448 posts • joined Monday 11th July 2011 11:16 GMT
Used Debian stable for 9 years
And that's on a £15/month virtual machine. It's never crashed once, and always been updatable and upgradeable using apt-get between stable releases, and only needing lower level tools to resolve package management conflicts on very rare occasions. Over that period uptime has been better than 99.9% , largely thanks to the skills of the hosting company. The worst bug affecting it was a memory leak which affected a few months operations before an upgrade to the next stable release fixed it to the extent that while the bug was active it needed rebooting about every 3 weeks. It probably gets rebooted about 2-3 times a year on average. I've never successfully adopted the same approach for desktops - due to these being much more complex systems to maintain in comparison with stripped down servers not needing the overhead of a GUI. On a desktop a full reinstall every couple of years clears out much unwanted cruft and many anomalies. I'm intending to go to Wheezy this summer, at a time when I've got a couple of days to sort out any issues if any arise, but based on past experience there's a good chance there won't be any.
I'm not a very frequent beer drinker as I drink more wine, but I like beer strong when I make it myself. The last lot I made must have been around 10 % ABV or so based on a specific gravity of 1090. Closest thing available commercially are some of the Belgian monastery triples. So it might take me up to a year to finish off one of my batches. And the taste gets better, smoother and rounder for the first 6 months, and never gets any worse in the following 6 months. I never touch it at less than 2 months old - it's too sharp and the taste complexity hasn't properly blended before then.
Re: Words on paper
'someone finds a picture of your daughter and puts a caption in it that says "Meet horny girls who want casual sex right now!" and uses it to advertise their website. There's some unexpected commercial value.'
As how certain insinuations above might be construed, that's defamation - copyright law was never intended for that purpose, other laws were and have a much more severe effect when used. Some lawyers take on that kind of work pro bono.
copyright != human right
It's in the US Constitution for a utilitarian purpose: promotion of the arts. It's in neither the US Bill of Rights, nor the European Convention on Human Rights. As a way of treating a kind of property which isn't taken away from its owner by being copied this may be in the Berne Convention, but as a utilitarian property right this is trumped by freedom of expression. For example being able to point your camera at a wall containing corporate designs and logos in order to capture what's happening in front of the inescapable background.
While the legal precendents and historical effects of tightening up this regime due to big media lobbying influence are long standing and well known, the UK government is starting to recognise that this makes for a very different kind of sense once electronic storage and transmission makes copying trivially easy for everyone, a matter of routine and very much unavoidable. They've made a start, but haven't gone nearly far enough in my view.
Re: ultra cheap homebrew
"Presumably you are also eating stuff during these 30 days?"
Well yes, assuming you don't want your liver to pack up. But at 22p a 70cl bottle per day you still have 78p for food, or you can have half a bottle a day for 11p and spend 89p on food. Lentils, pasta, boiled potatoes and carrots are likely to seem somewhat more satisfactory when washed down with a little booze, the calories from which are not wasted.
ultra cheap homebrew
1kg sugar - 67p. I sachet dried baking yeast (much cheaper about 5p in bulk). 1 litre UHT apple juice (60p needed for acidity and yeast nutrient. 3.5 litres clean tap water. Get water and apple juice to 25c, use discarded 5 litre water container. 1st 3 days cover with clean tissue and rubber band, then once fermenting with clean plastic bag and rubber band to let CO2 out.
Siphon carefully clear wine off sediment after 25 days, let settle for further 5 days, or filter through 1 sheet kitchen roll in seive if you don't have any plastic tube for siphon.
Result - 4.5 litres that's 6 bottles of just about drinkable light dry white wine in about 30 days at about 22p/bottle.
better than rsync ?
Not sure this one has that much to do with IPv6, though it will probably also work better over IPv6 once more people have it and those who do don't need to tunnel over IPV4 to get it.
I use rsync for quite a few shares and backups. But there probably are too many options, which means skilled administration skills are required. Then there are the questions of how many crontab entries and little shell scripts you need to keep everything working smoothly, and how to do this between different OSs. Something much easier for end users to administrate and which opportunistically restarts and resyncs when machines are up and networks are available could be more useful to those lacking configuration/administration skills.
One reason it will break
So who is a communications provider within the terms of this legislation ? Every one of the students I teach how to do client server programming ? Is a UDP echo test outside of this elaborate monitoring scheme, but once you use a pair of UDP calls to exchange texts typed in at a console you have to tell plod who called whom and when ? Presumably not - because someone learning how to write to a client-server API is too small to be a communications provider within the terms of the legislation ? So they expect to be able to use the black boxes to pick up the traffic anyway in plain text ? Fine until budding programmer learns to do the same trick using TCP over SSL. The black boxes on large network nodes won't catch this traffic now as it's encrypted, so obtaining the metadata described would then mandate changes to every installed socket API library. That's when there really would be a spy in every box, and somehow I don't see that happening - except perhaps on boxes and OSs where you can't see, change or recompile your source code and you get the software from big bad corps which do deals with nasty government agencies behind closed doors. That's a good reason to use open source on anything still capable of running a compiler and/or installing a different kernel as if there wasn't reason enough already.
On the scale of threats to $conventional
BC is no more a threat to the conventional currency game than any other casino using their own chips at the tables. If you want a greater diversion of economic activity away from conventional currency have a look at the network money WirBank in Switzerland accounts. Doesn't create any problem for the authorities though either, SMEs in Switzerland which trade in CHW still have to pay taxes in conventional CHF.
Old news and naked lobbyists
The fact that the limit on coal is based on how much of it you can afford to burn as opposed to how much is in the ground has been known well enough for a couple of decades now. The cost of different energy sources of course includes externalities - e.g. your and my increased insurance bill to cover losses resulting from weird weather and losses of those who can't afford insurance, (unless you're still in denial over the weird weather).
Yes there are externalities from other energy sources for example Mr Trump claiming the views from his newly acquired Scottish golf course will be spoiled by turbines several miles away, or the risk of living in the valley below a badly constructed hydro dam built in an earthquake zone, or the lifecycle management cost of nuclear waste.
Bring on a level playing field, but I doubt we all agree what that means, and I for one don't want all my energy eggs in one basket. I'm also sure Mr Trump can pay for more effective lobbyists to have the the wool pulled over our eyes than can a Chinese farmer living under the shadow of a new coal-fired power station to prevent us comparing like for like.
Insecurity results from a combination of complexity and complacency and while Linux is good it ain't no magic bullet.
Re: Good to see all the "heuristic malware scanners" are doing their job
Re: Red Shift - red faces
"So, what do you think? Did they?"
I'm far too inexpert to hold a strong view either way, but it's an interesting speculation. Highest observed redshifts suggest a z of around 8, and I guess (but am not sure this is what this means) this corresponds to the time multiple you would get in the duration of the burst. Gamma rays are such high frequency that a redshift reducing frequency by factor of 8 seems neither here nor there. Redshifts getting much closer to the start of the universe seem to multiply to much larger factors.
Red Shift - red faces
The further away the object, the longer in earth perceived time an event of a particular duration wrt the frame of reference of the exploding object will appear, due to the relativistic doppler shift which gives us a red shift to lower frequencies of objects further away, due to the expanding universe. I wonder if they've taken this into consideration in relation to the longer than expected duration of this event ? It would be a simple but embarrassing mistake if this is the case.
Re: If you don't know who the sucker is...
" If you have a dept in Bitcoins then it will grow perhaps massively in real terms with the deflation over time."
Or you will be able to redeem it for nothing when the bubble goes the way of all such. Or it will be like being on the wrong end of a short sell, with unlimited liabilities. People don't contract such obligations, unless they can be recalled at the instant that the limited bond securing the unlimited side of it runs out. It's because BC is inherently unsuitable for denominating debt/credit book-kept contracts that it's likely to remain a networked gambling game, a kind of online poker with a limited chip supply, amongst those sufficiently interested to play it until they lose interest.
Re: Free trade?
"the anonymity of purchase from point A to sale at point B would be an auditors nightmare with respect to laundering practice"
Bitcoin, use of Linden Dollars and online gambling are very minor problems from this point of view compared to cash.
DJBDNS now public domain.
Since 2007. And nicely supported in Debian package format. Had to compile it myself before then.
"As I understand it this wasn't actually a DNS amplification attack as you described in the article, instead they were sending DNS requests with the source address spoofed to be the target, causing the DNS servers to send its response directly to the target."
This aspect of the attack would be largely defeated by BCP 38, also known as RFC 2827 . Basically, spoofed UDP packets pretending to be from the party being attacked would not get through an ISPs customer-facing routers, unless sent from the same network as the party being attacked.
Sure, DNS configurations also need tightening up here as Trevor and some of the comments describe, but this is also something the ISPs need to get to grips with, and start offering worse peering terms to those which don't .
For a copyright maximalist to be worrying about freedom of speech, given I can't use a debugger in relation to something I've bought, and publish what I discover if it relates to a copyright protection mechanism and go to the US without being arrested. Clearly Andrew seems to want one law for the benefit of big media, and different laws for everyone else.
Re: protection racket
now for a few quid we could look after you... you wouldn't want anything... bad... to happen"
That's a bit like accusing fencing installers or padlock manufacturers of a protection racket, if you have an apple tree in your front garden and your lack of a fence results in local kids thinking your apples were available for free. They may well not be, but you'd probably get better redress in the small claims courts against local kids scrumping them if you had put up a fence.
Rumour mill amplifies simple mistake
Such happened pre internet, and I can't imagine why the internet should make this phenomenon go away. People thought spinach had 10 times as much iron as it really has for about 100 years after a Victorian analytical chemist got a decimal place wrong in a calculation, a mistake amplified in the public imagination by the Popeye cartoons.
"That is why I think there should be a larger focus on breaking the spammers' business models at the downstream end, not upstream where Spamhous and Microsoft have been firing their big cannons."
Fully agree with you there.
What we need are better tools to allow the large number of spam-haters more actively cut the spammers away from their small number of suckers and victims."
I've worked on developing anti-spam tools for some time. A problem here is that the primary motivation for doing so is to get a cleaner message stream without losing wanted messages. Putting spammers out of business has to be secondary to this primary objective. Spamhaus have done excellent research here also, which has led to prosecutions and jail terms. But the need to have a very low false positive rate means some false negatives inevitably get through, enough probably for the small proportion of suckers to support the spammer business model.
So I agree with what you are trying to achieve, but I think this probably needs to be recast as a social, educational and legal solution, because it probably can't be handled as a technical model without very major changes to the email model as it now exists. It might become possible to do more of the latter in the sense of requiring much higher authentication and reputation lookup standards when accepting SMTP over IPV6, and then everyone gradually letting IPV4 SMTP become marginalised before switching it off entirely.
Desktop mail server
You can certainly run a mail server on a desktop if you wish, but you'd do well to relay outgoing email from it through a smarthost which Spamhaus doesn't block, e.g. your ISP's smarthost, and which doesn't block you due to not knowing your address as one of theirs or if it can't authenticate you, or due to you sending more than the smarthost operator policy allows. It also helps greatly if you have a static IP address, or one which changes very, very infrequently for incoming mail. You'll have to ensure the incoming domain MX record is pointed at your IP address, preferably dynamically if you IP changes.
I've done this experimentally and successfully for small volumes for years, but I put my production email server and services for non-experimental work on a £15/month hosted virtual machine which has a static IP. I use the production email server as my own smarthost, and use authenticated SMTP from my home system to relay outgoing.
"Random numbers should not be generated with a
method chosen at random." Donald Knuth
"So why has Bitcoin continued for so long? Simple stupidity? I mean yeah, it was fun and cool when it was new, but that's long past. Is it just momentum?"
It's a pyramid, and those in the lower layers seem still to believe there is money to be made by recruiting further layers. Pyramids can go up as well as down. They have to go up before they collapse spectacularly. For various technical reasons, it's also in the interests of large botnet operators to keep it going, because it helps monetise their botnets.
Re: In other news... first new UK nuclear power station approved
In other news England hit bit a magnitude 9 earth quake and 40.5m high tsunami!"
An earthquake of that magnitute in a place of such relative geological stability seems to require meteorite impact, and such a tsunami is more likely, given that tsunamis can impact coasts and estuaries thousands of miles away from an earthquake or meteor impact and historical evidence for such incidents exists. .
Locations such as the Severn Estuary are also favoured sites for the location of nuclear power plant,due to the need for cooling water and having a coastline which isn't subject to silting up or coastal erosion.
large asteroid deflection
Various approaches have been proposed. To be realistic you'd need a 10 year plan and execute period, preferably 20. Given that it's theoretically possible to cover a side of one of these with white or black paint, enough to use solar radiation to change its course ever so slightly, given enough years to change the course, a flyby at 100 km from the earth's surface resulting in a slingshot well out of range is much better than a direct hit.
What's important is to detect and catalogue everything above about 100 metres across in near earth orbit, starting with 500 metres across, which needs more and better telescopes on the job. Technology available is already nearly there, and it's something all advanced economies have a reason to contribute towards in connection with international scientific and space collaborations. If you think how much money is being spent in maintaining the ability to nuke the planet many times over, this one is much smaller change.
They couldn't really decide otherwise.
If they had, copyright preventing resale could probably be made to apply to just about anything other than books, e.g. cars as well. Sorry, that car you bought 2 years ago, Ford has a copyright on its design - it'll have to be crushed if you don't want to continue to use it yourself.
Didn't have a telly for many years
I once engaged in an amusingly surreal exchange when a TV Licence collector came knocking on the door. Q. "Our records say you don't have a TV licence". A. "That's correct, I don't have one". Q. "Is there any reason why you don't have a TV license". A. "You don't have a fishing license for the River Wye do you ?" (wild guess, but pretending as if I knew). "No". "Is there any reason why you don't ?". "But I don't go fishing". "Isn't that what you are doing now ? And why would a sensible individual pay to have an open sewer spewing filth into their living room when they could be out fishing on the River Wye ?".
Well, I married and my better half persuaded me how many good programs there really are on the BBC so I recanted and we obtained a TV and a license. The Africa series was worth a year's license fee alone. And having to endure 25% or more advertising breaks on commercial channels would be unthinkable.
solar thermal heat storage
"suffice to say, no you can't store it in batteries for nighttime use"
Apart from the fact that nighttime demand is lower than daytime due to aircon, also the fact that evening lighting demand is much greater than pre dawn demand, this kind of solar thermal plant lends itself to storage of the heat in the form of hot rocks and hot sand. That's much cheaper than pumped water storage in this kind of situation, and also integrates well between the operations of the heat collection and electricity generation plant design, without needing so many expensive external components and systems. Lower loss of heat from a thermal store for early evening demand also compared to pre-dawn demand, based on given insulation values.
That's a possibility where solar thermal is likely to give better storage options than solar voltaic. The cost of heat storage or any kind of electrical storage for that matter is also trivial compared to orbital launch and maintenance costs.
AV gives minor protection to weak systems
It's going to be way, way less than 99% of the effort and spend in any of the minority of organisations which have a clue about security, in my view more likely much less than 5%. 99% is suggested by the article based on (assumed?) threat prevalence.
That's been the case since the first viruses appeared in the late eighties. It's why organisations with valuable data and processes which understand their security needs employ professionals with advanced skills in areas including virtual private networks, intrusion detection systems, firewall technologies, sandboxing of critical process, mandatory access control and most importantly, verification of origin and supply chain of all executable content allowed on critical systems. They involve managers at the appropriate level together with those with relevant technical skills in defining, maintaining and enforcing appropriate access control policies. AV can only be a very small part of such defences.
AV is also very expensive in relation to memory and CPU demand on many so is very inefficient, as well as being ineffective in relation to zero day threats. These products are based on the wrong assumption that it's possible for an AV vendor to know about every program in the world that's bad. Much better to verify that nothing can run on your critical system unless and until it's been confirmed as good to a high level of confidence, Ken Thompson's Reflections on trusting trust paper notwithstanding.
89 MPH recorded, and > 80MPH recorded across a wide area according to this article:
Re: IP addresses
IPV4 is on the long way out, but that isn't one of the reasons. You only need a different IP for SSL HTTP domains and that's only for clients which don't implement the increasingly well supported SNI workaround..
Yep. ICANN, by giving themselves a license to print money at everyone else's expense creating massive confusion in the process, and subject only to the laws of the State of California, have just created the perfect argument for the ITU to setup a competing root, and for DNS resolver admins everywhere to point at the ITU root version. Talk about shooting yourself in the foot, but that's what too much greed and arrogance always does I guess.
Re: Away from the real problem: Who PAYS for the zombies?
The spam rejection load on my email server has reduced last couple of years, but the spam that gets through seems mostly people I've dealt with in the past illigitimately selling on the custom addresses I gave them to others they think interested, before I shut down said custom addresses. Bots which start spewing will get blacklisted on zen.spamhaus.org within hours in the unlikely event they're not already on it, so not much problem there for a well configured email server.
More likely large botnets are being used more for Bitcoin mining these days when they're not stealing identities or propagating themselves to pwned contact lists. Running other people's compute power on their leccy bills sure must be cheaper than paying for your own, whatever they say about GPUs and dedicated ASIC Bitcoin mining rigs.
"The Luddites, who opposed early industrial revolution mechanisation because it put people out of work, were ultimately wrong in the long term ""
I for one am not lapping up the history of this defeated movement which was written by their victorious Victorian mill owner opponents because it doesn't square with the facts. The Luddites were very evidently the highest tech workers of the time - the Lancashire cotton weavers. It seems to me that what they were opposed to wasn't the automation of weaving, it was the loss of control over their working lives - effectively a form of slavery - which came with the mill-owners' system of clocking in and massively long working hours and industrial discipline, regardless of season. These had previously been individuals working from their own cottages able to choose work hours which suited them based upon the season.
I'd recommend a visit to Quarry Bank Mill near Manchester for anyone interested in a great day out and visit to one of the best surviving examples of the technology and industrial system concerned with the loss of liberty the Luddites contended.
With a growing proportion of technology, media and administration workers able to work from home in our own best suited hours, and this wheel turning full circle, I'm sure the Luddites would have loved personal computers and the Internet.
Re: The customer defines value
"In ten years you've never had a single new idea, PyLETS. I am not surprised you dislike people who do have new ideas, and want don't want (sic) the ideas to be ripped off."
That's called an Ad Hominem. When someone whose argument is exposed as weak attacks the messenger of the unwelcome news instead of addressing the issue.
"Property is property, and rights are rights: and activists who want to rob people of their rights (as the UK Coalition Government is doing) find that it's expensive and ends in defeat."
So you'll be telling us who to vote for next. Property and rights exist because lawful or unlawful coercion defend these. But you'd prefer to forget, as do most big media lobbyists, that we are living in a society where the means by which laws are made theoretically uphold the interests of those who don't own property as well as those who do. Clearly the coalition, post Levenson, isn't going to continue delivering the best laws the big media lobby can buy. So which party is big media going to be supporting at the next election, so we can all decide who not to vote for ?
Re: The customer defines value
The usual moral argument behind a capitalist market requires the existence of open competition. But copyright isn't competition, it's a monopoly by definition. In this case a legally created one, and with some justification, but in any monopoly market, especially a state created one as in this case, balances need to be struck between the conflicting interests of producers and consumers. Balances which havn't yet been successfully struck concern boundaries between:
a.when the content goes into the public domain, where all economic analysis suggests terms are longer than needed in comparison with pure incentive requirements for content to be produced and
b. where the business interests of the producers outweigh the reasonable privacy rights of the consumers.
Re: And when it all gets hacked...
As evident from some of the above posts, there are many different kinds of security and hacking to consider:
a. The cars' and other nodes' firewalls to prevent these being hacked into by outsiders.
b. Ability using crypto signatures and registers (maintained by whom and accessible to whom?) securely to identify originators of malicious messages without leaking confidential data to unauthorised parties or for unintended purposes.
c. Ability to check whether client X is authorised to perform action Y on server Z.
d. Denial of service, through jamming, overloading etc.
e. Issues to do with differences of interpretation of standards by foreign vehicles on local roads.
That's just for starters - list by no means complete.
Very nice set of features suggested in the article, but the security engineering and architecture of this all is going to be very far from trivial, even if it ever gets a coherent security architecture. If it doesn't we'll see much more of this as the threat landscape evolves and engineers spend years trying to patch something up for issues which should have been foreseen by system and standards designers but weren't.
Re: If you have any interest at all in the subject...
The crib equivalent to successfully guessed plaintext, e.g. "All quiet, nothing to report" or preferably something a bit longer - obviously in German with spaces removed and using military acronyms - would have massively reduced the number of keys needing to be searched based on the rule that a letter never encrypted as itself, which would have excluded most of the remaining keyspace to be searched.
They alligned the guessed plaintext against the typically longer ciphertext message until no letters corresponded between the 2. A crib longer than 50 characters or so would give a higher probability of a match (based on no matching letters) not occurring by accident. If the crib was long enough and guessed correctly, this match gave the initial settings for the keysearch, based on the correspondence between plaintext and ciphertext letters in the matching section.
I wonder how this aspect of the Enigma crack can be simulated in the modern cryptanalysis challenge based on use of the same cipher ? For this to work, the cryptanalysts need to know part of the plaintext.
I couldn't agree more about Bletchley Park being an excellent daytrip.
Won't affect how much it costs me
Won't affect the price of sugar, malt, hops, yeast or yeast nutrient. Or the amount of time it takes to pick blackberries. Doesn't change the price of fruit juices or grape extract. Most of the beer or wine available in the shops is crap anyway, unless you buy the more expensive stuff.
How to burn someone's house down using TCP/IP
I heard a talk at DNSCON a few years ago, by someone who had managed to upload firmware to a window blind control motor which caused the thing to drive in both directions at once, resulting in smoke being emitted. Having a very hot motor underneath window blinds is one way to burn someone else's house down using TCP/IP. The earlier model had a hardware lock preventing this, but software control will inevitably be cheaper.
Pretty obvious reason for flame icon.
Re: Run for the hills
If transactions can stand a tax of somewhere between 0.1% and 1% there must be some value in it for the rest of us. If they haven't, such transactions have no inherent right to exist. Charging such a tax would have a dramatic calming effect on these hyperactive markets. Professor James Tobin didn't get a Nobel prize without good reason.
Re: Why not just build a solar panel that covers half the world....
"What do the French know that the rest of the world doesn't? Why aren't they afraid of it?"
Don't know what they know that we don't, but maybe the Fukushima or Chernobyl evacuees know something the French don't.
Re: One question I have always asked myself
"The main effect would be one of cooling. All those winds blowing around eventually end up as thermal energy - unless they are converted into some other energy first. A lot of the wind energy currently gets converted into wave energy, but even that eventually gets turned into thermal energy."
Only temporarily and to the extent the wind electricity has to be stored, e.g. behind big hydro dams . One the electricity generated is consumed, the consumption results in the same heating as would otherwise have occurred if the wind had blown other stuff around e.g. waves instead of driving wind turbines. I suppose you could argue theoretically that using any kind of sustainable energy locked into aluminium has a similar effect, but it's going to be so miniscule in practice you'll never be able to measure it. Getting people to make their roofs white or black would have a greater cooling or heating effect.
Re: AV is a malicious Peril
"There's only ONE operating system that needs AV. Windows."
Not true. My Linux server hosting email lists for various community and charitable groups needs AV for good reason. Not because the digital diseases of end users who subscribe to these (all confirmed opt in) lists are likely to infect my Linux host. They aren't. My server needs AV to detect viruses present in email attachments which end users send each other through my server. My server is designed to replicate these messages but not emails attached to them.
From the end user point of view, the distinction between the viruses replicating because my server is infected, and the viruses replicating because my server is designed to replicate email is academic and moot.
Bible and copyright
wow after googling it looks like a lot of shady Christians come out with their own translation of the bible with a few words different and then copyright it as well. Greed even before God these days in America."
As you say, there's plenty of copies being given away and most major translations available gratis on the Net. As to 'a few words different' new translations are needed all the time as the languages used by those who might want to read it evolve. The Bibles most likely to be read by everyone except a few highly specialist scholars are translations, of the ancient books which were written in Hebrew and Greek, with arguably some Aramaic thrown in. Copyright law isn't something done as an act of the publisher, law makes it inherent in the publication, and as it's difficult to make money when competing against free, and for other reasons also, money and greed are unlikely to be the motivation for many new translations and editions.
Scientology also isn't a new phenomena. There were con men making money out of claimed 'hidden knowledge' since at least AD300 . The so called 'Gospel of Thomas' was very likely to have been created by a Gnostic sect, probably very similar in pyramid-selling business model to the Scientologists.
Purpose of patents misunderstood
Their purpose may have originally had something to do with incentivising invention. But the donkey with a carrot tied to its back is never intended to eat the carrot. The purpose of patents nowadays is to line the pockets of patent lawyers and patent officers. I'd have thought that much was pretty obvious by now.