two things here. One: the bzipped image is a file, just as 'easy to work with' as a.gho file, and Two: Ghost doesn't make disk images, it only copies files into that monolithic.gho. That's actually one of the primary differences between ghost and dd -- you don't get anything but allocated files with ghost, and for this reason ghost only supports certain filesystem types (though indeed they get most of the big ones, ntfs, fat, fat32, and ext2) but dd doesn't care what it's copying -- filesystem or not -- "Them's all just bits" God forbid that you would try to use a ghost image for forensic analysis, but dd, that's the good stuff for that. If you just want a backup of your working hard drive, ghost or a like alternative 'file' imaging program is probably what you're looking for. If you want the story that the unused portion of a hard drive can tell you, then dd it. Also, to my knowledge, bzip2 doesn't only 'not know enough about ntfs' it simply compresses an input data stream to an output datastream, so it's not supposed to 'know enough about' any filesystem at all, it doesn't know about ext2 or 3 or ReiserFS either...
What company do you work for that doesn't try to maximize profits? I hate to do this, but hell, industries shift over time. We now have a global economy, and we must all act like it. If sending jobs overseas is the way to stay competative in the global market, them's the breaks. I'm not sure what opposers to outsourcing propose to do: you can either keep jobs over here, with high production costs, and even higher consumer prices, or offshore some things and keep the prices competative with other imported products. It's unfortunate for those who lose their jobs, but we are indeed living in a capitalist society. Capitalism works because not everyone is successful, there have to be losers (financially) for anyone to be able to win. Whole industries go out of business, and that's the normal way of things -- after all, the old standby adage, "Nobody is making buggy whips anymore, would you suggest the government have subsidized the whip manufacturers to keep them afloat and employed?" This scheme applies to a whole mess of industries. Look at Television manufacturing: We get a bunch of that from China, but because we do, the televisions we do get cost less, and even most americans that live below the poverty level are now able to afford two of them. I don't see what the fuss is about. It's not fair, you're right, but that's the way capitalism is an always has been. I still prefer it to socialism.
That's not true at all. I can have software that is GPL'd but you don't get the source or the binaries until you pay the fee. Thus, free as in free speech but not free beer. You're missing the whole disticntion that is actually WRITTEN INTO THE GPL itself. If you buy it, then you have to be able to get the source, but not before. There are lots of programs that are both gratis and 'free as in speech' but there are also some that you must pay for first, upon which, you can also get the source. (Doesn't even have to be distributed with the source, the source just has to be available to the licensee of said non-gratis software)
It doesn't matter what they worked out. They can't say that they are the only ones who can service the vehicles. That would be anticompetative, and possibly life threatening practices. Vehicles carry people, if they don't work correctly, and you happen to live in a town without a shop that services them and your local repair man doesn't have the codes, then that can put your life in jeopardy. I don't see how that qualifies as a kosher secret to protect.
Ok, Comprehensive not Corporation. I was a little off. I've seen the field called GCOS, never GECOS, but I guess since it has both abbreviations, they both are still acceptable (but I'll let you win this one, since you knew the real abbreviation.)
GCOS, which actually originally stood for "General Electric Corporation Operating System" and which has been immortalized in the "GCOS string" in/etc/passwd is reported to have been jokingly referred to as 'God's Chosen Operating System' by the old GE guys. They might beg to differ about the only one true OS. Though, I agree with you.
Though my post was technically redundant, the previous mentions of it weren't on the static page at the time I clicked on 'reply' so I don't see why I should be flamed for that.
Sorry about that.
Ok, either you missed my point, or you're pushing my buttons on purpose. I'm trying to say that technology is changing the world all the time, and teaching kids computer skills may be more important then teaching them to read shakespeare on paper. If the children of the futre ever want to read shakespeare, they may not use PDF's but they almost certainly will *not* use printed books. The landmarks of todays technologies and methods of information dispersal are not the boundaries or even necessarily similar to the way things will be done in the future. If most kids, in most schools (someday, not next week or next year) are familiar with online classes, then those without that in their classrooms would be at a comparative disadvantage. It has to start somewhere, so why not in Iowa with T1's to every school? There is no good argument against distributing infrastructure today that may now seem excessive. After all, 10 years ago, someone may have said 'I think we should put a 486 in every class room.' To which you may have replied, "Why so kids will be able to play games at recess?" I myself recount long hours of actual learning in front of Apple IIe's in a "state of the art" computer lab in my junior high school. It's because of these 'unneccesary wastes of taxpayer dollars' that most of my classmates and I are more computer literate than our contemporaries from the smaller surrounding towns who didn't have such advantages. If you want to think that we shouldn't embrace the internet for education, then you may do so. I believe that the internet allows for the distribution of many millions of textbooks worth of valuable (as well as junk) information. It's up to the IT guys to makes sure that nobody is getting 'Paris Hilton' videos during recess. That's another issue altogether, but I don't think that the difficulties involved should preclude the expansion of technology, and working toward ubiquity of the technology by starting kids out on it young.
Know any mathematicians who write their webpages in MathML? Know any literati who read their Shakespeare in PDF?
Not yet, but if you'd have asked me 10 years ago how I called my mother on the phone, I'd certainly have left a computer out of my answer.
Ignoring the fact that you're probably a troll, I'd say that 'readin 'ritin and 'rithmetic are pretty old standards that modern schools shouldn't be limited to. The kids are going to have to live in the modern world, so lets start them out in it young. cable in the classroom and the like are all related to your three 'R's and can be easily expanded upon by having whole classes attend 'online' classes where they are able to interact with a discussion hosted somewhere else on any of your traditional, or non-traditional subjects. In order for that to work, you DO need to upload speed. Giving them more technology than they need right now allows for future expansion, and with kids in schools in mind, and eventually a globally digital economy, I think it's a good investment. It will make the 'internet' part of children's 'native tongue.'
How do you know what secure code is unless you have a standard to compare it to? The hackers are there providing new standards every day. You say to 'go write secure code' but you need a way to know if it's secure, you can't do that from a text book.
Something that very many of you seem to be missing is the fact that the world needs hackers. While I don't condone the release of a virus (that is actually executing it in the wild) I think that it's absolutely necessary for them to exist. The guys who do this sort of coding set the standards for the industry. If nobody ever pointed out the flaws in microsoft's code, then it would never be fixed. If you all are going to sit here and point fingers at people who write exploits, I'd hope you stop and think first about the contributions that hackers have made to the infosec industry. RainForestPuppy, K2, Solar Designer, and these kinds of people are there on some middle ground doing things that we need to have done. These kids writing exploit code for the windows flaws are just doing their part. While there is a fine ethical line that need not be crossed when writing viruses (that line being somewhere around the 'releasing them into the wild' step) the flaws and exploits serve a very real purpose that people (whiners) need to acknowledge. A good example of hackers for the benefit of society: the honeynet project. Just because it can be dangerous to flirt with the dark side of computing, doesn't mean we ought not to ever go there. The virus writers and code exploiters do very similar things that our so-called 'real world' medical doctors do -- after all, wouldn't it be really easy for genetic engineers to design a killer bacterium that could wipe out half of the planet? Do you contend that we cease all research in the field because it could possibly be put to some malicious use? That's like saying that we shouldn't work on AI becuase you may end up with 'the Matrix,' and come on, that's really immature.
that's a good point, but I would say that only in that kind of situation is the port knocking not really helpful. Most cases port knocking would help out quite a bit.
They have to be already in to get a sniffer on there. Arp cache poisoning etc are all very noisy so you can tell if someone is trying to insert a sniffer, and thus the port knocking is another step that must be traversed before one can break in. You can't just 'see' what ports people connect to on arbitrary hosts unless your on a span port, you're a router, or you've already compromised their systems.
It doesn't have to be listening on the 'knock' ports, it can be dropping the packets and either logging the drop or setting a flag via some daemon. There are a million ways to tell if someone attempted to access a closed port without having to open the port. All of this, by my calculation, makes port knocking indeed more secure.
I think it's only to lock you into the.Net Framework. There is a runtime necessary so that you have to follow their rules before running apps that use their 'neat' little apis. Microsoft claims that they can then 'increase security to all.NET apps' by only having to patch your runtime files, instead of all your apps. While that may be true on a very very limited scale (say patching an exploitable hole in the runtime api itself), it won't be helpful if the user (of the api, not the end user of the app) does something dumb that exposes a hole. All things considered (well as far as I can see) it's really about locking you in. "We can't have people actually building binary code anymore, then they can run it wherever they want!" (Mono is probably a big thorn in their side, on this note)
You could, of course, still pull a MikeRoweSoft/Lindows type deal on me and say that I'm trying to profit from the fame of your already well established trademark. Such is life...
That's a very good point. There is no way anything can be guaranteed to play every time for every consumer. Not when the consumers can re-write their browsers, and then say, give the commercial blocking browser to everyone they know free of charge.
Right, but it's the 'source' code that is the issue. Otherwise, they'd be claiming infringement on one single platform -- machine code differs from platform to platform.
Slashdot Mirror
two things here. One: the bzipped image is a file, just as 'easy to work with' as a .gho file, and Two: Ghost doesn't make disk images, it only copies files into that monolithic .gho. That's actually one of the primary differences between ghost and dd -- you don't get anything but allocated files with ghost, and for this reason ghost only supports certain filesystem types (though indeed they get most of the big ones, ntfs, fat, fat32, and ext2) but dd doesn't care what it's copying -- filesystem or not -- "Them's all just bits" God forbid that you would try to use a ghost image for forensic analysis, but dd, that's the good stuff for that. If you just want a backup of your working hard drive, ghost or a like alternative 'file' imaging program is probably what you're looking for. If you want the story that the unused portion of a hard drive can tell you, then dd it. Also, to my knowledge, bzip2 doesn't only 'not know enough about ntfs' it simply compresses an input data stream to an output datastream, so it's not supposed to 'know enough about' any filesystem at all, it doesn't know about ext2 or 3 or ReiserFS either...
Tell that to the insurance companies... they still call them sports cars.
What company do you work for that doesn't try to maximize profits? I hate to do this, but hell, industries shift over time. We now have a global economy, and we must all act like it. If sending jobs overseas is the way to stay competative in the global market, them's the breaks. I'm not sure what opposers to outsourcing propose to do: you can either keep jobs over here, with high production costs, and even higher consumer prices, or offshore some things and keep the prices competative with other imported products. It's unfortunate for those who lose their jobs, but we are indeed living in a capitalist society. Capitalism works because not everyone is successful, there have to be losers (financially) for anyone to be able to win. Whole industries go out of business, and that's the normal way of things -- after all, the old standby adage, "Nobody is making buggy whips anymore, would you suggest the government have subsidized the whip manufacturers to keep them afloat and employed?" This scheme applies to a whole mess of industries. Look at Television manufacturing: We get a bunch of that from China, but because we do, the televisions we do get cost less, and even most americans that live below the poverty level are now able to afford two of them. I don't see what the fuss is about. It's not fair, you're right, but that's the way capitalism is an always has been. I still prefer it to socialism.
That's not true at all. I can have software that is GPL'd but you don't get the source or the binaries until you pay the fee. Thus, free as in free speech but not free beer. You're missing the whole disticntion that is actually WRITTEN INTO THE GPL itself. If you buy it, then you have to be able to get the source, but not before. There are lots of programs that are both gratis and 'free as in speech' but there are also some that you must pay for first, upon which, you can also get the source. (Doesn't even have to be distributed with the source, the source just has to be available to the licensee of said non-gratis software)
It doesn't matter what they worked out. They can't say that they are the only ones who can service the vehicles. That would be anticompetative, and possibly life threatening practices. Vehicles carry people, if they don't work correctly, and you happen to live in a town without a shop that services them and your local repair man doesn't have the codes, then that can put your life in jeopardy. I don't see how that qualifies as a kosher secret to protect.
Ok, Comprehensive not Corporation. I was a little off. I've seen the field called GCOS, never GECOS, but I guess since it has both abbreviations, they both are still acceptable (but I'll let you win this one, since you knew the real abbreviation.)
GCOS, which actually originally stood for "General Electric Corporation Operating System" and which has been immortalized in the "GCOS string" in /etc/passwd is reported to have been jokingly referred to as 'God's Chosen Operating System' by the old GE guys. They might beg to differ about the only one true OS. Though, I agree with you.
Though my post was technically redundant, the previous mentions of it weren't on the static page at the time I clicked on 'reply' so I don't see why I should be flamed for that. Sorry about that.
Didn't the Golgafrinchans (sp?) try this once? All we got out of that deal was '42'
That's not true, or they would let us see the source. They're only licensing binary -- period.
Ok, either you missed my point, or you're pushing my buttons on purpose. I'm trying to say that technology is changing the world all the time, and teaching kids computer skills may be more important then teaching them to read shakespeare on paper. If the children of the futre ever want to read shakespeare, they may not use PDF's but they almost certainly will *not* use printed books. The landmarks of todays technologies and methods of information dispersal are not the boundaries or even necessarily similar to the way things will be done in the future. If most kids, in most schools (someday, not next week or next year) are familiar with online classes, then those without that in their classrooms would be at a comparative disadvantage. It has to start somewhere, so why not in Iowa with T1's to every school? There is no good argument against distributing infrastructure today that may now seem excessive. After all, 10 years ago, someone may have said 'I think we should put a 486 in every class room.' To which you may have replied, "Why so kids will be able to play games at recess?" I myself recount long hours of actual learning in front of Apple IIe's in a "state of the art" computer lab in my junior high school. It's because of these 'unneccesary wastes of taxpayer dollars' that most of my classmates and I are more computer literate than our contemporaries from the smaller surrounding towns who didn't have such advantages. If you want to think that we shouldn't embrace the internet for education, then you may do so. I believe that the internet allows for the distribution of many millions of textbooks worth of valuable (as well as junk) information. It's up to the IT guys to makes sure that nobody is getting 'Paris Hilton' videos during recess. That's another issue altogether, but I don't think that the difficulties involved should preclude the expansion of technology, and working toward ubiquity of the technology by starting kids out on it young.
Know any mathematicians who write their webpages in MathML? Know any literati who read their Shakespeare in PDF? Not yet, but if you'd have asked me 10 years ago how I called my mother on the phone, I'd certainly have left a computer out of my answer.
Ignoring the fact that you're probably a troll, I'd say that 'readin 'ritin and 'rithmetic are pretty old standards that modern schools shouldn't be limited to. The kids are going to have to live in the modern world, so lets start them out in it young. cable in the classroom and the like are all related to your three 'R's and can be easily expanded upon by having whole classes attend 'online' classes where they are able to interact with a discussion hosted somewhere else on any of your traditional, or non-traditional subjects. In order for that to work, you DO need to upload speed. Giving them more technology than they need right now allows for future expansion, and with kids in schools in mind, and eventually a globally digital economy, I think it's a good investment. It will make the 'internet' part of children's 'native tongue.'
You can still sell it, you just have to provide the source code and license. The GPL doesn't prevent anyone from selling anything.
How do you know what secure code is unless you have a standard to compare it to? The hackers are there providing new standards every day. You say to 'go write secure code' but you need a way to know if it's secure, you can't do that from a text book.
Something that very many of you seem to be missing is the fact that the world needs hackers. While I don't condone the release of a virus (that is actually executing it in the wild) I think that it's absolutely necessary for them to exist. The guys who do this sort of coding set the standards for the industry. If nobody ever pointed out the flaws in microsoft's code, then it would never be fixed. If you all are going to sit here and point fingers at people who write exploits, I'd hope you stop and think first about the contributions that hackers have made to the infosec industry. RainForestPuppy, K2, Solar Designer, and these kinds of people are there on some middle ground doing things that we need to have done. These kids writing exploit code for the windows flaws are just doing their part. While there is a fine ethical line that need not be crossed when writing viruses (that line being somewhere around the 'releasing them into the wild' step) the flaws and exploits serve a very real purpose that people (whiners) need to acknowledge. A good example of hackers for the benefit of society: the honeynet project. Just because it can be dangerous to flirt with the dark side of computing, doesn't mean we ought not to ever go there. The virus writers and code exploiters do very similar things that our so-called 'real world' medical doctors do -- after all, wouldn't it be really easy for genetic engineers to design a killer bacterium that could wipe out half of the planet? Do you contend that we cease all research in the field because it could possibly be put to some malicious use? That's like saying that we shouldn't work on AI becuase you may end up with 'the Matrix,' and come on, that's really immature.
that's a good point, but I would say that only in that kind of situation is the port knocking not really helpful. Most cases port knocking would help out quite a bit.
They have to be already in to get a sniffer on there. Arp cache poisoning etc are all very noisy so you can tell if someone is trying to insert a sniffer, and thus the port knocking is another step that must be traversed before one can break in. You can't just 'see' what ports people connect to on arbitrary hosts unless your on a span port, you're a router, or you've already compromised their systems.
It doesn't have to be listening on the 'knock' ports, it can be dropping the packets and either logging the drop or setting a flag via some daemon. There are a million ways to tell if someone attempted to access a closed port without having to open the port. All of this, by my calculation, makes port knocking indeed more secure.
Well, this is only security by obscurity in the same way that putting a combination lock on a safe is security through obscurity.
I think it's only to lock you into the .Net Framework. There is a runtime necessary so that you have to follow their rules before running apps that use their 'neat' little apis. Microsoft claims that they can then 'increase security to all .NET apps' by only having to patch your runtime files, instead of all your apps. While that may be true on a very very limited scale (say patching an exploitable hole in the runtime api itself), it won't be helpful if the user (of the api, not the end user of the app) does something dumb that exposes a hole. All things considered (well as far as I can see) it's really about locking you in. "We can't have people actually building binary code anymore, then they can run it wherever they want!" (Mono is probably a big thorn in their side, on this note)
Anyone remember the Opium Wars that Britain had with China a while back? Hmmm.. Maybe it's just me, but I don't see much of a difference here.
to make "3. ??"
You could, of course, still pull a MikeRoweSoft/Lindows type deal on me and say that I'm trying to profit from the fame of your already well established trademark. Such is life...
That's a very good point. There is no way anything can be guaranteed to play every time for every consumer. Not when the consumers can re-write their browsers, and then say, give the commercial blocking browser to everyone they know free of charge.
Right, but it's the 'source' code that is the issue. Otherwise, they'd be claiming infringement on one single platform -- machine code differs from platform to platform.