That is why the P2P indexing server run by the security firm commissioned by the RIAA/MPAA is on the block list.
Revised scenario:
Your computer tries to upload your list of hashes, but the packet never gets through, so they don't have your list of hashes or you IP in the first place. If you are using a client such as eMule that lists server info, it is very unlikely that you will even try to connect to said server since eMule is unable to query that server such as name, current/max users, and number of files.
I'm not saying that PeerGuardian/MoBlock are the be-all and end-all of security, but if you are going to participate in illegal file sharing, running such tools is better protection than nothing.
Nothing Linux-related is supported by anyone "officially" unless you pay for it. Nonetheless, libipod works extremely well. I use my 1st gen iPod Nano with Listen and Quod Libet and it works flawlessly. This was after my iPod had been artificially "locked" to my iBook by iTunes.
Apple will support boot camp when it is included with the next version of OS X.
Apple actively fights efforts to run OS X on non-Apple hardware, yet on documented hardware, it still works well.
I didn't say anything about vendor lock-in. That's what vendors do. However, I suggest that the open source world wouldn't be half as fun and interesting as it is if we (people) didn't have to build these things (for free) to break out of vendor lock-in.
I disagree, AC. Domains by proxy is a good service designed to prevent insane idiots from coming to your home address and beating your face in because they disagree with your blog. Basically it is a virtual P.O. box. If you want the real contact info, call or write the proxy in the whois record, and once the real contact gives permission, you'll get the real contact info.
Also, there is now a post on http://www.blackboxvoting.org/ stating that these files are actually posted by them, and on a different server to avoid a slashdotting.
Gotcha on the joke now... I should have picked up on the tongue-in-cheek-ness.
However, please check who you are replying to. I did not, nor have I ever, objected to using open source tools. On the contrary, I use them whenever and wherever possible, and advocate the same. I do draw the line at forcing my opinion on others or trying to pound a square PHP peg into a round ASP.NET hole (and in no way do I think you were doing either of those things, but many in this thread were.)
I also fully agree that REALbasic is an excellent upgrade path for programmers from the VB6 world. However, IMHO, it's not the nicest world to live in, and I wish all VB6 programmers the best in moving to a more "enlightened" world (VB.NET/Mono being a part of the latter.)
Your first point makes sense from the vendor's point of view, based solely on ease of support for the vendor. If there is a bug in that specific version of the vendor-supplied libraries, or that version interferes with other software on the same machine (ahem...Oracle), 9 times out of 10 you'll get the cold shoulder from the vendor. Statically linked binaries support closed-source greed and not much else.
Your second point makes absolutely no sense at all... please elaborate (or concede).
I know it's been a while since this reply was posted, but I feel compelled to respond...
Yes, I am complaining that the entire REALbasic framework is embedded in each binary, since it means that all framework code is duplicated in every compiled product. This is extremely wasteful, and locks you in to waiting on both Real Software and the developer to release a bug fix rather than installing the new library yourself when bugs are found in the framework itself.
Are you really arguing that monolithic, single-platform, statically linked executables are superior to shared libraries?
I am also arguing that cross-platform compilation in REALbasic costs $500.
Pretty neat how Data fictionally spent about 50 years trying to develop a sense of humor without success, yet in the real world, Google has developed a highly evolved sense of humor almost entirely by accident in less time than a human learns about fart jokes.
That really is quite interesting... Neither the HTML source nor the wiki source of that "secondary" Wikipedia link contains the word "zune"? How in the hell did that happen?
Mmm... yes, a 2.3 megabyte "native" binary for a basic "hello world"... and all for the low, low price of $500 for the privilege of compiling cross-platform binaries. (Although apparently standard edition is free for Linux, at least for 6 months.)
And don't tell me this is FUD, I downloaded and tested the Linux version before posting.
26 is now very old? Was it the "bees knees" thing? I've just been dying to work that into a conversation for the longest time. I promise I won't say it again! Or have I been trolled?
As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.
I own an iBook. The Apple IIe was my first computer (unless you count a breadboard, some dip switches, and two numeric LED displays). I own Apple stock. I think Mac OS X is the bees knees.
That said, Apple needs to take their collective heads out of their asses. If an executable shell script was "accidentally" included as simple as:
#!/bin/sh rm -rf /
You need to make it autorun (I won't tell you how, but it can be done, and is quite handy for non-malicious uses). No antivirus software would detect this, no Windows machines would be affected, and every Mac you plugged that iPod into would be royally fucked, even if not run as root.
NTSC is many things, but calling 320x240 "full resolution" is wrong. NTSC has several resolutions, all of which are considerably higher than 320x240.
The slingbox is awesome for $100, but VLC (and one of my favorites, the deprecated VLS) really has a leg up on the options it gives you. One of my favorite features is that it can transcode either a video file or input stream (from a capture card for example) into any other format it supports for playback, in realtime (as long as your CPU can handle it). I use it to stream 5 Mbit/sec video over wireless every day and it works and looks fantastic.
In my experience, VLC's lowest-end quality (for example, trying to send upstream on a crippled US cable modem or ADSL), looks far better than the highest quality available from a Slingbox. Other pluses are that VLC runs the same (and supports the same features and codecs) on all major operating systems and your stream will never be wrapped in DRM.
Perhaps you are correct. Either way, I re-read my post after going out and coming back: my apologies for being unnecessarily rude. (Yeah, I know, I must be new here!)
However, with my GeForce 2 GTS (uses the old "legacy" closed-source driver, but still a great card), I have never been able to get XVideo acceleration working with either the nv or vesa driver. Video plays fine, and xvinfo claimed XVideo was working, but blowing it up to full screen would result in pixelation and the CPU use was always extremely high compared to the nvidia driver.
I'm getting my TV back on Wednesday (tube "popped" a couple weeks ago, God bless warranties!), so I'll try it out with my HTPC with a GeForce 6600 when I get a chance.
No offense (full respect to the low uid), but that's a terrible workaround. I actually don't play any 3D games in Linux (not yet anyway).
Not only do you lose 3D acceleration, but XVideo acceleration as well. I use Linux because it allows me to do more, faster, and better than anything else. I am currently watching TV in one quarter of my screen, browsing the web and documentation on the top half, and editing PHP and Python in the remaining quarter. That's just virtual desktop 1. (2 & 3 have VMware sessions and 4 is running GIMP right now.) My paltry Athlon XP 2500+ is pushing 5-10%. Without XVideo and 2D acceleration, that would hit nearly 100% and simply moving between windows and desktops would be painful (forget resizing them).
Yes, I certainly could do everything in GNU screen, and watch video using aalib, but this 2006.
Also, once Gnash is usable, I will need 3D acceleration just to browse the web (yes, I see the stupidity in that, but hey)...
I love it when people use subjects like "You don't understand, stupid", and then proceed with the verbal diarrhea.
I mean, you got the spirit right, but many of your details are wrong. Next time you call somebody stupid, please try to have a clue what you are talking about.
First, this isn't a kernel panic, it's a local root exploit. The binary nVIDIA driver is just as capable as causing a kernel panic as any other "official" kernel code, since it runs in kernel space. Thus you are proclaiming the stability of nVIDIA's code in your statement, you just didn't realize it.
Second, it's called a binary blob (as opposed to a binary driver) because it is just that, a blob. It is true that most of the driver code exists within this blob, but it is not a driver by itself. nVIDIA provides source code which acts as a wrapper, so that the binary blob can interface with whatever version of kernel you happen to be running. Hence how the same binary blob can be used for Linux 2.4, Linux 2.6, various BSDs, Solaris, and others.
VMware and several other closed-source Linux supporters distribute their kernel modules the same way.
The exploit involves executing C code which uses the buffer overflow to replace the address of the free() function in your running copy of Xorg. I'm not saying it's impossible, but how is a web page going to make a Linux web browser execute arbitrary C code?...
OK, I read a bit further, looks like you just need to create a malformed glyph in an embedded font. Not at all difficult to do with Java, Flash, or just plain HTML (or so I've heard, never seen an embedded HTML font in the wild). Damnit. Back to eLinks for me!
The OS manages access to your hardware. Without signifigant modifications to the hardware (hardware hypervisor), or a virtualization layer sitting between the hardware and multiple operating systems, it is currently impossible to boot two operating systems at the same time on the same CPU (or even multiple CPUs.)
Currently, all operating systems expect that they have complete access to hardware, so running 2 or more at the same time requires modifying the operating systems themselves (Xen), or incurring a signifigant performance hit to run un-modified operating systems (VMware.)
This is, of course, a vast over-simplification, but I hope it makes this a bit more clear.
Slashdot Mirror
That is why the P2P indexing server run by the security firm commissioned by the RIAA/MPAA is on the block list.
Revised scenario:
Your computer tries to upload your list of hashes, but the packet never gets through, so they don't have your list of hashes or you IP in the first place. If you are using a client such as eMule that lists server info, it is very unlikely that you will even try to connect to said server since eMule is unable to query that server such as name, current/max users, and number of files.
I'm not saying that PeerGuardian/MoBlock are the be-all and end-all of security, but if you are going to participate in illegal file sharing, running such tools is better protection than nothing.
Nothing Linux-related is supported by anyone "officially" unless you pay for it. Nonetheless, libipod works extremely well. I use my 1st gen iPod Nano with Listen and Quod Libet and it works flawlessly. This was after my iPod had been artificially "locked" to my iBook by iTunes.
Apple will support boot camp when it is included with the next version of OS X.
Apple actively fights efforts to run OS X on non-Apple hardware, yet on documented hardware, it still works well.
I didn't say anything about vendor lock-in. That's what vendors do. However, I suggest that the open source world wouldn't be half as fun and interesting as it is if we (people) didn't have to build these things (for free) to break out of vendor lock-in.
Wrong, wrong (1|2), and wrong.
I disagree, AC. Domains by proxy is a good service designed to prevent insane idiots from coming to your home address and beating your face in because they disagree with your blog. Basically it is a virtual P.O. box. If you want the real contact info, call or write the proxy in the whois record, and once the real contact gives permission, you'll get the real contact info.
Also, there is now a post on http://www.blackboxvoting.org/ stating that these files are actually posted by them, and on a different server to avoid a slashdotting.
Gotcha on the joke now... I should have picked up on the tongue-in-cheek-ness.
However, please check who you are replying to. I did not, nor have I ever, objected to using open source tools. On the contrary, I use them whenever and wherever possible, and advocate the same. I do draw the line at forcing my opinion on others or trying to pound a square PHP peg into a round ASP.NET hole (and in no way do I think you were doing either of those things, but many in this thread were.)
I also fully agree that REALbasic is an excellent upgrade path for programmers from the VB6 world. However, IMHO, it's not the nicest world to live in, and I wish all VB6 programmers the best in moving to a more "enlightened" world (VB.NET/Mono being a part of the latter.)
Your first point makes sense from the vendor's point of view, based solely on ease of support for the vendor. If there is a bug in that specific version of the vendor-supplied libraries, or that version interferes with other software on the same machine (ahem...Oracle), 9 times out of 10 you'll get the cold shoulder from the vendor. Statically linked binaries support closed-source greed and not much else.
Your second point makes absolutely no sense at all... please elaborate (or concede).
The trolls have always been self aware. Problem is, they aren't aware of anything/anyone else.
I know it's been a while since this reply was posted, but I feel compelled to respond...
Yes, I am complaining that the entire REALbasic framework is embedded in each binary, since it means that all framework code is duplicated in every compiled product. This is extremely wasteful, and locks you in to waiting on both Real Software and the developer to release a bug fix rather than installing the new library yourself when bugs are found in the framework itself.
Are you really arguing that monolithic, single-platform, statically linked executables are superior to shared libraries?
I am also arguing that cross-platform compilation in REALbasic costs $500.
Pretty neat how Data fictionally spent about 50 years trying to develop a sense of humor without success, yet in the real world, Google has developed a highly evolved sense of humor almost entirely by accident in less time than a human learns about fart jokes.
That really is quite interesting... Neither the HTML source nor the wiki source of that "secondary" Wikipedia link contains the word "zune"? How in the hell did that happen?
Mmm... yes, a 2.3 megabyte "native" binary for a basic "hello world"... and all for the low, low price of $500 for the privilege of compiling cross-platform binaries. (Although apparently standard edition is free for Linux, at least for 6 months.)
And don't tell me this is FUD, I downloaded and tested the Linux version before posting.
Mod parent up. It's really annoying. Not everything is a trap.
And sanctions. Don't forget the sanctions.
Whoa.
</keanu>
Anyone else accidentally read that as "CEO Jack Thompson" the first couple times?
I also think the article is inane fear mongering, but isn't CIFS patented? (I tried to search but uspto.gov is a mess.)
26 is now very old? Was it the "bees knees" thing? I've just been dying to work that into a conversation for the longest time. I promise I won't say it again! Or have I been trolled?
I'm sorry, you are absolutely correct. I had this set up for so long I forgot what I did: Folder Actions. My face is red!
I still think the thinly-veiled insult is uncalled for when Apple directly creates a security risk.
As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.
I own an iBook. The Apple IIe was my first computer (unless you count a breadboard, some dip switches, and two numeric LED displays). I own Apple stock. I think Mac OS X is the bees knees.
That said, Apple needs to take their collective heads out of their asses. If an executable shell script was "accidentally" included as simple as:
#!/bin/sh
rm -rf /
You need to make it autorun (I won't tell you how, but it can be done, and is quite handy for non-malicious uses). No antivirus software would detect this, no Windows machines would be affected, and every Mac you plugged that iPod into would be royally fucked, even if not run as root.
NTSC is many things, but calling 320x240 "full resolution" is wrong. NTSC has several resolutions, all of which are considerably higher than 320x240.
The slingbox is awesome for $100, but VLC (and one of my favorites, the deprecated VLS) really has a leg up on the options it gives you. One of my favorite features is that it can transcode either a video file or input stream (from a capture card for example) into any other format it supports for playback, in realtime (as long as your CPU can handle it). I use it to stream 5 Mbit/sec video over wireless every day and it works and looks fantastic.
In my experience, VLC's lowest-end quality (for example, trying to send upstream on a crippled US cable modem or ADSL), looks far better than the highest quality available from a Slingbox. Other pluses are that VLC runs the same (and supports the same features and codecs) on all major operating systems and your stream will never be wrapped in DRM.
Perhaps you are correct. Either way, I re-read my post after going out and coming back: my apologies for being unnecessarily rude. (Yeah, I know, I must be new here!)
However, with my GeForce 2 GTS (uses the old "legacy" closed-source driver, but still a great card), I have never been able to get XVideo acceleration working with either the nv or vesa driver. Video plays fine, and xvinfo claimed XVideo was working, but blowing it up to full screen would result in pixelation and the CPU use was always extremely high compared to the nvidia driver.
I'm getting my TV back on Wednesday (tube "popped" a couple weeks ago, God bless warranties!), so I'll try it out with my HTPC with a GeForce 6600 when I get a chance.
No offense (full respect to the low uid), but that's a terrible workaround. I actually don't play any 3D games in Linux (not yet anyway).
Not only do you lose 3D acceleration, but XVideo acceleration as well. I use Linux because it allows me to do more, faster, and better than anything else. I am currently watching TV in one quarter of my screen, browsing the web and documentation on the top half, and editing PHP and Python in the remaining quarter. That's just virtual desktop 1. (2 & 3 have VMware sessions and 4 is running GIMP right now.) My paltry Athlon XP 2500+ is pushing 5-10%. Without XVideo and 2D acceleration, that would hit nearly 100% and simply moving between windows and desktops would be painful (forget resizing them).
Yes, I certainly could do everything in GNU screen, and watch video using aalib, but this 2006.
Also, once Gnash is usable, I will need 3D acceleration just to browse the web (yes, I see the stupidity in that, but hey)...
I love it when people use subjects like "You don't understand, stupid", and then proceed with the verbal diarrhea.
I mean, you got the spirit right, but many of your details are wrong. Next time you call somebody stupid, please try to have a clue what you are talking about.
First, this isn't a kernel panic, it's a local root exploit. The binary nVIDIA driver is just as capable as causing a kernel panic as any other "official" kernel code, since it runs in kernel space. Thus you are proclaiming the stability of nVIDIA's code in your statement, you just didn't realize it.
Second, it's called a binary blob (as opposed to a binary driver) because it is just that, a blob. It is true that most of the driver code exists within this blob, but it is not a driver by itself. nVIDIA provides source code which acts as a wrapper, so that the binary blob can interface with whatever version of kernel you happen to be running. Hence how the same binary blob can be used for Linux 2.4, Linux 2.6, various BSDs, Solaris, and others.
VMware and several other closed-source Linux supporters distribute their kernel modules the same way.
The exploit involves executing C code which uses the buffer overflow to replace the address of the free() function in your running copy of Xorg. I'm not saying it's impossible, but how is a web page going to make a Linux web browser execute arbitrary C code? ...
OK, I read a bit further, looks like you just need to create a malformed glyph in an embedded font. Not at all difficult to do with Java, Flash, or just plain HTML (or so I've heard, never seen an embedded HTML font in the wild). Damnit. Back to eLinks for me!
The OS manages access to your hardware. Without signifigant modifications to the hardware (hardware hypervisor), or a virtualization layer sitting between the hardware and multiple operating systems, it is currently impossible to boot two operating systems at the same time on the same CPU (or even multiple CPUs.)
Currently, all operating systems expect that they have complete access to hardware, so running 2 or more at the same time requires modifying the operating systems themselves (Xen), or incurring a signifigant performance hit to run un-modified operating systems (VMware.)
This is, of course, a vast over-simplification, but I hope it makes this a bit more clear.