First, he doesn't have a driver's license. Second, he doesn't have a problem with the law that says you have to show ID to get on a plane. He just wants someone to show him a copy of it and the government claims that the details of the law cannot be divulged to the public. Liberal or conservative you shouldn't like the idea that the government can hold you accountable to rules that they won't divulge.
I have S3 suspend/resume working on both a Gateway 450ROG and a Toshiba 4600. It was as simple as adding a few lines to/etc/sysctl.conf. I don't have any experience with Linux but the ACPI support in FreeBSD 5-STABLE is what convinced me to upgrade from 4-STABLE.
Skipping the commercials in broadcast television is no more theft than eating from the sample tray at your grocery store. The broadcast company is gambling that as you watch their content you will be convinced to make a purchasing decision based on its the advertising portion. Just like your local grocer is gambling that you will may like the products that he has on his sample tray enough to buy them.
The problem here is that this gamble hasn't been paying off lately and the advertising industry has been looking outward for someone to blame rather than looking inward and seeing how they are a large part of the problem. Our world is so filled with advertising now that it's impossible for any one spot stick out. The result is that none of the advertising is persuasive and the industry is losing its gamble wholesale. The broadcast industry is at risk that their clients will decide that this type of advertising doesn't work.
If we are very very lucky this entire industry will collapse or explode and everyone will get up off of the couch and go running or read a book like you say.
Tivo's a really great technology and the convenience of just taking it out of the box and having it work is very cool by me but catering to the needs of the advertising industry by removing one of their main selling points is shooting themself in the foot. I hope that they can survive the injury.
My next PVR was going to be a Myth TV box anyhow but this just accelerates my timetable.
Tivo's a really great technology and the convenience of just taking it out of the box and having it work is very cool by me but catering to the needs of the advertising industry by removing one of their main selling points is like
Try a patch, corner, or parabolic reflector located at the access point. It should do the job and if it doesn't you will not have wasted much time or money. Freeantennas has plans. You can use ordinary tin foil or screening to You want to orient the antenna to either block the interference or to project it's stronger coverage over your desired area. If that doesn't use a cat5 cable.
-- ecks
Agreed, in fact the FreeBSD team should declare that they own the contents of the/etc/defaults directory.. All files within should be chflags schg so that you would have to utterly clueless to actually edit any of them. Finally the default action of make installworld should be to completely wipe new files in/etc/defaults with new stuff from source.
He would establish himself as a CLEC. This would allow him to colocate a DSLAM in the ILEC's CO. This is exactly what DSL.net did when it offered SDSL to customers in Connecticut before SNET/SBC was offering ADSL to it's customers.
As many people have suggested you will probably have to write this on your own. Users will not have access to root... is probably a good place to start.
The Linux terminal server project would be a good place to look for ideas on how to build this. In my opinion the real bang for the buck from Linux on the desktop would come from leveraging X11, NFS, and NIS or the "thin client model", to create a graphical computing environment analogous to the VAX/VMS environment for vt-220 terminals from the mid 1980s. The current implementation would centralize user file storage and application storage to few servers. And then deploy a bunch of Linux machines which attach to that storage over the network. It would be really stupid of us as a community to repeat the mistakes made in the Microsoft Windows world by adopting the broken pieces of the windows model of computing.
Ctrl-Alt-Backspace & similar functions can be turned off.
Option "DontVTSwitch" in the appropriate section of your XF86Config file disables switching to text virtual terminals;
Option "DontZap" Neuters Ctrl-Alt-Backspace;
Option "DontZoom" Turns of resolution switching.
Read the manual page for XF86Config for details. There are probably several things in here that you want to setup if you are trying to create a linux desktop for normal users.
While this isn't bad there are better ways to secure your
ports. Firstly many are calling this security through obscurity when
it's really just another layer of password protection with knocks on
ports substituted for a text string.
It does have problems. It doesn't use much information and it does not
provide authentication. I.e. when someone successfully "authenticates"
you only know that someone knocked on the ports in the right sequence
from machine w.x.y.z. You have to dedicate a large number of ports at
your firewall to make the keyspace large and those ports cannot be
used for outgoing connections. If you aren't running a NAT firewall
this may be impossible to implent. It's susceptible to internet
weather. Dropped packet can cause the authentication to fail by timing
out. The sequence order of knocks may not be available which really
weakens your "passwords". Remember: There is no guarentee of the order
in which packets delivered on the internet are received or processed
at their destination. This makes sequencing difficult. If you have to
throw out sequencing "abcde", "bacde", "abdec" and all other sequences
of the letters "edcba" become the same password. Without sequencing
this is not secure. But if you can implement with sequencing, a wide
port range and a length of at least 8 knocks you could get a pretty
big keyspace. Even after all that I think there are at least two
better ways to do this:
1. IPSEC or FreeS/WAN - If you build an IPSEC tunnel between the two
machines each packet is authenticated and it's reasonably
safe to allow the "external" box to hit the ports on your
internal side. Even ports that are closed on the outside. The
overhead for using IPSec is approximately 4ms of latency if the
machines doing the work are Pentium 100's or better. Also with
FreeS/WAN you can use Opportunistic Encryption to set this up
automatically between two boxes with dynamic IP's.
2. Create a small set of programs to do certificate based
authentication using routines from the OpenSSL Engine. One
program would be a small (< 1000 lines C) program to send a
challenge to anyone who opened it's TCP port. This program would
not run as root. It would handshake challenges to the second
program, a local verification client, via the filesystem. This
client would verify that the challenge had been answered
correctly using digital certificates and take appropriate action.
If it's not obvious the TCP listener runs unprivileged on an
unprivileged port. It could be chroot jailed for further
security. In any case that I can think of verification program
would need to run with escalated privileges.
Problems: With IPSEC or FreeS/WAN you have to rely on a large amount
of code that it is difficult to read and verify. This is also kernel
code so if there is a bug in it someone really owns your box. Still, I
think that the IPSEC implementations in ((Open|Free)BSD)|Linux are
good enough that I trust and use them. Configuration is moderatly
difficult but in the most simple cases maintenance is easy. With the
two part cerificate verification daemons you have to build and run a
Certificate Authority. The pieces can be built in a secure fashion
that stands up the Cheswick and Bellovin's "Lunch time read test". The
internal piece is more difficult because it has to has to rely on the
openssl libraries but it still would follow good practices and do
heavy checks on it's input before either sending bits to openssl or
taking any actions.
All the wall warts you have are to convert Westinghouse's AC into Edison's DC. The transformer types all have the same parts, A transformer to change the voltage to whatever they consider convenient, A rectifier and filter of some sort to convert the transformed AC into DC. If you had a 48VDC supply in your house (like they do in telco switches) All of your equipment would be designed to draw from that 48 V supply. This is similar to the auto industry were all the accessories are designed to work on 12V.
During the first three months lack of sleep is the biggest problem. This is a paradox since all the baby does is sleep.
Sleep when the baby sleeps.
Breast fed babys sleep about two hours at a stretch. Formula fed babys get to about 3 ~ 4.
On breastfeeding. No argument that it's natural and the best. It takes patience for mom and baby to learn how to do it. It's very important at the beginning because it transfers immunity from mom to baby. A lactation consultant is a good thing.
From three months to six your life will resemble it's pre-baby form because the baby has learned to sleep for 4~6 hours at a stretch.
Products that I find helpful:
Baby Bjorn front carrier: At $80.00 it seems expensive but I've used mine every day since I could.
The Baby Book by Dr William Sears and Martha Sears RN: Takes a Earthy approach to child rearing which I can already see.
Lastly and most importantly early child rearing is a job best done by three or more people. If your child will have grandparents or other caring friends and family take them up on any honest offers to help. Avoid help that comes with baggage.
Whether or not ISP are common carriers is legally murky. ISP's want to be common carriers because of the legal protections involved and I asy that because I work for one.
Any firewall that to passes all traffic in the case of equipment failure is poorly designed. Any firewall worth the hardware it runs on defaults to block all traffic in the case of a software glitch. And any firewall that allows remote reconfiguration through the hostile interface is inherently flawed. By your argument I should turn of internal Email, NFS, SMB/CIFS, NIS, and DNS since these services would all open me up to a raft of problems if I allowed them to pass through my firewall. Microsoft messaging is a good service but it was never designed to be exposed to the internet. The people that allow it to pass through their firewall unchecked deserve the spam that they are getting.
Has anyone noticed that although servers are banned all the port blocks are gone. I can telnet to 25, 80, 1080, 8000 on my connection and tcpdump shows the packets arriving (and getting eaten by ipf).
I think it's diminishing returns. If I remember my kinematics & machine design classes, bearing stress goes up as the 4th power of the the rotational speed. If that's correct the spindle bearing and case in a 10000 rpm drive needs to be 272% stronger than the same parts in a 7200 rpm drive. For the jump from 7200 to 15000 rpm the increase is 1784%. The overall performance gains for those speed increases are 38% (7200 - 10000) and 108% (7200 - 15000). The market's probably not willing to pay such a great cost for such a small gain.
Preferably on based on the Old Canon Laser Printer engine in the HP LaserJet II/III. These things run forever and cost $0.03/page to print plus electricity. They print well on okay paper. The print quickly. If you are running Linux I would recommend something like the Nec Silentwriter 2 290 or 990 which had postscript and PCL emulation. a2ps prints 8~9 pages a minute on my Nec without a problem.
What you are looking for is a digital camera body. These are pretty expensive but you can get close with the right digital camera. You will sacrafice the ability to change lenses so make sure you get a nice builtin lens. I have an Olympus C-2100 and I'm very happy with it. With a 128M smart media card it will take about 256 pictures. It offers four modes:
Point & Shoot (P)
Camera controls everything.
Apeture Priority (A)
You set apeture Camera sets everything else.
Shutter priority (S)
You set shutter speed camera sets everything else
Manual (M)
You set everything.
Scene (S-Prg)
Camera set all by the type of scene you choose.
The upside to this camera is the lens which is higher quality then you find in most Digital cameras and the 10x optical zoom which is plenty. The downsides are the 2.1 megapixels and the size which is a bit big to lug around. I bought this because I like to take pictures at the Race Track so the 10x Optical Zoom and Shutter priority modes are required. YMMV you can test drive this camera at CompUSA. I found this to be the best compromise between my fully manual Minolta SR-101 SLR and the Canon D-60 which is $$$$$ expensive.
It's just that the car people call it tuning instead of hacking. In my case the point is the same as with computers: to wring the maximum performance out of a particular package.
Ecks:
Who just finished putting his summer car on dollies and changed his wife's car over to snow tires.
I'm in CT too with just OptOnline. It works quite well although I'm seeing a consistant 350k/s over long downloads from ftp.openbsd.org. MY upload speed appears to be about 128kbytes / sec also. I've noticed that the D in DHCP seems to stand for doesn't change much. In a year and a half of having OptOnline I've had 3 IP addresses. It's really to the point now where I'm going to set up a script that says:
Did my IP address change? If so update the DNS server at work and reboot.
I've got a Co-Loed box in our server closet here doing Mail MX and Primary DNS for my domain. But the content delivery is all done through the cable modem.
Slashdot Mirror
First, he doesn't have a driver's license. Second, he doesn't have a problem with the law that says you have to show ID to get on a plane. He just wants someone to show him a copy of it and the government claims that the details of the law cannot be divulged to the public. Liberal or conservative you shouldn't like the idea that the government can hold you accountable to rules that they won't divulge.
-- Ecks
I have S3 suspend/resume working on both a Gateway 450ROG and a Toshiba 4600. It was as simple as adding a few lines to /etc/sysctl.conf. I don't have any experience with Linux but the ACPI support in FreeBSD 5-STABLE is what convinced me to upgrade from 4-STABLE.
--Ecks
Skipping the commercials in broadcast television is no more theft than eating from the sample tray at your grocery store. The broadcast company is gambling that as you watch their content you will be convinced to make a purchasing decision based on its the advertising portion. Just like your local grocer is gambling that you will may like the products that he has on his sample tray enough to buy them.
The problem here is that this gamble hasn't been paying off lately and the advertising industry has been looking outward for someone to blame rather than looking inward and seeing how they are a large part of the problem. Our world is so filled with advertising now that it's impossible for any one spot stick out. The result is that none of the advertising is persuasive and the industry is losing its gamble wholesale. The broadcast industry is at risk that their clients will decide that this type of advertising doesn't work.
If we are very very lucky this entire industry will collapse or explode and everyone will get up off of the couch and go running or read a book like you say.
-- Ecks
Tivo's a really great technology and the convenience of just taking it out of the box and having it work is very cool by me but catering to the needs of the advertising industry by removing one of their main selling points is shooting themself in the foot. I hope that they can survive the injury.
My next PVR was going to be a Myth TV box anyhow but this just accelerates my timetable.
-- Ecks
Tivo's a really great technology and the convenience of just taking it out of the box and having it work is very cool by me but catering to the needs of the advertising industry by removing one of their main selling points is like
Try a patch, corner, or parabolic reflector located at the access point. It should do the job and if it doesn't you will not have wasted much time or money. Freeantennas has plans. You can use ordinary tin foil or screening to You want to orient the antenna to either block the interference or to project it's stronger coverage over your desired area. If that doesn't use a cat5 cable. -- ecks
Agreed, in fact the FreeBSD team should declare that they own the contents of the /etc/defaults directory.. All files within should be chflags schg so that you would have to utterly clueless to actually edit any of them. Finally the default action of make installworld should be to completely wipe new files in /etc/defaults with new stuff from source.
--ecks
He would establish himself as a CLEC. This would allow him to colocate a DSLAM in the ILEC's CO. This is exactly what DSL.net did when it offered SDSL to customers in Connecticut before SNET/SBC was offering ADSL to it's customers.
-- ecks
As many people have suggested you will probably have to write this on your own. Users will not have access to root... is probably a good place to start.
The Linux terminal server project would be a good place to look for ideas on how to build this. In my opinion the real bang for the buck from Linux on the desktop would come from leveraging X11, NFS, and NIS or the "thin client model", to create a graphical computing environment analogous to the VAX/VMS environment for vt-220 terminals from the mid 1980s. The current implementation would centralize user file storage and application storage to few servers. And then deploy a bunch of Linux machines which attach to that storage over the network. It would be really stupid of us as a community to repeat the mistakes made in the Microsoft Windows world by adopting the broken pieces of the windows model of computing.
-- Ecks
- Option "DontVTSwitch" in the appropriate section of your XF86Config file disables switching to text virtual terminals;
- Option "DontZap" Neuters Ctrl-Alt-Backspace;
- Option "DontZoom" Turns of resolution switching.
Read the manual page for XF86Config for details. There are probably several things in here that you want to setup if you are trying to create a linux desktop for normal users.-- Ecks
Rent the first one out. Buy the super extended version at the end of the year. Netflix should have it.
-- Ecks
While this isn't bad there are better ways to secure your ports. Firstly many are calling this security through obscurity when it's really just another layer of password protection with knocks on ports substituted for a text string.
It does have problems. It doesn't use much information and it does not provide authentication. I.e. when someone successfully "authenticates" you only know that someone knocked on the ports in the right sequence from machine w.x.y.z. You have to dedicate a large number of ports at your firewall to make the keyspace large and those ports cannot be used for outgoing connections. If you aren't running a NAT firewall this may be impossible to implent. It's susceptible to internet weather. Dropped packet can cause the authentication to fail by timing out. The sequence order of knocks may not be available which really weakens your "passwords". Remember: There is no guarentee of the order in which packets delivered on the internet are received or processed at their destination. This makes sequencing difficult. If you have to throw out sequencing "abcde", "bacde", "abdec" and all other sequences of the letters "edcba" become the same password. Without sequencing this is not secure. But if you can implement with sequencing, a wide port range and a length of at least 8 knocks you could get a pretty big keyspace. Even after all that I think there are at least two better ways to do this:
Problems: With IPSEC or FreeS/WAN you have to rely on a large amount of code that it is difficult to read and verify. This is also kernel code so if there is a bug in it someone really owns your box. Still, I think that the IPSEC implementations in ((Open|Free)BSD)|Linux are good enough that I trust and use them. Configuration is moderatly difficult but in the most simple cases maintenance is easy. With the two part cerificate verification daemons you have to build and run a Certificate Authority. The pieces can be built in a secure fashion that stands up the Cheswick and Bellovin's "Lunch time read test". The internal piece is more difficult because it has to has to rely on the openssl libraries but it still would follow good practices and do heavy checks on it's input before either sending bits to openssl or taking any actions.
--Ecks
All the wall warts you have are to convert Westinghouse's AC into Edison's DC. The transformer types all have the same parts, A transformer to change the voltage to whatever they consider convenient, A rectifier and filter of some sort to convert the transformed AC into DC. If you had a 48VDC supply in your house (like they do in telco switches) All of your equipment would be designed to draw from that 48 V supply. This is similar to the auto industry were all the accessories are designed to work on 12V.
It work's out to about 14.79 hours per Unix password encrypted with crypt and using a 12 bit salt.
On breastfeeding. No argument that it's natural and the best. It takes patience for mom and baby to learn how to do it. It's very important at the beginning because it transfers immunity from mom to baby. A lactation consultant is a good thing.
From three months to six your life will resemble it's pre-baby form because the baby has learned to sleep for 4~6 hours at a stretch.
Products that I find helpful:
which I can already see.
Lastly and most importantly early child rearing is a job best done by three or more people. If your child will have grandparents or other caring friends and family take them up on any honest offers to help. Avoid help that comes with baggage.
Ecks
Having the baby:
Whether or not ISP are common carriers is legally murky. ISP's want to be common carriers because of the legal protections involved and I asy that because I work for one.
Any firewall that to passes all traffic in the case of equipment failure is poorly designed. Any firewall worth the hardware it runs on defaults to block all traffic in the case of a software glitch. And any firewall that allows remote reconfiguration through the hostile interface is inherently flawed. By your argument I should turn of internal Email, NFS, SMB/CIFS, NIS, and DNS since these services would all open me up to a raft of problems if I allowed them to pass through my firewall. Microsoft messaging is a good service but it was never designed to be exposed to the internet. The people that allow it to pass through their firewall unchecked deserve the spam that they are getting.
Ecks
Has anyone noticed that although servers are banned all the port blocks are gone. I can telnet to 25, 80, 1080, 8000 on my connection and tcpdump shows the packets arriving (and getting eaten by ipf).
Chris
I think it's diminishing returns. If I remember my kinematics & machine design classes, bearing stress goes up as the 4th power of the the rotational speed. If that's correct the spindle bearing and case in a 10000 rpm drive needs to be 272% stronger than the same parts in a 7200 rpm drive. For the jump from 7200 to 15000 rpm the increase is 1784%. The overall performance gains for those speed increases are 38% (7200 - 10000) and 108% (7200 - 15000). The market's probably not willing to pay such a great cost for such a small gain.
Ecks
Buy the extended edition in November.
Preferably on based on the Old Canon Laser Printer engine in the HP LaserJet II/III. These things run forever and cost $0.03/page to print plus electricity. They print well on okay paper. The print quickly. If you are running Linux I would recommend something like the Nec Silentwriter 2 290 or 990 which had postscript and PCL emulation. a2ps prints 8~9 pages a minute on my Nec without a problem.
Chris
The upside to this camera is the lens which is higher quality then you find in most Digital cameras and the 10x optical zoom which is plenty. The downsides are the 2.1 megapixels and the size which is a bit big to lug around. I bought this because I like to take pictures at the Race Track so the 10x Optical Zoom and Shutter priority modes are required. YMMV you can test drive this camera at CompUSA. I found this to be the best compromise between my fully manual Minolta SR-101 SLR and the Canon D-60 which is $$$$$ expensive.
It's just that the car people call it tuning instead of hacking. In my case the point is the same as with computers: to wring the maximum performance out of a particular package.
Ecks:
Who just finished putting his summer car on dollies and changed his wife's car over to snow tires.
I'm in CT too with just OptOnline. It works quite well although I'm seeing a consistant 350k/s over long downloads from ftp.openbsd.org. MY upload speed appears to be about 128kbytes / sec also. I've noticed that the D in DHCP seems to stand for doesn't change much. In a year and a half of having OptOnline I've had 3 IP addresses. It's really to the point now where I'm going to set up a script that says:
I've got a Co-Loed box in our server closet here doing Mail MX and Primary DNS for my domain. But the content delivery is all done through the cable modem.Chris