So how do you think just being at a public point is going to give you access to put things anywhere you want on the internet? I don't expect many public access points will give you access to a mail or news server (if you need to check your mail you'll likely have to use a web based service, or at the very least connect back to your own mail server (although the normal mail port will likely be blocked)). You don't just send a virus down the wire, you have to deploy it somehow, and that isn't going to be any easier to do at a public access point. Certainly not a major one like would be at an international airport; if you do find a system without good port blocking it will more likely be at the mom and pop operations in your own home town offering free access in their coffee shop, or even driving around and finding someone who just plugged in an access point at home without enabling any security than hacking at "these kinds" of WiFi access point like the subject here.
Don't think that you are completely secure and private when operating from such an access point anyway. You still have a MAC address. If you want to believe that Tom Ridge and John Ashcroft don't have a database with your MAC address in it, that's your business, but more than one computer user has learned the hard way that the MAC address identifies them.
Google is great for a quick, lazy first pass. But there is a lot of information out there that Google never indexes, and some of it is full of interesting stuff. Several years ago a company I was working for tried to do a I.P.O. Curiously, the copy of the paperwork that they released to key people internally didn't have the good information in it. But I found the real I.P.O. paperwork on the Security & Exchange Commisions website (www.sec.gov). Great reading. They had to include the salary and perks of the President and all the V.P.'s (including the one I reported to).
I don't know why Google never indexes this stuff, it's clearly public record and can be of interest to a lot of people, but they never did (I checked them many times, including just now, and they show no indication of the document). I wonder what other good government documents are out there if you only know where to look for them.
Boy, how can I buy this. I would much rather have a slightly crippled version rather than the massively crippled version that Microsoft supplied my OEM for use with my notebook.
Right, but the advantage of port knocking is that the single port doesn't exist until the secret knock is given.
How can you calim that the single port doesn't even exist until something happens on the other ports? All of the ports are considered either closed or stealth until the knocking happens, it's only a special sequence of packets that opens the target port to a normal application. They either all exist or they all do not. It hardly matters if what is in the magic sequence of packets that causes the desired port to open is a set of port numbers and some time delays, or other information in the packet (send me a UDP packet, two TCP packets, then two UDP packets and finally wait 3 seconds and send me a TCP packet, all to the same port, and I will open the port with the expected application for your IP address, for example). And this is a very simplistic example; there is a lot of information that can be sent in the packet, even without getting into things like spoofing. Knocking is a cute idea, but in reality it adds complexity when there are NAT routers in the system, and that complexity really isn't needed. There are plenty of other ways to acomplish the same thing by changing other parts of the packet than the port number.
In reality, there is one TCP/IP stack. The port number is just a software abstraction on where to send the data. Knocking with different port numbers is no better than knocking by changing other data in the IP packet. But changing the port nuumber does make knocking this way harder if the device is behind a NAT router. (and most routers would not support very many applications with many port numbers in their knock sequence, while if other techniques were used that depended on a single port, then any reasonable number of servers could be behind a NAT router).
Is "Linux x86 assembly" any different to any other kind of "x86 assembly"?
There certainly are differences, and those differences will be extremely important to someone just trying to learn assembly. Without knowing what system the book is based on, if someone were to try learning assembly on a different system using the book they would be completely lost. A few things that come to mind include:
The API that you are working with. It matters a lot of you are trying to interact with a terminal if you should use a DOS system call, the Win32 API, a Linux system call, a BIOS call, or directly manipulate the hardware with machine instructions.
The Assembler itself. Different assemblers might include different directives, macro support, and other features. If your trying to introduce a new programmer to the mysteries of assembly language, it's important to make this as clear as you can, not leave it to the user to figure out the differences.
How to evoke the assembler. Remember, we're talking about teaching from the beginning here. It's important that the user know the right way to start the assmembler, both in what command to run and what switches it needs. Looking back at some old DOS products it is important to know if he needs to do a seperate "bind" step as well, and to let him know how to run, test, and even debug the result.
So yes, making clear that the book is for Linux assembly and not for another platform like Windows assembly is important.
The best Analog Approach to Displaying Data I've ever seen was taking a computers address bus and splitting it into two parts and feeding each part into a D to A converter. The output of the D to A converters was displayed on an O-Scope. You could watch where the program was running, where the OS and the application were, where data was accessed, and where the computer was spending most of it's time on a pretty simple device.
Any good admin knows the most secure system is one that is listening on as few ports as possible.
Good point, but it's important to remember that a port doesn't really exist, it's only an abstraction in the TCP/IP stack anyway. So if we are talking about a computer "actually connected directly to the Internet", it makes little difference if the secret handshake to access a service in a computer as accessed by an order of packets received with different port numbers, or with different packet types sent to the same port, or by any other identifying data in the packet.
With more and more devices behind NAT routers, this distinction does start to matter. Unless the router knows about the knocking, this system has problems that a single port system would not have. On the other hand, if port knocking (or any other sort of identifying handshaking) was built into the NAT router, it could do a great job of idetifying authorized users and switch them to the proper system on the local LAN, which could then run with common software that did not need to be programmed to deal with the knockers.
If the order of the knocks is important, how do you get around that there's never a guarantee in what order network packets arrive?.....
Sure, while you don't have a guarantee that the packets arrived or the order in which they do, the truth is that in a real world situation most packets will arive and will arive in the proper order, particularly if they are sent with delays in the order of several hundred milliseconnds or more (that is, several tenths of a second or more). If somehow the knock doesn't go through, you knock again. If you still fail then you likely don't have a good enough connection for reliable use anyway. Obviously there might be some exceptions to this (like a web server connected to a cell phone), but in most cases dropped and out or order packets would not be an issue.
That said, I do agree with the post that made the point that anything that can be done by port knocking can generally be done better with information sent on a single port.
Computational challenge is a dream of those who haven't (or can't) think it through. The spammers are usually in league with the ISPs. Don't for an instant think that a rogue ISP who is letting the spammers send email (or a spammer who is acting as their own ISP) would really apply a real computational challenge any more than they would charge a real postage fee for each spam. It would affect you and me. It would kill that 30,000 piece newsletter. It would stop/. from notifying you when someone responds to your email, as well as other business related email like shipping notification, order tracking and rebate information, but it would not stop spam. It would do the opposite, the damn spammers would claim that since they "paid" the computational challenge that their spam was somehow more valid,
And a computational challenge would sure as hell stop me from forwarding the hundred to two hundred or more spam emails I get each day to uce@ftc.gov. So there woul,d only be negative effects from a computational challenge or from postage, not positive ones.
This pretty much says it all. If there's a postage charged for email then email will become all spam, not spam free.
The first to go will be lists like the above, no free newsletter is going to be able to justify paying postage on mailings of 30,000 or more.
Along with that will be the automated emails. Think/. will still email you when someone responds to your post if it costs them? Think again. You will not get email order confirmation, notice about your rebates, shipping tracking information, or other automated business related email that you want either.
Some people might pay a micro payment on some email, but others will not. Rather than being the killer app for the Internet, email will fall into disuse.
While all of this is going on, the spammers are not going to be slowed one damn bit. If they could be held accountable they would be stopped already. They will either continue to sign up for throw away accounts and then abandon them and not pay for the email, or they will continue to make their deals with shady ISP who damn well know they are spammers and let it slide. If a spammer has a deal with an IPS to send spam you can bet he isn't really going to pay the ISP postage fees. Worse yet, the claim will be made that the spammer is paying postage fees, and that those supposed fees omehow make it legitimate for then to cram your mailbox with spam for the p3nis patch and the paris hilton video xjrf.
And one other effect it will have is that I will certainly not pay to forward all the hundreds of daily spam I get to utc@ftc.org, and other spam fighters will see their complaints of spam dry up too.
In short order, much of the valid uses of email will come to an end because of this "postage", and spammers will continue completely unaffected. And it seems hard to believe that Yahoo and Microsoft don't already understand this.
and getting a letter from the FTC won't change that (in most instances.)
Actually, if I got a letter from the FTC I might well look into what it said. But if I got an email supposedly from the FTC, I would likely just ignore it without even opening it (after forwarding a copy to uce@ftc.gov).
Nothing. Loved the books. Enjoyed the BBC video, enjoyed the BBC radio play. Will not have it ruined by Disney and their idea of a rewrite. I'm so opposed to seeing this that I wouldn't even download it from the web.
Ok, it was a joke, but the joke would have been funnier and the point would have been better made if you used the real numbers, not ones you just made up. XP takes about 1.7 gig of hard disk space to install (varies slightly based on install options, but most of it is waste the user can't control installing drivers for things he never will have). ME is quite a bit more than 50 meg as well, Win98 took about 150 meg minimum to install, and ME was of course even more bloated.
The real issues here is how much bloat and stealing of computing cycles is going into this software that the user neither wants nor needs. Imagine how much computing power is needed to do the image recognition to look at any image and decide if it contains any "forbiden" image, at any angle, before printing it. And the user pays for this, both in wasted memory for that printer "driver" and in computing cycles and time wasted waiting for that software to be run on every page you print.
Wow! If you could get 5000 geeks to give just 10 bucks a piece, then that $1,500,000 towards an $8,000,000 million goal would grow to $1,550,000! If you could get 10,000 to donate $25 each you would grow the $1,500,000 to $1,750,000 (not that such numbers are very likely). And, of course, that doesn't even take into account Paypal's charges for doing this! And you think people are going to do this to preserve a discarded tin can? Don't we have better causes to focus our funds on?
As already pointed out, exchange and then return can solve the "policy". I doubt that I would even bother to walk out the door, once I had my unopened copy in my hands I would look right back at the person who gave it to me and say "now I want to return this unopened copy for a refund, as per store policy".
Another perfectly effective technique is to point out that there were terms of use that were not printed on the outside of the box, disclosed only after you opened the box or even after you started to load the software, that you did not accept. As per the products instructions, you are returning the product to the store for a refund.
I'll also note that a lot of the software I buy does not get loaded onto my primary system as soon as I buy it. With all the software problems out there, and manufacturers who claim in their "license" that if the software destroys all of your data because of problems that are clearly of their making it's somehow not their fault, I often test install software on an older backup system before I put it on the main system (about the only exception is if the old system doesn't have the hardware to support the software). I've seen several pieces of software that actually will damage a system, and a few more that will completely destroy a system when you do the uninstall. If the software maker doesn't take responsibility for what his own product will do to your system and you have to, then you certainly need the ability to do your own testing before you put it on a system with important data. Software that prevents that goes back.
Intuit learned the hard way last year that even people usig tax software will only put up with so much in the way of restricting use of someting they legitimately bought and expected to be able to use. If you want to accept the store policy additude, then go ahead and bend over, but I hope most gamers have at least as much sense to stand up for their rights as the people who made Intuit change their invasive and restrictive system.
Their policy be damned. My policy be that it's suitable for use, and that includes not stopping me from upgrading my system when I want to. My policy is that they disclose any reason why the product isn't suitable at the time of sale or they buy it back, and none of those damn "restocking charges".
Yes, they've told me store policy at times when I've had to return something, but I've received a full refund on everything from software (once the package was opened the instructions told me to send in more money for parts of the program that they left out of this version, was in previous versions and something I felt I needed to use it properly) to a notebook (not at all as salesman had represented). I've never had anyone try to call the cops. Normally you can deal with people very calmly and civilly and make your point. But on rare occasions when it's clear that you're dealing with an asshole who wants to hide behind "policy" and isn't going to give you the same courtesy of treating you as a person as you are showing them, and there is no higher-up available, speaking up for your rights can be an effective way to deal with the situation.
One hint, which may not apply to most Slashdot readers: If you're going to make a public stand, it may better to not do it when your girlfriend is around. Some females are bothered by it. On the other hand, one who isn't is certainly a "keeper".
I change computers every few years, and I seem to be behind the curve contrasted to many of my friends. I do buy games; I would think not many until I look at the book shelves next to me and realize how much I've laid out for games. When the games start getting so invasive that I can't move them to my next PC (which would be the same as not letting me lend a game I was done with and not using to a friend), I'll be back at the store making a loud and ugly sceen until I have a refund.
I have a few theories on why that is
on
BSD For Linux Users
·
· Score: 5, Insightful
'It's been my impression that the BSD communit{y,ies}, in general, understand
Linux far better than the Linux communit{y,ies} understand BSD. I have a few theories on why that is,
Perhaps for the same reasons that the Branch Davidians or the Ralieans knew more about the Cathloics than most Cathloics knew about the Branch Davidians or the Ralieans? Maybe Linux is just a much more widespread cult than BSD.
"They" are exposing our food to radiation and not telling us about it on the package. "They" are feeding us Frankenfoods and not telling us about it (in the U.S.) Even with all the known dangers of Mad Cow, "they" feed rendered cows to chickens, and then turn right around and feed "chicken scratch" (which includes stuff that has not passed through the chicken as well as stuff that has) back to the cows in the U.S. This and hundreds of other much more serious issues go on all around us, but these people are wasting time (and environmental crediability) by fighting little fish (that don't really glow without the help of a black light, by the way)! Sure, these fish might get out. So might any of the other tropical fish in the hobbly. Most, like these fish, would not survive. Heck, regular zebra fish have a much better chance to survive in an echo system as an alien species and affect it than these toys do.
I'm not crazy about a world of genetically modified creatures, but there are more important things that already affect our lives that these people should be going after, not likely harmless little red fish.
I think it sucks that Adobe did this, and for a quite different reason than anyone else is saying. Sure, presumption of guilt rather than innoence, prior restraint and all of that are reasonable arguments, but the reason I think it sucks is this:
Whenever I get or try out a new scanner, I scan a $20, $50 or $100 bill. Not to copy it - I scan it to see how well the scanner picks up the microprinting around the portrait. I find that this is a very good test of scanner quality and can easily show some serious scanner problems. Of course, its a good test of scanner resolution, but it also helps detect problems with registration between the colors.
For now I can keep an old copy of Photoshop around, but at some point I'll be running on Hardware and Software that will not support the old copies of Photoshop (You should see how confused Photoshop 2 gets with the memory in modern computers). When it's finally gone I'll miss the ability to scan the microprinting on a bill. Maybe blocking out part of a bill will work, maybe not, it all depends on the secret blackbox software they use with each version.
Slashdot Mirror
two words: port blocking
Don't think that you are completely secure and private when operating from such an access point anyway. You still have a MAC address. If you want to believe that Tom Ridge and John Ashcroft don't have a database with your MAC address in it, that's your business, but more than one computer user has learned the hard way that the MAC address identifies them.
Is someone dylexic or just trying to be cute? Wouldn't OWL be Ontology Web Language?
I don't know why Google never indexes this stuff, it's clearly public record and can be of interest to a lot of people, but they never did (I checked them many times, including just now, and they show no indication of the document). I wonder what other good government documents are out there if you only know where to look for them.
Boy, how can I buy this. I would much rather have a slightly crippled version rather than the massively crippled version that Microsoft supplied my OEM for use with my notebook.
mmmmmm...... Danish!
How can you calim that the single port doesn't even exist until something happens on the other ports? All of the ports are considered either closed or stealth until the knocking happens, it's only a special sequence of packets that opens the target port to a normal application. They either all exist or they all do not. It hardly matters if what is in the magic sequence of packets that causes the desired port to open is a set of port numbers and some time delays, or other information in the packet (send me a UDP packet, two TCP packets, then two UDP packets and finally wait 3 seconds and send me a TCP packet, all to the same port, and I will open the port with the expected application for your IP address, for example). And this is a very simplistic example; there is a lot of information that can be sent in the packet, even without getting into things like spoofing. Knocking is a cute idea, but in reality it adds complexity when there are NAT routers in the system, and that complexity really isn't needed. There are plenty of other ways to acomplish the same thing by changing other parts of the packet than the port number.
In reality, there is one TCP/IP stack. The port number is just a software abstraction on where to send the data. Knocking with different port numbers is no better than knocking by changing other data in the IP packet. But changing the port nuumber does make knocking this way harder if the device is behind a NAT router. (and most routers would not support very many applications with many port numbers in their knock sequence, while if other techniques were used that depended on a single port, then any reasonable number of servers could be behind a NAT router).
There certainly are differences, and those differences will be extremely important to someone just trying to learn assembly. Without knowing what system the book is based on, if someone were to try learning assembly on a different system using the book they would be completely lost. A few things that come to mind include:
The API that you are working with. It matters a lot of you are trying to interact with a terminal if you should use a DOS system call, the Win32 API, a Linux system call, a BIOS call, or directly manipulate the hardware with machine instructions.
The Assembler itself. Different assemblers might include different directives, macro support, and other features. If your trying to introduce a new programmer to the mysteries of assembly language, it's important to make this as clear as you can, not leave it to the user to figure out the differences.
How to evoke the assembler. Remember, we're talking about teaching from the beginning here. It's important that the user know the right way to start the assmembler, both in what command to run and what switches it needs. Looking back at some old DOS products it is important to know if he needs to do a seperate "bind" step as well, and to let him know how to run, test, and even debug the result.
So yes, making clear that the book is for Linux assembly and not for another platform like Windows assembly is important.
The best Analog Approach to Displaying Data I've ever seen was taking a computers address bus and splitting it into two parts and feeding each part into a D to A converter. The output of the D to A converters was displayed on an O-Scope. You could watch where the program was running, where the OS and the application were, where data was accessed, and where the computer was spending most of it's time on a pretty simple device.
Good point, but it's important to remember that a port doesn't really exist, it's only an abstraction in the TCP/IP stack anyway. So if we are talking about a computer "actually connected directly to the Internet", it makes little difference if the secret handshake to access a service in a computer as accessed by an order of packets received with different port numbers, or with different packet types sent to the same port, or by any other identifying data in the packet.
With more and more devices behind NAT routers, this distinction does start to matter. Unless the router knows about the knocking, this system has problems that a single port system would not have. On the other hand, if port knocking (or any other sort of identifying handshaking) was built into the NAT router, it could do a great job of idetifying authorized users and switch them to the proper system on the local LAN, which could then run with common software that did not need to be programmed to deal with the knockers.
Sure, while you don't have a guarantee that the packets arrived or the order in which they do, the truth is that in a real world situation most packets will arive and will arive in the proper order, particularly if they are sent with delays in the order of several hundred milliseconnds or more (that is, several tenths of a second or more). If somehow the knock doesn't go through, you knock again. If you still fail then you likely don't have a good enough connection for reliable use anyway. Obviously there might be some exceptions to this (like a web server connected to a cell phone), but in most cases dropped and out or order packets would not be an issue.
That said, I do agree with the post that made the point that anything that can be done by port knocking can generally be done better with information sent on a single port.
And a computational challenge would sure as hell stop me from forwarding the hundred to two hundred or more spam emails I get each day to uce@ftc.gov. So there woul,d only be negative effects from a computational challenge or from postage, not positive ones.
This pretty much says it all. If there's a postage charged for email then email will become all spam, not spam free.
The first to go will be lists like the above, no free newsletter is going to be able to justify paying postage on mailings of 30,000 or more.
Along with that will be the automated emails. Think /. will still email you when someone responds to your post if it costs them? Think again. You will not get email order confirmation, notice about your rebates, shipping tracking information, or other automated business related email that you want either.
Some people might pay a micro payment on some email, but others will not. Rather than being the killer app for the Internet, email will fall into disuse.
While all of this is going on, the spammers are not going to be slowed one damn bit. If they could be held accountable they would be stopped already. They will either continue to sign up for throw away accounts and then abandon them and not pay for the email, or they will continue to make their deals with shady ISP who damn well know they are spammers and let it slide. If a spammer has a deal with an IPS to send spam you can bet he isn't really going to pay the ISP postage fees. Worse yet, the claim will be made that the spammer is paying postage fees, and that those supposed fees omehow make it legitimate for then to cram your mailbox with spam for the p3nis patch and the paris hilton video xjrf.
And one other effect it will have is that I will certainly not pay to forward all the hundreds of daily spam I get to utc@ftc.org, and other spam fighters will see their complaints of spam dry up too.
In short order, much of the valid uses of email will come to an end because of this "postage", and spammers will continue completely unaffected. And it seems hard to believe that Yahoo and Microsoft don't already understand this.
Actually, if I got a letter from the FTC I might well look into what it said. But if I got an email supposedly from the FTC, I would likely just ignore it without even opening it (after forwarding a copy to uce@ftc.gov).
file a freedom of information act request.
Nothing. Loved the books. Enjoyed the BBC video, enjoyed the BBC radio play. Will not have it ruined by Disney and their idea of a rewrite. I'm so opposed to seeing this that I wouldn't even download it from the web.
Ok, it was a joke, but the joke would have been funnier and the point would have been better made if you used the real numbers, not ones you just made up. XP takes about 1.7 gig of hard disk space to install (varies slightly based on install options, but most of it is waste the user can't control installing drivers for things he never will have). ME is quite a bit more than 50 meg as well, Win98 took about 150 meg minimum to install, and ME was of course even more bloated.
The real issues here is how much bloat and stealing of computing cycles is going into this software that the user neither wants nor needs. Imagine how much computing power is needed to do the image recognition to look at any image and decide if it contains any "forbiden" image, at any angle, before printing it. And the user pays for this, both in wasted memory for that printer "driver" and in computing cycles and time wasted waiting for that software to be run on every page you print.
Wow! If you could get 5000 geeks to give just 10 bucks a piece, then that $1,500,000 towards an $8,000,000 million goal would grow to $1,550,000! If you could get 10,000 to donate $25 each you would grow the $1,500,000 to $1,750,000 (not that such numbers are very likely). And, of course, that doesn't even take into account Paypal's charges for doing this! And you think people are going to do this to preserve a discarded tin can? Don't we have better causes to focus our funds on?
Another perfectly effective technique is to point out that there were terms of use that were not printed on the outside of the box, disclosed only after you opened the box or even after you started to load the software, that you did not accept. As per the products instructions, you are returning the product to the store for a refund.
I'll also note that a lot of the software I buy does not get loaded onto my primary system as soon as I buy it. With all the software problems out there, and manufacturers who claim in their "license" that if the software destroys all of your data because of problems that are clearly of their making it's somehow not their fault, I often test install software on an older backup system before I put it on the main system (about the only exception is if the old system doesn't have the hardware to support the software). I've seen several pieces of software that actually will damage a system, and a few more that will completely destroy a system when you do the uninstall. If the software maker doesn't take responsibility for what his own product will do to your system and you have to, then you certainly need the ability to do your own testing before you put it on a system with important data. Software that prevents that goes back.
Intuit learned the hard way last year that even people usig tax software will only put up with so much in the way of restricting use of someting they legitimately bought and expected to be able to use. If you want to accept the store policy additude, then go ahead and bend over, but I hope most gamers have at least as much sense to stand up for their rights as the people who made Intuit change their invasive and restrictive system.
Yes, they've told me store policy at times when I've had to return something, but I've received a full refund on everything from software (once the package was opened the instructions told me to send in more money for parts of the program that they left out of this version, was in previous versions and something I felt I needed to use it properly) to a notebook (not at all as salesman had represented). I've never had anyone try to call the cops. Normally you can deal with people very calmly and civilly and make your point. But on rare occasions when it's clear that you're dealing with an asshole who wants to hide behind "policy" and isn't going to give you the same courtesy of treating you as a person as you are showing them, and there is no higher-up available, speaking up for your rights can be an effective way to deal with the situation.
One hint, which may not apply to most Slashdot readers: If you're going to make a public stand, it may better to not do it when your girlfriend is around. Some females are bothered by it. On the other hand, one who isn't is certainly a "keeper".
I change computers every few years, and I seem to be behind the curve contrasted to many of my friends. I do buy games; I would think not many until I look at the book shelves next to me and realize how much I've laid out for games. When the games start getting so invasive that I can't move them to my next PC (which would be the same as not letting me lend a game I was done with and not using to a friend), I'll be back at the store making a loud and ugly sceen until I have a refund.
Perhaps for the same reasons that the Branch Davidians or the Ralieans knew more about the Cathloics than most Cathloics knew about the Branch Davidians or the Ralieans? Maybe Linux is just a much more widespread cult than BSD.
I'm not crazy about a world of genetically modified creatures, but there are more important things that already affect our lives that these people should be going after, not likely harmless little red fish.
Whenever I get or try out a new scanner, I scan a $20, $50 or $100 bill. Not to copy it - I scan it to see how well the scanner picks up the microprinting around the portrait. I find that this is a very good test of scanner quality and can easily show some serious scanner problems. Of course, its a good test of scanner resolution, but it also helps detect problems with registration between the colors.
For now I can keep an old copy of Photoshop around, but at some point I'll be running on Hardware and Software that will not support the old copies of Photoshop (You should see how confused Photoshop 2 gets with the memory in modern computers). When it's finally gone I'll miss the ability to scan the microprinting on a bill. Maybe blocking out part of a bill will work, maybe not, it all depends on the secret blackbox software they use with each version.