It's a real shame that you can't trace iTunes. I was all set to reverse engineer it and use the code to make my own total fucking abortion of a media player. Now I'll have to settle for grafting a horrible GUI onto Mplayer, removing most of the supported formats and making it sleep without releasing the CPU 90% of the time. If I can work out some way to reliably fuck up the contents of the user's iPod, then I doubt anyone will notice the difference.
It will be tricky to make the Windows port twice as horrible though. Maybe I can get it to punch the user in the face every ten minutes?
no evidence that they actually have working hardware.
This is a good point and you are right to be cautious. Obviously there will be massive technological challenges to overcome in order to move past the current state of the art, which is loads of flash connected to an SATA interface, to this new paradigm of having shitloads of flash connected to an SATA interface.
I'm not an expert, but I'm thinking perhaps they can start by adding more flash?
This is amazing! Just imagine what they could accomplish if they tried to do something useful, innovative, or even - technologically challenging. Yes, there is nothing challenging or useful in getting 648 CPUs and 1TB of memory to work with a power draw of 1200W in the same way that you're not a gigantic fucking faggot.
Okay now I'm confused. If you're avoiding the IP stack entirely, where does crossing subnets come into play? I guess they'll just have to cross that bridge when they come to it.
German ZDF [1] uses flash only for its front page due to ill-advised web design and utilizes windows media player, quicktime or vlc browser plugins for video content. so much for actual consumer friendly solutions.
That's awesome! Now, can you come back and let us know when they produce something we might want to watch?
I was going to say that it's only of use for training purposes, and can't be used in the real world. But then I noticed a lot of people in this thread advocating the use of consumer routers, and they probably would put emulated IOS on an old PIII and expect it to route 1Mpps. So knock yourselves out, retards.
Great idea! It would certainly put our current problems into perspective.
As somebody who has almost certainly implemented more IPSEC based VPNs than you have, can I modify that to "If only we could get something better and simpler than IPSEC happening"?
I'm not casting aspersions on the security of IPSEC. I'm more concerned about the shit-wreck that would result from trying to get all the different half assed implementations of IPSEC to talk to each other, which is what you are proposing.
Here's some information from the real world. If you give the IPSEC RFCs to two different teams and tell them to develop products from them, those finished products will not talk to each other properly, if at all. After several rounds of interop testing and bug fixes, they probably will talk to each other as long as you don't do anything scary like NAT traversal, Xauth, certificate based authentication or expecting the fucking things to work properly for more than 24 hours without someone watching them constantly.
Please mod-down the parent. It simply copies a paragraph from the grandparent post and adds a spam link at the end. I accidentally modded it informative and thanks to Slasdot's wonderful new auto-apply feature the only way I can undo it is to post this fucking reply.
How do you know that the security auditors identified the vulnerability by looking at the source?
Because it's approximately a zillion times easier to audit the source code of an application than the binaries. If you have the source available and you decide to just look at the binary anyway, then you're probably nuts. Unless you're looking for compiler induced security bugs.
Apple used LLVM to improve the performance of software-fallbacks for OpenGL extensions by a hundred fold in Leopard, and the big part of that was because it was good at optimizing high-level routines depending on the low-level features of the chip, such as Altivec/SSE2 32bit/64bit, PPC/x86 etc. So it stands to reason that, to the extent that SSE4 is usefull, LLVM will make good use of it, just like it did for other extensions. If a new compiler frontend/backend/whatever improved the performance of those routines 100x, it's because the original routines were horribly inefficient. That is a simple fact and it is still true even when Apple is involved.
So long as astrophysicists refuse to follow the changes occurring within the field of comparative mythology -- which is an actual discipline with real scientific methodology -- they cannot claim that their theories were arrived at by rigorous methodology. Yeah, the people who modded you "Interesting" didn't actually get to the end of your comment did they?
Why didn't you just say, "I believe Venus is a comet that entered the solar system in the last 10,000 years and that's why global warming is a liberal conspiracy."? Is it because bitter experience has taught you that padding it out with a thousand extra words makes it less likely that people will notice you're a nutjob?
Do you catch more people with the Sanyo BIOS rewrite? 8k certainly isnt enough room to fix the video card IO problem. Dude, you're calling bullshit on Willy Tarreau.
It's like saying "That's all very interesting Mr Torvalds, but you don't really expect me to believe you wrote a kernel yourself do you?".
I couldn't help noticing this line in the release announcement regarding the sad death of Jun-ichiro 'itojun' Itoh Hagino:
"Without his BSD and IETF participation, IPv6 would not be where it is today." Jesus, Theo! The guy's just died! Surely you could have said something nice about him?
And since this is all BSD licensed code you are free to take the code, put it in your proprietary "net security appliance" making any improvements of course without giving one single improvement back.
There are SO many 1U security "black boxes" that obviously rip off OpenBSD for 95% of their product it's just pathetic. I don't recall many of them touting that they used OpenBSD or ever hearing some of the "cool" features they SAY they have ever being contributed back to the main code repository for OpenBSD. Yes, I used to work for a company that did exactly this. They had a range of VPN gateways which were basically OpenBSD with a user interface. And while I'm not saying that they never contributed anything back, it definitely wasn't a priority.
On the other hand, they also have a great deal of Linux based products. And whenever they need to fix any Linux bugs or add features, they always contribute them back. Doing otherwise would be a breach of the license and expose them to legal liabilities.
The point is that as a rule, large corporations aren't going to do anything that they aren't legally obliged to do. You would probably call RMS a political zealot and an unrealistic idealist. But at the end of the day he's not the one that expects commercial enterprises to change their nature and act altruistically just because it would be nice. If they give those "cool" features back, they're also giving them to their competitors. Which is probably not a career extending move for the person responsible.
If these realities offend you so much, I would suggest that you avoid releasing any software under the BSD license.
I agree with you. Considering all that you get out of the box, Apple servers are pretty cheap. Especially compared to the Dell "frankenboxes" that you constantly have to babysit.
So what exactly are the differences between Apple servers and equivalently priced Dell servers which make the Dell ones so inferior and in need of babysitting?
I suppose that the Apple servers come fitted with RAS cards allowing full out of band remote diagnostics and OS provisioning while the Dells don't, right? Please reply with real substantiated facts instead of any old shit that you think you can get away with just because this is in the Apple section.
Simply disallowing all incoming UDP traffick is trivially easy... and doesn't break all that much.
Sure, if DNS isn't 'all that much'
Disallow all incoming UDP/53 traffic, and you'll lose the ability to resolve names. More secure? Maybe. Practical? Absolutely not. Your character gains +1 Networking points for knowing that DNS uses UDP/53 by default, but sadly loses 100 points for not knowing what a stateful firewall is and an additional 50 for confusing source and destination ports. You should probably re-roll before you get eaten by an ICMP packet.
Face it, Linux-people, Apple isn't going to open up the platform, defying all the benefits of a closed architecture, for the sake of letting you play with OS X on your 5 year old leftovers box. Not going to happen. Yep, it's definitely "Linux people" that can't wait to get their hands on another proprietary OS. As you point out, they only use Linux because they can't afford Macs. And your use of the phrase "benefits of a closed architecture" demonstrates a wonderful understanding of the history of computing.
Instead people are buying Macs because they have a hard time getting 8-core 3GHz machines with 16GB of RAM anywhere else. I'm just quoting this because people might not notice it amongst the rest of your comment and I want to share the laughs.
It's a valid question. If these developers are sitting idle, why not brush up on userspace skills and get to work doing something?
Since you're clearly sitting idle, how about you go out to your local red light district and brush up on your cock sucking skills?
What? You don't want to do that? You don't like being told how to spend your time by complete strangers? Well tough shit - if you're going to do it, so am I.
Oh no i get it. You can't sit there and tell me straight faced none of those 300 developers isn't capable of working on other drivers. this is classic OSS misallocation of resources if ever i saw it.
I have taken your complaints on board and shared them with the Project Manager in charge of Open Source. As a result, he has re-allocated most of the developers to the task of writing printer drivers, or whatever the fuck it is you're going on about. Most of them don't have any experience writing printer drivers and didn't want to do it, but we threatened them all with disciplinary action if they didn't obey orders.
If you have any further suggestions regarding the direction of open source projects, please feel free to print them out, roll them up tight and shove them up your ass. If you are unable to do this due to a lack of Linux support for your printer, simply insert your monitor instead.
And IE is completely declawed so you don't even if you accidentally open an untrusted URL in it, you're not going to get adware toolbars installed and your NDIS stack rejiggered.
No. IE is simply configured to disallow browsing non-local documents by default. If you disable that feature so that you can actually use it as a web browser then it's the same old shit.
You make it sound like they've improved it in some way when in fact they've just disabled it. Using the same logic, you can vastly improve the security of Firefox by configuring it to use localhost as a proxy and then not actually running a proxy on your machine.
Information isn't just for pirates any more. In case you missed the subtle sarcasm of my reply, the point I was trying to make is that nobody is ever going to read 30GB of text. It's just for bragging rights. If they go ahead and download it anyway from projects like the ones you've mentioned, they are abusing those services. I happen to think that PG is an important project and I don't like the idea of some little prick wasting their bandwidth just so that they can say they have 30GB of e-books. It's quite possible to act entirely within the law and still be a total asshole. Would you condone a wealthy person queuing for a soup kitchen just because it's free?
But you are ignorant, so I do not expect you to know that... I'll just let you masturbate with your nerd pirated magazines, nerd.
Wow. That's a pretty awesome burn. I don't know if I can cope with being called a nerd on Slashdot (News for nerds, stuff that matters). Using the word nerd twice in the same sentence just makes it even more cutting.
Because I am in fact a nerd, I can do some quick calculations. Let's assume that the average word in the English language takes up 4 bytes (quite generous since both PDF and CHM are compressed). That means your little collection consists of around 8 billion words of text. The average reading speed of native English speakers (which you clearly aren't) is 120 words per minute. So if you spent the next 120 years doing nothing but reading, you might manage to get through a reasonable percentage of your collection.
So we have established three things :
1. You are never going to read more than a tiny fraction of them. 2. You like to have them anyway and advertise this fact (this is what we call being a pack rat). 3. You get very angry when someone calls you on it.
If they really are downloaded from legal sources, then you have wasted a large amount of someone's bandwidth. If they were from Project Gutenberg or a similar project then I hope you will be ashamed enough to make a donation.
Oh and that CHM is the format for help files in Microsoft Windows (although, you might use Linux so you might not know that).
Kchmviewer handles them very nicely on Linux. You should try it. Oh wait, you can't install it because you aren't allowed to have the root password. Good decision on someone's part.
Slashdot Mirror
It's a real shame that you can't trace iTunes. I was all set to reverse engineer it and use the code to make my own total fucking abortion of a media player. Now I'll have to settle for grafting a horrible GUI onto Mplayer, removing most of the supported formats and making it sleep without releasing the CPU 90% of the time. If I can work out some way to reliably fuck up the contents of the user's iPod, then I doubt anyone will notice the difference.
It will be tricky to make the Windows port twice as horrible though. Maybe I can get it to punch the user in the face every ten minutes?
Seem like it would be really handy to put something like this on a video card.
Yeah, I bet it would be nearly as good as current video cards. You might want to ask yourself why the PS3 has that Nvidia chip in it.
no evidence that they actually have working hardware.
This is a good point and you are right to be cautious. Obviously there will be massive technological challenges to overcome in order to move past the current state of the art, which is loads of flash connected to an SATA interface, to this new paradigm of having shitloads of flash connected to an SATA interface.
I'm not an expert, but I'm thinking perhaps they can start by adding more flash?
German ZDF [1] uses flash only for its front page due to ill-advised web design and utilizes windows media player, quicktime or vlc browser plugins for video content. so much for actual consumer friendly solutions.
That's awesome! Now, can you come back and let us know when they produce something we might want to watch?
...thanks to Dynamips.
I was going to say that it's only of use for training purposes, and can't be used in the real world. But then I noticed a lot of people in this thread advocating the use of consumer routers, and they probably would put emulated IOS on an old PIII and expect it to route 1Mpps. So knock yourselves out, retards.
If only we could get IPSEC happening.
Great idea! It would certainly put our current problems into perspective.
As somebody who has almost certainly implemented more IPSEC based VPNs than you have, can I modify that to "If only we could get something better and simpler than IPSEC happening"?
I'm not casting aspersions on the security of IPSEC. I'm more concerned about the shit-wreck that would result from trying to get all the different half assed implementations of IPSEC to talk to each other, which is what you are proposing.
Here's some information from the real world. If you give the IPSEC RFCs to two different teams and tell them to develop products from them, those finished products will not talk to each other properly, if at all. After several rounds of interop testing and bug fixes, they probably will talk to each other as long as you don't do anything scary like NAT traversal, Xauth, certificate based authentication or expecting the fucking things to work properly for more than 24 hours without someone watching them constantly.
Please mod-down the parent. It simply copies a paragraph from the grandparent post and adds a spam link at the end. I accidentally modded it informative and thanks to Slasdot's wonderful new auto-apply feature the only way I can undo it is to post this fucking reply.
How do you know that the security auditors identified the vulnerability by looking at the source?
Because it's approximately a zillion times easier to audit the source code of an application than the binaries. If you have the source available and you decide to just look at the binary anyway, then you're probably nuts. Unless you're looking for compiler induced security bugs.
Why didn't you just say, "I believe Venus is a comet that entered the solar system in the last 10,000 years and that's why global warming is a liberal conspiracy."? Is it because bitter experience has taught you that padding it out with a thousand extra words makes it less likely that people will notice you're a nutjob?
Do you catch more people with the Sanyo BIOS rewrite? 8k certainly isnt enough room to fix the video card IO problem. Dude, you're calling bullshit on Willy Tarreau.
It's like saying "That's all very interesting Mr Torvalds, but you don't really expect me to believe you wrote a kernel yourself do you?".
There are SO many 1U security "black boxes" that obviously rip off OpenBSD for 95% of their product it's just pathetic. I don't recall many of them touting that they used OpenBSD or ever hearing some of the "cool" features they SAY they have ever being contributed back to the main code repository for OpenBSD. Yes, I used to work for a company that did exactly this. They had a range of VPN gateways which were basically OpenBSD with a user interface. And while I'm not saying that they never contributed anything back, it definitely wasn't a priority.
On the other hand, they also have a great deal of Linux based products. And whenever they need to fix any Linux bugs or add features, they always contribute them back. Doing otherwise would be a breach of the license and expose them to legal liabilities.
The point is that as a rule, large corporations aren't going to do anything that they aren't legally obliged to do. You would probably call RMS a political zealot and an unrealistic idealist. But at the end of the day he's not the one that expects commercial enterprises to change their nature and act altruistically just because it would be nice. If they give those "cool" features back, they're also giving them to their competitors. Which is probably not a career extending move for the person responsible.
If these realities offend you so much, I would suggest that you avoid releasing any software under the BSD license.
I agree with you. Considering all that you get out of the box, Apple servers are pretty cheap. Especially compared to the Dell "frankenboxes" that you constantly have to babysit.
So what exactly are the differences between Apple servers and equivalently priced Dell servers which make the Dell ones so inferior and in need of babysitting?
I suppose that the Apple servers come fitted with RAS cards allowing full out of band remote diagnostics and OS provisioning while the Dells don't, right? Please reply with real substantiated facts instead of any old shit that you think you can get away with just because this is in the Apple section.
Sure, if DNS isn't 'all that much'
Disallow all incoming UDP/53 traffic, and you'll lose the ability to resolve names. More secure? Maybe. Practical? Absolutely not. Your character gains +1 Networking points for knowing that DNS uses UDP/53 by default, but sadly loses 100 points for not knowing what a stateful firewall is and an additional 50 for confusing source and destination ports. You should probably re-roll before you get eaten by an ICMP packet.
It's a valid question. If these developers are sitting idle, why not brush up on userspace skills and get to work doing something?
Since you're clearly sitting idle, how about you go out to your local red light district and brush up on your cock sucking skills?
What? You don't want to do that? You don't like being told how to spend your time by complete strangers? Well tough shit - if you're going to do it, so am I.
Oh no i get it. You can't sit there and tell me straight faced none of those 300 developers isn't capable of working on other drivers. this is classic OSS misallocation of resources if ever i saw it.
I have taken your complaints on board and shared them with the Project Manager in charge of Open Source. As a result, he has re-allocated most of the developers to the task of writing printer drivers, or whatever the fuck it is you're going on about. Most of them don't have any experience writing printer drivers and didn't want to do it, but we threatened them all with disciplinary action if they didn't obey orders.
If you have any further suggestions regarding the direction of open source projects, please feel free to print them out, roll them up tight and shove them up your ass. If you are unable to do this due to a lack of Linux support for your printer, simply insert your monitor instead.
And IE is completely declawed so you don't even if you accidentally open an untrusted URL in it, you're not going to get adware toolbars installed and your NDIS stack rejiggered.
No. IE is simply configured to disallow browsing non-local documents by default. If you disable that feature so that you can actually use it as a web browser then it's the same old shit.
You make it sound like they've improved it in some way when in fact they've just disabled it. Using the same logic, you can vastly improve the security of Firefox by configuring it to use localhost as a proxy and then not actually running a proxy on your machine.
http://www.baen.com/library/
http://www.gutenberg.org/wiki/Main_Page
Information isn't just for pirates any more. In case you missed the subtle sarcasm of my reply, the point I was trying to make is that nobody is ever going to read 30GB of text. It's just for bragging rights. If they go ahead and download it anyway from projects like the ones you've mentioned, they are abusing those services. I happen to think that PG is an important project and I don't like the idea of some little prick wasting their bandwidth just so that they can say they have 30GB of e-books. It's quite possible to act entirely within the law and still be a total asshole. Would you condone a wealthy person queuing for a soup kitchen just because it's free?
But you are ignorant, so I do not expect you to know that... I'll just let you masturbate with your nerd pirated magazines, nerd.
Wow. That's a pretty awesome burn. I don't know if I can cope with being called a nerd on Slashdot (News for nerds, stuff that matters). Using the word nerd twice in the same sentence just makes it even more cutting.
Because I am in fact a nerd, I can do some quick calculations. Let's assume that the average word in the English language takes up 4 bytes (quite generous since both PDF and CHM are compressed). That means your little collection consists of around 8 billion words of text. The average reading speed of native English speakers (which you clearly aren't) is 120 words per minute. So if you spent the next 120 years doing nothing but reading, you might manage to get through a reasonable percentage of your collection.
So we have established three things :
1. You are never going to read more than a tiny fraction of them.
2. You like to have them anyway and advertise this fact (this is what we call being a pack rat).
3. You get very angry when someone calls you on it.
If they really are downloaded from legal sources, then you have wasted a large amount of someone's bandwidth. If they were from Project Gutenberg or a similar project then I hope you will be ashamed enough to make a donation.
Oh and that CHM is the format for help files in Microsoft Windows (although, you might use Linux so you might not know that).
Kchmviewer handles them very nicely on Linux. You should try it. Oh wait, you can't install it because you aren't allowed to have the root password. Good decision on someone's part.