And colleague and I where working a client E450 when we saw some funny ASCII art in/var/log/messages. At first, we believed that the machine got owned and the cracker was making fun of us. A little grepping later we found it in arch/sparc64/kernel/traps.c die_if_kernel() (around line 1450 for 2.4.18). I'd like to post the snippet, but the lameness filter refuse to let me do so. Go see for yourself.
BTW, kerneltrap.org comment posting system seem borked... it ate my post !
Likewise, while it really offers only a few major advantages (and some disadvantages) over KDE's Konqueror, Mozilla 1.0 finally did arrive on the scene attracting attention from many mainstream sources. While its impact on the "browser wars" may be minimal, it does promise a real alternative to Internet Explorer on pretty much any platform.
I think the author downplayed the importance of Mozilla 1.0:
It's the first closed-source program gone OSS that achieved wide success. Netscape betted on OSS in 1998 and they won. Actually, Mozilla outlive Netscape.
Lot's of people where denigrating OSS, pointing finger at how Mozilla was getting nowhere, would stay in beta perpetually, etc. Release 1.0 proved they where wrong and that OSS can work.
For once, we have a end-user OSS application that is the best of his class. You can argue that IE is best in this or that regard, but overall Mozilla seriously kick all the other option's butt.
Mozilla is pretty much the only serious alternative to the monopoly of IE as web browser (being multiplatform, standard compliant and feature-complete).
For me, Mozilla 1.0 is THE event of the year 2002 for OSS.
My employer (a Linux integrator) had been doing pretty well. We doubled the staff and I received a 10% raise. So apparently they are way to eat selling Linux.
Yes, some Linux distributor (Mandrake, Caldera, etc) are having difficulties but unlike what you think some are doing well. You may believe that RedHat is a joke, but they are showning a profit not even 3 years after their IPO. We can't say such a thing of most dot.bomb of the time !
I don't want to sound like a MS apologist, but we (the Linux community) really have no lesson to make to MS about server security this years. While 2001 was the year of shame for MS (Code Red|Blue|Red II, Nimba et cie), 2002 was a really bad year for OSS server software : OpenSSH exploit, Apache chunk encoding bug (Ramen), OpenSSL, etc.
First, Perl (please don't capitalize) is quite useful for user too. Your system is probably full of script written in Perl that you are not aware of. Same goes for Python.
Second, do you understand the implication of replacing X ? Beside having to rewrite a graphical display system (a long, tedious and error-prone process), you will have to rewrite or at least modify almost all of the current application.
BTW, lot of people complain about speed of X but I would really like to see this quantify beyond "Win98 boot faster !". Chance are it's not X that slow, it's your desktop environnement (KDE, Gnome). At least give a try to a lighter WM.
Just curious : when was the last you had to manually choose which library to install ? Oh yeah, the last you checked "Custom Install" and "Show All Packages".
Beside that, do we want a Windows replacement ? I personnally dont. What I want of Linux is a solid and useable Unix-based OS.
I did not read the article in whole (I am at work right now) but it is a big deception to see that the author, in the section about other anti-spam measure, wrote only a single paragraph on user education. It's a big deception because this is the root of the problem. Sysadmin can fiddle all their time with Spamassassin and Vipul's Razor but as long as some moron will buy pensu enlargement cream from spammer, spam will continue to be profitable.
The only way to reliably and permanentely stop spam is to to make it unprofitable. Since spamming have near-zero cost, anti-spam measure must attack the revenu stream of spammer. The revenu stream is people buying into spam. Thus having less people buy into spam is the only effective anti-spam prevention measure. All the rest is just Band-Aid in a loosing battle.
BTW, this is the same thing with tele-marketing, junk fax, etc.
- Why is there still no standard model for adding and removing apps? The number of competing models for package management alone is sickening.
- Why do we still have to choose between a bunch of different desktops, ALL of which are mutually incompatible?
1. There are many standards actually (RPM, debs, etc.). RPM, used by RedHat, Mandrake, Caldera and pretty every distributor that count beside Slack and Debian, is currently the dominant one.
2. Wrong. Desktop are actually COMPATIBLE ! You can run a Gnome application in KDE and vice-versa. Some aspect of the DE are not compatible, like themes for example, but could you use a Winamp skin in WMP ?
Another "too many choices is bad" armchair advocate trolling. Please go get a fscking clue.
Since you mentionned that it worked the moment you renamed your boxes, my take is that participating machine did not have account in your domain. To do that, on your Linux box:
The $ sign in the machine name is important to Samba.
From there on, I don't know what to say because it always work for me. There is no "secret recipe"; it is all thoroughly explained in/usr/share/doc/samba-[version}/docs/htmldocs/Samba -PDC-HOWTO.html. No need to kiss geek's ass, but some troubleshooting skill may help.
Were the client machine 9x or NT-based (NT, 2K, XP) ? Have you read the log (/var/log/samba/machinename.log) ? What where the error message on the client when they tried to log on the domain ?
Kudo to Don. It's true : the guy respond and respond fast. Here at work, we exchanged email with M. Becker a few time and I must say he had been very friendly and helpful.
It's a software, not a service but just in case you would be interested in running your own server, I would mention that IMP have PGP/GPG support (at least, the CVS HEAD does).
I did both white-collar and manual labor. When you had been carrying brick 12 hours a day for 6$/hour, you don't complain about being lonely and insecure from your climatized office. I'll take my high-paying, challenging and virtually risk-free tech job anyday, thank you very much. Comparing 21st century techies to 19th factory worker is ridiculous self-pity; the author
We can generalize and say that people smart enough to install/configure spamfilter don't buy spam. These people are already deadweight for spammer. They loose nothing from these people running spamfilter.
Now, if Outlook Express and AOL would come with spamfilter preinstalled and pre-configured, the fact that spam would not get to random luser will probably make a dent in spammer sales. But the installed is huge, it would take a big while before it start making a difference.
I think filter do not solve the problem at its base; it only cure the symptom. Spam still get sent, you just don't see them in your inbox. Since you will have to download and process them, you are still paying the "cost".
Also, people who configure and use spam filter are VERY unlikely to buy anything from spam. For spammer, these people are just part of the deadweight anyway. So even if 99% of the population would use spam filter, it would be of no use in curbing the problem if this is the 99% that would not buy from spam anyway.
At it's base, the problem can only be solved by reducing the value of spam to spammer. There are two ways to accomplish : augment the cost of spamming or lower the return.
Various way exist to augment the cost of spamming. Having them banned from their ISP is one of these, but its effectiveness is limited : eventually, spammer will move where they are tolerated (ie China) and spam from there unpunished. Other possibilities include the morally objectionnable one, like infiltrating spammer circle, poisoning their address list and hacking their infrastructure.
Spam is profitable because, apparently, some people are dumb enough to fall for it. If less people would fall for it, spam would be less profitable thus less common. In that respect, awarness campaign should be done. The question is : who would pay for it ? I say the major ISP should at least try to educated a tiny little bit their new customer on the subject. Something anybody could do however is, if you know somebody who falled for spam, please hit him with a cluestick... twice!
It really depend on your particuliar situation and what you try to build. Which language do you know ? Which feature do you need ? The only real advice I can give you is to try a little a pilot and make sure all the features you need WORK and are well supported. Ie if you need LDAP support for your portal, don't trust the fact that John Doe said on a weblog that Zope support LDAP; go out and find out if the LDAP module work with current Zope version, if developpemet is still active, etc.
As for recommending another solution, I put a lot of hope in the Horde framework (www.horde.org). Written in PHP, clean OO, easily extensible, featureful, etc. However, the content management feature is in early developement so not really useable yet, and documentation is basically inexistant.
Beside that, I am sorry I have not had the chance to work with any other solution.
3. Authentication scheme : I tried to coax Zope into authenticating to a MySQL database. Two package seems to be doing what I wanted. One was full of bug, the other would have required that I port it from PostgreSQL to MySQL. Quality of module vary greatly. Some are good, but a lot are outdated or broken.
I don't see how third party packages and modules are the fault of the zope software. Zope doesn't magically update modules to fix bugs and use the latest methods.
Authenticating to a RDBMS is not built-in (more precisely, it was'nt in the version I used) so you need to use a third-party module. If the module for the functionnality you need is buggy/inexistant, it impact the usuability of the whole package.
Error messages are useless. Although it might be nice to know the function call stack, I would have prefered something more informative than "KeyError" for error message. And have a look at the data that made Zope choke, too.
Why don't you can the error message then? The stack trace is because an uncaught exception is thrown. If you don't like the stack trace, then catch the exception and have the code output the error message that you want it to show. Incidentally, the stack track and exception type identifies the error pretty explicitly. Just based on your description, I'm fairly sure that the error was due to the code trying to look up something that wasn't present in a dictionary.
Excuse my ignorance, but I did not understand a thing about what you said. Why can't Zope output standard error messages, like "Can't locate object method "do_something" via package Neat::Gizmo" or "compilation error: syntax error at line 123" ? Also, not "canning" (whatever that mean) error message seem to be the default because I can't recall seeing a helpful error message in the two month I had been battling with Zope.
I suppose it's a matter of taste. For the Python freak it might be ok. I personnally dislike it with passion.
Well that's your problem. You don't like python so you are bitching about the fact that Zope uses python and a lot of Zope modules use python also. You do know that Zope modules can be written in perl as well right?
No, I am bitching because it did'nt fit my needs (no SSL, only Basic Auth in the default install... I know you can use Apache's mod_proxy but come on!). As for fitting a square peg in a round hole, why not use a square hole in the first place (use a Perl-based portal toolkit if Perl is what you know) ?
What I really don't like about Zope is advocate claiming support for X and Y and, when you are down implementing it, you realise the module had not been maintained in two year and break with 2.5.x.
Overall, Zope leaved me an unfinished, unpolished and akward feel.
I had to work with Zope recently and had been quite underwhelmed:
1. Easy management : yes and no. It's full of "objects", "class", "methods", etc. I can understand that; my client cannot.
2. Separation of code from content : if you don't count DTML as "code", that may be true.
3. Authentication scheme : I tried to coax Zope into authenticating to a MySQL database. Two package seems to be doing what I wanted. One was full of bug, the other would have required that I port it from PostgreSQL to MySQL.
Quality of module vary greatly. Some are good, but a lot are outdated or broken.
The zope.org site suck big time. The search engine lack option and return too many hit without any regard to revelance.
Documentation is uneven. It's better than none at all, however.
Error messages are useless. Although it might be nice to know the function call stack, I would have prefered something more informative than "KeyError" for error message. And have a look at the data that made Zope choke, too.
I suppose it's a matter of taste. For the Python freak it might be ok. I personnally dislike it with passion.
Re:Is this some sort of a MS tradition?
on
Halloween VII
·
· Score: 2
So, if I understand correctly M. Perens, you tied your hand signing an NDA ? I believe it's a big mistake. Maybe you did not really have a choice but I would personnally have forfeited looking at said document instead of legally forcing myself to silence.
I second that. ArsTechnica is the best Web forum out there. There are various forum (networking, multimedia, Linux, Windows, you name it) and there a lot of knowledgeable participants. The tone is quite civil since these forum are aggressively moderated. These are also very newbie-friendly.
... a small paintbrush. I am using this to dust off part. It's cheaper (and more environnement-friendly) than canned air and does the job just as good (with a tiny bit more effort).
Slashdot Mirror
And colleague and I where working a client E450 when we saw some funny ASCII art in /var/log/messages. At first, we believed that the machine got owned and the cracker was making fun of us. A little grepping later we found it in arch/sparc64/kernel/traps.c die_if_kernel() (around line 1450 for 2.4.18). I'd like to post the snippet, but the lameness filter refuse to let me do so. Go see for yourself.
BTW, kerneltrap.org comment posting system seem borked ... it ate my post !
Likewise, while it really offers only a few major advantages (and some disadvantages) over KDE's Konqueror, Mozilla 1.0 finally did arrive on the scene attracting attention from many mainstream sources. While its impact on the "browser wars" may be minimal, it does promise a real alternative to Internet Explorer on pretty much any platform.
I think the author downplayed the importance of Mozilla 1.0 :
For me, Mozilla 1.0 is THE event of the year 2002 for OSS.
My employer (a Linux integrator) had been doing pretty well. We doubled the staff and I received a 10% raise. So apparently they are way to eat selling Linux.
Yes, some Linux distributor (Mandrake, Caldera, etc) are having difficulties but unlike what you think some are doing well. You may believe that RedHat is a joke, but they are showning a profit not even 3 years after their IPO. We can't say such a thing of most dot.bomb of the time !
I don't want to sound like a MS apologist, but we (the Linux community) really have no lesson to make to MS about server security this years. While 2001 was the year of shame for MS (Code Red|Blue|Red II, Nimba et cie), 2002 was a really bad year for OSS server software : OpenSSH exploit, Apache chunk encoding bug (Ramen), OpenSSL, etc.
First, Perl (please don't capitalize) is quite useful for user too. Your system is probably full of script written in Perl that you are not aware of. Same goes for Python.
Second, do you understand the implication of replacing X ? Beside having to rewrite a graphical display system (a long, tedious and error-prone process), you will have to rewrite or at least modify almost all of the current application.
BTW, lot of people complain about speed of X but I would really like to see this quantify beyond "Win98 boot faster !". Chance are it's not X that slow, it's your desktop environnement (KDE, Gnome). At least give a try to a lighter WM.
Just curious : when was the last you had to manually choose which library to install ? Oh yeah, the last you checked "Custom Install" and "Show All Packages".
Beside that, do we want a Windows replacement ? I personnally dont. What I want of Linux is a solid and useable Unix-based OS.
I did not read the article in whole (I am at work right now) but it is a big deception to see that the author, in the section about other anti-spam measure, wrote only a single paragraph on user education. It's a big deception because this is the root of the problem. Sysadmin can fiddle all their time with Spamassassin and Vipul's Razor but as long as some moron will buy pensu enlargement cream from spammer, spam will continue to be profitable.
The only way to reliably and permanentely stop spam is to to make it unprofitable. Since spamming have near-zero cost, anti-spam measure must attack the revenu stream of spammer. The revenu stream is people buying into spam. Thus having less people buy into spam is the only effective anti-spam prevention measure. All the rest is just Band-Aid in a loosing battle.
BTW, this is the same thing with tele-marketing, junk fax, etc.
And how, exactly, do you propose stopping people from happily continue development on all the other desktops?
why should they stop ?
- Why is there still no standard model for adding and removing apps? The number of competing models for package management alone is sickening.
- Why do we still have to choose between a bunch of different desktops, ALL of which are mutually incompatible?
1. There are many standards actually (RPM, debs, etc.). RPM, used by RedHat, Mandrake, Caldera and pretty every distributor that count beside Slack and Debian, is currently the dominant one.
2. Wrong. Desktop are actually COMPATIBLE ! You can run a Gnome application in KDE and vice-versa. Some aspect of the DE are not compatible, like themes for example, but could you use a Winamp skin in WMP ?
Another "too many choices is bad" armchair advocate trolling. Please go get a fscking clue.
dicking around for a day or so, calling support back and forth, only cost the support fee if your time is worthless.
Since you mentionned that it worked the moment you renamed your boxes, my take is that participating machine did not have account in your domain. To do that, on your Linux box :
/bin/false -c "Machine Account" -M machinename$
/usr/share/doc/samba-[version}/docs/htmldocs/Samba -PDC-HOWTO.html. No need to kiss geek's ass, but some troubleshooting skill may help.
adduser -s
smbpasswd -a -m machinename$
The $ sign in the machine name is important to Samba.
From there on, I don't know what to say because it always work for me. There is no "secret recipe"; it is all thoroughly explained in
Were the client machine 9x or NT-based (NT, 2K, XP) ? Have you read the log (/var/log/samba/machinename.log) ? What where the error message on the client when they tried to log on the domain ?
Kudo to Don. It's true : the guy respond and respond fast. Here at work, we exchanged email with M. Becker a few time and I must say he had been very friendly and helpful.
It's a software, not a service but just in case you would be interested in running your own server, I would mention that IMP have PGP/GPG support (at least, the CVS HEAD does).
I did both white-collar and manual labor. When you had been carrying brick 12 hours a day for 6$/hour, you don't complain about being lonely and insecure from your climatized office. I'll take my high-paying, challenging and virtually risk-free tech job anyday, thank you very much. Comparing 21st century techies to 19th factory worker is ridiculous self-pity; the author
Exactly what we had last year and what we will get this year too !
We can generalize and say that people smart enough to install/configure spamfilter don't buy spam. These people are already deadweight for spammer. They loose nothing from these people running spamfilter.
Now, if Outlook Express and AOL would come with spamfilter preinstalled and pre-configured, the fact that spam would not get to random luser will probably make a dent in spammer sales. But the installed is huge, it would take a big while before it start making a difference.
I think filter do not solve the problem at its base; it only cure the symptom. Spam still get sent, you just don't see them in your inbox. Since you will have to download and process them, you are still paying the "cost".
... twice!
Also, people who configure and use spam filter are VERY unlikely to buy anything from spam. For spammer, these people are just part of the deadweight anyway. So even if 99% of the population would use spam filter, it would be of no use in curbing the problem if this is the 99% that would not buy from spam anyway.
At it's base, the problem can only be solved by reducing the value of spam to spammer. There are two ways to accomplish : augment the cost of spamming or lower the return.
Various way exist to augment the cost of spamming. Having them banned from their ISP is one of these, but its effectiveness is limited : eventually, spammer will move where they are tolerated (ie China) and spam from there unpunished. Other possibilities include the morally objectionnable one, like infiltrating spammer circle, poisoning their address list and hacking their infrastructure.
Spam is profitable because, apparently, some people are dumb enough to fall for it. If less people would fall for it, spam would be less profitable thus less common. In that respect, awarness campaign should be done. The question is : who would pay for it ? I say the major ISP should at least try to educated a tiny little bit their new customer on the subject. Something anybody could do however is, if you know somebody who falled for spam, please hit him with a cluestick
Just curious : what make filesystems independance such a deisrable feature for Web portal ? And what are "TTW capabilities" ?
It really depend on your particuliar situation and what you try to build. Which language do you know ? Which feature do you need ? The only real advice I can give you is to try a little a pilot and make sure all the features you need WORK and are well supported. Ie if you need LDAP support for your portal, don't trust the fact that John Doe said on a weblog that Zope support LDAP; go out and find out if the LDAP module work with current Zope version, if developpemet is still active, etc.
As for recommending another solution, I put a lot of hope in the Horde framework (www.horde.org). Written in PHP, clean OO, easily extensible, featureful, etc. However, the content management feature is in early developement so not really useable yet, and documentation is basically inexistant.
Beside that, I am sorry I have not had the chance to work with any other solution.
I don't see how third party packages and modules are the fault of the zope software. Zope doesn't magically update modules to fix bugs and use the latest methods.
Authenticating to a RDBMS is not built-in (more precisely, it was'nt in the version I used) so you need to use a third-party module. If the module for the functionnality you need is buggy/inexistant, it impact the usuability of the whole package.
Why don't you can the error message then? The stack trace is because an uncaught exception is thrown. If you don't like the stack trace, then catch the exception and have the code output the error message that you want it to show. Incidentally, the stack track and exception type identifies the error pretty explicitly. Just based on your description, I'm fairly sure that the error was due to the code trying to look up something that wasn't present in a dictionary.
Excuse my ignorance, but I did not understand a thing about what you said. Why can't Zope output standard error messages, like "Can't locate object method "do_something" via package Neat::Gizmo" or "compilation error: syntax error at line 123" ? Also, not "canning" (whatever that mean) error message seem to be the default because I can't recall seeing a helpful error message in the two month I had been battling with Zope.
Well that's your problem. You don't like python so you are bitching about the fact that Zope uses python and a lot of Zope modules use python also. You do know that Zope modules can be written in perl as well right?
No, I am bitching because it did'nt fit my needs (no SSL, only Basic Auth in the default install ... I know you can use Apache's mod_proxy but come on!). As for fitting a square peg in a round hole, why not use a square hole in the first place (use a Perl-based portal toolkit if Perl is what you know) ?
What I really don't like about Zope is advocate claiming support for X and Y and, when you are down implementing it, you realise the module had not been maintained in two year and break with 2.5.x.
Overall, Zope leaved me an unfinished, unpolished and akward feel.
I had to work with Zope recently and had been quite underwhelmed :
1. Easy management : yes and no. It's full of "objects", "class", "methods", etc. I can understand that; my client cannot.
2. Separation of code from content : if you don't count DTML as "code", that may be true.
3. Authentication scheme : I tried to coax Zope into authenticating to a MySQL database. Two package seems to be doing what I wanted. One was full of bug, the other would have required that I port it from PostgreSQL to MySQL.
Quality of module vary greatly. Some are good, but a lot are outdated or broken.
The zope.org site suck big time. The search engine lack option and return too many hit without any regard to revelance.
Documentation is uneven. It's better than none at all, however.
Error messages are useless. Although it might be nice to know the function call stack, I would have prefered something more informative than "KeyError" for error message. And have a look at the data that made Zope choke, too.
I suppose it's a matter of taste. For the Python freak it might be ok. I personnally dislike it with passion.
So, if I understand correctly M. Perens, you tied your hand signing an NDA ? I believe it's a big mistake. Maybe you did not really have a choice but I would personnally have forfeited looking at said document instead of legally forcing myself to silence.
I second that. ArsTechnica is the best Web forum out there. There are various forum (networking, multimedia, Linux, Windows, you name it) and there a lot of knowledgeable participants. The tone is quite civil since these forum are aggressively moderated. These are also very newbie-friendly.
... a small paintbrush. I am using this to dust off part. It's cheaper (and more environnement-friendly) than canned air and does the job just as good (with a tiny bit more effort).
3) Use firewall VPN technology for layer 2 security;
Are you talking OSI layer here ? If yes, I would be interested in knowing wich VPN technologies operate on that level ...