1. A large fixed-length address (128 bits) should be sufficient for a significant amount of time. You won't catch me saying that "it's all we'll ever need," but it supplies an extremely large number of addresses for each person on the planet.
2. You have just described the Sun RPC portmapper, which has been shown to be a bad idea. You have just advertised what your host offers, and made it extremely difficult (with current firewalling techniques) to allow a given service from the outside, as it may be on any numeric port (assuming you're sane and use default-deny). Besides that, whose headache are you saving? Most users don't know what a port number is, nor do they need to. They run their web browser, put in the hostname, and it goes to the well-known port number for http. Why should I have to explain even a port name to my father?
Besides, given ports are named with strings, on the client side. Check out/etc/services on a UNIX[-like] system, or the equivalent file on Windows (IIRC %SystemRoot%\etc\services or similar). Yes, they're fixed to a well-known port number, but there are good reasons for that.
I think the parent is referring to Linux/PPC, weaselnuts. Some other people are running, say, OpenBSD or Solaris x86 and want native code too. I don't like anything that's not open to be called 'cross-platform.'
Actually, if DCOM was installed (like in some developer or vertical app situations), 9x/ME were (and are) vulnerable to the attack used by Blaster. Fortunately for those otherwise unfortunate souls running such systems, there weren't enough targets around to make it worth the effort to create offsets and shellcode for 9x.
Linus doesn't, weaselnuts, but the 2.0.x kernel is alive and well, maintained by David Weinehall, the 2.2.x kernel is alive and well, being maintained by Marc-Christian Petersen, and the 2.4.x kernels are being maintained by Marcelo Tosatti. The only kernels that Linus maintains are the development kernels. He hasn't handed off 2.6.x yet, AFAIK, since it's not fully cooked and 2.7 hasn't forked. As soon as 2.7 branches, expect to see someone else issuing the 2.6 kernels.
I'm not going to touch the Redhat commentary, but I know there are people still maintaining their own copies by patching and creating new packages. In the open source realm, you don't need a vendor to do it for you. In Win 9x, you do. 'Nuff said.
Dude, the feebs take the backups too. The hax0r may have deleted the evidence which will then only exist on backups, and if the service provider retains them the chain of evidence is broken.
Dude, OSX does not have consistent theming. Apple has been breaking their own rules basically ever since Jef Raskin left, and they started ignoring the Apple Human Interface Guidelines. The base applications have all been changing their look to the newer metallic appearance -- Safari, iTunes, iCal, Finder -- they look entirely different from say, Mail, Xcode or Preview. We won't discuss Photoshop, Dreamweaver, or any other third party software -- don't need to. Apple doesn't use a consistent look for their own software.
You're confusing X11 with the window manager (the desktop environment). Unless you have a horrendously-supported video card, which in an old machine is possible, you're probably trying to run Gnome or KDE on an old box with little memory. Try WindowMaker, or FVWM2 and see how fast it yes. Yes, it's not as pretty.
Now go load IE6 or a current Mozilla on that old Windows box, and compare it to Mozilla on a decently small WM on X11. You should be enlightened.
The key is that the GPL-compatible licenses are those that are more permissive than the GPL. With a revised-BSD license, I can take the code and relicense it - there are no other restrictions on derivative works, so when it's linked with GPL code, it meets the requirements. If I take the original BSD license, with the advertising clause, and link GPL code to it, I've added an additional restriction to the work as a whole. This is explicitly disallowed by the GPL.
Saying that open source software of any kind may be considered an action "that might prevent profiteering," by Microsoft, IBM, Oracle or any number of other companies. If you were to propose a solution that allowed them to reuse existing PCs with newer software (such as *BSD or Linux), it may be considered an action "that might prevent profiteering" by Dell, Gateway, IBM (again) or any number of other companies.
These restrictions do effectively prevent any suggestion of free software, as it may prevent anyone from profiting (except the disadvantaged, of course, but this isn't about them.)
I think that identity verification is required by campaign finance laws. There are limits on each individual's contribution -- they need to at least make a good faith effort to enforce that.
You can't harden a P4 or Athlon (or UltraSPARC IV, or PA-8800, or...) for use in space. The features are too small and the background radiation is too high.
It just requires a little more effort to obtain acceptable performance.
Actually, I think that Steve Gibson cried wolf a little too loud, and isn't taken seriously anymore. That's fine. These specific problems still exist when a desktop is running as root or equivalent.
As to ports below 1024, the protocols that consider that some form of authentication (?) and think that it makes them more secure if they require connections from low ports are broken. Plain and simple. Though, just because of those ancient conventions I do think that MS should prevent regular users from opening low ports... but that's another rant.
Non-root users cannot open raw sockets to craft packets (hence nmap -sS must run as root). Non-root users cannot run the ethernet device in a promiscous mode, allowing sniffing of packets on the wire. Before you say anything about switches preventing you from getting anything interesting by sniffing, I suggest that you take a look at dsniff before showing your ignorance. A non-root user can't open a port below 1024 (Un*x), or add services (Windows), or install a r00tkit on any system, or many other things.
Basically, even on Windows, while a system can be compromised in many ways as a non-root user, it's quite a bit more difficult to hide and there are still some limitations -- the most important (IMNSHO) involving raw sockets.
Sorry. Read the "send the password" as via email, when it does not specifically say, and I've never seen a sales droid who used encrytped or signed email of any kind. Wasn't awake and needed to rant. Please don't take it personally.
That suggestion does violate the laws of several countries, and is less ethical than allowing the company access, assuming the company supplied the email account. It sounds good on the surface, and it does help prevent the company from receiving personal information, but it does not protect the confidential information of the company.
You email passwords? Unencrypted? In the freakin' clear?
Dude... I'm nervous about giving passwords over the phone if I don't know the recipient well. That's trusting a lot of security, including their [the recipient of the password] Outlook Express and virus scanner. Odds are, that email will be saved. Some viruses have forwarded out old emails for fun.
It's an interesting idea, but it's difficult at best. Every mail server out there has a different idea of how to format a bounce message. There are a few that don't bloody include full headers (!). Still, if you could make it work...
I thought that SSE and MMX both had significantly lower precision than standard IEEE floating point ops. If I'm wrong, please correct me, but if it is lower precision, it makes it useless for Real Work(tm).
Slashdot Mirror
2. You have just described the Sun RPC portmapper, which has been shown to be a bad idea. You have just advertised what your host offers, and made it extremely difficult (with current firewalling techniques) to allow a given service from the outside, as it may be on any numeric port (assuming you're sane and use default-deny). Besides that, whose headache are you saving? Most users don't know what a port number is, nor do they need to. They run their web browser, put in the hostname, and it goes to the well-known port number for http. Why should I have to explain even a port name to my father?
Besides, given ports are named with strings, on the client side. Check out /etc/services on a UNIX[-like] system, or the equivalent file on Windows (IIRC %SystemRoot%\etc\services or similar). Yes, they're fixed to a well-known port number, but there are good reasons for that.
I think the parent is referring to Linux/PPC, weaselnuts. Some other people are running, say, OpenBSD or Solaris x86 and want native code too. I don't like anything that's not open to be called 'cross-platform.'
Actually, if DCOM was installed (like in some developer or vertical app situations), 9x/ME were (and are) vulnerable to the attack used by Blaster. Fortunately for those otherwise unfortunate souls running such systems, there weren't enough targets around to make it worth the effort to create offsets and shellcode for 9x.
Linus doesn't, weaselnuts, but the 2.0.x kernel is alive and well, maintained by David Weinehall, the 2.2.x kernel is alive and well, being maintained by Marc-Christian Petersen, and the 2.4.x kernels are being maintained by Marcelo Tosatti. The only kernels that Linus maintains are the development kernels. He hasn't handed off 2.6.x yet, AFAIK, since it's not fully cooked and 2.7 hasn't forked. As soon as 2.7 branches, expect to see someone else issuing the 2.6 kernels. I'm not going to touch the Redhat commentary, but I know there are people still maintaining their own copies by patching and creating new packages. In the open source realm, you don't need a vendor to do it for you. In Win 9x, you do. 'Nuff said.
Dude, the feebs take the backups too. The hax0r may have deleted the evidence which will then only exist on backups, and if the service provider retains them the chain of evidence is broken.
Only if you ground it.
Dude, OSX does not have consistent theming. Apple has been breaking their own rules basically ever since Jef Raskin left, and they started ignoring the Apple Human Interface Guidelines. The base applications have all been changing their look to the newer metallic appearance -- Safari, iTunes, iCal, Finder -- they look entirely different from say, Mail, Xcode or Preview. We won't discuss Photoshop, Dreamweaver, or any other third party software -- don't need to. Apple doesn't use a consistent look for their own software.
Now go load IE6 or a current Mozilla on that old Windows box, and compare it to Mozilla on a decently small WM on X11. You should be enlightened.
I believe that you missed the distinct aroma of sarcasm.
'Course, it drew a couple hundred watts to do it, and had a bear of a bus to design a board around. Yeah, it was fast. No, it wasn't perfect.
These restrictions do effectively prevent any suggestion of free software, as it may prevent anyone from profiting (except the disadvantaged, of course, but this isn't about them.)
I think that identity verification is required by campaign finance laws. There are limits on each individual's contribution -- they need to at least make a good faith effort to enforce that.
It just requires a little more effort to obtain acceptable performance.
As to ports below 1024, the protocols that consider that some form of authentication (?) and think that it makes them more secure if they require connections from low ports are broken. Plain and simple. Though, just because of those ancient conventions I do think that MS should prevent regular users from opening low ports... but that's another rant.
Non-root users cannot open raw sockets to craft packets (hence nmap -sS must run as root). Non-root users cannot run the ethernet device in a promiscous mode, allowing sniffing of packets on the wire. Before you say anything about switches preventing you from getting anything interesting by sniffing, I suggest that you take a look at dsniff before showing your ignorance. A non-root user can't open a port below 1024 (Un*x), or add services (Windows), or install a r00tkit on any system, or many other things.
Basically, even on Windows, while a system can be compromised in many ways as a non-root user, it's quite a bit more difficult to hide and there are still some limitations -- the most important (IMNSHO) involving raw sockets.
</rant>
Sorry. Read the "send the password" as via email, when it does not specifically say, and I've never seen a sales droid who used encrytped or signed email of any kind. Wasn't awake and needed to rant. Please don't take it personally.
-Josh
That suggestion does violate the laws of several countries, and is less ethical than allowing the company access, assuming the company supplied the email account. It sounds good on the surface, and it does help prevent the company from receiving personal information, but it does not protect the confidential information of the company.
You email passwords? Unencrypted? In the freakin' clear?
Dude... I'm nervous about giving passwords over the phone if I don't know the recipient well. That's trusting a lot of security, including their [the recipient of the password] Outlook Express and virus scanner. Odds are, that email will be saved. Some viruses have forwarded out old emails for fun.
Are you still a sysadmin?
StarTech may have what you're looking for. DVI, USB, dual-display (analog), etc.
This has not been a paid advertisement for any company.
It's an interesting idea, but it's difficult at best. Every mail server out there has a different idea of how to format a bounce message. There are a few that don't bloody include full headers (!). Still, if you could make it work...
I thought that SSE and MMX both had significantly lower precision than standard IEEE floating point ops. If I'm wrong, please correct me, but if it is lower precision, it makes it useless for Real Work(tm).
All older than C, and all built on pre-ASCII systems originally. Punch cards don't have lowercase.
If I remember correctly, in Java (and many other languages) the class name itself is an identifier or variable. That's certainly true in Python.