If you want a firewall, use a firewall, not a NAT. There is a difference.
Indeed. And since most NATs include firewalls (among those serving users who are likely to be using BitTorrent in the first place), there's a decidedly nonzero chance that an app would have to reconfigure the firewall in addition to changing the NAT settings.
Which leads back to my position: the last thing I want is a P2P app opening holes in my firewall.
However, you will get better speeds if you allow incoming connections as well.
IANABTExpert, but I think that's because you'd otherwise only be able to upload to hosts that you'd previously contacted to request downloads, and BT penalizes you for the (relatively) bad connectivity. Does anyone now if that's the case?
No, thank God - at least not on Unix. The last thing you want is $random_app being able to request that your firewall open ports. While it'd be convenient, the security implications far outweigh the possible benefits.
Your browser config is screwed up, then. When I click on a.torrent file, I get a dialog box asking whether I want to save it to disk or open it with my BT client (which is the default on my system). This is the case both in Firefox and Konqueror here.
Out of curiosity, why? Whenever I click on a torrent link, Firefox opens a BT client window in much the same way that clicking on an FTP link opens an FTP client window. What's the inherent advantage of an integrated client?
It would be nice to have an optmized version of bittorrent
Yeah, because the standard Python version (btdownloadgui.py) is using 1.3% of my CPU at this instant as I download a Debian ISO at 175KB/s. I sure wish someone would port it away from a nice, garbage-collected language to one where null-terminated strings are the order of the day so that I get that down to 1.2% in exchange for a bunch of security holes.
Run along. No, really, I'm serious. That dumb idea added nothing to the conversation except an illustration of your ignorance of the entire subject.
I can feel the impending "flamebait", but that really needed to be said.
I dont' see why anyone would use a download service that's not bittorrent anymore.
...sez the guy who apparently doesn't have to contend with NAT. Torrent+IPv6 should be nearly universally convenient, but you basically have to configure a list of per-host NAT rules if you want to use it on multiple clients sharing the same IPv4 address.
See also: active vs. passive FTP. Any protocol that requires remote hosts to connect back to your client is going to make your network admins hate you.
My wife is a podiatrist and removes quite a few ingrown toenails. Wonder if she should add a "not responsible for lost data" clause to her standard waiver?
I have been known to get Debian security alerts for games from time to time, from which I infer there is some Debian guru pouring over the sources looking for security holes.
I get those too, but I don't think that many of them originate from the Debian folks. For example, I did a quick search of their bugs database to get a list of severe security issues. The first link I clicked starts with a URL pointing to a description of the problem posted at gentoo.org. That's not to say that the Debian security team doesn't audit software - I don't know that they do, but they very well might - but they certainly pull in external reports, too.
Side note: I'm not an expert at using the Debian bugtracker, so my search was almost certainly suboptimal. I just went with the first try that gave a few results.
Thanks for the interesting explanation. I'm not saying I believe it completely (in the spirit of dogged skepticism), but I hope that it was mostly accurate because it's the most hopeful thing I've read in some time.
That doesn't seem like a distribution-maintained package at all.
Is there a fundamental difference between providing a binary archive, and distributing the tools for users to automatically create exact copies of that archive?
I'm also in the moved-to-Gentoo camp, although I also use FreeBSD in a lot of places (including several desktops). I guess I like the extra configurability of source-based systems over binary Linux distros.
For example, Debian currently lets me choose between "openssh-client" version 4.1p1-4, or "ssh-krb5" version 3.8.1p1-8; I have to pick between a recent version or Kerberos support.
I still like Debian and its derivatives, but I decided that it imposed constraints that I was not personally willing to work under.
Don't even get me started on the unavailability of X.org and KDE 3.4. Although there's nothing about source-based system that makes them inherently more up-to-date, it seems like the big names (FreeBSD and Gentoo) seem to do a better job of it than the binary distros have been able to manage. Perhaps there's something to be said for supporting a relatively small number of hardware platforms. Gentoo even supports platform-specific versioning, so x86 users can play with the latest and greatest apps, even if they don't build on m68k.
To each his own, of course. Those are the reasons I made my decision, but I'm sure they're far from universal.
At this second, FreeBSD's ports collection has 13127 entries, which probably puts it close to Debian's equal by the time you weed out multiple versions of Debian packages. Is FreeBSD having the same problems, or are they handling the situation, or are they just ignoring it?
Wal-Mart sells low end crap to people who can't afford or don't want better.
...or people who don't think paying $.25 less for a tube of the same brand of toothpaste is Evil.
People that shop at Amazon are probably more affluent than your average Wal-Mart shopper - they have to have credit, a computer, and an internet connection.
The CIA's estimated that 159 million Americans had Internet access in 2002. That's probably well over 200 million today, and a huge portion of the population by any means. Since debit cards are overtaking checkbooks in popularity, Amazon accepts debit cards, and a huge percentage of Americans have the means to access Amazon, I don't think you can make much of an inference of the respective demographics based solely on your three facts.
Big Pharma has no motivation to prove the medicinal value of anything they cannot patent.
Two deadly flaws with your idea:
Even if they can't patent dandelions, they can certainly patent a method of distilling their active ingredients into standardized dosages. See also: willow bark vs. aspirin. You are perfectly free to make your own willow bark tea, but the vast majority of the population would rather buy a bottle of fungible tablets.
Your use of "Big Pharma" seems to imply that if Pfizer doesn't do the research, then no one else will either. In reality, Generic University Research Center would be thrilled to fund the Nobel prize drive of a few promising scientists. Wouldn't you like to be the professor who cures cancer with dandelions and becomes the next Hooke, Koch, or Salk - or if you're a management type, to be the guy who was signing their paychecks when they did it?
"Alternative" medicine is an oxymoron. Something is biologically active or it's not, which is also why homeopathy doesn't really exist except on the labels of tiny bottles of very expensive water.
Several important languages (eg Lisp) execute code-in-data as a matter of course. eval() isn't bad; people using eval() because it looks handy is the problem.
"What good is an address if you... cannot... resolve it?"
What on Earth would make you think that IPv6 addresses are resolved with different root nameservers?
There seems to be a lot of confusion about this issue, so let's clear it up. Here's part of one of the zones that I host DNS for.
kanga IN A 208.162.254.122 kanga IN AAAA 2001:470:1f01:224:1::2
If you try to resolve that hosts's IPv4 address, then your resolver asks one of the nameservers listed in that domain's records for the "A record" in the first line above. If you want the IPv6 address, then your resolver asks one of the exact same nameservers for the "AAAA record" in the second line.
There you have it - the entire difference between resolving IPv4 and IPv6 records for the vast majority of domains (ignoring the few A6 records floating around). People seem to think that's there's this magical parallel network floating around, but that's not the reality of the situation.
I wouldn't have put it that way, and I'm not sure if you were being sarcastic, but I pretty much agree with your statements. Salary caps? WTF does that get you, other than ensuring that the people qualified to run the systems won't be interested in doing so?
The performance of Java and the functionality of MySQL. There's a match made in hell for ya.
Seriously, do their problem domains overlap at all? Big servers with plenty of resources: Java + an ACID database. Small servers that want to be responsive at the expense of all else (like complex functionality and data integrity): PHP + MySQL. I can't imagine harnessing DB2 to PHP, and the inverse doesn't seem a whole lot more sane.
I know someone's going to pipe up and announce that they've been using PHP and an Oracle to drive their website for years, but it still just feels wrong.
Indeed. And since most NATs include firewalls (among those serving users who are likely to be using BitTorrent in the first place), there's a decidedly nonzero chance that an app would have to reconfigure the firewall in addition to changing the NAT settings.
Which leads back to my position: the last thing I want is a P2P app opening holes in my firewall.
IANABTExpert, but I think that's because you'd otherwise only be able to upload to hosts that you'd previously contacted to request downloads, and BT penalizes you for the (relatively) bad connectivity. Does anyone now if that's the case?
No, thank God - at least not on Unix. The last thing you want is $random_app being able to request that your firewall open ports. While it'd be convenient, the security implications far outweigh the possible benefits.
Your browser config is screwed up, then. When I click on a .torrent file, I get a dialog box asking whether I want to save it to disk or open it with my BT client (which is the default on my system). This is the case both in Firefox and Konqueror here.
Out of curiosity, why? Whenever I click on a torrent link, Firefox opens a BT client window in much the same way that clicking on an FTP link opens an FTP client window. What's the inherent advantage of an integrated client?
Yeah, because the standard Python version (btdownloadgui.py) is using 1.3% of my CPU at this instant as I download a Debian ISO at 175KB/s. I sure wish someone would port it away from a nice, garbage-collected language to one where null-terminated strings are the order of the day so that I get that down to 1.2% in exchange for a bunch of security holes.
Run along. No, really, I'm serious. That dumb idea added nothing to the conversation except an illustration of your ignorance of the entire subject.
I can feel the impending "flamebait", but that really needed to be said.
...sez the guy who apparently doesn't have to contend with NAT. Torrent+IPv6 should be nearly universally convenient, but you basically have to configure a list of per-host NAT rules if you want to use it on multiple clients sharing the same IPv4 address.
See also: active vs. passive FTP. Any protocol that requires remote hosts to connect back to your client is going to make your network admins hate you.
My wife is a podiatrist and removes quite a few ingrown toenails. Wonder if she should add a "not responsible for lost data" clause to her standard waiver?
Isn't it currently closer to 12 minutes?
-CURRENT has always been Sid, perhaps even before Sid existed. I remembering playing with 4-CURRENT back when I first installed 3.2.
I get those too, but I don't think that many of them originate from the Debian folks. For example, I did a quick search of their bugs database to get a list of severe security issues. The first link I clicked starts with a URL pointing to a description of the problem posted at gentoo.org. That's not to say that the Debian security team doesn't audit software - I don't know that they do, but they very well might - but they certainly pull in external reports, too.
Side note: I'm not an expert at using the Debian bugtracker, so my search was almost certainly suboptimal. I just went with the first try that gave a few results.
Thanks for the interesting explanation. I'm not saying I believe it completely (in the spirit of dogged skepticism), but I hope that it was mostly accurate because it's the most hopeful thing I've read in some time.
They make quite a few binary packages available.
That doesn't seem like a distribution-maintained package at all.
Is there a fundamental difference between providing a binary archive, and distributing the tools for users to automatically create exact copies of that archive?
For example, Debian currently lets me choose between "openssh-client" version 4.1p1-4, or "ssh-krb5" version 3.8.1p1-8; I have to pick between a recent version or Kerberos support.
I still like Debian and its derivatives, but I decided that it imposed constraints that I was not personally willing to work under.
Don't even get me started on the unavailability of X.org and KDE 3.4. Although there's nothing about source-based system that makes them inherently more up-to-date, it seems like the big names (FreeBSD and Gentoo) seem to do a better job of it than the binary distros have been able to manage. Perhaps there's something to be said for supporting a relatively small number of hardware platforms. Gentoo even supports platform-specific versioning, so x86 users can play with the latest and greatest apps, even if they don't build on m68k.
To each his own, of course. Those are the reasons I made my decision, but I'm sure they're far from universal.
At this second, FreeBSD's ports collection has 13127 entries, which probably puts it close to Debian's equal by the time you weed out multiple versions of Debian packages. Is FreeBSD having the same problems, or are they handling the situation, or are they just ignoring it?
Indeed:
Wal-Mart sells low end crap to people who can't afford or don't want better.
...or people who don't think paying $.25 less for a tube of the same brand of toothpaste is Evil.
People that shop at Amazon are probably more affluent than your average Wal-Mart shopper - they have to have credit, a computer, and an internet connection.
The CIA's estimated that 159 million Americans had Internet access in 2002. That's probably well over 200 million today, and a huge portion of the population by any means. Since debit cards are overtaking checkbooks in popularity, Amazon accepts debit cards, and a huge percentage of Americans have the means to access Amazon, I don't think you can make much of an inference of the respective demographics based solely on your three facts.
Two deadly flaws with your idea:
"Alternative" medicine is an oxymoron. Something is biologically active or it's not, which is also why homeopathy doesn't really exist except on the labels of tiny bottles of very expensive water.
Several important languages (eg Lisp) execute code-in-data as a matter of course. eval() isn't bad; people using eval() because it looks handy is the problem.
3. 1999 called and wants its "high return of mutual funds" back. Actually, so do I.
You had me until this sentence:
What on Earth would make you think that IPv6 addresses are resolved with different root nameservers?
There seems to be a lot of confusion about this issue, so let's clear it up. Here's part of one of the zones that I host DNS for.
If you try to resolve that hosts's IPv4 address, then your resolver asks one of the nameservers listed in that domain's records for the "A record" in the first line above. If you want the IPv6 address, then your resolver asks one of the exact same nameservers for the "AAAA record" in the second line.
There you have it - the entire difference between resolving IPv4 and IPv6 records for the vast majority of domains (ignoring the few A6 records floating around). People seem to think that's there's this magical parallel network floating around, but that's not the reality of the situation.
I wouldn't have put it that way, and I'm not sure if you were being sarcastic, but I pretty much agree with your statements. Salary caps? WTF does that get you, other than ensuring that the people qualified to run the systems won't be interested in doing so?
Why not take Zope for a spin?
Uh-huh.
The performance of Java and the functionality of MySQL. There's a match made in hell for ya.
Seriously, do their problem domains overlap at all? Big servers with plenty of resources: Java + an ACID database. Small servers that want to be responsive at the expense of all else (like complex functionality and data integrity): PHP + MySQL. I can't imagine harnessing DB2 to PHP, and the inverse doesn't seem a whole lot more sane.
I know someone's going to pipe up and announce that they've been using PHP and an Oracle to drive their website for years, but it still just feels wrong.