You don't use cutting edge technology to serve web pages. That's just silly.
Dynamically generated web pages are the simplest little things there are. They are a short text file. They can be produced in any language. (Indeed, Microsoft selected BASIC for their web server. Talk about "not exactly cutting edge technology")
Here's something to remember about "cutting edge technology". It is big, slow, and crashes a lot.
It is big and slow because developers these days know that they have access to amazingly fast CPUs so they get code whiz-bang features that slow it way down rather than making small tight code that is all you need to serve up little text pages.
It crashes a lot because it is new and hasn't had the bugs worked out of it yet.
Listen to us. You hired me because I am good. If I wasn't good you shouldn't have hired me. What I say goes. We really don't want to run Oracle on a 486. That would be bad.
Decide on a plan. You can change the plan. But don't pester me with changes to the User Interface when I'm trying to make the back end work. Believe it or not a solid back end that takes a long time to create (while the boss things I'm doing nothing because there aren't results he can see) will be good for the project and the UI changes can be made in an afternoon with an intern doing them.
Act as a filter. Actually I don't like to be cut out of the loop. I like to know what is going on. Sometimes I can increase productivity by suggesting a feature slightly different but much easier to code. But I don't want to be in the middle of disagreements on features or whatever.
I sometimes use the source to fix bugs but mostly I like to be able to add the one stupid little feature that makes my life abundantly easier, takes 5 minutes to code, and would never show up in a closed program.
I empathise with those who had name trouble. Both I and my sister have had trouble getting our driver's licenses due to the PDPS (officially the Problem Driver Pointer System, unofficially the Perfect Driver Punishment System).
In my case Alabama showed up with a claim to have suspended my license even though I've never been there. Based on a match of my name and birth date, the ticket involved proved to be for speeding and not having a license. So besides the fact that my name is a very popular one (I estimate there are 7000 using it in the United States based on US Census data) they never even had proof of who they pulled over.
I don't know the details of my sister's case yet.
So I empathise with victims of flimsy checks using names and birth dates for matches.
For this to be worthwhile for them they must have good copy protection. However, copy protection is an impossibility.
The goal of copy protection is to create something that copies perfectly to a display device but fails to copy to a recording device. Simply creating a recording device that more perfectly emulates the display device and the signal is copyable.
Copy protection screws things up. That is how macrovision works. They screw up the signal coming out of the vcr so that recording devices with certain circuits will not record a good picture, then they lobby congress to make it illegal to produce a vcr without those circuits. (We pay the congress to work for Macrovision, what kind of a scam is that?)
DVDs don't have copy protection. If you copy an encrypted DVD you still have all the data that was on the original. Region codes and encryption (encryption is maybe too strong a word for what they do) do nothing except for make you life difficult when you are trying to read the DVD. Region codes mean that in order to watch movies you purchased you may have to buy up to seven DVD players (or 1 code-free DVD player) although it is likely that most of your movies will be from your home region.
So you do agree that it probably isn't a good idea for incoming attackers to have a list of all the user accounts on your machine?
As far as my attack, don't count on it. I don't have time to break into someone else's machines. It is much more challenging to secure a machine as someone breaking in needs only one little opening but someone securing a machine needs to block all entry points.
-- Would you buy a biometric ID system that cost an arm and a leg?
Are we really any more advanced than the Amish?
on
Arguing A.I.
·
· Score: 1
Have we really made any significant, life-improving progress over the Amish? Or have we just turned life into a confusing, fast-paced, journey to nowhere that we will soon be able to complete on our own without the assistance of another human?
Everyone I know either loved them or was completely unaware of them.
Everyone I know that loved them is a successful computer professional now with an excellent understanding of computers, how they work, and what they are capable of.
Was there another high performance multitasking interface that you preferred in 1985?
The term rewrite made me think that you rewrote wu_ftpd rather than wrote your own ftp server.
Writing a web server is pretty easy. Writing a web server that supports activeX components, indexing, etc in a secure fashion is a lot harder.
As far as Linux being simpler, why in the world would I want a web server capable of 3d graphics, neato sound effects, etc. My Linux servers have uptimes of 7 1/2 months. They would have been up the entire year since their install if not for a power problem at our ISP. Simpler is good. Experienced people should have figured that out by now.
I would say that Linux has more tools to work with to secure a system. Whether a specific project is secure or not seems to depend on the programmers for that specific project. Both BIND and wu_ftpd have a history. Unfornately you're probably one of the ones that was using them when they got that history.
I run BIND chroot and on a non-root account. That should offer some extra protection. and I don't run any ftp server. I'm unhappy with the protocol so I use http instead of anonymous ftp and ssh/scp instead of password protected ftp.
Also, while you were rewriting wu_ftpd, IIS was suffering from a multitude of flaws, yet you had no opportunity to rewrite that to fix them.
an excellent windowing and multitasking architecture (smooth, not slow and jerky) in 1985. 32 bit hardware at a reasonable price well before that stuff was available for PCs.
Amiga was one incredible PC and way ahead of its time. I'd certainly love an up-to-date model if the new ones can attain the same type of standards as the old ones.
No. Managers are a completely different species from coders. A developer controlled project means that the actual coders make the decision to say it is done and assign the version numbers to it.
(At least in my experience.)
I have never been managed by a former or current coder. My managers have been failed coders that are good at paperwork, marketing personnel, and a manager from another company hired for that purpose.
The reason a lot of useful projects in the open-source world have version numbers less than 1 is because the version numbers are assigned by the developer and a version 1.0 means the developer says it is ready.
By contrast a company releasing a closed source product assigns version numbers to make the customer feel good. A 1.0 assigned by the managers, schedules, timelines, etc means "it is barely functioning but we want to make some money from it now".
OK. If the data is sent to you and you can use that data to watch a movie how do you prevent that data from being stored somewhere?
It seems to me the content producers are trying to do the impossible. In this case and in other cases where they try to do copy protection.
Copy protection is the attempt to create something that will send a good signal to a display device but a bad signal to a recording device. Every implementation I have seen to date sends a less than perfect signal to the display device resulting in unwatchability at times.
When it comes right down to it, all you need to do to copy the signal is create a recording device that emulates a display device well enough.
I have 1 DVD that will not play with my current DVD player. My other DVD player had trouble with 2 different DVDs. Macrovision resulted in a distorted picture with the combination of hardware I was using to view VHS.
Is it too much to ask that I be able to view the content I've paid for?
Slashdot Mirror
For all the talk of copying DVDs I doubt it happens any more than the copying of VHS movies.
I've rented DVDs multiple times and never had a bad result.
If your friend doesn't have it then what happens? He rents it (aka DVD rental taking off) or he buys it (aka DVD sales taking off)
You don't use cutting edge technology to serve web pages. That's just silly.
Dynamically generated web pages are the simplest little things there are. They are a short text file. They can be produced in any language. (Indeed, Microsoft selected BASIC for their web server. Talk about "not exactly cutting edge technology")
Here's something to remember about "cutting edge technology". It is big, slow, and crashes a lot.
It is big and slow because developers these days know that they have access to amazingly fast CPUs so they get code whiz-bang features that slow it way down rather than making small tight code that is all you need to serve up little text pages.
It crashes a lot because it is new and hasn't had the bugs worked out of it yet.
I wondered the same thing after the arrest of Skylarov.
Listen to us. You hired me because I am good. If I wasn't good you shouldn't have hired me. What I say goes. We really don't want to run Oracle on a 486. That would be bad.
Decide on a plan. You can change the plan. But don't pester me with changes to the User Interface when I'm trying to make the back end work. Believe it or not a solid back end that takes a long time to create (while the boss things I'm doing nothing because there aren't results he can see) will be good for the project and the UI changes can be made in an afternoon with an intern doing them.
Act as a filter. Actually I don't like to be cut out of the loop. I like to know what is going on. Sometimes I can increase productivity by suggesting a feature slightly different but much easier to code. But I don't want to be in the middle of disagreements on features or whatever.
I sometimes use the source to fix bugs but mostly I like to be able to add the one stupid little feature that makes my life abundantly easier, takes 5 minutes to code, and would never show up in a closed program.
I empathise with those who had name trouble. Both I and my sister have had trouble getting our driver's licenses due to the PDPS (officially the Problem Driver Pointer System, unofficially the Perfect Driver Punishment System).
In my case Alabama showed up with a claim to have suspended my license even though I've never been there. Based on a match of my name and birth date, the ticket involved proved to be for speeding and not having a license. So besides the fact that my name is a very popular one (I estimate there are 7000 using it in the United States based on US Census data) they never even had proof of who they pulled over.
I don't know the details of my sister's case yet.
So I empathise with victims of flimsy checks using names and birth dates for matches.
For this to be worthwhile for them they must have good copy protection. However, copy protection is an impossibility.
The goal of copy protection is to create something that copies perfectly to a display device but fails to copy to a recording device. Simply creating a recording device that more perfectly emulates the display device and the signal is copyable.
Copy protection screws things up. That is how macrovision works. They screw up the signal coming out of the vcr so that recording devices with certain circuits will not record a good picture, then they lobby congress to make it illegal to produce a vcr without those circuits. (We pay the congress to work for Macrovision, what kind of a scam is that?)
DVDs don't have copy protection. If you copy an encrypted DVD you still have all the data that was on the original. Region codes and encryption (encryption is maybe too strong a word for what they do) do nothing except for make you life difficult when you are trying to read the DVD. Region codes mean that in order to watch movies you purchased you may have to buy up to seven DVD players (or 1 code-free DVD player) although it is likely that most of your movies will be from your home region.
So you do agree that it probably isn't a good idea for incoming attackers to have a list of all the user accounts on your machine?
As far as my attack, don't count on it. I don't have time to break into someone else's machines. It is much more challenging to secure a machine as someone breaking in needs only one little opening but someone securing a machine needs to block all entry points.
I agree. Obscurity is one tool in a security admin's toolbox. Anyone who does not agree, please post /etc/password for our review.
Will RIAA attack me if I put mp3 files in the source tree?
(with the permission of the author, performer, their music studio, and Aunt Tillie of course)
I'm 30 and I'm moving my office upstairs soon. :)
I was more of a nerd than a weenie. Weenie sounds to me like a smaller person and I was bigger and stronger than most kids my age.
(the dictionary does not agree with me. It says a weenie is a nerd.)
I need an SSH client please
-- Would you buy a biometric ID system that cost an arm and a leg?
Have we really made any significant, life-improving progress over the Amish? Or have we just turned life into a confusing, fast-paced, journey to nowhere that we will soon be able to complete on our own without the assistance of another human?
Everyone I know either loved them or was completely unaware of them.
Everyone I know that loved them is a successful computer professional now with an excellent understanding of computers, how they work, and what they are capable of.
Was there another high performance multitasking interface that you preferred in 1985?
The term rewrite made me think that you rewrote wu_ftpd rather than wrote your own ftp server.
Writing a web server is pretty easy. Writing a web server that supports activeX components, indexing, etc in a secure fashion is a lot harder.
As far as Linux being simpler, why in the world would I want a web server capable of 3d graphics, neato sound effects, etc. My Linux servers have uptimes of 7 1/2 months. They would have been up the entire year since their install if not for a power problem at our ISP. Simpler is good. Experienced people should have figured that out by now.
I would say that Linux has more tools to work with to secure a system. Whether a specific project is secure or not seems to depend on the programmers for that specific project. Both BIND and wu_ftpd have a history. Unfornately you're probably one of the ones that was using them when they got that history.
I run BIND chroot and on a non-root account. That should offer some extra protection. and I don't run any ftp server. I'm unhappy with the protocol so I use http instead of anonymous ftp and ssh/scp instead of password protected ftp.
Also, while you were rewriting wu_ftpd, IIS was suffering from a multitude of flaws, yet you had no opportunity to rewrite that to fix them.
You failed to mention how you were rooted?
The Apache truck delivered 56.5 % of the units while the IIS truck delivered 30.75% of the units.
No Apache trucks exploded. Many, many, many IIS trucks exploded. IIS Trucks are more dangerous, I believe.
an excellent windowing and multitasking architecture (smooth, not slow and jerky) in 1985. 32 bit hardware at a reasonable price well before that stuff was available for PCs.
Amiga was one incredible PC and way ahead of its time. I'd certainly love an up-to-date model if the new ones can attain the same type of standards as the old ones.
I have always said that someday RIAA will want license fees on that song that keeps running through your head.
I am Henry the Eighth I am, Henry the Eighth I am I am. (Those fees could really add up after a couple of days of that.)
No. Managers are a completely different species from coders. A developer controlled project means that the actual coders make the decision to say it is done and assign the version numbers to it.
(At least in my experience.)
I have never been managed by a former or current coder. My managers have been failed coders that are good at paperwork, marketing personnel, and a manager from another company hired for that purpose.
The reason a lot of useful projects in the open-source world have version numbers less than 1 is because the version numbers are assigned by the developer and a version 1.0 means the developer says it is ready.
By contrast a company releasing a closed source product assigns version numbers to make the customer feel good. A 1.0 assigned by the managers, schedules, timelines, etc means "it is barely functioning but we want to make some money from it now".
/*
USB support sponsored by
KFC - Try the Kernel's special recipe today
Pepsi - The Choice of a GNU Generation
Raid - Kills bugs dead
*/
OK. If the data is sent to you and you can use that data to watch a movie how do you prevent that data from being stored somewhere?
It seems to me the content producers are trying to do the impossible. In this case and in other cases where they try to do copy protection.
Copy protection is the attempt to create something that will send a good signal to a display device but a bad signal to a recording device. Every implementation I have seen to date sends a less than perfect signal to the display device resulting in unwatchability at times.
When it comes right down to it, all you need to do to copy the signal is create a recording device that emulates a display device well enough.
I have 1 DVD that will not play with my current DVD player. My other DVD player had trouble with 2 different DVDs. Macrovision resulted in a distorted picture with the combination of hardware I was using to view VHS.
Is it too much to ask that I be able to view the content I've paid for?
This article is really about why coding on deadlines is insecure. It overlooks developer-controlled projects that are done when they are done.