I was under the impression that Comcast's deployment did not extend to the end user, and that they would be Natting at the cablemodem. In essence, the carrier-grade NAT that has been discussed previously. So really the IPv6 is just internal to Comcast and transparent to the end user.
No the DOD is not moving to IPv6 at any great speed. They are actually pushing towards RFC private IPv4 addressing on their larger networks and reassigning or returning address space. A good example would be NMCI which uses 10.x.x.x RFC private addresses internally. One large reason for this is the distinct lack of security and auditting tools for IPv6. It's much easier to police IPv4 traffic at their internet gateways.
Statically linking the libraries is a usable fix to get rid of the dependency problem. The funny part is that he obviously doesn't pay attention to the comments on his blog writeup of the problem, as the very first comment told him how to fix it.
Me thinks this is a case of the poster, not truly understanding his options or the underlying problem, immediately blaming MS rather than figuring out a solution.
You must not be calling too many external modules. My biggest heartache on upgrading Perl versions is finding updated modules. I had to roll a few machines back to 5.6 simply because I couldn't find some modules that worked in 5.8. For those I eventually found the right modules or re-wrote the programs to use another module.
Exactly. It is a development release and the community is being asked to check it for unforseen compatibility problems. It's possible that a bugfix to the behavior of a function causes a problem, simply because the original coder was relying on the previously incorrect broken function. What's the problem? You certainly don't hear all the linux users complaining about kernel releases which have a non-zero risk of breaking something.
Microsoft did this intentionally. They deprecated the vulnerable version of the dll. You "solution" to the problem of your customers still running the vulnerable version of the VC dlls should be to either force them to upgrade or install the new dlls for them. Instead you decide the security is a hassle and undo the fix on your developer machine, so you can ignore the larger issue that you are building insecure software and you customers are running insecure computers. Fix the problem, instead of whining about it and continuing to crank out crappy.net software. How hard would it be to have your software check for the problem dll versions, and direct the customer to download/install the new version? Cripes, games do it all the time when they check what version of direct x is installed.
They are simply saying that Perl updates may break something inadvertently, and they are encouraging developers to test early so they can fix things before the stable release is put out. Sounds far to me.
I don't believe yum will update you from 5.8 to 5.10. If you are genuinely concerned about Perl updates, why not edit your yum.conf to ignore perl updates?
One thing I wish yum did, was to rank updates as to whether they are minor bug fixes, driver updates, security updates, etc and what they do. Right now it just says version x.x.x is available.
This is one thing that Microsoft does well. It makes it much easy to only test, verify, and apply security updates on the production boxes. I don't need to worry about a patch that fixes printers not showing up in terminal sessions, but I do want to fix DOS or potential remote exploits asap. Although the unsubstantiated rumor that MS slips security patches into routine updates would counter that.
Do note that yum in its default config doesn't update the kernel, which is where a number of major vulnerabilities do crop up in linux.
Doing "Routine yum updates" on a "production system" is just asking for trouble regardless. You're far more likely to break things updating the kernel and other critical libraries. Surely you have a developmental or test system right?
Per the interview with the Chicago mayor I heard on NPR this morning, it was two main reasons. Rio put a $14 billion of government back funding on the table and Chicago only presented $5 billion of mostly private funding (some of which was questionable). Plus the IOC really wanted to host the games in a non-major country or area such as South America or Africa. Personally I found it odd that the White House had a task force assigned to try to get the games to Chicago, which was actually a turn-off to the IOC. Chicago was never a serious contender as they started lobbying so late and really didn't have any actual plans to make it happen well, just as Atlanta was ill prepared..
485,000 unique samples does not mean 485,000 different variants. It simply means they had that many samples with different checksums, not necessarily unique strains. The anti-phising group has been growing and getting feedback from more sources recently, which means more samples and reportings. This skews the statistics and doesn't give any solid data on how many true variants are out there, nor does it give anything meaningful about how prevalent they are.
Seriously, the 508 compliance stuff is brain-dead. I have to file a 508 compliance exception form because my monitor doesn't have the braille on the keys so a blind person can tell the difference between them. The onus is on the manufacturers to do the voluntary testing, and most don't bother.
There is no such things as a "default license". FCC uses the terms "licensed frequencies" which require an FCC license or operators permit to use, and "unlicensed frequencies" which do not require a license or special permission. Note that manufacturers may have to apply for and maintain the licensing for certain devices such as cell phones. You are correct that you still need to adhere to FCC rules regarding power and operation while using the unlicensed spectrum.
All unlicensed transmitters are illegal in the USA.
Funny you should quote FCC rules about deliberate interference, yet make the claim that all transmitters need to be licensed. In general you do not need to license for certain frequency ranges when below the power threshhold (typically 1 watt).
You can look at those statistics a few different ways. Apache had far more moderate-severe vulnerabilites than IIS6. Or if you're an Apache fanboy, you can twist it and say Apache's vulnerabilites were less severe in general, but that's only because Apache had a whole lot more lower vulnerabilities to skew the percentages. It's too bad Secunia doesn't show the statistics on how long those issues remained patched.
However, they are absolutely entitled to impose non-discriminatory taxes, excise or otherwise, against parties that either reside or conduct business within their boundaries.
As I recall Michigan made a reasonable profit by chasing down the folks who were dodging the cigarette excise tax. They took a big blow to their image, but they did bring in several million dollars even after subtracting the administrative/legal costs. Several other states are starting to do this as well since it is profitable. http://www.stateline.org/live/ViewPage.action?siteNodeId=136&languageId=1&contentId=29157
For the most part they chose a handful of online vendors and forced them to turn over their customer records, then sent out bills and threatening letters. They only put the lawyers on those who owed large amounts over a several thousand dollar, such as the street vendors some of whom owned over $10k.
Claiming federal taxes aren't legal just marks you as ignorant. Go look up the laws and bills where Congress legally granted the authority.
Speaking of tax evasion, you're still required to pay State sales tax regardless of buying it online. The differernce is whether the company is required to collect it on your behalf.
Not claiming that on your taxes is tax evasion, but so far the States haven't cracked down on it, other than a few noteable examples. Search on Michigan going after folks buying mail order cigarettes. Yeah it was the cigarette excise tax they went after, but what's stopping them from pursuing other major retailers for a list of customers who dodged the sales tax?
No its not a myth. Citing a small sample test performed by Food Detective who is hardly an authoritative or unbiased source, is quite laughable. I doubt you even realized that study was funded by an MSG trade association. I'll bet you watch Fox news or CNN and believe all their crap too, eh?
The studies sponsored by the FDA show that MSG is generally regarded as safe, but they do cite that many people have sensitivity to high portions of MSG. For the summary of FDA recommendation as put out in 1995, please see http://vm.cfsan.fda.gov/~lrd/msg.html. For the lazy people, here is a key passage - "Among the report's key findings: An unknown percentage of the population may react to MSG and develop MSG symptom complex, a condition characterized by one or more of the following symptoms:"
McDonalds claims their burgers are made with 100% Beef Products, which is not the same things as only contains 100% beef products. FDA considers that term to include a whole list of cow parts that you won't find in the supermarket. They pressure wash the remains off the bones and add that gruel to the low grade ground cowparts that comprise low grade beef (that's why it looks so grey). Intact chicken is usually okay, but stuff like mcnuggets that use "processed" chicken isn't exactly all white meat.
Are aware that the FDA guidelines allow manufacturers to consider some ingredients as incidental (usually under a certain percentage or considered inert) and not include them in the labeling? Common ingredients would be things like the solvent for some of the flavoring and spices. For a grosser example, consider that up to a certain ppm of rat turds are allowed in the food, but not required to be listed on the label. MSG can be in the food but not be apparent on the label, as it can be included in other ingredients (soy sauces for example) or be described under one of several other chemical names?
I really wish the FDA would include MSG in their list allergens, which would force the manufacturers to be more open about the MSG content of their products. FDA won't because its not a potentially life-threatening sensitivity, but a significant amount of the population has ill effects from large doses (usually headaches).
I have had plenty of chem classes, and can pronounce the names quite well. The phrase "unpronounceable chemicals" is just a phrase - don't take it literally. I take exception that I need to use google to determine what those chemicals are, why they might be used, and what health risks they entail.
You don't need high technology for this. Put a loud whistle around the kids neck, and show him how to blow on it if he can't see an adult. For older kids and traveling companions, I recommend checking out the Garmin Rhino series of GPS enabled walkie-talkies. They show your position and the position of the other walkie-talkies.
Slashdot Mirror
So when OpenSSL has new vulnerabilities found, how does your program get updated? At least using the MS API it will get fixed eventually.
I can see how Verizon would designate the prefix for Independant Providers as evil.
I was under the impression that Comcast's deployment did not extend to the end user, and that they would be Natting at the cablemodem. In essence, the carrier-grade NAT that has been discussed previously. So really the IPv6 is just internal to Comcast and transparent to the end user.
No the DOD is not moving to IPv6 at any great speed. They are actually pushing towards RFC private IPv4 addressing on their larger networks and reassigning or returning address space. A good example would be NMCI which uses 10.x.x.x RFC private addresses internally. One large reason for this is the distinct lack of security and auditting tools for IPv6. It's much easier to police IPv4 traffic at their internet gateways.
Statically linking the libraries is a usable fix to get rid of the dependency problem. The funny part is that he obviously doesn't pay attention to the comments on his blog writeup of the problem, as the very first comment told him how to fix it.
Me thinks this is a case of the poster, not truly understanding his options or the underlying problem, immediately blaming MS rather than figuring out a solution.
I've had lots of strange problems forking in windows. It certainly doesn't seem to work the same as under linux.
You must not be calling too many external modules. My biggest heartache on upgrading Perl versions is finding updated modules. I had to roll a few machines back to 5.6 simply because I couldn't find some modules that worked in 5.8. For those I eventually found the right modules or re-wrote the programs to use another module.
Exactly. It is a development release and the community is being asked to check it for unforseen compatibility problems. It's possible that a bugfix to the behavior of a function causes a problem, simply because the original coder was relying on the previously incorrect broken function. What's the problem? You certainly don't hear all the linux users complaining about kernel releases which have a non-zero risk of breaking something.
Microsoft did this intentionally. They deprecated the vulnerable version of the dll. You "solution" to the problem of your customers still running the vulnerable version of the VC dlls should be to either force them to upgrade or install the new dlls for them. Instead you decide the security is a hassle and undo the fix on your developer machine, so you can ignore the larger issue that you are building insecure software and you customers are running insecure computers. Fix the problem, instead of whining about it and continuing to crank out crappy .net software. How hard would it be to have your software check for the problem dll versions, and direct the customer to download/install the new version? Cripes, games do it all the time when they check what version of direct x is installed.
They are simply saying that Perl updates may break something inadvertently, and they are encouraging developers to test early so they can fix things before the stable release is put out. Sounds far to me.
I don't believe yum will update you from 5.8 to 5.10. If you are genuinely concerned about Perl updates, why not edit your yum.conf to ignore perl updates?
One thing I wish yum did, was to rank updates as to whether they are minor bug fixes, driver updates, security updates, etc and what they do. Right now it just says version x.x.x is available.
This is one thing that Microsoft does well. It makes it much easy to only test, verify, and apply security updates on the production boxes. I don't need to worry about a patch that fixes printers not showing up in terminal sessions, but I do want to fix DOS or potential remote exploits asap. Although the unsubstantiated rumor that MS slips security patches into routine updates would counter that.
Do note that yum in its default config doesn't update the kernel, which is where a number of major vulnerabilities do crop up in linux.
Doing "Routine yum updates" on a "production system" is just asking for trouble regardless. You're far more likely to break things updating the kernel and other critical libraries. Surely you have a developmental or test system right?
Per the interview with the Chicago mayor I heard on NPR this morning, it was two main reasons. Rio put a $14 billion of government back funding on the table and Chicago only presented $5 billion of mostly private funding (some of which was questionable). Plus the IOC really wanted to host the games in a non-major country or area such as South America or Africa. Personally I found it odd that the White House had a task force assigned to try to get the games to Chicago, which was actually a turn-off to the IOC. Chicago was never a serious contender as they started lobbying so late and really didn't have any actual plans to make it happen well, just as Atlanta was ill prepared..
485,000 unique samples does not mean 485,000 different variants. It simply means they had that many samples with different checksums, not necessarily unique strains. The anti-phising group has been growing and getting feedback from more sources recently, which means more samples and reportings. This skews the statistics and doesn't give any solid data on how many true variants are out there, nor does it give anything meaningful about how prevalent they are.
Seriously, the 508 compliance stuff is brain-dead. I have to file a 508 compliance exception form because my monitor doesn't have the braille on the keys so a blind person can tell the difference between them. The onus is on the manufacturers to do the voluntary testing, and most don't bother.
There is no such things as a "default license". FCC uses the terms "licensed frequencies" which require an FCC license or operators permit to use, and "unlicensed frequencies" which do not require a license or special permission. Note that manufacturers may have to apply for and maintain the licensing for certain devices such as cell phones. You are correct that you still need to adhere to FCC rules regarding power and operation while using the unlicensed spectrum.
All unlicensed transmitters are illegal in the USA.
Funny you should quote FCC rules about deliberate interference, yet make the claim that all transmitters need to be licensed. In general you do not need to license for certain frequency ranges when below the power threshhold (typically 1 watt).
Jeez, can't anybody here use Google? According to Secunia, for the time period 2003-2009, IIS6 had 6 vulnerabilities http://secunia.com/advisories/product/1438/?task=statistics. Apache had 39 http://secunia.com/advisories/product/73/?task=statistics.
You can look at those statistics a few different ways. Apache had far more moderate-severe vulnerabilites than IIS6. Or if you're an Apache fanboy, you can twist it and say Apache's vulnerabilites were less severe in general, but that's only because Apache had a whole lot more lower vulnerabilities to skew the percentages. It's too bad Secunia doesn't show the statistics on how long those issues remained patched.
Bvllshit. http://httpd.apache.org/security/vulnerabilities_22.html
It's called not being a target. Ya know like Apple computers.
States can not impose taxes or regulations which discriminate against interstate commerce. http://www.house.leg.state.mn.us/hrd/pubs/ss/clssintc.htm.
However, they are absolutely entitled to impose non-discriminatory taxes, excise or otherwise, against parties that either reside or conduct business within their boundaries.
As I recall Michigan made a reasonable profit by chasing down the folks who were dodging the cigarette excise tax. They took a big blow to their image, but they did bring in several million dollars even after subtracting the administrative/legal costs. Several other states are starting to do this as well since it is profitable. http://www.stateline.org/live/ViewPage.action?siteNodeId=136&languageId=1&contentId=29157
For the most part they chose a handful of online vendors and forced them to turn over their customer records, then sent out bills and threatening letters. They only put the lawyers on those who owed large amounts over a several thousand dollar, such as the street vendors some of whom owned over $10k.
Claiming federal taxes aren't legal just marks you as ignorant. Go look up the laws and bills where Congress legally granted the authority.
Speaking of tax evasion, you're still required to pay State sales tax regardless of buying it online. The differernce is whether the company is required to collect it on your behalf.
Not claiming that on your taxes is tax evasion, but so far the States haven't cracked down on it, other than a few noteable examples. Search on Michigan going after folks buying mail order cigarettes. Yeah it was the cigarette excise tax they went after, but what's stopping them from pursuing other major retailers for a list of customers who dodged the sales tax?
No its not a myth. Citing a small sample test performed by Food Detective who is hardly an authoritative or unbiased source, is quite laughable. I doubt you even realized that study was funded by an MSG trade association. I'll bet you watch Fox news or CNN and believe all their crap too, eh?
The studies sponsored by the FDA show that MSG is generally regarded as safe, but they do cite that many people have sensitivity to high portions of MSG. For the summary of FDA recommendation as put out in 1995, please see http://vm.cfsan.fda.gov/~lrd/msg.html. For the lazy people, here is a key passage - "Among the report's key findings: An unknown percentage of the population may react to MSG and develop MSG symptom complex, a condition characterized by one or more of the following symptoms:"
If you're not too lazy, this Mayo clinic article sums it pretty well.
http://www.mayoclinic.com/health/monosodium-glutamate/AN01251
McDonalds claims their burgers are made with 100% Beef Products, which is not the same things as only contains 100% beef products. FDA considers that term to include a whole list of cow parts that you won't find in the supermarket. They pressure wash the remains off the bones and add that gruel to the low grade ground cowparts that comprise low grade beef (that's why it looks so grey). Intact chicken is usually okay, but stuff like mcnuggets that use "processed" chicken isn't exactly all white meat.
Are aware that the FDA guidelines allow manufacturers to consider some ingredients as incidental (usually under a certain percentage or considered inert) and not include them in the labeling? Common ingredients would be things like the solvent for some of the flavoring and spices. For a grosser example, consider that up to a certain ppm of rat turds are allowed in the food, but not required to be listed on the label. MSG can be in the food but not be apparent on the label, as it can be included in other ingredients (soy sauces for example) or be described under one of several other chemical names?
I really wish the FDA would include MSG in their list allergens, which would force the manufacturers to be more open about the MSG content of their products. FDA won't because its not a potentially life-threatening sensitivity, but a significant amount of the population has ill effects from large doses (usually headaches).
I have had plenty of chem classes, and can pronounce the names quite well. The phrase "unpronounceable chemicals" is just a phrase - don't take it literally. I take exception that I need to use google to determine what those chemicals are, why they might be used, and what health risks they entail.
Technically, they shouldn't list dihydrogen monoxide as the FDA guidelines require plain language names where possible. For example sugar instead of sucrose, but you see HFCS listed instead of sugar quite often.
http://www.fda.gov/Food/GuidanceComplianceRegulatoryInformation/GuidanceDocuments/FoodLabelingNutrition/FoodLabelingGuide/ucm064880.htm
You don't need high technology for this. Put a loud whistle around the kids neck, and show him how to blow on it if he can't see an adult. For older kids and traveling companions, I recommend checking out the Garmin Rhino series of GPS enabled walkie-talkies. They show your position and the position of the other walkie-talkies.