What worries me the most is that according to the guys holding the presentation there was no reponse from the python team on that issue. Also plone, a web platform based on python, they tested their attack against it and notified the plone guys, didn't implement any countermeasures after being notified.
This was fixed in perl in 2003, it's interesting that the opensource community didn't bother to check the hashtable implementations of all other languages back then. Are they in competition not telling others that something important needs to be fixed? Java devs, chose not to change their hash algo in 2003 BTW because it is a too integral part. Well the modified version is in use for 8 years in perl, might wanna upgrade it this time;)
Also the fixes PHP 5.4rc (and tomcat, and...) implemented are just workarounds that were already available before with the suhosin extension for example. Limiting the number of variables you can POST is a wannabe fix, can be circumvented with JSON for example (given that the app uses json_decode() on the receiving end).
if you need to constantly change an ENUM field, then it is not supposed to be an enum field in the first place... Use a foreign-key to a table which you can easily edit.
BTW, you can edit an enum fields definition, it's just a series of clever DDL queries. but again, an enum column isn't supposed to change by design.
the budget for migrating all vienna offices to vista is 8million, the 740 kindergarten machines "just" cost 105k. I am not saying that this is a good thing, since the software that is the reason for the switch is unnecessary no matter on which OS it runs... But still the numbers are wrong.
I can't believe that this made headlines - just do the math 8M divided by 740 - that's 10810 Euro per machine, you could buy server grade hardware with 32 cores and 64gb ram (running linux of course) for every kindergarten, or a single license of vista according to the editors...
I thought the former telco monopolys in europe had to open their old networks for the new telcos to even enable some form of competition. I didn't know that new investments after the opening by the now "private" company fall under the same rule. It's no wonder why there's almost no fiber optics rolled out in the EU, because nobody is willing to pay for infrastructure that must be opened to the competition...
Almost all the frameworks, no matter which language they are written in, don't provide the basics for a real world application. What about i18n? I have yet to see a framework where the template system AND the application supports translation of messages.
Customize Authentication? There are more complex apps that don't just require username+password to login (e.g. logon to database - username+password+database depending on the database you may have access or not). Also users may be in many groups, each group having different rights, even each user could have different rights - where the next isssue comes up.
Only few socalled frameworks have rights-management. There are actions that should be restricted to qualified users, like editing customer-accounts, adding new co-workers. There are things that should be displayed only to certain users. Think of current items in-stock of an online-shop. You probably want to show the shops co-workers the real in-stock amount and some info when the next delivery of that stuff is coming and the customers would see in-stock minus 10% and no info on the upcoming delivery - from the same template, only difference is the rights the user has.
These are just 3 examples of missing functionality that keep me from even considering any of those "frameworks".
I second that. I'd buy a power5 desktop machine instantly - but it must provide a OpenGL compatible graphicscard with drivers for linux though else the system would be kind of useless, at least for me. Having a machine like that would smoke the x86 boxes the next few years and therefore there wont be a real need to upgrade.
I also wonder how much software really works for it, the power5 being 64bit and all may be a problem for some OSS projects. I'm thinking more about the different GUI apps not server-software, i am concerned that some of them are written with only x86 and 32bit in mind.
firewall - allow only certain IPs access port 22
on
Dealing with Intruders?
·
· Score: 2, Informative
You said, YOU are running a server for ONE client. Who is it that needs SSH access to the machine - YOU. What i would do is limit access to port 22 to IP adresses I am going to use. Add your normal internet adresses to the list (like your ISPs IP-block, work, girlfriends isp,...) And of course you need to add a machine that is alwas up and has no such firewall restrictions (i.e. shell access to your server at home, i know you have one;-)). This way you can login to the server from your most common locations, and login indirectly to the server using another box as "proxy" in case you are on vacation sitting in an internet-cafe.
i think it's also good practice to generally disallow direct root-logins in ssh-config and only allow shell users having group wheel to su to root.
The standard also includes a label for every form element, which currently does not exist. This is very useful for disabled people - e.g. blind people, their screen-readers can figure out which text belongs to which form element. This is currently impossible.
You also no longer define the type of formelement (radiobutton, selectboxes,...) the browsing tool chooses the most apropriate system. For graphical browsers radiobuttons may be cool, but for screen readers it may read the form like "choose one of the following", and for small display devices a dropdown-menu maybe better as 2 radio buttons plus their label takes up too much screen space.
To me it makes sense, but I know that I wont use XForms anytime soon. Because there's still companies that have MSIE 5 as the only allowed browser in their IT-policy... Creating a web- application for them still includes crazy html and javascript hacks
thanks for pointing that out, i fixed the helo for my server now.
I still think that valid reverse entries should be enforced though. The post you linked to makes a point for small domains - well if the reverse entry is domain.com so be it - tell the mailserver to use domain.com for helo commands. Load balancing systems consist of many mailservers - if i have a system that has 5 mailserver behind one router == on IP then i tell all 5 mailservers to use the correct name for that IP. if i run 5 server using dns-round robin i use correct names for each of the five. what sourceforge does is:
Received: from [66.35.250.206] (helo=sc8-sf-list2.sourceforge.net) $ host sc8-sf-list2.sourceforge.net sc8-sf-list2.sourcef orge.net is an alias for projects.sourceforge.net. projects.sourceforge.ne t has address 66.35.250.209
which is clearly not the boxes name sending the mail, even though it could be configured correctly. Maybe i am missing some important point, but i guess setting up valid reverse lookups is possible, and should be checked.
I know that the RFC does not enforce this, that's why i _suggested_ to do so. And if the others would do it i would have noticed earlier that my setup is flawed, because others wont accept my mails.
I run my own mailserver and when i tried to add smtp-time spam protection by checking the helo provided domain-name i found out that even big mail systems like sourceforge don't send correct helo information. the smtp rfc requires HELO/EHLO before the MAIL FROM command is issued. if the reverse-lookup of the connecting IP does not match the given domain-name in HELO command simply delay the connection for 20seconds (tarpitting) and close the connection.
This would work very nice because then you can at least identify the spammer (must have domainname + reverse entry which makes tracking down the owner of the domain quite easy) - but it does not because even the admins of big servers arent able to set these basic things up correctly.
I'd love to see these huge ISPs to start forcing correct HELO commands, this way people will start to setup things correctly. This will certainly not stop spam but it will make the senders identifyable (or make owners of hacked machines contactable). I see no valid reason why this basic feature of smtp isn't used. Okay the RFC does not make correct domain-names mandatory for the helo command, but current issues with mails do i think. Use what's there already! and kick the butts of the lazy admins.
The main reason is that found myself building many server applications from source on Debian and Redhat boxes what made install-speed difference from using binary-packages inexistant, because i simply didn't use them often. The reasons for self-building was often my special needs (like having exim with mysql and postgres support) or having bleeding edge software that rocks and helps productivity (subversion, i use it for over a year now). I always documented what i did when installing from source to be able to reproduce eventual problems and to remember the./configure flags.
When i switched to gentoo i still document my installs but the documentation shrunk by at least 50%, because many steps are done for me by the very cool portage systems and its ebuild files. If i need exim with mysql an postgres support i simply run:
USE="mysql postgres" emerge exim
And that's it, exim is installed with config and log files at nice locations and fully working without the need of doing anything by hand. When updating my servers i use the binary package feature of portage, i build the package on a lan-server where cpu-usage is no issue and then i install it from the binary package on the target machine w/o the need of compiling it (or waiting for the compile to finish, which can be a pain when many servers need the OpenSSL update for example).
I like the portage system because my systems software is fully customizeable with a minium of work involved. And if something doesn't work i simply fix it in the ebuild files, which are easy to understand and modify. When a newer release of some package is out, but the ebuild is missing, simply rename an older ebuild to the new version number and try to emerge it, it often works.
New cars really don't need oil change more often, of course offroad or race cars are different. If i owned such car i sure as hell want to be able to tweak it. My point was that joe averages car doesn't need to be customizeable - and in fact they aren't. The main reasons i see are technological advances like injection-controller-chips, and car companies want to have more work == money for their contracted-garages and spare-parts.
When i was serving in the army i drove trucks, mainly a "Steyr Pinzgauer" - there were 3 tools in the car: a hammer, a screwdriver and a screw-wrench. Out of curiosity i tried where the wrench would fit - everywhere, literally everywhere - i probably could have taken the engine apart and reassemble it using these 3 tools. This kind of car needs to be like that, because if you are stuck in the desert/mountains/wherever you'd better be able to fix that car yourself. But this car has no turbo for its engine, no direct injection, no silicon-chip in the whole car, no steering-support ("servolenkung" in german), it has no windowwashing system (there's a foot-operated-pump to spray water on the windshield;)), it has no aircondition, no radio, no real heating sytem (engine is cooled by air only)... This certainly isn't a comfort car (well the military version at least) and there's the difference - it doesn't need to be compact or comfortable it needs to work and if it doesn't it must be fixable by anybody. And it needed to be fixed quite often during my time at the army. What it can do is go anywhere offroad and of course it looks cool when you have the 6x6 wheels version;). BTW i love this car for all it does and doesn't, when i have enough money to fund a second fun car i will buy one of them.
Cars younger than 4 years aren't built with those principles in mind and that's why i see no point in being able to pop the hood of a new car, i wont (and i don't want to) be able to fix anything on those sealed car engines with direct turbo diesel injection and whatnot. I don't want a car that needs a fixup every month. I want to be sure that it starts anytime of the year and takes me where i want to. A second car behaving like the 1979 VW bug of my sister is fun to work with and tune, but if it's broken she just uses her normal car which she also expects to simply work.
I'm serious here - I've looked under new Turbo-Diesel hoods of VW and Audi - what exactly do you want to fix there? You may want to refill windshield-washer fluid, but that's about it. Please don't tell me you need to refill Oil on these cars, this will be done anyway on the 2 year checkup - which is sufficient and has to be done anyway, else your car wont have its license continued.
Access to the battery is not easy too, and mechanics told me to not give starting support to other cars because this can mess up other electronics in the car. I don't understand why anybody needs access to pop the hood of his new comfort car. Okay you may be able to fix most things up to Golf 3 but certainly not for 4 or even 5. Even the mechanics can't fix most stuff - they replace it. This of course leads to higher costs for the customer, it takes more time to replace some engine chip than to reconfigure some engine screw for an old beetle.
They also build many things on purpose in a way that only experienced people can repair them. It sucks that they do it, but in many cases it wouldn't help even if you had access to these parts. There are some things beside the engine that make me angry too - for example changing speakers for a Golf 4 or front light-bulbs... a lot more work than it was on my Golf 3. But i still don't understand what you want to do in new cars engine compartment.
And to the guys mentioning what to do if there's an engine-fire - i suggest running away a few meters and call the fire-brigade. Or did you want to pop the hud and fight against it with your tiny incar-fireextinguisher? And even if you had success by doing so - what next, start the car and continue travelling?
To me at least. All those popup ads were seen by the vast majority of internet users. Now when the most popular browser disables popups the advertisers will stop using popups and start to concentrate on those pop-ins, flash and whatnot within the normal page.
And that's what scares me - how do i block advertisement flying across the screen on a dthml-layer? How would a browser choose between useful content and advertisement in order to block it? I can see me running Mozilla with CSS and DOM scripting turned off in the not so far future... or switching to links on console;)
I run 2.6.0beta8 with a serial ata drive. The issue i have with it is when i mount a cdrom i get the kernel message "Disabling IRQ #18" which slows the system horribly down because irq 18 is the irq of the SATA controller.
Same message appears when i add devfs support (gentoo likes it). I don't run devfs or mount cdroms, and the machine works w/o problems. I very seldom need access to CDROM or DVDs so its no problem for me, YMMV...
ac patches have a different SATA code, but it exists only against 2.6.0beta1 afaik. You might want to try this one.
I wonder why that is not against the patent. No matter how you insert your flash media - the plugin will get loaded seemlessly, which is what the patent is all about afaik. I see no difference in having static html code or dynamic JS code that links to media, in the end it will load the plugin without user interaction (unless the user has disabled JS).
I know that this workaround is from microsoft, but i don't see the real difference. Anyway i don't think this change will affect end-users, because web-professionals will update their pages to avoid the messagebox and lame users wont update their browsers (and therefore avoid the messagebox w/o knowing it;))
ok it doesn't omit " with attributes and seems to create clean code after a few quick tests - but it still uses the font tag, which is deprecated in HTML 4 and not in the XHTML specs.
Besides that it should already support stylesheets. Like using MS-Word you create a style for a paragraph, headline or whatever and re-use the same style for all repeating instances of these page-elements. The advantages using CSS would be - People know how it works to define styles in Word, they can change the style of the whole document afterwards without marking and changing all paragraphs separately, it saves a lot of bandwidth (no tags within tags, or tags with color definitions all over the place) and of course it would be valid XHTML styled with CSS.
this is a database after all. It would be cool to have this filesystem know all files that exist on my CDs, DVDs and remote filesystems (a.k.a. all files at home i can access in some way). This way i can figure out that file 'xyz.mp3' is on a CD named 'many albums' folder 'xyz'. this can be expanded to "import" the filesets of all my friends. The advantage would be that i can search for stuff that's not actually located on my pc but still know "where it is" and use metadata (id-tags,...) to search for it. I can access the files later (by telling my friend to send it to me, by grabbing the CD or booting the remote machine...). What do you think about that idea?
Re:Excellent!
on
Cracking GSM
·
· Score: 2, Interesting
i see a practical application for this - use the cracked signal when being in a cinema/theater/you_name_it _before_ the movie/show/whatever starts - all lamers that have turned on their ring-tone will turn their phones off before the show starts. Why you ask? Because during advertisements/entry the light is still on, the signal makes all phones ring and then everybody annoyed by the sound can easily spot the lamer(s) and tell them to shut it off, or kick him when it rings again during the show;)
Because I use Road Runner residential class network access, your scheme will always block me as well, because I don't have access to the reverse DNS.
Well, all providers i know here in europe at least have setup domainnames for all the IPs they own. So what your mailserver needs to do is send a HELO with that domainname. Or another option is to send out a HELO [123.123.123.123] (your IP in brackets) which is valid too. This way i can check if your HELO domainname/IP matches the name/IP of the connecting machine, nobody forces you to use a domain-name.
filters are all nice and good, and i use them but as you correctly mentioned - identifying spam at smtp level lowers bandwidth usage a lot. This may not be a problem for US citizens but not everybody has access to unlimited traffic connections...
I personally see myself running around with a 2 liter camelbak filled with whatever the fuel-cell requires;) Then I'd try to directly hook it up to the laptops cell. That makes refills necessary once a week or so, and carrying the "battery" with me is quite comfortable too. I guess refillstations will never be visited by geeks. Everybody will create the fuel at home as this stuff is cheap and can be bought everywhere, unless they switch over to use hydrogen.
If mailservers had valid reverse-DNS entries and would send their real name with HELO at the start of SMTP communication a lot of spammers were not able to spread their stuff.
If i enable checking of HELO domains almost all spam is gone, but also a huge number of valid email servers too (sourceforge.net for example) simply because they are setup incorrectly when it comes to HELO and DNS stuff. If DNS and HELO commands were setup correctly (and are checked at the servers) then spammers cannot stay anonymous like now, because they have to use their real domain-name (registered to somebody) have to setup valid reverse lookups (IP adresses normally belong to the ISP - so the ISP has knowledge of who requested which reverse domainname). Now i can log who sends me spam and can identify the person behind it, or blacklist the server. The problem is that correct HELO is not a must in current smtp rfc and people don't give a shit about correct dns setups.
Being more strict on SMTP will not stop spam, but it will make it harder for spammers to stay anonymous and operative (blacklist-servers) plus there's no need to pay a CA to issue SSL certs for all my domains.
Umm, i guess he bought a 250GB drive because he needs that much space. The files he stores there should be stored in a reliable way, because he copies Database-backups and the likes. Databases can require files bigger than 4GB easily. Same goes for video Editing (although that's not what he is doing). Say you need a 41GB backup of a database and only have 40GB sized partitions...
If i wanted to exchange sensible data i wouldn't choose FAT32. I have lost enough data to some corruptions in the allocation table of FAT when i used it (before i switched to NTFS in 1998). A bad sector on your harddrive where your allocation table is stored and your filenames/directories are no more readable... plus there's no journalling for fat32. It's a removeable drive - i wouldn't use a filesystem w/o journalling on such device. I use NTFS for many years now and i never lost data due to file-system corruption.
Next disadvantage - block size of fat32 - copy many small files to a fat32 partition that's 40GB in size and measure its real space requirements - then do the same with NTFS - huge difference.
I can understand his need for a different file-system but i know no useful alternatives too. I'd use a small computer with gbit ethernet (or tcp/ip over firewire - windows, mac and linux can do that) and samba on it. Or use ext3 and some commercial drivers for windows to write to it. The real world benefits would be stability, performance and better support of todays needs (huge files, permissions and other metadata)
Slashdot Mirror
Serdar Somuncu
What worries me the most is that according to the guys holding the presentation there was no reponse from the python team on that issue. Also plone, a web platform based on python, they tested their attack against it and notified the plone guys, didn't implement any countermeasures after being notified. This was fixed in perl in 2003, it's interesting that the opensource community didn't bother to check the hashtable implementations of all other languages back then. Are they in competition not telling others that something important needs to be fixed? Java devs, chose not to change their hash algo in 2003 BTW because it is a too integral part. Well the modified version is in use for 8 years in perl, might wanna upgrade it this time ;)
...) implemented are just workarounds that were already available before with the suhosin extension for example. Limiting the number of variables you can POST is a wannabe fix, can be circumvented with JSON for example (given that the app uses json_decode() on the receiving end).
Also the fixes PHP 5.4rc (and tomcat, and
if you need to constantly change an ENUM field, then it is not supposed to be an enum field in the first place... Use a foreign-key to a table which you can easily edit. BTW, you can edit an enum fields definition, it's just a series of clever DDL queries. but again, an enum column isn't supposed to change by design.
the budget for migrating all vienna offices to vista is 8million, the 740 kindergarten machines "just" cost 105k. I am not saying that this is a good thing, since the software that is the reason for the switch is unnecessary no matter on which OS it runs... But still the numbers are wrong.
I can't believe that this made headlines - just do the math 8M divided by 740 - that's 10810 Euro per machine, you could buy server grade hardware with 32 cores and 64gb ram (running linux of course) for every kindergarten, or a single license of vista according to the editors...I thought the former telco monopolys in europe had to open their old networks for the new telcos to even enable some form of competition. I didn't know that new investments after the opening by the now "private" company fall under the same rule. It's no wonder why there's almost no fiber optics rolled out in the EU, because nobody is willing to pay for infrastructure that must be opened to the competition...
Almost all the frameworks, no matter which language they are written in, don't provide the basics for a real world application. What about i18n? I have yet to see a framework where the template system AND the application supports translation of messages.
Customize Authentication? There are more complex apps that don't just require username+password to login (e.g. logon to database - username+password+database depending on the database you may have access or not). Also users may be in many groups, each group having different rights, even each user could have different rights - where the next isssue comes up.
Only few socalled frameworks have rights-management. There are actions that should be restricted to qualified users, like editing customer-accounts, adding new co-workers. There are things that should be displayed only to certain users. Think of current items in-stock of an online-shop. You probably want to show the shops co-workers the real in-stock amount and some info when the next delivery of that stuff is coming and the customers would see in-stock minus 10% and no info on the upcoming delivery - from the same template, only difference is the rights the user has.
These are just 3 examples of missing functionality that keep me from even considering any of those "frameworks".
You are buying a multi-hundred-dollar graphicscard to display the console?
I second that. I'd buy a power5 desktop machine instantly - but it must provide a OpenGL compatible graphicscard with drivers for linux though else the system would be kind of useless, at least for me. Having a machine like that would smoke the x86 boxes the next few years and therefore there wont be a real need to upgrade.
I also wonder how much software really works for it, the power5 being 64bit and all may be a problem for some OSS projects. I'm thinking more about the different GUI apps not server-software, i am concerned that some of them are written with only x86 and 32bit in mind.
You said, YOU are running a server for ONE client. Who is it that needs SSH access to the machine - YOU. What i would do is limit access to port 22 to IP adresses I am going to use. Add your normal internet adresses to the list (like your ISPs IP-block, work, girlfriends isp, ...) And of course you need to add a machine that is alwas up and has no such firewall restrictions (i.e. shell access to your server at home, i know you have one ;-)). This way you can login to the server from your most common locations, and login indirectly to the server using another box as "proxy" in case you are on vacation sitting in an internet-cafe.
i think it's also good practice to generally disallow direct root-logins in ssh-config and only allow shell users having group wheel to su to root.
The standard also includes a label for every form element, which currently does not exist. This is very useful for disabled people - e.g. blind people, their screen-readers can figure out which text belongs to which form element. This is currently impossible.
You also no longer define the type of formelement (radiobutton, selectboxes,...) the browsing tool chooses the most apropriate system. For graphical browsers radiobuttons may be cool, but for screen readers it may read the form like "choose one of the following", and for small display devices a dropdown-menu maybe better as 2 radio buttons plus their label takes up too much screen space.
To me it makes sense, but I know that I wont use XForms anytime soon. Because there's still companies that have MSIE 5 as the only allowed browser in their IT-policy... Creating a web- application for them still includes crazy html and javascript hacks
thanks for pointing that out, i fixed the helo for my server now.
I still think that valid reverse entries should be enforced though. The post you linked to makes a point for small domains - well if the reverse entry is domain.com so be it - tell the mailserver to use domain.com for helo commands. Load balancing systems consist of many mailservers - if i have a system that has 5 mailserver behind one router == on IP then i tell all 5 mailservers to use the correct name for that IP. if i run 5 server using dns-round robin i use correct names for each of the five. what sourceforge does is:
which is clearly not the boxes name sending the mail, even though it could be configured correctly. Maybe i am missing some important point, but i guess setting up valid reverse lookups is possible, and should be checked.I know that the RFC does not enforce this, that's why i _suggested_ to do so. And if the others would do it i would have noticed earlier that my setup is flawed, because others wont accept my mails.
I run my own mailserver and when i tried to add smtp-time spam protection by checking the helo provided domain-name i found out that even big mail systems like sourceforge don't send correct helo information. the smtp rfc requires HELO/EHLO before the MAIL FROM command is issued. if the reverse-lookup of the connecting IP does not match the given domain-name in HELO command simply delay the connection for 20seconds (tarpitting) and close the connection.
This would work very nice because then you can at least identify the spammer (must have domainname + reverse entry which makes tracking down the owner of the domain quite easy) - but it does not because even the admins of big servers arent able to set these basic things up correctly.
I'd love to see these huge ISPs to start forcing correct HELO commands, this way people will start to setup things correctly. This will certainly not stop spam but it will make the senders identifyable (or make owners of hacked machines contactable). I see no valid reason why this basic feature of smtp isn't used. Okay the RFC does not make correct domain-names mandatory for the helo command, but current issues with mails do i think. Use what's there already! and kick the butts of the lazy admins.
The main reason is that found myself building many server applications from source on Debian and Redhat boxes what made install-speed difference from using binary-packages inexistant, because i simply didn't use them often. The reasons for self-building was often my special needs (like having exim with mysql and postgres support) or having bleeding edge software that rocks and helps productivity (subversion, i use it for over a year now). I always documented what i did when installing from source to be able to reproduce eventual problems and to remember the ./configure flags.
When i switched to gentoo i still document my installs but the documentation shrunk by at least 50%, because many steps are done for me by the very cool portage systems and its ebuild files. If i need exim with mysql an postgres support i simply run:
USE="mysql postgres" emerge eximAnd that's it, exim is installed with config and log files at nice locations and fully working without the need of doing anything by hand. When updating my servers i use the binary package feature of portage, i build the package on a lan-server where cpu-usage is no issue and then i install it from the binary package on the target machine w/o the need of compiling it (or waiting for the compile to finish, which can be a pain when many servers need the OpenSSL update for example).
I like the portage system because my systems software is fully customizeable with a minium of work involved. And if something doesn't work i simply fix it in the ebuild files, which are easy to understand and modify. When a newer release of some package is out, but the ebuild is missing, simply rename an older ebuild to the new version number and try to emerge it, it often works.
New cars really don't need oil change more often, of course offroad or race cars are different. If i owned such car i sure as hell want to be able to tweak it. My point was that joe averages car doesn't need to be customizeable - and in fact they aren't. The main reasons i see are technological advances like injection-controller-chips, and car companies want to have more work == money for their contracted-garages and spare-parts.
When i was serving in the army i drove trucks, mainly a "Steyr Pinzgauer" - there were 3 tools in the car: a hammer, a screwdriver and a screw-wrench. Out of curiosity i tried where the wrench would fit - everywhere, literally everywhere - i probably could have taken the engine apart and reassemble it using these 3 tools. This kind of car needs to be like that, because if you are stuck in the desert/mountains/wherever you'd better be able to fix that car yourself. But this car has no turbo for its engine, no direct injection, no silicon-chip in the whole car, no steering-support ("servolenkung" in german), it has no windowwashing system (there's a foot-operated-pump to spray water on the windshield ;)), it has no aircondition, no radio, no real heating sytem (engine is cooled by air only)... This certainly isn't a comfort car (well the military version at least) and there's the difference - it doesn't need to be compact or comfortable it needs to work and if it doesn't it must be fixable by anybody. And it needed to be fixed quite often during my time at the army. What it can do is go anywhere offroad and of course it looks cool when you have the 6x6 wheels version ;). BTW i love this car for all it does and doesn't, when i have enough money to fund a second fun car i will buy one of them.
Cars younger than 4 years aren't built with those principles in mind and that's why i see no point in being able to pop the hood of a new car, i wont (and i don't want to) be able to fix anything on those sealed car engines with direct turbo diesel injection and whatnot. I don't want a car that needs a fixup every month. I want to be sure that it starts anytime of the year and takes me where i want to. A second car behaving like the 1979 VW bug of my sister is fun to work with and tune, but if it's broken she just uses her normal car which she also expects to simply work.
I'm serious here - I've looked under new Turbo-Diesel hoods of VW and Audi - what exactly do you want to fix there? You may want to refill windshield-washer fluid, but that's about it. Please don't tell me you need to refill Oil on these cars, this will be done anyway on the 2 year checkup - which is sufficient and has to be done anyway, else your car wont have its license continued.
Access to the battery is not easy too, and mechanics told me to not give starting support to other cars because this can mess up other electronics in the car. I don't understand why anybody needs access to pop the hood of his new comfort car. Okay you may be able to fix most things up to Golf 3 but certainly not for 4 or even 5. Even the mechanics can't fix most stuff - they replace it. This of course leads to higher costs for the customer, it takes more time to replace some engine chip than to reconfigure some engine screw for an old beetle.
They also build many things on purpose in a way that only experienced people can repair them. It sucks that they do it, but in many cases it wouldn't help even if you had access to these parts. There are some things beside the engine that make me angry too - for example changing speakers for a Golf 4 or front light-bulbs... a lot more work than it was on my Golf 3. But i still don't understand what you want to do in new cars engine compartment.
And to the guys mentioning what to do if there's an engine-fire - i suggest running away a few meters and call the fire-brigade. Or did you want to pop the hud and fight against it with your tiny incar-fireextinguisher? And even if you had success by doing so - what next, start the car and continue travelling?
To me at least. All those popup ads were seen by the vast majority of internet users. Now when the most popular browser disables popups the advertisers will stop using popups and start to concentrate on those pop-ins, flash and whatnot within the normal page.
And that's what scares me - how do i block advertisement flying across the screen on a dthml-layer? How would a browser choose between useful content and advertisement in order to block it? I can see me running Mozilla with CSS and DOM scripting turned off in the not so far future... or switching to links on console ;)
I run 2.6.0beta8 with a serial ata drive. The issue i have with it is when i mount a cdrom i get the kernel message "Disabling IRQ #18" which slows the system horribly down because irq 18 is the irq of the SATA controller.
Same message appears when i add devfs support (gentoo likes it). I don't run devfs or mount cdroms, and the machine works w/o problems. I very seldom need access to CDROM or DVDs so its no problem for me, YMMV...
ac patches have a different SATA code, but it exists only against 2.6.0beta1 afaik. You might want to try this one.
I wonder why that is not against the patent. No matter how you insert your flash media - the plugin will get loaded seemlessly, which is what the patent is all about afaik. I see no difference in having static html code or dynamic JS code that links to media, in the end it will load the plugin without user interaction (unless the user has disabled JS).
I know that this workaround is from microsoft, but i don't see the real difference. Anyway i don't think this change will affect end-users, because web-professionals will update their pages to avoid the messagebox and lame users wont update their browsers (and therefore avoid the messagebox w/o knowing itok it doesn't omit " with attributes and seems to create clean code after a few quick tests - but it still uses the font tag, which is deprecated in HTML 4 and not in the XHTML specs.
Besides that it should already support stylesheets. Like using MS-Word you create a style for a paragraph, headline or whatever and re-use the same style for all repeating instances of these page-elements. The advantages using CSS would be - People know how it works to define styles in Word, they can change the style of the whole document afterwards without marking and changing all paragraphs separately, it saves a lot of bandwidth (no tags within tags, or tags with color definitions all over the place) and of course it would be valid XHTML styled with CSS.
this is a database after all. It would be cool to have this filesystem know all files that exist on my CDs, DVDs and remote filesystems (a.k.a. all files at home i can access in some way). This way i can figure out that file 'xyz.mp3' is on a CD named 'many albums' folder 'xyz'. this can be expanded to "import" the filesets of all my friends. The advantage would be that i can search for stuff that's not actually located on my pc but still know "where it is" and use metadata (id-tags, ...) to search for it. I can access the files later (by telling my friend to send it to me, by grabbing the CD or booting the remote machine...). What do you think about that idea?
i see a practical application for this - use the cracked signal when being in a cinema/theater/you_name_it _before_ the movie/show/whatever starts - all lamers that have turned on their ring-tone will turn their phones off before the show starts. Why you ask? Because during advertisements/entry the light is still on, the signal makes all phones ring and then everybody annoyed by the sound can easily spot the lamer(s) and tell them to shut it off, or kick him when it rings again during the show ;)
Because I use Road Runner residential class network access, your scheme will always block me as well, because I don't have access to the reverse DNS.
Well, all providers i know here in europe at least have setup domainnames for all the IPs they own. So what your mailserver needs to do is send a HELO with that domainname. Or another option is to send out a HELO [123.123.123.123] (your IP in brackets) which is valid too. This way i can check if your HELO domainname/IP matches the name/IP of the connecting machine, nobody forces you to use a domain-name.
filters are all nice and good, and i use them but as you correctly mentioned - identifying spam at smtp level lowers bandwidth usage a lot. This may not be a problem for US citizens but not everybody has access to unlimited traffic connections...
I personally see myself running around with a 2 liter camelbak filled with whatever the fuel-cell requires ;) Then I'd try to directly hook it up to the laptops cell. That makes refills necessary once a week or so, and carrying the "battery" with me is quite comfortable too. I guess refillstations will never be visited by geeks. Everybody will create the fuel at home as this stuff is cheap and can be bought everywhere, unless they switch over to use hydrogen.
If mailservers had valid reverse-DNS entries and would send their real name with HELO at the start of SMTP communication a lot of spammers were not able to spread their stuff.
If i enable checking of HELO domains almost all spam is gone, but also a huge number of valid email servers too (sourceforge.net for example) simply because they are setup incorrectly when it comes to HELO and DNS stuff. If DNS and HELO commands were setup correctly (and are checked at the servers) then spammers cannot stay anonymous like now, because they have to use their real domain-name (registered to somebody) have to setup valid reverse lookups (IP adresses normally belong to the ISP - so the ISP has knowledge of who requested which reverse domainname). Now i can log who sends me spam and can identify the person behind it, or blacklist the server. The problem is that correct HELO is not a must in current smtp rfc and people don't give a shit about correct dns setups.
Being more strict on SMTP will not stop spam, but it will make it harder for spammers to stay anonymous and operative (blacklist-servers) plus there's no need to pay a CA to issue SSL certs for all my domains.
Umm, i guess he bought a 250GB drive because he needs that much space. The files he stores there should be stored in a reliable way, because he copies Database-backups and the likes. Databases can require files bigger than 4GB easily. Same goes for video Editing (although that's not what he is doing). Say you need a 41GB backup of a database and only have 40GB sized partitions...
If i wanted to exchange sensible data i wouldn't choose FAT32. I have lost enough data to some corruptions in the allocation table of FAT when i used it (before i switched to NTFS in 1998). A bad sector on your harddrive where your allocation table is stored and your filenames/directories are no more readable ... plus there's no journalling for fat32. It's a removeable drive - i wouldn't use a filesystem w/o journalling on such device. I use NTFS for many years now and i never lost data due to file-system corruption.
Next disadvantage - block size of fat32 - copy many small files to a fat32 partition that's 40GB in size and measure its real space requirements - then do the same with NTFS - huge difference.
I can understand his need for a different file-system but i know no useful alternatives too. I'd use a small computer with gbit ethernet (or tcp/ip over firewire - windows, mac and linux can do that) and samba on it. Or use ext3 and some commercial drivers for windows to write to it. The real world benefits would be stability, performance and better support of todays needs (huge files, permissions and other metadata)