The NTLM authentication is susceptable to dictionary attacks like any other hash. But like you said... it prevents credentials from being sniffed easily
There was an advisory about a year ago where they found out that by tricking IE or Outlook into activating a telnet:// URL, they could have a Win2k system automatically send the hash of the userid and credentials for the current logged on user.
I love the GPL. It seems to have thought of everything.
Just stating the obvious, but as I read it, Redhat has either granted license for the patents compatible with the GPL, or Redhat is in violation of the GPL for tainting the code with patents incompatible with the GPL.
This is a beautiful opportunity for Redhat and other companies to make money similar to Troll Tech: Charge license fees for closed-source commercial use.
For me the performance is varied. There are some things which are much much faster than they are in Communicator, like rendering complex nested tables. On the other hand, some things are dead slow, like opening huge lists or even huge plain text documents. Under IE, I can open up a local thousand-message Hypermail index page almost instantly, probably in under a second. Under Mozilla, the same list takes several seconds, and even then, the Back button is iffy as to whether it will put me in the right place.
This kind of speed problem means that where IE can be used to just click the links and navigate, Mozilla can't. When it takes Mozilla 5 seconds to render a page, and it takes 5 seconds to launch IE, it's obvious what is easier to use.
Also, from what I can tell, there is also a problem with the aggressive swapping to expand drive cache space in Windows. It seems to swap out Mozilla. On my 850MHz PIII w. 256MB of RAM, it can take up to 20, --*TWENTY*-- seconds to pull Mozilla out of swap.
That problem is hardly as pronounced under Linux, but Linux by default doesn't dump all not-recently-used pages of RAM to the HDD.
From what I can tell, Mozilla is better under Linux because of this, but surprisingly Galeon makes a big difference. Large lists are still slow, but the footprint and performance is a little better. It bridges the gap between bad and tolerable.
The anti-ad features are killers in Mozilla though. I use it exclusively now. But then, I never really used IE. It's too evil. I still remember where I was when I heard the news on the radio that Microsoft was going to bundle IE into Win95.
If it weren't for Mozilla, I would be stuck on IE, and I wouldn't be using Linux at home. It is a very important project for the Internet as a whole... and it is almost too late.
Send the EULA back to the company with a letter saying that you do not agree to the terms.
See what they can do to stop you from using their software.
Re:Saw something similar about EULAs in general
on
GPL's Strength
·
· Score: 2
Although, if you decide
It has nothing to do with paying to use it. You cannot distribute copies of a copyrighted work.
So if you're challenged in court as to what made you think you could copy and redistribute the software, how do you defend yourself?
Either you say "The author permitted me to do so by granting me license under the terms of the GPL", or you say "I am a criminal"
So either all these people using these extra rights provided for under the GPL are criminals, or they've protected themselves under the terms of the GPL. They don't need to sign anything, the author has signed the agreement.
That's exactly what is being said. Legally, you can copy software all you like. You just can't distribute those copies. You can also reverse-engineer it, you can quote from it, you can destroy all copies and sell it as "used". There are all kinds of things you can do if it weren't for that click/shrink-wrap license telling you that by opening that package or clicking that button, you sign away your rights.
Most of the comments I've been reading have been going off about administration and configuration. These are people going for a developer certification. That means they probably already know a lot about programming, and they probably already know a fair bit about programming under Windows.
Going in there and giving them a Linux sales-pitch would be a waste of their time.
Database connectivity sounds like a cool thing to demonstrate, you might want to demonstrate the basic development tools and documentation available at their disposal. Show them an easy editor to use.. something consistent with the editors used in the Windows world, show them gcc and some neat stuff like xxgdb. The ones who are clueful enough to care will pick it up when they leave.
IMHO the most important thing to explain to them is software licensing. It is quick, but when they realize that if they like to develop software, they'll clue in that developing their apps for Linux is easier.
A few tiny things like that would probably take up all the time you have. Cygwin might help them know how to develop apps from Windows to target Linux boxes.
My experience with MCSDs and other Windows developers is that they don't really care about the OS, they just care about writing apps and using OSes to make money by solving problems.
I hear comments like this, and I see the people around me using Debian, and the only conclusion I can make is that nobody is trying to use dselect to fine-tune a system. As soon as I gave up on it and just stuck to apt-get, everything afterwards was easy.
It is not the keystroke issue or the text mode thing, despite the fact that the keystroke combinations are pretty dumb, and the text interface takes hours to go through. It is that when you select something you didn't mean to, or you de-select something you did not intend, the consequences to your hour-long fine-tuning session can be catastrophic.
It is still mind-numbing to me why dselect would think that I wanted X11, gcc, perl and lilo(!) uninstalled. One keystroke too many I suppose...
No, if you're presenting somebody else's work as your own, then you are causing harm. If posting the picture all over the place shows that the value of the original is impacted, then you're disagreeing with the article.
What I find interesting is that in these examples, the manager is considered a representative of the company, but the employee is not.
IMHO, the employee works for the company, the company is responsible for the actions of the employee. Just as people can make mistakes, so can companies. In this case, the employee and therefore the company GPL'd the software. If the employee violated his employment contract by doing so, then he should be subject to termination and/or a lawsuit, but the GPL of the code should not be in question. The copyright is in the hands of the company, but the code was released as GPL. Tough cookies.
When your finger interrupts the beam, there will be a reflection from your finger. It is not that it will go in a particular direction, but it will go in every direction, including back to the sensor. The frequency of the light used is very well known, so there is little chance of interference from daylight etc. It knows which key you hit because it knows what it was painting when it detected the reflection. There will be some kind of complex processing for it to figure out what the baseline should be for the position of the typing surface, but all that can be dealt with using modern tech.
It's really just a glorified light gun or light pen.
The lack of tactile feedback would suck for touch-typists.
...few people ever actually ever see a profit from shareware.
Forget ethics, this is business.
What bugs me most is when people go on about legistlating this stuff into working, or demanding multi-billion dollar crackdowns because of flawed business models.
No other Mozilla, no debugging code, it really is that fat and bloated. On a fast machine, it is faster than IE in some places. In others, it is pigishly slow.
Being faster than IE in some places lets some people argue that it is faster and better than IE. It is not. I use Mozilla exclusively though. I find the performance disappointing but tolerable, however, it cuts out advertising and supports Internet standards.
The memory footprint is abhorrant. The tool in the demo spots leaks, not usage. I've never had serious problems with leaks in any web browser. Normally they crash long before I have to worry about them consuming too much memory.
I think Mozilla is particularly bad on Win32 OSes because the virtual memory managers in Windows will swap out unused allocated memory in exchange for HDD cache. This means if Mozilla is inactive for 10 minutes or so, it will get swapped out so that your drive cache can gain another 50MB. Oddly, IE doesn't appear to suffer from this. It would not be unlike Microsoft to introduce an undocumented API which allows apps to behave differently in swap, but that's just speculation.
On the other hand Linux appears to use virtual memory as a last resort. I'm not sure which scheme I like better. Windows could use being less agressive in how it expands cache.
Of course that is not to say that Mozilla isn't a pig. It is.
I think Mozilla will revolutionize the Internet and the way in which web browsers work, but it might not be through their own success, it might be through opening of standards and immitation of their technology.
Java is slower than C, yet less powerful than C++.
Yeah, that's a testable statement. Most of java's use is network-bound programming, where
pure speed isn't an issue, but it's excellent networking library is a benefit. No one is coding an
OS in java.Add to this the fact that java 1.4 is on part (except for GUIs) with C++, and you
have no speed issue.
Why is it that when I run my freenet node, the CPU is throttled?
I'm running a P200, it's enough for Apache, X, my firewall, storing my mail, processing mailing lists, compiling programs, serving files, serving a printer, but none of that throttles the CPU.
The only reason I would have to upgrade this box is to run Freenet. This is consistent with all my experiences with Java.
You're probably right that the Freenet networking code probably isn't sucking the system dry, my guess is that it would be either the encryption, or some data shuffling going on in memory.
There must be some troubleshooting tools out there to narrow down the heaviest lines of code. But I can't speak Java.
You do have to be careful though. Some notebooks don't deal well with being on 24x7 in a confined area For really bad ones, you may have to put it up on rubber feet to keep air moving around the shell, and leave the screen up while it is running.
It all depends on the particular machine. They're just not designed for 24x7 server-applications.
Here I thought it was people picking up on the sarchastic use of the genunine Open Source(TM) trademark, and extending it to mean that a Good Thing(TM) may not actually be a "good thing" but a trademark of some corporation.
Some people haven't caught on, and have just started slapping trade marks on everything. Sort of like calling everything which doesn't seem quite correct FUD.
Real Work(TM) means to me that the corporate Vision(TM) of real work may not necessarily actually be real or work, but just a corporate trademark.
It is a long shot, but maybe some manufacturer will like the idea of creating an ogg-chip which, to the end user, does exactly what the MP3 one does, except they pay no royalties.
#1 is not an advantage, it is a limitation. Linux runs on just about anything. It is not limited to the PPC and the x86, but also runs on the Alpha, Sparc, ARM, 68k, Dragonball, etc.
The sum of the numbers from 1 to 1M fits a pattern. It is an old, old problem.
To toot my own horn, somebody asked me the question (1 to 100) in grade 10, on the other hand, just knowing that there is a solution and that it can be done in your head, makes solving it trivial.
Just think of the sets of numbers which add up to 1M, and do some multiplication.
1M + 0 = 1 M
999,999 + 1 = 1M
999,998 + 2 = 1M ...
Think about 1 to 10, and you can figure out where stuff meets up. 6+4 = 10, so the 5 has no partner, or 500k has no partner in this case. Also, 6 to 10 is 5 sets, meaning that there is an even number of multiplications going on equal to "half" the number of numbers.
So, 500,000 * 1M + 500,000
It shouldn't be too hard to see the solution in your head, then work out any particulars on paper (I can't keep very much in my head).
Sort of like knowing that there is a way to triple the resolution of an LCD, most people immediately realized how sub-pixel rendering works.
I was using a setup which did this five years ago (wow, it really is that long ago). NCD terminals. I don't know how the hardware was setup, but we had the option of logging into an X or Citrix hacked WinNT 3.51 system. Under some priviliged accounts you could run Windows apps in a window (a resizable root window, but a window nonetheless -- and that was 5 years ago!)
I'm no musician, but can't you just use multiple sound cards? Most dumb software won't be able to figure out what to do, but you don't need complex software to record raw audio.
Quite true about the FP. It was so long ago that people were talking about that issue I just forgot. What you're saying does explain quite a bit. IIRC, although the AMD K6-2 has better FPU than the Cyrix chip, even AMD addressed their poor FPU by introducing 3DNow! to scrape back some performance. I'll have to try it out on my work machines. They're PII and PIII's. I'll also have to give it a go on my girlfriend's Celeron.
If that is the case, swapping the chip for a slower one with a better FPU I have kicking around might very quickly solve the problem.
Slashdot Mirror
The NTLM authentication is susceptable to dictionary attacks like any other hash. But like you said... it prevents credentials from being sniffed easily
There was an advisory about a year ago where they found out that by tricking IE or Outlook into activating a telnet:// URL, they could have a Win2k system automatically send the hash of the userid and credentials for the current logged on user.
In windows, this is an NTFS file system permission option.
It's good to know there is a way to do it in Linux too.
I love the GPL. It seems to have thought of everything.
Just stating the obvious, but as I read it, Redhat has either granted license for the patents compatible with the GPL, or Redhat is in violation of the GPL for tainting the code with patents incompatible with the GPL.
This is a beautiful opportunity for Redhat and other companies to make money similar to Troll Tech: Charge license fees for closed-source commercial use.
p.s. You're a karma whore.
For me the performance is varied. There are some things which are much much faster than they are in Communicator, like rendering complex nested tables. On the other hand, some things are dead slow, like opening huge lists or even huge plain text documents. Under IE, I can open up a local thousand-message Hypermail index page almost instantly, probably in under a second. Under Mozilla, the same list takes several seconds, and even then, the Back button is iffy as to whether it will put me in the right place.
This kind of speed problem means that where IE can be used to just click the links and navigate, Mozilla can't. When it takes Mozilla 5 seconds to render a page, and it takes 5 seconds to launch IE, it's obvious what is easier to use.
Also, from what I can tell, there is also a problem with the aggressive swapping to expand drive cache space in Windows. It seems to swap out Mozilla. On my 850MHz PIII w. 256MB of RAM, it can take up to 20, --*TWENTY*-- seconds to pull Mozilla out of swap.
That problem is hardly as pronounced under Linux, but Linux by default doesn't dump all not-recently-used pages of RAM to the HDD.
From what I can tell, Mozilla is better under Linux because of this, but surprisingly Galeon makes a big difference. Large lists are still slow, but the footprint and performance is a little better. It bridges the gap between bad and tolerable.
The anti-ad features are killers in Mozilla though. I use it exclusively now. But then, I never really used IE. It's too evil. I still remember where I was when I heard the news on the radio that Microsoft was going to bundle IE into Win95.
If it weren't for Mozilla, I would be stuck on IE, and I wouldn't be using Linux at home. It is a very important project for the Internet as a whole... and it is almost too late.
I was thinking about this a few days ago...
Send the EULA back to the company with a letter saying that you do not agree to the terms.
See what they can do to stop you from using their software.
It has nothing to do with paying to use it. You cannot distribute copies of a copyrighted work.
So if you're challenged in court as to what made you think you could copy and redistribute the software, how do you defend yourself?
Either you say "The author permitted me to do so by granting me license under the terms of the GPL", or you say "I am a criminal"
So either all these people using these extra rights provided for under the GPL are criminals, or they've protected themselves under the terms of the GPL. They don't need to sign anything, the author has signed the agreement.
That's exactly what is being said. Legally, you can copy software all you like. You just can't distribute those copies. You can also reverse-engineer it, you can quote from it, you can destroy all copies and sell it as "used". There are all kinds of things you can do if it weren't for that click/shrink-wrap license telling you that by opening that package or clicking that button, you sign away your rights.
Most of the comments I've been reading have been going off about administration and configuration. These are people going for a developer certification. That means they probably already know a lot about programming, and they probably already know a fair bit about programming under Windows.
Going in there and giving them a Linux sales-pitch would be a waste of their time.
Database connectivity sounds like a cool thing to demonstrate, you might want to demonstrate the basic development tools and documentation available at their disposal. Show them an easy editor to use.. something consistent with the editors used in the Windows world, show them gcc and some neat stuff like xxgdb. The ones who are clueful enough to care will pick it up when they leave.
IMHO the most important thing to explain to them is software licensing. It is quick, but when they realize that if they like to develop software, they'll clue in that developing their apps for Linux is easier.
A few tiny things like that would probably take up all the time you have. Cygwin might help them know how to develop apps from Windows to target Linux boxes.
My experience with MCSDs and other Windows developers is that they don't really care about the OS, they just care about writing apps and using OSes to make money by solving problems.
I hear comments like this, and I see the people around me using Debian, and the only conclusion I can make is that nobody is trying to use dselect to fine-tune a system. As soon as I gave up on it and just stuck to apt-get, everything afterwards was easy.
It is not the keystroke issue or the text mode thing, despite the fact that the keystroke combinations are pretty dumb, and the text interface takes hours to go through. It is that when you select something you didn't mean to, or you de-select something you did not intend, the consequences to your hour-long fine-tuning session can be catastrophic.
It is still mind-numbing to me why dselect would think that I wanted X11, gcc, perl and lilo(!) uninstalled. One keystroke too many I suppose...
No, if you're presenting somebody else's work as your own, then you are causing harm. If posting the picture all over the place shows that the value of the original is impacted, then you're disagreeing with the article.
What I find interesting is that in these examples, the manager is considered a representative of the company, but the employee is not.
IMHO, the employee works for the company, the company is responsible for the actions of the employee. Just as people can make mistakes, so can companies. In this case, the employee and therefore the company GPL'd the software. If the employee violated his employment contract by doing so, then he should be subject to termination and/or a lawsuit, but the GPL of the code should not be in question. The copyright is in the hands of the company, but the code was released as GPL. Tough cookies.
When your finger interrupts the beam, there will be a reflection from your finger. It is not that it will go in a particular direction, but it will go in every direction, including back to the sensor. The frequency of the light used is very well known, so there is little chance of interference from daylight etc. It knows which key you hit because it knows what it was painting when it detected the reflection. There will be some kind of complex processing for it to figure out what the baseline should be for the position of the typing surface, but all that can be dealt with using modern tech.
It's really just a glorified light gun or light pen.
The lack of tactile feedback would suck for touch-typists.
...few people ever actually ever see a profit from shareware.
Forget ethics, this is business.
What bugs me most is when people go on about legistlating this stuff into working, or demanding multi-billion dollar crackdowns because of flawed business models.
No other Mozilla, no debugging code, it really is that fat and bloated. On a fast machine, it is faster than IE in some places. In others, it is pigishly slow.
Being faster than IE in some places lets some people argue that it is faster and better than IE. It is not. I use Mozilla exclusively though. I find the performance disappointing but tolerable, however, it cuts out advertising and supports Internet standards.
The memory footprint is abhorrant. The tool in the demo spots leaks, not usage. I've never had serious problems with leaks in any web browser. Normally they crash long before I have to worry about them consuming too much memory.
I think Mozilla is particularly bad on Win32 OSes because the virtual memory managers in Windows will swap out unused allocated memory in exchange for HDD cache. This means if Mozilla is inactive for 10 minutes or so, it will get swapped out so that your drive cache can gain another 50MB. Oddly, IE doesn't appear to suffer from this. It would not be unlike Microsoft to introduce an undocumented API which allows apps to behave differently in swap, but that's just speculation.
On the other hand Linux appears to use virtual memory as a last resort. I'm not sure which scheme I like better. Windows could use being less agressive in how it expands cache.
Of course that is not to say that Mozilla isn't a pig. It is.
I think Mozilla will revolutionize the Internet and the way in which web browsers work, but it might not be through their own success, it might be through opening of standards and immitation of their technology.
Has anyone told the recording industry about this?
Why is it that when I run my freenet node, the CPU is throttled?
I'm running a P200, it's enough for Apache, X, my firewall, storing my mail, processing mailing lists, compiling programs, serving files, serving a printer, but none of that throttles the CPU.
The only reason I would have to upgrade this box is to run Freenet. This is consistent with all my experiences with Java.
You're probably right that the Freenet networking code probably isn't sucking the system dry, my guess is that it would be either the encryption, or some data shuffling going on in memory.
There must be some troubleshooting tools out there to narrow down the heaviest lines of code. But I can't speak Java.
You do have to be careful though. Some notebooks don't deal well with being on 24x7 in a confined area For really bad ones, you may have to put it up on rubber feet to keep air moving around the shell, and leave the screen up while it is running.
It all depends on the particular machine. They're just not designed for 24x7 server-applications.
That's just FUD :-)
Here I thought it was people picking up on the sarchastic use of the genunine Open Source(TM) trademark, and extending it to mean that a Good Thing(TM) may not actually be a "good thing" but a trademark of some corporation.
Some people haven't caught on, and have just started slapping trade marks on everything. Sort of like calling everything which doesn't seem quite correct FUD.
Real Work(TM) means to me that the corporate Vision(TM) of real work may not necessarily actually be real or work, but just a corporate trademark.
It is a long shot, but maybe some manufacturer will like the idea of creating an ogg-chip which, to the end user, does exactly what the MP3 one does, except they pay no royalties.
#1 is not an advantage, it is a limitation. Linux runs on just about anything. It is not limited to the PPC and the x86, but also runs on the Alpha, Sparc, ARM, 68k, Dragonball, etc.
The sum of the numbers from 1 to 1M fits a pattern. It is an old, old problem.
To toot my own horn, somebody asked me the question (1 to 100) in grade 10, on the other hand, just knowing that there is a solution and that it can be done in your head, makes solving it trivial.
Just think of the sets of numbers which add up to 1M, and do some multiplication.
...
1M + 0 = 1 M
999,999 + 1 = 1M
999,998 + 2 = 1M
Think about 1 to 10, and you can figure out where stuff meets up. 6+4 = 10, so the 5 has no partner, or 500k has no partner in this case. Also, 6 to 10 is 5 sets, meaning that there is an even number of multiplications going on equal to "half" the number of numbers.
So, 500,000 * 1M + 500,000
It shouldn't be too hard to see the solution in your head, then work out any particulars on paper (I can't keep very much in my head).
Sort of like knowing that there is a way to triple the resolution of an LCD, most people immediately realized how sub-pixel rendering works.
I was using a setup which did this five years ago (wow, it really is that long ago). NCD terminals. I don't know how the hardware was setup, but we had the option of logging into an X or Citrix hacked WinNT 3.51 system. Under some priviliged accounts you could run Windows apps in a window (a resizable root window, but a window nonetheless -- and that was 5 years ago!)
I'm no musician, but can't you just use multiple sound cards? Most dumb software won't be able to figure out what to do, but you don't need complex software to record raw audio.
Quite true about the FP. It was so long ago that people were talking about that issue I just forgot. What you're saying does explain quite a bit. IIRC, although the AMD K6-2 has better FPU than the Cyrix chip, even AMD addressed their poor FPU by introducing 3DNow! to scrape back some performance. I'll have to try it out on my work machines. They're PII and PIII's. I'll also have to give it a go on my girlfriend's Celeron.
If that is the case, swapping the chip for a slower one with a better FPU I have kicking around might very quickly solve the problem.