The Brown researcher thinks the particles are disappearing into the fireball's core and reappearing as thermal radiation, just as matter falls into a black hole and comes out as "Hawking" radiation.
When I eat, food disappears into my mouth and then re-appears in the toilet as a glorious piece of poo. Whoop-de-doo.
I can't see many users paying for this service. Most Hotmail users use it because it is free, or they don't know about the alternatives.
I know a lot of people who use Hotmail and Yahoo services simply for the convenience of having one email address. People hate switching email addresses every time they switch ISP's.
I think the author of the article has some valid points. What could it hurt to start code-signing (at least) the Windows releases of FireFox? The author also has a good point that for the simple cost of a code-signing cert, you could potentially gain the trust of a whole new base of users.....is that bad? I don't think so.
The fact of the matter is that users have been trained (albeit by Microsoft) to be paranoid when they get messages such as those listed by the author. The whole idea behind FireFox is to do things the 'right way'......well, in the mind of the users, code-signing is probably the right way. Also, it wouldn't be terribly difficult to figure out what the top 25-50 FireFox extensions are. Once you've got that figured out, the huge FF developer base could do a code review on them, and sign them using the FireFox code-signing cert. One of the great things about open-source is the ability to see the source and tap into the vast development resources that exist in average 'Joes' such as myself.....why not use that?
Think of your folks in this situation. I know my parents (who are absolutely *not* technically savvy) would be more inclined to trust something that didn't warn them about potentially insecure code. REGARDLESS of the fact that it was IE that gave them the message.....they still got it....which is the point.
...specific time frame that they're allowed to be online. Only allow them to be online from 4-6 PM every day, or whatever you deem acceptable. This could easily be implemented...depending on what you're using for internet sharing. If you have a linux box as your gateway, a couple of iptables rules and some crontab entries would solve the problem. Alternatively, products like the Linksys WCG200 internet gateway allow you to set up access restrictions based on time.
Just a couple of suggestions.
So..Sir Mixalot was right after all.....
on
Humans Born to Run
·
· Score: 5, Funny
The MiniGRAIL detector is a cryogenic 68 cm diameter spherical gravitational wave antenna made of CuAl(6%) alloy with a mass of 1400 Kg, a resonance frequency of 2.9 kHz and a bandwidth around 230 Hz, possibly higher. The quantum-limited strain sensitivity dL/L would be ~4x10-21. The antenna will operate at a temperature of 20 mK.
Typically in an enterprise environment you have pretty specific requirements based on the hardware that you've already got. Most vendors understand this and will get you an evaluation unit or license to try the hardware out in your own environment or a test environment that you've set up. We've done this with every major piece of hardware we've ever bought from a list of fairly major players including:
EMC - Symmetrix and Celerra
Network Appliance - NAS filers
Cisco - switches, routers, firewalls and software
Dell - blade servers
IBM - 64-bit servers
SourceFire - Sensors and software
F5 - load balancers
Apple- XServe RAID
Netscalar - load balancers
the list goes on and on....
The point is that they'll let you take a fairly in-depth look 'under the hood' before you buy. I mean, you pay enough for these boxes/software that if they didn't they'd be shooting themselves in the foot.
As far as knowing which vendors to evaluate, we stay up to date by reading Slashdot:), magazine ads, recommendations from other 'like-minded' people at conferences, Google. We've found a few smaller vendors through-out the years that we've had great experiences with too...most of these were either found through Google, or they came knocking on our door looking for business.
To solve the problem of networking, I have just set up a host-only network between my Windows guest and my linux host. Then there's a firewall running on my Linux host which NATs the windows box to whatever network it (the linux host) happens to be using at the time. Works pretty slick. As far as the USB situation, you can tweak hotplug to not grab control of certain devices as they get plugged in. Then, later, if you decide that Linux needs control of the device, you can load the appropriate module manually and use it under linux.
I'm just curious because I too have a job where as long as I have my laptop and a phone line (or broadband in some form or another) can do pretty much anything necessary short of pushing the reset button remotely. I've had great success running a Linux host with Windows in VMWare. It works great for me. What were the trouble points with VMWare?
I've been so un-impressed with the other 'new' Star Wars movies that this just doesn't seem very exciting. Mr. Lucas should just have left well enough alone......read the books if you're that interested in the 'rest of the story'. The classic Star Wars movie saga is just getting cheapened by these new movies.
OK, but is this really a 'vulnerability' per se? This is the way that the TCP protocol was designed to work. If you can get a RST sent to the other end of the connection within your window, you can kill the connection....this is useful when one end of the connection hasn't received all of the data sent by the other side (possibly due to load) and needs to kill the connection (due to load).
Maybe I missed something in the advisory, but this sounds like a good old TCP reset attack.....which is neither a new or novel concept. People have been doing this for ages with a sniffer and a packet generator.
We use kickstart to image machines all the time.....many, many machines.....and it works great. Once you get an installation you like, you can just use it as a base for everything.
if I wasn't so busy keeping the script kiddies out of the redhat boxs and trying to figure out how a 10-year old perl scrip is supposed to work and writing an interrupt driver in x86 assy.
I guess you're not too busy with that stuff, otherwise you wouldn't be wasting your precious time flaming somebody on Slashdot.
It doesn't seem to be a question of need...unless you you count need for sharing the knowledge. I don't think there's anything wrong with helping a child learn how to do something like this. The really cool thing (for the kid) is that, when they're done, they have an actual product that they can see and show to others.....teaching pride of ownership, which translates into just about every aspect of life.
Slashdot Mirror
You want paranoid? How do we know he's not sugggesting these 'methods' while holding un-released exploit code for ALL of them! --Ben
As far as eye candy goes.....those wobbly windows are pretty damn sweet. :)
The Brown researcher thinks the particles are disappearing into the fireball's core and reappearing as thermal radiation, just as matter falls into a black hole and comes out as "Hawking" radiation.
When I eat, food disappears into my mouth and then re-appears in the toilet as a glorious piece of poo. Whoop-de-doo.ssh -L 3128:some-good.proxy.com:3128 some-ssh-host-outside-of-china
Set your proxy server to localhost.
Problem solved.
How far will you go to protect your pr0n collection from your wife's prying, suspicious eyes? :)
I can't see many users paying for this service. Most Hotmail users use it because it is free, or they don't know about the alternatives.
I know a lot of people who use Hotmail and Yahoo services simply for the convenience of having one email address. People hate switching email addresses every time they switch ISP's.
I think the author of the article has some valid points. What could it hurt to start code-signing (at least) the Windows releases of FireFox? The author also has a good point that for the simple cost of a code-signing cert, you could potentially gain the trust of a whole new base of users.....is that bad? I don't think so.
The fact of the matter is that users have been trained (albeit by Microsoft) to be paranoid when they get messages such as those listed by the author. The whole idea behind FireFox is to do things the 'right way'......well, in the mind of the users, code-signing is probably the right way. Also, it wouldn't be terribly difficult to figure out what the top 25-50 FireFox extensions are. Once you've got that figured out, the huge FF developer base could do a code review on them, and sign them using the FireFox code-signing cert. One of the great things about open-source is the ability to see the source and tap into the vast development resources that exist in average 'Joes' such as myself.....why not use that?
Think of your folks in this situation. I know my parents (who are absolutely *not* technically savvy) would be more inclined to trust something that didn't warn them about potentially insecure code. REGARDLESS of the fact that it was IE that gave them the message.....they still got it....which is the point.
--Ben...specific time frame that they're allowed to be online. Only allow them to be online from 4-6 PM every day, or whatever you deem acceptable. This could easily be implemented...depending on what you're using for internet sharing. If you have a linux box as your gateway, a couple of iptables rules and some crontab entries would solve the problem. Alternatively, products like the Linksys WCG200 internet gateway allow you to set up access restrictions based on time.
Just a couple of suggestions.
Big buttocks are also important.
I'll be damned.
The MiniGRAIL detector is a cryogenic 68 cm diameter spherical gravitational wave antenna made of CuAl(6%) alloy with a mass of 1400 Kg, a resonance frequency of 2.9 kHz and a bandwidth around 230 Hz, possibly higher. The quantum-limited strain sensitivity dL/L would be ~4x10-21. The antenna will operate at a temperature of 20 mK.
:) (picture monkey scratching head)
Wha...?
The point is that they'll let you take a fairly in-depth look 'under the hood' before you buy. I mean, you pay enough for these boxes/software that if they didn't they'd be shooting themselves in the foot.
As far as knowing which vendors to evaluate, we stay up to date by reading Slashdot
To solve the problem of networking, I have just set up a host-only network between my Windows guest and my linux host. Then there's a firewall running on my Linux host which NATs the windows box to whatever network it (the linux host) happens to be using at the time. Works pretty slick. As far as the USB situation, you can tweak hotplug to not grab control of certain devices as they get plugged in. Then, later, if you decide that Linux needs control of the device, you can load the appropriate module manually and use it under linux.
I'm just curious because I too have a job where as long as I have my laptop and a phone line (or broadband in some form or another) can do pretty much anything necessary short of pushing the reset button remotely. I've had great success running a Linux host with Windows in VMWare. It works great for me. What were the trouble points with VMWare?
Games: I Love Bees Anthology DVD Legally Available Online
:)
I have to chuckle to myself when I read article titles like this. The times we live in....
Troll...blah blah blah.
I've been so un-impressed with the other 'new' Star Wars movies that this just doesn't seem very exciting. Mr. Lucas should just have left well enough alone......read the books if you're that interested in the 'rest of the story'. The classic Star Wars movie saga is just getting cheapened by these new movies.
my 2/100 of a buck
--Ben
A snippet from the page:
:/
Note: Turning firewalls OFF will speed your transfer rate immensely.
Yeah...well...there may be some other un-expected side effects of this as well.
Is this really 'Politics for Nerds'? or simply bitching?
OK, but is this really a 'vulnerability' per se? This is the way that the TCP protocol was designed to work. If you can get a RST sent to the other end of the connection within your window, you can kill the connection....this is useful when one end of the connection hasn't received all of the data sent by the other side (possibly due to load) and needs to kill the connection (due to load).
Maybe I missed something in the advisory, but this sounds like a good old TCP reset attack.....which is neither a new or novel concept. People have been doing this for ages with a sniffer and a packet generator.
because Acrobat Reader is free.
I have my browser configured to allow only SSLv3, and I cannot connect to the gmail site unless I enable SSLv2.
We use kickstart to image machines all the time.....many, many machines.....and it works great. Once you get an installation you like, you can just use it as a base for everything.
....and a large step for W-kind!!
(in my best 'George W' voice)
if I wasn't so busy keeping the script kiddies out of the redhat boxs and trying to figure out how a 10-year old perl scrip is supposed to work and writing an interrupt driver in x86 assy.
I guess you're not too busy with that stuff, otherwise you wouldn't be wasting your precious time flaming somebody on Slashdot.
It doesn't seem to be a question of need...unless you you count need for sharing the knowledge. I don't think there's anything wrong with helping a child learn how to do something like this. The really cool thing (for the kid) is that, when they're done, they have an actual product that they can see and show to others.....teaching pride of ownership, which translates into just about every aspect of life.