...and I'm as disgusted by Carnivore as any of you.
Clearances are about whether or not you can be trusted to keep a secret. Not necessarily about what your opinions are regarding wiretaps.
And just so you know -- no, the fact that I have a clearance is not itself a secret. Honestly, it's not the X-Files deal that/. readers seem to think, but that's another rant.
Well, it wouldn't be treason. But what the author is talking about is the 1917 law which made threats directed toward the President a federal violation.
I don't think the Secret Service (who would be the ones investigating such threats) would consider Q3 skins to be an actual physical threat...
Yah, exactly. The YYYYMMDD designation is given to snapshots, not releases. The GCC folks are very careful to distinguish between the two. This marks a compiler as being incomplete...
...which still doesn't answer my question of why RH chose to use a snapshot instead of the latest release? (Note the terms, please.) The current goal is to have 3.0 out around year's end, two months from now; why not just wait until then?
Sun's Trusted Solaris (I'll let somebody else get a few Informative points by posting a link; I don't have it handy) lets you do some useful things in this respect. I don't recall their rating offhand; somewhere in the midrange.
You can do some really cool things besides impress your boss with the rating, too. Like make indidivdual directories and files simply not be there when certain users do an ls(1). I don't mean "permission denied" kind of things, I mean the kernel itself just skips over that file; doesn't even report its existence.
It's great for situations when information at different classification levels (Top Secret, Secret, Confidential, Stuff That Used To Be Secret Before You Put It On The Damn IIS Server And Some Eleven-Year-Old Kid Got It, etc) all need to live on the same machine.
a new and binary incompatible libstdc++ (gcc 2.96; some ABI changes were required to support more C++ features)
That's odd. I've been a minor (very minor, mind you) GCC contributor for a while, and I could have sworn that 2.96 doesn't actually exist.
In fact, I believe that "2.96" is the name given to the current series of snapshots, which are known to be incomplete and not fully working and missing documentation, because if you're using a snapshot, it is assumed that you don't need all the documentation, you know what's working and what isn't, etc, etc.
Why did RH choose to use an unstable compiler as the default for a major distro? I can't wait to see all the crap on the gcc-bugs mailing list, from people using an incomplete compiler.
Maybe some of you will remember this article, reposted on alt.humor.best-of-usenet...
---------------
You may have heard or Echelon, the worldwide computer system that
monitors all electronic communications.
Well, don't believe what the conspiracy crackpots tell you - it does not
automatically detect messages containing sensitive keywords. Using voice
recognition software on all the data that's been recorded needs a lot of
computing power.
But now you can help. Download the new Echelon@Home screensaver - it
regularly retrieves recorded conversations from the archives at Menwith
Hill and, while your computer is idle, scans them for keywords.
If you want a copy of the screensaver, simply send a message with the
subject line "Echelon Wiretap" and you will be emailed a copy.
It doesn't matter who you send it to, we'll get the message.
That's good to hear, honestly. Still, I wonder how much stability could be improved, and footprint be reduced, if some of the cool stuff just got temporarily pulled... hmmm.
We are near the last ten percent of the "Mozilla 1.0" project, where the going gets tough.
We all know the quote about the last ten percent taking the other ninety percent of the time, etc, etc. I think the last ten percent of the project is going to keep expanding (always remaining at "ten percent," of couse:-) unless they impose a freeze on the nifty neato keen cool shit that keeps getting added.
/. has seen many articles about all the/stuff/ that gets thrown into Mozilla because it's "k3wl." Is there any information on a Mozilla feature freeze? I don't see any on the site...
Every filesystem type comes with a special set of options you can use when mounting one of those filesystems. For Solaris' tmpfs, you can set the maximum size of the "partition" so that it won't actually use up all of swap.
Most admins bitching about the large files problem aren't aware of this option. (I wasn't for a while.)
They left out a major IT event...
on
IT Olympics
·
· Score: 2
...ignoring the "oooooh-shiny-let's-buy-that"-driven directives from Upper Manglement*, installing systems that Do The Right Thing, and then trying to fool Upper Manglement that we did, in fact, buy the hideously overpriced piece of crap that they chose.
That happens all the time, and should be in the Games.
*Why the fsck are the VPs making decisions on what hardware will be run?
If they're going to print it out along with the signatures, there's no point to having links to other sites, no matter how well placed in the text they may be.
If they're going to submit the petition as a URL, with a note reading, "Hey, here's the petition, fire up your web browsers," then I hope the European politicians aren't as dismissive of web-based text as the American ones are.
Even those OSes which don't have the benefit of a security-conscious design team (um, that'd be about all of them apart from *BSD:-) can help harden individual programs from buffer-overflow attacks.
It requires GCC patched with StackGuard, and source for the program you want to protect. (That means closed-source programs are left out in the cold... oh well.)
The resulting program runs slower, but a stack smash will usually be quickly detected. It's described at the StackGuard page.
No, it isn't a silver bullet, and yes, it can be defeated, and no, it hasn't yet been ported to anything other than x86 Linux. Still, it's better than the usual I've-just-finished-reading-teach-yourself-<foo>-in -ten-minutes-now-I'm-qualified-to- write-a-Linux-utility code that gets shuffled around out there.
how long before a cryptologist breaks the algorith to determine whether the number is a valid entry?
What cryptologist?
function isCreditCard(st) { // Encoding only works on cards with less than 19 digits
if (st.length > 19)
return (false);
sum = 0; mul = 1; l = st.length;
for (i = 0; i
digit = st.substring(l-i-1,l-i);
tproduct = parseInt(digit,10)*mul;
if (tproduct >= 10)
sum += (tproduct % 10) + 1;
else
sum += tproduct;
if (mul == 1)
mul++;
else
mul--;
}
Blame the shitty formatting on/.'s lack of a <PRE> tag. It took me about three minutes to get it to look even this readable.
I pulled that piece of JavaScript off of some web page way back when. My notes say (don't recall where I got this part from):
Credit cards use the Luhn Check Digit Algorithm. The main purpose of
this algorithm is to catch data entry errors, but it does double duty
here as a weak security tool.
For a card with an even number of digits, double every odd numbered
digit and subtract 9 if the product is greater than 9. Add up all the
even digits as well as the doubled-odd digits, and the result must be
a multiple of 10 or it's not a valid card. If the card has an odd
number of digits, perform the same addition doubling the even numbered
digits instead.
Yes, please do follow that link into the GCC mailing list archive! And also read the followups to his post from the GCC engineers themselves. His article is full of inaccuracies and misstatements. (He later explains them as "tongue in cheek," but those kinds of comments would be completely inappropriate for something designed to be informative information for public relations purposes.)
One of the central (traditional) approaches of good hard science fiction is to take one or two main "what if" ideas and then just explore their consequences. Cryptonomicon does this, but the "what if" doesn't really involve any stunningly new concepts -- it just takes the current situation a few tiny paces further and examines social aspects. (Having said all that, I'd like to say that it kicks ass.)
Deepness takes a number of really big "what if" ideas and starts playing with them. (Including an awesome take on "distributed computing.":-) Vinge also does some really cruel things to his characters. Made me squirm to read it. (You know a novel is good when it makes you shudder involuntarily.)
Haven't read Fire yet, so I don't know anything about the universe that Deepness is a prequel to.
I think more of the newer users of Linux should read a little more about people like this and a few other more important "personalities"
I agree in a big way. Ever notice how the really important people, when asked about their favorite language/editor/IDE/window-manager/etc, usually answer along the lines of, "Oh, I'm comfortable with about all of them; I can switch languages as needed; I use more than one of <whatever>."
I was re-reading a 1995 issue of IEEE-CS "Computer" magazine, and one of the articles was pointing out that bigots and advocates of a single method or a single approach or a single tool (e.g., langugage, editor, what have you) were invariably beginners and novices with little experience or useful education. Skilled programmers and designers know how to be flexible.
The newer users of Linux, as you say, should take note of this before starting the next flame war.
C was a successor to B, which was a successor to BCPL. The "B" just came from the first letter of BCPL. It was deliberately left unspecified whether the choice of "C" was the next letter in the alphabet, or the next letter in BCPL (i.e., would C's successor be "D" or "P").
Trivia for you: the// end-of-line comments came from either BCPL or B, were removed in C, and were re-added in C++.
There's some really cool stuff on the history of C on Dennis Ritchie's homepage. Which I can't find right now.
One of my cousins does voices for shows, commercials, etc. She's doing the voice for a little girl character (I'm not going to say the name here because I honestly don't know what the slimeba^Wlawyers would do) for at least one episode scheduled to air in October.
According to her, doing that first DBZ episode was fun, but it's a seriously weird show. I've seen two episodes, and I have to agree with her. Euch.
I do like Bruce Sterling's idea (from distraction)
That book freaked me out.:-) And yes, I have looked a little bit at stem cell research. I also saw the article where somebody finally discovered the cause of Type I diabetes.
Hmmmm. Creating our own painkillers as a replacement for aspirin? Let's extend the logic and see where this takes us.
As an insulin-dependant diabetic, I'd love to be able to tell my Generic Organ Implant[tm] to act like a pancreas and start kicking out insulin. (Given that my real pancreas is as useful as a paperweight as far as sugar conversion goes, and useless even as a paperweight given that it's sitting somewhere behind a kidney.)
Of course, given the technology to do that, I could presumably send the same message to my real pancreas, waking it up and telling it to earn its damn keep for once.
But let's extend this idea even further. Reprogrammable Organs! The body's own equivalent of FPGA's! Say I've been slacking on code and am running behind the product's shipping schedule -- I just tell my pancreas to hold off on insulin and start behaving like a brain to increase my programming speed. In the meantime, I revert to injecting insulin. Or tell one of my leg muscles to act like a pancreas, since I'm not using the legs anyhow (I'm sitting in a chair coding, remember).
The make-yer-own-apsirin idea is pointless anyhow. We already manufacture our own painkillers. They're called endorphins; a lot of painkillers are just synthetic endorphin analogues.
The existence of a problem with the 400MHz CPU with a 4 or 8MB cache has been well known on Usenet groups and a couple of online magazines. Sun engineers posting to the discussions say, "Yes, there's a problem. We think it might be foo, bar, or baz. Try the following steps..."
I don't think I've ever heard or read anything about Sun denying a funky problem in those chips. They may still be looking for the precise cause, but every time the issue comes up, somebody from Sun generally admits to it.
Dunno where the Gartner Group gets its figures from.
Yes, they are an order of magnitude or two slower, but they aren't a critical, first-order resource. Disks are "secondary storage," remember. (I know it sounds weird to think of them like that, but it's true.)
Slashdot Mirror
...and I'm as disgusted by Carnivore as any of you.
Clearances are about whether or not you can be trusted to keep a secret. Not necessarily about what your opinions are regarding wiretaps.
And just so you know -- no, the fact that I have a clearance is not itself a secret. Honestly, it's not the X-Files deal that /. readers seem to think, but that's another rant.
And it's a "Linux command," no less! And here I thought dd(1) predated Linux by a decade or so...
Well, it wouldn't be treason. But what the author is talking about is the 1917 law which made threats directed toward the President a federal violation.
I don't think the Secret Service (who would be the ones investigating such threats) would consider Q3 skins to be an actual physical threat...
gcc version 2.96 20000731
Yah, exactly. The YYYYMMDD designation is given to snapshots, not releases. The GCC folks are very careful to distinguish between the two. This marks a compiler as being incomplete...
...which still doesn't answer my question of why RH chose to use a snapshot instead of the latest release? (Note the terms, please.) The current goal is to have 3.0 out around year's end, two months from now; why not just wait until then?
Sun's Trusted Solaris (I'll let somebody else get a few Informative points by posting a link; I don't have it handy) lets you do some useful things in this respect. I don't recall their rating offhand; somewhere in the midrange.
You can do some really cool things besides impress your boss with the rating, too. Like make indidivdual directories and files simply not be there when certain users do an ls(1). I don't mean "permission denied" kind of things, I mean the kernel itself just skips over that file; doesn't even report its existence.
It's great for situations when information at different classification levels (Top Secret, Secret, Confidential, Stuff That Used To Be Secret Before You Put It On The Damn IIS Server And Some Eleven-Year-Old Kid Got It, etc) all need to live on the same machine.
a new and binary incompatible libstdc++ (gcc 2.96; some ABI changes were required to support more C++ features)
That's odd. I've been a minor (very minor, mind you) GCC contributor for a while, and I could have sworn that 2.96 doesn't actually exist.
In fact, I believe that "2.96" is the name given to the current series of snapshots, which are known to be incomplete and not fully working and missing documentation, because if you're using a snapshot, it is assumed that you don't need all the documentation, you know what's working and what isn't, etc, etc.
Why did RH choose to use an unstable compiler as the default for a major distro? I can't wait to see all the crap on the gcc-bugs mailing list, from people using an incomplete compiler.
Maybe some of you will remember this article, reposted on alt.humor.best-of-usenet...
---------------
You may have heard or Echelon, the worldwide computer system that
monitors all electronic communications.
Well, don't believe what the conspiracy crackpots tell you - it does not
automatically detect messages containing sensitive keywords. Using voice
recognition software on all the data that's been recorded needs a lot of
computing power.
But now you can help. Download the new Echelon@Home screensaver - it
regularly retrieves recorded conversations from the archives at Menwith
Hill and, while your computer is idle, scans them for keywords.
If you want a copy of the screensaver, simply send a message with the
subject line "Echelon Wiretap" and you will be emailed a copy.
It doesn't matter who you send it to, we'll get the message.
----#('!(- ECHELON AUTOMAILER ----------
That's good to hear, honestly. Still, I wonder how much stability could be improved, and footprint be reduced, if some of the cool stuff just got temporarily pulled... hmmm.
Just my out-of-my-butt thoughts.
We are near the last ten percent of the "Mozilla 1.0" project, where the going gets tough.
We all know the quote about the last ten percent taking the other ninety percent of the time, etc, etc. I think the last ten percent of the project is going to keep expanding (always remaining at "ten percent," of couse :-) unless they impose a freeze on the nifty neato keen cool shit that keeps getting added.
/. has seen many articles about all the /stuff/ that gets thrown into Mozilla because it's "k3wl." Is there any information on a Mozilla feature freeze? I don't see any on the site...
Every filesystem type comes with a special set of options you can use when mounting one of those filesystems. For Solaris' tmpfs, you can set the maximum size of the "partition" so that it won't actually use up all of swap.
Most admins bitching about the large files problem aren't aware of this option. (I wasn't for a while.)
...ignoring the "oooooh-shiny-let's-buy-that"-driven directives from Upper Manglement*, installing systems that Do The Right Thing, and then trying to fool Upper Manglement that we did, in fact, buy the hideously overpriced piece of crap that they chose.
That happens all the time, and should be in the Games.
*Why the fsck are the VPs making decisions on what hardware will be run?
http://dailyne ws.yahoo.com/h/nm/20000915/pl/gore_letterman_dc_3. html describes Gore on Letterman last Thursday, reading the Top 10 Rejected Campaign Slogans. You just stole number 9... number 9... number 9...
If they're going to print it out along with the signatures, there's no point to having links to other sites, no matter how well placed in the text they may be.
If they're going to submit the petition as a URL, with a note reading, "Hey, here's the petition, fire up your web browsers," then I hope the European politicians aren't as dismissive of web-based text as the American ones are.
(Yes, I'm an American, and yes, I signed it.)
Even those OSes which don't have the benefit of a security-conscious design team (um, that'd be about all of them apart from *BSD :-) can help harden individual programs from buffer-overflow attacks.
It requires GCC patched with StackGuard, and source for the program you want to protect. (That means closed-source programs are left out in the cold... oh well.)
The resulting program runs slower, but a stack smash will usually be quickly detected. It's described at the StackGuard page.
No, it isn't a silver bullet, and yes, it can be defeated, and no, it hasn't yet been ported to anything other than x86 Linux. Still, it's better than the usual I've-just-finished-reading-teach-yourself-<foo>-in -ten-minutes-now-I'm-qualified-to- write-a-Linux-utility code that gets shuffled around out there.
how long before a cryptologist breaks the algorith to determine whether the number is a valid entry?
What cryptologist?
function isCreditCard(st) {
// Encoding only works on cards with less than 19 digits
,10)*mul;
if (st.length > 19)
return (false);
sum = 0; mul = 1; l = st.length;
for (i = 0; i digit = st.substring(l-i-1,l-i);
tproduct = parseInt(digit
if (tproduct >= 10)
sum += (tproduct % 10) + 1;
else
sum += tproduct;
if (mul == 1)
mul++;
else
mul--;
}
if ((sum % 10) == 0)
return (true);
else
return (false);
}
Blame the shitty formatting on /.'s lack of a <PRE> tag. It took me about three minutes to get it to look even this readable.
I pulled that piece of JavaScript off of some web page way back when. My notes say (don't recall where I got this part from): Credit cards use the Luhn Check Digit Algorithm. The main purpose of this algorithm is to catch data entry errors, but it does double duty here as a weak security tool.
For a card with an even number of digits, double every odd numbered digit and subtract 9 if the product is greater than 9. Add up all the even digits as well as the doubled-odd digits, and the result must be a multiple of 10 or it's not a valid card. If the card has an odd number of digits, perform the same addition doubling the even numbered digits instead.
Yes, please do follow that link into the GCC mailing list archive! And also read the followups to his post from the GCC engineers themselves. His article is full of inaccuracies and misstatements. (He later explains them as "tongue in cheek," but those kinds of comments would be completely inappropriate for something designed to be informative information for public relations purposes.)
One of the central (traditional) approaches of good hard science fiction is to take one or two main "what if" ideas and then just explore their consequences. Cryptonomicon does this, but the "what if" doesn't really involve any stunningly new concepts -- it just takes the current situation a few tiny paces further and examines social aspects. (Having said all that, I'd like to say that it kicks ass.)
Deepness takes a number of really big "what if" ideas and starts playing with them. (Including an awesome take on "distributed computing." :-) Vinge also does some really cruel things to his characters. Made me squirm to read it. (You know a novel is good when it makes you shudder involuntarily.)
Haven't read Fire yet, so I don't know anything about the universe that Deepness is a prequel to.
I think more of the newer users of Linux should read a little more about people like this and a few other more important "personalities"
I agree in a big way. Ever notice how the really important people, when asked about their favorite language/editor/IDE/window-manager/etc, usually answer along the lines of, "Oh, I'm comfortable with about all of them; I can switch languages as needed; I use more than one of <whatever>."
I was re-reading a 1995 issue of IEEE-CS "Computer" magazine, and one of the articles was pointing out that bigots and advocates of a single method or a single approach or a single tool (e.g., langugage, editor, what have you) were invariably beginners and novices with little experience or useful education. Skilled programmers and designers know how to be flexible.
The newer users of Linux, as you say, should take note of this before starting the next flame war.
C was a successor to B, which was a successor to BCPL. The "B" just came from the first letter of BCPL. It was deliberately left unspecified whether the choice of "C" was the next letter in the alphabet, or the next letter in BCPL (i.e., would C's successor be "D" or "P").
// end-of-line comments came from either BCPL or B, were removed in C, and were re-added in C++.
Trivia for you: the
There's some really cool stuff on the history of C on Dennis Ritchie's homepage. Which I can't find right now.
One of my cousins does voices for shows, commercials, etc. She's doing the voice for a little girl character (I'm not going to say the name here because I honestly don't know what the slimeba^Wlawyers would do) for at least one episode scheduled to air in October.
According to her, doing that first DBZ episode was fun, but it's a seriously weird show. I've seen two episodes, and I have to agree with her. Euch.
I do like Bruce Sterling's idea (from distraction)
That book freaked me out. :-) And yes, I have looked a little bit at stem cell research. I also saw the article where somebody finally discovered the cause of Type I diabetes.
Hmmmm. Creating our own painkillers as a replacement for aspirin? Let's extend the logic and see where this takes us.
As an insulin-dependant diabetic, I'd love to be able to tell my Generic Organ Implant[tm] to act like a pancreas and start kicking out insulin. (Given that my real pancreas is as useful as a paperweight as far as sugar conversion goes, and useless even as a paperweight given that it's sitting somewhere behind a kidney.)
Of course, given the technology to do that, I could presumably send the same message to my real pancreas, waking it up and telling it to earn its damn keep for once.
But let's extend this idea even further. Reprogrammable Organs! The body's own equivalent of FPGA's! Say I've been slacking on code and am running behind the product's shipping schedule -- I just tell my pancreas to hold off on insulin and start behaving like a brain to increase my programming speed. In the meantime, I revert to injecting insulin. Or tell one of my leg muscles to act like a pancreas, since I'm not using the legs anyhow (I'm sitting in a chair coding, remember).
The make-yer-own-apsirin idea is pointless anyhow. We already manufacture our own painkillers. They're called endorphins; a lot of painkillers are just synthetic endorphin analogues.
The existence of a problem with the 400MHz CPU with a 4 or 8MB cache has been well known on Usenet groups and a couple of online magazines. Sun engineers posting to the discussions say, "Yes, there's a problem. We think it might be foo, bar, or baz. Try the following steps..."
I don't think I've ever heard or read anything about Sun denying a funky problem in those chips. They may still be looking for the precise cause, but every time the issue comes up, somebody from Sun generally admits to it.
Dunno where the Gartner Group gets its figures from.
Yes, they are an order of magnitude or two slower, but they aren't a critical, first-order resource. Disks are "secondary storage," remember. (I know it sounds weird to think of them like that, but it's true.)
Pulling my head out of my butt, let me correct myself: Currently CPUs are on the order of ten times as fast as the MEMORY.