A comparable turboprop (PC-12 and TBM 850, 6-8 passengers) has a variable cost of about $600 per hour to operate and a similar purchase cost: https://www.avbuyer.com/articl...
Guess we'll have to switch to SSH and HTTPS tunnels instead of brazenly using IPSec and OpenVPN. Got the message loud and clear.:D
ISPs appear to throttle TCP connections to outside the GFW to 50kB/s. Since SSH runs over a single TCP connection, you will be accessing the internet at 0.4MBit. SSH connections are also long lived and easy to identify.
Shadowsocks to a server in Hong Kong with good peering (say Microsoft Azure East Asia datacenter) works well. Cheap VPS providers in HK have lousy connections to China with significant package loss.
Any quality VPN provider could look at what deep packet inspection is sold to China and then protect its VPN users.
Do you really think that any of the infrastructure for the GFW runs on imported foreign hardware? Many western telcos have been switching to products from ZTE and Huawei because of lower prices and products that match their requirements. China has regulation in place that forbids use of imported networking equipment for 'sensitive sectors' and actively favours local companies in many industries.
How is this different from what you can do with Cordova and Appcelerator? These frameworks allow you to create new plugins to expose any iOS APIs you want to Javascript and can load Javascript remotely.
I assume that the app cannot access any functionality that was not enabled during the App Store submission, though I'm not sure of that. Anyone any insights regarding this?
The way I understand it, the main compartment is usually held at ambient (saturation) pressure. The team can go in an out of the water instantly, with the entry lock for extra safety, but no pressure difference during a normal underwater stay.
When it's time for the team to go back up to the surface, they will slowly reduce the pressure in the main compartment over 17 hours for the team to decompress. When decompressed (like being on the surface), they enter the entry lock, pressure is increased to ambient pressure in a few minutes, then they exit the structure and go up to the surface. The exit would be like doing a ~10 minute dive from the surface to 16m and back up to the surface.
People that want one can easily get one. Same for satellite dishes, which are illegal in China, but nevertheless easily seen on most apartment buildings in Beijing.
And if foreigners use a VPN to access information, you lose all snooping ability. If their connection is not blocked, they will most likely not bother to use a VPN, allowing you to get information on how often they chat with friends, watch cats on Youtube and visit sensitive websites.
Still, the number of stars within say 50 light years is quite limited (1875 according to one post), so the poster is right about the chances of finding them within his life time being near zero. The number of stars in our own galaxy is 300 billion, and it might take up to 100,000 years for the signal to reach them, and the same amount of time to send a reply. Even within 500 light years, there are only 1,875,000 stars.
A shitload of people is probably hoarding exploits to use when MS stops patching the product. Once that happens,it's gonna be fun to watch.
What makes you think that these users are updating their systems right now? Most installations in China are pirated and have updates disabled to prevent them from being disabled after an update.
According to http://www.ie6countdown.com/ 24% of users in China use IE6. Microsoft has issued an update that forces an upgrade to IE8, which means that these users either have updates disabled or explicitly opted out of upgrading the browser through a special process; most likely the first.
I suppose that most customers will get a/24 in the 100.64.0.0/10 to use for all the devices in their home network. This way there will still only be one layer of NAT, and the maximum number of customers on one IP would be 64, not 16000. IPs are not so scarce that they need to squeeze more than 64 customers onto one IP (yet): one/8 of real addresses can theoretically accomodate up to 1 billion customers at 64 customers per IP. With only one layer of NAT (and uPNP support), almost nobody will notice a difference.
The few geeks that want remote access will be willing to pay a few extra dollars to get a real IP, or just connect IPv6 instead. By having people pay a little bit for a scarce resource, you can distribute them more effectively amongst those that really need them.
I live in China and noticed that since a few weeks (starting before the congress) the quality of OpenVPN UDP connections deteriorated severely. Formerly traffic worked fine, but now a ping over OpenVPN has significantly higher packet loss and latency than a direct ping to the same host, while these used to be similar. The connection often drops for 5-10 minutes, after which it is reestablished. A tunnel over ssh now performs a lot better than an OpenVPN connection.
Note that I am using my own servers and non-default ports, not established VPN providers that are easier to block. This behavior occurs on different networks from different ISPs. Additionally, L2TP connections now fail most of the time, while they worked a few months ago.
Not true, als it takes is having read a lot of foreign books and documentation. My first language is Dutch, my second in speach is Polish. My second in reading and writing is English and I can read the scrambled words as well as any native English speaking person.
This will only call the DOS.com file exit function returning with an exitcode of 0.
in assembly:
int 0x20
Smallest possible DOS executable that could be somehow usefull:
echo -en '\xcd\x05\xcd\x20' > prtscr.com
This will also call int 5, the print screen interrupt handler.
Re:rdiff-backup is easier and more efficient
on
Linux Backups Made Easy
·
· Score: 3, Informative
I've used rsync for my backups until now, but I've downloaded rdiff-backup 0.9.5 and I love it already!
New users: use the development version, it's a lot more efficient if you have a lot of small files, because it uses librsync instead of executing rdiff for each file. I've measured a factor 20 speedup on my devel directory!
Date: Mon, 12 Aug 2002 10:22:55 -0700 From: Waldo Bastian Subject: SECURITY: Konqueror SSL Vulnerability To: kde-devel@kde.org, kfm-devel@kde.org
Konqueror (kssl to be precisely) fails to detect certificates as invalid that have been signed by an issuer who is not allowed to do so. A patch for this problem has been commited to both the CVS HEAD branch and the KDE_3_0_BRANCH.
KDE packages for the upcoming KDE 3.0.3 release will be updated to include this fix. We hope to have binary packages for KDE 3.0.3 available by the start of next week.
Thanks go to Mike Benham and Gregory Steuck for alerting us to the problem.
See also: http://online.securityfocus.com/archive/1/2 86895/2 002-08-08/2002-08-14/1 http://slashdot.org/articl e.pl?sid=02/08/12/134123 9 http://www.theregister.co.uk/content/4/26620.ht ml
# uname -a
Linux judge-zorro 2.4.0 #1 Sat Jan 27 23:41:59 CET 2001 i686 unknown
# uptime
10:46am up 336 days, 23:40, 6 users, load average: 0.82, 1.05, 0.98
Slashdot Mirror
A comparable turboprop (PC-12 and TBM 850, 6-8 passengers) has a variable cost of about $600 per hour to operate and a similar purchase cost:
https://www.avbuyer.com/articl...
The Q400 costs significantly more per hour: https://prijet.com/operating_c...
Guess we'll have to switch to SSH and HTTPS tunnels instead of brazenly using IPSec and OpenVPN. Got the message loud and clear. :D
ISPs appear to throttle TCP connections to outside the GFW to 50kB/s. Since SSH runs over a single TCP connection, you will be accessing the internet at 0.4MBit. SSH connections are also long lived and easy to identify.
Shadowsocks to a server in Hong Kong with good peering (say Microsoft Azure East Asia datacenter) works well. Cheap VPS providers in HK have lousy connections to China with significant package loss.
Any quality VPN provider could look at what deep packet inspection is sold to China and then protect its VPN users.
Do you really think that any of the infrastructure for the GFW runs on imported foreign hardware? Many western telcos have been switching to products from ZTE and Huawei because of lower prices and products that match their requirements. China has regulation in place that forbids use of imported networking equipment for 'sensitive sectors' and actively favours local companies in many industries.
How is this different from what you can do with Cordova and Appcelerator? These frameworks allow you to create new plugins to expose any iOS APIs you want to Javascript and can load Javascript remotely.
I assume that the app cannot access any functionality that was not enabled during the App Store submission, though I'm not sure of that. Anyone any insights regarding this?
The way I understand it, the main compartment is usually held at ambient (saturation) pressure. The team can go in an out of the water instantly, with the entry lock for extra safety, but no pressure difference during a normal underwater stay.
When it's time for the team to go back up to the surface, they will slowly reduce the pressure in the main compartment over 17 hours for the team to decompress. When decompressed (like being on the surface), they enter the entry lock, pressure is increased to ambient pressure in a few minutes, then they exit the structure and go up to the surface. The exit would be like doing a ~10 minute dive from the surface to 16m and back up to the surface.
Nice try, NSA!
A quick search on Taobao (the number one Chinese online market place) yields more than 60000 results for 'xbox':
http://s.taobao.com/search?q=xbox&commend=all&ssid=s5-e&search_type=item&sourceId=tb.index&spm=1.6659421.754896237.1&initiative_id=tbindexz_20140108
People that want one can easily get one. Same for satellite dishes, which are illegal in China, but nevertheless easily seen on most apartment buildings in Beijing.
And if foreigners use a VPN to access information, you lose all snooping ability. If their connection is not blocked, they will most likely not bother to use a VPN, allowing you to get information on how often they chat with friends, watch cats on Youtube and visit sensitive websites.
Still, the number of stars within say 50 light years is quite limited (1875 according to one post), so the poster is right about the chances of finding them within his life time being near zero. The number of stars in our own galaxy is 300 billion, and it might take up to 100,000 years for the signal to reach them, and the same amount of time to send a reply. Even within 500 light years, there are only 1,875,000 stars.
A shitload of people is probably hoarding exploits to use when MS stops patching the product. Once that happens,it's gonna be fun to watch.
What makes you think that these users are updating their systems right now? Most installations in China are pirated and have updates disabled to prevent them from being disabled after an update.
According to http://www.ie6countdown.com/ 24% of users in China use IE6. Microsoft has issued an update that forces an upgrade to IE8, which means that these users either have updates disabled or explicitly opted out of upgrading the browser through a special process; most likely the first.
Having no new patches won't change anything.
I suppose that most customers will get a /24 in the 100.64.0.0/10 to use for all the devices in their home network. This way there will still only be one layer of NAT, and the maximum number of customers on one IP would be 64, not 16000. IPs are not so scarce that they need to squeeze more than 64 customers onto one IP (yet): one /8 of real addresses can theoretically accomodate up to 1 billion customers at 64 customers per IP. With only one layer of NAT (and uPNP support), almost nobody will notice a difference.
The few geeks that want remote access will be willing to pay a few extra dollars to get a real IP, or just connect IPv6 instead. By having people pay a little bit for a scarce resource, you can distribute them more effectively amongst those that really need them.
Setting the OpenVPN link-mtu to 1100 seems to work around the UDP blocking. Not ideal, but better than TCP with the package loss you experience here.
I live in China and noticed that since a few weeks (starting before the congress) the quality of OpenVPN UDP connections deteriorated severely. Formerly traffic worked fine, but now a ping over OpenVPN has significantly higher packet loss and latency than a direct ping to the same host, while these used to be similar. The connection often drops for 5-10 minutes, after which it is reestablished. A tunnel over ssh now performs a lot better than an OpenVPN connection.
Note that I am using my own servers and non-default ports, not established VPN providers that are easier to block. This behavior occurs on different networks from different ISPs. Additionally, L2TP connections now fail most of the time, while they worked a few months ago.
Not true, als it takes is having read a lot of foreign books and documentation. My first language is Dutch, my second in speach is Polish. My second in reading and writing is English and I can read the scrambled words as well as any native English speaking person.
echo -en '\xcd\x20' > void.com
.com file exit function returning with an exitcode of 0.
This will only call the DOS
in assembly:
int 0x20
Smallest possible DOS executable that could be somehow usefull:
echo -en '\xcd\x05\xcd\x20' > prtscr.com
This will also call int 5, the print screen interrupt handler.
I've used rsync for my backups until now, but I've downloaded rdiff-backup 0.9.5 and I love it already!
New users: use the development version, it's a lot more efficient if you have a lot of small files, because it uses librsync instead of executing rdiff for each file. I've measured a factor 20 speedup on my devel directory!
The Linux LVM (Logical Volume Manager) supports this, take a look at the LVM page
I prefer to install my fonts into /usr/local, like any other stuff that's not part of my distribution.
Message on kde-devel:
2 86895/2 002-08-08/2002-08-14/1l e.pl?sid=02/08/12/134123 9t ml
Date: Mon, 12 Aug 2002 10:22:55 -0700
From: Waldo Bastian
Subject: SECURITY: Konqueror SSL Vulnerability
To: kde-devel@kde.org, kfm-devel@kde.org
Konqueror (kssl to be precisely) fails to detect certificates as invalid that
have been signed by an issuer who is not allowed to do so. A patch for this
problem has been commited to both the CVS HEAD branch and the KDE_3_0_BRANCH.
KDE packages for the upcoming KDE 3.0.3 release will be updated to include
this fix. We hope to have binary packages for KDE 3.0.3 available by the
start of next week.
Thanks go to Mike Benham and Gregory Steuck for alerting us to the problem.
See also:
http://online.securityfocus.com/archive/1/
http://slashdot.org/artic
http://www.theregister.co.uk/content/4/26620.h
Cheers,
Waldo
Mirror of the dot.kde.org page
How about a load-balancing dot.kde.org mirror system? ;)
# uname -a
:(
Linux judge-zorro 2.4.0 #1 Sat Jan 27 23:41:59 CET 2001 i686 unknown
# uptime
10:46am up 336 days, 23:40, 6 users, load average: 0.82, 1.05, 0.98
But it has been less fun on my desktop system..
If you want to destroy evidence, you shouldn't forget your backups.. ;-)
(You do backup your important data, do you?
Screenshots: http://www.blackie.dk/KDE/KRegExpEditor/
And here are the other screen shots and the news page. Enjoy ;)