Is that really necessary for most people? Most the new (desktop) motherboards I have seen have plenty of PATA and SATA plugs. Certainly PATA will eventually be phased out in favor of SATA (like ISA has disappeared as far I can tell), but such an adapter seem extraneous for the time being unless you have some non-standard setup -- in which case you would probably buy an SATA PCI card instead.
Yes, that is why Apple computers use EFI instead. Linux has had EFI support for a while, and Windows has it in some versions, although that page says Vista currently does not support it. According to that article, some x86 computers already ship with EFI using a BIOS legacy compatibility layer (including Macs for Boot Camp to work), and it links to an Intel page saying that they are in the process of switching over to EFI (once again with BIOS compatibility for now) for their motherboards. I suspect EFI will mostly replace BIOS on new hardware within a few years.
Privoxy will rewrite the HTTP referrer of your requests. I think it uses the root of the server by default. Personally, I have stopped using it because Firefox with extensions is better/easier for adblocking... it seems like there should be a Firefox extension for referrer changes. Anyone know of one that I am missing?
The GPL as used by the FSF has a clause saying any later version of the license may be used. So code licensed under that is effectively multi-licensed GPLv2, GPLv3, GPLv4 (even though it currently does not exist),.... Linux's license does not have the "or later" part of the license, so it is GPLv2 only, although a contributor could dual-license their contribution as GPLv2 and any other license they want, including GPLv3.
If something goes wrong making a computer unbootable, I usually boot up Knoppix and check to see if anything is recoverable. If you can read the hard disk, but it is really messed up, then your best bet is probably copying off any meaningful settings or data and wiping the disk. If you cannot even get that far, TestDisk is pretty good at recovering partitions which are not too far gone. That is as far as I have gone in recovering hard drives.
That said, no device will fare well with bad RAM. Check reviews, etc. and make sure you are buying from reputable companies.
Sounds like the Debian Popularity Contest, except for all distros instead of just Debian (and Debian based?). That is for package popularity, but it appears to count number of installs reporting info as well.
Good point. Ignoring whitespace is not trivial and differs among languages. Amusingly, your post ended up formatted wrong because HTML ignored your whitespace.
Eclipse has a highly customizable Java code formatter. Although in my experience it has been slightly buggy (ex. one version would not re-wrap 81 character lines) and does not tend to be quite perfect, I find it quite useful.
2. Not an example. Who has proposed a restriction on peaceful demonstrations? Did you see where Cindy Sheehan bought a house in Crawford TX to protest for years on end?
There seems to be a trivial solution to this, although it does impact ease of use: the user has to press a button on their card to accept a transaction. Even better if there is a screen on the card showing the amount of the transaction. Then again, this would make the card more expensive and may not be considered worthwhile. Also, it would just narrow the window for the attack you described. It would still be possible, just more difficult.
Why don't you just write a modified client that claims to be signed by the vendor? Or have your cheating program run somewhere between the client and server? Signed game executables for trusted multiplayer seems like a rather silly way to prevent cheating.
I am planning on buying a new desktop this summer and am currently looking at the Core 2 Q6600. (Hmm... next price drop is July 22nd, probably waiting until then.) So I have two questions:
When will I be able to buy an Intel processor which does not have these flaws?
Are these flaws really serious enough to make buying a Core 2 a bad idea?
Actually, I was just pointing out that IE is not required for downloading Firefox on Windows. Anyway, the bundled command line ftp client (up to Windows XP at least; I have not checked on Vista) is an old build of the standard BSD FTP client. I assume that Microsoft made little or no modifications to the code.
GNU/Hurd is yet another Unix kernel. It just happens to be the one developed by FSF and was originally intended as the primary kernel for GNU systems before Linux came along and got developed much faster. (Although, Hurd is still indevelopment.)
On the other hand, Plan 9 is an entirely new OS design made by the original developers of Unix attempting to take the Unix "everything is a file" philosophy to the extreme.
I think there will be very few 32-bit processors left outside of embedded systems in 2038. My system currently uses 64-bit time_t, and I assume most others do as well nowadays.
Wikipedia on how long copyright lasts. In short, yes, some were retroactive, but the cutoff date seems to be 1923. Anything copyrighted before then is public domain.
The DivX codec name was intended as a joke on the Circuit City system. (ref)
The lack of physical media problem can be fixed simply by burning your own copy or, even better, keeping backups on an extra hard drive. Of course, for those to be useful, the video files have to be unencumbered. No problem, the DRM will always be broken, right?
I think the GP was referring to the measures in the constitution allowing for the states to amend the constitution without intervention from the national level. See Article V for the procedure.
I suppose it is possible that if the states got together intending a large enough change that it would effectively strip the federal government of power, in other words, a legal non-violent revolution. The federal government could still choose to use military power to stop that, but it seems unlikely and the public would (hopefully) be outraged.
You don't understand. In order to filter the SSL traffic, you first have to intercept it, decrypt it, and then repackage it for further transport.
Yep, that is correct. In particular, you have to have the box in the middle acting like both a client and a server and making a SSL self-signed certificate for the real client to see.
Put simply, in SSL, like any other encryption system, you have to trust someone. For HTTPS, your browser has a list of public keys of whoever you trust to sign website certificates. Looking at it another way, that is a list of people who you explicitly allow to man-in-the-middle any of your HTTPS connections. That is what it means to trust them. (You might also say they are people you expect not to do so, but that is not true in this case.) The way these devices apparently work is to have the system administrator add the device's public key to each client's list of keys of people allowed to perform man-in-the-middle attacks, errr... I mean, list of trusted keys.
If you don't consider that "broken", considering that SSL was never intended to be that way (except between endpoint and server) then I'm afraid I can't help you.
SSL allows trusted systems to break your security. No, I do not consider that broken. Hey, that's actually the definition of "trusted system"!
Or you could use Core Force (Wikipedia article) where the full version is free as in beer and supports per application file system and registry checks as well as network connections. And also can be uninstalled if you wish unlike ZoneAlarm.
Neither of those links you provided has any evidence that SSL/TLS has been broken. They are both about web filtering devices that claim support for HTTPS filtering. I assume they work by requiring the device's certificate to be added as trusted on all of the clients, and it is performing a simple man-in-the-middle attack.
If there were actual security problems with SSL/TLS, that would be major news as it would mean e-commerce is not secure. There would be mention of it somewhere other than a side comment in a product announcement.
Slashdot Mirror
Is that really necessary for most people? Most the new (desktop) motherboards I have seen have plenty of PATA and SATA plugs. Certainly PATA will eventually be phased out in favor of SATA (like ISA has disappeared as far I can tell), but such an adapter seem extraneous for the time being unless you have some non-standard setup -- in which case you would probably buy an SATA PCI card instead.
Yes, that is why Apple computers use EFI instead. Linux has had EFI support for a while, and Windows has it in some versions, although that page says Vista currently does not support it. According to that article, some x86 computers already ship with EFI using a BIOS legacy compatibility layer (including Macs for Boot Camp to work), and it links to an Intel page saying that they are in the process of switching over to EFI (once again with BIOS compatibility for now) for their motherboards. I suspect EFI will mostly replace BIOS on new hardware within a few years.
Privoxy will rewrite the HTTP referrer of your requests. I think it uses the root of the server by default. Personally, I have stopped using it because Firefox with extensions is better/easier for adblocking... it seems like there should be a Firefox extension for referrer changes. Anyone know of one that I am missing?
The GPL as used by the FSF has a clause saying any later version of the license may be used. So code licensed under that is effectively multi-licensed GPLv2, GPLv3, GPLv4 (even though it currently does not exist), .... Linux's license does not have the "or later" part of the license, so it is GPLv2 only, although a contributor could dual-license their contribution as GPLv2 and any other license they want, including GPLv3.
If something goes wrong making a computer unbootable, I usually boot up Knoppix and check to see if anything is recoverable. If you can read the hard disk, but it is really messed up, then your best bet is probably copying off any meaningful settings or data and wiping the disk. If you cannot even get that far, TestDisk is pretty good at recovering partitions which are not too far gone. That is as far as I have gone in recovering hard drives.
That said, no device will fare well with bad RAM. Check reviews, etc. and make sure you are buying from reputable companies.
Sounds like the Debian Popularity Contest, except for all distros instead of just Debian (and Debian based?). That is for package popularity, but it appears to count number of installs reporting info as well.
I am pretty sure that with HTTPS you can only tell what server the client is connecting to, not what URL on that server they are accessing.
Good point. Ignoring whitespace is not trivial and differs among languages. Amusingly, your post ended up formatted wrong because HTML ignored your whitespace.
True, it is a problem. Why can't diff just ignore whitespace?
Eclipse has a highly customizable Java code formatter. Although in my experience it has been slightly buggy (ex. one version would not re-wrap 81 character lines) and does not tend to be quite perfect, I find it quite useful.
See: Free speech zones
Notably, the examples in that article are by both Democrats and Republicans.
There seems to be a trivial solution to this, although it does impact ease of use: the user has to press a button on their card to accept a transaction. Even better if there is a screen on the card showing the amount of the transaction. Then again, this would make the card more expensive and may not be considered worthwhile. Also, it would just narrow the window for the attack you described. It would still be possible, just more difficult.
Why don't you just write a modified client that claims to be signed by the vendor? Or have your cheating program run somewhere between the client and server? Signed game executables for trusted multiplayer seems like a rather silly way to prevent cheating.
I am planning on buying a new desktop this summer and am currently looking at the Core 2 Q6600. (Hmm... next price drop is July 22nd, probably waiting until then.) So I have two questions:
Actually, I was just pointing out that IE is not required for downloading Firefox on Windows. Anyway, the bundled command line ftp client (up to Windows XP at least; I have not checked on Vista) is an old build of the standard BSD FTP client. I assume that Microsoft made little or no modifications to the code.
Personally, I always use FTP to download Windows Firefox builds.
Hehe, I am not sure if that should get counted as typo or a Freudian slip seeing Hurd does indeed seem to be getting nowhere.
GNU/Hurd is yet another Unix kernel. It just happens to be the one developed by FSF and was originally intended as the primary kernel for GNU systems before Linux came along and got developed much faster. (Although, Hurd is still indevelopment.)
On the other hand, Plan 9 is an entirely new OS design made by the original developers of Unix attempting to take the Unix "everything is a file" philosophy to the extreme.
I think there will be very few 32-bit processors left outside of embedded systems in 2038. My system currently uses 64-bit time_t, and I assume most others do as well nowadays.
Wikipedia on how long copyright lasts. In short, yes, some were retroactive, but the cutoff date seems to be 1923. Anything copyrighted before then is public domain.
The DivX codec name was intended as a joke on the Circuit City system. (ref)
The lack of physical media problem can be fixed simply by burning your own copy or, even better, keeping backups on an extra hard drive. Of course, for those to be useful, the video files have to be unencumbered. No problem, the DRM will always be broken, right?
I think the GP was referring to the measures in the constitution allowing for the states to amend the constitution without intervention from the national level. See Article V for the procedure.
I suppose it is possible that if the states got together intending a large enough change that it would effectively strip the federal government of power, in other words, a legal non-violent revolution. The federal government could still choose to use military power to stop that, but it seems unlikely and the public would (hopefully) be outraged.
Yep, that is correct. In particular, you have to have the box in the middle acting like both a client and a server and making a SSL self-signed certificate for the real client to see.
Put simply, in SSL, like any other encryption system, you have to trust someone. For HTTPS, your browser has a list of public keys of whoever you trust to sign website certificates. Looking at it another way, that is a list of people who you explicitly allow to man-in-the-middle any of your HTTPS connections. That is what it means to trust them. (You might also say they are people you expect not to do so, but that is not true in this case.) The way these devices apparently work is to have the system administrator add the device's public key to each client's list of keys of people allowed to perform man-in-the-middle attacks, errr... I mean, list of trusted keys.
SSL allows trusted systems to break your security. No, I do not consider that broken. Hey, that's actually the definition of "trusted system"!
Or you could use Core Force (Wikipedia article) where the full version is free as in beer and supports per application file system and registry checks as well as network connections. And also can be uninstalled if you wish unlike ZoneAlarm.
Neither of those links you provided has any evidence that SSL/TLS has been broken. They are both about web filtering devices that claim support for HTTPS filtering. I assume they work by requiring the device's certificate to be added as trusted on all of the clients, and it is performing a simple man-in-the-middle attack.
If there were actual security problems with SSL/TLS, that would be major news as it would mean e-commerce is not secure. There would be mention of it somewhere other than a side comment in a product announcement.