First, 1.3, 2.0. and 2.1 were all vulnerable to some parts of this security issue.
Second, it is not a major security issue for most users.
It can only be useful if you are running mod_proxy. And even then, it just allows unfiltered requests to the backend. Most people don't even use mod_proxy. If you do, this could have bad implications, but someone still needs to eploit your backend server. It doesn't give anyone a shell or anything like that.
2.1.6-alpha was released with a fix. 2.0.55 should be coming out very shortly.
Ubi didnt kill live because of lack of interest. there was a HUGE interest going on.
It is a simple case of economics. If there aren't X number of customers Cyan couldn't cover the burn rate of Y. If you aren't making enough money, isn't it better to change early, instead of going [url=http://www.enron.com/]bankrupt[/url]?
PC Gamer was highly impressed with it. the real reason it was killed was most likely because the morons who coded the network side of the game couldnt hack it.
Anyone who played it new that the netcode was POORLY written.
I am afraid you should stop speaking out of your ass now. If you looked at the auctual use of in-game bandwidth, URU uses signifigantly less than most common First Person Shooters. I should know, I wrote an Ethereal plugin while I worked at Cyan. This plugin would disect our own protcol. We closely examined every byte that is sent over the network.
The True cause of the lag lies mostly with the Client. Improvements to this were being made. But since the online part of URU has been stopped, they will never see the light of day.
URU Might of come before its time, and I am deeply saddened to see a project I worked on go down this path.
Ferite is a scripting language and engine all in one managable chunk. It is designed to be easily extended in terms of API, and to be used within other applications making them more configurable and useful to the end user. It has a syntax similiar to a number of other langauges but remains clean and it's own language.
I love that it was designed from the Start to be Thread Safe and Embeded, unlike PHP or Python.
Part of your comparision falls completely flat, we have been building bridges for thousands of years, while software engineering is at best 50 years old.
We have many extra Windows XP machines around here, which idle around most of the time.
We needed some machines for running stress testing against our network servers, but we didn't have enough horse power to run a pure linux based clustering/distributed stress client.
I looked around abit, like you, and found there wasn't much.
Because of this I have written some hackish python code that basicly creates a cross platform distributed and self-updating cluster.
We use it to run our cross platform stress test application across many machines, without forcing these machines to be formated to linux.. etc.
I plan on releasing these scripts as open source sometime soon.
Look for them on Freshmeat and http://open.cyanworlds.com
Cyan also runs a in character site. Its called the DRC, and without getting into too much detal, the DRC is an organization from within the Uru Story. There are more screen shots and even music that you can get from DRC Site.
There are many cool community sites, including MystCommunity. Cyan even releases some Open Source software from this website.
Looking at the screen shots this could be one of the most visualy inspiring games in a long time. If they can pull off this Hybrid MMOG way to gamming(you did RTFA didn't you?) it will be very cool.
There have been quite a few articles on Uru recently, to find most of them, just do a search on Google News
I Think Sun are really a huge problem I Think Garbage Collections are too much on my mind I Think dumps have got a lot to do with why the world sucks But what can you do?
Like a red rain, beating down on me Like a Linus line, which won't let go of my brain Like C#'s ass, it is in my head Blame it on java Blame it on java Blame it on java
I Think slows are gonna drive us all crazy And write once, run anywheres make me feel like a child I Think crapyness will eventually be the downfall of civilization But what can you do? I said what can you do?
Like a red rain, beating down on me Like a Linus line, which won't let go of my brain Like C#'s ass, it is in my head Blame it on java Blame it on java Blame it on java
Like a red rain, beating down on me Like C#'s smile, cruel and cold Like Linus's ass, it is in my head Blame it on java Blame it on java Blame it on java
Or you can use this..... echo END "built for the web?" END;
personaly I find it much better that screwing with " '
Re:I want one of those Shuttle mini pcs for this
on
Fragfest
·
· Score: 1
my friend has one of them. he just laughs at me when I bring my full size case..etc. to LAN parties. They realy are awsome.
Just be carefull if you try to mod out the power supply by dropping the fan speed to make it run silent. He had to get a new Power Supply last week cus he screwed it up. Of course he has the Intel / PCI one, and put a GeForce2 64 MB in there with a Tualton Pentium III @ 1200 mhz... (he can overclock to 1400Mhz no problem too)plently fast for every game out there:-)
Release Notes for /.
on
Gnome 2.0 RC1
·
· Score: 1, Redundant
The GNOME 2.0 Desktop Release Candidate 1, "Fever Pitch", is ready for your bug-busting and testing pleasure! It is available for immediate download here:
The GNOME 2.0 Desktop is a greatly improved user environment for existing GNOME applications. Enhancements include anti-aliased text and first class internationalisation support, new accessibility features for disabled users, and many improvements throughout GNOME's highly regarded user interface.
Progress
The following tarballs have been updated since last week's snapshot release:
Binary packages and build scripts have been contributed to make installation and testing of the GNOME 2.0 Desktop simpler.
Debian:
The following sources.list line will allow you to install the latest
experimental packages. Please see the debian-gtk-gnome list for more
information about these releases.
deb ftp://ftp.debian.org/debian../project/experimenta l main
GARNOME: http://www.gnome.org/~jdub/garnome/
GARNOME downloads and builds from released tarballs. It includes a
number of ported applications and utilities, and is designed to be a
distribution of GNOME rather than an updater.
jhbuild builds directly from CVS, and includes required developer tools.
It handles dependencies and errors gracefully, to minimise build time
and frustration.
v-b-s builds directly from CVS, and includes required developer tools
such as autoconf, gettext, etc.
Ximian Red Carpet Snapshots: (See the GMOME2 Snapshots Channel in Red Carpet.)
Binary packages for Red Hat 7.2 and 7.3 are available from Ximian's Red
Carpet. These are built nightly from CVS snapshots.
Build Requirements
- The tarballs included in the release.:-)
- Some very basic packages not distributed with this release, such as
image libraries, popt and freetype. These should all be included with or
available for your distribution.
- Python 2 with expat xml modules for libglade (some modules still require
the libglade-convert script, however we do plan to ship glade2 files).
- Docbook DTD 4.1.2, Docbook XSL stylesheets and a valid system catalogue
file for scrollkeeper (which in turn is required by many desktop
components for documentation).
- You need recent GNOME 1.4 developer platform packages if you plan to
install the GNOME 2.0 platform libraries alongside 1.4.
A dependency graph for the developer platform and desktop release is available on the dot.plan website:
http://developer.gnome.org/dotplan/notes/
Testers
If you have incredible talents at breaking GNOME, perhaps even to rival Telsa's infamous path of destruction (and excellent bug reporting of said path), this release is made for you!
When reporting bugs, use http://bugzilla.gnome.org/ or bug-buddy. Make sure you choose the correct version number, as reports against particular versions are easier to triage reports against unspecified releases.
Before submitting a bug report, try running the software from your terminal to see if it provides extra information, and please make sure that you build everything with full debugging support.
Bug Squad
Whether you're testing GNOME 2.0 or not, you can still help out with the bug busting efforts by triaging and tracking bugs in bugzilla. Join the bugsquad mailing list, and hang out on #bugs (on irc.gnome.org) to get involved - Thursday is always bug-busting day!
For help with bugzilla accounts, email bugmaster@gnome.org.
Distributors
This release is not intended for inclusion in distributions. However, binary packages for bleeding edge testers on your platform are very welcome. Please email the release team if you have built packages for your platform.
Hackers
When reporting bugs is simply not enough, and you'd prefer to make your own (or, indeed, fix the ones you find), this release is also made for you! Have a look through bugzilla or the TODO file included with many modules, and make sure to send your patches to the maintainers via the appropriate mailing list, or bugzilla.
yes but what if the big bad tax man says they need to pay more money, or little 7 year old grows up and needs money for his nice New England Private School? hmmm.. thats what I thought, its called a cash cow for later. one of those jsut in case things... mmmmkay?
So, exuberantly costumed demonstrations aside, globalism is not about to evaporate or even weaken, not any time soon. Quite the opposite: nation-states and their constituents now have to choose between globalism (and its attendant prosperity) or religious fanaticism.
And just as you imply the poorer the Muslim countries are a religious fanaticism, I would say the richer Western Countries of Mostly Judo Christian population are equaly Religious fanatics.
Its not about a model of economics, everything in this world is coming back to organized religon, before you know it, like it or dislike it, just look at the middle east, it will be like the Crusades of the Middle ages of a perdominantly Christian Vs. Muslim war.
Globalism hasn't changed the context of our global society, it has just allowed us to come to the same repeating conflicts faster than we otherwise would have.
I think what people are losing site of here is the options you are provided with in OpenSource. While on a Windows platform there are relitivly few companies that make server software(ie FTPd, http), while on the OpenSource Platforms there are many more choices.
How many people would run WuFTPD on a production box while there are other options around like Pure-FTPD or ProFTPD?
But for windows for example there are relitivly few closed source HTTP Servers. Namely IIS, while on the open source side there is everything from Apache to Abyss.
So what this brings me to, another point of Open Source Software, because there are many *options* in a production enviroment for the choice in software, the only costs of changing to a product that is more secure is the time to install it. While in closed source to get Microsofts newsest and most secure IIS 6+++ bundeld with Windows ZP 2003, you will have to shell out a few grand. Thats where security matters in the end, how much money does it cost you in a production enviroment. We are a bunch of capitalists at heart you know:-)
Slashdot Mirror
First, 1.3, 2.0. and 2.1 were all vulnerable to some parts of this security issue.
Second, it is not a major security issue for most users.
It can only be useful if you are running mod_proxy. And even then, it just allows unfiltered requests to the backend. Most people don't even use mod_proxy. If you do, this could have bad implications, but someone still needs to eploit your backend server. It doesn't give anyone a shell or anything like that.
2.1.6-alpha was released with a fix. 2.0.55 should be coming out very shortly.
No, infact, mod_python is only actively developed for Apache 2.0. They don't even support the version for 1.3 anymore.
uhm. This was fixed in our Subversion Trunk last week
No one uses Apache 2 in production. I guess all those sites don't have a clue about security.
FUD.
h tml
mod_defalte does GZIP encoding, and comes with the Apache 2.0 core:
http://httpd.apache.org/docs-2.0/mod/mod_deflate.
k3b works great for burning DVDs.
I have a 12" w/ AirPort Extreme and it works Great with KisMAC. I was just out war driving tonight and found 504 nodes :D
Check out:
http://www.freebsd.org/java/install.html
Short Version:
It has been available for quite some time. I don't know what you are thinking, but its very easy to get a native Java on FreeBSD...A patch I wrote for the CVS versions of Apache/APR to Add KQueue support has been added to the FreeBSD Port version of Apache.
Just make the port with "WITH_EXPERIMENTAL_PATCHES=1" and you can get a 10-25% boost in performance. (depends on your traffic patterns..)
Its a quick way to get more performance out of Apache on FreeBSD, without waiting for the 5-STABLE branch.
-Paul Querna
Which FTP server for Apache are you using?
mod_ftpd works great as an FTP server for Apache..
http://force-elite.com/ms-hacked/default.htm
http://www.microsoft.com/mspress/uk/default.htm
:) ?
Says "Owned by OutLaw Group"....
Anyone want to get a mirror up before microsoft fixes it
It is a simple case of economics. If there aren't X number of customers Cyan couldn't cover the burn rate of Y. If you aren't making enough money, isn't it better to change early, instead of going [url=http://www.enron.com/]bankrupt[/url]?
That makes me a moron?
I am afraid you should stop speaking out of your ass now. If you looked at the auctual use of in-game bandwidth, URU uses signifigantly less than most common First Person Shooters. I should know, I wrote an Ethereal plugin while I worked at Cyan. This plugin would disect our own protcol. We closely examined every byte that is sent over the network.
The True cause of the lag lies mostly with the Client. Improvements to this were being made. But since the online part of URU has been stopped, they will never see the light of day.
URU Might of come before its time, and I am deeply saddened to see a project I worked on go down this path.
-Paul Querna
Ferite is a scripting language and engine all in one managable chunk. It is designed to be easily extended in terms of API, and to be used within other applications making them more configurable and useful to the end user. It has a syntax similiar to a number of other langauges but remains clean and it's own language.
I love that it was designed from the Start to be Thread Safe and Embeded, unlike PHP or Python.
You mean bridges don't collaspe?
What about the Tacoma Narrow Bridge?
Part of your comparision falls completely flat, we have been building bridges for thousands of years, while software engineering is at best 50 years old.
We have many extra Windows XP machines around here, which idle around most of the time.
We needed some machines for running stress testing against our network servers, but we didn't have enough horse power to run a pure linux based clustering/distributed stress client.
I looked around abit, like you, and found there wasn't much.
Because of this I have written some hackish python code that basicly creates a cross platform distributed and self-updating cluster.
We use it to run our cross platform stress test application across many machines, without forcing these machines to be formated to linux.. etc.
I plan on releasing these scripts as open source sometime soon.
Look for them on Freshmeat and http://open.cyanworlds.com
-chip
If you notice, Cyan is releasing some of their software as Open Source.
They also run all their servers on Linux.
Wow. They are such Microsoft Whores.
Stop trolling and get a life.
The Official Uru Website also has Wallpapers. On the UbiSoft E3 website there is a cool Trailer![2nd game down]
Cyan also runs a in character site. Its called the DRC, and without getting into too much detal, the DRC is an organization from within the Uru Story. There are more screen shots and even music that you can get from DRC Site.
There are many cool community sites, including MystCommunity. Cyan even releases some Open Source software from this website.
Looking at the screen shots this could be one of the most visualy inspiring games in a long time. If they can pull off this Hybrid MMOG way to gamming(you did RTFA didn't you?) it will be very cool.
There have been quite a few articles on Uru recently, to find most of them, just do a search on Google News
I Think Sun are really a huge problem
I Think Garbage Collections are too much on my mind
I Think dumps have got a lot to do with why the world sucks
But what can you do?
Like a red rain, beating down on me
Like a Linus line, which won't let go of my brain
Like C#'s ass, it is in my head
Blame it on java
Blame it on java
Blame it on java
I Think slows are gonna drive us all crazy
And write once, run anywheres make me feel like a child
I Think crapyness will eventually be the downfall of civilization
But what can you do? I said what can you do?
Like a red rain, beating down on me
Like a Linus line, which won't let go of my brain
Like C#'s ass, it is in my head
Blame it on java
Blame it on java
Blame it on java
Like a red rain, beating down on me
Like C#'s smile, cruel and cold
Like Linus's ass, it is in my head
Blame it on java
Blame it on java
Blame it on java
Or you can use this.....
echo END
"built for the web?"
END;
personaly I find it much better that screwing with " '
my friend has one of them. he just laughs at me when I bring my full size case..etc. to LAN parties. They realy are awsome.
... (he can overclock to 1400Mhz no problem too)plently fast for every game out there :-)
Just be carefull if you try to mod out the power supply by dropping the fan speed to make it run silent. He had to get a new Power Supply last week cus he screwed it up. Of course he has the Intel / PCI one, and put a GeForce2 64 MB in there with a Tualton Pentium III @ 1200 mhz
GNOME 2.0 Desktop Release Candidate 1: "Fever Pitch"
s / nome-2.0-desktop-rc1/
../project/experimenta l main
i pts/README
:-)
q uad/
The GNOME 2.0 Desktop Release Candidate 1, "Fever Pitch", is ready for your
bug-busting and testing pleasure! It is available for immediate download
here:
http://ftp.gnome.org/pub/GNOME/pre-gnome2/release
The GNOME 2.0 Desktop is a greatly improved user environment for existing
GNOME applications. Enhancements include anti-aliased text and first class
internationalisation support, new accessibility features for disabled users,
and many improvements throughout GNOME's highly regarded user interface.
Progress
The following tarballs have been updated since last week's snapshot release:
at-spi, eel, eog, esound, gail, GConf, gdm, gedit2, gnome-applets,
gnome-desktop, gnome-games, gnome-media, gnome-mime-data, gnome-panel,
gnome-session, gnome-system-monitor, gnome-terminal, gnome-utils,
gnome-vfs, libgail-gnome, libgnome, libgnomecanvas, libgnomeui, libgtop,
librep, libwnck, libzvt, nautilus, rep-gtk, sawfish, yelp
Testing the GNOME 2.0 Desktop
Binary packages and build scripts have been contributed to make installation
and testing of the GNOME 2.0 Desktop simpler.
Debian:
The following sources.list line will allow you to install the latest
experimental packages. Please see the debian-gtk-gnome list for more
information about these releases.
deb ftp://ftp.debian.org/debian
GARNOME: http://www.gnome.org/~jdub/garnome/
GARNOME downloads and builds from released tarballs. It includes a
number of ported applications and utilities, and is designed to be a
distribution of GNOME rather than an updater.
jhbuild: http://cvs.gnome.org/lxr/source/jhbuild/README
jhbuild builds directly from CVS, and includes required developer tools.
It handles dependencies and errors gracefully, to minimise build time
and frustration.
vicious-build-scripts: http://cvs.gnome.org/lxr/source/vicious-build-scr
v-b-s builds directly from CVS, and includes required developer tools
such as autoconf, gettext, etc.
Ximian Red Carpet Snapshots: (See the GMOME2 Snapshots Channel in Red Carpet.)
Binary packages for Red Hat 7.2 and 7.3 are available from Ximian's Red
Carpet. These are built nightly from CVS snapshots.
Build Requirements
- The tarballs included in the release.
- Some very basic packages not distributed with this release, such as
image libraries, popt and freetype. These should all be included with or
available for your distribution.
- Python 2 with expat xml modules for libglade (some modules still require
the libglade-convert script, however we do plan to ship glade2 files).
- Docbook DTD 4.1.2, Docbook XSL stylesheets and a valid system catalogue
file for scrollkeeper (which in turn is required by many desktop
components for documentation).
- You need recent GNOME 1.4 developer platform packages if you plan to
install the GNOME 2.0 platform libraries alongside 1.4.
A dependency graph for the developer platform and desktop release is
available on the dot.plan website:
http://developer.gnome.org/dotplan/notes/
Testers
If you have incredible talents at breaking GNOME, perhaps even to rival
Telsa's infamous path of destruction (and excellent bug reporting of said
path), this release is made for you!
When reporting bugs, use http://bugzilla.gnome.org/ or bug-buddy. Make sure
you choose the correct version number, as reports against particular
versions are easier to triage reports against unspecified releases.
Before submitting a bug report, try running the software from your terminal
to see if it provides extra information, and please make sure that you build
everything with full debugging support.
Bug Squad
Whether you're testing GNOME 2.0 or not, you can still help out with the bug
busting efforts by triaging and tracking bugs in bugzilla. Join the bugsquad
mailing list, and hang out on #bugs (on irc.gnome.org) to get involved -
Thursday is always bug-busting day!
http://mail.gnome.org/mailman/listinfo/gnome-bugs
For help with bugzilla accounts, email bugmaster@gnome.org.
Distributors
This release is not intended for inclusion in distributions. However, binary
packages for bleeding edge testers on your platform are very welcome. Please
email the release team if you have built
packages for your platform.
Hackers
When reporting bugs is simply not enough, and you'd prefer to make your own
(or, indeed, fix the ones you find), this release is also made for you!
Have a look through bugzilla or the TODO file included with many modules,
and make sure to send your patches to the maintainers via the appropriate
mailing list, or bugzilla.
Happy testing!
- The GNOME 2.0 Release Team
yes but what if the big bad tax man says they need to pay more money, or little 7 year old grows up and needs money for his nice New England Private School? hmmm.. thats what I thought, its called a cash cow for later. one of those jsut in case things... mmmmkay?
So, exuberantly costumed demonstrations aside, globalism is not about to evaporate or even weaken, not any time soon. Quite the opposite: nation-states and their constituents now have to choose between globalism (and its attendant prosperity) or religious fanaticism.
And just as you imply the poorer the Muslim countries are a religious fanaticism, I would say the richer Western Countries of Mostly Judo Christian population are equaly Religious fanatics.
Its not about a model of economics, everything in this world is coming back to organized religon, before you know it, like it or dislike it, just look at the middle east, it will be like the Crusades of the Middle ages of a perdominantly Christian Vs. Muslim war.
Globalism hasn't changed the context of our global society, it has just allowed us to come to the same repeating conflicts faster than we otherwise would have.
I think what people are losing site of here is the options you are provided with in OpenSource. While on a Windows platform there are relitivly few companies that make server software(ie FTPd, http), while on the OpenSource Platforms there are many more choices.
:-)
How many people would run WuFTPD on a production box while there are other options around like Pure-FTPD or ProFTPD?
But for windows for example there are relitivly few closed source HTTP Servers. Namely IIS, while on the open source side there is everything from Apache to Abyss.
So what this brings me to, another point of Open Source Software, because there are many *options* in a production enviroment for the choice in software, the only costs of changing to a product that is more secure is the time to install it. While in closed source to get Microsofts newsest and most secure IIS 6+++ bundeld with Windows ZP 2003, you will have to shell out a few grand. Thats where security matters in the end, how much money does it cost you in a production enviroment. We are a bunch of capitalists at heart you know