Very true. And you've just given me an interesting, though probably not very original, idea (but hey, people patent those too). What is to stop those who dislike the patenting of fairly obvious software processes from doing just this?
Well, a handling fee, I suppose. Anyone know how much that is?
Not quite. Each spammer is required to provide (quite specific) ways for you to be able to opt out, and to stop sending you stuff if you do opt out. However, there is also going to be a Do-Not-Spam List that you can subscribe to which will allow you to opt out of all spam.
Of course, this is all academic anyway, judging by the small percentage of spam I get that actually comes from places that will be bound by this law, and I don't see even our current administration starting a war or something over spam:).
Reading the linked text of the law (yeah, I know, I know...) it looks like a "Do-Not-Spam List" will be created before July 1, 2004, similar to the national Do-Not-Call List. So you should only have to opt-out once.
I read over most of this law, and there doesn't seem to be anything unreasonable in it. Certainly nothing the DMA would want, does anyone have any proof of the claim that they drafted it?
'A basic install of Solaris is bereft of all the great free utilities and dev tools, so it takes an extra day of installing stuff to make it useful.'
This may have been true with Solaris 2.6, but many of the GNU tools have been included since Solaris 7.
I'd be happy with GCC at least. Still not in Solaris 8, haven't used 9 yet, is it there?
Again, replacing the userland Sun tools is as easy as installing either the included GNU tools, or setting up the install to include the sunfreeware versions of the tools.
I know about this stuff. I just have a pipe-dream of Sun including this stuff in the default install and eliminating their old utilities.
I also know about Jumpstart (it doesn't make any sense for me anymore, I only have one Sun server left). The bloat issue is really another pipe-dream of mine. I want Sun to make it easier to have a minimalist system without installing things I don't want in the first place.
These things are actually all just gripes. None of them are impossible, or even difficult, to work around, it's just something I'm picky about.
The SunOS kernel and base libraries (libc, threading, stuff like that) are very good. The patching system is very good, but you do have to patch it a lot. I don't like:
I've been spoiled by Linux/BSD. A basic install of Solaris is bereft of all the great free utilities and dev tools, so it takes an extra day of installing stuff to make it useful.
A lot of the basic userland stuff is ridiculously out of date. I guess that's what happens when you fork an ancient version of BSD Unix and fall behind the development curve on some stuff.
I'm a minimalist when it comes to servers. Solaris is just too damn bloated for me. I want finer-grained control over what I choose to install. Example: Yes, the Sun NFS server is top-quality. No, I don't want it on all my machines.
YMMV, but there must be some reason why Linux is eating away at Sun's market share, and it can't be all based on price. Companies usually still feel better about paying too much for this stuff...
Well, one last reply to this thread, then I'm done...
Okay. Well, I would say either the meter isn't displaying the correct current usage, or you are a special case... Which is totally possible. Computers do tend to use less current when idle, but 40 watts seems low considering a laptop battery holds up to 6 AH at 6 volts (that's a life of 1 hour at 36 watts draw). I sorta doubt a desktop machine uses the same power as a laptop, but anything is possible!:-)
Hmm. I dug up my old beginning EE textbook from college, and looked up some stuff. You, and a couple of other posters, are correct. Watts remain constant, amps vary. I was incorrectly assuming constant amps.
Assuming my earlier test to be inaccurate, I decided to do some more (Thanks to the techs at work for humoring my curiosity and letting me play with their machines and spare parts!). I got two more multimeters from different manufacturers (in case one was inaccurate) and tested a few machines:
Individual server from the earlier test: 0.4 amps. (Note: Differences between the two multimeters were negligible.)
Another server in the rack: 0.3 amps. (I tested all of them in the end (see why below), they were all in the same general range as these two.)
An average desktop (Athlon XP 2000+, 512 RAM 80GB HDD, GeForce 4, DVD, CDRW): 0.3 amps.
My laptop (Dell Latitude D600). Didn't register on two meters, hit 0.1 amps briefly on another. (I wish I had a meter with better than 0.1 resolution). Note here that the battery was fully charged at the time, so the power supply may have been idle (take this with a grain of salt, I don't know how this really works).
I messed about with the Athlon a bit more, as I was interested by someone's earlier comment that they can dissipate 80 watts, and the machine was only using 36 watts. Someone else had a theory that an Athlon would blow a 200 watt power supply. For a quick test, I swapped the 350 watt supply in the machine for a 120 watt supply from the spare parts bin. The machine worked fine, still registered 0.3 amps, but got a little warmer as the fan in the smaller supply didn't move as much air (still reasonably safe temperatures though).
I did note that if all my servers were in the same range as the first two, the total draw would be more than my initial test showed. I tested the rest of the servers. The total on those added up to 7 amps even. The clamp meter on the mains still shows less. I chalk it up to inaccuracy of the clamp meter, although it served its intended purpose fine, which was to tell me that I could add ten more machines to the 40 amp circuit without any problem. I don't have another clamp style meter to test this theory any further.
Conclusions? Nothing solid. I learned some EE stuff I had forgotten from college. I don't think computers use nearly as much power as is generally thought (can't say conclusively, I could have a lot of bad multimeters too:-)).
So what if some work is duplicated? One of the things that makes the Open Source community great is that individual developers CAN scratch any itch they want, work on any project they want. Sure, it may not be as efficient as it could be, but that's not the point. The community doesn't exist to gain greater and greater market share, it exists to create open software. Some individual developers may want their project's market share to improve, others may just do it because they enjoy it, others still for reasons not mentioned here. It's all good...
100 Watts at 120 volts, 12 volts, or 1 volt will provide exactly the same amount of power.
Considering a modern athlon computer is likely to blow up a 200 watt PSU, and work OK on a 300 watt PSU, I'd say a safe guess is about 250 watts of output power used on a personal PC. Which means, counting in inefficiencies, about 300 - 350 watts of power drawn from the outlet.
Okay, as you mention later on, since one needs to multiply amps by volts to get watts (watts = volts / amps was a careless error on my part), watts must therefore vary in relation to volts. Therefore, assuming a constant current, the 300 watts at 12 volts (what the rating on your computer's power supply means) is going to be 30 watts at 120 volts coming out of the wall (probably with a small drain for AC->DC conversion, I'm not very familiar with power conversion though, maybe you can help out here).
If you used a clamp on Ammeter, you need to multiply the figure displayed by your local voltage (probably 120 volts) to get watts.
That's exactly how I arrived at the original 40-watt figure. Allow for some margin of error on the exact figure, as I checked at the mains coming into the circuit, got 6.6 amps (at 120 VAC), and divided by the 20 machines on the circuit (all have fairly similar specs, the variation is just RAM and disk sizes) to get 39.6 watts per machine (which I rounded up to 40, so sue me:)).
I don't think that there's any way that your server is operating on only 40 watts... unless the drives are spun down, and the processors (2) are doing absolutely nothing.
I measured with an "amp clamp" around the mains coming into the circuit, then divided by the number of machines (they all have similar specs). The drives were spun up, and under active use, processors were probably at less than 5% (most server tasks are I/O bound). Draw your own conclusions here. I do know that my desktop at home (800 MHz Athlon, 2 10GB IDE drives, DVD, CDRW, 512MB RAM, TNT2, SBLive!, couple of fans) pulls 15-20 watts at 120V, depending on load. My machine has a 300 watt power supply. This means it is rated for a maximum of 300 watts at 12 volts, which would be a draw of 30 watts at 120 volts (assuming it is maxed). If nothing else, I'm not stressing my power supply that much.
If I recall, an Athlon can dissipate up to 80 watts of power, depending on the model. So, since this is a server, it's probably in the 50-80 watt range -- per processor, running full tilt. So the processors take more than just 40 watts themselves to run....
Your Athlon dissipates 80 watts at 3 volts or something (I'm not sure what the actual voltage is on a recent Athlon). That translates into 2 watts at 120V (assuming 3 volts - modify for what it really is, also assuming no power usage or drain in between the wall and the processor, which is a pretty big assumption - I'm only off by a watt or two either way though). Remember, watts = volts / amps. My servers are Xeons, but I imagine they are similar to Athlons in power profile.
Also, the average amplifier pulls a little less than a third of it's output rating? Meaning when it's not maxed? As far as any type of amplifier is concerned, you can't amplify an input signal without having loss of input power.
See my earlier comment about the input watts being only tangentally related to the output watts.
Good info here. Just a couple of comments on your wattage ratings:
Computer: I don't know exactly how much the average computer pulls, but I do know that an average server at work, with 2 processors, 2-3 SCSI drives, a couple of fans, pulls about 40 watts while in operation. The startup surge is 350-400 watts easily, is that what you meant?
Monitor: My 19" here is rated at 80 watts. Your assessment that an LCD would be more efficient is right on the mark, though.
Computer Speakers: Output watts are watts RMS, a different animal than input current, though certainly related. The average amplifier pulls a little less than a third of its output rating.
Just one thing to add: Lights could use CF type bulbs, cutting power usage significantly if one can stand the light spectra.
Another possibility in academia, if one isn't inclined to go for a doctoral degree (or just doesn't like teaching) is to try to get into a support position. I've been working as an admin at a smallish (~10,000 students) state university for quite a few years. I started working tech support as a student, made a good impression, and slid into a junior admin position when I graduated. Now I'm in a senior admin position, and have a lot of freedom as to how I want to do things. Working in an academic setting has its perks too. My time is flexible, I can come and go as I please as long as I get my work done. Pay is good, I make enough to live nicely on and put some away. I could probably make more in a corporate setting, but I think it's worth making a little less money in exchange for being treated like an adult.
Please don't do this. My favorite computer has an old copy of SCO Unix within a few feet of it. Granted, the install tape is actually under one of the legs of a wobbly desk, but it works really well for that, and I don't want to have to replace it and my computer.
I think you're probably correct here. What I don't get is how it is possible to so badly fuck up a program as simple as a voting system.
Let's assume a database backed system like the Diebold one supposedly is. You need to do something like the following:
Put the list of candidates in. For each one, INSERT INTO candidates VALUES ('$name', '$party_affiliation', '$position_running_for').
Make sure the voter hasn't already voted. SELECT count(*) FROM already_voted WHERE voter_id = 'md5($voter_id). If count > 0, no vote for you.
Register a vote, without any 1-1 mapping. INSERT INTO votes ('$candidate_id'); INSERT INTO already_voted ('md5($voter_id)').
Count the votes. For each from SELECT * FROM candidates, "SELECT count(*) FROM votes WHERE candidate_id = '$candidate_id'
The rest is just UI and database logic, as well as plugging in one of the obvious authentication methods. This is admittedly oversimplified, but the actual code wouldn't contain anything more complicated than a for loop. C'mon guys, we're the programmers, and we're not looking too good. Let's get this thing fixed already!
I find this to be unlikely (but then, I find most of Cringely's stuff to be unlikely). A couple of reasons:
Microsoft, more than most companies, suffers from "Not invented here" syndrome. The various BSD kernels are, for all practical purposes, public domain. Any one of these kernels is surely of higher quality than the NT kernel, and fairly similar to the Linux kernel, so if they wanted a Unix kernel, they would very likely use one of them. If they really badly needed Linux binary compatibility, they could just use something like the old iBCS stuff.
There is nothing preventing them from using the GPL'd Linux kernel in a proprietary OS. Any kernel patches would have to be released, but the vast majority of the OS distribution could remain proprietary, as system calls are considered normal use of the kernel.
This reminds me of one of the first times I experimented with Samba. I was using 2.0.something as well. We had a Win9x network at the time. I configured Samba as a client without really reading much of the documentation, and installed one of the GUI clients to play (tksamba, maybe? I don't really remember). I was browsing randomly around the network to test, and discovered I could connect to all the shares on the network without authentication (and there were passwords on most of those shares).
It's amazing how much of the Windows "security" model depends on the client behaving exactly as expected!
We got hit by Nachi as well. Students came in Saturday. We figured there would be problems with these, but didn't realize the extent of it, so we weren't too proactive. We made a CD image with the MS patch and the Symantec cleaners for the different variants, and a batch file and autorun.inf to make sure it all ran when the CD was inserted. 5,000 or so copies were distributed (I love the high-speed duplicator with robotic arm) to be handed out at dormitory check-in with an instruction sheet that basically said, "Would you mind awfully cleaning your machine with this CD before you connect to the network."
In retrospect, we should have been a little more proactive like GMU was. At 1:52:28 on Saturday, an infected machine was connected. Before 2:00, all the dormitory subnets were basically unreachable, and I was seeing broadcast traffic (the arp storm from all the pings) rates approaching 2000/second. We got lucky and our institutional machines (the Windows ones anyway, we have a lot of Suns and Linux boxes and such around) were already patched, due to vigilance on the part of our technicians. I managed to get the academic buildings back by temporarily stopping all ICMP at the building routers (I had to go around to most of them with a laptop and a serial cable). We have a "class B" IP range (yep, we're one of the evil institutions causing the shortage in China or wherever it is) which fits exactly into what Nachi starts to scan, so this actually helped. I finally ended up bringing down all eighteen dormitories down once we figured out for certain what it was (I thought it was a failed router or something spewing garbage onto its segments at first), then we brought up one building at a time, and sent a quick bit of Perl through the segment disabling all the ports with vulnerable machines on them (about 70% of the W2K/XP machines were vulnerable, and about 40% were infected).
At that point, we co-opted the resident assistant staff and had them going door-to-door with our techs (we called in all 60 or so at that point) cleaning and patching machines, and reactivating ports. Amazingly enough, we actually had everything more or less back to normal by the time classes started on Monday.
Things I learned from the experience:
Never underestimate the impact of a remote-root vulnerability in an OS with 90%+ marketshare again.
Perl is a godsend (well, I knew that one), and the exploit detection code someone else wrote was a real timesaver.
I should have replaced that last crappy Cabletron SSR a year ago when I knew it didn't work for shit.
Always have a protocol analyser handy. When your network is falling in ruins around you, messing around with the library dependencies for Ethereal is the last thing you want to be doing.
Sorry to reply to my own post. The quarantine partition (I save out dropped messages for a while, just in case of a false positive or something) on the mailserver just hit 90%, and it's 100GB. It was somewhere around 5-10% this morning. Not a good day.
Not funny. They've started coming back already, and our dorm subnets are crawling with msblast. I filtered port 135 and 444 ingress and egress at the building routers, but we still (no joke) have around 95% infection rate. I'm assuming the other 5% are CS students with Linux boxes and a few old Win98 systems.
I'm just dreading Saturday when the majority of them show up, it's only 200 students now and the technicians can't keep up.
I poked around a bit too. Peeling back the URL to the root, you get what looks like it is probably an unpatched install of RedHat 6.x. The scammer probably rooted it, and is using the ns.terraserver.nl mail gateway to relay form results to himself. Someone already decoded the email address from the mess of Javascript, so I won't go into that.
Rooting a default RedHat 6.2 install and finding an exploitable cgi mailer isn't much of a challenge, there are rootkits out there, so the simplest explanation is someone of script-kiddie level collecting all the information unsuspecting sellers will give him. What is also worrying is that enough information is being collected to fill out false change-of-address requests, credit applications, etc. If you got one of the spam emails referencing this, it may be a good idea to report it to your local law enforcement or FBI office.
Slashdot Mirror
Well, a handling fee, I suppose. Anyone know how much that is?
Of course, this is all academic anyway, judging by the small percentage of spam I get that actually comes from places that will be bound by this law, and I don't see even our current administration starting a war or something over spam :).
I read over most of this law, and there doesn't seem to be anything unreasonable in it. Certainly nothing the DMA would want, does anyone have any proof of the claim that they drafted it?
This may have been true with Solaris 2.6, but many of the GNU tools have been included since Solaris 7. I'd be happy with GCC at least. Still not in Solaris 8, haven't used 9 yet, is it there?
Again, replacing the userland Sun tools is as easy as installing either the included GNU tools, or setting up the install to include the sunfreeware versions of the tools.
I know about this stuff. I just have a pipe-dream of Sun including this stuff in the default install and eliminating their old utilities.
I also know about Jumpstart (it doesn't make any sense for me anymore, I only have one Sun server left). The bloat issue is really another pipe-dream of mine. I want Sun to make it easier to have a minimalist system without installing things I don't want in the first place.
These things are actually all just gripes. None of them are impossible, or even difficult, to work around, it's just something I'm picky about.
The SunOS kernel and base libraries (libc, threading, stuff like that) are very good. The patching system is very good, but you do have to patch it a lot. I don't like:
YMMV, but there must be some reason why Linux is eating away at Sun's market share, and it can't be all based on price. Companies usually still feel better about paying too much for this stuff...
Okay. Well, I would say either the meter isn't displaying the correct current usage, or you are a special case... Which is totally possible. Computers do tend to use less current when idle, but 40 watts seems low considering a laptop battery holds up to 6 AH at 6 volts (that's a life of 1 hour at 36 watts draw). I sorta doubt a desktop machine uses the same power as a laptop, but anything is possible! :-)
Hmm. I dug up my old beginning EE textbook from college, and looked up some stuff. You, and a couple of other posters, are correct. Watts remain constant, amps vary. I was incorrectly assuming constant amps.
Assuming my earlier test to be inaccurate, I decided to do some more (Thanks to the techs at work for humoring my curiosity and letting me play with their machines and spare parts!). I got two more multimeters from different manufacturers (in case one was inaccurate) and tested a few machines:
- Individual server from the earlier test: 0.4 amps. (Note: Differences between the two multimeters were negligible.)
- Another server in the rack: 0.3 amps. (I tested all of them in the end (see why below), they were all in the same general range as these two.)
- An average desktop (Athlon XP 2000+, 512 RAM 80GB HDD, GeForce 4, DVD, CDRW): 0.3 amps.
- My laptop (Dell Latitude D600). Didn't register on two meters, hit 0.1 amps briefly on another. (I wish I had a meter with better than 0.1 resolution). Note here that the battery was fully charged at the time, so the power supply may have been idle (take this with a grain of salt, I don't know how this really works).
I messed about with the Athlon a bit more, as I was interested by someone's earlier comment that they can dissipate 80 watts, and the machine was only using 36 watts. Someone else had a theory that an Athlon would blow a 200 watt power supply. For a quick test, I swapped the 350 watt supply in the machine for a 120 watt supply from the spare parts bin. The machine worked fine, still registered 0.3 amps, but got a little warmer as the fan in the smaller supply didn't move as much air (still reasonably safe temperatures though).I did note that if all my servers were in the same range as the first two, the total draw would be more than my initial test showed. I tested the rest of the servers. The total on those added up to 7 amps even. The clamp meter on the mains still shows less. I chalk it up to inaccuracy of the clamp meter, although it served its intended purpose fine, which was to tell me that I could add ten more machines to the 40 amp circuit without any problem. I don't have another clamp style meter to test this theory any further.
Conclusions? Nothing solid. I learned some EE stuff I had forgotten from college. I don't think computers use nearly as much power as is generally thought (can't say conclusively, I could have a lot of bad multimeters too :-)).
So what if some work is duplicated? One of the things that makes the Open Source community great is that individual developers CAN scratch any itch they want, work on any project they want. Sure, it may not be as efficient as it could be, but that's not the point. The community doesn't exist to gain greater and greater market share, it exists to create open software. Some individual developers may want their project's market share to improve, others may just do it because they enjoy it, others still for reasons not mentioned here. It's all good...
Considering a modern athlon computer is likely to blow up a 200 watt PSU, and work OK on a 300 watt PSU, I'd say a safe guess is about 250 watts of output power used on a personal PC. Which means, counting in inefficiencies, about 300 - 350 watts of power drawn from the outlet.
Okay, as you mention later on, since one needs to multiply amps by volts to get watts (watts = volts / amps was a careless error on my part), watts must therefore vary in relation to volts. Therefore, assuming a constant current, the 300 watts at 12 volts (what the rating on your computer's power supply means) is going to be 30 watts at 120 volts coming out of the wall (probably with a small drain for AC->DC conversion, I'm not very familiar with power conversion though, maybe you can help out here).
If you used a clamp on Ammeter, you need to multiply the figure displayed by your local voltage (probably 120 volts) to get watts.
That's exactly how I arrived at the original 40-watt figure. Allow for some margin of error on the exact figure, as I checked at the mains coming into the circuit, got 6.6 amps (at 120 VAC), and divided by the 20 machines on the circuit (all have fairly similar specs, the variation is just RAM and disk sizes) to get 39.6 watts per machine (which I rounded up to 40, so sue me :)).
Completely correct. Careless error on my part. No clue on the relationship between heat watts and regular watts :).
I don't think that there's any way that your server is operating on only 40 watts... unless the drives are spun down, and the processors (2) are doing absolutely nothing.
I measured with an "amp clamp" around the mains coming into the circuit, then divided by the number of machines (they all have similar specs). The drives were spun up, and under active use, processors were probably at less than 5% (most server tasks are I/O bound). Draw your own conclusions here. I do know that my desktop at home (800 MHz Athlon, 2 10GB IDE drives, DVD, CDRW, 512MB RAM, TNT2, SBLive!, couple of fans) pulls 15-20 watts at 120V, depending on load. My machine has a 300 watt power supply. This means it is rated for a maximum of 300 watts at 12 volts, which would be a draw of 30 watts at 120 volts (assuming it is maxed). If nothing else, I'm not stressing my power supply that much.
If I recall, an Athlon can dissipate up to 80 watts of power, depending on the model. So, since this is a server, it's probably in the 50-80 watt range -- per processor, running full tilt. So the processors take more than just 40 watts themselves to run....
Your Athlon dissipates 80 watts at 3 volts or something (I'm not sure what the actual voltage is on a recent Athlon). That translates into 2 watts at 120V (assuming 3 volts - modify for what it really is, also assuming no power usage or drain in between the wall and the processor, which is a pretty big assumption - I'm only off by a watt or two either way though). Remember, watts = volts / amps. My servers are Xeons, but I imagine they are similar to Athlons in power profile.
Also, the average amplifier pulls a little less than a third of it's output rating? Meaning when it's not maxed? As far as any type of amplifier is concerned, you can't amplify an input signal without having loss of input power.
See my earlier comment about the input watts being only tangentally related to the output watts.
- Computer: I don't know exactly how much the average computer pulls, but I do know that an average server at work, with 2 processors, 2-3 SCSI drives, a couple of fans, pulls about 40 watts while in operation. The startup surge is 350-400 watts easily, is that what you meant?
-
Monitor: My 19" here is rated at 80 watts. Your assessment that an LCD would be more efficient is right on the mark, though.
-
Computer Speakers: Output watts are watts RMS, a different animal than input current, though certainly related. The average amplifier pulls a little less than a third of its output rating.
Just one thing to add: Lights could use CF type bulbs, cutting power usage significantly if one can stand the light spectra.Another possibility in academia, if one isn't inclined to go for a doctoral degree (or just doesn't like teaching) is to try to get into a support position. I've been working as an admin at a smallish (~10,000 students) state university for quite a few years. I started working tech support as a student, made a good impression, and slid into a junior admin position when I graduated. Now I'm in a senior admin position, and have a lot of freedom as to how I want to do things. Working in an academic setting has its perks too. My time is flexible, I can come and go as I please as long as I get my work done. Pay is good, I make enough to live nicely on and put some away. I could probably make more in a corporate setting, but I think it's worth making a little less money in exchange for being treated like an adult.
Please don't do this. My favorite computer has an old copy of SCO Unix within a few feet of it. Granted, the install tape is actually under one of the legs of a wobbly desk, but it works really well for that, and I don't want to have to replace it and my computer.
Let's assume a database backed system like the Diebold one supposedly is. You need to do something like the following:
The rest is just UI and database logic, as well as plugging in one of the obvious authentication methods. This is admittedly oversimplified, but the actual code wouldn't contain anything more complicated than a for loop. C'mon guys, we're the programmers, and we're not looking too good. Let's get this thing fixed already!
It's amazing how much of the Windows "security" model depends on the client behaving exactly as expected!
They have about 92% of the money. 92% of taxes paid sounds pretty fair to me.
In retrospect, we should have been a little more proactive like GMU was. At 1:52:28 on Saturday, an infected machine was connected. Before 2:00, all the dormitory subnets were basically unreachable, and I was seeing broadcast traffic (the arp storm from all the pings) rates approaching 2000/second. We got lucky and our institutional machines (the Windows ones anyway, we have a lot of Suns and Linux boxes and such around) were already patched, due to vigilance on the part of our technicians. I managed to get the academic buildings back by temporarily stopping all ICMP at the building routers (I had to go around to most of them with a laptop and a serial cable). We have a "class B" IP range (yep, we're one of the evil institutions causing the shortage in China or wherever it is) which fits exactly into what Nachi starts to scan, so this actually helped. I finally ended up bringing down all eighteen dormitories down once we figured out for certain what it was (I thought it was a failed router or something spewing garbage onto its segments at first), then we brought up one building at a time, and sent a quick bit of Perl through the segment disabling all the ports with vulnerable machines on them (about 70% of the W2K/XP machines were vulnerable, and about 40% were infected).
At that point, we co-opted the resident assistant staff and had them going door-to-door with our techs (we called in all 60 or so at that point) cleaning and patching machines, and reactivating ports. Amazingly enough, we actually had everything more or less back to normal by the time classes started on Monday.
Things I learned from the experience:
Sorry to reply to my own post. The quarantine partition (I save out dropped messages for a while, just in case of a false positive or something) on the mailserver just hit 90%, and it's 100GB. It was somewhere around 5-10% this morning. Not a good day.
I'm just dreading Saturday when the majority of them show up, it's only 200 students now and the technicians can't keep up.
Rooting a default RedHat 6.2 install and finding an exploitable cgi mailer isn't much of a challenge, there are rootkits out there, so the simplest explanation is someone of script-kiddie level collecting all the information unsuspecting sellers will give him. What is also worrying is that enough information is being collected to fill out false change-of-address requests, credit applications, etc. If you got one of the spam emails referencing this, it may be a good idea to report it to your local law enforcement or FBI office.
I was promised flying cars, why aren't they working on the flying cars?
Are you sure? Imagine soccer moms in three driving dimensions, rather than just two...
Safari is based on the KHTML engine from KDE. See here.
# dd if=/dev/zero of=/dev/hda bs=512
Seriously, though, this is a good step for them, and I hope other software companies follow their good example.
Well, I guess they could pay you to use it, but I think the prosecution calls that a "kickback"...