Properly used, a one time pad system is unbreakable. And you can send it in plain text.
An e-mail message would look like this:
e4sd4 3dkw22 kwdi4 dlw23 jdclp s3dgx and so on and so on.
Since the code is never used twice, you never get a good enough sample to break it unless you somehow get a copy of the code sheet.
No PGP needed - just discipline in properly using the system, never re-using a sheet, and destroying old sheets as soon as they're used. And there's very little tech involved aside from the e-mail itself.
PGP is more convenient, so we might as well save it for ourselves. The bad guys will always have a tool to use.
"Lawyers who squared off in a trademark dispute between the operators of a tourism portal and Barcelona, Spain, disagree on whether a U.S. District Court judge made the right call this month when he awarded the Internet address Barcelona.com to the city. But they agree that the judge broke new ground in U.S. anti-cybersquatting law."
Some Americans can even read an article, and know little trivia like the fact that Spain is an EU country.
I think that SSSCA will probably pass, but not in it's current form. For every Disney that wants every OS and CD-burner to be government approved and secure, there is an IBM that just came up with a business model that depends on Linux and/or BSD remaining open source and hardware to remain relatively inexpensive and free from this kind of political interference.
I don't think IBM's team of lobbyists are in any way intimidated by Disney's, and they'll have friends as well. Once they start spreading the doom and gloom predictions of the destruction of the US tech industry and how much money *that* will cost the economy your average congresscritter will be put in a bind. Send some support to the EFF and/or friendly congresscritter of your choice to help out.
"IF there are aliens who fly around the universe with SUPERIOR technology - they'd have the means to contact us"
What if they're at the same level as we are? Then they're hard to find, easy to lose in the background noise, and may not even realize we're looking for them.
"Would it be more practical/feasible to donate those spare cpu cycles elsewhere???"
Maybe, but it will be limited. The cancer research screen saver you mentioned won't work on anything truly meaningful - after all, there's money in cancer research and nothing sensitive will be allowed out like that. A cure for any type of cancer will be worth billions to the lab that puts it together. They won't risk a competitor installing a screen saver and starting to sift data...
Other applications for distributed computing that start to involve money end up with the same problem - people don't want to donate their electricity & time so someone else can get rich, and I haven't seen any for-profit distributed program that would let me break even on the electricity cost to run the client 24/7.
So non-commercial stuff like SETI or crack the latest encryption scheme will always be the ones most successful. Anyway, the SETI program is starting to spin off other pure science radio astronomy uses for the data, so it's not just little green men anymore.
"But starting last month (January 2002) the bandwidth used by the rest of campus increased in an unexpected and unexplained way."
Doh. I was looking for the gritty details. Massive DDOS bot invasion? SNMP exploit? Warez? Rogue Quake III servers? Son of Napster? Backhoe dug up a cable? There has to be at least an educated guess as to where the bandwidth is going.
I think the network admins at UC Berkeley are just cutting back on Seti, but don't want to admit it publicly. Bad press and all.
"And obviously, if there's a Windows solution running over here that costs licensing money and takes up lots of sysadmin time, and a Linux solution running over there that costs zero dollars in licenses and takes little or no sysdamin time to maintain, and the two systems are performing similar functions, the Windows solution should be tossed in favor of the Linux solution"
The big "if" up there gets author out of trouble by posing this as a possible hypothetical situation. But the 'you don't need to administer Linux' a commonly advocated fallacy.
The license aspect of the above quote is right on (if you choose not to financially support your favorite distribution - but that's voluntary, not a mandatory license fee in *most* cases).
The administration aspect is not true. A Linux admin doesn't read the log files looking for new or unusual items? Doesn't apply patches? Doesn't keep up with things like user accounts, quotas, etc. etc.? Riiight. The administration is different, but basically boils down to keeping up with security patches, and keeping up with your users. Regardless of OS.
If you go to your local government (or a local business trying to save money) and sell open source software as a solution that does not require careful, professional administration you'll end up will all sorts of nice problems that help the internet community - a hacked network of DDOS bots, that nice open relay mail server(s), Aunt June's tax records downloaded from an SQL database with the default admin password set...
You could do it with cron and a shell script if you wanted to.
Just download the.rpm files from RedHat's update directory for your architecture (don't forget the noarchs).
You can use ftp, but mirror or some other package that only downloads new/changed files and can be run from cron is best. And I always put kernel stuff in it's own directory.
cd to the directory you put the rpms in and make sure you don't have multiple versions of a package (foo-1.2.3-19.i386.rpm and foo-1.2.3-20.i386.rpm). `rpm -Fvh *.rpm` and you're done. That is basically what up2date does, except my method downloads *all* off the update.rpms while up2date just gets the ones you want/need, and up2date is smarter about different versions of foo.
Share the directory on the network, and update any other RH box on your LAN. Or burn it to CD-R/RW and move the CD around. Worked for me until I moved over to SuSE last week!
AFAIK in a heterogenous network you can't turn off SSH-1 on other systems and run SSH-2 only, if you expect to interact with the Debian box(en). The other distributions may or may not have the SSH-1 vulnerability, and have just said "to fix this, don't use SSH-1."
Why take the risk? Building OpenSSH or other SSH-2 port from source is the only real solution until the standard Debian SSH package includes SSH-2.
"Since one cannot easily alter the rotational speed of a planet, you sometimes have to wait."
Just remodulate the lateral array to emit a xeneron particle beam aimed at the retreating horizon. This will temporarily speed the planet's rotation. Child's play, really. Wesley could do it.
You'll find RH here, but you'll probably want to use a mirror. When I checked the URL I was user 349 out of only 350 anonymous users allowed. The path should be the same or similar on the mirrors.
I for one think you've got it right. In Microsoft's case it's probably not a good idea for MSN to do this, as all they will accomplish is limit their viewer base when people don't/won't/can't update their browser. I would think they would want to get everyone they can to visit the site and stay there.
However at work we use MS Access quite a bit, and there's really no reason to change. So I'm testing data access pages by mounting them via samba on a Linux web server, and serving them with Apache. (An MS Office license is one thing, springing for an IIS server is another...) Even though it's a Linux web server, the original.asp page still lives on a Windows box, and uses the active-X controls that come with MS Access.
Now I have an Apache web server on Linux serving pages that only IE5+ can use because of the active-X.
I'm not deliberately exluding other browsers - in fact I would like to have more options - but in my case I know that my very specific audience has IE5 or IE5.5 available, and I can use common tools with the rest of the organization (Access). It just works, which is all I really care about.
IMHO this won't go very far unless browsers integrate the codes and let the user set levels of access similar to the security levels - i.e. no porn, but online casinos are OK.
As long as you need to download a list, too many people will be too lazy to do it, or just not computer literate enough to realize that they *can* download a list.
Then again, I wonder what percentage of users 1) know that their browser has security settings and 2) how to set them.
I'm the first to admit that I'm more of a luser than a user, but I'm confused.
The bug report says that the problem is with the latest version of procmail. I'm using procmail-3.21-0.71 and postfix-20010202-4 with no problems at all. All mail is delivered to user mailboxes in ~/mail, as it was before I updated procmail. I just checked updates.redhat.com/7.1/en/os/i386 and the procmail version there is the same.
Am I missing something?
Re:Remove the Restrictions, and they will come...
on
Quarter-sized CD's?
·
· Score: 1
From the Dataplay web site:
"And because DataPlay digital media is universal, you can record and play any DataPlay digital media in any DataPlay-enabled device..."
There are no restrictions! As long as you follow the rules...
Hey, I don't mind being the ugly girl. We just need to keep the prom going until the CIOs pressure their bosses into opposing the SSSCA. One letter from Coca Cola saying that they need OSS to remain open source is worth ten thousand letters from individual Linux/BSD users. Especially if Coke puts a check in there too...
They can go back to Microsoft later if they like, as long as we get some corporate bigwigs thinking that SSSCA might (negatively) impact their bottom line.
Of course the trick is going to be getting our prom date to do what we want him to.
Slashdot Mirror
Properly used, a one time pad system is unbreakable. And you can send it in plain text.
An e-mail message would look like this:
e4sd4 3dkw22 kwdi4 dlw23 jdclp s3dgx and so on and so on.
Since the code is never used twice, you never get a good enough sample to break it unless you somehow get a copy of the code sheet.
No PGP needed - just discipline in properly using the system, never re-using a sheet, and destroying old sheets as soon as they're used. And there's very little tech involved aside from the e-mail itself.
PGP is more convenient, so we might as well save it for ourselves. The bad guys will always have a tool to use.
"Lawyers who squared off in a trademark dispute between the operators of a tourism portal and Barcelona, Spain, disagree on whether a U.S. District Court judge made the right call this month when he awarded the Internet address Barcelona.com to the city. But they agree that the judge broke new ground in U.S. anti-cybersquatting law."
Some Americans can even read an article, and know little trivia like the fact that Spain is an EU country.
Yah, I know - redundant.
I think that SSSCA will probably pass, but not in it's current form. For every Disney that wants every OS and CD-burner to be government approved and secure, there is an IBM that just came up with a business model that depends on Linux and/or BSD remaining open source and hardware to remain relatively inexpensive and free from this kind of political interference.
I don't think IBM's team of lobbyists are in any way intimidated by Disney's, and they'll have friends as well. Once they start spreading the doom and gloom predictions of the destruction of the US tech industry and how much money *that* will cost the economy your average congresscritter will be put in a bind. Send some support to the EFF and/or friendly congresscritter of your choice to help out.
Yes, but does it run NetBSD?
"IF there are aliens who fly around the universe with SUPERIOR technology - they'd have the means to contact us"
What if they're at the same level as we are? Then they're hard to find, easy to lose in the background noise, and may not even realize we're looking for them.
"Would it be more practical/feasible to donate those spare cpu cycles elsewhere???"
Maybe, but it will be limited. The cancer research screen saver you mentioned won't work on anything truly meaningful - after all, there's money in cancer research and nothing sensitive will be allowed out like that. A cure for any type of cancer will be worth billions to the lab that puts it together. They won't risk a competitor installing a screen saver and starting to sift data...
Other applications for distributed computing that start to involve money end up with the same problem - people don't want to donate their electricity & time so someone else can get rich, and I haven't seen any for-profit distributed program that would let me break even on the electricity cost to run the client 24/7.
So non-commercial stuff like SETI or crack the latest encryption scheme will always be the ones most successful. Anyway, the SETI program is starting to spin off other pure science radio astronomy uses for the data, so it's not just little green men anymore.
"But starting last month (January 2002) the bandwidth used by the rest of campus increased in an unexpected and unexplained way."
Doh. I was looking for the gritty details. Massive DDOS bot invasion? SNMP exploit? Warez? Rogue Quake III servers? Son of Napster? Backhoe dug up a cable? There has to be at least an educated guess as to where the bandwidth is going.
I think the network admins at UC Berkeley are just cutting back on Seti, but don't want to admit it publicly. Bad press and all.
"And obviously, if there's a Windows solution running over here that costs licensing money and takes up lots of sysadmin time, and a Linux solution running over there that costs zero dollars in licenses and takes little or no sysdamin time to maintain, and the two systems are performing similar functions, the Windows solution should be tossed in favor of the Linux solution"
The big "if" up there gets author out of trouble by posing this as a possible hypothetical situation. But the 'you don't need to administer Linux' a commonly advocated fallacy.
The license aspect of the above quote is right on (if you choose not to financially support your favorite distribution - but that's voluntary, not a mandatory license fee in *most* cases).
The administration aspect is not true. A Linux admin doesn't read the log files looking for new or unusual items? Doesn't apply patches? Doesn't keep up with things like user accounts, quotas, etc. etc.? Riiight. The administration is different, but basically boils down to keeping up with security patches, and keeping up with your users. Regardless of OS.
If you go to your local government (or a local business trying to save money) and sell open source software as a solution that does not require careful, professional administration you'll end up will all sorts of nice problems that help the internet community - a hacked network of DDOS bots, that nice open relay mail server(s), Aunt June's tax records downloaded from an SQL database with the default admin password set...
Nice.
You could do it with cron and a shell script if you wanted to.
.rpm files from RedHat's update directory for your architecture (don't forget the noarchs).
.rpms while up2date just gets the ones you want/need, and up2date is smarter about different versions of foo.
Just download the
You can use ftp, but mirror or some other package that only downloads new/changed files and can be run from cron is best. And I always put kernel stuff in it's own directory.
cd to the directory you put the rpms in and make sure you don't have multiple versions of a package (foo-1.2.3-19.i386.rpm and foo-1.2.3-20.i386.rpm). `rpm -Fvh *.rpm` and you're done. That is basically what up2date does, except my method downloads *all* off the update
Share the directory on the network, and update any other RH box on your LAN. Or burn it to CD-R/RW and move the CD around. Worked for me until I moved over to SuSE last week!
Science finally explains all those years of exploding consoles in Star Trek!
AFAIK in a heterogenous network you can't turn off SSH-1 on other systems and run SSH-2 only, if you expect to interact with the Debian box(en). The other distributions may or may not have the SSH-1 vulnerability, and have just said "to fix this, don't use SSH-1."
Why take the risk? Building OpenSSH or other SSH-2 port from source is the only real solution until the standard Debian SSH package includes SSH-2.
"Since one cannot easily alter the rotational speed of a planet, you sometimes have to wait."
Just remodulate the lateral array to emit a xeneron particle beam aimed at the retreating horizon. This will temporarily speed the planet's rotation. Child's play, really. Wesley could do it.
I know, I know, OT...
One does not normally append a period to a URL or command. Someone might type it.
/
Jargon 4.3.1
You'll find RH here, but you'll probably want to use a mirror. When I checked the URL I was user 349 out of only 350 anonymous users allowed. The path should be the same or similar on the mirrors.
ftp://ftp.kde.org/pub/kde/stable/2.2.2/RedHat/7.2
"No one honestly cares! Now, before you dismiss this as "troll", let's take an honest look at the situation:"
/. help me?
You got that right. I've been tweaking computers since my 1979 Rev. 0 Apple ][+ (_with_ the amber monitor, mind you - tres cool...)
I had to go to google to figure out what 3G meant in the first place. That generated a big, resounding "oh."
Then again, I don't own an Aibo either, so I must be a geek-wanna-be. Can
I for one think you've got it right. In Microsoft's case it's probably not a good idea for MSN to do this, as all they will accomplish is limit their viewer base when people don't/won't/can't update their browser. I would think they would want to get everyone they can to visit the site and stay there.
.asp page still lives on a Windows box, and uses the active-X controls that come with MS Access.
However at work we use MS Access quite a bit, and there's really no reason to change. So I'm testing data access pages by mounting them via samba on a Linux web server, and serving them with Apache. (An MS Office license is one thing, springing for an IIS server is another...) Even though it's a Linux web server, the original
Now I have an Apache web server on Linux serving pages that only IE5+ can use because of the active-X.
I'm not deliberately exluding other browsers - in fact I would like to have more options - but in my case I know that my very specific audience has IE5 or IE5.5 available, and I can use common tools with the rest of the organization (Access). It just works, which is all I really care about.
IMHO this won't go very far unless browsers integrate the codes and let the user set levels of access similar to the security levels - i.e. no porn, but online casinos are OK.
As long as you need to download a list, too many people will be too lazy to do it, or just not computer literate enough to realize that they *can* download a list.
Then again, I wonder what percentage of users 1) know that their browser has security settings and 2) how to set them.
I'm the first to admit that I'm more of a luser than a user, but I'm confused.
The bug report says that the problem is with the latest version of procmail. I'm using procmail-3.21-0.71 and postfix-20010202-4 with no problems at all. All mail is delivered to user mailboxes in ~/mail, as it was before I updated procmail. I just checked updates.redhat.com/7.1/en/os/i386 and the procmail version there is the same.
Am I missing something?
From the Dataplay web site:
"And because DataPlay digital media is universal, you can record and play any DataPlay digital media in any DataPlay-enabled device..."
There are no restrictions! As long as you follow the rules...
Hey, I don't mind being the ugly girl. We just need to keep the prom going until the CIOs pressure their bosses into opposing the SSSCA. One letter from Coca Cola saying that they need OSS to remain open source is worth ten thousand letters from individual Linux/BSD users. Especially if Coke puts a check in there too...
They can go back to Microsoft later if they like, as long as we get some corporate bigwigs thinking that SSSCA might (negatively) impact their bottom line.
Of course the trick is going to be getting our prom date to do what we want him to.