Best one I saw in my web logs was 'Mozilla WangBadger'. At the time, I hadn't heard of FireSomething, and was rather perplexed, especially when 'WangBadger' returned 0 hits on Google.
Nomachine NX is based on earlier work by the same group called 'MLView' (the organisation is called Medialogic, if memory serves) which was GPLd.
They have ELECTED to release pretty much all of their core technology as GPL, keeping with the spirit of MLview, taking a punt that people will pay for the pretty 'enterprise' GUI stuff.
Some third party hacker has built his own implementation of the non-GPL bits. I'd say that fits in well with their chosen business model. Wouldn't you?
The xc changed the license for R6.4 so XFree86 stayed based on 6.3 for a while, until they backpedal sometime in 1998-1999.
X11R6.4 - XFree86 4.0 dunno about 6.5 6.6 was merged into XFree86 4.2 or 4.3 if memory serves. X11R6.7 IS X.Org 6.7 as X.O is the xc's reference X distribution now.
ATIP/Lead in (sec ~99,000 thru 0) Track 1 (sec 150 thru X)... Track n Lead out
If the disc is multisession, there will be additional blocks of the format
Link blocks (part of prev session's leadout) Session leadin (no ATIP) Track X... Track Y Session leadout
You're partially correct, in that by default, CDROMs will read the first data track in the last session of the disc, by default. By placing something of interest in the second session, which audio CD players can't see, you can create a hybrid CD (which doesn't have data in track 1, session 1 like the older style hybrid CDs did.) Such a format is known as 'blue book' but I am reasonably sure it's not an official standard.
This data track (S2, track 1) contains an ISO filesystem which has rights-managed WMAs of the disc.
Most, if not all, ripping programs allow you to rip tracks out of any session on the disc the drive can see, rendering this form of copy protection completely useless as long as you don't install their 'upgrade' (which does nasty things to the SCSI drivers on your system, preventing them from executing READ LONG commands on CD ROM drives correctly.)
I think he's describing raid 5+0 (aka raid 50) which is a raid 0 set layered across one or more raid 5 sets.
Once you start getting into these esoteric raid levels, it becomes worth asking yourself if you're better off creating individual sets for individual amounts of data, in any event.
Ex-post-facto proxy scanning (a-la SORBS) fails because the time between a spam run when the proxy is considered 'fresh' by Lunch Meat Guy and when it gets listed is great enough to make proxies a viable option for spammers.
In-situ scanning is a more viable solution, insofar as 'if you have a trojan, you aren't sending me mail' works. The more advanced gnutella/waste-alike botnets may be harder to detect with a scan, but as far as I'm aware, the majority of spammers are still using systems like Dark Mailer to send out crap through a preconfigured list of infected machines.
Research data on how these bots work will never be far behind them being in the wild (it wouldn't be hard to throw a cursory glance in the direction of a machine which spammed you yet didn't match a known trojan/proxy signature and figure out what it's doing,) though. Their decentralised nature means that they won't be able to deny connections from arbitrary IP addresses...
Speaking from experience, I can tell you that it's not as easy as it seems...
Various jurisdiction's spam laws vary, but at least in.au where I'm located, the Spam Act 2003 only provides for civil penalty provisions against the spammers (in essence, the.au government will sue you for violating the spam act in civil court.)
Even though the evidential burden in a civil case is much less (balance of probabilities/preponderance of the evidence) than in a criminal case (beyond reasonable doubt,) it still proves difficult to tie a spam purporting to advertise, for example, penis pills, to a purveyor of penis pills.
Penis pill guy sends his spam through a few thousand of 'fresh proxies' (spam guy terminology for freshly rooted or virused machines garnered from crackers or vx people), penis spam ends up in inbox with penis pill guy's contact details.
So far so good, but there's no causal link between A and B of any forensic value whatsofuckingever. Correlation is not causation.
I'd be more inclined to see a system which plugs into the MTA somewhere between RCPT TO and DATA, which performs a basic open proxy scan on the originating MTA (similar to what many EFnet servers are doing ATM,) and if the originating MTA fails the test, mail is refused (preferably with a '550 5.1.1 no such user' error as this may help get you off certain lists) and the originating IP is added to some form of distributed blacklist for X hours (i'd suggest 48... long enough to allow ample time for the machine's owner to find out that they have a virus or spam problem and fix it, not really long enough to cause a major problem.)
I'm actually working on building such a system at the moment... Details will be posted to my website when I have some half decent code that runs (instead of making postfix' smtpd dump core.)
TCP is limited by several factors itself. The largest window permissible on a standard TCP is 64KB. This is roughly 45 ethernet frames on a 'standard' ethernet setup with a 1500 MTU (with a 1460 MSS.) Every 45 sent frames, you have to wait for the responding PC to compute the checksums, reassemble the data, and send an acknowledgement. This takes time (in the order of milliseconds, admittedly, but still time.)
The other consideration, which has been mentioned earlier, is interrupt load. Every received frame causes the ethernet controller to signal the CPU to let it know that a frame is waiting in the controller's receive buffer. If the CPU can't service this interrupt fast enough, you get a receive buffer overrun and the entire buffer is flushed, causing the packets in question to be resent (and potentially to lower the window size used by the other end as a backoff mechanism.)
Every TRANSMITTED frame will ALSO cause the ethernet controller to signal the host CPU when the frame has hit the wire so it can be removed from the transmit buffer inside the kernel.
This problem can be alleviated with 9000 byte frames (which would, based on my understanding, yield an MTU of 8982 and a TCP MSS of 8902,) causing less interrupts per TCP window. Are you using jumbo frames?
Additionally, scp introduces encryption into the mix, and while it may not pose a significant burden on the host CPU, will increase transmission latency to the point where the bandwidth-delay product becomes an issue.
It doesn't really do a different job to SPF if you consider that the 'job' of both approaches is to use data published in DNS to cut back on spam.
SPF works because, well, if I'm a spammer, i'm not going to be wanting to spam from domains which I own, as these are likely to get blacklisted rather fast. Additionally, whois data can make tracing me rather easy and painless. After said domain gets blacklisted, i need to purchase another domain in order to keep spamming.
If you think about it, what this system is basically saying is 'this message is guaranteed not to be fucked because somebody paid spamhaus $2k to say so'. What SPF says is 'this message, likewise, is guaranteed to be decent because the originating IP address matches the SPF records.'
In the absence of a mail.com record AND SPF records, the only information you have is 'this domain is PROBABLY bogus.'
So, no, I don't see the two systems being fundamentally different on an informational level. Just a financial and political one. And come on... the 'bus lane' for your email messages?
We already have a perfectly good, workable proposal for sender validation. It's called SPF. It's free. It will work, like this proposal, when people adopt it.
Seriously, $2k to prove that you're not a spammer, by one organisation's definition of the phrase? That sounds like profiteering to me, much along the lines of Ironport's dodgy Bonded Sender (tm) program.
The original Apple Airport basestation was essentially the guts of a Lucent rg-1000 (which was designed by Karlnet, IIRC). This included an AMD 486 CPU, a PCMCIA bridge chip of some sort, and a Lucent/Orinoco Wavelan Silver.
Since they were the same hardware, we had no problems running Karlnet Turbocell RG1000 firmware on them.
The RG1000s were also a lot cheaper, but looked like arse.
Just because someone has an old car with expensive rims doesn't infer that the car is shit.
Quite the opposite, potentially; if somebody's gone to the effort of spending $3-5k on a nice set of wheels, what else have they spent money on that you can't see?
Now ricers... There's another kettle of fish altogether.
If you buy an album, you own it. Period. You can do whatever the fuck you want with it. Period. It is yours.
Copyright law introduces some restrictions on what you're allowed to do with the intangible content on it; the aim, of course, is to guarantee the producer a limited monopoly on the ability to produce said album.
Let me repeat that. You do not license CDs. You own them.
I could take a photo of me putting my wang between a pair of Cindi Lauper CDs and that wouldn't violate your hypothetical license.
I'd be inclined to suggest that attacking www.sco.com and www.microsoft.com is merely a blindside to attract just this kind of troll reporting, whilst keeping the mainstream IT press unaware of the worm's real motivations.
If you were a russian spam 'family,' wouldn't you want your worm-infested zombies to stay uncontrolled for longer due to people not focussing on the real intent of their worm?
You're wrong. It's the COMPILER that needs the intelligence, and, ergo, the compiler developers.
Algorithmically, higher level code will not need to change; just the way the compiler converts your code into EPIC 'bundles' to take advantage of the unique characteristics of EPIC/VLIW.
In other news, Microsoft just released a Linux distribution, Ford just introduced a range of high-end bicycles, and the Shell Oil Corporation is refocussing on solar power.
Slashdot Mirror
Best one I saw in my web logs was 'Mozilla WangBadger'. At the time, I hadn't heard of FireSomething, and was rather perplexed, especially when 'WangBadger' returned 0 hits on Google.
What the FUCK is a Wang Badger? *cringes*
Nomachine NX is based on earlier work by the same group called 'MLView' (the organisation is called Medialogic, if memory serves) which was GPLd.
They have ELECTED to release pretty much all of their core technology as GPL, keeping with the spirit of MLview, taking a punt that people will pay for the pretty 'enterprise' GUI stuff.
Some third party hacker has built his own implementation of the non-GPL bits. I'd say that fits in well with their chosen business model. Wouldn't you?
If memory serves (may be a bit rusty on the dates)
X11R6.2 - XFree86 3.2 (c 1996)
X11R6.3 - XFree86 3.3 (late 96-early 97)
The xc changed the license for R6.4 so XFree86 stayed based on 6.3 for a while, until they backpedal sometime in 1998-1999.
X11R6.4 - XFree86 4.0
dunno about 6.5
6.6 was merged into XFree86 4.2 or 4.3 if memory serves.
X11R6.7 IS X.Org 6.7 as X.O is the xc's reference X distribution now.
I prefer the phrase 'Armadillo network.'
Hard on top.
Green and chewy and succulent underneath.
Erm, no.
...
...
CDs are laid out as follows:
ATIP/Lead in (sec ~99,000 thru 0)
Track 1 (sec 150 thru X)
Track n
Lead out
If the disc is multisession, there will be additional blocks of the format
Link blocks (part of prev session's leadout)
Session leadin (no ATIP)
Track X
Track Y
Session leadout
You're partially correct, in that by default, CDROMs will read the first data track in the last session of the disc, by default. By placing something of interest in the second session, which audio CD players can't see, you can create a hybrid CD (which doesn't have data in track 1, session 1 like the older style hybrid CDs did.) Such a format is known as 'blue book' but I am reasonably sure it's not an official standard.
This data track (S2, track 1) contains an ISO filesystem which has rights-managed WMAs of the disc.
Most, if not all, ripping programs allow you to rip tracks out of any session on the disc the drive can see, rendering this form of copy protection completely useless as long as you don't install their 'upgrade' (which does nasty things to the SCSI drivers on your system, preventing them from executing READ LONG commands on CD ROM drives correctly.)
I think he's describing raid 5+0 (aka raid 50) which is a raid 0 set layered across one or more raid 5 sets.
Once you start getting into these esoteric raid levels, it becomes worth asking yourself if you're better off creating individual sets for individual amounts of data, in any event.
Ex-post-facto proxy scanning (a-la SORBS) fails because the time between a spam run when the proxy is considered 'fresh' by Lunch Meat Guy and when it gets listed is great enough to make proxies a viable option for spammers.
In-situ scanning is a more viable solution, insofar as 'if you have a trojan, you aren't sending me mail' works. The more advanced gnutella/waste-alike botnets may be harder to detect with a scan, but as far as I'm aware, the majority of spammers are still using systems like Dark Mailer to send out crap through a preconfigured list of infected machines.
Research data on how these bots work will never be far behind them being in the wild (it wouldn't be hard to throw a cursory glance in the direction of a machine which spammed you yet didn't match a known trojan/proxy signature and figure out what it's doing,) though. Their decentralised nature means that they won't be able to deny connections from arbitrary IP addresses...
Speaking from experience, I can tell you that it's not as easy as it seems...
.au where I'm located, the Spam Act 2003 only provides for civil penalty provisions against the spammers (in essence, the .au government will sue you for violating the spam act in civil court.)
Various jurisdiction's spam laws vary, but at least in
Even though the evidential burden in a civil case is much less (balance of probabilities/preponderance of the evidence) than in a criminal case (beyond reasonable doubt,) it still proves difficult to tie a spam purporting to advertise, for example, penis pills, to a purveyor of penis pills.
Penis pill guy sends his spam through a few thousand of 'fresh proxies' (spam guy terminology for freshly rooted or virused machines garnered from crackers or vx people), penis spam ends up in inbox with penis pill guy's contact details.
So far so good, but there's no causal link between A and B of any forensic value whatsofuckingever. Correlation is not causation.
I'd be more inclined to see a system which plugs into the MTA somewhere between RCPT TO and DATA, which performs a basic open proxy scan on the originating MTA (similar to what many EFnet servers are doing ATM,) and if the originating MTA fails the test, mail is refused (preferably with a '550 5.1.1 no such user' error as this may help get you off certain lists) and the originating IP is added to some form of distributed blacklist for X hours (i'd suggest 48... long enough to allow ample time for the machine's owner to find out that they have a virus or spam problem and fix it, not really long enough to cause a major problem.)
I'm actually working on building such a system at the moment... Details will be posted to my website when I have some half decent code that runs (instead of making postfix' smtpd dump core.)
TCP is limited by several factors itself.
The largest window permissible on a standard TCP is 64KB. This is roughly 45 ethernet frames on a 'standard' ethernet setup with a 1500 MTU (with a 1460 MSS.) Every 45 sent frames, you have to wait for the responding PC to compute the checksums, reassemble the data, and send an acknowledgement. This takes time (in the order of milliseconds, admittedly, but still time.)
The other consideration, which has been mentioned earlier, is interrupt load. Every received frame causes the ethernet controller to signal the CPU to let it know that a frame is waiting in the controller's receive buffer. If the CPU can't service this interrupt fast enough, you get a receive buffer overrun and the entire buffer is flushed, causing the packets in question to be resent (and potentially to lower the window size used by the other end as a backoff mechanism.)
Every TRANSMITTED frame will ALSO cause the ethernet controller to signal the host CPU when the frame has hit the wire so it can be removed from the transmit buffer inside the kernel.
This problem can be alleviated with 9000 byte frames (which would, based on my understanding, yield an MTU of 8982 and a TCP MSS of 8902,) causing less interrupts per TCP window. Are you using jumbo frames?
Additionally, scp introduces encryption into the mix, and while it may not pose a significant burden on the host CPU, will increase transmission latency to the point where the bandwidth-delay product becomes an issue.
HTH
S
Are you serious? I'm getting major shades of L. Bob Rife here...
I think if Bill Gates OWNED the network backbones, I would move to Mars.
It doesn't really do a different job to SPF if you consider that the 'job' of both approaches is to use data published in DNS to cut back on spam.
SPF works because, well, if I'm a spammer, i'm not going to be wanting to spam from domains which I own, as these are likely to get blacklisted rather fast. Additionally, whois data can make tracing me rather easy and painless. After said domain gets blacklisted, i need to purchase another domain in order to keep spamming.
If you think about it, what this system is basically saying is 'this message is guaranteed not to be fucked because somebody paid spamhaus $2k to say so'. What SPF says is 'this message, likewise, is guaranteed to be decent because the originating IP address matches the SPF records.'
In the absence of a mail.com record AND SPF records, the only information you have is 'this domain is PROBABLY bogus.'
So, no, I don't see the two systems being fundamentally different on an informational level. Just a financial and political one. And come on... the 'bus lane' for your email messages?
Spamhaus have jumped the shark.
This is a retarded idea from the get-go.
We already have a perfectly good, workable proposal for sender validation. It's called SPF. It's free. It will work, like this proposal, when people adopt it.
Seriously, $2k to prove that you're not a spammer, by one organisation's definition of the phrase? That sounds like profiteering to me, much along the lines of Ironport's dodgy Bonded Sender (tm) program.
No thanks.
No. They're Itanium servers (which may or may not support hotplug CPUs.) They're not mainframes.
Would you like to tell us what the hell a 'mainframe-class' intel machine is?
The original Apple Airport basestation was essentially the guts of a Lucent rg-1000 (which was designed by Karlnet, IIRC). This included an AMD 486 CPU, a PCMCIA bridge chip of some sort, and a Lucent/Orinoco Wavelan Silver.
Since they were the same hardware, we had no problems running Karlnet Turbocell RG1000 firmware on them.
The RG1000s were also a lot cheaper, but looked like arse.
Just because someone has an old car with expensive rims doesn't infer that the car is shit.
Quite the opposite, potentially; if somebody's gone to the effort of spending $3-5k on a nice set of wheels, what else have they spent money on that you can't see?
Now ricers... There's another kettle of fish altogether.
Why the hell is American law relevant? He was fighting in Afghanistan, and is an Australian citizen.
He can be taken as a POW by the Americans, and as such, must be held under the terms of the Geneva Convention.
Anything less is a contravention of international treaties which date back to the mid 40s and trump American law.
Wrong.
If you buy an album, you own it. Period. You can do whatever the fuck you want with it. Period. It is yours.
Copyright law introduces some restrictions on what you're allowed to do with the intangible content on it; the aim, of course, is to guarantee the producer a limited monopoly on the ability to produce said album.
Let me repeat that. You do not license CDs. You own them.
I could take a photo of me putting my wang between a pair of Cindi Lauper CDs and that wouldn't violate your hypothetical license.
You're missing the point: under Australian law at the time, there was nothing illegal about what David Hicks (at least) was doing.
So, as a nice loophole to get the poor bastard strung up ex post facto, we're happy to leave him in Cuba to be prosecuted by the Americans.
Let me reiterate that. WHAT HE DID AT THE TIME WAS NOT ILLEGAL.
...until DirecTV sue everybody who bought one of these phones but didn't buy a subscription
Teh 'k' is implied
Shut up or i'll knife you in the face.
Then I'll shovel your decaying body into a box, and fire the box up in a crematorium.
I'd be inclined to suggest that attacking www.sco.com and www.microsoft.com is merely a blindside to attract just this kind of troll reporting, whilst keeping the mainstream IT press unaware of the worm's real motivations.
If you were a russian spam 'family,' wouldn't you want your worm-infested zombies to stay uncontrolled for longer due to people not focussing on the real intent of their worm?
RE: your last statement.
You're wrong. It's the COMPILER that needs the intelligence, and, ergo, the compiler developers.
Algorithmically, higher level code will not need to change; just the way the compiler converts your code into EPIC 'bundles' to take advantage of the unique characteristics of EPIC/VLIW.
Disclaimer: I am not a compiler developer.
Gator make Ad-Aware? Cool.
In other news, Microsoft just released a Linux distribution, Ford just introduced a range of high-end bicycles, and the Shell Oil Corporation is refocussing on solar power.