And I thought space was clouded with tons of foreign objects? How do you avoid collision with those objects? How will a collison affect the structure and safety of the elevator? What will be the cost? Will it be a global effort? If Americans build it with their tax money, does that mean that none Americans will pay 5x the price a normal American will pay? Yada yada yada...
had an annoying magpie bbs with restricted access running on top of a unix shell. by getting into one of the help menu, it asks you for help section you want to view. "section ; (export TERM=vt100 ;/bin/csh)" pretty trival, this is not even worthy to be called a bug, it is just plain stupidty to trust user input in commands.
//QUOTE
These "format string" vulnerabilities started surfacing about two months ago, said Elias Levy, a moderator of the Bugtraq computer security mailing list. Some of them have lurked for years in basic Unix programs, but security experts only now have begun to find and fix them.
To take advantage of a format string vulnerability, an attacker gets a computer to display a string of text characters with formatting commands. By carefully manipulating the formatting commands, the attacker can trick the computer into running a program.
"Format string bugs are the new trend in computer security vulnerabilities," said Ivan Arce, president of Argentinian security company Core SDI and discoverer of the "locale" format string vulnerability that became public last Friday. "
//QUOTE ENDS
This is so F sad, cuz this is as old as UNIX, ie,
gets(foo);
sprintf(...);
system(foo);
This was exploited in late 70's and 80's, lol, my first penetration of a box to use gopher! was using this in early 90's. anyway, talk about misinformation.
Well, Use a CMM Certified company that is on a level of 3 or above. Make sure the company uses staged delivery model, and have like 4 stages. If the first stage is late. alert! If the second stage is late. MAJOR ALERT! now, if they are just a week or few late, that is okay, but if major late. Cancel and bail
You are dead wrong my friend.
Google uses python for their crawlers.
Crystal Space uses python for their Crystal Space 3D Engine
RealNetworks uses python.
MCI Worldcom internal frame relay configuratin and provision suite uses python.
Caligari Corporation uses python for truespace. you know the 3d modeling and animiation tool?
IBM east fiskill uses python, they use it to create business practice logic for factory tool control applications. Used at the Micrus semiconductor plant in East Fishkill.
Have you heard of HKS? They guys who created ABAQUS/CAE? all mech engineering have. They have incorporated python into their finite element analysis program.
The freaks at LANL are using python to control large-scale physics codes on massively parallel supercomputers, yada yada yada.
The ISDN BRI OA&M group at Nortel uses python as its offical scripting language for CGI applications.
Yahoo uses pythons.
Redhat uses python for its install procedure.
NASA Johnson space center uses python in its integrated planning system as the standard scripting language. Efforts are underway to develop a modular collection of tools for assisting shuttle pre-mission planning and to replace older tools written in PERL and shell dialects. Python will also be installed in the new Mission Control center.
LLNL uses python.
egroups.com is implemented in PURE python.
Infoseek uses python, most of their program is done in python. 11k lines of python code, and user interface in 17,000 lines of python-scripted html templates.
ILU by Xerox lab, the CORBAish OIS supports python.
There are tons of people using python. We don't see little of it, you are just ignorant!
I am serious sick of hearing that every license in the world does not confirm to the GPL. Is this just me? Please, please, for the sake of mankind, would you guys please stop. I use to love free software and open source prior to it's popularity. There was no politics, and even if there was, it wasn't serious. I don't come to slashdot to become depressed, but to be enlightened.
I am so sad at how most of course can easily talk, but when it comes down to taking actions. Can't. After the one-click patent thingy, Everyone was yelling, boycott Amazon! Vote with your money! Since then, I have actually done so. I have never purchased a single item from them! I use their site, to checkout books, perhaps read user reviews, but when it comes down to buying, I find other sites. I am just curious to how many people are still maintaining their boycott?
I have never used Debian, but I run Slackware, Suse, Redhat, Solaris, Free|Net|Open BSD, HPUX, la la la.
But this article is full of shit. Default Installation is not a security hole. Calling / partiton
and swap partition a weakness cuz they are default is just wrong. Most people using linux today, are
single users. Anyone smart enough to be setting up linux for multiple users is usually smart enough
to partition the drives easily. The default password is crypt? How is this a security hole? This has
been the default, and I will really be ticked off if it was default of MD5 or some other better scheme.
Unless the Unix community adopts a new standard, crypt should remain the standard, Solaris, HPUX, they all
use crypt, not MD5. Default internet services are enabled, again this is nothing new, sure they should
be disabbled, but still, can this goon tell me the security holes in them? It is very amusing that he
mentions that gnuplot needs to be installed setuid root. Has gnuplot being audited for security bugs? How
can he make such stupid comments? First of all, there is X version of gnuplot, and I believe that is what
a user who needs to use gnuplot needs it for. No suid needed! Exim (if configured during install) gives
you the OPTION to use the RBL. What is the freaking problem? It gives you the option, if RBL is not working,
you have the option, and Exim is not debian. It is a package. Home directorys are mode 755 by default and
the default umask is 022, what again is the freaking problem? The only valid point I see him making is that
dpkg does not have a signing support. He blahs about LILO, if someone has physical access to your box, you are
owned!!! unless you are using crypto filesystem. Now, if he has bothered to check the CHANGELOGs he will notice
that security patches have been applied. This is a troll article.
Yes, but you don't just worry about the software you use, you also worry about the people you communicate, if someone is using the "trojaned" version and sends you an encrypted document, it is good as plaintext since someone could have intercepted the secret message as well. All versions of this software need to be secure and trusted. Not just the version you use.
With FPGA, we can have reconfigurable motherboards, and such. Imagine your motherboard and cpu reconfiguring themselves to perform better for a graphics application? or perhaps a network application? or perhaps for a crypto application. Sadly, all I keep seeing is papers saying it will be done.
This is freaking annoying!!!! Why a new distribution or gaming? Why not improve and make RedHat that distribution? First of all, everyone knows Linux share will increase once gaming is popular, so why would they work on a different distribution from RedHat? Tommorrow, I guess they will start a new distribution just for web browsing. Anyway, My problem is that if this distribution they plan on goes well, It will kill Redhat, so what will happen? They will try to integrate them probably then! A whole new mess, so I hope they fix this small but big booboo they are about to make. We have enough linux distribution as is.
Re:Just what my toaster and coffee maker need!
on
Microcontroller Linux
·
· Score: 1
What is actually interesting, is how easier it is to type "make coffee -strenght 10 -cups 3" than go to your kitchen and do it manually! Woah, I finally see why coffee maker might need an OS!
I would expect slashdot to provide URL to informations readily available on the web, it is common pratice today. More information is available from http://www.vorbis.com/
A standard desktop will be good, but what needs to go into that is solid research in how humans use GUI. Look at KDE and Gnome, they are very good, but how much research went into them? Even apple and microsoft haven't done their research. They only people who I know have done serious research into UI is Xerox, and this was in the late 70's which is why they had an amazing GUI at that period, imagine if we had kept up on research! Sadly, everyone just wants to make money today at all cost.
We've got plenty of them already. 386/BSD. BSDI. IRIX. HPUX. AIX. SunOS. Each has its backers.
But blah blah blah blah, more people would rather pay for blah blah (and upgrade every 2 years), than use an alternate free product.
Look where Linux is today, look how wrong those people are, give chance to new things, we have to keep trying till we get it right, just because the others failed doesn't mean the next will succeed.
These companies might not contribute any code, but their support is worth a lot more than code!!!
If the Linux community will write code, and these companies will support and stand behind it, that is great news and good enough for me!!!
I am sorry to say so, but you are wrong. The PsOne (handheld playstation) is very bulky for a handheld, it is bigger than your average portable CD player, it doesn't come with a screen. You have to purchase it. The cost + the screen is over kill. The battery life is a joke. The gameboy is doing well because Nintendo has been very smart. Look at atari lynx and the handheld sega, they had superior technology and color, but their battery life sucked, they were bigger than gameboy. In the world of handhelds, battery life + smaller size is what reigns. The same reason why palm pilot is a success.:-)
Slashdot Mirror
And I thought space was clouded with tons of foreign objects? How do you avoid collision with those objects? How will a collison affect the structure and safety of the elevator? What will be the cost? Will it be a global effort? If Americans build it with their tax money, does that mean that none Americans will pay 5x the price a normal American will pay? Yada yada yada...
had an annoying magpie bbs with restricted access running on top of a unix shell. by getting into one of the help menu, it asks you for help section you want to view. "section ; (export TERM=vt100 ; /bin/csh)" pretty trival, this is not even worthy to be called a bug, it is just plain stupidty to trust user input in commands.
Bahahahahahaha
//QUOTE
These "format string" vulnerabilities started surfacing about two months ago, said Elias Levy, a moderator of the Bugtraq computer security mailing list. Some of them have lurked for years in basic Unix programs, but security experts only now have begun to find and fix them.
To take advantage of a format string vulnerability, an attacker gets a computer to display a string of text characters with formatting commands. By carefully manipulating the formatting commands, the attacker can trick the computer into running a program.
"Format string bugs are the new trend in computer security vulnerabilities," said Ivan Arce, president of Argentinian security company Core SDI and discoverer of the "locale" format string vulnerability that became public last Friday. "
//QUOTE ENDS
This is so F sad, cuz this is as old as UNIX, ie,
gets(foo);
sprintf(...);
system(foo);
This was exploited in late 70's and 80's, lol, my first penetration of a box to use gopher! was using this in early 90's. anyway, talk about misinformation.
Well, Use a CMM Certified company that is on a level of 3 or above. Make sure the company uses staged delivery model, and have like 4 stages. If the first stage is late. alert! If the second stage is late. MAJOR ALERT! now, if they are just a week or few late, that is okay, but if major late. Cancel and bail
You are dead wrong my friend.
Google uses python for their crawlers.
Crystal Space uses python for their Crystal Space 3D Engine
RealNetworks uses python.
MCI Worldcom internal frame relay configuratin and provision suite uses python.
Caligari Corporation uses python for truespace. you know the 3d modeling and animiation tool?
IBM east fiskill uses python, they use it to create business practice logic for factory tool control applications. Used at the Micrus semiconductor plant in East Fishkill.
Have you heard of HKS? They guys who created ABAQUS/CAE? all mech engineering have. They have incorporated python into their finite element analysis program.
The freaks at LANL are using python to control large-scale physics codes on massively parallel supercomputers, yada yada yada.
The ISDN BRI OA&M group at Nortel uses python as its offical scripting language for CGI applications.
Yahoo uses pythons.
Redhat uses python for its install procedure.
NASA Johnson space center uses python in its integrated planning system as the standard scripting language. Efforts are underway to develop a modular collection of tools for assisting shuttle pre-mission planning and to replace older tools written in PERL and shell dialects. Python will also be installed in the new Mission Control center.
LLNL uses python.
egroups.com is implemented in PURE python.
Infoseek uses python, most of their program is done in python. 11k lines of python code, and user interface in 17,000 lines of python-scripted html templates.
ILU by Xerox lab, the CORBAish OIS supports python.
There are tons of people using python. We don't see little of it, you are just ignorant!
They are the same.
Shouldn't that line be, "Don't use GIF, support PNG, worship GNU"? :)
they are talking about a new version of trinity, not the first versions. just like anti-virus experts talk about a new strain of virus.
Internet Security Systems not Internet Security Solutions, tho that is what they provide.
I am serious sick of hearing that every license in the world does not confirm to the GPL. Is this just me? Please, please, for the sake of mankind, would you guys please stop. I use to love free software and open source prior to it's popularity. There was no politics, and even if there was, it wasn't serious. I don't come to slashdot to become depressed, but to be enlightened.
Thanks dumb ass! Now you gave them the idea which will require us to sign forms to get the free device. Blah!
I am so sad at how most of course can easily talk, but when it comes down to taking actions. Can't. After the one-click patent thingy, Everyone was yelling, boycott Amazon! Vote with your money! Since then, I have actually done so. I have never purchased a single item from them! I use their site, to checkout books, perhaps read user reviews, but when it comes down to buying, I find other sites. I am just curious to how many people are still maintaining their boycott?
Bullshit!
I have never used Debian, but I run Slackware, Suse, Redhat, Solaris, Free|Net|Open BSD, HPUX, la la la.
But this article is full of shit. Default Installation is not a security hole. Calling / partiton
and swap partition a weakness cuz they are default is just wrong. Most people using linux today, are
single users. Anyone smart enough to be setting up linux for multiple users is usually smart enough
to partition the drives easily. The default password is crypt? How is this a security hole? This has
been the default, and I will really be ticked off if it was default of MD5 or some other better scheme.
Unless the Unix community adopts a new standard, crypt should remain the standard, Solaris, HPUX, they all
use crypt, not MD5. Default internet services are enabled, again this is nothing new, sure they should
be disabbled, but still, can this goon tell me the security holes in them? It is very amusing that he
mentions that gnuplot needs to be installed setuid root. Has gnuplot being audited for security bugs? How
can he make such stupid comments? First of all, there is X version of gnuplot, and I believe that is what
a user who needs to use gnuplot needs it for. No suid needed! Exim (if configured during install) gives
you the OPTION to use the RBL. What is the freaking problem? It gives you the option, if RBL is not working,
you have the option, and Exim is not debian. It is a package. Home directorys are mode 755 by default and
the default umask is 022, what again is the freaking problem? The only valid point I see him making is that
dpkg does not have a signing support. He blahs about LILO, if someone has physical access to your box, you are
owned!!! unless you are using crypto filesystem. Now, if he has bothered to check the CHANGELOGs he will notice
that security patches have been applied. This is a troll article.
IP is not property, URL is property
No one can own slashdot.org but slashdot.
How many of you will pay $5-$10 bucks a year for google? Be honest!
Yes, but you don't just worry about the software you use, you also worry about the people you communicate, if someone is using the "trojaned" version and sends you an encrypted document, it is good as plaintext since someone could have intercepted the secret message as well. All versions of this software need to be secure and trusted. Not just the version you use.
With FPGA, we can have reconfigurable motherboards, and such. Imagine your motherboard and cpu reconfiguring themselves to perform better for a graphics application? or perhaps a network application? or perhaps for a crypto application. Sadly, all I keep seeing is papers saying it will be done.
This is freaking annoying!!!! Why a new distribution or gaming? Why not improve and make RedHat that distribution? First of all, everyone knows Linux share will increase once gaming is popular, so why would they work on a different distribution from RedHat? Tommorrow, I guess they will start a new distribution just for web browsing. Anyway, My problem is that if this distribution they plan on goes well, It will kill Redhat, so what will happen? They will try to integrate them probably then! A whole new mess, so I hope they fix this small but big booboo they are about to make. We have enough linux distribution as is.
What is actually interesting, is how easier it is to type "make coffee -strenght 10 -cups 3" than go to your kitchen and do it manually! Woah, I finally see why coffee maker might need an OS!
I would expect slashdot to provide URL to informations readily available on the web, it is common pratice today. More information is available from http://www.vorbis.com/
A standard desktop will be good, but what needs to go into that is solid research in how humans use GUI. Look at KDE and Gnome, they are very good, but how much research went into them? Even apple and microsoft haven't done their research. They only people who I know have done serious research into UI is Xerox, and this was in the late 70's which is why they had an amazing GUI at that period, imagine if we had kept up on research! Sadly, everyone just wants to make money today at all cost.
Comments like yours scare me.
When Linux was fresh, people said.
Alternate OS (Linux is doomed to fail)
We've got plenty of them already. 386/BSD. BSDI. IRIX. HPUX. AIX. SunOS. Each has its backers.
But blah blah blah blah, more people would rather pay for blah blah (and upgrade every 2 years), than use an alternate free product.
Look where Linux is today, look how wrong those people are, give chance to new things, we have to keep trying till we get it right, just because the others failed doesn't mean the next will succeed.
These companies might not contribute any code, but their support is worth a lot more than code!!!
If the Linux community will write code, and these companies will support and stand behind it, that is great news and good enough for me!!!
Count on it, MAME will be ported to it. ;)
I am sorry to say so, but you are wrong. The PsOne (handheld playstation) is very bulky for a handheld, it is bigger than your average portable CD player, it doesn't come with a screen. You have to purchase it. The cost + the screen is over kill. The battery life is a joke. The gameboy is doing well because Nintendo has been very smart. Look at atari lynx and the handheld sega, they had superior technology and color, but their battery life sucked, they were bigger than gameboy. In the world of handhelds, battery life + smaller size is what reigns. The same reason why palm pilot is a success. :-)