If the person asking the question knew enough about the unix way to use OpenBSD, they wouldn't have asked the question in the first place.
With a default OpenBSD install you have packet filter with bandwidth management, DHCP server and BIND (for caching only) included. No X11, nor any games, or any GUI installed. Very well suited for a gateway on older hardware.
Installing and setting up a secure OpenBSD gateway is easier, at least for me, than similar setup for SuSE. So I use OpenBSD as gateway or server, and SuSE for desktop.
Just because OpenBSD does not have a pretty GUI installer or have as high a public profile as Linux, does not imply that it's difficult to install/maintain.
Polls are much more efficient. For example, Howard Dean is the democratic nominee and nobody had to waste their time voting, electronic or not.
Cynical, but perhaps not all that far off the mark. People needs to know and feel that one-man-one-vote is for real, and that there is real difference between the candidates.
The problem with our current voting system is that most people are too lazy to even vote.
How arrogant, to think that just because people don't vote, they must lazy. How you concidered that many thinks that none of the candidate will have their best interests at heart? Or that the election is fixed in such a way that the "right" candidate is elected by use of gerrymandering, thus makeing my vote count less?
There are many sick things with the election system, but lazy voters is not one of them.
Re:I am committed to delivering ...
on
More E-Voting SNAFUs
·
· Score: 3, Informative
Walden O'Dell, head of Diebold Election Systems, wrote a letter to
Republican contributors in August that said "I am committed to helping Ohio deliver its electoral votes to the president next year."
Interestingly, Republicans is widely believed to have manipulated vote-counting computers in South Korea. From historian Bruce Cumings
US policy on North Korea (part 2)
we have the following :
Many specialists remain convinced that a Republican team jiggered the vote-counting computers during the 1987 Presidential election that brought Chun's protege, Roh Tae Woo, to power.
Now, taking into concideration the election frauds in Florida, one does not need a tin-foil hat to see that voting computers will make election frauds even more easy.
I'm not really a supporter of the war and I'm *definately* not a supporter of Bush. But, that man (saddam) ordered the gasing [bbc.co.uk] that killed 5,000 civilians of his own people.
Interesting to note that US vetoed in UN Security Council a resolution that condemmed Saddams gassing. At that time, Saddam was the Good Guy fighting Evil Iran. And US did provide Saddam with chemical weapons and know how.
Undoubtly, and with some luck he will have a fair trial, in stark contrast to his own former justice system.
Hopefully, this will stop the attacks on the coalition troops
Hopefully, but very unlikely. Contrary to official propaganda not only Saddam loyalists, but also ordinary people are attacking the occupation forces. US disregard for civilians has made them quite a few enemies :
Oh The LIttle Saddams We WeaveThe War on Iraq's Workers
and the US can pull out and let Iraq start setting up its own country.
US are already planning to have several permanent bases in Iraq, and are there to stay. And in the process install a puppet regime to protect their oil interests.
SMTP isn't at fault for gaining access to the server. It is, however, at fault for making it awfully easy for people to use that server to impersonate random domains that point back to neither the spammer nor the web server that was attacked, resulting in a rather weak audit trail.
Exactly my point : SMTP was not responsible for the server compromise. However, since the term 'mail' was mentioned in the ingress, SMTP gets the blame.
Now, the other issues you bringing up, like audit trail, is worthy of quite a few articles;-)
The framers of US copyright law? The definition was just changed in 1999.
Ssssshhhh, this is Slashdot, the forum were all the really informed posts are drowned by the uninformed. This used not to be the case, I've been informed.
For once, a post on Slasdot that is actually thoughtful, informed and based upon real world experience. Too often posters are rewarded for their
uninformed opinions
True, I should have said, I believe, pVVn3d, as opposed to r00t3d.
So, the submission should read 'a PHP programmer allowed a variable to be set by an HTTP GET response, and got pVVn3d.'
But now we got 150 clueless/.-posts claiming that SMTP is at fault.
Does anyone are using smoothwall in mission critical situation. I am thinking of replacing the expensive and complicated Cisco Pix at the office with something more simple (smoothwall or ipcop).
Is this secure and scalable enough for my 3 transactional web site in the dmz and the 30 workstations?
Why not use OpenBSD? The excellent stateful
packet filter have builtin bandwidth management, and the operating system is known for it's focus on security.
I've always hoped that someone would write a turnkey network/Internet authentication and user IP accounting app (no way do I have the skill at this time). Something that would create an IP table entry when a user authenticates, and track the Internet usage of their machine.
OpenBSD has this via authpf, or if you prefer, here is an authentication done via web browser :
phpauthpf
don't mean to burst your bubble, bash Theo or OpenBSD, but I read Bugtraq daily, and I can't count the number of exploitable bugs reported in the OpenBSD kernel over the past few weeks, but it would probably take both hands and at least one foot.
You appearantly don't pay much attention to what your read then, since for OpenBSD 3.4 there are two security fixes. One local and one remote denial of service. One of the security fixes are only relevant for i386.
In a multiple choice test you have 2 to 10 possibilites to choose from. In a real world setting your choices are practically unlimited.
You miss the point. It's not the number of choices as such that's the issue, but that the REASONING behind the choices is not evaluated. In a real world you have to use your problems solving skills to solve unfamiliar problems. Multiple choice type of educations given by for-profit-companies with tests corrected by computer programs does not foster or encourage problem solving skills.
For once, there is nothing written, and you actually have to demonstrate proficiency! No more "wannabes" (*cough*MCSE*cough*) merley memorising and getting the Certification.
Since you are evaluated automatically by the servers, in what way is this fundamentally different from a written multiple choice test? There is no human on the other side to whom you are required to EXPLAIN the REASONS for what you are doing.
The Novell Practicum (oh, well, at least it sounds academic) is just another example of this peculiar US degree industry.
Some of us have been using DNS to get through some really draconian firewalls for ages. It was just a matter of time before we saw someone distribute files this way
It's just another irresponsibility specifically designed to slink through a firewall, and subvert security. It's just like Microsoft SOAP that's nothing more than RPC via port 80, and also designed to evade firewalls. And yeah, Microsoft talk alot about security using SOAP while never actually adressing the issues.
What is unique is that they will be cached. This in and of itself is an amazing idea. DNS is well designed to cache for well defined amounts of time.
And unless your DNS server got some godly amounts of memory, your in-memory DNS cache is pretty useless. Bye, bye caching-only name server.
Intel are not forthcoming with documentation about NIC and crypto. Here is what OpenBSD has to say about this OpenBSD experience with Intel:
Much like Intel does for all their networking division components, and completely unlike most other vendors, Intel steadfastly refuses to provide us with documentation. We have talked to about five technical people who are involved in the development of those products. They all want us to have documentation. They commend us on what we have done. But their hands are tied by management who does not perceive a benefit to themselves for providing documentation. Forget about Intel. (If you want to buy gigabit ethernet hardware, we recommend anything else... for the same reason: most drivers we have for Intel networking hardware were written without documentation).
The scale of x-axis is different from the scale of the y-axis. Now, choosing different scaling on the axes is pretty common, but unless care is taken, the intepretation might be distorted (in abscence of supporting statistical analysis). Just imagine the the "old" NetBSD results had a greater variance, the results of the new test would appear to be "even more" O(1) (and thus we would not see the so called "O(n) shadow").
All in all, from the plot alone, I would say NetBSD has done some great improvements. But to say NetBSD-current is now O(1) from the plot alone is unwarranted (with or without a "O(n) shadow"). Just try to plot the line "y=x" on the graph, and you'll see what I mean.
RTFA - specifically the graph of the mmap benchmark in question.
Take a look at the graph again, really. It's pretty clear that there is a great improvement with respect to the test, but that's about it. In absence of traditional statistical analysis, all we have is some nice pictures, with conclusions drawn upon the chosen scales of axes (they are very different) and the drawing program used.
Additional summarising statistics are lacking,
Slashdot Mirror
If the person asking the question knew enough about the unix way to use OpenBSD, they wouldn't have asked the question in the first place.
With a default OpenBSD install you have packet filter with bandwidth management, DHCP server and BIND (for caching only) included. No X11, nor any games, or any GUI installed. Very well suited for a gateway on older hardware.
Installing and setting up a secure OpenBSD gateway is easier, at least for me, than similar setup for SuSE. So I use OpenBSD as gateway or server, and SuSE for desktop.
Just because OpenBSD does not have a pretty GUI installer or have as high a public profile as Linux, does not imply that it's difficult to install/maintain.
Indeed, and all Microsoft employees and stockholders have a 666 sign somewhere on them.
Cynical, but perhaps not all that far off the mark. People needs to know and feel that one-man-one-vote is for real, and that there is real difference between the candidates.
How arrogant, to think that just because people don't vote, they must lazy. How you concidered that many thinks that none of the candidate will have their best interests at heart? Or that the election is fixed in such a way that the "right" candidate is elected by use of gerrymandering, thus makeing my vote count less?
There are many sick things with the election system, but lazy voters is not one of them.
Many specialists remain convinced that a Republican team jiggered the vote-counting computers during the 1987 Presidential election that brought Chun's protege, Roh Tae Woo, to power.
Now, taking into concideration the election frauds in Florida, one does not need a tin-foil hat to see that voting computers will make election frauds even more easy.
Interesting to note that US vetoed in UN Security Council a resolution that condemmed Saddams gassing. At that time, Saddam was the Good Guy fighting Evil Iran. And US did provide Saddam with chemical weapons and know how.
Undoubtly, and with some luck he will have a fair trial, in stark contrast to his own former justice system.
Hopefully, this will stop the attacks on the coalition troops
Hopefully, but very unlikely. Contrary to official propaganda not only Saddam loyalists, but also ordinary people are attacking the occupation forces. US disregard for civilians has made them quite a few enemies : Oh The LIttle Saddams We Weave The War on Iraq's Workers
and the US can pull out and let Iraq start setting up its own country.
US are already planning to have several permanent bases in Iraq, and are there to stay. And in the process install a puppet regime to protect their oil interests.
Exactly my point : SMTP was not responsible for the server compromise. However, since the term 'mail' was mentioned in the ingress, SMTP gets the blame.
Now, the other issues you bringing up, like audit trail, is worthy of quite a few articles ;-)
Ssssshhhh, this is Slashdot, the forum were all the really informed posts are drowned by the uninformed. This used not to be the case, I've been informed.
For once, a post on Slasdot that is actually thoughtful, informed and based upon real world experience. Too often posters are rewarded for their uninformed opinions
But now we got 150 clueless /.-posts claiming that SMTP is at fault.
Why not use OpenBSD? The excellent stateful packet filter have builtin bandwidth management, and the operating system is known for it's focus on security.
OpenBSD has this via authpf, or if you prefer, here is an authentication done via web browser : phpauthpf
You appearantly don't pay much attention to what your read then, since for OpenBSD 3.4 there are two security fixes. One local and one remote denial of service. One of the security fixes are only relevant for i386.
http://openbsd.org/errata.html
But it sure did show your attitude, which, sadly, is way too common.
You miss the point. It's not the number of choices as such that's the issue, but that the REASONING behind the choices is not evaluated. In a real world you have to use your problems solving skills to solve unfamiliar problems. Multiple choice type of educations given by for-profit-companies with tests corrected by computer programs does not foster or encourage problem solving skills.
This is interesting, and it's nice that Intel has changed their mind about some of their producs.
Since you are evaluated automatically by the servers, in what way is this fundamentally different from a written multiple choice test? There is no human on the other side to whom you are required to EXPLAIN the REASONS for what you are doing.
The Novell Practicum (oh, well, at least it sounds academic) is just another example of this peculiar US degree industry.
It's just another irresponsibility specifically designed to slink through a firewall, and subvert security. It's just like Microsoft SOAP that's nothing more than RPC via port 80, and also designed to evade firewalls. And yeah, Microsoft talk alot about security using SOAP while never actually adressing the issues.
What is unique is that they will be cached. This in and of itself is an amazing idea. DNS is well designed to cache for well defined amounts of time.
And unless your DNS server got some godly amounts of memory, your in-memory DNS cache is pretty useless. Bye, bye caching-only name server.
Intel are not forthcoming with documentation about NIC and crypto. Here is what OpenBSD has to say about this :
OpenBSD experience with Intel
Much like Intel does for all their networking division components, and completely unlike most other vendors, Intel steadfastly refuses to provide us with documentation. We have talked to about five technical people who are involved in the development of those products. They all want us to have documentation. They commend us on what we have done. But their hands are tied by management who does not perceive a benefit to themselves for providing documentation. Forget about Intel. (If you want to buy gigabit ethernet hardware, we recommend anything else... for the same reason: most drivers we have for Intel networking hardware were written without documentation).
All in all, from the plot alone, I would say NetBSD has done some great improvements. But to say NetBSD-current is now O(1) from the plot alone is unwarranted (with or without a "O(n) shadow"). Just try to plot the line "y=x" on the graph, and you'll see what I mean.
Yuck, draft was posted, but shit happens...
Take a look at the graph again, really. It's pretty clear that there is a great improvement with respect to the test, but that's about it. In absence of traditional statistical analysis, all we have is some nice pictures, with conclusions drawn upon the chosen scales of axes (they are very different) and the drawing program used. Additional summarising statistics are lacking,
Now, compare the scales at
Well, perhaps he means that the running time is O(n), where n is the number of times the test is run ;-)
I agree, the statement is unclear as it stands.
1.6 Gbit/sec of AES-128? Damn, I gotta get me one of these!
This is before optimization is done, and according to Theo, this is what they are doing right now. The chip is capable of 12.5 Gbit.