Actually, have you tried using a class E address? Not all that long ago, even Linux wouldn't permit use of a class E address, although it appears that has been fixed. Given the number of ancient installations of all sorts of operating systems out there, it would not surprise me to find that a non-trivial fraction of internet-facing devices would simply barf if assigned such an address or if instructed to access said address.
As another data point, pinging a class E address from a fully patched Windows XP machine says "Destination specified is invalid." which means Windows up to XP has class E blocked at the network stack level. That means Win2k and previous also have that problem.
Of course, that's not to say we shouldn't fix things so class E space can be used. After all, what's the point of not using it?
Re:Misconception about crypto in article
on
R.I.P. FTP
·
· Score: 2, Informative
Bzzzt! Fail.
That only works on the *server* side. TFA is talking about the *client* software which saves the password for you so you don't have to enter it every time. There is no possible way for the client software to provide the correct password to the server unless it can obtain it, either by decrypting its stored password or by querying the user. So, no, a one-way hash is not usable in that circumstance.
Ummm, the "don't split infinitives" thing is actually bogus. In English, the infinitive has always been split and in some cases it is simply more clear to do so. It's a similar situation with ending sentences with prepositions. Both "rules" were made up by scholars a couple centuries ago.
Now as far as "Rules for management that is...", that can actually be correct if "Rules for management" is considered a single list. In that case, one would generally want to write it as a title (in quotes or something) but "Rules for management that is..." might actually be considered correct.
Also, "I got a suggestion" might actually be correct. If the suggestion came to me from someone else at some time in the past, then I got a suggestion.
In this case, though, it is more likely that the GP simply made errors. I just felt that if someone was being picky about grammar, I would be too.:)
It would seem to me that once the request to pull the site was made, CIRA would have actually looked at the registration. Then, they would be required to enforce their own policies. That would mean that no matter why the registrar asked for the registration to be suspended, CIRA would pretty much have to suspend the domain if they find any reason to do so. Thus, CIRA stating it was due to anonymous registration may actually be correct since that is the grounds they found to do so. And if I were them, I would have used that grounds on any announcement since the reason it was requested by the registrar is likely quite dubious. The registrar on the other hand might not be aware of this fact.
Additionally, and I'm speaking as a CIRA accredited registrar now, the registrant is required to enter into a contract (electronically) which can only be done by a real person (or legal equivalent). You cannot prove a contract with someone if that someone is anonymous or has bogus contact information. Thus, CIRA does not permit anonymous registrations. It's actually perfectly reasonable.
At least this one doesn't claim to be bulletproof and be able to adapt to any situation conceivable instantly without loss of information or ability to continue operating. I seem to recall something like that popping up a number of years ago.
One thread I've noticed emerging in the comments here is that of "but non open source stuff has the same problems". Why should it matter if the non open source stuff has the same problems? If it's a problem at all, should it not be addressed?
After all, addressing a problem that other guys haven't is a good way to improve the chances of getting ahead.
I'd recommend taking a trip up the Alaska Highway. Of course, you'll need to discover some mode of transportation to do it. There's cool scenery along the way. You might even combine it as follows:
Stop in Calgary, Alberta for whatever sights, visit Banff, etc., then head on up to Edmonton and see whatever sights there. Then ramble on up through Grand Prairie and then to Dawson Creek. The Alaska highway starts in Dawson Creek. Then head up to Whitehorse. Take a trip over to Dawson City (Klondike Gold Rush) and if you have time, mosey on up the Demptster Highway to Innuvik (cross the Arctic Circle) then head on into Alaska and make your way South along the Pacific coast. Insert any sites of interest into your trip through Alaska. Then wander around the Vancouver area for a while.
Of course, you should do the Arctic stuff in the summer, say around the solstice. Then you might get to see the midnight sun.
You'll probably end up hitchhiking much of this trip but a couple folks I've talked to have done just that and said it was a great experience.
Until there is a *viable* multihoming solution that actually works in the real world rather than on paper, my organization cannot even consider switching. We currently multihome on IPV4 but we cannot qualify for the requirements for provider-independent addresses for IPV6. Because of this, if we moved to IPV6, even if our upstreams supported it, we could not provide the same level of reliability that our IPV4 network has; we'd be tied to a single provider for provider-aggregated space in IPV6 which would not allow us to keep our IPV6 network visible if that one provider (or our link thereto) failed.
For those of you who think that multiple links to a provider will solve that problem, think again. How many times has a typo in a router configuration caused routing issues on a backbone?
Thus, when there is a multihoming solution that is workable for the smaller companies who need to it (and size != need to multihome in this market - you can't get big if you can't multihome), we cannot deploy it for critical services.
I personally flunked a couple of those tests because the colour schemes were such that I couldn't pick *anything* out of the jumble. I happen to have a "red-green" deficiency which I've found tends to invalidate most of these types of tests. I have no problem with the distorted text ones and stuff like that.
Then again, I flunked one where the pictures were clearly of bears but it claimed something inane like pigs.
Ahh, come on. "Gyro" is short of "Gyroscope". Which is not food. So it obviously doesn't belong.
Herein is the problem with most of these kinds of tests. They all assume some base set of knowledge. Unfortunately, most people equate knowledge with intelligence. I can know a lot of things but be a dumb as a post because I can't reason. So what exactly is the definition of intelligence? Shouldn't we define that before we go trying to create it?
"The cable is driven into the ground from a machine on the rails."
That probably depends on who is doing the burying of the cable and where they are doing it. In my neck of the woods (albeit not in the US) I have seen fibre being laid by big machines driving over the surface of the land. That is, not on the tracks. I highly doubt that it is always done from a machine on the rails.
I notice that the article takes great pains to mention the fact that hydrogen production need not be "pollution at a distance". Granted, the most likely situation is going to be "let's keep the oil companies in business" but at least this article mentions alternatives unlike most of the doom and gloom pieces.
There was also a remarkable amount of almost useful detail in the article!
I live in Calgary, Alberta (in Canada), and I have an ADSL line with a local provider called Nucleus. They are reselling what the local telco provides (and at a better deal for what I'm doing). I was told 3 weeks and it was actually installed on the day they said it would be. Also, it has had only about 3 hours downtime in the past 3 months, and then it was Nucleus's upstream (the telco, go figure) provider that had problems.
I have heard, however, that the delay is really long in neighborhoods that are further from the central core of the city. I suppose YMMV depending on your circumstances.
Of course, with the lives depending on that code and all, a significant effort must be put into making the code work correctly. Obviously their method works. It is also extremely expensive to follow it so as much as it is the right (tm) way of writing code, it is not practical for things like word processors where the added cost of doing things the "right" way would make the resulting product too expensive.
That is not to say, however, that some of the things they do should not be adopted. Design specifications, attainable deadlines and code reviews would go a long way to eliminating a lot of stupid bugs that get into commercial (and otherwise) software. The extreme extent they go to to track changes to code and make sure changes are correct is overkill in MOST situations though.
It's rather a dismal comment on certain political bodies that they would allow such laws as permit this sort of injustice to be enacted. It seems to me that by giving such power to copyright and trademark owners that one is inviting eventual "civil disobedience". Not only that, it makes every single individual a law breaker by simply expressing an opinion (after all, how many times does one express a negative opinion about something someone else created?).
How long do you suppose it will be before enough people realize what is going on and take a stand? Personally, I don't hold much hope for the general populations of any country.
It is interesting to know that there is at least some sort of reason that media would not use the term "cracker". However, it seems to me that most journalist stampede to the term "hacker" just because someone else used it first. And the argument about the dictionaries defining a hacker as one who breaks security in addition to "computer enthusiast" is shady. After all, many dictionaries use the MEDIA as a source for their definitions. "We don't set trends but follow them" indeed.
It would be an interesting (if unlikely) experiment to have several newspapers start using the term "Cracker" instead of "Hacker" and see what comes of it. I'll not hold my breath, however.
The media seems to think we hackers should shut up and stop arguing because "the dictionary has spoken". Why should we do that? As at least one poster has stated, most jounalists would certain object to being called "opinion-mongers" for example. So why should all hackers have to put up with the derogatory use of the term when there is a perfectly good term for lawbreakers (like "vandals" or "crackers"). Then there is the argument "language is dynamic and changes all the time. You should bite the bullet and accept it" cuts both ways. Both sides can use the same argument.
Then again, there will always be some term to debate about endlessly and there will always have people using opposing monologues.
I'll watch the debate as it proceeds and continue to use the "correct" term and try to convince others to use it as well. I'll not cry foul too loudly if we all get shouted down, though.
Yup, that's exactly what Cliff Stoll did. However, it took him many months of time and considerable resources to do the watching (not to mention the admins of sites that were getting broken into were unresponsive, "My site is impenetrable..."). I wouldn't think it would be very useful for the average sysadmin who is under pressure from "management" to "cut costs" and "keep the system working at peak efficiency" and all those "buzzwords".
Then again, "The Cuckoo's Egg" should be required reading for anyone who plans to do system administration.
I always thought talking to people qualified as researching. Indeed, asking/. is probably a very good way to find a wide variety of sources on cryptography. Note that the "analyze and present" part gets more complicated the more sources you have so maybe we would be doing a favour by coming up with several thousand sources....
On the other hand, not puting any effort into searching for information is doing oneself a disservice.
Then again, if someone is determined to put no effort into something, it doesn't matter who helps or doesn't help.
Also, what's to say that this discussion won't be of interest to other people?
Slashdot Mirror
Actually, have you tried using a class E address? Not all that long ago, even Linux wouldn't permit use of a class E address, although it appears that has been fixed. Given the number of ancient installations of all sorts of operating systems out there, it would not surprise me to find that a non-trivial fraction of internet-facing devices would simply barf if assigned such an address or if instructed to access said address.
As another data point, pinging a class E address from a fully patched Windows XP machine says "Destination specified is invalid." which means Windows up to XP has class E blocked at the network stack level. That means Win2k and previous also have that problem.
Of course, that's not to say we shouldn't fix things so class E space can be used. After all, what's the point of not using it?
Bzzzt! Fail.
That only works on the *server* side. TFA is talking about the *client* software which saves the password for you so you don't have to enter it every time. There is no possible way for the client software to provide the correct password to the server unless it can obtain it, either by decrypting its stored password or by querying the user. So, no, a one-way hash is not usable in that circumstance.
BZZZT!! Canadians use *Canadian* English which happens to be a mix between Britishisms and Americanisms.
Ummm, the "don't split infinitives" thing is actually bogus. In English, the infinitive has always been split and in some cases it is simply more clear to do so. It's a similar situation with ending sentences with prepositions. Both "rules" were made up by scholars a couple centuries ago.
:)
Now as far as "Rules for management that is...", that can actually be correct if "Rules for management" is considered a single list. In that case, one would generally want to write it as a title (in quotes or something) but "Rules for management that is..." might actually be considered correct.
Also, "I got a suggestion" might actually be correct. If the suggestion came to me from someone else at some time in the past, then I got a suggestion.
In this case, though, it is more likely that the GP simply made errors. I just felt that if someone was being picky about grammar, I would be too.
It would seem to me that once the request to pull the site was made, CIRA would have actually looked at the registration. Then, they would be required to enforce their own policies. That would mean that no matter why the registrar asked for the registration to be suspended, CIRA would pretty much have to suspend the domain if they find any reason to do so. Thus, CIRA stating it was due to anonymous registration may actually be correct since that is the grounds they found to do so. And if I were them, I would have used that grounds on any announcement since the reason it was requested by the registrar is likely quite dubious. The registrar on the other hand might not be aware of this fact.
Additionally, and I'm speaking as a CIRA accredited registrar now, the registrant is required to enter into a contract (electronically) which can only be done by a real person (or legal equivalent). You cannot prove a contract with someone if that someone is anonymous or has bogus contact information. Thus, CIRA does not permit anonymous registrations. It's actually perfectly reasonable.
At least this one doesn't claim to be bulletproof and be able to adapt to any situation conceivable instantly without loss of information or ability to continue operating. I seem to recall something like that popping up a number of years ago.
Ummm, War of the Worlds was only done as a news item for the radio version. IIRC, the novel is a first person narrative.
Now all we need is something Aunt Tillie can do...
One thread I've noticed emerging in the comments here is that of "but non open source stuff has the same problems". Why should it matter if the non open source stuff has the same problems? If it's a problem at all, should it not be addressed?
After all, addressing a problem that other guys haven't is a good way to improve the chances of getting ahead.
I'd recommend taking a trip up the Alaska Highway. Of course, you'll need to discover some mode of transportation to do it. There's cool scenery along the way. You might even combine it as follows:
Stop in Calgary, Alberta for whatever sights, visit Banff, etc., then head on up to Edmonton and see whatever sights there. Then ramble on up through Grand Prairie and then to Dawson Creek. The Alaska highway starts in Dawson Creek. Then head up to Whitehorse. Take a trip over to Dawson City (Klondike Gold Rush) and if you have time, mosey on up the Demptster Highway to Innuvik (cross the Arctic Circle) then head on into Alaska and make your way South along the Pacific coast. Insert any sites of interest into your trip through Alaska. Then wander around the Vancouver area for a while.
Of course, you should do the Arctic stuff in the summer, say around the solstice. Then you might get to see the midnight sun.
You'll probably end up hitchhiking much of this trip but a couple folks I've talked to have done just that and said it was a great experience.
Until there is a *viable* multihoming solution that actually works in the real world rather than on paper, my organization cannot even consider switching. We currently multihome on IPV4 but we cannot qualify for the requirements for provider-independent addresses for IPV6. Because of this, if we moved to IPV6, even if our upstreams supported it, we could not provide the same level of reliability that our IPV4 network has; we'd be tied to a single provider for provider-aggregated space in IPV6 which would not allow us to keep our IPV6 network visible if that one provider (or our link thereto) failed.
For those of you who think that multiple links to a provider will solve that problem, think again. How many times has a typo in a router configuration caused routing issues on a backbone?
Thus, when there is a multihoming solution that is workable for the smaller companies who need to it (and size != need to multihome in this market - you can't get big if you can't multihome), we cannot deploy it for critical services.
I personally flunked a couple of those tests because the colour schemes were such that I couldn't pick *anything* out of the jumble. I happen to have a "red-green" deficiency which I've found tends to invalidate most of these types of tests. I have no problem with the distorted text ones and stuff like that.
Then again, I flunked one where the pictures were clearly of bears but it claimed something inane like pigs.
Ahh, come on. "Gyro" is short of "Gyroscope". Which is not food. So it obviously doesn't belong.
Herein is the problem with most of these kinds of tests. They all assume some base set of knowledge. Unfortunately, most people equate knowledge with intelligence. I can know a lot of things but be a dumb as a post because I can't reason. So what exactly is the definition of intelligence? Shouldn't we define that before we go trying to create it?
Ummmm, the only actually grammatical problem was the "dispite" thing. The rest of it is *style* not grammar.
"The cable is driven into the ground from a machine on the rails."
That probably depends on who is doing the burying of the cable and where they are doing it. In my neck of the woods (albeit not in the US) I have seen fibre being laid by big machines driving over the surface of the land. That is, not on the tracks. I highly doubt that it is always done from a machine on the rails.
I notice that the article takes great pains to mention the fact that hydrogen production need not be "pollution at a distance". Granted, the most likely situation is going to be "let's keep the oil companies in business" but at least this article mentions alternatives unlike most of the doom and gloom pieces.
There was also a remarkable amount of almost useful detail in the article!
I live in Calgary, Alberta (in Canada), and I have an ADSL line with a local provider called Nucleus. They are reselling what the local telco provides (and at a better deal for what I'm doing). I was told 3 weeks and it was actually installed on the day they said it would be. Also, it has had only about 3 hours downtime in the past 3 months, and then it was Nucleus's upstream (the telco, go figure) provider that had problems.
I have heard, however, that the delay is really long in neighborhoods that are further from the central core of the city. I suppose YMMV depending on your circumstances.
Of course, with the lives depending on that code and all, a significant effort must be put into making the code work correctly. Obviously their method works. It is also extremely expensive to follow it so as much as it is the right (tm) way of writing code, it is not practical for things like word processors where the added cost of doing things the "right" way would make the resulting product too expensive.
That is not to say, however, that some of the things they do should not be adopted. Design specifications, attainable deadlines and code reviews would go a long way to eliminating a lot of stupid bugs that get into commercial (and otherwise) software. The extreme extent they go to to track changes to code and make sure changes are correct is overkill in MOST situations though.
Just my 13.6 cents on the subject.
Actually, effect may be used as a verb. It means "to cause to happen". For example, one can "effect a change" to make a change happen.
It's rather a dismal comment on certain political bodies that they would allow such laws as permit this sort of injustice to be enacted. It seems to me that by giving such power to copyright and trademark owners that one is inviting eventual "civil disobedience". Not only that, it makes every single individual a law breaker by simply expressing an opinion (after all, how many times does one express a negative opinion about something someone else created?).
How long do you suppose it will be before enough people realize what is going on and take a stand? Personally, I don't hold much hope for the general populations of any country.
Well, that's my three cents worth.
I suspect it would be more accurate to say that we didn't know about a number of the things we worry about today.
That is not to say, however, that we are not causing a great deal of trauma to the environment and ourselves as a result.
All trademarks and copyrights on this page are owned by their respective companies. Comments are owned by the Poster. The
Rest © 1997-2000 Andover.Net.
------------
The above is at the bottom of all pages on Slashdot. I wonder....
It is interesting to know that there is at least some sort of reason that media would not use the term "cracker". However, it seems to me that most journalist stampede to the term "hacker" just because someone else used it first. And the argument about the dictionaries defining a hacker as one who breaks security in addition to "computer enthusiast" is shady. After all, many dictionaries use the MEDIA as a source for their definitions. "We don't set trends but follow them" indeed.
It would be an interesting (if unlikely) experiment to have several newspapers start using the term "Cracker" instead of "Hacker" and see what comes of it. I'll not hold my breath, however.
The media seems to think we hackers should shut up and stop arguing because "the dictionary has spoken". Why should we do that? As at least one poster has stated, most jounalists would certain object to being called "opinion-mongers" for example. So why should all hackers have to put up with the derogatory use of the term when there is a perfectly good term for lawbreakers (like "vandals" or "crackers"). Then there is the argument "language is dynamic and changes all the time. You should bite the bullet and accept it" cuts both ways. Both sides can use the same argument.
Then again, there will always be some term to debate about endlessly and there will always have people using opposing monologues.
I'll watch the debate as it proceeds and continue to use the "correct" term and try to convince others to use it as well. I'll not cry foul too loudly if we all get shouted down, though.
Such is life.
Yup, that's exactly what Cliff Stoll did. However, it took him many months of time and considerable resources to do the watching (not to mention the admins of sites that were getting broken into were unresponsive, "My site is impenetrable..."). I wouldn't think it would be very useful for the average sysadmin who is under pressure from "management" to "cut costs" and "keep the system working at peak efficiency" and all those "buzzwords".
Then again, "The Cuckoo's Egg" should be required reading for anyone who plans to do system administration.
I always thought talking to people qualified as researching. Indeed, asking /. is probably a very good way to find a wide variety of sources on cryptography. Note that the "analyze and present" part gets more complicated the more sources you have so maybe we would be doing a favour by coming up with several thousand sources....
On the other hand, not puting any effort into searching for information is doing oneself a disservice.
Then again, if someone is determined to put no effort into something, it doesn't matter who helps or doesn't help.
Also, what's to say that this discussion won't be of interest to other people?