"arbitrary" is not the same as "infinite" or "unlimited" - the former means that while the number can be, well, arbitrary (that is, any natural number whatsoever), it will still be a fixed finite number for any given instance of the game.
The real question is whether the prisoners know the value of k in advance or not.
Have you considered ordering blank media from a neighbouring country, such as Germany? You can get blank CDs and the like on amazon.de, for example, and IIRC, while there is a similar "copyright" fee in Germany, it's only applied to blank media specifically intended for audio and labelled accordingly.
In any case, you can get a spindle with 100 blank CDs for about 20 EUR, for example (other offers may be even cheaper, but this was the first I saw when checking briefly). Considering it's inside the EU, it's probably unlikely that the package would be stopped by the customs people, too, so you could most likely save quite some money that way.
Not all the root servers are in the USA. In fact, after looking at http://www.root-servers.org/, it seems that many of them actually consist of several servers, sharing an IP address. The ones with (physical) servers outside of the USA are F, I, J, K and M, it seems.
Don't be silly. The Nobel prize is pretty much the highest award you can receive in the fields where it is awarded - so it's certainly understandable that the committee wants to make sure that those who receive the prize really *have* made a ground-breaking discovery that deserves the prize. And waiting for some time to see what influence a discovery will have is pretty much the only way to find out.
That being said, yes, the discovery was made in 1982, but it wasn't even *confirmed* until 1987, so it's not just the Nobel prize committee, either.
That's not true. First of all, other parts of the system, such as X11, are of similar importance, yet noone (not RMS and his fanboys, that is) ever demand that the system be called "GNU/Linux/X" or so; similarly, most Solaris systems I've seen (for example) have the GNU tools installed, yet noone called it "GNU/Solaris". Also, the statement that you *need* the GNU tools is also wrong, as you can just as well replace them with something else, like busybox for example.
Sure, that's not typically done. But while it's true that most people don't give the GNU project enough credit, the right answer is not to give the GNU project *more* credit than it deserves.
Canada is a good choice, probably. Europe might also work, but it depends on the exact country then, of course; the UK is deteriorating its citizens' rights and all that pretty quickly under Blair, too, and the rest of Europe would require you to learn a different language (of course, so would half of Canada, and one might argue that you'd have to even in the UK).
*If* the language barrier is not going to be a problem, then the Scandinavian countries, the Netherlands and maybe also Belgium are good choices.
Considering that the average American (or, more generally, English-speaker) seems to think that accented letters, umlauts etc. are just "funny" versions of the regular letters where it's safe to disregard the diacritics (even when the letters aren't really related - it always bugs me that ð is often transliterated as a d, for example) it probably would've sounded like "yah".
Not that Lovecraft was an average English-speaker, of course, though.
"secure by design"? You're thinking of OpenBSD, not Linux. Not that Linux' security is bad, but the Linux kernel developers do not have the same paranoid attitude towards security that the OpenBSD developers have.
Actually... contrary to what you might believe, GCC *is* a good optimising compiler. Sure, it doesn't pull all the tricks that ICC does, for example, but then, it has dozens of different frontends (i.e., support for different programming languages) and backends (i.e., support for different architectures), which is something that definitely cannot be said about ICC.
Furthermore, while ICC *is* better at optimising for Intel (!) chips, that shouldn't really be a surprise, considering that it's written by the *manufacturer* of said chips. Compare GCC with other commercial compilers, though (like Visual C++) and you might be pleasantly surprised (or unpleasantly, if you're M$).
And what does "location-based advertising and services" mean in reality? Free wifi is good, of course, but TNSTAAFL. Can I rely on my traffic not being inspected/recorded by anyone with this offer?
Why do people rely on electricity and running water? Shouldn't we, by the same reasoning, all have our own well in the backyard (and a diesel generator, too, maybe, but then you'd have to rely on an external diesel supply, so you could just as well rely on external electricity, too)?
For that matter, why would anyone rely on anything on the internet, at all? Why do people use webmail? For that matter, why do we use email (yeah, I know, only old people use email) to communicate, anyway? We're already relying on the Internet and on systems utterly beyond our control a lot; I don't see an a priori reason why things should be different again from now on.
Of course, the new systems will not mean that the old ones suddenly go "poof" and vanish; many people do use regular clients for their email, for example. Most people also talk to each other in person when that's an option rather than emailing / IMing / phoning each other, and a few people don't rely on electricity or running water (some by choice, some not).
But while I don't want to make a prediction of whether AJAX office applications and similar things really will be the next big thing that enables everyone to do their business in a truly platform-agnostic, networked fashion, I think it's pretty safe to say that things will change in some way. It's gonna be an evolution rather than a revolution, but I sure hope you don't honestly think that everything will stay the way it is now for all eternity - it won't. And *that* is something I can say with confidence.
We live in a society with a free market, though. If there's no software available that *does* come with warranties, no matter for which price, then maybe, just maybe, there simply isn't a market for it.
Speaking of the market, you get what you pay for. What do you expect from authors who not only give you their work for free to use as you see fit, but also allow you to copy it, distribute it, sell it, modify it and all that? Don't look a gift horse into the mouth - if you don't want it, well, just don't take it. Nobody's forcing you to do so.
Embedded media (particularly, Flash) *is* a large part of the Internet as we know it. And unlike you, I'm not convinced that embedded media is automatically a bad thing, either; I certainly dislike ActiveX for its proprietary, windows-only nature and security nightmares, and PDF (PDF documents on the *web*, that is) for its duplicating of what should be done in HTML and CSS, but Flash at least seems to be doing something that you can't easily do with open standards, and the player is reasonably cross-platform, too.
Of course, like all technology, Flash *can* be abused, but hey, sites without Flash can also have a horrible design - Flash is neither necessary nor sufficient for that.
I don't know about you, but I at least, as a frequent visitor of sites like http://newgrounds.com/ for example, would be rather disappointed if Flash went away or if you had to pay for the player due to licensing fees extorted by Eolas.
That's not true. "cathedral-style" may be a somewhat loaded term, but it does refer to a clear, well-defined difference of the underlying model of a piece of software - the development model, in most cases, but it can also be applied to others. Call it "top-down" if you want to, or contrast it with terms like "grassroots" etc.
"enterprise-scale", on the other hand, isn't - rather, that's an ephemeral quality that your own products always possess, but never those of your competitors.
I think the real point here is that SSH Communications are trying to sell a product, so it's only natural that they're trying to show their competitors in the worst possible light, especially when those competitors have around 90% market share (see http://openssh.com/usage/graphs.html). OpenSSH, on the other hand, is not trying to sell you anything - like most open-source projects, their primary concern is to produce the best possible software. If you use it, good; if not, it's your loss, not theirs.
They did more than "maybe" "get close" - the first probe ever to actually reach the moon was Russian (Luna 2), for example. The Russians may not actually have sent people to the moon, but they certainly have accomplished some things, too, so give credit where credit is due.
Use secure OSes (OpenBSD is probably a good choice if you can't or don't want to use SElinux)
Keep up with patches
Ensure that evidence can't (easily) be tampered with (for example, use a remote, dedicated host for syslogging)
Monitor your logs efficiently; in particular, employ a filter that allows you to suppress messages that are just noise (security-wise, that is) but that shows every log line it does not recognise (there are also filters which will try to do the reverse, but that means you'll risk overlooking important messages)
Use hardware protection when available (for example, some (?) SCSI disks can be write-protected with a jumper setting - turn it on for the disks you have your/boot and / partitions on; if yours can't, boot from CD)
Try to actively detect anomalies (for example, use Snort, tripwire and similar tools)
Perform penetration tests yourself
Be paranoid - none of your systems should trust any of the other just because they *your* systems
That's some general advice I can think of right now. None of it is specific to rootkits, of course, but if you do things right, then you most likely won't ever get bitten by something bad - and if you still do, you'll at least be able to keep the damage to a minimum and also find out afterwards just what led to the compromise in the first place.
Slashdot Mirror
"arbitrary" is not the same as "infinite" or "unlimited" - the former means that while the number can be, well, arbitrary (that is, any natural number whatsoever), it will still be a fixed finite number for any given instance of the game.
The real question is whether the prisoners know the value of k in advance or not.
Have you considered ordering blank media from a neighbouring country, such as Germany? You can get blank CDs and the like on amazon.de, for example, and IIRC, while there is a similar "copyright" fee in Germany, it's only applied to blank media specifically intended for audio and labelled accordingly.
In any case, you can get a spindle with 100 blank CDs for about 20 EUR, for example (other offers may be even cheaper, but this was the first I saw when checking briefly). Considering it's inside the EU, it's probably unlikely that the package would be stopped by the customs people, too, so you could most likely save quite some money that way.
Livejournal disallows Javascript (and even CSS) on their users' user info pages, but not in the actual journal entries.
Not all the root servers are in the USA. In fact, after looking at http://www.root-servers.org/, it seems that many of them actually consist of several servers, sharing an IP address. The ones with (physical) servers outside of the USA are F, I, J, K and M, it seems.
Don't be silly. The Nobel prize is pretty much the highest award you can receive in the fields where it is awarded - so it's certainly understandable that the committee wants to make sure that those who receive the prize really *have* made a ground-breaking discovery that deserves the prize. And waiting for some time to see what influence a discovery will have is pretty much the only way to find out.
That being said, yes, the discovery was made in 1982, but it wasn't even *confirmed* until 1987, so it's not just the Nobel prize committee, either.
That's not true. First of all, other parts of the system, such as X11, are of similar importance, yet noone (not RMS and his fanboys, that is) ever demand that the system be called "GNU/Linux/X" or so; similarly, most Solaris systems I've seen (for example) have the GNU tools installed, yet noone called it "GNU/Solaris". Also, the statement that you *need* the GNU tools is also wrong, as you can just as well replace them with something else, like busybox for example.
Sure, that's not typically done. But while it's true that most people don't give the GNU project enough credit, the right answer is not to give the GNU project *more* credit than it deserves.
Canada is a good choice, probably. Europe might also work, but it depends on the exact country then, of course; the UK is deteriorating its citizens' rights and all that pretty quickly under Blair, too, and the rest of Europe would require you to learn a different language (of course, so would half of Canada, and one might argue that you'd have to even in the UK).
*If* the language barrier is not going to be a problem, then the Scandinavian countries, the Netherlands and maybe also Belgium are good choices.
Maybe the reason is precisely that they tried to make sure it's not as broken as Microsoft's attempt in SP2.
Wow - subtitles in 24 languages, but the DVD is not region-free? Pretty stupid, if you ask me (and they misspelled "Luxembourgish", too).
Considering that the average American (or, more generally, English-speaker) seems to think that accented letters, umlauts etc. are just "funny" versions of the regular letters where it's safe to disregard the diacritics (even when the letters aren't really related - it always bugs me that ð is often transliterated as a d, for example) it probably would've sounded like "yah".
Not that Lovecraft was an average English-speaker, of course, though.
For that matter, they also could've used H.264. In my experience, it's much superior to XviD and DivX in terms of quality.
"secure by design"? You're thinking of OpenBSD, not Linux. Not that Linux' security is bad, but the Linux kernel developers do not have the same paranoid attitude towards security that the OpenBSD developers have.
Actually... contrary to what you might believe, GCC *is* a good optimising compiler. Sure, it doesn't pull all the tricks that ICC does, for example, but then, it has dozens of different frontends (i.e., support for different programming languages) and backends (i.e., support for different architectures), which is something that definitely cannot be said about ICC.
Furthermore, while ICC *is* better at optimising for Intel (!) chips, that shouldn't really be a surprise, considering that it's written by the *manufacturer* of said chips. Compare GCC with other commercial compilers, though (like Visual C++) and you might be pleasantly surprised (or unpleasantly, if you're M$).
Squirrelmail is supposedly OK (haven't tried it myself, though).
And what does "location-based advertising and services" mean in reality? Free wifi is good, of course, but TNSTAAFL. Can I rely on my traffic not being inspected/recorded by anyone with this offer?
Why do people rely on electricity and running water? Shouldn't we, by the same reasoning, all have our own well in the backyard (and a diesel generator, too, maybe, but then you'd have to rely on an external diesel supply, so you could just as well rely on external electricity, too)?
For that matter, why would anyone rely on anything on the internet, at all? Why do people use webmail? For that matter, why do we use email (yeah, I know, only old people use email) to communicate, anyway? We're already relying on the Internet and on systems utterly beyond our control a lot; I don't see an a priori reason why things should be different again from now on.
Of course, the new systems will not mean that the old ones suddenly go "poof" and vanish; many people do use regular clients for their email, for example. Most people also talk to each other in person when that's an option rather than emailing / IMing / phoning each other, and a few people don't rely on electricity or running water (some by choice, some not).
But while I don't want to make a prediction of whether AJAX office applications and similar things really will be the next big thing that enables everyone to do their business in a truly platform-agnostic, networked fashion, I think it's pretty safe to say that things will change in some way. It's gonna be an evolution rather than a revolution, but I sure hope you don't honestly think that everything will stay the way it is now for all eternity - it won't. And *that* is something I can say with confidence.
"another view of the discussion" - is that the new Slashspeak euphemism for dupes? :)
If you pay for it, then yes, of course you can.
We live in a society with a free market, though. If there's no software available that *does* come with warranties, no matter for which price, then maybe, just maybe, there simply isn't a market for it.
Speaking of the market, you get what you pay for. What do you expect from authors who not only give you their work for free to use as you see fit, but also allow you to copy it, distribute it, sell it, modify it and all that? Don't look a gift horse into the mouth - if you don't want it, well, just don't take it. Nobody's forcing you to do so.
Embedded media (particularly, Flash) *is* a large part of the Internet as we know it. And unlike you, I'm not convinced that embedded media is automatically a bad thing, either; I certainly dislike ActiveX for its proprietary, windows-only nature and security nightmares, and PDF (PDF documents on the *web*, that is) for its duplicating of what should be done in HTML and CSS, but Flash at least seems to be doing something that you can't easily do with open standards, and the player is reasonably cross-platform, too.
Of course, like all technology, Flash *can* be abused, but hey, sites without Flash can also have a horrible design - Flash is neither necessary nor sufficient for that.
I don't know about you, but I at least, as a frequent visitor of sites like http://newgrounds.com/ for example, would be rather disappointed if Flash went away or if you had to pay for the player due to licensing fees extorted by Eolas.
Shoplifting a candybar is not theft? I'm not sure I understand that, even though I otherwise agree with pretty much everything you've said.
Off-topic, but I thought I'd let you know: your sig's only correct if you don't misspell things. It should be "videtur", not "viditur". :)
That's not true. "cathedral-style" may be a somewhat loaded term, but it does refer to a clear, well-defined difference of the underlying model of a piece of software - the development model, in most cases, but it can also be applied to others. Call it "top-down" if you want to, or contrast it with terms like "grassroots" etc.
"enterprise-scale", on the other hand, isn't - rather, that's an ephemeral quality that your own products always possess, but never those of your competitors.
I think the real point here is that SSH Communications are trying to sell a product, so it's only natural that they're trying to show their competitors in the worst possible light, especially when those competitors have around 90% market share (see http://openssh.com/usage/graphs.html). OpenSSH, on the other hand, is not trying to sell you anything - like most open-source projects, their primary concern is to produce the best possible software. If you use it, good; if not, it's your loss, not theirs.
They did more than "maybe" "get close" - the first probe ever to actually reach the moon was Russian (Luna 2), for example. The Russians may not actually have sent people to the moon, but they certainly have accomplished some things, too, so give credit where credit is due.
There's an easy answer: restrict what root can do. Other things that generally will help include:
That's some general advice I can think of right now. None of it is specific to rootkits, of course, but if you do things right, then you most likely won't ever get bitten by something bad - and if you still do, you'll at least be able to keep the damage to a minimum and also find out afterwards just what led to the compromise in the first place.