Forkbombs are possible on windows aswell, any multitasking os can be brought down by running too many processes in this way.. Tho, on unix it won't crash the os, it will just render it unuseably slow. However, most unix os's provide "ulimits" which let you restrict the maximum number of processes a user can execute at once, if correctly configured it's not possible to forkbomb a unix system as any user other than root.
Well, windows is a single propriatory system too, and it also tries to lock you in to only using ms apps. But thats fine, you can set me up a windows machine, and i wont change it in any way... I'm sure in a few weeks new exploits for ie will come out and it will get compromised and screwed up.. Windows needs constant maintenence, wether its installing patches, updating anti-virus signatures etc. With a playstation or other system, it just works already and doesn't need constant fixing to make it do what it should have all along.
Why aren't machines offered with 2 identical drives? You answered your own question. Hard drives are far more reliable than windows, a majority of problems people have will be due to windows failing rather than the drive, and when the drive does fail it's not a big problem because users are used to (and expect) windows to screw up and require a format/reinstall regularly anyway. This is why a lot of people still save their data on floppies or other removeable media, they dont trust windows not to corrupt their HD. However, i agree there should be a more reliable OS and raid1 mirrored drives so that people can actually trust their computer to store data.
Well, if your running windows, the NSA/CIA/FBI/MS can get access to your machine anyway. It's well known that windows has backdoors used for such purposes. In the blackhat hacker community, only a minority of people use windows, and yet all those who get caught are (or were when they were caught, or when they did what they got caught for) windows users.. This is hardly a coincidence.
Wasn't FLC an animation format used mostly on DOS? Amiga users had CDXL, one of the first codecs capable of streaming video from a cd, and playable on a 1x drive with a 7mhz cpu.. Obviously the quality is nothing compared to modern formats, but for it's time it was amazing.. It predates mpeg by several years for instance.
But for this you need to use ms's "server" os's which push up the price of the cheap white boxes quite considerably.. In essence, you need to have a smaller number of faster machines (slower machines may not even run these os's), with a linux/bsd cluster you could just add cheap/old machines at will.. I've done that before, i have a cluster of 4 machines running 24/7 with 16 old p200's on standby that get booted up during busy periods.
Their business model has become obsolete, but rather than embrace the new technology and adapt to the new way of doing things, they would rather hang on to the old model because it involves less work.
Well, a unix system would identify the file from the header, and my systems atleast wouldnt play the propriatory microsoft formats atall.. So i would download the first kb, find i cant use the file and cancel the download. This can be automated to identify if a file is claiming to be something it's not.
Works fine for me (on linux) using gcc 3.4.3 and jpeg-6b.. i also have somewhat more aggressive cflags... That page tho, the main image uses a flash plugin, is there even a flash plugin for freebsd? I dont think mine is built to use gnomevfs tho.. maybe theres a conflict with some other libs you have? maybe your version of X or something, or perhaps some of your libs were built with a different compiler version, that can cause issues sometimes... I have never had firefox (self compiled) crash on linux since i've been using 1.0, 1.0pre's crashed a bit, but 0.9.x was rock solid too.. And i use firefox daily both at home and at work.
Well, then the users would have to rename all their files and modify the php code to point to different filenames, more hassle than patching their php code to work properly in the first place.
I very much like the OSX way of installing apps. Each app is really a directory, which contains all the files the app requires. The only things stored outside of this directory are user-specific settings which are stored in your home directory, under a subdirectory indicating the name of the application. If you want to remove the os, you delete the directory. No other apps have any reason to overwrite application directories they don't own, nor do they need to overwrite system files and libraries, any libs the app needs can be self-contained.
That's like curing the symptoms and not the cause. Your systems shouldn't have gotten infected with spyware in the first place, and the fact that they did shows you have bigger problems. What if they get infected with something more malicious than gator? Or how about something that's not detected by the spyware removal tools?
This would be a huge headache for people who provide webhosting tho.. For instance, i am unable to upgrade my server to php5 because many customer code won't run correctly on it.. But before too long, we will have customers demanding php5 because their code doesn't work on 4..
I can't get mod_perl working with apache, the perl-status page gives "internal server error" and my perl scripts don't seem to be running through it. There doesnt seem to be anything in the logs to indicate why either
Well, if your bank tries to force you to put your finances at risk and increase the chances of fraud by using an insecure browser, maybe you should consider a new bank... Besides, if they lose enough customers that way they will fix the site eventually anyway.
Strange, maybe you have a bad build.. I'm using 1.0 compiled by gentoo and never had a problem, it's been rock solid stable and is in constant use 9-5 every day with no crashes for as long as i can remember.. Tho i have seen problems with some of the precompiled versions, sometimes to do with library versions not quite being the same as were used on the buildhost..
He offers rewards for finding holes in some of his other tools too, such as djbdns.. I suppose if you had found flaws in his software you could have not only passed the class but made some money to pay towards your tuition fees too.
The linux version works perfectly as a user. Infact, for some reason on my system it runs much slower as root, something to do with more limited access to the X server and opengl that's running under my account i assume.. quake3 has the same problem.
Firefox 1.0 doesn't crash, i opened the site, rejected the java warning... Firefox warned me that it had prevented the site from installing software on my machine (nasty) and the site tried to set a bunch of cookies. I clicked on several links and nothing, is there a particular link i should use?
As for sites which dont render in mozilla, theres plenty which don't render in ie either.. The difference is, 99% of the sites which fail in firefox do so because they use nonstandard tags and such, there are many which dont render in ie but do so perfectly in mozilla, safari, opera and others.. but this is usually because ie is horribly obsolete having not been updated for 2 years, and has horribly inadequate support for png, css and other things.
The difference is, these standards (png, css etc) are well documented and could easily be implemented by microsoft if they wanted, the non standard extensions that don't work in mozilla need to be reverse engineered which is time consuming and legally difficult.
Do you have some examples of sites which crash firefox? I keep firefox open all day every day at work and browse many sites, i now have 20+ tabs open with different sites and i never encounter a crash.. I can't speak for IE tho, i've never used it as a primary browser.
Forkbombs are possible on windows aswell, any multitasking os can be brought down by running too many processes in this way.. Tho, on unix it won't crash the os, it will just render it unuseably slow.
However, most unix os's provide "ulimits" which let you restrict the maximum number of processes a user can execute at once, if correctly configured it's not possible to forkbomb a unix system as any user other than root.
Well, windows is a single propriatory system too, and it also tries to lock you in to only using ms apps.
But thats fine, you can set me up a windows machine, and i wont change it in any way... I'm sure in a few weeks new exploits for ie will come out and it will get compromised and screwed up.. Windows needs constant maintenence, wether its installing patches, updating anti-virus signatures etc. With a playstation or other system, it just works already and doesn't need constant fixing to make it do what it should have all along.
Why aren't machines offered with 2 identical drives? You answered your own question. Hard drives are far more reliable than windows, a majority of problems people have will be due to windows failing rather than the drive, and when the drive does fail it's not a big problem because users are used to (and expect) windows to screw up and require a format/reinstall regularly anyway. This is why a lot of people still save their data on floppies or other removeable media, they dont trust windows not to corrupt their HD.
However, i agree there should be a more reliable OS and raid1 mirrored drives so that people can actually trust their computer to store data.
Well, if your running windows, the NSA/CIA/FBI/MS can get access to your machine anyway. It's well known that windows has backdoors used for such purposes. In the blackhat hacker community, only a minority of people use windows, and yet all those who get caught are (or were when they were caught, or when they did what they got caught for) windows users.. This is hardly a coincidence.
Wasn't FLC an animation format used mostly on DOS? Amiga users had CDXL, one of the first codecs capable of streaming video from a cd, and playable on a 1x drive with a 7mhz cpu.. Obviously the quality is nothing compared to modern formats, but for it's time it was amazing.. It predates mpeg by several years for instance.
But for this you need to use ms's "server" os's which push up the price of the cheap white boxes quite considerably..
In essence, you need to have a smaller number of faster machines (slower machines may not even run these os's), with a linux/bsd cluster you could just add cheap/old machines at will.. I've done that before, i have a cluster of 4 machines running 24/7 with 16 old p200's on standby that get booted up during busy periods.
Their business model has become obsolete, but rather than embrace the new technology and adapt to the new way of doing things, they would rather hang on to the old model because it involves less work.
Well, a unix system would identify the file from the header, and my systems atleast wouldnt play the propriatory microsoft formats atall.. So i would download the first kb, find i cant use the file and cancel the download. This can be automated to identify if a file is claiming to be something it's not.
Works fine for me (on linux) using gcc 3.4.3 and jpeg-6b.. i also have somewhat more aggressive cflags...
That page tho, the main image uses a flash plugin, is there even a flash plugin for freebsd?
I dont think mine is built to use gnomevfs tho.. maybe theres a conflict with some other libs you have? maybe your version of X or something, or perhaps some of your libs were built with a different compiler version, that can cause issues sometimes... I have never had firefox (self compiled) crash on linux since i've been using 1.0, 1.0pre's crashed a bit, but 0.9.x was rock solid too.. And i use firefox daily both at home and at work.
Perhaps other features of sp2 mitigate the vulnerability somewhat, or make it harder to exploit or whatever..
Well, then the users would have to rename all their files and modify the php code to point to different filenames, more hassle than patching their php code to work properly in the first place.
I very much like the OSX way of installing apps. Each app is really a directory, which contains all the files the app requires. The only things stored outside of this directory are user-specific settings which are stored in your home directory, under a subdirectory indicating the name of the application. If you want to remove the os, you delete the directory. No other apps have any reason to overwrite application directories they don't own, nor do they need to overwrite system files and libraries, any libs the app needs can be self-contained.
That's like curing the symptoms and not the cause.
Your systems shouldn't have gotten infected with spyware in the first place, and the fact that they did shows you have bigger problems. What if they get infected with something more malicious than gator? Or how about something that's not detected by the spyware removal tools?
Typical compaq, buy up some nice technology and then completely ruin it...
They did the same to DEC
This would be a huge headache for people who provide webhosting tho..
For instance, i am unable to upgrade my server to php5 because many customer code won't run correctly on it.. But before too long, we will have customers demanding php5 because their code doesn't work on 4..
I can't get mod_perl working with apache, the perl-status page gives "internal server error" and my perl scripts don't seem to be running through it. There doesnt seem to be anything in the logs to indicate why either
Well, if your bank tries to force you to put your finances at risk and increase the chances of fraud by using an insecure browser, maybe you should consider a new bank...
Besides, if they lose enough customers that way they will fix the site eventually anyway.
I find it most frustrating that since 1.0pr i've been unable to press ctrl+u to clear an input box (as is standard on unix)
Strange, maybe you have a bad build.. I'm using 1.0 compiled by gentoo and never had a problem, it's been rock solid stable and is in constant use 9-5 every day with no crashes for as long as i can remember.. Tho i have seen problems with some of the precompiled versions, sometimes to do with library versions not quite being the same as were used on the buildhost..
He offers rewards for finding holes in some of his other tools too, such as djbdns..
I suppose if you had found flaws in his software you could have not only passed the class but made some money to pay towards your tuition fees too.
The linux version works perfectly as a user. Infact, for some reason on my system it runs much slower as root, something to do with more limited access to the X server and opengl that's running under my account i assume.. quake3 has the same problem.
I have also seen many tide*.microsoft.com hosts being components in spam or ddos drone networks..
Firefox 1.0 doesn't crash, i opened the site, rejected the java warning...
Firefox warned me that it had prevented the site from installing software on my machine (nasty) and the site tried to set a bunch of cookies. I clicked on several links and nothing, is there a particular link i should use?
As for sites which dont render in mozilla, theres plenty which don't render in ie either.. The difference is, 99% of the sites which fail in firefox do so because they use nonstandard tags and such, there are many which dont render in ie but do so perfectly in mozilla, safari, opera and others.. but this is usually because ie is horribly obsolete having not been updated for 2 years, and has horribly inadequate support for png, css and other things.
The difference is, these standards (png, css etc) are well documented and could easily be implemented by microsoft if they wanted, the non standard extensions that don't work in mozilla need to be reverse engineered which is time consuming and legally difficult.
No example sites which crash it simply by visiting?
For example, www.ev6.net crashes all versions of IE except the one in xp sp2
Do you have some examples of sites which crash firefox? I keep firefox open all day every day at work and browse many sites, i now have 20+ tabs open with different sites and i never encounter a crash..
I can't speak for IE tho, i've never used it as a primary browser.