You trust all your software to not try to bind to port 25 and steal your mail? Or to port 80 and deface your web site? Frankly, yes. If I can't trust a Listen 80 statement in Apache, who can I trust. Plus, if something's already bound there, other things can't bind. My system boots, it starts Apache and Postfix - nothing else can bind to those ports. Also, I don't generally run software I can't "trust".
It's also really stupid in this day and age that you need to be root to bind to <1024. There's just NO need for that any more that I can see. Can we get a compile time kernel option? <*> Require root to bind to ports below 1024.
I'd untick it in a flash.
Can someone elaborate on its usefulness? I don't find it as useful for domain names. But you can look up ASes, Handles, and IP addresses among two other things.
Can we not (we being the non-MS using, slightly knowledgeable IT crowd) start some sort of *nix Certificate Services? If everyone on the Net used IPSec, with certificates as authentication (preferably that weren't compatible with Windows), we could have a "secure" net, and a non-secure one. FreeSWAN with their try-and-look-up-keys-in-DNS or something.
My machine will talk to your machine, only if you've got one of these certificates.
Why do I need to have Javascript enabled to click on the Veropedia link in the top left to return to / ?
It's just annoying. Same as Wordpress: http://teapot.ekynoxe.com/
There is no earthly reason for needing Javascript for that. Dynamic, client-side stuff, sure.
That's a nice website you've got there. It'd be a shame if anything... Oh, wait, it has.
Warning: Unknown: open_basedir restriction in effect. File(/home/kweilo/public_html/index.html) is not within the allowed path(s): (/home/chex-uk/:/usr/lib/php:/usr/local/lib/php:/tmp) in Unknown on line 0
Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0
Fatal error: Unknown: Failed opening required '/home/kweilo/public_html/index.html' (include_path='.:/usr/lib/php:/usr/local/lib/php') in Unknown on line 0
I'm no expert - hell, I'm not even American, so not really sure what the 5th amendment actually states - but I think "not saying something" is different to "destroying stuff that can prove your guilt".
Like I say though, IANAL. Or AA.
My home-brew GPS tracker (that runs on my Nokia 95) is very inaccurate. I have to calculate the speed by working out the distance between the lat/lon now, and the lat/lon last time. Bearing in mind I sometimes only get readings +/- 300 metres, it can show me doing 300 mph. And in a wanked old Peugeot diesel, that's not right.
I'm sure that a dedicated GPS device can devote a lot more chip-space to getting accurate signals though than a phone that does everything.
If you do something illegal or that you don't want taped, you can... destroy the tape after. Sounds like destruction of evidence, perverting the course of justice, or many other charges.
It does sort of work. For instance, when I want to find an article about Vista, I know to search for defectivebydesign. It's just a pseudo-code to confuse outsiders.
Buying Vista would cost billions of dollars. You've just paid for a copy of the software, a licence that lets you use it, and the media it came on. You still don't own Vista.
The "yadda yadda" included that sort of thing. If he's running that, why would he need to delay any login attempts by 10 seconds then? (I use denyhosts myself).
why shouldn't I run as admin on my own home PC if I want to? Because one piece of malware in a browser/IM message/whatever will own your whole machine. I run as a user in Linux, and I run my browser as another user, using sudo (see my site for details). That way, should I get caught out by some browser based nasty, it can only delete/write to the Firefox user's files - which aren't any.
What, you were transporting critical medical records via Torrent? Assuming Torrent = BitTorrent.... Torrent works best when lots of people want the same thing, at the same time. BitTorrent would be rubbish for transporting a medical record. You'd have to set up a tracker too. scp or https would have made a better example.
C:\Users I didn't know that. Now, if they can just move crucial binaries for system operation to c:\bin, other binaries into c:\usr\bin, and install applications in c:\opt, we'll be getting somewhere.
(Let's not confuse them with sbin dirs - just yet.)
What was that quote about understanding, and reinventing - badly? Next they'll do away with the registry and go back to config files, not require a GUI for some server type stuff, and improve their cmd.exe.....
Just keep the user's mobile phone number on record (virtually everyone in the UK has one) and use that as the "what you have" part of the authentication.
Username, password entered correctly - text a random code to the phone, and then they have to type that in.
Slashdot Mirror
Repeated, converting less-thans to <
It's also really stupid in this day and age that you need to be root to bind to <1024. There's just NO need for that any more that I can see. Can we get a compile time kernel option? <*> Require root to bind to ports below 1024.
I'd untick it in a flash.
PS. Postfix is much more friendly.
It's also really stupid in this day and age that you need to be root to bind to Require root to bind to ports below 1024.
I'd untick it in a flash.
I see you're a Zen subscriber. Me too, and I regularly get 800+kB/s downloads. Don't tell too many people though. :)
OpenVPN is a very good userland VPN if you don't want the kernel-patching-goodness of FreeSWAN or other IPSec implementations.
Can we not (we being the non-MS using, slightly knowledgeable IT crowd) start some sort of *nix Certificate Services? If everyone on the Net used IPSec, with certificates as authentication (preferably that weren't compatible with Windows), we could have a "secure" net, and a non-secure one. FreeSWAN with their try-and-look-up-keys-in-DNS or something.
My machine will talk to your machine, only if you've got one of these certificates.
Why do I need to have Javascript enabled to click on the Veropedia link in the top left to return to / ?
It's just annoying. Same as Wordpress: http://teapot.ekynoxe.com/
There is no earthly reason for needing Javascript for that. Dynamic, client-side stuff, sure.
If I can blow my own horn a little... http://linuxvps.org/. Might be a better solution, and starts at £7.50 a month.
More Russian adults online = more Russian hotties online!
I'm no expert - hell, I'm not even American, so not really sure what the 5th amendment actually states - but I think "not saying something" is different to "destroying stuff that can prove your guilt".
Like I say though, IANAL. Or AA.
No point re-partitioning and/or re-formatting unless your partition table or your filesystem is b0rked.
My home-brew GPS tracker (that runs on my Nokia 95) is very inaccurate. I have to calculate the speed by working out the distance between the lat/lon now, and the lat/lon last time. Bearing in mind I sometimes only get readings +/- 300 metres, it can show me doing 300 mph. And in a wanked old Peugeot diesel, that's not right.
I'm sure that a dedicated GPS device can devote a lot more chip-space to getting accurate signals though than a phone that does everything.
From your sig: "--underpaid and underemployed since 1986" - or perhaps "Overvaluing oneself since 1986"? :)
It does sort of work. For instance, when I want to find an article about Vista, I know to search for defectivebydesign. It's just a pseudo-code to confuse outsiders.
Buying Vista would cost billions of dollars. You've just paid for a copy of the software, a licence that lets you use it, and the media it came on. You still don't own Vista.
The "yadda yadda" included that sort of thing. If he's running that, why would he need to delay any login attempts by 10 seconds then? (I use denyhosts myself).
(Let's not confuse them with sbin dirs - just yet.)
What was that quote about understanding, and reinventing - badly? Next they'll do away with the registry and go back to config files, not require a GUI for some server type stuff, and improve their cmd.exe.....
What stops me from running 1000 login attempts via SSH in parallel then? (Assuming your SSH port is open, yadda yadda).
Just keep the user's mobile phone number on record (virtually everyone in the UK has one) and use that as the "what you have" part of the authentication. Username, password entered correctly - text a random code to the phone, and then they have to type that in.