Is there any reason I should keep the router's preinstalled firmware and not flash openwrt as fast as I can?
Installing OpenWRT is scary and confusing. Its not bad after you've done it a few times, but it's not at all obvious where to start.
The documentation and website isn't structured or layered to support end users. Its by openwrt developers for openwrt developers with end user stuff mixed in willy-nilly.
It starts out barely accessible to the average user and then rapidly veers off into territory beyond even the average computer nerd.
When people say a router is bricked, this very generally means, that it does not function properly any longer and the reasons can be various. First of all, you should calm down, relax and read flash layout, file systems in OpenWrt and bootloader CLI. Now depending on what exactly is broken, you have several possibilities...
Yes, calm down, relax, and learn about the differences between NAND and NOR flash, relatively obscure filesystems, master and partition boot records... no problem right? You do have JTAG cables right? And an Arduino board you can use to upload a sketch that will send the debrick commands via serial? How are your soldering skills because you might need them! Here's the serial pinouts for a DIR-835... your router might be different!
Google Talk is just XMPP, so any desktop IM program should support it just fine.
That's what I'd heard to but I've been having trouble getting it working lately with 'hangouts'. I recently tried Spark for example (from igniterealtime.org and was unable to get it to connect); although I'd had it working previously with google talk (ie "before" they forced hangouts on everyone.)
That requires having or borrowing an iphone or ipad (Basically, go to settings, iMessage, login with you apple id then tell it not to use iMessage for your phone number).
Ok, and what happens when that doesn't work?
Because while that solves it for most people, it doesn't solve it for everyone. Believe it or not, there is an actual bug somewhere preventing that from "just working" for everyone.
What would be a better solution is Apple making it cross platform. This way, no matter what platform one is on, iMessages go through
What, and lose the locking. I know several families right now that are stuck on ios because someone in the the family (usually a child or senior parent) uses an ipod touch or ipad that -can't- fall back to SMS; and it often crosses households (grandparents / grandchildren living somewhere else etc... so now the entire family is stuck on ios...)
Sure one could install a different IM... but imessages appeal is the seamless IM / SMS experience and installing a whole new program just to talk to one person, and that person ALSO has to install it... its a genuine obstacle in this case.
And there really isn't a good cross platform IM client that has desktop, ios, android, windows phone, and blackberry support. Hell, even google talk... er hangouts is ruled out now that there is no proper desktop client.
Single person has annoying but minor problem texting random social contact, assumes huge conspiracy and general incompetenceæ
Yeah, its a well known and widespread problem. Sending and receiving after switching away from an iphone.
Everyone I know who has an iphone and switched to an android has encountered it, along with related issues resulting from travelling with an iphone and disabling data temporarily, and so on. Sometimes the incantations apple prescribes to fix it work, sometimes the carrier has to do something to get it working again, and some just refuse to work no matter what they do.
We're at a cusp right now. You make a good point that as the game development shifts towards ps4 / xbox one that 5+ year old PCs with Intel graphics are going to fall behind again, but the ps4 and xbox one JUST luanched.
The cycle will repeat, the ps4 and xbox one are already behind current PC graphics, game development will be pinned to them for the next decade.
My HTPC has been my HTPC for a couple years already, the Q6600 was released in 06 after all. I'll have my i7 3770k with a geforce 660 in my living within the next year or so. Anyone else rolling their main PC over to the living room will be bringing in hardware that will be fine for a decade.
And we don't really know what's going to happen in the future, right now, the 'home office pc/gaming rig' gets rolled into the HTPC when the gaming rig gets replaced -- but if PC gaming in the living room continues to trend then maybe next new pc will go straight to the living room, and the office will get the older unit. After all the main gaming rig goes where the gamer does... if the gamer moves, so goes the rig.
We've also got the steambox coming and its going to be a factor of some sort I think given Valve's position in PC gaming.
But the commercial failure of OUYA showed that not enough people will buy into a platform just for indie games. This is why a successful video gaming platform needs AAA support.
But perhaps it can be a successful platform with new indie games and support for "last years" AAA games.
Some TVs, such as my Vizio VX32L, have an analog audio input by one of the HDMI video inputs. This is designed for use with DVI-D to HDMI cable, as I mentioned in this table.
My HTPC setup didn't become simple or satisfactory until I had a PC that output audio over hdmi, and in addition to an HDTV I also had a receiver that did HDMI passthru and switching. So hooking up the PC to the big tv became as simple as plugging it into the receiver; and i got full 1080p resolution without any futzing around and full surround sound support. And I can 'switch to PC' with one button on my remote.
Working with last generation equipment was a pain. My previous HTPC setup was DVI to the TV + optical out to the receiver; and I'd had to spend considerable effort getting everything to work properly; there were issues with overscan that had to be resolved, getting the audio working was a pain, and I had to put the tv and receiver both on specific settings to get picture and sound each time i switched to it. It worked in 2007 but it was nerd territority, not nearly as user friendly as it is now.
Good point. Adding to my list of counterarguments.
Reasons why not? Not sure I follow -- on the one hand yes, it means there is probably a 'weaker' PC hooked up to the TV then the latest and greatest; on the other hand today's weaker PC is no longer gaming obsolete.
My 'previous pc' for example is a Q6600 with an nvidia 9600 series, and I've yet to run into a game I wanted to play that I couldn't.
Yes and no. Yes, in that in principle it is a hole.
No, in that nobody has ever in the history of me owning or working with computers ever wanted to attach a random PCIe card that they pulled out of their pocket to my computer, or any computer I manage.
USB devices on the other hand...are a routine occurrence. And firewire external drives as well, while far from routine have happened.
So if USB3 has the same DMA vulnerabilities that firewire does, then yes its a pretty big deal.
Virtually all languages ship with a set of libraries containing functions or classes etc that you can use; so you don't have to write your own string concatenation, your own implementation of sin() and cosin(), all the way up to more advanced stuff like providing standard implementations of containers or collections (arrays, lists, sorted lists, dictionaries, etc)
For example the C++ standard library (which includes the STL - standard template library), or the Python standard libary, or the standard Java API, etc.
"standard hash function"
I presume you already know that hash tables and other containers that rely on hashes do not tend to operate on cryptographic hashes; as the goal is performance not security.
"standard hash" is not really "a thing". I just mean that for most containers most of the time, the hash function you would use is exceedingly simple, a member of the object you are storing or some trivial transformation of one. A lot of objects have a natural id (from a database or something) so you just use that.
vs a custom hash function, where you really spend some time looking at the data you are using and the way you are using it, and develop a hash function fine tuned to it, with confidence (even proofs) that the hashing function will yield a good distribution.
Why has it taken so long for PC users and major developers to realize this? Did it just take that long to replace SDTVs in living rooms?
Everything had to become more or less standard. Prior to HDMI you needed VGA or DVI and then had to figure something else out for audio. And even once you got HDMI you needed a computer that had an HDMI card. And for a lot of us the computer we use with the TV is our previous computer - since we primarily set it up for xbmc, music, photos, etc and performance wasn't a real concern.
So even though the tech was availablearound 07, yes its taken a while for hdmi equipped gaming capable computers to arrive in sizable numbers in the living room organically. And its only recent that that the trend has been accelerated by things like Steam's big picture mode, and developers have really started to target the pc in living room as a platform.
(and way more if you count tablets, like some silly analysts do),
As the tablets don't have thunderbolt ports its pretty irrelevant.
which is a lot of motivation for high-end peripheral manufacturers to build it into their high-end peripherals...
Meaning highend peripherals will support both thunderbolt and USB3.1? I mean its a high end peripheral right? so 2$ worth of hardware and some royalties aren't really a deal breaker.
And this ultimately just serves to marginalize thunderbolt even more, since the peripherals now have it, but you don't even need it to connect to them.
Compared to Hartbleed and this, I don't know of any of similar critical level and impact.
Any remotely exploitable bug that allows for remote code execution / priviledge escalation without user interaction is just as bad or worse.
After all, heartbleed was "just" a remotely exploitable memory "leak"; but if you have remote code execution, you can scan the memory and send home anything interesting; to the same effect as heartbleed, plus anything else you might want to do once you are running on the system.
Windows XP early on (until SP1 or 2?) was remotely exploitable in this way as I recall. And there have been other exploits just as bad over the years.
Heartbleed was a big deal but its not singularly bad. There's been others before it.
What sucks is when they ask you to write the full code for a balanced n-ary tree on a white board, then throw in the extra "how would you generate a unique hash from it for a performance intensive application?" to add insult to injury.
Pretty much, this.
You'd look at what the available standard container libraries are for the language you are using, and see what fits best.
Maybe a standard container with a standard hash function is all you need. Maybe a standard container, with a custom hash function.
Odds that I really need to write a container class from scratch for a project? Nearly zero. And if I do a generic from-the-top of my head implementation on a whiteboard is NOT going to be remotely suitable and a person who can do that isn't going to be that useful -- you need to first know WHY a standard container or hashing algorithm isn't going to be suitable, and then code specifically to that deficiency.
On an Internet-connected PC, you have to worry about antivirus and other security issues.
Behind a NAT not really, unless you use a web browser.
Or on an Internet-disconnected PC, you have to worry about reconnecting it to the Internet every few weeks so that Steam can renew its receipts.
a) Steam is not the only store out there.
b) If connecting the PC to the internet now and then was a problem for you, you probably aren't shopping at steam in the first place.
That and the PC doesn't have quite as many games designed to be played with multiple controllers.
This is true. This is also changing.
PC multiplayer games tend to be designed around the assumption of one player per machine so that the publisher can sell multiple licenses to a single household.
It was never a conspiracy to sell more copies.
The reason PC games are historically "single-user per computer" is that few users had them set up to ergonomically accommodate multiple players in front of one screen anyway. Few households even had controllers, never mind multiple controllers, and sharing a keyboard and mouse was impossible for all but the simplest games.
Now that PCs are starting to regularly show up in the living room attached to the TV, and can pair easily with xbox controllers we are starting to see support for that type of game. Its already common with indie games etc.
Much less so with FPS... but FPS or RTS but those are still predominantly keyboard and mouse and that's not really shareable.
When they install a stop sign, it's because they have good reasons for wanting you to stop.
Or its the default, nobody really thought about it, and even the city engineer who spec'd it just phoned it in knowing that he'll never lose his job if he specs stop sign even if a yield sign would have been just as safe.
Snatching a logon and going onto the website while impersonating that user is a whole different bucket of fish, and is way too vague to prove to a jury that you were just looking versus planting evidence.
I don't see how that is different. Why can't the defendant be present?*, and/or there be a chain of custody with other official witnesses to verify what was done. e.g. the police logs on with the account at the station, with cameras, and witnesses...??
* And how does the defendants presence even establish anything anyway? His testimony isn't given a lot of weight in a he-said she-said vs the police - if getting out of a drug bust was as simple as saying "I was there when the police searched my jacket and he planted the drugs on me" then every dealer and junkie who ever got picked up would say just that whether it was the truth or not. Clearly "its not mine, you put it there" isn't generally a viable defense.
("So, officer, you logged in as the user and acted on his behalf in the website? How do we know that you and your cohorts didn't plant the evidence yourself? Tainted evidence, yerhonor!")
Yet... "So, officer, you opened the defendants trunk and 'found' drugs there? How do we know that you and your cohorts didn't plant the evidence yourself? Tainted evidence, yerhonor!"
Doesn't seem to be a get out of jail free card for people getting pulled over and having their vehicle searched.
Hell, even if the police get a warrant before searching the car, they can still theoretically plant evidence --since the police are the ones executing the warrant.
Slashdot Mirror
Is there any reason I should keep the router's preinstalled firmware and not flash openwrt as fast as I can?
Installing OpenWRT is scary and confusing. Its not bad after you've done it a few times, but it's not at all obvious where to start.
The documentation and website isn't structured or layered to support end users. Its by openwrt developers for openwrt developers with end user stuff mixed in willy-nilly.
It starts out barely accessible to the average user and then rapidly veers off into territory beyond even the average computer nerd.
http://wiki.openwrt.org/doc/ho...
When people say a router is bricked, this very generally means, that it does not function properly any longer and the reasons can be various. First of all, you should calm down, relax and read flash layout, file systems in OpenWrt and bootloader CLI. Now depending on what exactly is broken, you have several possibilities...
Yes, calm down, relax, and learn about the differences between NAND and NOR flash, relatively obscure filesystems, master and partition boot records... no problem right? You do have JTAG cables right? And an Arduino board you can use to upload a sketch that will send the debrick commands via serial? How are your soldering skills because you might need them! Here's the serial pinouts for a DIR-835... your router might be different!
And I say this as someone who is using OpenWRT
yet these hedge funds themselves still do very well due to the fees they have hidden away in the fine print of the contracts
Which is why you should always invest in hedge fund companies, but not the actual hedge funds. :p
Teach them to use Email.
Says someone who doesn't know the difference between IM and email.
Google Talk is just XMPP, so any desktop IM program should support it just fine.
That's what I'd heard to but I've been having trouble getting it working lately with 'hangouts'. I recently tried Spark for example (from igniterealtime.org and was unable to get it to connect); although I'd had it working previously with google talk (ie "before" they forced hangouts on everyone.)
/facepalm
You know, that might actually work for me here... I can't believe it didn't occur to me to look at IRC.
That requires having or borrowing an iphone or ipad (Basically, go to settings, iMessage, login with you apple id then tell it not to use iMessage for your phone number).
Ok, and what happens when that doesn't work?
Because while that solves it for most people, it doesn't solve it for everyone. Believe it or not, there is an actual bug somewhere preventing that from "just working" for everyone.
What would be a better solution is Apple making it cross platform. This way, no matter what platform one is on, iMessages go through
What, and lose the locking. I know several families right now that are stuck on ios because someone in the the family (usually a child or senior parent) uses an ipod touch or ipad that -can't- fall back to SMS; and it often crosses households (grandparents / grandchildren living somewhere else etc... so now the entire family is stuck on ios...)
Sure one could install a different IM... but imessages appeal is the seamless IM / SMS experience and installing a whole new program just to talk to one person, and that person ALSO has to install it ... its a genuine obstacle in this case.
And there really isn't a good cross platform IM client that has desktop, ios, android, windows phone, and blackberry support. Hell, even google talk ... er hangouts is ruled out now that there is no proper desktop client.
Interesting that the "story" - such that it is - contains no links to substantiate such a huge issue
http://lmgtfy.com/?q=sms+wont+...
Single person has annoying but minor problem texting random social contact, assumes huge conspiracy and general incompetenceæ
Yeah, its a well known and widespread problem. Sending and receiving after switching away from an iphone.
Everyone I know who has an iphone and switched to an android has encountered it, along with related issues resulting from travelling with an iphone and disabling data temporarily, and so on. Sometimes the incantations apple prescribes to fix it work, sometimes the carrier has to do something to get it working again, and some just refuse to work no matter what they do.
How does the printing function work?
Who cares, just save the text files to the host machine, and then print from that.
Eighth generation AAA
We're at a cusp right now. You make a good point that as the game development shifts towards ps4 / xbox one that 5+ year old PCs with Intel graphics are going to fall behind again, but the ps4 and xbox one JUST luanched.
The cycle will repeat, the ps4 and xbox one are already behind current PC graphics, game development will be pinned to them for the next decade.
My HTPC has been my HTPC for a couple years already, the Q6600 was released in 06 after all. I'll have my i7 3770k with a geforce 660 in my living within the next year or so. Anyone else rolling their main PC over to the living room will be bringing in hardware that will be fine for a decade.
And we don't really know what's going to happen in the future, right now, the 'home office pc/gaming rig' gets rolled into the HTPC when the gaming rig gets replaced -- but if PC gaming in the living room continues to trend then maybe next new pc will go straight to the living room, and the office will get the older unit. After all the main gaming rig goes where the gamer does... if the gamer moves, so goes the rig.
We've also got the steambox coming and its going to be a factor of some sort I think given Valve's position in PC gaming.
But the commercial failure of OUYA showed that not enough people will buy into a platform just for indie games. This is why a successful video gaming platform needs AAA support.
But perhaps it can be a successful platform with new indie games and support for "last years" AAA games.
Some TVs, such as my Vizio VX32L, have an analog audio input by one of the HDMI video inputs. This is designed for use with DVI-D to HDMI cable, as I mentioned in this table.
My HTPC setup didn't become simple or satisfactory until I had a PC that output audio over hdmi, and in addition to an HDTV I also had a receiver that did HDMI passthru and switching. So hooking up the PC to the big tv became as simple as plugging it into the receiver; and i got full 1080p resolution without any futzing around and full surround sound support. And I can 'switch to PC' with one button on my remote.
Working with last generation equipment was a pain. My previous HTPC setup was DVI to the TV + optical out to the receiver; and I'd had to spend considerable effort getting everything to work properly; there were issues with overscan that had to be resolved, getting the audio working was a pain, and I had to put the tv and receiver both on specific settings to get picture and sound each time i switched to it. It worked in 2007 but it was nerd territority, not nearly as user friendly as it is now.
Good point. Adding to my list of counterarguments.
Reasons why not? Not sure I follow -- on the one hand yes, it means there is probably a 'weaker' PC hooked up to the TV then the latest and greatest; on the other hand today's weaker PC is no longer gaming obsolete.
My 'previous pc' for example is a Q6600 with an nvidia 9600 series, and I've yet to run into a game I wanted to play that I couldn't.
Yes and no. Yes, in that in principle it is a hole.
No, in that nobody has ever in the history of me owning or working with computers ever wanted to attach a random PCIe card that they pulled out of their pocket to my computer, or any computer I manage.
USB devices on the other hand...are a routine occurrence. And firewire external drives as well, while far from routine have happened.
So if USB3 has the same DMA vulnerabilities that firewire does, then yes its a pretty big deal.
"standard container"
Virtually all languages ship with a set of libraries containing functions or classes etc that you can use; so you don't have to write your own string concatenation, your own implementation of sin() and cosin(), all the way up to more advanced stuff like providing standard implementations of containers or collections (arrays, lists, sorted lists, dictionaries, etc)
For example the C++ standard library (which includes the STL - standard template library), or the Python standard libary, or the standard Java API, etc.
"standard hash function"
I presume you already know that hash tables and other containers that rely on hashes do not tend to operate on cryptographic hashes; as the goal is performance not security.
"standard hash" is not really "a thing". I just mean that for most containers most of the time, the hash function you would use is exceedingly simple, a member of the object you are storing or some trivial transformation of one. A lot of objects have a natural id (from a database or something) so you just use that.
vs a custom hash function, where you really spend some time looking at the data you are using and the way you are using it, and develop a hash function fine tuned to it, with confidence (even proofs) that the hashing function will yield a good distribution.
Why has it taken so long for PC users and major developers to realize this? Did it just take that long to replace SDTVs in living rooms?
Everything had to become more or less standard.
Prior to HDMI you needed VGA or DVI and then had to figure something else out for audio. And even once you got HDMI you needed a computer that had an HDMI card. And for a lot of us the computer we use with the TV is our previous computer - since we primarily set it up for xbmc, music, photos, etc and performance wasn't a real concern.
So even though the tech was availablearound 07, yes its taken a while for hdmi equipped gaming capable computers to arrive in sizable numbers in the living room organically. And its only recent that that the trend has been accelerated by things like Steam's big picture mode, and developers have really started to target the pc in living room as a platform.
(and way more if you count tablets, like some silly analysts do),
As the tablets don't have thunderbolt ports its pretty irrelevant.
which is a lot of motivation for high-end peripheral manufacturers to build it into their high-end peripherals...
Meaning highend peripherals will support both thunderbolt and USB3.1? I mean its a high end peripheral right? so 2$ worth of hardware and some royalties aren't really a deal breaker.
And this ultimately just serves to marginalize thunderbolt even more, since the peripherals now have it, but you don't even need it to connect to them.
USB 3.0 added DMA and async (no-polling) control. CPU usage should be on par with FireWire.
DMA?
So is it a gaping security hole like Firewire now too?
Compared to Hartbleed and this, I don't know of any of similar critical level and impact.
Any remotely exploitable bug that allows for remote code execution / priviledge escalation without user interaction is just as bad or worse.
After all, heartbleed was "just" a remotely exploitable memory "leak"; but if you have remote code execution, you can scan the memory and send home anything interesting; to the same effect as heartbleed, plus anything else you might want to do once you are running on the system.
Windows XP early on (until SP1 or 2?) was remotely exploitable in this way as I recall. And there have been other exploits just as bad over the years.
Heartbleed was a big deal but its not singularly bad. There's been others before it.
What sucks is when they ask you to write the full code for a balanced n-ary tree on a white board, then throw in the extra "how would you generate a unique hash from it for a performance intensive application?" to add insult to injury.
Pretty much, this.
You'd look at what the available standard container libraries are for the language you are using, and see what fits best.
Maybe a standard container with a standard hash function is all you need.
Maybe a standard container, with a custom hash function.
Odds that I really need to write a container class from scratch for a project? Nearly zero. And if I do a generic from-the-top of my head implementation on a whiteboard is NOT going to be remotely suitable and a person who can do that isn't going to be that useful -- you need to first know WHY a standard container or hashing algorithm isn't going to be suitable, and then code specifically to that deficiency.
On an Internet-connected PC, you have to worry about antivirus and other security issues.
Behind a NAT not really, unless you use a web browser.
Or on an Internet-disconnected PC, you have to worry about reconnecting it to the Internet every few weeks so that Steam can renew its receipts.
a) Steam is not the only store out there.
b) If connecting the PC to the internet now and then was a problem for you, you probably aren't shopping at steam in the first place.
That and the PC doesn't have quite as many games designed to be played with multiple controllers.
This is true. This is also changing.
PC multiplayer games tend to be designed around the assumption of one player per machine so that the publisher can sell multiple licenses to a single household.
It was never a conspiracy to sell more copies.
The reason PC games are historically "single-user per computer" is that few users had them set up to ergonomically accommodate multiple players in front of one screen anyway. Few households even had controllers, never mind multiple controllers, and sharing a keyboard and mouse was impossible for all but the simplest games.
Now that PCs are starting to regularly show up in the living room attached to the TV, and can pair easily with xbox controllers we are starting to see support for that type of game. Its already common with indie games etc.
Much less so with FPS... but FPS or RTS but those are still predominantly keyboard and mouse and that's not really shareable.
Luis Royo and Boris Vallejo
soft core fantasy porn
Giger
hard core creepy sci-fi demonic mechanized rape porn
They aren't even in the same ballpark.
Hmm...well mine is black and leathery and doesn't contain a "whole lot of money". Perhaps I should switch to brown.
When they install a stop sign, it's because they have good reasons for wanting you to stop.
Or its the default, nobody really thought about it, and even the city engineer who spec'd it just phoned it in knowing that he'll never lose his job if he specs stop sign even if a yield sign would have been just as safe.
Snatching a logon and going onto the website while impersonating that user is a whole different bucket of fish, and is way too vague to prove to a jury that you were just looking versus planting evidence.
I don't see how that is different. Why can't the defendant be present?*, and/or there be a chain of custody with other official witnesses to verify what was done. e.g. the police logs on with the account at the station, with cameras, and witnesses...??
* And how does the defendants presence even establish anything anyway? His testimony isn't given a lot of weight in a he-said she-said vs the police - if getting out of a drug bust was as simple as saying "I was there when the police searched my jacket and he planted the drugs on me" then every dealer and junkie who ever got picked up would say just that whether it was the truth or not. Clearly "its not mine, you put it there" isn't generally a viable defense.
("So, officer, you logged in as the user and acted on his behalf in the website? How do we know that you and your cohorts didn't plant the evidence yourself? Tainted evidence, yerhonor!")
Yet...
"So, officer, you opened the defendants trunk and 'found' drugs there? How do we know that you and your cohorts didn't plant the evidence yourself? Tainted evidence, yerhonor!"
Doesn't seem to be a get out of jail free card for people getting pulled over and having their vehicle searched.
Hell, even if the police get a warrant before searching the car, they can still theoretically plant evidence --since the police are the ones executing the warrant.
Windows 7, no update fails.
Google only has millions of results for "Windows 7 service pack 1 won't install" and the same for OS X updates.