Put some semi-bullet proof glass in the car, to replace the side windows. Check out Bulldog direct, they have great prices.
This sounds good, but might be a bit more of an investment than she wants to make, and as you pointed out later, to be effective will also require installing upgraded door locks.
To quote Bulldog Direct:
Pricing for Curved Bullet Resistant Vehicle Glass can start from around: $7,000.00 to well over $20,000.00 [Depending on your type of vehicle and level of protection needed.]
And since the thief won't know the glass is not stock, he will still try to smash it in with a brick -- he won't get into the car, but the glass will be scratched and spalled, at best.
The tinfoil hat crowd has long suggested that the mylar filament in bills is a remotely readable RFID tag....
That last problem is the worst--it's a lot like the DVD CSS encryption scheme problem. It works find until ONE INSTANCE of the private key gets broken, and then everybody has the key to every single banknote in circulation. And then the whole thing is kaput, money down the drain (literally). So it would be awfully important to solve the tamper-proofing issue, before you went ahead with this idea.
It'd work a lot better if the design were to embrace public key crypto entirely -- each bill contains a unique key, but all the bills in a particular "series" have their unique key signed by a centrally-held private key. Scanning the bill veries the serial number printed on the front.
Scanners would contain the list of public keys, they'd receive an annual update which could also include key revocation lists for any serial numbers commonly counterfeited, or any keys that were compromised.
Personally, I found that what would tend to get stolen was the little things, stuff that somebody could stick under their jacket and walk off with -- books, booze, RAM, etc.
Get a big tower case and a 21" CRT. Stencil your name in huge letters on everything. Back up offsite to a vaulting system far, far away. Then don't worry about it too much.
Very good advice. And a 21" Viewsonic in good shape can be had cheap.
There's nothing to say that a big-ass full tower case with a 21" CRT can't turn in respectable FPS in Quake 3, plus a full tower doesn't build up as much heat.
If anyone were to invent an algorithm that can do an "analog checksum" on a sound file (assuming it hasn't been invented already), then all of this functionality would be available to anybody with a computer and a sound card.
Software could continuously record the audio source, cross reference checksums against an online database akin to the freedb CD database, and catalog and save whatever is new.
The difficulty would be in determining what sequence of audio is a legitimate, complete, and interesting new song, and what is Howard Stern literally taking a crap on the radio.
Jeez man... shall I complement the smart phone some more?!?
The Treo 650 Smartphone is a wonderful device! It slices, it dices, it's the most verstile tool on the market! WOW! Amazing! If I were to get a cell phone, this would certainly be the one I'd get!
The Treo 600 is a greviously flawed product. I doubt the 650 will be much better.
With a disturbingly high frequency, loading third-party applications makes the device unstable, prone to crash without warning.
That wouldn't be so bad, except that the phone functionality is so tightly integrated with the OS, these bugs often make the most basic phone functionality unusable.
Smartphones are cool. A smartphone sporadically crashing when an incoming call is received, requiring a complicated reboot process to recover, is lame.
...a few things, but this is the closest to the ideal everything-device that I'm waiting for. Still missing is:
A fully functional GPS with maps.
Can be added via SDIO with iGolf and Mapopolis maps.
~4 megapixel camera with reasonable optical quality which records the lat/long in the EXIF data on each photo.
Sounds like fun, if unrealistic. Does any handheld offer this?
If we're just blue-skying, I'd rather have a Bluetooth device with GPS integration, and a Bluetooth enabled real digital camera.
MP3 player which can hold about as many songs as an iPod mini
Which would mean it'd need a hard drive like the iPod mini.
If you just want to carry a heck of a lot of songs, you can add a 1 Gig SD card, and fill it with.OGG encoded songs. PocketTunes supports Vorbis via a plug-in.
Of course all of this in the same small package as the Treo (with exisiting features) and a battery life that will last me a full day. When such a device is created, then I'll finally bite-the-bullet and get a cell phone plan...
Oddly enough, none of your requirements seem to be the least bit related to the smartphone functionality of Treo...
Not everybody wants to be a sysadmin, one major advantage of just buying shell access is that somebody else does the heavy lifting, the patching, the dealing with DoS and compromise, etc.
With dedicated servers starting at $49/mth US (I haven't seen any cheaper yet), considering the benefits they have over shell accounts, it's not surprising that unix shell accounts are losing popularity.
Most dedicated servers these days have over 1TB of bandwidth to boot, even at the 49$ level.
One terabyte of "bandwidth"?
I'll assume you actually meant 1000 gigabytes per month "transfer limit"?, A bit of back of the envelope calculation suggests that to actual reach that limit would require a sustained bandwidth of 3 megabits.
Do any of the "$49 per month dedicated server" providers actually state any sort of guarantee on how much "bandwidth" (to the "Internet", not just local facility) a customer will have access to?
How many of these hosting companies have more than just a couple of DS3 shared across all of their customers?
Actually, this (increasing the oxygen concentration in the intake air) has been done, as a commercial product.
The technology is called "oxygen enrichment", and is used on some large diesel engines (trucks and railroad both). I can't remember the name of the company that makes it.
The purpose is as much to reduce emissions as it is to increase fuel efficiency.
$30. Connect to keyboard port (These are AT, so you may need a $2 PS2->AT adaptor)
These units are designed to take input from a 4x4 matrix keypad, and you program them to send keycodes. Just skip that step. It will handle pretending to be a keyboard that never sends anything.
You can also wire up a keypad to perform 'shutdown' 'reboot' etc features if that would be handy and not a security issue for you.
My god man, a keyboard can be had for less than $5! Do you know how much a similar dongle would cost?!?!?
A couple of times i've just taken a power screwdriver to an old keyboard, pulled out the little circuit board with the LEDs and driver chip (usually these are a bit smaller than a 3x5 index card) sandwiched between two of the aformentioned index cards with a couple of holes for the LEDS, and wrapped the whole sucker in clear packaging tape.
This gives all of the benefits of a dongle, plus you can use a program like ixbiff to flash the LEDs when you have new mail waiting.
More often I'll just take an old keyboard (the one with the missing spacebar and the keycaps worn to bare plastic), plug it in, and shove it behind the PC where it's unlikely anything will accidentally hit the keys.
Big plus is you can still drag it out when a "three finger salute" is needed.
Sniffer Pro has features which neither "ntop" nor "ethereal" come anywhere near, both in the realtime monitoring of traffic and also in some of the "expert" functionality.
I've yet to find an open source tool that can show a "matrix" graph of source and destination talkers by MAC/IP/IPX name in realtime as found in Sniffer. Other tools show some of this information, but do not render the same graphical display (chords of a circle) as Sniffer.
we would instatly switch to using firefox if they added support for proxy autoconfiguration via wpad. (either DNS or dhcp based wpad would be fine). We have laptops that need to be able to pick up their proxy configs automatically since they roam between offices....
I have a similar problem.
We resolved the issue by moving the intelligence into the server, different versions of the.PAC file are served up based on what subnet the client request comes in from.
This allows for customizing the proxy configuration based on which office the client is connected to, without relying on the DNS suffix assigned by DHCP to select an appropriate WPAD server name...
need to be able to pick up their proxy configs automatically
Why not use a transparent proxy? I'm not sure about all protocols, but I know that transparent proxies are easy to set up for HTTP.
Using the Automatic Proxy Configuration (aka ".pac" files), gives significantly more flexibility in configuring which proxy server a browser uses for specific types of requests and destination domains, and automatic failover to a backup proxy server at another uplink site (if the ISPs at the New York office stop responding, requests automatically go to Dallas), etc.
There are many drawbacks to transparent proxies, the biggest being that a transparent proxy requires your HTTP requests follow the default route -- I know of several organizations which intentionally do not announce a default route to the Internet on internal LANs, for security and performance.
I tried disassembling one once first thing it did was copy code to the old specky print buffer delete this loader code move everything down a bit and then proceeded to unfold itself up the memory incredible. pretty good to watch too as the primitive hardware started doing things which just seemed impossible.
I wonder how many of the demo and other assembly programmers from the old 65xx scene ended up in the virus authoring scene of the 90s? It's pretty clear from the badly-coded worms that few real programmers are participating in that realm.
I know I learned assembly, patching interrupt vectors, and self-modifying code from writing game intros and "trainers" for C= BBSes.
Pretty much everybody in the C64 assembly programming scene used the "copy your bootstrap into the tape/disk buffer, then shift the rest of your data to fit", as well as the well-documented technique of running your main loop out of "page 0" to take advantage of the faster execution time.
probably used alot but
abuse@[domain].{com,org,net}
Please keep in mind that for sites that do "confirmed opt-in" registration, this will not work (since you will not be able to reply to the confirmation email) and will clutter the abuse@ mailbox for the site, making it more difficult for admins to respond to real abuse.
It's all but certain that the poor overworked mail administrators who are tasked with monitoring the abuse@ role account have nothing to do with the editorial content nor the web site or web site registration policy.
You'd do much better by abusing the letters-to-the-editor mailbox:)
Oh, the toys you will be forbidden to mod by DMCA
on
Old Toy Modding?
·
· Score: 2, Informative
Believe it or not it's illegal to play non-Teddy-Ruxpin tapes in a Teddy Ruxpin bear, because by doing so you're creating a derivative "audiovisual work comprising animated plush toy bear with unique voice."
IANAL, however I see this claim made about the Teddy Ruxpin cases (Worlds of Wonder v. Veritel Learning Systems & Worlds of
Wonder v. Vector Int'l) on numerous web sites.
The key phrase here is "toy bear with unique voice". The unauthorized derivative works were being marketed as new Teddy Ruxpin stories, and used a similar-sounding voice actor and custom recorded data channel to capitalize on the original (copyrighted) Teddy Ruxpin "Look and Feel", the "ruxpin experience" which the children expected.
If you were to attempt to market a Ruxpin-compatible tape which caused Teddy's eyes to roll back in his head and intone a backwards-masked satanic mass recorded by Iron Maiden (One of the few groups to intentionally backmask on a metal album), you might be able to prevail against Worlds of Wonder.
OTOH, the market for black mass teddy ruxpin tapes is (hopefully) rather small.
Newer mobo's with PS2 sockets don't much care. Plug a keyboard into the mouse labeled one, for example. Voila, it works.
Oddly, all of the Dell systems I have (ancient and modern) have clearly labeled "mouse" and "keyboard" ports, and a keyboard will only work in the keyboard port.
Seems that some chipsets have function-specific ports, others do not?
The "APACHE" server project was originally a set of patches to the NCSA HTTPd, the name comes from "a-patchy web server".
Back around 1995, development of the NCSA sort-of-free web server was starting to die out, and developers who had been producing a set of patches to the NCSA project decided to "fork" their development branch.
After the fork, the majority of development effort concentrated in the new "Apache" project, and the NCSA HTTPd died out about a year later.
I just bought a bunch of these USB adapters so I could connect Mac workstations (USB only) to older (PS/2 only) Raritan KVM switches, and have had zero problems using them on Mac or on Windows machines.
These are both larger and more expensive (List price $50) than the adapters mentioned in the original article, but they work, and are supported under Win 98, 98SE, 2000, ME, XP, MAC OS 8.6 or greater and SUN Solaris 8/9.
Single monolithic application to serve multiple purposes.
Memory hungry (process size grows unpredictably).
Inefficient storage of in-memory copies of authoritative zones.
Personally, when I am looking for software to run a critical service, I look for software that supports the feature set I need without any extraneous bells and whistles, and I prefer the "toolkit" approach, if I just need an authoritative server, I just want to run a program that does only that one thing, but does it exceedingly well.
Many of the worst sins of BIND 8 have been expunged in BIND 9, but I do not doubt that we have not seen then end of BIND root exploits.
We Tried BIND, but.... (Score:2, Interesting)
by buzzoff (744687) on Friday June 04, @08:46AM (#9334123)
BIND just wouldn't work. It worked at first, until I dumped a bunch of hosts into my zone (only a couple thousand, which isn't much in the grand scheme of things). After it stopped working I happened to get in touch with some of the developers. They just kept telling me to upgrade to the next release.
I've never seen a problem such as you describe in running BIND under UNIX.
After screwing around with BIND for two weeks I gave up. I switched over to MSDNS. Guess what? The EXACT same file that wouldn't work with BIND worked with MSDNS. This was BIND 9.2. We've been running MSDNS for a few years now with hardly any issues. We ran into some cache pollution once, but once I checked the stupid box to prevent it the problem went away.
Based on this, I'm guessing you were running BIND under Win32, then switched to MSDNS under the same Win32 system?
Personally, when I first encounter massive performance problems on a dedicated production-critical service, I would have contacted the developers and asked them what platform they recommend for running a dedicated server, and switched the base OS to the platform they best support.
Based on the above philosophy, I've ended up actually running more MS-Windows servers in the data center, as many speciality software vendors preferentially support Windows 2000 over UNIX-like systems. And of course any time you run two different applications from two different vendors on the same Windows box, antime a problem is encountered with Vendor A's application, as soon as the support engineer discovers that another package is running on the same box, Vendor B's application immediately becomes the root cause of the problem:)
djbdns has not been accepted, because it's too non-standard. The main thing is the folders.
Actually, Bernstein's use of folders and files for configuration and control goes back to the earliest roots of Unix, where the vision was that the single root hierarchical filesystem concept would extend to every object in the system (See the "Plan 9" operating system for an example of where this can lead).
He creates and uses a folders called/service,/command and/doc, instead of following any UNIX filesystem standard. I guess he is suggesting that we abandon/usr,/bin,/lib, and just throw everything at the root level.
By default, djbdns installs binaries in/usr/local/bin and the actual service configurations can be created anywhere you choose.
Actually, you are thinking of DJB's daemontools. While they work well together, daemontools is not absolutely required to run djbdns.
If you *need* secure systems you use old code that has been heavily audited, and I would actually recommend OpenBSD.
Speaking of OpenBSD, they're heavily into
systrace these days, which gives you some leeway to work with software from less audited sources.
Currently, Systrace is integrated in NetBSD and OpenBSD, with a Linux port also being maintained. Similar functionality is available in the Okena (now Cisco) Security Agent for MS-Windows and Solaris, for $$$$.
And by buffer overflows being *easier* I meant more likely to escape detection. A shell being bound to a listening port is something that should *obviously* not be happening in most programs.
Under systrace, I can take an X application binary which is intended to display a slideshow, and without any access to source, inspect the "normal" execution profile, and build a systrace profile that forbids the application from opening a listening port or exec'ing/bin/sh.
A real world example: I use systrace to run Opera. I cannot get source code for Opera, but by running it under a restricted profile, I can still have assurance as to the system calls which it can successfully make.
Slashdot Mirror
Scanners would contain the list of public keys, they'd receive an annual update which could also include key revocation lists for any serial numbers commonly counterfeited, or any keys that were compromised.
There's nothing to say that a big-ass full tower case with a 21" CRT can't turn in respectable FPS in Quake 3, plus a full tower doesn't build up as much heat.
With a disturbingly high frequency, loading third-party applications makes the device unstable, prone to crash without warning.
That wouldn't be so bad, except that the phone functionality is so tightly integrated with the OS, these bugs often make the most basic phone functionality unusable.
Smartphones are cool. A smartphone sporadically crashing when an incoming call is received, requiring a complicated reboot process to recover, is lame.
If we're just blue-skying, I'd rather have a Bluetooth device with GPS integration, and a Bluetooth enabled real digital camera.
Which would mean it'd need a hard drive like the iPod mini. If you just want to carry a heck of a lot of songs, you can add a 1 Gig SD card, and fill it withIt could take a couple of months, but in general a "particularly unpleasant person" is their own worst enemy.
Unfortunately, the insurance has a deductible of $1,000,000.00.
I'll assume you actually meant 1000 gigabytes per month "transfer limit"?, A bit of back of the envelope calculation suggests that to actual reach that limit would require a sustained bandwidth of 3 megabits.
Do any of the "$49 per month dedicated server" providers actually state any sort of guarantee on how much "bandwidth" (to the "Internet", not just local facility) a customer will have access to?
How many of these hosting companies have more than just a couple of DS3 shared across all of their customers?
The technology is called "oxygen enrichment", and is used on some large diesel engines (trucks and railroad both). I can't remember the name of the company that makes it.
The purpose is as much to reduce emissions as it is to increase fuel efficiency.
Does that mean that this is finally a reality?
This gives all of the benefits of a dongle, plus you can use a program like ixbiff to flash the LEDs when you have new mail waiting.
More often I'll just take an old keyboard (the one with the missing spacebar and the keycaps worn to bare plastic), plug it in, and shove it behind the PC where it's unlikely anything will accidentally hit the keys. Big plus is you can still drag it out when a "three finger salute" is needed.
I've yet to find an open source tool that can show a "matrix" graph of source and destination talkers by MAC/IP/IPX name in realtime as found in Sniffer. Other tools show some of this information, but do not render the same graphical display (chords of a circle) as Sniffer.
With ethereal there's to do this with snapshots using graphviz, but not realtime...
We resolved the issue by moving the intelligence into the server, different versions of the .PAC file are served up based on what subnet the client request comes in from.
This allows for customizing the proxy configuration based on which office the client is connected to, without relying on the DNS suffix assigned by DHCP to select an appropriate WPAD server name...
There are many drawbacks to transparent proxies, the biggest being that a transparent proxy requires your HTTP requests follow the default route -- I know of several organizations which intentionally do not announce a default route to the Internet on internal LANs, for security and performance.
I wonder how many of the demo and other assembly programmers from the old 65xx scene ended up in the virus authoring scene of the 90s? It's pretty clear from the badly-coded worms that few real programmers are participating in that realm.
I know I learned assembly, patching interrupt vectors, and self-modifying code from writing game intros and "trainers" for C= BBSes.
Pretty much everybody in the C64 assembly programming scene used the "copy your bootstrap into the tape/disk buffer, then shift the rest of your data to fit", as well as the well-documented technique of running your main loop out of "page 0" to take advantage of the faster execution time.
It's all but certain that the poor overworked mail administrators who are tasked with monitoring the abuse@ role account have nothing to do with the editorial content nor the web site or web site registration policy.
You'd do much better by abusing the letters-to-the-editor mailbox :)
IANAL, however I see this claim made about the Teddy Ruxpin cases (Worlds of Wonder v. Veritel Learning Systems & Worlds of Wonder v. Vector Int'l) on numerous web sites.
The key phrase here is "toy bear with unique voice". The unauthorized derivative works were being marketed as new Teddy Ruxpin stories, and used a similar-sounding voice actor and custom recorded data channel to capitalize on the original (copyrighted) Teddy Ruxpin "Look and Feel", the "ruxpin experience" which the children expected.
If you were to attempt to market a Ruxpin-compatible tape which caused Teddy's eyes to roll back in his head and intone a backwards-masked satanic mass recorded by Iron Maiden (One of the few groups to intentionally backmask on a metal album), you might be able to prevail against Worlds of Wonder.
OTOH, the market for black mass teddy ruxpin tapes is (hopefully) rather small.
Oddly, all of the Dell systems I have (ancient and modern) have clearly labeled "mouse" and "keyboard" ports, and a keyboard will only work in the keyboard port.
Seems that some chipsets have function-specific ports, others do not?
Back around 1995, development of the NCSA sort-of-free web server was starting to die out, and developers who had been producing a set of patches to the NCSA project decided to "fork" their development branch.
After the fork, the majority of development effort concentrated in the new "Apache" project, and the NCSA HTTPd died out about a year later.
We use the IOGear GUC100KM.
These are both larger and more expensive (List price $50) than the adapters mentioned in the original article, but they work, and are supported under Win 98, 98SE, 2000, ME, XP, MAC OS 8.6 or greater and SUN Solaris 8/9.
Personally, when I am looking for software to run a critical service, I look for software that supports the feature set I need without any extraneous bells and whistles, and I prefer the "toolkit" approach, if I just need an authoritative server, I just want to run a program that does only that one thing, but does it exceedingly well.
Many of the worst sins of BIND 8 have been expunged in BIND 9, but I do not doubt that we have not seen then end of BIND root exploits.
Personally, when I first encounter massive performance problems on a dedicated production-critical service, I would have contacted the developers and asked them what platform they recommend for running a dedicated server, and switched the base OS to the platform they best support.
Based on the above philosophy, I've ended up actually running more MS-Windows servers in the data center, as many speciality software vendors preferentially support Windows 2000 over UNIX-like systems. And of course any time you run two different applications from two different vendors on the same Windows box, antime a problem is encountered with Vendor A's application, as soon as the support engineer discovers that another package is running on the same box, Vendor B's application immediately becomes the root cause of the problem :)
When you
Currently, Systrace is integrated in NetBSD and OpenBSD, with a Linux port also being maintained. Similar functionality is available in the Okena (now Cisco) Security Agent for MS-Windows and Solaris, for $$$$.
Under systrace, I can take an X application binary which is intended to display a slideshow, and without any access to source, inspect the "normal" execution profile, and build a systrace profile that forbids the application from opening a listening port or exec'ingA real world example: I use systrace to run Opera. I cannot get source code for Opera, but by running it under a restricted profile, I can still have assurance as to the system calls which it can successfully make.