P2P is actually a "national security crime," if you're willing to follow a bizarre argumentation, which goes like this:
1. Most spam nowadays is being sent from infected Windows machines; so it uses a P2P network to spread.
2. Terrorists can communicate anonymously, by hiding their messages in the flood of spam messages, thus effectively hindering traffic analysis.
Therefore: P2P networks are being used by terrorists and must be banned!
Oh, of course, spam itself is legit, being useful advertisement of great companies that provide kick-backs to congresscritters; therefore you CAN SPAM. Great logic, isn't it?
Do you really think that europeans don't collect taxes? Their VAT is around 17% to 20% or so, and I wouldn't bet that they won't introduce some Internet tax in the near future...
Last I checked redhat has had about 5 full releases since the gap of solaris 9 and 10.
Is that really a valid argument? Release cycles are pretty arbitrary decisions that don't necessarily reflect the amount of change between one release and the next. Sometimes, less is more, because it hints at more thorough internal testing.
If Solaris is open source, it becomes a strong Linux competitor. Small businesses can deploy it onto cheap hardware.
Well, Linux has already some (though not yet much) competition from the BSDs. SUNW's one asset is that they can sell support to companies who feel uneasy with Linux and BSD community support.
Their other asset is still excellent, rock-stable server hardware.
Google, Yahoo, MSN etc... why do we actually rely on a commercial entity for searches? Wasn't there a distributed search project called Grub? Can't we just set up something similar that would be totally independant of any entity that would always be suceptible to *cough* influence *cough*?
Something similar to the Linux movement, but with even more impact to the general Internet population? C'mon, we can do it, don't we? We're also using bittorrent to get more independance of central ftp servers. Distributed search would be just the same.
That's dangerous, because the acquiring registrar may also use an automated process to get confirmations. If your autoresponder sent a reply to that registrar's software, it could be misinterpreted as a confirmation of transfer.
All in all, ICANN's new policy is a very bad move.
Perhaps not, as long as there is just one ccTLD registrar in that country, so the point of domain transfers from one registrar to another would be moot. The problem is with gTLDs with competing registrars (a.k.a..com,.net,.org, etc...)
I'm a huge C fan, using it since nearly two decades in many application domains. I love C and know how to handle it. However C is not really well suited to less experienced application programmers. You can shoot yourself in the foot quite easily; not just once, but many times!
Anyone who considers writing non-system level software should really think hard if C or C++ is the best solution. Often a Python, Ruby or Perl program would do just as well, with the added advantage of being more rapidly developed, and more secure w.r.t. buffer overruns. If speed is a bottleneck, go ahead, and write parts of it in C. Of course, big stuff like, say, toolkits, libraries, high performance servers etc... should still be written in a compiled language (C or C++ would be just fine).
Didn't OpenBSD put the stack in memory pages that had the execution bit turned off?
Anyway: buffer overruns are not the only possible way to attack a system. Format string vulns are just as easy to explore; even though they are less widely known.
You may want to have a look at The Shellcoder's Handbook, by Koziol et. al. for the gory details. BTW, it's an excellent book!
The truth is that no matter how many buffer overflows there may be in Linux, BSD etc, we are not likely to ever have problems with email worms - unless some idiot puts the necessary functionality in place.
Yes, exactly! Unix had a great head start compared to Windows. It was developed with a multiuser environment in mind. Legions of students have been banging on VAX machines, just to become root; both locally and remote. This led to a high awareness to security issues back then, when the system was being designed and stress-tested.
OTOH, Windows evolved form single-user CP/M, then DOS and acquired networked capabilities way too late in the development process. Adding security as an afterthought is extremely complicated. Especially when you want to (or have to) retain backward compatibility with tons of legacy software.
In short: Unix had to prevail in a hard environment when it was being developed. It remained (mostly) secure afterwards. Windows didn't have to prevail against attacks in its early days, and it never acquired the necessary level of "immunity" later.
[All chipsets] should be open. Really, it's very narrow-minded of the chipset manufacturers to not consider the possibility of people using F/OSS operating systems instead of propietary.
All chipsets should be open. Really, it's very narrow-minded of the chipset manufacturers to not consider the possibility of dust or humidity settling or condensing on the open raw chip. Plastic cases are there for some reason, ya know?
Now Open Cores would be great! But as long as we don't have a home chip manufacturing unit (say, like a printer or so), we won't be able to use the source code anyway (though some of us could find out about hidden functionality etc...).
What we do need now are open specifications, both electrical and functional: What do you need to write to Pins 3-29 and what does the result on Pins 30-35 mean? This kind of stuff ought to be open!
Methinks this is not related to the international IP-based ban of the Bush/Cheney campaign. It doesn't matter if the blocked country is in the coalition or not. www.georgewbush.com is simply showing them all the finger, no matter if ally, or not.
That was intentional! MS is offering a PIECE of (their) mind to users. Users are expected to insert it into their own minds; thus lobotomizing themselves.
What are you talking about? Its quite easy to verify if Windows is "Phoning Home". Its called a nifty packet logger, or even better a firewall.
The difficulty here is to know, what "Home" really is. Do you believe that microsoft.com are the only hidden servers that MS spyware would contact? MS can easily hide their "Phoning Home" as absolutely normal surfing to innocouus servers. You'd have a hard time to dissect the logfiles of your firewll or packet logger to find out!
Original Windows is pressed, while priated copies are burned. Every child knows that a pressed CD's lifetime is between 10 and 100 years; a burned CD would last between 5 and 15 years. Ergo, genuine Windows is more reliable!
Oh, of course, the current CPUs won't exist anymore in 10+ years except in museums...;-)
Slashdot Mirror
The interviewer George Neville-Neil co-authored "The Design and Implementation of the FreeBSD Operating System" with Marshall Kirk McKusick.
P2P is actually a "national security crime," if you're willing to follow a bizarre argumentation, which goes like this:
1. Most spam nowadays is being sent from infected Windows machines; so it uses a P2P network to spread.
2. Terrorists can communicate anonymously, by hiding their messages in the flood of spam messages, thus effectively hindering traffic analysis.
Therefore: P2P networks are being used by terrorists and must be banned!
Oh, of course, spam itself is legit, being useful advertisement of great companies that provide kick-backs to congresscritters; therefore you CAN SPAM. Great logic, isn't it?
Fascists are masters of media,
Indeed. They are the pigs in Animal Farm.
Do you really think that europeans don't collect taxes? Their VAT is around 17% to 20% or so, and I wouldn't bet that they won't introduce some Internet tax in the near future...
Right. Though Kerberos existed even before Linux ;-)
Imagine ion propulsion in our cars! Just gimme some months to reach those 55 mph...
Last I checked redhat has had about 5 full releases since the gap of solaris 9 and 10.
Is that really a valid argument? Release cycles are pretty arbitrary decisions that don't necessarily reflect the amount of change between one release and the next. Sometimes, less is more, because it hints at more thorough internal testing.
If Solaris is open source, it becomes a strong Linux competitor. Small businesses can deploy it onto cheap hardware.
Well, Linux has already some (though not yet much) competition from the BSDs. SUNW's one asset is that they can sell support to companies who feel uneasy with Linux and BSD community support.
Their other asset is still excellent, rock-stable server hardware.
Google, Yahoo, MSN etc... why do we actually rely on a commercial entity for searches? Wasn't there a distributed search project called Grub? Can't we just set up something similar that would be totally independant of any entity that would always be suceptible to *cough* influence *cough*?
Something similar to the Linux movement, but with even more impact to the general Internet population? C'mon, we can do it, don't we? We're also using bittorrent to get more independance of central ftp servers. Distributed search would be just the same.
That's dangerous, because the acquiring registrar may also use an automated process to get confirmations. If your autoresponder sent a reply to that registrar's software, it could be misinterpreted as a confirmation of transfer.
All in all, ICANN's new policy is a very bad move.
Perhaps not, as long as there is just one ccTLD registrar in that country, so the point of domain transfers from one registrar to another would be moot. The problem is with gTLDs with competing registrars (a.k.a. .com, .net, .org, etc...)
That would be an excellent strategy! Let's grab the spammer's domains, so THEY will complain to ICANN and spam them to death! ;)
I'm a huge C fan, using it since nearly two decades in many application domains. I love C and know how to handle it. However C is not really well suited to less experienced application programmers. You can shoot yourself in the foot quite easily; not just once, but many times!
Anyone who considers writing non-system level software should really think hard if C or C++ is the best solution. Often a Python, Ruby or Perl program would do just as well, with the added advantage of being more rapidly developed, and more secure w.r.t. buffer overruns. If speed is a bottleneck, go ahead, and write parts of it in C. Of course, big stuff like, say, toolkits, libraries, high performance servers etc... should still be written in a compiled language (C or C++ would be just fine).
Didn't OpenBSD put the stack in memory pages that had the execution bit turned off?
Anyway: buffer overruns are not the only possible way to attack a system. Format string vulns are just as easy to explore; even though they are less widely known.
You may want to have a look at The Shellcoder's Handbook, by Koziol et. al. for the gory details. BTW, it's an excellent book!
Microsoft employs tens of thousands of smart people. They will improve their software, eventually.
This reminds me of The Mythical Man Month. Perhaps an extension would be: "Adding more programmers to a project makes it less secure."?
The truth is that no matter how many buffer overflows there may be in Linux, BSD etc, we are not likely to ever have problems with email worms - unless some idiot puts the necessary functionality in place.
Yes, exactly! Unix had a great head start compared to Windows. It was developed with a multiuser environment in mind. Legions of students have been banging on VAX machines, just to become root; both locally and remote. This led to a high awareness to security issues back then, when the system was being designed and stress-tested.
OTOH, Windows evolved form single-user CP/M, then DOS and acquired networked capabilities way too late in the development process. Adding security as an afterthought is extremely complicated. Especially when you want to (or have to) retain backward compatibility with tons of legacy software.
In short: Unix had to prevail in a hard environment when it was being developed. It remained (mostly) secure afterwards. Windows didn't have to prevail against attacks in its early days, and it never acquired the necessary level of "immunity" later.
What next? Flying pigs?
With enough thrust, even pigs can fly...
[All chipsets] should be open. Really, it's very narrow-minded of the chipset manufacturers to not consider the possibility of people using F/OSS operating systems instead of propietary.
All chipsets should be open. Really, it's very narrow-minded of the chipset manufacturers to not consider the possibility of dust or humidity settling or condensing on the open raw chip. Plastic cases are there for some reason, ya know?
Now Open Cores would be great! But as long as we don't have a home chip manufacturing unit (say, like a printer or so), we won't be able to use the source code anyway (though some of us could find out about hidden functionality etc...).
What we do need now are open specifications, both electrical and functional: What do you need to write to Pins 3-29 and what does the result on Pins 30-35 mean? This kind of stuff ought to be open!
why don't YOU tell US the outcome?
As if the outcome was not already known!
They don't want to waste campaign dollars on bandwidth.
Compared to JUST ONE 5 seconds ad in nationwide TV, the bandwidth costs are peanuts.
Just my thoughts...
Methinks this is not related to the international IP-based ban of the Bush/Cheney campaign. It doesn't matter if the blocked country is in the coalition or not. www.georgewbush.com is simply showing them all the finger, no matter if ally, or not.
These three links still work though
No joy: they closed those holes, buddy.
That was intentional! MS is offering a PIECE of (their) mind to users. Users are expected to insert it into their own minds; thus lobotomizing themselves.
What are you talking about? Its quite easy to verify if Windows is "Phoning Home". Its called a nifty packet logger, or even better a firewall.
The difficulty here is to know, what "Home" really is. Do you believe that microsoft.com are the only hidden servers that MS spyware would contact? MS can easily hide their "Phoning Home" as absolutely normal surfing to innocouus servers. You'd have a hard time to dissect the logfiles of your firewll or packet logger to find out!
Original Windows is pressed, while priated copies are burned. Every child knows that a pressed CD's lifetime is between 10 and 100 years; a burned CD would last between 5 and 15 years. Ergo, genuine Windows is more reliable!
Oh, of course, the current CPUs won't exist anymore in 10+ years except in museums... ;-)