...and benchmarks. We all know by now how this works. In my particular, unique, case I only have two real-world applications for java. Freenet (http://www.freenetproject.org) and Invisible Internet Project (http://www.i2p.net) It is by coincidence they are both written in java. They are both incredibly cpu and memory intensive. They both have native jni add-ons to speed things up and these native implementations are often many times faster. I suspect the cases where native is much faster still greatly outnumber the few instances where java is faster.
I just hacked up a script that will port scan their IP space in just the right port/ip/time pattern to form the goatse guy in all of his 3-d glory rendering this security tool useless because people will refuse to look at it. If that doesn't deter them I'll hit 'em with tubgirl. They'll be able to rotate it in 3-d and see the whole stream suspended in mid-air and everything. My next task is to hit them with successive animated images so if they play it back fast enough they can see the cavern opening and closing or the cascade flowing.
You are right but only to a certain degree. Of course one has to keep up on security patches because no software is perfect (except qmail which has never had an exploit in the many years I've been using it) but it is a lot easier to keep up on security when your CMS doesn't have a fatal exploit every other day. I seriously considered phpnuke but experimented with postnuke on the advice of friends. I found that even postnuke, while supposedly more secure, just wasn't as flexible or easy to use as I would like. I am now playing with zope/plone and I am very impressed. I've known about it for years but never really played with it. Now I have pretty much decided to move all of my sites over to this system.
Debian is really maginalizing itself. I was a debian user for about 6 months. I had been using Linux for nearly 10 years prior so I wasn't averse to learning a new system, compiling stuff by hand, etc. But debian stable is just so far out of date, the installar is just so hideous and painful to use, and the new stuff seemed so far off I jumped ship to Fedora as soon as I realized that it had the single best feature of debian: apt-get (I use yum actually but the effect is the same). But now that this news has come to light I am very glad I jumped ship when I did. My company could never have put up with such a slow and unreliable release schedule. And removing non-free bits of microcode from the kernel is really going to hurt hardware support. Sure, you will probably be able to download them from non-free during or after install and everyone will so we don't really gain any more freedom and we further complicate the already painful install process. Debian is quickly becoming the dinosaur of Linux distributions and is pulling an RMS and hurting the cause of Free Software by marginalizing itself with extremism such that no serious users or organisations will want to be associated with it.
I'm still wondering whether this is an April Fools joke or not but if it isn't: We still REALLY need to find a way to get everyone to use GPG/PGP. With proper mailer support it is trivially easy. Joe Sixpack can do it and he won't even know he is doing it. If we all encrypted our mail google wouldn't be able to do a thing with it. Plus it wouldn't compress at all which would probably hose them up somewhere.
And she has done so for years. She isn't a computer geek. Never a virus or other problem with the Linux box in all this time. Every couple years I stop by and upgrade the thing with the latest and greatest RedHat. Next time it'll be Fedora. Here's a blurb I wrote up about it way back when.
True but we need to trust the individuals in so many other cases that we may as well do it here too. A public key infrastructure is so useful in so many areas. Technical proficiency really isn't a problem as the MUA can automate just about everything. Stolen keys are not a problem. This is why keys are encrypted with a symmetric cipher so you have to enter your password to unlock it. If the key really is stolen just tell your MUA and it will issue the revocation key it generated when it generated the key for you in the first place. The individuals would handle key checking themselves, this is probably the most complicated part. Have your pal come over to your machine, say "yep, that's my key" and then click sign it if you know him or look at his ID if you don't. The chain is unlikely to be 100 or 1000 keys long. 6 degrees of separation etc and orkut and friendster etc have shown us this works. It won't take long at all to verify keys if you cache the results. It could take several minutes (at worst) the first time but then a fraction of a second each time after that. The PGP/GPG/crypto guys are quite smart and have thought of all of this.
It's not overkill. It's just not a band-aid. It is very useful in all kinds of areas from email to verifying downloads are good and trustworthy to verifying webpages etc. We need a universal PKI.
...are still the only real solution to the issue of trust, reputation, and accountability on the Internet. We need it for so many other things in addition to guaranteeing email legitimacy.
If every user or at least every server had a key and we all signed each others keys creating a web of trust and only accepted signed and trusted mail the spam problem would be solved. I really dislike the way SSL certificates are handed out. A central CA is a very bad idea due to the cost and browser lock-in issues etc. With GPG and web of trust if you want to run a mail server you need to talk to a friend who is already running one and get them to sign your key. Perhaps we could even use DNS to propagate and cache the keys and sigs. If you sign a key that turns out to be a spammer you better revoke that signature fast before the person upstreeam from you revokes yours. Problem solved. Now if only we could get the big guys to go along with it...
eh...the size of the restricted area doesn't mean anything. I am a pilot and have flown my plane straight through R-2501 on a number of occasions. Sometimes at fairly low altitude. Certainly low enough to get some very good pics.
Actually, small model jet engines aren't that loud at all. I have not actually flown one myself but I have stood next to one as it was started and flown and it was pretty bearable. No louder than the glow fuel powered planes really. I've got a video around here somewhere...
It is impossible to just look at the model and say it won't fly. You need to know where the CG is. I have model planes in my garage that are stranger looking that DO fly.
I have flown flying wings and both of the above assessments are off. Just put the cg ahead of the aerodynamic center on each axis and they are perfectly stable, just like any aircraft. Pitch stability is a matter of having the cg in front of the aerodynamic center. Nothing to do with the reflex of the trailing edge. That reflex is there due to the pitching moment of the airfoil. For a flying wing you want to choose an airfoil with a low pitching moment. Check out winfoil.com, that is a program designed especially for this. Martin Hepperle has some good airfoils and has done lots of research into this:
http://www.mh-aerotools.de/airfoils/foil_flyingw in gs.htm
Lack of length makes it less sensitive to reflex since it has a shorter arm and therefore smaller moment.
Directional stability is not a problem. Like I said, just get the center of gravity ahead of the aerodynamic center (usually done by putting winglets or other vertical surfaces as far back as possible to move the aerodynamic center for that axis back) and it tracks just fine.
I have never heard of "conic instability" and google search on that phrase with quotes turns up nothing. But I am familiar with the concept of the outer wing flying faster than the inner one causing roll. I experience this in full scale aircraft, especially gliders, all the time. A lot of planes use differential in the aileron throw (outer aileron goes down more causing more drag cancelling the effect) to counter this but then you can get into dutch-rolling which causes the nose to pitch away from the direction of bank when the bank is initiated. Not a big deal, just use rudder to keep it coordinated. And on a high rate turn I often still have to apply a little opposite aileron once the bank is established to keep the bank angle from increasing.
You could only track down and imprison those running freenet nodes. Finding out who inserted or who requested any one particular piece of data is designed to be impossible. In practice it is theoretically possible if one took control of enough freenet nodes but that would be pretty difficult.
That won't do a thing. Freenet is designed to be run on the local box and the client talks to freenet on localhost:8481. The freenet client port is just that: For clients. Which normally run on the local system. The freenet node protocol runs on random ports and is encrypted.
I have tried like heck to get Rekall working to no avail. With much effort I have twice gotten it to completely compile (once on debian and once on a RedHat system) and both times it comes up with an empty palatte and a Help menu pulldown at the top and nothing else. I'm not sure what went wrong but I would sure love to get this thing working because I could really use it. If anyone has any tips please email me or reply here.
If every user or at least every server had a key and we all signed each others keys creating a web of trust and only accepted signed and trusted mail the spam problem would be solved. I really dislike the way SSL certificates are handed out. A central CA is a very bad idea due to the cost and browser lock-in issues etc. With GPG and web of trust if you want to run a mail server you need to talk to a friend who is already running one and get them to sign your key. Perhaps we could even use DNS to propagate and cache the keys and sigs. If you sign a key that turns out to be a spammer you better revoke that signature fast before the person upstreeam from you revokes yours. Problem solved. Now if only we could get the big guys to go along with it...
Steve from Debian Security Audit project says this occurred due to a password goofup so this doesn't necessarily apply here but it easily could have:
Machine as important as these should be running some sort of Mandatory Access Control system like SE Linux. I have done an evaluation of all of the root exploits I could find over the last few years and SE Linux would have prevented every one of them because the MAC system prevents unauthorized priviledge escalations. You can test drive my SE Linux box by telnetting (not ssh) to selinux.copilotconsulting.com with user root and password root.
Because Python isn't Java. All of the Python apps I have used were fast and worked well. I can't say the same of Java apps.:(
However, freenet really does have the potential to be faster than bittorrent due to the way it caches more popular data closer to where the demand is and distributes the load over a great many more systems.
Slashdot Mirror
And here are the email addresses of the lowlifes responsible for this show:
jeff@debateshow.com
erika@debateshow.com
Email them and give them a piece of your mind. Maybe if they get enough email they won't be able to communicate with other victims.
...and benchmarks. We all know by now how this works. In my particular, unique, case I only have two real-world applications for java. Freenet (http://www.freenetproject.org) and Invisible Internet Project (http://www.i2p.net) It is by coincidence they are both written in java. They are both incredibly cpu and memory intensive. They both have native jni add-ons to speed things up and these native implementations are often many times faster. I suspect the cases where native is much faster still greatly outnumber the few instances where java is faster.
More like "we don't know about condoms". Children are an STD.
I just hacked up a script that will port scan their IP space in just the right port/ip/time pattern to form the goatse guy in all of his 3-d glory rendering this security tool useless because people will refuse to look at it. If that doesn't deter them I'll hit 'em with tubgirl. They'll be able to rotate it in 3-d and see the whole stream suspended in mid-air and everything. My next task is to hit them with successive animated images so if they play it back fast enough they can see the cavern opening and closing or the cascade flowing.
You are right but only to a certain degree. Of course one has to keep up on security patches because no software is perfect (except qmail which has never had an exploit in the many years I've been using it) but it is a lot easier to keep up on security when your CMS doesn't have a fatal exploit every other day. I seriously considered phpnuke but experimented with postnuke on the advice of friends. I found that even postnuke, while supposedly more secure, just wasn't as flexible or easy to use as I would like. I am now playing with zope/plone and I am very impressed. I've known about it for years but never really played with it. Now I have pretty much decided to move all of my sites over to this system.
Debian is really maginalizing itself. I was a debian user for about 6 months. I had been using Linux for nearly 10 years prior so I wasn't averse to learning a new system, compiling stuff by hand, etc. But debian stable is just so far out of date, the installar is just so hideous and painful to use, and the new stuff seemed so far off I jumped ship to Fedora as soon as I realized that it had the single best feature of debian: apt-get (I use yum actually but the effect is the same). But now that this news has come to light I am very glad I jumped ship when I did. My company could never have put up with such a slow and unreliable release schedule. And removing non-free bits of microcode from the kernel is really going to hurt hardware support. Sure, you will probably be able to download them from non-free during or after install and everyone will so we don't really gain any more freedom and we further complicate the already painful install process. Debian is quickly becoming the dinosaur of Linux distributions and is pulling an RMS and hurting the cause of Free Software by marginalizing itself with extremism such that no serious users or organisations will want to be associated with it.
I'm still wondering whether this is an April Fools joke or not but if it isn't: We still REALLY need to find a way to get everyone to use GPG/PGP. With proper mailer support it is trivially easy. Joe Sixpack can do it and he won't even know he is doing it. If we all encrypted our mail google wouldn't be able to do a thing with it. Plus it wouldn't compress at all which would probably hose them up somewhere.
I have written up a blurb on why we should sign/encrypt here.
And she has done so for years. She isn't a computer geek. Never a virus or other problem with the Linux box in all this time. Every couple years I stop by and upgrade the thing with the latest and greatest RedHat. Next time it'll be Fedora. Here's a blurb I wrote up about it way back when.
I read that story in high school. It wasn't "Brave New World". Very good story though.
True but we need to trust the individuals in so many other cases that we may as well do it here too. A public key infrastructure is so useful in so many areas. Technical proficiency really isn't a problem as the MUA can automate just about everything. Stolen keys are not a problem. This is why keys are encrypted with a symmetric cipher so you have to enter your password to unlock it. If the key really is stolen just tell your MUA and it will issue the revocation key it generated when it generated the key for you in the first place. The individuals would handle key checking themselves, this is probably the most complicated part. Have your pal come over to your machine, say "yep, that's my key" and then click sign it if you know him or look at his ID if you don't. The chain is unlikely to be 100 or 1000 keys long. 6 degrees of separation etc and orkut and friendster etc have shown us this works. It won't take long at all to verify keys if you cache the results. It could take several minutes (at worst) the first time but then a fraction of a second each time after that. The PGP/GPG/crypto guys are quite smart and have thought of all of this.
It's not overkill. It's just not a band-aid. It is very useful in all kinds of areas from email to verifying downloads are good and trustworthy to verifying webpages etc. We need a universal PKI.
And if you are at all concerned about the security of your box you should take a look at SE Linux
...are still the only real solution to the issue of trust, reputation, and accountability on the Internet. We need it for so many other things in addition to guaranteeing email legitimacy.
If every user or at least every server had a key and we all signed each others keys creating a web of trust and only accepted signed and trusted mail the spam problem would be solved. I really dislike the way SSL certificates are handed out. A central CA is a very bad idea due to the cost and browser lock-in issues etc. With GPG and web of trust if you want to run a mail server you need to talk to a friend who is already running one and get them to sign your key. Perhaps we could even use DNS to propagate and cache the keys and sigs. If you sign a key that turns out to be a spammer you better revoke that signature fast before the person upstreeam from you revokes yours. Problem solved. Now if only we could get the big guys to go along with it...
eh...the size of the restricted area doesn't mean anything. I am a pilot and have flown my plane straight through R-2501 on a number of occasions. Sometimes at fairly low altitude. Certainly low enough to get some very good pics.
Actually, small model jet engines aren't that loud at all. I have not actually flown one myself but I have stood next to one as it was started and flown and it was pretty bearable. No louder than the glow fuel powered planes really. I've got a video around here somewhere...
It is impossible to just look at the model and say it won't fly. You need to know where the CG is. I have model planes in my garage that are stranger looking that DO fly.
I have flown flying wings and both of the above assessments are off. Just put the cg ahead of the aerodynamic center on each axis and they are perfectly stable, just like any aircraft. Pitch stability is a matter of having the cg in front of the aerodynamic center. Nothing to do with the reflex of the trailing edge. That reflex is there due to the pitching moment of the airfoil. For a flying wing you want to choose an airfoil with a low pitching moment. Check out winfoil.com, that is a program designed especially for this. Martin Hepperle has some good airfoils and has done lots of research into this:
w in gs.htm
http://www.mh-aerotools.de/airfoils/foil_flying
Lack of length makes it less sensitive to reflex since it has a shorter arm and therefore smaller moment.
Directional stability is not a problem. Like I said, just get the center of gravity ahead of the aerodynamic center (usually done by putting winglets or other vertical surfaces as far back as possible to move the aerodynamic center for that axis back) and it tracks just fine.
I have never heard of "conic instability" and google search on that phrase with quotes turns up nothing. But I am familiar with the concept of the outer wing flying faster than the inner one causing roll. I experience this in full scale aircraft, especially gliders, all the time. A lot of planes use differential in the aileron throw (outer aileron goes down more causing more drag cancelling the effect) to counter this but then you can get into dutch-rolling which causes the nose to pitch away from the direction of bank when the bank is initiated. Not a big deal, just use rudder to keep it coordinated. And on a high rate turn I often still have to apply a little opposite aileron once the bank is established to keep the bank angle from increasing.
You could only track down and imprison those running freenet nodes. Finding out who inserted or who requested any one particular piece of data is designed to be impossible. In practice it is theoretically possible if one took control of enough freenet nodes but that would be pretty difficult.
Hope they are prepared to reject anything that looks encrypted. SSL, ssh, VPN protocols...
That won't do a thing. Freenet is designed to be run on the local box and the client talks to freenet on localhost:8481. The freenet client port is just that: For clients. Which normally run on the local system. The freenet node protocol runs on random ports and is encrypted.
Good luck on firewalling freenet specifically. It is encrypted and on random ports.
I think I would call my planet sized computer "Deep Thought" or perhaps even "Earth".
I have tried like heck to get Rekall working to no avail. With much effort I have twice gotten it to completely compile (once on debian and once on a RedHat system) and both times it comes up with an empty palatte and a Help menu pulldown at the top and nothing else. I'm not sure what went wrong but I would sure love to get this thing working because I could really use it. If anyone has any tips please email me or reply here.
If every user or at least every server had a key and we all signed each others keys creating a web of trust and only accepted signed and trusted mail the spam problem would be solved. I really dislike the way SSL certificates are handed out. A central CA is a very bad idea due to the cost and browser lock-in issues etc. With GPG and web of trust if you want to run a mail server you need to talk to a friend who is already running one and get them to sign your key. Perhaps we could even use DNS to propagate and cache the keys and sigs. If you sign a key that turns out to be a spammer you better revoke that signature fast before the person upstreeam from you revokes yours. Problem solved. Now if only we could get the big guys to go along with it...
Steve from Debian Security Audit project says this occurred due to a password goofup so this doesn't necessarily apply here but it easily could have:
Machine as important as these should be running some sort of Mandatory Access Control system like SE Linux. I have done an evaluation of all of the root exploits I could find over the last few years and SE Linux would have prevented every one of them because the MAC system prevents unauthorized priviledge escalations. You can test drive my SE Linux box by telnetting (not ssh) to selinux.copilotconsulting.com with user root and password root.
Because Python isn't Java. All of the Python apps I have used were fast and worked well. I can't say the same of Java apps. :(
However, freenet really does have the potential to be faster than bittorrent due to the way it caches more popular data closer to where the demand is and distributes the load over a great many more systems.