avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 16, 2019, 11:38 PM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Gothi[c] [ switch to compact view ]

Pages: prev1 ... 4 5 6 7 8 [9] 10 11 12 13 14 ... 32next
Developer's Corner / Re: Web Page Layout Debate: Tables vs. CSS
« on: February 05, 2009, 03:24 PM »
the benefits have been proven.

Yes, the benifits are real, so are the nightmares. It's a tradeoff either way. Both systems suck. I vote for a 3rd option. Someone wake me up when there is one.

I guess they better hurry then, or they'll have to rename it to C++1x :)

* Gothi[c] waits for mouser's rant on C++0x in 5...4...3....

Living Room / Re: Cleaning Inside the Case
« on: January 30, 2009, 08:21 AM »
Haven't seen those yet....
However, one thing you might want to consider is to put a filter in front of your case fans. These fans suck in a lot of dust, and putting a filter in front of them would capture all of that.

Best Virtual Machine Tool / Re: VirtualBox - Top of the Lot
« on: January 28, 2009, 06:09 AM »
Personally, I would recommend VirtualBox above any other virtualisation solution available, paid or free.


Living Room / Re: Culture of Computer Programmers
« on: January 28, 2009, 06:08 AM »
All valid points Paul :)
(ps, yes quote away!)

The famous actors example is a very nice comparison, I think. In the past actors never got that famous. It was usually the writer of a play that got all the credit, and the actors were but mere pawns.

Perhaps perception in general, is almost always incorrect/inaccurate/broken/wrong. :)

In today's "web 2.0" world, web applications become more and more complex, and thus it becomes more and more common for some very nasty security bugs to be implemented.

As a web developer, being able to scan your own software for common things like SQL injection bugs or cross-site scripting vulnerabilities, may be a useful tool in your tool belt.

As a server administrator, being able to scan your server, and your user's sites for these problems is also a handy thing to be able to do.

There is quite a few of these web vulnerability scanners available commercially, and I had always wondered how effective they are. Someone on the penetration testing mailing list wrote up a very very nice review (PDF) of major vendors of this type of software.

Since it would be of interest of users of web-applications as well as developers and fellow server admins, I figured I'd share this here.


From the report it seems that these things are pretty good at detecting common stuff like sql-injection (report shows that all sql-injection vulnerabilities were detected by all the tested software), but you can definitively not rely on them solely for security testing. (Which makes sense imo, since it's a very complex problem which seems hard to implement generic heuristic scanners for.)

Living Room / Re: Culture of Computer Scientists
« on: January 27, 2009, 04:11 AM »
He seems to have a rather different opinion about how much computers (and/or software?) matter -- or that is the impression I got from parts of his talk...

It's an interesting talk but I'm not convinced as to how much it matters. But then there's different levels of 'mattering' :) 'mattering' is a relative concept like time. :D I think it doesn't matter in the big picture ; we'll be around, software or not. ( Actually, he mentions some really scary stuff software has done from surveillance to making more destructive bombs, if anything it'll kill us  :P )

That said, there is no doubt that a lot of our modern lives touch software in some way or another, and that this will be increasingly so, and that a lot of how we do things has changed because of it.
Perhaps the real core of the matter is that, like he says, software development is hard and takes so much effort (the number of 100 million lines of code was dropped, somewhere in that talk), that, when you're actually writing software, only a very very tiny percentage of that will ultimately only matter in the grand total.
What I meant with writing software for software, or using computers for computers, is stuff like, what ide or text editor am i most productive with, having to install anti-virus software, what window manager to use, what os to use, etc...
So, each line of code you write matters pretty much nothing on it's own. It's likely that each piece of software you write doesn't either, unless you're working for some fancy research team or company. Most of the time you are fiddling with stuff that deals with how to make your computer experience in itself better, etc... 

The result is using a computer not to accomplish anything, but simply for the sake of using a computer, and accomplishing stuff is a side effect that kind of happens when you put everything everyone does everywhere together.

Living Room / Re: Culture of Computer Scientists
« on: January 27, 2009, 01:24 AM »
I'm very aware that computers are but scrapes of metal and silicon, and ultimately, that's what they are. They are obsoleted after a few years, and that hot 'smart' machine you're typing on now, will be scrap metal in the relatively near future.

I'm also very aware that ultimately none of it matters. People were around when they didn't have anything other than sticks and rocks, and are still around now that those sticks and rock are software and hardware.

I don't feel any of the code I write changes the world. In fact, quite the opposite. A lot of what us techies do is self-sustaining. A lot of what we do on computers is FOR computers, and only immediately relevant to computers.

I'm not saying they are completely useless, and that they aren't used for important things. But when we really face reality, 90% (if not more) of what we do on a computer is only relevant to the limited world of computing itself.

Yet despite all that, writing code and playing with commandline's etc, is 'home'. It's what I grew up with and it's simply how my mind knows to function and communicate.
I wrote my first lines of code when I was only 7 years old or so. I don't see it as a job or a hobby, it's a language, and a way of thinking.
I often notice that while I'm typing up code I don't even think about what I'm putting down, it just flows. Just like speech.
When I'm coding or doing other geeky stuff, I just feel like I'm in a natural environment. When I'm outside talking to people, I feel uncomfortable and like I don't belong. It's really as simple as that, I think. While coding can definitively be fun, questions such as "what do you think is most fun about being a developer", are missing the point. I think it's simply just a natural state of being for some people. :)
Maybe over the years my brain has just rewired itself as a computer interface. :D

I'm pretty sure that's my fault :) I'll look into it somewhen, when I've got time... You'll also find that it's not encrypting /me and private messages and stuff.. It needs more work :)
(I'll gladly accept patches from anyone with more time to fix these things :D)

For now, maybe juse use aa,oe,ae,etc.. instead :)

Official Announcements / Re: DC-IRLDD Champaign, IL - New Years
« on: January 11, 2009, 03:21 AM »
Looks like a blind dog/cat/child hybrid wearing a skirt to me.

Official Announcements / Re: DC-IRLDD Champaign, IL - New Years
« on: January 08, 2009, 11:01 PM »
Speaking of Cody,
When he had to draw a picture of Cody, this is what mouser came up with:

[ Invalid Attachment ]

Now mind you, he looks at the little bird every day on his forum, yet he thinks Cody has cat ears and a long nose :D

General Software Discussion / Re: Firefox not safe at all
« on: January 07, 2009, 01:27 PM »
I think they should measure insecurity by the number of UNPATCHED vulnerabilities.

Any piece of software will have tons and tons of bugs, many of which will lead to security vulnerabilities.

Assuming you're writing extremely clean code, for every 1000 lines, there will be at least 1 bug. The software listed in the post above is huge and has orders of magnitude more lines of code in it. The fact that these things are getting patched is a good thing imho.

And as mentioned above, the more high-profile your software is, the more eyes will be looking at it and find flaws in it... This is a good thing and leads to more secure code in the end.

Living Room / Re: HAPPY NEW YEARS DC!!!
« on: January 01, 2009, 02:30 AM »
Happy new year.

Living Room / Re: Creative, awesome uses for Google
« on: December 15, 2008, 04:34 PM »
Didn't know about 2 of the 7 (timezone + dictionary feature) - nice post!  :Thmbsup:

DC Member Programs and Projects / Re: To Do Tree
« on: December 09, 2008, 03:57 PM »


I like the fact that you can store multiple lists in the combo below - that was a nice idea.

Living Room / Re: Free multiplatform mind mapping tool
« on: December 09, 2008, 03:47 PM »
Gothic, you are actually signing up for their free service as well.

No, that's the point was making. I don't want to sign up for anything!

Call me paranoid, but mindmapping+signup services == evil mindreading probe :D

Living Room / Re: Free multiplatform mind mapping tool
« on: December 09, 2008, 04:45 AM »
I'll give it a try...

If you're like me and you don't want to sign up and register to download, you can find the downloads directly on sourceforge:;release_id=644502

I'm not sure why they want you to enter your email address and other info on the main page  :mad:

Yikes! that's sad news! :( I hope he's back with us soon!

Yes, Tor should indeed not be relied upon for 100% anonymity, but then again, pretty much anything shouldn't. I2P and freenet etc, all state the same.

FreeNet is probably the most anonymous of them (but also the slowest, downloading a text file takes about the time of downloading a movie on a normal connection :D), but don't quote me on that.

With any one having the ability to run tor proxies and help out their project, it would be trivial to someone serious about SIGINT to run tons of these servers, and combine all the information, and get the real source of a packet 50% of the time or more, or run traffic analysis etc...

In other words, it will protect you from your IP showing up in the casual log files, but it won't protect you if someone is really after you.

I think the vulnerability you're referring to, f0dder, is a method of finding the source of a TOR anonymous server. (which is different from it's typical client usage). And this method is probably feasible for some individual with lots of persistence, without the need of massive resources. I don't know if that one has been patched yet or not, but if it was, it doesn't really matter. I'm sure other holes will pop up eventually, as is the nature of the cat and mouse game in this business. :)

Sometimes anonymity is more important than speed, so it can still be a useful feature. I'm sure it works fine with downloading text files. BT doesn't always have to be about music, movies, and games, etc...

Routing only your communication to the tracker over TOR is indeed quite pointless.

Running all BT traffic over TOR when downloading anything other than small text files is not only uselessly slow, it's also very unfriendly to your fellow TOR users, and harms the TOR project in general, by consuming loads of very limited bandwidth for no sensible purpose.

One note of warning when using TOR: Never ever never ever ever use TOR for browsing to any websites that require authentication and never have any sensitive information transmitted while using TOR.

Any one can run a tor server, thus any one could potentially be sniffing or MITM'ing your traffic. While they would only get fragments of your traffic, and not know where it came from, you don't want to log into your bank account with tor :)

Many people don't understand that, since it may seem like a contradiction. They think TOR makes them more secure, while the opposite is true. It makes your traffic anonymous, but it also means that your traffic is readable by guy running the tor endpoint.

Developer's Corner / Re: DC loads fast. What is the secret.
« on: December 01, 2008, 07:51 AM »
Yes, of course. the connectivity matters a great deal. Glad to hear all is working so smooth for everyone :) It's nice to hear the opposite of complaining for a change :D

Developer's Corner / Re: DC loads fast. What is the secret.
« on: November 30, 2008, 08:29 PM »
While the dc website may have an 'old school' look, I noticed that the average page size is not any smaller than your average website, if not bigger.

We average about 3 to 10 requests per second, depending on the time of the day.
Right now, with 10 requests/sec, load average is 0.26, 0.26, 0.2
... So yeah... fancy server :)
Beyond that it's just tweaking the apache Min/MaxSpareServers,ServerLimit,MaxClients and MaxRequestsPerChild values to match the capabilities of the server and reflected traffic. Though more tuning could be done there. We're just using the prefork MPM for now. But that probably will only affect anything under maximum load.
Other than that nothing special configuration wise, there's a lot more that could be done, and a lot more tweaking to do. But all that takes testing which we're not too keen on doing. ( prefer no downtime over 1ms faster loading page for now ;) )

So it's probably mostly due to the server being a beast.
(dual quad core (so 8 cpu cores total), 4GB ram)

Like mouser said, we rely 100% on continuous donations to keep this place running, so keep donating whenever you can if you want to keep seeing fast loading pages :D

Just goes to show that material on the internet usually has a very short life. Good thing we don't rely on it to store all our important stuff.... oh wait..

The provided link is not working!

It used to, but then this thread started in May 2006 :)

Pages: prev1 ... 4 5 6 7 8 [9] 10 11 12 13 14 ... 32next