Doom 3 Linux users are gathered in irc://irc.enterthegame.com/#doom3linux anxiously awaiting binaries. (I'd post that as a link but slashcode is losing the dots in the hostname.) A website with an RSS feed can be used to track developments.
Guns intended for self defense have the objective of stopping an attacker from succeeding. Death is an unfortunate side effect, not the objective. Ignorant Hollywood directors would have you believe that dart guns or tazers can do this without risk of lethality, but such devices are unreliable. With a dart gun you must use a dose heavy enough to take out the largest attacker without killing the smallest from overdose. Similar issues arise with tazers and electricity. A firearm attempts to accomplish the same objective using a chemically-powered projectile to apply hydrostatic shock. It's relativy cheap, simple, and reliable. (One could make an analogy here comparing the modular simplicity of a firearm with Linux, while the complicated and fickle dart gun or tazer are comparable to Windows.)
It's important to consider the frequency. Ionizing radiation does permanent cellular damage. That's why it's cumulative. Microwave radiation is thermal. Claiming it would cause cancer over time is like claiming that holding a warm wash cloth to your head would cause cancer.
If you happen to be in Berkeley, CA, go to the top of the hill above the campus and visit the Lawrence Hall of Science, where the exteriors for Colossus were shot. There's a great view of San Francisco Bay from there. (LHoS is pretty cool, too.)
For road warriors, port 587 is defined for submission of mail. Red Hat sendmail setups come with sample config files to enable the submission server.
One should also restrict end-user submission to using authenticated SMTP. (Again, Red Hat has the hooks for this, and there are HOWTO's on the net explaining the details.)
Anything coming in from a stranger over unauthenticated SMTP should go into a "slowboat" low-priority queue for extensive spam and virus scanning.
Note that sending mail outbound to port 25 is not a violation of most TOS, because that's not running a server, that's "direct to MX" submission, and most TOS don't say anything about that.
Use the same technique that stops spammers from screen-scraping whois databases, and require a human to enter a string displayed in a graphic or read by voice synthesis.
First, click on the MatureAsskickers link under my name. We're an old "tribe" (T2 speak for clan) of a little over 100 members. We have a very active forum and patience for newcomers. Our Files and Links areas should have all you need to play except the game itself.
If you're looking for competition and don't want to be hammered with childishness while playing, check out the Blood Eagle Mini-League, a collection of teams who allow new teams in by invitation, sort of like an upper class golf club. Most of the teams are looking for new players with similar maturity.
One of the bigger leagues is Team Warfare. The TWL forums has this thread full of essential resources.
When I learned the game I found the Upset Chaps Guides to be invaluable.
I run both T2 and BF servers, and can tell you that BF is a real pig in comparison. I have a dual-CPU setup and a single 24-man BF server uses up a CPU, while multiple T2 servers running up to 50 people (total) barely make it sweat. The BF server uses somewhat more bandwidth, but it's a real hog on CPU and memory. Click on the URL under my name to check out the servers.
A number of Tribes teams who wanted an evironment of respect, without the taunting and childishness common among FPS games, built the Blood Eagle Mini-League. The league later switched to Tribes 2.
Team membership in the league is by invitation. A team goes through a series of trial matches to make sure it's adult enough. If you're interested in that kind of play, stop by and see if any of the member teams are recruiting. Most are, given the stale state of the game.
My own team, the Mature Asskickers, has similar requirements of recruits. Although it started as a Tribes 2 team, it's since expanded to encompass several other games. Our forums are almost as busy as SlashDot.;)
Also check out the Tribes newsgroup. It's quiet there right now, mostly a few old regulars passing the time, but I'm sure it'll spark up when the free download is available. The group sports a "watchdog" who barks loudly at strangers asking moronic newbie questions. (I was a "victim" when I first posted there; it's sort of a right of passage.)
Just because Loki is gone doesn't mean that all who distributed its wares are out of stock. They paid for their legitimate copies and have a right to recover their investment. Respect people who invest in Linux.
If you're smart enough to run SpamAssassin, shouldn't you also be running your own copy of BIND with root hints and skipping your ISP altogether? At most, forward only queries for your ISP's domain to its internal nameservers, just to get any special addresses that are only available to customers.
When ATTBI first acquired part of @Home's network, I was one of the fortunate few not plagued by ATTBI's misconfigured backup name servers, because I had BIND running with root hints on my LAN. (Win2k has a habit of failing over when a reply packet is missed and locking on to a backup server.)
You can have a Windows box. Just don't connect it directly to the Internet. Use a consumer router with NAT (what I call an Internet condom) to effectively hide the Windows box's open ports and vulnerable services from outsiders.
This won't protect you from Trojans you get via email, but it at least protects your box long enough to download necessary patches and a copy of Mozilla or Opera.
The real problems start when you look at the other infrastructure, like DNS and DHCP (or autoconfig). From what little I see on the dnsop mailing list, there's still quite a bit of controversy about how to handle these, particularly during a transition period, without "losing" parts of the Internet due to discontinuities in the DNS system.
RPM also tracks which package a binary file belongs to, and ensures that removal of an infrequently-used package removes all of its files. When updating a package, RPM ensures that obsolete files are removed.
It's called defense in depth. Don't rely on a single protection system. Use firewalls of differing architectures, multiple mail technologies, multiple operating systems, and independent intrustion detection systems. A cracker then needs to breach multiple technologies to complete a theft, with each breach exposing the cracker to possible detection.
You can't create a perfect solution, but you can make your opponent's job expensive enough to drive him to another target.
It seems the real solution here is to develop on UNIX and deploy on Windows, not these "watermark", or "encrypted codebase" sorts of plans. This is a classic 'weakest link' kinda scenario.
This strategy offers additional value: Building on multiple platforms eliminates the "tool myopia" that obscures bugs and bad design because one tool set encourages it.
What worries me more is that a company that puts its trust in unpatched Microsoft groupware products (email, web browser) expects us as customers to trust its code, also a sort of groupware.
We can only hope that out of this will come some good bug reports with patches that will help seal potential security and cheat exploits in the published code. Seeing Valve's designs and style, we may be able to influence the coders in the direction of more attention to security.
Re:Java??? What happened to CLU?
on
MIT Everyware
·
· Score: 1
Hehe, yeah, I remember taking 6.170 with CLU, and read through the reference manual the weekend before classes started. After that, I just blew off the lectures and did all the homework, since the lectures spent way too much time teaching the language, a waste for those of us who already had a few of languages under our belt. And since 6.001 taught LISP and Algol, most 6.3's should have had equal facility with the language. I used to think 6.001 was a bozo filter to weed out people not cut out for programming, but I guess the difficulty so many had with 6.170 is a strong counter-argument to that.
Slashdot Mirror
One problem is that most spam comes from zombies. Changing the protocol does nothing about that. The zombies will just use the new protocol.
Doom 3 Linux users are gathered in irc://irc.enterthegame.com/#doom3linux anxiously awaiting binaries. (I'd post that as a link but slashcode is losing the dots in the hostname.) A website with an RSS feed can be used to track developments.
Kudos to the author for recognizing non-IE users and fixing the bugs that affect us.
Guns intended for self defense have the objective of stopping an attacker from succeeding. Death is an unfortunate side effect, not the objective. Ignorant Hollywood directors would have you believe that dart guns or tazers can do this without risk of lethality, but such devices are unreliable. With a dart gun you must use a dose heavy enough to take out the largest attacker without killing the smallest from overdose. Similar issues arise with tazers and electricity. A firearm attempts to accomplish the same objective using a chemically-powered projectile to apply hydrostatic shock. It's relativy cheap, simple, and reliable. (One could make an analogy here comparing the modular simplicity of a firearm with Linux, while the complicated and fickle dart gun or tazer are comparable to Windows.)
Dating Design Patterns, previously reviewed here.
It's important to consider the frequency. Ionizing radiation does permanent cellular damage. That's why it's cumulative. Microwave radiation is thermal. Claiming it would cause cancer over time is like claiming that holding a warm wash cloth to your head would cause cancer.
The Fall of Colossus (Forbin enlists aliens to take Colossus down)
Colossus and the Crab (they rebuild it)
If you happen to be in Berkeley, CA, go to the top of the hill above the campus and visit the Lawrence Hall of Science, where the exteriors for Colossus were shot. There's a great view of San Francisco Bay from there. (LHoS is pretty cool, too.)
One should also restrict end-user submission to using authenticated SMTP. (Again, Red Hat has the hooks for this, and there are HOWTO's on the net explaining the details.)
Anything coming in from a stranger over unauthenticated SMTP should go into a "slowboat" low-priority queue for extensive spam and virus scanning.
Note that sending mail outbound to port 25 is not a violation of most TOS, because that's not running a server, that's "direct to MX" submission, and most TOS don't say anything about that.
I'd love to have an ISP this clueful.
I hadn't heard that Sierra had made any official statement releasing the Linux version for free distribution, but it's in Gentoo's packages.
If you're looking for competition and don't want to be hammered with childishness while playing, check out the Blood Eagle Mini-League, a collection of teams who allow new teams in by invitation, sort of like an upper class golf club. Most of the teams are looking for new players with similar maturity.
One of the bigger leagues is Team Warfare. The TWL forums has this thread full of essential resources.
When I learned the game I found the Upset Chaps Guides to be invaluable.
I run both T2 and BF servers, and can tell you that BF is a real pig in comparison. I have a dual-CPU setup and a single 24-man BF server uses up a CPU, while multiple T2 servers running up to 50 people (total) barely make it sweat. The BF server uses somewhat more bandwidth, but it's a real hog on CPU and memory. Click on the URL under my name to check out the servers.
MA runs numerous T2 servers, on the same box running our web site, forums, and email.
I ended up having to use IE, it wouldn't recognize my verification when using Mozilla.
The server used to be at ftp://ftp.lokigames.com/ and a Linux T2 newsgroup is at news://news.lokigames.com/loki.games.tribes2.
"No, honey, that's how you get jewelry!"
Team membership in the league is by invitation. A team goes through a series of trial matches to make sure it's adult enough. If you're interested in that kind of play, stop by and see if any of the member teams are recruiting. Most are, given the stale state of the game.
My own team, the Mature Asskickers, has similar requirements of recruits. Although it started as a Tribes 2 team, it's since expanded to encompass several other games. Our forums are almost as busy as SlashDot. ;)
Also check out the Tribes newsgroup. It's quiet there right now, mostly a few old regulars passing the time, but I'm sure it'll spark up when the free download is available. The group sports a "watchdog" who barks loudly at strangers asking moronic newbie questions. (I was a "victim" when I first posted there; it's sort of a right of passage.)
Just because Loki is gone doesn't mean that all who distributed its wares are out of stock. They paid for their legitimate copies and have a right to recover their investment. Respect people who invest in Linux.
If you're smart enough to run SpamAssassin, shouldn't you also be running your own copy of BIND with root hints and skipping your ISP altogether? At most, forward only queries for your ISP's domain to its internal nameservers, just to get any special addresses that are only available to customers.
When ATTBI first acquired part of @Home's network, I was one of the fortunate few not plagued by ATTBI's misconfigured backup name servers, because I had BIND running with root hints on my LAN. (Win2k has a habit of failing over when a reply packet is missed and locking on to a backup server.)
You can have a Windows box. Just don't connect it directly to the Internet. Use a consumer router with NAT (what I call an Internet condom) to effectively hide the Windows box's open ports and vulnerable services from outsiders.
This won't protect you from Trojans you get via email, but it at least protects your box long enough to download necessary patches and a copy of Mozilla or Opera.
The real problems start when you look at the other infrastructure, like DNS and DHCP (or autoconfig). From what little I see on the dnsop mailing list, there's still quite a bit of controversy about how to handle these, particularly during a transition period, without "losing" parts of the Internet due to discontinuities in the DNS system.
RPM also tracks which package a binary file belongs to, and ensures that removal of an infrequently-used package removes all of its files. When updating a package, RPM ensures that obsolete files are removed.
You can't create a perfect solution, but you can make your opponent's job expensive enough to drive him to another target.
This strategy offers additional value: Building on multiple platforms eliminates the "tool myopia" that obscures bugs and bad design because one tool set encourages it.
What worries me more is that a company that puts its trust in unpatched Microsoft groupware products (email, web browser) expects us as customers to trust its code, also a sort of groupware.
We can only hope that out of this will come some good bug reports with patches that will help seal potential security and cheat exploits in the published code. Seeing Valve's designs and style, we may be able to influence the coders in the direction of more attention to security.
Hehe, yeah, I remember taking 6.170 with CLU, and read through the reference manual the weekend before classes started. After that, I just blew off the lectures and did all the homework, since the lectures spent way too much time teaching the language, a waste for those of us who already had a few of languages under our belt. And since 6.001 taught LISP and Algol, most 6.3's should have had equal facility with the language. I used to think 6.001 was a bozo filter to weed out people not cut out for programming, but I guess the difficulty so many had with 6.170 is a strong counter-argument to that.