for others to follow? I mean think about it, you get to appear/seem open which is a huge bonus for the geek community (I'm sure a lot of posts will be about how great it is), while on the other hand you are raking in free innovation. Sort of like an upbeat take on Google Hacks, where a lot of people take an open service (Google Maps quasi-excluded) and do things with it, furthering the use of the service and gaining more notoriety for it.
So while all of us clamor about how great some new hack on the open service is, the BBC will be raking in the publicity and dough. Not that we can really complain.
I don't see why they should. I've had a significant amount of luck using it before for gathering work for research papers and upper division writing classes (Comp Sci ones that is). I've also used it a bit in my offtime to look for some cool things, though I havn't had much luck in that regard.
After watching this I peed myself, and memories of the Penny Arcade comic about Americas Army flushed into my mind, whizzing around for many a minute, until it flowed out gracefully.
I personally won't use it much. I like to be looking at either a map or a satellite, but not some combination. While I'm sure there will be plenty of neat hacks on this, and all sorts of other great things done with it, I just don't feel it.
On a side note, I am wondering who exactly is doing QA testing for all of these things, given how much square mileage is covered and how poorly some things may match up.
You want to put PHP/Java into a life-or-death critical system? Not only do these languages likely explicitly disallow this behavior since it would likely open them up to litigation, but it would probably be really bad when the Java VM or some PHP lib bug causes the failure of the system. If you look closely at the agreements of just about large software you install (Windows if you swing that way), you'll probably see a list of things disallowed. I believe Windows 2000 or XP explicitly disallowed it being put to use as a base for systems software in places like planes, nuclear reactors, etc. Of course other software/license agreements can be had if you really need something more stable, but thats probably not something you can get from Sun for Java or the PHP project.
But still powerfully weak. While I'm sure the bass output from it is strong, that thing just doesn't have the sheer wattage or box design, or even a speaker worth a damn. Its minimally interesting only because the guy made a purty looking box, but for real home theatre you are better off with something ported and tuned for low frequencies (however low you consider "low").
What are we going to see next on Slashdot? A review for the movie "Scr1pt k1dd15"? I was interested when I saw the link and after clicking on it, I was sadly disappointed. This has nothing to do with SSH, and could just as easily be used on Apache logins, FTP, Telnet, IRC, etc. Brute forcing is an old concept and is the whole reason you are supposed to use strong passwords (well that and offline password attacks).
$20 million is pretty darn cheap for the whole thing. I'm a little curious about the methodology for getting the thing into space. Correct me if I'm wrong but isn't this one of the teams that was competing for the X-Prize, which puts things into "space" but not into an orbital launch? Did the group adapt its developed technologies to a more rugged device that will be able to reach a large distance to the moon, or is the IPS that great at moving things into space?
Man some days I really wish I had would have pursued a degree in rocket science.
If I had mod points I wouldn't. BSD has excellent security from what I've seen (I havn't had time to experiment enough with it yet so this is opinion) primarily because they have such high standards for code quality. When I was looking up comparisons before of Linux vs BSD, it seems like BSD takes a lot of proactive measures from the get-go, but not as much as something like SELinux. From what I've read in fact BSD has borrowed from SELinux because face it: Good security is good security. If somebody else has a good idea why not use it? It's like settling for ROT13 when RSA is knocking at your door.
Where are the proactive security systems for Windows? Sure, Windows by default has a fairly rigorous ACL system by default (at least in comparison to classical Linux ACL's), but trying to measure the security of a system solely on how many exploitable bugs it has is just a poor measurement method. With projects like SELinux, GRSecurity, Pax, different implementations of active bounds checkers as well as stack smashers, and good implementations like Hardened Gentoo (Debian has a hardened project but I havn't tried it) I don't particularly see how Windows has a chance in hell.
I don't know of any person with a Windows box who will hand out an admin account, but there are Gentoo Hardened devs who hand out root on their SELinux test rigs. Why? Because the system is secure enough to hand out root.
Yeah, full blown bounds checking on everything. No matter what you try to do it is still a huge performance hit, and you are far better off using something which is just as potent like SSP. The bigger problem is that getting Bounds Checking to work completely on C++ is a bit harder than it sounds, and afaik there is no fully implemented patch available for any version of gcc, though there are many partial and/or attempted implementation. When I looked around for more information on active bounds checking I discovered that a lot of people talk about it, but nobody implements. There are plenty of papers on the issue but I've yet to see working and tested code.
I didn't know what it was, in fact, I posted a question about it when a Firefly article came up and I was modded -1 Offtopic. Not everybody can get cable television or can be up to date on bloody everything, just don't assume everybody is the same as you. We are a very diverse group of nerds.
So there are...
on
Zeta Goes Gold
·
· Score: 2, Interesting
No screenshots. No comparisons. The forums lack any real information except "Does this work" and "It's broken". I'm particularly not impressed. I don't want to toy with anything, let alone pay for it, without being able to see what it is.
Except that you are vulnerable for that day. It still makes you vulnerable, just because its for less time doesn't make it "not vulnerable". While I don't think thats not such a bad start, it has problems. A one-time password set, or a one-time password set on some sort of fake account on some other box that isn't important would be much more secure and likely to fend off attacks.
I know a lot of people who its helped, and a lot of people who it has harmed. What we should be doing is promoting an environment for learning, and showing how important it is for some people to go to higher education. The first thing I was really taught at my University was in my lower division writing courses where we were analyzing essays about how much college is a waste of money. The scary thing: the teacher agreed. A lot of people were taken back by this, and didn't really think much of it. They were of course, already at the "institution", they didn't want to hear that they were blowing money. A lot of the kids in that class really missed the point: that you should be at the University for yourself. Don't go because your parents tell you to, don't go because you think it'll raise your average salary by another 5 grand, don't go because your grand-daddy couldn't. GO BECAUSE YOU WANT TO AND YOU THINK YOU CAN TAKE SOMETHING AWAY FROM IT! Getting in and telling students, at nearly any educational level the truth is the only way that they can really start taking things that they are taught seriously. I mean frankly, if I were in charge of speaker scheduling I would be happy to invite this style of speaker to talk so that students can get a much needed reality check.
Agreed. I maintain about 10 different styles of passwords in the memory of my brain, ranging from simple (54321 anyone?) on non-critical devices all the way to 15-character intense passwords. My best suggestion to travelling would be to use a second e-mail account and use mail forwarding to that account. Set it all up beforehand, and then you don't have to worry about your passwords being violated since you use a lower-rated password for the fake account. Change accounts often while travelling and don't access your secure machines unless you use a one-time-password system and change your password often as well.
with making everything hi-tech? I mean these days you can get just about anything that is wired, high-tech, and overdeveloped. Its technologies such as this that are nice as an art, but fail to really push the bounds of technology since they have limited applicability. Who wants to spend 110 grand on a set of garbage bins? Not me. Not anybody I know.
While I applaud the effort for making it artsy and cool, trying to say that the technology is useful for anything else preemptively is well, marketing bullshit and hype. It's nice to dream but sometimes we have to all keep our feet on the ground.
Basically. A while ago I found a hot deal on a 32 or so pack of 200cfm 120mm Delta fans, and I started running the numbers and realized that when you start stacking so many fans together, you can create a significant amount of breeze. A wall of two packs of fans would have came out to like 40 or 50mph going through a reduced space to increase velocity. Unfortunately, such a thing is really a pipe dream because the fans can never hold pressure at this velocity, putting together a large number of fans doesn't mean its going to be cool, just that theres a lot of air flowing (water cooling/peltier cooling are much more efficient at removing heat effectively).
It's bad when a vulnerability listed in a few year old Hacking Exposed book scares me. I'd say that it would be a good start to use telnet for web browsing but even the telnet client I was using had a buffer overflow exploit. Le sigh!
This is just a marketing extension really, businesses have long since been hiring people to go "put out the good word" for them. It happened for a long time on the Internet without many people noticing, with company rep's using a sock puppet attack to gain support for some company. I've seen them all over tons of forums (usually given away by talking about _any_ company and having less than 5-10 posts, and all those posts being total garbage), onto IRC for certain channels of people counter-pointing some viewpoint, and even in Slashvertising. Seriously folks, nothing to see here, move along.
Eudora lacks a lot of the features that Outlook has, but works very effectively at simply reading and writing mail. Managing it is sort of a chore, which is why I welcome an easy and open alternative. I havn't really bothered to look anywhere ever since I made the switch, and so seeing this is rather eye opening. Sadly I now feel like I am missing out on a lot of things (easy to manage contact lists, calenders).
I made the move a long time ago on my Windows machine from Outlook to Eudora, but after looking at the image comparison I think I might switch to some open alternative. Especially judging how easy the configuration appears to be on the open alternatives. Good to see that the interfaces are starting to look fairly standardized.
I'm glad that more companies are starting to pick up on cheap hardware combined with free software. This will be great for the "moms and pops" who don't care about what they use as long as it works. By offering lots of cheap (with specific hardware) companies can reduce costs for support since there arn't options. It's undercutting the competition just like Ford did, you can have "any color you want, as long as its black". Looking at the specs on the system they don't seem that bad, comparable to a deal Frys had a few weekends ago where you could pick up a full system for $100 (Sempron, CD-Rom, Harddrive, case etc). Some ram upgrade and those machines would probably be plenty for most users.
a userfriendly comic where Pitr is upset at being spammed. He discovers that the mail servers are Linux and are inseucre. The next clip is of a guy behind a computer frowning at "su: user does not exist."
Theres a followup comic where all of the spammers Internet Traffic are routed to Mars. "But Mars doesn't have any... oh."
All this really means is that eventually phishers and scammers will get smarter and run TrustedBSD, OpenBSD, SELinux, or some other hardened variant using mainly static pages and highly developed systems. It's really a never ending battle.
Slashdot Mirror
for others to follow? I mean think about it, you get to appear/seem open which is a huge bonus for the geek community (I'm sure a lot of posts will be about how great it is), while on the other hand you are raking in free innovation. Sort of like an upbeat take on Google Hacks, where a lot of people take an open service (Google Maps quasi-excluded) and do things with it, furthering the use of the service and gaining more notoriety for it.
So while all of us clamor about how great some new hack on the open service is, the BBC will be raking in the publicity and dough. Not that we can really complain.
I don't see why they should. I've had a significant amount of luck using it before for gathering work for research papers and upper division writing classes (Comp Sci ones that is). I've also used it a bit in my offtime to look for some cool things, though I havn't had much luck in that regard.
After watching this I peed myself, and memories of the Penny Arcade comic about Americas Army flushed into my mind, whizzing around for many a minute, until it flowed out gracefully.
I guess my penis is proud of me.
I personally won't use it much. I like to be looking at either a map or a satellite, but not some combination. While I'm sure there will be plenty of neat hacks on this, and all sorts of other great things done with it, I just don't feel it.
On a side note, I am wondering who exactly is doing QA testing for all of these things, given how much square mileage is covered and how poorly some things may match up.
You want to put PHP/Java into a life-or-death critical system? Not only do these languages likely explicitly disallow this behavior since it would likely open them up to litigation, but it would probably be really bad when the Java VM or some PHP lib bug causes the failure of the system. If you look closely at the agreements of just about large software you install (Windows if you swing that way), you'll probably see a list of things disallowed. I believe Windows 2000 or XP explicitly disallowed it being put to use as a base for systems software in places like planes, nuclear reactors, etc. Of course other software/license agreements can be had if you really need something more stable, but thats probably not something you can get from Sun for Java or the PHP project.
But still powerfully weak. While I'm sure the bass output from it is strong, that thing just doesn't have the sheer wattage or box design, or even a speaker worth a damn. Its minimally interesting only because the guy made a purty looking box, but for real home theatre you are better off with something ported and tuned for low frequencies (however low you consider "low").
And a better speaker would probably be good too.
What are we going to see next on Slashdot? A review for the movie "Scr1pt k1dd15"? I was interested when I saw the link and after clicking on it, I was sadly disappointed. This has nothing to do with SSH, and could just as easily be used on Apache logins, FTP, Telnet, IRC, etc. Brute forcing is an old concept and is the whole reason you are supposed to use strong passwords (well that and offline password attacks).
$20 million is pretty darn cheap for the whole thing. I'm a little curious about the methodology for getting the thing into space. Correct me if I'm wrong but isn't this one of the teams that was competing for the X-Prize, which puts things into "space" but not into an orbital launch? Did the group adapt its developed technologies to a more rugged device that will be able to reach a large distance to the moon, or is the IPS that great at moving things into space?
Man some days I really wish I had would have pursued a degree in rocket science.
If I had mod points I wouldn't. BSD has excellent security from what I've seen (I havn't had time to experiment enough with it yet so this is opinion) primarily because they have such high standards for code quality. When I was looking up comparisons before of Linux vs BSD, it seems like BSD takes a lot of proactive measures from the get-go, but not as much as something like SELinux. From what I've read in fact BSD has borrowed from SELinux because face it: Good security is good security. If somebody else has a good idea why not use it? It's like settling for ROT13 when RSA is knocking at your door.
Where are the proactive security systems for Windows? Sure, Windows by default has a fairly rigorous ACL system by default (at least in comparison to classical Linux ACL's), but trying to measure the security of a system solely on how many exploitable bugs it has is just a poor measurement method. With projects like SELinux, GRSecurity, Pax, different implementations of active bounds checkers as well as stack smashers, and good implementations like Hardened Gentoo (Debian has a hardened project but I havn't tried it) I don't particularly see how Windows has a chance in hell.
I don't know of any person with a Windows box who will hand out an admin account, but there are Gentoo Hardened devs who hand out root on their SELinux test rigs. Why? Because the system is secure enough to hand out root.
Yeah, full blown bounds checking on everything. No matter what you try to do it is still a huge performance hit, and you are far better off using something which is just as potent like SSP. The bigger problem is that getting Bounds Checking to work completely on C++ is a bit harder than it sounds, and afaik there is no fully implemented patch available for any version of gcc, though there are many partial and/or attempted implementation. When I looked around for more information on active bounds checking I discovered that a lot of people talk about it, but nobody implements. There are plenty of papers on the issue but I've yet to see working and tested code.
That also requires a tv with rabbit ears :) Such luxuries!
I didn't know what it was, in fact, I posted a question about it when a Firefly article came up and I was modded -1 Offtopic. Not everybody can get cable television or can be up to date on bloody everything, just don't assume everybody is the same as you. We are a very diverse group of nerds.
No screenshots. No comparisons. The forums lack any real information except "Does this work" and "It's broken". I'm particularly not impressed. I don't want to toy with anything, let alone pay for it, without being able to see what it is.
Except that you are vulnerable for that day. It still makes you vulnerable, just because its for less time doesn't make it "not vulnerable". While I don't think thats not such a bad start, it has problems. A one-time password set, or a one-time password set on some sort of fake account on some other box that isn't important would be much more secure and likely to fend off attacks.
I know a lot of people who its helped, and a lot of people who it has harmed. What we should be doing is promoting an environment for learning, and showing how important it is for some people to go to higher education. The first thing I was really taught at my University was in my lower division writing courses where we were analyzing essays about how much college is a waste of money. The scary thing: the teacher agreed. A lot of people were taken back by this, and didn't really think much of it. They were of course, already at the "institution", they didn't want to hear that they were blowing money. A lot of the kids in that class really missed the point: that you should be at the University for yourself. Don't go because your parents tell you to, don't go because you think it'll raise your average salary by another 5 grand, don't go because your grand-daddy couldn't. GO BECAUSE YOU WANT TO AND YOU THINK YOU CAN TAKE SOMETHING AWAY FROM IT! Getting in and telling students, at nearly any educational level the truth is the only way that they can really start taking things that they are taught seriously. I mean frankly, if I were in charge of speaker scheduling I would be happy to invite this style of speaker to talk so that students can get a much needed reality check.
Agreed. I maintain about 10 different styles of passwords in the memory of my brain, ranging from simple (54321 anyone?) on non-critical devices all the way to 15-character intense passwords. My best suggestion to travelling would be to use a second e-mail account and use mail forwarding to that account. Set it all up beforehand, and then you don't have to worry about your passwords being violated since you use a lower-rated password for the fake account. Change accounts often while travelling and don't access your secure machines unless you use a one-time-password system and change your password often as well.
with making everything hi-tech? I mean these days you can get just about anything that is wired, high-tech, and overdeveloped. Its technologies such as this that are nice as an art, but fail to really push the bounds of technology since they have limited applicability. Who wants to spend 110 grand on a set of garbage bins? Not me. Not anybody I know.
While I applaud the effort for making it artsy and cool, trying to say that the technology is useful for anything else preemptively is well, marketing bullshit and hype. It's nice to dream but sometimes we have to all keep our feet on the ground.
Basically. A while ago I found a hot deal on a 32 or so pack of 200cfm 120mm Delta fans, and I started running the numbers and realized that when you start stacking so many fans together, you can create a significant amount of breeze. A wall of two packs of fans would have came out to like 40 or 50mph going through a reduced space to increase velocity. Unfortunately, such a thing is really a pipe dream because the fans can never hold pressure at this velocity, putting together a large number of fans doesn't mean its going to be cool, just that theres a lot of air flowing (water cooling/peltier cooling are much more efficient at removing heat effectively).
It's bad when a vulnerability listed in a few year old Hacking Exposed book scares me. I'd say that it would be a good start to use telnet for web browsing but even the telnet client I was using had a buffer overflow exploit. Le sigh!
This is just a marketing extension really, businesses have long since been hiring people to go "put out the good word" for them. It happened for a long time on the Internet without many people noticing, with company rep's using a sock puppet attack to gain support for some company. I've seen them all over tons of forums (usually given away by talking about _any_ company and having less than 5-10 posts, and all those posts being total garbage), onto IRC for certain channels of people counter-pointing some viewpoint, and even in Slashvertising. Seriously folks, nothing to see here, move along.
Eudora lacks a lot of the features that Outlook has, but works very effectively at simply reading and writing mail. Managing it is sort of a chore, which is why I welcome an easy and open alternative. I havn't really bothered to look anywhere ever since I made the switch, and so seeing this is rather eye opening. Sadly I now feel like I am missing out on a lot of things (easy to manage contact lists, calenders).
I made the move a long time ago on my Windows machine from Outlook to Eudora, but after looking at the image comparison I think I might switch to some open alternative. Especially judging how easy the configuration appears to be on the open alternatives. Good to see that the interfaces are starting to look fairly standardized.
I'm glad that more companies are starting to pick up on cheap hardware combined with free software. This will be great for the "moms and pops" who don't care about what they use as long as it works. By offering lots of cheap (with specific hardware) companies can reduce costs for support since there arn't options. It's undercutting the competition just like Ford did, you can have "any color you want, as long as its black". Looking at the specs on the system they don't seem that bad, comparable to a deal Frys had a few weekends ago where you could pick up a full system for $100 (Sempron, CD-Rom, Harddrive, case etc). Some ram upgrade and those machines would probably be plenty for most users.
a userfriendly comic where Pitr is upset at being spammed. He discovers that the mail servers are Linux and are inseucre. The next clip is of a guy behind a computer frowning at "su: user does not exist." Theres a followup comic where all of the spammers Internet Traffic are routed to Mars. "But Mars doesn't have any... oh." All this really means is that eventually phishers and scammers will get smarter and run TrustedBSD, OpenBSD, SELinux, or some other hardened variant using mainly static pages and highly developed systems. It's really a never ending battle.