I can't see a judge reasonably going through with another SCO case while there is pending litigation with the IBM case. It would make sense that the IBM case would set precedent and all other cases obide by that ruling. That is of course unless new substantial evidence comes out.
I think SCO's had it's day in the media. The last hold out's where the mainstream media and for the most part they've just stopped reporting about it. Their stock is at 1/3 of what it peaked at over the year. Sharply down since demcember (which funny enough is about the same time the judge ordered them to actually show the court offending code). SCO isn't going to end in a bust, but in a fizzle. And that process has been in the works for a few months now.
One of the most interesting coming out of brainshare is Novell's strong commitment to having linux on the server AND desktop. They see the reason as MS having any success on the server side is because companies wanted to use the same thing on server and desktop. Linux is definatly taking over the server side and if companies have a good linux desktop I think the opposite can happen (use linux on desktop because they can integrate it with their servers). It's funny this comes up because I just read an article stating Windows isn't an enterprise OS and the only reason it got on the server is because it had desktop dominence. Which makes sense because when compared with almost any other OS on the planet Win2k3 comes up short in almost every category.
Re:It's easier to tear something down than to buil
on
Thebroken Videos
·
· Score: 1
I don't see so much hacker/cracker debate as I do "this guy doesn't know what the fuck he's talking about" debate. He basically seems like a script kiddie. Discussing techniques from 10 years ago and offering trite and useless information. War driving? Ummm...sure, lot's of 16 year olds do that. His next article, war dialing and brute forcing. Serious security researchers are much more skilled than him. I don't put him in the same league as gobbles or immunitysec. I put him in the same league as the 15 year old next door whom tries to trick people to download sub seven. I question whether he can even program, let alone write a buffer overflow exploit. He comes straight out of "hacker" stereotypes from the movies. The average security researcher has more skill in their pinky than he could even fathom.
I remember awhile back the prices for their tshirts were kept in a hidden form field and to get discounted tshirts all you had to do was save the html locally and change the hidden fields. I emailed them and apparently they didn't think it was a problem. Their server allowed zone transfers. Ran gobs of outdated exploitable daemons. Their bulletin board software contained quite a few sql injection exploits.
Not getting into a hacker war, these guys really don't know what they are doing. Passing prices through hidden values? I think they use someone else's ecommerce software now, but before they were using cgi they wrote. That's seriously pathetic. They don't know very basic things related to security. They are the worst security site I've ever seen on the internet. Worse than happy hacker.
War driving? This site should just slap 1337 speak all over their site right now and get it over with, because that's about the level site they are. Bugtraq, Securiteam, Packetstorm, Phrack, and the likes are quality security organizations. I can't say I'd put the broken in nearly the same league as them. I doubt they could smash anything for fun an profit.
I don't know how a post that has a pic of a man about to eat another mans ass with a giant fork got modded up. This one has to go down in slashdot history. Nice use of debian redirect cgi though, I was actually expecting a debian package page.
What are they doing? The wording is so vague and keywords like "stand alone" are thrown in there. Reading it, it seems they've taken product a (Netware) and product b (Suse linux) and made product c (Open Enterprise Server). Open Enterprise Server btw sounds about as original as the name of Homer Simpsons internet company (mega-compu-global-hyper-net or something like that).
Seriously though, what are they doing? From the wording of it, it seems Open Enterprise Server will be more Netware code than Linux code and Suse included with tools to make the two work together.
This is usually how the situtation goes. Grey hat hacker bored/is curious. Picks a target and goes to town. Finds security vulneribilities and emails them to whatever contact info is available. 9 times out of 10, no response. Other contact attempts usually follow and those in charge either don't understand, don't care, understaffed, or contact info out of date. The problem goes unfixed an the hacker moves on.
This cycle goes on and turns the grey hat more and more black hat. It's rarely a pure act for the bettering of human kind, but it's rarely (except for script kiddies and 13 year olds) intentionally malicious. It's mostly for the curiousity and they are willing to report what they find. The more the hacker is ignored the more they go from simply finding areas where problems could exist, to exploiting problems. People need to stop ignoring the grey hats who report possible problems because they turn into black hats who will embarass you on the grandest of scales.
Not saying I condone exploits in this manner, but the only thing people seem to respond to is embarassment. Then it's scape goat time. Pretending the problem doesn't exist doesn't help anyone. They are going to be punished for reporting the problem. What will this tell others? Don't report the problem. Contact parties in Russia and sell them the card numbers. Cracking down on them doesn't stop them, it just makes them uncooperative.
mod_deflate is so incredibly useful, if there were mod_deflate commercials I'd be in one. It's probably one of the most under used webserver resources out there. mod_deflate can take a large page and reasonably compress the text to a 1/4 or 1/5 the original size. This can be the difference between having to go to a fractional T-3 or being able to use a 1.5 megabit SDSL line.
>If I would do my app in perl or python, how many options of compatible servers can I find?
Any server that supports cgi.
>But who does web projects in C these days?
No one, but I didn't suggest doing web projects in c either. I was speaking of non web projects.
>And the text processing capabilities of C are nearer assembler than any modern language
C's PCRE implementation of regular expressions and java's are almost exactly the same. So to say c's text processing is nearer to assembly is to say so is java's.
>Don't forget the usefulnes of standards to stop reinventing the wheel every time, something that some C/C++ programmers seem to prefer. Standards help lower the cost of development.
More libraries are written in c than in any other language. If a c programmer chooses to reinvent the wheel, that's their own problem. More than likely the needed library has already been written. And ANSI has been standardizing C since the 80's.
One of the reason there's so many people claiming to know java is because it's being widely taught in schools. They can write a rolling dice program, have the user prompt how many dice they want rolled, format results double spaced, and other practice problems from their book, but that's not real programming. When it comes to programming in school, almost nothing you learn applies to the real world. Taking a semester of java and then not programming in it again for 4 years doesn't make you a java programmer.
The other problem is, java's been such a damn hype language. A lot of companies want java programmers, but they don't know _why_ they want java programmers. In reality, java isn't a good language and it's rarely the right tool for the job. It's marginally faster than Perl/Python (in real world applications, not looping benchmarks) and MUCH slower than c or c++. Swing is so slow it's almost useless, JSP lacks the rich text processing it needs to actually be a safe/useful cgi langauge, it's still relativly immature and incomplete, I could go on all day.
But that's what the business world feeds off of, hype. So that's exactly what they get, vaporware applicants.
One of the biggest reasons for failed dependencies in configure is because distributions (red hat, I'm looking at you here) split important packages into devel packages. So you might have a package, but you don't have the development version. However, most projects don't split them up, distros have taken it upon themselves to do it. I've installed Red Hat before and supposedly installed the development libs, but come time to compile a gtk app, oops! no gtk! But I've got other gtk apps installed. Oh, they've taken it upon themselves to split gtk up. One of the biggest reasons I started using LFS (and for servers, Gentoo) is because LFS and Gentoo don't split packages up 11 ways from Sunday. And the second I started using them is the second I had 99% less configure issues.
That's the point. Why release admin tools if the only way you can put them in your distro is with a fork or heavy porting. Debian and Mandrake had to change loads of code to make them work with their distros. I would like to be able to reasonably take a distro and put Yast on it without a fork or porting. I cited webmin as a great example because it's VERY modular and has config files that you can specify how a given piece of software is installed. This means a smaller distro can have administration tools without a fork or porting.
LSB compliance isn't an end all by far. Take 5 LSB compliant distro's. They will all vary greatly. Booting will vary, scripts will vary, package managers will vary, everything varies. Enough so that it makes it difficult to you other distributions admin tools unless they've taken measures to make them compatable. Many admin tools don't even have a decent./configure script.
Many distributions have open sourced their installers and administration tools, but for the most part, many have been useless for other distros. Many expect the EXACT filesystem hierchy of the original distro, exact package tools, etc. etc. So if I want to make a distribution and base it on someone else's installer or admin tools, I either have to dig into their source and do it myself, or make another distribution. There are some notable exceptions (webmin being one of them). While this is mostly good news, what I question is, will I be able to use it on linux from scratch without heavy porting? If not, it's not much use to many people.
The latest version is available as an ftp install. Unless you are on a dial-up or pay per megabyte it's really not that bad. And actually, a lot of distributions have ftp installs now because it's a little lighter bandwidth-wise to have people just download the packages they are going to install than download ALL the software and have half of it go without being installed. Off the top of my head Gentoo and Debian encourage ftp installs because you also get the latest packages they offer (mostly).
It actually depends the country. From what I understand Germans do pronounce it Suzy. Looking on the Suse mailing lists confirms this. An American varation seems to be with more "s" than "z". Sue see. However, most discussions I could find on the manner seem to support the pronouncation with an "eee" sound at the end rather than "ous" rhyming with Zues.
If anything it will be one more anti trust case out of the way. They'll pay their fine and be on their way. "We paid our fine, what else do you want from us". Don't think they will take this sitting down either... they will screw the EU somehow. Raise prices in Europe, buy the continent and turn them into slaves to build a giant monument to Bender, you know the drill. The ONLY thing they could do to really affect Microsoft is a) break them up like ma bell was and b) rip out parts of the OS and make it so a default windows install has almost nothing. Neither of these will happen of course. There are no talks of the EU splitting them up and the most gutting of windows they are talking about is media player. They could take away media player completely and it's doubtful it would have even a minimal of impact upon them.
Modded insightful? Office doesn't even support right to left languages. Microsoft has fought localization kicking and screaming and it wasn't until competing products were stealing this market that they have decided to respond. Consider also the fact that some governments are localizing distro's themselves and have helped the OSS community greatly. If MS had it their way the entire planet would be speaking American English.
None, but... You live in the dorms and you pay for your internet access. It's not a military camp, students would like to have fun every once in awhile. Espically since they pay for their access.
If you block it all that happens is the p2p client finds another way to connect. There are some that transfer over http now. Can't exactly block http! The best way to go about the problem is to allow a very small portion of traffic for p2p. Maybe 5mbps. Otherwise you are just in an arms race. Students will just find another way if you completely block it. It doesn't solve the problem of lawsuits, but you do also lesson the chance because students are tansfering a lot less data.
These days, your lucky if your college internet access doesn't have you running through an http proxy. It's really that bad. Most of the Universities I know of (in the dorms at least) block all incoming tcp/ip ports, and do not let UDP nor icmp traffic at all. Basically, all you can do is browse the web. At one College when students called to complain they couldn't play certain multiplayer games anymore they were basically told UDP and ICMP are depreceated protocols and they should call the game developers to have them change to tcp.
Slashdot Mirror
I can't see a judge reasonably going through with another SCO case while there is pending litigation with the IBM case. It would make sense that the IBM case would set precedent and all other cases obide by that ruling. That is of course unless new substantial evidence comes out.
I think SCO's had it's day in the media. The last hold out's where the mainstream media and for the most part they've just stopped reporting about it. Their stock is at 1/3 of what it peaked at over the year. Sharply down since demcember (which funny enough is about the same time the judge ordered them to actually show the court offending code). SCO isn't going to end in a bust, but in a fizzle. And that process has been in the works for a few months now.
One of the most interesting coming out of brainshare is Novell's strong commitment to having linux on the server AND desktop. They see the reason as MS having any success on the server side is because companies wanted to use the same thing on server and desktop. Linux is definatly taking over the server side and if companies have a good linux desktop I think the opposite can happen (use linux on desktop because they can integrate it with their servers). It's funny this comes up because I just read an article stating Windows isn't an enterprise OS and the only reason it got on the server is because it had desktop dominence. Which makes sense because when compared with almost any other OS on the planet Win2k3 comes up short in almost every category.
I don't see so much hacker/cracker debate as I do "this guy doesn't know what the fuck he's talking about" debate. He basically seems like a script kiddie. Discussing techniques from 10 years ago and offering trite and useless information. War driving? Ummm...sure, lot's of 16 year olds do that. His next article, war dialing and brute forcing. Serious security researchers are much more skilled than him. I don't put him in the same league as gobbles or immunitysec. I put him in the same league as the 15 year old next door whom tries to trick people to download sub seven. I question whether he can even program, let alone write a buffer overflow exploit. He comes straight out of "hacker" stereotypes from the movies. The average security researcher has more skill in their pinky than he could even fathom.
I remember awhile back the prices for their tshirts were kept in a hidden form field and to get discounted tshirts all you had to do was save the html locally and change the hidden fields. I emailed them and apparently they didn't think it was a problem. Their server allowed zone transfers. Ran gobs of outdated exploitable daemons. Their bulletin board software contained quite a few sql injection exploits.
Not getting into a hacker war, these guys really don't know what they are doing. Passing prices through hidden values? I think they use someone else's ecommerce software now, but before they were using cgi they wrote. That's seriously pathetic. They don't know very basic things related to security. They are the worst security site I've ever seen on the internet. Worse than happy hacker.
War driving? This site should just slap 1337 speak all over their site right now and get it over with, because that's about the level site they are. Bugtraq, Securiteam, Packetstorm, Phrack, and the likes are quality security organizations. I can't say I'd put the broken in nearly the same league as them. I doubt they could smash anything for fun an profit.
I don't know how a post that has a pic of a man about to eat another mans ass with a giant fork got modded up. This one has to go down in slashdot history. Nice use of debian redirect cgi though, I was actually expecting a debian package page.
What are they doing? The wording is so vague and keywords like "stand alone" are thrown in there. Reading it, it seems they've taken product a (Netware) and product b (Suse linux) and made product c (Open Enterprise Server). Open Enterprise Server btw sounds about as original as the name of Homer Simpsons internet company (mega-compu-global-hyper-net or something like that).
Seriously though, what are they doing? From the wording of it, it seems Open Enterprise Server will be more Netware code than Linux code and Suse included with tools to make the two work together.
I've dealt with this kind of thing before.
This is usually how the situtation goes. Grey hat hacker bored/is curious. Picks a target and goes to town. Finds security vulneribilities and emails them to whatever contact info is available. 9 times out of 10, no response. Other contact attempts usually follow and those in charge either don't understand, don't care, understaffed, or contact info out of date. The problem goes unfixed an the hacker moves on.
This cycle goes on and turns the grey hat more and more black hat. It's rarely a pure act for the bettering of human kind, but it's rarely (except for script kiddies and 13 year olds) intentionally malicious. It's mostly for the curiousity and they are willing to report what they find. The more the hacker is ignored the more they go from simply finding areas where problems could exist, to exploiting problems. People need to stop ignoring the grey hats who report possible problems because they turn into black hats who will embarass you on the grandest of scales.
Not saying I condone exploits in this manner, but the only thing people seem to respond to is embarassment. Then it's scape goat time. Pretending the problem doesn't exist doesn't help anyone. They are going to be punished for reporting the problem. What will this tell others? Don't report the problem. Contact parties in Russia and sell them the card numbers. Cracking down on them doesn't stop them, it just makes them uncooperative.
mod_deflate is so incredibly useful, if there were mod_deflate commercials I'd be in one. It's probably one of the most under used webserver resources out there. mod_deflate can take a large page and reasonably compress the text to a 1/4 or 1/5 the original size. This can be the difference between having to go to a fractional T-3 or being able to use a 1.5 megabit SDSL line.
>If I would do my app in perl or python, how many options of compatible servers can I find?
Any server that supports cgi.
>But who does web projects in C these days?
No one, but I didn't suggest doing web projects in c either. I was speaking of non web projects.
>And the text processing capabilities of C are nearer assembler than any modern language
C's PCRE implementation of regular expressions and java's are almost exactly the same. So to say c's text processing is nearer to assembly is to say so is java's.
>Don't forget the usefulnes of standards to stop reinventing the wheel every time, something that some C/C++ programmers seem to prefer. Standards help lower the cost of development.
More libraries are written in c than in any other language. If a c programmer chooses to reinvent the wheel, that's their own problem. More than likely the needed library has already been written. And ANSI has been standardizing C since the 80's.
One of the reason there's so many people claiming to know java is because it's being widely taught in schools. They can write a rolling dice program, have the user prompt how many dice they want rolled, format results double spaced, and other practice problems from their book, but that's not real programming. When it comes to programming in school, almost nothing you learn applies to the real world. Taking a semester of java and then not programming in it again for 4 years doesn't make you a java programmer.
The other problem is, java's been such a damn hype language. A lot of companies want java programmers, but they don't know _why_ they want java programmers. In reality, java isn't a good language and it's rarely the right tool for the job. It's marginally faster than Perl/Python (in real world applications, not looping benchmarks) and MUCH slower than c or c++. Swing is so slow it's almost useless, JSP lacks the rich text processing it needs to actually be a safe/useful cgi langauge, it's still relativly immature and incomplete, I could go on all day.
But that's what the business world feeds off of, hype. So that's exactly what they get, vaporware applicants.
I don't care what anyone says. No other anime is better than Big O. Simply for the fact of the intro. *alarm noises* ANDROID BUTLER NEGOTIATOR
One of the biggest reasons for failed dependencies in configure is because distributions (red hat, I'm looking at you here) split important packages into devel packages. So you might have a package, but you don't have the development version. However, most projects don't split them up, distros have taken it upon themselves to do it. I've installed Red Hat before and supposedly installed the development libs, but come time to compile a gtk app, oops! no gtk! But I've got other gtk apps installed. Oh, they've taken it upon themselves to split gtk up. One of the biggest reasons I started using LFS (and for servers, Gentoo) is because LFS and Gentoo don't split packages up 11 ways from Sunday. And the second I started using them is the second I had 99% less configure issues.
That's the point. Why release admin tools if the only way you can put them in your distro is with a fork or heavy porting. Debian and Mandrake had to change loads of code to make them work with their distros. I would like to be able to reasonably take a distro and put Yast on it without a fork or porting. I cited webmin as a great example because it's VERY modular and has config files that you can specify how a given piece of software is installed. This means a smaller distro can have administration tools without a fork or porting.
LSB compliance isn't an end all by far. Take 5 LSB compliant distro's. They will all vary greatly. Booting will vary, scripts will vary, package managers will vary, everything varies. Enough so that it makes it difficult to you other distributions admin tools unless they've taken measures to make them compatable. Many admin tools don't even have a decent ./configure script.
Writing a bash script to download compile and install one package on 20 systems until your vendor releases a package isn't a huge deal.
damn preview button being close to submit...
s/or make another distribution/ or make another distribution almost exactly like theirs./
Many distributions have open sourced their installers and administration tools, but for the most part, many have been useless for other distros. Many expect the EXACT filesystem hierchy of the original distro, exact package tools, etc. etc. So if I want to make a distribution and base it on someone else's installer or admin tools, I either have to dig into their source and do it myself, or make another distribution. There are some notable exceptions (webmin being one of them). While this is mostly good news, what I question is, will I be able to use it on linux from scratch without heavy porting? If not, it's not much use to many people.
....
Ummm... compiling software yourself has become torture? I guess the folks over at linux from scratch are sadists then.
The latest version is available as an ftp install. Unless you are on a dial-up or pay per megabyte it's really not that bad. And actually, a lot of distributions have ftp installs now because it's a little lighter bandwidth-wise to have people just download the packages they are going to install than download ALL the software and have half of it go without being installed. Off the top of my head Gentoo and Debian encourage ftp installs because you also get the latest packages they offer (mostly).
It actually depends the country. From what I understand Germans do pronounce it Suzy. Looking on the Suse mailing lists confirms this. An American varation seems to be with more "s" than "z". Sue see. However, most discussions I could find on the manner seem to support the pronouncation with an "eee" sound at the end rather than "ous" rhyming with Zues.
If anything it will be one more anti trust case out of the way. They'll pay their fine and be on their way. "We paid our fine, what else do you want from us". Don't think they will take this sitting down either... they will screw the EU somehow. Raise prices in Europe, buy the continent and turn them into slaves to build a giant monument to Bender, you know the drill. The ONLY thing they could do to really affect Microsoft is a) break them up like ma bell was and b) rip out parts of the OS and make it so a default windows install has almost nothing. Neither of these will happen of course. There are no talks of the EU splitting them up and the most gutting of windows they are talking about is media player. They could take away media player completely and it's doubtful it would have even a minimal of impact upon them.
Modded insightful? Office doesn't even support right to left languages. Microsoft has fought localization kicking and screaming and it wasn't until competing products were stealing this market that they have decided to respond. Consider also the fact that some governments are localizing distro's themselves and have helped the OSS community greatly. If MS had it their way the entire planet would be speaking American English.
None, but... You live in the dorms and you pay for your internet access. It's not a military camp, students would like to have fun every once in awhile. Espically since they pay for their access.
If you block it all that happens is the p2p client finds another way to connect. There are some that transfer over http now. Can't exactly block http! The best way to go about the problem is to allow a very small portion of traffic for p2p. Maybe 5mbps. Otherwise you are just in an arms race. Students will just find another way if you completely block it. It doesn't solve the problem of lawsuits, but you do also lesson the chance because students are tansfering a lot less data.
These days, your lucky if your college internet access doesn't have you running through an http proxy. It's really that bad. Most of the Universities I know of (in the dorms at least) block all incoming tcp/ip ports, and do not let UDP nor icmp traffic at all. Basically, all you can do is browse the web. At one College when students called to complain they couldn't play certain multiplayer games anymore they were basically told UDP and ICMP are depreceated protocols and they should call the game developers to have them change to tcp.