Well spoken, AC. I've played the game several times a week for the last 6 months, and didn't even notice this 'scandal' until I read about it on Slashdot.
In a very open game, such as EvE, of course there will be politics and trashtalk, but in my experience it all fits in the role play. If you ignore the lamers on the forums, you'll find a very enjoyable and dedicated playerbase.
Don't let this turn you away! I've been playing for half a year and have never felt wronged or set up. I didn't even know about this so-called scandal until Slashdot posted it. In-game life has gone on without a hitch.
If you're going to let your choices be influenced by internet rumours, you'll miss out on many great things in life. I fully believe CCP's explanation and am going to continue to have fun playing EVE. Let idiots spend their time bickering. I've got an empire to build.
EVE is a truly great game, with such depth and such adrenaline rushes I've never experienced in any other game. It's truly sci-fi though, so if you've grown tired of fantasy you need to make sure you like sci-fi. It's less about pretty pictures than about hard-core gameplay and continues to get better with age. The game is so complex and vast however, that it takes months to understand what is possible. The learning curve may seem steep in the beginning, but it's a necessity to prepare you for the first months.
Get the 14-day free trial, make sure to finish the tutorial, and see if you like the style.
Yes, what TheRaven64 describes is a workaround, and not very practical for most people, but since there's not crypto or DRM involved you CAN do it. There are some tools that can rebuild the filenames based on id3 tags, and I have done this in the past.
In fact I don't particularly like iTunes so I use Anapod Explorer http://www.redchairsoftware.com/anapod/ on Windows, and Rhythmbox on Linux. Tons of programs are available to get to your music as long as you don't put DRM-ed files on it, so people make too big a problem out of this.
Finally, it's well known that Linux is not yet ready to used be an 'enterprise' OS with heavy DB access...that may explain the original poster's colleagues' attitude. I'm sorry but I'll have to disagree. At the company where I work, (6000+ employees) we're running SAP on Linux servers, and you'll have to take my word that the database access is very heavy here. Performance and stability have been very good.
Personally my home server has been running Linux for around 8 years, has always been under full load and has never crashed because of software failure. My highest uptime has been >450 days and the only time I ever need to reboot is when the kernel is updated. Anecdotal evidence of course, but I think people who have to 'reboot daily' simply must have faulty hardware or are spreading FUD.
No doubt BSD is more stable than Linux, but Linux is perfectly adequate for any server use.
The big hurdle seems to be that the Mozilla Foundation won't include the CAcert root certificate in the browser because CAcert doesn't pay them (unlike all the other root authorities).
I don't know where you get that idea? Inclusion in Mozilla browsers is actually free. They have strict guidelines that CAcert needs to conform to, and both Mozilla and CAcert are working towards that, but it takes time. Microsoft is another story and requires CA's to pass an expensve audit, with a yearly upkeep. It's a lot of money for a free CA. See http://wiki.cacert.org/wiki/InclusionStatus#head-8 c0235dd1ebf0ce0aa1bd7c050378aed97dc335c for more info
Micro$oft also *refuses* to develop versions for Linux so as to gain (unfair) competitive advantage in the platform wars. Even MacOS is only supported grudgingly (and often belatedly or incompletely) so that Micro$oft can claim that they are not a 100% monopolist. I totally agree with you, but wanted to correct your IE for Mac remark. IE for Mac is now 7 years old, can no longer be downloaded from Microsoft since January 2006, and is no longer supported since December 2005. (source: http://www.microsoft.com/Mac/ie/ )
So, now MS has even given up on the Mac platform, IE is in effect a Windows-only browser.
To simplify, dominant means that the majority, i.e. >50%, are using IE. Although this is an exaggerated number, should a commercial website use this kind of logic to base their decision on?
The period of a pendulum is significantly affected only by its length and the acceleration of gravity. The period of motion is independent of the mass of the bob or the angle at which the string hangs at the moment of release.
so yes, a pendulum is a bit counterintuitive, but certainly affected by gravity.
Pushing all messages through SpamAssassin would be simply silly. As always you should first use the cheap checks, and only use the very expensive ones like SA until the last moment. You should balance your anti-spam configuration with the risk of false-positives, because some checks may work well in theory but don't work at all in the reality of the internet. Many mailservers have bugs or configurations that would cause you to block legitimate mail, and if you block a false positive at the mailserver level, you can't drag it out of your spam mailbox later.
In other words, read before you do and run in 'warn-before-act' mode for a while. It's for example possible but not practical to check for existence of the sender's address, even though that would work wonders against spam.
After doing a bunch of Postfix header checks (such as valid fqdn domains, existing recipients, some RFC-compliance, etc) I check several conservative blacklists, such sbl-xbl.spamhaus.org (with is great), check against my greylisting policy-server, and only then feed it through the bayesian spamfilter (dspam in my case). A last check is amavisd-new which checks for viruses and disallowed filetypes.
This stops (if I recall correctly) 90% of spam *before* it reaches the spamfilter. Only 2-3 messages a week reach my inbox undetected.
I'm only familiar with MS Money, but what I like most about it is the 'intelligence' it adds over a simple spreadsheet. It automatically tries to find patterns in your income and expenses, for example:
* It notices that you receive a large amount of money around a certain day of the month and asks you if that could be your paycheck. It then extrapolates it into the future so it can better forecast your cashflow. Not only that, it also posts reminders so you won't forget regular expenses or receipts (f.e. somebody owes you rent). * It tells you that you've spent 35% more on food this month than in previous months, and that you may need to update your budgeting or you won't be able to afford that goal you've set (i.e. buy sharks with freaking laserbeams attached to their heads).
These are just two examples, but that kind of analytic reporting is the real value for me. The forecasting and guessing allow you to look toward your financial future and not just how you spent your money in the past.
This must me an American thing, because the Dutch banks have never supported automatic downloading into 3rd party apps (as far as i know). Most banks support exporting of account data in Quicken or CSV format, but that's not always very useful, and it's still a manual process. I usually just type data in manually, which is also a good way to force me to check the input.
When using MS Money it always annoyed me (just a little) to see that feature and not be able to use it, but I understand the security aspect of that decision. Allowing an app to pull data of this level of sensitivity with just a password from a bank's website is just not secure enough. In my opinion, that kind of data should be protected by at least Two-factor Authentication. My bank demands the combination of a pincode (something you know), a bankcard (something you have) and a hardware token (also something you have), which is considered strong authentication.
I'm an Ubuntu user here, and I've never had apt-get update break anything (without having been responsible for the breakage myself through fiddling with the configs). I think Ubuntu users would be furious if a security update wound up breaking their system.
I don't like to point fingers, but Ubuntu recently had it's share of update problems too, even on the stable Dapper release. Two updates a few weeks apart that both broke Ubuntu's stable release. First the xorg-core issue (http://www.ubuntu.com/UpgradeIssue) and later another one, even after measures were taken after the first issue. My desktop was affected by this. Gentoo users have had similar problems in the past. I've personally had issues both when updating really fresh updates, and when updating after months of not updating.
In my opinion this kind of problem is worse for Ubuntu users, since Gentoo users are usually more familiar with the command-line and how to access forum websites from the CLI. Still it shows that no distribution is risk-free. In my experience Debian stable is the safest distro with the least downtime during updates. Ubuntu is a bit riskier and has to prove itself after the last two problems. Gentoo is even riskier, and hard to QA because of the many possible configurations.
For me, Gentoo is worth the occasional problem, but if you want to be safe go for Debian stable at the moment.
I originally used RealVNC, until I found the file transfer support in UltraVNC, a feature that MS has had for a while and is very useful to me. Finally a VNC version that had this too.
The performance was good as well, but as with all other VNC versions I've used, the stability wasn't good. I often get disconnects in RealVNC, TightVNC, UltraVNC, etc. while working on a Win98 PC from my WinXP PC.
I hope the recent TightVNC has also improved stability, because that's the thing I've been missing most.
A friend went to Cuba last week and met a girl studying computer science there. Since he's an MCSE he wanted to figure out what level their education is. It turned out she had never even heard of Microsoft! A CS student who doesn't know what a microsoft is. You don't see that every day.
He left with the suggestion that she remember that name, since it might mean something to her someday.
In my case it started with mobo's with integrated audio. Even on low volume I can hear it clearly.
Strange thing is that high cpu usage actually dampens the noise, so my solution was to run a distributed computing client (THINK, in my case, but others will do as well) to keep the cpu busy. Works perfectly, and I even forgot I had the problem until I read this post.
I do think it's pretty lame that so many on-board audio chips have this problem.
This can be easily countered if the free e-mail sites configure their servers, so that the 'captchas' can only be loaded into pages that they've served themselves.
I'm not sure how that works, but I've seen it in action on some sites.
You're saying having a RSA key locked with a password is not better security than having only a password?
Not quite true. There's a rule in the authentication business that there are three parts to a good authentication system. Those are:
What you are (for example biometrics, a fingerprint)
What you have (a regular key or a crypto key on a usbstick)
What you know (a passphrase that you've memorized)
It's considered good policy to have at least two of those covered.
In your example, needing to provide both an RSA key and a password to unlock the key is definitely better then only needing to show a password. Of course storing the RSA key on the system would negate that advantage, in which case the usbstick I mentioned comes in handy. Create a physical barrier.
but then you're in the same situation as before
If 'they' get your key then yes. But getting that key is an extra hurdle, worth building.
More info? Search Google for "two factor authentication"
Well, not "all the perdy choices". OpenSourceCMS only shows PHP related apps, but it is an excellent site. You get admin access to all the cms apps they've installed. Do almost anything you want!
It's just what I needed last week, while figuring out how to build a custom PHP-based CMS for a client. It's great to be able to try the other solutions first.
Yes, this kind of honeypot address is a trick some of the well-known Blacklists use to gather spam. For example Razor, the distributed spam detection and filtering network, marks incoming mail on these adresses as spam, so that anyone using Razor in their system will know it's spam before they've seen the message.
I don't know of anyone using fake addresses only on their own systems, but using this trick on a large distributed network like Razor makes a lot of sense.
Slashdot Mirror
Well spoken, AC. I've played the game several times a week for the last 6 months, and didn't even notice this 'scandal' until I read about it on Slashdot.
In a very open game, such as EvE, of course there will be politics and trashtalk, but in my experience it all fits in the role play. If you ignore the lamers on the forums, you'll find a very enjoyable and dedicated playerbase.
Don't let this turn you away! I've been playing for half a year and have never felt wronged or set up. I didn't even know about this so-called scandal until Slashdot posted it. In-game life has gone on without a hitch.
If you're going to let your choices be influenced by internet rumours, you'll miss out on many great things in life. I fully believe CCP's explanation and am going to continue to have fun playing EVE. Let idiots spend their time bickering. I've got an empire to build.
EVE is a truly great game, with such depth and such adrenaline rushes I've never experienced in any other game. It's truly sci-fi though, so if you've grown tired of fantasy you need to make sure you like sci-fi. It's less about pretty pictures than about hard-core gameplay and continues to get better with age. The game is so complex and vast however, that it takes months to understand what is possible. The learning curve may seem steep in the beginning, but it's a necessity to prepare you for the first months.
Get the 14-day free trial, make sure to finish the tutorial, and see if you like the style.
Yes, what TheRaven64 describes is a workaround, and not very practical for most people, but since there's not crypto or DRM involved you CAN do it. There are some tools that can rebuild the filenames based on id3 tags, and I have done this in the past.
In fact I don't particularly like iTunes so I use Anapod Explorer http://www.redchairsoftware.com/anapod/ on Windows, and Rhythmbox on Linux. Tons of programs are available to get to your music as long as you don't put DRM-ed files on it, so people make too big a problem out of this.
Personally my home server has been running Linux for around 8 years, has always been under full load and has never crashed because of software failure. My highest uptime has been >450 days and the only time I ever need to reboot is when the kernel is updated. Anecdotal evidence of course, but I think people who have to 'reboot daily' simply must have faulty hardware or are spreading FUD.
No doubt BSD is more stable than Linux, but Linux is perfectly adequate for any server use.
The big hurdle seems to be that the Mozilla Foundation won't include the CAcert root certificate in the browser because CAcert doesn't pay them (unlike all the other root authorities).
I don't know where you get that idea? Inclusion in Mozilla browsers is actually free. They have strict guidelines that CAcert needs to conform to, and both Mozilla and CAcert are working towards that, but it takes time. Microsoft is another story and requires CA's to pass an expensve audit, with a yearly upkeep. It's a lot of money for a free CA. See http://wiki.cacert.org/wiki/InclusionStatus#head-Pff... Just think how he'd be if he were using Windows. Hell on earth?
So, now MS has even given up on the Mac platform, IE is in effect a Windows-only browser.
To simplify, dominant means that the majority, i.e. >50%, are using IE. Although this is an exaggerated number, should a commercial website use this kind of logic to base their decision on?
Not in my opinion.
The period of a pendulum is significantly affected only by its length and the acceleration of gravity. The period of motion is independent of the mass of the bob or the angle at which the string hangs at the moment of release.
so yes, a pendulum is a bit counterintuitive, but certainly affected by gravity.
I'm not sure what you found weird about that.
Lack of air pressure means that water will evaporate faster.
Pushing all messages through SpamAssassin would be simply silly. As always you should first use the cheap checks, and only use the very expensive ones like SA until the last moment. You should balance your anti-spam configuration with the risk of false-positives, because some checks may work well in theory but don't work at all in the reality of the internet. Many mailservers have bugs or configurations that would cause you to block legitimate mail, and if you block a false positive at the mailserver level, you can't drag it out of your spam mailbox later.
x t
In other words, read before you do and run in 'warn-before-act' mode for a while. It's for example possible but not practical to check for existence of the sender's address, even though that would work wonders against spam.
If you're using Postfix, there are many check you can do before your heavy filter steps in.
Good resources are:
http://www.securitysage.com/antispam/intro.html
http://jimsun.linxnet.com/misc/postfix-anti-UCE.t
After doing a bunch of Postfix header checks (such as valid fqdn domains, existing recipients, some RFC-compliance, etc) I check several conservative blacklists, such sbl-xbl.spamhaus.org (with is great), check against my greylisting policy-server, and only then feed it through the bayesian spamfilter (dspam in my case). A last check is amavisd-new which checks for viruses and disallowed filetypes.
This stops (if I recall correctly) 90% of spam *before* it reaches the spamfilter. Only 2-3 messages a week reach my inbox undetected.
I'm only familiar with MS Money, but what I like most about it is the 'intelligence' it adds over a simple spreadsheet. It automatically tries to find patterns in your income and expenses, for example:
* It notices that you receive a large amount of money around a certain day of the month and asks you if that could be your paycheck. It then extrapolates it into the future so it can better forecast your cashflow. Not only that, it also posts reminders so you won't forget regular expenses or receipts (f.e. somebody owes you rent).
* It tells you that you've spent 35% more on food this month than in previous months, and that you may need to update your budgeting or you won't be able to afford that goal you've set (i.e. buy sharks with freaking laserbeams attached to their heads).
These are just two examples, but that kind of analytic reporting is the real value for me. The forecasting and guessing allow you to look toward your financial future and not just how you spent your money in the past.
Do any other apps have something similar?
This must me an American thing, because the Dutch banks have never supported automatic downloading into 3rd party apps (as far as i know). Most banks support exporting of account data in Quicken or CSV format, but that's not always very useful, and it's still a manual process. I usually just type data in manually, which is also a good way to force me to check the input.
When using MS Money it always annoyed me (just a little) to see that feature and not be able to use it, but I understand the security aspect of that decision. Allowing an app to pull data of this level of sensitivity with just a password from a bank's website is just not secure enough. In my opinion, that kind of data should be protected by at least Two-factor Authentication. My bank demands the combination of a pincode (something you know), a bankcard (something you have) and a hardware token (also something you have), which is considered strong authentication.
I don't like to point fingers, but Ubuntu recently had it's share of update problems too, even on the stable Dapper release. Two updates a few weeks apart that both broke Ubuntu's stable release. First the xorg-core issue (http://www.ubuntu.com/UpgradeIssue) and later another one, even after measures were taken after the first issue. My desktop was affected by this. Gentoo users have had similar problems in the past. I've personally had issues both when updating really fresh updates, and when updating after months of not updating.
In my opinion this kind of problem is worse for Ubuntu users, since Gentoo users are usually more familiar with the command-line and how to access forum websites from the CLI. Still it shows that no distribution is risk-free. In my experience Debian stable is the safest distro with the least downtime during updates. Ubuntu is a bit riskier and has to prove itself after the last two problems. Gentoo is even riskier, and hard to QA because of the many possible configurations.
For me, Gentoo is worth the occasional problem, but if you want to be safe go for Debian stable at the moment.
I originally used RealVNC, until I found the file transfer support in UltraVNC, a feature that MS has had for a while and is very useful to me. Finally a VNC version that had this too.
The performance was good as well, but as with all other VNC versions I've used, the stability wasn't good. I often get disconnects in RealVNC, TightVNC, UltraVNC, etc. while working on a Win98 PC from my WinXP PC.
I hope the recent TightVNC has also improved stability, because that's the thing I've been missing most.
He left with the suggestion that she remember that name, since it might mean something to her someday.
Strange thing is that high cpu usage actually dampens the noise, so my solution was to run a distributed computing client (THINK, in my case, but others will do as well) to keep the cpu busy. Works perfectly, and I even forgot I had the problem until I read this post.
I do think it's pretty lame that so many on-board audio chips have this problem.
This can be easily countered if the free e-mail sites configure their servers, so that the 'captchas' can only be loaded into pages that they've served themselves.
I'm not sure how that works, but I've seen it in action on some sites.
Maybe someone else knows how it's done?
Make me almost want to say:
"where are all the Gentoo zealots now?"
but being a Gentoo user myself, I'll just keep my mouth shut.
Ahhhh, the irony...
- What you are (for example biometrics, a fingerprint)
- What you have (a regular key or a crypto key on a usbstick)
- What you know (a passphrase that you've memorized)
It's considered good policy to have at least two of those covered. In your example, needing to provide both an RSA key and a password to unlock the key is definitely better then only needing to show a password. Of course storing the RSA key on the system would negate that advantage, in which case the usbstick I mentioned comes in handy. Create a physical barrier. If 'they' get your key then yes. But getting that key is an extra hurdle, worth building. More info? Search Google for "two factor authentication"Well, not "all the perdy choices". OpenSourceCMS only shows PHP related apps, but it is an excellent site. You get admin access to all the cms apps they've installed. Do almost anything you want! It's just what I needed last week, while figuring out how to build a custom PHP-based CMS for a client. It's great to be able to try the other solutions first.
Yes, this kind of honeypot address is a trick some of the well-known Blacklists use to gather spam. For example Razor, the distributed spam detection and filtering network, marks incoming mail on these adresses as spam, so that anyone using Razor in their system will know it's spam before they've seen the message. I don't know of anyone using fake addresses only on their own systems, but using this trick on a large distributed network like Razor makes a lot of sense.