No application can cause a spanning tree loop. It is simply impossible.
A spanning tree loop causes broadcast frames - correectly used in small numbers in many different circumstances - to loop endlessly about the network (clogging it up), using paths that are provided for redunancy, but which are normally stopped form passing traffic by the "spanning tree protocol".
There are 2 likely causes:
Unidirectional link failure. If a connection between switches passes traffic in only one direction (normally they are bi-directional), then spanning tree can be 'fooled' into allowing traffic on a path that creates a loop and lets frames loop endlessly.
Misconfiguration of switches, possibly combined with erroneous cabling. If spanning tree is configured off on a port, (or, maybe, put into a mode called portfast), it's possible for interconnection of switch ports (through a crossover cable or other means) to cause this to occur.
A third possible cause is that the spanning tree software itself screws up and allows a loop when it shouldn't have. This was known to occasionally happen in Cisco switches some years ago. I haven't heard of it lately.
This all happens way below the application layer. Unless the application is speccific written to send huge numbers of broadcast frames (there is no legitimate reason for an app to do this), it couldn't bring down the network. And even if it did, this would not be a 'spanning tree loop' and disconnecting the offending station woul immediately fix the problem.
Probably, the network should be using routers to partition it into smaller LANs. But ths can stilll happen to any single LAN so creaeted and if it happens to the one your servers are on, you're still cooked.
Is the US government really that transparently corrupt?
As an American, let me say: Yes. This is an administration that will ALWAYS accomodate money. Look at the Anderson fiasco. They put thousands of people into unemployment, by prosecuting a whole company, rather than actually prosecuting the peoiple that did the deed and putting them in jail, because that sends the wrong message. Can't put a few big-shots in jail, that's bad. Thousands of working joes unemployed, that's OK. Fuckers.
Previous administrations were bad, but this one is absolutley shameless in its devotion to the monied interests.
The poster was talking about vulnerabilities for which there is *no* solution. A patch is a technical solution.
I was referring to the case where the maker of the software goes weeks or months before producing a patch or even acknowledging the problem. These should be disclosed, as people should not be using this software, long term.
Even the first occurrence should be disclosed. How many "first times" will we permit before expunging wu-ftpd from the planet?
The point this raises is that not all cracks are the admin's fault for not patching - but software choice also is a factor.
the article doesn't mention...where a break-in occurs because of a(n)... issue for which there is no released technical solution (i.e. anyone else who has software X would be susceptible...).
So companies/whatever which can't be bpthered to patch their holes get a buy? I don't think so.
Find a vulnerability and you're not even allowed to release a fixed version!
True, but you CAN release patches agains the source. (see this, among others) And anyone who's going to buid and run this thing should have no problem applying patches.
Microsoft has always been one to cost-optimize their revenue side financials. Under the new agreement, however, they will need to inflate their income-stream differentials which is a well-known death rattle for a large corporation.
By your logic, since I haven't heard any music played on the accordian which is decent, then the accordian is useless and nobody should play it.
Actually, not quite. By my logic, I haven't heard anything I like played oin the accordion, so your radio station should play something besides accordion music if you want me to listen.
(Of course, since I now instictively change the channel as soon as I hear the first note of accordion music, I'm not liklely to hear anything I like on accordion. Oh well.)
The technology isn't the content. Don't mix the two. And BTW, there are quite a few very good uses of flash. Maybe you just haven't seen them.
The problem is that for a great many webmasturbators, the technology IS the content, and you get force-fed flashing animations that won't stop flashing - ever - or long content-free spalsh animations that can't be bypassed, or whole websites that are inaccessible if you don't have Flash. I'll concede the possibility of good uses of Flash - it's just the the probability is so low that I'd just as sson do entirely without.
It's sort of like gun control - yes, it's true that it takes a person to pull the trigger, but a gun certainly magnifies the damage produced by that (otherwise) small action.
As an amusing postscript, I tried installing Flash for netscape on Redhat 7.2 last night, not because I actually want to use, but because I'm tired of being nagged about not having it all the time. Does NOT fucking work at all.
if it was, I'd use the (now useable) headers to send all spammers, say, a tar archive of/var/log, or all my mp3s and wavs, encrypted of course. Nothing too much, just a few 100M to each.
OK, over-generalization. More accurately: "Everything I've seen done with Flash was annoying or stupid or time-wasting or bandwidth-wasting or all of the above."
Flash might actually have some good things going for it, but judging from the web as it is, most who use it are idiots.
Since yours *does* support it, I don't see how you can complain that you can't access Flash sites.
I was commenting that Flash is crap and that I've intentionally removed it from my systems, so, yes, sites that use Flash (and provide no other route to the content) ARE inaccessible to me.
So I take that you don't play any games,
Correct. Computer games bore the hell out of me. (A minority opinion here, I'm sure.)
all your cursors don't blink
Sometimes it's useful so you can find the damn thing.
and your mouse pointer never turns into a busy timer.
That's conveying useful information, something that the vast majority of uses of Flash fail to do.
Again, why not? Flash players exist for almost every platform.
I could use Flash on my system. I've intentionally crippled Flash on many systems I run because I tired of bullshit flashing stuff that can't be stopped by hitting the Esc key or using the view->stop menu sequence.
Rumor has it that useful content has been conveyed using Flash. I've never seen this personally though.
If you use fixed font size tags, this won't change a thing in the browser.
Thankfully, given the number of idiot webmasturbators that commit this stupidity, this isn't quite true. Gecko-based browsers (Mozilla, Galeon) will resize any text, even if the idiot that composed the webpage specified a fixed font size.
Still not much help for the totally blind, however. It seems that what was asked for (alt text and a way to skip nav bars) was not that bad. Now that they've won the suit, Southwest should consider doing it anyway as a gesture of good will.
Only for certain values of "soon". My recollection is that estimates were that it would begin to be available in some useable form after 2 years (this was probably a year ago). I think it will be much longer before it's production ready, though that's just a guess, and several more before perl5 goes away.
I got my latest AOL coaster (CD) yesterday. It acually came in a metal container. Think of the tins that mints (such as penguin mints or Altoids) come in, but CD sized. I'm not an AOL user. Never have been. Why would they use such a wasteful container? It had to cost 3 times what the CD did - probably more.
You'd think that the likes of Suse, Turbo, SCO, and Conectiva would get the point by now...
The others, maybe, but SCO is probably hopeless. They're also the ones who introduced per-seat licensing. Also, the fact that, given a chance to choose the Caldera name or the SCO name, they went with SCO, was a very bad sign.
I thought that UnitedLinux was an interesting concept until I saw SCO was involved - my interest level went way down at that point.
I lkie the soun of this one - seems like it should eliminate all false positives sent by real peope and all false negatives. I worry about auto-responders and auto-reminders, though. TMDA (Tagged Message Delivery Agent)
Sorry, I don't buy shrink wrapped books unless I can examine a specimen.
So you never buy books online or by mail-order?
Even if you don't, I do. The fact that I paid for something is not, by itself, permission for the seller or publisher to impose all sorts of extra terms and restrictios on me. Once again, show me my signature on some piece of paper or take your extra-legal requirements and stuff 'em.
A look inside "the Color of Magic" by Terry Pratchett show the following.
"All rights reserved.
Gee that proves it. If you'd opened the book (after paying for it and taking it home) and found a licensing agreement requiring you to give the author and the publisher blowjobs on alternate wednesdays, would you be bound by that too? If so, I've got stuff to sell you....
Sorry, Jack, if you want anything more than the requirments of law, you better have my signature on some piece of paper. Otherwise, go away.
Slashdot Mirror
No application can cause a spanning tree loop. It is simply impossible.
A spanning tree loop causes broadcast frames - correectly used in small numbers in many different circumstances - to loop endlessly about the network (clogging it up), using paths that are provided for redunancy, but which are normally stopped form passing traffic by the "spanning tree protocol".
There are 2 likely causes:
Unidirectional link failure. If a connection between switches passes traffic in only one direction (normally they are bi-directional), then spanning tree can be 'fooled' into allowing traffic on a path that creates a loop and lets frames loop endlessly.
Misconfiguration of switches, possibly combined with erroneous cabling. If spanning tree is configured off on a port, (or, maybe, put into a mode called portfast), it's possible for interconnection of switch ports (through a crossover cable or other means) to cause this to occur.
A third possible cause is that the spanning tree software itself screws up and allows a loop when it shouldn't have. This was known to occasionally happen in Cisco switches some years ago. I haven't heard of it lately.
This all happens way below the application layer. Unless the application is speccific written to send huge numbers of broadcast frames (there is no legitimate reason for an app to do this), it couldn't bring down the network. And even if it did, this would not be a 'spanning tree loop' and disconnecting the offending station woul immediately fix the problem.
Probably, the network should be using routers to partition it into smaller LANs. But ths can stilll happen to any single LAN so creaeted and if it happens to the one your servers are on, you're still cooked.
Is the US government really that transparently corrupt?
As an American, let me say: Yes. This is an administration that will ALWAYS accomodate money. Look at the Anderson fiasco. They put thousands of people into unemployment, by prosecuting a whole company, rather than actually prosecuting the peoiple that did the deed and putting them in jail, because that sends the wrong message. Can't put a few big-shots in jail, that's bad. Thousands of working joes unemployed, that's OK. Fuckers.
Previous administrations were bad, but this one is absolutley shameless in its devotion to the monied interests.
The poster was talking about vulnerabilities for which there is *no* solution. A patch is a technical solution.
I was referring to the case where the maker of the software goes weeks or months before producing a patch or even acknowledging the problem. These should be disclosed, as people should not be using this software, long term.
Even the first occurrence should be disclosed. How many "first times" will we permit before expunging wu-ftpd from the planet?
The point this raises is that not all cracks are the admin's fault for not patching - but software choice also is a factor.
the article doesn't mention ...where a break-in occurs because of a(n) ... issue for which there is no released technical solution (i.e. anyone else who has software X would be susceptible...).
So companies/whatever which can't be bpthered to patch their holes get a buy? I don't think so.
Find a vulnerability and you're not even allowed to release a fixed version!
True, but you CAN release patches agains the source. (see this, among others) And anyone who's going to buid and run this thing should have no problem applying patches.
GPL: Free as in herpes, not as in beer.
Unless this is sarcasm, you are truly a moron.
Even without a degree in economics everyone should realise that such trends will result in the music industry ceasing to exist.
They say that as if it were a bad thing.
Fuck these assholes. The sooner these parasites are out of the chain, the better. Money paid for music should go to musicians, not scumbags like this.
And all the whining about CDR sales is crap - we are ALREADY paying extra for those to placate thses scum, yet tey are still denying fair-use.
Microsoft has always been one to cost-optimize their revenue side financials. Under the new agreement, however, they will need to inflate their income-stream differentials which is a well-known death rattle for a large corporation.
What does that mean in English, please?
How hard was this? For non-gui, 'man ' or 'info ' usually produces the same results.
and six are already generating revenue.
/etc/hosts, /etc/host.ex0, /etc/inet/hosts
/etc/hosts is just a symlink to /etc/inet/hosts, at least on the old Solaris we use here, this seems redundant.
Since
By your logic, since I haven't heard any music played on the accordian which is decent, then the accordian is useless and nobody should play it.
Actually, not quite. By my logic, I haven't heard anything I like played oin the accordion, so your radio station should play something besides accordion music if you want me to listen.
(Of course, since I now instictively change the channel as soon as I hear the first note of accordion music, I'm not liklely to hear anything I like on accordion. Oh well.)
The technology isn't the content. Don't mix the two. And BTW, there are quite a few very good uses of flash. Maybe you just haven't seen them.
The problem is that for a great many webmasturbators, the technology IS the content, and you get force-fed flashing animations that won't stop flashing - ever - or long content-free spalsh animations that can't be bypassed, or whole websites that are inaccessible if you don't have Flash. I'll concede the possibility of good uses of Flash - it's just the the probability is so low that I'd just as sson do entirely without.
It's sort of like gun control - yes, it's true that it takes a person to pull the trigger, but a gun certainly magnifies the damage produced by that (otherwise) small action.
As an amusing postscript, I tried installing Flash for netscape on Redhat 7.2 last night, not because I actually want to use, but because I'm tired of being nagged about not having it all the time. Does NOT fucking work at all.
if it was, I'd use the (now useable) headers to send all spammers, say, a tar archive of /var/log, or all my mp3s and wavs, encrypted of course. Nothing too much, just a few 100M to each.
OK, over-generalization. More accurately: "Everything I've seen done with Flash was annoying or stupid or time-wasting or bandwidth-wasting or all of the above."
Flash might actually have some good things going for it, but judging from the web as it is, most who use it are idiots.
There. Are you happier, now?
Since yours *does* support it, I don't see how you can complain that you can't access Flash sites.
I was commenting that Flash is crap and that I've intentionally removed it from my systems, so, yes, sites that use Flash (and provide no other route to the content) ARE inaccessible to me.
So I take that you don't play any games,
Correct. Computer games bore the hell out of me. (A minority opinion here, I'm sure.)
all your cursors don't blink
Sometimes it's useful so you can find the damn thing.
and your mouse pointer never turns into a busy timer.
That's conveying useful information, something that the vast majority of uses of Flash fail to do.
I can't view them on my system.
Again, why not? Flash players exist for almost every platform.
I could use Flash on my system. I've intentionally crippled Flash on many systems I run because I tired of bullshit flashing stuff that can't be stopped by hitting the Esc key or using the view->stop menu sequence.
Rumor has it that useful content has been conveyed using Flash. I've never seen this personally though.
If you use fixed font size tags, this won't change a thing in the browser.
Thankfully, given the number of idiot webmasturbators that commit this stupidity, this isn't quite true. Gecko-based browsers (Mozilla, Galeon) will resize any text, even if the idiot that composed the webpage specified a fixed font size.
Still not much help for the totally blind, however. It seems that what was asked for (alt text and a way to skip nav bars) was not that bad. Now that they've won the suit, Southwest should consider doing it anyway as a gesture of good will.
Isn't Perl 6 coming out soon?
Only for certain values of "soon". My recollection is that estimates were that it would begin to be available in some useable form after 2 years (this was probably a year ago). I think it will be much longer before it's production ready, though that's just a guess, and several more before perl5 goes away.
It's nothing but more government interference in private business that chains capitalism
Fine - let's have EVERY bit of your medical history made poublic please, and given to every insurrer, loan company or employer to whom you apply.
That's a great idea.
I got my latest AOL coaster (CD) yesterday. It acually came in a metal container. Think of the tins that mints (such as penguin mints or Altoids) come in, but CD sized. I'm not an AOL user. Never have been. Why would they use such a wasteful container? It had to cost 3 times what the CD did - probably more.
You'd think that the likes of Suse, Turbo, SCO, and Conectiva would get the point by now...
The others, maybe, but SCO is probably hopeless. They're also the ones who introduced per-seat licensing. Also, the fact that, given a chance to choose the Caldera name or the SCO name, they went with SCO, was a very bad sign.
I thought that UnitedLinux was an interesting concept until I saw SCO was involved - my interest level went way down at that point.
I lkie the soun of this one - seems like it should eliminate all false positives sent by real peope and all false negatives. I worry about auto-responders and auto-reminders, though. TMDA (Tagged Message Delivery Agent)
Sorry, I don't buy shrink wrapped books unless I can examine a specimen.
So you never buy books online or by mail-order?
Even if you don't, I do. The fact that I paid for something is not, by itself, permission for the seller or publisher to impose all sorts of extra terms and restrictios on me. Once again, show me my signature on some piece of paper or take your extra-legal requirements and stuff 'em.
I think the theory is that it adds something of value, that can't be ripped and distributed, to the CD.
A look inside "the Color of Magic" by Terry Pratchett show the following. "All rights reserved.
Gee that proves it. If you'd opened the book (after paying for it and taking it home) and found a licensing agreement requiring you to give the author and the publisher blowjobs on alternate wednesdays, would you be bound by that too? If so, I've got stuff to sell you....
Sorry, Jack, if you want anything more than the requirments of law, you better have my signature on some piece of paper. Otherwise, go away.