I imagine that most of the traffic on Tor (by number of bytes) is probably filesharing, spamming, hacking etc.
One important note: The same characteristic that makes Tor difficult to attack (requirement of coverage of majority of exit nodes in order to bypass the enciphering) makes it very hard to empirically determine the proportions of the different types of traffic.
Connection denial is possible on basis of outbound IP address/range and/or a TCP port address/range. This is assuming you're running an exit router to begin with.
Most people's lawyers don't end up in deep doo-doo for what their clients do in said clients' personal lives. Many company's lawyers *do* end up in deep doo-doo for what their clients do business-wise.
This situation is a business situation, not a personal situation.
I don't care if your algorithm never exposes a weakness for ten thousand years and your messages are supposedly secret for ten billion. If you keep throwing your scratchpad in the wastebasket and leaving it there, for example, then I'll probably figure out your plaintext.
- Saying that it's a teacher's responsibility to make certain a child grows up to be a responsible member of society. But, in most of the Western world at least, this is bollocks. - Saying that it's a parent's responsibility to make certain a child grows up to be a responsible member of society, and that they are directly attributable for the failure. This, at least for me personally, is a Truth. However, there will be plenty of children who will grow into misanthropic, withdrawn or downright evil people.
There will not be success in this regard as per the OP's link's author's definition until the users themselves shape up. If "security professionals" attempt to force them, those users will generally arrange to nullify the efforts of said professionals. Because those users do not see a need to.
Observations of current behavior suggest that, frankly, most people don't handle cause-and-effect well and can't be bothered to take responsibility for their own actions without gross displays of effect. After all, there does not yet exist any way to directly kill or otherwise physically harm a person through their web browser.
If the government wants to fight child porn so bad, why don't they just deal with having to go after those who produce it and swallow the fact that this is a hard problem?
Other people have said it, but I will throw in my bit:
If your boss is against source/change management software, just use it for yourself.
After all, you spelled it out in your opening post: "As much as I strive to write perfect code...that doesn't happen." The hell with protecting yourself from your boss; protect yourself from YOU on the occasions where you discover your thumb is mysteriously parked up your bottom.
As an aside: I work at a place where I get to watch my clients trip over their own mistakes and come up to me, hat in hand, asking if *I* happen to have a previous version of their object code. Bad times all around. This is a crappy position for me to be in, and the silly fact is that it isn't my ass if the code is broke. The position of the dude who has to ask me if I might have the last version of his code has to be at least three times worse.
Be exceedingly careful with this method for languages that are not closely related. At least between English and Japanese, there are many times were even a great subtitler (AnimEigo, ADV Films, etc.) will have to take liberties with translation of native idioms in Japanese, which just don't map one-to-one to English. Example:
Japanese: "shikatanai"/"shikataganai". General meaning is: "no way around it; nothing to be done for it", but I've seen it subtitled in English as "Nothing we can do" or "Oh well, you tried" even though the original Japanese doesn't mention (and doesn't need to mention) a subject "we" or "you"; it came from context.
Another major problem is that watching movies (or God help you, anime) is not the best way to deeply learn a language since there is understood context for culture that informs the language you hear in ways you won't get right away.
If you're a native English speaker, you're in less danger from other Germanic languages. The danger increases as you deviate farther and farther away. Have fun with languages that lack the verb "to have" (Japanese, Korean, Irish).
Gotta love the replacement 3Com or Intel cards which are the exact same 100mbps ethernet cards as others with different firmware and a $450 dollar price tag:)
They tested a bunch of implementations and a bunch of them failed out over 5000 different tests. How is this a problem with the protocol itself as opposed to how a bunch of vendors decided to implement it?
Might've been better phrased if it read as a vulnerability with "a number of popular implementations of IKEv1" as opposed to a vulnerability with the protocol.
The day you can get third party IP licensors (e.g. that nice crossbar architecture used in previous-gen nVidia chipset memory control blocks wasn't developed in house by nVidia and they have contractual obligations not to release interface specifications for it) to agree to have their interfaces open by the licensees is the day you'll have fully open register-level documentation for consumer 3D graphics chips.
As it stands, I'm upset that I own a game that is likely to become unplayable forever unless the publisher has the forsight to prepare a patch that utterly removes the Steam requirement. I'm not paying Valve another dime.
What scares the piss out of me is not that MMC manages to present a bunch of the options that are available in a pretty manner, but that some of the options I see are available AT ALL.
What's the dealio behind GPEDIT.MSC:"User Configuration"|"Administrative Templates"|"Network"|"Offline Files" ?
Why the did the shell programmer waste his time fooling with this crap when he could have been ripping all the damn "APICallA()"/"APICallW()" bullcrap out of important parts of the code, like win32k.sys?
WHY is the Universal Plug-N-Play service available on a "server version" of their operating system? Who sets up a server that expects to have to UPNP its way out of the router that is its next hop on the network?
Yeah yeah, Off-Topic, but the Microsoft Mentality is scary because it makes stupidity easy in places stupidity shouldn't be easy.
The "Enterprise" part is, evidently, that SSH.com will stick its neck out if it's caught out that one of their clients wasn't HIPPA or Sarbannes-Oxley compliant due to a problem with the SSH software installed, if it's SSH.com's software.
In a practical sense, this is likely bullshit. But so is any kind of computer liability insurance.
Nobody likes being a pawn when the game doesn't even make any sense.
As far as the guy could tell, a good portion of his grades were beyond his control, viz a viz the utter inability of the teaching assistants to describe the concepts.
No one likes learning something wrong, and the textbook generally doesn't straighten you out. It's not like the textbook can double-check your understanding of, say, electrical reactance and its role in the total impedence of a given circuit; that's kind-of what the human personnel who run the classes are supposed to do.
(Admittedly, the guy didn't expand his thinking appropriately. There had to be other ways to get around this problem, such as finding like-minded individuals in his classes and forming a study groups, or reviewing some of the concepts on his own time. A student in college today could conceivably (gasp!) GOOGLE for some help.)
Thing is, in the end, I do in fact believe in locker-room justice with respect to engineering disciplines. But the original poster was well aware that the TAs were not deliberately being difficult, they were difficult because they didn't know how, or didn't care, to properly explain anything.
There are those who want to encourage young Americans to become good engineers, but turning people who reek of incompetence into instructors is not the way to go.
One feature I'm aware of that is otherwise uncommon among most Windows programs is that MS-SQL tries very tightly to match a specific amount of physical memory in use, and tries very hard to trim its belt if some of its text or data segments end up in the swapfile. Most Windows programs don't go through the trouble, and a port of MySQL or PostgreSQL to Windows likely doesn't do this, making this feature a win for MS SQL.
No real awful speedbumps I couldn't get around except one: Around the 2.6.10 series, ran into some strange data corruption problems with the data in extremely large files (~1GB range per file) when transferring them. Never managed to pin it down strictly to the kernel, so I can't blame it for certain.
Apart from the fact that I need one out-of-tree driver, no issues with vanilla 2.6 ever since 2.6.11.
How do you figure that? Provided you have a machine with a classic BIOS (I've never touched an EFI machine), the processor is started in x86 real mode. LILO is perfectly runnable under these conditions.
"If the building the server lives in falls into the center of the earth, but my boss wants the mail back up (not necessarily with their data, just live again), would I be able to put Postfix, SQLGrey, LDAP auth and Courier back together in less than 4 hours except for user accounts?"
If you are sufficiently detailed enough to pull that off within 4 hours except for user accounts, you probably have the bits you need to wing all the rest of the bells and whistles (webmail, MAPI integration, upgrading one piece and making sure the other 11 don't die, etc.) which eat up your time.
The main problem with going commercial (which you should consider if you're sure it'd take you at least 8 or 9 hours of a day to put this together from zero) is that the extra features (Outlook integration via MAPI, etc.) tend to cost.
OTOH, if you go commercial the extra features are not yet another thing you need to spend time on because presumably you're paying for parts that already work.
Choosing a path starts with your honest appraisal of your own skills.
(Personally, I find Postfix + SQLGrey + Postfix virtual delivery agent to rock. But I don't mind going into the guts to add a new user or set a quota on an abuser or whatever. QMail I've found to be a tad dangerous. Often the slightest typo either puts qmail-send in a mad CPU loop (which is annoying) or delivers it in the wrong place (which is really annoying) or 5xx's it (bad). Adding extra steps into the qmail handling pipeline is a nightmare and should never be done on a production box first. But maybe I suck.)
Slashdot Mirror
I imagine that most of the traffic on Tor (by number of bytes) is probably filesharing, spamming, hacking etc.
One important note: The same characteristic that makes Tor difficult to attack (requirement of coverage of majority of exit nodes in order to bypass the enciphering) makes it very hard to empirically determine the proportions of the different types of traffic.
Connection denial is possible on basis of outbound IP address/range and/or a TCP port address/range. This is assuming you're running an exit router to begin with.
Most people's lawyers don't end up in deep doo-doo for what their clients do in said clients' personal lives. Many company's lawyers *do* end up in deep doo-doo for what their clients do business-wise.
This situation is a business situation, not a personal situation.
Common sense and rigour.
I don't care if your algorithm never exposes a weakness for ten thousand years and your messages are supposedly secret for ten billion. If you keep throwing your scratchpad in the wastebasket and leaving it there, for example, then I'll probably figure out your plaintext.
Agreed, it can't scale forever. When something really *really* blows up, I imagine work will be done to fix it then.
I have to disagree. There are two parallels:
- Saying that it's a teacher's responsibility to make certain a child grows up to be a responsible member of society. But, in most of the Western world at least, this is bollocks.
- Saying that it's a parent's responsibility to make certain a child grows up to be a responsible member of society, and that they are directly attributable for the failure. This, at least for me personally, is a Truth. However, there will be plenty of children who will grow into misanthropic, withdrawn or downright evil people.
There will not be success in this regard as per the OP's link's author's definition until the users themselves shape up. If "security professionals" attempt to force them, those users will generally arrange to nullify the efforts of said professionals. Because those users do not see a need to.
Observations of current behavior suggest that, frankly, most people don't handle cause-and-effect well and can't be bothered to take responsibility for their own actions without gross displays of effect. After all, there does not yet exist any way to directly kill or otherwise physically harm a person through their web browser.
If China sets up its own root servers and NICs, how are they going to coordinate with various NICs for giving out IP addresses?
No statement was made that American culture *had* any hope, merely the one person's opinion that P.P.G. was one of the pinnacles of said culture.
If the government wants to fight child porn so bad, why don't they just deal with having to go after those who produce it and swallow the fact that this is a hard problem?
Other people have said it, but I will throw in my bit:
If your boss is against source/change management software, just use it for yourself.
After all, you spelled it out in your opening post: "As much as I strive to write perfect code...that doesn't happen." The hell with protecting yourself from your boss; protect yourself from YOU on the occasions where you discover your thumb is mysteriously parked up your bottom.
As an aside: I work at a place where I get to watch my clients trip over their own mistakes and come up to me, hat in hand, asking if *I* happen to have a previous version of their object code. Bad times all around. This is a crappy position for me to be in, and the silly fact is that it isn't my ass if the code is broke. The position of the dude who has to ask me if I might have the last version of his code has to be at least three times worse.
Be exceedingly careful with this method for languages that are not closely related. At least between English and Japanese, there are many times were even a great subtitler (AnimEigo, ADV Films, etc.) will have to take liberties with translation of native idioms in Japanese, which just don't map one-to-one to English. Example:
Japanese: "shikatanai"/"shikataganai". General meaning is: "no way around it; nothing to be done for it", but I've seen it subtitled in English as "Nothing we can do" or "Oh well, you tried" even though the original Japanese doesn't mention (and doesn't need to mention) a subject "we" or "you"; it came from context.
Another major problem is that watching movies (or God help you, anime) is not the best way to deeply learn a language since there is understood context for culture that informs the language you hear in ways you won't get right away.
If you're a native English speaker, you're in less danger from other Germanic languages. The danger increases as you deviate farther and farther away. Have fun with languages that lack the verb "to have" (Japanese, Korean, Irish).
If you have to use external measures to limit their time, you've already failed.
If you don't mind keeping it separate, why not go with pkgsrc?
It mostly works and it's available today.
Gotta love the replacement 3Com or Intel cards which are the exact same 100mbps ethernet cards as others with different firmware and a $450 dollar price tag :)
They tested a bunch of implementations and a bunch of them failed out over 5000 different tests. How is this a problem with the protocol itself as opposed to how a bunch of vendors decided to implement it?
Might've been better phrased if it read as a vulnerability with "a number of popular implementations of IKEv1" as opposed to a vulnerability with the protocol.
The day you can get third party IP licensors (e.g. that nice crossbar architecture used in previous-gen nVidia chipset memory control blocks wasn't developed in house by nVidia and they have contractual obligations not to release interface specifications for it) to agree to have their interfaces open by the licensees is the day you'll have fully open register-level documentation for consumer 3D graphics chips.
As it stands, I'm upset that I own a game that is likely to become unplayable forever unless the publisher has the forsight to prepare a patch that utterly removes the Steam requirement. I'm not paying Valve another dime.
MMC is pretty damn good.
What scares the piss out of me is not that MMC manages to present a bunch of the options that are available in a pretty manner, but that some of the options I see are available AT ALL.
What's the dealio behind GPEDIT.MSC:"User Configuration"|"Administrative Templates"|"Network"|"Offline Files" ?
Why the did the shell programmer waste his time fooling with this crap when he could have been ripping all the damn "APICallA()"/"APICallW()" bullcrap out of important parts of the code, like win32k.sys?
WHY is the Universal Plug-N-Play service available on a "server version" of their operating system? Who sets up a server that expects to have to UPNP its way out of the router that is its next hop on the network?
Yeah yeah, Off-Topic, but the Microsoft Mentality is scary because it makes stupidity easy in places stupidity shouldn't be easy.
The "Enterprise" part is, evidently, that SSH.com will stick its neck out if it's caught out that one of their clients wasn't HIPPA or Sarbannes-Oxley compliant due to a problem with the SSH software installed, if it's SSH.com's software.
In a practical sense, this is likely bullshit. But so is any kind of computer liability insurance.
Nobody likes being a pawn when the game doesn't even make any sense.
As far as the guy could tell, a good portion of his grades were beyond his control, viz a viz the utter inability of the teaching assistants to describe the concepts.
No one likes learning something wrong, and the textbook generally doesn't straighten you out. It's not like the textbook can double-check your understanding of, say, electrical reactance and its role in the total impedence of a given circuit; that's kind-of what the human personnel who run the classes are supposed to do.
(Admittedly, the guy didn't expand his thinking appropriately. There had to be other ways to get around this problem, such as finding like-minded individuals in his classes and forming a study groups, or reviewing some of the concepts on his own time. A student in college today could conceivably (gasp!) GOOGLE for some help.)
Thing is, in the end, I do in fact believe in locker-room justice with respect to engineering disciplines. But the original poster was well aware that the TAs were not deliberately being difficult, they were difficult because they didn't know how, or didn't care, to properly explain anything.
There are those who want to encourage young Americans to become good engineers, but turning people who reek of incompetence into instructors is not the way to go.
One feature I'm aware of that is otherwise uncommon among most Windows programs is that MS-SQL tries very tightly to match a specific amount of physical memory in use, and tries very hard to trim its belt if some of its text or data segments end up in the swapfile. Most Windows programs don't go through the trouble, and a port of MySQL or PostgreSQL to Windows likely doesn't do this, making this feature a win for MS SQL.
(For reference: Distro: Gentoo x86_64)
No real awful speedbumps I couldn't get around except one: Around the 2.6.10 series, ran into some strange data corruption problems with the data in extremely large files (~1GB range per file) when transferring them. Never managed to pin it down strictly to the kernel, so I can't blame it for certain.
Apart from the fact that I need one out-of-tree driver, no issues with vanilla 2.6 ever since 2.6.11.
How do you figure that? Provided you have a machine with a classic BIOS (I've never touched an EFI machine), the processor is started in x86 real mode. LILO is perfectly runnable under these conditions.
LILO's "compact" option would probably have helped you out here.
If I were you, I would ask myself at least this:
"If the building the server lives in falls into the center of the earth, but my boss wants the mail back up (not necessarily with their data, just live again), would I be able to put Postfix, SQLGrey, LDAP auth and Courier back together in less than 4 hours except for user accounts?"
If you are sufficiently detailed enough to pull that off within 4 hours except for user accounts, you probably have the bits you need to wing all the rest of the bells and whistles (webmail, MAPI integration, upgrading one piece and making sure the other 11 don't die, etc.) which eat up your time.
The main problem with going commercial (which you should consider if you're sure it'd take you at least 8 or 9 hours of a day to put this together from zero) is that the extra features (Outlook integration via MAPI, etc.) tend to cost.
OTOH, if you go commercial the extra features are not yet another thing you need to spend time on because presumably you're paying for parts that already work.
Choosing a path starts with your honest appraisal of your own skills.
(Personally, I find Postfix + SQLGrey + Postfix virtual delivery agent to rock. But I don't mind going into the guts to add a new user or set a quota on an abuser or whatever. QMail I've found to be a tad dangerous. Often the slightest typo either puts qmail-send in a mad CPU loop (which is annoying) or delivers it in the wrong place (which is really annoying) or 5xx's it (bad). Adding extra steps into the qmail handling pipeline is a nightmare and should never be done on a production box first. But maybe I suck.)