Here's my problem with the article... It's "WAH! I'm using a shitty ISP who's spammer friendly and my email is blocked!"
No, your email isn't blocked. Were it blocked, it'd never leave your mail client. Here's what REALLY happens. Your email leaves your mail client, and goes to your ISPs mailserver. You have a contract with them, so they accept it. Then THEY try to send it to us. Now, at this point you're dealing ENTIRELY on OUR hardware, OUR bandwidth, and OUR good graces. Those of us who are SICK AND FUCKING TIRED of having 100x more spam then real mail have quit accepting mail from well-known spammers.
As long as you DIRECTLY support spammers by continuing to use a spam-friendly ISP, your mail will be blocked. Period. You subsudize the rape and pillage of my mailserver and the mindless wasting of my time. And you really have no choice but to move. Wah. Because the alternative is for EVERYONE ELSE ON THE FUCKING INTERNET TO CHANGE THEIR EMAIL ADDRESS EVERY MONTH SO IT'S NOT ON THE SPAMMERS LISTS. DO YOU UNDERSTAND THE COST SHIFTING INVOLVED HERE? IS THIS LOUD ENOUGH TO GET THROUGH?
YOU are DIRECTLY responsible for sending me "Young horny teens get f**ked by a horse with a 31 inch c**k!" (Yes, really *'d out in the message)
Spamassassin is useless. Spammers tune their spams to be under the 3.0... you can't really filter harsher then that without blocking legit mail. The fact that it's open source only makes about a 1 week difference anyway. (Closed filters like hotmail/AOL/earthlink get bypassed in about that long)
The 'bayesian' solution is cute, but dosn't really work beyond an individual level, which means that everyone gets to spend hours sorting through spam (and it still slips through). It also fails because it's looking at single-words. If a friend sends me a mail that includes just 15 poorly chosen words, it gets blocked. If someone implements a two-word version, it may work better.
Add to the fact that a single legit email blocked means you have to read through EVERY spam-marked message looking for more.
So far, the only solution that's made my email workable is whitelisting. And THAT is a lot fucking worse then the RBL. If you're not on my whitelist, you don't talk to me. Period. No Chineese. No Koreans. No Brazilians. No Dutch. No AOL users. Nobody from a small ISP. You're ALL off the net as far as I'm concerned. Nothing that's not a reply to an email I sent. My email is useless for you, but it works for me.
(That's actually an overstatement. I do read the discard folder. Once a week. With the 'd' key. So if you don't invite me to see your webcam, I may read your email.)
Would it be feasible to make an open source project providing a plugin to MS office so that it can read and write in our preferred open format. Sort of a 'save as open document standard'.
Not even remotely feasible. Probably technically possible, but utterly pointless. Now you not only have to have Word 2k5 installed, but you need to download some plugin from somewhere in order to read a.doc file you found on the net.
Hint: "Oh, this file is corrupted. *DELETE*" is the first thing that will occur to any normal windows user upon trying to read your "open.doc" file.
It's only worthwhile to make outputting perfectly M$-compliant word documents. Otherwise your interoperability = zero.
Modern coal plants are not that dirty, they are much cleaner than every car/truck/lawnmower/bus/train/etc having their own power plant.
Hey tard-o, there's only a handful of "modern" coal-burning plants around. All the rest are the old, in-efficient, heavy-polluting kind. Guess where most of the electricity comes from?
Before last year, you could tour our coal plant. (Orlando, FL) It was supposed to be a nuke till the no-nukes crowd stopped it. No containment dome but a bigass cooling tower, so it got converted. Makes for an amazingly efficient coal-burning plant. Still, theoretical max on thermal transfer from coal is only about 20odd percent IIRC.
From the question: "* Must run on Windows (they're a Microsoft reseller after all)"
You don't want alternatives. Your requirements are "Must be produced by Microsoft". You need XP, IIS, MSSQL server and some light ASP work. What's your alternative? Something that's going to be locked out of the API war next service pack? Riight.
Quit posting crap to slashdot. Do you own fucking job.
Yes. To simplify, to do multicast, you issue
a 'join' on your local network, towards your router. Your router issues a join upstream, etc.
If you and your wife both 'join', the router will join two streams (farscape and firefly). If you have the bandwidth, both will come to your local network. Then you just pick up your packets off the LAN.
But your system isn't the C standard, and the fact that it runs there doesn't mean it is valid C. Most systems allow i = i++ += ++i as well. The result is undefined, and that means that anything is allowed to happen.
i = i++ += ++i; fails with 'invalid lvalue in assignment' (gcc 2.95, 3.2)
i = i += ++i; compiles with 'warning: operation on `i' may be undefined'
Such systems generally won't like the perfectly valid int main(int argc, char **argv, char **env) convention either.
Surprise. It isn't perfectly valid C. I'm not even shure if it's POSIX (although extern char **environ is). But it is pretty common among unixes.
Ok, I'm missing something, what's wrong with that?
It would be even nicer to live in a country where everyone has a universally accepted form of ID (rather than proof of identity being dependent on whether I can pass a driving test/have my own utility bills/have my own credit card/etc).
Hint for the stupid: State ID card = Valid ID. Just like a driver's licence, but you can't use it to drive with. I've got both.
The very method of banning people using their ip or domain is wrong. Ive been behind multiple domains that have been banned by various channels and irc servers because ONE person did something undesirable. In Pakistan, there is a government-run ISP that hosts hundereds of thousands of people behind ONE ip address. Dont expect anyone from Pakistan at least to be a part of your channel.
As a result of such banning practices, Ive quitted using IRC in the first place. Most of my discussions are through yahoo messenger, newsgroups and mailing lists. IRC's technology, or at least its operators' mindsets arent keeping up with the technology....
And please dont give me I'm not running an ident server. I tried various ident settings, fake and real, and even tried using a personally-registered domain.. but either they ban blocks of IP or reverse domain resolutions dont work for personal domains unless you fork out $600 per month for a business internet account. Go check out other channels related to linux and ask the people in there why they arent in your channel
HI! I am a complete and utter retard! I curse at chanops, harass people, evade bans and can't spell worth shit. I feel that I have a God-Given Right to use IRC. I don't understand how IRC works. I don't understand that ISPs make users anonymous so we can't ban just one. I don't understand that allowing Just One skript kiddie into a channel makes it unusable for everyone else.
I'm too stupid to figure out how to make reverse DNS work. I think it's elitist that people with clue can get it to work and they won't give it to me for free. I have no friends, or all my friends are as stupid as I am and cannot give me a proxy to get on IRC with.
I just can't seem to get my mind around the fact that the IRC protocol is old, and has been having problems for what, 10 years now? Obviously AIM and ICQ suck because they don't have 'Netsplits' to op-surf on.
I don't understand that ident is a complete joke and should be ignored. It hurts my head to try to understand the difference between authoratative and spoofed.
Also, I don't think my linux box works right unless I'm in #linux on EFnet. It's an integral part of the operating system.
In short, I'm wasting valuable oxygen. Someone please kill me.
You are attempting to justify your actions when really, all it is is that you want IRC to be a happy little land where everyone behaves according to your rules, and you don't want to really put forth any effort to accomodate opposing viewpoints.
Translation: I'm a whiny luser who's too much of an asshole to understand the difference between Rights and privliges. I'm under the delusion that IRC (Much like inter-network routing) is a working protocol and not a horrendus kludge. Also, my mother dresses me funny.
Uhh, yes there is. Just correlate requests going into and out from the node, if you're snooping all the traffic anyway. You can probably even do this by looking at the timings, if it's encrypted. If you see an outbound request with no inbound request in the n preceding milliseconds (established empirically) then it's pretty obvious that it was a request originating at that node.
Ok, you're wrong here on some points. First off, it's encrypted traffic so you can't just sniff. You'd have to be running a node yourself and hope
they contacted you. Secondly, an inbound request
can (and often does) make multiple outbound requests. If a node returns DataNotFound, and the node has another reference to try, it detracts the HTL and shoots it in a different direction. (Explanation simplified)
That foils straight-up traffic analysis. Also, it takes time to route requests in freenet, and the average node is getting 1-2 requests/second, so it's pretty tough to correlate.
Want to know what the content is? Just replay the same request yourself, see what you get, and see which nodes talk to you.
Nice try. Freenet keys are composed of two parts: the address (content hash, name hash or key-signed name hash) and the decryption key. If you sniff, you have nothing. If you're a cancer node, you have a routing key and no way to decrypt it.
Freenet might work if you only look at one-way traffic from one node at a time, but the people that it was built to circumvent - governments - have the resources to take a wider view.
Governments generally have found it's cheaper and easier to boot a door down then spend months trying to crack encrypted traffic. Even to the point of putting keyloggers on a machine to get passwords rather then trying to crack it themselves.
Indeed. And since you don't have to "pay" for what you use, a la Mojo Nation, the Tragedy of the Commons applies and the FreeNet system will rapidly go the way of every other P2P system, in which the balance between contributors and consumers is destroyed.
Actually, you lose on this point. The TotC problem with P2P networks is that the single holder of Starwars Episode 3 pre-pre release gets A) swamped by requests (that people are asses and don't reshare) and B) sued and/or jailed. On freenet, the simple fact that you requested something means you're contributing.
The nice thing is a contributors efforts are multiplied by how much his contribution is requested. Also, now that redundant encoding is becoming popular, you can take a file with missing parts, reconstruct it, THEN re-publish the missing parts! If a few common clients do this the data-loss of larger files would be drastically reduced. Even now you can get MP3s (AND.ISOs) off freenet if you wait long enough.
Quoting from "Pussy Galore" (SSK@xdDLu9KYaJGEL9543hOrarcoFM8PAgM/PussyGalore// )
who got it from rotton.com.
13th October in the Year of Our Lord 2002
"The British media have been gagged from reporting sensational courtroom evidence of the former MI5 spy David Shayler, including his alleged proof that the secret service paid £100,000 ($280,000 at current exchange rates) for al-Qaeda terrorists to try to assassinate Libya's leader, Muammar Gaddafi, in 1986.
In its efforts to contain Shayler's allegations, the Government has even stopped the media from reporting its successful attempt to win a court gag order."
Is this not incredible, an Alice in Wonderland scenario? Not only can the press not report the proceedings but also they cannot report that they have been gagged. Yet, foreign press and websites can do as they please. Sadly, in the UK such happenings are not incredible, they occur too often.
Duke Morbid's Freesite is UK based. We have not received a "Public Interest Immunity certificate" so we shall say what we like; we would anyway.
Blunkett and Straw, two notable fascists in Fuehrer/Anti-Christ Blair's government issued the gagging orders; they were not behaving out of character. But who is being denied the news? Not foreigners and not London's chattering classes. The chattering classes at their dinner parties will be fully in the picture as to what is going on in court even if the case is held
in camera. Everyone down from the judge, through the barristers and jury to the humblest court official will be discussing the case. Of course they will be discussing it "in confidence" and of course it is standard practice to pass "confidences" onward "in confidence". Soon every half-educated person in
London (10% of its population) will know the details. Provincial Dukes and their supporting infrastructure of
artisans and peasants will hear nothing of this.
Why the, partial, secrecy? What is there to protect? Certainly not sensitive intelligence operations in progress. The events relate to 1986 and much water has passed under the bridge since then. Thus what is being protected is the
good name of MI5 and, much much more importantly, the reputations of diverse politicians of differing persuasions who have been overseeing MI5. God forbid that any politician should be made to look stupid either through conniving with a daft MI5 scheme or by failing to give MI5 proper scrutiny. The potential scandal reaches to the Privy Council, no less, and Brenda chairs it
(actually the prats all stand around a table for 'traditional' reasons but there are significant sub-committees that do the real work in secret).
What of the press and their much vaunted fearless reporting of the truth? Collectively the press could easily smash the power of gagging notices imposed by the executive: in a supposedly civilised
democracy it would seem odd if a host of editors were to be imprisoned for contempt of court. So why do they acquiesce? The answer is obvious: there is something in it for
them (proprietors especially). They can have the satisfaction of being kept fully in the know (and thus have reason to feel important because the information is denied to provincial Dukes,
artisans and peasants) and expect to to be rewarded by life peerages
(proprietors), knighthoods (editors) and lesser baubles (the journalistic
rabble); really well behaved editors will also get the chairmanships of lucrative QUANGOs too when they
retire (proprietors are too rich to require this boon).
We are already a Duke, so the establishment has nothing
further to offer us (apart from the Crown), thus we can afford to be fearless in
our reporting.
Way to be on the ball, people! Looks like freenet has faster news then slashdot, despite only being able to update at midnight GMT.
You're an idiot if you think slashdot readers use linux. Most of them are too stupid to install ANYTHING, and use whatever comes on their "Dude! I got a Dell!"
Ask Taco about the browser percentages. Shit, slashtwats don't even install mozilla for windows!
So it's not surprising to know they all jerk off to Britney Spears CDs while having fantasies about BsB/N'Sync orgies. Why else all the interest in Lance Bass Goes To Russia?
This message written on mozilla, running linux 2.4.20-pre5 while eating food I cooked myself and listening to a college radiostation showcasing local talent.
To all the Moderators: At least put down your McBurger and turn off your McRadio before marking this as a troll.
In Debian, at least, the fixes were backported to 0.9.6c
harik@chaos:/tmp$ ls -la.bugtraq.c
-rw-r-xr-x 1 www-data www-data 68335 Sep 14 13:32.bugtraq.c
ii openssl 0.9.6c-2 Secure Socket Layer (SSL) binary and related
Looks like it's only later builds of 0.9.6c that are patched. Either way, I couldn't compile it on my debian box, and there was no binary installed.
Plus, as a singular exploit, there's no way for it to gain root access. If this hole remains unpatched, expect a combined attack (local user root exploit + remote NPU attack) to spread.
if there are any well-known local attacks, anyway.
I don't know of any current widespread ones.
20 mil is a starting point, actually. You still need a climate controlled datacenter, quad-redundant power sources, onsite generator (that can power the raid + the cooling!). And of course, ask them if it's possible to power it down.
The hitachi solution is, as far as I know, reliable
to the first power failure, period. Then it's an empty disk again. I believe they do guarantee it
in anything other then a powerfail situation, however. Hence the quad-redundant power + onsite generator requirement. If you really have that kind of budget, call a sales rep and ask them about physically moving it 2 years down the road. Last time I asked, they said "Buy another one, lease an OC3 from bell and mirror. Don't Turn It Off."
I've only got a budget for 1TB systems. At that scale, it's amazing how cheap it is. 1 HBA on each set of 15 x 72GB 15k U160s, (raid5) using network sync between the two seperate boxes. Came in to about 25 grand. Nice in that you can 'detach' one entire system, back it up, then resync it. This is for a large-dataset low-transaction volume setup, though. Secondly,
backup is hideously expensive. Tapes = useless. Get something that lets you snapshot + delta the whole array. Drives are a thousand times cheaper then tapes to manage. (TCO, equipment AND maintenence) Plus without 100 tapes in paralell, you won't be able to backup that kind of data in a reasonable timeframe.
I do. I took the qmail module, rewrote it a bit
as a always-on module for MIMEDefang, and it does a good job of catching spam. It gets about 50% of the spam that spamassassin misses, and so far no false positives.
I'm looking at modifying it to understand some tokens better: IP addresses, email addresses, hostnames, full URLs as tokens rather then splitting them up into their individual pieces. Basically, N-way pairing. word pairs are a general case of that.
I suspect this is an underhanded attempt to get the real IP address for those using anonymizing proxies, which often don't proxy SSL: you think you're anonymous, your browser silently connects on port 443, your real IP address is captured, and you're none the wiser until you're found out.
I suspect you have no clue what you're talking about.
Proxys don't cache SSL (they can't read it), but they do proxy it (by just passing it through).
CONNECT hostname:port HTTP/1.0
Even if they don't, many (most?) corperate networks are on internal IP space with a NAT firewall. AT BEST you're going to see the http from the proxy box and the https from the NAT gateway.
T1's are sub-1k these days. And if you think any ISP isn't over subscribing their uplink(s), you are a certified idiot. Every ISP over subscribes their bandwidth -- by very large margins in far too many cases. That's the only way to make any money... sell people something they don't need and will never use.
BZZT.
Remind me to never buy any bandwidth from you.
Kids, this is what happens when you save a few bucks. You go with tier-19523 providers who are selling T1's off a SDSL circuit from a guy who splits colo space with a cleaning buisness.
From REAL ISPs (AT&T, Sprint, UUnet, etc) the story is quite a bit different. They DO oversubscribe to an extent, but to where? You and 500 other T1 customers go into a POP (Either on a frame cloud or through a bigass MUX) Coming out of that is at-minimum 3-4 OS3 links (155meg each)
High-traffic nodes frequently run OC-12 or OC-48.
Now, if you all try to get to a single site, not only would the remote site not be able to handle the bandwidth but quite possibly you'd flood out
the backbone links between you and them.
By the same token, however, all the OTHER backbone links would be unused.
So yes, you can say "I'm oversold", but you'd be wrong. Let's go into a true oversubscription example now:
Billy the Janitor decides he wants to be an ISP. So, after gunning down some of the druglords in his neighborhood, he gets a DS-3 (45 meg) into his hovel.
Finding that he can wire every other crackhouse in the neighborhood cheap since he knows people in the local telco monopoly, he starts selling "full T1s" for $400 a month. Wow, what a deal!
And they are "Full T1s", too... for the first 30 or so customers. After that, billy starts to oversubscribe. And, at $400/month, he sells HUNDREDS of T1s. Say, 200.
Now we have 300meg coming out of a router with 45 meg going in. Mmm, bottleneck. See how this is different from a multihomed POP in the case above?
Some real numbers:
Today sprint Peaked at 1523/1503 kb/s (in/out)
UUnet peaked at 1510/1508 (Delivered over frame, slightly lower peak bandwidth)
A frac T3 frame to bell only got 3313/3412 today, but it's pretty lightly loaded. I've done 5.5meg on it (and it's sold as a 4.5 meg CIR carried on a 6meg pipe)
The REAL answer is: Are you going to use the bandwidth, and if so, is it worth the premium it costs to get a tier-1 provider.
If you're just using corperate websurfing/email, HELL NO: buy the cheap one in a heartbeat. If you're reselling yourself, don't even THINK about doing anything BUT tier-1.
And don't forget latency. As the famous paper was titled: "It's the latency, stupid." You'd be amazed what a 10ms pingtime does for your effective bandwidth.
(Before I get flamed, I know bellsouth is technically tier-2. Especially since the twits don't know the difference between peer and transit BGP setups. YAY unreachability. They're working on it)
Slashdot Mirror
No, your email isn't blocked. Were it blocked, it'd never leave your mail client. Here's what REALLY happens. Your email leaves your mail client, and goes to your ISPs mailserver. You have a contract with them, so they accept it. Then THEY try to send it to us. Now, at this point you're dealing ENTIRELY on OUR hardware, OUR bandwidth, and OUR good graces. Those of us who are SICK AND FUCKING TIRED of having 100x more spam then real mail have quit accepting mail from well-known spammers.
As long as you DIRECTLY support spammers by continuing to use a spam-friendly ISP, your mail will be blocked. Period. You subsudize the rape and pillage of my mailserver and the mindless wasting of my time. And you really have no choice but to move. Wah. Because the alternative is for EVERYONE ELSE ON THE FUCKING INTERNET TO CHANGE THEIR EMAIL ADDRESS EVERY MONTH SO IT'S NOT ON THE SPAMMERS LISTS. DO YOU UNDERSTAND THE COST SHIFTING INVOLVED HERE? IS THIS LOUD ENOUGH TO GET THROUGH?
YOU are DIRECTLY responsible for sending me "Young horny teens get f**ked by a horse with a 31 inch c**k!" (Yes, really *'d out in the message)
Spamassassin is useless. Spammers tune their spams to be under the 3.0... you can't really filter harsher then that without blocking legit mail. The fact that it's open source only makes about a 1 week difference anyway. (Closed filters like hotmail/AOL/earthlink get bypassed in about that long)
The 'bayesian' solution is cute, but dosn't really work beyond an individual level, which means that everyone gets to spend hours sorting through spam (and it still slips through). It also fails because it's looking at single-words. If a friend sends me a mail that includes just 15 poorly chosen words, it gets blocked. If someone implements a two-word version, it may work better.
Add to the fact that a single legit email blocked means you have to read through EVERY spam-marked message looking for more.
So far, the only solution that's made my email workable is whitelisting. And THAT is a lot fucking worse then the RBL. If you're not on my whitelist, you don't talk to me. Period. No Chineese. No Koreans. No Brazilians. No Dutch. No AOL users. Nobody from a small ISP. You're ALL off the net as far as I'm concerned. Nothing that's not a reply to an email I sent. My email is useless for you, but it works for me.
(That's actually an overstatement. I do read the discard folder. Once a week. With the 'd' key. So if you don't invite me to see your webcam, I may read your email.)
- Configure a duplicate server (Or pull one of your redundant ones off a rack)
- Lower your TTL. 10 minutes is good.
- Drive it to the new location. Configure, test.
- Change your DNS server to point to the new location.
- Contact internic. Move your DNS servers to the new IPs. (Change the Host records rather then all the NS records of each individual domain.
- After a few days, shutdown everything on the old block and drive it to the new location.
Simple, easy and effictive. Probably skipped steps that are fairly obvious (Like configuring a box to answer on the new nameserver addresses, etc)--Dan
Not even remotely feasible. Probably technically possible, but utterly pointless. Now you not only have to have Word 2k5 installed, but you need to download some plugin from somewhere in order to read a .doc file you found on the net.
Hint: "Oh, this file is corrupted. *DELETE*" is the first thing that will occur to any normal windows user upon trying to read your "open .doc" file.
It's only worthwhile to make outputting perfectly M$-compliant word documents. Otherwise your interoperability = zero.
Hey tard-o, there's only a handful of "modern" coal-burning plants around. All the rest are the old, in-efficient, heavy-polluting kind. Guess where most of the electricity comes from?
Before last year, you could tour our coal plant. (Orlando, FL) It was supposed to be a nuke till the no-nukes crowd stopped it. No containment dome but a bigass cooling tower, so it got converted. Makes for an amazingly efficient coal-burning plant. Still, theoretical max on thermal transfer from coal is only about 20odd percent IIRC.
--Dan
You don't want alternatives. Your requirements are "Must be produced by Microsoft". You need XP, IIS, MSSQL server and some light ASP work. What's your alternative? Something that's going to be locked out of the API war next service pack? Riight.
Quit posting crap to slashdot. Do you own fucking job.
If you and your wife both 'join', the router will join two streams (farscape and firefly). If you have the bandwidth, both will come to your local network. Then you just pick up your packets off the LAN.
i = i++ += ++i; fails with 'invalid lvalue in assignment' (gcc 2.95, 3.2)
Ok, I'm missing something, what's wrong with that?i = i += ++i; compiles with 'warning: operation on `i' may be undefined'
Hint for the stupid: State ID card = Valid ID. Just like a driver's licence, but you can't use it to drive with. I've got both.
I'm too stupid to figure out how to make reverse DNS work. I think it's elitist that people with clue can get it to work and they won't give it to me for free. I have no friends, or all my friends are as stupid as I am and cannot give me a proxy to get on IRC with.
I just can't seem to get my mind around the fact that the IRC protocol is old, and has been having problems for what, 10 years now? Obviously AIM and ICQ suck because they don't have 'Netsplits' to op-surf on.
I don't understand that ident is a complete joke and should be ignored. It hurts my head to try to understand the difference between authoratative and spoofed.
Also, I don't think my linux box works right unless I'm in #linux on EFnet. It's an integral part of the operating system.
In short, I'm wasting valuable oxygen. Someone please kill me.
Translation: I'm a whiny luser who's too much of an asshole to understand the difference between Rights and privliges. I'm under the delusion that IRC (Much like inter-network routing) is a working protocol and not a horrendus kludge. Also, my mother dresses me funny.
Alan's avoiding visting the USA due to the DMCA anyway. We'd have to extradite him.
It already is. Try EOF
Ok, you're wrong here on some points. First off, it's encrypted traffic so you can't just sniff. You'd have to be running a node yourself and hope they contacted you. Secondly, an inbound request can (and often does) make multiple outbound requests. If a node returns DataNotFound, and the node has another reference to try, it detracts the HTL and shoots it in a different direction. (Explanation simplified)
That foils straight-up traffic analysis. Also, it takes time to route requests in freenet, and the average node is getting 1-2 requests/second, so it's pretty tough to correlate.
Nice try. Freenet keys are composed of two parts: the address (content hash, name hash or key-signed name hash) and the decryption key. If you sniff, you have nothing. If you're a cancer node, you have a routing key and no way to decrypt it.
Governments generally have found it's cheaper and easier to boot a door down then spend months trying to crack encrypted traffic. Even to the point of putting keyloggers on a machine to get passwords rather then trying to crack it themselves.Actually, you lose on this point. The TotC problem with P2P networks is that the single holder of Starwars Episode 3 pre-pre release gets A) swamped by requests (that people are asses and don't reshare) and B) sued and/or jailed. On freenet, the simple fact that you requested something means you're contributing.
The nice thing is a contributors efforts are multiplied by how much his contribution is requested. Also, now that redundant encoding is becoming popular, you can take a file with missing parts, reconstruct it, THEN re-publish the missing parts! If a few common clients do this the data-loss of larger files would be drastically reduced. Even now you can get MP3s (AND .ISOs) off freenet if you wait long enough.
For instance, I don't know anything about things like forkpty(3) and how it would work for me.
Lucky for me, someone on slashdot understands things like login_tty(3) or execve(2) and is going to explain them to me.
Way to be on the ball, people! Looks like freenet has faster news then slashdot, despite only being able to update at midnight GMT.
Ask Taco about the browser percentages. Shit, slashtwats don't even install mozilla for windows!
So it's not surprising to know they all jerk off to Britney Spears CDs while having fantasies about BsB/N'Sync orgies. Why else all the interest in Lance Bass Goes To Russia?
This message written on mozilla, running linux 2.4.20-pre5 while eating food I cooked myself and listening to a college radiostation showcasing local talent.
To all the Moderators: At least put down your McBurger and turn off your McRadio before marking this as a troll.
--Dan
harik@chaos:/tmp$ ls -la .bugtraq.c .bugtraq.c
-rw-r-xr-x 1 www-data www-data 68335 Sep 14 13:32
ii openssl 0.9.6c-2 Secure Socket Layer (SSL) binary and related
Looks like it's only later builds of 0.9.6c that are patched. Either way, I couldn't compile it on my debian box, and there was no binary installed. Plus, as a singular exploit, there's no way for it to gain root access. If this hole remains unpatched, expect a combined attack (local user root exploit + remote NPU attack) to spread.
if there are any well-known local attacks, anyway. I don't know of any current widespread ones.
The hitachi solution is, as far as I know, reliable to the first power failure, period. Then it's an empty disk again. I believe they do guarantee it in anything other then a powerfail situation, however. Hence the quad-redundant power + onsite generator requirement. If you really have that kind of budget, call a sales rep and ask them about physically moving it 2 years down the road. Last time I asked, they said "Buy another one, lease an OC3 from bell and mirror. Don't Turn It Off."
I've only got a budget for 1TB systems. At that scale, it's amazing how cheap it is. 1 HBA on each set of 15 x 72GB 15k U160s, (raid5) using network sync between the two seperate boxes. Came in to about 25 grand. Nice in that you can 'detach' one entire system, back it up, then resync it. This is for a large-dataset low-transaction volume setup, though. Secondly, backup is hideously expensive. Tapes = useless. Get something that lets you snapshot + delta the whole array. Drives are a thousand times cheaper then tapes to manage. (TCO, equipment AND maintenence) Plus without 100 tapes in paralell, you won't be able to backup that kind of data in a reasonable timeframe.
--Dan
NO PROXY ANYWHERE EVER CAN CACHE SSL. PERIOD.
For more information, please apply your head to a solid object.
HTH. HAND.
I'm looking at modifying it to understand some tokens better: IP addresses, email addresses, hostnames, full URLs as tokens rather then splitting them up into their individual pieces. Basically, N-way pairing. word pairs are a general case of that.
--Dan
I suspect you have no clue what you're talking about.
Proxys don't cache SSL (they can't read it), but they do proxy it (by just passing it through). CONNECT hostname:port HTTP/1.0 Even if they don't, many (most?) corperate networks are on internal IP space with a NAT firewall. AT BEST you're going to see the http from the proxy box and the https from the NAT gateway.
--Dan
BZZT. Remind me to never buy any bandwidth from you.
Kids, this is what happens when you save a few bucks. You go with tier-19523 providers who are selling T1's off a SDSL circuit from a guy who splits colo space with a cleaning buisness.
From REAL ISPs (AT&T, Sprint, UUnet, etc) the story is quite a bit different. They DO oversubscribe to an extent, but to where? You and 500 other T1 customers go into a POP (Either on a frame cloud or through a bigass MUX) Coming out of that is at-minimum 3-4 OS3 links (155meg each) High-traffic nodes frequently run OC-12 or OC-48.
Now, if you all try to get to a single site, not only would the remote site not be able to handle the bandwidth but quite possibly you'd flood out the backbone links between you and them.
By the same token, however, all the OTHER backbone links would be unused.
So yes, you can say "I'm oversold", but you'd be wrong. Let's go into a true oversubscription example now:
Billy the Janitor decides he wants to be an ISP. So, after gunning down some of the druglords in his neighborhood, he gets a DS-3 (45 meg) into his hovel.
Finding that he can wire every other crackhouse in the neighborhood cheap since he knows people in the local telco monopoly, he starts selling "full T1s" for $400 a month. Wow, what a deal!
And they are "Full T1s", too... for the first 30 or so customers. After that, billy starts to oversubscribe. And, at $400/month, he sells HUNDREDS of T1s. Say, 200.
Now we have 300meg coming out of a router with 45 meg going in. Mmm, bottleneck. See how this is different from a multihomed POP in the case above?
Some real numbers:
Today sprint Peaked at 1523/1503 kb/s (in/out)
UUnet peaked at 1510/1508 (Delivered over frame, slightly lower peak bandwidth)
A frac T3 frame to bell only got 3313/3412 today, but it's pretty lightly loaded. I've done 5.5meg on it (and it's sold as a 4.5 meg CIR carried on a 6meg pipe)
The REAL answer is: Are you going to use the bandwidth, and if so, is it worth the premium it costs to get a tier-1 provider.
If you're just using corperate websurfing/email, HELL NO: buy the cheap one in a heartbeat. If you're reselling yourself, don't even THINK about doing anything BUT tier-1.
And don't forget latency. As the famous paper was titled: "It's the latency, stupid." You'd be amazed what a 10ms pingtime does for your effective bandwidth.
(Before I get flamed, I know bellsouth is technically tier-2. Especially since the twits don't know the difference between peer and transit BGP setups. YAY unreachability. They're working on it)
I created it June 8, 1998. Long since lost the program used to do it. I know I used da Gimp even then. It's also deliberatly subtle.