And, if your firewall denies outgoing ICMP's (in heavy quata, and with spoofed ips..) it may not be used in a smurf attacks. Furthermore, if the firewall says "no more than 10 outgoing SYN requests per 5 seconds" we can forget about synflooding too:)
Even simpler: set up the firewall to only allow outgoing connections to the originating client and its subnet. Sure this could be easily noticed (when Mr. H4cx0r does 'ping slashdot.org'... then okay allow all ICMP, but rewrite all ICMP echo-request packets to be standard ping; this might be complicated though), but it would allow the hacker to connect to whatever he wants on his own system (well if you log the connections, you can connect there too:-).
Of course this would need some tweaking to make it totally transparent.
Re:We win! Where is the Party?
on
Microsoft Loses
·
· Score: 2
Well, how about posting the story to Slashdot, and then we all can have a troll-fest! Oops, that's done already. Plan B: give a Linux CD to each of your Microsoft friends, with a copy of the settlement attached.
I don't see how XML would help the specific situation you note of building a single module in the tree. The configuration is a complex, interacting set of different parameters, for which XML might help to alleviate some of this complexity, but the problem of building a specific module is that there are many different configuration options that may apply to that module, for which the.depend's would work well. Possibly a differnt sort of restructuring is in order: configure each modularized part of the kernel individually (doesn't necessarily have to be compiled as a module, but anything with the capability of being at least partially split from the rest of the kernel), and then from the configuration decisions for each module, an overall set of configuration options can be developed. Note that menuconfig already largely does this, but its handling of dependancies is what makes me suggest a new format. This way, only the specific part of the kernel that you want to compile will be configured, and then you can selectively compile just that part without messing up anything else. Possibly this involves a modification to the makefile, to be able to smartly handle something like 'make ne.o', or even 'make module' ("Select a module to compile:", list), as opposed to or in addition to the existing 'make modules' (which simply recurses through all the kernel directories and runs 'make modules' there).
As for XML on other configuration files, there is of course the problem of the XML spec. Though the main idea is the same, one type of XML document can look very different from another XML document. Thus there would still be a problem with different config files. Moreover, each program would have to largely write an XML parser, even if it used a shared library for the purpose. Further, there is a natural difference between how programs are configured. Some programs fall readily into a key:value-type ordering (in which case the Windows.ini file works quite well), while others are much more variable (like the driver list for sane -- that should be on separate lines). I agree, however, that there should be a standard for how config files are done. I see a few different general types that can all be reduced to one general format:
key [whitespace] value key:value key=value
In this case, I recommend:
key=value
since '=' is not often used in 'value'.
Also, any subsections should be keyed like XF86Config (Section... Subsection...EndSubSection...EndSection), to allow for multiple layers of sections.
Any takers to draft a standard? Has one already been made? Anyone want to write a shared library to parse whatever?
XML is not some sort of magic panacea for all conceivable problems (though a good number of companies market their 'XML Solutions' as being such). I'll stay with the traditional format (yeah, you move everything over to a new format -- so what if it's archaic; it works without significant effort).
The only problem with the old system that I can see is patching. When you have multiple patches to your kernel, patch might not be able to integrate a context diff into the Documentation/Configure.help file etc. Easy solution: don't patch your kernel:-).
You see, MS doesn't have this problem. They give you one kernel, and you live with it.
> Hmm, interesting. It seems we've got ourselfs a new category: upgrades.
The stupid English language says that it's spelled 'ourselves'.
Really, look at the icon. beady thing (abacus?) => printing calculator => laptop (is it just me, or do I see <evil>clouds</evil> in the background?). Let's add => Linux:-).
The problem is, if they ever decide to use the computer as a server, it'll suffer the same problem as NT: your OpenGL screen saver will slow Apache to a crawl:-(. (Well actually it depends on what is doing the rendering. If the X server is handling thousands of graphics draws at 32 bbp, 80 times per second, for a screen saver that doesn't optimize its graphics calls, then you have major slowdowns, because the X server has to do all that processing (I've seen X take up 90% up my P3-450 once). However, a software GL (Mesa) running in the process space of the un-neg-niced screen saver process itself won't harm much.)
But still, that's a good idea, and I think I'll do that.
Check out the Palm theme for WinAmp, at the linked site (I had a link, but Mozilla crashed -- hey, a good excuse:-). There's also a MacOS X theme (pretty, my favorite actually).
For us Linux folks, they all work perfectly in XMMS too!
(define a 'i) (define b #\ ) (define c 'w) (define d 'a) (define e 's) (define f 'n) (define g #\') (define h 't) (define i 'h) (define j 'k) (define k 'g) (define l 'b) (define m 'o) (define n 'u) (define o '.) (string-append a (string-append b (string-append c (string-append............
Just for starters:-) (a whole bunch of "call-with-current-continuation"s (Scheme, but so what) would really drive people up the wall.)
Too bad I spend so much time writing a reply to an AC. btw, what I was trying to say obfruscatedly and incompletely above was "I wasn't thinking about that."
The problem is that everyone is too lazy to make a real patch, and instead just make random suggestions, and then if and when the joke is finally updated, the suggestions remain with no markings that they are obsolete.
Tell CmdrTaco that comment posters should have a way to delete their comments (in case of story update, Submit-instead-of-Preview errors, brief moments of flaming anger, etc.), retaining all moderation and karma impact that they have had so far, and giving any repliers the chance to re-post their replies elsewhere before the parent is deleted, but in any case the reply would still have its cid place in the discussion (just not linked to a "directory" -- this is one thing fsck checks for) so that links to the reply would still work right.
But if you're going to continue the open-sourced-edness of it all, Rob should give out the Slashdot versions of all scripts, including the administrator scripts -- we know that Slashdot does not take Slashcode verbatim.
Anyway, it's funnier when the joke and the replies to / reflections on the joke are independant entities. Just try to integrate my patch into the original joke.
Posting stuff in hacker(/script kiddie)-ese is not any joke -- it's still English, and x % of us nerds can read it without trouble. If you really wanted to make an April Fools joke, post a story in LISP.
And even with journalling, there's still the chance of corruption (media corruption, buggy fs code, virii, etc.). This is true with all oses with journalling.
Gives all the servers a chance to fsck their disks (oh, they don't know how to do that in NT -- well let the disk just stay [un-]fscked -- no; the fsck that the NT installer did when it first installed will last for a long time:-)
Gives people an opportunity to break the smallest uptime record (power on, 12:00AM, power down 12:00AM + 1 nanosecond)!
Hardware upgrades, anybody?
The routers will have to rebuild their routing caches. Maybe they'll rebuild them more efficiently.
There will be fewer idiots online for at least a few days.
Slashdot will not get trolled.
Slashdot will have a good excuse to delete all existing trolls.
Hemos said so.
We can find all the servers still up, and hack them because they'll be more vulnerable! Never mind -- that would require our servers being up:-).
There's nothing like a little downtime to complete your day.
While you're rebooting, x86 people, go in your BIOS and set your date to GMT if it isn't already. Cuz here I see 8:35 PM, Fri Mar 31.
Sysadmins, if your server is down, how can you be expected to administrate it? Go party! Let the hardware techs have your babies for a [insert what used to be a short amount of time here].
Somebody learn how to make a codec for Quicktime (developer.apple.com). But instead of actually making a codec, write a very simple program that runs an audio stream through a codec and outputs the result to, say, a temporary file. Make this program for Windows.
Distribute it and get thousands of downloads from open-source fans, who don't realize that the same capability is already built into the Quicktime player they'll have to download anyway to get the codec:-).
This is the important step. Reboot into Linux; run Wine on your program. Cross your fingers -- like 360-degree cross. Select the QT codec, and select your source audio/video stream.
Experience the worst Wine crash ever. Then get the right DLLs native or not native, and try again. And again.
When it works, find your temporary file with xanim. Click Play. Have lots of fun.
Remember, there are many UNIXes (or unices, if you prefer), and more importantly, many different processors that they can run on. That would mean (UNIXes) * (avg. # of processors supported) number of binaries, if they were going to do it right. Now doing this as an xanim plugin would make things that much easier -- considering that an xanim plugin is basically restricted to xanim's API (not completely, but more than a typical independant program), porting to a different UNIX or a different processor might be no more than a recompile, assuming that the codec is byte-order independant (which the smart people at Apple should know to do). But they have to do it. We just have to hope that Apple is too lazy to recompile the codec, and just releases the source and tells us to do it:-). Actually, going by other people's comments, open-sourcing is not an option even if Apple wanted to, but I'd like to see the text of that agreement -- maybe there's a way for Apple to get by (either by using the GPL, by which the original author of the program retains rights to it, or by writing their own, more restrictive, license).
Slashdot Mirror
I meant the ones with > 56 data bytes, malformed packets, etc.
Even simpler: set up the firewall to only allow outgoing connections to the originating client and its subnet. Sure this could be easily noticed (when Mr. H4cx0r does 'ping slashdot.org' ... then okay allow all ICMP, but rewrite all ICMP echo-request packets to be standard ping; this might be complicated though), but it would allow the hacker to connect to whatever he wants on his own system (well if you log the connections, you can connect there too :-).
Of course this would need some tweaking to make it totally transparent.
Ken
Include a FURBY!!!
or should I say:
tha's upid.mpoblegnyflrw
hI:
It's cool. What other reason do you need?
I elaborate anyway: it's like a worldwide Beowulf cluster, except sorta not.
Further, it shows what a whole bunch of idle CPU cycles can accomplish.
And anyway, see the subject: why not?
Wow -- thanks man! Sysinternals.com is awesome!
Well, how about posting the story to Slashdot, and then we all can have a troll-fest! Oops, that's done already. Plan B: give a Linux CD to each of your Microsoft friends, with a copy of the settlement attached.
I don't see how XML would help the specific situation you note of building a single module in the tree. The configuration is a complex, interacting set of different parameters, for which XML might help to alleviate some of this complexity, but the problem of building a specific module is that there are many different configuration options that may apply to that module, for which the .depend's would work well. Possibly a differnt sort of restructuring is in order: configure each modularized part of the kernel individually (doesn't necessarily have to be compiled as a module, but anything with the capability of being at least partially split from the rest of the kernel), and then from the configuration decisions for each module, an overall set of configuration options can be developed. Note that menuconfig already largely does this, but its handling of dependancies is what makes me suggest a new format. This way, only the specific part of the kernel that you want to compile will be configured, and then you can selectively compile just that part without messing up anything else. Possibly this involves a modification to the makefile, to be able to smartly handle something like 'make ne.o', or even 'make module' ("Select a module to compile:", list), as opposed to or in addition to the existing 'make modules' (which simply recurses through all the kernel directories and runs 'make modules' there).
.ini file works quite well), while others are much more variable (like the driver list for sane -- that should be on separate lines). I agree, however, that there should be a standard for how config files are done. I see a few different general types that can all be reduced to one general format:
As for XML on other configuration files, there is of course the problem of the XML spec. Though the main idea is the same, one type of XML document can look very different from another XML document. Thus there would still be a problem with different config files. Moreover, each program would have to largely write an XML parser, even if it used a shared library for the purpose. Further, there is a natural difference between how programs are configured. Some programs fall readily into a key:value-type ordering (in which case the Windows
key [whitespace] value
key:value
key=value
In this case, I recommend:
key=value
since '=' is not often used in 'value'.
Also, any subsections should be keyed like XF86Config (Section... Subsection...EndSubSection...EndSection), to allow for multiple layers of sections.
Any takers to draft a standard? Has one already been made? Anyone want to write a shared library to parse whatever?
Yeah -- Ken
XML is not some sort of magic panacea for all conceivable problems (though a good number of companies market their 'XML Solutions' as being such). I'll stay with the traditional format (yeah, you move everything over to a new format -- so what if it's archaic; it works without significant effort).
:-).
The only problem with the old system that I can see is patching. When you have multiple patches to your kernel, patch might not be able to integrate a context diff into the Documentation/Configure.help file etc. Easy solution: don't patch your kernel
You see, MS doesn't have this problem. They give you one kernel, and you live with it.
> Hmm, interesting. It seems we've got ourselfs a new category: upgrades.
:-).
The stupid English language says that it's spelled 'ourselves'.
Really, look at the icon. beady thing (abacus?) => printing calculator => laptop (is it just me, or do I see <evil>clouds</evil> in the background?). Let's add => Linux
The problem is, if they ever decide to use the computer as a server, it'll suffer the same problem as NT: your OpenGL screen saver will slow Apache to a crawl :-(. (Well actually it depends on what is doing the rendering. If the X server is handling thousands of graphics draws at 32 bbp, 80 times per second, for a screen saver that doesn't optimize its graphics calls, then you have major slowdowns, because the X server has to do all that processing (I've seen X take up 90% up my P3-450 once). However, a software GL (Mesa) running in the process space of the un-neg-niced screen saver process itself won't harm much.)
But still, that's a good idea, and I think I'll do that.
Check out the Palm theme for WinAmp, at the linked site (I had a link, but Mozilla crashed -- hey, a good excuse :-). There's also a MacOS X theme (pretty, my favorite actually).
For us Linux folks, they all work perfectly in XMMS too!
8. A cross-platform skinning engine.
That was part of my original post (the fsck that the NT installer did for you).
Scheme, actually:
............
:-) (a whole bunch of "call-with-current-continuation"s (Scheme, but so what) would really drive people up the wall.)
(define a 'i) (define b #\ ) (define c 'w) (define d 'a) (define e 's) (define f 'n) (define g #\') (define h 't) (define i 'h) (define j 'k) (define k 'g) (define l 'b) (define m 'o) (define n 'u) (define o '.) (string-append a (string-append b (string-append c (string-append
Just for starters
Too bad I spend so much time writing a reply to an AC. btw, what I was trying to say obfruscatedly and incompletely above was "I wasn't thinking about that."
Thanks to macpeep, here's the complete menu screen. See the other reply though for why this is totally worthless:
Address |Calc| Date BookExpense | Graffiti | HotSync
Mail| Memo Pad | Palmscape
Prefs| Security | To Do List
The problem is that everyone is too lazy to make a real patch, and instead just make random suggestions, and then if and when the joke is finally updated, the suggestions remain with no markings that they are obsolete.
Tell CmdrTaco that comment posters should have a way to delete their comments (in case of story update, Submit-instead-of-Preview errors, brief moments of flaming anger, etc.), retaining all moderation and karma impact that they have had so far, and giving any repliers the chance to re-post their replies elsewhere before the parent is deleted, but in any case the reply would still have its cid place in the discussion (just not linked to a "directory" -- this is one thing fsck checks for) so that links to the reply would still work right.
But if you're going to continue the open-sourced-edness of it all, Rob should give out the Slashdot versions of all scripts, including the administrator scripts -- we know that Slashdot does not take Slashcode verbatim.
Anyway, it's funnier when the joke and the replies to / reflections on the joke are independant entities. Just try to integrate my patch into the original joke.
Actually, it would look funnier if it was instead run through the Dialectizer (no link handy)
Posting stuff in hacker(/script kiddie)-ese is not any joke -- it's still English, and x % of us nerds can read it without trouble. If you really wanted to make an April Fools joke, post a story in LISP.
btw, Google's got a neat new feature.
yeah well neither do Reiser, ext3, etc.
And even with journalling, there's still the chance of corruption (media corruption, buggy fs code, virii, etc.). This is true with all oses with journalling.
sorry people -- I couldn't resist.
Address -- Calc -- Date Book
Expense -- ???? -- HotSync (could tell by the logo)
Mail -- Memo Pad -- ????
???? - Security -- To Do List
The picture was taken at 10:29. The category is All. I can't read the buttons, but it looks like they're the same as on the Palm.
Extremely Palmy.
I agree -- a few well-spaced - er, placed -
's would have allowed me to actually read the comment without just scrolling down.