Why don't they just spend their time writing a secure system that doesn't need AV guarding the keys to root? I can somewhat understand the uses of AV at the user level; more for people running proprietary software, but nothing that the user does should be able to compromise the rest of the system. People should see this as a _problem_, not a nice "free" feature.
There is a simple and elegant solution to this. Get on IPv6 via a 4to6 (tunnelbroker.net, sixxs), run your own resolver only on IPv6, and only browse on IPv6.
You'll get to see the most technologically ripe parts of the internet, and none of the bandwidth hogs like YouTube, Facebook, and probably 99.9% of all ads. You can even watch the exclusive *enhanced* Starwars in ASCII! (telnet://towel.blinkenlights.nl)
Or, you could just use Gopher.
Go Daddy will take down your domain if they hear a peep about it, and cause all sorts of trouble.
http://nodaddy.com/
I'd just run NSD and serve them from in-house (maybe get an external VPS as a slave).
I accidentally moderated a comment with the wrong option but did not see how to undo it. I know that I can do so by making, but there must be a better way.
On a side note, these comments are filled with FUD, mostly from people who have only heard a few rumors about what IPv6 is. Some really good comments though, but definitely a number that need to read more than a paragraph on what IPv6 is and how it works.
Creationism is not a theory. Two properties of a theory are: must be possible to disprove; and must be able to predict results of a test. Creationism is capable of neither of these things.
It is impossible to test or disprove that an invisible man is living in the sky, therefore this is the realm of philosophy and spirituality. These things that have their place, but should not be interfering, aiming to replace, or masquerade as good science.
In the exact same respect, Evolution cannot be a theory with that logic. When the earth is decided to be billions of years old, life is said to evolve, and when it is decided that it is several thousand years old, life just evolved a bit faster. "Theory" status only fits on limited perspectives, such as gravity on earth and the laws of thermodynamics.
You can still look at which side has the most evidence and make a logical conclusion.
ReiserFS is still maintained quite well, and Reiser4 is coming along well. I personally use ReiserFS exclusively, and recommend sticking with it, or possibly trying out Reiser4.
Just run your own caching resolver if you don't 100% trust any local ones. I use Unbound and choose not to worry about which external DNS server is "safer", and give myself (overall) faster resolves in the process.
There are too many flaws in IPv4 to not want to break compatibility. Most server software supports IPv6 fine, it is just the lazy (or uninformed) people who refuse to roll it out until IPv4 is exhausted. Sure, we could NAT on top of NAT, but we need to break out of the gortesque chain soon.
Both of my domains (go-beyond.org and eleuther.net) are fully resolvable and reachable over IPv6. It is difficult for the early adopters, but you have to start somewhere. Please google and put some more informed thought into your stance on this.
Please, read before spreading this ignorant FUD. The IPv6 spec is quite modern and expandable in my mind. Every heard of ARP spoofing? NDP is vulnerable to the same thing but due to IPv6's extendablity there is a SEND (secure neighbor discovery) draft which solves that. There are many superiorities of NDP over ARP in the first place: http://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol . IPv6 is not just about 128 bits of addesses, it solves many problems and implements many needed features (multicast fixes, IPSec). Variable length addresses just makes things messy, and the difference between 1 byte and 4 bytes is minimal for eliminating NAT and other IPv4 woes. Oh, and you don't have to have 4GB jumbograms now (but ever think about the future? I still like to stick with an mtu of 1500 personally).
Especially the TLDs. Very few TLDs have DNSSEC which would make this attack practically impossible. IPv6 would allow for more source addresses as well, which is discussed in the link below.
If you run a recursive resolver I highly advise using Unbound. It is the most secure resolver I know of and has an incredible amount of thought put into it (without BIND's bloat). It has many provisions for DNSSEC-less zones. See: http://www.unbound.net/documentation/patch_announce102.html
C, Lua, and Assembler:-).
But, it may be wise starting him on some XHTML 1.1 first. I started my computing journey by learning HTML in Neopets ages back:-|.
That it is a great idea. Combined with only dropping RST packets for your torrent port you could have it match a specific TTL as well.
Try this:
iptables -I FORWARD 3 -p tcp --dport 36745 --tcp-flags RST RST -ttl-eq $EVILISPTTL -j DROP
http://nodaddy.com/ has plenty of GoDaddy horror stories, along with recommendations and experiences for alternative companies.
I say that we should all boycott GoDaddy.
Just use C and Lua and the world's problems will come to an end! No more headaches from reading C++, no more back pain from replacing servers with continually slowing down C# code!
Besides, once you turn your company's network into a perfect C+Lua setup, and 20 years from now if the world is headed in its current direction noone will likely know the languages and you can get more raises since you are the only one who can maintain their network!
Good for the open source community and Java itself, but I don't think the language is worth being free due to the time wasted using it, and additional eyestrain.
GoDaddy is one of the many horrible registrars. Things are not right when you have to be careful picking a registrar. http://nodaddy.com/ is a great site about the woes GoDaddy.
Pathetic. The "standard" is flawed technically, its bloated, and it was superseded before it was written. Goes to show how the ISO groups can be bought with bribes. Lets just hope that this turns out to be a bad nightmare, and tomorrow OOXML as a standard becomes a thing of the past.
I will try hard to not support this broken, worthless standard. Rise up and boycott OOXML!
I agree completely. C is my language of choice. In the case of GCC and G++, smaller and faster binaries are usually produced with C, and IMO it is so much more elegant to write in. Sure, you may spend a little more time initially coding a project for certain "petty" functions, but they will be so much easier to expand upon and improve later on. C++ just pains me to read. I enjoy Lua for scripting, though I am not yet very proficent with either C or Lua (I have mostly just read of the differences and benchmarks).
I think torrenting the movie is the best solution for large files. Switching their servers to Lighttpd would be a huge help as well (if they are on Apache or another slower HTTP daemon), but that certainly would not affect a bandwidth issue.
While Flash is used in so many places, I really don't see it as essential. You can do a lot with SVG's and the existing web standards, and embed video with an open codec. My main problems with it are that it is completely proprietary. I try to run a pure open source system, and consider any boxes of mine that use the proprietary Flash plugin to be compromised (at least, on the level of the user than runs it). I would really like a Flash, Perl, Python, C++,.NET, Ruby, and Basic free world:-).
Slashdot Mirror
Why don't they just spend their time writing a secure system that doesn't need AV guarding the keys to root? I can somewhat understand the uses of AV at the user level; more for people running proprietary software, but nothing that the user does should be able to compromise the rest of the system. People should see this as a _problem_, not a nice "free" feature.
Now his product can be shown to the evil geeks of Slashdot who might want such a thing.
No suprise here. But since when have their scare/sue/bribe tactics been constitutional?
There is a simple and elegant solution to this. Get on IPv6 via a 4to6 (tunnelbroker.net, sixxs), run your own resolver only on IPv6, and only browse on IPv6. You'll get to see the most technologically ripe parts of the internet, and none of the bandwidth hogs like YouTube, Facebook, and probably 99.9% of all ads. You can even watch the exclusive *enhanced* Starwars in ASCII! (telnet://towel.blinkenlights.nl) Or, you could just use Gopher.
Go Daddy will take down your domain if they hear a peep about it, and cause all sorts of trouble. http://nodaddy.com/ I'd just run NSD and serve them from in-house (maybe get an external VPS as a slave).
Wow, an intelligent comment. Thank you so much! Lets rid ourselves of the beast of NAT.
I accidentally moderated a comment with the wrong option but did not see how to undo it. I know that I can do so by making, but there must be a better way. On a side note, these comments are filled with FUD, mostly from people who have only heard a few rumors about what IPv6 is. Some really good comments though, but definitely a number that need to read more than a paragraph on what IPv6 is and how it works.
In the exact same respect, Evolution cannot be a theory with that logic. When the earth is decided to be billions of years old, life is said to evolve, and when it is decided that it is several thousand years old, life just evolved a bit faster. "Theory" status only fits on limited perspectives, such as gravity on earth and the laws of thermodynamics.
You can still look at which side has the most evidence and make a logical conclusion.
ReiserFS is still maintained quite well, and Reiser4 is coming along well. I personally use ReiserFS exclusively, and recommend sticking with it, or possibly trying out Reiser4.
Larry Silverstein (owner of the WTC) admitted that they had a controlled demolition. Why is this not mentioned anywhere? http://www.youtube.com/watch?v=7WYdAJQV100
Just run your own caching resolver if you don't 100% trust any local ones. I use Unbound and choose not to worry about which external DNS server is "safer", and give myself (overall) faster resolves in the process.
There are too many flaws in IPv4 to not want to break compatibility. Most server software supports IPv6 fine, it is just the lazy (or uninformed) people who refuse to roll it out until IPv4 is exhausted. Sure, we could NAT on top of NAT, but we need to break out of the gortesque chain soon. Both of my domains (go-beyond.org and eleuther.net) are fully resolvable and reachable over IPv6. It is difficult for the early adopters, but you have to start somewhere. Please google and put some more informed thought into your stance on this.
Please, read before spreading this ignorant FUD. The IPv6 spec is quite modern and expandable in my mind. Every heard of ARP spoofing? NDP is vulnerable to the same thing but due to IPv6's extendablity there is a SEND (secure neighbor discovery) draft which solves that. There are many superiorities of NDP over ARP in the first place: http://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol . IPv6 is not just about 128 bits of addesses, it solves many problems and implements many needed features (multicast fixes, IPSec). Variable length addresses just makes things messy, and the difference between 1 byte and 4 bytes is minimal for eliminating NAT and other IPv4 woes. Oh, and you don't have to have 4GB jumbograms now (but ever think about the future? I still like to stick with an mtu of 1500 personally).
Especially the TLDs. Very few TLDs have DNSSEC which would make this attack practically impossible. IPv6 would allow for more source addresses as well, which is discussed in the link below. If you run a recursive resolver I highly advise using Unbound. It is the most secure resolver I know of and has an incredible amount of thought put into it (without BIND's bloat). It has many provisions for DNSSEC-less zones. See: http://www.unbound.net/documentation/patch_announce102.html
C, Lua, and Assembler :-).
But, it may be wise starting him on some XHTML 1.1 first. I started my computing journey by learning HTML in Neopets ages back :-|.
That it is a great idea. Combined with only dropping RST packets for your torrent port you could have it match a specific TTL as well. Try this: iptables -I FORWARD 3 -p tcp --dport 36745 --tcp-flags RST RST -ttl-eq $EVILISPTTL -j DROP
http://nodaddy.com/ has plenty of GoDaddy horror stories, along with recommendations and experiences for alternative companies. I say that we should all boycott GoDaddy.
I thought that the standard American was clasified as a "superheavy" object. Although the McDonalds diet is hardly natural.
Just use C and Lua and the world's problems will come to an end! No more headaches from reading C++, no more back pain from replacing servers with continually slowing down C# code! Besides, once you turn your company's network into a perfect C+Lua setup, and 20 years from now if the world is headed in its current direction noone will likely know the languages and you can get more raises since you are the only one who can maintain their network!
Good for the open source community and Java itself, but I don't think the language is worth being free due to the time wasted using it, and additional eyestrain.
GoDaddy is one of the many horrible registrars. Things are not right when you have to be careful picking a registrar. http://nodaddy.com/ is a great site about the woes GoDaddy.
Pathetic. The "standard" is flawed technically, its bloated, and it was superseded before it was written. Goes to show how the ISO groups can be bought with bribes. Lets just hope that this turns out to be a bad nightmare, and tomorrow OOXML as a standard becomes a thing of the past.
I will try hard to not support this broken, worthless standard. Rise up and boycott OOXML!
I agree completely. C is my language of choice. In the case of GCC and G++, smaller and faster binaries are usually produced with C, and IMO it is so much more elegant to write in. Sure, you may spend a little more time initially coding a project for certain "petty" functions, but they will be so much easier to expand upon and improve later on. C++ just pains me to read. I enjoy Lua for scripting, though I am not yet very proficent with either C or Lua (I have mostly just read of the differences and benchmarks).
I think torrenting the movie is the best solution for large files. Switching their servers to Lighttpd would be a huge help as well (if they are on Apache or another slower HTTP daemon), but that certainly would not affect a bandwidth issue.
While Flash is used in so many places, I really don't see it as essential. You can do a lot with SVG's and the existing web standards, and embed video with an open codec. My main problems with it are that it is completely proprietary. I try to run a pure open source system, and consider any boxes of mine that use the proprietary Flash plugin to be compromised (at least, on the level of the user than runs it). I would really like a Flash, Perl, Python, C++, .NET, Ruby, and Basic free world :-).