and on what planet do you not have to fuck with drivers ?
Clearly you have never used Mac OS X.
Or linux. I haven't "fucked with drivers" in years on my linux machine and I add new hardware all the time. Plug in a new PCMCIA WiFI card and it's up and running, with an IP, in under a second. Plug in a random USB harddrive enclosure and a new icon appears on the desktop allowing me to mount it and browse it right away. Want some new software? I don't have to go to the store or poke around on download.com. I type "apt-get install" followed by the name of the software at a prompt and it's on my machine in a minute or two, all set up, with sane defaults for everything.
Years ago, I'll admit, Linux was a pain to use. Modprobing drivers and looking up X configs on the internet wasted quite a bit of time. But recently, I hear all these OS-X people oohing and aahing over the fact that they no longer have to fight their OS (since OS9 and below was more of a mess than linux ever was) and I just think "good for you. Welcome to where linux has been for over a year"
No, they can't charge for it: Netscape pioneered the tradition of free browsers (we were all educational users), and it's ingrained in people's minds.
Umm, not really. Netscape up until 4.7 was always a non-free browser. Microsoft was the one that came out with the free browser designed to squash Netscape. Netscape was forced to give their browser away to compete, but then MS bundled IE with Windows and Netscape lost their entire userbase.
since he was just using a software package that he downloaded at Phynd.net, I'm not sure that "selling" the software would be much of an incentive to donate. A better idea would be for more people to run a phynd like service on their networks, to give the RIAA too many targets to sue.
. If Mozilla would create context menus for it's bookmarks (favorites) where I could right-click and delete or rename them, I'd use it a LOT more often
Phoenix/Firebird does this. Firebird's bookmark handling (such as drag-n-drop bookmarking of urls to subdirectories in my bookmarks menu) is the main reason that I use that now instead of mozilla.
your "question" seemed fairly retorical to me, because you assert in the very next sentence that the answer is yes.
"but technically, was not the data passing through HIS machine? He was not merely indexing and pointing users to the files"
What's more, I have heard of SMB and use the Windows path method frequently, but there are many probems with that since older versions of windows cannot reliably access fileshares outside of their LAN and/or workgroup, so my question made some sense.
but the system isn't for access by users outside of the RPI MAN (RPI's network is too large to be considered a local network, it's closer to a metropolitan area network)
Secondly, even given the fact that it's merely linking, it's not "exactly" like google. In fact, it's very different than google in a number of respects:
A) Most of google's indexed content is not pirated. People publish data of all kinds on webpages--the same cannot be said for these fileshares (few users have actual data files that they wish to share and fewer still have sensible names by which they be reasonably located with).
so you're saying most of the content on RPI's network is pirated? this is a questionable assertion, one that i wouldn't agree with. by volume, possibly, but that includes the 400 duplicate copies of the latest block-buster movie in divx form. however, there is probably more unique, unpirated content on the network than unique, pirated content. having actually used this network for the past 4 years, i'm probably on better standing to be making such assertions than you.
B) Most of google's searches and search results are not related to piracy--this is a demonstrable fact whereas RIAA, at least, asserted in their complaint that these same student sites kept stats that indicated otherwise.
I have yet to see such statistics. The statistics published at phynd.chewplastic.com were by file type, not based on search strings or strings found in the database. there are tons of non-infringing uses for files (such as.mp3,.avi or.exe) commonly associated with piracy.
C) Millions of people use Google every day in distinctly and highly useful ways.
thousands of people used phynd or celery (the other RPI campus search engine) for useful purposes, but i fail to see how the number of users relate to the legitimacy of a system.
D) The resources that google provides links to are almost always easily browsable by those same users, albeit a little more slowly. Given the slowness of browsing SMB shares over a WAN environment and the lack of crosslinking and the lack of broadcast solicitation and/or domain controller data--the situation is very different.
WAN connections? RPI's network is connected via gigabit fiber backbone and 100 megabit copper branches. Sure, it can be "sluggish" (500K/sec with sub-100ms latency) at times, but it's fairly useable for browsing SMB shares and occasionally grabbing a file. the "lack of crosslinking" is basically inherent in anything not HTML, which includes various file types indexed by google, including images,.pdf and MS Office formats, and newsgroup messages. by "domain controller", i'll assume you meant "Browse master", as this is the correct term for the machine elected to hold the index of a particular workgroup for non-domain based SMB networks. regardless, this brings up an interesting point that i failed to mention; search engines like this can help you locate your computer when the name is not resolvable from across campus. the phynd and celery search engines produced links to machines by IP, not by NetBIOS name.
The fact still remains that without Phynd and progams like it, internet users would never have been able to locate more than a handful of those shares without exhaustively bruce forcing IP addresses, probing each
What a strange idea... I suppose for some, super-high-security systems, keeping users from running any of their own binaries is useful, but it utterly nullifies one of the UNIX model's major advantages, namely that users can install and run their own applications.
umm.. super-high-security systems like your average single-user desktop. i can see your average user installing things via RPM or apt when they need them, but installing them from source (and modifying the prefix to ~/bin/)? that's well above their heads.
Because I use a few alternative applications, almost no system that I use is going to have everything I want installed. I can pester the admin, or I can just build a copy and put it in $HOME/bin.
why wouldn't you just install them yourself? we're talking about single-user desktop systems, remember? eg. you are the admin. sure, for multi-user remote-login systems, it makes very little sense for/home to be mounted un-executable, but that's not what we're talking about here.
Besides, anyone who's really determined can just write their malicious code in an interpreted language and then do "/usr/bin/perl < badprog.pl".
umm.. and they're going to tell konqueror/nautilus or the person's email program to run it like that how? maybe they'll just have instructions to download the program, move it to/root, chmod +x it and run it as root. that'll make a great virus. sorta like the joke "set your sig to this string, then type rm -rf / as root" honor-system viruses that went around as jokes a few years ago.
The student interviewed in CNN (linked in the article) was punished for creating a search tool that was used by other students to search for data, including... MP3s...
except he didn't create it either. he was simply running software that was created by another RPI student (Sam Hopewell) nearly 5 years before this kid came to the school. the software is currently maintained by another RPI alumni (see phynd.net). the person interviewed on CNN was being sued for running the engine, not creating it. of course, he still doesn't control what people use the engine for. much of it's use is for legitimate, non-infringing activities.
Maybe I'm just naive here... but technically, was not the data passing through HIS machine? He was not merely indexing and pointing users to the files, he was actually the download point (how else would outside users access smb shares in their web browsers?)--acting as an HTTP proxy to fetch SMB data
not naive, just totally and completely wrong. clearly you've never heard of a file:// or smb:// link and local samba networking, but they allow your machine to access the content over smb directly. the phynd system is exactly like google, it just provides an index of content that people already had access to. he doesn't have logs beyond those of what people search for and he has no way of telling which file people downloaded after searching through his site. get a damn clue before spouting off stupidity like this.
File trading doesn't neccessarily mean sharing or trading MP3s.
Oh, puh-LEASE! What "files" are people talking about when they talk about file "sharing?"
at RPI, mostly porn. when you go to a school with a male:female ratio of 5:1, you end up with a network with well over 2 TB of porn.
Name a popular RIAA member artist that condones their music being ripped off their CD and freely traded on P2P networks. I'm not talking about concert bootlegs or limited samples, I'm talking about direct CD rips.
umm.. why are you instantly discounting concert recordings here? i get a lot of phish concerts through RPI's search engines, and they're either in.shn,.mp3 or.ogg format. they're also perfectly legal. there are tons of artists that encourage the trading of mp3's or cd images of their latest concert, and there's really a huge demand for those recordings. sure, they're not as popular as the top-40 stuff, but it's a very legitimate use for file sharing systems.
The execute permission doesnt affect your ability to run scripts.
well, you can still do "/bin/sh file.sh" or something like that but you can't run the script directly, which means that it won't run by double clicking it, and it won't run out of your email program. A buffer overflow in a stack smash attack can still fork a shell, the no-execute mount of the filesystem is just a PITA for the users, not the attackers.
worms smash stacks (although this is now nullified with recent changes to 2.5) not viruses. the execute protection doesn't help against a worm, but a properly set up (firewalled) desktop system shouldn't be attacked by a worm anyway. properly protected firewalled-by-default systems only need to worry about user error allowing a virus on the system, and the execute protection effectivley stops viruses.
Very few local->root exploits rely upon the ability to create exec'able files.
i fail to see what difference this makes on a single user desktop operating system. in theory, every local user on a desktop machine has the ability to get root after typing in their password, so that they can safely install applications or make system-wide changes. in a corporate environment, a malicious employee can only take down their own machine, they can't send a virus to everyone in their dept. taking down everyone elses systems in the process.
The problem isn't security, it's executable content. As long as executable content is never offered in any popular email program (or search-for-ET screensaver) in Linux, we're safe.
actually, the latest version of SuSE ships with executable permission _off_ on any user writable partition. this means that unless the system administrator installed the application system-wide, it can't be run. this almost completely nullifies the virus issue. hopefully other distros will follow SuSE's lead on this point and make this a standard setting on desktop distributions.
DJB wrote: Local IPv6 addresses don't offer any advantages over 10.* IPv4 addresses.
they do, though. having true end-to-end communication means that peer to peer applications like voice over IP or BitTorrent actually work.
It also means that users on larger networks are actually accountable. if you have a way of uniquely identifying a machine from outside the network, abuse complaints actually mean something. if the secret service comes knocking on a network admin's door complaining about threats being sent from your network to president@whitehouse.gov you can't say "oh, we don't have any way of knowing which user sent that mail, because it didn't go through our mail server and all 5,000 machines on this network connect to the internet through the same IP address." chances are that you aren't logging every connection that goes through your nat gateway, and so your basically stuck holding the ball on that one.
Global IPv6 addresses don't work. Most client computers around the Internet can't talk to a server on a global IPv6 address, and most server computers around the Internet can't talk to a client on a global IPv6 address.
of course they do. every host in my home network has a globally routable ipv6 address (thanks to hurricane electric's tunnelbroker.net) and i can reach hosts at my colo provider that are set up via freenet6. i can also reach hosts at my school that are directly connected to the ipv6 backbone via nysernet.
All the operating systems I use have been claiming ``IPv6 support'' for years. But they still require manual action by the system administrator before they can talk to IPv6 addresses.
no they don't. radvd is like dhcpd on steroids. if your hosts are ipv6 capable, start up radvd on your ipv6 connected router and within seconds every one of them will have their own globally unique, routable ipv6 address.
(All of this boils down to a small protocol design error in IPv6. A small change to IPv6 software would make IPv6 addresses work without any administrator action. I have a web page, http://cr.yp.to/djbdns/ipv6mess.html [cr.yp.to], explaining this in much more detail.)
this page basically says two (false) things.
1) you can't use ipv6 and ipv4 at the same time, so if you switch to ipv6 now you can't reach 99.9% of the internet.
this is blatently false and you know it. ipv6 and ipv4 can co-exist on the same machine very well. on my ipv6 enabled network, every host has an ipv4 address from 10.0.0.0/8 and an ipv6 address from 2001:470:1f00:321::/64. my machines try to look up AAAA records on hosts first, and if one exists they try to connect to that ipv6 IP. if no AAAA record exists, or the host is unreachable via ipv6, the machine falls back to ipv4, looks up a host, and connects.
2) it takes a massive amount of work to convert all applications over to ipv6 and no one has even started on such a task.
this one is even more confusing. i've got ipv6 enabled apache, ipv6 enabled qmail, ipv6 enabled djbdns, ipv6 enabled mozilla/phoenix, ipv6 enabled xchat, ipv6 enabled internet explorer, etc. all of these applications on every modern OS have all been written to use ipv6 first, then fall back on ipv4.
Unfortunately some web development clients only understand FTP and can't use sftp.
I assume you're referring to applications such as Dreamweaver/Frontpage/Composer.
actually, the latest version of dreamweaver, "MX", comes with putty's sftp client to handle sftp connections. it works with all the built-in file managment stuff in dreamweaver.
BSD is for people who love UNIX. Linux is for those who hate Microsoft.
i've heard this from a lot of people who use BSD, which makes me wonder, shouldn't this be "Linux is for people who love UNIX, BSD is for those who hate Linux" ? In my experience it seems that people who use BSD do nothing but badmouth Linux, and then accuse linux users of doing nothing but badmouthing microsoft (which most linux users don't do.)
The Mazda RX-8 is based on a new rotary design, and appears to be a rather powerful and reliable engine with lots of praise.
the entire RX line is based on a rotary engine (hence the 'R'.) The RX-7, which preceded the RX-8 was one hell of a fast car, and they were fairly reliable. The main problem was getting a mechanic who _could_ work on them, since most mechanics don't have experience with rotary engines.
I think I am biased against flash since Flash as a video delivery tool is like requiring an extra plugin to view something that should be handled by the video plugin in the first place.
I have nothing but flash 6 for linux installed on my browser here and i was able to play the video. no quicktime, windows media or any other video plugin needed.
BUT more importantly, Flash does not stream video easily unless it is from the flash server.
once again, i believe you are mistaken. I mirrored the flash file, and i was able to stream it off my apache server with no flash server extentions.
All we're doing is watching video right? Use a video plugin.
except name another video plugin that works well under linux. i've heard i can embed mplayer, but i have never gotten that to work.
By defualt on windows up to 2k (have not tried with xp) this is open.*everything* is shared by defualt. True, you still need to login *but* most people leave administrator's password blank...
i hate to defend microsoft when it comes to security, but you're making us all look bad with these stupid claims. the $c $d etc. shares are enabled by default, but you need an administrator account to get in *and* that administrator account needs a password. if the person running the machine is a click+drool newbie and they didn't set a password, no one can log into that share.
Bug fixes and other contributions to open source software are in and of themselves valuable, but creating them will always be an expense to companies.
actually, the article talks about exactly this.
What's the payoff? It makes for better software. "If we find a bug or a problem, we're interested in fixing that problem. We're also interested in not fixing it again in the next version," explains Robert M. Lefkowitz, director of open-source strategy at Merrill Lynch & Co. in New York.
contributing to open source projects ends up costing these companies less, because they don't need to maintain an internal version of the software.
4 kids (or ringleaders of groups of kids, I guess) managed to get 652,000 songs together, with no dupes, live music, legal MP3s, or any original recording by themselves?
you've got your facts a bit messed up, but it's not really your fault. let me clarify.
1) the students ran search engines, not actual systems that contained the files, so the file counts are for every machine at a given campus.
2) the MTU student alone indexed 652,000 files, not songs. between the 4 students (3 schools) there were over 2.5 Million files, MTU being the smallest cache of files, RPI being the largest with over 1 Million.
3) not all of the files were songs. i know that most of the data on RPI's network is porn or Divx movies.
4) the total file sizes weren't given, but i know that RPI's 1 Million files totals out to a bit over 8 TB, which isn't all that much per file, but it's more than your 3 MB.
5) most of the content is duplicated across many machines. 1 Million files at RPI is probably somewhere around 200,000 unique files
i go to RPI, and i know both the students here that were sued. one of them wrote a win32 front end to the web based search engine operated by the other student.
the web based search engine, phynd (http://www.phynd.net/) was written originally about 5 years ago by a student at RPI to scan SMB networks. the original author has since graduated, and the 3rd generation of phynd admins was the one sued. the win32 front end "flatlan" (http://www.flatlan.com/, currently slashdotted, i guess) was written by a current student at RPI.
I've noted several complaints about smooth scrolling in IE, but seriously, what's the complaint?
i was never aware that "smooth scrolling" was a feature in IE, i always assumed it was the fact that IE couldn't render HTML well. basically, when you scroll a large page under IE it's very jumpy, and you end up with huge white blocks waiting for text to render. under mozilla, you scroll one line at a time, making it possible to read text as you move down the page.
i really loved mozilla 1.2 and before, but mozilla 1.3 disgusts me so much that i won't touch 1.4 for quite a while. i'm currently using phoenix 0.5, based on mozilla 1.2 and i'm pretty happy with it. mozilla 1.3 seems to just give up on about 95% of the pages i attempt to visit (showing me a blank page), the fonts are absolutely horrible, and apparently now we need to deal with jumpy^H^H^H^H^Hsmooth scrolling? wonderful.
I just want to know why the fuck everyone thinks I was talking about Linux.
you complained that it "worked best" under windows, which is completely untrue. it would make sense that if windows was a problem for you, you were likely using linux.
what were you talking about? mozilla under windows? mozilla under macOS ?
I've got a Hurricane Electric tunnel, and i'm pretty happy with it as well. i've had connections running through it for a few weeks with no disconnections. the one thing that i really like about Hurricane electric is that once your tunnel is approved, they give you a cut and pasteable set of commands to get your tunnel running with all your IP and subnet information already in it. the freenet6 setup is fairly complicated compared to he.net
Slashdot Mirror
and on what planet do you not have to fuck with drivers ?
Clearly you have never used Mac OS X.
Or linux. I haven't "fucked with drivers" in years on my linux machine and I add new hardware all the time. Plug in a new PCMCIA WiFI card and it's up and running, with an IP, in under a second. Plug in a random USB harddrive enclosure and a new icon appears on the desktop allowing me to mount it and browse it right away. Want some new software? I don't have to go to the store or poke around on download.com. I type "apt-get install" followed by the name of the software at a prompt and it's on my machine in a minute or two, all set up, with sane defaults for everything.
Years ago, I'll admit, Linux was a pain to use. Modprobing drivers and looking up X configs on the internet wasted quite a bit of time. But recently, I hear all these OS-X people oohing and aahing over the fact that they no longer have to fight their OS (since OS9 and below was more of a mess than linux ever was) and I just think "good for you. Welcome to where linux has been for over a year"
No, they can't charge for it: Netscape pioneered the tradition of free browsers (we were all educational users), and it's ingrained in people's minds.
Umm, not really. Netscape up until 4.7 was always a non-free browser. Microsoft was the one that came out with the free browser designed to squash Netscape. Netscape was forced to give their browser away to compete, but then MS bundled IE with Windows and Netscape lost their entire userbase.
since he was just using a software package that he downloaded at Phynd.net, I'm not sure that "selling" the software would be much of an incentive to donate. A better idea would be for more people to run a phynd like service on their networks, to give the RIAA too many targets to sue.
. If Mozilla would create context menus for it's bookmarks (favorites) where I could right-click and delete or rename them, I'd use it a LOT more often
Phoenix/Firebird does this. Firebird's bookmark handling (such as drag-n-drop bookmarking of urls to subdirectories in my bookmarks menu) is the main reason that I use that now instead of mozilla.
Firstly, I phrased that as a question.
.mp3, .avi or .exe) commonly associated with piracy.
.pdf and MS Office formats, and newsgroup messages. by "domain controller", i'll assume you meant "Browse master", as this is the correct term for the machine elected to hold the index of a particular workgroup for non-domain based SMB networks. regardless, this brings up an interesting point that i failed to mention; search engines like this can help you locate your computer when the name is not resolvable from across campus. the phynd and celery search engines produced links to machines by IP, not by NetBIOS name.
your "question" seemed fairly retorical to me, because you assert in the very next sentence that the answer is yes.
"but technically, was not the data passing through HIS machine? He was not merely indexing and pointing users to the files"
What's more, I have heard of SMB and use the Windows path method frequently, but there are many probems with that since older versions of windows cannot reliably access fileshares outside of their LAN and/or workgroup, so my question made some sense.
but the system isn't for access by users outside of the RPI MAN (RPI's network is too large to be considered a local network, it's closer to a metropolitan area network)
Secondly, even given the fact that it's merely linking, it's not "exactly" like google. In fact, it's very different than google in a number of respects:
A) Most of google's indexed content is not pirated. People publish data of all kinds on webpages--the same cannot be said for these fileshares (few users have actual data files that they wish to share and fewer still have sensible names by which they be reasonably located with).
so you're saying most of the content on RPI's network is pirated? this is a questionable assertion, one that i wouldn't agree with. by volume, possibly, but that includes the 400 duplicate copies of the latest block-buster movie in divx form. however, there is probably more unique, unpirated content on the network than unique, pirated content. having actually used this network for the past 4 years, i'm probably on better standing to be making such assertions than you.
B) Most of google's searches and search results are not related to piracy--this is a demonstrable fact whereas RIAA, at least, asserted in their complaint that these same student sites kept stats that indicated otherwise.
I have yet to see such statistics. The statistics published at phynd.chewplastic.com were by file type, not based on search strings or strings found in the database. there are tons of non-infringing uses for files (such as
C) Millions of people use Google every day in distinctly and highly useful ways.
thousands of people used phynd or celery (the other RPI campus search engine) for useful purposes, but i fail to see how the number of users relate to the legitimacy of a system.
D) The resources that google provides links to are almost always easily browsable by those same users, albeit a little more slowly. Given the slowness of browsing SMB shares over a WAN environment and the lack of crosslinking and the lack of broadcast solicitation and/or domain controller data--the situation is very different.
WAN connections? RPI's network is connected via gigabit fiber backbone and 100 megabit copper branches. Sure, it can be "sluggish" (500K/sec with sub-100ms latency) at times, but it's fairly useable for browsing SMB shares and occasionally grabbing a file. the "lack of crosslinking" is basically inherent in anything not HTML, which includes various file types indexed by google, including images,
The fact still remains that without Phynd and progams like it, internet users would never have been able to locate more than a handful of those shares without exhaustively bruce forcing IP addresses, probing each
What a strange idea... I suppose for some, super-high-security systems, keeping users from running any of their own binaries is useful, but it utterly nullifies one of the UNIX model's major advantages, namely that users can install and run their own applications.
/home to be mounted un-executable, but that's not what we're talking about here.
/root, chmod +x it and run it as root. that'll make a great virus. sorta like the joke "set your sig to this string, then type rm -rf / as root" honor-system viruses that went around as jokes a few years ago.
umm.. super-high-security systems like your average single-user desktop. i can see your average user installing things via RPM or apt when they need them, but installing them from source (and modifying the prefix to ~/bin/)? that's well above their heads.
Because I use a few alternative applications, almost no system that I use is going to have everything I want installed. I can pester the admin, or I can just build a copy and put it in $HOME/bin.
why wouldn't you just install them yourself? we're talking about single-user desktop systems, remember? eg. you are the admin. sure, for multi-user remote-login systems, it makes very little sense for
Besides, anyone who's really determined can just write their malicious code in an interpreted language and then do "/usr/bin/perl < badprog.pl".
umm.. and they're going to tell konqueror/nautilus or the person's email program to run it like that how? maybe they'll just have instructions to download the program, move it to
The student interviewed in CNN (linked in the article) was punished for creating a search tool that was used by other students to search for data, including ... MP3s ...
except he didn't create it either. he was simply running software that was created by another RPI student (Sam Hopewell) nearly 5 years before this kid came to the school. the software is currently maintained by another RPI alumni (see phynd.net). the person interviewed on CNN was being sued for running the engine, not creating it. of course, he still doesn't control what people use the engine for. much of it's use is for legitimate, non-infringing activities.
Maybe I'm just naive here... but technically, was not the data passing through HIS machine? He was not merely indexing and pointing users to the files, he was actually the download point (how else would outside users access smb shares in their web browsers?)--acting as an HTTP proxy to fetch SMB data
not naive, just totally and completely wrong. clearly you've never heard of a file:// or smb:// link and local samba networking, but they allow your machine to access the content over smb directly. the phynd system is exactly like google, it just provides an index of content that people already had access to. he doesn't have logs beyond those of what people search for and he has no way of telling which file people downloaded after searching through his site. get a damn clue before spouting off stupidity like this.
File trading doesn't neccessarily mean sharing or trading MP3s.
.shn, .mp3 or .ogg format. they're also perfectly legal. there are tons of artists that encourage the trading of mp3's or cd images of their latest concert, and there's really a huge demand for those recordings. sure, they're not as popular as the top-40 stuff, but it's a very legitimate use for file sharing systems.
Oh, puh-LEASE! What "files" are people talking about when they talk about file "sharing?"
at RPI, mostly porn. when you go to a school with a male:female ratio of 5:1, you end up with a network with well over 2 TB of porn.
Name a popular RIAA member artist that condones their music being ripped off their CD and freely traded on P2P networks. I'm not talking about concert bootlegs or limited samples, I'm talking about direct CD rips.
umm.. why are you instantly discounting concert recordings here? i get a lot of phish concerts through RPI's search engines, and they're either in
The execute permission doesnt affect your ability to run scripts.
well, you can still do "/bin/sh file.sh" or something like that but you can't run the script directly, which means that it won't run by double clicking it, and it won't run out of your email program.
A buffer overflow in a stack smash attack can still fork a shell, the no-execute mount of the filesystem is just a PITA for the users, not the attackers.
worms smash stacks (although this is now nullified with recent changes to 2.5) not viruses. the execute protection doesn't help against a worm, but a properly set up (firewalled) desktop system shouldn't be attacked by a worm anyway. properly protected firewalled-by-default systems only need to worry about user error allowing a virus on the system, and the execute protection effectivley stops viruses.
Very few local->root exploits rely upon the ability to create exec'able files.
i fail to see what difference this makes on a single user desktop operating system. in theory, every local user on a desktop machine has the ability to get root after typing in their password, so that they can safely install applications or make system-wide changes. in a corporate environment, a malicious employee can only take down their own machine, they can't send a virus to everyone in their dept. taking down everyone elses systems in the process.
The problem isn't security, it's executable content. As long as executable content is never offered in any popular email program (or search-for-ET screensaver) in Linux, we're safe.
actually, the latest version of SuSE ships with executable permission _off_ on any user writable partition. this means that unless the system administrator installed the application system-wide, it can't be run. this almost completely nullifies the virus issue. hopefully other distros will follow SuSE's lead on this point and make this a standard setting on desktop distributions.
DJB wrote:
Local IPv6 addresses don't offer any advantages over 10.* IPv4 addresses.
they do, though. having true end-to-end communication means that peer to peer applications like voice over IP or BitTorrent actually work.
It also means that users on larger networks are actually accountable. if you have a way of uniquely identifying a machine from outside the network, abuse complaints actually mean something. if the secret service comes knocking on a network admin's door complaining about threats being sent from your network to president@whitehouse.gov you can't say "oh, we don't have any way of knowing which user sent that mail, because it didn't go through our mail server and all 5,000 machines on this network connect to the internet through the same IP address." chances are that you aren't logging every connection that goes through your nat gateway, and so your basically stuck holding the ball on that one.
Global IPv6 addresses don't work. Most client computers around the Internet can't talk to a server on a global IPv6 address, and most server computers around the Internet can't talk to a client on a global IPv6 address.
of course they do. every host in my home network has a globally routable ipv6 address (thanks to hurricane electric's tunnelbroker.net) and i can reach hosts at my colo provider that are set up via freenet6. i can also reach hosts at my school that are directly connected to the ipv6 backbone via nysernet.
All the operating systems I use have been claiming ``IPv6 support'' for years. But they still require manual action by the system administrator before they can talk to IPv6 addresses.
no they don't. radvd is like dhcpd on steroids. if your hosts are ipv6 capable, start up radvd on your ipv6 connected router and within seconds every one of them will have their own globally unique, routable ipv6 address.
(All of this boils down to a small protocol design error in IPv6. A small change to IPv6 software would make IPv6 addresses work without any administrator action. I have a web page, http://cr.yp.to/djbdns/ipv6mess.html [cr.yp.to], explaining this in much more detail.)
this page basically says two (false) things.
1) you can't use ipv6 and ipv4 at the same time, so if you switch to ipv6 now you can't reach 99.9% of the internet.
this is blatently false and you know it. ipv6 and ipv4 can co-exist on the same machine very well. on my ipv6 enabled network, every host has an ipv4 address from 10.0.0.0/8 and an ipv6 address from 2001:470:1f00:321::/64. my machines try to look up AAAA records on hosts first, and if one exists they try to connect to that ipv6 IP. if no AAAA record exists, or the host is unreachable via ipv6, the machine falls back to ipv4, looks up a host, and connects.
2) it takes a massive amount of work to convert all applications over to ipv6 and no one has even started on such a task.
this one is even more confusing. i've got ipv6 enabled apache, ipv6 enabled qmail, ipv6 enabled djbdns, ipv6 enabled mozilla/phoenix, ipv6 enabled xchat, ipv6 enabled internet explorer, etc. all of these applications on every modern OS have all been written to use ipv6 first, then fall back on ipv4.
Unfortunately some web development clients only understand FTP and can't use sftp.
I assume you're referring to applications such as Dreamweaver/Frontpage/Composer.
actually, the latest version of dreamweaver, "MX", comes with putty's sftp client to handle sftp connections. it works with all the built-in file managment stuff in dreamweaver.
BSD is for people who love UNIX. Linux is for those who hate Microsoft.
i've heard this from a lot of people who use BSD, which makes me wonder, shouldn't this be "Linux is for people who love UNIX, BSD is for those who hate Linux" ? In my experience it seems that people who use BSD do nothing but badmouth Linux, and then accuse linux users of doing nothing but badmouthing microsoft (which most linux users don't do.)
Northwood... Not to mention Longhorn
These names are getting cruder and cruder...
yea, those canadians are really crude, with their crazy names like Whistler, blackcomb and Longhorn
The Mazda RX-8 is based on a new rotary design, and appears to be a rather powerful and reliable engine with lots of praise.
the entire RX line is based on a rotary engine (hence the 'R'.) The RX-7, which preceded the RX-8 was one hell of a fast car, and they were fairly reliable. The main problem was getting a mechanic who _could_ work on them, since most mechanics don't have experience with rotary engines.
I think I am biased against flash since Flash as a video delivery tool is like requiring an extra plugin to view something that should be handled by the video plugin in the first place.
.
I have nothing but flash 6 for linux installed on my browser here and i was able to play the video. no quicktime, windows media or any other video plugin needed.
BUT more importantly, Flash does not stream video easily unless it is from the flash server.
once again, i believe you are mistaken. I mirrored the flash file, and i was able to stream it off my apache server with no flash server extentions
All we're doing is watching video right? Use a video plugin.
except name another video plugin that works well under linux. i've heard i can embed mplayer, but i have never gotten that to work.
By defualt on windows up to 2k (have not tried with xp) this is open.*everything* is shared by defualt. True, you still need to login *but* most people leave administrator's password blank...
i hate to defend microsoft when it comes to security, but you're making us all look bad with these stupid claims. the $c $d etc. shares are enabled by default, but you need an administrator account to get in *and* that administrator account needs a password. if the person running the machine is a click+drool newbie and they didn't set a password, no one can log into that share.
Bug fixes and other contributions to open source software are in and of themselves valuable, but creating them will always be an expense to companies.
actually, the article talks about exactly this.
What's the payoff? It makes for better software. "If we find a bug or a problem, we're interested in fixing that problem. We're also interested in not fixing it again in the next version," explains Robert M. Lefkowitz, director of open-source strategy at Merrill Lynch & Co. in New York.
contributing to open source projects ends up costing these companies less, because they don't need to maintain an internal version of the software.
4 kids (or ringleaders of groups of kids, I guess) managed to get 652,000 songs together, with no dupes, live music, legal MP3s, or any original recording by themselves?
you've got your facts a bit messed up, but it's not really your fault. let me clarify.
1) the students ran search engines, not actual systems that contained the files, so the file counts are for every machine at a given campus.
2) the MTU student alone indexed 652,000 files, not songs. between the 4 students (3 schools) there were over 2.5 Million files, MTU being the smallest cache of files, RPI being the largest with over 1 Million.
3) not all of the files were songs. i know that most of the data on RPI's network is porn or Divx movies.
4) the total file sizes weren't given, but i know that RPI's 1 Million files totals out to a bit over 8 TB, which isn't all that much per file, but it's more than your 3 MB.
5) most of the content is duplicated across many machines. 1 Million files at RPI is probably somewhere around 200,000 unique files
Right after they turn google off.
google is apparently just as bad as these search engines. i wonder why they haven't been sued.
i go to RPI, and i know both the students here that were sued. one of them wrote a win32 front end to the web based search engine operated by the other student.
the web based search engine, phynd (http://www.phynd.net/) was written originally about 5 years ago by a student at RPI to scan SMB networks. the original author has since graduated, and the 3rd generation of phynd admins was the one sued. the win32 front end "flatlan" (http://www.flatlan.com/, currently slashdotted, i guess) was written by a current student at RPI.
I've noted several complaints about smooth scrolling in IE, but seriously, what's the complaint?
i was never aware that "smooth scrolling" was a feature in IE, i always assumed it was the fact that IE couldn't render HTML well. basically, when you scroll a large page under IE it's very jumpy, and you end up with huge white blocks waiting for text to render. under mozilla, you scroll one line at a time, making it possible to read text as you move down the page.
i really loved mozilla 1.2 and before, but mozilla 1.3 disgusts me so much that i won't touch 1.4 for quite a while. i'm currently using phoenix 0.5, based on mozilla 1.2 and i'm pretty happy with it. mozilla 1.3 seems to just give up on about 95% of the pages i attempt to visit (showing me a blank page), the fonts are absolutely horrible, and apparently now we need to deal with jumpy^H^H^H^H^Hsmooth scrolling? wonderful.
I just want to know why the fuck everyone thinks I was talking about Linux.
you complained that it "worked best" under windows, which is completely untrue. it would make sense that if windows was a problem for you, you were likely using linux.
what were you talking about? mozilla under windows? mozilla under macOS ?
I've got a Hurricane Electric tunnel, and i'm pretty happy with it as well. i've had connections running through it for a few weeks with no disconnections. the one thing that i really like about Hurricane electric is that once your tunnel is approved, they give you a cut and pasteable set of commands to get your tunnel running with all your IP and subnet information already in it. the freenet6 setup is fairly complicated compared to he.net