If you don't want to be tracked on the Internet, there's a simple solution: don't have a static IP address and turn off cookies.
On some cable providers, changing one's IP address is a pain in the ass since it requires changing your NIC's MAC address and rebooting the cable modem each time.
I too have been looking for a decent GUI-based fax program in Linux. Most of the ones I see are pretty good for usage on the command line, but people who aren't experts at computers would have major problems using or initially configuring them. It would be great if someone made a Norton Winfax-like GUI to hylafax or efax or something for Linux.
Some printers have a separate driver download for their "network" printing driver that allow sharing of that printer on the network in Windows or allow accessing a shared printer on another machine in Windows. I found this out a little while ago when I too could not get a shared Brother printer to work over a network even when printing locally works fine and sharing another brand of printer (Epson) worked fine.
It already was removed in the default install of Ubuntu Linux. They recommend using "sudo" for root tasks and don't allow direct "root" logins, by default, without it.
What we lack is that fine tuning - I should be able to specify that a particular UID can listen on ifname:80, not kick off a process as root, then setuid it...
Or you could run the process non-root and setup iptables rules to redirect port 80 requests to a port a non-root user can open. I think one can also set rules so that iptables only allows certain incoming ports to certain user accounts, so that no one else can run their own apache and take over the port, although I am not 100% sure on this.
All that would do is encourage people to DDoS innocent others when a spammer places an innocent person's email address in the from address of emails they spam out to people.
But doesn't getting access to one's unix password require root or physical access on most modern linux distributions? I don't remember ever seeing any recent distribution that has a world-readable/etc/shadow file.
If it's like the last Acrobat, it's staticly linked
It is? Run "ldd" on "acroread" (in its Reader/intellinux/bin folder) when you install Adobe Acrobat 7 for Linux and you'll see about 20 or so different libraries it is dynamically linked to. I also ran "ldd" on a few other files in its "Reader/intellinux/lib" and "Reader/intellinux/plug_ins" folders and nothing seems to be statically linked at all. Which means, if Adobe Acrobat Reader 7 for Linux were really statically linked, it would have been MUCH larger than it is now.
Well, you make it seem like malware can't run in a user account, which is completely inaccurate. Can you, as a user, open listening ports? If so, malware can. Can you, as a user, connect out on any port? If so, malware can. Users have a hard enough time determining WHAT is spyware in Windows in their process list with a few programs. Imagine how much harder it would be for them when they've got over 100 loaded in Linux (on a fresh boot with no server daemons running!) with process names that are just as cryptic. Also, some linux distributions ship with open ports by default, so if you get the "oow! I am secure and can't be hacked" message going and they pick the wrong distribution and take zero proactive measures to protect themself, they could end up being rooted in the very O/S people call "secure" by a simple buffer overflow in the daemons that are run by default in some distros (such as ssh).
Except on most Linux dists:
1). the default user is not an administrator
2). 99.9% of malware cannot run. If it did, then it'd cause minimal damage (see 1.)
If malware runs in the same user account that has access to a user's documents, that malware can wipe those documents quite easily. Since some users don't backup regularly or at all, loss of their documents can be devastating. User accounts probably work best if different programs are run in different user accounts. That way if some malware gets in through one program running in a separate account, it won't be able to touch your documents that are only accessible in a different account.
When I did "man mount" it shows reiserfs has a "nolog" option but it is "a work in progress." So, I guess it can't totally be relied on to actually work and I bet there is probably no hurry to get reiserfs to work without a journal anyways, since filesystem recovery of reiserfs without it takes MUCH longer than ext2 does (at least when I had to run fsck manually one time on reiserfs).
You could, obviously do other things if you want to toast the entire file system like using the hard drive manufacturers low level formatter 3 or 4 times
Hard drive companies actually have low level formatters today and don't just call "writing 0's over the entire drive" low level formatting, when that is not what low level formatting is?
You are forgetting about the drive's own defect management. Most, if not all, hard drives today implement defect management techniques and automatically move a failing area's data into various spare areas on the drive. Even if you "write 0's to the drive three times over" via software, the drive will write 0's only to the the places that are considered "good" and whereever it thought was bad would still be almost completely intact to anyone who can get the drive to read one of those areas on disk marked bad. Which means, if you had any sensitive info on disk, unencrypted, at any point of time that just so happened to have been written in a spot that just got marked bad by the drive and was moved to a spare area, it would be on the drive permanently unless you can get the drive to wipe the bad area also.
I swear to god, if all this no-ff-through-commercials and advertising bullshit keeps growing, I'm gonna buy me a VHS and learn how to program the recording timers.
Well, if you go back to VCR's, be sure to grab a VCR like the Panasonic PV-V4623's that have "Commercial Advance," which marks commercials on the tape and auto-fast-forwards through them on later playback, and "Movie Advance," which allows you to quickly and easily skip to the beginning of a movie on a tape (skipping all the previews before it) and when it gets to the beginning of the movie it then says something along the lines of "Your movie is ready" and to hit play to start it. The commercial advance on it isn't 100% accurate, but it is pretty good.
LOL! Somehow I completely missed the entire bottom half of your comment when initially reading it. I must have been half asleep when reading and replying.
That would work great...if all windows software could run in a limited account in Windows. Some programs you wouldn't think of like old versions of Quickbooks (2002 I think) require admin privileges in Windows XP to run and without admin privileges they might crash or pop up a cryptic error message when loaded.
What if, when you have the password safe program open, your O/S feels the need to swap its memory to disk for whatever reason? Wouldn't the decrypted passwords now be on your hard drive in clear text?
Slashdot Mirror
Well, you can't "su" to root in Ubuntu if root doesn't have a password set, by default. You'll have to set a password for root first.
On some cable providers, changing one's IP address is a pain in the ass since it requires changing your NIC's MAC address and rebooting the cable modem each time.
I too have been looking for a decent GUI-based fax program in Linux. Most of the ones I see are pretty good for usage on the command line, but people who aren't experts at computers would have major problems using or initially configuring them. It would be great if someone made a Norton Winfax-like GUI to hylafax or efax or something for Linux.
Some printers have a separate driver download for their "network" printing driver that allow sharing of that printer on the network in Windows or allow accessing a shared printer on another machine in Windows. I found this out a little while ago when I too could not get a shared Brother printer to work over a network even when printing locally works fine and sharing another brand of printer (Epson) worked fine.
It already was removed in the default install of Ubuntu Linux. They recommend using "sudo" for root tasks and don't allow direct "root" logins, by default, without it.
Or you could run the process non-root and setup iptables rules to redirect port 80 requests to a port a non-root user can open. I think one can also set rules so that iptables only allows certain incoming ports to certain user accounts, so that no one else can run their own apache and take over the port, although I am not 100% sure on this.
No.
Ah. Thanks for pointing that out. Somehow my eyes missed that you mentioned that in your post.
All that would do is encourage people to DDoS innocent others when a spammer places an innocent person's email address in the from address of emails they spam out to people.
But doesn't getting access to one's unix password require root or physical access on most modern linux distributions? I don't remember ever seeing any recent distribution that has a world-readable /etc/shadow file.
The older gnutella ("gnutella 0.6" as far as I know) also uses SHA-1 and Tiger Tree hashing in modern gnutella clients such as LimeWire.
Know of any good public DNS servers?
It is? Run "ldd" on "acroread" (in its Reader/intellinux/bin folder) when you install Adobe Acrobat 7 for Linux and you'll see about 20 or so different libraries it is dynamically linked to. I also ran "ldd" on a few other files in its "Reader/intellinux/lib" and "Reader/intellinux/plug_ins" folders and nothing seems to be statically linked at all. Which means, if Adobe Acrobat Reader 7 for Linux were really statically linked, it would have been MUCH larger than it is now.
Well, you make it seem like malware can't run in a user account, which is completely inaccurate. Can you, as a user, open listening ports? If so, malware can. Can you, as a user, connect out on any port? If so, malware can. Users have a hard enough time determining WHAT is spyware in Windows in their process list with a few programs. Imagine how much harder it would be for them when they've got over 100 loaded in Linux (on a fresh boot with no server daemons running!) with process names that are just as cryptic. Also, some linux distributions ship with open ports by default, so if you get the "oow! I am secure and can't be hacked" message going and they pick the wrong distribution and take zero proactive measures to protect themself, they could end up being rooted in the very O/S people call "secure" by a simple buffer overflow in the daemons that are run by default in some distros (such as ssh).
If malware runs in the same user account that has access to a user's documents, that malware can wipe those documents quite easily. Since some users don't backup regularly or at all, loss of their documents can be devastating. User accounts probably work best if different programs are run in different user accounts. That way if some malware gets in through one program running in a separate account, it won't be able to touch your documents that are only accessible in a different account.
That isn't necessarily true. Some people get financial aid or various grants/scholarships to help them through college.
When I did "man mount" it shows reiserfs has a "nolog" option but it is "a work in progress." So, I guess it can't totally be relied on to actually work and I bet there is probably no hurry to get reiserfs to work without a journal anyways, since filesystem recovery of reiserfs without it takes MUCH longer than ext2 does (at least when I had to run fsck manually one time on reiserfs).
You are forgetting about the drive's own defect management. Most, if not all, hard drives today implement defect management techniques and automatically move a failing area's data into various spare areas on the drive. Even if you "write 0's to the drive three times over" via software, the drive will write 0's only to the the places that are considered "good" and whereever it thought was bad would still be almost completely intact to anyone who can get the drive to read one of those areas on disk marked bad. Which means, if you had any sensitive info on disk, unencrypted, at any point of time that just so happened to have been written in a spot that just got marked bad by the drive and was moved to a spare area, it would be on the drive permanently unless you can get the drive to wipe the bad area also.
Well, if you go back to VCR's, be sure to grab a VCR like the Panasonic PV-V4623's that have "Commercial Advance," which marks commercials on the tape and auto-fast-forwards through them on later playback, and "Movie Advance," which allows you to quickly and easily skip to the beginning of a movie on a tape (skipping all the previews before it) and when it gets to the beginning of the movie it then says something along the lines of "Your movie is ready" and to hit play to start it. The commercial advance on it isn't 100% accurate, but it is pretty good.
LOL! Somehow I completely missed the entire bottom half of your comment when initially reading it. I must have been half asleep when reading and replying.
That would work great...if all windows software could run in a limited account in Windows. Some programs you wouldn't think of like old versions of Quickbooks (2002 I think) require admin privileges in Windows XP to run and without admin privileges they might crash or pop up a cryptic error message when loaded.
Tried out Gaim encryption for Gaim ?
What if, when you have the password safe program open, your O/S feels the need to swap its memory to disk for whatever reason? Wouldn't the decrypted passwords now be on your hard drive in clear text?
What happens when you try to type it on a keyboard different than yours (such as the "ergonomic keyboards" that are split in the middle)?