Slashdot Mirror

← Back to Users

User: Shiny+Metal+S.

Shiny+Metal+S.'s activity in the archive.

Stories
0
Comments
274
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 274

  1. Re:Where are the real physics engines? on 7 Years of 3D Graphics · · Score: 2
    The processor itself would likely be a little specialized to handle (x,y,z,vx,vy,vz) style location/speed vectors and the such.
    Well, I don't think it would be easy to store the exact values of x,y,z, and vx,vy,vz. This processor would need lots of qubits, I'm affraid, and could be very expensive.
  2. Re:Dumb security question on Bug in zlib Affects Many Linux Programs · · Score: 2
    How feasible would it be for someone to take a computer and have it do nothing but pattern-matching through all the source code in a typical Linux distribution, looking specifically for problem areas like these?
    Short answer: That's not so easy.

    For longer answer, read this:

    Very good texts. You can use something like Stack Shield. It "integrates with GCC and basically adds a little bit of code that checks the return address of a function and makes sure it is within the correct limits, if it isn't you can have the program exit." My advice would be to not use C/C++ for secure setuid programs, unless you really have to use C/C++ and you really understand what's going on in your program on the very low level.
  3. Re:My perl is not as grand as it once was... on 16th IOCCC Winners Announced · · Score: 2
    ...but I do not think that perl is the "Write Once, Read Nowhere" langue you make it out to be ^_^
    My post was actually a joke (I'm surprised that someone has moderated it as Troll! If that moderator thought I don't like Perl, he/she obviously hasn't read my code...) and this was a parody for Java's "write once, run everywhere".
    Just for a little fun, I thought I'd try out my rusting perl tricks and unroll your silly script.
    You're a first person I know about, who was ever interested in understanding this code. This is my original, clean version:
    $c = 'plfeY04jaJnYI';
    $s = substr $c, 0, 2;
    for $l (1..8) {
    for ('a' x $l .. 'z' x $l){
    if($c eq crypt($_, $s)) {
    print "$_.$s\n";
    exit;
    }
    }
    }
    I'm amazed, that your code is almost identical, congratulations! I like this program, because looking at it (the clean version) it's impossible to know how long it would take to get the result. For example your domain voila.fr would be written if $c was frmHZ0u6Ne2HQ but it takes about an hour to crack on my machine, while my domain in plfeY04jaJnYI is cracked in only 4 seconds. It would take over 2 years and 7 months to crack this xxFHuIaD7CdpI, which is the worst case, zzzzzzzz, the last key guessed by my program. So, the average time for guessing random keys (containing 1 to 8 lowercase letters) is over one year!

    If you want to see a really good password cracking program, check out Alec Muffett's great and famous Crack. It's really great, especially when you have good dictionaries. If you want to check if your password is easily cracked by Crack, you can use Alec Muffett's CrackLib. Check out my online Password-Guessability-O-Meter, I wrote it some time ago to demonstrate to one of my clients how does the CrackLib work. You just enter your desired password, and it tells you if (and why) it is easy to guess, using English, Polish, Czech, French and Latin dictionaries.

    I use CrackLib for online registrations CGI scripts etc. so users can't have silly and easy to guess passwords. It can also be used with passwd program. Great library, and easy to use (there's Crypt::Cracklib Perl interface), but may be quite difficult to set up for the first time.

    Not very difficile, Mister shiny@rfl.pl, but I shall compliment you for at least trying to obfuscate with the silly "q//" perl operateur ^_^
    Thanks. :) I like it too. That's the most recent obfuscation, if I remember correctly. When I started to experiment with q// using q,x, and q.x. and q;x; etc. I was even trying to use something like this:
    $q=q,p,.q,l,.q,f,.q,e,.q,Y,.q,0,.q,4,.q,j,.q,a,.q, J,.q,n,.q,Y,.q,I,;
    (in one line and with no spaces) but it looks terrible, as you can see.
    The "if" statement is another ruse; suffixed "if" is in fact called before the condition of the "if" statement, and he uses this to initialise $q apparently after it's been first used. The above code is in fact equal to this:
    $q = 'plfeY04jaJnYI';
    $x = substr $q, 0, 2;
    Yes, this is exactly the original code, and this is exactly the way I was thinking. You're very good. :)
    And it makes itself apparent that $q is the crypt hash (henceforth called $crypt) and $x is the salt ($salt).
    The original variables were $c and $s, I changed them to $q and $x for easy mistakes with q// quoting and x repetition operator.
    for (++$_..$_<<3){...}

    Now you are just being silly :-) $_ is not used yet and thus is 0, and ++0 is of course 1. 1<<3 is 8.

    :) 1..8 looked just to clear and simple... And that way I have 3 independent values of $_ variable (i.e. the original global $::_ is two times localized) in 3 nested scopes (main program, outer loop and inner loop), which makes it more interesting.
    for($i = 1; $i <= 8; ++$i) {...}

    Which not only looks simpler, but runs faster too ^_^

    Actually in newer versions of Perl, the foreach loop is faster than the C-style for loop. See perlop manpage: Range Operators and perlsyn manpage: Foreach Loops.

    I just run this benchmark:

    #!/usr/bin/perl -w

    use Benchmark;

    sub s1{ for ($i = 1; $i <= 1_000_000; ++$i) { } }
    sub s2{ for (1 .. 1_000_000) { } }

    $t1 = timestr timeit 100, \
    $t2 = timestr timeit 100, \

    print "1. $t1\n2. $t2\n";
    and with Perl 5.6.1 I got this results:
    1. 103 wallclock secs (87.77 usr + 0.15 sys = 87.92 CPU) @ 1.14/s (n=100)
    2. 60 wallclock secs (51.93 usr + 0.04 sys = 51.97 CPU) @ 1.92/s (n=100)

    But in my code this loop has only eight iterations, where the 8th one takes two years, so the loop control overhead itself doesn't really matter here. The inner loop is more important but crack() function takes most of the time, anyway.

    Older versions of Perl (I don't know which exactly) created a temporary array for the range operator in foreach loop, so the code like:

    for (1 .. 1_000_000_000) { ... }
    could easily take all of the memory, but now it's fixed. Fortunately, it doesn't create a temporary array any more, and it's highly optimized, so it's safe to use it now for large ranges.
    The "and die" bit just is taking advantage of the short-circuit boolean operateur système. The "die" only is executing when $crypt (the origin hash) and the encrypted form of the current guess are equal, in which case the key has been found and we quit ^_^ I changed it to a nicer looking "print" statement for further clairitie.
    Yes, there were print and exit in the original version. You have exactly reconstructed my way of thinking. Well done. :)

    I think you're very good, really. Most of people have no idea how to analyze such obfuscated code. Actually I'm quite disappointed that decrypting my code was so easy for you... :)

    I'll tell you why and how I wrote this program. I was inspired by this code:

    #!/usr/bin/perl
    @a=(Lbzjoftt,Inqbujfodf,
    Hvcsjt); $b="Lbssz Wbmm"
    ;$b =~ y/b-z/a-z/ ; $c =
    " Tif ". @a ." hsfbu wj"
    ."suvft pg b qsphsbnnfs"
    . ":\n";$c =~y/b-y/a-z/;
    print"\n\n$c ";for($i=0;
    $i<@a; $i++) { $a[$i] =~
    y/b-y/a-z/;if($a[$i]eq$a
    [-1]){print"and $a[$i]."
    ;}else{ print"$a[$i], ";
    }}print"\n\t\t--$b\n\n";
    and few JAPH signatures. I wanted to write a small program, that it would be impossible to tell what it writes, until you run it. Most of such programs are very obfuscated but after enough work you can usually find the printed message, without running them. So I thought that the message could be ciphered using some one-way alghoritm, like crypt(3) or MD5, and the code would just brute-force crack it. That way it's really impossible to tell what the message is, until you run the code. The code itself only cracks, but doesn't know what is being cracked and when it finishes. Using crypt(3) had this advantage, that it has 2-character salt, which can act as country code in domain name.

    So I wrote the first working version and started to make it as small as possible. Originally it didn't have to be obfuscated, just small. This is the smallest version I've written so far:

    $c='plfeY04jaJnYI';$s=substr$c,0,
    2;for(1..8){for('a'x$_..'z'x$_){
    die"$_.$s\n"if crypt($_,$s)eq$c}}
    with 98 characters. But today I shrinked it some more, to 93 characters:
    $c='plfeY04jaJnYI';$s=substr$c,
    0,2;for(1..8){$c eq crypt$_,$s
    and die"$_.$s"for'a'x$_..'z'x$_}
    and few minutes ago (while I write this comment!) I found a better idea and wrote this:
    $c='plfeY04jaJnYI';$s=substr$c,0,2;$k=
    'a';$k++while$c ne crypt$k,$s;die"$k.$s";
    which having only 79 characters is my record so far (thanks to Perl's magical auto-increment operator) and finally fits in one line!
    Hopefully that wasn't too difficile to follow, my english is not perfect.
    Your english is OK, don't worry. Actually, I like the way you use French spelling for some words, like difficile. It's like a French accent in written text, very nice in my opinion.
    Just remember, Mr. shiny@rfl.pl, no langue is completely impenetrable (except perhaps Intercal, but that's a small bit pathological :-)
    Good point. :) I wonder if these guys tried Intercal when proving the impossibility of obfuscating programs... I personally like Unlambda and Brainf***.

    This Unlambda program "calculates and prints the Fibonacci numbers (as lines of asterisks)":

    ```s``s``sii`ki
    `k.*``s``s`ks
    ``s`k`s`ks``s``s`ks``s`k`s`kr``s`k`sikk
    `k``s`ksk

    I wanted to show a Hello world example of Brainf***, but I got this error:

    Lameness filter encountered. Post aborted!
    Reason: Please use fewer 'junk' characters.
    Visit Esoteric Topics in Computer Programming, great stuff if you want to go mad.

    You like Perl, so if you know Inline::C and Inline::CPR (if you don't, read Pathologically Polluting Perl by Brian Ingerson) you may enjoy understanding this code:

    #!/usr/bin/cpr
    int main(void) {
    CPR_eval("use Inline (C => q{
    char* greet() {
    return \"Hello world\";
    }
    })");
    printf("%s, I'm running under Perl version %s\n",
    CPR_eval("&greet"),
    CPR_eval("use Config; $Config{version}"));
    return 0;
    }
    It's great, once you really understand it.

    Are you up to date with Perl 6 development? It's going to be great and extremely powerful language. Read Larry Wall's Apocalypses and Damian Conway's Exegeses if you're interested:

    It's my favorite language already, and it's not even fully designed yet.
  4. Re:Obfuscated code contests? on 16th IOCCC Winners Announced · · Score: 2, Funny
    I'll admit I don't know much about computer science, but I do know that it's important to keep your code clear, well-documented and easy to understand.

    Well, unfortunately it's not always that simple. Let's take the Shiny Metal Brute Force Crypt Cracker v3.1.9 as an example. It can crack every single password encrypted with crypt(3) containing 1 to 8 lowercase latin letters. It uses a sophisticated cryptoanalysis method, which scientists call the "Brute Force". Its main purpose is to hide domain of my electronic-mail address from spammers (see my bio). Here's the source code:

    #!/usr/bin/perl
    #
    # Shiny Metal Brute Force Crypt Cracker v3.1.9
    #
    # Copyright (C) 2001,2002 shiny@key.salt (shiny@output)
    # http://slashdot.org/~Shiny+Metal+S./
    #
    # This program is free software; you can redistribute it and/or
    # modify it under the terms of the GNU General Public License
    # as published by the Free Software Foundation; either version 2
    # of the License, or (at your option) any later version.
    #
    # This program is distributed in the hope that it will be useful,
    # but WITHOUT ANY WARRANTY; without even the implied warranty of
    # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    # GNU General Public License for more details.
    #
    # You should have received a copy of the GNU General
    # Public License along with this program;
    # if not, write to the Free Software Foundation, Inc.,
    # 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
    #
    $x=substr$q,q,0,,q,2,if$q=q,plfeY04jaJnYI,;for
    (++$_..$_<<3){qq,$q,eq crypt$_,$x and die
    qq,$_.$x,for q,a,x$_..q,z,x$_}

    As you can clearly see, the main algorithm used in this program (in the main loop) is able to always find every password (from the 1-8 lowercase latin characters set) but what does it mean? I had to use strong cryptography, because otherwise my electronic-mail address could be harvested by spambots (and therefore be used to perform unsolicited commercial mass mailing), but it also means, that this algorithm could be used to crack passwords from your /etc/passwd (or even from /etc/shadow), which usually contain passwords encrypted with crypt(3) and this could compromise the whole system security (imagine hackers having unlimited access to your PC). It's a very dangerous problem. Most of password cracking tools use the, so called, "Dictionary Method" to guess passwords, which mean that you're safe as long as you have a password like "wmctsbvg" or "obwhdrle" or even "awxolfrk", but this program will guess such passwords. My point is, that it can be to dangerous to publish a clear and well documented source code to such a dangerous tool. It could be used by one of many underground hacker groups, like the famous Script Kiddies, who don't even care that reverse engineering of this code is illegal under the DMCA. Fortunately, this program was written in Perl, which was found to be the only language, with mathematically proved possibility of secure one-way obfuscating (also known as WOL - "write only language", or WORN paradigm - "write once - read never"), so it is impossible to reverse engineer. The situation will be even improved when Perl 6 is released (read Apocalypse I, Apocalypse II, Exegesis II, Apocalypse III, Exegesis III and Apocalypse IV for a good introduction to this subject). That way, people can still use crypt(3) to encrypt their passwords, with no fear that hackers know how to crack them, the crypt(3) encryption method is as secure as before. When this program will be rewriten in Perl 6, the crypt(3) method will be actually even more secure than before, thanks to the strong source code obfuscation method. I hope I explained where the obfuscated code can be useful, but this is only one example, I'm sure there are many places where the good old obfuscation will be priceless for many decades. If you have any additional questions, feel free to contact me.

  5. Re:Sun just wants a handout on Sun Files Suit Against Microsoft for Anti-Trust Violations · · Score: 2
    If you think Sun is doing any of this for the good of the public you should stop watching the Teletubbies.
    This is obvious, Sun would probably act exacltly the same as Microsoft if they had the monopoly. I don't use Solaris for the same reason I don't use Windows. But we have to ask ourselves a question: whose victory would be better for the public now?
  6. Re:Security is never free on Designing a More User-Friendly DRM · · Score: 3, Insightful
    It would be even more amusing to harness the collective power of the open source community to simplify this task. Create an online repository for text, divided up and numbered by page. Have 50 or so people buy the ebook, and let them "sign up" for 10 pages each. Their responsibility would be to copy their assigned pages into plain text, then upload the result to the repository. With a coordinated effort like this, an entire ebook could be replicated in under 30 minutes :)
    Actually, it's not only a great anti-DMCA pirate illegal hacker circumvention mechanism, it could be really useful for books, for which the copyright protection period has already expired. Something like Wikipedia of books. Well, not exactly like Wikipedia, because there would be original books, not anything new. Actually, it would not be like Wikipedia at all... :) But the spirit would be similar, i.e. to provide free knowledge to everyone. If there is such a project, I will help for sure.
    Uh oh, I'd better shut up before they arrest me for discussing a circumvention method...
    Yeah! It would be a great and unbreakeable digital rights management method, but no, thanks to pirates and hackers like you, it's already cracked! We should put such evil geniuses like you into jail! Maybe then I could sleep without worrying that cruel pirates are stealing my intellectual property. After all, if they steal my entire intellectual property, I won't be intelligent any more!

    This reminds me the Copyrighting fire by Ian Clarke:

    I was in the pub last night, and a guy asked me for a light for his cigarette. I suddenly realised that there was a demand here and money to be made, and so I agreed to light his cigarette for 10 pence, but I didn't actually give him a light, I sold him a license to burn his cigarette. My fire-license restricted him from giving the light to anybody else, after all, that fire was my property. He was drunk, and dismissing me as a loony, but accepted my fire (and by implication the licence which governed its use) anyway. Of course in a matter of minutes I noticed a friend of his asking him for a light and to my outrage he gave his cigarette to his friend and pirated my fire! I was furious, I started to make my way over to that side of the bar but to my added horror his friend then started to light other people's cigarettes left, right, and centre! Before long that whole side of the bar was enjoying MY fire without paying me anything. Enraged I went from person to person grabbing their cigarettes from their hands, throwing them to the ground, and stamping on them. Strangely the door staff exhibited no respect for my property rights as they threw me out the door.
    Great text. There's much more of good stuff on the GNU Philosophy website. One of my favorite copyright-related texts from the GNU Philosophy is The Right to Read by Richard Stallman. It sounded funny and silly for many people when it was published over five years ago, now it's more actual and terrifying than ever before. It's something which everyone should read before starting any discussion about e-books and DRM.
  7. Re:Car door locks on Designing a More User-Friendly DRM · · Score: 2
    I was thinking it would be funny to suggest someone start work on an open-source, GPL'd DRM scheme.
    :) That's the best idea I've ever heard about DRM!
    Luckily I checked SourceForge first, because there already is such seemingly contradictory work going on.
    There is, really? What's the name of this project? We should promote it!

    OK, I searched SourceForge and I found something, csrdrm.sf.net. Is that what you were talking about?

    The DRM option for C Spot Run is an external library with decompression and decryption. If you were refered here by C Spot Run then you are missing a module of the form csrdrmXX.prc where the XX is some number and letter combination.

    The csrdrm project on sf.net:

    Project: C Spot Run Digital Right Management
    Digital Rights Management example library for C Spot Run.
    Foundry Member: :Handheld Foundry
    • Development Status: 5 - Production/Stable
    • Environment: Other Environment
    • Intended Audience: Developers, End Users/Desktop
    • License: zlib/libpng License
    • Operating System: PalmOS
    • Programming Language: Assembly, C
    • Topic: Cryptography
    Project UNIX name: csrdrm
    Registered: 2002-01-15 21:13
    Activity Percentile (last week): 0%
    Looks interesting, I think. Is it only used on Palm?
  8. Re:Car door locks on Designing a More User-Friendly DRM · · Score: 2
    As much as I oppose the idea of DRM, I believe it's the only barrier in the way of releasing more information in digital form. Sure, some may say e-books and the like will never replace their dead-tree counterparts, but I can think of a few times in which they'd be useful.
    First of all with "e-books" (i.e. with text which you don't control) there's no much advantage over the paper version. I can do more with the paper version.
    Take technical books/papers - how cool would it be to just "grep" the doc for the keywords you want instead of hoping they are in the index? Remember a vague passage from a novel you read? Just enter what you recall and we'll search the text for you. The possibilities can be endless.
    Forget about grep or textutils, they will never be digital "rights" management friendly. Oh, you meen what Adobe will give you to process the text you read?
    The only bad thing about this implementation is what happens when/if "MightyWords" goes away? How will I be able to unlock my e-docs if I need to move them to another computer and my software can't contact them? Or, perhaps I am trying to read it on a device temporarily without internet access - then what?
    Then you have a bad luck, because with digital "rights" management you don't have digital rights.
  9. Re:Security is never free on Designing a More User-Friendly DRM · · Score: 2
    DRM is inherently user-unfriendly, because it exists to prevent the user from doing some things.
    You're right. And we have to remember that when I want to "pirate" a book for a large scale, I will always be able to copy it manually. It's much easier than with music or films, because everyone who can use a text editor, type writer or a pencil will always be able to make a copy-friendly version. And there's only need for one such version of every book. (It reminds me a story about a young pirate named Mozart.) To much work? I've already seen hundreds of such books in BBS's ten years ago. Copy-"protecting" books makes no sense. Are these fanatics planning to make the pencil illegal? Because that's the only way to have working digital "rights" management for books. (And by "working" I mean that only criminals will be able to copy, because they always will.)

    By the way, have you noticed the opposite meaning of words in such terms like copy-"protection" or digital "rights" management, etc.? Does it remind you something? Like the Ministry of Truth? Yes, I linked to Adobe eBook version of George Orwell's 1984, how ironic... "THIS TITLE IS NOT TEXT-TO-SPEECH COMPATIBLE"

    To be more optimistic, I'm just reading "Secure Programming for Linux and Unix", a great book released under the GNU Free Documentation License. Fortunately, not everyone is a copy-"protection" freak yet.

  10. K12 Linux Terminal Server Project Movie on Alan Cox: The Battle for the Desktop · · Score: 2
    Users don't want to have to deal with hardware issues, they want their computer to work like their phone. Plug it in, and it works - it just works.

    Perhaps what Alan was unconsciously advocating was the promotion of terminal services like those being developed by LTSP [...]

    On the K12 Linux Terminal Server Project website, on the Terminal Hardware Information page, there's a quite funny movie (Real Video: streaming/direct link, 5MB), showing how easy it is to build a terminal. "Before you get started watch one of our students show you how easy it is to build your own diskless workstation!"

    People are usually amazed when I show them this movie, especially when I say that, yes, you don't have to install any software, you just build it and plug it to the working network. People are used to situation where when you want to add 20 new computers to your office, it's a work for few days, not to mention licensing for the software plus the price of the hardware.

    I use this movie in my LTSP propaganda.

  11. And what when you win? on To The Pain · · Score: 4, Funny
    delivers a dose of pain to your left hand in the form of heat, punches or electroshock, when you mess up.
    Does it also do what I think when you win?
  12. Caricatures on The Mouse That Ate the Public Domain · · Score: 2
    In reality, they could probably keep this from happening with trademarks.
    What about caricatures? How does it relate to trademark and copyright law?
  13. Pay-per-view, pay-per-use, micropayments, etc. on More on MPEG4 · · Score: 5, Interesting
    Buncha bullcrap. I'm tired of this crap that tries to wring money out of you for time spent doing something. Subscription software, pay-per-minute viewing/listening, and the like.
    This pay-per-view crap won't work, for the same reason as other micropayment ideas. See The Case Against Micropayments, my emphasis:
    (...)

    Micropayment systems have not failed because of poor implementation; they have failed because they are a bad idea. Furthermore, since their weakness is systemic, they will continue to fail in the future.

    Proponents of micropayments often argue that the real world demonstrates user acceptance: Micropayments are used in a number of household utilities such as electricity, gas, and most germanely telecom services like long distance.

    These arguments run aground on the historical record. There have been a number of attempts to implement micropayments, and they have not caught on in even in a modest fashion - a partial list of floundering or failed systems includes FirstVirtual, Cybercoin, Millicent, Digicash, Internet Dollar, Pay2See, MicroMint and Cybercent. If there was going to be broad user support, we would have seen some glimmer of it by now.

    Furthermore, businesses like the gas company and the phone company that use micropayments offline share one characteristic: They are all monopolies or cartels. In situations where there is real competition, providers are usually forced to drop "pay as you go" schemes in response to user preference, because if they don't, anyone who can offer flat-rate pricing becomes the market leader. (See sidebar: "Simplicity in pricing.")

    Why have micropayments failed? There's a short answer and a long one. The short answer captures micropayment's fatal weakness; the long one just provides additional detail.

    The Short Answer for Why Micropayments Fail

    Users hate them.

    (...)

    Read the rest of this article, very good stuff. I won't ever use pay-per-view and any other micropayments. For the same reason as I prefer a flat fee for my DSL instead of pay-per-use fee for every email I send or every website I visit, etc.
  14. Why boycott? Promote! on Abusing the GPL? · · Score: 2
    Doing this would be a sure-fire way to royally anger every sane-minded person out there. No legal action possible, of course, but a lot of ill-will, screams, flames and gnashing of teeth, especially if said GPL'd code includes volunteer work (which you seem to imply). Boycott of the company's product seems a logical conclusion.
    Why boycott? Maybe it will be a good product, after all. If it is, I'll buy one copy and offer it for download from my website, Sourceforge mirror, Freshmeat, lots of ftp mirrors all over the World, as well as burn few CDs, and offer them for the price of blank CDR, or maybe even send them to customers of that comany, etc. You know, I like to help free software projects, like this one.
  15. Re:It's a GPL violation, and more on Abusing the GPL? · · Score: 2
    But there are simpler remedies than legal ones. If the free software developer community hears about a product using obfuscated code to circumvent the GPL, they will retaliate by creating a non-obfuscated version and using it to compete with your company's product.
    Even if that company releasing their code under the GPL would legally and technically make the code perfectly obfuscated (which of course is impossible, as even the IOCCC winning entries are not even near that goal) they have to tell their customers, that they can legally copy and resell it however they want. I don't think that company would love such an idea...
  16. Re:If you like Sorceror, try Gentoo! on Sorcerer Review, and News of Impending Doom · · Score: 3, Informative
    If you want a distro where everything is compiled explicitly for your hardware for blistering fast speed, you should check out Gentoo.
    Or Debian source packages for that meter. But I have yet to see blistering fast speed caused by only a local compilation.
  17. Re:My new (?) idea of /. mirroring on The Incredible Invisible Case · · Score: 2
    Most site operators wouldn't have a clue how to redirect requests for images even if they did have a clue what the slashdot effect was. But I think you have a great idea that could help actual geeks with smaller sites.
    It would be used only by few webmasters, by those who really need it (and can do it) so the traffic won't be high. Maybe the poll would show interesting results?
  18. Re:Better still on The Incredible Invisible Case · · Score: 2
    Take out the middle-man and point the story's links straight to the Slashdot mirror (with permission, of course).
    From the FAQ:
    Slashdot should cache pages to prevent the Slashdot Effect!

    Sure, it's a great idea, but it has a lot of implications. For example, commercial sites rely on their banner ads to generate revenue. If I cache one of their pages, this will mess with their statistics, and mess with their banner ads. In other words, this will piss them off.

    Of course, most of the time, the commercial sites that actually have income from banner ads easily withstand the Slashdot Effect. So perhaps we could draw the line at sites that don't have ads. They are, after all, much more likely to buckle under the pressure of all those unexpected hits. But what happens if I cache the site, and they update themselves? Once again, I'm transmitting data that I shouldn't be, only this time my cache is out of date!

    I could try asking permission, but do you want to wait 6 hours for a cool breaking story while we wait for permission to link someone?

    So the quick answer is: "Sure, caching would be neat." It would make things a lot easier when servers go down, but it's a complicated issue that would need to be thought through in great detail before being implemented.

    With my ideas, I was trying to solve those problems.
  19. Re:My new (?) idea of /. mirroring on The Incredible Invisible Case · · Score: 2
    1) It would greatly increase the bandwidth cost to Slashdot.
    First of all, chached story or few pictures won't be much compared to all the text traffic of /. comments. And remember that most of webmaster of linked articles wouldn't even use it, so it would be maybe 1% more traffic, not much. Still, even if it would be 10% (which I doubt) it would increase /. service quality after all. What's the point of commenting stories if I can't read the linked article?
    Also, the setup for a story would be a lot more complicated than it is now.
    Not at all. Slashdot would have to unblock cache for sub-URIs (subdirectories of URIs) of links in stories for some period of time (constant or maybe related to internal Slashdot traffic related to the story). Once done, everything would go automagically.
    2) Slashdot could\would put banner ads on each of the pages.
    I was thinking mostly about caching statical images, not the whole pages, to address issues from the FAQ.
  20. Re:My new (?) idea of /. mirroring on The Incredible Invisible Case · · Score: 2
    Make it for more than 6 hours, as there a lot of /. readers from elsewere in the world, on timezones more than 6 hours away.
    Good point. In fact, I am a /. reader from elsewere in the world. :) I'm in CET timezone (GMT+0100).
    I'd say at least 24 hours, or even 48 hours.
    48 hours sounds reasonable for me.
  21. Re:images slashdotted already... on The Incredible Invisible Case · · Score: 2
    Actually it's here: file://127.0.0.1/dev/zero

    It loads quite long, however, probably because of /. effect, but it's very large and very invisible indeed...

  22. My new (?) idea of /. mirroring on The Incredible Invisible Case · · Score: 5, Interesting
    Every time someone posts intelligently regarding Slashdot implementing some sort of mirror system, it always gets modded up.
    Here's what I would suggest to do, this solution would address every /. concern:

    I got email, saying that link to my site (http://site/) is going to be posted on Slashdot in half an hour. For the time of slashdotting I add this to my httpd.conf:

    Redirect /img/ http://slashdot.org/cache.pl?url=http://site/img/

    so when someone wants http://site/img/image10.jpeg, she/he would be 302 redirected to http://slashdot.org/cache.pl?url=http://site/img/i mage10.jpeg and would got this image from Slashdot cache. I could even set it up so only queries with http://slashdot.org/* Referrer header would be redirected, or alternatively, someone could just change the URIs in <a href="..."> links in the HTML if the webmaster don't have access to webserver config. But the point is that this way the cache would be served only for explicit wish of the webmaster and also only for those images which are not the ads, banners, counters, etc. if the webmaster wants so.

    It could be also used for HTML but the large images are probably the main reason of killing banwidth on sites, like in this story, with many high quality pictures of cool hardware (I suppose that there are many high quality pictures of cool hardware but I can't access it). The cache could work for, say, 6 hours and would serve only files in subdirectories of linked URIs to avoid any abuse.

    What do you think?

  23. Re:Flash is annoying more often than not on Macromedia Pushes Flash For All Things Web · · Score: 2
    When it's unusable with no graphics or with no Javascript, it means that these people who made it probably don't know what the Web is all about.
    No, it just means that dorks like you aren't a big part of the target audience.
    That's true and it only validates my argument. Targeting the whole audience is exactly what the Web is all about, this includes dorks like me, dorks like you, people with old hardware, people with disabilities and everyone else. Internet is not a next generation of TV where you can forget about 10% of population, as long as 90% have seen your ads and are going to buy your junk. We have the age of information, and it's about a free flow of that information where everyone can publish and everyone can read. It doesn't meter if people with Braille terminals are only a small fraction of my audience, because they have exactly the same right to read as you or me, that's why I put effort to fight for that right. No one would ever have any technical problems to reach every information on the Web, without such ignorance like yours. I can only feel sorry for you, not because you are so proud of being part of the majority in pop-cultural society of consumers, "a big part of the target audience", but because you seem to not understand that at all.
  24. Re:When You Have A Hammer... on Macromedia Pushes Flash For All Things Web · · Score: 2

    That doesn't mean I have to buy it. Web developers that do are just asking to have their site ignored. If a page takes more than a few seconds to load, and there is an alternative (and there usually is) I hit "back".

    What those flashy webmasters seem to not understand is that we don't have faster Internet connections to be able to download more animations while we wait five minutes for the page to load, but to not have to wait those five minutes in the first place and have the website downloaded and rendered after one second so we could read the content faster. Content... But people don't focus on content any more. Today webmasters no longer learn from Debian.org. They learn from things like DREW AND MIKE'S SUPER COOL FLASH WEB SITE.

  25. Re:Flash is annoying more often than not on Macromedia Pushes Flash For All Things Web · · Score: 2
    Any site that requires you to have flash usually isn't worth visiting.
    Any site that requires you to have anything more than just any browser usually isn't worth visiting. If I want to check if a website is done by professionals, I try to access it with Lynx. When it's unusable with no graphics or with no Javascript, it means that these people who made it probably don't know what the Web is all about.