Why not just grab the latest v5 source from www.php.net and compile it yourself? That way you get the latest version and you control exactly what features you get (e.g. PEAR support / CLI support / PDFlib / libxml etc.)
Just because there isn't a package for something doesn't mean you can't have it. In fact, for things like php, apache, mysql, ftpd - it is almost always better to compile yourself from source. This way you maximise the apps efficiency and arguably enhance security as you disable any feature you don't need/want.
BT is a huge corporation. You need to make a distinction between their various retail arms and their network/infrastructure arm.
BT retail is appaulingly bad and the criticisms you make are all valid.
However, the network/infrastructure arm of BT is among the best in the world.
Thanks to BT: 1). The UK enjoys 99% ADSL coverage 2). The UK has the deapest ADSL penetration in Europe (http://www.theregister.co.uk/2006/01/03/broadband _france_uk/) 3). Thanks to the recent successfull rollout of MAX DSL you can now get up to 8MB down and 480KB up 4). We have some of the most competative ADSL pricing in Europe 5). There are a huge array of different ISPs and packages available on the market (http://www.adslguide.org.uk) 6). They are no longer a monoply which is why you can get ADSL for GBP£10/mnth or you can get ADSL for GBP £70 month depending on what you want and who you want to provide it. 7). We are approaching over 500,000 unbundled lines (LLU) which puts us second place in Europe for LLU
The Cardiff initiative is nothing to do with BT Retail. It is BT's next generation infrastructure trial and from what I have read this new platform will ensure the underlying BT network remains one of the most advanced and reliable in the world, with all the benefits this will bring.
While I understand your frustration, the way in which they have done this is regarded as the most elegant solution (it is even recommended by www.quirksmode.org - which is hardly run by a newbie).
Using an onclick handler for the JS and pointing the actual href to a standard "you do not have JS enabled page" allows you to simply and elegantly target both people with JS and people without.
If you simply place the JS in the href portion of the tag ie. href="javascript: doSomething()" then any user without JS enabled will sit there clicking away and nothing will happen. At least with the other method he is taken to a page explaining what has gone wrong.
This method also removes the need for any messy "JS detection" routines hence keeping the code to a minimum (more maintainable, no need to worry about different browsers etc.)
I'm afraid I disagree. The level of risk you are exposed to depends very heavily on what DVR software/hardware you use. There are literally hundreds of competing solutions on the market (I was at IFSEC in the UK only last year and the amount of DVR related products on offer was mind blowing). They all use different approaches and most share very little in common with each other.
If you are using a non-Axis based setup your chances of being targetted by a worm are relatively small (especially if you are using some of the more obscure but very capable solutions coming out of Taiwan/Korea).
In any case, the point I was making still stands true - whether you run a DVR solution on a windows or linux platform, your are just as vulnerable to an exploit if one exists that targets your particular DVR solution (assuming you use a windows dvr package that doesn't require admin privs to run and likewise for nix) .
I used to work for a security company selling DVR kit. I was responsible for building the DVR boxes and configuring them with DVR software (huperLabs running on WinXP). Your fear that by opening some select ports to enable remote clients to view live DVR footage (and presumably operate the archive etc.) will cause a security hole is unfounded.
Simply opening ports does not in itself cause a security problem. You need to have a program listening on that port which is vulnerable to an exploit. Therefore, the only way you can realisticly be vulnerable to "viruses and worms" is if a cracker has specifically written a worm/virus that targets your DVR software, which is unlikely. Furthermore, running a linux DVR solution does not protect you from this scenario either (perhaps it does slightly in that you may be able to run the DVR software as an unprivilleged user thus limiting the scope of an exploit).
Some things you can do to enhance security on a Windows based DVR platform:
1). Firewall off all the ports except the ones required by the DVR software. 2). Change the ports the DVR software uses (i.e. don't use defaults). 3). Set the DVR software up so that it runs under a normal windows user account (i.e. no administrative privellegese). If the software requires Admin privs to run then consider using something like Emco RunAs Professional (http://www.emco.is/run_as_professional/features.h tml). 4). Disable USB on the DVR box. 5). Remove any CD/DVD drives. 6). Password protect the BIOS.
This should protect the DVR unit from most software and physical attacks.
If you are not already aware of it, I would highly recommend Risk. Here is the wikipedia article: http://en.wikipedia.org/wiki/Risk_%28game%29 You can read up on the history of the game here: http://boardgames.about.com/library/weekly/aa-risk -history.htm
I believe there is even an on-line, Linux compatible version.
I use an ISP in the UK called Nildram. They are a well respected business grade ISP that has been around since the mid ninties (possibly earlier).
They enforce a very simple yet effective system. By default all users have port 25 blocked. If you wish to host your own mail (like I do) all it takes is one email to tech support. They run an automated open relay check and if you pass, the port is opened. They guarantee that a request for port 25 to be opened will be honoured within 24 hours.
Blocking port 25 by default goes a long way to mitigating the effect of zombie pc's acting as relays for spammers. As far as I can see there is no downside. Those that need port 25 open are given it, those that don't aren't - simple and effective.
I've just moved into a new house with a good friend of mine. This is our home entertainment setup:
We have a 100MBit LAN serving all the downstairs rooms in the house, the cellar and one server room upstairs.
We have one debian file server with 640GB of disk space. This stores all of our media (mp3/divx/svcd/dvd rips etc.) and lives in the server room.
We have two Windows XP workstations. One of which has a TV-out with a long cable going to the lounge (this is no longer used and has been superceded by the xbox and XBMC).
Both Windows XP machines are connected to a mixer which in turn connects to speakers in our work room and in our lounge.
We have an xbox in the lounge that is also on the network, is chipped and runs XBMC.
The Debian file server runs samba so the windows machines and xbox can all access the media.
We also have a wifi gateway serving the two bedrooms upstairs so we can stream music and video to laptops.
This way we can watch anything from anywhere and listen to anything from anywhere.
In addition we have a CD player, Minidisc player, Record player and DAB radio in the lounge. These are also connected back through to the mixer in the work room so we can listen to traditional media anywhere downstairs.
Finaly, we have a Korg 01/W proX keyboard in the workroom connected to both an Akai S1000 sampler and Reason on one of the Windows machines, so we can make our own music:o)
Finaly, finaly, we have an acoustic guitar (truly mobile audio!).
It seems the owner of the site has changed it so that it now redirects to goat.cx (apparently after a recommendation to do so in the ars technica forum). He asked the slashdot editors to take down the story (as he didn't post it for submission), they refused and he has altered it to point to goatse.
That is the most misguided comment I have ever read.
I suggest you direct your browser to: http://www.bbc.co.uk/info/policies/charter/ Where you can peruse the BBC's royal charter.
You may also wish to read: http://www.bbc.co.uk/info/policies/charter/pdf/agr eement_text.shtml Specifically, read section "4. OBJECTIVES FOR THE HOME SERVICES".
The BBC is not a mouth piece for the government and indeed the government has no control over what can or cannot be broadcast. If you lived in the UK you would have read in the papers and seen on TV the huge debate that took place recently over finding a replacement director general after Greg Dyke (the former DG) resigned in response to the Dr. David Kelly affair. The debate was centred around finding a person suitable for the level of impartiality required. The government also felt obliged to jump through hoops just to let everyone know that they fully respected the impartiality of the BBC and had no intention of meddling with the selection process. The BBC's impartiality is so highly regarded in this country that if the government even hinted at trying to sway the selection process it would lose the next general election. This is why they went to such lengths to show they had no involvement in the process.
Perhaps I should have qualified that by saying "the good intentions of the developer". His good intentions may not translate to them being Microsoft's good intentions.
All this conspiracy, "black-helicopter" rubbish being posted suggests no one has even read the lead developers blog. I quote:
"Now, let's talk about why WiX was released as Open Source. First, working on WiX has never been a part of my job description or review goals. I work on the project in my free time. Second, WiX is a very developer oriented project and thus providing source code access increases the pool of available developers. Today, there are five core developers (Robert, K, Reid, and Derek, thank you!) regularly working on WiX in their free time with another ten submitting fixes occasionally. Finally, many parts of the Open Source development process appeal to me. Back in 1999 and 2000, I did not feel that many people inside Microsoft understood what the Open Source community was really about and I wanted to improve that understanding by providing an example.
After four and a half years of part-time development, the WiX design (and most of the code) matured to a point where I was comfortable trying to release it externally. So, last October I started looking for a means to release not only the tools but the source code as well. I thought GotDotNet was the place. However, at that time, none of the existing Shared Source licenses were flexible enough to accept contributions from the community. Then, in February, I was introduced to Stephen Walli who was also working to improve Microsoft's relationship with the Open Source community. Fortunately, Stephen was much farther along than I and had the step-by-step plan how to release an Open Source project from Microsoft using an approved OSS license.
Today, via WiX on SourceForge, you get to see the results of many people's efforts to improve Microsoft from the inside out. I'm not exactly sure what is going to happen next but I'm sure there are quite a few people who are interested to see where this leads. Personally, all I hope is that if you find the WiX toolset useful then you'll join the community and help us improve the toolset."
In this case irrelevant as Man Uni aren't allowed to route commercial traffic across super janet. Their colo is a commercial spin off and is seperate from their acadmic network.
I am a student at Manchester University and have a server in the University's spin-off colocation facility (which is a MaNAP expansion member). We have experienced no downtime or outages.
Slashdot Mirror
Why not just grab the latest v5 source from www.php.net and compile it yourself? That way you get the latest version and you control exactly what features you get (e.g. PEAR support / CLI support / PDFlib / libxml etc.)
Just because there isn't a package for something doesn't mean you can't have it. In fact, for things like php, apache, mysql, ftpd - it is almost always better to compile yourself from source. This way you maximise the apps efficiency and arguably enhance security as you disable any feature you don't need/want.
*sigh* do I detect another BT hater?
No, I don't work for them and yes I do work for a great company in a position that affords me 30 minutes on slashdot once or twice a week.
BT is a huge corporation. You need to make a distinction between their various retail arms and their network/infrastructure arm.
d _france_uk/)
BT retail is appaulingly bad and the criticisms you make are all valid.
However, the network/infrastructure arm of BT is among the best in the world.
Thanks to BT:
1). The UK enjoys 99% ADSL coverage
2). The UK has the deapest ADSL penetration in Europe (http://www.theregister.co.uk/2006/01/03/broadban
3). Thanks to the recent successfull rollout of MAX DSL you can now get up to 8MB down and 480KB up
4). We have some of the most competative ADSL pricing in Europe
5). There are a huge array of different ISPs and packages available on the market (http://www.adslguide.org.uk)
6). They are no longer a monoply which is why you can get ADSL for GBP£10/mnth or you can get ADSL for GBP £70 month depending on what you want and who you want to provide it.
7). We are approaching over 500,000 unbundled lines (LLU) which puts us second place in Europe for LLU
The Cardiff initiative is nothing to do with BT Retail. It is BT's next generation infrastructure trial and from what I have read this new platform will ensure the underlying BT network remains one of the most advanced and reliable in the world, with all the benefits this will bring.
While I understand your frustration, the way in which they have done this is regarded as the most elegant solution (it is even recommended by www.quirksmode.org - which is hardly run by a newbie).
Using an onclick handler for the JS and pointing the actual href to a standard "you do not have JS enabled page" allows you to simply and elegantly target both people with JS and people without.
If you simply place the JS in the href portion of the tag ie. href="javascript: doSomething()" then any user without JS enabled will sit there clicking away and nothing will happen. At least with the other method he is taken to a page explaining what has gone wrong.
This method also removes the need for any messy "JS detection" routines hence keeping the code to a minimum (more maintainable, no need to worry about different browsers etc.)
I'm afraid I disagree. The level of risk you are exposed to depends very heavily on what DVR software/hardware you use. There are literally hundreds of competing solutions on the market (I was at IFSEC in the UK only last year and the amount of DVR related products on offer was mind blowing). They all use different approaches and most share very little in common with each other. If you are using a non-Axis based setup your chances of being targetted by a worm are relatively small (especially if you are using some of the more obscure but very capable solutions coming out of Taiwan/Korea). In any case, the point I was making still stands true - whether you run a DVR solution on a windows or linux platform, your are just as vulnerable to an exploit if one exists that targets your particular DVR solution (assuming you use a windows dvr package that doesn't require admin privs to run and likewise for nix) .
I used to work for a security company selling DVR kit. I was responsible for building the DVR boxes and configuring them with DVR software (huperLabs running on WinXP). Your fear that by opening some select ports to enable remote clients to view live DVR footage (and presumably operate the archive etc.) will cause a security hole is unfounded.
h tml).
Simply opening ports does not in itself cause a security problem. You need to have a program listening on that port which is vulnerable to an exploit. Therefore, the only way you can realisticly be vulnerable to "viruses and worms" is if a cracker has specifically written a worm/virus that targets your DVR software, which is unlikely. Furthermore, running a linux DVR solution does not protect you from this scenario either (perhaps it does slightly in that you may be able to run the DVR software as an unprivilleged user thus limiting the scope of an exploit).
Some things you can do to enhance security on a Windows based DVR platform:
1). Firewall off all the ports except the ones required by the DVR software.
2). Change the ports the DVR software uses (i.e. don't use defaults).
3). Set the DVR software up so that it runs under a normal windows user account (i.e. no administrative privellegese). If the software requires Admin privs to run then consider using something like Emco RunAs Professional (http://www.emco.is/run_as_professional/features.
4). Disable USB on the DVR box.
5). Remove any CD/DVD drives.
6). Password protect the BIOS.
This should protect the DVR unit from most software and physical attacks.
If you are not already aware of it, I would highly recommend Risk. Here is the wikipedia article: http://en.wikipedia.org/wiki/Risk_%28game%29k -history.htm
You can read up on the history of the game here: http://boardgames.about.com/library/weekly/aa-ris
I believe there is even an on-line, Linux compatible version.
I use an ISP in the UK called Nildram. They are a well respected business grade ISP that has been around since the mid ninties (possibly earlier).
They enforce a very simple yet effective system. By default all users have port 25 blocked. If you wish to host your own mail (like I do) all it takes is one email to tech support. They run an automated open relay check and if you pass, the port is opened. They guarantee that a request for port 25 to be opened will be honoured within 24 hours.
Blocking port 25 by default goes a long way to mitigating the effect of zombie pc's acting as relays for spammers. As far as I can see there is no downside. Those that need port 25 open are given it, those that don't aren't - simple and effective.
I've just moved into a new house with a good friend of mine. This is our home entertainment setup:
:o)
We have a 100MBit LAN serving all the downstairs rooms in the house, the cellar and one server room upstairs.
We have one debian file server with 640GB of disk space. This stores all of our media (mp3/divx/svcd/dvd rips etc.) and lives in the server room.
We have two Windows XP workstations. One of which has a TV-out with a long cable going to the lounge (this is no longer used and has been superceded by the xbox and XBMC).
Both Windows XP machines are connected to a mixer which in turn connects to speakers in our work room and in our lounge.
We have an xbox in the lounge that is also on the network, is chipped and runs XBMC.
The Debian file server runs samba so the windows machines and xbox can all access the media.
We also have a wifi gateway serving the two bedrooms upstairs so we can stream music and video to laptops.
This way we can watch anything from anywhere and listen to anything from anywhere.
In addition we have a CD player, Minidisc player, Record player and DAB radio in the lounge. These are also connected back through to the mixer in the work room so we can listen to traditional media anywhere downstairs.
Finaly, we have a Korg 01/W proX keyboard in the workroom connected to both an Akai S1000 sampler and Reason on one of the Windows machines, so we can make our own music
Finaly, finaly, we have an acoustic guitar (truly mobile audio!).
heheh probably a better idea :o)
It seems the owner of the site has changed it so that it now redirects to goat.cx (apparently after a recommendation to do so in the ars technica forum). He asked the slashdot editors to take down the story (as he didn't post it for submission), they refused and he has altered it to point to goatse.
That is the most misguided comment I have ever read.
r eement_text.shtml
I suggest you direct your browser to: http://www.bbc.co.uk/info/policies/charter/ Where you can peruse the BBC's royal charter.
You may also wish to read: http://www.bbc.co.uk/info/policies/charter/pdf/ag
Specifically, read section "4. OBJECTIVES FOR THE HOME SERVICES".
The BBC is not a mouth piece for the government and indeed the government has no control over what can or cannot be broadcast. If you lived in the UK you would have read in the papers and seen on TV the huge debate that took place recently over finding a replacement director general after Greg Dyke (the former DG) resigned in response to the Dr. David Kelly affair. The debate was centred around finding a person suitable for the level of impartiality required. The government also felt obliged to jump through hoops just to let everyone know that they fully respected the impartiality of the BBC and had no intention of meddling with the selection process. The BBC's impartiality is so highly regarded in this country that if the government even hinted at trying to sway the selection process it would lose the next general election. This is why they went to such lengths to show they had no involvement in the process.
Perhaps I should have qualified that by saying "the good intentions of the developer". His good intentions may not translate to them being Microsoft's good intentions.
Maybe so. But I don't think dismissing the good intentions behind open-sourcing WiX is very constructive.
All this conspiracy, "black-helicopter" rubbish being posted suggests no one has even read the lead developers blog. I quote:
"Now, let's talk about why WiX was released as Open Source. First, working on WiX has never been a part of my job description or review goals. I work on the project in my free time. Second, WiX is a very developer oriented project and thus providing source code access increases the pool of available developers. Today, there are five core developers (Robert, K, Reid, and Derek, thank you!) regularly working on WiX in their free time with another ten submitting fixes occasionally. Finally, many parts of the Open Source development process appeal to me. Back in 1999 and 2000, I did not feel that many people inside Microsoft understood what the Open Source community was really about and I wanted to improve that understanding by providing an example.
After four and a half years of part-time development, the WiX design (and most of the code) matured to a point where I was comfortable trying to release it externally. So, last October I started looking for a means to release not only the tools but the source code as well. I thought GotDotNet was the place. However, at that time, none of the existing Shared Source licenses were flexible enough to accept contributions from the community. Then, in February, I was introduced to Stephen Walli who was also working to improve Microsoft's relationship with the Open Source community. Fortunately, Stephen was much farther along than I and had the step-by-step plan how to release an Open Source project from Microsoft using an approved OSS license.
Today, via WiX on SourceForge, you get to see the results of many people's efforts to improve Microsoft from the inside out. I'm not exactly sure what is going to happen next but I'm sure there are quite a few people who are interested to see where this leads. Personally, all I hope is that if you find the WiX toolset useful then you'll join the community and help us improve the toolset."
In this case irrelevant as Man Uni aren't allowed to route commercial traffic across super janet. Their colo is a commercial spin off and is seperate from their acadmic network.
I am a student at Manchester University and have a server in the University's spin-off colocation facility (which is a MaNAP expansion member). We have experienced no downtime or outages.