I'll take the big one first:
After all, who uses their Xbox to play movies? Anyone? That would be me and hundreds if not thousands of others. Not dvd's, oh heavens no. Xbox Media Center on a modded Xbox is about all I use my Xbox for; not more than a couple of games on the Xbox I care about. $150 and a little soldering brings me the best bang for the buck in a home theater unit.
-Sony has won the adult part of the portables market with its sleek styling and functionality... question is, is there even an adult market for these things to begin with?
As anyone with an ipod and everyone who wants an ipod will tell you, oh hell yeah.
-Do we need yet another proprietary media format? When can we burn on it? When can we buy it? Do we need it? No. But it was Sonys best choice. Trying to stick to even a minor standard like 3" DVD's would severely increase the size of the machine. If you want to put your own stuff on the PSP, thats what the memory stick is for, and they hold plenty (IIRC, 512MB and 1GB sticks are available, but could be wrong). The BIG question that should be asked is if there is a way to execute your own code stored on the memory stick. THAT and that alone would make me pay the outrageous prices for a first gen unit.
-Are audiences really going to want to buy their media on a proprietary format when a portable DVD player is so cheap these days, and works with your home disks? Saying that smaller is better was important in the 80s... I don't think that holds today. Matter of fact, is anyone going to buy a movie on this thing?I> I don't really see the video disc portion taking off, for the reasons you mention and a few others. However, I could easily see a parent picking up a few spongebob mini discs for the kid to keep them quiet on a road trip or off of the house TV.
-The interactivity of the DS is well known, the interactivity of the PSP not so much, why? First off, poorly phrased leading question; answering directly implies I agree with your premise that the interactivity of the PSP is not well known. I reject that premise. Its a hand held gaming system. You press a button or a direction and the game reacts. This isn't a pet rock, it actually reacts to what you do like every video game since Pong. You may have something specific in mind, such as input options the DS has that the PSP doesnt (touchscreen for one), but your question doesn't address it.
For the connections in the house, go with a wired setup whenever possible, and make sure you have conduit to run whatever the cable du jour will be in the future. One or two access points plugged in outta sight wouldn't hurt either.
Now for the fun part, actually USING that bandwidth. I hate M$ to, but the best way to play whatever you need at any location is with a modded Xbox and Xbox Media Player Website. This spliffy piece of software can play just about any media format you can think of, from VOB, DivX, Mp3, Ogg, and many many more obscure formats. It can play them from the harddrive, dvd drive, or over the network with SMB (Windows) shares, Shoutcast for your internet radio, and tons of other options. Divx plays just fine over a 10mbit connection, so switched 100mbit aught to be a dream. Here is a review of XBMP on TechTV with videos of it in action. Picture slideshows, playlists, this piece of software just keeps getting better and better. Fully controllable with a standard controller or the DVD remote you can purchase separately. (I recommend the Logitech RF wireless controller if you can justify the extra money. Solid contruction, flawless performance.) Its all about the wireless, baby.
Even better, no expensive modchip or chip installation required. Some people figured out how to run code without a chip, and some others figured out how to flash a BIOS on the Xbox with this technique. No chips, just shorting two easy points on the motherboard. Check on the #xbins channel of Efnet for information; look for the 007 agent under fire package with raincoat. You'll need a friend with a modded Xbox to get the savegame on a memory card, but once done, Xbox is a cinch to crack.
As a perk, you could even get a few room-to-room Halo/Unreal/RTCW/Doom 3 games going on.
In short, this guy's idea for curbing infection rates of &pluralize("virus"); is to restrict systems network access to one new host per second. Exceptions would be made for high demand, known servers, such as mail server and (I presume, even though it wasn't in the article) HTTP or SOCKS proxies. Interesting idea, and it would help in slowing down the infection of, say, Nimba or Code Red.
I can't help but think that his logic is flawed however. For example, most corporate headaches come from email based virii. If the only connections needed for the virus to spread is the email server it already has access to, there is no delay for the emails to be sent out to the mail server. No one could request for the email server to be throttled and keep their job, so the infected emails would be sent out, with no perceptable delay caused by the throttling.
The only thing this might help with is worms only, no virii in the more common sense such as email based LookOut virii,.exe/.com infectors, or boot sector infectors. The article fails to mention the Hows of this throttling; is it based on the routers (in which case quick infection of the local subnet would take place) or on the switches (which could break most broadcast applications, not to mention mean all systems outside the subnet look the same) or in the OS (in which case the virus could put its own TCP/IP stack in to replace the throttled one, and end up with no throttling affects whatsoever).
How about, instead of throttling network access, we move to more reliable code, better access controls at the kernel level, and a hardware platform that makes buffer overruns and stack smashing a thing of the past. While I am anti-MS, Palladium does actually have some good ideas on the hardware level. Is the DRM level that stinks to high heaven.
I already have that functionality in Trillian, with better skin support, no banner, auto-away and a reply message if away, yahoo, ICQ, IRC...The only thing missing is Mirc scripting support and it would be the ultimate communications device since the telephone. If AOL would be smart and buy out Trillian the way they bought WinAMP, the IM wars would be over.
I am by no means a heavy duty math cruncher or cypherpunk, but how exactly is this going to affect number and factoring? I don't know of any advanced prime number search algorythms, but Sieve of Erothenes (did I get that right?) solved in NP time. (Each number is check is evenly divisible by an earlier prime, and if none found, add to list of primes, lather rinse repeat)If primes can be found in P time, finding the first 50 prime numbers would take the same time as finding the first 50 three hundred digit primes.
While that may not be thrilling at first, let's use the RCA contest for money as an example. We get a 1024 bit number containing 200 digits in decimal formm, which is the product of exactly two prime numbers. We know then that: 1. We only need to find one prime to easily find the other. 2. The digits in the factors can total no more than 200 digits. 3. One of the factors contains less than 100 digits.
Start at 10^100 and count down using this algorythm, and youll find it in P time instead of NP time. It'll still take forever, literally and figuratively, but wouldn't it take significantly less time than before?
I had always wanted to consider Loki one of the "good guy underdogs". A company to root for. I mean, c'mon. They helped bring Quake3 to Linux, how could you NOT like them? But then I read this:
Instead of sending them W-2 income tax forms, they were sent 1099s, meaning that they are left to pay taxes on income for which the company was already supposed to have -- but hadn't -- paid federal withholding.
The question here is, did Loki without the taxes/FICA, etc. out of the paychecks? If they withheld, didn't deposit it, and then sent out a 1099, then the company should immediately be investigated for tax evasion and any other criminal charges that are relavent. This is fraud, and the victims are the employees. If the taxes were NOT withheld, then this is a non-issue. Yes, it sucks having a large tax amount due all at one, but thats life.
Who wants to take bets that this gets publicized as FUD that Linux does not a viable company make?
Considering one of the main points Piro is trying to make about the value of respect for a site/company/individual, and how poorly this has been strongarmed into squeezing money out of customers, in particular for an originally free service. Considering the pay services for Slashdot in the works, I find this posting ironic to say the least.
Megatokyo has my respect, big time. I have at least 6 shirts of there's, two others I gave the girlfriend, and as soon as Im gainfully employed again, Im buying that 'F33r my l33t n3k1d sk1llz' boxer shorts. They've made some money off of me, and they earned it. I just wished it was enough for them to work full time; daily updates to megatokyo would be reason for me to leap out of bed with a smile on my face each and every morning.
Perhaps Slashdot could do something similiar? Instead of the subscription service, some merchandizing would be better. Instead of the lame/. t shirts on thinkgeek, how about some cool items. An engraved/. (the symbol) metal coffe mug? A swiss army knife with green handle and inlayed/. symbol? People are a lot more willing to give money if they are under the impressions they are gaining something, in particular something physical for their money. SLashdot should take note.
Everyone talks about setting up beowulf clusters. It's pretty easy to set them up, just make sure there is a lot of usable bandwidth between the systems.
The question here that isn't being asked is about the application. Sure, you have a cluster. But just what is it doing? What numbers are you crunching with that many gigaflops? To take the beowulf idea out of the realm of geek bragging rights into actual useful production takes an application, and you can bet that most are customer designed in house.
Very little of the OS itself is involved in the real applications that make beowulfs useful and money-making. Take a look at your intended application, and see what its requirements are. If you are writing it in house, tell the MS rep to take a leap, since you wont have to worry about 100+ MS licenses, Visual Studio licenses, or whatever else. If your intended application requires MS OS underneath, hold out on the rep until he agrees to a dramatically reduced price on the software. But worrying about the OS in a cluster before looking at the application is counter productive.
.NET Studio demo is on the CD of this month's MSDN magazine. Full version is also available for anyone with an MSDN subscription, which any software development company or division worth its salt already has. (yes, a real MSDN subscription is well more than $1,079, but well worth it for companies creating MS software)
Toodles
Ermm, its actually a bit worse than some think..
on
Security Hole in Morpheus
·
· Score: 1, Informative
If you are the kind that thinks 'Oh shucks, no big deal', think again.
If this is any kind of domain controller, remember that your SAM file can be downloaded, and if your system has microsoft network file sharing open or is running any part of the IIS suite, your as good as hacked. It can be downloaded and brute hacked with L0pht crack.
If you run any of the popular online games such as Quake 3 arena or Return to Castle Wolfenstein, your cd key is stored in plain text. All of a sudden you can't play because it is in use by '3l33t hax0r' 24x7. Other games such as Starcraft and HalfLife keep the key in the registry, which is also accessible. (see above)
Any kind of online login is vulnerable. These h4x0rz can use your sign in to Amazon.com and "One Click" a library to their address with your credit card. Your online porn accounts, your SSH and PGP private key, the list goes on.
And lets not forget those pictures of your wife you took with the new digital camera in your bedroom.
Toodles, who thinks its funny that people feel this is an insignificant security hole, and that the hole in XP was a threat to all mankind.
If you are interested in the development for this device, you can check out the SDK, emulator, and other items here from Jeff Frohwein, the staple of the Gameboy, gameboy advance, and other hand held home brew development 'scenez'.
I hope it works out well in practice. The only thing I fear is that we will only have a batch of emulators running on the gp32. For most home brew development platforms (ps1, dreamcast, gameboy, gameboy advance), emulators and demos are about all that exist; full games, even puzzle games, can take an awefull long time to develop.
"...they've helped transport people to the moon and back safely, they manage critical aircraft systems for thousands of flights every day, they support business operations at companies of all sizes, and they move trillions of dollars around the world to keep the global economy"
It's a shame that none of these run Microsoft software. MS didn't exist in the 60's (moon landing), has nothing to do with aircraft systems (most still in use run on late 70's mainframes and mini's), and god help the bank/brokerage who runs their mission critical software on an Wintel platform. End flame.
Mundie does have one idea right though; make it ubiqutous (sp?). He indicates computers should have the same reliability that requires no thought. I agree whole-heartedly. However I don't believe MSFT can do it without rewriting the whole damn thing over. I cannot count the amount of times an NT server had to be manually power cycled because a service hung and wouldn't restart. This wasn't some oddball, third party service; this was IIS ("WWW Publishing Service" I believe) Until simple things like the separation between kernel and application (EVERY application, no exceptions for the ones you need to tweak for benchmarks) is complete, NT will have problems
By the sound of the post, you feel that this is an urgent matter before the drywall goes up. It doesn't have to be. What you should be concerning yourself with putting in is conduit, not the wiring, if this is a house you plan on living in for a good long time.
With good conduit, running wires is a fairly painless process. Install the conduit, let the contractors install the drywall, then run the cat5, fiber, whatever. After X many years, if you decide you need to upgrade to fiber or whatever is current enough for your needs, pulling the existing wire and replacing will be a cinch. By putting in the wiring now instead of conduit, you are speeding up the depreciation and obsolescense (sp?) of your house, not increasing it. Good conduit even helps with events you didn't plan, such as if you figure out you need to pull RCA cables for house-wide stereo, or additional coax, or whatever.
This is a company that I know _I_ have not heard of. Need instant public recognition that would require a multimillion dollar marketing budget? Send a letter to a kid asking the rediculus, and let Wired and the Slashdot affect put your company in popular mindset's as the Dancing Baby and 'All Your Base' quotes...
It's a shame about their website. There's a shockwave intro, that repeats...and repeats...and has a 'Skip Intro' button that causes the shockwave to repeat...and repeat. Boy, KPMG is about to have multi million hits over the next hours, and they have nothing to show the visitors except that silly themes song....
If you're expecting to run the actual binaries, your outta luck. What you CAN do though is 'back display' it if you have solaris running on another box on your network, or even under VMWare (notice, I havent tried Solaris under VMWare, don't even know if its possible).
On your box with the XServer (FreeBSD in this case):
It should display on your FreeBSD Xserver just like you want. I have done this for quite a while to get the HP/UX version of IE running on an Apollo 735 to display on my Linux box. A fast network is obviously preferred.
4. Choice of storage formats: WAVs (Free[as in beer]:1250-1750 cds:lossless) MP3 (done proper) (Free[as in beer]:12,500-17,500 cds:lossy) Ogg Vorbis (Free[as in speech]:12,500-17,500 cds:lossy), and FLAC (Free[as in speech]:2500-3500 cds:lossless)
All this, 2.54*10^24 times more storage, and a set of components guaranteed to be better than what is in that POS that's being sold. Oh, and lets not forget the $7000 or so you'll be saving.
I'll pass.
Toodles
Freedom vs. Power - Not their decision to make
on
Freedom or Power?
·
· Score: 4, Interesting
However, one so-called freedom that we do not advocate is the "freedom to choose any license you want for software you write". We reject this because it is really a form of power, not a freedom.
This just doesn't sit well with me at all. I don't demand that the people who create software I use release under the GPL over whatever license it is currently using. I *will* look for alternatives, with my priorities being cost and opensource, in that order. Remember, this is a 'free software' group speaking, not the 'open source' group; big difference. A manifest destiny declaring all software should be GPL'ed should be met with serious opposition.
My code, that I work on, is mine. I owe to no one the work that was involved. (Code produced for an employer is different. For now, I mean code I do on my spare time.) *If*, and this is a big If, if I distribute my code in any form to anyone, it is entirely at my descretion. I own my work, and I'll do with it what I please. I am very happy to abide by the GPL in gpl'ed code. The reason is it's *their* code I'm using. These are *their* conditions they want the code used for, and I will keep my end of the bargain in return for their generosity in providing for everyone. If I don't like it, I don't *have* to use their code.
No one, not even RMS, is going to tell John Carmack that Doom 3 *has* to be released under the GPL. However, if RMS wants to spout that His Immenence Carmack is taking advantage of power, he would cause more harm than good. John Carmack knows the value of the GPL, and has shown this many many times over, with the release of Wolf3d and Doom source code, followed by the GPL of the Doom and Quake source. This has done tremendous things for the home brew gaming community, and while he can't measure in dollars the good he has done, I hope he has even a close approximation of the help he has provided in the releasing GPL. I will follow to the letter every section of the GPL in any work I do based on John's released software; not out of fear for lawyers, but out of respect for John's contribution. His gift.
No one has the right to say what we can or cannot do with our 'art', code in this case. RMS can spout anything he likes, but the moment he decides that my release of SuperWhizBangTurbo MUST be GPL'd is the exact moment his freedom to swing ends at my nose.
RMS, we appreciate what you've done, and what you fail to realize is the sheer enormity of code released daily under the GPL. However, what your proposing is not 'increasing the freedoms of computer users everywhere', you are 'taking away the rights of programmers everywhere'. We do, have been, and will continue to release under the GPL at every opportunity. However, we will find something else in protest if any effort is made to force us to do so. Even if its for the greater good, we are stubborn individuals, and will resist any effort to force us into submission.
Checking through BugTraq and NTBugTraq shows an alarming trend; companies don't care if someone finds an issue with their software. Let me give you an example:
The Cisco 675 DSL router/modem. This device has very widespread use consumer home and SOHO environments. Other Ciscos in that line were included in a particular issue that cause the router to hang completely until power cycled. Cisco was first notified about this January 10 2000 (no typo there, 01-10-00). A very easy to prove situation was shown to cause this. After 11 months of waiting and two notifications to Cisco, the notifier had given up on Cisco doing The Right Thing (c), and notified BugTraq about the problem, in this post, Nov 28th, 2000. Users from around the world tested, and verified the issue. Want to know what happened? Nothing. Not a peep from Cisco about this, untill recently.
The vulnerability DOS in the Cisco was never acknowledged by Cisco, and still isn't admitted. However, a notification of DOS vulnerability was finally admitted by Cisco here, 8-24-2001. Nineteen months since being notified. However, the entire reason for this wasn't the vulnerability mentioned of a skewed HTTP request, but simply its inability to handle multiple http connections. Why? Code Red. The Code Red virus was banging on port 80 so hard that the routers would lock up hard and die until reset. Many thousands of DSL customers were affected by this, and IMHO, a redux of the HTTP code that should have been done over a year and a half before, would have prevented the entire nightmare of Code Red issues for owners of the Cisco 675 (Their systems are another story however).
Checking for other 'exploit code' on the BugTraq list should show that the people who create it are responsible, usually doing no more than running a 'whoami' in the case of elevated privileges. They don't arm 'script kiddiez', they do it themselves, however the proof that a hole is exploitable is all someone needs to write their own. This is not a bad thing, this is a good thing.
It is general policy on BugTraq that companies be notified and given sufficient time to resolve issues, usually 3 months or so. If that lapses, it is the infosec engineers responsibility to post the exploit for the world. The company won't listed to the voice of one competant person, but they will listen when their entire customer base gets proof that the company shirked on their responsibilities to protect their customers.
First, a serious plug for refcards.com as they have a bunch of DAMN handy refference cards, including apache, perl, cvs, gdb, ANSI c, etc etc. However, they do not have one for basic *nix usage. So...
Here are some of the more promising results of a search from google.com (String used was:unix ref card pdf)
You should be able to find what you need easy enough. I should also highly reccommend to everyone the linuxsecurity.com Linux Security guidesheet. Damn good reading to hardening your system. Here
I highly recommend a book called "The High Road" by Ben Bova. Unlike most of Bova's work, this isn't fiction, but more of an essay regarding the need for increased investment and work towards space travel. No pictures available, the book is out of print, so an amazon.com link is kinda pointless.
Even when the book was printed (1981), drastic cuts in space funding were evident. Remember this is BEFORE the Challenger incident! Many different sources are cited in this book to back up his facts, but I will still try to not stray from the obvious.
1. Satellites. Sat phones, many nodes of the Internet, GPS systems, XM radio, spy satellites, anti-spy satellites, the Star Wars program (Think Reagan, not Jar Jar) all owe their existence to satellites. You can complain about those all you want, some are pointless, but all have been put with the idealistic thought of making life better in general. Some fail, and some are to make money, but I am glad all of them are there.
2. Secondary technical innovations. Velcro, Most plastics, and tertiary technical advancements for such things as bone marrow transplants (Remember the old commercial with Jesse Jackson, specifically to rally support for the space program, citing bone marrow transplants as one of the effects of earlier space exploration?)
3. Energy. This is the one that bites my tail most that SHOULD have been done in the 70's, and still should be done. A Solar Power Station. The idea is a large satellite, positioned so that it is never blocked from the sun, could gather and redirect the energy to a large array of solar power cells (we're talking a few dozen square miles worth, but well worth it). Environmental impact would be nill, and the land could still be used for grazing by livestock. Just plop the array of cells into some flat section of New Mexico or Montana, and be done with it. The power that could be produced by such a station could easily be twice that of the energy produced by imported and domestic oil gathered at the same rate. While I would recommend reading this book for the full explanation, this link will take you to a PDF with an excellent overview if you cant find the book. Imagine, free, practically limitless energy available. The electricity could be used to separate water into hydrogen and water, so even transportation would benefit.
4. Economy. Every dollar spent into the space program would change hands an avarage of 8 times before 'settling'. This is a matter of spending money to make money. It creates jobs, technology, and even patriotism.
5. Survival of the Human Race. As unlikely as it may seem, the Earth is our biggest Single Point of Failure. If anything happens to the Earth in a manner that makes it inhospitable to human life, the race will end. We must, for the survival of the species eliminate that single point of failure. Asteroids, nasty bacteria(e.g. Ebola), greenhouse effect, are all problems whose affect on the race could be limited if we got rid of the single point of failure. However improbable, they are still possible, and the human race must overcome.
6. Moon exploration. Boy, I'd love to get my hands on a killogram of diterium(Hydrogen ion +3?). There's only a few metric ton naturally occuring on the planet, almost all in the oceans. But, its on the surface of the moon, and the lack of atmosphere makes extracting it from the dust (notice I didn't say 'soil'. Just the dust, no more than 2" deep, would yeild enough diterim to satisfy a huge energy consumption for an enourmous amount of time.
There are more, but I grow tired of typing. Space exploration is not for short sighted people. It has produced amazing results for the entire human race, and as pessimistic as it may sound, failing to properly support it by the Americans is both bad for the U.S. as a whole, and failure by the world to investigate further is accepting the eventual end of the human race.
Cd's are well entrenched into our society right now, but the fun stuff is at the edge. Namely, DVDA (That's Digital Versatile Disc Audio, you perv) and Audiophile (A refreshing look at old technology. LP style records using a very high tech manufacturing process and extremely tough vinyl. No digital->analog conversions here, baby. Very limited manufacturing runs due to the expense and low market appeal. Remember the/. acrticle about the guys spending $150k+ for a true 'audiophile' listening experience. This is what he had.) You can see many new albums being released with the DVDA style, which makes life a dream for people who want a highest quality possible rip. Dvda uses the same mpeg 2 compression that DVD's use. So, whip out your handy-dandy DeCCS software, and rip the audio straight off the disc. Since you are reading the data off of a the DVD, including checksums, you will get a flawless rip. Current rippers use a sector-by-sector read to try and get a good read, and they often fail since Redbook audio doesn't have checksums for each sector. But DVDA does. DVDA is also recording at a digital quality higher than cd's, and maybe DAT tapes (DVDA is 192kbit/s @ 48khz; cd's are 128kbit/s @ 44.1Khz)
THe moral of the story is, if you're an MP3 collector who is just interested in proclaiming to your IRC friends "WH00T! I got 2 petabytes of Tori Amos!", they want to slow you down. For real audiophiles, we've moved to the next best thing (tm) already.
Slashdot Mirror
-Sony has won the adult part of the portables market with its sleek styling and functionality... question is, is there even an adult market for these things to begin with? As anyone with an ipod and everyone who wants an ipod will tell you, oh hell yeah.
-Do we need yet another proprietary media format? When can we burn on it? When can we buy it? Do we need it? No. But it was Sonys best choice. Trying to stick to even a minor standard like 3" DVD's would severely increase the size of the machine. If you want to put your own stuff on the PSP, thats what the memory stick is for, and they hold plenty (IIRC, 512MB and 1GB sticks are available, but could be wrong). The BIG question that should be asked is if there is a way to execute your own code stored on the memory stick. THAT and that alone would make me pay the outrageous prices for a first gen unit.
-Are audiences really going to want to buy their media on a proprietary format when a portable DVD player is so cheap these days, and works with your home disks? Saying that smaller is better was important in the 80s... I don't think that holds today. Matter of fact, is anyone going to buy a movie on this thing?I> I don't really see the video disc portion taking off, for the reasons you mention and a few others. However, I could easily see a parent picking up a few spongebob mini discs for the kid to keep them quiet on a road trip or off of the house TV.
-The interactivity of the DS is well known, the interactivity of the PSP not so much, why? First off, poorly phrased leading question; answering directly implies I agree with your premise that the interactivity of the PSP is not well known. I reject that premise. Its a hand held gaming system. You press a button or a direction and the game reacts. This isn't a pet rock, it actually reacts to what you do like every video game since Pong. You may have something specific in mind, such as input options the DS has that the PSP doesnt (touchscreen for one), but your question doesn't address it.
Now for the fun part, actually USING that bandwidth. I hate M$ to, but the best way to play whatever you need at any location is with a modded Xbox and Xbox Media Player Website. This spliffy piece of software can play just about any media format you can think of, from VOB, DivX, Mp3, Ogg, and many many more obscure formats. It can play them from the harddrive, dvd drive, or over the network with SMB (Windows) shares, Shoutcast for your internet radio, and tons of other options. Divx plays just fine over a 10mbit connection, so switched 100mbit aught to be a dream. Here is a review of XBMP on TechTV with videos of it in action. Picture slideshows, playlists, this piece of software just keeps getting better and better. Fully controllable with a standard controller or the DVD remote you can purchase separately. (I recommend the Logitech RF wireless controller if you can justify the extra money. Solid contruction, flawless performance.) Its all about the wireless, baby.
Even better, no expensive modchip or chip installation required. Some people figured out how to run code without a chip, and some others figured out how to flash a BIOS on the Xbox with this technique. No chips, just shorting two easy points on the motherboard. Check on the #xbins channel of Efnet for information; look for the 007 agent under fire package with raincoat. You'll need a friend with a modded Xbox to get the savegame on a memory card, but once done, Xbox is a cinch to crack.
As a perk, you could even get a few room-to-room Halo/Unreal/RTCW/Doom 3 games going on.
In short, this guy's idea for curbing infection rates of &pluralize("virus"); is to restrict systems network access to one new host per second. Exceptions would be made for high demand, known servers, such as mail server and (I presume, even though it wasn't in the article) HTTP or SOCKS proxies. Interesting idea, and it would help in slowing down the infection of, say, Nimba or Code Red.
.exe/.com infectors, or boot sector infectors. The article fails to mention the Hows of this throttling; is it based on the routers (in which case quick infection of the local subnet would take place) or on the switches (which could break most broadcast applications, not to mention mean all systems outside the subnet look the same) or in the OS (in which case the virus could put its own TCP/IP stack in to replace the throttled one, and end up with no throttling affects whatsoever).
I can't help but think that his logic is flawed however. For example, most corporate headaches come from email based virii. If the only connections needed for the virus to spread is the email server it already has access to, there is no delay for the emails to be sent out to the mail server. No one could request for the email server to be throttled and keep their job, so the infected emails would be sent out, with no perceptable delay caused by the throttling.
The only thing this might help with is worms only, no virii in the more common sense such as email based LookOut virii,
How about, instead of throttling network access, we move to more reliable code, better access controls at the kernel level, and a hardware platform that makes buffer overruns and stack smashing a thing of the past. While I am anti-MS, Palladium does actually have some good ideas on the hardware level. Is the DRM level that stinks to high heaven.
Trillian. You know you wanna.
Someone please mod this jackass down for a goatse.cx type link
I am by no means a heavy duty math cruncher or cypherpunk, but how exactly is this going to affect number and factoring? I don't know of any advanced prime number search algorythms, but Sieve of Erothenes (did I get that right?) solved in NP time. (Each number is check is evenly divisible by an earlier prime, and if none found, add to list of primes, lather rinse repeat)If primes can be found in P time, finding the first 50 prime numbers would take the same time as finding the first 50 three hundred digit primes.
While that may not be thrilling at first, let's use the RCA contest for money as an example. We get a 1024 bit number containing 200 digits in decimal formm, which is the product of exactly two prime numbers. We know then that:
1. We only need to find one prime to easily find the other.
2. The digits in the factors can total no more than 200 digits.
3. One of the factors contains less than 100 digits.
Start at 10^100 and count down using this algorythm, and youll find it in P time instead of NP time. It'll still take forever, literally and figuratively, but wouldn't it take significantly less time than before?
Toodles
I had always wanted to consider Loki one of the "good guy underdogs". A company to root for. I mean, c'mon. They helped bring Quake3 to Linux, how could you NOT like them? But then I read this:
Instead of sending them W-2 income tax forms, they were sent 1099s, meaning that they are left to pay taxes on income for which the company was already supposed to have -- but hadn't -- paid federal withholding.
The question here is, did Loki without the taxes/FICA, etc. out of the paychecks? If they withheld, didn't deposit it, and then sent out a 1099, then the company should immediately be investigated for tax evasion and any other criminal charges that are relavent. This is fraud, and the victims are the employees. If the taxes were NOT withheld, then this is a non-issue. Yes, it sucks having a large tax amount due all at one, but thats life.
Who wants to take bets that this gets publicized as FUD that Linux does not a viable company make?
Admiral: Slashdot? You're belief in that ancient religion hasn't help you conjure up that Episode 2 trailer.
Vader: I find your lack of faith disturbing, Admiral.
*Admiral chokes under weight of a full frontal Slashdotting.*
I have to admit, Im impressed. We took down Apple.
Too bad you can't buy them like this!
You can purchase similar all plexi-glass cases from www.clear-viewtech.com
Considering one of the main points Piro is trying to make about the value of respect for a site/company/individual, and how poorly this has been strongarmed into squeezing money out of customers, in particular for an originally free service. Considering the pay services for Slashdot in the works, I find this posting ironic to say the least.
/. t shirts on thinkgeek, how about some cool items. An engraved /. (the symbol) metal coffe mug? A swiss army knife with green handle and inlayed /. symbol? People are a lot more willing to give money if they are under the impressions they are gaining something, in particular something physical for their money. SLashdot should take note.
Megatokyo has my respect, big time. I have at least 6 shirts of there's, two others I gave the girlfriend, and as soon as Im gainfully employed again, Im buying that 'F33r my l33t n3k1d sk1llz' boxer shorts. They've made some money off of me, and they earned it. I just wished it was enough for them to work full time; daily updates to megatokyo would be reason for me to leap out of bed with a smile on my face each and every morning.
Perhaps Slashdot could do something similiar? Instead of the subscription service, some merchandizing would be better. Instead of the lame
Everyone talks about setting up beowulf clusters. It's pretty easy to set them up, just make sure there is a lot of usable bandwidth between the systems.
The question here that isn't being asked is about the application. Sure, you have a cluster. But just what is it doing? What numbers are you crunching with that many gigaflops? To take the beowulf idea out of the realm of geek bragging rights into actual useful production takes an application, and you can bet that most are customer designed in house.
Very little of the OS itself is involved in the real applications that make beowulfs useful and money-making. Take a look at your intended application, and see what its requirements are. If you are writing it in house, tell the MS rep to take a leap, since you wont have to worry about 100+ MS licenses, Visual Studio licenses, or whatever else. If your intended application requires MS OS underneath, hold out on the rep until he agrees to a dramatically reduced price on the software. But worrying about the OS in a cluster before looking at the application is counter productive.
Im not sure ( I haven't tried yet, still downloading ) but I have a hunch the magic words are the same ones I tell my 3 year old:
Please and Thank You.
I can only guess the 'big bird' reference is someone mixing up 'Ewe' and 'You'. Shame a ewe isn't a bird thou.
Toodles
.NET Studio demo is on the CD of this month's MSDN magazine. Full version is also available for anyone with an MSDN subscription, which any software development company or division worth its salt already has. (yes, a real MSDN subscription is well more than $1,079, but well worth it for companies creating MS software)
Toodles
If you are the kind that thinks 'Oh shucks, no big deal', think again.
If this is any kind of domain controller, remember that your SAM file can be downloaded, and if your system has microsoft network file sharing open or is running any part of the IIS suite, your as good as hacked. It can be downloaded and brute hacked with L0pht crack.
If you run any of the popular online games such as Quake 3 arena or Return to Castle Wolfenstein, your cd key is stored in plain text. All of a sudden you can't play because it is in use by '3l33t hax0r' 24x7. Other games such as Starcraft and HalfLife keep the key in the registry, which is also accessible. (see above)
Any kind of online login is vulnerable. These h4x0rz can use your sign in to Amazon.com and "One Click" a library to their address with your credit card. Your online porn accounts, your SSH and PGP private key, the list goes on.
And lets not forget those pictures of your wife you took with the new digital camera in your bedroom.
Toodles, who thinks its funny that people feel this is an insignificant security hole, and that the hole in XP was a threat to all mankind.
If you are interested in the development for this device, you can check out the SDK, emulator, and other items here from Jeff Frohwein, the staple of the Gameboy, gameboy advance, and other hand held home brew development 'scenez'.
I hope it works out well in practice. The only thing I fear is that we will only have a batch of emulators running on the gp32. For most home brew development platforms (ps1, dreamcast, gameboy, gameboy advance), emulators and demos are about all that exist; full games, even puzzle games, can take an awefull long time to develop.
Toodles
"...they've helped transport people to the moon and back safely, they manage critical aircraft systems for thousands of flights every day, they support business operations at companies of all sizes, and they move trillions of dollars around the world to keep the global economy"
It's a shame that none of these run Microsoft software. MS didn't exist in the 60's (moon landing), has nothing to do with aircraft systems (most still in use run on late 70's mainframes and mini's), and god help the bank/brokerage who runs their mission critical software on an Wintel platform. End flame.
Mundie does have one idea right though; make it ubiqutous (sp?). He indicates computers should have the same reliability that requires no thought. I agree whole-heartedly. However I don't believe MSFT can do it without rewriting the whole damn thing over. I cannot count the amount of times an NT server had to be manually power cycled because a service hung and wouldn't restart. This wasn't some oddball, third party service; this was IIS ("WWW Publishing Service" I believe) Until simple things like the separation between kernel and application (EVERY application, no exceptions for the ones you need to tweak for benchmarks) is complete, NT will have problems
Toodles
By the sound of the post, you feel that this is an urgent matter before the drywall goes up. It doesn't have to be. What you should be concerning yourself with putting in is conduit, not the wiring, if this is a house you plan on living in for a good long time.
With good conduit, running wires is a fairly painless process. Install the conduit, let the contractors install the drywall, then run the cat5, fiber, whatever. After X many years, if you decide you need to upgrade to fiber or whatever is current enough for your needs, pulling the existing wire and replacing will be a cinch. By putting in the wiring now instead of conduit, you are speeding up the depreciation and obsolescense (sp?) of your house, not increasing it. Good conduit even helps with events you didn't plan, such as if you figure out you need to pull RCA cables for house-wide stereo, or additional coax, or whatever.
Toodles
This is a company that I know _I_ have not heard of. Need instant public recognition that would require a multimillion dollar marketing budget? Send a letter to a kid asking the rediculus, and let Wired and the Slashdot affect put your company in popular mindset's as the Dancing Baby and 'All Your Base' quotes...
It's a shame about their website. There's a shockwave intro, that repeats...and repeats...and has a 'Skip Intro' button that causes the shockwave to repeat...and repeat. Boy, KPMG is about to have multi million hits over the next hours, and they have nothing to show the visitors except that silly themes song....
If you're expecting to run the actual binaries, your outta luck. What you CAN do though is 'back display' it if you have solaris running on another box on your network, or even under VMWare (notice, I havent tried Solaris under VMWare, don't even know if its possible).
On your box with the XServer (FreeBSD in this case):
$xhost +solaris.box.ip.here
On the Solaris box:
$DISPLAY=insert.your.ip.here:0
$export DISPLAY
$./ie &
It should display on your FreeBSD Xserver just like you want. I have done this for quite a while to get the HP/UX version of IE running on an Apollo 735 to display on my Linux box. A fast network is obviously preferred.
Toodles
Let's see... For $20,000 US, I can buy:
1. Terabyte Fileserver: $5000
2. Turtlebeach sound card with optical out (SBLive won't do it; it resamples the data for no reason): $400
3. 'Ultimate Linux Box 2001'= $3200-$7000
4. Choice of storage formats: WAVs (Free[as in beer]:1250-1750 cds:lossless) MP3 (done proper) (Free[as in beer]:12,500-17,500 cds:lossy) Ogg Vorbis (Free[as in speech]:12,500-17,500 cds:lossy), and FLAC (Free[as in speech]:2500-3500 cds:lossless)
All this, 2.54*10^24 times more storage, and a set of components guaranteed to be better than what is in that POS that's being sold. Oh, and lets not forget the $7000 or so you'll be saving.
I'll pass.
Toodles
However, one so-called freedom that we do not advocate is the "freedom to choose any license you want for software you write". We reject this because it is really a form of power, not a freedom.
This just doesn't sit well with me at all. I don't demand that the people who create software I use release under the GPL over whatever license it is currently using. I *will* look for alternatives, with my priorities being cost and opensource, in that order. Remember, this is a 'free software' group speaking, not the 'open source' group; big difference. A manifest destiny declaring all software should be GPL'ed should be met with serious opposition.
My code, that I work on, is mine. I owe to no one the work that was involved. (Code produced for an employer is different. For now, I mean code I do on my spare time.) *If*, and this is a big If, if I distribute my code in any form to anyone, it is entirely at my descretion. I own my work, and I'll do with it what I please. I am very happy to abide by the GPL in gpl'ed code. The reason is it's *their* code I'm using. These are *their* conditions they want the code used for, and I will keep my end of the bargain in return for their generosity in providing for everyone. If I don't like it, I don't *have* to use their code.
No one, not even RMS, is going to tell John Carmack that Doom 3 *has* to be released under the GPL. However, if RMS wants to spout that His Immenence Carmack is taking advantage of power, he would cause more harm than good. John Carmack knows the value of the GPL, and has shown this many many times over, with the release of Wolf3d and Doom source code, followed by the GPL of the Doom and Quake source. This has done tremendous things for the home brew gaming community, and while he can't measure in dollars the good he has done, I hope he has even a close approximation of the help he has provided in the releasing GPL. I will follow to the letter every section of the GPL in any work I do based on John's released software; not out of fear for lawyers, but out of respect for John's contribution. His gift.
No one has the right to say what we can or cannot do with our 'art', code in this case. RMS can spout anything he likes, but the moment he decides that my release of SuperWhizBangTurbo MUST be GPL'd is the exact moment his freedom to swing ends at my nose.
RMS, we appreciate what you've done, and what you fail to realize is the sheer enormity of code released daily under the GPL. However, what your proposing is not 'increasing the freedoms of computer users everywhere', you are 'taking away the rights of programmers everywhere'. We do, have been, and will continue to release under the GPL at every opportunity. However, we will find something else in protest if any effort is made to force us to do so. Even if its for the greater good, we are stubborn individuals, and will resist any effort to force us into submission.
Toodles
The Cisco 675 DSL router/modem. This device has very widespread use consumer home and SOHO environments. Other Ciscos in that line were included in a particular issue that cause the router to hang completely until power cycled. Cisco was first notified about this January 10 2000 (no typo there, 01-10-00). A very easy to prove situation was shown to cause this. After 11 months of waiting and two notifications to Cisco, the notifier had given up on Cisco doing The Right Thing (c), and notified BugTraq about the problem, in this post, Nov 28th, 2000. Users from around the world tested, and verified the issue. Want to know what happened? Nothing. Not a peep from Cisco about this, untill recently. The vulnerability DOS in the Cisco was never acknowledged by Cisco, and still isn't admitted. However, a notification of DOS vulnerability was finally admitted by Cisco here, 8-24-2001. Nineteen months since being notified. However, the entire reason for this wasn't the vulnerability mentioned of a skewed HTTP request, but simply its inability to handle multiple http connections. Why? Code Red. The Code Red virus was banging on port 80 so hard that the routers would lock up hard and die until reset. Many thousands of DSL customers were affected by this, and IMHO, a redux of the HTTP code that should have been done over a year and a half before, would have prevented the entire nightmare of Code Red issues for owners of the Cisco 675 (Their systems are another story however).
Checking for other 'exploit code' on the BugTraq list should show that the people who create it are responsible, usually doing no more than running a 'whoami' in the case of elevated privileges. They don't arm 'script kiddiez', they do it themselves, however the proof that a hole is exploitable is all someone needs to write their own. This is not a bad thing, this is a good thing.
It is general policy on BugTraq that companies be notified and given sufficient time to resolve issues, usually 3 months or so. If that lapses, it is the infosec engineers responsibility to post the exploit for the world. The company won't listed to the voice of one competant person, but they will listen when their entire customer base gets proof that the company shirked on their responsibilities to protect their customers.
Toodles
Here are some of the more promising results of a search from google.com (String used was :unix ref card pdf)
Unix Cheat Sheet
Unix Cheat Sheet
From Rice University : Very basic
Another Too large and outdated
Selection of Unix, Vi, and Emacs refferences Courtesy Univ. of Alberta.ca
You should be able to find what you need easy enough. I should also highly reccommend to everyone the linuxsecurity.com Linux Security guidesheet. Damn good reading to hardening your system. Here
Toodles
I highly recommend a book called "The High Road" by Ben Bova. Unlike most of Bova's work, this isn't fiction, but more of an essay regarding the need for increased investment and work towards space travel. No pictures available, the book is out of print, so an amazon.com link is kinda pointless.
Even when the book was printed (1981), drastic cuts in space funding were evident. Remember this is BEFORE the Challenger incident! Many different sources are cited in this book to back up his facts, but I will still try to not stray from the obvious.
1. Satellites. Sat phones, many nodes of the Internet, GPS systems, XM radio, spy satellites, anti-spy satellites, the Star Wars program (Think Reagan, not Jar Jar) all owe their existence to satellites. You can complain about those all you want, some are pointless, but all have been put with the idealistic thought of making life better in general. Some fail, and some are to make money, but I am glad all of them are there.
2. Secondary technical innovations. Velcro, Most plastics, and tertiary technical advancements for such things as bone marrow transplants (Remember the old commercial with Jesse Jackson, specifically to rally support for the space program, citing bone marrow transplants as one of the effects of earlier space exploration?)
3. Energy. This is the one that bites my tail most that SHOULD have been done in the 70's, and still should be done. A Solar Power Station. The idea is a large satellite, positioned so that it is never blocked from the sun, could gather and redirect the energy to a large array of solar power cells (we're talking a few dozen square miles worth, but well worth it). Environmental impact would be nill, and the land could still be used for grazing by livestock. Just plop the array of cells into some flat section of New Mexico or Montana, and be done with it. The power that could be produced by such a station could easily be twice that of the energy produced by imported and domestic oil gathered at the same rate. While I would recommend reading this book for the full explanation, this link will take you to a PDF with an excellent overview if you cant find the book. Imagine, free, practically limitless energy available. The electricity could be used to separate water into hydrogen and water, so even transportation would benefit.
4. Economy. Every dollar spent into the space program would change hands an avarage of 8 times before 'settling'. This is a matter of spending money to make money. It creates jobs, technology, and even patriotism.
5. Survival of the Human Race. As unlikely as it may seem, the Earth is our biggest Single Point of Failure. If anything happens to the Earth in a manner that makes it inhospitable to human life, the race will end. We must, for the survival of the species eliminate that single point of failure. Asteroids, nasty bacteria(e.g. Ebola), greenhouse effect, are all problems whose affect on the race could be limited if we got rid of the single point of failure. However improbable, they are still possible, and the human race must overcome.
6. Moon exploration. Boy, I'd love to get my hands on a killogram of diterium(Hydrogen ion +3?). There's only a few metric ton naturally occuring on the planet, almost all in the oceans. But, its on the surface of the moon, and the lack of atmosphere makes extracting it from the dust (notice I didn't say 'soil'. Just the dust, no more than 2" deep, would yeild enough diterim to satisfy a huge energy consumption for an enourmous amount of time.
There are more, but I grow tired of typing. Space exploration is not for short sighted people. It has produced amazing results for the entire human race, and as pessimistic as it may sound, failing to properly support it by the Americans is both bad for the U.S. as a whole, and failure by the world to investigate further is accepting the eventual end of the human race.
Toodles
Cd's are well entrenched into our society right now, but the fun stuff is at the edge. Namely, DVDA (That's Digital Versatile Disc Audio, you perv) and Audiophile (A refreshing look at old technology. LP style records using a very high tech manufacturing process and extremely tough vinyl. No digital->analog conversions here, baby. Very limited manufacturing runs due to the expense and low market appeal. Remember the /. acrticle about the guys spending $150k+ for a true 'audiophile' listening experience. This is what he had.) You can see many new albums being released with the DVDA style, which makes life a dream for people who want a highest quality possible rip. Dvda uses the same mpeg 2 compression that DVD's use. So, whip out your handy-dandy DeCCS software, and rip the audio straight off the disc. Since you are reading the data off of a the DVD, including checksums, you will get a flawless rip. Current rippers use a sector-by-sector read to try and get a good read, and they often fail since Redbook audio doesn't have checksums for each sector. But DVDA does. DVDA is also recording at a digital quality higher than cd's, and maybe DAT tapes (DVDA is 192kbit/s @ 48khz; cd's are 128kbit/s @ 44.1Khz)
THe moral of the story is, if you're an MP3 collector who is just interested in proclaiming to your IRC friends "WH00T! I got 2 petabytes of Tori Amos!", they want to slow you down. For real audiophiles, we've moved to the next best thing (tm) already.
Toodles