The speed part comes not from execution, since Perl scripts run about fast as compiled binaries, but from saving from doing the recompilation each time you run the script.
Then why not add the ability to serialize a compiled script (last stage before execution) and feed it back to Perl (or, even smarter, add a magic header so you can execute it like a 'binary' using the MISC executables kernel mod in Linux like JAVA)? You lose late-binding features (and have to code around that) but there are many scripts which don't care about that, or which do runtime stuff explicitly...
Your Working Boy,
ORBS helps spammers...
on
MAPS vs. ORBS
·
· Score: 2
... because they publish dumps of their open relay lists here.. Whee, slurp in open relays and spam away!
Should the guy get a new server? Sure. But why should anyone be allowed to *FORCE* him to, when *HIS SERVER IS NOT A THREAT TO ANYONE UNDER ANY CIRCUMSTANCES*. Remember, it is *NOT* an open relay.
Legitimately, if this bug is enough to bring down the server, the coding is probably so sloppy as to present significant security flaws and buffer overflows as well.
If you're going to be connected to the internet, you're going to need robust, secure software. Does ORBS engage in any non-RFC-compliant communications? We'd hear of lots more issues if it did...
In other words, yeah, in theory, nobody should be forced to do anything they don't want to do. But in theory, communism works. Wake up and smell the packets.
I use the same rationale with our NT staff each time I run nessus probes on their servers.. if I can crash your server, just think what a malicious and crafty cracker could do with it..
Any sysadmin that has a problem with an ORBS scan is a worthless sysadmin... it's simple... whatcha paranoid about? you dont have the skills to secure your box? get out of the business!
&rant(off);
Above.net is actually engaging in some serious, and quite probably illegal shit IMO.. BGP hacks are the kind of thing that most networks slap down on HARD.. Not any shmo can get or is qualified to have an AS..
Any ethical ISP would boot Above.net from their network, and inform the FBI...
You wouldn't believe how long ssh takes to login when the load is 15.
Heh.. Try logging in with a load of >100.. Did that on an RS6k 7013-570 w/64MB RAM timing out on a massive mail queue (AIX 3.2.5 + sendmail 8.6.X).. Fun!
If you repeatedly probe it after I ask you not to, I'm gonna be real pissed.
Perhaps a robots.txt equivalent for sendmail not enabled by default, so that conscientious admins can lock down their boxes and set the scanner to pass along?
Every time Microsoft does *anything* it gets a Slashdot headline.
Which is why I turned M$ off:p
Your Working Boy,
Re:Does it really matter? Who can afford it?
on
ATI Radeon Released
·
· Score: 2
thought the g400 drivers where more stable by now, since g400 is almost a year old now...
Apparently the M$ drivers are _real_ stable, and the DVD/TV out support is outstanding, but these things tend to take longer on Linux:(
why not just reuse my old mystique 220 instead?;-)
Heh, don't play much Q3A do you?;)
Your Working Boy,
Re:Something to remember about video cards...
on
ATI Radeon Released
·
· Score: 3
GRAPHICS CARDS WITH 64 MEGABYTES OF RAM AND COOLING FANS.
try to sell THAT to someone 10 years ago. -i- wouldn't have believed it.
Dude, there were cards (or rather, multiple slot boards and/or external processing units) like that back then for SGIs, RS6ks (for CATIA and other CA(D|M|E) tools) etc.. If you had $30-100k+ to spare.
I never figured we'd be here now.. The Metaverse is essentially here, for at least 2 senses... COOL.
Your Working Boy,
Re:Does it really matter? Who can afford it?
on
ATI Radeon Released
·
· Score: 2
3.THey get disant drivers that are stable for more than 3 secs
Dude, Linux 2.4.0test4 + XFree4.0.1 + the kernel module from the DRM X distro + Matrox G400Max 32 dualhead = 20-30+ minutes stable Quake3 on my BP6.. ROCK!
I like the G400 because it drives my Multiscan W900 @1920x1200x24 very well w/32MB, but as the newer 3Dfx cards support that amount of RAM (and 24-bit 3D) I would consider them for any upgraded unit..
.. I can just see it, mandatory labels on cellphones.. "Using this phone will kill you"
Hell, using the cell can be just as rude as smoking cigarettes, and cellphone use is higher in Europe than the US (by roughly the same percentages even?;)..
We're supposed to hate Magento, but there isn't anything particularly hateful about him. He's trying to save his species from what he believes from personal experience is a possible Holocaust-style extinction. He might get carried away by his fervor, but he's admirable in many ways, and even the silver-tongued Xavier doesn't make much of a case for his stubborn defense of the human race. (Magento's Holocaust connection was written into the series 20 years after its creation).
You didn't read the comic, did you? Since when are we supposed to hate Magneto?!?? I see him (as most fans do, IMO) as a tragic man, who if circumstances were different could have been a great leader. Hell, in the film itself, you have Xavier who still tries to give Magneto hope in the good nature of humans, and Wolverine (quite appropriately IMO) questioning whether Xavier or Magneto is leading the right side. The only point where anyone could hate him would be where he's killing Rogue to further his aims: _that_ action pushes him over the top (and Wolverine says as much! It's all there!)..
I think the correct feelings towards the Magneto character are more like Pity and Fear than Hate... Unless you're one of the kine forming up against mutants:p
To remove the last vestiges of doubt, he should include in his source, any executable he releases and any licence he releases with either of these, a statement to the effect that he can't be responsible for the effects of using the program on a system he knows nothing about. He should go on to say that anyone who wants to be sure that the program will be safe to use should take and rely on advice from an appropriate professional, and if they don't, it's their own look-out. (Take advice from a lawyer local to you about the exact wording to use).
Why not just copy M$' EULA? It's pretty much what they say..
I still say, given a solid enough wording, that OSS could really win from UCITA, particularly since acquiring new software would become activity requiring strict legal and fiduciary scrutiny instead of slapping junk in you just bought from J&R computer world down the block. UCITA will require software planning, something many commercial organizations don't engage in, and when you've been given (thanks to UCITA and legitimate legal/financial hesitation due to the strength of the licensing terms) some breathing room to DESIGN a solution, OSS gets a bigger chance. Then when you see OSS licenses are explicitly free and unencumbering (except for redistribution of source code), it becomes the path of least resistance..
I think this man is more concerned with developing a secure world than he is by profiteering off a particular economic model.
I agree, my issues are largely related to the academic vs. real-world differences. OSS works pretty well in the real world, but it doesn't fit into a traditional academic perception of security design (though peer-review of code and algorithms _is_ a standard tenet of secure design). Perhaps it was unfair to put the caveat at the top of the note, it should not have conveyed that much emphasis, but I still stand by my belief that Dr. Spafford may have his objectivity clouded somewhat by institutional oldthink and, possibly, by conflicting interest.
However, as an earlier post pointed out, Spafford's lecture seems to be aimed at a controlled, replicable, process (gee...that sounds like software engineering).
Yes, that's why I said (in that earlier post I referred to) that while we can agree that software designed by small teams of competent designers and coders makes for stronger, more secure software, that isn't the actual point. The point is, in the real world, we have to deal with all kinds of software from different companies and groups, and often the decision process for selecting software isn't the most logical or objective process. So how do we live in that world? Dr. Spafford puts forth a view of a software world in which we'd like to live, my thing is we don't live in that world, it's not coming anytime soon, so how the hell do we deal with what we have to deal with, while doing our best to improve matters when we can? Again, it's academic vs. real-world. Both can appreciate the Right Thing, but you can't always get it in the Real World, for a variety of reasons. It's a respectful difference of opinion, not a flame.
Aside from the fact that he gives his information out for free (it's payed by research money but donated to the community at large), it's illegal, immoral, and, from a socio-economic point of view, inappropriate to steal.
Good artists borrow, great artists steal. And smart artists properly attribute.
... check the DRI distro, which contains the entire xf4.0 xc/ source tree IIRC.. I've been running latest builds out of that tree on my 2.4.0test1-ac22 built box using my G400M/32 and Quake3.. I get about 5-30 minutes of stable use in 'failsafe' ?dm mode..
Root around in the site, you'll find CVS instructions...
... And you need to remember that his bread is (as I've said before) partially buttered by closed-source development, and that butter may be threatened by open-source code and economics. Also, beyond just his livelihood, open-source does not necessarily obey his notions of secure design and practices. Academics REALLY HATE when real-world practice doesn't fit into their theoretical structures.. So inconvenient!
We can definitely learn from this man, listen to his experience and knowledge, steal his ideas, and write more secure software, but leave the obsolete preconceptions behind. Then again, he should know that the only reliable crypto is open/peer-reviewed crypto, and security in general needs to be scrutinized by many people of different talent areas to be of quality.
but that if the taxes were to be directly collected on such interstate transaction, it was up to Congress to find a way to do it.
Wouldn't that have to be a federal tax ala euro VAT?
I'm puzzled by the very notion that buying on the internet should somehow circumvent existing tax laws.
Yeah, but should existing state tax laws circumvent specific federal constitutional prohibition without amendment? I refer specifically to Article I Section 9...
As a sidenote, as an economist I'd rather replace all income taxes with consumption taxes anyway
Sales/consumption taxes, though they drive consumers to save, also are extremely regressive in nature, and quite unfair overall. The point is, do we want to be a consumer society or a saver society, and compare ourselves with Japan before you answer:p..
but if the state taxes the good, rather than the sale, it's a stretch for the feds to be involved at all.
Apply goods taxes to the seller, and don't bother with the constitutionally questionable goods/sales taxes to interstate consumers. Simple. Though the tax would then be built-in to the un-sales-taxed interstate consumer transaction, this would spur internet commerce sites to locate in low-tax areas and drive sales taxes lower overall.
Slashdot Mirror
The speed part comes not from execution, since Perl scripts run about fast as compiled binaries, but from saving from doing the recompilation each time you run the script.
Then why not add the ability to serialize a compiled script (last stage before execution) and feed it back to Perl (or, even smarter, add a magic header so you can execute it like a 'binary' using the MISC executables kernel mod in Linux like JAVA)? You lose late-binding features (and have to code around that) but there are many scripts which don't care about that, or which do runtime stuff explicitly...
Your Working Boy,
... because they publish dumps of their open relay lists here.. Whee, slurp in open relays and spam away!
Your Working Boy,
Should the guy get a new server? Sure. But why should anyone be allowed to *FORCE* him to, when *HIS SERVER IS NOT A THREAT TO ANYONE UNDER ANY CIRCUMSTANCES*. Remember, it is *NOT* an open relay.
Legitimately, if this bug is enough to bring down the server, the coding is probably so sloppy as to present significant security flaws and buffer overflows as well.
If you're going to be connected to the internet, you're going to need robust, secure software. Does ORBS engage in any non-RFC-compliant communications? We'd hear of lots more issues if it did...
In other words, yeah, in theory, nobody should be forced to do anything they don't want to do. But in theory, communism works. Wake up and smell the packets.
I use the same rationale with our NT staff each time I run nessus probes on their servers.. if I can crash your server, just think what a malicious and crafty cracker could do with it..
Your Working Boy,
&rant(on);
Any sysadmin that has a problem with an ORBS scan is a worthless sysadmin... it's simple... whatcha paranoid about? you dont have the skills to secure your box? get out of the business!
&rant(off);
Above.net is actually engaging in some serious, and quite probably illegal shit IMO.. BGP hacks are the kind of thing that most networks slap down on HARD.. Not any shmo can get or is qualified to have an AS..
Any ethical ISP would boot Above.net from their network, and inform the FBI...
Your Working Boy,
You wouldn't believe how long ssh takes to login when the load is 15.
Heh.. Try logging in with a load of >100.. Did that on an RS6k 7013-570 w/64MB RAM timing out on a massive mail queue (AIX 3.2.5 + sendmail 8.6.X).. Fun!
Your Working Boy,
If you repeatedly probe it after I ask you not to, I'm gonna be real pissed.
Perhaps a robots.txt equivalent for sendmail not enabled by default, so that conscientious admins can lock down their boxes and set the scanner to pass along?
Your Working Boy,
Every time Microsoft does *anything* it gets a Slashdot headline.
:p
Which is why I turned M$ off
Your Working Boy,
thought the g400 drivers where more stable by now, since g400 is almost a year old now...
:(
;-)
;)
Apparently the M$ drivers are _real_ stable, and the DVD/TV out support is outstanding, but these things tend to take longer on Linux
why not just reuse my old mystique 220 instead?
Heh, don't play much Q3A do you?
Your Working Boy,
GRAPHICS CARDS WITH 64 MEGABYTES OF RAM AND COOLING FANS.
try to sell THAT to someone 10 years ago. -i- wouldn't have believed it.
Dude, there were cards (or rather, multiple slot boards and/or external processing units) like that back then for SGIs, RS6ks (for CATIA and other CA(D|M|E) tools) etc.. If you had $30-100k+ to spare.
I never figured we'd be here now.. The Metaverse is essentially here, for at least 2 senses... COOL.
Your Working Boy,
3.THey get disant drivers that are stable for more than 3 secs
Dude, Linux 2.4.0test4 + XFree4.0.1 + the kernel module from the DRM X distro + Matrox G400Max 32 dualhead = 20-30+ minutes stable Quake3 on my BP6.. ROCK!
Your Working Boy,
I like the G400 because it drives my Multiscan W900 @1920x1200x24 very well w/32MB, but as the newer 3Dfx cards support that amount of RAM (and 24-bit 3D) I would consider them for any upgraded unit..
Your Working Boy,
www.failure.com is running Microsoft-IIS/4.0 on NT4 or Windows 98
:(
No wonder it's slashdotted
When will they ever learn?
Your Working Boy,
.. I can just see it, mandatory labels on cellphones.. "Using this phone will kill you"
;)..
Hell, using the cell can be just as rude as smoking cigarettes, and cellphone use is higher in Europe than the US (by roughly the same percentages even?
Your Working Boy,
We're supposed to hate Magento, but there isn't anything particularly hateful about him. He's trying to save his species from what he believes from personal experience is a possible Holocaust-style extinction. He might get carried away by his fervor, but he's admirable in many ways, and even the silver-tongued Xavier doesn't make much of a case for his stubborn defense of the human race. (Magento's Holocaust connection was written into the series 20 years after its creation).
:p
You didn't read the comic, did you? Since when are we supposed to hate Magneto?!?? I see him (as most fans do, IMO) as a tragic man, who if circumstances were different could have been a great leader. Hell, in the film itself, you have Xavier who still tries to give Magneto hope in the good nature of humans, and Wolverine (quite appropriately IMO) questioning whether Xavier or Magneto is leading the right side. The only point where anyone could hate him would be where he's killing Rogue to further his aims: _that_ action pushes him over the top (and Wolverine says as much! It's all there!)..
I think the correct feelings towards the Magneto character are more like Pity and Fear than Hate... Unless you're one of the kine forming up against mutants
Your Working Boy,
Are these things recyclable, or at least break-downable? At 1000h, I can see lots of these things getting tossed and stocking up landfills...
Or would you be able to feed the sheets back into a printer and reprint the blue "ink"?
Your Working Boy,
... MegaWeapon!!!!
Your Working Boy,
To remove the last vestiges of doubt, he should include in his source, any executable he releases and any licence he releases with either of these, a statement to the effect that he can't be responsible for the effects of using the program on a system he knows nothing about. He should go on to say that anyone who wants to be sure that the program will be safe to use should take and rely on advice from an appropriate professional, and if they don't, it's their own look-out. (Take advice from a lawyer local to you about the exact wording to use).
Why not just copy M$' EULA? It's pretty much what they say..
I still say, given a solid enough wording, that OSS could really win from UCITA, particularly since acquiring new software would become activity requiring strict legal and fiduciary scrutiny instead of slapping junk in you just bought from J&R computer world down the block. UCITA will require software planning, something many commercial organizations don't engage in, and when you've been given (thanks to UCITA and legitimate legal/financial hesitation due to the strength of the licensing terms) some breathing room to DESIGN a solution, OSS gets a bigger chance. Then when you see OSS licenses are explicitly free and unencumbering (except for redistribution of source code), it becomes the path of least resistance..
Hmm...
Your Working Boy,
Yes, but what about the Master betas? Will Slashdot get their hands on the Master betas?
(Sorry, had to...)
Your Working Boy,
The 420 is a nicer box IMO.. Rack-mountable. And who wants to dick around with internal HDDs anyway, just slap on some external DASD and go nuts..
Your Working Boy,
Guess it's time to put down the coffee and step away from the keyboard :p
;)
I just want Quake3 to stop crashing...
Keep up the good work!
Your Working Boy,
I think this man is more concerned with developing a secure world than he is by profiteering off a particular economic model.
I agree, my issues are largely related to the academic vs. real-world differences. OSS works pretty well in the real world, but it doesn't fit into a traditional academic perception of security design (though peer-review of code and algorithms _is_ a standard tenet of secure design). Perhaps it was unfair to put the caveat at the top of the note, it should not have conveyed that much emphasis, but I still stand by my belief that Dr. Spafford may have his objectivity clouded somewhat by institutional oldthink and, possibly, by conflicting interest.
However, as an earlier post pointed out, Spafford's lecture seems to be aimed at a controlled, replicable, process (gee...that sounds like software engineering).
Yes, that's why I said (in that earlier post I referred to) that while we can agree that software designed by small teams of competent designers and coders makes for stronger, more secure software, that isn't the actual point. The point is, in the real world, we have to deal with all kinds of software from different companies and groups, and often the decision process for selecting software isn't the most logical or objective process. So how do we live in that world? Dr. Spafford puts forth a view of a software world in which we'd like to live, my thing is we don't live in that world, it's not coming anytime soon, so how the hell do we deal with what we have to deal with, while doing our best to improve matters when we can? Again, it's academic vs. real-world. Both can appreciate the Right Thing, but you can't always get it in the Real World, for a variety of reasons. It's a respectful difference of opinion, not a flame.
Aside from the fact that he gives his information out for free (it's payed by research money but donated to the community at large), it's illegal, immoral, and, from a socio-economic point of view, inappropriate to steal.
Good artists borrow, great artists steal. And smart artists properly attribute.
Your Working Boy,
... check the DRI distro, which contains the entire xf4.0 xc/ source tree IIRC.. I've been running latest builds out of that tree on my 2.4.0test1-ac22 built box using my G400M/32 and Quake3.. I get about 5-30 minutes of stable use in 'failsafe' ?dm mode..
Root around in the site, you'll find CVS instructions...
Your Working Boy,
... And you need to remember that his bread is (as I've said before) partially buttered by closed-source development, and that butter may be threatened by open-source code and economics. Also, beyond just his livelihood, open-source does not necessarily obey his notions of secure design and practices. Academics REALLY HATE when real-world practice doesn't fit into their theoretical structures.. So inconvenient!
We can definitely learn from this man, listen to his experience and knowledge, steal his ideas, and write more secure software, but leave the obsolete preconceptions behind. Then again, he should know that the only reliable crypto is open/peer-reviewed crypto, and security in general needs to be scrutinized by many people of different talent areas to be of quality.
Your Working Boy,
but that if the taxes were to be directly collected on such interstate transaction, it was up to Congress to find a way to do it.
:p..
Wouldn't that have to be a federal tax ala euro VAT?
I'm puzzled by the very notion that buying on the internet should somehow circumvent existing tax laws.
Yeah, but should existing state tax laws circumvent specific federal constitutional prohibition without amendment? I refer specifically to Article I Section 9...
As a sidenote, as an economist I'd rather replace all income taxes with consumption taxes anyway
Sales/consumption taxes, though they drive consumers to save, also are extremely regressive in nature, and quite unfair overall. The point is, do we want to be a consumer society or a saver society, and compare ourselves with Japan before you answer
but if the state taxes the good, rather than the sale, it's a stretch for the feds to be involved at all.
Apply goods taxes to the seller, and don't bother with the constitutionally questionable goods/sales taxes to interstate consumers. Simple. Though the tax would then be built-in to the un-sales-taxed interstate consumer transaction, this would spur internet commerce sites to locate in low-tax areas and drive sales taxes lower overall.
Your Working Boy,
Actually, it's 'she', as in 'she-bang' for #! ...
Your Working Boy,