Noble stance. However, buying used still benefits the *AA. Every used copy you buy reduces the supply of used copies and can thus boost *AA profits on new copies--either because there are fewer used ones availible (and thus some people buy new instead), or because the used copies are more expensive and therefore new ones can also be sold at a higher price, etc.
It's basic supply/demand economics. If you want to really want to accelerate the *AA's inevitable demise, stop buying their products altogether.
Linux is actually converging to your supposedly non-existent operating system. You can:
- Run many Win32 binaries via wine - Run many DOS binaries with dosemu - Run proprietary UNIX binaries via iBCS - Run Java binaries on a mostly-working JVM - Run any PC OS with vmware, qemu, bochs - Run some PowerPC binaries in qemu
The OSS community is clearly on its way to creating what you describe. I know not all of the above work fast or perfectly; neither did mozilla 3 years ago.
Anyway, your "native" distinction is a red herring. When x86 Linux can emulate PPC MacOSX in near-real time, Apple's hardware business will probably feel some heat.
Cool. Will this full rainbow table allow for simpler decryption of Windows encrypted files?
Based on my limited Windows knowledge I believe it will: The NTLM hash is not one-to-one. However the rainbow table can (in theory) provide multiple NTLM keys, one of which is probably the original user password that will ALSO re-hash for EFS.
Seems like your LM RT is an EFS accelerant. Comments?
FYI thebroken has some basic TechTV-style coverage of LM hashes:
http://www.thebroken.org/
including the regkey that disable thems.
For all the haters: Seems like this situation is akin to the MD5-vs-DES crypt(3) dialog Debian gives you upon install--except that shadow doesn't also store the weaker DES hash when you select MD5.
For those of you still on a Microsoft platform: I've heard that L0phtcrack works wonders reversing an LM hash on modern hardware. Godspeed with your WinXP password recovery.
It's absurd to think MM must fulfill every lecture request above his ask price. What about "Quantities are limited, while supplies last"?
Michael Moore does, presumably, possess free will as an economic optimizer. If he asks $120k/lecture, it's because he believes that should be the market rate for one lecture's worth of his time.
To be a bit less subtle: Michael Moore is displaying the same capitalist strategy as Halliburton, WalMart, and all the other American megacorps. He has a monopoly on his lectures, demand is high, and so he jacked the price. I know of no human being that has so thoroughly conquered greed (ego) as to not behave in this fashion.
Corollary: If MM approves of F911 torrents it's because he thinks doing so will maximize longer term revenue. If you like, I'll justify in depth why this decision is the correct self-maximizing behavior.
And tell him to check for buffer overruns next time (num > max).
On the plus side: after he flunks out, he can go write RPC code at Microsoft.
Or, perhaps, a cell phone bluetooth stack.
[Ducks And Covers]
The Kernel Can Take a Hint
on
Is Swap Necessary?
·
· Score: 5, Informative
In the average case code and data _do_ tend to be accessed more than once. We would all be complaining a lot more if the kernel NEVER cached... remember the huge performance boost SMARTDRV made in DOS?
So, frankly, the default kernel behavior is right.
To fix the movie/updatedb/jumbo cp/etc issues see "man madvise" and check out MADV_DONTNEED. I am hoping applications will start using this syscall sooner, rather than later. The Linux VM can take a hint, and it's pretty easy to give it one.
It wouldn't hurt to get rid of bloatware, either. Mozilla Firefox may be a brilliant marketing campaign, but frankly it's not that much lighter than the full suite. And Win2K boot is unbearable compared to Linux...
Sadly the nice things about laptop drives (low power and noise level, spin-up-down life) are hard to preserve as you increase speed.
Leave port 80 open and the malware will just start to use that. Spam is a biological phenomenon, and most any action designed to kill it will merely apply a selection force to the ecosystem, stepping the arms race up another notch. Frankly, spammers aren't going away until we get some kind of cryptographically secure digital trust system that can raise the cost of sending spam, and designing such a system is a Hard Problem (which might make an interesting slashdot thread).
CAT6 is a waste of money for the vast majority of installations. Good CAT5e runs 1GE perfectly today, with 10GE already working in labs. The massive existing deployment of CAT5/CAT5e means that networking companies have a huge incentive to make future products work over it--and CAT5e is about half the cost of CAT6.
So how do you justify CAT6? How is it better than running 2 strands of CAT5e?
aespipe is a fast lightweight UNIX solution that is simpler than GPG:
http://loop-aes.sourceforge.net/aespipe/
Would be interesting to analyze it for potential problems; the included bz2aespipe script, at the very least, specifies the hashing and crypto algos in plaintext.
That's why you ship the CD with a retrieval script and let end users download the DLLs from an offshore site or P2P network. You can also copy/patch files off the Windows install; the DMCA has a provision for "interoperability" which may protect this activity (well, if Microsoft didn't own the feds).
A corporation is an amoral entity charged with maximizing the profit of its human owners. While generosity is an admirable human trait, it is not necessarily viable in a corporation. A generous corporation will be replaced by less generous corporations unless that generosity leads to profit.
In the end FOSS needs to make peace with this corporate race to the bottom, and convince the guys and gals with the purse strings that FOSS maximizes shareholder value.
When I fixed my code last week, I half assed it. I only put bounds checking on one pointer, figuring that management didn't care what network neighbors would exploit.
Seriously, motivation in commercial software is a huge problem too. As a business, Microsoft only pursues security to the extent it increases profit. The mass market has demonstrated that it will mostly tolerate insecure code and so M$ keeps churning out--you guessed it--insecure code.
With their resources, Microsoft could have every buffer overflow fixed inside of a month. But currently, the competition (open source or otherwise) isn't enough of a threat to justify that expense.
If you want Windows fixed, get your friends to install Linux.
OK let me break it down for ya. At the end of the day, slashdot is a business. See the Microsoft banner ad up there? Well, the more riled up you get by a story's counter-bias, the more posts and page loads slashdot gets. And by page loads, I mean ad impressions.
Nothing sells like scandal, and so, yes, Wu, Slashdot is trolling its own readership.
Slashdot Mirror
Noble stance. However, buying used still benefits the *AA. Every used copy you buy reduces the supply of used copies and can thus boost *AA profits on new copies--either because there are fewer used ones availible (and thus some people buy new instead), or because the used copies are more expensive and therefore new ones can also be sold at a higher price, etc.
It's basic supply/demand economics. If you want to really want to accelerate the *AA's inevitable demise, stop buying their products altogether.
But then what prevents malicious peers (**AA) from marking real files as poor quality, or fake?
You cannot "solve" the P2P trust problem any more than you can "solve" human diversity.
Linux is actually converging to your supposedly non-existent operating system. You can:
- Run many Win32 binaries via wine
- Run many DOS binaries with dosemu
- Run proprietary UNIX binaries via iBCS
- Run Java binaries on a mostly-working JVM
- Run any PC OS with vmware, qemu, bochs
- Run some PowerPC binaries in qemu
The OSS community is clearly on its way to creating what you describe. I know not all of the above work fast or perfectly; neither did mozilla 3 years ago.
Anyway, your "native" distinction is a red herring. When x86 Linux can emulate PPC MacOSX in near-real time, Apple's hardware business will probably feel some heat.
Since this virus clearly links with proprietary code, it cannot be licensed under the GPL.
I urge Windows users to migrate to a GPL kernel, where all kernel-level malware must be open source.
Sir, I am fascinated by this "flesh tone" view of sexually-marketed, techno-remixed pop music, and wish to subscribe to your newsletter.
Think about it, is there anything fundamental that Mozilla can do that Netscape 3 couldn't?
mozilla firefox 0.9 can run 3 hours under Linux without a SIGBUS. Communicator 4.79 cannot.
"Hater" is just expedient, colloquial slang.
Exactly like with your "USian", which is shorter than "Resident of The United States of America".
We're both using verbal compression, so now kindly uriniate aft.
Cool. Will this full rainbow table allow for simpler decryption of Windows encrypted files?
Based on my limited Windows knowledge I believe it will: The NTLM hash is not one-to-one. However the rainbow table can (in theory) provide multiple NTLM keys, one of which is probably the original user password that will ALSO re-hash for EFS.
Seems like your LM RT is an EFS accelerant. Comments?
FYI thebroken has some basic TechTV-style coverage of LM hashes:
http://www.thebroken.org/
including the regkey that disable thems.
For all the haters: Seems like this situation is akin to the MD5-vs-DES crypt(3) dialog Debian gives you upon install--except that shadow doesn't also store the weaker DES hash when you select MD5.
For those of you still on a Microsoft platform: I've heard that L0phtcrack works wonders reversing an LM hash on modern hardware. Godspeed with your WinXP password recovery.
It's absurd to think MM must fulfill every lecture request above his ask price. What about "Quantities are limited, while supplies last"?
Michael Moore does, presumably, possess free will as an economic optimizer. If he asks $120k/lecture, it's because he believes that should be the market rate for one lecture's worth of his time.
To be a bit less subtle: Michael Moore is displaying the same capitalist strategy as Halliburton, WalMart, and all the other American megacorps. He has a monopoly on his lectures, demand is high, and so he jacked the price. I know of no human being that has so thoroughly conquered greed (ego) as to not behave in this fashion.
Corollary: If MM approves of F911 torrents it's because he thinks doing so will maximize longer term revenue. If you like, I'll justify in depth why this decision is the correct self-maximizing behavior.
Dude... you had a dual ISDN line between California and Switzerland way back in 1994?
Which international telco now owns your eternal soul?
And tell him to check for buffer overruns next time (num > max).
On the plus side: after he flunks out, he can go write RPC code at Microsoft.
Or, perhaps, a cell phone bluetooth stack.
[Ducks And Covers]
In the average case code and data _do_ tend to be accessed more than once. We would all be complaining a lot more if the kernel NEVER cached... remember the huge performance boost SMARTDRV made in DOS?
So, frankly, the default kernel behavior is right.
To fix the movie/updatedb/jumbo cp/etc issues see "man madvise" and check out MADV_DONTNEED. I am hoping applications will start using this syscall sooner, rather than later. The Linux VM can take a hint, and it's pretty easy to give it one.
'No, I will not fix your box'?
Oh. Oh... Now I get it.
I'd work 6 months straight at that rate, then take a two year vacation...
It wouldn't hurt to get rid of bloatware, either. Mozilla Firefox may be a brilliant marketing campaign, but frankly it's not that much lighter than the full suite. And Win2K boot is unbearable compared to Linux...
Sadly the nice things about laptop drives (low power and noise level, spin-up-down life) are hard to preserve as you increase speed.
Leave port 80 open and the malware will just start to use that. Spam is a biological phenomenon, and most any action designed to kill it will merely apply a selection force to the ecosystem, stepping the arms race up another notch. Frankly, spammers aren't going away until we get some kind of cryptographically secure digital trust system that can raise the cost of sending spam, and designing such a system is a Hard Problem (which might make an interesting slashdot thread).
CAT6 is a waste of money for the vast majority of installations. Good CAT5e runs 1GE perfectly today, with 10GE already working in labs. The massive existing deployment of CAT5/CAT5e means that networking companies have a huge incentive to make future products work over it--and CAT5e is about half the cost of CAT6.
So how do you justify CAT6? How is it better than running 2 strands of CAT5e?
aespipe is a fast lightweight UNIX solution that is simpler than GPG:
http://loop-aes.sourceforge.net/aespipe/
Would be interesting to analyze it for potential problems; the included bz2aespipe script, at the very least, specifies the hashing and crypto algos in plaintext.
That's why you ship the CD with a retrieval script and let end users download the DLLs from an offshore site or P2P network. You can also copy/patch files off the Windows install; the DMCA has a provision for "interoperability" which may protect this activity (well, if Microsoft didn't own the feds).
A corporation is an amoral entity charged with maximizing the profit of its human owners. While generosity is an admirable human trait, it is not necessarily viable in a corporation. A generous corporation will be replaced by less generous corporations unless that generosity leads to profit.
In the end FOSS needs to make peace with this corporate race to the bottom, and convince the guys and gals with the purse strings that FOSS maximizes shareholder value.
When I fixed my code last week, I half assed it. I only put bounds checking on one pointer, figuring that management didn't care what network neighbors would exploit.
Seriously, motivation in commercial software is a huge problem too. As a business, Microsoft only pursues security to the extent it increases profit. The mass market has demonstrated that it will mostly tolerate insecure code and so M$ keeps churning out--you guessed it--insecure code.
With their resources, Microsoft could have every buffer overflow fixed inside of a month. But currently, the competition (open source or otherwise) isn't enough of a threat to justify that expense.
If you want Windows fixed, get your friends to install Linux.
We need government approval to think? Damn. That's worse than 198
[MESSAGE CENSORED FOR YOUR PROTECTION]
Your car will also have exactly one door.
To compensate, you will immediately retrofit two aftermarket doors, without ever doubting the genius of the stock one door design.
OK let me break it down for ya. At the end of the day, slashdot is a business. See the Microsoft banner ad up there? Well, the more riled up you get by a story's counter-bias, the more posts and page loads slashdot gets. And by page loads, I mean ad impressions.
Nothing sells like scandal, and so, yes, Wu, Slashdot is trolling its own readership.