Nothing is created or destroyed, at least I don't think we have found anything basic that is yet (matter, energy, etc). So far the universe has been pretty zero sum.
If you believe in the ``Big Bang'' model as conventionally proposed (seems that the majority of non-Physics majors do) then how do you explain the presence of `dark matter' in the Universe? It had to come from somewhere and if it didn't exist before the Universe was created then, by definition, it had to be created afterwards. (Interested readers see http://hepwww.rl.ac.uk/ukdmc/dark_matter/galactic_ dm.html)
If it had been an Open Source client you would have had the ability to make sure there *are* no backdoors.
But would you have checked for backdoors?
Open Source does not guarantee security. Open Source does not guarantee that there are no backdoors. Someone still has to look at the code to establish those issues.
Open Source only guarantees that you would have the ability to check for holes.
They rant just the same about how their way is the best way. I would even go so far as to say Ballmer is a spaz. nobody calls them zealots and don't fool yourself, they are. The only difference is they wear $1000 suits and live in $20 million dollar houses.
Are you saying that more money implies credibility? I disagree but let's assume that you're right:
Wasn't ESR part of the Red Hat IPO?
Isn't ESR on the VA board of directors?
Do you see ESR scrambling for work in the midst of the `tech slump'?
I think that if money buys credibility that ESR has it in spades. And he didn't have to start a monopoly to do so.
> No one's restricting your freedom -- you still
> have to freedom to not communicate . I mean,
> that's what I do... aside from Slashdot, that is.
> I just got tired of all the PGP, SSL, and Cocoa
> Crunchies Decoder Wheels and stopped communicating
> altogether. Problem solved.
You stopped communicating altogther, yet you posted a reply? I'm so very confused...
> Perhaps we could also use the "plus convention" to
> allow users to effectively manage their own email
> address(es). Many servers are set up so that if my
> assigned email address is fred@foo.com, then
> fred+[anystring]@foo.com is still sent to fred.
> Tell your friends to address you as
> fred+friend@foo.com, and then have your client
> sort the "+friend" messages into a friends folder.
FWIW, I use qmail so I use a minus sign as opposed to a plus but I see your point.
How about the opposite approach? Start an automated service running at foo.com . We create a dummy address dummy@foo.com . We create a whack of aliases: dummy-ebay, dummy-chapters, etc. We give each address to only company. Then we do metrics on the amount of spam inbound to each of these addresses and post results to the web.
Are we still concerned with dictionary attacks? Then we make the suffix of the dummy address something essentially random... perhaps we md5 the name of the company and use that as a key. So dummy-chapters becomes dummy-c463e91ad6440efcf637a78054a11e06 . I find it pretty hard to believe that a dictionary attack is going to hit that address any time soon.
Some of the spam protection agencies out there could set this up on anonymous domains. I can't think of any way to get more real-world testing.
BTW, if there is some service out there that does this sort of thing then please feel free to add a followup to this post. It seems like a relatively intuitive idea so I doubt that I'm the first to think of it.
> For the home user, yes, Linux on the desktop is
> a great idea. But it can't be a replacement for
> Windows on the home desktop - that's throwing
> hard work at a bad idea. Instead, the focus
> should be on hiding the user from the
> complexities of application installation, etc.
> Windows fails at that. My dad has no idea how to
> install applications, or why he would want to.
> We can't be successful if Linux on the desktop
> is as hard as Windows on the desktop.
mybox# apt-get install netscape
Installing applications doesn't seem that hard to me...
> Any definition which encompasses the SCSL,
> the NPL, and perhaps even Microsofts "Shared
> Source" must be so broad as to be practially
> meaningless.
If I may briefly paraphrase the `Open Source Definition' from opensource.org:
(1) Free redistribution
(2) Source code [always available]
(3) Derived works [distributed under same license]
(4) Integrity of The Author's Source Code (explicitly permitting distribution of modified program)
(5) No Discrimination Against Persons or Groups
(6) No Discrimination Against Fields of Endeavor
(7) Distribution of License [implied without additional licensing]
(8) License Must Not Be Specific to a Product
(9) License Must Not Contaminate Other Software (license cannot force bundled software to have same license)
I don't know that the SCSL, the NPL and the Shared Source license qualify as Open Source by the above definition.
Re:Put it in another log and forget about it.
on
Code Red III
·
· Score: 0
DISCLAIMER: I'm not suggesting that this is legal, or indeed a very good idea.
I particularly like the RedirectMatch bit. Do you have any web site out there that you don't particularly like? *cough*microsoft*cough* If you redirected all incoming/default.ida requests to another host, and enough infected IIS machines hit your web site, then you could effectively DDOS an arbitrary site.
I doubt that Code Red is keeping log files of the requests that it's sending out. Ergo, I doubt that anyone could trace the DDOS back to your box.
Again, I'm not suggesting that this is a good idea. It's just an amusing Friday idea.
Slashdot Mirror
Nothing is created or destroyed, at least I don't think we have found anything basic that is yet (matter, energy, etc). So far the universe has been pretty zero sum.
l #q1)
_ dm.html)
What about singularities (i.e. black holes)? (Interested readers see http://cosmology.berkeley.edu/Education/BHfaq.htm
or...
If you believe in the ``Big Bang'' model as conventionally proposed (seems that the majority of non-Physics majors do) then how do you explain the presence of `dark matter' in the Universe? It had to come from somewhere and if it didn't exist before the Universe was created then, by definition, it had to be created afterwards. (Interested readers see http://hepwww.rl.ac.uk/ukdmc/dark_matter/galactic
If it had been an Open Source client you would have had the ability to make sure there *are* no backdoors.
But would you have checked for backdoors?
Open Source does not guarantee security. Open Source does not guarantee that there are no backdoors. Someone still has to look at the code to establish those issues.
Open Source only guarantees that you would have the ability to check for holes.
Are you saying that more money implies credibility? I disagree but let's assume that you're right:
I think that if money buys credibility that ESR has it in spades. And he didn't have to start a monopoly to do so.
Just MHO.
> No one's restricting your freedom -- you still
> have to freedom to not communicate . I mean,
> that's what I do... aside from Slashdot, that is.
> I just got tired of all the PGP, SSL, and Cocoa
> Crunchies Decoder Wheels and stopped communicating
> altogether. Problem solved.
You stopped communicating altogther, yet you posted a reply? I'm so very confused...
> Still, it's a wonderful day indeed when *anything*
> by Tokein is nominated for an Academy Award.
The day would be more wonderful if Tolkien was getting credit instead of the plagarist Tokien
> Perhaps we could also use the "plus convention" to
> allow users to effectively manage their own email
> address(es). Many servers are set up so that if my
> assigned email address is fred@foo.com, then
> fred+[anystring]@foo.com is still sent to fred.
> Tell your friends to address you as
> fred+friend@foo.com, and then have your client
> sort the "+friend" messages into a friends folder.
FWIW, I use qmail so I use a minus sign as opposed to a plus but I see your point.
How about the opposite approach? Start an automated service running at foo.com . We create a dummy address dummy@foo.com . We create a whack of aliases: dummy-ebay, dummy-chapters, etc. We give each address to only company. Then we do metrics on the amount of spam inbound to each of these addresses and post results to the web.
Are we still concerned with dictionary attacks? Then we make the suffix of the dummy address something essentially random... perhaps we md5 the name of the company and use that as a key. So dummy-chapters becomes dummy-c463e91ad6440efcf637a78054a11e06 . I find it pretty hard to believe that a dictionary attack is going to hit that address any time soon.
Some of the spam protection agencies out there could set this up on anonymous domains. I can't think of any way to get more real-world testing.
BTW, if there is some service out there that does this sort of thing then please feel free to add a followup to this post. It seems like a relatively intuitive idea so I doubt that I'm the first to think of it.
--
-mikecarrmikecarr
> For the home user, yes, Linux on the desktop is
> a great idea. But it can't be a replacement for
> Windows on the home desktop - that's throwing
> hard work at a bad idea. Instead, the focus
> should be on hiding the user from the
> complexities of application installation, etc.
> Windows fails at that. My dad has no idea how to
> install applications, or why he would want to.
> We can't be successful if Linux on the desktop
> is as hard as Windows on the desktop.
mybox# apt-get install netscape
Installing applications doesn't seem that hard to me...
> Any definition which encompasses the SCSL,
> the NPL, and perhaps even Microsofts "Shared
> Source" must be so broad as to be practially
> meaningless.
If I may briefly paraphrase the `Open Source Definition' from opensource.org:
(1) Free redistribution
(2) Source code [always available]
(3) Derived works [distributed under same license]
(4) Integrity of The Author's Source Code (explicitly permitting distribution of modified program)
(5) No Discrimination Against Persons or Groups
(6) No Discrimination Against Fields of Endeavor
(7) Distribution of License [implied without additional licensing]
(8) License Must Not Be Specific to a Product
(9) License Must Not Contaminate Other Software (license cannot force bundled software to have same license)
I don't know that the SCSL, the NPL and the Shared Source license qualify as Open Source by the above definition.
DISCLAIMER: I'm not suggesting that this is legal, or indeed a very good idea.
/default.ida requests to another host, and enough infected IIS machines hit your web site, then you could effectively DDOS an arbitrary site.
I particularly like the RedirectMatch bit. Do you have any web site out there that you don't particularly like? *cough*microsoft*cough* If you redirected all incoming
I doubt that Code Red is keeping log files of the requests that it's sending out. Ergo, I doubt that anyone could trace the DDOS back to your box.
Again, I'm not suggesting that this is a good idea. It's just an amusing Friday idea.
was i the only one who saw ``flex'' and got confused? alas, i ``yacc'' =)
$ fortune -o
Nothing is better than sex
Masturbation is better than nothing
Therefore masturbation is better than sex