Now you're changing the playing field. You specifically said that the application could crash and leave the database in an inconsistent state. That problem is clearly resolved.
As for rolling back changes, that is fundamentally the same issue and is solved in the same manner. Points for style are awarded for designs which are expedient, but that's an exercise for the reader.
If anyone does not understand transactional systems, it's clearly you. Transactional systems are what I get paid to build. When people tell me that what I do daily is impossible, it is clear that either I'm super-human, or they are completely out of their depth.
There's nothing magic about this -- you have checkpointed states and a journal. If the state is unknown and the journal exists, you recover. Want to rollback an incomplete transaction? Truncate the journal to the beginning of the transaction and recover from the last checkpoint. Not surprisingly, that's how most transactional systems with forward delta journals do it.
Transactions can be implemented above the database layer -- or at any layer for that matter. After all, transactions are implemented above the OS layer and that's not considered reliable. The cost of recovering the store from the journal is merely an element of the design. If the journal is comprehensive, you can nuke the store and rebuild it from scratch, if necessary.
The "non-coronagraphic photograph showing Saturn through a vortex phase mask" (http://www.u.arizona.edu/~grovers/ovc/004.jpg) about 4/5ths the way down the page has no aliasing at all between the masked portion and the captured light. Why not? If this is a CCD image, I would expect the edge of the mask to cover fractions of pixels and consequently, some light. The image appears to have been masked directly in software, and thus, data was discarded. Scientifically, that concerns me, and there does not seem to be a good reason for the image to have been modified in this way. Can someone clarify?
Quakers tend to be more egalitarian, but they are no less Christian.
Early Friends believed that Christ, not the Bible, was the Word of God; for example, according to Robert Barclay the scriptures "are only a declaration of the fountain, and not the fountain itself, therefore they are not to be esteemed the principal ground of all Truth and knowledge, nor yet the adequate primary rule of faith and manners" (Apology prop. 3).
By comparison, Calvinists insisted on the role of Christ. Without him, your soul was doomed.
But there is a simple central issue in Calvinism that often serves to represent the whole, and that is a particular soteriology (doctrine of salvation), which emphasizes that man is incapable of adding anything from himself to obtain salvation, and that God alone is the initiator, at every stage of salvation, including the formation of faith and every decision to follow Christ. This doctrine was definitively formulated and codified during the Synod of Dort (1618-1619), which rejected the alternate system known as Arminianism.
The idea that each state had its own established church sounds very unlikely to me. A citation from one of these state's laws would be more helpful than idle speculation though.
To be certain, various religious groups had strong bases of political power in different colonies, but the likelihood that they ratified those religions in their respective governments strikes me as impossible.
Prior to independence, they were subjects of the British monarchy. After independence they were a nation of states. At what point, and in what time frame, and by what law-making body would they have had the opportunity to draft the establishment of a state religion?
3) the system administrators need reasonable deniability from user's claims of password theft.
If the user's password is stored in plain text, they can claim that you, the system administrator, have access to it. This increases your liability as the user can now disclaim responsibility for actions taken with that password, on any other system where it is used -- after all, they could have been impersonated, and they can accuse you of being the culprit.
You have incorrectly interpreted the constitution as an enumeration of rights. It is not. It is an enumeration of what the government is allowed and not allowed to do. This document speaks nothing of natural rights.
This may sound like a lot of money to you. It is a lot of money to me. But one should never presume to understand another man's cash flow. I know of people who owe more than this man makes in a year. It's a complicated world.
ISS and Cisco were co-presenters for the talk up until a week before the conference. The conference organizer, Jeff Moss, is quoted as saying that Cisco, not ISS, pulled out. Moreover, Cisco provided the people who removed the 15 pages of text from the conference proceedings.
I can see no viable solution that includes Cisco paying ISS to locate and publicly disclose flaws in their software. When companies like Cisco hire third-party firms to audit their code for security flaws, the result of that work is universally subject to NDA.
Second, Lynn is reported to have reverse-engingeered the code in order to discover the flaw. Why would Lynn need to do that if Cisco contracted the work to ISS? Would he not have access to the source code under NDA?
Finally, Cisco stated that Lynn obtained the information "illegally." They did not claim that he disclosed the information in violation of an NDA. Had Cisco contracted this work to ISS, they would instead be suing ISS for breach of contract, and Lynn for breach of NDA.
It would be very interesting to see the text for the temporary restraining order. What exactly did Cisco claim? At any rate, a TRO is trivially easy to get; in fact, it's nearly automatic. As for a permenant restraining order, that will be something to watch.
Well, I'm not posting AC, and you are still incorrect. IIS is an independent research firm. They only "work with Cisco" in the sense that Cisco's product was the subject of their research, and Cisco was notified of a flaw in that product. This researcher has no obligation to Cisco. Rather, he apparently feels an obligation to the public interest and has expressed that by leaving IIS and presenting his knowledge directly to the security community.
The conference was news to me. I would have attended if I had known about it sooner. The cost seems perfectly reasonable to cover food and incidentals for the day. I guess I just don't understand what issue you are trying to raise.
That would be a nice theory, but it does not hold up to reason; the same software runs on unix just as poorly, and yet only windows suffers these problems. In the real world, software quality varies; serious server operating systems handle this fact of life with both gusto and style. Windows, simply put, does not, or more to the point, cannot.
The other flaw in that line of argument is that it fails to address the actual problem, the need to reboot at all. Running flaky software should never destablize the operating system, and yet in this case it impedes the OS from rebooting. That's definitively bad when rebooting is so common place.
I'm not a developer so I'm not in a position to argue the specifics, however, Windows is hardly "crippled" in the server market. Indeed, it's probably one of the most popular platforms out there.
By crippled, I do not mean market share; Microsoft in the server room exists primarily due to network effects. Crippled means incapable of performing its primary function at the same level as its competitors. This is why racks of Windows boxes can generally be replaced by a single installation of Linux. It's also why that single installation can run multiple classes of services while it is considered unwise to run more than one class of service on a Windows box.
No, I haven't. If scheduled downtime for a server reboot is a major issue - in money, time, frustration or anything - your architecture is flawed. Added to that, if your machines or software are that unreliable that this happens regularly, you've got much bigger issues to worry about.
It's not my or my company's architecture to which you are referring. You are talking about the status quo of most, if not all, major commodities exchanges, clearing firms, and portions of banking industries dealing with trading. This is because the data services are provide by the exchanges themselves and that software is very poorly written. As a simple example, stopping and restarting the Eurex feeds (major European exchange) can take 15 minutes on average, and sometimes they fail to stop altogether. What to do? You cannot kill the process; task manager won't let you. The machine is dead to the world until it's brought back online. That's a pretty normal day in the real world for a lot of people.
You shouldn't need someone on-site to reset machines if they don't reboot - lights-out management tools that can do this are commonplace.
Certainly, but if you think that the largest financial firms in the world are going to give lights-out control to a third-party service provider in a foreign country, you're being overly naive. Nobody makes any changes to these machines unless there is a warm, authorized, administrative body within 30 seconds of physical access. That rule, like many similar ones before it, is written in blood, since those kinds of mistakes make the world news. Electronic trading on LIFFE opened late this morning due to technical difficulties... for instance.
There is no reason you can't do this with your Windows machine as well, that Windows is to blame for.
Actually, we do. It goes 1) shell in, 2) update software, 3) reboot, 4) wait, 5) shell in again, 6) run diagnostic. The trouble comes from steps 3-5 which on any modern server operating system, should be completely unnecessary. It also forces this machine to be single-use which is a constraint that competing operating systems do not have. Service outage is one thing. Hardware outage is something altogether different. With Windows, you get the cost of both for the use of one.
Windows was designed for desktop computing. It barely made it to a multi-user environment this decade with terminal services. But, even today, for data intensive server tasks, for efficient distribution of services across hardware, and for many multi-user tasks as simple as having dozens of concurrent sessions, Windows is still no match for commodity unixes on the same hardware.
And bear in mind, I've been writing code for nearly 30 years. I started in assembly, worked my way through Apple II's, jumped to PC, up through all of Microsoft's API's, and did not get into serious server work until the late 90's. My professional experience has always been to apply the best tools to the job. Microsoft does not provide those tools for server tasks, and the tools that they do provide are not sufficient. This opinion comes from working with all the major players on a daily basis. I respected Microsoft fine until they started calling dogs "horses," loading them up with kids, running 'em around the room, and calling it the Kentucky Derby.
Microsoft has a perfectly fine desktop operating system, but it's not a server, and can't be until they fix the design flaws.
With regard to your Windows is not Unix comment, I develop for all major platforms, and I have no particular love for any of them. The Windows API is sub-standard not because it is not Unix, but because it fails to provide the standard, necessary, and correct programming paradigms to get the job done with the minimum amount of work. This deficiency is not due to insufficient design, it's due to fundamentally flawed design which cripples Windows in the server market.
With respect to downtime, all our clients have scheduled maintenance. As it is, many of these Windows boxes must be rebooted every evening for various reasons anyway. What you have neglected to account for however is the cost of rebooting those machines, specifically in money, time, and frustration.
In our specific case, every time we want to update our London clients, it costs between 4 and 12 man hours, most of that for an IT guy working overtime to stand around in case he needs to manually reset a server. If we're updating Tokyo, I'm the guy who gets to stay late, and my wife has to bring dinner to the office. Add to that, the IT guy needs to speak English, or I need to speak Japanese.
Compare this to our Linux procedure: 1) shell in, 2) update software, 3) run diagnostic. No one has to stay late, no one has to learn a foreign language, and I get to eat dinner at home with my wife.
I write software for all varieties of professional Windows, several distributions of Linux, and Mac OSX. These applications are normally data-intensive and run exclusively on servers. The core Windows subsystems have a number of misfeatures which make the entire platform substandard for server use. Here are just a few.
1) File Locking: It is virtually impossible to overwrite an executable file while it is open on Windows. This is why it is often necessary to reboot the computer when upgrading even minor packages. For home use, this may not be a big deal, but in a production server environment it's a grevious flaw.
2) File Range Locking: Advisory range locks makes it possible for two processes to work in the same file without stomping on each other, even if those processes run on separate machines. Unixes allow a process to block while waiting for file range locks. The Windows API will only tell you if you successfully acquired the lock. The distinction is this: if process A is agressively acquiring and releasing the lock, process B can enter a state where it never gets the lock. This makes Windows file range locking useless as a resource contention mechanism. The correct but missing implementation is that process B should request lock, fail to acquire it, and be stopped. The operating system will queue it for the next release of the lock. When the lock becomes available, B will acquire it immediately and be woken up. A timeout is also considered reasonable. The penalty for this misfeature is a considerable increase in complexity (shared mutexes) and a decrease is capability (does not work across servers).
3) Memory-Mapped Files: Normally, memory-mapped IO is as fast as it comes, but on Windows, it's actually slower than opening a file for overlapped write access. This means that data-intensive cross-platform applications that are based on memory-mapped IO perform at substandard rates on windows or must be completely redesigned with an increase in complexity to account for the fact that writing to memory no longer automatically writes to disk. Database applications suffer for this.
4) On Windows, sockets are not files. But named-pipes are. This means that you can simultaneously block on a file and a named-pipe, but not a file and a socket. That horrendous error increases program complexity by requiring multiple threads to do something that would otherwise have been trivial in a posix environment.
There's more, but it's time for lunch. Best of luck!
What are you referring to here? The domain of the email MAIL-FROM sender is verified against the ip address of the connection. This even happens before the mail is accepted for delivery. This means that if you try to send someone email and identify yourself using my email address, it will fail the spf check. It doesn't make any difference who the sender is. It only matters that it's not me.
Now, if you are saying that someone on my domain can spoof me, then you'd be wrong because my mail server does not allow non-authenticated email either.
I don't care about spam anymore, having all but stopped using email for serious communication. I do care that people are spamming using my email addresses. And if the servers receiving those emails would bounce them per my SPF records, that would be less spam for everyone and no bounces back to me.
As for spammers registering new domains, I would be happy if that was their best option. It is trivial to blacklist entire known spammer domains. Currently, we can only blacklist based on fuzzy matching, entire mailservers and sometimes whole countries.
SPF at least puts a spammer's $8/yr domain in danger. If they can only spam for a couple hours before it's blacklisted, I'd consider that a huge improvement. Presently, they're spamming using my domain, and that's gotta stop.
My OSX-based Mac at home does not allow Windows SMB messages through its firewall either. Does that mean that all OSX installations are "broken right out of the box," too? Blocking SMB by default sounds perfectly reasonable to me; there are no Windows computers on that network anyway.
SMB is a non-essential port. If you want that protocol, open the firewall. Welcome to modern secure computing.
I've been using version 2.36 under OSX 10.3 for some time now. Not sure about my video card as I'm not sitting in front of it, but it's a dual G5. Clearly, there is something amiss though.
If you're still experiencing the same problem after the update, please consider posting your experience to the appropriate mailing list. Even if they can't address it right away, they should at least be made aware of it, and if there is an error, a message to that effect is certainly warranted.
The Wright brothers probably did not have to file environmental impact statements or calculate mean casuality per launch or estimate the damage of an explosion for insurance purposes or...
Jeff Bezos brought his evironmental impact statement to a conference once; it's about the size of a metropolitan phone book. It has sections that state that their rocket will not cause floods or hurricanes, will not change the flow of any rivers, will not interfere with the mating habits of local desert lizards, and on and on.
Present day aerospace development is regulated to the point of near inactivity. At least, the developers are still allowed to kill themselves in the process or nothing would get done.
On the upside, recent legislation has made launching easier. Finding a launch site with an appropriate window and a minimum of EPA hassles is still tricky.
This guy says that over 50% of all the addresses are allocated out, and despite the absolute explosion of network connectivity, he can continue to hand out/8's for the next twenty years? Not even maybe.
If IANA started actually allocating blocks at the rate they are being requested, they would run out tomorrow. Dynamic IP and NAT is a direct result of allocation requests being denied.
Slashdot Mirror
Now you're changing the playing field. You specifically said that the application could crash and leave the database in an inconsistent state. That problem is clearly resolved.
As for rolling back changes, that is fundamentally the same issue and is solved in the same manner. Points for style are awarded for designs which are expedient, but that's an exercise for the reader.
If anyone does not understand transactional systems, it's clearly you. Transactional systems are what I get paid to build. When people tell me that what I do daily is impossible, it is clear that either I'm super-human, or they are completely out of their depth.
There's nothing magic about this -- you have checkpointed states and a journal. If the state is unknown and the journal exists, you recover. Want to rollback an incomplete transaction? Truncate the journal to the beginning of the transaction and recover from the last checkpoint. Not surprisingly, that's how most transactional systems with forward delta journals do it.
-Hope
You missed the point entirely. MySQL does not need a journal to operate in the mode described.
Prior to making any calls to the database, one simply needs to append the sql statements to a file and flush.
Recovery is a simple matter of restoring the database from last known good and applying all the sql statements in the file.
Was that really that difficult to understand?
-Hope
Transactions can be implemented above the database layer -- or at any layer for that matter. After all, transactions are implemented above the OS layer and that's not considered reliable. The cost of recovering the store from the journal is merely an element of the design. If the journal is comprehensive, you can nuke the store and rebuild it from scratch, if necessary.
-Hope
The "non-coronagraphic photograph showing Saturn through a vortex phase mask" (http://www.u.arizona.edu/~grovers/ovc/004.jpg) about 4/5ths the way down the page has no aliasing at all between the masked portion and the captured light. Why not? If this is a CCD image, I would expect the edge of the mask to cover fractions of pixels and consequently, some light. The image appears to have been masked directly in software, and thus, data was discarded. Scientifically, that concerns me, and there does not seem to be a good reason for the image to have been modified in this way. Can someone clarify?
-Hope
But do not forget that the creditors HOLDS THE TITLE to that object you are paying for, which means THEY OWN IT.
Actually, that's incorrect. The creditors place a lien on the title. You hold the title and therefore the vehicle outright.
-Hope
Quakers tend to be more egalitarian, but they are no less Christian. By comparison, Calvinists insisted on the role of Christ. Without him, your soul was doomed.
-Hope
The idea that each state had its own established church sounds very unlikely to me. A citation from one of these state's laws would be more helpful than idle speculation though.
To be certain, various religious groups had strong bases of political power in different colonies, but the likelihood that they ratified those religions in their respective governments strikes me as impossible.
Prior to independence, they were subjects of the British monarchy. After independence they were a nation of states. At what point, and in what time frame, and by what law-making body would they have had the opportunity to draft the establishment of a state religion?
-Hope
3) the system administrators need reasonable deniability from user's claims of password theft.
If the user's password is stored in plain text, they can claim that you, the system administrator, have access to it. This increases your liability as the user can now disclaim responsibility for actions taken with that password, on any other system where it is used -- after all, they could have been impersonated, and they can accuse you of being the culprit.
-Hope
You have incorrectly interpreted the constitution as an enumeration of rights. It is not. It is an enumeration of what the government is allowed and not allowed to do. This document speaks nothing of natural rights.
-Hope
This may sound like a lot of money to you. It is a lot of money to me. But one should never presume to understand another man's cash flow. I know of people who owe more than this man makes in a year. It's a complicated world.
-Hope
ISS and Cisco were co-presenters for the talk up until a week before the conference. The conference organizer, Jeff Moss, is quoted as saying that Cisco, not ISS, pulled out. Moreover, Cisco provided the people who removed the 15 pages of text from the conference proceedings.
I can see no viable solution that includes Cisco paying ISS to locate and publicly disclose flaws in their software. When companies like Cisco hire third-party firms to audit their code for security flaws, the result of that work is universally subject to NDA.
Second, Lynn is reported to have reverse-engingeered the code in order to discover the flaw. Why would Lynn need to do that if Cisco contracted the work to ISS? Would he not have access to the source code under NDA?
Finally, Cisco stated that Lynn obtained the information "illegally." They did not claim that he disclosed the information in violation of an NDA. Had Cisco contracted this work to ISS, they would instead be suing ISS for breach of contract, and Lynn for breach of NDA.
It would be very interesting to see the text for the temporary restraining order. What exactly did Cisco claim? At any rate, a TRO is trivially easy to get; in fact, it's nearly automatic. As for a permenant restraining order, that will be something to watch.
-Hope
Well, I'm not posting AC, and you are still incorrect. IIS is an independent research firm. They only "work with Cisco" in the sense that Cisco's product was the subject of their research, and Cisco was notified of a flaw in that product. This researcher has no obligation to Cisco. Rather, he apparently feels an obligation to the public interest and has expressed that by leaving IIS and presenting his knowledge directly to the security community.
-Hope
The conference was news to me. I would have attended if I had known about it sooner. The cost seems perfectly reasonable to cover food and incidentals for the day. I guess I just don't understand what issue you are trying to raise.
-Hope
That would be a nice theory, but it does not hold up to reason; the same software runs on unix just as poorly, and yet only windows suffers these problems. In the real world, software quality varies; serious server operating systems handle this fact of life with both gusto and style. Windows, simply put, does not, or more to the point, cannot.
The other flaw in that line of argument is that it fails to address the actual problem, the need to reboot at all. Running flaky software should never destablize the operating system, and yet in this case it impedes the OS from rebooting. That's definitively bad when rebooting is so common place.
-Hope
I'm not a developer so I'm not in a position to argue the specifics, however, Windows is hardly "crippled" in the server market. Indeed, it's probably one of the most popular platforms out there.
By crippled, I do not mean market share; Microsoft in the server room exists primarily due to network effects. Crippled means incapable of performing its primary function at the same level as its competitors. This is why racks of Windows boxes can generally be replaced by a single installation of Linux. It's also why that single installation can run multiple classes of services while it is considered unwise to run more than one class of service on a Windows box.
No, I haven't. If scheduled downtime for a server reboot is a major issue - in money, time, frustration or anything - your architecture is flawed. Added to that, if your machines or software are that unreliable that this happens regularly, you've got much bigger issues to worry about.
It's not my or my company's architecture to which you are referring. You are talking about the status quo of most, if not all, major commodities exchanges, clearing firms, and portions of banking industries dealing with trading. This is because the data services are provide by the exchanges themselves and that software is very poorly written. As a simple example, stopping and restarting the Eurex feeds (major European exchange) can take 15 minutes on average, and sometimes they fail to stop altogether. What to do? You cannot kill the process; task manager won't let you. The machine is dead to the world until it's brought back online. That's a pretty normal day in the real world for a lot of people.
You shouldn't need someone on-site to reset machines if they don't reboot - lights-out management tools that can do this are commonplace.
Certainly, but if you think that the largest financial firms in the world are going to give lights-out control to a third-party service provider in a foreign country, you're being overly naive. Nobody makes any changes to these machines unless there is a warm, authorized, administrative body within 30 seconds of physical access. That rule, like many similar ones before it, is written in blood, since those kinds of mistakes make the world news. Electronic trading on LIFFE opened late this morning due to technical difficulties... for instance.
There is no reason you can't do this with your Windows machine as well, that Windows is to blame for.
Actually, we do. It goes 1) shell in, 2) update software, 3) reboot, 4) wait, 5) shell in again, 6) run diagnostic. The trouble comes from steps 3-5 which on any modern server operating system, should be completely unnecessary. It also forces this machine to be single-use which is a constraint that competing operating systems do not have. Service outage is one thing. Hardware outage is something altogether different. With Windows, you get the cost of both for the use of one.
Windows was designed for desktop computing. It barely made it to a multi-user environment this decade with terminal services. But, even today, for data intensive server tasks, for efficient distribution of services across hardware, and for many multi-user tasks as simple as having dozens of concurrent sessions, Windows is still no match for commodity unixes on the same hardware.
And bear in mind, I've been writing code for nearly 30 years. I started in assembly, worked my way through Apple II's, jumped to PC, up through all of Microsoft's API's, and did not get into serious server work until the late 90's. My professional experience has always been to apply the best tools to the job. Microsoft does not provide those tools for server tasks, and the tools that they do provide are not sufficient. This opinion comes from working with all the major players on a daily basis. I respected Microsoft fine until they started calling dogs "horses," loading them up with kids, running 'em around the room, and calling it the Kentucky Derby.
Microsoft has a perfectly fine desktop operating system, but it's not a server, and can't be until they fix the design flaws.
-Hope
With regard to your Windows is not Unix comment, I develop for all major platforms, and I have no particular love for any of them. The Windows API is sub-standard not because it is not Unix, but because it fails to provide the standard, necessary, and correct programming paradigms to get the job done with the minimum amount of work. This deficiency is not due to insufficient design, it's due to fundamentally flawed design which cripples Windows in the server market.
With respect to downtime, all our clients have scheduled maintenance. As it is, many of these Windows boxes must be rebooted every evening for various reasons anyway. What you have neglected to account for however is the cost of rebooting those machines, specifically in money, time, and frustration.
In our specific case, every time we want to update our London clients, it costs between 4 and 12 man hours, most of that for an IT guy working overtime to stand around in case he needs to manually reset a server. If we're updating Tokyo, I'm the guy who gets to stay late, and my wife has to bring dinner to the office. Add to that, the IT guy needs to speak English, or I need to speak Japanese.
Compare this to our Linux procedure: 1) shell in, 2) update software, 3) run diagnostic. No one has to stay late, no one has to learn a foreign language, and I get to eat dinner at home with my wife.
-Hope
I write software for all varieties of professional Windows, several distributions of Linux, and Mac OSX. These applications are normally data-intensive and run exclusively on servers. The core Windows subsystems have a number of misfeatures which make the entire platform substandard for server use. Here are just a few.
1) File Locking: It is virtually impossible to overwrite an executable file while it is open on Windows. This is why it is often necessary to reboot the computer when upgrading even minor packages. For home use, this may not be a big deal, but in a production server environment it's a grevious flaw.
2) File Range Locking: Advisory range locks makes it possible for two processes to work in the same file without stomping on each other, even if those processes run on separate machines. Unixes allow a process to block while waiting for file range locks. The Windows API will only tell you if you successfully acquired the lock. The distinction is this: if process A is agressively acquiring and releasing the lock, process B can enter a state where it never gets the lock. This makes Windows file range locking useless as a resource contention mechanism. The correct but missing implementation is that process B should request lock, fail to acquire it, and be stopped. The operating system will queue it for the next release of the lock. When the lock becomes available, B will acquire it immediately and be woken up. A timeout is also considered reasonable. The penalty for this misfeature is a considerable increase in complexity (shared mutexes) and a decrease is capability (does not work across servers).
3) Memory-Mapped Files: Normally, memory-mapped IO is as fast as it comes, but on Windows, it's actually slower than opening a file for overlapped write access. This means that data-intensive cross-platform applications that are based on memory-mapped IO perform at substandard rates on windows or must be completely redesigned with an increase in complexity to account for the fact that writing to memory no longer automatically writes to disk. Database applications suffer for this.
4) On Windows, sockets are not files. But named-pipes are. This means that you can simultaneously block on a file and a named-pipe, but not a file and a socket. That horrendous error increases program complexity by requiring multiple threads to do something that would otherwise have been trivial in a posix environment.
There's more, but it's time for lunch. Best of luck!
-Hope
What are you referring to here? The domain of the email MAIL-FROM sender is verified against the ip address of the connection. This even happens before the mail is accepted for delivery. This means that if you try to send someone email and identify yourself using my email address, it will fail the spf check. It doesn't make any difference who the sender is. It only matters that it's not me.
Now, if you are saying that someone on my domain can spoof me, then you'd be wrong because my mail server does not allow non-authenticated email either.
I don't care about spam anymore, having all but stopped using email for serious communication. I do care that people are spamming using my email addresses. And if the servers receiving those emails would bounce them per my SPF records, that would be less spam for everyone and no bounces back to me.
As for spammers registering new domains, I would be happy if that was their best option. It is trivial to blacklist entire known spammer domains. Currently, we can only blacklist based on fuzzy matching, entire mailservers and sometimes whole countries.
SPF at least puts a spammer's $8/yr domain in danger. If they can only spam for a couple hours before it's blacklisted, I'd consider that a huge improvement. Presently, they're spamming using my domain, and that's gotta stop.
-Hope
My OSX-based Mac at home does not allow Windows SMB messages through its firewall either. Does that mean that all OSX installations are "broken right out of the box," too? Blocking SMB by default sounds perfectly reasonable to me; there are no Windows computers on that network anyway.
SMB is a non-essential port. If you want that protocol, open the firewall. Welcome to modern secure computing.
-Hope
I've been using version 2.36 under OSX 10.3 for some time now. Not sure about my video card as I'm not sitting in front of it, but it's a dual G5. Clearly, there is something amiss though.
If you're still experiencing the same problem after the update, please consider posting your experience to the appropriate mailing list. Even if they can't address it right away, they should at least be made aware of it, and if there is an error, a message to that effect is certainly warranted.
-Hope
It was Jeff Greason of XCOR not Jeff Bezos, but the comment stands. Where is my coffee...
-Hope
The Wright brothers probably did not have to file environmental impact statements or calculate mean casuality per launch or estimate the damage of an explosion for insurance purposes or...
Jeff Bezos brought his evironmental impact statement to a conference once; it's about the size of a metropolitan phone book. It has sections that state that their rocket will not cause floods or hurricanes, will not change the flow of any rivers, will not interfere with the mating habits of local desert lizards, and on and on.
Present day aerospace development is regulated to the point of near inactivity. At least, the developers are still allowed to kill themselves in the process or nothing would get done.
On the upside, recent legislation has made launching easier. Finding a launch site with an appropriate window and a minimum of EPA hassles is still tricky.
-Hope
For these guys, I think we need...
Q. How many lawyers does it take to shingle a roof?
A. Depends on how thinly you slice them...
This guy says that over 50% of all the addresses are allocated out, and despite the absolute explosion of network connectivity, he can continue to hand out /8's for the next twenty years? Not even maybe.
If IANA started actually allocating blocks at the rate they are being requested, they would run out tomorrow. Dynamic IP and NAT is a direct result of allocation requests being denied.
-Hope
Then we're screwed, democracy is lost and we should all just give up and go home.
1. The situation has been screwed for some time.
2. This is not a democracy.
3. Giving up is not an option.
The options in order of escalation are:
1. quiet civil disobedience
2. public civil disobedience
3. blatant civil disobedience
4. violent civil revolt, ie. civil war
We are currently between 1 and 2. And no, we're not just talking about music here.
-Hope