> Though I wonder if anyone actually used Emacs to connect.
Indeed. mud.el and rmoo.el (no links, you know how to google). Mud clients are simpler than IRC clients -- there's no protocol to speak of on most MUDs, and MCP is reasonably simple -- that it's a basic programming exercise to write one in [insert your favorite language here].
Personally I'm a fan of tkmoo (google for it), which is specialized for MOOs and supports the local editing conventions, as well as other goodies like the MacMOOSE browser/editor. It's kind of quirky, and probably not the most well-suited for combat muds unless you like writing your own trigger library from scratch, but since you can script it with tcl, it's really a good deal more friendly to program than tf and its weird macro interpreter.
Note that OpenRBL is back up, using a distributed proxy system to weather the DDOS (which I'm currently trying to find more info about, it is technically very interesting). You can search spamhaus records (among many others) from there.
If openrbl is rotating between mirrors, that's great. However, the issue remains: spamhaus's actual web content is what's very valuable to me, and it's not mirrored anywhere. I concede that there's good reasons for centralizing the content, but it also creates a single point of failure. SPEWS does a good job with evidence and tracking spam to the organizational level, but it just isn't as readable as spamhaus because it's all raw data (plus there's credibility problems). Spamcop is useless unless you like playing whack-a-mole by IP address or small block.
SBL and ROKSO web content seems to be reachable now... for the time being.
> Ooh, could this mean Planetscape Torment can be ported as well?
Nope. Spells, weapons, screens, all are very different, not to mention the fact that your character could multiclass as many times as he wanted (I just stuck with a mage through, that's the most fun). Spell levels and effects in torment are different -- the full-screen effects of cloudkill were a blast, and each level 9 spell has its own cutscene.
There's also a project underway to port the BG series to the Icewind Dale II engine for even more eye candy. Shame I don't have BG1 anymore to try this mod, or either IWD game...
If the sobig worm were attacking RBLs, wouldn't someone have done a "netstat" on an infected machine and found it? I've netstatted a couple of infected machines; seen nothing even close. Maybe it's just the mail _servers_ killing the RBLs, checking all those thousands of spam mails (sometimes 4 or 5 per server PER SECOND).
DNSBL queries are cached, which is a big part of the reason for using DNS. Secondly, I would think the DNSBL administrators would know the difference between usage of their own service and a DDOS attack.
Anyway, spamhaus's DNSBL seems to still be going strong, but the website is pretty much unreachable these days. Which renders it completely useless for my particular purposes, since much of my job is to narrow down the thousands of spamming netblocks to the organizations and individuals sending them, something spamhaus does very well, and no one else.
Anyone want to start a DNSBL that contains spamhaus's very useful CONTENT (including records like ROKSO) in a distributed fashion? Using a different domain for the annotations with CNAME records to point to the authoritative annotation would allow it to distribute and cache well (I'm aware of problems with CNAMEs in DNSBL's, I'm only suggesting it for the annotations).
I tend to rank these people just as low on the societal ladder as those who write virii [sic]
As a group, they're the same. Sobig was designed for relaying spam (among other things). Spammers are conducting DDOS attacks, successfully I might add, against blacklist sites.
... just put a @stake through its heart. Or more appropriately, its brain.
They publicly fired their Chief Technical Officer, sending the message to anyone else qualified for the job that they may as well stay away -- make no mistake, people who have the skills for that job aren't desperate even in this economy (yet). Whoever replaces him is not going to have the iconoclastic mentality that this industry segment requires. Not only that, they sent him to the loving arms of the competition. I'm sure at least one company is (cough) eEyeing a new lead researcher candidate.
... When is Sophos going to stop sending out bounce notices to the forged "senders" of email viruses? These do nothing but spamvertise the product. I must have blocked millions of sophos bounces of Sobig. Not that Sophos is the only offender, but it seems designed to do so...
Fact is, more than 99% of virus traffic is "stealthy" sends of trojans now, not some macro virus attached to a.doc file. And in every case it's forged. Bounces have to stop.
I knew someone was going to chime in with this "all automation is bad" business.
Who said it had to execute macros? If it simply pulled the doc out of the file to preview it, and never executed any macros, a preview would be safer than opening it. I haven't seen a macro virus in the wild for years anyway, and it's not like people really hesitate to open attachments even after the hugely verbose warning popup.
Secondly, it's not as if it's not *already* executing arbitrary code when you have auto-preview on.
Oh jeez, here I was ready to post Minsc quotes from BG, and someone beat me to it. I'm playing BG2 even now.
"DON'T teach my hamster to suck eggs!" -- Minsc.
"NO EFFECT?! I need a bigger sword..." -- Minsc again
"HIII-YA!! Heh - tourists love that stuff." -- Yoshimo.
LLiacor the sentient sword has dozens of lines... it's damn annoying (I can't afford to get Cromwell to shut it up) but some of them are *really* funny (minsc with lliacor and amulet of power == one man vampire slaying army). And damn if Irenicus (care of David Warner) wasn't some of the best damn vocal talent I've heard in a game since Grim Fandango. Too bad they got such wretched voice acting for Imoen...
587 is the "mail submission port", and is designed to be the port on which mail is originated, leaving port 25 for transferring mail between MTA's. This has various properties in that they can treat authentication differently (SMTP auth is required on port 587), and therefore has a number of anti-spam properties as well as some other benefits. Obviously port 25 is not going away for MSA's anytime soon, but it's a step. One big adopter of this is AOL: AOL users using AOL network services (e.g. corporate accounts) already are required to use port 587 when not using an AOL dialup, as AOL already rejects direct-to-MX on port 25 for most dynamic IP's.
> Never heard of Gentoo? How about LFS? How about downloading the source and compiling it yourself?
First: Haven't heard of LFS, so please elucidate. TLA's don't google well (now there's an idiomatic phrase). As for downloading and compiling the source: that's precisely what ports do. More to the point that they download, patch, configure, compile, package, and install automatically but that you can manually intervene in any of these steps, and that you need only edit very modular and flexible makefiles to do so. Gentoo requires a special tool, and if emerge doesn't fit your needs for one purpose or another for a particular package, let's hope you're a very dedicated python hacker. There's a lot of very neat stuff portage does but it looks to have started complex, not based on anything all that simple or flexible.
> I didn't know that packages in FreeBSD were actually source! I thought ports were source?
Packages are binaries. Ports builds and installs a package. If you want custom, you just cd to the work/src/ directory and you have the source tree just like the author made it (modulo any patches) from which you're free to do the usual configure && make before going up to the port dir and doing a "make package" (or just "make install" if you want to auto install it). Compare this to the tedium of customizing a source RPM.
> It has no integrated PIM software to unseat Microsoft Outlook
When Outlook manages to integrate, let me know. As of OL2K (I have not yet used XP, most people are still using 2K), it still has no VBA support, just VBS with a weird forms editor that acts like nothing in any other MS app. It can embed IE, but not any other app, even though IE can. It cannot embed the word or excel *app* in the outlook window -- let alone a clipping, which makes the outlook bar a glorified start menu. When someone attaches a word doc, it'd sure be nice if I could simply convert it to inline automatically, that'd be integration. Dynamically creating a flap on my outlook bar per page ala acrobat would be gravy.
Jeez, they haven't even managed to integrate IE into explorer as seamlessly as Konquerer, let alone their office apps. MS's interoperability hasn't really progressed much since Office 4.x on Windows 3.1
Viruses require user interaction to spread. A virus can infect a file, being parasitic in nature, or it can be a free standing application. If it is a free standing application it is most commonly referred to as a trojan horse - a malicious application whose true purpose is disguised until the user has been tricked into launching the applicaiton. Trojan horses are often used to install backdoors on machines. All of these are clearly viruses.
There you have it people. From the mouth of an expert. [-1, totally off track]
Here's the common definition I've heard, and it makes the most sense. Viruses attach to a host, either a boot sector or a file. This mirrors the biological categorization of a virus as something that doesn't function without a host. Macro viruses were one of the last common categories of true "viruses". Worms are themselves entire executables. There used to be an inbetween category they tried to call a "bacterium"... didn't fly, got a lousy ring to it for one. The vector for both of these is orthogonal.
See, it didn't take this imperious tone to offer my own explanation. Get enough of those together and there's something called consensus. Where do you get off with your tone?
> Why isn't Linux and Macintosh turning this into a big propaganda opportunity? Both OS's can hold up the 'come to us, we've had our shots, we'll never get worms' flags and pray that the big media mentions it.
Perhaps because at long last they realized that if everyone ran MacOSX or Linux, most users would still run random executables from random sites. While it might not be able to take over system files if not installed as root (answer to that: make the worm simply ask for the root password). Perhaps they realized that most worms are simply social engineering now, and that the deliberate obstacles placed in the path of users are simply speed bumps, and don't really amount to much security.
Perhaps they realized that Linux doesn't come with a Propeller Beanie of L33t Smartness +2 that automatically imbues its users with all the survival skills that its proponents pick up from experience.
Probably not. After all it did get posted on slashdot and got plenty of smug replies about the security of Linux.
It takes no root access whatsoever to do what Sobig did to turn it into a covert spamware (and probably file hosting) network. So step down from the high horse.
To be fair, that has nothing to do with verisign's land grab, as you could do that to a number of sites. More of stupidity, with sloppy coding at verisign not cleaning the input (good god I hope the same people don't work for the verisign certificate authority). That script injection attack can work on quite a number of sites, not just verisign's.
> At what cost? Routers are working harder, code has been introduced into core servers that has no technical reason to exist,
Actually, the BIND fix does have technical merit on its own, it addresses the possibility of "rogue" servers in general, which can be from clueless lame delegation, all the way up to the biggest registrar in the world. Given that you need to be paranoid about delegations lest you open up the door to cache poisoning, it follows from something called the Principle Of Least Authority that if you're going to trust a server to do delegation, you should only trust it for delegation -- any other duties it performs should be the exception, not the rule. It's the same reason you hand the valet a valet key, and not one that will open the trunk. You might even trust the valet, but do you want to have to? Verisign got away with this because we trusted them to hand out A records, when for most people, they never had to.
DNS was of course not built that way, but you can now at least put these policy walls up if you want to. It might suck for people who have A records hosted by verisign so that foo.com will point to their webserver as well as their NS, SOA, and MX records, but at least it would only affect people who did business with Verisign.
Looks like earthlink is among the ISP's now defeating Verisign's land grab, I get a "server failure" result for nonexistent.com names... Odd result, but I can see the reasoning.
You should know, that DNS trick is a wretchedly bad idea security-wise. DNS can be hijacked, poisoned, etc. The whole point of a VPN is that you don't trust the general internet. Hell, it just takes a negative cache entry to defeat fall-through name resolution (on windows anyway, one reason I kept having to 'net stop "dns client"' until I got wise and disabled it entirely).
Plus, verisign does it for nonexistent second-level domains. If foo.com exists, badhostname.foo.com will still fail to resolve. Not to diminish verisign's overall badness, but it's hardly that bad...
> How long till they change the IP/round-robin it?
With the ISC patch, it simply doesn't matter. It's not blocking a specific IP address, it just doesn't trust any records from the root servers for the TLD except for NS records. Might be possible Verisign could tweak it to return NS records, which would cause an even greater breakage, in which case the fix could simply be widened to their whole netblock. It's not like they can pick any IP address, they're just like any other netizen that way.
everyone keeps suggesting that blocking/ignoring 64.94.110.11 is the fix for this. come on, you people are smarter than that! how hard do you think it would be for them to change the A record to 64.94.110.12? then 64.94.110.13? and so on...
What we do to any spammer. Widen the block. They're a registrar, not an ISP, they gotta get IP addresses from their upstream same as everyone else.
Anyone else think that this fiasco should reopen the case for AlterNIC and other alternative roots?
> Try libverisignfix.c. It's an LD_PRELOAD hack to intercept gethostbyname, gethostbyname_r, and gethostbyname2_r. It doesn't intercept anything else (like getaddrinfo), but it works in Mozilla.
Truly awesome, and I can't wait to see this get into the resolver proper, as a configurable sort of thing, i.e. mapping certain IP address ranges to "nohost" or some such token to indicate DNS failure.
How about for OSX and Windows now? I might give it a whack myself, teach myself something about Win32 API hooks...
UNIX continues to evolve through standards like POSIX and Unix98, and thus a no-frills POSIX system is pretty damn functional. DOS had no such steering, and arguably it didn't really need it, since it's more of a extended BIOS than anything else, i.e. the hardware really ran the show. It still has its uses, mostly for providing a loading framework for simple drivers.
It's a matter of time til the sun burns out. I should imagine it's a matter of considerably less time til Unix is irrelevant. Saying "it's a matter of time" is really quite pithy...
Slashdot Mirror
> Though I wonder if anyone actually used Emacs to connect.
Indeed. mud.el and rmoo.el (no links, you know how to google). Mud clients are simpler than IRC clients -- there's no protocol to speak of on most MUDs, and MCP is reasonably simple -- that it's a basic programming exercise to write one in [insert your favorite language here].
Personally I'm a fan of tkmoo (google for it), which is specialized for MOOs and supports the local editing conventions, as well as other goodies like the MacMOOSE browser/editor. It's kind of quirky, and probably not the most well-suited for combat muds unless you like writing your own trigger library from scratch, but since you can script it with tcl, it's really a good deal more friendly to program than tf and its weird macro interpreter.
Note that OpenRBL is back up, using a distributed proxy system to weather the DDOS (which I'm currently trying to find more info about, it is technically very interesting). You can search spamhaus records (among many others) from there.
... for the time being.
If openrbl is rotating between mirrors, that's great. However, the issue remains: spamhaus's actual web content is what's very valuable to me, and it's not mirrored anywhere. I concede that there's good reasons for centralizing the content, but it also creates a single point of failure. SPEWS does a good job with evidence and tracking spam to the organizational level, but it just isn't as readable as spamhaus because it's all raw data (plus there's credibility problems). Spamcop is useless unless you like playing whack-a-mole by IP address or small block.
SBL and ROKSO web content seems to be reachable now
> Ooh, could this mean Planetscape Torment can be ported as well?
Nope. Spells, weapons, screens, all are very different, not to mention the fact that your character could multiclass as many times as he wanted (I just stuck with a mage through, that's the most fun). Spell levels and effects in torment are different -- the full-screen effects of cloudkill were a blast, and each level 9 spell has its own cutscene.
There's also a project underway to port the BG series to the Icewind Dale II engine for even more eye candy. Shame I don't have BG1 anymore to try this mod, or either IWD game...
If the sobig worm were attacking RBLs, wouldn't someone have done a "netstat" on an infected machine and found it? I've netstatted a couple of infected machines; seen nothing even close. Maybe it's just the mail _servers_ killing the RBLs, checking all those thousands of spam mails (sometimes 4 or 5 per server PER SECOND).
DNSBL queries are cached, which is a big part of the reason for using DNS. Secondly, I would think the DNSBL administrators would know the difference between usage of their own service and a DDOS attack.
Anyway, spamhaus's DNSBL seems to still be going strong, but the website is pretty much unreachable these days. Which renders it completely useless for my particular purposes, since much of my job is to narrow down the thousands of spamming netblocks to the organizations and individuals sending them, something spamhaus does very well, and no one else.
Anyone want to start a DNSBL that contains spamhaus's very useful CONTENT (including records like ROKSO) in a distributed fashion? Using a different domain for the annotations with CNAME records to point to the authoritative annotation would allow it to distribute and cache well (I'm aware of problems with CNAMEs in DNSBL's, I'm only suggesting it for the annotations).
Anyone even want to dare to run a DNSBL now?
I tend to rank these people just as low on the societal ladder as those who write virii
[sic]
As a group, they're the same. Sobig was designed for relaying spam (among other things). Spammers are conducting DDOS attacks, successfully I might add, against blacklist sites.
... just put a @stake through its heart. Or more appropriately, its brain.
They publicly fired their Chief Technical Officer, sending the message to anyone else qualified for the job that they may as well stay away -- make no mistake, people who have the skills for that job aren't desperate even in this economy (yet). Whoever replaces him is not going to have the iconoclastic mentality that this industry segment requires. Not only that, they sent him to the loving arms of the competition. I'm sure at least one company is (cough) eEyeing a new lead researcher candidate.
... When is Sophos going to stop sending out bounce notices to the forged "senders" of email viruses? These do nothing but spamvertise the product. I must have blocked millions of sophos bounces of Sobig. Not that Sophos is the only offender, but it seems designed to do so...
.doc file. And in every case it's forged. Bounces have to stop.
Fact is, more than 99% of virus traffic is "stealthy" sends of trojans now, not some macro virus attached to a
I knew someone was going to chime in with this "all automation is bad" business.
Who said it had to execute macros? If it simply pulled the doc out of the file to preview it, and never executed any macros, a preview would be safer than opening it. I haven't seen a macro virus in the wild for years anyway, and it's not like people really hesitate to open attachments even after the hugely verbose warning popup.
Secondly, it's not as if it's not *already* executing arbitrary code when you have auto-preview on.
System Shock 2 also pegs the creepometer for me.
the many seek...
mmmymyMY children disobey me.... This will not do.
Oh jeez, here I was ready to post Minsc quotes from BG, and someone beat me to it. I'm playing BG2 even now.
... it's damn annoying (I can't afford to get Cromwell to shut it up) but some of them are *really* funny (minsc with lliacor and amulet of power == one man vampire slaying army). And damn if Irenicus (care of David Warner) wasn't some of the best damn vocal talent I've heard in a game since Grim Fandango. Too bad they got such wretched voice acting for Imoen...
"DON'T teach my hamster to suck eggs!" -- Minsc.
"NO EFFECT?! I need a bigger sword..." -- Minsc again
"HIII-YA!! Heh - tourists love that stuff." -- Yoshimo.
LLiacor the sentient sword has dozens of lines
587 is the "mail submission port", and is designed to be the port on which mail is originated, leaving port 25 for transferring mail between MTA's. This has various properties in that they can treat authentication differently (SMTP auth is required on port 587), and therefore has a number of anti-spam properties as well as some other benefits. Obviously port 25 is not going away for MSA's anytime soon, but it's a step. One big adopter of this is AOL: AOL users using AOL network services (e.g. corporate accounts) already are required to use port 587 when not using an AOL dialup, as AOL already rejects direct-to-MX on port 25 for most dynamic IP's.
It's all spelled out in RFC2476
> Never heard of Gentoo? How about LFS? How about downloading the source and compiling it yourself?
First: Haven't heard of LFS, so please elucidate. TLA's don't google well (now there's an idiomatic phrase). As for downloading and compiling the source: that's precisely what ports do. More to the point that they download, patch, configure, compile, package, and install automatically but that you can manually intervene in any of these steps, and that you need only edit very modular and flexible makefiles to do so. Gentoo requires a special tool, and if emerge doesn't fit your needs for one purpose or another for a particular package, let's hope you're a very dedicated python hacker. There's a lot of very neat stuff portage does but it looks to have started complex, not based on anything all that simple or flexible.
> I didn't know that packages in FreeBSD were actually source! I thought ports were source?
Packages are binaries. Ports builds and installs a package. If you want custom, you just cd to the work/src/ directory and you have the source tree just like the author made it (modulo any patches) from which you're free to do the usual configure && make before going up to the port dir and doing a "make package" (or just "make install" if you want to auto install it). Compare this to the tedium of customizing a source RPM.
> It has no integrated PIM software to unseat Microsoft Outlook
When Outlook manages to integrate, let me know. As of OL2K (I have not yet used XP, most people are still using 2K), it still has no VBA support, just VBS with a weird forms editor that acts like nothing in any other MS app. It can embed IE, but not any other app, even though IE can. It cannot embed the word or excel *app* in the outlook window -- let alone a clipping, which makes the outlook bar a glorified start menu. When someone attaches a word doc, it'd sure be nice if I could simply convert it to inline automatically, that'd be integration. Dynamically creating a flap on my outlook bar per page ala acrobat would be gravy.
Jeez, they haven't even managed to integrate IE into explorer as seamlessly as Konquerer, let alone their office apps. MS's interoperability hasn't really progressed much since Office 4.x on Windows 3.1
Viruses require user interaction to spread. A virus can infect a file, being parasitic in nature, or it can be a free standing application. If it is a free standing application it is most commonly referred to as a trojan horse - a malicious application whose true purpose is disguised until the user has been tricked into launching the applicaiton. Trojan horses are often used to install backdoors on machines. All of these are clearly viruses.
There you have it people. From the mouth of an expert. [-1, totally off track]
> Anywho, I've always just shook my head and wondered why people put up with MS shiite
Not me. My computing platform of choice is made by Sunni Microsystems.
> A virus requires user interaction to spread
... didn't fly, got a lousy ring to it for one. The vector for both of these is orthogonal.
Here's the common definition I've heard, and it makes the most sense. Viruses attach to a host, either a boot sector or a file. This mirrors the biological categorization of a virus as something that doesn't function without a host. Macro viruses were one of the last common categories of true "viruses". Worms are themselves entire executables. There used to be an inbetween category they tried to call a "bacterium"
See, it didn't take this imperious tone to offer my own explanation. Get enough of those together and there's something called consensus. Where do you get off with your tone?
> Why isn't Linux and Macintosh turning this into a big propaganda opportunity? Both OS's can hold up the 'come to us, we've had our shots, we'll never get worms' flags and pray that the big media mentions it.
Perhaps because at long last they realized that if everyone ran MacOSX or Linux, most users would still run random executables from random sites. While it might not be able to take over system files if not installed as root (answer to that: make the worm simply ask for the root password). Perhaps they realized that most worms are simply social engineering now, and that the deliberate obstacles placed in the path of users are simply speed bumps, and don't really amount to much security.
Perhaps they realized that Linux doesn't come with a Propeller Beanie of L33t Smartness +2 that automatically imbues its users with all the survival skills that its proponents pick up from experience.
Probably not. After all it did get posted on slashdot and got plenty of smug replies about the security of Linux.
It takes no root access whatsoever to do what Sobig did to turn it into a covert spamware (and probably file hosting) network. So step down from the high horse.
To be fair, that has nothing to do with verisign's land grab, as you could do that to a number of sites. More of stupidity, with sloppy coding at verisign not cleaning the input (good god I hope the same people don't work for the verisign certificate authority). That script injection attack can work on quite a number of sites, not just verisign's.
> At what cost? Routers are working harder, code has been introduced into core servers that has no technical reason to exist,
.com names... Odd result, but I can see the reasoning.
Actually, the BIND fix does have technical merit on its own, it addresses the possibility of "rogue" servers in general, which can be from clueless lame delegation, all the way up to the biggest registrar in the world. Given that you need to be paranoid about delegations lest you open up the door to cache poisoning, it follows from something called the Principle Of Least Authority that if you're going to trust a server to do delegation, you should only trust it for delegation -- any other duties it performs should be the exception, not the rule. It's the same reason you hand the valet a valet key, and not one that will open the trunk. You might even trust the valet, but do you want to have to? Verisign got away with this because we trusted them to hand out A records, when for most people, they never had to.
DNS was of course not built that way, but you can now at least put these policy walls up if you want to. It might suck for people who have A records hosted by verisign so that foo.com will point to their webserver as well as their NS, SOA, and MX records, but at least it would only affect people who did business with Verisign.
Looks like earthlink is among the ISP's now defeating Verisign's land grab, I get a "server failure" result for nonexistent
You should know, that DNS trick is a wretchedly bad idea security-wise. DNS can be hijacked, poisoned, etc. The whole point of a VPN is that you don't trust the general internet. Hell, it just takes a negative cache entry to defeat fall-through name resolution (on windows anyway, one reason I kept having to 'net stop "dns client"' until I got wise and disabled it entirely).
Plus, verisign does it for nonexistent second-level domains. If foo.com exists, badhostname.foo.com will still fail to resolve. Not to diminish verisign's overall badness, but it's hardly that bad...
Name any online petition that brought about any change whatsoever. These thngs are jokes, and not that far off from chain letters.
Much noise going around the spam circles about how signing anything at petitiononline.com is a fast track to getting spam...
> How long till they change the IP/round-robin it?
With the ISC patch, it simply doesn't matter. It's not blocking a specific IP address, it just doesn't trust any records from the root servers for the TLD except for NS records. Might be possible Verisign could tweak it to return NS records, which would cause an even greater breakage, in which case the fix could simply be widened to their whole netblock. It's not like they can pick any IP address, they're just like any other netizen that way.
everyone keeps suggesting that blocking/ignoring 64.94.110.11 is the fix for this. come on, you people are smarter than that! how hard do you think it would be for them to change the A record to 64.94.110.12? then 64.94.110.13? and so on...
What we do to any spammer. Widen the block. They're a registrar, not an ISP, they gotta get IP addresses from their upstream same as everyone else.
Anyone else think that this fiasco should reopen the case for AlterNIC and other alternative roots?
> Try libverisignfix.c. It's an LD_PRELOAD hack to intercept gethostbyname, gethostbyname_r, and gethostbyname2_r. It doesn't intercept anything else (like getaddrinfo), but it works in Mozilla.
Truly awesome, and I can't wait to see this get into the resolver proper, as a configurable sort of thing, i.e. mapping certain IP address ranges to "nohost" or some such token to indicate DNS failure.
How about for OSX and Windows now? I might give it a whack myself, teach myself something about Win32 API hooks...
UNIX continues to evolve through standards like POSIX and Unix98, and thus a no-frills POSIX system is pretty damn functional. DOS had no such steering, and arguably it didn't really need it, since it's more of a extended BIOS than anything else, i.e. the hardware really ran the show. It still has its uses, mostly for providing a loading framework for simple drivers.
It's a matter of time til the sun burns out. I should imagine it's a matter of considerably less time til Unix is irrelevant. Saying "it's a matter of time" is really quite pithy...