I think I just became a little less likely to buy either SAP or Oracle software, if this is their idea of ethics and security, respectively.
It doesn't take very much to own a company, any company, except for the right amount of money... Thats all. SAP TN is a wholly owned subsidiary of SAP, so SAP is responsible. That sucks. My company just bot some tiny 10 person shop and they are a bunch of idiots, ignorant of the very technology they claim to be capable of developing... Dealing with them is like executing a while loop of while true; do { foreach "they are huge idiots" continue; finally I convince them they're dumb and show them an (easier/better/more) elegant solution }...
So, I really feel bad blaming SAP for what some douchbag did at some subsidiary they just bought. I really doubt there was management knowledge outside of SAP TN of these events occurring, until now of course. It's really a bummer for SAP AG.
Ever read RFC 791? I did the other day, it's not that long really, and you already know most of it anyways. Here's the thing, ever try to use more than one default gateway? We wanted to do exactly that on our Pix at work. It can't do it. At least not without having an upstream router with both links (Ie. separate address spaces) that was doing policy based routing. If it was our ISPs that managed the upstream routers then we wouldn;t be able to do that. ISPs don't like to cooperate just because they share customers...
My point is, sure some businesses with an OSPF/MPLS/IGRP network might be able to modify their routing tables as links to their multiple ISPs go down, but a majority of businesses have one ISP, one firewall doing NAT, etc, and don't expose their cloud to the ISP... Realize this is just a generalization, your company may be different.
The theory may be that the global IP network could survive catastrophic loss of peering points, but the implementation wont. The Internet is a tiered architecture, not a mesh.
Yeah, cause Sun's UFS was really worth something to linux... Besides the internals of UFS has been well know for a long long time in the form of it's BSD bretheren. Not to say it hasn't advanced though, but it's no where compared to XFS. Then again ZFS, which is now also open source, may top it.
I do have to give them extra credit for the C++ STL though. That is a handy peice of library there. That and Boost...
ICANN cannot execute the court order because they do not have the authority to do so, and they are claiming that the court would have to go after the registrar through which the domain was registered, as they would have the contractual obligation with spamhaus.org.
Also, they posted this message as a response to community interest.
I assure you it is a 32 bit kernel on the Linux machine. Observe:
$ uname -m -p -i -o i686 i686 i386 GNU/Linux
I remember the 497 day rollover, but I am pretty sure that only applies to 2.2 kernels, and old 2.4 kernels. It was fixed sometime in the 2.4 kernels IIRC.
Anyways, this might tell you something:
$ cat/proc/uptime 61024684.00 83.1725723
That seems a little odd to me for some reason. I'll let you think about it for a little bit...
The Linux and Solaris boxes are development/build machines. The OpenBSD machine is a router/firewall/vpn endpoint. Not bad eh? Then again, I had a 2.6 kernel panic on me a few weeks ago running OpenVZ and trying to take lvm snapshots.
Some machines are more stable than others. You'll know when you have one, you can always tell...
Solaris 2.x, that is SunOS 5.x, is not based on SunOS 4.x. The SunOS 4 series was based on BSD, but Solaris was a full fledged Unix SVr4 implementation. As far as I am aware they recieved a License for the System V source to do their own implementation on Sparc.
The current versions of Solaris have nothing to do with BSD; that was SunOS 4.
I wonder, has there ever been a design document for the Linux kernel prior to implementation? More engineerable sounds to me slightly hacked together. Really the whole idea of open source flys in the face of software engineering.
A good uKernel has to be designed well; perhaps that also explains why open source uKernels suck compared to the commercial designs.
Remember when you could get IE for Unix? now that was weird. IE4 on Solaris 7, I remember people asking for it. I mean damn, even on my 486 I ran Netscape. Strange stuff...
Secondly, and whether you meant it this way or not, you are right because of my previous assertion. AT&T should have to put up with the "Show me your papers." mentality simply because they are not an individual citizen; yet they hold power over citizens, such as the ability to intercept their communications.
so the question is, would you risk your job over the security of your workstation? I hope not... If so you are a moron and deserve MIS to come craking down on you. MIS and HR are tight at my company, and for good reason.
I have a neat little toy at work. It is an HP thin client. It came with only 128MB of RAM in it, but I upgraded that to 256, and it has a Transmeta Crusoe processor in it, clocked at 733MHz I believe. It's been along time since I dug it out to play with it. It has a 32MB Flash drive in it, so it's rather limited in how much you can cram onto it, but it netboots Linux just fine. If I could find the right cable, I could hook up a laptop harddrive to it I think. It has the same pin configuration as a laptop drive at least.
So, 733MHz, 256MB DDR, 32MB Flash, 10/100 Ethernet, all in a neat little package. This one came with WinCE on it. Maybe ebay has them? Some of them come with linux preinstalled, so maybe you'll get lucky and find one with linux on it already.
The time it takes a packet to make a round trip is stupid. Theres too much uncertainty and interference in the 2.4 GHz spectrum for that to be a reliable security mechanism. An AP should be just that, an Access Point. In order to gain access, prove who you are. Thats what 802.1x is for, wow! We already have that!
Strong encryption, none of this silly breakable WEP, is needed too. Thats what WPA and WPA2 (802.11i) are for. So, I guess we already have that too...
Most modern AP's that a home user can buy should support at least WPA-PSK (Wifi Protected Access - Pre Shared Key), and if they don't like mine didn't at first, firmware upgrades are sometimes available.
IMHO, we the community of/. should not worry about Joe Shmoe so much, but rather make sure your own equipment is good and tight.
We should worry about the opensource wifi security software that is out there, like xsupplicant or wpasupplicant and FreeRADIUS. Make it better, make it work with more wireless cards.
Joe Shmoe is an idiot. Don't worry about him. Eventally their type will be weeded out and taken care of.
On windows, you have Terminal Serveices (or vnc for those who like it painful) and on Unix you have either ssh or a console server, also called (correctly) a terminal server. Don't confuse that with windows, it's a seperate piece of hardware, they generally support ssh, and have 8, 16, 24, or whatever, serial ports (usually rj-45's).
For Sun hardware there is nothing else like it. Also, if you have Lights out Management on your servers, this is a good way to go. Some PC motherboards nowadays even support using a serial console instead of vga/keyboard. My Tyan Thunder K8S Pro is an example.
On windows, sure, you could do KVM over IP, or what ever else, but damn, if it's a server that keeps going down, then what the hell are you doing with your job? Fix the root cause, don't put bandaid's on the problem.
Indeed -- the reason/usr has the function it has today is because in the days of old, UNIX shipped on two tapes, the root tape and the usr tape. Since/usr was supposed to hold all users' home dirs, the usr tape was much larger than the root tape, and in the long run, the only way to fit everything in the UNIX system was to put the excess on the usr tape. Therefrom comes the idea of just storing the stuff necessary for booting in the directories directly under the root dir, and everything else in/usr.
Just to clarify, the letters USR do not mean USER, sure it may sound plausible, but I assure you, USR actually stands for Unix System Resources. Think about it.
For the historians in the house, remember, the first version of Unix wasn't multiuser. That didn't come about until it was ported to early C on the pdp-11.
Goto http://minnie.tuhs.org/PUPS/, the PDP-11 Unix Preservation Society, and get a simulator and the rk-ll disk images and actually run it. It's neat.
Anyone who wants a secure, stable, webserver might use it. In fact, I'd wager that there are more production servers running FreeBSD then there are running OSX. Now, on the desktop, freebsd hardly even tries, but it still makes a decent workstation for a Unix user. in fact a better one for a Unix user than OSX, but thats my opinion... I should note, I've used a lot of the major Unix-like OSs, some more heavily than others, and I have to say, OSX is not what I look for in a Unix machine. Solaris is a good OS for me (I have a Sun), Linux too, FreeBSD is great (run it on my file server), but OSX is for those that crave eye candy. I don't need that to get my work done.:)
P.S. at my old job, my desktop machine was a G3 running OSX.
FreeBSD has a daily security checking script that runs via cron, so does NetBSD, I assume OpenBSD does too... So do most of the major Linux distros. Sure there are probably a few that don't, but thats why we have choices! I mean, come on, not being able to learn something new, and you work for an educational institution... pathetic....
Seriously, one time me and my buddy got high and compiled a pdp11 emulator and ran AT&T Version 6 Unix on... get this... A Sun SparcStation IPC.
The box has 24MB of RAM, a 25MHz SPARC CPU, and a 411MB SCSI disk. I think the pdp11 we setup had 256k words (512kb) of ram. PDP11 Unix took a long time to boot too, around 15 minutes. Pegged the real cpu at 99% the whole time the emulator was running. For comparison, booting was instantaneous on a 2.4 GHz Xeon.
The part that was really funny was when we found the source code sitting in/usr on the disk image. Pre-K&R C, using stuff like =+ instead of +=... We were laughing our asses off. Not sure now why it was so funny...
Btw, it was running on NetBSD 1.6.1/SPARC...
Hey it was funny to us... Tell me you haven't done anything stupid when you were high!
seriously, hire me. I will secure your network and make it "easy"...
Stuff like that should not happen with propoer staffing, so one has to ask? where is their netowrk guru? all those scientists, one should have learned how to be a sysadmin by now. It's really not that hard... Well, it depends on the OS, but still...
Do I smell a community effort brewing to help these people out?
Dig out a TRS-80 Model II and use the serial port?
it had a Zilog z80, still a common cpu. I am certain that someone could write a small program to dump the disk to a serial port.
I used to have one of those when I was oh, about 10 or 11... I kept the disks, 3 of them. they're at my parents house... Damn 8" floppies were fast compared to that tape deck I had for my TI-99/4A...
I also had a ton of 5.25" floppies from my PC AT... Ah, my 286... I wish i still had that. 20MB hdd, 512K of RAM, 6Mhz CPU.... I used to write games on that thing in qbasic. you know, dumb stuff, like 2d shooters in 16 color EGA...
That machine was bad ass...
eventually i got a 486, but that thing doesn't evoke near the nostalgia of the TRS-80... Pong was way faster in Basic-80 on there then it was in TI-BASIC on the 99/4A...
oh i miss those machines... I used to code for days on those things, till my mom would yell at me to get some sleep... I remember when i first got the idea of how to do non blocking IO in basic... Oh the memories...
damn, basic sucked... Too bad I didn't know asm then...
Hacking the Windows Registry blows... No one likes to screw around in the registry unless you are trying to break your machine...
But, Assembler is fun... It was one of my favorite classes in college. Infinite precision math... Those were some good hacking sessions... I took it at the same time i took COBOL... Wait, did i just admit that... Damn.
Anyways, it was my old school languages semester...
Slashdot Mirror
So, I really feel bad blaming SAP for what some douchbag did at some subsidiary they just bought. I really doubt there was management knowledge outside of SAP TN of these events occurring, until now of course. It's really a bummer for SAP AG.
Ever read RFC 791? I did the other day, it's not that long really, and you already know most of it anyways. Here's the thing, ever try to use more than one default gateway?
We wanted to do exactly that on our Pix at work. It can't do it. At least not without having an upstream router with both links (Ie. separate address spaces) that was doing policy based routing. If it was our ISPs that managed the upstream routers then we wouldn;t be able to do that. ISPs don't like to cooperate just because they share customers...
My point is, sure some businesses with an OSPF/MPLS/IGRP network might be able to modify their routing tables as links to their multiple ISPs go down, but a majority of businesses have one ISP, one firewall doing NAT, etc, and don't expose their cloud to the ISP... Realize this is just a generalization, your company may be different.
The theory may be that the global IP network could survive catastrophic loss of peering points, but the implementation wont. The Internet is a tiered architecture, not a mesh.
Bummer on that one.
Yeah, cause Sun's UFS was really worth something to linux... Besides the internals of UFS has been well know for a long long time in the form of it's BSD bretheren. Not to say it hasn't advanced though, but it's no where compared to XFS. Then again ZFS, which is now also open source, may top it.
I do have to give them extra credit for the C++ STL though. That is a handy peice of library there. That and Boost...
ICANN cannot execute the court order because they do not have the authority to do so, and they are claiming that the court would have to go after the registrar through which the domain was registered, as they would have the contractual obligation with spamhaus.org.
Also, they posted this message as a response to community interest.
Bravo ICANN. Well executed.
I assure you it is a 32 bit kernel on the Linux machine. Observe:
/proc/uptime
$ uname -m -p -i -o
i686 i686 i386 GNU/Linux
I remember the 497 day rollover, but I am pretty sure that only applies to 2.2 kernels, and old 2.4 kernels. It was fixed sometime in the 2.4 kernels IIRC.
Anyways, this might tell you something:
$ cat
61024684.00 83.1725723
That seems a little odd to me for some reason. I'll let you think about it for a little bit...
Here's a random Linux server from work...
$ uptime
6:53pm up 706 days, 4:39, 3 users, load average: 0.00, 0.00, 0.00
Here's a BSD box...
$ uptime
7:48PM up 540 days, 23:14, 1 user, load averages: 0.13, 0.10, 0.08
And one solaris box for good measure...
$ uptime
6:56pm up 699 day(s), 3:24, 1 user, load average: 0.03, 0.04, 0.04
The Linux and Solaris boxes are development/build machines. The OpenBSD machine is a router/firewall/vpn endpoint. Not bad eh? Then again, I had a 2.6 kernel panic on me a few weeks ago running OpenVZ and trying to take lvm snapshots.
Some machines are more stable than others. You'll know when you have one, you can always tell...
Solaris 2.x, that is SunOS 5.x, is not based on SunOS 4.x. The SunOS 4 series was based on BSD, but Solaris was a full fledged Unix SVr4 implementation. As far as I am aware they recieved a License for the System V source to do their own implementation on Sparc.
The current versions of Solaris have nothing to do with BSD; that was SunOS 4.
I wonder, has there ever been a design document for the Linux kernel prior to implementation? More engineerable sounds to me slightly hacked together. Really the whole idea of open source flys in the face of software engineering.
A good uKernel has to be designed well; perhaps that also explains why open source uKernels suck compared to the commercial designs.
Remember when you could get IE for Unix? now that was weird. IE4 on Solaris 7, I remember people asking for it.
I mean damn, even on my 486 I ran Netscape.
Strange stuff...
First off, AT&T is not a citizen.
They should not have the rights of an individual.
Secondly, and whether you meant it this way or not, you are right because of my previous assertion. AT&T should have to put up with the "Show me your papers." mentality simply because they are not an individual citizen; yet they hold power over citizens, such as the ability to intercept their communications.
Looks like they even cut your budget for a spellchecker....
so the question is, would you risk your job over the security of your workstation? I hope not... If so you are a moron and deserve MIS to come craking down on you. MIS and HR are tight at my company, and for good reason.
I have a neat little toy at work. It is an HP thin client. It came with only 128MB of RAM in it, but I upgraded that to 256, and it has a Transmeta Crusoe processor in it, clocked at 733MHz I believe. It's been along time since I dug it out to play with it. It has a 32MB Flash drive in it, so it's rather limited in how much you can cram onto it, but it netboots Linux just fine. If I could find the right cable, I could hook up a laptop harddrive to it I think. It has the same pin configuration as a laptop drive at least.
So, 733MHz, 256MB DDR, 32MB Flash, 10/100 Ethernet, all in a neat little package. This one came with WinCE on it. Maybe ebay has them? Some of them come with linux preinstalled, so maybe you'll get lucky and find one with linux on it already.
So how long would it take for lets say, Blue Gene/L to break AES-256?
Longer than 90 days I hope...
I guess no one has ever heard of these guys: http://www.arubanetworks.com/
/. should not worry about Joe Shmoe so much, but rather make sure your own equipment is good and tight.
The time it takes a packet to make a round trip is stupid. Theres too much uncertainty and interference in the 2.4 GHz spectrum for that to be a reliable security mechanism. An AP should be just that, an Access Point. In order to gain access, prove who you are. Thats what 802.1x is for, wow! We already have that!
Strong encryption, none of this silly breakable WEP, is needed too. Thats what WPA and WPA2 (802.11i) are for. So, I guess we already have that too...
Most modern AP's that a home user can buy should support at least WPA-PSK (Wifi Protected Access - Pre Shared Key), and if they don't like mine didn't at first, firmware upgrades are sometimes available.
IMHO, we the community of
We should worry about the opensource wifi security software that is out there, like xsupplicant or wpasupplicant and FreeRADIUS. Make it better, make it work with more wireless cards.
Joe Shmoe is an idiot. Don't worry about him. Eventally their type will be weeded out and taken care of.
On windows, you have Terminal Serveices (or vnc for those who like it painful) and on Unix you have either ssh or a console server, also called (correctly) a terminal server. Don't confuse that with windows, it's a seperate piece of hardware, they generally support ssh, and have 8, 16, 24, or whatever, serial ports (usually rj-45's).
For Sun hardware there is nothing else like it. Also, if you have Lights out Management on your servers, this is a good way to go. Some PC motherboards nowadays even support using a serial console instead of vga/keyboard. My Tyan Thunder K8S Pro is an example.
On windows, sure, you could do KVM over IP, or what ever else, but damn, if it's a server that keeps going down, then what the hell are you doing with your job? Fix the root cause, don't put bandaid's on the problem.
Just to clarify, the letters USR do not mean USER, sure it may sound plausible, but I assure you, USR actually stands for Unix System Resources. Think about it. For the historians in the house, remember, the first version of Unix wasn't multiuser. That didn't come about until it was ported to early C on the pdp-11.
Goto http://minnie.tuhs.org/PUPS/, the PDP-11 Unix Preservation Society, and get a simulator and the rk-ll disk images and actually run it. It's neat.
Anyone who wants a secure, stable, webserver might use it. In fact, I'd wager that there are more production servers running FreeBSD then there are running OSX. Now, on the desktop, freebsd hardly even tries, but it still makes a decent workstation for a Unix user. in fact a better one for a Unix user than OSX, but thats my opinion... I should note, I've used a lot of the major Unix-like OSs, some more heavily than others, and I have to say, OSX is not what I look for in a Unix machine. Solaris is a good OS for me (I have a Sun), Linux too, FreeBSD is great (run it on my file server), but OSX is for those that crave eye candy. I don't need that to get my work done. :)
P.S. at my old job, my desktop machine was a G3 running OSX.
FreeBSD has a daily security checking script that runs via cron, so does NetBSD, I assume OpenBSD does too... So do most of the major Linux distros. Sure there are probably a few that don't, but thats why we have choices! I mean, come on, not being able to learn something new, and you work for an educational institution... pathetic....
Seriously, one time me and my buddy got high and compiled a pdp11 emulator and ran AT&T Version 6 Unix on... get this... A Sun SparcStation IPC.
/usr on the disk image. Pre-K&R C, using stuff like =+ instead of +=... We were laughing our asses off. Not sure now why it was so funny...
The box has 24MB of RAM, a 25MHz SPARC CPU, and a 411MB SCSI disk. I think the pdp11 we setup had 256k words (512kb) of ram. PDP11 Unix took a long time to boot too, around 15 minutes. Pegged the real cpu at 99% the whole time the emulator was running. For comparison, booting was instantaneous on a 2.4 GHz Xeon.
The part that was really funny was when we found the source code sitting in
Btw, it was running on NetBSD 1.6.1/SPARC...
Hey it was funny to us... Tell me you haven't done anything stupid when you were high!
You'll have to wait for the intermediate version, Bee-Cee-Pee-eeL, to come out first.
seriously, hire me. I will secure your network and make it "easy"...
Stuff like that should not happen with propoer staffing, so one has to ask? where is their netowrk guru? all those scientists, one should have learned how to be a sysadmin by now. It's really not that hard... Well, it depends on the OS, but still...
Do I smell a community effort brewing to help these people out?
That would be awsome. Then RMS wouldn't need the homeless shelters anymore!
Oh and rent would just go away... You'd be like a geek hitchhiker... Don't forget to bring a towel.
Dig out a TRS-80 Model II and use the serial port?
it had a Zilog z80, still a common cpu. I am certain that someone could write a small program to dump the disk to a serial port.
I used to have one of those when I was oh, about 10 or 11... I kept the disks, 3 of them. they're at my parents house... Damn 8" floppies were fast compared to that tape deck I had for my TI-99/4A...
I also had a ton of 5.25" floppies from my PC AT... Ah, my 286... I wish i still had that. 20MB hdd, 512K of RAM, 6Mhz CPU.... I used to write games on that thing in qbasic. you know, dumb stuff, like 2d shooters in 16 color EGA...
That machine was bad ass...
eventually i got a 486, but that thing doesn't evoke near the nostalgia of the TRS-80... Pong was way faster in Basic-80 on there then it was in TI-BASIC on the 99/4A...
oh i miss those machines... I used to code for days on those things, till my mom would yell at me to get some sleep... I remember when i first got the idea of how to do non blocking IO in basic... Oh the memories...
damn, basic sucked... Too bad I didn't know asm then...
Hacking the Windows Registry blows... No one likes to screw around in the registry unless you are trying to break your machine...
But, Assembler is fun... It was one of my favorite classes in college. Infinite precision math... Those were some good hacking sessions... I took it at the same time i took COBOL... Wait, did i just admit that... Damn.
Anyways, it was my old school languages semester...