Was it actually the case making the noise, or something inside the case? (probably the harddrive actually, as they make the most noise!)
You have unwittingly stumbled on one of my pet peeves, what exactly to call that thing. Obviously 'hard drive' is no good, but I feel uneasy calling it 'case' too, since when you say "I'm buying a case", you don't mean a case full of components. 'Box' is usable but too jargon-like (and has too many non-geek meanings:D ) Even 'computer' is a possibility -- but in many minds, 'computer' includes peripherals.
Finally, let me relate perhaps my funniest moment in PC history. I had, after much debate, finally convinced a family of Amiga (500 and 1200) users I knew, to get a PC. One day they did so, and called me up excitedly, and during the discussion came up with the gem:
"There's a box beside the computer!" It took about 10 seconds for the penny to drop, when I recalled that the Amigas have their "computer" bits in the same unit as the keyboard.:)
A free-moving thumb is all you need to type the "up." Note that the thumb begins swinging to the right when you are typing the 'u', so by the time you have just hit the 'p' it is already in the right place. It also requires the hands to be held in a position such that transferring the weight is natural -- something that a pianist would be very used to.
You are quite right. Little sequences of adjacent fingers on the same hand are very fast. Also, it seems that sequences of letters on the same row are fast too. Example words:
johnny-jump-up typewriter flagfalls
or, the ideal word for speed typing, "pokwer" (my record standing at 50 correct renditions in 8.43 seconds).
Also, I notice now that I have unconsciously developed some free-form combinations that dont conform to the "official" method of touch typing. Perhaps I can consciously add some more:)
I also found your comment on "up." interesting. For me, my thumb is about in the position of 'n' and it is uncomfortable to move it across 3 places. However, since you are a pianist, I would guess you are pivoting on the 'p' and swinging the thumb across, which you would be very used to doing on the piano (this also seems to be transferring the weight of your hand over to the right - so how would you type "up.ya") ?
(Warning - dont try this in your browser window -- the first time I practised it, it deleted my last paragraph in this message, so I switched to Notepad, and then it tried to shut down windows (twice!).
That whole key pattern is awful - you use the same finger for up as you do down, which limits your effectiveness. When I first saw the Unix method of h,j,k,l (left,down,up,right) I thought it was dumb, but it is in fact very fast.
riiight. so if a large commercial organization like ISS can't even identify the problem, a backyard script kiddie will be able to identify it and generate a request which exploits it, and then either find a 64-bit apache 1.3 (yeah right), or write some code to try and work in windows without crashing.
Anyway, I didn't think there were any Windows sysadmins that knew what security patches were?
Judging by the Apache report, it sounds to me as if the faulty code will not just copy the request over the end of the stack, but will do it in such a way that a 32-bit Linux generates a segfault before it gets to run any of it.
Windows handles memory segmemtation differently from Linux (I assume), so you can't compare the two on that count.
For a more detailed explanation I guess you should grab the faulty source in question and see exactly what the exploit is doing.
You correctly identify that the ISS patch can leave the problem there down the track... but then your solution does too !
The problem you have identified is that there could be code further on that references bufsiz (which I presume is a signed int). Therefore the solution is to either make bufsiz an unsigned int, or (if this is not possible), create another variable which is an unsigned int. This would require an analysis of all code that uses bufsiz, to discover the implications of changing it from signed to unsigned.
Without looking at the full source, I don't know whether "len_to_read" is signed or unsigned, but in either case your suggestion does not help, as your cast will get overridden by the type of len_to_read (eg: after int x; x = (uint)(-2); x is still a signed int and eg. (x 0) will be TRUE.
The cast on the comparison does affect the comparison because it changes the range of the quantity involved.
Interesting analogy, given that the Honda would probably beat the caterpillar in a race.
Re:oh no... more global warming (...not...??)
on
Baked Alaska
·
· Score: 2, Redundant
I'm sick of all the global-warming deniers who say that just because the climate fluctuates over long time scales, we aren't having an effect on the planet.
With human chess it's a case of too many cooks spoiling the broth: one person plays better than a team of people. In fact, a common handicap method is to get two players to alternate moves. I have also noticed in my own play that if I listen to someone else's suggestions then I lose more (even if the suggestions are good).
I would guess that this is due to the fact that when playing, I develop all my own plans, and view any moves in context of my plans, but somebody else will have different plans in mind, and even if a move is good (and would even fit with my plan), it hasn't been part of my subconscious thought, so it has side-effects which I haven't had time to subconsciously consider.
When the overflow is triggered, a fixed sized buffer in stack gets overwritten with data from the gopher server
You have got to be terminally thick in the head to write code that does that. I always hear these stories about the IQ-testing Microsoft entrance exams... did they outsource IE production to some schoolboys or something?
A local fellow is currently coding up code for allowing uncapped DSL through an ISP, but with pro-rata rate limiting (eg. if you've downloaded 20Gb this month, and joe has downloaded 10Gb, and the isp's bandwidth is maxed out, then joe's traffic will get twice the priority thaty ours does). Sounds like a good idea to me
Solution to this: if you are capped at 15k, then install a Linux machine, do NAT on that and route everything straight-through your DSL modem, and then set it to hold the traffic at 14.9k and to give lowest priority to file downloads.
If you had read the article, you would know that the main thrust of this initiative is to allow people in developing to study for more hours in the day -- precisely what is needed for the education you suggest.
For spot lighting, a white LED is 100 times as efficient as an incandescent light. Have you ever used a mechanically-powered torch? Quite a bit of effort is required to produce a useful beam (which is even then hard to keep constant).
I would suggest that LEDs are not "annoying" to children who may never have seen a lightbulb in their life, or not spent significant time under one.
Children in developing countries are quite enthusiastic about the learning thing, unlike many Western societies where school is something dreaded, and they wouldn't dare touch an encyclopaedia (or even a book!) at home.
Slashdot Mirror
in vi it looks like:
the quick brow
n fox jumps ov
er the lazy do
g
but he is talking about:
the quick
brown fox
jumps over the
lazy dog
So why weren't these bugs fixed?
Was it actually the case making the noise, or something inside the case? (probably the harddrive actually, as they make the most noise!)
:D ) Even 'computer' is a possibility -- but in many minds, 'computer' includes peripherals.
:)
You have unwittingly stumbled on one of my pet peeves, what exactly to call that thing. Obviously 'hard drive' is no good, but I feel uneasy calling it 'case' too, since when you say "I'm buying a case", you don't mean a case full of components. 'Box' is usable but too jargon-like (and has too many non-geek meanings
Finally, let me relate perhaps my funniest moment in PC history. I had, after much debate, finally convinced a family of Amiga (500 and 1200) users I knew, to get a PC. One day they did so, and called me up excitedly, and during the discussion came up with the gem:
"There's a box beside the computer!"
It took about 10 seconds for the penny to drop, when I recalled that the Amigas have their "computer" bits in the same unit as the keyboard.
I only have one thing to say to this:
alias woman='man'
A free-moving thumb is all you need to type the "up." Note that the thumb begins swinging to the right when you are typing the 'u', so by the time you have just hit the 'p' it is already in the right place. It also requires the hands to be held in a position such that transferring the weight is natural -- something that a pianist would be very used to.
You are quite right. Little sequences of adjacent fingers on the same hand are very fast. Also, it seems that sequences of letters on the same row are fast too. Example words:
:)
johnny-jump-up
typewriter
flagfalls
or, the ideal word for speed typing, "pokwer" (my record standing at 50 correct renditions in 8.43 seconds).
Also, I notice now that I have unconsciously developed some free-form combinations that dont conform to the "official" method of touch typing. Perhaps I can consciously add some more
I also found your comment on "up." interesting. For me, my thumb is about in the position of 'n' and it is uncomfortable to move it across 3 places. However, since you are a pianist, I would guess you are pivoting on the 'p' and swinging the thumb across, which you would be very used to doing on the piano (this also seems to be transferring the weight of your hand over to the right - so how would you type "up.ya") ?
(Warning - dont try this in your browser window -- the first time I practised it, it deleted my last paragraph in this message, so I switched to Notepad, and then it tried to shut down windows (twice!).
Ah yes. We can have the smartcard reader as the most common letter, 'e' .. what next
Ahh yes - the so-called 'feminist' genetic algorithms, or 'catholic' genetic algorithms
Hey.. they copied that off MS Word yes, that was a joke
I always type 'cd' with the index finger for the 'c'. Don't you?
That whole key pattern is awful - you use the same finger for up as you do down, which limits your effectiveness.
When I first saw the Unix method of h,j,k,l (left,down,up,right) I thought it was dumb, but it is in fact very fast.
riiight. so if a large commercial organization like ISS can't even identify the problem, a backyard script kiddie will be able to identify it and generate a request which exploits it, and then either find a 64-bit apache 1.3 (yeah right), or write some code to try and work in windows without crashing.
Anyway, I didn't think there were any Windows sysadmins that knew what security patches were?
Judging by the Apache report, it sounds to me as if the faulty code will not just copy the request over the end of the stack, but will do it in such a way that a 32-bit Linux generates a segfault before it gets to run any of it.
Windows handles memory segmemtation differently from Linux (I assume), so you can't compare the two on that count.
For a more detailed explanation I guess you should grab the faulty source in question and see exactly what the exploit is doing.
You correctly identify that the ISS patch can leave the problem there down the track ... but then your solution does too !
The problem you have identified is that there could be code further on that references bufsiz (which I presume is a signed int). Therefore the solution is to either make bufsiz an unsigned int, or (if this is not possible), create another variable which is an unsigned int. This would require an analysis of all code that uses bufsiz, to discover the implications of changing it from signed to unsigned.
Without looking at the full source, I don't know whether "len_to_read" is signed or unsigned, but in either case your suggestion does not help, as your cast will get overridden by the type of len_to_read (eg: after int x; x = (uint)(-2); x is still a signed int and eg. (x 0) will be TRUE.
The cast on the comparison does affect the comparison because it changes the range of the quantity involved.
Sounds like an improvement, not a bug..
Interesting analogy, given that the Honda would probably beat the caterpillar in a race.
I'm sick of all the global-warming deniers who say that just because the climate fluctuates over long time scales, we aren't having an effect on the planet.
With human chess it's a case of too many cooks spoiling the broth: one person plays better than a team of people. In fact, a common handicap method is to get two players to alternate moves. I have also noticed in my own play that if I listen to someone else's suggestions then I lose more (even if the suggestions are good).
I would guess that this is due to the fact that when playing, I develop all my own plans, and view any moves in context of my plans, but somebody else will have different plans in mind, and even if a move is good (and would even fit with my plan), it hasn't been part of my subconscious thought, so it has side-effects which I haven't had time to subconsciously consider.
DETAILS
When the overflow is triggered, a fixed sized buffer in stack gets overwritten with data from the gopher server
You have got to be terminally thick in the head to write code that does that. I always hear these stories about the IQ-testing Microsoft entrance exams... did they outsource IE production to some schoolboys or something?
You are forgetting the wonderful piece of work "PSION Flight Simulator" (published for the ZX Spectrum in 1982 AFAIK)
I thought DirecPC was this thing where they gave away free PCs to everybody and then wondered why they didn't make any money?
A local fellow is currently coding up code for allowing uncapped DSL through an ISP, but with pro-rata rate limiting (eg. if you've downloaded 20Gb this month, and joe has downloaded 10Gb, and the isp's bandwidth is maxed out, then joe's traffic will get twice the priority thaty ours does). Sounds like a good idea to me
Solution to this: if you are capped at 15k, then install a Linux machine, do NAT on that and route everything straight-through your DSL modem, and then set it to hold the traffic at 14.9k and to give lowest priority to file downloads.
If you had read the article, you would know that the main thrust of this initiative is to allow people in developing to study for more hours in the day -- precisely what is needed for the education you suggest.
For spot lighting, a white LED is 100 times as efficient as an incandescent light. Have you ever used a mechanically-powered torch? Quite a bit of effort is required to produce a useful beam (which is even then hard to keep constant).
I would suggest that LEDs are not "annoying" to children who may never have seen a lightbulb in their life, or not spent significant time under one.
Children in developing countries are quite enthusiastic about the learning thing, unlike many Western societies where school is something dreaded, and they wouldn't dare touch an encyclopaedia (or even a book!) at home.
I've never seen monochromatic white light before..