Devices such as firewalls MUST drop all inbound packets that have the
evil bit set. Packets with the evil bit off MUST NOT be dropped.
Dropped packets SHOULD be noted in the appropriate MIB variable.
Many [broken] routers and firewalls drop packets with reserved bit(s) set in various header fields of TCP and IP. This is one of the reasons Explicit Congestion Notification (see RFC 3168) has problems behind certain devices. Since all 'evil' packets must be marked as such and dropped accordingly, these manufacturers were quite forward-thinking.
So, it turns out that several common products actually implement RFC 3514 without realizing it.:-)
Clustered, load balanced, hot-swap, failover, etc.
Yes, but you have to remember: the second most common cause of computer failure -- after hardware -- is operator error.
From the article:
The system has a backup, but both systems went down at the same time, according to the ministry.
Simultaneous fialure of two independent systems that are designed to tolerate failure doesn't sound like a hardware issue to me. I could be wrong, but I'm more than willing to bet it's an "oops!" situation, albiet somewhat more serious than most.
U.S. Department of Commerce data from 2001 indicated that 78.9 percent of people in families making $75,000 or more had Internet access, compared to 25 percent of people from households earning less than $15,000 a year.
What a breakthrough! It seems that people below poverty level are more concerned with survival than Internet access -- who would have thought?...how much did that study cost?
Relax. It's a possible attack when plaintext is repeated over multiple sessions and a non-critical error occurs that forces a key renegotiation, not something a script kiddie will run and get a list of every credit card number on amazonl.com.
Besides which, openssl 0.9.7a was released yesterday, and it addresses these issues.
Seconded. They list a Toshiba Portege 2000 as $1700, which came out nearly a year ago and is very, very difficult to find nowadays. (This site took me a while to find and is offering one for $1200.)
You know what though? I paid $1200 two months ago to get a Toshiba laptop. It's not a featherweight (six or seven pounds), but it includes a Pentium 4, 512 MB of RAM, Firewire, a 40 GB disk, and built-in WiFi. And unlike the Lindows box, it has an internal CD-RW/DVD-ROM that ships standard. Plus, the screen is an exceedingly large, crisp, and bright 15" TFT. (Sub-pixel rendering under XFree looks marvelous!) Couple all that power with three and a half hours of battery life and you see why it is my dekstop replacement.
One other thing: the $1200 was before $250 in rebates, all of which have come back already. So, the net is that I paid $150 more than Lindows currently is asking for a laptop that is several times greater in every way....explain, again, why I should buy the Lindows laptop?
This is the first time (that I'm aware of) that a browser manufacturer intentionally made a browser that does NOT show what the server is sending to me.
Did you read the earlier story? Microsoft is sending bad stylesheets to Opera -- and just Opera -- to make Opera look bad. Opera Software is simply applying this same concept back on Microsoft by munging content on msn.com to make Microsoft look bad (albeit in a "silly" way).
This is exceeding unprofessional, and violate everything that a browser is supposed to do.
MSN.com violates everything that a web server is supposed to do.
Essentially these are echos though and apparently only tailored for a web project.
True. I have not yet modified the error routines to support the object-oriented output layer, but once I do that, it will be able to report errors to anything the output layer can -- again, XHTML, PDF, WML, even ncurses if you felt like it. There are no 'echo' calls anywhere in LISSARD except for errors.php and the theme file, meaning that the presentation could be to a totally different medium (via a different theme file) and everything but the errors will use it.
Again, it's just a matter of time until I modernize it. Though, I have to ask -- what are you using PHP for that isn't a web project?
If it figured out the globals and locals of the offending code it would probably qualify as a rudimentary debugger, rather than the pretty custom toy that it currently is.
It does figure out globals and locals. Mouseover the underlined variables; it works under Mozilla, Konqeror, and IE. Want a unit test? Stick the following into test.php:
<?php require_once("errors.php"); function a($var1, $var2) {
if ($var1 == 'abc')
trigger_error('Uh oh! ABC!', E_USER_ERROR); }
Really, I've been playing around with PHP for months now, playing around with string functions, loops, databases, recursion, and the like and I've never need any debugging tool more advanced from echo.
Really? I've been writing a real-world application in PHP. I have created a device-independent output layer capable of writing XHTML, PDF, WML, and more with no extra coding, a flexible authentication system, a database-independent backend (far more nifty than it sounds), a module system that allows exporting individual pieces of functionality (including dependencies), a navigation system that's fully integrated with permissions, and lots of other things that come together to make a web application. Plus, I've written enough UI code to let a private high school do all of their functions (attendance, grading, transcripts, scheduling), and print all the reports they need (honor rolls, transcripts, attendance summaries, etc.). Total, this project has taken me seven months so far using my spare time, and I have written over 18,000 lines of PHP in this one application.
Guess what I use for debugging? I wrote a special error handler. Whenever an error occurs (except not parse errors), the error handler displays the snippet of code that it happened in -- complete with line numbers, syntax highlighting, and mouse-overs on the local variables that show their contents -- inside of a little box that I can open and close with a click. Plus, I can invoke this whenever I need, via the trigger_error() function.
Guess what made me write that error handler? echo ""` wasn't enough. When dealing with larger applications, you need to be able to look at what conditions prompted a failure, and a "print" is less than helpful. Honestly, even a dump of the offending code with the appropriate values inlaid isn't always enough; I would really like a backtrace, but I have to wait for PHP5.
<plug> If you want to develop something with my framework, hop on over to the website, grab it out of CVS, join the mailing list, and we'll be in touch. </plug>
[It's getting cheaper] with large ATA hard drives and digital interfaces for various applications to drive real-world mixers and soundboards becoming cheaper and cheaper, the actual cost of recording, in a real sense is very minimal. A whole setup can be had for $20,000.
Quite true. I recently did recording (and am currently doing mastering) for a bunch of high school students in a church band -- the recording interface was $600. The church already had a suitable sound board, the drummer had a suitable set of drum mics, the guitar player had enough cables to strangle an elephant, and someone had a basement we could use.
In all, we spent $600, but the total equipment value came out to somewhere around $4,000. The production process (250 copies) will run about $2.50 per CD (with labels and everything), and the final CDs -- covering all production investments and the price to produce the final copies -- will be sold for $10 each. Oh, and it sounds halfway decent, even after only half an hour of tweaking earlier today.
I think the obvious answer is that they are simply coming out with a pc compatable "console", from their website:
Even if there were 32,679 PC games in existence, you'd have a heck of a time getting the game publishers to buy into your idea to distribute them by broadband. The security would be untested, and if someone made a "mod" that let you rent a game for an infinite time period and then give your friend a copy, the publisher would be out a lot of money.
Furthermore, PCs are different than consoles, and while porting DirectX/OpenGL/what have you to a console would allow most things to work without modification, you would still probably have to tweak a few things here and there (changing "Exit to Windows", removing a modem multiplayer interface, etc.) that would make obtaining 32,769 games that would run seamlessly on your console quite difficult. Plus, you'd have to test them...
Besides which, there aren't 32,769 remotely recent games in the first place, and I don't think anyone would buy a console and run DOS games on it.
They promise that it will be faster than any other console on the market, and have a huge games catalog (32k+ games apparently) available over broadband.
Making something faster than other consoles wouldn't be hard, but getting enough people to develop 32,679 games and keeping it quiet would be tough. (Assuming that these are small games and four people -- two coders, one artist, one music/sound guy -- could make a game in four weeks, it would take twenty thousand people six months to come close to this number. But who can come up with 32,000 ideas, or employ 20,000 people, without anyone hearing from them?)
Anyway, if they actually did make 32,679 separate games, most of them probably suck due to lack of imagination, polish, play testing, or they simply aren't fun. The idea is halfway decent, though I don't think enough people have broadband to make this viable, but the details are rather far-fetched.
Vipul's Razor marks MIME parts individually, so an ad, a picture of Viagra, or even the "Unsubscribe" button can be marked spam and contribute to the overall score of the message.
I dunno like if an OS was built around perl and discuss how easy it would be to setup yer various unix jobs.
Unix systems already have a quite programmable interface. See the Advanced Bash Scripting Guide if you don't believe me.
Or if every form of data on your computer was saved to XML instead of all the propietary file formats nowadays.
Too bad it'd be really, really slow. There's a reason database servers use binary formats -- you don't have to do any string processing to do a lookup on a table given an integer primary key. And, in most cases, you know exactly how long each row is, so you can go to an arbitrary row by performing an fseek(row * row_len).
If you're not bent on the rather dumb idea of eliminating binary formats, you sould check out what some other people have already thought of. Check out the future of ReiserFS and the "filesystem as database" concept.
Slashdot Mirror
Do you honestly think that audio professionals store data in 160-kilobit VBR MP3s?
Besides which, can your Archos do 24-bit/192 KHz sampling? Professionally, very, very few people use 16-bit/44 KHz for anything serious.
Acutally, Kurt Lieber is the maintainer of GWN. I'm pretty sure he's the one that came up with that. ;-)
Many [broken] routers and firewalls drop packets with reserved bit(s) set in various header fields of TCP and IP. This is one of the reasons Explicit Congestion Notification (see RFC 3168) has problems behind certain devices. Since all 'evil' packets must be marked as such and dropped accordingly, these manufacturers were quite forward-thinking.
So, it turns out that several common products actually implement RFC 3514 without realizing it.
Argh, Slashdot ate my link.
http://www.visi.com/~rwglynn/030319spamreport.pdf
I managed to grab the PDF before the server was trampled by the swarming masses.
Mirror is here.
From the article:Simultaneous fialure of two independent systems that are designed to tolerate failure doesn't sound like a hardware issue to me. I could be wrong, but I'm more than willing to bet it's an "oops!" situation, albiet somewhat more serious than most.
See the Gentoo Guide to USE Flags for more information.
The DOJ uses Mozilla!
That statement is rather misleading -- there is no native binary version available.
Relax. It's a possible attack when plaintext is repeated over multiple sessions and a non-critical error occurs that forces a key renegotiation, not something a script kiddie will run and get a list of every credit card number on amazonl.com.
Besides which, openssl 0.9.7a was released yesterday, and it addresses these issues.
You know what though? I paid $1200 two months ago to get a Toshiba laptop. It's not a featherweight (six or seven pounds), but it includes a Pentium 4, 512 MB of RAM, Firewire, a 40 GB disk, and built-in WiFi. And unlike the Lindows box, it has an internal CD-RW/DVD-ROM that ships standard. Plus, the screen is an exceedingly large, crisp, and bright 15" TFT. (Sub-pixel rendering under XFree looks marvelous!) Couple all that power with three and a half hours of battery life and you see why it is my dekstop replacement.
One other thing: the $1200 was before $250 in rebates, all of which have come back already. So, the net is that I paid $150 more than Lindows currently is asking for a laptop that is several times greater in every way.
MSN.com violates everything that a web server is supposed to do.
Again, it's just a matter of time until I modernize it. Though, I have to ask -- what are you using PHP for that isn't a web project?
Guess what I use for debugging? I wrote a special error handler. Whenever an error occurs (except not parse errors), the error handler displays the snippet of code that it happened in -- complete with line numbers, syntax highlighting, and mouse-overs on the local variables that show their contents -- inside of a little box that I can open and close with a click. Plus, I can invoke this whenever I need, via the trigger_error() function.
Guess what made me write that error handler? echo ""` wasn't enough. When dealing with larger applications, you need to be able to look at what conditions prompted a failure, and a "print" is less than helpful. Honestly, even a dump of the offending code with the appropriate values inlaid isn't always enough; I would really like a backtrace, but I have to wait for PHP5.
<plug> If you want to develop something with my framework, hop on over to the website, grab it out of CVS, join the mailing list, and we'll be in touch. </plug>
In all, we spent $600, but the total equipment value came out to somewhere around $4,000. The production process (250 copies) will run about $2.50 per CD (with labels and everything), and the final CDs -- covering all production investments and the price to produce the final copies -- will be sold for $10 each. Oh, and it sounds halfway decent, even after only half an hour of tweaking earlier today.
Furthermore, PCs are different than consoles, and while porting DirectX/OpenGL/what have you to a console would allow most things to work without modification, you would still probably have to tweak a few things here and there (changing "Exit to Windows", removing a modem multiplayer interface, etc.) that would make obtaining 32,769 games that would run seamlessly on your console quite difficult. Plus, you'd have to test them...
Besides which, there aren't 32,769 remotely recent games in the first place, and I don't think anyone would buy a console and run DOS games on it.
Their claims are bogus.
Anyway, if they actually did make 32,679 separate games, most of them probably suck due to lack of imagination, polish, play testing, or they simply aren't fun. The idea is halfway decent, though I don't think enough people have broadband to make this viable, but the details are rather far-fetched.
Vipul's Razor marks MIME parts individually, so an ad, a picture of Viagra, or even the "Unsubscribe" button can be marked spam and contribute to the overall score of the message.
One word: mod_gzip.
Too bad it'd be really, really slow. There's a reason database servers use binary formats -- you don't have to do any string processing to do a lookup on a table given an integer primary key. And, in most cases, you know exactly how long each row is, so you can go to an arbitrary row by performing an fseek(row * row_len).
If you're not bent on the rather dumb idea of eliminating binary formats, you sould check out what some other people have already thought of. Check out the future of ReiserFS and the "filesystem as database" concept.