They can't always establish whether your computer equipment was directly involved in the commission of a crime until they've taken it apart and read all the data. For example, if you were being investigated for possibly posessing kiddyporn, they would almost certainly seize your computer whether they had any reason to suspect you were using the computer to do it or not. The same happens for less serious crimes; a lot of the evidence that the police expect to find with a search warrant is no longer kept as physical evidence, but on computers, so they will often just seize computer equipment on general principle, and if it turns out the computer is nothing to do with it, they *might* give it back.
As for them taking whole networks, they do. If they find your computer is attached to a network and several other computers, they reason quite correctly that you could be storing your files on any machine on the network, and so take all of them (and sometimes network hardware too because they may not know what it is).
It's not even an extra physical chip; the GBC's not-quite-Z80 is on the same die as the GBA's ARM7. They are switched so that when one is running, the other is not, so there is not even any higher power consumption/heat dissipation, and the GBC core, including all the hardware to translate its IO into what the GBA's video/audio/etc controllers expect, is absolutely miniscule.
Police, FBI and other law enforcement agencies seize computer equipment *all the time*. Then if what you're being accused of is pretty unimportant, it'll sit on a shelf in an evidence locker someplace for three months before any forensics guys even take a look at it. This happened to a friend of mine. The police who arrive at the office/your house/whatever know what computers look like, and might have one 'expert' with them, but they will never just take copies of your data, they will take whole machines, even whole networks.
If a computer has had kiddy porn on it, they typically destroy the computer. The whole thing. Maybe the monitor too for good measure. They're not polite about this kind of thing.
Most modern ircds have a feature called SAFELIST, which means it's safe to ask for a/list that returns any number of the results, and the server will send it to you in small chunks that will not overflow the buffer. =)
Yup, the runtime optimiser in Sun's 1.4 VM is really terrifyingly good. As long as you stay away from GUI components and stick on the server side, Java performs very well, though it does use a lot of memory =)
I have yet to observe a significant difference between Java threads and pthreads performance; perhaps you are thinking of *very* old Java versions that used 'green' threads (threads implemented in the VM by doing interpreter-level context switched)? All modern Javas use native threads, and the overheads associated with using them are pretty much identical to those of using the native threading API of your platform.
I have converted Java network server apps that use one thread per client into threadpooled apps using asynchronous I/O - switching from java.io to java.nio (so you can manage your own buffers with full knowledge of your app's requirements, and use native OS buffers) is a large performance boost; going one step further and using asynchronous I/O and a small number of worker threads is almost not worth doing (though it's the way I do it when writing *new* apps) because the performance gain is just so small.
I have tweaked my copy of XP to throw away a few unneded services, and it boots in 26 seconds. That's from the boot loader taking control, to the desktop being up with my hojillion tray applications all running. It takes nearly that long for my RAID controller to warm up. It's only five seconds slower than Linux on the same machine. =)
Unfortunately that's a limitation in the Shoutcast protocol; the metadata about the current song is 'trickled' down the stream in spare bits very slowly, and so it takes a second or two for the full data to be available to the client after a track change. The crossfader doesn't help, either.
I also use allofmp3, and I think I should clarify its legality as your post is a bit optimistic about it. =)
The artists do not get paid; you know that, but it's not neccecarily obvious to others. Some of the music is sourced from a single bought CD, most is sourced from downloaded MP3s. The Online Encoding Exclusive tracks are all CD sourced; the others are at best 320Kbit MP3 sources - yes, all the non-Exclusive OE tracks are being transcoded, not encoded from the original.
Yes, it's legal for them to operate the service because they are complying with Russian law.
However, it is not neccecarily legal for you to USE the service. The situation seems analogous to buying stolen goods when you know they are stolen. It's not exactly analogous from a legal POV, though. I don't know the exact position of US law, but piracy law in the UK and much of Europe counts the party receiving the copy as liable as well as the party making the copy. I consulted an intellectual property lawyer and was assured that yes, under UK law, usage of allofmp3 is definately illegal, though it might be treated leniently given that someone who's not really clued in might believe that the site is a legitimate music seller.
Coverage of P2P lawsuits in the US suggests that US law does not consider the recipient of a copy liable, which would probably make it legal to use allofmp3, but IANAL and my lawyer friend doesn't know US law well enough.
Not if you: 1) Don't use crypto at all. If the service you are unlocking by knocking is something that's sufficiently secure anyway (e.g. ssh) then it's not vital that nobody be able to to guess the knock sequence, only that most people will not be able to do so. My machine has been using this for years, with no crypto; the sequence is calculated from time (rounded off to nearest 10 mins) and IP address, but I can do the calculation in my head. 2) Have a device capable of doing the crypto, but not of connecting to the network. This is similar to the way that S/KEY and other one-time password systems can work; you have a disconnected device which works out how to let you in. I have a J2ME application on my cellphone which also does the calculation for my knock sequence, which saves me the effort of doing the math. I can't use my cellphone to talk IPSEC, or play with any protocol that the client PC doesn't support, but I can use it as a very clever calculator.
Re:It's broken, and the real solution is simple
on
Port Knocking in Action
·
· Score: 4, Insightful
If you use signatures, IPSEC, or anything more complex than knocking, you need the client to support it. You can knock using nothing but telnet. That's kinda the point. =)
If I need to use Linux Compiler while sitting on a Windows box, I would rather use vmWare. Also vmWare has made great progress in their GSX and ESX, to make all this very easy.
Except that: 1) VMWare will be much slower because it suffers from the traditional problems associated with virtualising the x86 architecture. (coLinux is a ring-3 port of Linux much like that used by the Xen virtual machine monitor and thus has a far tinier virtualisation overhead). 2) VMWare is expensive. 3) VMWare ESX, the one that is significantly faster (GSX is just Workstation with better management facilities, really), runs as the host operating system, not on top of it; this means that you have Linux running 'next to' Windows, not as a guest of Windows - this creates interoperability problems (forget being able to copy and paste) and it means that your Windows install suffers from the exact same performance drop that you've already imposed on Linux. Even with ESX, coLinux still has the potential to be faster than VMWare (I don't know if it actually is; they might not have the maximum performance yet) because x86 is just so hard to virtualise.
I can't really see a single advantage of VMWare, other than the fact that coLinux can't yet run X natively - even that isn't much of an issue, as Cygwin/XFree works very well.
Not the case at all; in fact, the 64-bit editions of Windows (including the one I'm running at the moment on my AMD64) do not have the Win16 subsystem, because WOW32 has not been updated to work on a 64-bit kernel.
Actually, since VMWare is a virtualizer, a special case of an emulator where you allow some code to run directly on the host CPU, it's much more an emulator than WINE is. VMWare includes lots of x86 hardware emulation, because there's no other way to get off-the-shelf x86 operating systems to run on it, and emulates many x86 instructions (ones that don't work in ring 3) as well.
Would an emulator for some platform stop being an emulator just because, say, the guest system's MIDI device was not emulated and instead the MIDI commands were directly routed to the host's MIDI device? The situation is the same with VMWare.
MS's academic licencing does not restrict what you can do with the software any more than their regular licence does. My university's computer lab has an MSDN Academic Alliance account, and thus all computer science students and lecturers get free (yes, totally gratis), unrestricted licences for most MS end user and developer products; I have three Windows licences, licences for VS6, VS Embedded and VS.NET, licences for Office, Visio, Project, the list goes on. I even get told when new versions are out and offered those. There are no restrictions on what I can use these for (personal, academic, commercial) and the licences are perpetual (don't have to stop using them once I leave the lab) - when I graduate, all I will lose is the ability to get new versions for free.
I use very little of the MS software I have licences for, but it's handy to be able to fire up VS.NET under VMWare to check out code that someone else wrote. =)
Don't turn off the RPC service. Your machine will fail to boot. (hint: various windows components communicate by RPC). You can block external access to RPC ports using a firewall, and you can unbind most of them from public network interfaces, but that's the best you can do.
IQ tests are based on the assumption that IQ is normally distributed with a mean of 100, so the average person's IQ is 100 by definition. =)
Note that this is average across all humans (in theory; it's all statistics) not just the people who live in your general vicinity; average IQ for any particular locale may differ slightly. I remember reading once that the average IQ in the USA was 97, and the average in Germany was 104, but I have no idea where those numbers were derived from, so they are probably not useful.
Once you've turned off all the crap and got it running sensibly, XP is nicer than 2K purely for the kernel tweaks that got in. The memory manager estimates process working sets better which lets you use huge amounts of RAM as cache without increasing how much you have to swap (just by being smarter about what you evict from memory), just for a start.
There are other, much simpler ways to get Java to generate code faster than well-written assembly code. Imagine you have a huge loop with millions of iterations that calls some function or other. Now, that function has some argument which is a boolean, which is not the same during all loop iterations (calculated in some complex way based on some input data). If some dataset causes that function to always be called with 'true', then the JVM is capable of noticing this, and generating an optimised version of that function which has 'true' hardcoded in all the places where it previously referred to the boolean argument (with all other normal optimsations applied afterward; dead code elimination will wipe out all the 'false' paths..etc). This can give you better performance than the most well-written assembly code.
Now, you could argue that this is a pathological case, and you could, for example, write two versions of the function, one for true and one for false, and then put a single conditional check in the loop; that still has the conditional check, which will require some processor time. Also, what if there is not one boolean argument but many? Or non-boolean arguments? Are you going to write a hand-optimised version of your function for all possible inputs? That would degenerate to being a lookup table. =)
Other examples are when things like types are involved; some function takes an argument of type A, but it can be established through analysis that all calls to the function in a certain context actually are passing objects of concrete type B (B extends A). The JVM can therefore call directly the methods of B during that function, which eliminates the performance penalty of virtual method dispatch - no virtual dispatch is needed because the type can be exactly derived. A C++ compiler *cannot* do this optimisation, because it depends on runtime information (the contents of the method which is calling you).
The thing about being able to generate CPU-specific code for the CPU you are running on, while true, is misleading, as that is *not* where the main performance benefits of runtime optimsation come from. The ability to detect special cases that *do not occur during all executions of the same code* and optimise for them is the killer; it's impossible for a non-interpreted language to make these.
Actually there are some terrifyingly fast software 3D engines available for GBA (including at least one open source one) which can do fully textured polys with some lighting effects at 30fps without problems (60 for simpler scenes). They seem to have been written by those mad geniuses that a lot of software houses have locked up in cages out back. =)
I suspect that is in fact to some degree true; when the Shared Source Initiative started getting going, MS committed huge numbers of changes to their source just to clean up the comments (removing fuck, shit, etc.. removing comments like 'this is horribly broken'..etc) before they gave it out to the new shared source licencees. I worked on the XP SP1 source tree (under Shared Source licence) and the profane comments are all gone. =)
Actually, if you don't write programs that use AWT or Swing (i.e. any server app with no UI, any command line app..etc), gcj has pretty good coverage. Almost all of the Java code I use and write compiles fine with gcj to native code. Once java.nio is implemented in libgcj then it'll have the majority of the 1.4 API, minus AWT and Swing.
The HAL is not anything to do with the microkernel (the executive). The HAL sits outside the executive and is responsible for managing things like the current interrupt level, and other things which can differ wildly between architectures. Windows NT is not x86-centric and never really has been; the codebase has contained PPC/ARM/Alpha code for a while (though the ARM port was never released).
Slashdot Mirror
So, the key is to get a bunch of old, empty 486 boxen for a font job and build your cases out of non-computer like stuff. Funiture. Lamps. Microwaves.
Cops come in a size everything 'computer like' while you hide the power cord running into your wi-fi enabled lay-z-boy.
That could work pretty well. =)
They can't always establish whether your computer equipment was directly involved in the commission of a crime until they've taken it apart and read all the data. For example, if you were being investigated for possibly posessing kiddyporn, they would almost certainly seize your computer whether they had any reason to suspect you were using the computer to do it or not. The same happens for less serious crimes; a lot of the evidence that the police expect to find with a search warrant is no longer kept as physical evidence, but on computers, so they will often just seize computer equipment on general principle, and if it turns out the computer is nothing to do with it, they *might* give it back.
As for them taking whole networks, they do. If they find your computer is attached to a network and several other computers, they reason quite correctly that you could be storing your files on any machine on the network, and so take all of them (and sometimes network hardware too because they may not know what it is).
It's not even an extra physical chip; the GBC's not-quite-Z80 is on the same die as the GBA's ARM7. They are switched so that when one is running, the other is not, so there is not even any higher power consumption/heat dissipation, and the GBC core, including all the hardware to translate its IO into what the GBA's video/audio/etc controllers expect, is absolutely miniscule.
Police, FBI and other law enforcement agencies seize computer equipment *all the time*. Then if what you're being accused of is pretty unimportant, it'll sit on a shelf in an evidence locker someplace for three months before any forensics guys even take a look at it. This happened to a friend of mine. The police who arrive at the office/your house/whatever know what computers look like, and might have one 'expert' with them, but they will never just take copies of your data, they will take whole machines, even whole networks.
If a computer has had kiddy porn on it, they typically destroy the computer. The whole thing. Maybe the monitor too for good measure. They're not polite about this kind of thing.
Most modern ircds have a feature called SAFELIST, which means it's safe to ask for a /list that returns any number of the results, and the server will send it to you in small chunks that will not overflow the buffer. =)
Yup, the runtime optimiser in Sun's 1.4 VM is really terrifyingly good. As long as you stay away from GUI components and stick on the server side, Java performs very well, though it does use a lot of memory =)
I have yet to observe a significant difference between Java threads and pthreads performance; perhaps you are thinking of *very* old Java versions that used 'green' threads (threads implemented in the VM by doing interpreter-level context switched)? All modern Javas use native threads, and the overheads associated with using them are pretty much identical to those of using the native threading API of your platform.
I have converted Java network server apps that use one thread per client into threadpooled apps using asynchronous I/O - switching from java.io to java.nio (so you can manage your own buffers with full knowledge of your app's requirements, and use native OS buffers) is a large performance boost; going one step further and using asynchronous I/O and a small number of worker threads is almost not worth doing (though it's the way I do it when writing *new* apps) because the performance gain is just so small.
I have tweaked my copy of XP to throw away a few unneded services, and it boots in 26 seconds. That's from the boot loader taking control, to the desktop being up with my hojillion tray applications all running. It takes nearly that long for my RAID controller to warm up. It's only five seconds slower than Linux on the same machine. =)
Unfortunately that's a limitation in the Shoutcast protocol; the metadata about the current song is 'trickled' down the stream in spare bits very slowly, and so it takes a second or two for the full data to be available to the client after a track change. The crossfader doesn't help, either.
I also use allofmp3, and I think I should clarify its legality as your post is a bit optimistic about it. =)
The artists do not get paid; you know that, but it's not neccecarily obvious to others. Some of the music is sourced from a single bought CD, most is sourced from downloaded MP3s. The Online Encoding Exclusive tracks are all CD sourced; the others are at best 320Kbit MP3 sources - yes, all the non-Exclusive OE tracks are being transcoded, not encoded from the original.
Yes, it's legal for them to operate the service because they are complying with Russian law.
However, it is not neccecarily legal for you to USE the service. The situation seems analogous to buying stolen goods when you know they are stolen. It's not exactly analogous from a legal POV, though. I don't know the exact position of US law, but piracy law in the UK and much of Europe counts the party receiving the copy as liable as well as the party making the copy. I consulted an intellectual property lawyer and was assured that yes, under UK law, usage of allofmp3 is definately illegal, though it might be treated leniently given that someone who's not really clued in might believe that the site is a legitimate music seller.
Coverage of P2P lawsuits in the US suggests that US law does not consider the recipient of a copy liable, which would probably make it legal to use allofmp3, but IANAL and my lawyer friend doesn't know US law well enough.
Not if you:
1) Don't use crypto at all. If the service you are unlocking by knocking is something that's sufficiently secure anyway (e.g. ssh) then it's not vital that nobody be able to to guess the knock sequence, only that most people will not be able to do so. My machine has been using this for years, with no crypto; the sequence is calculated from time (rounded off to nearest 10 mins) and IP address, but I can do the calculation in my head.
2) Have a device capable of doing the crypto, but not of connecting to the network. This is similar to the way that S/KEY and other one-time password systems can work; you have a disconnected device which works out how to let you in. I have a J2ME application on my cellphone which also does the calculation for my knock sequence, which saves me the effort of doing the math. I can't use my cellphone to talk IPSEC, or play with any protocol that the client PC doesn't support, but I can use it as a very clever calculator.
If you use signatures, IPSEC, or anything more complex than knocking, you need the client to support it. You can knock using nothing but telnet. That's kinda the point. =)
If I need to use Linux Compiler while sitting on a Windows box, I would rather use vmWare. Also vmWare has made great progress in their GSX and ESX, to make all this very easy.
Except that:
1) VMWare will be much slower because it suffers from the traditional problems associated with virtualising the x86 architecture. (coLinux is a ring-3 port of Linux much like that used by the Xen virtual machine monitor and thus has a far tinier virtualisation overhead).
2) VMWare is expensive.
3) VMWare ESX, the one that is significantly faster (GSX is just Workstation with better management facilities, really), runs as the host operating system, not on top of it; this means that you have Linux running 'next to' Windows, not as a guest of Windows - this creates interoperability problems (forget being able to copy and paste) and it means that your Windows install suffers from the exact same performance drop that you've already imposed on Linux. Even with ESX, coLinux still has the potential to be faster than VMWare (I don't know if it actually is; they might not have the maximum performance yet) because x86 is just so hard to virtualise.
I can't really see a single advantage of VMWare, other than the fact that coLinux can't yet run X natively - even that isn't much of an issue, as Cygwin/XFree works very well.
Not the case at all; in fact, the 64-bit editions of Windows (including the one I'm running at the moment on my AMD64) do not have the Win16 subsystem, because WOW32 has not been updated to work on a 64-bit kernel.
Actually, since VMWare is a virtualizer, a special case of an emulator where you allow some code to run directly on the host CPU, it's much more an emulator than WINE is. VMWare includes lots of x86 hardware emulation, because there's no other way to get off-the-shelf x86 operating systems to run on it, and emulates many x86 instructions (ones that don't work in ring 3) as well.
Would an emulator for some platform stop being an emulator just because, say, the guest system's MIDI device was not emulated and instead the MIDI commands were directly routed to the host's MIDI device? The situation is the same with VMWare.
MS's academic licencing does not restrict what you can do with the software any more than their regular licence does. My university's computer lab has an MSDN Academic Alliance account, and thus all computer science students and lecturers get free (yes, totally gratis), unrestricted licences for most MS end user and developer products; I have three Windows licences, licences for VS6, VS Embedded and VS.NET, licences for Office, Visio, Project, the list goes on. I even get told when new versions are out and offered those. There are no restrictions on what I can use these for (personal, academic, commercial) and the licences are perpetual (don't have to stop using them once I leave the lab) - when I graduate, all I will lose is the ability to get new versions for free.
I use very little of the MS software I have licences for, but it's handy to be able to fire up VS.NET under VMWare to check out code that someone else wrote. =)
Don't turn off the RPC service. Your machine will fail to boot. (hint: various windows components communicate by RPC). You can block external access to RPC ports using a firewall, and you can unbind most of them from public network interfaces, but that's the best you can do.
The average person's IQ is about 100.
IQ tests are based on the assumption that IQ is normally distributed with a mean of 100, so the average person's IQ is 100 by definition. =)
Note that this is average across all humans (in theory; it's all statistics) not just the people who live in your general vicinity; average IQ for any particular locale may differ slightly. I remember reading once that the average IQ in the USA was 97, and the average in Germany was 104, but I have no idea where those numbers were derived from, so they are probably not useful.
Once you've turned off all the crap and got it running sensibly, XP is nicer than 2K purely for the kernel tweaks that got in. The memory manager estimates process working sets better which lets you use huge amounts of RAM as cache without increasing how much you have to swap (just by being smarter about what you evict from memory), just for a start.
There are other, much simpler ways to get Java to generate code faster than well-written assembly code. Imagine you have a huge loop with millions of iterations that calls some function or other. Now, that function has some argument which is a boolean, which is not the same during all loop iterations (calculated in some complex way based on some input data). If some dataset causes that function to always be called with 'true', then the JVM is capable of noticing this, and generating an optimised version of that function which has 'true' hardcoded in all the places where it previously referred to the boolean argument (with all other normal optimsations applied afterward; dead code elimination will wipe out all the 'false' paths..etc). This can give you better performance than the most well-written assembly code.
Now, you could argue that this is a pathological case, and you could, for example, write two versions of the function, one for true and one for false, and then put a single conditional check in the loop; that still has the conditional check, which will require some processor time. Also, what if there is not one boolean argument but many? Or non-boolean arguments? Are you going to write a hand-optimised version of your function for all possible inputs? That would degenerate to being a lookup table. =)
Other examples are when things like types are involved; some function takes an argument of type A, but it can be established through analysis that all calls to the function in a certain context actually are passing objects of concrete type B (B extends A). The JVM can therefore call directly the methods of B during that function, which eliminates the performance penalty of virtual method dispatch - no virtual dispatch is needed because the type can be exactly derived. A C++ compiler *cannot* do this optimisation, because it depends on runtime information (the contents of the method which is calling you).
The thing about being able to generate CPU-specific code for the CPU you are running on, while true, is misleading, as that is *not* where the main performance benefits of runtime optimsation come from. The ability to detect special cases that *do not occur during all executions of the same code* and optimise for them is the killer; it's impossible for a non-interpreted language to make these.
Actually there are some terrifyingly fast software 3D engines available for GBA (including at least one open source one) which can do fully textured polys with some lighting effects at 30fps without problems (60 for simpler scenes). They seem to have been written by those mad geniuses that a lot of software houses have locked up in cages out back. =)
I suspect that is in fact to some degree true; when the Shared Source Initiative started getting going, MS committed huge numbers of changes to their source just to clean up the comments (removing fuck, shit, etc.. removing comments like 'this is horribly broken'..etc) before they gave it out to the new shared source licencees. I worked on the XP SP1 source tree (under Shared Source licence) and the profane comments are all gone. =)
Actually, if you don't write programs that use AWT or Swing (i.e. any server app with no UI, any command line app..etc), gcj has pretty good coverage. Almost all of the Java code I use and write compiles fine with gcj to native code. Once java.nio is implemented in libgcj then it'll have the majority of the 1.4 API, minus AWT and Swing.
The default x86 kernel config always used to be Linus's machine; I don't know if this is still the case. =)
The HAL is not anything to do with the microkernel (the executive). The HAL sits outside the executive and is responsible for managing things like the current interrupt level, and other things which can differ wildly between architectures. Windows NT is not x86-centric and never really has been; the codebase has contained PPC/ARM/Alpha code for a while (though the ARM port was never released).