Hmm, I recall Douglas Adams describing video recorders as machines designed to watch all the television you don't have time to see, and monks as machines designed to believe in anything you don't have time to believe in.
Does anyone have some "ad-glare" product that can check out all the adds for me so I don't have to worry about it? I have endless storage in my/dev/null:-).
If advertisers pay by the click it should be easy to ruin them just setting up ad-glare robots to check out every advertisement...
One could ask if it is posible to ruin those who pay for spam the same way?
The GPL effectively prevents inclusion of software in any product that is not distributed under the terms as stated in the GPL. While some ideas may be merged into other systems, code cannot.
This is contrary to BSD code which can be adopted into any commercial product without suffering under the GPL terms.
I believe it more likely that we will see a paralel development.
Anyway, it is questionable if the term Linux-like makes any sense at all. While some has attempted to develop a reference there is yet no consensus (AFAIK) about such a standard to compare against.
It's linux if it uses the linux kernel, or it's not. There is no in between.
Well, anyway, who cares whatever Linux is, BSD rules!;-)
"Close to the speed of light" does not exclude the speed of light. The current observations sets an upper limit for the mass of the neutrino, it may still be massless in which case it would travel at the speed of light which is indeed very close to the speed of light.
The neutrinos and the photons are produced at the same time due to the processes of the colapsing star. Photons interact strongly with matter and hence are absorbed and reemitted numerous times before escaping into empty space.
Neutrinos on the other hand interact very weakly and hence escape with a speed close to the speed of light before the photons. They get a head start and therefore are detected before the supernova becomes visible.
Now, one should expect that if neutrinos travel less than the speed of light, the timegap between the arival of neutrinos and photos should become smaller as the supernova is more distant. I guess the reason that this has not been observed relates to the fact that very few neutrinos are detected at all and that number quickly decreases with the distance.
I started on RedHat years ago. For a long time I didn't know better. It's a mess you allways end up installing third party rpm's.
I have tried Debian, but it is hopelessly obsolete. I spent a whole day figuring out a bug in a perl module only to discover that the latest stable was years old.
Gentoo just doesn't really do it. They tried to get the best from FreeBSD, with portage, tried to do more. Different. It's a revolution for Linux maintenance, but it just doesn't compare to *BSD.
Then I swiched to FreeBSD 1.5 year ago. The only left of my original RedHat is bashrc. I have never had so much time actually doing stuff.
There are dectectors that do detect something which is generally accepted as being neutrinos. The interact very weakly, has an energy less than 29 eV and travel close to the speed of light.
Since they interact so weakly they can be used to detect supernovas before the supernova is visible on the sky.
The problem is that the sensitivity of the current detectors does not allow to determine wether these has a mass and travel a little less than the speed of light or if they are massless. Neutrinos with mass can resolve the dark energy problem.
Another problem is that the detectors does not detect the amount of neutrinos to be expected.
And so the US places itself on the axis of evil as one of the worlds nuclear powers... 2.500.000 troops are being mobilized to invade the country and overthrow the evil government and reinstall democracy.
First: You say don't install third party software, so you're really advocating for monopoly. Sure, there exists crap 3rd party software, but the OS should be able to protrect itself such that the system is not rendered unbootable.
Second: His main 2nd point is still valid, regardless of what forced the reinstall. Inability to fetch updates fast enough to avoid being hit by a worm attack, the inability to resume fetch, the inability fetch a cd image, etc. all makes it a pain to get the system up to date. It is a huge problem to maintain and update a vulnerable system when securityexperts claim that an unprotected pc will by hit by Sasser within aproximately 10 minutes.
Why is rpc on by default, on a stand alone machine? Ok, for interprocess communication - but only on the loopback interface!
Microsoft has sold an 'insecure by default' product for years, while they should follow a 'secure by default' philosophy: Disable all services by default. The main reason that windows is so widespread (still) is that this is what the home user knows, and hence companies saves money on training. If MS wants to stay in Buisness they should protect the home user - and the home user does not need all the services enabled by default.
Also, they would isolate kernel space and user space such that your system can boot and fetch updates, regardless of how many user space programs you install and deinstall. Only the OS should mess around in the kernel space.
Again and again people loose data and time because they inadvertendly do something that appears inocent everyday action, but tampers their system and renders it unuseable.
If you could at least get the system up to get backups - ofcourse it's always weeks ago - before you go on to reinstall, you might actually get as far as live (painfully) with the remaining problems.
Maintaining Windows is a pain, in particular for the average Joe.
The bit! Ok, I'll only patent the '1', you may write any programs provided the code compiles to some sequence of 0's only....
Maybe it wasn't the babel tower conflict with God that resulted in so many languages but really that they discovered the first language had been patented and they all had to invent thier own.
The next question is, can you patent math? Algorithms really are just math.
Math is pure thought, can you patent pure thought? Patent an idea or a concept?
The idea of God is a product of pure thought (or so I believe). I think you would become imensely rich if you patented the idea of God... Ok, this god thing I think has lots of examples of previous art...
OK, now I'm getting silly, but that's the point, patenting software is silly.
Indeed, there is no silver bullet. Bad security management is the fundamental problem. But in a M$ dominated world a simple migration can buy you much time to catch up on the security policies - of course this wont work next year when everyone runs linux:-)
Maybe such critical processes should really be running OpenBSD instead. Seriously!
I too wondered about that, but I chose just to refer the story. Maybe it does make sense to "update a firewall" if the firewall runs on windows?
Well, they say that the scanners was connected to a RIS system (Radiology Information System system), and they believe the virus had entered that way. Now that leads me to question how they treat personal sensitive data..?
The danish newspaper Ingeniøren reports that the Sasser virus attack affected the danihs hospital, Herlev Sygehus. The hospital had to cancle scheduled CT-scannings because the scanners crashed. Also MR-scanners were affected, though no scannings were canceled.
"We do actually have a firewall, but aparently it hasn't been updated enough" sais radiographer Jan Bovin. "It was the scanners running Windows 2000 and XP that were affected, the MR-scanners running Linux had no problems," he sais.
I really think this is great, if Microsoft will patent all the flaws and then fight in court to prevent anyone making the same mistakes:-) Did they patent their nine-time-reboot technology yet?
Really, quantum encryption just takes cryptography to another level. Like skipping rot13 in favour of RSA. It's practically unbreakable with a normal computer, just as trying to brute-force RSA with pen and paper.
So, using quantum cryptography secures against those who still has this ancient siliconbased thing called a microcomputer. Researchers are working on quantum computers whose power will be million or billionfold that of normal computers.
Using quantum cryptography will not protect you for long, then every one will have quantum computers. The only really benefit is your geek score!:-)
I switched everything to FreeBSD one year ago when they made the first anouncements about facing out support for the RedHat Linux series.
It was the best thing I have ever done! It was the most painless migration I have ever done, and things just work! No more searching around trying to get all the dependencies to meet.
There is nothing that can get me back on linux again.
PS: Yes, I have tried Debian, everything is obsolete, and gentoo just hasn't matured. Further gentoo tries to do too much in one swift move failing to recognize how brilliant ports really is...
It is clear that there is no reason to trust an arbitrary host, so howabout turning everything around - If you don't know the host, then it is blacklisted?
A whitelist could be maintained in the same manners as the current dns blacklists. A mail server may be admitted to the list provided that:
*) The owner publish procedures for incident handling on spam and virus, including reasonable response time.
*) The owner publish a contact address for reporting abuse: e-mail and phone.
*) The owner provides a webinterface as an alternate means of reporting abuse.
*) The mailserver does not permit relaying.
Some extras may be considdered:
*) The owner publish incident reports on the owner webpage, and incident response.
Some may consider it bad having incident reports published publicly, I think not, provided incident response is also published. Showing that incidents are dealth with adds trust. This information should at least be available to the whitelist database service.
This dns based pass list could be extended with an email address based whitelist maintained by the users. A local user can add a specific email address and mail from that address will be passed regardless of the above filter.
For external users, an address could be added temporarily through a webinterface where the external user states sender address AND recipient. This will allow foreign users to establish contact and the recipient can then add the address permanently.
Switching to whitelisting instead of blacklisting will iniciate a lot of work getting all the mailservices registered, getting administrators and service providers to develop procedures for incident handling and will force mail service provides to comply to a common set of standards.
This work overload, once done, however, should not produce a permanent work overload, and it will weep out the spammers. Then spammers can only spam other spammers:-)
PS: With the increased amount of virus mails flodding the internet I find it important that policies on handling virus incidents are included, otherwise spammers will use viruses for spreading the spam.
It would be appropriate to develop an rfc on how isp's should address problems such as spam and virus spreading from their clients.
Any mail service provider not complying with such an rfc can rightfully be blacklisted. Customers should check for such compliance before signing contract.
1) Dinamically assigned addresses should not have access to port 25 outside of local subnet. This would force mail through isp's relays.
2) Statically assigned addresses may have access to port 25 outside local subnet provided that: a) The owner can be uniquely identified from the isp webpage or whois lookup. b) The owner provides a mail service, and the server does not permit mail relaying. c) The owner has an abuse@ address and responds within 72 hours.*
3) Clients that abuses mail services must be instantly blocked by isp untill proof is provided that shows appropriate action has been taken.
*) 72 hours may be far too much, clients infected by virus can send thousands emails in that period. 3 hours should be required.
This will not block all spam or virus, but it will ensure that incidents are dealth with quickly.
Add your own - this was what I could think of for now..
Many people here claim that 20 years is too small a time scale for any maesure that should be compared against a geological time scale.
It is interesting then that the last ice age enged with a temperature increase of 7 degrees world average over just 20-30 years!
Certainly the changes observed are small and the time scale is short. But these data are giving us detailed information of this very short period. And that data is added with the less detailed data collected over the last centuries and milleniums. This collected set of data is what form the basis of predictions and models about the climate.
There is evidence that the average temperature has been rising since the industrialization, and that the increase in temperature has been faster in the later years.
The measurements only serve to reduce the band of errors and inacuracies. Never the less, slashdotters seem to try twist the evidence around in order to arive at a no evidence at all conclusion.
First, the whole discussion seems rather redundant, yesterday there where a discussion following a british report... The posts are very one-sided - we don't know anything so it's probably not real, I got modpoints, but I'd rather present the other side, and try be a bit neutral where posible.
You feel ill and call the docter, the docter sais, "oh, you have a fever, I can't tell you what it is nor can I give a cure, but I recommend you stay in bed". What do you do? Go out surfing the waves, or snowboarding naked?
Next day docter comes back, "I got the results of the tests" he sais, "we can cure this in the initial state". "Great" you think. "But", he continues, "the infection has accellerated into an advanced state due to overcooling of you body after yesterdays snowboarding. There is a close to nill chance that you will survive, and if you do there is a close to nill chance that you will not have any means."
What's the point of all this? Well, really, people prefer not to take reasonable precautions because of the emmidate negative effect. It is just easier.
Whenever people react on environmental issues, they seem to do it by instinct and not with thought. The anti-environmentalists say "we don't know anything so there is no reason to do anything" - (and please don't tell us anything, if we know we might have to deal with it). The environmentalist react opposite: "Change your lifestyle and spend all your money on what we say or you die."
None of the two really looks into what the data and the theories says. And none looks at reasonable, cheap and easy counter meassures. You can actually get a more economic car without it costs you anything. The anti-enviromentalists says yes but why bother? The environmentalists says, "but we don't want cars at all".
The two extremes keeps eachother in check and nothing happens, in stead we slowly slip ignorant into what ever fate our ignorance offers us.
It is really not very usefull that either side pulls up the barracades. I am actually worried that we will be the first specie on Earth to cause our own extinction - And knowing it!
Yes, global warming is real. Do we have anything to do with it? Probably not. Claims that our production of carbon dioxide will destroy life as we know it demonstrate ignorance of how the entire carbon cycle works. Plankton and plants absolutely THRIVE on carbon dioxide, and produce oxygen as waste.
You are making a very simple mistake in your conclusions. What if plankton and plants can't absorb co2 at the same rate as the emission?
Over the last century or so, an increased level of co2 in the atmosphere has been messured. Something seems to me to be indicating exactly that while plants and plankton do absorb co2 they cannot keep up with the emission which has been increasing exponentially with the growing population and the growing use of fossil fuels.
The earth will not reach a historic temperature high (historic here means in earth history) with the current predictions. Before last ice age, it was warmer than it is now.
What is insteresting is that of the last 250.000 years of climate data collected, the past 14.000 years since the last ice age has been unusually stable. This stabillity can well be shifted enough to trigger instabillity by the predicted changes.
There is very little reason to doubt that exactly the stabillity of climate has permited the rise of human civilisation. With this stabillity there were no longer need to live as nomads and civilisations could evolve.
One could interpreet the migration as a result of global warming, I wont, there are too many other factors. But it may become a problem - the earth population is exploding while the fertile land is decreasing.
In the search for fertile land people will migrate. This will cause problems such as civil wars or instability of civilized nations as they give in to the pressure - your continued consumption and security may be threatend.
The point here, really is that there are so many unpredictable scenarios that has a huge range of impacts. The only sane thing to do is to minimize our influence and hope the best.
The non-believers of GW usually deny it because it will cost money here and now to take counter messures, they don't think about the posible economic gain in the long run. Say eg the US depence on oil.
Evidently some day there will be no more. Discussions are on when. Meanwhile US insist not to do anything because it will affect profit in the next decade - even if the negative effect will be earned back in the long run.
Say you have a that runs 1 miles a galon, You can buy one that runs 10 but it costs 10.000$. With the current price of gas 1$/galon, you have to drive about 11000 miles to earn it back. This is done in one year. (numbers made up for easy calculation). And then you say, but it will take a whole year to earn it back - it's not worth it!
Insisting not to take positive countermessures is the same thing - uh no, it will just cost a lot of money here and now. Try look at the postive perspectives of improving efficiency.
You are reading global warming as if global warming is evenly distributed across the globe. This is the first blunder that always leads to the question - a few degrees, does it really matter? The global increase in average temperature does not even out accross the globe as the rise of sealevel due to melting of glacial ice.
Fact is that climate is complex, in some regions temperature will rise more than others. In some regions temperatures may even fall.
It is the differences in air and water temperature and air pressure - and the rotation of the earth - that keeps the climate systems running.
Changing these differences means that the climate systems may run faster or slower or in another direction locally.
This again means that some regions may get more rain and others less. Regions where it will rain more may due to the local geography suffer more floddings, others will become more fertile.
Changes in temperature can have many and various effects. Increased temperature in the arctic sea may slow down the hot water current from the carribian (golf stream), and eventually stop it. But the reason that northern Europe remains ice free is just because of that current. So stopping it may then trigger a new ice age.
Another, less rain may form deserts or increase the groth of existing desserts in the affected area. Increasing the dessert area will increase the albedo and reduce temperature.
More rain is normally associated with more clouds, clouds also increase the albedo, but clouds also functions as an insulating carpet. So which effect is stronger is difficult to say.
Melting ice means that less areas are covered by ice, this decreases the albedo. Hence the temperature will increase.
All these are examples of singled out events that has some effect on the system as a whole, all these positive and negative feedback processes are being compared against each other in a complex model.
What you are doing is taking one example, refer to some ocasion 200 years ago and say "See? There's no global warming causing flodding." This is so overly simplified.
Possibly, your area will experience less floddings, while whole countries dissappear into the sea due to increased sealevel.
So who gets all that? I do no no spamfiltration at all and I get about 2-3 spam mails a day. That is mails that are commercial unsolicited email.
Other types of junk is much more annoying. Error messages from servers claiming that I sent some mail. Not to speak of virusmails!.
I get 25 a day, from the same person, who still has that virus after 2 months. ISP notified, but no reaction. Now, I started sending bills for the handling of virus mails, 200 USD each... But I doubt that they will pay:-(
And irrelevant discussions on maillinglists, could be nice to block a thread on a mailinglist...
According to the donation page, the funding goals has been reached. This took about... uhm, two weeks? It is interesting to see that posting an appeal for funding can raise so much money so quick.
Was it/.? Or was it because the project had well defined goals? (Resolving certain buffer related issues). Was it the phk karma?
I have no idea of the funding the freebsd foundation gets, but maybe they would be able to raise more money quickly if they announced specific projects with specific funding needs, project description, expected timelines and milestones.
Personally, I am more likely to sponsor a concrete project with clear goals. It gives a sence of knowing what you get for the money and that this money is not swallowed by administration or other borring tasks.
I think this should raise a discussion in the community as to how funding is raised and used.
The port knocking is vulnerable to sniffing because you use the same knocking sequence for all users, and the knocking sequence can be obtained by simple sniffing. This is equivalent to all users use the same password and use telnet.
Some are aware of this problem and propose a solution where you connect to a server in order to obtain the secret sequence. And this secret sequence is then unique for the client.
Now with this solution, you will be revealing that you run some service since clients can connect. You have to authensicate in order not to hand out the secret sequence to everyone.
But if you set up such a solution, then you are really back to the standard authensication, you just require the clients to authensicate twice, first to get the knocking sequence, then in the actual login.
And you loose the protection that the port-knocking concept gives: That stangers will not be aware of the existens of the server.
Finally, yes, you can block specific clients that just get it too wrong too much. But just as an analog example:
I lived in a house that had a code box on the door. To enter you had to enter a 4 digit code. Now the box was stupid, it just checked the 4 most recently entered numbers, and if they machted the code the door openend.
This means that if you entered 12345 then the box would first check 1234 and if it didn't match it would check 2345. So the obvious question is, how many numbers do I have to press?
The maximum is 40000 since there are 10000 codes each of 4 digits. The minimum is 10003, the first three will no give a valid 4-digit code, but each time you press another number a code is checked, but it is not certain that such a sequence exists.
Obviously we do not have to press 40000 numbers as the example shows. What is the optimal solution?
It turned out that there did infact exists a sequence of 10003 digits that contained all codes.
This idea also applies to the portknocking if you try to bruteforce. Ofcourse, we now have 65535 digits to choose from, so things are more complicated:-)
Slashdot Mirror
Hmm, I recall Douglas Adams describing video recorders as machines designed to watch all the television you don't have time to see, and monks as machines designed to believe in anything you don't have time to believe in.
/dev/null :-).
Does anyone have some "ad-glare" product that can check out all the adds for me so I don't have to worry about it? I have endless storage in my
If advertisers pay by the click it should be easy to ruin them just setting up ad-glare robots to check out every advertisement...
One could ask if it is posible to ruin those who pay for spam the same way?
The GPL effectively prevents inclusion of software in any product that is not distributed under the terms as stated in the GPL. While some ideas may be merged into other systems, code cannot.
;-)
This is contrary to BSD code which can be adopted into any commercial product without suffering under
the GPL terms.
I believe it more likely that we will see a paralel development.
Anyway, it is questionable if the term Linux-like makes any sense at all. While some has attempted to develop a reference there is yet no consensus (AFAIK) about such a standard to compare against.
It's linux if it uses the linux kernel, or it's not. There is no in between.
Well, anyway, who cares whatever Linux is, BSD rules!
"Close to the speed of light" does not exclude the speed of light. The current observations sets an upper limit for the mass of the neutrino, it may still be massless in which case it would travel at the speed of light which is indeed very close to the speed of light. The neutrinos and the photons are produced at the same time due to the processes of the colapsing star. Photons interact strongly with matter and hence are absorbed and reemitted numerous times before escaping into empty space. Neutrinos on the other hand interact very weakly and hence escape with a speed close to the speed of light before the photons. They get a head start and therefore are detected before the supernova becomes visible. Now, one should expect that if neutrinos travel less than the speed of light, the timegap between the arival of neutrinos and photos should become smaller as the supernova is more distant. I guess the reason that this has not been observed relates to the fact that very few neutrinos are detected at all and that number quickly decreases with the distance.
I started on RedHat years ago. For a long time I didn't know better. It's a mess you allways end up installing third party rpm's.
I have tried Debian, but it is hopelessly obsolete. I spent a whole day figuring out a bug in a perl module only to discover that the latest stable was years old.
Gentoo just doesn't really do it. They tried to get the best from FreeBSD, with portage, tried to do more. Different. It's a revolution for Linux maintenance, but it just doesn't compare to *BSD.
Then I swiched to FreeBSD 1.5 year ago. The only left of my original RedHat is bashrc. I have never had so much time actually doing stuff.
There are dectectors that do detect something which is generally accepted as being neutrinos.
The interact very weakly, has an energy less than 29 eV and travel close to the speed of light.
Since they interact so weakly they can be used to detect supernovas before the supernova is visible on the sky.
The problem is that the sensitivity of the current detectors does not allow to determine wether these has a mass and travel a little less than the speed of light or if they are massless. Neutrinos with mass can resolve the dark energy problem.
Another problem is that the detectors does not detect the amount of neutrinos to be expected.
This dark energy really is just the dark side of the force which tears apart our universe. We need some Jedis to look at the bright side!
I think Jedis are just really sensible beings, that is sensible to neurtrinos.
And so the US places itself on the axis of evil as one of the worlds nuclear powers... 2.500.000 troops are being mobilized to invade the country and overthrow the evil government and reinstall democracy.
First: You say don't install third party software, so you're really advocating for monopoly. Sure, there exists crap 3rd party software, but the OS should be able to protrect itself such that the system is not rendered unbootable.
Second: His main 2nd point is still valid, regardless of what forced the reinstall. Inability to fetch updates fast enough to avoid being hit by a worm attack, the inability to resume fetch, the inability fetch a cd image, etc. all makes it a pain to get the system up to date. It is a huge problem to maintain and update a vulnerable system when securityexperts claim that an unprotected pc will by hit by Sasser within aproximately 10 minutes.
Why is rpc on by default, on a stand alone machine? Ok, for interprocess communication - but only on the loopback interface!
Microsoft has sold an 'insecure by default' product for years, while they should follow a 'secure by default' philosophy: Disable all services by default. The main reason that windows is so widespread (still) is that this is what the home user knows, and hence companies saves money on training. If MS wants to stay in Buisness they should protect the home user - and the home user does not need all the services enabled by default.
Also, they would isolate kernel space and user space such that your system can boot and fetch updates, regardless of how many user space programs you install and deinstall. Only the OS should mess around in the kernel space.
Again and again people loose data and time because they inadvertendly do something that appears inocent everyday action, but tampers their system and renders it unuseable.
If you could at least get the system up to get backups - ofcourse it's always weeks ago - before you go on to reinstall, you might actually get as far as live (painfully) with the remaining problems.
Maintaining Windows is a pain, in particular for the average Joe.
The bit! Ok, I'll only patent the '1', you may write any programs provided the code compiles to some sequence of 0's only....
Maybe it wasn't the babel tower conflict with God that resulted in so many languages but really that they discovered the first language had been patented and they all had to invent thier own.
The next question is, can you patent math? Algorithms really are just math.
Math is pure thought, can you patent pure thought? Patent an idea or a concept?
The idea of God is a product of pure thought (or so I believe). I think you would become imensely rich if you patented the idea of God... Ok, this god thing I think has lots of examples of previous art...
OK, now I'm getting silly, but that's the point, patenting software is silly.
Indeed, there is no silver bullet. Bad security management is the fundamental problem. But in a M$ dominated world a simple migration can buy you much time to catch up on the security policies - of course this wont work next year when everyone runs linux :-)
Maybe such critical processes should really be running OpenBSD instead. Seriously!
I too wondered about that, but I chose just to refer the story. Maybe it does make sense to "update a firewall" if the firewall runs on windows?
Well, they say that the scanners was connected to a RIS system (Radiology Information System system), and they believe the virus had entered that way. Now that leads me to question how they treat personal sensitive data..?
The danish newspaper Ingeniøren reports that the Sasser virus attack affected the danihs hospital, Herlev Sygehus. The hospital had to cancle scheduled CT-scannings because the scanners crashed. Also MR-scanners were affected, though no scannings were canceled.
"We do actually have a firewall, but aparently it hasn't been updated enough" sais radiographer Jan Bovin. "It was the scanners running Windows 2000 and XP that were affected, the MR-scanners running Linux had no problems," he sais.
The original story is here (in danish).
It appears that the consequences of the Microsoft monopoly are getting worse. Are there any linux-run hospitals?
I really think this is great, if Microsoft will patent all the flaws and then fight in court to prevent anyone making the same mistakes :-) Did they patent their nine-time-reboot technology yet?
Cheers, Erik
Really, quantum encryption just takes cryptography to another level. Like skipping rot13 in favour of RSA. It's practically unbreakable with a normal computer, just as trying to brute-force RSA with pen and paper.
:-)
So, using quantum cryptography secures against those who still has this ancient siliconbased thing called a microcomputer. Researchers are working on quantum computers whose power will be million or billionfold that of normal computers.
Using quantum cryptography will not protect you for long, then every one will have quantum computers. The only really benefit is your geek score!
I switched everything to FreeBSD one year ago when they made the first anouncements about facing out support for the RedHat Linux series.
It was the best thing I have ever done! It was the most painless migration I have ever done, and things just work! No more searching around trying to get all the dependencies to meet.
There is nothing that can get me back on linux again.
PS: Yes, I have tried Debian, everything is obsolete, and gentoo just hasn't matured. Further gentoo tries to do too much in one swift move failing to recognize how brilliant ports really is...
It is clear that there is no reason to trust an arbitrary host, so howabout turning everything around - If you don't know the host, then it is blacklisted?
:-)
A whitelist could be maintained in the same manners as the current dns blacklists. A mail server may be admitted to the list provided that:
*) The owner publish procedures for incident handling on spam and virus, including reasonable response time.
*) The owner publish a contact address for reporting abuse: e-mail and phone.
*) The owner provides a webinterface as an alternate means of reporting abuse.
*) The mailserver does not permit relaying.
Some extras may be considdered:
*) The owner publish incident reports on the owner webpage, and incident response.
Some may consider it bad having incident reports published publicly, I think not, provided incident response is also published. Showing that incidents are dealth with adds trust. This information should at least be available to the whitelist database service.
This dns based pass list could be extended with an email address based whitelist maintained by the users. A local user can add a specific email address and mail from that address will be passed regardless of the above filter.
For external users, an address could be added temporarily through a webinterface where the external user states sender address AND recipient.
This will allow foreign users to establish contact and the recipient can then add the address permanently.
Switching to whitelisting instead of blacklisting will iniciate a lot of work getting all the mailservices registered, getting administrators and service providers to develop procedures for incident handling and will force mail service provides to comply to a common set of standards.
This work overload, once done, however, should not produce a permanent work overload, and it will weep out the spammers. Then spammers can only spam other spammers
PS: With the increased amount of virus mails flodding the internet I find it important that policies on handling virus incidents are included, otherwise spammers will use viruses for spreading the spam.
It would be appropriate to develop an rfc on how isp's should address problems such as spam and virus spreading from their clients.
Any mail service provider not complying with such an rfc can rightfully be blacklisted. Customers should check for such compliance before signing contract.
1) Dinamically assigned addresses should not have access to port 25 outside of local subnet. This would force mail through isp's relays.
2) Statically assigned addresses may have access to port 25 outside local subnet provided that: a) The owner can be uniquely identified from the isp webpage or whois lookup. b) The owner provides a mail service, and the server does not permit mail relaying. c) The owner has an abuse@ address and responds within 72 hours.*
3) Clients that abuses mail services must be instantly blocked by isp untill proof is provided that shows appropriate action has been taken.
*) 72 hours may be far too much, clients infected by virus can send thousands emails in that period. 3 hours should be required.
This will not block all spam or virus, but it will ensure that incidents are dealth with quickly.
Add your own - this was what I could think of for now..
Many people here claim that 20 years is too small a time scale for any maesure that should be compared against a geological time scale.
It is interesting then that the last ice age enged with a temperature increase of 7 degrees world average over just 20-30 years!
Certainly the changes observed are small and the time scale is short. But these data are giving us detailed information of this very short period. And that data is added with the less detailed data collected over the last centuries and milleniums.
This collected set of data is what form the basis of predictions and models about the climate.
There is evidence that the average temperature has been rising since the industrialization, and that the increase in temperature has been faster in the later years.
The measurements only serve to reduce the band of errors and inacuracies. Never the less, slashdotters seem to try twist the evidence around in order to arive at a no evidence at all conclusion.
First, the whole discussion seems rather redundant, yesterday there where a discussion following a british report... The posts are very one-sided - we don't know anything so it's probably not real, I got modpoints, but I'd rather present the other side, and try be a bit neutral where posible.
You feel ill and call the docter, the docter sais, "oh, you have a fever, I can't tell you what it is nor can I give a cure, but I recommend you stay in bed". What do you do? Go out surfing the waves, or snowboarding naked?
Next day docter comes back, "I got the results of the tests" he sais, "we can cure this in the initial state". "Great" you think. "But", he continues, "the infection has accellerated into an advanced state due to overcooling of you body after yesterdays snowboarding. There is a close to nill chance that you will survive, and if you do there is a close to nill chance that you will not have any means."
What's the point of all this? Well, really, people prefer not to take reasonable precautions because of the emmidate negative effect. It is just easier.
Whenever people react on environmental issues, they seem to do it by instinct and not with thought. The anti-environmentalists say "we don't know anything so there is no reason to do anything" - (and please don't tell us anything, if we know we might have to deal with it). The environmentalist react opposite: "Change your lifestyle and spend all your money on what we say or you die."
None of the two really looks into what the data and the theories says. And none looks at reasonable, cheap and easy counter meassures. You can actually get a more economic car without it costs you anything. The anti-enviromentalists says yes but why bother? The environmentalists says, "but we don't want cars at all".
The two extremes keeps eachother in check and nothing happens, in stead we slowly slip ignorant into what ever fate our ignorance offers us.
It is really not very usefull that either side pulls up the barracades. I am actually worried that we will be the first specie on Earth to cause our own extinction - And knowing it!
You are making a very simple mistake in your conclusions. What if plankton and plants can't absorb co2 at the same rate as the emission?
Over the last century or so, an increased level of co2 in the atmosphere has been messured. Something seems to me to be indicating exactly that while plants and plankton do absorb co2 they cannot keep up with the emission which has been increasing exponentially with the growing population and the growing use of fossil fuels.
Go figure..!
The earth will not reach a historic temperature high (historic here means in earth history) with the current predictions. Before last ice age, it was warmer than it is now.
What is insteresting is that of the last 250.000 years of climate data collected, the past 14.000 years since the last ice age has been unusually stable. This stabillity can well be shifted enough to trigger instabillity by the predicted changes.
There is very little reason to doubt that exactly the stabillity of climate has permited the rise of human civilisation. With this stabillity there were no longer need to live as nomads and civilisations could evolve.
One could interpreet the migration as a result of global warming, I wont, there are too many other factors. But it may become a problem - the earth population is exploding while the fertile land is decreasing.
In the search for fertile land people will migrate. This will cause problems such as civil wars or instability of civilized nations as they give in to the pressure - your continued consumption and security may be threatend.
The point here, really is that there are so many unpredictable scenarios that has a huge range of impacts. The only sane thing to do is to minimize our influence and hope the best.
The non-believers of GW usually deny it because it will cost money here and now to take counter messures, they don't think about the posible economic gain in the long run. Say eg the US depence on oil.
Evidently some day there will be no more. Discussions are on when. Meanwhile US insist not to do anything because it will affect profit in the next decade - even if the negative effect will be earned back in the long run.
Say you have a that runs 1 miles a galon, You can buy one that runs 10 but it costs 10.000$. With the current price of gas 1$/galon, you have to drive about 11000 miles to earn it back. This is done in one year. (numbers made up for easy calculation). And then you say, but it will take a whole year to earn it back - it's not worth it!
Insisting not to take positive countermessures is the same thing - uh no, it will just cost a lot of money here and now. Try look at the postive perspectives of improving efficiency.
You are reading global warming as if global warming is evenly distributed across the globe. This is the first blunder that always leads to the question - a few degrees, does it really matter? The global increase in average temperature does not even out accross the globe as the rise of sealevel due to melting of glacial ice.
Fact is that climate is complex, in some regions temperature will rise more than others. In some regions temperatures may even fall.
It is the differences in air and water temperature and air pressure - and the rotation of the earth - that keeps the climate systems running.
Changing these differences means that the climate systems may run faster or slower or in another direction locally.
This again means that some regions may get more rain and others less. Regions where it will rain more may due to the local geography suffer more floddings, others will become more fertile.
Changes in temperature can have many and various effects. Increased temperature in the arctic sea may slow down the hot water current from the carribian (golf stream), and eventually stop it. But the reason that northern Europe remains ice free is just because of that current. So stopping it may then trigger a new ice age.
Another, less rain may form deserts or increase the groth of existing desserts in the affected area. Increasing the dessert area will increase the albedo and reduce temperature.
More rain is normally associated with more clouds, clouds also increase the albedo, but clouds also functions as an insulating carpet. So which effect is stronger is difficult to say.
Melting ice means that less areas are covered by ice, this decreases the albedo. Hence the temperature will increase.
All these are examples of singled out events that has some effect on the system as a whole, all these positive and negative feedback processes are being compared against each other in a complex model.
What you are doing is taking one example, refer to some ocasion 200 years ago and say "See? There's no global warming causing flodding." This is so overly simplified.
Possibly, your area will experience less floddings, while whole countries dissappear into the sea due to increased sealevel.
So who gets all that? I do no no spamfiltration at all and I get about 2-3 spam mails a day. That is mails that are commercial unsolicited email.
:-(
Other types of junk is much more annoying. Error messages from servers claiming that I sent some mail. Not to speak of virusmails!.
I get 25 a day, from the same person, who still has that virus after 2 months. ISP notified, but no reaction. Now, I started sending bills for the handling of virus mails, 200 USD each... But I doubt that they will pay
And irrelevant discussions on maillinglists, could be nice to block a thread on a mailinglist...
According to the donation page, the funding goals has been reached. This took about ... uhm, two weeks? It is interesting to see that posting an appeal for funding can raise so much money so quick.
Was it /.? Or was it because the project had well defined goals? (Resolving certain buffer related issues). Was it the phk karma?
I have no idea of the funding the freebsd foundation gets, but maybe they would be able to raise more money quickly if they announced specific projects with specific funding needs, project description, expected timelines and milestones.
Personally, I am more likely to sponsor a concrete project with clear goals. It gives a sence of knowing what you get for the money and that this money is not swallowed by administration or other borring tasks.
I think this should raise a discussion in the community as to how funding is raised and used.
The port knocking is vulnerable to sniffing because you use the same knocking sequence for all users, and the knocking sequence can be obtained by simple sniffing. This is equivalent to all users use the same password and use telnet.
:-)
Some are aware of this problem and propose a solution where you connect to a server in order to obtain the secret sequence. And this secret sequence is then unique for the client.
Now with this solution, you will be revealing that you run some service since clients can connect. You have to authensicate in order not to hand out the secret sequence to everyone.
But if you set up such a solution, then you are really back to the standard authensication, you just require the clients to authensicate twice, first to get the knocking sequence, then in the actual login.
And you loose the protection that the port-knocking concept gives: That stangers will not be aware of the existens of the server.
Finally, yes, you can block specific clients that just get it too wrong too much. But just as an analog example:
I lived in a house that had a code box on the door. To enter you had to enter a 4 digit code. Now the box was stupid, it just checked the 4 most recently entered numbers, and if they machted the code the door openend.
This means that if you entered 12345 then the box would first check 1234 and if it didn't match it would check 2345. So the obvious question is, how many numbers do I have to press?
The maximum is 40000 since there are 10000 codes each of 4 digits. The minimum is 10003, the first three will no give a valid 4-digit code, but each time you press another number a code is checked, but it is not certain that such a sequence exists.
Obviously we do not have to press 40000 numbers as the example shows. What is the optimal solution?
It turned out that there did infact exists a sequence of 10003 digits that contained all codes.
This idea also applies to the portknocking if you try to bruteforce. Ofcourse, we now have 65535 digits to choose from, so things are more complicated