You obviously don't hang around #gentoo (FN) too often. That channel is basically continuous live support, granted it's to users from users (and developers).
As developers, some of us try to make it a point to help people who are having trouble with the packages we maintain. Any help we can get is welcome, so I for one appreciate GenUX's contribution, even if they make money from it.
These will entirely destroy any kind of verification about the dist tarball, though, which is what the focus of the Transgaming forums post was about (and rightly so).
[15:49:30] hey all you -v users! quote me! quote me! i wanna be famous [15:50:05] oh, btw, all you anonymous -v people, the server was running minix! [15:50:06] ok, quote me: the box was running DOS. yes, DOS! dos 6.3 with a tcp stack stolen from os/2
The rsync servers are, indeed, mirrors. The mirrors are load balanced through the use of a DNS round robin. The cvs.gentoo.org machine propagates the portage tree throughout the rotational rsync mirrors, so any portage tree attack would need to be taken either on most of the rsync mirrors or on the cvs machine. This single attack (had anything actually happened) only affected 20 users.
Uhh...it's a round robin. An rsync rotation server was compromised remotely, and one suid file was found. This was not a DNS hijacking or anything like that.
The kernel exploit was a local one. Evidence has shown that the exploit used against the rsync server was remotely exploited. Good thing that if anything had happened (which nothing has shown up yet, according to the #gentoo-dev channel on FreeNode), it would have only affected about 20 users. Still sucks that there's an exploit at all though.
Better to do it in a video game than in the real world, isn't it? When hundreds of California kids begin playing M-rated, violent video games 24 hours a day and lose the ability to tell the difference between fantasy and reality, then it might be something to worry about, but as it stands now, I really don't see a need for this.
Doesn't seem like those signs are terribly visible from afar, but at least the ones who take them down will be able to tell what it says. They might not get the point, though, not that the average passer-by would either.
Slashdot Mirror
I can't wait till 2620 when scientists rename it to Urectum to end that stupid joke once and for all.
You obviously don't hang around #gentoo (FN) too often. That channel is basically continuous live support, granted it's to users from users (and developers).
As developers, some of us try to make it a point to help people who are having trouble with the packages we maintain. Any help we can get is welcome, so I for one appreciate GenUX's contribution, even if they make money from it.
Hey, as long as the girls are hot...
I'm pretty sure that's what the Northrop Grumman reference was to.
Loose? What is this, a third-world country? Sheesh.
Or just 'emerge --digest cedega'.
These will entirely destroy any kind of verification about the dist tarball, though, which is what the focus of the Transgaming forums post was about (and rightly so).
You can burn CD's in 2.4 without ide-scsi as well, using cdrecord's spiffy ATAPI interface.
A 10-day marathon!
God I should be shot for that...
Err...The nicks in respective order are ciaranm, ciaranm, and bazik...
[15:49:30] hey all you -v users! quote me! quote me! i wanna be famous
[15:50:05] oh, btw, all you anonymous -v people, the server was running minix!
[15:50:06] ok, quote me: the box was running DOS. yes, DOS! dos 6.3 with a tcp stack stolen from os/2
The part that resides on #gentoo-dev, where all the official chatter is going on.
The rsync servers are, indeed, mirrors. The mirrors are load balanced through the use of a DNS round robin. The cvs.gentoo.org machine propagates the portage tree throughout the rotational rsync mirrors, so any portage tree attack would need to be taken either on most of the rsync mirrors or on the cvs machine. This single attack (had anything actually happened) only affected 20 users.
Uhh...it's a round robin. An rsync rotation server was compromised remotely, and one suid file was found. This was not a DNS hijacking or anything like that.
The kernel exploit was a local one. Evidence has shown that the exploit used against the rsync server was remotely exploited. Good thing that if anything had happened (which nothing has shown up yet, according to the #gentoo-dev channel on FreeNode), it would have only affected about 20 users. Still sucks that there's an exploit at all though.
Better to do it in a video game than in the real world, isn't it? When hundreds of California kids begin playing M-rated, violent video games 24 hours a day and lose the ability to tell the difference between fantasy and reality, then it might be something to worry about, but as it stands now, I really don't see a need for this.
The Sarumon petition is up to nearly 34000 signatures right now (7:07PM EST). Quite a leap, I'd say...
Maybe the submitter IS the last remaining customer, and just didn't get the news yet?
"What the hell is that thing?"
"It appears to be the mothership."
"Then what did we just blow up?"
"... The Hubble telescope."
Long live Brannigan!
The article was in error and updated since its original publish, footnote and all.
Spamdot!
Musn't forget that everything on Slashdot consisting of a numbered list must include:
6) PROFIT!!
"a book which he says is useful -- but only if you have the background to use it"
So, uhh...it's useful, but only if you can use it...
I tried to play my shiny new CD on my computer...they say I can get out within 3 years on good behavior though, so I'm ok with it.
Doesn't seem like those signs are terribly visible from afar, but at least the ones who take them down will be able to tell what it says. They might not get the point, though, not that the average passer-by would either.
Great job guys, keep kicking that economy while it's down...