As to the privacy issue, simply by the way smtp works you're data is going to be forwarded through someone's smtp server(unless you happen to be really close network wise to the person you're mailing)
This is misleading. In practical terms, SMTP store an forward very rarely invoked these days.
Your outbound mail server will do an MX lookup on the
domain of the recipient address and contact the recipient's SMTP server directly.
Likely scenarios where store and forware may be used:
a) Big corporation/military. The mail *may* be gated into an internal network by their public facing SMTP server then routed halfway round the world on the internal network.
b) Backup SMTP server - if it's impossible to contact the main MX entries, someone may have a backup SMTP service provided by an ISP or something which will store the mail until it can (eventually) contact your main SMTP servers.
Technically I use store an forward at work where one machine does all the processing (virus, spam, mailing lists etc) and forwards it to
the machine that has the user's home directoy on local disk just to avoid using NFS. But that is a local setup so it's doesn't really count here.
Your Linux box is just as vulnerable as a Windows98 system after being freshly installed until you turn off all the services and/or turn on the netfilter firewall. Same goes for Macs running OS X.
OK - I see your reasoning and you are technically correct I believe. However, some important points:
For a start, linux distros are released more frequently - so one has a fighting chance to perform even a network install off a source which is not rotted to buggery.
Second, it is possible to do an install, configure the system, select which daemons will run (or not) and get updates
without actually running the ssh/apache or whatever daemon may have a remote exploit today. Can you do a Windows install and run Windows Update without LSASS running at some point?
Thirdly, once Linux is installed and patched (remember, no deamons have been running)
we can set up the firewall. Oh look,/etc/init.d/iptables is set to start early (/etc/rc3.d/S03iptables). Network is brought up afterwards
(/etc/rc3.d/S10network).
* above is with reference to Mandrake Linux. I'm sure you could find a distro of Linux that
was broken in one of the above respects. Not relevant, at least you have the choice to use one of many that aren't.
The key thing is that you have to want to turn on the firewall and only turn on necessary services (and keep them patched because a firewall with port 80 open doesn't help when apache has a vulnerability). But at lease Linux makes it easy to achieve the above - and I can get the bloody thing installed and patched without being rooted - firewall or no firewall
Please don't compare my choice to OS to something extruded from the rear end of Redmond over 6 years ago.
Well - that would depend which hall. You see, the primary route to sunsite.org.uk is over Demon's network - so if you are in the halls that are supplied by whichever telco has the contract (I forget) you are probably going to take the circuitous route.
If you are within DoC's network then you will get the short route.
If you are anywhere else in Imperial - I'm not sure. Hopefully the short route but I cannot say that with certainty.
I don't run Sunsite - but I work with the people who do. The answer is no - not at the present time. SMB used to exist on the previous version - this isn't supported at present either. (We're now on Sunsite 3).
That's not what hard links are... hard links are indistinguishable from the original file. If you make a hard link, modify the hard link then you'll see the changes in the "original" as well.
You're technicall correct of course - but the parent was also correct in intent. Rsync does indeed do
an unlink() before it writes over an existing file, so the effect is what is desired.
OTOH, wait, maybe I don't want the 3D... when I used those drivers for ATI cards, I'd randomly wake up in the morning to find my or my wife's computer crashed hard in the midst of running one of the spiffy acceleratophilic screensavers.
I'm running an NVidia GeForce FX 5700 under linux 2.4.25 with the NVidia drivers (build 1.0-5336)
and I have exactly the same problem. I'm not sure whether you meant that "those drivers" were ATI's binary ones, but I am finding NVidia's drivers unstable as of late. Also, they were late out with 2.6 support. Who knows if they will support 2.8?
Now that ATI's gone down the same route with binary drivers, I'll be buying Radeon 9200's for my next two computers, being the last card
with opensource support for 3D. I'm not a hardcore gamer, so that's plenty of power for my needs.
I certainly don't wish to deny information. Mail servers on consumer level accounts simply cause too many problems. For every properly functioning mail server behind a dialup/cable modem/residential DSL, there are 100s, if not 1000s of improperly configured servers, with almost no accountability. I am referring primarily to infected Windows machines, that like it or not, act like a mail server. Then there are the casual hobbyists that test Exchange wide open because they don't know any better, or the home user that installs WinGate and becomes an unwitting haven for spammers.
Well, I run a well configured MTA on a residential DSL line. That's why I chose a high class ISP
who will never block ports. I do that on *my* firewall.
If there clueless people who run Windows and can't be arsed to learn how maintain their machine (do they maintain their car??), then kick them off the internet completely until they can a) learn how to look after
a flakey piece of crap written by MicroSoft - or b) use a proper OS - and learn how to look after it.
I would seriously object to my resonisble access to the Internet being messed up because
of people who can't be bothered... I have the same lack of respect for these people as I do
for some stupid fool in a car who can't be bothered to drive properly. In his case, (s)he
stands a chance of being nicked by a copper and banned.
If you want to run a mail server, at least get a static IP so you can be held accountable for any improper use of the Internet you might engage in (providing a resource for spammers is considered improper).
To a degree this is a reasonable point. But there are linux folks I know who know what they are doing,
but have only Cable with no choice of a static IP. Tey had to make do with dyndns. Why should they
suffer?
Go here and tell me that actual poster of the metro police isn't the creepiest thing you've seen in a while.
Feck me. That is sooo 1942! I haven't seen one yet - but when I do, I feel
some gratuitous modification with a black marker pen coming on.
Next, the BBC's political programmes will open with the greeting
"And thank you, Minister, for taking the time to explain your policy
to the nation..."
Take speeding: when you speed, you save some journey time. When others speed, they endanger your life. Cameras on the road (as seen recently in France) tell individuals "your acts are not cost-free", and so they behave better.
Unfortunately, the presence of the Gatsos mean that all the police bugger
off safe in the knowledge that they not longer have to jmp out from
behind shrubbery with radar traps. Alas, they are now not observing all
the other more dangerous crap being performed routinely by Johnny A'hole
on the roads [tailgating, stupid manoeveurs, lack of indication].
Never mind, at least the Government's got a steady income stream.
If it is not reducing crime, perhaps it would have been wiser to put more police on the streets?
Amen, brother. Unfortunately the senior police and the government failed to a man
to graduate from the Univerity of the Bleeding Obvious.
There once was a plan devised, to do with Police "Panda" cars (cars driven by
regular police, not traffic division). They were suppsed to be stuffed full
of flatfoots (well, 4 - they're not very big cars). The driver would
drop a plod off, drive a few hundred yards to another street, drop off another plod
etc. After the last drop off, he'd drive round to collect the first plod who would
have performed the beat of a couple of streets, collect plods 2+3, then drive somewhere
else and repeat until end of shift.
The idea was fewer beat police could perform foot patrols and cover
(with random variation) a larger area, but with a statistically high
probability that they may walk down the street just when you were about to nick
that car.
Was this implemented - was it buggery. They just drive around - how
much observation can one do from a car compared to on foot or bicycle?
...only be a matter of time before private corporations are given access to 'manage' these systems...
Exactly. Just like my tax files were being managed by EDS, an effing American
Corporation with a piss poor employee reationship record. Not that I care it's
a Yankee company - I care that state data on me is being handled by:
a) A private corporation who don't go through the same level of security
vetting that even a minor civil servant does.
and b) A bunch of foreigners who we might well have a disagreement with
tomorrow. I don't trust the civil service 100%, but (having worked
within that organisation once) I trust them 100% more than some random
for profit stinky (especialy in EDS's case) corporation.
Don't know if EDS still have that contract - doesn't matter, if they don't,
some other untrustworthy bunch will.
Oh I wish it were... Blair's an effing Tory. Nothing socialist about him.
[Tube PPP, University Top Up Fees, regular polishing of Mr Bush's All American
Flagpole] Thatcher would have been proud. Except he doesn't give enough
grief to Europe - not quite up to Mrs T's standard in that respect.
Gordon Brown is considerably more left wing - so if he were PM, then you might be correct.
If I *wanted* left wing, I'm reduced to the British Communist Party (gay) or Arthur
Scargill's (yes, him, the former head of the coal miners' union) Socialist
Party, which makes Trotski, Lenin, Stallin and Mao look like a bunch of schoolgirls
on a spring picnic.
If I wanted regular socialism (capitalism, higher taxes but state safety net) then
I guess I'll have to start my own party... Bah!
That looks interesting. The only downside to that approach is that it's bolting
the kernel to binary after the fact with (on my system) dynamic linkage to 36 libs (ie a bit fat).
At least half those dynamic libs aren't relevant to the job AFAICS. I suspect they are there
due to kioslave being a standard KDE app.
It may be a second phase in the experiment, but I would applaud the KDE people if they took
this excellent idea, pruned all the generic KDE-ness out of kioslave leaving something
lean, mean and generic that could be used equally well by KDE and evrything else.
I say the same thing about gconf, another very good idea - strip it out of Gnome and
make it a bit more generic.
In both cases I think that doing so would promote more universal adoption.
The GTK/GNOME applications always bug me because of things like the file selector (which, for
example, can't load files using the KDE IOSlave
This is one of my worries. The KIOSlaves are nice in the extra functionality
they offer within KDE (accessing remote filesystems over SCP or FTP for example).
However the more logical place for this would be in the kernel so that all applications
can access the remote filesystem uniformly. The bulk of the implementation does not have
to always be in the kernel, but this functionality should be available from the kernel's
open, close, read, write, readdir and stat syscalls.
Hard mounting such filesystems probably isn't the way to go because the access is transitory and
generally per user. Possibly time to consider supporting transient filesystems with a URL
namespace (ie outside of the / namespace - or mapped onto it somehow).
It would then be possible for any application from konqueror to gimp to emacs
could just ask for a directory listing of:
ftp://randomhost/somewhere/someplace/
or
smb://winserver.domain/share/junk/
and then be able to access files with open, read, write and close
What is wrong IMO in the long term is putting such esoteric url namespace access in
higher libraries so only aware applications can benefit.
I applaud the KDE bods for trying new ideas, however it would be better if those proven ideas were
implemented properly in the most generic way possible.
This is the one case were I was glad when I owned a knackered old diesel Maestro
car (British Leyland).
Everytime I got one of those tail gating pillocks up my a**e I'd just lead foot the
clutch and the accelerator and clear the exhaust pipe soot out in their general direction.
They used to give me plenty of space after they'd stopped choking!
Sad really to ave to use such tactics, but I take exception when someone
endangers my life with their lack of respect for a one ton vehicle.
Dickheads...
In space, an object will lose most of it's internal kinetic energy by radiation;
it emits electromagentic (EM) radiation in relation to it's absolute temperature.
Normally, in warm surroundings, the EM lost is balanced by EM receieved from surrounding
objects - so when equilibrium is achieved, the temprature of the object stabilises (assuming no
other sources of heat energy).
But, do you know what the best (heat-) insulator is? Vacuum.
No... Conduction is one loss mechanism. There will be little conduction in space.
Radiation however is a very significant mechanism too. Check your thermos flask -
it's silvered as well as presenting a vacuum barrier.
In space, there is much lower background EM depending on whether you are in sight of the sun or not,
so for best effect put your "freezer" out behind the ISS away from the sun and I think you'll find
that stuff freezes pretty quickly.
That system is called TDS (Train Describer System) and is a front end
to the signalmen's panels.
I agree - whenever I catch sight of a TDS screen, the information is far more
useful to me than the CIS (Customer mis-Information System) that powers
the platform screens and indicators -assuming they haven crashed (most of the time)
or aren't displaying an MS Windows error dialogue!
They should deinately have a web front end to the TDS maps.
This would be the same Bombardier that brought the UK the Class 375/377
Electrostar trains which run Windows 95 on the systems monitoring
computer?
And yes - when it crashes (often) you have the reboot the train.
The bl**dy thing can't even be diesel shunted if it breaks, there's
no way to get the brakes off - not even a hand valve.
This is also the train that went through a period of having dead
multiple unit trains if they coupled two sets together that have
different versions of the software as the inter-train interface presumably
changed(!). Bombardier's answer was to require all units reload their software
over radio every 24 hours. If the 24 hour period expires, brakes go on,
you go nowhere.
At least it's failsafe - just rather more than one would hope.
Source of the above info - various guards and drivers who staff these
things.
If the conductor fell asleep while driving the train you have bigger problems, like "where the f**k is the driver?!!
There is only one train I'm aware of that this is OK - The Docklands Light Railway,
which is totally automatic, but can be driven by the actual conductor if needed.
It's too bad. Mostly everyone is so damn busy with the workload that they rarely have time to pursue cool independent projects in their spare time.
Seems to be the way now. I work for a comp. science university department in the UK - one that has previously turned out the odd significant unix project that was widely used for a time. All I know is that I (and my colleagues) are bogged down solid with providing basic services. I will spend a lot of time to implement well where I can and avoid bodging, but it's not ground breaking stuff - just implementation.
I have serveral ideas in my head right now for cool things, but I would need a decent run at them to get anything useable. I know I won't be able to sustain the input of time into persuing these ideas so I don't bother wasting the time starting - which is a shame, but people these days are expecting more service from no more (or less) staff.
Granted, I could do these in my own time, but with a family on the way I'm prioritising my cool non work ideas over cool work ideas - even getting that time is hard enough.
Charlie's Angels deserved to tank. The only, and I stress, only reason I saw it was to watch Lucy Liu kick ass and of course the car chases (which were amazingly long by any standards). The story was pretty poor, no attention to detail (WHO welds at face level?), it was a typical Hollywood glitsy action film.
It's what I classify as a beer and curry film. I'll probably watch it on DVD one day but at that time, I'll be tanked!:-)
Slashdot Mirror
This is misleading. In practical terms, SMTP store an forward very rarely invoked these days. Your outbound mail server will do an MX lookup on the domain of the recipient address and contact the recipient's SMTP server directly.
Likely scenarios where store and forware may be used:
a) Big corporation/military. The mail *may* be gated into an internal network by their public facing SMTP server then routed halfway round the world on the internal network.
b) Backup SMTP server - if it's impossible to contact the main MX entries, someone may have a backup SMTP service provided by an ISP or something which will store the mail until it can (eventually) contact your main SMTP servers.
Technically I use store an forward at work where one machine does all the processing (virus, spam, mailing lists etc) and forwards it to the machine that has the user's home directoy on local disk just to avoid using NFS. But that is a local setup so it's doesn't really count here.
You can navigate the site???
I though it was just some random bollocks Flash thing with no content...
OK - I see your reasoning and you are technically correct I believe. However, some important points:
For a start, linux distros are released more frequently - so one has a fighting chance to perform even a network install off a source which is not rotted to buggery.
Second, it is possible to do an install, configure the system, select which daemons will run (or not) and get updates without actually running the ssh/apache or whatever daemon may have a remote exploit today. Can you do a Windows install and run Windows Update without LSASS running at some point?
Thirdly, once Linux is installed and patched (remember, no deamons have been running) we can set up the firewall. Oh look, /etc/init.d/iptables is set to start early (/etc/rc3.d/S03iptables). Network is brought up afterwards
(/etc/rc3.d/S10network).
* above is with reference to Mandrake Linux. I'm sure you could find a distro of Linux that was broken in one of the above respects. Not relevant, at least you have the choice to use one of many that aren't.
The key thing is that you have to want to turn on the firewall and only turn on necessary services (and keep them patched because a firewall with port 80 open doesn't help when apache has a vulnerability). But at lease Linux makes it easy to achieve the above - and I can get the bloody thing installed and patched without being rooted - firewall or no firewall
Please don't compare my choice to OS to something extruded from the rear end of Redmond over 6 years ago.
Well - that would depend which hall. You see, the primary route to sunsite.org.uk is
over Demon's network - so if you are in the halls that are supplied by whichever telco has the contract (I forget)
you are probably going to take the circuitous route.
If you are within DoC's network then you will get the short route.
If you are anywhere else in Imperial - I'm not sure. Hopefully the short route but I cannot say that with certainty.
Hi
I don't run Sunsite - but I work with the people who do. The answer is no - not at the present time.
SMB used to exist on the previous version - this isn't supported at present either. (We're now on Sunsite 3).
You could do worse...
c .sunsite.org.uk/
Now a new server (as of this year) with kind thanks to [well earned plugs]:
Sun Microsystems - hardware
Thus (Demon) - Network feed
Veritas - Software
Brocade - Hardware
for their contunuing sponsorship.
and of course, the Department of Computing, Imperial College London for
housing and feeding it.
Currently it has 1.8 TB of publicly accessible mirrors and supports the following access mechanisms:
http://www.sunsite.org.uk/ [See here for full details]
ftp://ftp.sunsite.org.uk/
rsync://rsyn
I'm running an NVidia GeForce FX 5700 under linux 2.4.25 with the NVidia drivers (build 1.0-5336) and I have exactly the same problem. I'm not sure whether you meant that "those drivers" were ATI's binary ones, but I am finding NVidia's drivers unstable as of late. Also, they were late out with 2.6 support. Who knows if they will support 2.8?
Now that ATI's gone down the same route with binary drivers, I'll be buying Radeon 9200's for my next two computers, being the last card with opensource support for 3D. I'm not a hardcore gamer, so that's plenty of power for my needs.
Mandrake 9.1, linux 2.4.21 on SB75G2 - SATA works prefectly, straight into DMA. Very fast, very stable box. Got one at work - I'm extemely impressed.
Next, the BBC's political programmes will open with the greeting "And thank you, Minister, for taking the time to explain your policy to the nation..."
Never mind, at least the Government's got a steady income stream.
There once was a plan devised, to do with Police "Panda" cars (cars driven by regular police, not traffic division). They were suppsed to be stuffed full of flatfoots (well, 4 - they're not very big cars). The driver would drop a plod off, drive a few hundred yards to another street, drop off another plod etc. After the last drop off, he'd drive round to collect the first plod who would have performed the beat of a couple of streets, collect plods 2+3, then drive somewhere else and repeat until end of shift.
The idea was fewer beat police could perform foot patrols and cover (with random variation) a larger area, but with a statistically high probability that they may walk down the street just when you were about to nick that car.
Was this implemented - was it buggery. They just drive around - how much observation can one do from a car compared to on foot or bicycle?
a) A private corporation who don't go through the same level of security vetting that even a minor civil servant does.
and b) A bunch of foreigners who we might well have a disagreement with tomorrow. I don't trust the civil service 100%, but (having worked within that organisation once) I trust them 100% more than some random for profit stinky (especialy in EDS's case) corporation.
Don't know if EDS still have that contract - doesn't matter, if they don't, some other untrustworthy bunch will.
Gordon Brown is considerably more left wing - so if he were PM, then you might be correct.
If I *wanted* left wing, I'm reduced to the British Communist Party (gay) or Arthur Scargill's (yes, him, the former head of the coal miners' union) Socialist Party, which makes Trotski, Lenin, Stallin and Mao look like a bunch of schoolgirls on a spring picnic.
If I wanted regular socialism (capitalism, higher taxes but state safety net) then I guess I'll have to start my own party... Bah!
It was "Hairy-Assed Magee".
That looks interesting. The only downside to that approach is that it's bolting the kernel to binary after the fact with (on my system) dynamic linkage to 36 libs (ie a bit fat).
At least half those dynamic libs aren't relevant to the job AFAICS. I suspect they are there due to kioslave being a standard KDE app.
It may be a second phase in the experiment, but I would applaud the KDE people if they took this excellent idea, pruned all the generic KDE-ness out of kioslave leaving something lean, mean and generic that could be used equally well by KDE and evrything else.
I say the same thing about gconf, another very good idea - strip it out of Gnome and make it a bit more generic.
In both cases I think that doing so would promote more universal adoption.
This is one of my worries. The KIOSlaves are nice in the extra functionality they offer within KDE (accessing remote filesystems over SCP or FTP for example).
However the more logical place for this would be in the kernel so that all applications can access the remote filesystem uniformly. The bulk of the implementation does not have to always be in the kernel, but this functionality should be available from the kernel's open, close, read, write, readdir and stat syscalls.
Hard mounting such filesystems probably isn't the way to go because the access is transitory and generally per user. Possibly time to consider supporting transient filesystems with a URL namespace (ie outside of the / namespace - or mapped onto it somehow).
It would then be possible for any application from konqueror to gimp to emacs could just ask for a directory listing of:
ftp://randomhost/somewhere/someplace/
or
smb://winserver.domain/share/junk/
and then be able to access files with open, read, write and close
What is wrong IMO in the long term is putting such esoteric url namespace access in higher libraries so only aware applications can benefit. I applaud the KDE bods for trying new ideas, however it would be better if those proven ideas were implemented properly in the most generic way possible.
This is the one case were I was glad when I owned a knackered old diesel Maestro car (British Leyland). Everytime I got one of those tail gating pillocks up my a**e I'd just lead foot the clutch and the accelerator and clear the exhaust pipe soot out in their general direction. They used to give me plenty of space after they'd stopped choking! Sad really to ave to use such tactics, but I take exception when someone endangers my life with their lack of respect for a one ton vehicle. Dickheads...
In space, there is much lower background EM depending on whether you are in sight of the sun or not, so for best effect put your "freezer" out behind the ISS away from the sun and I think you'll find that stuff freezes pretty quickly.
I agree - whenever I catch sight of a TDS screen, the information is far more useful to me than the CIS (Customer mis-Information System) that powers the platform screens and indicators -assuming they haven crashed (most of the time) or aren't displaying an MS Windows error dialogue!
They should deinately have a web front end to the TDS maps.
And yes - when it crashes (often) you have the reboot the train.
The bl**dy thing can't even be diesel shunted if it breaks, there's no way to get the brakes off - not even a hand valve.
This is also the train that went through a period of having dead multiple unit trains if they coupled two sets together that have different versions of the software as the inter-train interface presumably changed(!). Bombardier's answer was to require all units reload their software over radio every 24 hours. If the 24 hour period expires, brakes go on, you go nowhere.
At least it's failsafe - just rather more than one would hope.
Source of the above info - various guards and drivers who staff these things.
There is only one train I'm aware of that this is OK - The Docklands Light Railway, which is totally automatic, but can be driven by the actual conductor if needed.
It's too bad. Mostly everyone is so damn busy with the workload that they rarely have time to pursue cool independent projects in their spare time.
Seems to be the way now. I work for a comp. science university department in the UK - one that has previously turned out the odd significant unix project that was widely used for a time. All I know is that I (and my colleagues) are bogged down solid with providing basic services. I will spend a lot of time to implement well where I can and avoid bodging, but it's not ground breaking stuff - just implementation.
I have serveral ideas in my head right now for cool things, but I would need a decent run at them to get anything useable. I know I won't be able to sustain the input of time into persuing these ideas so I don't bother wasting the time starting - which is a shame, but people these days are expecting more service from no more (or less) staff.
Granted, I could do these in my own time, but with a family on the way I'm prioritising my cool non work ideas over cool work ideas - even getting that time is hard enough.
Charlie's Angels deserved to tank. The only, and I stress, only reason I saw it was to watch Lucy Liu kick ass and of course the car chases (which were amazingly long by any standards). The story was pretty poor, no attention to detail (WHO welds at face level?), it was a typical Hollywood glitsy action film. It's what I classify as a beer and curry film. I'll probably watch it on DVD one day but at that time, I'll be tanked! :-)