I thought I knew a bit about hacking. I have secured large (million hits a day) web sites, configured corporate firewalls, written security evaluations.
I've taken a course at Uni on cryptography, and at one stage understood DES, RSA and key exchange.
Without saying anything that might incriminate myself, I thought I knew a bit. So when my company sent me on a similar hacking course I didn't think I was going to get much out of it, but I was looking to get something on my CV that said I know about security.
What scared me was not how much they taught me in the course, but how little. The first day on information gathering was interesting, but I knew most of the social engineering and technical hacking bits.
What scared me was how easily they could put together everything I had already known, and systematically apply with frightening success. I haven't had an experience like it. It must be something like the karate-kid (the first one). Knowing all the bits, (wax on, wax off) then seeing them fall into place.
Be very sure of yourself before you say a course like this is irrelevant. You may know all the "facts" already, but there is a world of difference between learning off the "security community" on the web and applying it in a systematic, professional manner. As well, the contacts you make at the course and extremely valuable.
Just don't do what my co-worker did. He was trying to VNC to a NT server at the same time as another team, and he was having trouble with the mouse moving in two directions at once. This other team are from the "defence department", so he decides to crash their PC. Again, and again, and again. Later the course instructor tells me by doing this he's guaranteed a tax audit for at least the next five years.
Telstra may be a big ISP, but they are distributed all over the country( and world). Can you imagine the bandwidth wasted when you pull a copy of the distro. between cities EVERY TIME you load up a new PC? Now think about pulling that through your firewall.
Settign up mirrors is easy, wget and one line in cron will do it for you. If you set up your DHCP server correctly, you can even use the same floppy disk image at every site.
You want to have some personal touches. On paper you probably look the same as half a dozen other people. You want something to identify yourself. If there are three people, they might remember the guy who ways soccer, or collects stamps. Something they can associate you with, something that will help them identify you.
As well, most people I've worked for want some one human. They want to know you can make friends, and therefore be part of a team. Sure some jobs will require a robot, but none that I want to work in.
That said, I've had an agent cut this section out of my CV (without telling me) before passing it on to a prospective employer. I know this because one of the interviewers, my CV in hand, asked
"This tells me a lot about your technical skills, nothing about what you do outside work. What do you do on the weekend?"
Even though fingerprinting is not a new technology, there are questions that are still unanswered. The statement "no two people have the same fingerprint" has to my knowledge not yet been proven. As well, do you know how much of a fingerprint it takes for the police to say there is a match?
Fingerprints are not (or should not be) a yes or no question. Like DNS testing there is a probability that two fingerprints match. If there is a one in a million match then there are probably hundreds of people in the US that match, but if you say that there is only a 0.0001% chance that the suspect isn't the one who left the fingerprint, then your chances of conviction increase greatly.
You could say that the suspect wouldn't be a suspect if the police didn't think that the person did it already, but what if this hypothetical person was pulled out of a fingerprint database? If the only link between the suspect and the crime was this "one and a million" fingerprint, would you convict him?
And before anyone says alibi, where were you on the 28th of July, 2002 at 21:34? I'm sure a lot of you could prove you were where you say you were, but then pick another date and time? What is the chance that you would be unlucky enough to have this "evidence" pointing to you?
Final set of questions. When are you prepared to send some one to jail (or death row)? There is the statement "reasonable doubt", but what does that mean. If some one says that there could be 20 other people in you city that could match just as well, would you say guilty? If there were 20 people in the county? In the world?
I'm not arguing, or trying to start a flame war. I'm not sure of my answers to my last few questions myself, and everyone is different. Just trying to make you think for a second about what is right and wrong.
As a side note. The article mentioned that a "computer scientist at Sydney University helped Analyise the images to work out what the componenets were."
I had the pleasure of being a student on Alan's for some time. He was intensly interested in this sort of thing. He was involved in studying Babbage's work, and in the re-creation of Babbage's Difference Engine. I remember standing with him in front of a display case containing gears from one of these projects as he explained how they had been manufactured.
Alan Bromely died on August 16 this year after a long battle with cancer. I remember in 1998 I was studing a subject taught by Alan. Twice during one semester he was unable to give lectures due to his chemo therapy, but he continued to teach, and always had time to explain something to anyone who wanted to listen.
Don't know if the other clips on this page are as good, but they look well made.
I wonder why you don't see a bigger push from Novel about their products. I don't remember seend a Novel add recently, yet these clips look very profesional.
I'm posing from a Novel site right now. Everyone here seems to be happy with netware for the most part. It works well with the corperate desktop (yes its windows), and like all OS' when its well maintained is pretty stable. The NDS tree had all the functionality that this site needs long before Microsoft's Active Directory was released.
The only reason anyone talks about moving away from Netware is application support. This porting of Open Source apps is a good thing for Novel. If they can ship enough applications, then people won't migrate away from Netware, and if they can increase market share then more people will develop on their platform.
This could also be a good thing for Open Source. With a new group of profesional developers working on the code they could make progress on those features that the Open Source product may be lacking. They will fix bugs.
If they are smart, they will keep the most of the code base the same. If they fork too far then they won't be able to include developments made from the community. Of course, that means fixes and features added by the Novel developers would be covered by the GPL and would be given back to the community.
This sounds like a good thing for both parties. Novel gets more software to run on their servers, making their servers more attractive to customers, selling more.
Open source gets any fixed and modifications that they make. Isn't this what open source (or free software) is about, you get access to the code for free to use any way you like, provided you give everyone access to the improvements you make.
This is going to make my life so much easier. It might be too expensive to have to do the entire house with this stuff, but I'd gladly pay extra to have a shower screen that doesn't end up with all those little spots from droplets of water that have dried ont he glass.
Not only would the glass not get as dirty, but cleaning it should be a lot easier, just hose it down. It should dry streak free!
Sounds silly, but anything that gets me out of having to clean the shower every weekend is a good thing.
I also heard this story (at a talk he gave at the University of Sydney, Australia). I think it wouldhave been in '98? maybe '97 but probably '98.
At that stage he was talking about the recent release of the Starship Titanic game, and lamented the fact that it was released for the PC before the Mac, which was his prefered computer platform.
Getting back to the point, at that stage he said he had found a director and was working seriously on the movie. He went so far as to say that he was asked which label to release the video under, and that it was totaly up to him, but if he released it under the Disney brand he would sell twice as much.
Since then I've been expecting to hear about the movie "in about a year".
I'm very happy that he autographed a copy of Last Chance to See for me. I highly recomend this book to anyone. I wonder what would happen of more comedy writers turned their hand to non-fiction work. In this case the results were outstanding.
Thats if a staffer gets to see it. The article seemed to be saying that manualy checking email was too hard, and that it was just being deleted.
Now imagine that some email is coming in with the address included in nicely parsable (is this a word) XLM feilds. Emial with the right postcode goes to a staffer, and those with the wrong post code is junked.
What are they going to do with the un-tagged email? My money is that its going nowhere fast. Maybe it will be saved so a staffer can scan through it when they have finished replying to tagged email, if they have any spare time.
Can the general public use these tags? I understand that this system was set up in co-operation between the government and two companies that sound like lobbiests for hire.
How does my cousin in SF use this system to make sure his email will get to his senator? Does he have to go to one of these two companies and pay them to lable his email correctly?
Am I jumping to conclusions? Reading this quote.
In the House, groups could funnel their communications through the "Write Your Representative" Web form,
It sounds like you have to be a special interest group who has paid for the system to use it. This system might be used to filter all email, but if the general public aren't informed of how to use it, then their email will be sent to/dev/null.
Maybe there should be a web page at http://www.house.gov/ that would let you use this system, then you mom-and-pop AOL users can get "equal time".
These slides (pdf) are a good intro to quantum computing, and explain how quantum operations could work.
Some of it is a bit above me, I think I will need to go back to my Uni text books before I can understand the proof on page 18. But it does go into some practical algorithms.
The page on error correction (page 27) is also sobering. Can anyone imagine a 100,000 bit computer that might only return one result every few seconds?
The point is that design of the O/S is irrelevant unless the applications are also designed to be secure. There have been remarkably few security compromises of either UNIX or Windows NT, almost all the bug reports are in the layered applications.
I'm not trying to score Linux/NT points, this is a serious question.
I though there was a design flaw in NT that permitted a locally logged on user to gain local administrator access. I can't find a link, but it is something to do with DLL injection. There is a utility called hk.exe that uses it, and I think there L0pht crack 3 also used the same method.
Assembly language is important, and needs to be taught, but I'm not sure first year is the place for it. Give the students a solid year of pascal or something strict, and get them into good habits while you can. Unless first years are of a lot higher standard then in Australia, teaching them assembly will ruin all the good things taught by pascal (or similar).
Spend it teaching them data structures, or algorithms. Something that will make them write chunks of code. Give them some API they have to use, doesn't have to do much, the one I liked was abstract data types in pascal. Get some one to write a heap binary tree, or a B-tree or something, and make them use the supplied API to store and get data.
Then and only then teach them assembly language. Teach them how a compiler works, and how a virtual machine works.
Then and only then can you teach them C. I still shudder at the memory of trying to teach the correct use of pointers. Once you know what a indiect reference, a stack and a heap is, paramter passing is easy.
The other usefull excesice for teaching dynamic memory is to write you own versions of malloc, realloc and free (thanks Rob Pike )
Companies can and do refuse support if you are not running on "supported hardware". The first thing they will ask when they find out is "and you aren't having this problem on supported hardware?"
Its standard industry practice. The vendor will warrant that the product works on specific hardware. In one case with a DLT tape stacker I was working on I had to build a NT server and run Arcserv up on it to prove that the library was at fault, and not the program I was trying to write to it with. When it dies with arcserv, then and only then would they come out and try and fix it.
This sucked from my point of view, but I think they were justified. When the unit was returned, I plugged it into my non-NT system and tried to run a 100Gb backup, only to have the unit fail again in the exactly the same way. After 3 more service calls, they took it back and tested it with the "supported" software.
A timing error in the software I was using produced exactly the same failure as the original alignment fault. I stood there with the technician, and we could not work out when they fixed the original fault. It could have been after the first visit, or it could have been on the fourth.
I know people will say that this isn't relevant to this discussion, but it highlights a point. When, say Red Hat says that they will support Linux on Brand X, they know that they have tested it on this hardware, and are confident that the manufacture won't change anything that will break it. You might believe that your hardware is standard compliant, but are you sure that you haven't made a mistake? Just a little one, a small fault that wouldn't show up straight away, but might crash the system every so often?
There was a wonderful thread on this the other day.
When I said stick to paper, I also meant a pen based system. The most telling argument against punched hole ballot papers was this comment . It is easy to a accidently turn an "expecting" chad into a hanging chad, and a hanging chad into a missing char. How hard is it to accidently change a ballot papaer?
Quoting Brian_Ellenberger I'm ashamed at this site sometimes, especially looking back at many of the high scoring posts from 9/11 that basically said we got what we deserved
Did the people of Afghanistan get what they deserved? Did the HALF A MILION childred who have dies in Iraq get what they deserve?
I'm not saying that those people who died got what they deserved. I'm sorry for the dead, and more so for the families that have to cope without a loved one. Personaly I don't handle death well. Its all I can do not to cry when I hear interviews with the relatives of the victims, quite often I have to turn the TV off or leave the room.
I'm not sorry for a country that has only just realised that there is a world out there. Look at history. Time and time again the US has inflicted misery on people, has caused death and destruction that makes 9/11 look like a family outing.
There is a saying "war is gods way of teaching Americans geography". Be sorry for those that deserve pity, all people, not just those like you. We are all human. Be sorry for those people that died in the tower, and those people who's wedding was bombed by the US in Afghanistan. Be sorry for those dying of AIDS in africa.
Please think about what you do. I personaly think patriotism is mis-guided, if not evil. A country is not something to kill, maime, enslave, poison or imprison another human over. Thinks like human rights are. Just because you country does something DOES NOT make it the right thing to do. It is the right thing to do if it is the right thing to do.
Please, Please, Please, for the sake of humanity, decide for youself if an action is justified. Don't accept other peoples opinions as facts. Learn the truth and decide for youself.
A 2% margin of error on choosing our next President is unacceptable.
Umm, I don't think you are evver going to do much better. I'ld say you can get down to 0.5%, maybe. Personaly, I think 2% is abut right.
Your not talking about rounding or counting errors. Your talking about user errors. If you got 1000 people, gave them a form with 5 boxes, and said tick box number 4. If you counted all those forms, how many would have something other then box number 4?
People make mistakes. People think they know what they are doing and they blink when they go looking for the right box. If its an election, they never find out about it.
Even if I'm wrong, do you honestly think that you are ever going to get 0.008%?
I'm interested to see how many people vote in the next US presidential election compared to 2000. I know that one year less then 50% of elegable US citizens voted for congress, it was either 1994 or 1998. In 1996 less then 60% of people voted. Will florida make more or less people interested in who rules them?
if I am not mistaken terrorist don't like Americans because of their freedoms
I can't say what motivates most "terrorists", but I have read (offline) very compelling evidence that that the September 11 attack was over military bases in Saudi Arabia.
The US armed Afghani militants to get them to fight a holy war to get the USSR out of Afghanistan.
Osama and friends see the US as either occupying or supporting a US friendly dictatorship over the country that has some of the holiest sites in Arabia.
The other reason that a lot of the Arab world hates the US is its persistent support of Israel.
In that conflict the Arab dead outnumber the Jewish dead by a factor of 6 or 7. Some elements of the Palestinians commit atrocities against Israel. Remember that all adult Jewish Israeli citizens have had military training and are effectively on call to resume military service at any time. The Israeli army and government commit atrocious acts as well. Using helicopters to fire rockets into a car carrying a 3-year-old boy and using a 1-ton bomb on an apartment building spring to mind. One of terrorist recruitment videos showed a child, I think 9 or 12 years old, bleeding to death in his father's arms, a father who couldn't carry him to safety because he was sheltering from bullets being fired from Israeli army snipers.
In my opinion, both sides are as bad as each other, and both sides deserve condemnation by the international community. The US however consistently supports Israel at every turn. It supports Israel, it vetos resolutions in the UN that call on Israel to support basic human rights, and it walks out on a conference on racism because Arab countries want to describe Israel (the Jewish state mind you) and being racist.
That and any student of international history of the last 100 years should know how many acts the US has been involved in that could fit the definition of terrorism now being used by the US.
Please try and understand the truth, and the whole truth. Yes the people who flew those aeroplanes into the world trade centre were fanatics, and hated the US. But that is not the whole truth. You can't just pick and chose the bits of the truth that you like, and say that this is the truth.
Oh well, there goes my karma, but it had to be said.
It's a perfectly good comparison relative to other similar devices. e.g. There's no question a 24PPM printer will be faster than a 10PPM printer.
According to the article (yes, I'm a BAD/.er that reads the articles) the 15ppm Samsung was faster then the 17 ppm HP, for the same document. Quite a bit faster in this case.
As for Mhz, this is a long running argument. A 800Mhz P3 is faster then a 500Mhz P3, but how does a 1.3Ghz p3 compage to a 1.2Ghz p4? Or a 1 Ghz Alpha?
There's a big difference between working for a demo and working in the face of active countermeasures by a well-informed security administrator. In the example you cite, it would be sufficient for the SA to rename the source file before compiling it.
The story I was told was that not only did it work while he was testing it, it tripped up people. He wrote this "bug" into the code, tested it, and then removed this version of the complier.
Some time later, one of his co-workers came up to him and said that they had noticed something strange with one of the programs they were building, and could he help them figure out what was wrong.
He was working on this on a system, and somebody else must have been logged on and compiling things. Some how the modified compiler was sitting on a system somewhere, and people were using it to write code. This was unintentional, but how sure are you that something similar hasn't happened to some one at RedHat, Mandrake, Microsoft, Apple, Sun, IBM, HP etc?:-) You'ld notice it if you were looking for it I'm sure, but have YOU ever looked?
Before you say this can't be done, this guy writes compilers by himself, which put him in RMS league. The person who told me this story (and he may have been embellishing this) worked closely with Ken Thompson, and would have had ample opportunity to hear the story first hand.
High-priced treatments are the inevitable result of private medical research.
I agree that the costs of a drug include the cost of R&D as well as the cost of production, and R&D costs are expensive . If you follow the links I provided above then you will see that Pfitzer (sp?) (the viagra company) spent $US 2.9bn in r&d one year, and this needs to be recovered some how. I do however think that where the lives of so many people are at stake, then licensing must be affordable.
In Australia there are limits on how much caffeine you can put in a cola drink, but the same limits don't apply to Red Bull etc. In fact, these drinks have so much caffeine in them that it would be illegal to sell them as a cola.
Something that does worry me is a chocolate bar with extra caffeine and Guarana, and is sold as a "chocolate bar with horns!".
I spose you need to get kids into drugs any way you can these days.
Slashdot Mirror
I thought I knew a bit about hacking. I have secured large (million hits a day) web sites, configured corporate firewalls, written security evaluations.
I've taken a course at Uni on cryptography, and at one stage understood DES, RSA and key exchange.
Without saying anything that might incriminate myself, I thought I knew a bit. So when my company sent me on a similar hacking course I didn't think I was going to get much out of it, but I was looking to get something on my CV that said I know about security.
What scared me was not how much they taught me in the course, but how little. The first day on information gathering was interesting, but I knew most of the social engineering and technical hacking bits.
What scared me was how easily they could put together everything I had already known, and systematically apply with frightening success. I haven't had an experience like it. It must be something like the karate-kid (the first one). Knowing all the bits, (wax on, wax off) then seeing them fall into place.
Be very sure of yourself before you say a course like this is irrelevant. You may know all the "facts" already, but there is a world of difference between learning off the "security community" on the web and applying it in a systematic, professional manner. As well, the contacts you make at the course and extremely valuable.
Just don't do what my co-worker did. He was trying to VNC to a NT server at the same time as another team, and he was having trouble with the mouse moving in two directions at once. This other team are from the "defence department", so he decides to crash their PC. Again, and again, and again. Later the course instructor tells me by doing this he's guaranteed a tax audit for at least the next five years.
Telstra may be a big ISP, but they are distributed all over the country( and world). Can you imagine the bandwidth wasted when you pull a copy of the distro. between cities EVERY TIME you load up a new PC? Now think about pulling that through your firewall.
Settign up mirrors is easy, wget and one line in cron will do it for you. If you set up your DHCP server correctly, you can even use the same floppy disk image at every site.
You want to have some personal touches. On paper you probably look the same as half a dozen other people. You want something to identify yourself. If there are three people, they might remember the guy who ways soccer, or collects stamps. Something they can associate you with, something that will help them identify you.
As well, most people I've worked for want some one human. They want to know you can make friends, and therefore be part of a team. Sure some jobs will require a robot, but none that I want to work in.
That said, I've had an agent cut this section out of my CV (without telling me) before passing it on to a prospective employer. I know this because one of the interviewers, my CV in hand, asked
"This tells me a lot about your technical skills, nothing about what you do outside work. What do you do on the weekend?"
Even though fingerprinting is not a new technology, there are questions that are still unanswered. The statement "no two people have the same fingerprint" has to my knowledge not yet been proven. As well, do you know how much of a fingerprint it takes for the police to say there is a match?
Fingerprints are not (or should not be) a yes or no question. Like DNS testing there is a probability that two fingerprints match. If there is a one in a million match then there are probably hundreds of people in the US that match, but if you say that there is only a 0.0001% chance that the suspect isn't the one who left the fingerprint, then your chances of conviction increase greatly.
You could say that the suspect wouldn't be a suspect if the police didn't think that the person did it already, but what if this hypothetical person was pulled out of a fingerprint database? If the only link between the suspect and the crime was this "one and a million" fingerprint, would you convict him?
And before anyone says alibi, where were you on the 28th of July, 2002 at 21:34? I'm sure a lot of you could prove you were where you say you were, but then pick another date and time? What is the chance that you would be unlucky enough to have this "evidence" pointing to you?
Final set of questions. When are you prepared to send some one to jail (or death row)? There is the statement "reasonable doubt", but what does that mean. If some one says that there could be 20 other people in you city that could match just as well, would you say guilty? If there were 20 people in the county? In the world?
I'm not arguing, or trying to start a flame war. I'm not sure of my answers to my last few questions myself, and everyone is different. Just trying to make you think for a second about what is right and wrong.
As a side note. The article mentioned that a "computer scientist at Sydney University helped Analyise the images to work out what the componenets were."
I had the pleasure of being a student on Alan's for some time. He was intensly interested in this sort of thing. He was involved in studying Babbage's work, and in the re-creation of Babbage's Difference Engine. I remember standing with him in front of a display case containing gears from one of these projects as he explained how they had been manufactured.
Alan Bromely died on August 16 this year after a long battle with cancer. I remember in 1998 I was studing a subject taught by Alan. Twice during one semester he was unable to give lectures due to his chemo therapy, but he continued to teach, and always had time to explain something to anyone who wanted to listen.
The Babbage project
An article in the Sydney Morning Herald
A university publication
The Flying Boy Add
Don't know if the other clips on this page are as good, but they look well made.
I wonder why you don't see a bigger push from Novel about their products. I don't remember seend a Novel add recently, yet these clips look very profesional.
I'm posing from a Novel site right now. Everyone here seems to be happy with netware for the most part. It works well with the corperate desktop (yes its windows), and like all OS' when its well maintained is pretty stable. The NDS tree had all the functionality that this site needs long before Microsoft's Active Directory was released.
The only reason anyone talks about moving away from Netware is application support. This porting of Open Source apps is a good thing for Novel. If they can ship enough applications, then people won't migrate away from Netware, and if they can increase market share then more people will develop on their platform.
This could also be a good thing for Open Source. With a new group of profesional developers working on the code they could make progress on those features that the Open Source product may be lacking. They will fix bugs.
If they are smart, they will keep the most of the code base the same. If they fork too far then they won't be able to include developments made from the community. Of course, that means fixes and features added by the Novel developers would be covered by the GPL and would be given back to the community.
This sounds like a good thing for both parties. Novel gets more software to run on their servers, making their servers more attractive to customers, selling more.
Open source gets any fixed and modifications that they make. Isn't this what open source (or free software) is about, you get access to the code for free to use any way you like, provided you give everyone access to the improvements you make.
This is going to make my life so much easier. It might be too expensive to have to do the entire house with this stuff, but I'd gladly pay extra to have a shower screen that doesn't end up with all those little spots from droplets of water that have dried ont he glass.
Not only would the glass not get as dirty, but cleaning it should be a lot easier, just hose it down. It should dry streak free!
Sounds silly, but anything that gets me out of having to clean the shower every weekend is a good thing.
I also heard this story (at a talk he gave at the University of Sydney, Australia). I think it wouldhave been in '98? maybe '97 but probably '98.
At that stage he was talking about the recent release of the Starship Titanic game, and lamented the fact that it was released for the PC before the Mac, which was his prefered computer platform.
Getting back to the point, at that stage he said he had found a director and was working seriously on the movie. He went so far as to say that he was asked which label to release the video under, and that it was totaly up to him, but if he released it under the Disney brand he would sell twice as much.
Since then I've been expecting to hear about the movie "in about a year".
I'm very happy that he autographed a copy of Last Chance to See for me. I highly recomend this book to anyone. I wonder what would happen of more comedy writers turned their hand to non-fiction work. In this case the results were outstanding.
Thats if a staffer gets to see it. The article seemed to be saying that manualy checking email was too hard, and that it was just being deleted.
Now imagine that some email is coming in with the address included in nicely parsable (is this a word) XLM feilds. Emial with the right postcode goes to a staffer, and those with the wrong post code is junked.
What are they going to do with the un-tagged email? My money is that its going nowhere fast. Maybe it will be saved so a staffer can scan through it when they have finished replying to tagged email, if they have any spare time.
Can the general public use these tags? I understand that this system was set up in co-operation between the government and two companies that sound like lobbiests for hire.
/dev/null.
How does my cousin in SF use this system to make sure his email will get to his senator? Does he have to go to one of these two companies and pay them to lable his email correctly?
Am I jumping to conclusions? Reading this quote.
In the House, groups could funnel their communications through the "Write Your Representative" Web form,
It sounds like you have to be a special interest group who has paid for the system to use it. This system might be used to filter all email, but if the general public aren't informed of how to use it, then their email will be sent to
Maybe there should be a web page at http://www.house.gov/ that would let you use this system, then you mom-and-pop AOL users can get "equal time".
These slides (pdf) are a good intro to quantum computing, and explain how quantum operations could work.
Some of it is a bit above me, I think I will need to go back to my Uni text books before I can understand the proof on page 18. But it does go into some practical algorithms.
The page on error correction (page 27) is also sobering. Can anyone imagine a 100,000 bit computer that might only return one result every few seconds?
The point is that design of the O/S is irrelevant unless the applications are also designed to be secure. There have been remarkably few security compromises of either UNIX or Windows NT, almost all the bug reports are in the layered applications.
I'm not trying to score Linux/NT points, this is a serious question.
I though there was a design flaw in NT that permitted a locally logged on user to gain local administrator access. I can't find a link, but it is something to do with DLL injection. There is a utility called hk.exe that uses it, and I think there L0pht crack 3 also used the same method.
Owen.
Assembly language is important, and needs to be taught, but I'm not sure first year is the place for it. Give the students a solid year of pascal or something strict, and get them into good habits while you can. Unless first years are of a lot higher standard then in Australia, teaching them assembly will ruin all the good things taught by pascal (or similar).
Spend it teaching them data structures, or algorithms. Something that will make them write chunks of code. Give them some API they have to use, doesn't have to do much, the one I liked was abstract data types in pascal. Get some one to write a heap binary tree, or a B-tree or something, and make them use the supplied API to store and get data.
Then and only then teach them assembly language. Teach them how a compiler works, and how a virtual machine works.
Then and only then can you teach them C. I still shudder at the memory of trying to teach the correct use of pointers. Once you know what a indiect reference, a stack and a heap is, paramter passing is easy.
The other usefull excesice for teaching dynamic memory is to write you own versions of malloc, realloc and free (thanks Rob Pike )
Companies can and do refuse support if you are not running on "supported hardware". The first thing they will ask when they find out is "and you aren't having this problem on supported hardware?"
Its standard industry practice. The vendor will warrant that the product works on specific hardware. In one case with a DLT tape stacker I was working on I had to build a NT server and run Arcserv up on it to prove that the library was at fault, and not the program I was trying to write to it with. When it dies with arcserv, then and only then would they come out and try and fix it.
This sucked from my point of view, but I think they were justified. When the unit was returned, I plugged it into my non-NT system and tried to run a 100Gb backup, only to have the unit fail again in the exactly the same way. After 3 more service calls, they took it back and tested it with the "supported" software.
A timing error in the software I was using produced exactly the same failure as the original alignment fault. I stood there with the technician, and we could not work out when they fixed the original fault. It could have been after the first visit, or it could have been on the fourth.
I know people will say that this isn't relevant to this discussion, but it highlights a point. When, say Red Hat says that they will support Linux on Brand X, they know that they have tested it on this hardware, and are confident that the manufacture won't change anything that will break it. You might believe that your hardware is standard compliant, but are you sure that you haven't made a mistake? Just a little one, a small fault that wouldn't show up straight away, but might crash the system every so often?
There was a wonderful thread on this the other day.
When I said stick to paper, I also meant a pen based system. The most telling argument against punched hole ballot papers was this comment . It is easy to a accidently turn an "expecting" chad into a hanging chad, and a hanging chad into a missing char. How hard is it to accidently change a ballot papaer?
I would say that have two options.
Stick to paper. Maybe scan/count it electronicaly, but keep an audit trail that can't be modified electronicaly.
Quoting Brian_Ellenberger
I'm ashamed at this site sometimes, especially looking back at many of the high scoring posts from 9/11 that basically said we got what we deserved
Did the people of Afghanistan get what they deserved? Did the HALF A MILION childred who have dies in Iraq get what they deserve?
I'm not saying that those people who died got what they deserved. I'm sorry for the dead, and more so for the families that have to cope without a loved one. Personaly I don't handle death well. Its all I can do not to cry when I hear interviews with the relatives of the victims, quite often I have to turn the TV off or leave the room.
I'm not sorry for a country that has only just realised that there is a world out there. Look at history. Time and time again the US has inflicted misery on people, has caused death and destruction that makes 9/11 look like a family outing.
There is a saying "war is gods way of teaching Americans geography". Be sorry for those that deserve pity, all people, not just those like you. We are all human. Be sorry for those people that died in the tower, and those people who's wedding was bombed by the US in Afghanistan. Be sorry for those dying of AIDS in africa.
Please think about what you do. I personaly think patriotism is mis-guided, if not evil. A country is not something to kill, maime, enslave, poison or imprison another human over. Thinks like human rights are. Just because you country does something DOES NOT make it the right thing to do. It is the right thing to do if it is the right thing to do.
Please, Please, Please, for the sake of humanity, decide for youself if an action is justified. Don't accept other peoples opinions as facts. Learn the truth and decide for youself.
A 2% margin of error on choosing our next President is unacceptable.
Umm, I don't think you are evver going to do much better. I'ld say you can get down to 0.5%, maybe. Personaly, I think 2% is abut right.
Your not talking about rounding or counting errors. Your talking about user errors. If you got 1000 people, gave them a form with 5 boxes, and said tick box number 4. If you counted all those forms, how many would have something other then box number 4?
People make mistakes. People think they know what they are doing and they blink when they go looking for the right box. If its an election, they never find out about it.
Even if I'm wrong, do you honestly think that you are ever going to get 0.008%?
I'm interested to see how many people vote in the next US presidential election compared to 2000. I know that one year less then 50% of elegable US citizens voted for congress, it was either 1994 or 1998. In 1996 less then 60% of people voted. Will florida make more or less people interested in who rules them?
if I am not mistaken terrorist don't like Americans because of their freedoms
I can't say what motivates most "terrorists", but I have read (offline) very compelling evidence that that the September 11 attack was over military bases in Saudi Arabia.
The US armed Afghani militants to get them to fight a holy war to get the USSR out of Afghanistan.
Osama and friends see the US as either occupying or supporting a US friendly dictatorship over the country that has some of the holiest sites in Arabia.
The other reason that a lot of the Arab world hates the US is its persistent support of Israel.
In that conflict the Arab dead outnumber the Jewish dead by a factor of 6 or 7. Some elements of the Palestinians commit atrocities against Israel. Remember that all adult Jewish Israeli citizens have had military training and are effectively on call to resume military service at any time. The Israeli army and government commit atrocious acts as well. Using helicopters to fire rockets into a car carrying a 3-year-old boy and using a 1-ton bomb on an apartment building spring to mind. One of terrorist recruitment videos showed a child, I think 9 or 12 years old, bleeding to death in his father's arms, a father who couldn't carry him to safety because he was sheltering from bullets being fired from Israeli army snipers.
In my opinion, both sides are as bad as each other, and both sides deserve condemnation by the international community. The US however consistently supports Israel at every turn. It supports Israel, it vetos resolutions in the UN that call on Israel to support basic human rights, and it walks out on a conference on racism because Arab countries want to describe Israel (the Jewish state mind you) and being racist.
That and any student of international history of the last 100 years should know how many acts the US has been involved in that could fit the definition of terrorism now being used by the US.
Please try and understand the truth, and the whole truth. Yes the people who flew those aeroplanes into the world trade centre were fanatics, and hated the US. But that is not the whole truth. You can't just pick and chose the bits of the truth that you like, and say that this is the truth.
Oh well, there goes my karma, but it had to be said.
It's a perfectly good comparison relative to other similar devices. e.g. There's no question a 24PPM printer will be faster than a 10PPM printer.
/.er that reads the articles) the 15ppm Samsung was faster then the 17 ppm HP, for the same document. Quite a bit faster in this case.
According to the article (yes, I'm a BAD
As for Mhz, this is a long running argument. A 800Mhz P3 is faster then a 500Mhz P3, but how does a 1.3Ghz p3 compage to a 1.2Ghz p4? Or a 1 Ghz Alpha?
Apples to Apples, not fruit to fruit.
There's a big difference between working for a demo and working in the face of active countermeasures by a well-informed security administrator. In the example you cite, it would be sufficient for the SA to rename the source file before compiling it.
:-) You'ld notice it if you were looking for it I'm sure, but have YOU ever looked?
The story I was told was that not only did it work while he was testing it, it tripped up people. He wrote this "bug" into the code, tested it, and then removed this version of the complier.
Some time later, one of his co-workers came up to him and said that they had noticed something strange with one of the programs they were building, and could he help them figure out what was wrong.
He was working on this on a system, and somebody else must have been logged on and compiling things. Some how the modified compiler was sitting on a system somewhere, and people were using it to write code. This was unintentional, but how sure are you that something similar hasn't happened to some one at RedHat, Mandrake, Microsoft, Apple, Sun, IBM, HP etc?
Before you say this can't be done, this guy writes compilers by himself, which put him in RMS league. The person who told me this story (and he may have been embellishing this) worked closely with Ken Thompson, and would have had ample opportunity to hear the story first hand.
If I rememebr correctly, Emancipation was the last album of the contract.
I agree that the costs of a drug include the cost of R&D as well as the cost of production, and R&D costs are expensive . If you follow the links I provided above then you will see that Pfitzer (sp?) (the viagra company) spent $US 2.9bn in r&d one year, and this needs to be recovered some how. I do however think that where the lives of so many people are at stake, then licensing must be affordable.
In Australia there are limits on how much caffeine you can put in a cola drink, but the same limits don't apply to Red Bull etc. In fact, these drinks have so much caffeine in them that it would be illegal to sell them as a cola.
Something that does worry me is a chocolate bar with extra caffeine and Guarana, and is sold as a "chocolate bar with horns!".
I spose you need to get kids into drugs any way you can these days.