Of course I am being a "whiner" here I suppose. Let's think of it, How many of you will be downloading source forge and setting up a source forge server? Thought so. So why should they run it as if it is a project that the mass will download and work with the source? It is very sad that whenever people give something to the community, that there are always people who will find something to whine about it. Let's assume that source forge is closed source, so what?! If source forge was closed source, I still do be 100% grateful. It is a service, that is what I appreciate, I don't see it as a program. The same thing with slashdot, slashdot is a service to me, not a program. If it was a software that I ran on my system, then perhaps I will be concerned.
After I read the article, I was a little bit pissed off, but then I came back to my mind, My Gosh! I am a programmer, When I am coding thousands to hundreds of thousands of code, it is inevitable that bugs creep in. As a programmer, I definitely will truely wish to squash all those bugs before I ship, what programmer wouldn't? But realistically, such never happens. So we have programs with bugs shipping. That is why programs are shipped with agreements to protect us. But this is unfair to consumers, A lot of programs today are bloated, and with this bloatness comes more bugs, a lot of programmers are careless today, everyone wants to ship on time, not ship quality software.
If a prior to shipment, a program had a bug, and they guys shipping the program knew about this bug, but refused to fix it. I think they should be held liable for some of the damages, but it would be hard to prove such a thing as it can be concealed very easily. I was thinking that at the very least we should refund softwares if the cost of damage it produces is more than it was bought. Thus, if you spend $5k on a software, and the software ends up costing $5k in damages, you should at least get your $5k back. But then again, what if that same software has made you $10 million prior to that damage? What if the bug in the software is not from your own code, but from a library that you licensed?!
This is a very touch subject both as a consumer and as a programmer, I can't even think of a solution that will satisfy both parties, I can only state some of my opinion into the matter.
This is a very "stupid" question. It is just like someone posting on slashdot and asking what language do I use for database, or game programming and so forth. There is no one simple language to use for CGI programming, you use the best language for the job. CGI is a gateway, thus the langauge is irrelevant. For example, I had to write a CGI script to query a remedy server and submit to it. The only remedy API I knew of was C, so the entire CGI was done in C. In another project, I just needed to do a very small job, I did it in PERL. So when I am doing CGI, what I care about is what I am working on, if you are generating HTML pages a lot from your CGI, you might prefer PERL and Python.
I know that a lot of people are going to jump and down and yell at the Patent Office, for those people, I want to ask, how many of you have applied for a job at the Patent office, so that you work and help remedy this problem we are experiencing? Okay, so perhaps you have never thought of working there, Would you give up your $100k linux sysadmin job for lower wages to make a difference? I thought so...
Before you Begin to Blah about Be, you ought to Believe you have a valid point, Because I said so, and so it will Be, or you will get Beheaded, so Behave yourself.
Finding ISO is never a problem, anyone can still go to ftp://download.sourceforge.net/pub/mirrors/iso/ and get a lot of those. The problem is finding ISO's for other distributions. Where are the ISO images for NetBSD sparc/pmax and other architecture distribtuions? What about sparc linux? Not everyone uses x86.
I definitely remember wiretap, but I have never thought of it for sometime. What is very disturbing is to how easy it is for digital libraries to disappear like wiretap. What is even more worrying is that we are accumlating so much info that things can easily go bye bye without people noticing, and even when they notice... I heard someone say everything is a solution to this, I disagree. and I don't think freenet is a solution to this either. What bugs me now tho, is what the solution is?
I just finished reading this book at 5am last night or this morning whichever way you look at it, and it is a great read. The last section on quantum psyhics application to quantum money, quantum computing and cryptography is great. I am going to restart the book over again.:-) It is the best read I have touched in a long time. I recommend it for anyone, One of the greatest things about cryptography is that it is very easy to understand, it can be broken down into very simple examples. The reason for this is that cryptography relies on number theory which is also very easy to understand "basics", it doesn't require algebra or calculus, just basic mathematics.
Around 5 years ago, I interviewed Eliza about Eliza on an apple II after painfully typing in the code. I am sure, tons of people have done this, don't feel bad.
I have a decstation, which is the largest of my computers, and probably weighs in at 50 pounds. Likewise, I know people that vax machines weighing much more. There is a certain comfort in knowing you can't pocket my box.:-) Can you imagine school's using this? A small amount of people can pocket an entire computer lab in a few minutes.
"Update: 04/07 03:09 by CT: originally this story misused 'hacker' quite offensively. I corrected it."
I must object, and I hope that many people object as well, You bring news to us, and you should bring it the way it came, raw and original, irrelevant of it is offensive to you or not. "hacker" used for a computer cracker might be an offensive term to you, but what about me? I work in the computer security industry, so have you more credits to tell me what to refer a computer criminal as? I call them hackers, why? because that is what it means now, till the media comes up with a new term, the original old term is lost, and you can't do shit about it. But I digress, I do not care what you call them or what anyone call them, I call them "script kiddies", "computer criminals or intruders", but back to the gist of my post. You should never never ever modify a post! I hope this is the last we see this on slashdot, because this is misinformation. I saw a comment by someone thinking that this guy had a clue because he refered to computer intruders as crackers, if only you had left the post as the original, the owner of the comment might have thought twice. What next? tomorrow andovernet will ask you to edit a news because it is offensive? You commited a big boo boo, but it is okay, we all make mistakes once, but I really hope that this doesn't happen again!!!
1 finger 2 date 3 dir 4 help 5 d 6 list 7 ls 8 ls/p 9 ftp ftp.rootshell.com 10 pkunzip rootkit.tgz 11 tar -zxvf rootkit.tgz 12 gcc bda.c 13 gcc bad.c 14 edit 15 edit bad.c 16 edit.com 17 pico bad.c 18 gcc bad.c 19 a.out 20 a.exe 21 a.out -help 22./.aout 23./a.out 24 dir 25 shit@##$@# 26 ls 27./a.out -hlocalhost 28 md... 29 mkdir... 30 cp./a.out... 31 finger 32 cd \etc 33 cd/etc 34 edit motd 35 pico motd 36 quit 37 exit
If the above logs is how you are going to learn how hackers operate, then go ahead and setup a honeypot. You will only attract script kiddies, we call them that for a reason. They can barely gcc and./a.out. The only dangerous thing about them is that they have no fucking clue what they are doing. The real "hackers/crackers", the ones with a fucking clue, do not go out probing systems cuz they are bored. If anything, they have their own network which they hack and figure out, when they go out to attack, they have a motive, they have a reason, they know what they want. Anyone with a little clue will realise that something is wrong if they login into the kind of honeypot described by this guy. If you do a last command, you will notice no one uses the system. If you do a process listing, you will notice that there is no interesting process running, so what the hell is the server for? The script kiddies with a clue, will not really care much about hacking it, they will just try to use it to stash their warez, porn and IRC.
If you are a company facing such a diliema, what would you do? How many of you here will enjoying playing a game where a lot of people are cheating? Hrm, I don't see any hands. Once people start cheating, interest in the games will decline, and all this spells out to is lost profit for the company. My question is not if they are right or wrong, but what are we going to do to fix this problem?
This question is for slashdotters, when a news story appears, do you just read the summary and start firing out posts? When we have an interview, I would expect that you guys would first of all, take your time go to whatever site that is posted, digest whatever is there so you can really ask very appropriate questions. All the posts I have seen having been asking questions on Artifical intelligence, Questions that we have all heard before, and will hear again. I am not saying anything is wrong, but I find http://www.jordanpollack.com/softwaremarket/ to be the most interesting part of his site. You guys ought to read it for those of you who haven't.
Some people think that this sounds stupid, but it is not. A lot of people fail to realize that almost all of the IRC servers out there are run on a voluantary basis, IRC is a privelage not a right. A lot of script kiddies are not up to no good, the flood, the trade their warez and porn, and chances are that they are addicts, taking away IRC from them for a day will provide the same effect of denying a cocaine user drugs for a day. I do not think it will stop the problem, but I do think it will make people realize how much they value IRC, people fail to value things till it gets taken away from them. Pardon all my tpyos, incorrect grammars and speelings, Rob when is slashdot getting a spelling and grammar checker?
Why should we borrow your letter, Is the average slashdotter not smart enough to compose a letter of this own? Receiving the same letter from multiple senders will only server to imply that we are not really serious, it might also be perceived as spamming, I think we rather have them get 1000 unique letters than 100000 letters with the same content. So far they have received only 300 mails, that is nothing! I hope slashdotters really do take action, It only takes 5 minutes to send mail!
right on! and why is it that anytime a software is mentioned on slashdot, it is followed by open source it? netscape/mozilla is a totally failure if you ask me, look how much ass IE kicks, closed source from our number one ass kicking company Microsoft, and the open source project couldn't catch up.
Everyone is talking about how you can use the amount you make from banner ads, the size of the site, the amount of work that went into the site and the number of visitors you have to determine the worth. Now, what about the domain name? www.car.com, a domain alone will definitely sell for a lot of money, so add that in too.
I don't mean to troll or anything, but this is really old news, In the previous slashdot thread about Linux running on mainframe, The guy mentioned this, so why is this news all of a sudden? I am extremly disappointed that the guys handling the post, just post without checking if it is old news or reading the entire article. I am sure if CommandTaco had read the previous article, he will know that this is not news. Anyway, no troll intended. I just got very frustrated and shit I am trying to solve, so I come on slashdot to find new news to fresh my mind, thus I hope you feel my pain.
You still don't get the point, what an ignornat post you have there. You sound just like the "Windows" folks who don't get the point why anyone would run Linux.
You made a point that Sun hardware is very stable and reliable, So why not run Linux on it? Would anyone buy an Ultra to run Linux? Yes. Sun has an Ultra 5, 128mb ram, 8gig, 17 monitor for sale on their site for $1,300 now. Why should I buy a PC? If I buy a PC I will throw that shit out in 2 years, whereas I am sure I can have that ultrasparc going for 5 years. I have a couple of sparcs, and I got tired of my having to upgrade my PC's, so when my last PC running Linux died, the motherboard f'up. What did I do? Upgrade it? Heck no, not any more, I just threw linux on one of my sparcs. Now, I never have to worry about upgrade.
Now, I am using Linux on a sparc as a workstation, to surf the net, play with gimp, play mp3's, write papers, and do misc stuff. Are you getting the point why I would use Linux on a sparc?
Let's not start Solaris vs Linux war. I love them both, but sometimes somethings just work well for you. In Solaris environment, if you really really do want quality software, you have to spend money buying them, You might not have time to spend porting free software, so in such a situation, you might decide to run Linux.
Sorry guy, but you are the whiner who needs to shut your trap. Security through obscurity does not work. Your argument is that the bug shouldn't be leaked until a solution or workaround is known. Well!, Duh!! When you share the problem, the tons of smart programmers out there will come up with a solution, and I can promise you that a solution willl come up in an hour even if it is not perfect. Tell me what security hole that has been discovered and couldn't be solved thus leading to many attacks? None. The problem with Security is that people don't patch up and keep in touch with it. But for the sake of your argument, let's assume we find a bug which is not easy to fix, What does that mean? It simply means we are using the wrong product... Sorry guy, Security through obscurity does not work.
Unix is in the eyes of the beholder. Think of this, if you are a simple user, all you care about is your normal unix tools, shells and what not. If we recreate this environment on NT, then as far as you are concerned, you have a Unix or Unixlike system. But if you are a kernel hacker, once you get into NTs kernel, you will scream and not call it Unix. Likewise, if we take a Unix kernel say linux and provide it with a GUI that functions just like windows98, a user will not call it Unix, as far as he is stuck in the GUI he will call it windows or windowslike, whereas a hacker working with the kernel without the GUI will still call it Unix. Take a case of a car, if we get a BMW take out the engine and put in a toyota engine, what is it? People who just see the car from afar will call it BMW, whereas the guy that fixes it will call it toyota. Thus Unix is in the eyes of the beholder.
Slashdot Mirror
Of course I am being a "whiner" here I suppose.
Let's think of it, How many of you will be downloading source forge and setting up a source forge server? Thought so. So why should they run it as if it is a project that the mass will download and work with the source? It is very sad that whenever people give something to the community, that there are always people who will find something to whine about it. Let's assume that source forge is closed source, so what?! If source forge was closed source, I still do be 100% grateful. It is a service, that is what I appreciate, I don't see it as a program. The same thing with slashdot, slashdot is a service to me, not a program. If it was a software that I ran on my system, then perhaps I will be concerned.
After I read the article, I was a little bit pissed off, but then I came back to my mind, My Gosh! I am a programmer, When I am coding thousands to hundreds of thousands of code, it is inevitable that bugs creep in. As a programmer, I definitely will truely wish to squash all those bugs before I ship, what programmer wouldn't? But realistically, such never happens. So we have programs with bugs shipping. That is why programs are shipped with agreements to protect us. But this is unfair to consumers, A lot of programs today are bloated, and with this bloatness comes more bugs, a lot of programmers are careless today, everyone wants to ship on time, not ship quality software.
If a prior to shipment, a program had a bug, and they guys shipping the program knew about this bug, but refused to fix it. I think they should be held liable for some of the damages, but it would be hard to prove such a thing as it can be concealed very easily. I was thinking that at the very least we should refund softwares if the cost of damage it produces is more than it was bought. Thus, if you spend $5k on a software, and the software ends up costing $5k in damages, you should at least get your $5k back. But then again, what if that same software has made you $10 million prior to that damage? What if the bug in the software is not from your own code, but from a library that you licensed?!
This is a very touch subject both as a consumer and as a programmer, I can't even think of a solution that will satisfy both parties, I can only state some of my opinion into the matter.
This is a very "stupid" question. It is just like someone posting on slashdot and asking what language do I use for database, or game programming and so forth. There is no one simple language to use for CGI programming, you use the best language for the job. CGI is a gateway, thus the langauge is irrelevant. For example, I had to write a CGI script to query a remedy server and submit to it. The only remedy API I knew of was C, so the entire CGI was done in C. In another project, I just needed to do a very small job, I did it in PERL. So when I am doing CGI, what I care about is what I am working on, if you are generating HTML pages a lot from your CGI, you might prefer PERL and Python.
I know that a lot of people are going to jump and down and yell at the Patent Office, for those people, I want to ask, how many of you have applied for a job at the Patent office, so that you work and help remedy this problem we are experiencing? Okay, so perhaps you have never thought of working there, Would you give up your $100k linux sysadmin job for lower wages to make a difference? I thought so...
Before you Begin to Blah about Be, you ought to Believe you have a valid point, Because I said so, and so it will Be, or you will get Beheaded, so Behave yourself.
Finding ISO is never a problem, anyone can still go to ftp://download.sourceforge.net/pub/mirrors/iso/ and get a lot of those. The problem is finding ISO's for other distributions. Where are the ISO images for NetBSD sparc/pmax and other architecture distribtuions? What about sparc linux? Not everyone uses x86.
I definitely remember wiretap, but I have never thought of it for sometime. What is very disturbing is to how easy it is for digital libraries to disappear like wiretap. What is even more worrying is that we are accumlating so much info that things can easily go bye bye without people noticing, and even when they notice... I heard someone say everything is a solution to this, I disagree. and I don't think freenet is a solution to this either. What bugs me now tho, is what the solution is?
I just finished reading this book at 5am last night or this morning whichever way you look at it, and it is a great read. The last section on quantum psyhics application to quantum money, quantum computing and cryptography is great. I am going to restart the book over again. :-) It is the best read I have touched in a long time. I recommend it for anyone, One of the greatest things about cryptography is that it is very easy to understand, it can be broken down into very simple examples. The reason for this is that cryptography relies on number theory which is also very easy to understand "basics", it doesn't require algebra or calculus, just basic mathematics.
Wazzzzzup!!!
blah, blah, blah.
Around 5 years ago, I interviewed Eliza about Eliza on an apple II after painfully typing in the code. I am sure, tons of people have done this, don't feel bad.
Wazzzzup!!!!
I have a decstation, which is the largest of my computers, and probably weighs in at 50 pounds. Likewise, I know people that vax machines weighing much more. There is a certain comfort in knowing you can't pocket my box. :-) Can you imagine school's using this? A small amount of people can pocket an entire computer lab in a few minutes.
Wazzup!!!!!
Rambus is already bust, look at how much problem it has caused already, and all the flaws with it, no one wants a kludge on their motherboard.
Wazzzzup!!!!
"Update: 04/07 03:09 by CT: originally this story misused 'hacker' quite offensively. I corrected it."
I must object, and I hope that many people object as well, You bring news to us, and you should bring it the way it came, raw and original, irrelevant of it is offensive to you or not. "hacker" used for a computer cracker might be an offensive term to you, but what about me? I work in the computer security industry, so have you more credits to tell me what to refer a computer criminal as? I call them hackers, why? because that is what it means now, till the media comes up with a new term, the original old term is lost, and you can't do shit about it. But I digress, I do not care what you call them or what anyone call them, I call them "script kiddies", "computer criminals or intruders", but back to the gist of my post. You should never never ever modify a post! I hope this is the last we see this on slashdot, because this is misinformation. I saw a comment by someone thinking that this guy had a clue because he refered to computer intruders as crackers, if only you had left the post as the original, the owner of the comment might have thought twice. What next? tomorrow andovernet will ask you to edit a news because it is offensive? You commited a big boo boo, but it is okay, we all make mistakes once, but I really hope that this doesn't happen again!!!
Yeah, it does work!!!
/p ./.aout ./a.out ./a.out -hlocalhost ... ... ./a.out ... /etc
./a.out. The only dangerous thing about them is that they have no fucking clue what they are doing. The real "hackers/crackers", the ones with a fucking clue, do not go out probing systems cuz they are bored. If anything, they have their own network which they hack and figure out, when they go out to attack, they have a motive, they have a reason, they know what they want. Anyone with a little clue will realise that something is wrong if they login into the kind of honeypot described by this guy. If you do a last command, you will notice no one uses the system. If you do a process listing, you will notice that there is no interesting process running, so what the hell is the server for? The script kiddies with a clue, will not really care much about hacking it, they will just try to use it to stash their warez, porn and IRC.
1 finger
2 date
3 dir
4 help
5 d
6 list
7 ls
8 ls
9 ftp ftp.rootshell.com
10 pkunzip rootkit.tgz
11 tar -zxvf rootkit.tgz
12 gcc bda.c
13 gcc bad.c
14 edit
15 edit bad.c
16 edit.com
17 pico bad.c
18 gcc bad.c
19 a.out
20 a.exe
21 a.out -help
22
23
24 dir
25 shit@##$@#
26 ls
27
28 md
29 mkdir
30 cp
31 finger
32 cd \etc
33 cd
34 edit motd
35 pico motd
36 quit
37 exit
If the above logs is how you are going to learn how hackers operate, then go ahead and setup a honeypot. You will only attract script kiddies, we call them that for a reason. They can barely gcc and
If you are a company facing such a diliema, what would you do? How many of you here will enjoying playing a game where a lot of people are cheating? Hrm, I don't see any hands. Once people start cheating, interest in the games will decline, and all this spells out to is lost profit for the company. My question is not if they are right or wrong, but what are we going to do to fix this problem?
This question is for slashdotters, when a news story appears, do you just read the summary and start firing out posts? When we have an interview, I would expect that you guys would first of all, take your time go to whatever site that is posted, digest whatever is there so you can really ask very appropriate questions. All the posts I have seen having been asking questions on Artifical intelligence, Questions that we have all heard before, and will hear again. I am not saying anything is wrong, but I find http://www.jordanpollack.com/softwaremarket/ to be the most interesting part of his site. You guys ought to read it for those of you who haven't.
Some people think that this sounds stupid, but it is not. A lot of people fail to realize that almost all of the IRC servers out there are run on a voluantary basis, IRC is a privelage not a right. A lot of script kiddies are not up to no good, the flood, the trade their warez and porn, and chances are that they are addicts, taking away IRC from them for a day will provide the same effect of denying a cocaine user drugs for a day. I do not think it will stop the problem, but I do think it will make people realize how much they value IRC, people fail to value things till it gets taken away from them.
Pardon all my tpyos, incorrect grammars and speelings, Rob when is slashdot getting a spelling and grammar checker?
Why should we borrow your letter, Is the average slashdotter not smart enough to compose a letter of this own? Receiving the same letter from multiple senders will only server to imply that we are not really serious, it might also be perceived as spamming, I think we rather have them get 1000 unique letters than 100000 letters with the same content. So far they have received only 300 mails, that is nothing! I hope slashdotters really do take action, It only takes 5 minutes to send mail!
Nope, you are wrong! That is not the downside of BSD freedom, but the positive of it, if not apple might not have done this. think of it.
right on! and why is it that anytime a software is mentioned on slashdot, it is followed by open source it? netscape/mozilla is a totally failure if you ask me, look how much ass IE kicks, closed source from our number one ass kicking company Microsoft, and the open source project couldn't catch up.
Your argument is pointless, GNOME is not integrated with the linux kernel, you are not forced to use it. If you have a 386 or 486, run fvwm.
Everyone is talking about how you can use the amount you make from banner ads, the size of the site, the amount of work that went into the site and the number of visitors you have to determine the worth. Now, what about the domain name? www.car.com, a domain alone will definitely sell for a lot of money, so add that in too.
I don't mean to troll or anything, but this is really old news, In the previous slashdot thread about Linux running on mainframe, The guy mentioned this, so why is this news all of a sudden? I am extremly disappointed that the guys handling the post, just post without checking if it is old news or reading the entire article. I am sure if CommandTaco had read the previous article, he will know that this is not news. Anyway, no troll intended. I just got very frustrated and shit I am trying to solve, so I come on slashdot to find new news to fresh my mind, thus I hope you feel my pain.
You still don't get the point, what an ignornat post you have there. You sound just like the "Windows" folks who don't get the point why anyone would run Linux.
You made a point that Sun hardware is very stable and reliable, So why not run Linux on it? Would anyone buy an Ultra to run Linux? Yes. Sun has an Ultra 5, 128mb ram, 8gig, 17 monitor for sale on their site for $1,300 now. Why should I buy a PC? If I buy a PC I will throw that shit out in 2 years, whereas I am sure I can have that ultrasparc going for 5 years. I have a couple of sparcs, and I got tired of my having to upgrade my PC's, so when my last PC running Linux died, the motherboard f'up. What did I do? Upgrade it? Heck no, not any more, I just threw linux on one of my sparcs. Now, I never have to worry about upgrade.
Now, I am using Linux on a sparc as a workstation, to surf the net, play with gimp, play mp3's, write papers, and do misc stuff. Are you getting the point why I would use Linux on a sparc?
Let's not start Solaris vs Linux war. I love them both, but sometimes somethings just work well for you. In Solaris environment, if you really really do want quality software, you have to spend money buying them, You might not have time to spend porting free software, so in such a situation, you might decide to run Linux.
Sorry, if I got carried away.
Sorry guy, but you are the whiner who needs to shut your trap. Security through obscurity does not work. Your argument is that the bug shouldn't be leaked until a solution or workaround is known. Well!, Duh!! When you share the problem, the tons of smart programmers out there will come up with a solution, and I can promise you that a solution willl come up in an hour even if it is not perfect. Tell me what security hole that has been discovered and couldn't be solved thus leading to many attacks? None. The problem with Security is that people don't patch up and keep in touch with it. But for the sake of your argument, let's assume we find a bug which is not easy to fix, What does that mean? It simply means we are using the wrong product... Sorry guy, Security through obscurity does not work.
I can tpye and speel.
Unix is in the eyes of the beholder. Think of this, if you are a simple user, all you care about is your normal unix tools, shells and what not. If we recreate this environment on NT, then as far as you are concerned, you have a Unix or Unixlike system. But if you are a kernel hacker, once you get into NTs kernel, you will scream and not call it Unix. Likewise, if we take a Unix kernel say linux and provide it with a GUI that functions just like windows98, a user will not call it Unix, as far as he is stuck in the GUI he will call it windows or windowslike, whereas a hacker working with the kernel without the GUI will still call it Unix. Take a case of a car, if we get a BMW take out the engine and put in a toyota engine, what is it? People who just see the car from afar will call it BMW, whereas the guy that fixes it will call it toyota. Thus Unix is in the eyes of the beholder.