A similar approach for distributing updates to source packages has been around for years: The dynamic deltup server network. You can tell their servers which source archives you already have and which new version you want. The server then unpacks both archives and sends you a deltup diff that can be used to create a bit-by-bit copy of the desired source archive, using the deltup program. An example use case for this are source based operating system distributions, like Gentoo GNU/Linux. The saved bandwidth is usually significant, often more than 90%.
It's unfortunate that FTPS still seems to be widely unknown. FTPS is an extension of the FTP protocol which secures the control & data channels with TLS. It's standardized in RFC 4217.
Restricting users to their home directory is much easier with FTPS than with SSH. The latter requires you to setup a chroot jail for each user. At least OpenSSH has built-in chroot support that allows you to specify a chroot environment for each user via/etc/passwd.
Many FTP clients and servers support the FTPS protocol, for example: * FileZilla * curl (and curlftpfs) * lftp
Phase IV (1974).... A great, unfortunately often underrated and unknown movie. It's a bit like 2001: Space Odyssey with ants, in the desert. The excellent close-up shots of ants alone are worth it. By the way, it has been recently released on NTSC DVD in very decent quality by Legend films.
This sounds like you've built the kernel with lots of modules that you eventually don't use. Building an only moderately stripped down version of 2.6.30 took about 7 minutes on my Core 2 Duo E8400 desktop, with concurrent threads, i.e.: make -j4
Futurama Season 1, Episode 5 "Fear of a bot planet" is based on a short story by Stanisaw Lem. David X. Cohen, the head writer of Futurama, acknowledged that Stanisaw Lem is among his favorite Sci-Fi writers.
For NetHack, there's the TAEB - Tactical Amulet Extraction Bot. It's a framework for developing NetHack AIs, written in Perl. Its development still seems to be going strong but it hasn't managed to ascend a game yet, which is not an easy accomplishment for an AI.
Sartak, a TAEB author, recently managed to predict NetHack's PRNG to acquire infinite wishes from fountains. This is considered an exploit of course, and has since been patched on public NetHack servers. Still, pretty impressive:)
I think there's a Twitter feed with TAEB's game progress somewhere, but I don't have the link.
"Several exploits for Apple's Mac OS X are in circulation which have not yet been patched. In a short test carried out by the heise Security editorial team, one of the exploits allowed a Mac OS X 10.5.6 user with normal privileges to obtain root privileges."
This security flaw has not been patched yet. Happy hacking everyone!
The first problem has already been solved in SSL's successor, TLS. The "Server Name Indication"[1] extension of TLS allows the client to transmit the desired virtual host before the encryption begins. The current versions of most major browsers support this, including: Firefox 2.0 and later, Opera 8 and later, IE7 and later, Chrome, Safari 3.2.1 and later. Apache, Cherokee, Lighttpd and nginx support SNI on the server side.
Your second problem is not as easy to solve. You could consider CACert[2], a certificate authority based on a web of trust. When I applied for CACert, the assurers were quite serious and checked my identity (ID card, photo and signature) more thoroughly than some ISPs who are reselling commercial certificates. No major browser ships with the CACert root cert but fortunately it's very easy to install!
In 2004, Woz gave a great presentation about his early work at Gnomedex 4.0.
"The Gnomedex Geeks-Gone-Wild crowd was fixated on this rare and brilliant presentation by Steve Wozniak, a true geek's geek. His playing started with games and pranks, crystal-set radios, reading Popular Electronics. Then he met Captain Crunch and got into telco-busting Blue Boxes.
Woz wanted to be an HP engineer forever and never thought he'd start a company, but his friend, Steve Jobs, said, "Let's sell it!" at every opportunity. Good thing he did, and good thing HP turned down Woz's offer for the rights to build what would become Apple's first computer. You'll enjoy this -- one of the best from Gnomedex 4.0."
This part is covered already -- they get set in your cookie. No need to even have a Google account to permanently turn on 100 results per page, and turn off SafeSearch.
Keeping the cookie allows Google to track your searches. You can avoid that with CustomizeGoogle.
The CustomizeGoogle Firefox addon allows you to filter search results like experts-exchange.com with wildcard expressions. Besides that, the addon can rewrite some of Google's pages to achieve, for example:
- Rewrite image search results to point directly to the images - Remove ads - Permanently set search preferences without having to log into your Google account. The addon stores the settings on the client's side and rewrites all HTTP GET requests to Google with the proper parameters.
OO is very good for graphical interfaces, but it isn't particularly well suited for algorithms and other maths oriented stuff.
The term OO is too general to make a statement about its usefulness for mathematics oriented problems. The powerful templating features of modern C++ are indeed very useful for numerical simulations:
It's called C++ Expression Templates, an excellent tool for numerical simulations. ETs can get you very close to the performance of hand optimized C code while they're much more comfortable to use than plain C. Parallelization is also relatively easy to achieve with expression templates.
A research team at my university actually uses expression templates to build some sort of meta compiler which translates C++ ETs into CUDA code. They use it to numerically simulate laser diodes.
Search for papers by David Vandevoorde & Todd Veldhuizen if you want to know more about this. They both developed the technique independently.
Vandevoorde also explains ETs to some degree in his excellent book "C++ Templates - The Complete Guide".
As someone mentioned in a previous post, it's much easier to just whitelist priorized services such as ssh, telnet or gaming protocols than wasting too much CPU cycles on detecting obscure P2P protocols with layer 7 filters.
Personally, I use iptables & tc to setup a simple HTB (Hierarchical Token Bucket filter) system with 3 priority levels:
- Interactive: SSH (with Minimize-Delay TOS-Flag), Telnet, Jabber,... - Medium: HTTP, IMAP, SMTP, POP3,... - Low: All the rest
Shaping the upload speed is my only concern. All 3 classes may use the complete upload bandwidth. The interactive HTB class gets a guaranteed 90% of the bandwidth and a high burst value. The lowest HTB class has a burst of 0 and about 5% guaranteed upload speed.
While this is only primitive setup, it allows lag-free ssh with an unlimited upload in the background.
I agree on the hardware targets Gentoo can go on, though, I've still been looking for that little project that will make it worthwhile to pick gentoo back up. (Digital Picture Frame?) There's a rather large german server hosting company which solely uses Gentoo Linux on its managed boxes. http://df.eu/ They have been doing that for a few years now and it seems to work for them.
It's not just that they hide the drivers but even if you find them, you can't look into it. Some may say this is for security's sake. But seriously, this device seems to be designed for securing your data. Would you trust a vendor who takes these measures to hide the inner workings of the device? It's not that obfuscation, hidden, binary code ever stopped ambitious crackers. On the contrary, I think it just gives a false feeling of security to the vendor.
I suggest that he should get a good bunch of artifical spam mails everyday while only one of it contains the code for the daily meals. Thus he would experience what it's like to get V1AG|)_A and 03M Software offers every day;)
How is taking a 24 bit sample of his voice 96,000 times a second better than taking a 24 bit sample of his voice 48,000 times a second, if the human ear can't hear myriad of frequencies in the 24,000 to 47,999 Hz range that the additional sample rate covers? As someone previously explained, this has no advantage if you only listen to the material, though if you plan to do things like time-stretching or pitch-shifting, it will matter.
Slashdot Mirror
A similar approach for distributing updates to source packages has been around for years: The dynamic deltup server network. You can tell their servers which source archives you already have and which new version you want. The server then unpacks both archives and sends you a deltup diff that can be used to create a bit-by-bit copy of the desired source archive, using the deltup program.
An example use case for this are source based operating system distributions, like Gentoo GNU/Linux. The saved bandwidth is usually significant, often more than 90%.
http://linux01.gwdg.de/~nlissne/dynamic.html
That's only a problem if the FTPS server doesn't use the PASV data mode.
It's unfortunate that FTPS still seems to be widely unknown. FTPS is an extension of the FTP protocol which secures the control & data channels with TLS. It's standardized in RFC 4217.
Restricting users to their home directory is much easier with FTPS than with SSH. The latter requires you to setup a chroot jail for each user. At least OpenSSH has built-in chroot support that allows you to specify a chroot environment for each user via /etc/passwd.
Many FTP clients and servers support the FTPS protocol, for example:
* FileZilla
* curl (and curlftpfs)
* lftp
Servers:
* vsftpd (can enforce encrypted FTP)
Phase IV (1974).... A great, unfortunately often underrated and unknown movie. It's a bit like 2001: Space Odyssey with ants, in the desert. The excellent close-up shots of ants alone are worth it. By the way, it has been recently released on NTSC DVD in very decent quality by Legend films.
This sounds like you've built the kernel with lots of modules that you eventually don't use. Building an only moderately stripped down version of 2.6.30 took about 7 minutes on my Core 2 Duo E8400 desktop, with concurrent threads, i.e.: make -j4
Correction: Stanislav Lem. Slashdot didn't like my Unicode.
Futurama Season 1, Episode 5 "Fear of a bot planet" is based on a short story by Stanisaw Lem. David X. Cohen, the head writer of Futurama, acknowledged that Stanisaw Lem is among his favorite Sci-Fi writers.
For NetHack, there's the TAEB - Tactical Amulet Extraction Bot. It's a framework for developing NetHack AIs, written in Perl. Its development still seems to be going strong but it hasn't managed to ascend a game yet, which is not an easy accomplishment for an AI.
Sartak, a TAEB author, recently managed to predict NetHack's PRNG to acquire infinite wishes from fountains. This is considered an exploit of course, and has since been patched on public NetHack servers. Still, pretty impressive :)
I think there's a Twitter feed with TAEB's game progress somewhere, but I don't have the link.
http://taeb-nethack.blogspot.com/
The root problem is currently solved by some new privilege escalation exploits for OS X:
http://slashdot.org/firehose.pl?op=view&id=4200037
"Several exploits for Apple's Mac OS X are in circulation which have not yet been patched. In a short test carried out by the heise Security editorial team, one of the exploits allowed a Mac OS X 10.5.6 user with normal privileges to obtain root privileges."
This security flaw has not been patched yet. Happy hacking everyone!
The first problem has already been solved in SSL's successor, TLS. The "Server Name Indication"[1] extension of TLS allows the client to transmit the desired virtual host before the encryption begins. The current versions of most major browsers support this, including: Firefox 2.0 and later, Opera 8 and later, IE7 and later, Chrome, Safari 3.2.1 and later.
Apache, Cherokee, Lighttpd and nginx support SNI on the server side.
Your second problem is not as easy to solve. You could consider CACert[2], a certificate authority based on a web of trust. When I applied for CACert, the assurers were quite serious and checked my identity (ID card, photo and signature) more thoroughly than some ISPs who are reselling commercial certificates. No major browser ships with the CACert root cert but fortunately it's very easy to install!
[1] http://en.wikipedia.org/wiki/Server_Name_Indication
[2] http://www.cacert.org/
Play with your friends or in a league.
You can download the CAPTCHA images and view them externally, for example in fbi: http://linux.die.net/man/1/fbi
Here's a slightly blurry screenshot of the wallpaper: http://www.heise.de/bilder/134489/0/1
In 2004, Woz gave a great presentation about his early work at Gnomedex 4.0.
"The Gnomedex Geeks-Gone-Wild crowd was fixated on this rare and brilliant presentation by Steve Wozniak, a true geek's geek. His playing started with games and pranks, crystal-set radios, reading Popular Electronics. Then he met Captain Crunch and got into telco-busting Blue Boxes.
Woz wanted to be an HP engineer forever and never thought he'd start a company, but his friend, Steve Jobs, said, "Let's sell it!" at every opportunity. Good thing he did, and good thing HP turned down Woz's offer for the rights to build what would become Apple's first computer. You'll enjoy this -- one of the best from Gnomedex 4.0."
The recordings are still available in MP3 form:
Part 1: http://itc.conversationsnetwork.org/shows/detail214.html
Part 2: http://www.itconversations.com/shows/detail215.html
Direct links to the MP3s:
http://itc.conversationsnetwork.org/audio/download/Steve%20Wozniak%20Part%201%20-%20Gnomedex%204.0.mp3
http://itc.conversationsnetwork.org/audio/download/Steve%20Wozniak%20Part%202%20-%20Gnomedex%204.0.mp3
This part is covered already -- they get set in your cookie. No need to even have a Google account to permanently turn on 100 results per page, and turn off SafeSearch.
Keeping the cookie allows Google to track your searches. You can avoid that with CustomizeGoogle.
The CustomizeGoogle Firefox addon allows you to filter search results like experts-exchange.com with wildcard expressions. Besides that, the addon can rewrite some of Google's pages to achieve, for example:
- Rewrite image search results to point directly to the images
- Remove ads
- Permanently set search preferences without having to log into your Google account. The addon stores the settings on the client's side and rewrites all HTTP GET requests to Google with the proper parameters.
https://addons.mozilla.org/en-US/firefox/addon/743
OO is very good for graphical interfaces, but it isn't particularly well suited for algorithms and other maths oriented stuff.
The term OO is too general to make a statement about its usefulness for mathematics oriented problems. The powerful templating features of modern C++ are indeed very useful for numerical simulations:
It's called C++ Expression Templates, an excellent tool for numerical simulations. ETs can get you very close to the performance of hand optimized C code while they're much more comfortable to use than plain C. Parallelization is also relatively easy to achieve with expression templates.
A research team at my university actually uses expression templates to build some sort of meta compiler which translates C++ ETs into CUDA code. They use it to numerically simulate laser diodes.
Search for papers by David Vandevoorde & Todd Veldhuizen if you want to know more about this. They both developed the technique independently.
Vandevoorde also explains ETs to some degree in his excellent book "C++ Templates - The Complete Guide".
As someone mentioned in a previous post, it's much easier to just whitelist priorized services such as ssh, telnet or gaming protocols than wasting too much CPU cycles on detecting obscure P2P protocols with layer 7 filters.
... ...
Personally, I use iptables & tc to setup a simple HTB (Hierarchical Token Bucket filter) system with 3 priority levels:
- Interactive: SSH (with Minimize-Delay TOS-Flag), Telnet, Jabber,
- Medium: HTTP, IMAP, SMTP, POP3,
- Low: All the rest
Shaping the upload speed is my only concern. All 3 classes may use the complete upload bandwidth. The interactive HTB class gets a guaranteed 90% of the bandwidth and a high burst value. The lowest HTB class has a burst of 0 and about 5% guaranteed upload speed.
While this is only primitive setup, it allows lag-free ssh with an unlimited upload in the background.
An in-depth how-to about the Linux Traffic Control system: http://www.tldp.org/HOWTO/Traffic-Control-HOWTO/index.html
A short pragmatic example using HTB & SFQ can be found here: http://gentoo-wiki.com/HOWTO_Packet_Shaping
If you're on Gentoo Linux, insert the CD and type:
emerge quake3-bin -av
and you're done.
It's not just that they hide the drivers but even if you find them, you can't look into it. Some may say this is for security's sake.
But seriously, this device seems to be designed for securing your data. Would you trust a vendor who takes these measures to hide the inner workings of the device?
It's not that obfuscation, hidden, binary code ever stopped ambitious crackers. On the contrary, I think it just gives a false feeling of security to the vendor.
I suggest that he should get a good bunch of artifical spam mails everyday while only one of it contains the code for the daily meals. Thus he would experience what it's like to get V1AG|)_A and 03M Software offers every day ;)
The Init scripts of Gentoo Linux are able to start services in parallel which gave me almost 50% faster startup time on my system.
/etc/conf.d/rc:
From
RC_PARALLEL_STARTUP="yes"
Some information about how and how much one of the first professional gamers earned can be found on Wikipedia: http://en.wikipedia.org/wiki/Fatal1ty