Been there done that, tried my best to clean up but every now and then you would find another "dropping" - the reaction I had was exactly the same as when you are wandering down the street and suddenly step in a dog dropping, same sort of revulsion and disgust at the filthy mess you just blundered into and now have to clean up.
Actually, if you are running exchange 2008 or later then you have to use powershell - the wmi hooks for vbscript just don't exist for later versions of exchange. You can get powershell for XP but you have to be on SP3.
Powershell does have its quirks though, the one that particularly catches me is trying to reference component of an object in an argument list. Doing a GUI is an exercise in patience. If you have done some perl programming then you should be reasonably comfortable with Powershell.
Not only privacy but the standard office would sound like a bar of a busy Friday night. Can you imagine loud howard dictating a document just over the cubicle wall?
You could try using pkgsrc (http://www.pkgsrc.org/) on opensolaris for third party applications. There are a lot of packages for opensolaris already but I think that pkgsrc beats them. Alternatively, you could try your hand at sourcejuicer and feed the apps you want into the opensolaris pool.
You don't need a server on the laptop - put the server on the server (duh) and just have the laptop as the client. It will work fine.
It is not really any more of a pain to set up than any other server.
Have a look at http://coda.cs.cmu.edu/
This is a disconnectable file system. It could be what you are looking for. Certainly, that is what I use for doing the same thing.
PKD did deal with this a lot but by far the best treatment of this subject I have read has to be "The Reproductive System" by John Sladek. If you haven't read this book then grab a copy and then start to be afraid where this could lead...
This is not a sanctioned code release. It would be just about impossible to build a development community around it. Anything made with it would be warez. I suppose its possible some tight knit group of geniuses could adapt and "spread" the work but I wouldn't hold my breath. There would be inevitable bugs and no good way for the clandestine developers to get feedback.
I am not so sure about that. This is mere speculation but what if there were a tight-knit group of people that were capable of a) fixing bugs and b) producing ports for other platforms but instead of just producing a binary they actually posted patches to the source. Would valve use those patches? Should valve use those patches? Should they accept a new platform port?
Part of the justification for not doing other platforms is lack of resources to perform the port. What if that is done for them? Sure, there are maintenance overheads but if the port is done cleanly enough they should be minimised.
An interesting moral conundrum - accept the work based on an illegal act and legitimise it or totally ignore the work forcing it into the underground.
One thing to consider is the linux box is not worm food as opposed to the MS platform which seems to be having a lot of problems at the moment.
I play counter-strike. I play CS on linux using either wine or winex. I had zero...count them... zero problems installing, I just popped the HL cdrom in the drive, wine./setup.exe and away I went, patched up, put on CS and I was ready for rock and roll. These days it is rare for me to boot my wintel box at all - the only time I do it is when Valve mess up with the anti-cheat stuff in a way that breaks CS under wine. When this happens they seem to not dither about getting it working, it gets fixed quickly. Having people prodding them when things are broke must be some indication of how popular linux gaming is. I also play Soldier of Fortune 2 (under winex or wine), quake 3 & UT2003... all work fine (well, SoF2 has some sound issues but nothing chronic)
As others have noted, the real ogre is DirectX, it is the way MS has managed a lock in to their platform by creating a barrier to porting to another platform because nothing else has DirectX. Perhaps the obvious question is why does Linux not have DirectX? Perhaps answering that question may provide an out - if the DirectX interface could be implemented on Linux then the porting barrier would go away to a large extent.
Simpsons fan? Actually no. I have watched one single episode. The good/evil switch was a design requirement since our PHB was worried that HIS PHB may get an evil surprise. Odd how life imitates art, no?
if you could divine the chip that lurked under the anonymous black blob...you may have a chance, even then I suspect that the thing is mask programmed (or, at least, fusible link programmed - a one shot process) so pretty much the original guts could not be bent to our will, pity - I did have hopes for that initially.
there is a chance, if there is demand. Really, as I said in the article, the thing is pretty much there in the application notes, only the inverter stuff is missing. Oh, one hint (if anyone ever reads this) the apr9600 is much happier having the m8 (message 8 pin) pulled high even when you are in 8 message mode.
don't think so... there were a couple of mirrors posted already. Once again, I curse the geocities cap... the bastards are really cagey on telling you exactly how much they cap at.
well... close but not quite:
1) "Denied" from Quake 3
2) "Fire in the hole" from Counter-strike
3) "I can't remember asking you a god damn thing" from pulp fiction
4) "I'm going to get medieval on your ass" from pulp fiction
5) "Need Backup" from Counter-Strike
6) "Screw you guys, I'm going home" from South Park
Unfortunately, expletives are ruled out coz of some touchy feely crap.
That geocities webby is mine... they did not mention anything about a cap when I put the stuff there... the swine. Anyway, I do have another copy online but I know that will get/.'ed within seconds. If anyone has space for ~500k of text/pictures I can point you at a site to get the stuff from.
For people who want to understand more about what verified actually does, have a look at my home page which has a bit more detail on the philosophy and also a copy of the paper I presented on the subject.
Huh?? So, the attacker just regens the hash on the trojaned binary and the kernel thinks it is the cached value...am I missing something here?
Yes, you are missing something. You cannot "just regen the hash", the list is in kernel and cannot be updated once the securelevel has been raised. The attacker would have to regen the hash, insert it into the list of hashes to be loaded at boot and then reboot the machine. A slightly more difficult task.
Can one NOT change the cached hash without creating a seperate inode or something?
The hash is not cached, the comparison result is. If the file is somehow updated then the cached comparison result gets cleared.
If bash has a fingerprint in the list then you will be able to login because it will be able to run. The bit that you have picked up is that you can have, say, a perl script file that starts with #!/usr/local/bin/perl but a user typing/usr/local/bin/perl will not get perl.... this means that you can have verified scripts but prevent the shell interpreter being put to other uses.
Ummm *hello* is does actually say "cryptographic hash" in the article there. The fingerprint is either a md5 or a sha1 hash not a simple checksum.
Though you could add a checksum method if you wanted a smoking hole in your foot.
Slashdot Mirror
So, all we need to do is find three pre-cogs, put them to work and when two of them agree on a scenario we drag the perp in... simple!
Been there done that, tried my best to clean up but every now and then you would find another "dropping" - the reaction I had was exactly the same as when you are wandering down the street and suddenly step in a dog dropping, same sort of revulsion and disgust at the filthy mess you just blundered into and now have to clean up.
Actually, if you are running exchange 2008 or later then you have to use powershell - the wmi hooks for vbscript just don't exist for later versions of exchange. You can get powershell for XP but you have to be on SP3. Powershell does have its quirks though, the one that particularly catches me is trying to reference component of an object in an argument list. Doing a GUI is an exercise in patience. If you have done some perl programming then you should be reasonably comfortable with Powershell.
Not only privacy but the standard office would sound like a bar of a busy Friday night. Can you imagine loud howard dictating a document just over the cubicle wall?
You could try using pkgsrc (http://www.pkgsrc.org/) on opensolaris for third party applications. There are a lot of packages for opensolaris already but I think that pkgsrc beats them. Alternatively, you could try your hand at sourcejuicer and feed the apps you want into the opensolaris pool.
You don't need a server on the laptop - put the server on the server (duh) and just have the laptop as the client. It will work fine. It is not really any more of a pain to set up than any other server.
Have a look at http://coda.cs.cmu.edu/ This is a disconnectable file system. It could be what you are looking for. Certainly, that is what I use for doing the same thing.
Looks amazingly similar to a JNC product here http://www.jnc-digital.com/Eng/, check the SSF-8002/8005/8100 model out.
PKD did deal with this a lot but by far the best treatment of this subject I have read has to be "The Reproductive System" by John Sladek. If you haven't read this book then grab a copy and then start to be afraid where this could lead...
This is not a sanctioned code release. It would be just about impossible to build a development community around it. Anything made with it would be warez. I suppose its possible some tight knit group of geniuses could adapt and "spread" the work but I wouldn't hold my breath. There would be inevitable bugs and no good way for the clandestine developers to get feedback. I am not so sure about that. This is mere speculation but what if there were a tight-knit group of people that were capable of a) fixing bugs and b) producing ports for other platforms but instead of just producing a binary they actually posted patches to the source. Would valve use those patches? Should valve use those patches? Should they accept a new platform port? Part of the justification for not doing other platforms is lack of resources to perform the port. What if that is done for them? Sure, there are maintenance overheads but if the port is done cleanly enough they should be minimised. An interesting moral conundrum - accept the work based on an illegal act and legitimise it or totally ignore the work forcing it into the underground.
One thing to consider is the linux box is not worm food as opposed to the MS platform which seems to be having a lot of problems at the moment. I play counter-strike. I play CS on linux using either wine or winex. I had zero...count them... zero problems installing, I just popped the HL cdrom in the drive, wine ./setup.exe and away I went, patched up, put on CS and I was ready for rock and roll. These days it is rare for me to boot my wintel box at all - the only time I do it is when Valve mess up with the anti-cheat stuff in a way that breaks CS under wine. When this happens they seem to not dither about getting it working, it gets fixed quickly. Having people prodding them when things are broke must be some indication of how popular linux gaming is. I also play Soldier of Fortune 2 (under winex or wine), quake 3 & UT2003... all work fine (well, SoF2 has some sound issues but nothing chronic)
As others have noted, the real ogre is DirectX, it is the way MS has managed a lock in to their platform by creating a barrier to porting to another platform because nothing else has DirectX. Perhaps the obvious question is why does Linux not have DirectX? Perhaps answering that question may provide an out - if the DirectX interface could be implemented on Linux then the porting barrier would go away to a large extent.
Simpsons fan? Actually no. I have watched one single episode. The good/evil switch was a design requirement since our PHB was worried that HIS PHB may get an evil surprise. Odd how life imitates art, no?
if you could divine the chip that lurked under the anonymous black blob...you may have a chance, even then I suspect that the thing is mask programmed (or, at least, fusible link programmed - a one shot process) so pretty much the original guts could not be bent to our will, pity - I did have hopes for that initially.
there is a chance, if there is demand. Really, as I said in the article, the thing is pretty much there in the application notes, only the inverter stuff is missing. Oh, one hint (if anyone ever reads this) the apr9600 is much happier having the m8 (message 8 pin) pulled high even when you are in 8 message mode.
don't think so... there were a couple of mirrors posted already. Once again, I curse the geocities cap... the bastards are really cagey on telling you exactly how much they cap at.
well... close but not quite: 1) "Denied" from Quake 3 2) "Fire in the hole" from Counter-strike 3) "I can't remember asking you a god damn thing" from pulp fiction 4) "I'm going to get medieval on your ass" from pulp fiction 5) "Need Backup" from Counter-Strike 6) "Screw you guys, I'm going home" from South Park Unfortunately, expletives are ruled out coz of some touchy feely crap.
no... move along, nothing to see here.
That geocities webby is mine... they did not mention anything about a cap when I put the stuff there... the swine. Anyway, I do have another copy online but I know that will get /.'ed within seconds. If anyone has space for ~500k of text/pictures I can point you at a site to get the stuff from.
ok - someone give me a mail message and I will point you at some where that is not /.'ed to hell so you can wget a copy.
For people who want to understand more about what verified actually does, have a look at my home page which has a bit more detail on the philosophy and also a copy of the paper I presented on the subject.
Huh?? So, the attacker just regens the hash on the trojaned binary and the kernel thinks it is the cached value...am I missing something here?
Yes, you are missing something. You cannot "just regen the hash", the list is in kernel and cannot be updated once the securelevel has been raised. The attacker would have to regen the hash, insert it into the list of hashes to be loaded at boot and then reboot the machine. A slightly more difficult task.
Can one NOT change the cached hash without creating a seperate inode or something?
The hash is not cached, the comparison result is. If the file is somehow updated then the cached comparison result gets cleared.
If bash has a fingerprint in the list then you will be able to login because it will be able to run. The bit that you have picked up is that you can have, say, a perl script file that starts with #!/usr/local/bin/perl but a user typing /usr/local/bin/perl will not get perl.... this means that you can have verified scripts but prevent the shell interpreter being put to other uses.
Ummm *hello* is does actually say "cryptographic hash" in the article there. The fingerprint is either a md5 or a sha1 hash not a simple checksum. Though you could add a checksum method if you wanted a smoking hole in your foot.