Looks like OpenWRT will release a Chaos Calmer 15.05.1a (or 15.05.2) with fixes for dropbear, *ssl, dnsmasq, and hostapd binaries : https://forum.openwrt.org/view...
"they claim this (connexion reset every 24h) is done for technical reasons, which is, simply put, BS"
Well, I heard that there is a (rare ?) problem of "ghost" PPPoE connexions when they are not closed/teared-down properly that oblige you to wait for the server to reset the connexion, and that's why they force a reset every 24h, to properly close all the connexion and allow you to reconnect at least after 24h.
"... He quickly convinced company executives to remove Internet access from all Win98 machines, purchase better firewalls,..."
Yeah, when your firewall is not strong enough to block IP packets you should buy a better one.
But why these Win98 machines were given Internet access in the first place ?
You shall never give direct Internet access to a Windows machine.
One thing I learned is that when you have Windows machines, firewalls are not for protecting you, but there are for protecting the others from your Windows machines. Giving direct Internet access to a Windows machine is like giving a shutgun to a monkey.
I scream when I see companies with broadband Internet access and using a simple router with the default config that does NAT for all their LAN.
The problem is not solved by getting a better firewall, but by having the balls to deny any forward from LAN to WAN on the firewall, and force everyone to use an authenticated HTTP proxy and SMTP relay. Then, you can seat back, and watch all the PROTO=TCP DPORT=25 or DPORT=80 packets from your Windows machines being dropped by your firewall and filling your logs.
I remember playing with POV on my Atari 1024 STe upgraded from 1MB to 2MB (so it was a 2048 STe). Editing my scene by hand with Everest and rendering them in 80x50 with the lowest details to adjust the elements. Then, launching the final fullscreen rendering in 320x200 that could last half a day, just to get a glass ball over a heighfield rendered mountain.
Then, the day I got my first PC (a P100 with 8MB) and could render those scenes in 5 minutes in 640x480 with full details, I never touched POV again...
OTP protocol ("One Time Password") use a dictionnary (from the S/Key protocol) to convert 64bit password into 6 pronounceable words.
This dictionnary could be a way of generating 64bits random password that could be easily remembered by your users by giving them this "6 words" version.
Anyway, always remember that your password may be "cryptographically strong" enough, but will never be "chocolatelly strong" enough...
I usually upgrade my distro only when the libc/XFree/any core library start to become really obsolete.
I changed my slackware 3.x for RedHat 6.2 when too many application needed libc6 instead of libc5 and XFree was compiled for libc5 so it was not reentrant/thread compliant.
Then, I upgraded my RedHat 6.2 with RedHat 8.0, for almost the same reason: get XFree 4, new libc6 and mozilla started using gtk2, i guess, so I had to recompile it myself but I had not enough horse power to do it.
My last upgrade was with Fedora Core 1 and at work I still have a RedHat 9 that can run most of the actual software.
Gnome ? Sorry, I don't use gnome/mono stuff.
KDE ? well, yes, I use it, but I can get the latest one from kde-redhat.sf.net
Firefox ? www.mozilla.org will be perfect.
Helix player ? player.helixcommunity.org works like a charm.
Remote desktop ? VNC/x0vncserver/etc. are working perfectly on my RedHat 9.0 and Fedora Core 1
Evolution 2.0 ? mutt is much user friendly when used remotely over SSH and Evolution 1.2/1.4 is enough for me when I don't want to look like a cave man when the other around are using Outlook...
So I guess Fedoca Core 3 is not really worth an upgrade for me.
Why bother with cryptography/steganography/etc. when you can use slashdotography ?
You simply post your message in clear form in the comments of a "highly trollistic" news, and your message will automatically become hidden and indetectable with all the noise surrounding it.
... and Verisign has now updated the DNS record for that address to include several non-routable addresses, reducing the load on their servers.
They are inserting non-routable addresses in DNS answers ?
Well, after all, I should not be surprised to hear that, after the wildcard affair. They are definitely the masters for messing their DNS...
Ronald Dumbfeld wrote : if I follow it correctly the law is such that you are permitted to make private copies of CDs you've bought. There's also some vague reference to a "tax" on equipment for copying, but I don't think that's ever been implemented.
I guess the law is more||less the same as in France... Anyway, here is how it works in France:
- You have the right to make a copy of a CD data/audio for your personal use/backup and this right apply to any medium (CD, tapes, etc.)
But, a new law is being pushed by the "majors" to prohibit this right, and put their crappy DRM in the laws.
- There is also a tax on blank CDs that goes to the SACEM, a group representing the artist and responsible for collecting and managing their rights. The "artist" register their songs to the SACEM and anytime a song is played (on radio, tv, even the music you hear when you are shopping in your supermarket) they receive some bucks.
The problem with this is that whenever I buy blank CDs for burning my Linux distro, the SACEM receive that tax and that goes to [insert a crappy music artist here], even if the CD is not used for audio.
They are also pushing for extending this tax to any medium that can hold music : hard disk drives, memory sticks, etc. and computers of course.
Dropping in a Windows 2003 server or even a Windows 2000 server, applying the initial SP and patches available (which are downloaded during the setup even), set it for auto update, turn on the Firewall, turn off NetBIOS over TCP/IP for the Internet connection and leave it alone.
You're absolutly right !
Look at my Windows(r) box ! It has been turned off for the last 2 years, and never got hacked/wormed/remote exploited/root kited/etc. during this period, even without all those patches/service pack !
Here in "Old" Europe, their last album is sold corrupted^w with copy-control ! "illisible sur PC & Mac", "won't play on PC & Mac" ! (so it will play on a SparcStation ?). Last week I was about to buy it, but when I saw the copy-control sticker on the CD, I said NO THANK YOU !
I really appreciate Radiohead, and I really thought they were more (Ok) computer friendly, more "open minded"... but "I might be wrong" and it seems they are just like the others...
I know they are not responsible for the copy-protection stuff, but if they don't care about their album being readable by everyone then they do not deserve my money.
Slashdot Mirror
Looks like OpenWRT will release a Chaos Calmer 15.05.1a (or 15.05.2) with fixes for dropbear, *ssl, dnsmasq, and hostapd binaries : https://forum.openwrt.org/view...
The guy from this ads reminds me of David Lightman (played by Matthew Broderick) from the "Wargames" movie.
Nah! Heaviers than Air can't work!
No! Two and two always make up five!
"they claim this (connexion reset every 24h) is done for technical reasons, which is, simply put, BS"
Well, I heard that there is a (rare ?) problem of "ghost" PPPoE connexions when they are not closed/teared-down properly that oblige you to wait for the server to reset the connexion, and that's why they force a reset every 24h, to properly close all the connexion and allow you to reconnect at least after 24h.
"... He quickly convinced company executives to remove Internet access from all Win98 machines, purchase better firewalls, ..."
Yeah, when your firewall is not strong enough to block IP packets you should buy a better one.
But why these Win98 machines were given Internet access in the first place ?
You shall never give direct Internet access to a Windows machine.
One thing I learned is that when you have Windows machines, firewalls are not for protecting you, but there are for protecting the others from your Windows machines. Giving direct Internet access to a Windows machine is like giving a shutgun to a monkey.
I scream when I see companies with broadband Internet access and using a simple router with the default config that does NAT for all their LAN.
The problem is not solved by getting a better firewall, but by having the balls to deny any forward from LAN to WAN on the firewall, and force everyone to use an authenticated HTTP proxy and SMTP relay. Then, you can seat back, and watch all the PROTO=TCP DPORT=25 or DPORT=80 packets from your Windows machines being dropped by your firewall and filling your logs.
I remember playing with POV on my Atari 1024 STe upgraded from 1MB to 2MB (so it was a 2048 STe). Editing my scene by hand with Everest and rendering them in 80x50 with the lowest details to adjust the elements. Then, launching the final fullscreen rendering in 320x200 that could last half a day, just to get a glass ball over a heighfield rendered mountain. Then, the day I got my first PC (a P100 with 8MB) and could render those scenes in 5 minutes in 640x480 with full details, I never touched POV again...
OTP protocol ("One Time Password") use a dictionnary (from the S/Key protocol) to convert 64bit password into 6 pronounceable words.
This dictionnary could be a way of generating 64bits random password that could be easily remembered by your users by giving them this "6 words" version.
Anyway, always remember that your password may be "cryptographically strong" enough, but will never be "chocolatelly strong" enough...
Worth The Upgrade?
No.
I usually upgrade my distro only when the libc/XFree/any core library start to become really obsolete.
I changed my slackware 3.x for RedHat 6.2 when too many application needed libc6 instead of libc5 and XFree was compiled for libc5 so it was not reentrant/thread compliant.
Then, I upgraded my RedHat 6.2 with RedHat 8.0, for almost the same reason: get XFree 4, new libc6 and mozilla started using gtk2, i guess, so I had to recompile it myself but I had not enough horse power to do it.
My last upgrade was with Fedora Core 1 and at work I still have a RedHat 9 that can run most of the actual software.
So I guess Fedoca Core 3 is not really worth an upgrade for me.
Why bother with cryptography/steganography/etc. when you can use slashdotography ?
You simply post your message in clear form in the comments of a "highly trollistic" news, and your message will automatically become hidden and indetectable with all the noise surrounding it.
Well, after all, I should not be surprised to hear that, after the wildcard affair. They are definitely the masters for messing their DNS...
Ronald Dumbfeld wrote : if I follow it correctly the law is such that you are permitted to make private copies of CDs you've bought. There's also some vague reference to a "tax" on equipment for copying, but I don't think that's ever been implemented.
I guess the law is more||less the same as in France... Anyway, here is how it works in France :
- You have the right to make a copy of a CD data/audio for your personal use/backup and this right apply to any medium (CD, tapes, etc.)
But, a new law is being pushed by the "majors" to prohibit this right, and put their crappy DRM in the laws.
- There is also a tax on blank CDs that goes to the SACEM, a group representing the artist and responsible for collecting and managing their rights. The "artist" register their songs to the SACEM and anytime a song is played (on radio, tv, even the music you hear when you are shopping in your supermarket) they receive some bucks.
The problem with this is that whenever I buy blank CDs for burning my Linux distro, the SACEM receive that tax and that goes to [insert a crappy music artist here], even if the CD is not used for audio.
They are also pushing for extending this tax to any medium that can hold music : hard disk drives, memory sticks, etc. and computers of course.
Dropping in a Windows 2003 server or even a Windows 2000 server, applying the initial SP and patches available (which are downloaded during the setup even), set it for auto update, turn on the Firewall, turn off NetBIOS over TCP/IP for the Internet connection and leave it alone.
You're absolutly right !
Look at my Windows(r) box ! It has been turned off for the last 2 years, and never got hacked/wormed/remote exploited/root kited/etc. during this period, even without all those patches/service pack !
What a great OS !
Now, we know what all thoses G5 were for ! :)
Personally I use the universal Microsoft(r) Office(r) Reader(c)(tm) aka GNU/strings :
$ strings p2p.xls | less
"I wouldn't call Radiohead a "big crap artist"."
...
... but "I might be wrong" and it seems they are just like the others ...
Me neither ! but
Here in "Old" Europe, their last album is sold corrupted^w with copy-control ! "illisible sur PC & Mac", "won't play on PC & Mac" ! (so it will play on a SparcStation ?). Last week I was about to buy it, but when I saw the copy-control sticker on the CD, I said NO THANK YOU !
I really appreciate Radiohead, and I really thought they were more (Ok) computer friendly, more "open minded"
I know they are not responsible for the copy-protection stuff, but if they don't care about their album being readable by everyone then they do not deserve my money.