You have got to be kidding me. The elaborate system of dams, resevoirs and aqueducts that serve Los Angeles *alone* do more damage to the environment than any amount of commercial or recreational fishing in California or along the Pacific coast. And don't even get me started on Disneyland. 150 years since slavery was abolished, and mice and ducks are still held in thrall.
What it does is attempt to handshake with itself on every available tcp or udp port. If the handshake fails, that is an indicator that somebody else is already camping out on that port.
Does anyone have any links to a more verbose explanation of his stance? This USA Today article is almost as bad as reading the comics. In particular I'm curious as to what orbit he would have had in mind.
Yes, the possible deflection of an object of a given mass and velocity when struck with another object can be calculated. But you miss lots of other important information if you ignore real world tests. Just off the top of my head:
1) You assume that the target object is solid enough to resist being broken into multiple pieces. It does no good to deflect a small chunk of the object while the main mass continues on its normal course.
2) If you are planning on hitting an object enough to deflect it, you need... a bit of practice. The targetting, propulsion and all other such systems are just as big a part of this test as anything else. All the mathematics in the world won't help you play pool with a bad cue.
3) Is a collision with an asteroid likely to be elastic? Will the striking object bounce off of the target or embed itself within it? These are very different models as far as where the force goes.
4) As a side effect, you get more information along the lines of the previous Deep Impact probe.
Heh. So now that we aren't doing the monorail project anymore, lets keep the monorail tax anyway. Were the busses in Seattle so unpopular/expensive that they need to be subsidized this way?
Why are they wasting their time on mp3 players? An mp3 player that can run for 35 hours (per the article) is not much more useful than an mp3 player that can run for 12 hours... but a laptop that could run for 12 hours instead of 4 hours (assuming a 3:1 payoff when compared to traditional batteries) would be incredibly useful.
I am not a planetologist, but I believe the basic mechanism is as follows:
1) The heaviest elements tend to sink downward, to the core. 2) The heaviest elements also tend to be the most radioactive (see your periodic chart) 3) Thusly, you get a concentration of radioactive elements near the core. This concentrated radioactivity contributes to keeping the core warm.
> wouldn't that fool the combined client/server just > as efficiently? >
Yep. That was the point I was trying to make (badly)... there really isn't any point in making it client/server because it would be defeated with the same trick, the client/server complexity wouldn't buy you anything.
This could be largely incoherent, its been a long day:
Regarding the "hop around the port numbers" tactic, depending on how much hopping they do, this would actually make them more findable. One of the major issues I ran into writing this script in originally was what happens to a socket set once the connection is dropped. The TCP/IP stack doesn't actually remove the connection, it sits around in a waiting-for-death state (I have forgotten the actual technical name at the moment) until it has been idle for the timeframe of twice the maximum time to live. The technical reason for this is that it is conceivable that some errant packet may go all the way out by 1 ttl unit, and then wander back by 1 other ttl unit, and until it is no longer possible that any packets will make it home, the stack holds onto that port rather than reassigning it a new connection.
The fun part here is if my scanner scanned numerically, and the OS also is assigning outgoing ports numerically, what you end up with is a mess of everybody stomping on themselves in order (crashing on 1000, then 1001, then 1002... etc) for hundreds and hundreds of ports.
What a port-hopper would run into a situation where his *old* connection, even if he had given it up, would still show up on the scanner as 'in use' for something on the order of an entire minute after the connection was dropped. A substantial amount of port hopping would (after some mathematically calculatable limit) actually make you more easily detectable.
Regarding the client/server version, that wouldn't alleviate my biggest concern: a patched network stack that does an inspect/pass on of interesting packets. If the rootkit is capable of saying "hey, thats mine!" and holding packets that it knows are intended for it and simply passes on all other packets to the "real" port, it wouldn't need to worry about whether or not the machines talking to it were rootkitted or not. They could concievably simply use the Evil Bit for that determination.
I don't think our local script kiddies are going to be that clever though. The way I figure it, if we can force the kiddies to push deeper into the kernel to avoid detection, the harder it will be for their tricks to be version independent and the better off we'll be.
This is a multithreaded script that establishes socket connections between the threads and tries to pass a keyphrase between them. The assumption is that even if windows is compromised, a successfull TCP connection will indicate that the port is really not in use, regardless of what netstat says. Unless a rootkit is slick enough to make multiple programs share a port regardless of SO_REUSEADDR, this should catch it. The drawback, unfortunately, is that it can take a significant amount of time to scan 65,000 odd ports in this manner. Anyway, its GPL, so have at it.
Another fun one, if you're into this sort of thing, is "The Space Merchants" (and less so, its sequel, "The Merchant's War"), by Frederick Pohl, I believe. Its classic 50s style SF regarding a world in which the advertising agencies own the corporations and the governments. Would the Senator from DuPont please take the stand?
I can't find a "submit your site" entry in the random mishmash that is Baidu via Babelfish. Is there any way to submit a site to them for inclusion/spidering? There a whole lot of chinese eyeballs in the world...
Any company where the majority of the cost is in the patching process itself, rather than the testing of the patch, the secondary servers in the test lab that they can make sure it doesn't blow services up on, the payment of skilled people to identify the problems and fix them *when* they happen and various other people costs is of course going to be more expensive than "I set up windows updates once, so now it updates me magically whether I like it or not", even without the reboot thing.
There is also some really iffy logic in breaking down one single piece of the ownership cycle and claiming that it is cheaper and ignoring the rest. I tell you, paying for college for my persistently vegetative child is uber-cheap, I can't say enough for persistent vegetation...
Re:Certification versus Actual Job Experience
on
LPIC 1 Exam Cram 2
·
· Score: 1
Re: Your second (5). Better looks (with certain female exceptions) are not a guarantuer of succes (partially) because (it is human nature for) the boss to not want to feel ugly, bald (or stupid. This also largely rules out the hiring of people obviously smarter (than than the boss)). It is more use to work on your parenthetical references, as they will almost certainly be contacted.
You, my friend, are experiencing one of the common blunders! Besides fighting a land war in asia (assuming you are an american), you are also mixing WARRANTIES up with BADGERS!
Its just so they can disguise a test of the actual ocean-to-space (or land) missile under the cover of a scientific mission.
I would guarantee that the rocket propelling this little experiment is also capable of carrying conventional or nuclear warheads.
The real shock in any of this is that the telecom companies haven't done this already. 802.11b (at least) as been everywhere, at the same price that normal NICs used to cost, for at least 3 years or so. The number of laptops being lugged around by people was huge even then.
Slashdot Mirror
You have got to be kidding me. The elaborate system of dams, resevoirs and aqueducts that serve Los Angeles *alone* do more damage to the environment than any amount of commercial or recreational fishing in California or along the Pacific coast. And don't even get me started on Disneyland. 150 years since slavery was abolished, and mice and ducks are still held in thrall.
Shameless plug: I've written a script that should be able to help find any rootkits that are listening on tcp/udp on windows.
Heres the link
What it does is attempt to handshake with itself on every available tcp or udp port. If the handshake fails, that is an indicator that somebody else is already camping out on that port.
Source is GPL, feedback is always welcome.
Does anyone have any links to a more verbose explanation of his stance? This USA Today article is almost as bad as reading the comics. In particular I'm curious as to what orbit he would have had in mind.
Yes, the possible deflection of an object of a given mass and velocity when struck with another object can be calculated. But you miss lots of other important information if you ignore real world tests. Just off the top of my head:
1) You assume that the target object is solid enough to resist being broken into multiple pieces. It does no good to deflect a small chunk of the object while the main mass continues on its normal course.
2) If you are planning on hitting an object enough to deflect it, you need... a bit of practice. The targetting, propulsion and all other such systems are just as big a part of this test as anything else. All the mathematics in the world won't help you play pool with a bad cue.
3) Is a collision with an asteroid likely to be elastic? Will the striking object bounce off of the target or embed itself within it? These are very different models as far as where the force goes.
4) As a side effect, you get more information along the lines of the previous Deep Impact probe.
Heh. So now that we aren't doing the monorail project anymore, lets keep the monorail tax anyway. Were the busses in Seattle so unpopular/expensive that they need to be subsidized this way?
New Battlestar is #2, second only to Star Trek: TOS.
Why are they wasting their time on mp3 players? An mp3 player that can run for 35 hours (per the article) is not much more useful than an mp3 player that can run for 12 hours... but a laptop that could run for 12 hours instead of 4 hours (assuming a 3:1 payoff when compared to traditional batteries) would be incredibly useful.
I am not a planetologist, but I believe the basic mechanism is as follows:
1) The heaviest elements tend to sink downward, to the core.
2) The heaviest elements also tend to be the most radioactive (see your periodic chart)
3) Thusly, you get a concentration of radioactive elements near the core. This concentrated radioactivity contributes to keeping the core warm.
2001, Arthur C Clark. In reference to approaching the monolith with the Pod's arms extended or folded back.
> wouldn't that fool the combined client/server just
> as efficiently?
>
Yep. That was the point I was trying to make (badly)... there really isn't any point in making it client/server because it would be defeated with the same trick, the client/server complexity wouldn't buy you anything.
This could be largely incoherent, its been a long day:
Regarding the "hop around the port numbers" tactic, depending on how much hopping they do, this would actually make them more findable. One of the major issues I ran into writing this script in originally was what happens to a socket set once the connection is dropped. The TCP/IP stack doesn't actually remove the connection, it sits around in a waiting-for-death state (I have forgotten the actual technical name at the moment) until it has been idle for the timeframe of twice the maximum time to live. The technical reason for this is that it is conceivable that some errant packet may go all the way out by 1 ttl unit, and then wander back by 1 other ttl unit, and until it is no longer possible that any packets will make it home, the stack holds onto that port rather than reassigning it a new connection.
The fun part here is if my scanner scanned numerically, and the OS also is assigning outgoing ports numerically, what you end up with is a mess of everybody stomping on themselves in order (crashing on 1000, then 1001, then 1002... etc) for hundreds and hundreds of ports.
What a port-hopper would run into a situation where his *old* connection, even if he had given it up, would still show up on the scanner as 'in use' for something on the order of an entire minute after the connection was dropped. A substantial amount of port hopping would (after some mathematically calculatable limit) actually make you more easily detectable.
Regarding the client/server version, that wouldn't alleviate my biggest concern: a patched network stack that does an inspect/pass on of interesting packets. If the rootkit is capable of saying "hey, thats mine!" and holding packets that it knows are intended for it and simply passes on all other packets to the "real" port, it wouldn't need to worry about whether or not the machines talking to it were rootkitted or not. They could concievably simply use the Evil Bit for that determination.
I don't think our local script kiddies are going to be that clever though. The way I figure it, if we can force the kiddies to push deeper into the kernel to avoid detection, the harder it will be for their tricks to be version independent and the better off we'll be.
Since its vaguely on topic, and I'd like feedback if I can get it, here is some shameless whoring for a Free rootkit detection program I wrote:
Heres the URL
This is a multithreaded script that establishes socket connections between the threads and tries to pass a keyphrase between them. The assumption is that even if windows is compromised, a successfull TCP connection will indicate that the port is really not in use, regardless of what netstat says. Unless a rootkit is slick enough to make multiple programs share a port regardless of SO_REUSEADDR, this should catch it. The drawback, unfortunately, is that it can take a significant amount of time to scan 65,000 odd ports in this manner. Anyway, its GPL, so have at it.
Another fun one, if you're into this sort of thing, is "The Space Merchants" (and less so, its sequel, "The Merchant's War"), by Frederick Pohl, I believe. Its classic 50s style SF regarding a world in which the advertising agencies own the corporations and the governments. Would the Senator from DuPont please take the stand?
I can't find a "submit your site" entry in the random mishmash that is Baidu via Babelfish. Is there any way to submit a site to them for inclusion/spidering? There a whole lot of chinese eyeballs in the world...
Any company where the majority of the cost is in the patching process itself, rather than the testing of the patch, the secondary servers in the test lab that they can make sure it doesn't blow services up on, the payment of skilled people to identify the problems and fix them *when* they happen and various other people costs is of course going to be more expensive than "I set up windows updates once, so now it updates me magically whether I like it or not", even without the reboot thing.
There is also some really iffy logic in breaking down one single piece of the ownership cycle and claiming that it is cheaper and ignoring the rest. I tell you, paying for college for my persistently vegetative child is uber-cheap, I can't say enough for persistent vegetation...
Re: Your second (5). Better looks (with certain female exceptions) are not a guarantuer of succes (partially) because (it is human nature for) the boss to not want to feel ugly, bald (or stupid. This also largely rules out the hiring of people obviously smarter (than than the boss)). It is more use to work on your parenthetical references, as they will almost certainly be contacted.
You, my friend, are experiencing one of the common blunders! Besides fighting a land war in asia (assuming you are an american), you are also mixing WARRANTIES up with BADGERS!
Nothing like 6 months to a year of lead-time to make yourself the next Dreamcast.
Microsoft isn't open on weekends? Is that too much to ask a multi-billion dollar company?
Waiting until monday (especially as weekend time is usually the best to schedule downtime) strikes me as a silly idea.
Its just so they can disguise a test of the actual ocean-to-space (or land) missile under the cover of a scientific mission. I would guarantee that the rocket propelling this little experiment is also capable of carrying conventional or nuclear warheads.
I've seen it. Thing is though, if a musical piece doesn't reference swans or sugarplums, I just zone right the fuck out.
All the filter would have to do is add comments and write documentation. Instantly unrecognizable code.
I didn't recognize it offhand. Here is a midi:
http://www.ettnet.se/~tradare/mid/bolero.mid
It is kind of Zelda-esque.
The real shock in any of this is that the telecom companies haven't done this already. 802.11b (at least) as been everywhere, at the same price that normal NICs used to cost, for at least 3 years or so. The number of laptops being lugged around by people was huge even then.
The only sad truth to emerge from this entire convention... There aren't any women in the future.