I really don't see much benefit here. Seems like someone just took syslogd and made it a kernel module. Just one more piece of the kernel to crash. Personally I'd rather keep the kernel as small as possible. Less to go wrong that way.
While on the topic, though, it would be nice if Linux did something similar to IRIX, where a crash would save the kernel coredump to the swap partition. Yes, I know the Linux Kernel Crash Dump project does this, but they're not exactly stable yet (hell, their website won't even load right now).
Ok. No problem. We do nightly backups to our 24TB tape library. The robotic arm changes the tapes, so no user intervention is required. Oh, and lightning would at worst take out both tape drives in the library, leaving the data on the tapes intact. Meanwhile, it'd fry all of your disks, rendering your backups useless.
We're planning to add another 24TB of storage in the next couple of months. Tapes aren't dead yet....
A slightly less evil method I've used when the ISP was unresponsive was to use the Windows Messenger service to pop up a note on their screen telling them to run a virus scanner.
It usually takes a few days for them to clue in that the notes will continue unless they comply (so it's kinda like blackmail), but it always works. Oh, and I always put my email address in the note so they can email if they have questions. (Makes it seem less like spam that way.)
I noticed that the first three books of the New Testament (Matthew, Mark, Luke) tend to relate most of the same stories. Pretty twisted to think those three apostles copied ideas from each other. Must be a Christian thing.
Yes, I'm making fun of the parent, for those who can't tell.
This reminds me of going to a LAN party where someone had a see-through plexiglass case. We were wondering if their CPU ran at 2.4 GHz, and if so, whether it would cause interference with the wireless.
You're the guy who was going to show us where, in the souce code, the arp poisoning was happening?
Yes, I know it's a waste of time to respond to a troll, but I'm bored.;)
I never said airpwn did arp poisoning. Must have been one of your imaginary friends. All I said was that I suspected arp poisoning, and when I checked for it, I saw it was occurring. By multiple groups.
As another poster mentioned, it's quite possible that airpwn made arpwatch think arp poisoning was occurring by spoofing packets without spoofing the AP's mac address. I didn't check specifically for arp packets at the time, since I wasn't really trying to distinguish between someone doing arp poisoning and someone spoofing packets. As I said before, I wish I'd saved my packet captures. Would have made for interesting reading.
*getting tired of poor reading comprehension of/. kiddies....*
Uhh, there was no other option. In any case, WiFi is just as secure as ethernet when all you're doing is running ssh. It's only the occasional unencrypted traffic (like/.) that was at risk. And I'm not exactly concerned about someone messing with that. Perhaps you'd like to stop trolling and back up your statement with something intelligent?
I will say that I thought twice about using telnet even with a OTP specifically because of TCP hijacking fears. (Initially I thought it would be funny for someone to see a plaintext password scroll by their sniffer window.)
Ok, so I got hit by this, when attempting to check slashdot during one of the talks. First reaction was to hit the Back button as fast as I could, to get the image off my screen.
Once the shock wore off, I pointed out the issue to my friends sitting next to me. They spent some time analyzing ethereal output, while I downloaded and ran arpwatch. It's pretty sad to hear that some kiddies were checking browser settings....
The article claims there was no arp poisoning going on, but actually there was. I saw plenty of that. Which kinda confused us, since there doesn't seem to be much need for that in a wireless environment. You can sniff w/o arping, and you can inject traffic (as they were). But yes, it was definitely happening, though apparently by a different group. (Actually, I detected three different MAC addresses competing for the AP's IP.)
In hindsight I should have saved some of my packet captures. Might have been fun to look over later.
First off, it's disturbing that you got this grant. The NSF should be ashamed of themselves for giving that much cash to someone so clueless.
Second: you're almost certainly going to have to put it out to bid. For example, at UIUC, the bid limit is $28,100. Anything over that *must* go to bid unless you can provide a really good reason why you have to "sole source" it.
Now, you need to start thinking about stuff. First off, forget the number of nodes. You need to start by thinking about how they'll be used. Like, how much communication will there be? A few large packets, or many small ones? Myrinet is nice and fast, but will increase your costs by 50% over gigE. Similarly, you need to figure out how much ram to put in each node. How many processors, keeping in mind they'll be competing for the memory bandwidth. 32 bit vs 64 bit. The list goes on and on....
Of course, you didn't give any details, which means you probably don't have a clue. So maybe start by purchasing a couple of test systems and benchmarking your code on them, to see where your bottlenecks are.
Does anyone really do anything other than just blindly hit "yes" when presented with a new host identification string?
First off, I'm a sysadmin, and I save my hostkeys when I upgrade.
Secondly, my client machines have the server key, so user passwords are not required.
Third, I usually check into the reason. If possible, I log in to a place I would have connected from before. There's only 2-3 machines I regularly log into from random places, and I have their bubble-babble digests memorized. And if I have no other choice, I connect and then immediately do the "ssh-keygen -l -f/etc/ssh/ssh_host_rsa_key.pub" to verify the key matches. If it doesn't, then I would know I'd been caught by a MITM attack. I could immediately su and lock my account and the su account I used to lock myself out (leaving only root).
Are these practical steps? YES! Trust me... there were attempted MITM attacks at Defcon this year. That is one place I would NOT accept an unknown hostkey.
When I was signing all the initial paperwork, I was handed a dollar bill and told that was my payment for all my thoughts while I worked there. I think they have to exchange money to make it a legal contract, or something.
Ok, so the installer lets you put the head of the directory tree where you want it, so that's a start. But they create the executables in the root of that tree, and leave an empty "Bin" (yes, with a capital B) directory. So once again I will be forced to waste time trying to fix up their install and hopefully make it functional.
At least it doesn't have to be installed by individual users any more...
Removed the CPU of a running SGI Indy. Stuff on screen stayed up, which was impressive. Unfortunately putting the CPU back in didn't help. It needed rebooting.
Installing debian on a desktop, my hard drive started freaking out. Now, we all know the debian installer is a nightmare, and I didn't want to waste an hour answering questions again. So I unplugged the hard drive and plugged it back in. It did an IDE bus reset, found the drive, and continued on as normal.
I think a balance is formed by the fact that the resources of vigilantes are limited, and therefore they go after the major nuisances.
For example, I spend most of my "vigilante" time going after crackers, US-based phishing schemes, and the occasional spammer. I really don't have time to browse the net for other wrong-doers. Presumably there are hundreds more like me, and very few who go after racist websites. Therefore the greatest effect is felt where it is needed.
In the end, though, I wish there was more the vigilante could do. After being ignored by ISPs and law enforcement, it often seems like the solution is to create my own bot network and DDoS the bad guys. Too bad I have morals against such things. I actually kinda hope there are vigilantes who don't, since a DDoS against a spam-friendly ISP could go a long way towards making the net a better place....
Saw a robot courier in '93 or '94 (don't remember exactly when). Was at some large corporation. Pretty much followed a stripe on the floor and stopped whenever someone got close. As I recall, it could handle the elevators. Seemed pretty cool to a kid back then. Not sure it's slashdot-worthy a decade later.
My first attempt at a scientific publication was a total eye-opener into how bad the process can be. I submitted a paper, and the editor forwarded it on to a referee. No word back for a month, so we complained. Eventually the editor passed it on to another referee. That one took about 3 weeks to respond, at which point they said that we weren't doing anything new --- someone else had done the same thing a month ago! (It wasn't even published yet.) If not for the first referee refusing to respond, we would have been the first. Very frustrating. They should have a 1-week time-limit for referees to respond.
when you go to read y from the computer, you just get one solution, and what's worse, you don't even know which value of X it corresponds to!
Not quite correct. Yes, you only get one. But you do know which value of x it corresponds to. You just can't pick your x value. It's part of the result, just like y is.
I know everyone's excited about this, but keep in mind that it's 2^31 times slower than the thing it's trying to simulate. That's because it can't really take advantage of the exponential speedup from working with entangled states. Or, more accurately, it gets an exponential speedup at the cost of an exponential slowdown.
I challenged my dad to a game of "Test Drive", or some other typical car-racing game. I thought it'd be a good test of experience (him) vs. reaction time (me). Of course, my dad obeyed all the speed-limit signs. Which was really frustrating, because he never got into an accident, or pulled over by the cops, or anything. Meanwhile, I repeatedly drove off the side of the cliff or had head-on collisions with oncoming trucks. In the end, I think our times were pretty similar.
You are probably refusing "virus-infected" messages.
Yes, I am, but I am quite certain that is unrelated for the following reasons:
The problem occurred before I started the filtering
The problem exists on all of their lists, many of which don't deal with viral code
They send a final warning before unsubscribing you, saying that if the warning bounces you'll be unsubscribed. Obviously the warning contains no viral code.
One of the warning messages I received indicated they were sending my email to the wrong host, which implies their DNS was fscked.
This is only slightly off-topic, since it's directly related to finding out about things like this:
Anyone else getting repeatedly unsubscribed from bugtraq and the other securityfocus mailing lists? About once a month I get an email from them claiming my email was bouncing (often because their DNS was sending it to the wrong machine!). And about once a month I don't get the email, and am unsubscribed from a random list. Which really sucks, because it takes a few days to realize, and then you've lost a few days'-worth of important announcements.
I'm just curious whether this is a widespread problem; since I'm fairly certain my connection isn't flaky, the problem must be at their end.
Slashdot Mirror
While on the topic, though, it would be nice if Linux did something similar to IRIX, where a crash would save the kernel coredump to the swap partition. Yes, I know the Linux Kernel Crash Dump project does this, but they're not exactly stable yet (hell, their website won't even load right now).
Ok. No problem. We do nightly backups to our 24TB tape library. The robotic arm changes the tapes, so no user intervention is required. Oh, and lightning would at worst take out both tape drives in the library, leaving the data on the tapes intact. Meanwhile, it'd fry all of your disks, rendering your backups useless.
We're planning to add another 24TB of storage in the next couple of months. Tapes aren't dead yet....
It usually takes a few days for them to clue in that the notes will continue unless they comply (so it's kinda like blackmail), but it always works. Oh, and I always put my email address in the note so they can email if they have questions. (Makes it seem less like spam that way.)
Yes, I'm making fun of the parent, for those who can't tell.
That's one of the funnier things I've heard in a long time. And after a particularly dismal day, it really perked my mood. Thank you.
Anyone care to comment?
Yes, I know it's a waste of time to respond to a troll, but I'm bored. ;)
I never said airpwn did arp poisoning. Must have been one of your imaginary friends. All I said was that I suspected arp poisoning, and when I checked for it, I saw it was occurring. By multiple groups.
As another poster mentioned, it's quite possible that airpwn made arpwatch think arp poisoning was occurring by spoofing packets without spoofing the AP's mac address. I didn't check specifically for arp packets at the time, since I wasn't really trying to distinguish between someone doing arp poisoning and someone spoofing packets. As I said before, I wish I'd saved my packet captures. Would have made for interesting reading. *getting tired of poor reading comprehension of /. kiddies....*
I will say that I thought twice about using telnet even with a OTP specifically because of TCP hijacking fears. (Initially I thought it would be funny for someone to see a plaintext password scroll by their sniffer window.)
Once the shock wore off, I pointed out the issue to my friends sitting next to me. They spent some time analyzing ethereal output, while I downloaded and ran arpwatch. It's pretty sad to hear that some kiddies were checking browser settings....
The article claims there was no arp poisoning going on, but actually there was. I saw plenty of that. Which kinda confused us, since there doesn't seem to be much need for that in a wireless environment. You can sniff w/o arping, and you can inject traffic (as they were). But yes, it was definitely happening, though apparently by a different group. (Actually, I detected three different MAC addresses competing for the AP's IP.)
In hindsight I should have saved some of my packet captures. Might have been fun to look over later.
Yeah, that's what I always look for in a surgeon... someone to "cheer me on" while I'm unconscious.
Second: you're almost certainly going to have to put it out to bid. For example, at UIUC, the bid limit is $28,100. Anything over that *must* go to bid unless you can provide a really good reason why you have to "sole source" it.
Now, you need to start thinking about stuff. First off, forget the number of nodes. You need to start by thinking about how they'll be used. Like, how much communication will there be? A few large packets, or many small ones? Myrinet is nice and fast, but will increase your costs by 50% over gigE. Similarly, you need to figure out how much ram to put in each node. How many processors, keeping in mind they'll be competing for the memory bandwidth. 32 bit vs 64 bit. The list goes on and on....
Of course, you didn't give any details, which means you probably don't have a clue. So maybe start by purchasing a couple of test systems and benchmarking your code on them, to see where your bottlenecks are.
Good luck. Sounds like you'll need it.
First off, I'm a sysadmin, and I save my hostkeys when I upgrade.
Secondly, my client machines have the server key, so user passwords are not required.
Third, I usually check into the reason. If possible, I log in to a place I would have connected from before. There's only 2-3 machines I regularly log into from random places, and I have their bubble-babble digests memorized. And if I have no other choice, I connect and then immediately do the "ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub" to verify the key matches. If it doesn't, then I would know I'd been caught by a MITM attack. I could immediately su and lock my account and the su account I used to lock myself out (leaving only root).
Are these practical steps? YES! Trust me... there were attempted MITM attacks at Defcon this year. That is one place I would NOT accept an unknown hostkey.
When I was signing all the initial paperwork, I was handed a dollar bill and told that was my payment for all my thoughts while I worked there. I think they have to exchange money to make it a legal contract, or something.
At least it doesn't have to be installed by individual users any more...
Installing debian on a desktop, my hard drive started freaking out. Now, we all know the debian installer is a nightmare, and I didn't want to waste an hour answering questions again. So I unplugged the hard drive and plugged it back in. It did an IDE bus reset, found the drive, and continued on as normal.
For example, I spend most of my "vigilante" time going after crackers, US-based phishing schemes, and the occasional spammer. I really don't have time to browse the net for other wrong-doers. Presumably there are hundreds more like me, and very few who go after racist websites. Therefore the greatest effect is felt where it is needed.
In the end, though, I wish there was more the vigilante could do. After being ignored by ISPs and law enforcement, it often seems like the solution is to create my own bot network and DDoS the bad guys. Too bad I have morals against such things. I actually kinda hope there are vigilantes who don't, since a DDoS against a spam-friendly ISP could go a long way towards making the net a better place....
Maybe I'm just not creative enough, but what would a non-terrorist organization want with a cruise missile?
Saw a robot courier in '93 or '94 (don't remember exactly when). Was at some large corporation. Pretty much followed a stripe on the floor and stopped whenever someone got close. As I recall, it could handle the elevators. Seemed pretty cool to a kid back then. Not sure it's slashdot-worthy a decade later.
My first attempt at a scientific publication was a total eye-opener into how bad the process can be. I submitted a paper, and the editor forwarded it on to a referee. No word back for a month, so we complained. Eventually the editor passed it on to another referee. That one took about 3 weeks to respond, at which point they said that we weren't doing anything new --- someone else had done the same thing a month ago! (It wasn't even published yet.) If not for the first referee refusing to respond, we would have been the first. Very frustrating. They should have a 1-week time-limit for referees to respond.
Not quite correct. Yes, you only get one. But you do know which value of x it corresponds to. You just can't pick your x value. It's part of the result, just like y is.
I know everyone's excited about this, but keep in mind that it's 2^31 times slower than the thing it's trying to simulate. That's because it can't really take advantage of the exponential speedup from working with entangled states. Or, more accurately, it gets an exponential speedup at the cost of an exponential slowdown.
Yeah, you can learn a lot from your dad....
Yes, I am, but I am quite certain that is unrelated for the following reasons:
Anyone else getting repeatedly unsubscribed from bugtraq and the other securityfocus mailing lists? About once a month I get an email from them claiming my email was bouncing (often because their DNS was sending it to the wrong machine!). And about once a month I don't get the email, and am unsubscribed from a random list. Which really sucks, because it takes a few days to realize, and then you've lost a few days'-worth of important announcements.
I'm just curious whether this is a widespread problem; since I'm fairly certain my connection isn't flaky, the problem must be at their end.
Umm, no. Photons do NOT have mass. And electricity is the movement of electrons. Movement doesn't have mass.