Most modern systems come with shadow passwords enabled out of the box, although if you're running a less security-conscious system you may need to run some command like pwconv or whatever the above poster is referring to. Check your vendor's documentation for details on this issue.
An even better solution, however, is to get rid of passwords altogether! Be even safer, still. As other posters have pointed out, the only way in to your machine should be via ssh (1.2.27) and in using ssh you'll have the opportunity to use RSA Authentication. A hacker can't crack a password that doesn't exist!
I apologize for any perceived vagueness in the original announcment from distributed.net. We all basically felt that a broad and more general treatment of the issue was the most appropriate tack to take in the initial announcement. It was very important to us to ensure that people realize that this divergance was amicable, friendly, and desired by all parties. To dwell too much on the specifics of the difference of opinion might be misinterpreted as drawing lines in the sand or bashing.
While the actual issues are simple, they are fundamental; the difference of opinion between Adam and distributed.net is more related to development philosophies than it is to our respective visions. We are both still striving towards a next-generation, general purpose distributed computing protocol and implementation.
Adam sees Cosm as very much his personal invention, and he wants to see his vision implemented. We are more interested in exploring in the direction of a more open development environment. Trying to co-mingle those two philosophies was difficult and ultimately damaging to the organization.
Open-source is the holy grail of distributed computing and is arguably the single greatest task lying ahead of us. It also makes sense for this task to be the first we tackle as we move forward. I would say that it is by far the most compelling and desirable goal we've laid out.
The move from our sub-optimal "security through obscurity" model (which was never intended to last as long as it has) to an open source model is not really an issue of just slapping on some "extra security", however. The concept of trusting work performed by untrusted code is the sticky-wicket of distributed computing. Zero-Knowledge Proofs, as treated to date, don't entirely address the issue in a compelling and aesthetic manner.
I'm not sure anyone knows quite the best way to approach this problem, and it is our hope that by encouraging discourse and open development we can, as a group, hone in on the most appropriate choice for our various applications.
Believe me, though, when I tell you not to read anything at all into the fact that we have been closed source to date. This does not imply any loyalty to closed-source or closed development. We are all very committed to solving this dilemma and we always have been.
It has been very difficult for distributed.net, as an entity, to agree upon and convey a common and compelling focus when internally this was not the case. Unfortunately, much of our energy lately has been spent trying to reconcile two distinct and at-odds design philosophies.
Ultimately we all decided that it was no longer prudent to try to come to an agreement and thus the decision followed that Adam and distributed.net should each proceed in their own desired direction.
On a technology front, distributed.net's goals are to utilize a truly open development environment to develop the next generation of distributed computing client and server. We are committed to moving our codebase beyond the ultimately indefensible closed-source model and to an open source codebase. Not open implementation, but truly open development. distributed.net needs to begin living up to its name and distributing not only our client base but our brain trust as well.
On an organizational front, our goals are unchanged. We seek to be the central standard for distributed computing. To continue to grow exponentially and expose as many people as possible to the concept of distributed computing and encourage them to become involved in the group. We wish to be the bar against which all distributed computing efforts are compared.
Are you quite finished filling O'Reilly's mouth with words? It sure looks like you've allowed your prejudices to colour your judgement on what is a very innocuous statement to the press.
While I wouldn't dream of trying to speak for Mr. O'Reilly, did you consider that perhaps his opening statement was merely an attempt to diffuse a potential damaging tone for the article?
Any reporter calling up O'Reilly or RMS or ESR and asking a question as baited as "focus on how you disagree" is just a few short hops away from a headline like "FREE SOFTWARE COMMUNITY HOPELESSLY DIVIDED" or "PHILOSOPHICAL DISPUTES TO BE THE DOWNFALL OF FREE SOFTWARE?"
Personal conflicts always make for good stories, I'm sure, and it's a very fine line that these guys have to walk with the press.
As much as we may try to make this a personal struggle between icons, it's not, and I think it's absurd to try to fault O'Reilly for keeping the discussion in the appropriate arena.
And for the record, I think his statement is quite accurate. Their beliefs are not as dissimilar as some here would make them out to be.
Anyone silly enough to toss out an arbitrary "adding a processor will only yield [foo]%" is obviously overlooking most (if not all) of the factors involved.
What you're doing has far more impact on the potential benefit of more cpus than anything else.
The cracking boards themselves aren't smart enough to be considered as running an "OS". They simply receive keyspace/contest parameter directives and crack away. The "controlling" machine is, indeed, running Linux. This is different from the DES-II-2 contest where the controlling machine was a Windows box.
Slashdot Mirror
Most modern systems come with shadow passwords enabled out of the box, although if you're running a less security-conscious system you may need to run some command like pwconv or whatever the above poster is referring to. Check your vendor's documentation for details on this issue.
An even better solution, however, is to get rid of passwords altogether! Be even safer, still. As other posters have pointed out, the only way in to your machine should be via ssh (1.2.27) and in using ssh you'll have the opportunity to use RSA Authentication. A hacker can't crack a password that doesn't exist!
I apologize for any perceived vagueness in the original announcment from distributed.net. We all basically felt that a broad and more general treatment of the issue was the most appropriate tack to take in the initial announcement. It was very important to us to ensure that people realize that this divergance was amicable, friendly, and desired by all parties. To dwell too much on the specifics of the difference of opinion might be misinterpreted as drawing lines in the sand or bashing.
While the actual issues are simple, they are fundamental; the difference of opinion between Adam and distributed.net is more related to development philosophies than it is to our respective visions. We are both still striving towards a next-generation, general purpose distributed computing protocol and implementation.
Adam sees Cosm as very much his personal invention, and he wants to see his vision implemented. We are more interested in exploring in the direction of a more open development environment. Trying to co-mingle those two philosophies was difficult and ultimately damaging to the organization.
Open-source is the holy grail of distributed computing and is arguably the single greatest task lying ahead of us. It also makes sense for this task to be the first we tackle as we move forward.
I would say that it is by far the most compelling and desirable goal we've laid out.
The move from our sub-optimal "security through obscurity" model (which was never intended to last as long as it has) to an open source model is not really an issue of just slapping on some "extra security", however. The concept of trusting work performed by untrusted code is the sticky-wicket of distributed computing. Zero-Knowledge Proofs, as treated to date, don't entirely address the issue in a compelling and aesthetic manner.
I'm not sure anyone knows quite the best way to approach this problem, and it is our hope that by encouraging discourse and open development we can, as a group, hone in on the most appropriate choice for our various applications.
Believe me, though, when I tell you not to read anything at all into the fact that we have been closed source to date. This does not imply any loyalty to closed-source or closed development. We are all very committed to solving this dilemma and we always have been.
It has been very difficult for distributed.net, as an entity, to agree upon and convey a common and compelling focus when internally this was not the case. Unfortunately, much of our energy lately has been spent trying to reconcile two distinct and at-odds design philosophies.
Ultimately we all decided that it was no longer prudent to try to come to an agreement and thus the decision followed that Adam and distributed.net should each proceed in their own desired direction.
On a technology front, distributed.net's goals are to utilize a truly open development environment to develop the next generation of distributed computing client and server. We are committed to moving our codebase beyond the ultimately indefensible closed-source model and to an open source codebase. Not open implementation, but truly open development. distributed.net needs to begin living up to its name and distributing not only our client base but our brain trust as well.
On an organizational front, our goals are unchanged. We seek to be the central standard for distributed computing. To continue to grow exponentially and expose as many people as possible to the concept of distributed computing and encourage them to become involved in the group. We wish to be the bar against which all distributed computing efforts are
compared.
Are you quite finished filling O'Reilly's mouth with words? It sure looks like you've allowed your prejudices to colour your judgement on what is a very innocuous statement to the press.
While I wouldn't dream of trying to speak for Mr. O'Reilly, did you consider that perhaps his opening statement was merely an attempt to diffuse a potential damaging tone for the article?
Any reporter calling up O'Reilly or RMS or ESR and asking a question as baited as "focus on how you disagree" is just a few short hops away from a headline like "FREE SOFTWARE COMMUNITY HOPELESSLY DIVIDED" or "PHILOSOPHICAL DISPUTES TO BE THE DOWNFALL OF FREE SOFTWARE?"
Personal conflicts always make for good stories, I'm sure, and it's a very fine line that these guys have to walk with the press.
As much as we may try to make this a personal struggle between icons, it's not, and I think it's absurd to try to fault O'Reilly for keeping the discussion in the appropriate arena.
And for the record, I think his statement is quite accurate. Their beliefs are not as dissimilar as some here would make them out to be.
Anyone silly enough to toss out an arbitrary "adding a processor will only yield [foo]%" is obviously overlooking most (if not all) of the factors involved.
What you're doing has far more impact on the potential benefit of more cpus than anything else.
You used to be annoying, now you're just amusing.