It's not that simple. The attack in question was done by a flood of DNS queries -- you're not really going to cut off port 53, as this is pretty much equal to knocking that person off the Net.
The typical case involves a lot of outgoing connections on port 25 -- you can't really block this as well unless the user in question uses nothing but webmail.
Traffic shaping won't help a lot, either -- it can protect the server, of course, but won't help the user himself. In this case, it will just make their legitimate use prohibitely slow -- their web browser/whatever will compete with the virus they have over the tiny allotted quota of allowed DNS queries.
IMO it's much better to just cut them off outright, telling them that the fault is on their side.
If you want to be nice, you can redirect all their traffic to a web server which gives them a nice idiot-proof message about what they need to do. This is what I've set up for a friend's basement ISP (~30 paying users) -- although in that case, the message was similar to "your payment is due for two months, you didn't heed our reminders".
The last time I checked, most "software" (that is, lacking 95% of guts) modems relied on proprietary drivers. And to make it worse, the quality of those is abysmal -- I've been through modems from three different companies, and they all cause a lot of kernel oopses/panics/what not.
Thus, I was really, really happy doing this (slow link).
Have you tried cleaning the keyboard inside? I don't mean any microscopic-level germs, I mean good old visible large-size crud. On most keyboards you can push out separate keys by inserting a flat screwdriver under the key and using it as a lever -- due to the way keyboards are built, you'll be able to insert it back without inflicting any damage.
The amount of crud is astonishing. A thick layer of fluff is mandatory, but you can expect a number of larger objects as well.
My personal record is a 20x5x5mm big piece of carrot that my father pulled ~20 years ago from a keyboard we kids used at the time. I was ~7 so my memory can suffer from the fisherman's disease, but how the carrot could get between the cracks is beyond me.
The fluff consists mostly of hair, dust and pieces of skin tissue. This is a bacteria haven, and if you throw in some foodstuffs as well, the result can be dangerous in a hospital.
Being just a dirty foreigner, the name "Caltech" doesn't ring a bell.
On the other hand, I know about MIT damn well. When I've been to the ACM world finals, those bastards defeated my team (through pure luck, I'm sure). Two other our teams fixed that stain on honour later, of course.
Of course, I don't mean to insult them. Quite the contrary.
I'm just pointing out the possibilities about what could happen if someone manages to pull a legal stunt -- or, if the new board 20 years later would consist of people of a different kind.
RMS is a madman. Fortunately, he's our madman. He needs to be watched closely (to prevent blunders like the GFDL), but, he is well-known to have good intentions.
The problem is, if something bad happens to him, it's possible that whatever members of FSF will have the deciding say will push the GPL in a completely different direction. Whoever controls the FSF, controls the vast majority of GPLed software.
I'm not paranoid enough to label FSFians as possible traitors who would follow whoever shakes the purse, hell no -- I have quite a bit of faith in them. However, they may do any modifications to the licenses of software they don't own the copyright to -- it's a huge power. It's dangerous to leave such power in the hands of people not protected by insanity.
Hmm... it's pretty much different in Central Europe. At my university, over 30 people came to the faculty's eliminations the first year, and the competition was really fierce.
I would say exactly the opposite. These problems are a lot more practical compared to what is teached on most universities considered to be good in CS. Ignoring the algorithms theory results is badly designed software that drives the demand on CPUs instead of being happy with low-end machinery at the same price.
It was the dumb codemonkey problems which made best and most handsome team drop to 9th place:( (FYI, the guy you should be worshipping is the one standing)
But if you do have an usable internet connection, it's Windows what makes getting new software an incredible hassle.
Money aside, you need to get your bureaucracy at work to get an order done (unless you need it for yourself), actually buy the piece of software and install it. Even in the case of most "freeware", you need to jump through a lot of hops to find it on the vendor's webpage (try getting the gratis ZoneAlarm -- it takes like >5 minutes of browsing 548947389398439 pages of the paid "pro" version).
In the other corner, you have typing "apt-get install foo" (2 seconds), pressing "y" to approve the list of dependencies (1 second or adding -y to the initial command), a while to actually download the thing, and perhaps a brief moment to answer the debconf questions.
Surprisingly, one of the most extreme examples of this are... drivers! Yeah, drivers. With the exception of some proprietary crap like nVidia or some winmodems, you know where the drivers are. With modern distro-provided kernels, they are automatically inserted basing on the PCI ids and what not, making the issue null. And if you roll your own tightly-cut-down kernels, lspci/discover/hotplug/etc can tell you what you need. Generally, if a free driver exists, the kernel has it -- and hardware vendors learned that it pays to release the specs (with relatively few black sheep). In the Windows world, unless your piece of hardware is supported with the version of Windows you bought (that is, it's older than 2001 (XP) or 1998 (98)), you're out of luck. Windows doesn't let you figure out what device it is. No lspci, nothing. You can open the box and try to read labels on the chip, but they often are cryptic, or -- for on-board integrated devices -- totally missing. With this information, you can start your quest. After an hour or so of browsing the vendor's website or pages like driversguide.com (a valuable resource!), you may find the driver you need. Or you may not.
There is no such thing as "Macs" in Poland (no good retail chain -> no users), so I cannot comment on the MacOS side, but my regard for Apple is too high to believe they can allow a mess like it's the case for Windows.
Or rather, why would anyone use a flaky interface such as USB for connecting one's mouse or keyboard?
All hardware people I personally know detest it, especially for keyboards. They often cause issues at boot-time, tend to interact badly with motherboards, etc. For example, a mouse I've personally saw at a customer triggered wake-up a few seconds after the machine was powered off, even though all relevant settings in the BIOS were disabled.
PS/2 (and even DIN) connectors just work. Reliably.
The already-installed base of Windows OSes wouldn't stop working overnight. Of course, they can help a virus writer create a new huge worm overnight to force people to upgrade-or-die, but, MS is required to provide support for the copies already sold -- even if they decide to go into an all-out war against the EU law, they can't abandon multinational companies.
Too bad, having Microsoft being pushed out is as likely as a cold day in hell. And the devils get paid to keep the heating on.
Yes, the accuracy goes up. It does go up by a factor of many orders of magnitude, all the way from "bad joke" to "flaky but sometimes working".
I'm afraid that those booking systems are not up to the task yet, and they won't be fully usable without additional several years of research. For a limited set of commands, that is -- dictation is pretty much an AI-complete problem, IMHO, as even a human who doesn't have an idea about the subject you're dictating a text about will have a bad error rate.
I played with IBM's ViaVoice several years ago. It's next to useless.
For regular text, the results don't even resemble whatever was said. Getting a single sentence right is a major feat, even after a number of repetitions. And this was not just me, none of my friends was able to make the damn thing work.
For simple commands, it often worked. There were frequent mistakes, but generally, it looked like it might be an idea worth pursuing.
However, every time you try talking to your computer, everyone in your vicinity looks at you weird way. Sure, getting accustomed to such gizmos would shake off this reaction pretty fast, but even then, it wouldn't be treated any gentler than it's the case for a cell phone going off in a bus. Talking to a machine makes you stand out.
Crap... and what about actually stopping the perpetual Windows installfest we're having at work?
Fortunately, I'm a programmer/sysadmin and I don't even touch user support. The support guys, though, get 897984789798 calls that "your program stopped working, fix it" from customers per day. And in basically all cases, it's some random Windows machine crappied beyond all recognition.
The day all those small businesses around start getting it that, indeed, there are better, cheaper alternatives other than Windows, and we're not simply preaching some scam to get more money, I'll be a really happy camper.
IQ is a better of measure to use for class than education any day of the week. Speaking as someone who has a measured IQ over 150 (top 0.1%), you couldn't be more wrong. IQ is worth very little. Mensa is full of washouts with entitlement complexes.
IQ proves exactly nothing. I've been to one of such tests as a kid, and did everything in below half the time. From the looks on the face of the woman conducting the test, correctly... And when I got home from that test, thinking I'm an supergenius, I've grabbed another testsheet and tried to fill it. Believe it or not, but I managed to answer just a few questions in the time allotted. Now, am I a total genius or a complete retard? The second test was just a "generic" one while the first one was aimed at 12y old kids like me at that time -- this may point towards the former answer -- however, that would be cheating myself.
Then, I've been to a number of contests in physics and CS in high school/university. Among others, I collected the first place on a CEOI, and the 9th place on ACM World Finals -- but then, I've failed my degree. So, tell me, please -- am I a genius or a retard?
There is no real measure for a person's skills in general. All you can do is measuring someone's skills at a particular task -- however, it's easy. Just ask them a few random questions from their supposed field, an easy ones that everyone should know without checking. Hiring a sysadmin? Ask them what is the config file of dhcpd. Hiring a web developer? Ask them if (and/or how) they can have a half-translucent PNG on a web page. Hiring a programmer? Ask them how they would do tab completion if there is >1M words.
I've seen way too many people with so-called "Master's Degree" in CS who didn't know 1/10 things a certain 11y old kid I know does. Of course, I'm not telling you to hire the kid, either:p
In general: IQ tests are phoney, degrees are usually phoney, too. Just do a sanity check. Now, I wonder why no employeer I applied for a job to used this idea...
Kids... in my days, we (as in "people from my class") just used to amend the grades book if a teacher left it unguarded. It worked on paper just great.
Also, teachers used to just send a kid to fetch the grades book from the teachers' room every time they forgot to bring it with them.
A friend once asked me to check his CPU in my motherboard. So ok, I replace the CPU, give it a check, replace it with my own again.
Late in the night, suddenly the X display stands still, even the mouse pointer doesn't move (it usually does on Windows crashes at least). I try switching to a VT, killing the X server, doing Ctrl-Alt-SysRq, nothing. Then, I try to ssh in -- no idea why I tried it before pinging. No dice.
I press the hardware reset. No effect. This got me thinking. I power-cycle the box. A blank screen. Uh oh.
It took me several minutes to recall that I meddled with the CPU in the morning. I pull it out, re-seat it, and the machine is all-ok again.
Other funny responses to hardware crashes I witnessed were: * a CGA card had an array of the same character repeated all over the screen * a sound card kept repeating a few MIDI notes in a loop * a nifty "Turbo" button depressed itself on a crash (that machine was a 386 box that had a nice little speed switch that actually pressed/depressed itself when you used Ctrl-Alt-Gray+/Gray-)
Well, the difference between Linux 2.4 and Linux 2.6 is huge. It's the same as in your example: x is the MAJOR version, y is the point release.
On the other tentacle, this is a case of comparing apples (uh oh) to oranges: OS X is a whole OS, Linux is just the kernel. We should be rather comparing Tiger to, let's say, Debian Woody or Debian Sarge.
block problematic port
It's not that simple. The attack in question was done by a flood of DNS queries -- you're not really going to cut off port 53, as this is pretty much equal to knocking that person off the Net.
The typical case involves a lot of outgoing connections on port 25 -- you can't really block this as well unless the user in question uses nothing but webmail.
Traffic shaping won't help a lot, either -- it can protect the server, of course, but won't help the user himself. In this case, it will just make their legitimate use prohibitely slow -- their web browser/whatever will compete with the virus they have over the tiny allotted quota of allowed DNS queries.
IMO it's much better to just cut them off outright, telling them that the fault is on their side.
If you want to be nice, you can redirect all their traffic to a web server which gives them a nice idiot-proof message about what they need to do. This is what I've set up for a friend's basement ISP (~30 paying users) -- although in that case, the message was similar to "your payment is due for two months, you didn't heed our reminders".
Just build the bridge _lengthwise_ between two turns of the creek.
The last time I checked, most "software" (that is, lacking 95% of guts) modems relied on proprietary drivers. And to make it worse, the quality of those is abysmal -- I've been through modems from three different companies, and they all cause a lot of kernel oopses/panics/what not.
Thus, I was really, really happy doing this (slow link).
Have you tried cleaning the keyboard inside? I don't mean any microscopic-level germs, I mean good old visible large-size crud.
On most keyboards you can push out separate keys by inserting a flat screwdriver under the key and using it as a lever -- due to the way keyboards are built, you'll be able to insert it back without inflicting any damage.
The amount of crud is astonishing. A thick layer of fluff is mandatory, but you can expect a number of larger objects as well.
My personal record is a 20x5x5mm big piece of carrot that my father pulled ~20 years ago from a keyboard we kids used at the time. I was ~7 so my memory can suffer from the fisherman's disease, but how the carrot could get between the cracks is beyond me.
The fluff consists mostly of hair, dust and pieces of skin tissue. This is a bacteria haven, and if you throw in some foodstuffs as well, the result can be dangerous in a hospital.
Being just a dirty foreigner, the name "Caltech" doesn't ring a bell.
On the other hand, I know about MIT damn well. When I've been to the ACM world finals, those bastards defeated my team (through pure luck, I'm sure). Two other our teams fixed that stain on honour later, of course.
And Caltech... who's Caltech?
Of course, I don't mean to insult them. Quite the contrary.
I'm just pointing out the possibilities about what could happen if someone manages to pull a legal stunt -- or, if the new board 20 years later would consist of people of a different kind.
RMS is a madman. Fortunately, he's our madman.
He needs to be watched closely (to prevent blunders like the GFDL), but, he is well-known to have good intentions.
The problem is, if something bad happens to him, it's possible that whatever members of FSF will have the deciding say will push the GPL in a completely different direction. Whoever controls the FSF, controls the vast majority of GPLed software.
I'm not paranoid enough to label FSFians as possible traitors who would follow whoever shakes the purse, hell no -- I have quite a bit of faith in them. However, they may do any modifications to the licenses of software they don't own the copyright to -- it's a huge power. It's dangerous to leave such power in the hands of people not protected by insanity.
Hmm... it's pretty much different in Central Europe. At my university, over 30 people came to the faculty's eliminations the first year, and the competition was really fierce.
This was the case in 98, too.
I would say exactly the opposite. These problems are a lot more practical compared to what is teached on most universities considered to be good in CS.
:(
Ignoring the algorithms theory results is badly designed software that drives the demand on CPUs instead of being happy with low-end machinery at the same price.
It was the dumb codemonkey problems which made best and most handsome team drop to 9th place
(FYI, the guy you should be worshipping is the one standing)
But if you do have an usable internet connection, it's Windows what makes getting new software an incredible hassle.
Money aside, you need to get your bureaucracy at work to get an order done (unless you need it for yourself), actually buy the piece of software and install it. Even in the case of most "freeware", you need to jump through a lot of hops to find it on the vendor's webpage (try getting the gratis ZoneAlarm -- it takes like >5 minutes of browsing 548947389398439 pages of the paid "pro" version).
In the other corner, you have typing "apt-get install foo" (2 seconds), pressing "y" to approve the list of dependencies (1 second or adding -y to the initial command), a while to actually download the thing, and perhaps a brief moment to answer the debconf questions.
Surprisingly, one of the most extreme examples of this are... drivers! Yeah, drivers.
With the exception of some proprietary crap like nVidia or some winmodems, you know where the drivers are. With modern distro-provided kernels, they are automatically inserted basing on the PCI ids and what not, making the issue null. And if you roll your own tightly-cut-down kernels, lspci/discover/hotplug/etc can tell you what you need. Generally, if a free driver exists, the kernel has it -- and hardware vendors learned that it pays to release the specs (with relatively few black sheep).
In the Windows world, unless your piece of hardware is supported with the version of Windows you bought (that is, it's older than 2001 (XP) or 1998 (98)), you're out of luck. Windows doesn't let you figure out what device it is. No lspci, nothing. You can open the box and try to read labels on the chip, but they often are cryptic, or -- for on-board integrated devices -- totally missing. With this information, you can start your quest. After an hour or so of browsing the vendor's website or pages like driversguide.com (a valuable resource!), you may find the driver you need. Or you may not.
There is no such thing as "Macs" in Poland (no good retail chain -> no users), so I cannot comment on the MacOS side, but my regard for Apple is too high to believe they can allow a mess like it's the case for Windows.
Or rather, why would anyone use a flaky interface such as USB for connecting one's mouse or keyboard?
All hardware people I personally know detest it, especially for keyboards. They often cause issues at boot-time, tend to interact badly with motherboards, etc. For example, a mouse I've personally saw at a customer triggered wake-up a few seconds after the machine was powered off, even though all relevant settings in the BIOS were disabled.
PS/2 (and even DIN) connectors just work. Reliably.
The already-installed base of Windows OSes wouldn't stop working overnight. Of course, they can help a virus writer create a new huge worm overnight to force people to upgrade-or-die, but, MS is required to provide support for the copies already sold -- even if they decide to go into an all-out war against the EU law, they can't abandon multinational companies.
Too bad, having Microsoft being pushed out is as likely as a cold day in hell. And the devils get paid to keep the heating on.
You mean "hiding behind something bulletproof", just like most soldiers do in a REAL WAR unless [...] their officers are ordering them to move?
In a REAL WAR, they will usually keep hiding even when their officers order them to attack.
Yes, the accuracy goes up. It does go up by a factor of many orders of magnitude, all the way from "bad joke" to "flaky but sometimes working".
I'm afraid that those booking systems are not up to the task yet, and they won't be fully usable without additional several years of research. For a limited set of commands, that is -- dictation is pretty much an AI-complete problem, IMHO, as even a human who doesn't have an idea about the subject you're dictating a text about will have a bad error rate.
I played with IBM's ViaVoice several years ago. It's next to useless.
For regular text, the results don't even resemble whatever was said. Getting a single sentence right is a major feat, even after a number of repetitions. And this was not just me, none of my friends was able to make the damn thing work.
For simple commands, it often worked. There were frequent mistakes, but generally, it looked like it might be an idea worth pursuing.
However, every time you try talking to your computer, everyone in your vicinity looks at you weird way. Sure, getting accustomed to such gizmos would shake off this reaction pretty fast, but even then, it wouldn't be treated any gentler than it's the case for a cell phone going off in a bus. Talking to a machine makes you stand out.
Crap... and what about actually stopping the perpetual Windows installfest we're having at work?
Fortunately, I'm a programmer/sysadmin and I don't even touch user support. The support guys, though, get 897984789798 calls that "your program stopped working, fix it" from customers per day. And in basically all cases, it's some random Windows machine crappied beyond all recognition.
The day all those small businesses around start getting it that, indeed, there are better, cheaper alternatives other than Windows, and we're not simply preaching some scam to get more money, I'll be a really happy camper.
IQ is a better of measure to use for class than education any day of the week. Speaking as someone who has a measured IQ over 150 (top 0.1%), you couldn't be more wrong. IQ is worth very little. Mensa is full of washouts with entitlement complexes.
:p
IQ proves exactly nothing. I've been to one of such tests as a kid, and did everything in below half the time. From the looks on the face of the woman conducting the test, correctly... And when I got home from that test, thinking I'm an supergenius, I've grabbed another testsheet and tried to fill it. Believe it or not, but I managed to answer just a few questions in the time allotted. Now, am I a total genius or a complete retard? The second test was just a "generic" one while the first one was aimed at 12y old kids like me at that time -- this may point towards the former answer -- however, that would be cheating myself.
Then, I've been to a number of contests in physics and CS in high school/university. Among others, I collected the first place on a CEOI, and the 9th place on ACM World Finals -- but then, I've failed my degree. So, tell me, please -- am I a genius or a retard?
There is no real measure for a person's skills in general. All you can do is measuring someone's skills at a particular task -- however, it's easy. Just ask them a few random questions from their supposed field, an easy ones that everyone should know without checking. Hiring a sysadmin? Ask them what is the config file of dhcpd. Hiring a web developer? Ask them if (and/or how) they can have a half-translucent PNG on a web page. Hiring a programmer? Ask them how they would do tab completion if there is >1M words.
I've seen way too many people with so-called "Master's Degree" in CS who didn't know 1/10 things a certain 11y old kid I know does. Of course, I'm not telling you to hire the kid, either
In general: IQ tests are phoney, degrees are usually phoney, too. Just do a sanity check. Now, I wonder why no employeer I applied for a job to used this idea...
Uh oh. Now, show my what kind of moderators would fail to catch the joke and mod this "Troll"...
Well, my registrar (home.pl) doesn't even allow non-private registrations.
Just check the whois record for angband.pl...
On the other hand, GoDaddy considers privacy to be an "extra service".
Kids... in my days, we (as in "people from my class") just used to amend the grades book if a teacher left it unguarded. It worked on paper just great.
Also, teachers used to just send a kid to fetch the grades book from the teachers' room every time they forgot to bring it with them.
Well, nowadays I hit a machine on a daily basis to fix its @#$%^&* fan to stay the hell quiet.
It usually takes a blow or two to make it work.
A friend once asked me to check his CPU in my motherboard. So ok, I replace the CPU, give it a check, replace it with my own again.
Late in the night, suddenly the X display stands still, even the mouse pointer doesn't move (it usually does on Windows crashes at least). I try switching to a VT, killing the X server, doing Ctrl-Alt-SysRq, nothing.
Then, I try to ssh in -- no idea why I tried it before pinging. No dice.
I press the hardware reset. No effect. This got me thinking.
I power-cycle the box. A blank screen. Uh oh.
It took me several minutes to recall that I meddled with the CPU in the morning. I pull it out, re-seat it, and the machine is all-ok again.
Other funny responses to hardware crashes I witnessed were:
* a CGA card had an array of the same character repeated all over the screen
* a sound card kept repeating a few MIDI notes in a loop
* a nifty "Turbo" button depressed itself on a crash (that machine was a 386 box that had a nice little speed switch that actually pressed/depressed itself when you used Ctrl-Alt-Gray+/Gray-)
I can make a DDOS attack will full TCP handshakes, too.
Well, the difference between Linux 2.4 and Linux 2.6 is huge. It's the same as in your example: x is the MAJOR version, y is the point release.
On the other tentacle, this is a case of comparing apples (uh oh) to oranges: OS X is a whole OS, Linux is just the kernel. We should be rather comparing Tiger to, let's say, Debian Woody or Debian Sarge.