HP 4000 printer memory... HP wants over $400.00 for it when Kingston sells the equiv. for $36.00...
http://www.ec.kingston.com/ecom/configurator/mod el sinfo.asp?SysID=+5325+&distributor=0&submit=Fi nd
[I know its not a fair comparison... but since the Kingston model has a lifetime warrenty... etc.... and WORKS.... so who is really at the disadvantage here]
Re:Why no Linux drivers for IPSec Ethernet cards?
on
Ask Donald Becker
·
· Score: 2
could it be that most cryptographic code is under some sort of patent or export restriction?
Re:Which Network gear manufacturer?
on
Ask Donald Becker
·
· Score: 2
Wondering if its not because they "invented" it, but maybe because they hold the IP license for an implementatuin that they decided to allow OpenSSL to use under a free license..
OpenDivX = Initial rewrite of the codec from scratch
DivX = Current "Commercial/free" version of the DivX codec {its roots from OpenDivX
Which is why DivX came about.
DivX is a "semi-clean room" codec written without reminents of the original microsoft codec.
from the original project page: http://www.projectmayo.com/about/faq.php "How is OpenDivX better than DivX;-)? Our first goal with OpenDivX was to re-write it from the ground up to prepare the code for release as open source. "
My guess is that they can sell it cheaper as a no name item since they do not have to handle:
1) Tech Support. This includes web/phone/email etc. 2) Advertising [this alone would be around %3-%5 of a machines cost AT LEAST... 3) R&D wrt design and "dell" labeled cds/manuals/etc... [they dont have to reprint the OEM manual with their own logo] and still use essentially the same parts. 4) This could also be a way to get around certain restrictive licensing agreements that Dell has... [ie: if the machine has the name "Dell" on it they may have to pay some company something to license something else.. weather its software/bios/whatever]
All the above could EASILY make a PC %20-%30 cheaper for the end user...
And another 1.75 (or 3.50 depending on what other services you have) for caller ID block to block the other side from seeing your caller ID. [which btw does NOT work for "toll free" 800,888,877,866 numbers] Something about the person paying for the call has the right to block it or see who is making the call....
One bank security official once told me unofficially wrt that is that the bank does not like the fact that the source is availible. To them, this means that anyone can compile the browser and "take out" some of the features that make the browser secure. Or trojan it to make an SSL connection, get the username/password, and dump it to a text file or send it remotely.
With the older closed browsers there is supposedly a much smaller chance of that happening.
Try Opera... Some of them disallow NS6, but allow opera...
And since nvidia drivers are binary releases only, it would be easy for them to exclude the PCI id of the card built into the xbox from working with their linux driver.. (give it a different/specific product id that is checked for and purposely not supported)
A bios extenstion that the OS can check to see if the machine is "MS approved/licenced"...
Something that the OS can check for to allow the use of the OS on that machine and thus not require activation.
Apple was able to do it with their ROM; this makes me wonder if MS is leaning towards the same path.... [they can patent the bios code that the OS checks for]... This is also interedting considering that other MB manufacturers have also been selling boards that contain a CF reader built in...
Yup... I prefer at least two of the following sources myself:
1- Web site
Problem: Sites can be easily "defaced"
2- Hard Media (CD) Problem: Getting the physical media itself
3- Public Keyserver Problem: hopefully the key is uploadted legitimatly first.
4- Fingerprint verifiable by someone answering the regular, publicly advertised phone system number Problem: most receptionists dont know what PGP/GPG is. Problem: Long distance... {calling.AU from.US}
What I am really surprised has not happened is to have the major security signing bodies get together and sign each others keys.
That way for example if I am able to verify redhats key through one of the above methods, then if I get something signed with an "openssh" project key it would show up as valid... [remember that old "web of trust" idea]?
Ah.. but once they say "it is only a theoretical vulnerability" the person that published the info can say... "Nope: here is the code"; or even better, can say in the initial publication "here is the description... and we have working code; which will be published in 14 days from now" and send the vendor the working code...
Even Microsoft has learned its lesson... {there is still space for improvement... but they are getting better in these situations]
The problem is that this gives a rise to the other question... How long to wait before making something public?
The person that made the information public knew that HP has had the information SEVERAL MONTHS before making the exploit public.
Its true that it may have been better to contact CERT first (note: HP already knew); post to bugtraq, but DESCRIBE the issue and not post the exploit... THEN once the PUBLIC description is made {and still no response from HP} [I say maybe give HP 14 working days] only then post the exploit as as done..
By doing this HP has just made sure that anyone that finds a real security flaw in their operating system will not publicise the issue. This security through obscurity has been shown to be useless... Even Microsoft now realizes this.
If the item is not fixed when it is first found, and made public then this means that those flaws can easily stay hidden, and propagate into other subsystems in such a ay that fixing it at a later date may become impossible.
If the problem is not made public, there is a very good chance that real "black hat" underground distributers of the information may have and use the exploits. This could mean that real system admins are kept in the dark while their boxen are rooted from under them. This is because the admins are not made aware of the issues as a result of this action by HP.
As a result, I would much less be willing to use/trust a Tru64 / HP/CPQ machine since I have no idea if there are security problems that HP hindered from getting fixed.
My biggest pet peeve about USB in ANY platform is that instead of doing what they did with the mice/keyboards/audio/parallel drivers and make a standardised spec. for a serial class, they waited too long so the manufacturers had to come out with thier OWN methods to communicate with their serial devices. This made it a nightmare to try and get a serial converter recongnised in linux.
For windows, the manufacturers made some of the drivers avail for their serial converters. [but now even some of the early ones are no longer supported in XP like the enterga/xircom/intel ones and the intel based mct ones]
The problem with USB is the need for a separate driver for MANY of the common devices.
Getting everyone together to come out with UNIVERAL device specs that the manufacturers follow and an easy way to update the device IDs for the OS would greatly advance the use of USB on Linux.
the problem is getting the point across to the misinformed/ brainwashed masses when you try to explain to them why those devices really are NOT true raid.. "but it says so on the box"... Especially when in a specification quote you list "hardware RAID recommended" and they think that one of those cards would do the job and balk at the price of a real raid card.
What is unfortunate is that other manufacturers have caught on and use the same tactics to sell their hardware as well... like USR advertising 802.11b at 22mb when the only way to do that is using their cards with their modified software... or my current pet peeve... the PCI standard. boards that say they use PCI2.2 are NOT backwards compatible with PCI2.1; when getting a new card, check for SPECIFIC compatibiliy [ie: if it says it works in PCI2.2, then that may not necessaryily mean it would work in a PCI2.1 mb, and vice versa... but anyways... this is going a little offtopic... so to bring it back on topic.... Hard drive sizes that are reaching/exceeding the 200gb range are still doorstops that used to hold gb of data if it crashes and there are no backups..
For me, I would only use such a drive as a "live virual CD jukebox" for my frequently used ISOs...
Its not meeting someone on the inside that helps, but that they know by you being at the java/linux/perl/oracle users group that you have something like a commitment at making sure that your skills are updated. That you can work with others. That they can see your community contributions before they commit to seeing you. In short, you have already passed the "screening"...
Re:slightly off topic, but about USB
on
nForce2 Preview
·
· Score: 2
The question is how many of those ports are shared.
Usually on a standard 2 port setup, each port gets 12mb or 480mb bandwidth.
If you plug a hub to first port, then all the ports on that hub share the bandwidth of that one motherboard port.. [so on a 2 port system, you can have one badly behaving device hog up all the bandwidth on that port; leaving little for other devices]..
If all 6 ports have individual controllers, then this WOULD be a good thing... and the more ports the easier it would be to segment your USB devices especially if you mix 1.1 and 2.0 devices... It also allows you to group your devices/hubs in such a way that sharing "Groups" between machines is easier.. [unplug groupA from main PC to connect to laptop] or [stuff connected to groupB not supported in Linux yet, so unplug port3 when booting Linux]
btw: I am a "USB power user" with close to 14 USB devices connected at once....
2- Mount a bigger disk in/var/redcarpet [/var/redcarpet would be an empty dir.. then move the redcarpet dir as above and then mount/dev/hdx/var/redcarpet
Slashdot Mirror
How about this for a markup...
d el sinfo.asp?SysID=+5325+&distributor=0&submit=Fi nd
HP 4000 printer memory... HP wants over $400.00 for it when Kingston sells the equiv. for $36.00...
http://www.ec.kingston.com/ecom/configurator/mo
[I know its not a fair comparison... but since the Kingston model has a lifetime warrenty... etc.... and WORKS.... so who is really at the disadvantage here]
could it be that most cryptographic code is under some sort of patent or export restriction?
Its not just linksys...
dlink also does it...
Wondering if its not because they "invented" it, but maybe because they hold the IP license for an implementatuin that they decided to allow OpenSSL to use under a free license..
DivX;-) is not DivX
;-)?
DivX;-) = Hacked MS codec
OpenDivX = Initial rewrite of the codec from scratch
DivX = Current "Commercial/free" version of the DivX codec {its roots from OpenDivX
Which is why DivX came about.
DivX is a "semi-clean room" codec written without reminents of the original microsoft codec.
from the original project page: http://www.projectmayo.com/about/faq.php
"How is OpenDivX better than DivX
Our first goal with OpenDivX was to re-write it from the ground up to prepare the code for release as open source. "
My guess is that they can sell it cheaper as a no name item since they do not have to handle:
1) Tech Support. This includes web/phone/email etc.
2) Advertising [this alone would be around %3-%5 of a machines cost AT LEAST...
3) R&D wrt design and "dell" labeled cds/manuals/etc... [they dont have to reprint the OEM manual with their own logo] and still use essentially the same parts.
4) This could also be a way to get around certain restrictive licensing agreements that Dell has... [ie: if the machine has the name "Dell" on it they may have to pay some company something to license something else.. weather its software/bios/whatever]
All the above could EASILY make a PC %20-%30 cheaper for the end user...
The thing is many of those fonts are 16 bit fonts (dont scale well) for windows 3.x truetype...
And another 1.75 (or 3.50 depending on what other services you have) for caller ID block to block the other side from seeing your caller ID.
[which btw does NOT work for "toll free" 800,888,877,866 numbers] Something about the person paying for the call has the right to block it or see who is making the call....
One bank security official once told me unofficially wrt that is that the bank does not like the fact that the source is availible. To them, this means that anyone can compile the browser and "take out" some of the features that make the browser secure. Or trojan it to make an SSL connection, get the username/password, and dump it to a text file or send it remotely.
With the older closed browsers there is supposedly a much smaller chance of that happening.
Try Opera... Some of them disallow NS6, but allow opera...
um... do they really care?
Think of DX9... and win9x....
[New games: require DX9, will NOT work on win9x]
MS solution: Upgrade to XP... Win9x no longer supported platform...
exam[le: So the original Xboxes may be known as "1.0", the current ones as "1.1"; future games may require "1.5"... so time to read the fine print....
And since nvidia drivers are binary releases only, it would be easy for them to exclude the PCI id of the card built into the xbox from working with their linux driver.. (give it a different/specific product id that is checked for and purposely not supported)
Interesting thought...
A bios extenstion that the OS can check to see if the machine is "MS approved/licenced"...
Something that the OS can check for to allow the use of the OS on that machine and thus not require activation.
Apple was able to do it with their ROM; this makes me wonder if MS is leaning towards the same path.... [they can patent the bios code that the OS checks for]... This is also interedting considering that other MB manufacturers have also been selling boards that contain a CF reader built in...
Yup... I prefer at least two of the following sources myself:
.AU from .US}
1- Web site
Problem: Sites can be easily "defaced"
2- Hard Media (CD)
Problem: Getting the physical media itself
3- Public Keyserver
Problem: hopefully the key is uploadted legitimatly first.
4- Fingerprint verifiable by someone answering the regular, publicly advertised phone system number
Problem: most receptionists dont know what PGP/GPG is.
Problem: Long distance... {calling
What I am really surprised has not happened is to have the major security signing bodies get together and sign each others keys.
That way for example if I am able to verify redhats key through one of the above methods, then if I get something signed with an "openssh" project key it would show up as valid... [remember that old "web of trust" idea]?
thing is that they are not as reliable as the good ol 1.44 drives...
plus not all BIOSes can handle them
Ah.. but once they say "it is only a theoretical vulnerability" the person that published the info can say... "Nope: here is the code"; or even better, can say in the initial publication "here is the description... and we have working code; which will be published in 14 days from now" and send the vendor the working code...
Even Microsoft has learned its lesson... {there is still space for improvement... but they are getting better in these situations]
The problem is that this gives a rise to the other question... How long to wait before making something public?
The person that made the information public knew that HP has had the information SEVERAL MONTHS before making the exploit public.
Its true that it may have been better to contact CERT first (note: HP already knew); post to bugtraq, but DESCRIBE the issue and not post the exploit... THEN once the PUBLIC description is made {and still no response from HP} [I say maybe give HP 14 working days] only then post the exploit as as done..
By doing this HP has just made sure that anyone that finds a real security flaw in their operating system will not publicise the issue. This security through obscurity has been shown to be useless... Even Microsoft now realizes this.
/CPQ machine since I have no idea if there are security problems that HP hindered from getting fixed.
If the item is not fixed when it is first found, and made public then this means that those flaws can easily stay hidden, and propagate into other subsystems in such a ay that fixing it at a later date may become impossible.
If the problem is not made public, there is a very good chance that real "black hat" underground distributers of the information may have and use the exploits. This could mean that real system admins are kept in the dark while their boxen are rooted from under them. This is because the admins are not made aware of the issues as a result of this action by HP.
As a result, I would much less be willing to use/trust a Tru64 / HP
My biggest pet peeve about USB in ANY platform is that instead of doing what they did with the mice/keyboards/audio/parallel drivers and make a standardised spec. for a serial class, they waited too long so the manufacturers had to come out with thier OWN methods to communicate with their serial devices. This made it a nightmare to try and get a serial converter recongnised in linux.
For windows, the manufacturers made some of the drivers avail for their serial converters. [but now even some of the early ones are no longer supported in XP like the enterga/xircom/intel ones and the intel based mct ones]
The problem with USB is the need for a separate driver for MANY of the common devices.
Getting everyone together to come out with UNIVERAL device specs that the manufacturers follow and an easy way to update the device IDs for the OS would greatly advance the use of USB on Linux.
um...
http://linux1394.sourceforge.net
the royalty is only in the NAME and use of the Logo, thats why in Linux its ieee1394 with a different logo...
Thats why you should use it for mp3s and software storage or maybe ISO images... (essentially stuff that can be put back on the drive quickly)
Junk?
the problem is getting the point across to the misinformed/ brainwashed masses when you try to explain to them why those devices really are NOT true raid.. "but it says so on the box"... Especially when in a specification quote you list "hardware RAID recommended" and they think that one of those cards would do the job and balk at the price of a real raid card.
What is unfortunate is that other manufacturers have caught on and use the same tactics to sell their hardware as well... like USR advertising 802.11b at 22mb when the only way to do that is using their cards with their modified software... or my current pet peeve... the PCI standard. boards that say they use PCI2.2 are NOT backwards compatible with PCI2.1; when getting a new card, check for SPECIFIC compatibiliy [ie: if it says it works in PCI2.2, then that may not necessaryily mean it would work in a PCI2.1 mb, and vice versa... but anyways... this is going a little offtopic... so to bring it back on topic.... Hard drive sizes that are reaching/exceeding the 200gb range are still doorstops that used to hold gb of data if it crashes and there are no backups..
For me, I would only use such a drive as a "live virual CD jukebox" for my frequently used ISOs...
Its not meeting someone on the inside that helps, but that they know by you being at the java/linux/perl/oracle users group that you have something like a commitment at making sure that your skills are updated. That you can work with others. That they can see your community contributions before they commit to seeing you. In short, you have already passed the "screening"...
The question is how many of those ports are shared.
Usually on a standard 2 port setup, each port gets 12mb or 480mb bandwidth.
If you plug a hub to first port, then all the ports on that hub share the bandwidth of that one motherboard port.. [so on a 2 port system, you can have one badly behaving device hog up all the bandwidth on that port; leaving little for other devices]..
If all 6 ports have individual controllers, then this WOULD be a good thing... and the more ports the easier it would be to segment your USB devices especially if you mix 1.1 and 2.0 devices... It also allows you to group your devices/hubs in such a way that sharing "Groups" between machines is easier.. [unplug groupA from main PC to connect to laptop] or [stuff connected to groupB not supported in Linux yet, so unplug port3 when booting Linux]
btw: I am a "USB power user" with close to 14 USB devices connected at once....
Or at least the EULA denies all responsability... :-)
[have you read the EULA in netscape's browser recently]?
I agree wrt ximian still needing some work...
/var/redcarpet /someotherdisksdirectory/redcarpet
/someotherdisksdirectory/redcarpet /var/redcarpet
/var/redcarpet [/var/redcarpet would be an empty dir.. then move the redcarpet dir as above and then mount /dev/hdx /var/redcarpet
but UM... here is where the power and verstile nature of the Linux file system structure comes to play. You have at least two possible options.
1-symbolic links... [first move the redcarpet dir, then link the location that the app expects to find the files to the new location]
mv
ln -s
2- Mount a bigger disk in