you do not just blindly reboot - if a reboot is required, you do it after you've discovered WHY the machine has crashed, and you've fixed it. Once again, the mantra is "Rebooting will not fix the problem."
shouldn't such a big, expensive piece of HW have at least some non-volatile storage?
Usually not. I'd guess that it's because a HD would become a potential source of failure (mechanical parts tend to wear out before non-mechanical ones.)
Minimum it should log to a separate box that does have a disk drive
Yes. Every "real" router I've seen has the option of logging to a remote syslog. (I LOVE standards:o)
But, says Yazz, "Since the Cisco was rebooted there were no logs to look at."
You fell into the classic "Windows" trap.. this is what I tell the Jr. tech guys here when one of the servers goes wonky: "If it doesn't work, there is a reason; something is wrong. Rebooting will not fix the problem."
They usually respond with "but I didn't know what else to do."
To which I answer "Repeat after me - REBOOTING WILL NOT FIX THE PROBLEM."
"But I didn't know what else to do."
"Then call someone who does - REBOOTING WILL NOT FIX THE PROBLEM."
I think it is a smart move to just go with the "bumpy" Klingon design.
Yeah, but how do you reconcile that with the DS9 version of "Trouble with Tribbles?" where it's outright said that TNG klingons don't look like TOS ones?
Its impossible to "arrest an employer"
Bullshit.
An "employer" can be a person, just as easily as it can be a corporation.
In the case of it being a corp, you arrest the board of directors, or the owner, or whoever is in charge. Simple.
In fact, the president of Elcomsoft (Alexander Katalov) came to the conference with Dmitry, and yet he wasn't arrested.
So again, they haven't arrested his employer.
Why is slashdot giving wind to this troll?
This guy is woefully misinformed, and completely stupid.
Anyone who is subscribed to Bugtraq knows that eEye has already responded to him, and the bottom line is that Code Red is not based (in any small part) on the eEye security bulletin.
This proves that the guy is completely wrong.. because Code Red wasn't based on the eEye bulletin, that means that the "black hats" already knew about the vulnerability.
Like scientists, security professionals rely on an existing body of work. If the only people who had access to this body was the vendors, it would slow down the white hats, making the entire situation worse, not better.
Please do not feed this troll.
Sklyarov isn't charged with breaking the encryption ... but standing on US soil telling people what he had discovered. ... I don't see the problem.
Go back and re-read that..
Then if you STILL don't see a problem, go read the US constitution (don't worry, you don't have to read the whole thing, just the first part.)
He was arrested for telling people what he had discovered.. now, correct me if I'm wrong, but doesn't the First Amendment allow freedom of speech?
The Gentleman's Dagger looks pretty cool, but damn! $200US Ouch
The site is slashdotted, but $200 is not that much for a hand-made dagger.
I've bought a few (collectors) knives in my time, and the cheap ones (from United Cutlery, which makes sheer crap) start at $100US.
For something hand-made, $200 sounds pretty cheap.
Is the slack CD just another of those fancy 'I wanna install Linux' installs or can I do whatever I want?
Slack allows you to do whatever you want.
When selecting packages (in expert mode) the text goes something like "Packages marked with an asterisk are required for your system to run. however, it IS your system..."
If you know what you're doing, you can even install slack without the installer - the packages are split into categories (base, games, X, KDE, Gnome, network, development, etc...) you can just tar -xvzf the files onto a new partition or subdir (if, for example, you're creating a root NFS for diskless terminals)
This is the main reason that Slack is my distro of choice..
It's an arbritrary-length math library, allowing for (more or less) unlimited length numbers. From the webpage:
More info is available at http://www.swox.com/gmp/
'Net-enabled features' is vague, but it doesn't say 'everything to do with the Internet'.
That's the whole point.
You can probably make an educated guess as to what 'Net-enabled features' means - but 99% of the computer-buying public (ie. the very users that MS is targeting) won't. They will read that, and assume that they need Passport to USE the internet (after all, it came up when they told the computer that they wanted to use the internet.)
This is exceptionally scary.
Reminds me of the Golgafrinchans, after they've started colonizing earth, when they decide to invent the wheel.
"But it won't work - it's not round!"
"Bah - that's minor - the important questions are what color should it be? How big? Boy, you really don't know anything about marketing, do you?"
When I see crap like this, I am immediately reminded of the phrase "replace the word 'internet' with the word 'telephone', and see if it still makes sense."
What they fail to realise is that the internet is a communications medium. Just like the telephone.
The two have remarkable similarities: they are both large-scale networks, designed to facilitate information flow across large or small distances. (In fact the only real technical difference is that the telephone was designed to transmit sound, and the internet was designed to transmit data.)
When someone says "How do you make money off the internet?" - just replace that with "How do you make money off the telephone?"
Try it with this article - once you put everything in context, you'll see just how stupid the quotes are.
Now this sounds kind of suspicious. Does anyone have any actual konwledge of what they can do?
/. a couple of times..
Yes, this has shown up on
I read an independant review that said they were full of it. The reviewer took a couple of hundred images (some porn, some not porn), had a perl script rename them to a random filename, and ran their software on it. The result was that it had a less than 1% success rate.
.. And it circumvents his whole argument..
Using obsurity as a security method does hurt your security, because it provides a false sense of security..
In his example (hiding the port your IIS server is running on) - it may protect you from a script kiddie. By hiding the port number, you might think "oh, it's unlikely that someone will find this." - which is a very bad thing, because if it's there, someone will.
Obscurity is ALWAYS a bad thing, because it leads to a false sense of security.
One other nitpick is that keeping a password secret isn't obscurity - it's a method of authentication. (I am me because I know my password.) Obscurity is hiding the existence of something.
Not only should the test be "blind", but it should also include the original (uncompressed) recording as one of the samples, to ensure the impartiality of the listeners.. (Just think, if someone said that the original sounded the worst, how much stock would you put into the rest of their ratings?)
The article was pure fluff.
OK, I use the MAPS DUL.
When I first started using MAPS (circa Sendmail 8.8), I wanted to use both the DUL and the RBL.. unfortuately, there was no documentation on configuring Sendmail to use both (it was one or the other, and I'm not enough of a sendmail.cf guru to figure it our for myself..)
So I contacted MAPS, and asked them if they offered a "combined" list - I got a polite reply saying that they would be doing that in the future, but it would be a for-pay service.. but they happily included instructions on how to make sendmail use both lists...
Now, when I got this letter, I said "This is great - I would happily pay a small fee for this service."
Then they released their pricing structure, and I was shocked.. it was completely unrealistic.. it would cost more to subscibe to the RBL+ than spam costs us in bandwidth..
It's quite simple now - MAPS has priced itself out of the market. I am willing to pay for the service, but not what MAPS is charging.
It is now cheaper for us to receive spam than to block it. How twisted is that?
Speaking from a Unix-only background, I think that storing the data at the server is a good idea, from the point of view of portability.
99% of everything I do is stored in a central place - because I'm guaranteed that nomatter where I am, I have access to it. When I'm at home, I SSH into my work machine, and run a remote X session - I hence have access to all my email, bookmarks, works in progress, etc.
I set this up at home, too (for my wife, who uses windows exclusively).. I install the Netscape profile on a shared drive on my home server.. much to the delight of my wife when her HD got toasted.. "Oh, you mean I can just use your computer, and I don't lose any of my email or address books? That's Amazing!"
I do however, agree with you to a point - the problem is not the idea (storing the data in a central place), but the implementation - not keeping a backup; one stored on the local drive, as in your example, would be ideal..
Not every software company has this implementation problem, though - IIRC, Diablo2 keeps a copy of your Realm character on your local HD, in case of corruption at the central server
OK, I haven't checked out the numbers for Cable, but I provision DSL for a living, and your numbers are WAY out of whack.. As a note, I have a cable modem at home, and the best I can get is 1.8Mbps.
DSL bandwidths are typically in the range of 144kbps-1.5Mbs
All the gear that I've used (Paradyne, Cisco, and 3COM) goes from 512Kbps to 8Mbps, depending on distance to the CO. That's quite a difference from your numbers. We only do business accounts (no bandwidth cap), but the local telco here caps "residential" accounts at 4Mbps.
I realize that you're just making a generalization (and that you know that it's a generalization,) but I've never seen DSL gear that has a max. speed of 1.5Mbps; Can you tell me which equipment you're quoting?
Here's an idea.. turn off IdentD lookups on your machine.. (ie. with WuFTPD, it's the -I command line switch - but you're not running WuFTPD, are you? :o)
It won't stop morons who complain about active FTP sessions, but it should cut down on the Ident lookup complaints.. (Do you really need Ident info anyway?)
It must be rather obvious to everyone that Japan has invented, created and developed many things.
.. these were all invented in the west, but are typically manufactured in Asia.. Even the Walkman (arguably the biggest invention to come from Sony) is just taking an existing product and making it portable..
It's not obvious to me. Can you give some examples of the inventions that have come out of Japan in the last 100 years?
The way I see it, Japan is good at taking existing inventions, and making them better - not at inventing them in the first place.
Some examples that come to mind are Television, IC's (or computers in general), and telephones (any sort of telecommunications)
Can you give me some examples of Japanese inventions?
Now, I know this isn't a (hugely) likey possibility, but there has been more than one occasion when I've needed to know what was in a remote box, and checking dmesg remotely was MUCH faster than physically going to the box.
It's just an example of a good reason to keep the information available somewhere (/proc isn't very good for this, because it tells you what's happening now, but it won't tell you what happened while the machine was booting.)
Dupont is developing "Sonora"- a stretch resistant fiber that can compete with polyester but isn't 100% petroleum-based.
Oh good. That's JUST what the world needs - a way to make environmentally-friendly leisure suits.
Who's to say that it's not a 1 PPM problem that won't affect the system again for another hour/day/month/year? Once the packets are flowing again, then you can relax and take the time to root cause the problem and fix it.
And who's to say that the problem that's being experienced will be fixed by a reboot?
We had a server running, one of the things it did was SMB sharing - one of the drives (the one dedicated to non-critical SMB shares, in fact) died.. This box was doing MUCH more than SMB - it was also our internal DHCP, and DNS server
I was out, and one of our MS guys decided "I don't know what all these error messages mean, but I can't see my windows drives, so I'll just reboot it." Because the drive was dead, the machine wouldn't boot. He took the WHOLE DAMN DEPARTMENT OUT - nobody had DNS, and when people's windows machines stopped working, the solution was (guess what?) REBOOT them - so THEY stop talking to the network altogether.
Now, the kicker is that the drives in this machine were hot pluggable. If the reboot hadn't happened, I could have swapped in a new drive, restored from last night's tape backup, and people could have continued working. Instead, because the machine was rebooted the whole department was down for several hours.
The mantra stands - REBOOTING WILL NOT FIX THE PROBLEM. And if you reboot before you know what the problem is, then not only don't you know if it will help at all, but you also don't know if it will make the situation worse.
sometimes getting back online as fast as possible is more important.
That's the trap - there is no guarantee that rebooting will do this - and you might just be screwing it even worse.
Getting back online as fast as possible involves solving the problem first - REBOOTING WILL NOT FIX THE PROBLEM.
Would this even be worth the effort?
Short answer: Yes.
Long answer: Yes, it's ALWAYS worth the effort.
Setting up a remote syslog takes all of 20 minutes and a spare box. It's trivial, even without considering the payoff.
it may have resolved the problem for a short while
Even though you think you're saying the opposite of what I said, you've hit the nail squarely on the head - rebooting never fixes any problem.
It may temporarily fix the symptom, but the problem is still there.
It is possible for routers, Linux boxes, etc to crash.
Yes, it is. But if they crash, it's for a reason - perhaps there is a bug in the configuration, or firmware; or perhaps it's hardware.. but what's important is that rebooting will not actually fix the problem, all it will do is temporarily alleviate the symptom.
If the problem is with the configuration, then you fix the configuration. If there is a bug in your software, you fix that. If it's hardware, you replace the faulty hardware. If it's firmware, you upgrade the firmware (or replace the unit with a different model, from a manufacturer who actually does quality testing.)
But you do not just blindly reboot - if a reboot is required, you do it after you've discovered WHY the machine has crashed, and you've fixed it. Once again, the mantra is "Rebooting will not fix the problem."
shouldn't such a big, expensive piece of HW have at least some non-volatile storage?
:o)
Usually not. I'd guess that it's because a HD would become a potential source of failure (mechanical parts tend to wear out before non-mechanical ones.)
Minimum it should log to a separate box that does have a disk drive
Yes. Every "real" router I've seen has the option of logging to a remote syslog. (I LOVE standards
I laughed out loud when I read this:
But, says Yazz, "Since the Cisco was rebooted there were no logs to look at."
You fell into the classic "Windows" trap.. this is what I tell the Jr. tech guys here when one of the servers goes wonky: "If it doesn't work, there is a reason; something is wrong. Rebooting will not fix the problem."
They usually respond with "but I didn't know what else to do."
To which I answer "Repeat after me - REBOOTING WILL NOT FIX THE PROBLEM."
"But I didn't know what else to do."
"Then call someone who does - REBOOTING WILL NOT FIX THE PROBLEM."