The situation gets worse still if the GPL enters the picture. If the competitor's code is released under the GPL, I cannot so much as LOOK at it.
Sure you can. Just don't copy it.
Not to mention the fact that if the competitor's code weren't released, he certainly wouldn't be able to look at it or copy it anyway.
Seems like a null statement to me, or just more "save us from the viral GPL" nonsense.
Honestly, nothing about the GPL forces you to take someone else's code and steal it for your proprietary uses. Coders who complain that the GPL is "viral" and want all code to be closed or BSD-licensed are like men who complain that women are too tempting and want them to cover themselves in robes and veils. If your urge to sin (to steal someone else's copyrighted work and try to sell it as your own) is unsurmountable, the blame lies with you; don't try to push it onto the GPL or the person who wrote the code.
It's a human tendency to feel tempted and to resent the object of one's temptations, and it is perhaps understandable, but it is not something on which policy should be based or about which one can rightfully complain.
After all, if you're feeling frustrating desires for the beautiful people or code around you, both can be satisfied with your own hand(s);)
(boy am I going to get flamed for this one. bye-bye karma)
Megabyte is very precise - it means 2e30 which is ~1e6.
So you say. There is a lot of disagreement about that on linux-kernel, and hard drives aren't the only problem. (BTW, I think you mean "2^20". If you think a Megabyte is 2e30 (2x10^30) bytes, then we've got bigger problems than I thought.)
Basically the only thing safe to say is that "in the computer industry, megabyte sometimes means 2^20 bytes, sometimes means 10^6 bytes, and sometimes means something else like 10^3 * 2^10 bytes." How can one call that "precise"? It would be nice if we could say that "in the Linux kernel documentation, a MiB is 2^20 bytes, and a MB is 10^6 bytes." I don't think ESR wants to change the world, just to make CML2 is as unambiguous as possible. That seems to me a good goal.
The fact remains that for a very long time before computers because significant, kilo- meant 10^3 and mega- meant 10^6, and giga- meant 10^9. To many people not well-versed in the mess that is computer terminology, these remain their only meanings. When I first became involved with computers (yes, some of us dinosaurs were not born in the age of the PC), I had to learn about all the weird exceptions, and so, I imagine, does everyone else.
Just because hard drive manufacturers use the deceitful practice of quoting disk capacity in units of 1e6 doesn't mean we should all change our ways to match.
Remind me to yell at my old physics professors for using those deceitful SI units. Seriously, the deceit is in taking a pre-existing unit prefix with a long- and well-established meaning and changing that meaning to suit one's purposes. Just because the small portion of our society that is the computer industry has been engaging in the deceitful practice of calling kilo- 2^10 when it suits them doesn't mean we all have to go along with it.
Also, NIST doesn't have any pull with the industry on this - they're a National institute, but they can't mandate usage.
Who said they could? I never said they could. Alan Cox simply calls the prefixes "recommended." Where is this talk about a "mandate" coming from? Do you think the NIST called up ESR and threatened him with incarceration or bodily harm if he didn't make the switch?
There are perfectly rational reasons to go with the NIST's recommendation (reasons which I have touched upon elsewhere). These reasons, in my mind, outweigh the unfamiliarity of the prefixes or the fact that some puerile Anonymous Cowards think they sound "gay".
Yeah, a lot of people's displeasure on the kernel list seems to come from the fact that they think "mebibytes" sounds weird. Others point out that the terms have yet to reach wide acceptance.
But think about this: outside of geek circles, *everything* we say sounds weird, and many things have yet to reach wide acceptance. If you tried to explain to someone that
Slashdot ran an article from KernelTrap about some traffic on linux-kernel regarding ESR's use of "mebibytes" in CML2,
then "mebibytes" would not be the only term they would not understand. Inside geek circles, on the other hand, if you say "mebibytes," people will know exactly what you mean.
Precision in speech and writing is a virtue. In my mind, if this eliminates a little ambiguity in documentation, I think it's a suitable win.
Regarding how the words sound, I happen to like them. They're cute. "Hey there, wittlwe mebibyte... don't be shy..." Perfect for use when talking to an iMac. Hey, wait a minute...
Microsoft has sort of a history of this. With Terminal Services, they log the IP address the client gives the server, instead of doing a getpeername() or something. (See this Bugtraq post.)
You've got to wonder what they are smoking. Maybe they're stuck back in the DTP/FTP days (1970s and '80s), but the nature of networking sure has changed since then, and wise programmers learn from the mistakes of the past.
Anyway, you want to talk protocols that break horribly with NAT, let's talk IPSec's out-of-band key-enchange mechanism. Grrrrr.
Am I the only one that thinks that long before IPv6 becomes common, everyone + dog will be behind NAT? Even when IPv6 becomes common, will the ISPs really give home users the 48 bits they're supposed to? Making protocols that work with NAT is not that hard, and as you point out, is better for security than some of the alternatives.
Grrrr. Thanks for reminding me of all this suppressed anger regarding stupid protocols.:P
I was actually trying to draw a parallel between:
"Windows XP can automatically download the free fix"
and something like
"apt-get can automatically download the free fix"
Which is to say, between systems that can automatically download updates.
I do see your point. However, regarding the issue of making a conscious choice, when it comes down to it, there's an even bigger difference between XP and Linux users: most XP users did not really choose to install XP. As far as they are concerned, "it came with the computer." Most Linux users, on the other hand, probably chose to install and run a certain distribution of Linux. That, to me, is by far the worst thing about Windows (any version), for reasons I won't go into here.
Anyway, the most important and risky step in patching a system is installing the patch, not whether the patch file is downloaded automagically, manually, or is delivered by a incorruptible fat man on a sleigh. Either method (default update settings in XP or a sane Linux update script) prompts the user for that critical step, so in that respect they are really quite similar.
This is, of course, assuming that it actually does by default prompt users before doing anything to their machines (other than downloading some files), but that's what the article says, what other comments have said, and is all I have to go on. If that is so, then this basically just amounts to automatic update notification. Other than that it may take up some minor fraction of a modern machine's disk space, what is the negative security implementation of automatically downloading, but not automatically installing or executing, an update?
I suppose auto-downloading updates might leak information -- crackers might see that you are connecting to the update site and downloading stuff. However, since they may not be able to tell if you installed it or not, I would think they would concentrate on the people who were running XP and weren't downloading the updates. (That's where the fat man has the advatnage...)
Of course, the real benefit of auto update downloading and notification is that it makes it easier for people to install patches. Considering the number of unpatched MS systems out there constantly probing my machines with Nimda and friends, I think it's a big win for the Internet as a whole.
"Microsoft explained that a new feature of Windows XP can automatically download the free fix, which takes several minutes, and prompt consumers to install it. "
thats really messed up that and scary
Yeah, scary like apt-get.
Then again, at least MS patches are signed, which makes things not quite so easy to trojan. (Yeah, signatures aren't everything, I know.) Unless, of course, you don't trust MS not to trojan their software, in which case why are you running it?
Auto-update systems are good, so long as they prompt the user, which it appears XP's does.
What is this, 1982? I'm not sure what you intend this ID for (the source selector, I presume), but is there some reason you think the ID should be limited to 3 bits?
Unless you've got some SCSI-like data bus that's allocating a wire for each address bit (sounds like you're using ethernet instead), there's no reason not to give each unit a unique ID (e.g. MAC address or IP address obtained via DHCP) and let the units select other units they can see on the network (with those on the same segment auto-detected by sending out broadcast packets). Then you just need up/down buttons on the front to select from a much-less-limited number of sources (though nicer versions might have better controls). Plus, you just saved yourself the cost of an ID selector on the back.
* Uses 10BT chip and 2 $2 TI A/D chip to convert sound to/from PCM on the network
I think a 100Mbps chip (e.g. tulip) should be cheap enough nowadays that you shouldn't feel bad putting one in there.
Since it (in itself at least) adds nothing to the incremental cost of the units, you might as well run Linux on the darn thing, and then you can be cool and send the music with IP multicast (so it can be routed to other networks).
Mmmmm.... multicast.
Instead of trying to develop your own protocol for sending the music around, you could use icecast (though I'm not sure if it supports multicast or what formats of audio it can stream if you're set on PCM).
Of course, I'm no audio expert, so perhaps there are some sound-quality conerns that I've missed.
* Cost: $US150
You do realize that for *much* less than that amount of money you could buy a used low-end pentium, a sound card, and a network card, and put something like this together yourself? Of course, then it would be not-so-small, and you wouldn't have a keypad and display on the front, but it's better than nothing.
Maybe I'm missing something, but somebody has to have done something like this already. I'd hack one up for you, but I really don't have the time.
Find new ways to have fun in the game and sometimes come to a better understanding of how the game's engine works
See strategy guide in computer store while looking for a new game and chuckle at the silly hints, but then remember that some people might need them
Repeat cycle
Is that so despicable?
After I beat Baldur's Gate for the nth time, I amused myself for a while by experimenting with the various cheat codes, toying with the save file format with a hex editor, and otherwise trying to push the boundaries of what the game would let me do, which in itself was made for interesting challenges. Isn't that perfectly natural for someone with a hacker mentality?
In the process, I learned a little bit about how the game worked. It was fun for a while. Of course, silly me, that's why I buy games -- for the fun, not so I can prove how cool I am or look down on others for the way they choose to have fun with the games.
The kids who said "no, this is how you're supposed to do it!" were always the most annoying ones.
If people wanted to do that, we could easily finance a private (or government funded) space program, under any system of government.
It is worth noting that there are some important differences between private and government-funded space programs (read: "allow me to rant in a half-asleep stupor for a while"). While I happily contribute whatever small percentage of my income taxes goes to NASA, and wish that percentage were greater, I'm not sure if I'd feel the same way about giving that same amount of money to some private space program.
First of all, at least NASA is to some degree accountable and is unlikely to go out of business, taking my money with it. When I look around at Excite and Enron and all sorts of other companies starting with 'E' that have flushed their shareholders' money down the toilet over the past few years in (relatively) down-to-earth businesses, I'm not sure I'd be comfortable giving money to some firm whose business plan consisted of space exploration. NASA may not do everything exactly how I would like them to, but at least they get something up into space every once in a while (which is more than can be said for, say, the Rotary Rocket corporation).
Second, were I to give some money to a private space exploration initiative, it would be a necessarily individual act. If no one else contributed, I'd feel like a sucker, and might even feel a little resentment about the affair. Have you ever been the first one to step forward out of a line and volunteer for some unpleasant task? It's a real scary feeling that quickly becomes less scary if others start stepping up. For public initiatives, there is none of that anxiety, and there is something good about knowing that we're all in it together (darn pesky emotions). Now, tax policy is a matter for another time, but at least I know that most people are contributing something, even if it's not the same amount.
The things that NASA does are things that we can all be proud of, because they are things we, the public, were all involved. I, for one, would like to see them keep doing them (and more of them), because people will, years from now, probably remember what Neil Armstrong said when he landed on the Moon a lot better than they will remember all the other crap we worry about.
That's about all I can think up at this hour, but I guess what I'm trying to say is this: For some things (and for now I think space exploration is one of them), public initiatives are a good thing precisely because they are public. Space exploration might not happen as much without NASA, and in my mind, that would suck.
Sometimes government-funded initiatives are not a bad thing -- those who feel otherwise can build their own rockets and launch themselves somewhere where they won't have to worry about the Man anymore.;)
Verizon never asked to eliminate its competitors. It merely asked to be allowed to compete on a level playing field.
This does not to me seem possible.
Now I am no expert on the history of utilities in the U.S. (maybe someone with a Ph.D. can shed some light on this), but it seems to me that many people seem to forget that Verizon and other utilities have the advantage of huge amounts of existing infrastructure. (In fact, "Verizon" didn't even install a lot of it -- they inherited it from AT&T in the breakup.) Not only that, but this infrastructure was installed with the aid of and through countless special arrangements with local and larger governments (e.g. the U.S. Federal Government's Rural Electrification Act of 1936).
These governments realized long ago that it was in their best interest to aid utilities in building public infrastucture, whether through loan guarantees, municipal franchises, or other means. Although private firms played a much larger role in the U.S. than they did elsewhere, the utilities' monopolies are nevertheless to some degree government-granted.
While one might suggest that governments simply give the same aid to competing utilities in running another set of lines/pipes to every consumer, that is not only a very wasteful suggestion, but also one that ignores the fact that times have changed and it's no longer so easy to install the infrastructure. (I certainly don't want the streets torn up any more than they have to be.)
It is so unreasonable, then, that we ask these utilities to provide other companies access to the infrastructure that we helped them put into place? (...without dragging their feet and making every install from a competitor take gratuitously long)
Finally, while I agree that some things, like the maintenance of the two copper wires that run from my apartment building to the CO, lend themselves well to natural monopolies, it's not clear that all the other things that Verizon tries to do (Internet access, long distance service) should fall under the same umbrella.
The free market is a great ideal, and I'm all for it, but there are some circumstances where practical concerns make it unattainable and outside interference is required to prevent abuses. Pretending those practical concerns don't exist does not make them go away.
If I recall correctly (it has been a while), one thing that always frustrated me about my physics and math courses is that they always seemed to want a numeric result at the end.
I seem to remember that I would generally solve a problem symbolically down to the point where it was just a matter of arithmetic, at which point I would whip out the calcuator. That last step is really trivial, however, and if it weren't needed, neither would be the calculator.
If calculators are such a problem, then why not just ban them?
At least they put on that Defcon was about hacking, you wouldn't want people to actually know it is a security conference that a lot of legitimate people speak and learn at.
Strangely, the writer seemed to change his/her mind midway through.
At the beginning, we have:
Sklyarov was arrested after speaking at a hacking convention in Las Vegas on July 16.
but at the end:
Adobe complained to the FBI, which arrested Sklyarov as he was preparing to fly back to Russia from the computer security convention.
Maybe the AP just wants a little variety to spice things up.
That and banning ANY sender info or header forgery, require a valid mail or phone AND e-mail contact in all commercial e-mail, and I think the spam problem will be pretty much done.
Banning header "forgery" is a very bad idea, if you mean that (as people usually do) to indicate making the email appear as if it came from someone other than the actual sender. [You may not have meant it so broadly, but a lot of people do, so I feel justified in pointing a few things out for at least their benefit, so forgive me for taking this opportunity to make a general rant about the issue.]
Note that RFC 822 explicitly allows the From: header to be something other than the actual sender of the message (though it does require a Sender: header, but MUAs tend not to display that). It's easy to "forge" From: addresses because email was designed with this "forgery" in mind. Note also that because of Received: headers, it's actually difficult to mask the message's true origins. It's just that most people don't know about headers, so they focus on the From: line.
RFC 822 gives several examples of how this feature of email can be used, but here are a couple from my daily life:
1) I am a sysadmin at a rather large organization. I often find the need, when acting in an official capacity, to send email to users as "manager" or "postmaster" or "security" or as some other hat that I wear. This makes people notice the email, marks it as a formal note, allows the other admins to deal with responses to the mail, and has a number of other benefits. For a variety of reasons, it would be rather unprofessional for me to send out such email as myself. (Should the tens of thousands of users we support have to keep track of the staff changes in the our department?)
2) On the side, I do hosting for a number of smaller organizations. Sometimes the people who run these organizations feel the need to send out an email in an official capacity. In this case, they often send the mail with a From: address of something like info@foo.org, and the message originates on a totally different network than the one on which the foo.org machines live. Should the senders be forced to log into the foo.org machines as the "info" user and run mutt or maix? It's much better for them to be able to use their preferred MUA and their ISP's MTA. [This is why I get worried when I hear about ISPs requiring certain From: addresses.] Also, the people who send the message are not always the ones who answer mail to info@foo.org. Should organizations be forced to structure themselves around the requirements of email?
That's just my personal experience -- there are lots of other cases, I am sure.
Keep in mind that email was in large part modelled after the US postal system. It's interesting to note that return addresses are not always required by the USPS (think about post cards).
That said, I do think that some sort of valid return contact information is important (and I do hate unsolicited {mail,email,faxes,phone calls}). We should, however, be careful when recommending that certain things be outlawed -- just because we can not see a legitimate use of something does not mean that such a use does not exist and that the people engaging in that use should be punished for the bad behavior of others.
<offtopic rant>
It seems like this issue arises a lot on slashdot, and among the newbies I talk to. People tend to bash large, highly featureful packages or protocols (e.g. sendmail and X11) because they think that the particular ways they use them apply to all other cases. It's a natural tendency, I suppose, but sometimes I feel like I should wear a button reading "that doesn't scale" or "what about the corner cases" or something similar when talking to junior sysadmins.
</offtopic rant>
Tomlinson may think he gets a lot of email, but he doesn't.
Speaking of which, tomorrow (December 7th) will be the 11th anniversary of procmail v1.00, so I decided to look at my procmail log to see how much mail I get. To steal a bit from Mastercard(tm):
[Over the past 90 days,]
Number of mailing lists to which I have been subscribed: 0
Number of messages I've received: 76,697
Bytes of email I've received: 14,517,916,565
Value of procmail: priceless
Actually, procmail is free, so if you don't have it yet, go get it.
[images disappear from the web, CD-R gets scratched, CD-R gets melted]
What is the digital equivalent to printing a photograph on acid-free paper, stored behind UV-filter glass, in a climate-controlled area?
If you put that acid-free paper in some sketchy self-storage warehouse with no fire protection, it might go up in smoke. If you leave that acid-free photo on your desk to get scratched up and bleached by the sun, it's not going to look so hot either. Perhaps if you treat your digital photographs with the same respect you are giving this imaginary silver-halide photograph, you will find that they won't get wrecked so easily.
In a slightly-less-snippy reply to your question (I'm tired), try keeping the master CD in a climate-controlled area out of the sun, and leaving a copy of it on your desk to get scratched up (I've been doing this with software for years -- that whole fair-use thing). You could keep the master in a fire safe along with your other backup media (you do make backups, right?). You could even, as I have done with my data, work out a backup exchange with a friend that you see regularly, so that a copy will be offsite, just in case of fire, flood, or the Feds. And, of course, transfer that stuff on media that's a few years old to fresh media that is now shockingly less expensive than it was when you recorded the data originally.
Taking care of your data is not hard, is not particularly expensive, and can give you great piece of mind. Backups, onsite and offsite, can be handy in a pinch, and are like an insurance policy, without the getting-ripped-off-by-actuaries part (forgive me, Husker). You don't have to go overboard -- just do a little planning ahead and treat your data with respect. Good luck!
I'm not sure whether anyone, other than law-enforcement agents, is obligated to protect computer users,
I have some startling news for you. Law-enforcment officers are under NO obligation to protect you from anything at all. The Supreme Court ruled on this a long time ago. I wish I had the citation handy so I could post it. What the police do is come in after the fact, put a nice line around your body, and dust for prints.
There is no reason to be snide.
It should be noted that saying that people other than law-enforcement agents are not obligated is not the same thing as saying that law-enforcement agents are obligated. The clause was meant merely to exclude law-enforcement agents from the discussion. Perhaps a "perhaps" would have made that more clear, and I apologize for any confusion its omission caused, even if it was not logically necessary.
In any case, my original post was a clear case of karma whoring performed in a moment of weakness, and I'm amused it made it up to 5. Oh well, I suppose I should not be surprised.;)
it's high time that computer users insisted that the security community live up to its obligation to protect them
I'm not sure whether anyone, other than law-enforcement agents, is obligated to protect computer users, but if anyone is, surely the people who produce the software are more obligated to prevent or solve these problems than are those who merely report on them.
Is this, along with the U.S. government's warning to news agencies to be careful what they broadcast, a sign of a new trend?
The idea is that you need to have a cheap source of hydrogen and oxegen. And you do not what to use tap water because of the impurities. (never mind that producing a system that could handle impurities would cut the legs from under the Oil Companies)
No, this has nothing to do with impurities in tap water.
The energy comes (in lay terms) from combining the hydrogen and oxygen (the latter often obtained from the surrounding air) to produce water. In water, the hydrogen and oxygen are already combined, so to use water, you'd have to separate the hydrogen and oxygen first, which takes as much (actually more, thanks to inefficiencies) energy as you would get from recombining them.
The reasons fossil fuels are used have nothing to do with an oil company conspiracy, and everything to do with their abundance and convenient chemical and physical properties (and, incidentally, are the same reasons we use them as fuels generally).
I wouldn't worry about it, stuff like this wouldn't hold up more than a second under First Amendment scrutiny.
uhhh:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.
Microsoft != Congress
(...last I checked, anyway. If that changes, time to fall on my sword.)
Really, the EULA is a voluntarily entered contract between the end user and Microsoft, and is not to be confused with a law passed by Congress. One might compare this clause of the agreement to an NDA, in that both place restraint upon your speech, but neither is unconstitutional.
The defense against this kind of practice is not to complain and wave the First Amendment, but to remove Microsoft from the position that allows them to make these demands.
Linux needs a single GUI. Perhaps I have been trolled, here, but... Why the hell does Linux need to take over the desktop market, and why does it need a single GUI to do that? Linux is doing just fine, by my book, and I really couldn't care less about the rest of the desktop market. Linux is not a product that you need to market, and it's not a business plan -- it's the result of countless programmers scratching itches. So don't presume that you can attach to it your vision of where it should go.
Back to the topic at hand, one of the reasons I stopped using Windows and MacOS is that I was tired of having to do things their way. I happen to use Enlightenment and Blackbox a lot, because I like they way they work, and I don't use Gnome or KDE because I don't like the way they work. What makes you think that it is possible to make a single interface (graphical or not) that will please everybody? The fact that you can choose and then (in most cases) heavily customize your interface is one of the best things about UNIX and Linux. The window manager is just another user-level application, and it's nice to be able to run whichever user-level application suits you best.
Pick one, build it right. Define "right". You're not going to be able to make an interface that is all things to all people. What more likely would happen is that you would force your assumptions about how computers should be used onto everyone else, which is the thinking behind many of the things that I hate about Windows. Why do you want to repeat those mistakes?
Instead, try accepting the fact that people are different and situations are different, and it's non-trivial to make something that works for them all.
Follow Microsoft's example and do extensive usability tests, and make it easy and intuitive for the user to use it. Where do you get this idea of an "intuitive" interface? (To paraphrase someone whom I forget) The only intuitive interface is the nipple; after that everything is learned. I also think that you are making the common mistake of confusing "ease of use" and "ease of learning". The many possibilities presented by the command line may be more difficult to learn than a "wizard", but in the long run it's easier to use (try aliasing or scripting or cronning a wizard).
I've always hoped that Linux could crack the desktop market. I want to see it compete with MS. I want to be writing applications for Linux. The problem is, I just don't think that's ever going to happen. There are too many factions, and no single one appears to have a huge advantage. All of these GUIs are being written by programmers, for programmers. Leaving aside this insane idea that programmers all come together and work in harmony for free to write things that do not interest them... what is it about the existence of multiple window managers (let's not use the overly-general term 'GUI') that precludes acceptance of the operating system? Does the existence of multiple operating systems keep people from buying PCs? No, most people just use the OS (Windows) that comes bundled. In the window manager/desktop environment arena, most people will simple use the one that's presented by the distribution (RedHat, probably) that they install.
So, perhaps, instead of worrying about making a single interface to please all people, we should try to make Red Hat choose a default that will look exactly like Windows so we won't scare the poor wittle new users, of whom we don't think enough to trust to figure out something new like they once figured out Windows. Fortunately, I think Red Hat knows enough about its business to work towards using a non-threatening and easy-to-learn interface as the default. Give it time.
Alright, enough irrational ranting -- the "We need a single perfect (Distribution|Window Manager|Shell|Programming Language|...)" argument just really ticks me off, as I highly value freedom and diversity. Sure it's inconvenient and confusing sometimes, but I'm glad we live in a world where people are (to some degree at least) free to go their own way and choose a tool to suit the situation or their tastes.
What is happening is that your server is prepending the server name to the URL
Actually, that's not the case, and I figured out that the problem was a BASE tag in the HEAD. Time to do a recursive grep.
In any case, the point of my post was that "just change the port" is not as easy as it sounds, and there are a bunch of ways that it can cause problems.
Additionally, since running a server is not against the TOS or AUP for AT&T customers (like me), and that's one of the reasons why I chose Mediaone service so long ago, I had (I think) a reasonable expectation that they would not suddenly and arbitrarily block a port without first changing the AUP or TOS, and that I should now have to jump through these hoops because of lusers running IIS is just silly. I know, I was foolish for thinking that I could rely upon a service provider with whom I had a contractual agreement. Silly me.
So now I have to get DSL from Speakeasy (until Verizon pushes them out of business), which means a lot more money and waiting a few months for Verizon to twiddle their thumbs before they can do an install to an apartment less than 100 yards from the CO. In the meantime I have to set up a redirect service, which is another pain in my ass.
Not so simple, actually -- I tried this today because of the block, and it works fine in many cases, but there is a hitch.
Let's say someone is looking at "http://foo.ne.mediaone.net:8080/bar/fred.html", and this html file contains a reference to another file, be it a CSS file, an image, an anchor -- whatever. There are three possibilities I want to consider.
In the first, if this reference is of the form "http://foo.ne.mediaone.net/bar/ney.html", it's obviously not going to go to port 8080, but people rarely use absolute references like that, so let's move past that to the more interesting cases.
In the second, if the reference is of the form "ney.jpeg". Here, everything works fine and the client looks for "http://foo.ne.mediaone.net:8080/bar/ney.jpeg".
In the third, with a reference like "/css/rubble.css", you'd like to think that, since the parent URL is in http://foo.ne.mediaone.net:8080, the client would go for "http://foo.ne.mediaone.net:8080/css/rubble.css", but no! It looks up "http://foo.ne.mediaone.net/css/rubble.css" (and spends a long time timing out because of the block).
I have no idea why this is, but it seems to happen in both Netscape and IE. Haven't had time to investigate it thoroughly, so if anyone knows anything about this, I'd appreciate the info.
Slashdot Mirror
Not to mention the fact that if the competitor's code weren't released, he certainly wouldn't be able to look at it or copy it anyway.
Seems like a null statement to me, or just more "save us from the viral GPL" nonsense.
Honestly, nothing about the GPL forces you to take someone else's code and steal it for your proprietary uses. Coders who complain that the GPL is "viral" and want all code to be closed or BSD-licensed are like men who complain that women are too tempting and want them to cover themselves in robes and veils. If your urge to sin (to steal someone else's copyrighted work and try to sell it as your own) is unsurmountable, the blame lies with you; don't try to push it onto the GPL or the person who wrote the code.
It's a human tendency to feel tempted and to resent the object of one's temptations, and it is perhaps understandable, but it is not something on which policy should be based or about which one can rightfully complain.
After all, if you're feeling frustrating desires for the beautiful people or code around you, both can be satisfied with your own hand(s)
(boy am I going to get flamed for this one. bye-bye karma)
Megabyte is very precise - it means 2e30 which is ~1e6.
So you say. There is a lot of disagreement about that on linux-kernel, and hard drives aren't the only problem. (BTW, I think you mean "2^20". If you think a Megabyte is 2e30 (2x10^30) bytes, then we've got bigger problems than I thought.)
Basically the only thing safe to say is that "in the computer industry, megabyte sometimes means 2^20 bytes, sometimes means 10^6 bytes, and sometimes means something else like 10^3 * 2^10 bytes." How can one call that "precise"? It would be nice if we could say that "in the Linux kernel documentation, a MiB is 2^20 bytes, and a MB is 10^6 bytes." I don't think ESR wants to change the world, just to make CML2 is as unambiguous as possible. That seems to me a good goal.
The fact remains that for a very long time before computers because significant, kilo- meant 10^3 and mega- meant 10^6, and giga- meant 10^9. To many people not well-versed in the mess that is computer terminology, these remain their only meanings. When I first became involved with computers (yes, some of us dinosaurs were not born in the age of the PC), I had to learn about all the weird exceptions, and so, I imagine, does everyone else.
Just because hard drive manufacturers use the deceitful practice of quoting disk capacity in units of 1e6 doesn't mean we should all change our ways to match.
Remind me to yell at my old physics professors for using those deceitful SI units. Seriously, the deceit is in taking a pre-existing unit prefix with a long- and well-established meaning and changing that meaning to suit one's purposes. Just because the small portion of our society that is the computer industry has been engaging in the deceitful practice of calling kilo- 2^10 when it suits them doesn't mean we all have to go along with it.
Also, NIST doesn't have any pull with the industry on this - they're a National institute, but they can't mandate usage.
Who said they could? I never said they could. Alan Cox simply calls the prefixes "recommended." Where is this talk about a "mandate" coming from? Do you think the NIST called up ESR and threatened him with incarceration or bodily harm if he didn't make the switch?
There are perfectly rational reasons to go with the NIST's recommendation (reasons which I have touched upon elsewhere). These reasons, in my mind, outweigh the unfamiliarity of the prefixes or the fact that some puerile Anonymous Cowards think they sound "gay".
But think about this: outside of geek circles, *everything* we say sounds weird, and many things have yet to reach wide acceptance. If you tried to explain to someone that
then "mebibytes" would not be the only term they would not understand. Inside geek circles, on the other hand, if you say "mebibytes," people will know exactly what you mean.
Precision in speech and writing is a virtue. In my mind, if this eliminates a little ambiguity in documentation, I think it's a suitable win.
Regarding how the words sound, I happen to like them. They're cute. "Hey there, wittlwe mebibyte... don't be shy..." Perfect for use when talking to an iMac. Hey, wait a minute...
Basically, it's trusting client for security.
:P
Microsoft has sort of a history of this. With Terminal Services, they log the IP address the client gives the server, instead of doing a getpeername() or something. (See this Bugtraq post.)
You've got to wonder what they are smoking. Maybe they're stuck back in the DTP/FTP days (1970s and '80s), but the nature of networking sure has changed since then, and wise programmers learn from the mistakes of the past.
Anyway, you want to talk protocols that break horribly with NAT, let's talk IPSec's out-of-band key-enchange mechanism. Grrrrr.
Am I the only one that thinks that long before IPv6 becomes common, everyone + dog will be behind NAT? Even when IPv6 becomes common, will the ISPs really give home users the 48 bits they're supposed to? Making protocols that work with NAT is not that hard, and as you point out, is better for security than some of the alternatives.
Grrrr. Thanks for reminding me of all this suppressed anger regarding stupid protocols.
I was actually trying to draw a parallel between:
"Windows XP can automatically download the free fix"
and something like
"apt-get can automatically download the free fix"
Which is to say, between systems that can automatically download updates.
I do see your point. However, regarding the issue of making a conscious choice, when it comes down to it, there's an even bigger difference between XP and Linux users: most XP users did not really choose to install XP. As far as they are concerned, "it came with the computer." Most Linux users, on the other hand, probably chose to install and run a certain distribution of Linux. That, to me, is by far the worst thing about Windows (any version), for reasons I won't go into here.
Anyway, the most important and risky step in patching a system is installing the patch, not whether the patch file is downloaded automagically, manually, or is delivered by a incorruptible fat man on a sleigh. Either method (default update settings in XP or a sane Linux update script) prompts the user for that critical step, so in that respect they are really quite similar.
This is, of course, assuming that it actually does by default prompt users before doing anything to their machines (other than downloading some files), but that's what the article says, what other comments have said, and is all I have to go on. If that is so, then this basically just amounts to automatic update notification. Other than that it may take up some minor fraction of a modern machine's disk space, what is the negative security implementation of automatically downloading, but not automatically installing or executing, an update?
I suppose auto-downloading updates might leak information -- crackers might see that you are connecting to the update site and downloading stuff. However, since they may not be able to tell if you installed it or not, I would think they would concentrate on the people who were running XP and weren't downloading the updates. (That's where the fat man has the advatnage...)
Of course, the real benefit of auto update downloading and notification is that it makes it easier for people to install patches. Considering the number of unpatched MS systems out there constantly probing my machines with Nimda and friends, I think it's a big win for the Internet as a whole.
OK, enough rambling. In other news, here's something amusing:
Google lists windowsupdate.microsoft.com under "Computers > Internet > Abuse > Denial of Service"
Yeah, scary like apt-get.
Then again, at least MS patches are signed, which makes things not quite so easy to trojan. (Yeah, signatures aren't everything, I know.) Unless, of course, you don't trust MS not to trojan their software, in which case why are you running it?
Auto-update systems are good, so long as they prompt the user, which it appears XP's does.
What is this, 1982? I'm not sure what you intend this ID for (the source selector, I presume), but is there some reason you think the ID should be limited to 3 bits?
Unless you've got some SCSI-like data bus that's allocating a wire for each address bit (sounds like you're using ethernet instead), there's no reason not to give each unit a unique ID (e.g. MAC address or IP address obtained via DHCP) and let the units select other units they can see on the network (with those on the same segment auto-detected by sending out broadcast packets). Then you just need up/down buttons on the front to select from a much-less-limited number of sources (though nicer versions might have better controls). Plus, you just saved yourself the cost of an ID selector on the back.
I think a 100Mbps chip (e.g. tulip) should be cheap enough nowadays that you shouldn't feel bad putting one in there.
Since it (in itself at least) adds nothing to the incremental cost of the units, you might as well run Linux on the darn thing, and then you can be cool and send the music with IP multicast (so it can be routed to other networks).
Mmmmm.... multicast.
Instead of trying to develop your own protocol for sending the music around, you could use icecast (though I'm not sure if it supports multicast or what formats of audio it can stream if you're set on PCM).
Of course, I'm no audio expert, so perhaps there are some sound-quality conerns that I've missed.
You do realize that for *much* less than that amount of money you could buy a used low-end pentium, a sound card, and a network card, and put something like this together yourself? Of course, then it would be not-so-small, and you wouldn't have a keypad and display on the front, but it's better than nothing.
Maybe I'm missing something, but somebody has to have done something like this already. I'd hack one up for you, but I really don't have the time.
...
What about this cycle:
Is that so despicable?
After I beat Baldur's Gate for the nth time, I amused myself for a while by experimenting with the various cheat codes, toying with the save file format with a hex editor, and otherwise trying to push the boundaries of what the game would let me do, which in itself was made for interesting challenges. Isn't that perfectly natural for someone with a hacker mentality?
In the process, I learned a little bit about how the game worked. It was fun for a while. Of course, silly me, that's why I buy games -- for the fun, not so I can prove how cool I am or look down on others for the way they choose to have fun with the games.
The kids who said "no, this is how you're supposed to do it!" were always the most annoying ones.
If people wanted to do that, we could easily finance a private (or government funded) space program, under any system of government.
;)
It is worth noting that there are some important differences between private and government-funded space programs (read: "allow me to rant in a half-asleep stupor for a while"). While I happily contribute whatever small percentage of my income taxes goes to NASA, and wish that percentage were greater, I'm not sure if I'd feel the same way about giving that same amount of money to some private space program.
First of all, at least NASA is to some degree accountable and is unlikely to go out of business, taking my money with it. When I look around at Excite and Enron and all sorts of other companies starting with 'E' that have flushed their shareholders' money down the toilet over the past few years in (relatively) down-to-earth businesses, I'm not sure I'd be comfortable giving money to some firm whose business plan consisted of space exploration. NASA may not do everything exactly how I would like them to, but at least they get something up into space every once in a while (which is more than can be said for, say, the Rotary Rocket corporation).
Second, were I to give some money to a private space exploration initiative, it would be a necessarily individual act. If no one else contributed, I'd feel like a sucker, and might even feel a little resentment about the affair. Have you ever been the first one to step forward out of a line and volunteer for some unpleasant task? It's a real scary feeling that quickly becomes less scary if others start stepping up. For public initiatives, there is none of that anxiety, and there is something good about knowing that we're all in it together (darn pesky emotions). Now, tax policy is a matter for another time, but at least I know that most people are contributing something, even if it's not the same amount.
The things that NASA does are things that we can all be proud of, because they are things we, the public, were all involved. I, for one, would like to see them keep doing them (and more of them), because people will, years from now, probably remember what Neil Armstrong said when he landed on the Moon a lot better than they will remember all the other crap we worry about.
That's about all I can think up at this hour, but I guess what I'm trying to say is this: For some things (and for now I think space exploration is one of them), public initiatives are a good thing precisely because they are public. Space exploration might not happen as much without NASA, and in my mind, that would suck.
Sometimes government-funded initiatives are not a bad thing -- those who feel otherwise can build their own rockets and launch themselves somewhere where they won't have to worry about the Man anymore.
This does not to me seem possible.
Now I am no expert on the history of utilities in the U.S. (maybe someone with a Ph.D. can shed some light on this), but it seems to me that many people seem to forget that Verizon and other utilities have the advantage of huge amounts of existing infrastructure. (In fact, "Verizon" didn't even install a lot of it -- they inherited it from AT&T in the breakup.) Not only that, but this infrastructure was installed with the aid of and through countless special arrangements with local and larger governments (e.g. the U.S. Federal Government's Rural Electrification Act of 1936).
These governments realized long ago that it was in their best interest to aid utilities in building public infrastucture, whether through loan guarantees, municipal franchises, or other means. Although private firms played a much larger role in the U.S. than they did elsewhere, the utilities' monopolies are nevertheless to some degree government-granted.
While one might suggest that governments simply give the same aid to competing utilities in running another set of lines/pipes to every consumer, that is not only a very wasteful suggestion, but also one that ignores the fact that times have changed and it's no longer so easy to install the infrastructure. (I certainly don't want the streets torn up any more than they have to be.)
It is so unreasonable, then, that we ask these utilities to provide other companies access to the infrastructure that we helped them put into place? (...without dragging their feet and making every install from a competitor take gratuitously long)
Finally, while I agree that some things, like the maintenance of the two copper wires that run from my apartment building to the CO, lend themselves well to natural monopolies, it's not clear that all the other things that Verizon tries to do (Internet access, long distance service) should fall under the same umbrella.
The free market is a great ideal, and I'm all for it, but there are some circumstances where practical concerns make it unattainable and outside interference is required to prevent abuses. Pretending those practical concerns don't exist does not make them go away.
If I recall correctly (it has been a while), one thing that always frustrated me about my physics and math courses is that they always seemed to want a numeric result at the end.
I seem to remember that I would generally solve a problem symbolically down to the point where it was just a matter of arithmetic, at which point I would whip out the calcuator. That last step is really trivial, however, and if it weren't needed, neither would be the calculator.
If calculators are such a problem, then why not just ban them?
Strangely, the writer seemed to change his/her mind midway through.
At the beginning, we have:
Sklyarov was arrested after speaking at a hacking convention in Las Vegas on July 16.
but at the end:
Adobe complained to the FBI, which arrested Sklyarov as he was preparing to fly back to Russia from the computer security convention.
Maybe the AP just wants a little variety to spice things up.
Banning header "forgery" is a very bad idea, if you mean that (as people usually do) to indicate making the email appear as if it came from someone other than the actual sender. [You may not have meant it so broadly, but a lot of people do, so I feel justified in pointing a few things out for at least their benefit, so forgive me for taking this opportunity to make a general rant about the issue.]
Note that RFC 822 explicitly allows the From: header to be something other than the actual sender of the message (though it does require a Sender: header, but MUAs tend not to display that). It's easy to "forge" From: addresses because email was designed with this "forgery" in mind. Note also that because of Received: headers, it's actually difficult to mask the message's true origins. It's just that most people don't know about headers, so they focus on the From: line.
RFC 822 gives several examples of how this feature of email can be used, but here are a couple from my daily life:
1) I am a sysadmin at a rather large organization. I often find the need, when acting in an official capacity, to send email to users as "manager" or "postmaster" or "security" or as some other hat that I wear. This makes people notice the email, marks it as a formal note, allows the other admins to deal with responses to the mail, and has a number of other benefits. For a variety of reasons, it would be rather unprofessional for me to send out such email as myself. (Should the tens of thousands of users we support have to keep track of the staff changes in the our department?)
2) On the side, I do hosting for a number of smaller organizations. Sometimes the people who run these organizations feel the need to send out an email in an official capacity. In this case, they often send the mail with a From: address of something like info@foo.org, and the message originates on a totally different network than the one on which the foo.org machines live. Should the senders be forced to log into the foo.org machines as the "info" user and run mutt or maix? It's much better for them to be able to use their preferred MUA and their ISP's MTA. [This is why I get worried when I hear about ISPs requiring certain From: addresses.] Also, the people who send the message are not always the ones who answer mail to info@foo.org. Should organizations be forced to structure themselves around the requirements of email?
That's just my personal experience -- there are lots of other cases, I am sure.
Keep in mind that email was in large part modelled after the US postal system. It's interesting to note that return addresses are not always required by the USPS (think about post cards).
That said, I do think that some sort of valid return contact information is important (and I do hate unsolicited {mail,email,faxes,phone calls}). We should, however, be careful when recommending that certain things be outlawed -- just because we can not see a legitimate use of something does not mean that such a use does not exist and that the people engaging in that use should be punished for the bad behavior of others.
<offtopic rant>
It seems like this issue arises a lot on slashdot, and among the newbies I talk to. People tend to bash large, highly featureful packages or protocols (e.g. sendmail and X11) because they think that the particular ways they use them apply to all other cases. It's a natural tendency, I suppose, but sometimes I feel like I should wear a button reading "that doesn't scale" or "what about the corner cases" or something similar when talking to junior sysadmins.
</offtopic rant>
Clearly this is just a clever ploy to get tons of people to link to them. Look how many people have taken the bait so far!
If Current Trends Continue(tm), it's only a matter of time before they're at the top of the results for every google search.
Speaking of which, tomorrow (December 7th) will be the 11th anniversary of procmail v1.00, so I decided to look at my procmail log to see how much mail I get. To steal a bit from Mastercard(tm):
[Over the past 90 days,]
Number of mailing lists to which I have been subscribed: 0
Number of messages I've received: 76,697
Bytes of email I've received: 14,517,916,565
Value of procmail: priceless
Actually, procmail is free, so if you don't have it yet, go get it.
/opt/LINWgrep/bin/grep
/opt/LINWsed/bin/sed
/opt/LINWdate/bin/date....
[images disappear from the web, CD-R gets scratched, CD-R gets melted]
What is the digital equivalent to printing a photograph on acid-free paper, stored behind UV-filter glass, in a climate-controlled area?
If you put that acid-free paper in some sketchy self-storage warehouse with no fire protection, it might go up in smoke. If you leave that acid-free photo on your desk to get scratched up and bleached by the sun, it's not going to look so hot either. Perhaps if you treat your digital photographs with the same respect you are giving this imaginary silver-halide photograph, you will find that they won't get wrecked so easily.
In a slightly-less-snippy reply to your question (I'm tired), try keeping the master CD in a climate-controlled area out of the sun, and leaving a copy of it on your desk to get scratched up (I've been doing this with software for years -- that whole fair-use thing). You could keep the master in a fire safe along with your other backup media (you do make backups, right?). You could even, as I have done with my data, work out a backup exchange with a friend that you see regularly, so that a copy will be offsite, just in case of fire, flood, or the Feds. And, of course, transfer that stuff on media that's a few years old to fresh media that is now shockingly less expensive than it was when you recorded the data originally.
Taking care of your data is not hard, is not particularly expensive, and can give you great piece of mind. Backups, onsite and offsite, can be handy in a pinch, and are like an insurance policy, without the getting-ripped-off-by-actuaries part (forgive me, Husker). You don't have to go overboard -- just do a little planning ahead and treat your data with respect. Good luck!
There is no reason to be snide.
It should be noted that saying that people other than law-enforcement agents are not obligated is not the same thing as saying that law-enforcement agents are obligated. The clause was meant merely to exclude law-enforcement agents from the discussion. Perhaps a "perhaps" would have made that more clear, and I apologize for any confusion its omission caused, even if it was not logically necessary.
In any case, my original post was a clear case of karma whoring performed in a moment of weakness, and I'm amused it made it up to 5. Oh well, I suppose I should not be surprised.
it's high time that computer users insisted that the security community live up to its obligation to protect them
I'm not sure whether anyone, other than law-enforcement agents, is obligated to protect computer users, but if anyone is, surely the people who produce the software are more obligated to prevent or solve these problems than are those who merely report on them.
Is this, along with the U.S. government's warning to news agencies to be careful what they broadcast, a sign of a new trend?
...when you've got wireless?
Just find your local wide-open corporate or university wireless network, and hack away! Maybe even buy yourself a nice directional antenna... w00t!
The idea is that you need to have a cheap source of hydrogen and oxegen. And you do not what to use tap water because of the impurities. (never mind that producing a system that could handle impurities would cut the legs from under the Oil Companies)
No, this has nothing to do with impurities in tap water.
The energy comes (in lay terms) from combining the hydrogen and oxygen (the latter often obtained from the surrounding air) to produce water. In water, the hydrogen and oxygen are already combined, so to use water, you'd have to separate the hydrogen and oxygen first, which takes as much (actually more, thanks to inefficiencies) energy as you would get from recombining them.
The reasons fossil fuels are used have nothing to do with an oil company conspiracy, and everything to do with their abundance and convenient chemical and physical properties (and, incidentally, are the same reasons we use them as fuels generally).
I wouldn't worry about it, stuff like this wouldn't hold up more than a second under First Amendment scrutiny.
uhhh:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.
Microsoft != Congress
(...last I checked, anyway. If that changes, time to fall on my sword.)
Really, the EULA is a voluntarily entered contract between the end user and Microsoft, and is not to be confused with a law passed by Congress. One might compare this clause of the agreement to an NDA, in that both place restraint upon your speech, but neither is unconstitutional.
The defense against this kind of practice is not to complain and wave the First Amendment, but to remove Microsoft from the position that allows them to make these demands.
Linux needs a single GUI.
Perhaps I have been trolled, here, but... Why the hell does Linux need to take over the desktop market, and why does it need a single GUI to do that? Linux is doing just fine, by my book, and I really couldn't care less about the rest of the desktop market. Linux is not a product that you need to market, and it's not a business plan -- it's the result of countless programmers scratching itches. So don't presume that you can attach to it your vision of where it should go.
Back to the topic at hand, one of the reasons I stopped using Windows and MacOS is that I was tired of having to do things their way. I happen to use Enlightenment and Blackbox a lot, because I like they way they work, and I don't use Gnome or KDE because I don't like the way they work. What makes you think that it is possible to make a single interface (graphical or not) that will please everybody? The fact that you can choose and then (in most cases) heavily customize your interface is one of the best things about UNIX and Linux. The window manager is just another user-level application, and it's nice to be able to run whichever user-level application suits you best.
Pick one, build it right.
Define "right". You're not going to be able to make an interface that is all things to all people. What more likely would happen is that you would force your assumptions about how computers should be used onto everyone else, which is the thinking behind many of the things that I hate about Windows. Why do you want to repeat those mistakes?
Instead, try accepting the fact that people are different and situations are different, and it's non-trivial to make something that works for them all.
Follow Microsoft's example and do extensive usability tests, and make it easy and intuitive for the user to use it.
Where do you get this idea of an "intuitive" interface? (To paraphrase someone whom I forget) The only intuitive interface is the nipple; after that everything is learned. I also think that you are making the common mistake of confusing "ease of use" and "ease of learning". The many possibilities presented by the command line may be more difficult to learn than a "wizard", but in the long run it's easier to use (try aliasing or scripting or cronning a wizard).
I've always hoped that Linux could crack the desktop market. I want to see it compete with MS. I want to be writing applications for Linux. The problem is, I just don't think that's ever going to happen. There are too many factions, and no single one appears to have a huge advantage. All of these GUIs are being written by programmers, for programmers.
Leaving aside this insane idea that programmers all come together and work in harmony for free to write things that do not interest them... what is it about the existence of multiple window managers (let's not use the overly-general term 'GUI') that precludes acceptance of the operating system? Does the existence of multiple operating systems keep people from buying PCs? No, most people just use the OS (Windows) that comes bundled. In the window manager/desktop environment arena, most people will simple use the one that's presented by the distribution (RedHat, probably) that they install.
So, perhaps, instead of worrying about making a single interface to please all people, we should try to make Red Hat choose a default that will look exactly like Windows so we won't scare the poor wittle new users, of whom we don't think enough to trust to figure out something new like they once figured out Windows. Fortunately, I think Red Hat knows enough about its business to work towards using a non-threatening and easy-to-learn interface as the default. Give it time.
Alright, enough irrational ranting -- the "We need a single perfect (Distribution|Window Manager|Shell|Programming Language|...)" argument just really ticks me off, as I highly value freedom and diversity. Sure it's inconvenient and confusing sometimes, but I'm glad we live in a world where people are (to some degree at least) free to go their own way and choose a tool to suit the situation or their tastes.
What is happening is that your server is prepending the server name to the URL
Actually, that's not the case, and I figured out that the problem was a BASE tag in the HEAD. Time to do a recursive grep.
In any case, the point of my post was that "just change the port" is not as easy as it sounds, and there are a bunch of ways that it can cause problems.
Additionally, since running a server is not against the TOS or AUP for AT&T customers (like me), and that's one of the reasons why I chose Mediaone service so long ago, I had (I think) a reasonable expectation that they would not suddenly and arbitrarily block a port without first changing the AUP or TOS, and that I should now have to jump through these hoops because of lusers running IIS is just silly. I know, I was foolish for thinking that I could rely upon a service provider with whom I had a contractual agreement. Silly me.
So now I have to get DSL from Speakeasy (until Verizon pushes them out of business), which means a lot more money and waiting a few months for Verizon to twiddle their thumbs before they can do an install to an apartment less than 100 yards from the CO. In the meantime I have to set up a redirect service, which is another pain in my ass.
Not so simple, actually -- I tried this today because of the block, and it works fine in many cases, but there is a hitch.
Let's say someone is looking at "http://foo.ne.mediaone.net:8080/bar/fred.html", and this html file contains a reference to another file, be it a CSS file, an image, an anchor -- whatever. There are three possibilities I want to consider.
In the first, if this reference is of the form "http://foo.ne.mediaone.net/bar/ney.html", it's obviously not going to go to port 8080, but people rarely use absolute references like that, so let's move past that to the more interesting cases.
In the second, if the reference is of the form "ney.jpeg". Here, everything works fine and the client looks for "http://foo.ne.mediaone.net:8080/bar/ney.jpeg".
In the third, with a reference like "/css/rubble.css", you'd like to think that, since the parent URL is in http://foo.ne.mediaone.net:8080, the client would go for "http://foo.ne.mediaone.net:8080/css/rubble.css", but no! It looks up "http://foo.ne.mediaone.net/css/rubble.css" (and spends a long time timing out because of the block).
I have no idea why this is, but it seems to happen in both Netscape and IE. Haven't had time to investigate it thoroughly, so if anyone knows anything about this, I'd appreciate the info.