CERT (US-CERT) has been slower since USDOHS got on the scene. They've slowed quite a bit, but maybe they're doing a lot more behind-the-scenes work with organizing patches, releases, and the like.
You're far underestimating an experienced perl programmer, who is smart enough to know about the tradeoff between tersity and readability. The short, unreadable syntax is meant for when you're doing those one-off scripts, or using perl like an old unix guy uses awk. As usual, the onus is on the programmer. Have you visited Perl Monks? We try to thelp perl developers create maintainable and descriptive code. Any experienced developer who creates really complex code in a project will at least put an explanation in the comments. Think about it: the same person who trys to look good (all developers are prima donnas:) by using unreadable perl code, is probably also mixing business logic with presentation in their PHP apps too. If you visit my home page or google my user name, you'll see my favorite.
My personal opinion (Flame on!): I am also unconfortable with the number of builtin functions, especially with extensions added. I feel PHP needs to focus more on quality, and less on features, and needs to support real namespaces, not just what's in the new OO system. Does PHP have a good, high-quality templating system bundled yet? I think it would be in their best interests, considering the web is its largest use.
What? DSL is a set of similar standards that share two-wire copper and use T1 signalling. (DS1 is T1 signalling over 4 copper wires) It's a link-level protocol and is completely transparent outside the terminations (the modem and the DSLAM, if you will). Saying DSL layers over IP is like tunneling a modem call to a BBS over VOIP. Home DSL implementations function as ethernet bridges, and some include PPPoE for further authentication over Ethernet MACs. At first, I thought you confused UDP with DSL, it is the unreliable protocol that IP stacks provide, but in the second paragraph, you said it is error-free, which UDP is not.
(I think the grandparent was a dumb idea anyway, but...:)
In the US at least, caller-ID is not a challenge response system, it simply displays the originating phone number - and ONLY if you haven't requested that your number be hidden, and only if you live in an area that supports it.
Unless... you have an ISDN line, they always transmit this info (*57 be damned) or if you have an 800/toll-free number, you'll always get the ANI digits from it also. I should also note almost every phone switch now is full-electronic, and it's rare someone is in a non-CID area. More likely is that the carrier isn't transmitting the info across the exchange. More useful info: If you have a business line with SBC, you can request that CID blocking for incoming calls be disabled. Very handy.
Actually, temperature was an issue. If my memory is working right, the issue with the 75GXP disks was in the thermal compensation... that is, they incorrectly compensate for thermal expansion of the platters through r/w head positioning. It seems like this is actually one of the most common problems with 2.5" disks too... I've had many of those fail, and I can read from them for a few minutes until they get warm... Nothing like trying to recover the CEO's laptop using only 'dd':)
Registered mail is legal - It's serviced by the Gov't and you know that the recipient got it. Faxes are not, unless the receiver acknowledges receipt, and you have record of it. This applies everywhere.
Also, It's hard to say you didn't get something that you responded to. I think it's obvious that there are some ways that any medium can be considered a legal "personal contact". Email, fax, and IM, OTOH are easily spoofed, so that can be claimed also.
I agree that the OP should have known that service would renew, but there is one problem I see here... Why does everyone convince themselves that Email is in any way reliable? Legally, you can't count anything as contacting someone at all unless you personally speak to them. Besides, doesn't MS use a correct sender address? Did they not receive the bounce from their email? Why was there a name, address, and phone number in their database too? Don't email bounces go into a 'problem' queue for a human being to handle? Regardless of what the OP agreed to, most CC banks do not allow blanket transaction aggreements like in the XBox Live TOS, and will happily issue a chargeback if there is a dispute. Microsoft is doing irresponsible business, so after you call your card company, give the BBB a ring also.
Eh what? First off, ReiserFS is GPL, otherwise it wouldn't be distributed with the kernel. Second, MySQL is GPL also. You can use MySQL for your business needs for free. If your business distributes MySQL (say, bundled or embedded in a product), you can provide the source per GPL, or, if you don't want to provide the source, you can buy the alternate-license version of MySQL that doesn't require you to provide the source. Maybe you got confused at MySQL AB's site... you can optionally buy tech support for MySQL, but otherwise, it's free.
The thing is, within a few blocks of you, cable modems are pretty much all working on the same piece of wire. There is a good amount of bandwidth to share out there (sorry, I don't remember, but it's A LOT), but if you use a transparent proxy, it's still possible to saturate the local segment and irritate other users. A solution using a bandwidth arbitrator for routing to users may work, but if all the cable modems run in full-speed mode, you get bursty connections while each modem waits its turn to go full-saturation. Unfortunately, uncappers don't realize that they're potentially screwing over someone else. I think that's the big beef that the ISPs have... They already planned for a high potential bandwidth, it's just that when you go from 1.5 to 3 Mbps, you're giving yourself a bigger timeslice on the wire. Other than that, DOCSIS (in its most common configuration) is a very Big Brother-ish protocol, and your ISP will know what you're doing the minute you do it... unless they're a bunch of monkeys with wire (read: Comcast).
I use it with Perl all the time, works beautifully. Very fast, too. If you grow a database greater than 500MB, use the VACUUM verb to shrink it up a bit. As others have mentioned, no type checking, though. Also, the bacula project can embed SQLite and use it for its catalog -- I've only used that for testing though, I use a MySQL catalog in production.
I could probably get a snap of his work desktop -- I live in Indianapolis, and he works about 2 miles away from here. I've considered popping in to say hello, but realized I'd sound like an idiot.
But there's no audit trail! I know exactly who ran that sudo the moment it's run. That way I can tell if a specific password is compromised.
If someone masquerades as suzy and puts cusswords in all her docs, who do I blame? Yes, I know, most admins will blame it on network ghosts and not change their admin passwords, but that wouldn't fly with me! I'd have all admin passwords changed and masquerading disabled faster than you can say "Holy backdoors, Batman, look at that Xserve!"
If i'm using sudo responsibly, only few users will have ALL access or access to su. If I have such an incident with sudo, I can find out that jacob was the culprit, and start investigating from there. Masquerading? Better get out your fingerprint kit.
Don't get me wrong, I think OS X is great, but whoever suggested this feature to their manager must have caught him when he was STONED.
G1: Oh yeah, well I can play back audio encoded in MP3, modulated to analog, then recorded to tape!
G2: Oh, well my dad has a scanning electron microscope!! <runs for the door>
You'll probably want to grap the tech specs for that deck... I don't know what sort of interface this provides you, but if it's just an analog tape recorder with audio in/out connections, there are a few things you'll need to consider:
for both the tape and the recording heads:
Baseline noise level
Effective response time
In other words, the quietest reliable volume and the shortest wavelength possible. You'll likely want to find or write an app that encodes ASCII data as 16-bit audio, choosing a high- and low-volume to record binary onto an analog medium. To counter your effective response, simply choose a good per-bit duration -- like cheap error correction. There are many, many ways to get this encoded, but your problem will be the low playback quality of the tapes. Another, more involved, solution would be to assign a specific frequency to each binary place-position, so you can assemble the completed byte-sound, record to tape, and disassemble into the component frequencies. This method will yield a higher density, but I'm afraid you'll probably encounter those quality issues I mentioned before... I'd say it's time to hit the google! Good Luck!
See this article:
Embedding Perl in MySQL
I did this on a test server -- definite geek factor here.
I'm not seeing any python links on google, but I'm sure someone will speak up if there are.
Re:how do I get all the server names?
on
SPF Design Frozen
·
· Score: 1
After SBC implements SPF (good luck, SBC is a great company to work with;), you can bring up a terminal, and run something like 'dig TXT sbc.com' and copy their 'v=spf...' record from there. This should provide an accurate description.
I'm not quite sure what you're saying at the end there... A remailer will have to be on the SPF record for the domain they're trying to deliver for, yes, and they'll still get through fine, but if there is also a destributed blacklist system (or responsive DNS registrars, but that's another battle), the original sender domain will be dropped anyway. SPF is a simple authorization system, with extremely weak authentication, but we are taking baby steps, right?
Okay, I don't get this... Yes, GNOME and PostgreSQL are pure GPL apps, but MySQL and QT are dual-licensed. Right now, if you get the GPL version of either, and send a patch back in, you will assign copyright to MySQL AB or Trolltech, respectively. If one of those companies decides they don't want to produce free software, and pulls the GPL download from their page. What I'm missing here is how this is any problem at all. Just like with SSH, someone who wants it will pick up the last GPL version and move on. It's already GPL, it's already free. I guess I don't understand what Bruce and his moneyman are worried about...
I'm surprised that nobody pointed this out, but why would a scientist do something like that? Certainly, energy cost would be calculated by the magnitude of the movement vector, right? I'm not even sure how someone could get it to work in that manner -- it just doesn't occur to me. It'd have to be some pretty bad code, like "Energy Cost" = "Step Cost" * "Steps Forward", but you'd probably have to waste some math on figuring "Steps Forward". Send your scientist a letter, tell him, "a^2 * b^2 = c^2". Don't get me wrong, I'm not debunking your real point, just your example!:) I think that the latter two policymakers are the real problem... isn't "clever politician" an oxymoron?
That might explain the distributed backup system of printed bibles... hmm. Amazing! Now we have to figure out who wants to be the other... ESR or God...;)
Personally -- my opinion, not stated as fact -- I don't really like the people who play CS in general these days. They are complete assholes, they steal my shit when I'm hosting/visiting a LAN party, and are generally very violent, aggressive, and standoffish. There are some good players out there, but they're getting sparse. Of course, this is slashdot, and my post is +5, Obvious... We certainly have our share of idiots here!:) It seems to happen to online communities as more people concentrate in them...:/ Sad, really. BTW, has anyone seen those yoda doll trolls? So insane, they're completely hilarious... frickin morons!:)
I don't think he can directly argue the points of the article. They're all valid. Personally, if I had dealt with these administrators, they would have been fired, possibly shot. Backing up all of the profiles is too expensive? What's the cost of two weeks of deleted work? Another week to restore it? On my network, every single file on a server, and some select desktops is backed up. Full backups each weekend, diffs on weekdays. It takes a lot of tapes, but it's worth it. I can turnover on restore requests in about an hour, or by afternoon if the tapes are offsite. I do have to save the developers from themselves sometimes, but I rarely slow them down. I think this is mostly a result of the Microsoft "anybody can be an administrator" mentality, but that's a different thread. They'll make production changes to code, or even worse to the dataset. They have Administrator access to the servers involved with their system, but I keep it on a short leash. When I came in, almost everything in the system ran as Administrator; needless to say, I wasn't amused. Recently, I had to walk through database snapshots with a couple of them because SQL Server dropped records on the order of 10,000 over the weekend.
And about database administrators, they can be very useful, if they're good. I agree that things like table changes should be avoided, if possible. I've seen databases do some interesting things when you type ALTER TABLE. A DBA is great when they can tell you what kind of performance and storage changes you're going to see when you change a SMALLINT to a BIGINT in a dataset.
Back to the main point here, administrators should never be putting red tape in front of their users, just help keep them from going astray. Honestly, there is no wonder that he had all these issues with the administrators -- they were obviously just lazy PHBs pretending to be somewhat technical. Oh, and FYI, if I can't take care of production downtime personally, our developers are my second trustees after my techs.
That doesn't take care of stopping unencrypted transmission of files, and IPs are easliy spoofed. OpenSSH is a very reliable product, and avoids both of these problems. Other than spoofing, if an attacker DOSes the unrestricted host, then assumes their IP, they still won't have your private key for rsync, and if they obtain the private key, they can only run rsync (password change time, though;).
While your response is correct, you probably don't want to see the contents of your/etc/passwd or/etc/httpd/ssl.pem to be potentially advertised. A better bet would be to run a chrooted rsync mirror server (if that's your bag), and use a command-restricted public key to rsync over ssh for backups.
Slashdot Mirror
CERT (US-CERT) has been slower since USDOHS got on the scene. They've slowed quite a bit, but maybe they're doing a lot more behind-the-scenes work with organizing patches, releases, and the like.
You're far underestimating an experienced perl programmer, who is smart enough to know about the tradeoff between tersity and readability. The short, unreadable syntax is meant for when you're doing those one-off scripts, or using perl like an old unix guy uses awk. As usual, the onus is on the programmer. Have you visited Perl Monks? We try to thelp perl developers create maintainable and descriptive code. Any experienced developer who creates really complex code in a project will at least put an explanation in the comments. Think about it: the same person who trys to look good (all developers are prima donnas:) by using unreadable perl code, is probably also mixing business logic with presentation in their PHP apps too. If you visit my home page or google my user name, you'll see my favorite.
My personal opinion (Flame on!): I am also unconfortable with the number of builtin functions, especially with extensions added. I feel PHP needs to focus more on quality, and less on features, and needs to support real namespaces, not just what's in the new OO system. Does PHP have a good, high-quality templating system bundled yet? I think it would be in their best interests, considering the web is its largest use.
In the interest of open discussion, would any PHP developers like to refute any of the ideas put forth in this document: Experiences of Using PHP in Large Websites
What? DSL is a set of similar standards that share two-wire copper and use T1 signalling. (DS1 is T1 signalling over 4 copper wires) It's a link-level protocol and is completely transparent outside the terminations (the modem and the DSLAM, if you will). Saying DSL layers over IP is like tunneling a modem call to a BBS over VOIP. Home DSL implementations function as ethernet bridges, and some include PPPoE for further authentication over Ethernet MACs. At first, I thought you confused UDP with DSL, it is the unreliable protocol that IP stacks provide, but in the second paragraph, you said it is error-free, which UDP is not.
(I think the grandparent was a dumb idea anyway, but... :)
Unless... you have an ISDN line, they always transmit this info (*57 be damned) or if you have an 800/toll-free number, you'll always get the ANI digits from it also. I should also note almost every phone switch now is full-electronic, and it's rare someone is in a non-CID area. More likely is that the carrier isn't transmitting the info across the exchange. More useful info: If you have a business line with SBC, you can request that CID blocking for incoming calls be disabled. Very handy.
Actually, temperature was an issue. If my memory is working right, the issue with the 75GXP disks was in the thermal compensation... that is, they incorrectly compensate for thermal expansion of the platters through r/w head positioning. It seems like this is actually one of the most common problems with 2.5" disks too... I've had many of those fail, and I can read from them for a few minutes until they get warm... Nothing like trying to recover the CEO's laptop using only 'dd' :)
Registered mail is legal - It's serviced by the Gov't and you know that the recipient got it. Faxes are not, unless the receiver acknowledges receipt, and you have record of it. This applies everywhere.
Also, It's hard to say you didn't get something that you responded to. I think it's obvious that there are some ways that any medium can be considered a legal "personal contact". Email, fax, and IM, OTOH are easily spoofed, so that can be claimed also.
I agree that the OP should have known that service would renew, but there is one problem I see here... Why does everyone convince themselves that Email is in any way reliable? Legally, you can't count anything as contacting someone at all unless you personally speak to them. Besides, doesn't MS use a correct sender address? Did they not receive the bounce from their email? Why was there a name, address, and phone number in their database too? Don't email bounces go into a 'problem' queue for a human being to handle? Regardless of what the OP agreed to, most CC banks do not allow blanket transaction aggreements like in the XBox Live TOS, and will happily issue a chargeback if there is a dispute. Microsoft is doing irresponsible business, so after you call your card company, give the BBB a ring also.
Eh what? First off, ReiserFS is GPL, otherwise it wouldn't be distributed with the kernel. Second, MySQL is GPL also. You can use MySQL for your business needs for free. If your business distributes MySQL (say, bundled or embedded in a product), you can provide the source per GPL, or, if you don't want to provide the source, you can buy the alternate-license version of MySQL that doesn't require you to provide the source. Maybe you got confused at MySQL AB's site... you can optionally buy tech support for MySQL, but otherwise, it's free.
The thing is, within a few blocks of you, cable modems are pretty much all working on the same piece of wire. There is a good amount of bandwidth to share out there (sorry, I don't remember, but it's A LOT), but if you use a transparent proxy, it's still possible to saturate the local segment and irritate other users. A solution using a bandwidth arbitrator for routing to users may work, but if all the cable modems run in full-speed mode, you get bursty connections while each modem waits its turn to go full-saturation. Unfortunately, uncappers don't realize that they're potentially screwing over someone else. I think that's the big beef that the ISPs have... They already planned for a high potential bandwidth, it's just that when you go from 1.5 to 3 Mbps, you're giving yourself a bigger timeslice on the wire. Other than that, DOCSIS (in its most common configuration) is a very Big Brother-ish protocol, and your ISP will know what you're doing the minute you do it... unless they're a bunch of monkeys with wire (read: Comcast).
I use it with Perl all the time, works beautifully. Very fast, too. If you grow a database greater than 500MB, use the VACUUM verb to shrink it up a bit. As others have mentioned, no type checking, though. Also, the bacula project can embed SQLite and use it for its catalog -- I've only used that for testing though, I use a MySQL catalog in production.
I could probably get a snap of his work desktop -- I live in Indianapolis, and he works about 2 miles away from here. I've considered popping in to say hello, but realized I'd sound like an idiot.
But there's no audit trail! I know exactly who ran that sudo the moment it's run. That way I can tell if a specific password is compromised.
If someone masquerades as suzy and puts cusswords in all her docs, who do I blame? Yes, I know, most admins will blame it on network ghosts and not change their admin passwords, but that wouldn't fly with me! I'd have all admin passwords changed and masquerading disabled faster than you can say "Holy backdoors, Batman, look at that Xserve!"
If i'm using sudo responsibly, only few users will have ALL access or access to su. If I have such an incident with sudo, I can find out that jacob was the culprit, and start investigating from there. Masquerading? Better get out your fingerprint kit.
Don't get me wrong, I think OS X is great, but whoever suggested this feature to their manager must have caught him when he was STONED.
Sounds like geek's "bragging rights" to me!
:)
G1: Oh yeah, well I can play back audio encoded in MP3, modulated to analog, then recorded to tape!
G2: Oh, well my dad has a scanning electron microscope!! <runs for the door>
- for both the tape and the recording heads:
- Baseline noise level
- Effective response time
In other words, the quietest reliable volume and the shortest wavelength possible. You'll likely want to find or write an app that encodes ASCII data as 16-bit audio, choosing a high- and low-volume to record binary onto an analog medium. To counter your effective response, simply choose a good per-bit duration -- like cheap error correction. There are many, many ways to get this encoded, but your problem will be the low playback quality of the tapes. Another, more involved, solution would be to assign a specific frequency to each binary place-position, so you can assemble the completed byte-sound, record to tape, and disassemble into the component frequencies. This method will yield a higher density, but I'm afraid you'll probably encounter those quality issues I mentioned before... I'd say it's time to hit the google! Good Luck!See this article: Embedding Perl in MySQL
I did this on a test server -- definite geek factor here.
I'm not seeing any python links on google, but I'm sure someone will speak up if there are.
After SBC implements SPF (good luck, SBC is a great company to work with;), you can bring up a terminal, and run something like 'dig TXT sbc.com' and copy their 'v=spf ...' record from there. This should provide an accurate description.
I'm not quite sure what you're saying at the end there... A remailer will have to be on the SPF record for the domain they're trying to deliver for, yes, and they'll still get through fine, but if there is also a destributed blacklist system (or responsive DNS registrars, but that's another battle), the original sender domain will be dropped anyway. SPF is a simple authorization system, with extremely weak authentication, but we are taking baby steps, right?
Okay, I don't get this... Yes, GNOME and PostgreSQL are pure GPL apps, but MySQL and QT are dual-licensed. Right now, if you get the GPL version of either, and send a patch back in, you will assign copyright to MySQL AB or Trolltech, respectively. If one of those companies decides they don't want to produce free software, and pulls the GPL download from their page. What I'm missing here is how this is any problem at all. Just like with SSH, someone who wants it will pick up the last GPL version and move on. It's already GPL, it's already free. I guess I don't understand what Bruce and his moneyman are worried about...
I'm surprised that nobody pointed this out, but why would a scientist do something like that? Certainly, energy cost would be calculated by the magnitude of the movement vector, right? I'm not even sure how someone could get it to work in that manner -- it just doesn't occur to me. It'd have to be some pretty bad code, like "Energy Cost" = "Step Cost" * "Steps Forward", but you'd probably have to waste some math on figuring "Steps Forward". Send your scientist a letter, tell him, "a^2 * b^2 = c^2". Don't get me wrong, I'm not debunking your real point, just your example! :) I think that the latter two policymakers are the real problem... isn't "clever politician" an oxymoron?
i just blew my karma trying to FP! sorry peeps... I'm awful
That might explain the distributed backup system of printed bibles... hmm. Amazing! Now we have to figure out who wants to be the other... ESR or God... ;)
It was posted on freshmeat earlier today, the servers are loaded.
There is a mirror of the cd here though:
ftp://ftp.oregonstate.edu/pub/phlak/phlak-0.2.iso
Google cache of download page: http://www.phlak.org/modules/mydownloads/
NOTE: Planetmirror 404's -- looks like they don't have the phlak dir anymore. sorry.
Getting about 20KB/s on my ncftpbatch...
Personally -- my opinion, not stated as fact -- I don't really like the people who play CS in general these days. They are complete assholes, they steal my shit when I'm hosting/visiting a LAN party, and are generally very violent, aggressive, and standoffish. There are some good players out there, but they're getting sparse. Of course, this is slashdot, and my post is +5, Obvious... We certainly have our share of idiots here! :) It seems to happen to online communities as more people concentrate in them... :/ Sad, really. BTW, has anyone seen those yoda doll trolls? So insane, they're completely hilarious... frickin morons! :)
I don't think he can directly argue the points of the article. They're all valid. Personally, if I had dealt with these administrators, they would have been fired, possibly shot. Backing up all of the profiles is too expensive? What's the cost of two weeks of deleted work? Another week to restore it? On my network, every single file on a server, and some select desktops is backed up. Full backups each weekend, diffs on weekdays. It takes a lot of tapes, but it's worth it. I can turnover on restore requests in about an hour, or by afternoon if the tapes are offsite. I do have to save the developers from themselves sometimes, but I rarely slow them down. I think this is mostly a result of the Microsoft "anybody can be an administrator" mentality, but that's a different thread. They'll make production changes to code, or even worse to the dataset. They have Administrator access to the servers involved with their system, but I keep it on a short leash. When I came in, almost everything in the system ran as Administrator; needless to say, I wasn't amused. Recently, I had to walk through database snapshots with a couple of them because SQL Server dropped records on the order of 10,000 over the weekend.
And about database administrators, they can be very useful, if they're good. I agree that things like table changes should be avoided, if possible. I've seen databases do some interesting things when you type ALTER TABLE. A DBA is great when they can tell you what kind of performance and storage changes you're going to see when you change a SMALLINT to a BIGINT in a dataset.
Back to the main point here, administrators should never be putting red tape in front of their users, just help keep them from going astray. Honestly, there is no wonder that he had all these issues with the administrators -- they were obviously just lazy PHBs pretending to be somewhat technical. Oh, and FYI, if I can't take care of production downtime personally, our developers are my second trustees after my techs.
That doesn't take care of stopping unencrypted transmission of files, and IPs are easliy spoofed. OpenSSH is a very reliable product, and avoids both of these problems. Other than spoofing, if an attacker DOSes the unrestricted host, then assumes their IP, they still won't have your private key for rsync, and if they obtain the private key, they can only run rsync (password change time, though;).
While your response is correct, you probably don't want to see the contents of your /etc/passwd or /etc/httpd/ssl.pem to be potentially advertised. A better bet would be to run a chrooted rsync mirror server (if that's your bag), and use a command-restricted public key to rsync over ssh for backups.