This sort of scheme has been tried and failed, for two reasons-
It's too easy to fake the 'system id' number, or just trick the code that checks it.
It is too easy to accidentally do something that changes the number, causing the software to fail.
The hardware fingerprint is generally the MAC of the primary ethernet card (in a system with ethernet). So if you change your primary network card, the fingerprint changes.
This can be a major problem on laptops. My laptop did not come with onboard ethernet, and I switch out the PCMCIA ethernet card on a regular basis, plus each of my docking stations has an ethernet interface with it's own unique MAC.
It's often very easy to change the MAC on an ethernet card, but if you have two machines on the same network segment with the same MAC, strange things happen.
I have a 12-disk changer in the car, the cartridges for car changers are incompatible with any home stereo changer (I know, I looked).
I have some disks that are 'out of print', and cannot be replaced at any costs.
I keep CD-R duplicates in the car, from originals I own, partly for convenience, but mostly so if the CDs in the car get scratched, stolen, torched, etc, I am out a few bucks in CD-R media instead of a few hundred in original CDs.
This is a computer monitor. It does include VGA D-sub-15 connection and DVI-D (the LCD computer monitor standard). The manual explicitly states VGA, SVGA, and WUXGA are supported. The monitor will also accept NTSC video- that is analog, unencrypted, unprotected movies.
From their website:
Digital Interface
As SyncMaster 240T is a digital monitor, there is no problem combining it with other digital equipment. SyncMaster 240T has s dual Input feature, which allows convenient switching between two computer through an input selector.
In my experience, barring abuse, an LCD will last longer than a CRT.
Tube based monitors have several problems that come with age. The phosphors can burn in, they can lose vacumn, the electron gun can lose accuracy and coherence (fuzz out), and all phosphor based monitors lose brightness over time.
Generally, if an LCD doesn't go bad in the first six months, it will last until you break it, or until the backlighting burns out, which part can often be replaced seperately.
LCD projectors tend to fail due to heat. LCD in laptops tend to fail due to the flexible connection in the hinged lid. LCD in handhelds tend to fail due to impact, flexing, and bad electrical connections. An LCD monitor should not be subject to any of these problems.
DVI is a good thing. It is entirely unrelated to copy-protection.
Ever look at the el-cheapo LCD monitors sold at CompUSA and wonder why they don't have the sharpness of a laptop display? It's the analog signal path.
To my eyes, analog (VGA D-Sub-15) LCD monitors look pretty bad. Some of the least expensive models exhibit noticeable 'jitter', which makes them WORSE than a regular CRT display.
He was working in IT for a publically held firm, had been there for years and now has extensive experience in technology related to a particular financial field.
He accepted a job with a company that, while not exactly a direct competitor, was physically located in the same region, and also related to finance. He gave notice, and started at the new firm.
A few weeks later, he was unemployed.
His former employer basically forced his new company to terminate him, based on his non-compete. The real motive was revenge for leaving the company, and his solution to the problem was to find a new job, and this time not tell anybody at his original employer the name or industry of the new employer.
The moral of the story is, make a clean break with your old employer- what they don't know can't be used to sue you.
If it was created off school property, without using any school resources, and the creator did not distribute it on school property, he should not be at fault.
This is no different than if the student had paid to have an ad published in the local weekly 'Free Shopper Ad Paper'.
If he had bought an ad in a traditional print-on-dead-trees publication, and other students had brought copies of that ad to the school and shown them around, would he have been suspended?
Just because the internet makes the 'printing press' nearly free, does not always mean that we should ignore two hundred years of laws relating to old school publishing.
Their liquor laws are a symptom of a larger problem.
I avoid Utah not specifically because of their unusual liquor laws, but because of the attitude of the LDS Church, which has undue influence on the government of the state.
If you are not a mormon, you are are second-class citizen in Utah. It's like being a black person in a Southern state, there's a undercurrent of disrespect towards non-mormons in large groups of the Utah population, especially in SLC.
Aside from unavoidable stopovers on the way to Vegas, I've visited Utah, including driving through SLC with a short stop overnight, and saw no reason (other than the scenery) to ever return.
Sun offers both platforms free for any use, on any system with "8 or fewer CPUs". They had been charging ~$75 for 'media' which included around a half-dozen disks, including Star Office.
Sun now offers compressed ISO images for download, as mentioned in another comment. No charge, just a simple license.
2. What can I do with the binary (runtime) version of the Solaris 8 Operating Environment? You can use the Solaris 8 runtime environment at home or at work, for business or personal computing.
No, it's not GPL, but not everything of value in the world is released under the GPL. Get over it.
When I first started in the ISP industry, on June 2, 1993, the Internet was primarily intended for non-commercial use.
Our first upstream provider, UUNet, requested that we sign an AUP for access to the 'educational purposes' part of the internet, stating that we would not use those portions of the backbone for commercial purposes.
We refused to sign this statement. We informed our customers of the situation and that they might encounter issues with certain educational networks being unreachable, but it never was a problem.
Over the next couple of years more providers came onto the scene, and the 'educational purposes' restriction fell by the wayside.
There is a distinct difference between 'copyright' and 'trademark'. You cannot claim a copyright to a name, you claim copyright on a 'work', such as Linux, or a book, or a poem.
Trademark is protection for a name, symbol, or other 'mark' used in trade. Thus the restriction that a trademark must be 'used in commerce' to be valid (registerable).
In U.S. law, your copyright protections are automatic, and do not need to be registered. Trademarks generally need to be registered, and with the exception of 'famous marks' (IBM, Porsche, Microsoft, etc), are limited to a specific market.
For example, it is possible for 'listar' the mailing list software to co-exist with 'listar' the toothpaste for cigar smokers, and not have a trademark violation. But because 'Microsoft' is a famous mark, if you decided to make small chewy cookies as 'Microsoft bakery', then Microsoft the mega-software company has a case against you.
There was an article in the Chicago Tribune about a week ago discussing the use of encryption by US Mafioso, and how the U.S. Government broke his PGP encrypted files by keystroke logging.
Taken together, this is obviously collusion between the U.S. Government and the Media to garner public support for "key escrow" and other restrictions on encryption.
My solution is to land the AirPort segment on a DMZ interface that can talk to only one device- a VPN endpoint 'switch' from Cisco or Nortel.
VPN solves the issue of using 'untrusted' internet connections to connect to the local trusted network, so it's an obvious solution to using untrusted wireless transmissions which have similar security risks to using the Internet... sniffing, MITM, etc.
Any time a consulting firm takes on a reseller relationship where they are receiving a commision, kickback or other consideration for selling their client on a particular solution, their ethics are compromised.
This doesn't seem to stop most consultants from doing so. Personally, I don't have any objection to logo coffee cups and T-shirts, but I tend to feel a bit guilty accepting a free lunch from vendors.
ESD precautions are more superstition than anything else. If the case is grounded, power is turned off, and you are in contact with the chassis, then "touching every card inside the computer" isn't going to do any harm.
When I'm consulting, the only time I ever use an ESD wrist band is when I'm working with such high end (tens of thousands per system) servers that I don't want to take any chance that my company might have to pay to replace a failed component because we cannot prove it wasn't our fault...
: Unknown to the 100,000 people who passed
through the turnstiles... The cameras identified 19 people with criminal histories, none of them of a "significant" nature, Tampa authorities said.
19 out of 100,000 or 99.981% accurate!
The system found 19 criminals in 100,000 people. That has no relation to the % accuracy unless we know how many false positives and false negatives were recorded.
Although they didn't explain what
constitutes an "insignificant" history, lets assume that anything that makes it into a
history - parking tickets, public intoxication, being a registered Democrat...
Obviously the criteria are those for whom a picture exists in the database of "people with a significant criminal history". IOW, people with mug shots.
Your picture isn't taken when you get a parking ticket.
I find some of the design decisions Dan makes to be annoying, but I'm willing to work within his framework for the improvements in performance and security.
For servers that don't need full-blown BIND authoritative name resolution, dnscache is a great way to get caching name service with minimal configuration to get it up and running.
It is possible to run dnscache without daemontools.
I theorize that if DJB-DNS and qmail were as widely used as BIND and sendmail that both of the former applications would see their share of exploits.
maru
Interesting theory. Too bad it's completely bogus.
Sendmail and BIND are exploited more often than other applications with similar functionality for several reasons:
Sendmail and BIND are widely used
Sendmail and BIND are huge monolithic programs
Sendmail and BIND were not originally written with security in mind.
The 'limited userbase' aspect of QMail and DJBdns may be one factor in the LACK of exploits for those applications, but the other two factors are much more important.
Qmail and DJBDNS are composed of massively fewer lines of source code, are much less complex with less support for legacy functionality, and were designed from the ground up to be secure.
There are fewer exploits of Dan Bernstein's applications than Paul Vixie's because Dan's code has fewer bugs to be found and exploited. djbdns is inherently more secure than BIND, regardless of the number of sites using it.
The 'CORE' mailing list was similar to what is proposed for BIND, and archives were actively traded between hackers in the late 1990's. I still have a copy somewhere.
Exploits for 'statd' were traded in the underground for years before the problem became public.
Slashdot Mirror
The hardware fingerprint is generally the MAC of the primary ethernet card (in a system with ethernet). So if you change your primary network card, the fingerprint changes.
This can be a major problem on laptops. My laptop did not come with onboard ethernet, and I switch out the PCMCIA ethernet card on a regular basis, plus each of my docking stations has an ethernet interface with it's own unique MAC.
It's often very easy to change the MAC on an ethernet card, but if you have two machines on the same network segment with the same MAC, strange things happen.
I have some disks that are 'out of print', and cannot be replaced at any costs.
I keep CD-R duplicates in the car, from originals I own, partly for convenience, but mostly so if the CDs in the car get scratched, stolen, torched, etc, I am out a few bucks in CD-R media instead of a few hundred in original CDs.
This is a computer monitor. It does include VGA D-sub-15 connection and DVI-D (the LCD computer monitor standard). The manual explicitly states VGA, SVGA, and WUXGA are supported. The monitor will also accept NTSC video- that is analog, unencrypted, unprotected movies.
From their website:
Tube based monitors have several problems that come with age. The phosphors can burn in, they can lose vacumn, the electron gun can lose accuracy and coherence (fuzz out), and all phosphor based monitors lose brightness over time.
Generally, if an LCD doesn't go bad in the first six months, it will last until you break it, or until the backlighting burns out, which part can often be replaced seperately.
LCD projectors tend to fail due to heat. LCD in laptops tend to fail due to the flexible connection in the hinged lid. LCD in handhelds tend to fail due to impact, flexing, and bad electrical connections. An LCD monitor should not be subject to any of these problems.
Ever look at the el-cheapo LCD monitors sold at CompUSA and wonder why they don't have the sharpness of a laptop display? It's the analog signal path.
To my eyes, analog (VGA D-Sub-15) LCD monitors look pretty bad. Some of the least expensive models exhibit noticeable 'jitter', which makes them WORSE than a regular CRT display.
If you are lucky, you might get 2-weeks severance.
He was working in IT for a publically held firm, had been there for years and now has extensive experience in technology related to a particular financial field.
He accepted a job with a company that, while not exactly a direct competitor, was physically located in the same region, and also related to finance. He gave notice, and started at the new firm.
A few weeks later, he was unemployed.
His former employer basically forced his new company to terminate him, based on his non-compete. The real motive was revenge for leaving the company, and his solution to the problem was to find a new job, and this time not tell anybody at his original employer the name or industry of the new employer.
The moral of the story is, make a clean break with your old employer- what they don't know can't be used to sue you.
This is no different than if the student had paid to have an ad published in the local weekly 'Free Shopper Ad Paper'.
If he had bought an ad in a traditional print-on-dead-trees publication, and other students had brought copies of that ad to the school and shown them around, would he have been suspended?
Just because the internet makes the 'printing press' nearly free, does not always mean that we should ignore two hundred years of laws relating to old school publishing.
I avoid Utah not specifically because of their unusual liquor laws, but because of the attitude of the LDS Church, which has undue influence on the government of the state.
If you are not a mormon, you are are second-class citizen in Utah. It's like being a black person in a Southern state, there's a undercurrent of disrespect towards non-mormons in large groups of the Utah population, especially in SLC.
Aside from unavoidable stopovers on the way to Vegas, I've visited Utah, including driving through SLC with a short stop overnight, and saw no reason (other than the scenery) to ever return.
What P2P 'file sharing' service should I install if I want to share my files with my friends, most of whom run Win95?
What P2P client should I install if I want to be able to download MP3s from random strangers? Which alternative to Napster has the biggest library?
Lastly, which service gives me the most 'protection' (anonymity, etc) against being sued by RIAA or raided by the FBI?
Sun now offers compressed ISO images for download, as mentioned in another comment. No charge, just a simple license.
From The official FAQ:
No, it's not GPL, but not everything of value in the world is released under the GPL. Get over it.
Our first upstream provider, UUNet, requested that we sign an AUP for access to the 'educational purposes' part of the internet, stating that we would not use those portions of the backbone for commercial purposes.
We refused to sign this statement. We informed our customers of the situation and that they might encounter issues with certain educational networks being unreachable, but it never was a problem.
Over the next couple of years more providers came onto the scene, and the 'educational purposes' restriction fell by the wayside.
Why should Linux get all the eyeballs?
If any item ever deserved a mandatory warning notice, it would be "The Painted Bird".
There is a distinct difference between 'copyright' and 'trademark'. You cannot claim a copyright to a name, you claim copyright on a 'work', such as Linux, or a book, or a poem.
Trademark is protection for a name, symbol, or other 'mark' used in trade. Thus the restriction that a trademark must be 'used in commerce' to be valid (registerable).
In U.S. law, your copyright protections are automatic, and do not need to be registered. Trademarks generally need to be registered, and with the exception of 'famous marks' (IBM, Porsche, Microsoft, etc), are limited to a specific market.
For example, it is possible for 'listar' the mailing list software to co-exist with 'listar' the toothpaste for cigar smokers, and not have a trademark violation. But because 'Microsoft' is a famous mark, if you decided to make small chewy cookies as 'Microsoft bakery', then Microsoft the mega-software company has a case against you.
Taken together, this is obviously collusion between the U.S. Government and the Media to garner public support for "key escrow" and other restrictions on encryption.
The moral of the story is to always obtain peer review (by qualified peers) before publishing your results!
VPN solves the issue of using 'untrusted' internet connections to connect to the local trusted network, so it's an obvious solution to using untrusted wireless transmissions which have similar security risks to using the Internet... sniffing, MITM, etc.
This doesn't seem to stop most consultants from doing so. Personally, I don't have any objection to logo coffee cups and T-shirts, but I tend to feel a bit guilty accepting a free lunch from vendors.
When I'm consulting, the only time I ever use an ESD wrist band is when I'm working with such high end (tens of thousands per system) servers that I don't want to take any chance that my company might have to pay to replace a failed component because we cannot prove it wasn't our fault...
Not only is it $59.95 on the Sega Store, it's also backordered.
The system found 19 criminals in 100,000 people. That has no relation to the % accuracy unless we know how many false positives and false negatives were recorded.
Obviously the criteria are those for whom a picture exists in the database of "people with a significant criminal history". IOW, people with mug shots.Your picture isn't taken when you get a parking ticket.
For servers that don't need full-blown BIND authoritative name resolution, dnscache is a great way to get caching name service with minimal configuration to get it up and running.
It is possible to run dnscache without daemontools.
Interesting theory. Too bad it's completely bogus.
Sendmail and BIND are exploited more often than other applications with similar functionality for several reasons:
- Sendmail and BIND are widely used
- Sendmail and BIND are huge monolithic programs
- Sendmail and BIND were not originally written with security in mind.
The 'limited userbase' aspect of QMail and DJBdns may be one factor in the LACK of exploits for those applications, but the other two factors are much more important.Qmail and DJBDNS are composed of massively fewer lines of source code, are much less complex with less support for legacy functionality, and were designed from the ground up to be secure.
There are fewer exploits of Dan Bernstein's applications than Paul Vixie's because Dan's code has fewer bugs to be found and exploited. djbdns is inherently more secure than BIND, regardless of the number of sites using it.
The 'CORE' mailing list was similar to what is proposed for BIND, and archives were actively traded between hackers in the late 1990's. I still have a copy somewhere.
Exploits for 'statd' were traded in the underground for years before the problem became public.