it lowers the effective security because a random guy looking for accounts can now tell which account numbers are legitimate. just scan the account space, and record which ones have a funny picture
the security phrase thing is easily bypassed with a good dictionnary
third party security is good. but given symantec's track record in that area, i'd say you're better off running windows unpatched with no third party at all than installing one of their products
not necessarily. all of the cds i've bought in the last 3 years were after hearing full songs on an internet radio (and sometimes saving the stream to disk, which i am allowed by law to do).
i was specifically addressing the OP's gripe that "if he wanted them downloaded he'd have checked the download this song" thing. he might or might not increase/decrease his revenue stream by putting a full song up for download. i have yet to see any serious research done on that. but common sense says if you dont want something to happen, don't do everything you can to make it happen.
for the record, i dont visit myspace, i dont care about the music there, and i certainly won't use this program.
but really. if you don't want your music downloadable, don't put it online. there's nothing you can do that will prevent someone downloading it. in fact, to listen to it you first have to download it.
if you want people to be able to preview your music, supply them with 30 clips of it, not whole songs. because it WILL be downloaded/constantly amazed by the sheer cluelessness of media people
cookies are a way, but you have to be careful of what you wish for.
my bank recently implemented a new "secure" login using a similar picture approach. unfortunately in doing so they have lowered the effective security of the overall system. hackers can simply guess for a valid login and know beforehand that it is valid (by being presented a picture, rather than just a generic page ). make sure this doesn't apply to your system either
just shows, there are dumb people everywhere. and no need to say, i'm in the process of switching away from ING to a bank that has real security
Shouldn't it be as easy as checking which protocol is being used before sending a request?
in short, no. unless your system supports ipv6 but has no ipv6 address allocated (like most of the vista installs i'd say)
dns is what will tell you what you should speak to the remote system. but as others pointed out, this FUD is just that, FUD. dns requests are small enough to not impact the servers much
a valid, but incomplete point. i'd say the worst-case is inverted.
what if you're convicted (unjustly) today of murder, and in 25 years they need to revisit the case in light of new evidence. they might want to access the old one to reach a new (favorable hopefully) judgment.
it's a tradeoff, but the actual impact on bandwidth is negligible (my bittorrent addicted friend can't tell the difference)
and grandma foobar won't feel her favorite recipe site is slow and won't notice the difference between dsl and cable. she's most likely used to dialup anyway.
as for reasonable default. bell canada seems to be disabling interleaving on all new installs.
if you're getting lag on a DSL connection, try asking the carrier to disable interleaving on the line. that usually take care of the issue. they usually enable it by default to speed up downloads, at the expense of interactive traffic (ssh, games, etc..). the latency goes down from 120-140ms to 15-30ms
you WILL have to go through a higher level of tech support. most level 1 folks just look at you blank eye when you utter "interleaving":)
you do realize that ulimit (at least in linux) is per session right? protecting against one fork bomb is easy, protecting against one user running a forkbomb in X different terminals (where X is the number required to exceed the limit) is an entirely different job
and what do you set the limit at when the server's sole job is running apache? same as the server's memory? turning off (or seriously reducing) the swap does roughly the same thing and it protects you from all the potential (ab)users.
if i've missed something, feel free to correct me.
there was no OOM message, it was swapping, not killing the processes. the cpu was NOT idle. and we did have "remote" debugging, but it doesnt help much when the server isn't responding (that means, the debugging tools aren't running either). see my other post about ulimit. i'll take a look at iostat though
the problem wasn't one process consuming it all, the problem was one script being run 200 times, staying in memory (mod_perl script) and leaking over the 200-300 requests it processes over time (limiting each scripts to 100 requests before being killed limited the problem somewhat, but it still happened)
to be fair, i did try to mess with ulimit, but it's a bit retarded in itself and it didnt work properly
a few years ago, we had a customer with multiple colocated servers complaining that sometimes they crashed for no apparent reasons. after much debugging, we figured out one of their script was leaking memory. eventually consuming all ram (2.5G) + all swap (1-2g).
now the real problem is this. those were LIVE processes so the system was constantly paging back and forth, using 90%-95% cpu just to swap the damned things in and out and starving the actual processes. linux 2.4, linux 2.6 (early 2.6). same deal. amazingly, the distro made a difference, redhat was pure hell, debian slightly better (though still not acceptable) freebsd was much smarter, it just killed the offending processes.it sure wasn't ideal, but at least the server was still serving its clients
to this day, i never put more than 256m as swap even on servers with 4G of ram. that's where we had the least problems.
you might want to check the wiring on those sockets. though it's possible they were defective (bad batches do happen i guess..), i'd be surprised if that was the only reason. i honestly never saw one of these burn, and we've had a few in the house for years
not bashing on you. just clearing up a point. most of yours are perfectly valid, however i like to apply the "right tool for the right job" mantra.
at my place i've replaced most of the bulbs with CFLs (6 pack for 15$CAN. 2.50$ vs 0.30$) but i've kept some where i value the quality of the lighnting. or even sometimes mix a regular bulb with a cfl in the same fixture (for those multi bulbs ones). the "color" stays roughly the same, and i still reap some electricity savings
in the living room i have two independant lights, one is cfl and one standard. placed differently for the efficient lighting of the various activies.
again, right tool for the right job. pick the one most appropriate for the job it's doing
Re:Great idea
on
30 Days of DRM
·
· Score: 2, Informative
that's wrong. canada does have a fair use. it's called "fair dealing"
Slashdot Mirror
more like,
all your certs are belong to me
that's not even remotely funny. in fact, all the french jokes stopped being funny 2-3 years ago
really, get over it.
it lowers the effective security because a random guy looking for accounts can now tell which account numbers are legitimate. just scan the account space, and record which ones have a funny picture
the security phrase thing is easily bypassed with a good dictionnary
third party security is good. but given symantec's track record in that area, i'd say you're better off running windows unpatched with no third party at all than installing one of their products
a couple of days, then it usually crash/get so slow it's unuseable and i have to restart it
proxies are going to wreak havoc on this scheme :)
still a nice trick though
not necessarily. all of the cds i've bought in the last 3 years were after hearing full songs on an internet radio (and sometimes saving the stream to disk, which i am allowed by law to do).
i was specifically addressing the OP's gripe that "if he wanted them downloaded he'd have checked the download this song" thing. he might or might not increase/decrease his revenue stream by putting a full song up for download. i have yet to see any serious research done on that. but common sense says if you dont want something to happen, don't do everything you can to make it happen.
for the record, i dont visit myspace, i dont care about the music there, and i certainly won't use this program.
/constantly amazed by the sheer cluelessness of media people
but really. if you don't want your music downloadable, don't put it online. there's nothing you can do that will prevent someone downloading it. in fact, to listen to it you first have to download it.
if you want people to be able to preview your music, supply them with 30 clips of it, not whole songs. because it WILL be downloaded
cookies are a way, but you have to be careful of what you wish for.
my bank recently implemented a new "secure" login using a similar picture approach. unfortunately in doing so they have lowered the effective security of the overall system. hackers can simply guess for a valid login and know beforehand that it is valid (by being presented a picture, rather than just a generic page ). make sure this doesn't apply to your system either
just shows, there are dumb people everywhere. and no need to say, i'm in the process of switching away from ING to a bank that has real security
Shouldn't it be as easy as checking which protocol is being used before sending a request?
in short, no. unless your system supports ipv6 but has no ipv6 address allocated (like most of the vista installs i'd say)
dns is what will tell you what you should speak to the remote system. but as others pointed out, this FUD is just that, FUD. dns requests are small enough to not impact the servers much
a valid, but incomplete point. i'd say the worst-case is inverted.
what if you're convicted (unjustly) today of murder, and in 25 years they need to revisit the case in light of new evidence. they might want to access the old one to reach a new (favorable hopefully) judgment.
the register is for funny news, just like fark, digg and slashdot. just take everything they write with a grain of salt and loosen up a bit
woa i remember playing the demo of that game back when i was young and dumb. ah the memories!
it's a tradeoff, but the actual impact on bandwidth is negligible (my bittorrent addicted friend can't tell the difference)
and grandma foobar won't feel her favorite recipe site is slow and won't notice the difference between dsl and cable. she's most likely used to dialup anyway.
as for reasonable default. bell canada seems to be disabling interleaving on all new installs.
if you're getting lag on a DSL connection, try asking the carrier to disable interleaving on the line. that usually take care of the issue. they usually enable it by default to speed up downloads, at the expense of interactive traffic (ssh, games, etc..). the latency goes down from 120-140ms to 15-30ms
:)
you WILL have to go through a higher level of tech support. most level 1 folks just look at you blank eye when you utter "interleaving"
you do realize that ulimit (at least in linux) is per session right? protecting against one fork bomb is easy, protecting against one user running a forkbomb in X different terminals (where X is the number required to exceed the limit) is an entirely different job
and what do you set the limit at when the server's sole job is running apache? same as the server's memory? turning off (or seriously reducing) the swap does roughly the same thing and it protects you from all the potential (ab)users.
if i've missed something, feel free to correct me.
there was no OOM message, it was swapping, not killing the processes. the cpu was NOT idle. and we did have "remote" debugging, but it doesnt help much when the server isn't responding (that means, the debugging tools aren't running either). see my other post about ulimit. i'll take a look at iostat though
the problem wasn't one process consuming it all, the problem was one script being run 200 times, staying in memory (mod_perl script) and leaking over the 200-300 requests it processes over time (limiting each scripts to 100 requests before being killed limited the problem somewhat, but it still happened)
to be fair, i did try to mess with ulimit, but it's a bit retarded in itself and it didnt work properly
all this swapping talk is giving me nightmares.
a few years ago, we had a customer with multiple colocated servers complaining that sometimes they crashed for no apparent reasons.
after much debugging, we figured out one of their script was leaking memory. eventually consuming all ram (2.5G) + all swap (1-2g).
now the real problem is this. those were LIVE processes so the system was constantly paging back and forth, using 90%-95% cpu just to swap the damned things in and out and starving the actual processes.
linux 2.4, linux 2.6 (early 2.6). same deal. amazingly, the distro made a difference, redhat was pure hell, debian slightly better (though still not acceptable)
freebsd was much smarter, it just killed the offending processes.it sure wasn't ideal, but at least the server was still serving its clients
to this day, i never put more than 256m as swap even on servers with 4G of ram. that's where we had the least problems.
you might want to check the wiring on those sockets. though it's possible they were defective (bad batches do happen i guess..), i'd be surprised if that was the only reason. i honestly never saw one of these burn, and we've had a few in the house for years
not bashing on you. just clearing up a point.
most of yours are perfectly valid, however i like to apply the "right tool for the right job" mantra.
at my place i've replaced most of the bulbs with CFLs (6 pack for 15$CAN. 2.50$ vs 0.30$) but i've kept some where i value the quality of the lighnting. or even sometimes mix a regular bulb with a cfl in the same fixture (for those multi bulbs ones). the "color" stays roughly the same, and i still reap some electricity savings
in the living room i have two independant lights, one is cfl and one standard. placed differently for the efficient lighting of the various activies.
again, right tool for the right job. pick the one most appropriate for the job it's doing
that's wrong. canada does have a fair use. it's called "fair dealing"
d _protect-e.html#6
http://strategis.ic.gc.ca/sc_mrksv/cipo/cp/copy_g
that line made my day :) absolutely *rummages for a new keyboard*
Four legs good! Two legs bad!
depends on which game you play and on the phase of the moon (sometimes it does, sometimes it doesn't)