Re: Seeking Recommendations for a Good Outgoing SMTP Service
+1 Yonah On Tue, Jul 28, 2015, 17:52 Michael Tewner tew...@gmail.com wrote: I can recommend SendGrid - They have Free Tier, Pay-as-you-go Lite Tiers, and low-cost regular Tiers. We've been using them for a bunch of years, now. They have great support; I had a Romania-based support guy help me this morning, Israel time, who didn't just tell me call us later. -Mike On Tue, Jul 28, 2015 at 5:14 PM, Shlomi Fish shlo...@gmail.com wrote: Hi Rabin, On Tue, Jul 28, 2015 at 4:55 PM, Rabin Yasharzadehe ra...@rabin.io wrote: If you ask for JUST for a smtp server to send out email, i don't see any reason why not to setup it your self, it is not that complicated. And from my experience, I rarely need to do any configuration/changes after the first setup. You can try using a VM/Droplet on DigitalOcean to test it, The only problem I can think of, is the IP reputation in spam list. Like we say in Hebrew, he who proliferates possessions, proliferates worries.. Assuming I had the technical know-how for how to setup a reliable SMTP server on a VM of my own (which I don't really), I will then have to maintain both the VM and the SMTP server, install updates, etc. And I'm not good at doing stuff like that. I asked for a paid SMTP service and that's what I want. Regards, — Shlomi Fish -- -- Shlomi Fish http://www.shlomifish.org/ Chuck Norris helps the gods that help themselves. Please reply to list if it's a mailing list post - http://shlom.in/reply . ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Jerusalem Linux Club Website
Hi, I'm posting for Issac Goldstand- He asks if anyone is maintaining the JLC website and if so, to please contact him at mar...@beamartyr.net Thanks, Yonah ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: infiniband
Hi, What do you mean by Infiniband HW? You should be able to buy switches from anyone who sells Cisco, HP, or Sun. I assume you can buy adapter cards from all the server vendors as well. Yonah On Thu, Jan 29, 2009 at 11:42 PM, Micha Feigin mi...@post.tau.ac.il wrote: Hello, Does anyone know who deals with infiniband hardware in Israel? We are building a small cluster and the latency of ethernet is proving to be too high for hpc with mpi. Tried searching, but could find anyone that sells them. thanks ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: AOE and iSCSI (software only)
No personal experience but iSCSI is a block level protocol so this should depend on the filesystem you are running. Theoretically it is the same as running any filesystem on a regular scsi device. Yonah On Thu, Apr 24, 2008 at 10:42 PM, Amos Shapira [EMAIL PROTECTED] wrote: On Fri, Apr 25, 2008 at 3:26 AM, Yonah Russ [EMAIL PROTECTED] wrote: The disadvantage of AOE is that it is Ethernet, Layer II, and not routable. iSCSI is an IP protocol and so you can use it even over a WAN. Although AOE sounds like a good idea, it is not very supported. Only one company I've ever heard of makes commercial AOE devices. iSCSI on the other hand is supported by every major storage company so I suppose it is much more mature and stable. Sounds like killer arguments in favoure of iSCSI (anyone heard of vendor lock-in? :). About iSCSI - does anyone know how well SQLite behaves on top of linux software iSCSI partitions? (It relies heavily on PROPER file-level locking). Cheers, --Amos = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: AOE and iSCSI (software only)
The disadvantage of AOE is that it is Ethernet, Layer II, and not routable. iSCSI is an IP protocol and so you can use it even over a WAN. Although AOE sounds like a good idea, it is not very supported. Only one company I've ever heard of makes commercial AOE devices. iSCSI on the other hand is supported by every major storage company so I suppose it is much more mature and stable. I can't tell you about Linux but iSCSI targets and initiators are built into Solaris 10 so you could theoretically make a ZFS pool the target of your iSCSI, etc. Good luck Yonah On Thu, Apr 24, 2008 at 11:40 AM, Lev Olshvang [EMAIL PROTECTED] wrote: ronys wrote: Hi, For a LAN, AOE seems to have less overhead, so performance *might* be better (assuming the network is the bottleneck). iSCSI is much more popular in the industry, though. My experience is with iSCSI - feel free to ask me if you need more info on setting up iSCSI initiators targets. Cheers, Rony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ] On Behalf Of Dan Shimshoni Sent: Thursday, April 24, 2008 10:05 AM To: linux-il@cs.huji.ac.il Subject: AOE and iSCSI (software only) Hello, Linux-il gurus, I have to decide between two options of exporting block devices on a LAN (same subnet for clients and server) : one is with iSCSI target and iSCSI initiator. The second is with AOE. I am talking about using software tools only, not using special hardware. I had tested AOE with my hardware (no special hw): I had downloaded aoetools from http://sourceforge.net/projects/aoetools/. I had also installed blade server of this project on the server side. ( http://sourceforge.net/project/showfiles.php?group_id=130453package_id=143 790). I can mount on the client a file which I am exporting on the AOE server. (which is running this blade). My question is this: What are the advantages and disadvantages of using AOE versus iSCSI? Does anybody have any experience/advice regarding using AOE on Linux (sw only, I am not talkin about CORAID, etc) ? Regards, Dan = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] Just to clarify Rony's reply : AOE protocol is build upon Ethernet layer and so AOE payload is encapsulated in Ethernet frames Using iSCSI there 2 encapsutions - SCSI to IP to ethernet and IP to Ethernet. So theoretically AOE has less overhead . Hag Sameah, Lev = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Solaris 10, Oracle 10gR2 RAC, NetApp NFS
Hi, I got some responses off list- I just thought I'd post the solution. All the documentation will tell you to mount the NFS shares with forcedirectio and some other flags. After removing the forcedirectio flag and adding the llock flag (llock== local locking, no nlockmgr) the dbca proceeded normally. FYI, Yonah On Nov 21, 2007 2:27 PM, Yonah Russ [EMAIL PROTECTED] wrote: Hi, Has anyone had any experience setting up Oracle 10gR2 RAC on Solaris 10 using NetApp NFS for the shared storage? We have installed everything but we cannot create the database using dbca. It appears to hang(more than 12 hours without progress) during/after data dictionary creation. The only error we receive is Warning: aiowait timed out x times. All patches have been installed, all parameters are according to documentation. any ideas? thanks yonah
Solaris 10, Oracle 10gR2 RAC, NetApp NFS
Hi, Has anyone had any experience setting up Oracle 10gR2 RAC on Solaris 10 using NetApp NFS for the shared storage? We have installed everything but we cannot create the database using dbca. It appears to hang(more than 12 hours without progress) during/after data dictionary creation. The only error we receive is Warning: aiowait timed out x times. All patches have been installed, all parameters are according to documentation. any ideas? thanks yonah
Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
On Nov 20, 2007 7:32 AM, Amos Shapira [EMAIL PROTECTED] wrote: On 20/11/2007, Yonah Russ [EMAIL PROTECTED] wrote: Hi, AFAIK MySQL cluster requires using the NDB engine which is not 100% compatible with MYISAM, etc. The more recent a version you have the better off you will be but there was one point where autoincrement wasn't even supported. Also from what I know, a NDB cluster needs at least three nodes. Excuse me for my ignorance but why should I care about MyISAM compatibility? Can't I use InnoDB as I currently use (or actually was dictated by the guys who did the initial web application for us)? No- as I said you need to use the NDB engine which will have compatibility issues with InnoDB as well. MyISAM was just an example. That doesn't mean you can't have an active-active database. If you application is ready for it, you can set up MySQL in a Master Master configuration (aka multimaster). For your application to be compatible you basically need to use only autoincrement primary keys for all your tables but you should read the whole Megilah - here is a good article: http://www.onlamp.com/pub/a/onlamp/2006/04/20/advanced-mysql-replication.html Thanks for that pointer - after half a day of googl'ing around about MySQL cluster, the link above was the first one to point to the fact that MySQL cluster is an in-memory database. Google has also released some code for multimaster configurations and they have some docs also: http://code.google.com/p/mysql-master-master/ Thanks. I read about such a method (with 4 nodes) almost a year ago and thought that it might have become obsolate with MySQL cluster. Now I'll have to re-consider it. Regarding Postgres- I can't recommend anything specific but I am looking into pgpool and pgpool II for a new project. Why is pgpool relevant here? It more kind of a reverse proxy fo postgres in that it'll hide server failure by auto-connecting to another server. Does it handle data synchronisation as well? From the pgpool II web page: pgpool-II is a inherited project of pgpoolhttp://www2b.biglobe.ne.jp/%7Ecaco/pgpool/(to classify from pgpool-II, it is sometimes called as pgpool-I). For those of you not familiar with pgpool-I, it is a multi-functional middle ware for PostgreSQL that features connection pooling, replication and load balancing functions. As I said, I'm only evaluating it now but if it does what it says, then it might be useful. Another point which was just raised in the office - it appears that we are going to use DRBD for SQLite synchronization - if so then it should make sense to use DRBD for MySQL synchronization as well to reduce the configuration complexity. Any thoughts on that? I have only used DRBD in Active-Passive settings to eliminate the need for replication. Maybe you could put the database files on a cluster filesystem over DRBD? Depending on your budget/configuration, NetApp has recently started selling an inexpensive storage solution ($3000) the StoreVault S300. I haven't tried it but the price is right. I've also been meaning to try Coraid storage although their prices in Israel were not as attractive as in the States. I'm afraid that I'll have to convert my PostgresQL web service to use MySQL instead just to reduce the clutter... Thanks, --Amos = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
I believe the original inquiry was regarding HA - Less than three nodes does not have any HA benefits AFAIK. yonah On Nov 20, 2007 10:36 AM, Imri Zvik [EMAIL PROTECTED] wrote: Hi, The MySQL cluster can run perfectly on one physical node. The 3 nodes you're referring to are at least 1 management node, and at least 1 API (mysqld) node, and at least 1 data/storage (ndbd) node. They can all reside on the same physical node. The main issue with NDB version 5.0 (from my point of view) is that it must load all data into memory at runtime, so if your database is larger than your amount of RAM, you better find some other solution, or split it to enough replicas (data nodes) so that each chunk would fit. This problem is going to be solved with 5.1, but it is not even near being production-ready (at least last time I've checked). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Yonah Russ Sent: Tuesday, November 20, 2007 6:53 AM To: Amos Shapira Cc: linux-il@cs.huji.ac.il Subject: Re: MySQL Cluster for HA? What about PostgresQL PGCluster? Hi, AFAIK MySQL cluster requires using the NDB engine which is not 100% compatible with MYISAM, etc. The more recent a version you have the better off you will be but there was one point where autoincrement wasn't even supported. Also from what I know, a NDB cluster needs at least three nodes. That doesn't mean you can't have an active-active database. If you application is ready for it, you can set up MySQL in a Master Master configuration (aka multimaster). For your application to be compatible you basically need to use only autoincrement primary keys for all your tables but you should read the whole Megilah - here is a good article: http://www.onlamp.com/pub/a/onlamp/2006/04/20/advanced-mysql- replication.html Google has also released some code for multimaster configurations and they have some docs also: http://code.google.com/p/mysql-master-master/ Regarding Postgres- I can't recommend anything specific but I am looking into pgpool and pgpool II for a new project. Hope that helps, Yonah On Nov 20, 2007 2:51 AM, Amos Shapira [EMAIL PROTECTED] wrote: Hello, We are looking at enhancing one of our servers, which runs CentOS 5 on amd64, for HA using Linux Virtual Servers (LVS). The server runs a web site using MySQL 5.0.22 and of course we'll need to replicate that on the second server as well. Is MySQL Cluster the right solution for us? At least for now, we think we can do with a master-slave solution (i.e. only one server serving while the other is in hot standby), but if it's possible to take advantage of both servers at the same time and double our capacity then it would be very useful too. I also have a small web service using PostgresQL (8.1.9, from CentOS packages) on the same server which will also have to be replicated. What do people usually use to do this? Is PGCluster a practical option? Thanks, --Amos = To unsubscribe, send mail to [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
On Nov 20, 2007 12:52 PM, Amos Shapira [EMAIL PROTECTED] wrote: On 20/11/2007, Yonah Russ [EMAIL PROTECTED] wrote: On Nov 20, 2007 7:32 AM, Amos Shapira [EMAIL PROTECTED] wrote: On 20/11/2007, Yonah Russ [EMAIL PROTECTED] wrote: Hi, ..snip.. Another point which was just raised in the office - it appears that we are going to use DRBD for SQLite synchronization - if so then it should make sense to use DRBD for MySQL synchronization as well to reduce the configuration complexity. Any thoughts on that? I have only used DRBD in Active-Passive settings to eliminate the need for replication. Maybe you could put the database files on a cluster filesystem over DRBD? That's what I saw to be suggested in a few places, can't remember which of the databases was mentioned with it. I saw this (cluster-aware filesystem over DRBD) also mentioned in the context of sharing Xen images for fail-over (so you have a Xen filesystem (over LVM?) over DRBD and if the Xen host crashes then another host can pick up its guests and run them from the same LVM). My take-away form this is that DRBD+Cluster-FS might be used as a cheap replacement for a real SAN. I usually use OCFS2 and I use it exactly that way- I use DRBD in Primary/Primary mode for active/active postfix/imap/pop using maildirs stored on the DRBD. We also use the DRBD to store the MySQL DB files but the MySQL itself is only active/passive. Depending on your budget/configuration, NetApp has recently started selling an inexpensive storage solution ($3000) the StoreVault S300. I haven't tried it but the price is right. I've also been meaning to try Coraid storage although their prices in Israel were not as attractive as in the States. Thanks for the heads-up. Our host is in the US so it might be relevant. Let me know if you use either :) yonah Cheers, --Amos = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
Hi, AFAIK MySQL cluster requires using the NDB engine which is not 100% compatible with MYISAM, etc. The more recent a version you have the better off you will be but there was one point where autoincrement wasn't even supported. Also from what I know, a NDB cluster needs at least three nodes. That doesn't mean you can't have an active-active database. If you application is ready for it, you can set up MySQL in a Master Master configuration (aka multimaster). For your application to be compatible you basically need to use only autoincrement primary keys for all your tables but you should read the whole Megilah - here is a good article: http://www.onlamp.com/pub/a/onlamp/2006/04/20/advanced-mysql-replication.html Google has also released some code for multimaster configurations and they have some docs also: http://code.google.com/p/mysql-master-master/ Regarding Postgres- I can't recommend anything specific but I am looking into pgpool and pgpool II for a new project. Hope that helps, Yonah On Nov 20, 2007 2:51 AM, Amos Shapira [EMAIL PROTECTED] wrote: Hello, We are looking at enhancing one of our servers, which runs CentOS 5 on amd64, for HA using Linux Virtual Servers (LVS). The server runs a web site using MySQL 5.0.22 and of course we'll need to replicate that on the second server as well. Is MySQL Cluster the right solution for us? At least for now, we think we can do with a master-slave solution (i.e. only one server serving while the other is in hot standby), but if it's possible to take advantage of both servers at the same time and double our capacity then it would be very useful too. I also have a small web service using PostgresQL (8.1.9, from CentOS packages) on the same server which will also have to be replicated. What do people usually use to do this? Is PGCluster a practical option? Thanks, --Amos = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
CentOs 5 DVD
Hi, Is there anywhere in Israel to download the CentOs 5 DVD iso directly (not via torrent)? Thanks, Yonah
Job Op.
Looking for a Junior Sysadmin Requirements: Solaris and Linux experience Good understanding of Web, Mail, and DNS technologies Bonus Points for knowledge in: Apache, MySQL, PHP, PERL, Postfix, Squid, Solaris Zones, Heartbeat 2
Re: Job Op.
To answer some of the questions some people asked: The company is privately held, 150-200 employees, and located in central Tel Aviv. The company is not looking to outsource this position. Bonus Points means that you have a better chance of getting the job if you are knowledgeable in these subjects. On 6/19/07, Yonah Russ [EMAIL PROTECTED] wrote: Looking for a Junior Sysadmin Requirements: Solaris and Linux experience Good understanding of Web, Mail, and DNS technologies Bonus Points for knowledge in: Apache, MySQL, PHP, PERL, Postfix, Squid, Solaris Zones, Heartbeat 2
Re: SMTP relay server
I think the real question is this- bounced emails go to the address of the sender. In a mailing list setup you should be able to set the address for all bounced messages to something unique like [EMAIL PROTECTED] in which case any MTA can filter out all mail to [EMAIL PROTECTED] and leave other addresses to be handled normally. If you can't set the bounce address, then you mean to filter the bounced messages out of possibly real messages and relay them somewhere else- I'm not sure how simple that is. yonah On 5/17/07, Elazar Leibovich [EMAIL PROTECTED] wrote: There are users getting websites updates, if there's no valid email I want to get that user off the list. So I need some way to get a list of the bounced emails sent by me, by a log file, a csv or any other means. The exact format doesn't matter, I'll need to write a script that would get the users off the list anyhow. Processing bounced email messages is far less conveinient than any file format I know. I know I can do that on my own, but I want to take the maintainance hurdle off me, so that some company would configure the email server, and all I'll need to do is to send it to their SMTP relay. On 5/17/07, Jonathan Ben Avraham [EMAIL PROTECTED] wrote: Hi Elazar, What do you mean by a list of bounced emails? What format do you need the list to be in? You can install Sendmail on a PIII and handle 400K per day depending on the average size of the messages and your bandwidth. Sendmail has the log format and rule rewriting capabilityies that you probably need, here as PostFix is probably harder to configure for this type of specialized task. - yba On Thu, 17 May 2007, Elazar Leibovich wrote: Date: Thu, 17 May 2007 08:52:55 +0300 From: Elazar Leibovich [EMAIL PROTECTED] To: ILUG [EMAIL PROTECTED] Subject: SMTP relay server I'm looking for a SMTP relay server, that would enable me to recieve a list of bounced emails. It needs to support delivery of 400K messages daily. Can you provide me any recommendations? = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Experience with JasperSoft or Pentaho BI
Hi, Does anyone have experience using JasperSoft and/or Pentaho open source BI platforms? Any recommendations? Thanks, Yonah
Re: the great jerusalem firewall
On 3/3/07, Shachar Shemesh [EMAIL PROTECTED] wrote: Yonah Russ wrote: I don't think so at all- I just think that the laws in a democracy are usually reasonably in line with the majority of the constituents. While Majority rules is a very important basis of democracy, it is very far from being the only one. Two others that come to mind are Minority rights and legitimacy (i.e. - it's ok to be a minority, you should not be harassed merely for not being part of the majority) and Pluralism of thought. Without these later two, no country is a democracy. Add to this the generally good idea of avoid doing by law what can be achieved using self regulation, and you have all the markings of a bad law. This law isn't stopping anyone who already legally has the right to look at porn from looking at porn. It just requires them to prove that they have the right. I don't see requiring to identify yourself before watching porn as any different from requiring a license for driving. This isn't about censoring the internet. This is about censoring the internet from children. I don't know any child that can't live without a slightly smaller internet. The laws are made by people chosen to make laws. The citizens in this country chose those people to make those decisions. Which makes the parliament directly responsible for the citizens to make reasonable laws. What's the point? I don't think almost any government is perfect- just hopefully a lesser evil. But, in this case, an evil non the less. -Yonah Let me flip the question for you. Please explain why is this proposed law better than, say, the ISPs offering a Kosher Internet service at a modest price to those parents interested in such a service? As I've said in other parts of this thread I think this law has a major advantage in that it will block access from anywhere- People can attempt to protect their home networks only to fail at the local internet cafe or though the neightbor's wireless connection, or on a cellphone. This law ensures (hopefully) that every access to adult content will be made by adults. If a parent really want's they're kids looking at porn sites, they'll give them their password. -Yonah Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html
Re: the great jerusalem firewall
On 3/3/07, Peter [EMAIL PROTECTED] wrote: On Sat, 3 Mar 2007, Peleg Wasserman wrote: The law was passed by 25 members of parliament, most of which come from religious factions. These people do not represent the majority of the people. No, they represent a fraction of the ruling coalition, which has passed hairier laws in the past, using the well-known quid pro quo arrangements with other coalition members from other parties. In this country the words 'don't worry only a few MKs voted for it' is a set of 'famous last words' because often such laws pass anyway due to the 'arrangements' between the coalition parties. Give me a stricter shabbat law and I'll give you some money for the kibbutzim, or vice versa. You know how it works. And before it becomes law it will be discussed and passed or vetoed by more and more members of knesset. The law of averages applies even in the quid pro quo dealings of political parties. On the average the laws passed will be reasonable and will represent the will of the majority even if that means that those opposing a stricter shabbat law thought it was worth passing if they could get money for kibbutzim. That is also part of the game. Second, while I do not agree with the way they decide speed limits (and I do enforce them every day), I see why a commission of experts can decide on speed limits based on empirical evidence, on the other hand I can see a lot of problems with a commission deciding on moral values, and porn after all is a moral value. The views of a Rabbi are totally snip *whose* moral value is porn ? How do you define porn ? Pictures depicting nudity ? Pictures depicting more than one nude person ? Pictures depicting reproductive acts ? How do you know they are not simulating ? (in most cases porn artists are simulating). Since the law is targeted at people under the age of eighteen, I assume the commission will ask the question: Would I choose to show that to a 17 year old? As parents we make these decisions all the time and again it comes back to my original question- who actually wants their children to be looking at pornography? If there aren't legal definitions already, they'll be made- I'm sure that they won't as bad as you suggest. You are right to assume that I would rather stricter rules but I'll be happy with any rules. (On a Comedic note, there is a great Bill Cosby routine about pornography- he says I don't understand people who watch pornography- when I'm hungry, I don't go to a restaurant and watch people eat a steak) Purim Sameach -Yonah
Re: the great jerusalem firewall
Are you over 18? Type in your password and see whatever you want. -Yonah On 3/3/07, Ori Idan [EMAIL PROTECTED] wrote: The problem is not porn or not. The problem is letting other people decide what you can see and what you can't see. The government should not decide for me what I can see or not. -- Ori Idan On 3/3/07, Yonah Russ [EMAIL PROTECTED] wrote: On 3/3/07, Shachar Shemesh [EMAIL PROTECTED] wrote: Yonah Russ wrote: I don't think so at all- I just think that the laws in a democracy are usually reasonably in line with the majority of the constituents. While Majority rules is a very important basis of democracy, it is very far from being the only one. Two others that come to mind are Minority rights and legitimacy (i.e. - it's ok to be a minority, you should not be harassed merely for not being part of the majority) and Pluralism of thought. Without these later two, no country is a democracy. Add to this the generally good idea of avoid doing by law what can be achieved using self regulation, and you have all the markings of a bad law. This law isn't stopping anyone who already legally has the right to look at porn from looking at porn. It just requires them to prove that they have the right. I don't see requiring to identify yourself before watching porn as any different from requiring a license for driving. This isn't about censoring the internet. This is about censoring the internet from children. I don't know any child that can't live without a slightly smaller internet. The laws are made by people chosen to make laws. The citizens in this country chose those people to make those decisions. Which makes the parliament directly responsible for the citizens to make reasonable laws. What's the point? I don't think almost any government is perfect- just hopefully a lesser evil. But, in this case, an evil non the less. -Yonah Let me flip the question for you. Please explain why is this proposed law better than, say, the ISPs offering a Kosher Internet service at a modest price to those parents interested in such a service? As I've said in other parts of this thread I think this law has a major advantage in that it will block access from anywhere- People can attempt to protect their home networks only to fail at the local internet cafe or though the neightbor's wireless connection, or on a cellphone. This law ensures (hopefully) that every access to adult content will be made by adults. If a parent really want's they're kids looking at porn sites, they'll give them their password. -Yonah Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html
Re: the great jerusalem firewall
On 3/3/07, Peter [EMAIL PROTECTED] wrote: On Sat, 3 Mar 2007, Yonah Russ wrote: adults. If a parent really want's they're kids looking at porn sites, they'll give them their password. Correct. And since they should have their own passwords and email why not buy them an internet account from an ISP that provides filtered service. Implementing password access at a cafe etc is impossible and undesirable, as everyone uses NAT and appears as one user. Actually- I know one of the developers of the Estonian online voting technology which identifies each voter based on a physical smart card and a password. which is exactly what is being discussed here- physical/biometric +password. I guess it's not too impossible to have a proxy at the ISP filter and require these forms of identification and I don't see why NAT makes a difference. Anyway- from what I hear, Internet cafe's are one of the more popular places in Estonia to vote. The filter would have to run at the cafe and provide differential login by age, and the filter would have to be updated every second as new sites are created. Public places are public because they are public. That includes airports, hotel lounges etc. Besides, are you aware of a url known as http://www.the-cloak.com ? There are thousands like it, and those used in China, NK etc also use encryption to make sure that no comrade or mullah from the thought police catches them. Of course I'm aware of them- and there are much more effective ways to bypass filters. I would guess that ISP's showing logs that such a method was used could win a lawsuit against them claiming plausible deniability. I would also guess that the ISP's would be allowed some degree of error as long as they didn't show blatent negligence, ie. not blocking an obviously offensive site after someone complained. I've implemented several systems of this sort and you don't have to tell me that it's an uphill battle. I once blocked the municipality of Raanana or something like that because it's website was on shared hosting with a porn site (so goes the very small hosting business in Israel). Still, I don't have a problem with any law that attempts to fight that battle. -Yonah You cannot police a country because x teenagers might look at something, and you cannot police the internet in the first place because you so decided. So far the only means that have proven succesfull for muzzling servers have been legal. Places were shut down, servers confiscated. Two weeks later they started operating again from offshore servers, with multi-homing and backup servers in case some crazy commandos jump their new site somehow. Peter
Re: the great jerusalem firewall
On 3/3/07, Shachar Shemesh [EMAIL PROTECTED] wrote: Yonah Russ wrote: This law isn't stopping anyone who already legally has the right to look at porn from looking at porn. Sure it does! For one thing, porn is not illegal today. I find it hard to believe that an adult is allowed to legally give a minor pornography in any form. I'm not a lawyer so I could be wrong but I come from the US and there it is definitely illegal. I would also bet that child pornography is illegal, etc. It just requires them to prove that they have the right. Which is a way of stopping. Saying you can't do X unless you do Y hinders the possibility of doing X. Being as it is that the law does not properly define what porn is, and the actual real life will be that non-port WILL get categorized as porn, this is a significant hinderence. Like I said elsewhere, the question is not even about port in particular, but about whatever gets categorized as porn by whatever software being used at the time. so type in your password I don't see requiring to identify yourself before watching porn as any different from requiring a license for driving. Show me who you are likely to kill if you watch porn without a license, and we'll be able to discuss the analogy further. 1- driving is just an example. s/driving/voting, drinking alcohol, getting married, not going to school, etc./ 2- Duh! http://scholar.google.com/scholar?q=connection+pornography+violencehl=enlr=btnG=Search When the news in this country talks about 12 year olds sodomizing 8 year old girls over 25 shekel (http://www.ynet.co.il/articles/1,7340,L-2928740,00.html) and it doesn't stop there- http://www.google.com/search?hl=ensafe=offq=%D7%9E%D7%A2%D7%A9%D7%99+%D7%A1%D7%93%D7%95%D7%9D+%D7%91%D7%99%D7%9C%D7%93%D7%94btnG=Search כתב אישום: בן 22 הכיר בצ'ט בת 13 והפך אותה לשפחת מין כתב האישום חושף: תשעה נערים אנסו, ביצעו מעשי סדום, והתעללו קשות בילדה בת 13 המשטרה מחפשת אחר חשוד בביצוע מעשי סדום בילדה בת 10 מאשדוד Where do you think a 12 year old learns about this stuff !? You don't think that there is any connection between porn/violence on the net and in real life? snip This is about censoring the internet from children. and from people who don't want to identify themselves using biometrics, and from people who cannot afford the biometric equipment. The law may mention biometrics- it also mentions other forms of physical id. This is obviously not the main point of the law. Physical id could be calling a free number from your cellphone, sending an sms, etc. Biometrics could be signing the name on the computer with your mouse. If the only requirement was a password entered on demand, you'd be ok with the law? I don't know any child that can't live without a slightly smaller internet. Or any internet at all. Or, for that matter, a cell phone. Or, for that matter, a car. In fact, all a child really needs in order to live is food and a place to sleep. Let's block everything else. There are many who would agree with you. As I've said in other parts of this thread I think this law has a major advantage in that it will block access from anywhere- But why porn, and not anything else you, personally, may find objectionable? This is, in essence, you saying I should pay extra, let go of my anonymity and have extra burden placed on me merely because you can't control what your children do when they are not home. Not a good trade off, in my view. I did suggest taxing porn users but I'm not a duely elected member of parliment nor was this part of the law. I don't see whay this law should make anything more expensive. I also suggest that a packet of cigarrettes should cost $500 and that smokers should have to pay more health tax. This law ensures (hopefully) that every access to adult content will be made by adults. What about false negatives? type in your password If a parent really want's they're kids looking at porn sites, they'll give them their password. and their fingers? The law talks about biometric identification! great- so they actually have to be there and supervise their children- what a concept -Yonah And, besides, I don't want my kids to go to porn sites. I want them to go wherever they want, porn or not. I cannot do that with this law, because they have to have my specific permission. -Yonah Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html
Re: the great jerusalem firewall
On 3/3/07, Peter [EMAIL PROTECTED] wrote: On Sat, 3 Mar 2007, Yonah Russ wrote: On 3/3/07, Peter [EMAIL PROTECTED] wrote: snip Actually- I know one of the developers of the Estonian online voting technology which identifies each voter based on a physical smart card and a password. which is exactly what is being discussed here- physical/biometric +password. I guess it's not too impossible to have a proxy at the ISP filter and require these forms of identification and I don't see why NAT makes a difference. Anyway- from what I hear, Internet cafe's are one of the more popular places in Estonia to vote. You are confusing a one to one relationship (surfer to voting center) with a one to many one (surfer vs. potentially an infinity or URLs). No- I 'm suggesting a 1-1 relationship of surfer to ISP proxy. I've implemented several systems of this sort and you don't have to tell me that it's an uphill battle. I once blocked the municipality of Raanana or something like that because it's website was on shared hosting with a porn site (so goes the very small hosting business in Israel). Still, I don't have a problem with any law that attempts to fight that battle. Nor with the costs ? With the stupid childish mandatory software made by a company with 'exclusive' rights that happens to work only on Windows ? With the unceasing technical problems ? With crashed sessions when you try to surf your bank account the 7th time because the authentication software clashes with some gizmo you recently installed without knowing ? I don't know what manditory software but I would guess that very little should be client side in such a set up- maximum a java applet for the physical identification which could be totally cross platform. As for your bank site-I highly doubt you would need to pass through the authentication system at all to browse it unless your bank is different than mine. You are a technical person, you know what kind of pain it means to keep almost a million computers 'clean'. It requires 6*9. What software is 6*9 ?! Even without the definition of porn being what it is. And if you want to know what happens when things go wrong, here is an example from the land of all possibilities and freedom of speech, which has implemented a similar law in public libraries. A small mistake happened. Read on: http://technology.timesonline.co.uk/tol/news/tech_and_web/article1464355.ece Oops, wrong popup ad from our trusty affiliates over whom we have almost no control. Now you popdown to jail for 40 years or so. So much for 'flexibility'. I don't see the connection- In this case the teacher was obviously negligent in leaving her computer open to use by students. I leave it to your imagination what happens if such a thing occurs to an ISP or newspaper or magazine website after the law is implemented (even disregarding the possibility of someone doing it deliberately to cause trouble). I would actually suggest that ISPs have the option to use a third party system developed for the purpose. This third party system would be developed for by a company who wins a government bid and would be approved and maintained by/for the government. This could alleviate the problem of blame on the ISP side and fulfill the requirements of the law. ISPs not wishing to use the service would be open to legal action based on the quality of their solution. Just an idea. -Yonah Peter = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: the great jerusalem firewall
I'm confused... is there any parent that wants their kids to freely and easily access pornography? Halevai the UN would treat pornography like they treat nuclear weapons. -Yonah On 3/2/07, Peter [EMAIL PROTECTED] wrote: We (more exactly *you*) are about to join Iran, China and North Korea. Are you ready ? http://www.ynetnews.com/articles/0,7340,L-3371412,00.html Peter P. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: the great jerusalem firewall
On 3/2/07, Peter [EMAIL PROTECTED] wrote: On Fri, 2 Mar 2007, Yonah Russ wrote: I'm confused... is there any parent that wants their kids to freely and easily access pornography? Halevai the UN would treat pornography like they treat nuclear weapons. I am confused... is there any adult in this country who wants to be fingerprinted to be able to check his email or chat in an adult chat group (perhaps looking for a mate, perhaps not using very academic language all the time - i.e. without resorting to Victorian code along the lines of 'I wish I could tickle you softly' when someone means something entirely different, yes) ? Someone with nothing to hide probably doesn't care. On the other hand, if their afraid that someone could find out what they're doing, maybe they shouldn't be doing it? Besides, I don't see any reason why the resulting identification system has to be personally traceable. By the way, your kids *do* go to the beach from time to time (without wearing blindfolds) ? Or not ? My kids are under 4 years old so they don't surf the web or the waves ;) but I don't really want them to be surfing porn sites when they grow up. Sorry for asking, there is no need to answer, I'm just mumbling to myself. Of course I fully endorse setting up firewalls and content filters of any kind you wish at *your* premises. At a cost. That's what people do now and it is less than effective. If you are worried about the investments necessary by the ISP's, I say start taxing porn users and take the money to pay the ISPs for their work. If this country can tax a $12k car into a 120k NIS car, they can tax porn users (and cigarette smokers while they're at it). And, g*d forbid the UN treat p0rn like they treat nuclear weapons, because if their treatment of Iran and Iraq and a couple of other countries (like NK) in the last ~17 years is any measure, then it would mean p0rn would be a minor misdemeanor ranked about equal to farting in public, to be punished with a pat on the back and the extraction of a promise not to do it again. I stand corrected- Halevai they would treat it as they should treat nuclear weapons. Yonah Peter P.
Re: the great jerusalem firewall
On 3/2/07, Peter [EMAIL PROTECTED] wrote: On Fri, 2 Mar 2007, Yonah Russ wrote: I am confused... is there any adult in this country who wants to be fingerprinted to be able to check his email or chat in an adult chat group (perhaps looking for a mate, perhaps not using very academic language all the time - i.e. without resorting to Victorian code along the lines of 'I wish I could tickle you softly' when someone means something entirely different, yes) ? Someone with nothing to hide probably doesn't care. On the other hand, if their afraid that someone could find out what they're doing, maybe they shouldn't be doing it? Besides, I don't see any reason why the resulting identification system has to be personally traceable. The MI will strongly disagree. They are oh so near to nab all the potential kiddie p0rn lovers, and eavesdrop on everyone just in case Once again- if you don't break the law, then why would you care? I personally don't see why as much law enforcement is as automated as possible. Take traffic laws for example- Almost everything could be automated. Why should cars be capable of driving faster than the highest speed limit? Why should trucks be capable of driving when they are pulling more than the allowed weight? Why shouldn't cars require a valid license to start the engine? Even better- the car should not only require a valid license, but the license should be matched against the insurance policy of the car and you should have to pass a breathalyzer test before the engine starts. ;) -Yonah (not that this does not happen already - I have had a quasi static IP on DSL for a few years now, without paying anything - ah the perks, the recognition !). And then there's the tax office, and politics (nothing like publishing a logged chat session to shoot down an inconvenient politician or officer's carreer five to ten years after the fact - see what they do in the US about this for details). By the way, your kids *do* go to the beach from time to time (without wearing blindfolds) ? Or not ? My kids are under 4 years old so they don't surf the web or the waves ;) but I don't really want them to be surfing porn sites when they grow up. By the time they grow up 8 year olds will likely crack public terminals using ninja handwaves and eyeblinks in front of the mandatory biometric id devices. Sorry for asking, there is no need to answer, I'm just mumbling to myself. Of course I fully endorse setting up firewalls and content filters of any kind you wish at *your* premises. At a cost. That's what people do now and it is less than effective. If you are worried about the investments necessary by the ISP's, I say start taxing porn users and take the money to pay the ISPs for their work. If this country can tax a $12k car into a 120k NIS car, they can tax porn users (and cigarette smokers while they're at it). As you say, 'That's what people do now and it is less than effective'. More exactly: the great china firewall has helped arrest about 20 times more potential political dissidents than kiddie p0rn amateurs, with excellent cooperation from the greatest technology Names from the land of all possibilities and freedom: CI*** Ya*** M** and G*. This has not stopped either piracy, p0rn, or political dissidence. On the contrary, all of these work much better now because they use cloaking, vpns, and things like tor.net as a standard, plus every blogger in China must use at least five pseudonyms since one of them was jailed for posting something inconvenient about some comrade or other. Egyptian bloggers recently learned the value of having untraceable nom de blogs recently, the hard way. As a result, nearly all downloads of tools which can implement these measures are blocked in China. That includes all Linux and BSD downloads of course, and many times access to linux mailing list archives. This country already 'shines' by being the only 'developed' country that does not have a Debian mirror, among other things. Just wait for what is coming next ? Do I have to dot the Is on how this affects Linux and BSD users in Israel ? Peter
Re: the great jerusalem firewall
On 3/2/07, Peleg Wasserman [EMAIL PROTECTED] wrote: First of all what do you consider pornography? What does that matter? There is a building full of elected officials and appointed commisions who will decide what is considered pornography after which an entire system of judges will interpret the law as issues arise. The same way they decided that it was legal to drive 80km/h on a intercity road without a separation, etc. Second, why is it the job of the government to tell it's citizens what is ok for them to access, and let their children see, and what isn't? The short answer is that you elected them to do exactly that. You elected them to make laws as they see fit. If you don't like the laws they make, don't vote for them again. The long answer is that government, especially democracy, is about sacrificing some personal freedoms for the sake of a more organized society. It is a social contract which binds everyone. Everyone agrees to submit to having speed limits enforced so that an idiot doesn't crash into them at 150km/h. Everyone agrees to go to jail for murder so that people won't murder them, etc. Everyone elects a government and they decide the rules. Of course you will always have those who disagree and they can either choose to follow the rules anyway, or face the consequences if they are caught. While any parent who wants to limit his children's access to the Internet can do it quite easily, as can be done by any ISP, the problem is not with what kids can see, but how they react to this. I would rather have the government spend it's money on giving kids sex-ed classes, and educating them, and leaving the decision on what they can see to their parents. This is not as easy as you suggest- it is not simple at all to filter such content. And there is no way for a parent to control all of a childs internet access (school, phone, home, neighbor's wireless). By putting the block on the ISP level, you have a much more effective means of control. Is it me or is there a constant shift of responsibility for the kids from parents to the state? Who can guarantee that the next law to be passed won't limit our access to information about other religions because it falls withing the law forbidding the spread of other religions? or limit access to foreign news sevices because they depict the current state of affairs in a way that doesn't suit the government? Don't get me wrong, I'm not a fan of the current government and I certainly didn't vote for them, but there is nothing that stops the government from doing what you say and if they decide to do such a thing then apparently the majority of people around you would either choose to do something similar or they wouldn't care. Maybe you're just in the wrong country? -Yonah Yonah Russ wrote: I'm confused... is there any parent that wants their kids to freely and easily access pornography? Halevai the UN would treat pornography like they treat nuclear weapons. -Yonah On 3/2/07, Peter [EMAIL PROTECTED] wrote: We (more exactly *you*) are about to join Iran, China and North Korea. Are you ready ? http://www.ynetnews.com/articles/0,7340,L-3371412,00.html Peter P. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: the great jerusalem firewall
On 3/2/07, Peter [EMAIL PROTECTED] wrote: snip You are of course assuming that the laws are perfect and consistent, and constant. The laws are made by a few people who think that they are in a position to judge for many, and who strongly believe that they can foretell what the others will or might do in a given situation. I don't think so at all- I just think that the laws in a democracy are usually reasonably in line with the majority of the constituents. The laws are made by people chosen to make laws. The citizens in this country chose those people to make those decisions. I don't think almost any government is perfect- just hopefully a lesser evil. -Yonah They have been proven wrong in this by history every day since the word law was coined eons ago. It is interesting to notice that none of these wise people who predict funding, appropriations, inflation and other key parameters for months or years for a population of several millions in their legiferation are able to predict what they themselves are going to do or say or spend the very next day, even without 'interesting times' like wars or oil price hikes elsewhere throwing a wrench into the calculations. F.ex. with cars, biometric security was implemented by some, f.ex. Mercedes. As a result, recently a Mercedes was appropriated in a South-East Asian country, complete with the owner, who was needed to operate the fingerprint reader. Later the thieves got bored of lugging the owner around and chopped his finger off with a machete, tossed him out and kept the car. The story made the news. Locks are made for honest people. Making a few million people do strange things (like appearing to kiss the steering wheel or some other car part repeatedly to onlookers) to be able to drive their cars (even if technology does not play up) will not stop any fraudsters from having it their own way, just like a DNA database for the entire population will not likely help catching thieves (but may help identify them after they are caught by other means - and for this, a database spanning the entire population is not neded). One of the bigger failures of the communist totalitarian systems in Eastern Europe was the iron-clad 'five year plan' which was a blatant aberration that dictated how many pairs of shoes, loaves of bread, harvests, books, newspapers, and sick leave days a population of several millions of souls would need, five years ahead, and tried to provide for that. The enforcement of those impossible plans was a part of the terror that reigned then and there, and the fundamental reason for the frequent complete lack of basic consumer and subsistance goods (like food, soap, clothes and shoes) in those countries. Your idea of mechanizing law and taxes is a move in the same direction. One, Orwell, wrote a novel about this. The combination between inherently imperfect laws and the strong enforcement thereof (for example by full automation or by a police state) is a proven recipe for economic and social disaster. At least one country has had its tax laws implemented in a programming language (prolog). I understand that it is mostly made of heuristic rules which preempt the default 'rules'. (Links: http://portal.acm.org/citation.cfm?id=41735.41750) http://www.cbbrowne.com/info/freetaxsoftware.html http://opentaxsolver.sourceforge.net/ Note that this is not a working model, many heuristics are added and deleted every day, and the software that implements it (available in Canada for ~$20 and up or by subscription) changes every year ;-) I know nearly nothing about taxation anyway (I come from one of the handicapped countries behind the Iron Curtain so I know more about five year planned disasters). I thought that I left that behind, but now it is catching up in the form of the great jerusalem firewall (there was considerable media censorship back then). I am so thrilled. NOT. Peter
Re: [OT]: Multi-Home Power
What you want is called an Automatic Transfer Switch. Look for rack mounted ones- They also come in industrial sized versions for managing power for entire buildings/etc. yonah On 3/1/07, Eli Marmor [EMAIL PROTECTED] wrote: My question is off-topic, but I know that some of the subscribers of this list administer server rooms, so it may be a good idea to ask it here. And it's interesting... Do you know these computers with 2 power outlets? So you can plug them to 2 different power sources, and when one dies, the computer continues to get its power from the second, without powering off. Or when you want to replace its UPS, you just plug it off from the UPS and plug to the new UPS, without powering down the computer (because it continues to get its power on its second power outlet). Or when you want to move it from one cabinet to another cabinet, you just plug it to a lloonngg cable, then plug off the second cable, then move it to the new cabinet (without plugging it off), and then plug its empty power outlet to a normal cable connected to the new cabinet. So I'm looking for the same solution, but as a power outlet. Or RAV-SHEKA (I have no idea how to say it in English). Something with TWO power sources instead of ONE. So you enjoy all the benefits that I listed, not for one device, but for every device that is connected to this PASS-SHEKAIM (and don't confuse with UPSs that connected to two sources, because they don't allow you to replace UPSs without powering down the devices). I know that it's not as simple as it looks, and that the sources are not synchronized. But it's possible, and even must be simpler than UPS, so I'm sure there are such products. And if it's so difficult, maybe a manual switch can help too (i.e. it is connected to TWO sources, but gets its power only from ONE, based on A-B switch, so when you switch from A to B it is done continuously, without stopping for even a second. Of course, it's not really manual, because something must synchronize the sources during the switching). -- Eli Marmor [EMAIL PROTECTED] Netmask (El-Mar) Internet Technologies Ltd. __ Tel.: +972-9-766-1020 8 Yad-Harutzim St. Fax.: +972-9-766-1314 P.O.B. 7004 Mobile: +972-50-5237338 Kfar-Saba 44641, Israel = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
looking for web development management solution
Hi, I'm honestly sick of the mess ;) I need a system that manages website development from A-Z I need something centralized- no managing local apache servers for content writers I need something that isn't a CMS and doesn't require learning a template language I need somthing that can deal with the 50GB of code/images/etc that I already have without rewriting anything I need something that handles previewing changes from anywhere in the organization- including handling images/js/css that have full src URLS (ie. http://) I need something that has version control that is as transparent as possible. I need something with fine grained remote access controls so I can outsource work on specific parts of a site. I need something with QA features including reports of what has been updated, dependancy checking of html, php, and javascript (no broken links, no missing includes, and when I change a file that is refered to by 50 other files I want a list of them) If it will help me develop automated tests, that's bonus points. I need user friendly publishing to clusters of servers including realtime status of what servers are up to date and if one server is out of commision for 2 days due to hw failure I want to know how out of date he is. I need mutiple publishing gatekeepers with access to publish part or all of sites on the directory level. any ideas? multiple tools are acceptable as long as they work together ;) Thanks yonah = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[OT] Job Opp
Hi,Here are the details:Looking for a junior *NIX sysadmin Full time,Mostly Solaris work, possibly some Linux work.Located in Central Tel Aviv.Applicants may be required to pass a polygraph test. If you think you fit the bill, send me your resume.Yonah
Re: Why Unix is important
Please don't post links of this nature without warning other readers about their contents. A simple Don't go to this link if you don't want to see topless women/if your 5 year old is sitting on your lap/if your boss is standing behind you would suffice. Thanks, yonahOn 6/20/06, Lior Kesos [EMAIL PROTECTED] wrote: http://www.popup.co.il/?p=1343 Although if Shoshanna's remark about apt-get install sex actually worked on debian systems the open source movement would have ended in stallman fondeling his misbehaving and -- Lior KesosLinnovate - http://www.linnovate.netAll Paths Are Open!
Re: [OT] Google is Anti-semetic
On 5/9/06, Ira Abramov [EMAIL PROTECTED] wrote: Quoting Yonah Russ, from the post of Mon, 24 Apr: On 4/24/06, Amos Shapira [EMAIL PROTECTED] wrote: On 4/24/06, Yonah Russ [EMAIL PROTECTED] wrote: If it was a mistake, then I'm sure google will make a public apology. Unfortunately, I doubt it was a mistake. Excuse me, sir, but have you bothered to ask them? yes- I have yet to receive a response. yonahI see you finally have. I also see it was a bug. I have never received any response from Google which gave any information other than that they were aware of the issue and were working to fix the problem. I did not even receive a letter saying that the problem was fixed although it seems to have been. You seem to be refering to the assumptions which I published in my blog. Yes, I did seem to find some _javascript_ which was changed after their fix and which might have been a problem with the previous version. This was never acknowledged by Google. Whether it was a bug or not, it was, imho, incredibly insensitive to allow an application to go live with such an issue. It is even more incredible that it took so long for them to fix such a simple issue(as web programming issues go). I still think that Google should come forward with an apology to the effect of: We are very sorry about what happened. This was the result of fill in the blank. It was in no way meant to reflect any political views of Google or it's employees. yonah
Re: Need recommendation for task scheduler
I think everything suggested so far is way to complicated. Have all your servers mount a directory(lets call it cronserver) and store all your scheduled scripts there. You can then configure a single cron job (or as many as you want- daily, hourly, etc.) to run one or more generically named scripts to be located in your cronserver directory The generic scripts can decide when run, what server they are being run on and perform the appropriate actions if any. for example- have every server run /mnt/cronserver/daily.sh in daily.sh on your cronserver do var=hostname if (var==server1) then run /mnt/cronserver/server1.daily if (var==server2) then run /mnt/cronserver/server2.daily etc. Now everything can be stored, edited, etc. from one central location. If you want more complicated scheduling you could add it any number of ways depending on the resolution you're looking for. yonahOn 4/26/06, Chen Shapira [EMAIL PROTECTED] wrote: Hi,I probably didn't explain myself well, because I seem to get suggestionsthat are a bit different from what I had in mind.The idea is that I have jobs that I want every machine in my network todo on a schedule: backups, exports, generate daily reports, delete garbage files, run a test, etc. etc.I want to be able to schedule all of this from a central location, withsome dependencies between jobs (If backup failed, don't delete files)and to receive a report on the status of the jobs. I think that PBS and condor (and the other systems which Oleg suggested)deal with a different problem: I have 50 heavy tasks to run, 20 serversand I don't care which server does what task as long as they run. In my case, backups aren't that heavy, but I care very much which server runsbackup and when.Am I missing something?Thanks,ChenPS. Marc, I'd love to attend the revival. I can also be a su-chef if its still needed.-Original Message-From: marc [mailto:[EMAIL PROTECTED]]Sent: Wednesday, April 26, 2006 10:38 AMTo: Yedidyah Bar-DavidCc: Chen Shapira; linux-il@cs.huji.ac.ilSubject: Re: Need recommendation for task scheduler-BEGIN PGP SIGNED MESSAGE-Hash: SHA1Yedidyah Bar-David wrote: We used for some years, in cs.tau, openpbs. It mostly worked, but for some reasons we were not happy with it. A few years ago we moved to condor. I did not work with it much, so I don't have an opinion. It's rather big and complex, but seems to do the job.OpenPBS is a batch queue system. While nice enough, it had severelimitations and was flaky.Condor, on the other hand, is a horrifying piece of unadulterated condor manure. And - it is a NOW system.OpenPBS was replaced by PBS Pro. Which works, is less flaky thatOpenPBS, is scriptable, but is neither cheap nor simple. I implementedone for a client of mine, recently. There are other options.Hiya chen. D'ya want to come to the revival?M-BEGIN PGP SIGNATURE-Version: GnuPG v1.4.2.2 (GNU/Linux)Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.orgiD8DBQFETyNej9cvu/qbAI8RAiM9AJ9qMbcUHFdNP/iiN6PWLdECN7bfVwCeNvcLqocPeGcdUh2o/vUdvOim4BI==jLl4-END PGP SIGNATURE-__ This email has been scanned by the MessageLabs Email Security System.For more information please visit http://www.messagelabs.com/email__ To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]
[OT] Google is Anti-semetic
Google is a bunch of Anti-Semites. You can read the details on my blog: http://www.yonahruss.com/2006/04/google-supports-terrorism.html I suggest everyone write an email to [EMAIL PROTECTED] complaining about this injustice. Here is a sample email for your use: - To whom it may concern, It has been brought to my attention that Google, much like Hamas, refuses to recognize the Sovereign State of Israel. I find this deeply disturbing, especially in light of the fact that countries like Iran, Iraq, Afghanistan, and North Korea (the likes of which threaten the existence millions on a daily basis) are listed in your Analytics service without prejudice Please correct this immediately and may I suggest that a public apology to Israel and the Jewish people would be appropriate. If this goes uncorrected, I'm afraid I will have to boycott Google's services. Sincerely, --- To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] Google is Anti-Semitic
On 4/24/06, Shlomi Fish [EMAIL PROTECTED] wrote: Hi Yonah. On Monday 24 April 2006 10:56, Yonah Russ wrote: Google is a bunch of Anti-Semites. Why? Because they did not include Israel in the Google Analytics country choice? That may imply this action is anti-Israeli, but it's not anti-Semite. There's a difference here. That was more to get your attention than anything else- it worked- right? For all we know this problem may have not been an official Google policy, and will be promptly corrected. So it wouldn't be honest to label Google with being anti-Semite. Companies like google should not go public with non-policy websites. Besides, a) several people have told me that in the past Analytics allowed the choice of Israel so this has apparently been removed on purpose. b) Palestinian territory was never included in any stock country list I found on the web when creating a website. And for the record, Google employs several Israelis and Jews, have an Israeli office, and have set up the http://www.google.co.il/ localised portal. So it would be a stretch to say they are anti-Israeli. As I've told others, unfortunately I know many anti-semetic Jews. In any case, my point is that google has taken a side in our little conflict and I don't believe it to be a valid one. You can read the details on my blog: http://www.yonahruss.com/2006/04/google-supports-terrorism.html Again? Google supports terrorism? Your argument seems to stem from the fact that they did not include Israel yet included malevolent countries. In this case, the problem is with not including Israel, not with including these countries, which does not imply supporting terrorism. I would be satisfied if they included Israel. I would be happy if they included Israel and deleted Palestinian Territory I would be ecstatic if they included Israel and refused to include terrorist states. I suggest everyone write an email to [EMAIL PROTECTED] complaining about this injustice. I have signed up for Google analytics, and once I will be able to register, I see if the problem you mentioned still persists, and if so will write them a polite letter asking them to correct it. If you want I can send you an invitation code :P Meanwhile, please stop the labelling and accusations. Unfortunately, without a large amount of people to sway their opinion, I doubt my single email will change their policy or lack thereof. If you think that it is improper for them not to include Israel, I still suggest you write an email. You could also comment on and digg the story: http://digg.com/links/Google_Supports_Terrorism yonah Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ 95% of the programmers consider 95% of the code they did not write, in the bottom 5%. To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] Google is Anti-semetic
On 4/24/06, Arik Baratz [EMAIL PROTECTED] wrote: On 4/24/06, Yonah Russ [EMAIL PROTECTED] wrote: Google is a bunch of Anti-Semites. You can read the details on my blog: http://www.yonahruss.com/2006/04/google-supports-terrorism.html I do believe, Yonah, that you might be jumping to conclusions here. In fact, I think what you have written above is calumniatory, defamatory, denigratory, libellous and slanderous. Had I been Google I would have sued you for that. It's a good thing you aren't Google ;) I suggest everyone write an email to [EMAIL PROTECTED] complaining about this injustice. Here is a sample email for your use: - To whom it may concern, To Google Analytics Support It has been brought to my attention that Google, much like Hamas, refuses to recognize the Sovereign State of Israel. I find this deeply disturbing, especially in light of the fact that countries like Iran, Iraq, Afghanistan, and North Korea (the likes of which threaten the existence millions on a daily basis) are listed in your Analytics service without prejudice This is a demagogic statement, meant to illogicaly tie Google to the Hammas. You took one fact - that Israel's time zone is missing - and built a mountain of logically inconguant statements that cannot be proven or even strongly tied to the original fact. This is not meant to tie Google to the Hammas- it's meant to say that not including Israel in the list of Countries (yes the name of the field is timezone, country, or territory so I guess Israel doesn't even merit a timezone or a territory when placed next to the PA) is a gross oversight to the point of being insulting. Even more than that- since several people have informed me that in the not-to-distant past, when they signed up for analytics, Israel was included, I must believe that Israel was removed from the list on purpose. Which makes it alot harder to believe that this was an oversight as opposed to a policy decision. You completely ignore mitigating factors - like the existence of google.co.il, of news.google.co.il, the Hebrew interface language and the Hebrew language translation project, and the fact that they have an office in Israel and hiring Israelis. Oh, don't let reality get in your way to righteousness. I don't ignore them. They just don't make a difference to me. The fact that Israel is not on the list while palestinian territory is insults me regardless of the fact that there is a google.co.il which I never use or the fact that google is willing to hire Israelis when it suits them and insult them when it suits them. If I worked for google in Israel, I would likely have quit after seeing this. Please correct this immediately and may I suggest that a public apology to Israel and the Jewish people would be appropriate. That's rich, considering you send your email messages from GMail (yes I checked the headers) and use their Analytics service. Actually I don't use their analytics service- I do use GMail, and even Blogger to publish my blog. As I wrote in the sample email I will wait for a response before I choose to boycott services other than analytics. If this goes uncorrected, I'm afraid I will have to boycott Google's services. Were I Google I would have closed all your accounts after that email. But I think that they will follow Hanlon's Razor [1], which you should have followed when you discovered that missing timezone: - Never attribute to malice what you can attribute to stupidity. If it was a mistake, then I'm sure google will make a public apology. Unfortunately, I doubt it was a mistake. yonah -- Arik [1] http://en.wikipedia.org/wiki/Hanlon's_Razor To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] Google is Anti-Semitic
On 4/24/06, Arik Baratz [EMAIL PROTECTED] wrote: On 4/24/06, Yonah Russ [EMAIL PROTECTED] wrote: a) several people have told me that in the past Analytics allowed the choice of Israel so this has apparently been removed on purpose. How do you know? Do you have some insight into the Google Timezone Removal Comeetee deliberations? How do I know? Well lets think- can I ever remember a time where I wrote something and it erased itself? nope. I guess that means that someone erased it on purpose. b) Palestinian territory was never included in any stock country list I found on the web when creating a website. Uh, unfortunately for you, this is also a mistake on your side. Gaza is its own timezone, and when contemplating timezones, see there, you have to include it. It's different from the Jerusalem timezone by the application of Daylight Saving Time or lack thereof. No offense, but if you are going to ask Google to put Israel in it's list of timezones, countries, and territories by virtue the fact that we have our own DST then you've pretty much missed the boat already. You have a Country that is being ignored, most likely on purpose, and you would be happy with a timezone :( And for the record, Google employs several Israelis and Jews, have an Israeli office, and have set up the http://www.google.co.il/ localised portal So it would be a stretch to say they are anti-Israeli. As I've told others, unfortunately I know many anti-semetic Jews. In any case, my point is that google has taken a side in our little conflict and I don't believe it to be a valid one. Whoa! Did I read that correctly? Are you accusing the Jewish Google employees of being anti-Semitic? I wish I was a Google employee just so I can take you to court for just that statement. Again- it's a good thing you're not a google employee otherwise it would probably just say Palestine in their list. If I were an employee of Google, I would quit over this. In addition, I've since been sent various links pointing to other cases where Google has taken what I would call the wrong side. There have been several occasions when Google approved terrorist propaganda machines as news sources for google news. There have also been cases where Google served paid advertisements for the Hamas(apparently that made ynet). You can keep patting Google on the back for all the evil they aren't doing but I personally think they need to be a little more responsible. http://littlegreenfootballs.com/weblog/?entry=20054only http://littlegreenfootballs.com/weblog/?entry=19937only http://atlasshrugs2000.typepad.com/atlas_shrugs/2006/04/the_evil_that_g.html yonah You could also comment on and digg the story: http://digg.com/links/Google_Supports_Terrorism Actually I'm going to do it right now. I don't suppose you'd like what I write though. -- Arik To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] Google is Anti-semetic
On 4/24/06, Amos Shapira [EMAIL PROTECTED] wrote: On 4/24/06, Yonah Russ [EMAIL PROTECTED] wrote: If it was a mistake, then I'm sure google will make a public apology. Unfortunately, I doubt it was a mistake. Excuse me, sir, but have you bothered to ask them? yes- I have yet to receive a response. yonah --Amos -- (God) is my favourite fictional character. - Homer Simpson To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[OT] Google responds
Google has responded- They say they are aware of the issue and request patience while resolving it. They also claim that Israel was never an option so that makes Alon Altman from this list an accused liar, along with several other people I know who all told me that they signed up for Analytics and chose Israel without a problem. You can read the full texts at my blog- http://www.yonahruss.com/ yonah To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Looking for another ISP (was: a bit off topic. Now: Even more)
The fact that BT takes up the largest percentage of the bandwidth doesn't really tell you anything about bandwidth usage. It's a meaningless fact. The real fact is that 95% of the world could be using the internet for email and web browsing alone (both of which are very low bandwidth applications easily handled by a 56k modem) and the other 5% using BT could be using 60% of the bandwidth because BT is a very high bandwidth application. Of course I'm exagurating a little bit but the point remains- The fact doesn't mean much by itself. In any case, I don't think there is much to argue about if the Terms and Conditions stated from the beginning that there was a 5GiB cap. On the other hand, I don't think it's right for ISP's to start enforcing the clause whenever they feel like it. It's as unethical as baiting and switching. Imagine if an ISP would secretly give every new customer 5M lines for a month and a half- then all of a sudden the speed drops to 1.5M. Joe schmoe doesn't know what's hit him and when he calls customer service, the rep tells him Oh I'm sorry - we accidentally gave you a 5M line and only just corrected the mistake but don't worry we won't charge you for it- BTW are you interested in our new special on 5M lines? It's the same here- for months/years they didn't say anything. Now when people are used to it- they come and ask for money. It is their own fault that they overbook the lines- they should deal with it and if they want to limit new customers- gei gezunt. yonah On 4/23/06, Oded Arbel [EMAIL PROTECTED] wrote: On Sunday, 23 בApril 2006 10:47, Ira Abramov wrote: well, it's nice that you pay for online multimedia, most people don't. in fact I don't know the latest numbers but well over 50% of the world's IP traffic today are bittorrent streams He. I was initially going to refute the above claim - are you out of your mind ? what about emails and web ? Well - I don't know how right you are, but the few numbers I could find seem to support at least the notion of bittorrent being the largest provoker of ISP limitations: According to this study (http://www.cachelogic.com/research/2005_slide07.php), P2P traffic (as a whole) took about 60% of internet bandwidth usage at end of 2004, of which about 35% is BitTorrent. It stands to reason that these numbers have grown significantly in the last two years. OTOH - this study was done by a company that sells bandwidth management products to ISPs, so it stands to reason that their numbers might be a bit exaggerated. -- Oded ::.. No job too big; no fee too big! -- Dr. Peter Venkman, Ghost-busters To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Skype on BT (slightly off topic)
We use the voip-voice uconnect http://www.voipvoice.com/uconnect.html (not with linux) will connect a bezeq and skype line to a single phone (if you connect it to a dect merkazia, I assume it will work with all the phones on that merkazia but I haven't tried) you can dial out either bezeq or skype very easily- it includes voice recognition for your skype contacts and other ways of dialing. it also lets you check your skype voicemails. needless to say we are happy with it. it cost me 439nis in kravitz yonah On 4/15/06, Ira Abramov [EMAIL PROTECTED] wrote: Quoting Amos Shapira, from the post of Fri, 14 Apr: Ooohhh! That sounds like a potential life saver for us - ever since we moved our computers to the guest room we miss out on lots of incoming calls and can only talk from the far side of the home. Are you satisfied from this earpiece? Can you provide a link which shows the exact product details (model, basically)? Mine is the Logitech(R) Mobile Freedom(tm) but any BT earpiece will do, but it's only used as a sound device. remember the calls won't ring other than on the computer. what you could look into are the dozens of wireless phones sold today that connect to the computer via USB as well as the regular land line, and then recieve as well as dial out through either skype/gizmo/SIP/whatever as well as your regular line. find one with a headset or an earpiece, and you're on the gravy train. Also I saw SIP phones that work on WiFi, but those are much more expensive (yet WAY cooler :) http://www.logitech.com/index.cfm/products/productlistns/IL/EN,crid=1627 http://motorola.digitalriver.com/DRHM/servlet/ControllerServlet?Action=DisplayCategoryListPageSiteID=motostorLocale=en_USEnv=BASEparentCategoryID=categoryID=972000 http://www.voip-info.org/wiki-VOIP+Phones#CordlessHardPhones http://www.voip-info.org/wiki-VOIP+Phones#WLANorWiFiPhones http://www.voip-info.org/wiki-VOIP+Phones#USBphonesetsforusewithsoftphones http://www.voip-info.org/wiki-VOIP+Phones#Skypeadaptersandremotes Enjoy :) -- Honored member of the Reform Club Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: please enlighten me
On 3/28/06, Oded Arbel [EMAIL PROTECTED] wrote: On Monday, 27 בMarch 2006 18:48, Yonah Russ wrote: Secondly, Israel could just as easily install totally free and totally opensource linux on all the pcs. It doesn't because it would be much harder to support- ie. you need more than an 18 year old with 1/2g brain power to run a base's network, you don't get to call Linus 24/7 if you have a problem, and you can't pay for it in FMF (AFAIK the army logistics units don't know how to use anything free) I admin that I thought IGLU would be the last place to see Microsoft propaganda, but well - we learn something new every day :-) IDF do not deploy Linux system (generally - there are some units that do use Linux in some specific, non-general computing, systems) is not because its much harder to support (hint - it isn't), but because its perceived to be harder to support and/or not good enough by the powers that be. I didn't say that it is harder to support - but the method which the army uses to provide technical/network support would not be effective. Currently the army trains a couple soldiers per base to provide basic windows support- ie. to install windows, applications, printers, and add users. Backups, server maintenance, etc. are reserved for offsite support which from what I've seen is not much better trained. I have no clue how many days of training these people go through before they get placed in their units but I'm convinced that most of their training is On the Job. You, in general, can not give your average 18year old in Israel a week long course in Linux and expect him to be capable of maintaining a base full of Linux stations. Additionally, the overbearing control of the domain is not present in Linux and although I'm sure there must be some software which allows you to control the settings of users and groups across a huge linux network, it is probably not free. Also- I've mentioned before that I don't think the IDF knows logistically, how to use something which is free. They can only use software which they can buy with support (unless they develop it themselves). In which case, it is safe to assume that there is a much greater number of companies who are willing to provide windows support and training in Israel as opposed to Linux. As such, chances are that the Windows support will always be cheaper and always win in a Michraz. I personally think Microsoft is aweful but the IDF lives on MS-Office. As much as I am capable of using Open Office for my daily needs- it isn't a realistic replacement for the army. It is slow, big, ugly, the powerpoint is useless, and there is no outlook. Maybe evolution is better now a days (I have no reason to use anything like outlook for personal use). Linux is definately getting better for desktops but it's not there yet. :( I thought it was up to us to educate the general populace (and the generals) about it, not spread more FUD. Also, there are several computer companies in Israel, which I'm sure would love to do business with the IDF to support Linux systems on a 24/7 basis. Its not like the IDF calls Bill Gates whenever they have problems with Windows - probably because he won't have time to sleep at all ;-) Like I said above- the competition for windows support will always get you lower prices than on Linux support in Israel. Also- in order to apply for a michraz for the MOD you have to meet some pretty big criteria. ie. be a chevra ba'am, have a machzor of over $x/year, have more than y employees-which also probably rules out a bunch of the Linux support companies. yonah -- Oded ::.. In a survey taken several years ago, all incoming freshman at MIT were asked if they expected to graduate in the top half of their class. Ninety-seven percent responded that they did.
Re: please enlighten me
On 3/26/06, Uri Even-Chen [EMAIL PROTECTED] wrote: Ehud Karni wrote: It is not about the software, it is about support Some defense departments are using this software with SourceFire support and they are afraid that Israel might spy on them (remember Polard ?). Actually, I think you are right.Would the Israeli army agree forworkers of a company from a foreign country to be in charge ofinstalling maintaining security software on the Israeli army'scomputers? Sorry for the late reply- Actually I don't think they'd have too much problem with that in many circumstances. Almost the entire army runs Windows. Do you think that the IDF has read and approved the Windows source code? The army buys IBM (probably Lenovo now) PCs. Do you think the IDF examined every circuit on every motherboard? The army has a $20 million dollar Oracle contract- do you think the IDF has the Oracle source code? Do you think the IDF doesn't call Oracle with support questions? (I guarantee you that they have 24/7 support) So how, you ask, don't the CEO's of Microsoft, Lenovo, and Oracle know all the deep dark secrets of the IDF? The simple answer is that Israel like most countries tries as much as possible to limit the connectivity of the army computers to the real world (ie. internet) so you don't have to worry even if XP tries to phone home. Security contracts are handed out to Israeli subcontractors who don't pass on unnecessary info to foreign companies. Really, the US could have easily approved the sale and just trained/hired other americans people to maintain the systems themselves using telephone support from sourcefire for technical questions. There is no real reason for Sourcefire to have access to the networks in order to provide support. yonah Remember that a company can receive a court order from itscountry, which it has to follow - whether it likes it or not.Remember that Google, Yahoo, Microsoft etc. give information to the Unites Statesgovernment (with or without court orders), and even to the Chinesegovernment.The world is controlled by power, and the USA wants to keep power and not share it with other countries.All countries want power.But somehave more power than others.I wouldn't call it stupid, but I would call it selfish.The world is aselfish place.Read The Selfish Gene for more details. Best Regards,Uri Even-ChenSpeedy NetRaanana, IsraelE-mail: [EMAIL PROTECTED]Phone: +972-9-7715013Website: www.uri.co.il =To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]
Re: please enlighten me
On 3/27/06, Uri Even-Chen [EMAIL PROTECTED] wrote: Yonah Russ wrote: Really, the US could have easily approved the sale and just trained/hired other americans people to maintain the systems themselves using telephone support from sourcefire for technical questions. There is no real reason for Sourcefire to have access to the networks in order to provide support.It's a matter of power.There is no Israeli operating system, PC anddatabaseIsrael had to rely on others. Not true. For one, Magic is/was an Israeli database. A lot of the Army probably still uses it since it was one of the first to support hebrew afaik. Secondly, Israel could just as easily install totally free and totally opensource linux on all the pcs. It doesn't because it would be much harder to support- ie. you need more than an 18 year old with 1/2g brain power to run a base's network, you don't get to call Linus 24/7 if you have a problem, and you can't pay for it in FMF (AFAIK the army logistics units don't know how to use anything free) Thirdly, there is no reason the army couldn't manufacture pc's from parts- they have more than enough manpower. There is no end- of course Israel always had a choice - it's just easier to choose FMF But the USA don't have to relyon others - they have everything at homeThey want to keep the power at home, and information security is part of it.I don't support itpersonally, but I also don't support their immigration policy.If itwas up to me, I would open the gates for everyone.But I understand the (selfish) reasons that causes them to make these decisions.They thinkabout themselves, and what's good for them.And it is good for them (atleast in the short term). I don't see what technology has to do with free immigration. America realizes that democracy means that the majority rules. If you want to make sure your country stays yours, you can't let anyone come and vote. Imagine if all all of china decided to immigrate and annex the US! People can draw their own conclusions regarding our little nation but again- that has nothing to do with technology. A few years ago, I wanted to install an SSH client on my PC.There wasa famous USA made SSH client, but it was illegal for people from other countries to buy it.Eventually I found out a free and open sourceclient (I think it was TTSSH).By the way, now I use Putty. That's ashame ;) And whenPGP was invented, Phil Zimmermann was really harassed by the USAgovernment for inventing it and exporting it.That was the USA policy, and I agree it is stupid.Because even if they want to, they just CAN'Tprevent the rest of the world from catching up with new developments. They aren't trying to prevent the world from catching up- they are just trying to save themselves some CPU cycles = money while they read your email. jmho yonah Best Regards,Uri Even-ChenSpeedy NetRaanana, Israel.E-mail: [EMAIL PROTECTED]Phone: +972-9-7715013Website: www.uri.co.il
Fwd: HTML/CSS font sizes
On 3/26/06, Uri Even-Chen [EMAIL PROTECTED] wrote: Yonah Russ wrote: People that are interested in changing the size of the text on your website may be using screen magnifiers, or may be using personal style sheets to overide your styles. They may be hearing your webpage instead of reading it. They may have the pictures turned off.I know.But I want my website to look good even for these people.Idon't want them to think that my website is ugly just because it looksugly on their browser, even though they could use Opera (for example) to zoom it the whole site.Compare it to a painting or a movie.Theauthor or the painting or movie wants people to see his work as it is.He doesn't want people to change the way it looks when they see it.So the same it with the web graphic designer and webmaster.I checked (forexample) how my website looks with no style and it looks terrible.Idon't want anybody to see my website this way! But that's exactly the point. There are people that will see the site that way because they don't see at all or because they need very high contrast to read or for whatever reason. Do you think that blind people don't go to movies? The basic questions you need to ask are: 1) is all the information there without the pictures. 2) is all the information there without sound (if you have a narrarated flash intro- use subtitles) 3) is the information organized in a logical manner (using tables for design often breaks this) 3) lastly - does it look good in default installations of IE 5+, Mozilla 1.6+, Firefox, Opera, SafariI can't check each page with all the 5 browsers.Time is not infinite,you know.So I think there should be a standard - much like in PDF.In PDF you can't change text size, but you can zoom in and out.I thinkthis is the correct way to handle it. But zooming is not the only way people deal with web pages they view. It is very narrow minded to think that way. I hardly think that PDF is a format to be so amazed with. With proper web design you can do amazing things with your information. You can control the way a site is presented over various medium- aural, screen, print. You can link automatically to different translations. If you really want you can create multiple stylesheets for multiple zoom levels and create 3 different versions of the web page(but that again is missing the point a little). You can present the information in one visual order while presenting it in a different machine order- this is great for designing with screen readers in mind- you can move long lists of links after the content but display them visually before the content for sighted browsers. Sometimes the information can't be there without pictures.For example, a website about paintings.The pictures ARE the information! Not true- a well built site about paintings would have a longdesc tag for each picture describing the painting, who painted it, points of interest, etc. Do you think that blind people don't paint? In addition, there is always the classic example of using colors like green and red to indicate good and bad or functional and nonfunctional. To a color blind person (8% of all males I believe) that has no meaning. A properly designed site needs to have text along with the color to describe the same information ie. write the word 'Good' in green and the word 'Bad' in red. yonah Best Regards,Uri Even-ChenSpeedy NetRaanana, Israel.E-mail: [EMAIL PROTECTED]Phone: +972-9-7715013Website: www.uri.co.il
Re: Fwd: HTML/CSS font sizes
On 3/26/06, Uri Even-Chen [EMAIL PROTECTED] wrote: Maybe HTML CSS should have a better standard, something like PDF.Soit will be possible to create websites which look the same for users ofall browsers.If people have a specific sight problem, their case could be handled specifically.For example, by zooming in and out of a page,or changing colors etc. Not to start a war or anything but you obviously have no clue how much work goes into writing the standards at the W3C. You have probably never read the standards and if you read them, you obviously didn't understand them or how to use them. The Internet is about publishing information and not about making websites. Websites are just a byproduct. The key to the success of the internet is the way it works. Anyone can decide how and what to do with the information you put on the internet. Spiders can index it, make it searchable. Other programs can decide if your business is doing well by monitoring news traffic and analyst columns. Other programs can filter it so kids don't see things they shouldn't. People who are blind can listen to it and people that are deaf can read it. The key is that the browser decides what to do with it and it is not a bad thing. I'm not saying the standards are perfect. They are for sure not, but there is no way to create a standard to handle everyone's problems- the standard defines that people can handle their own problems however they want and it's the web designers job to give them all the information they need in order to do so. yonah Best Regards,Uri Even-ChenSpeedy NetRaanana, Israel.E-mail: [EMAIL PROTECTED]Phone: +972-9-7715013Website: www.uri.co.il= To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]
Re: HTML/CSS font sizes
On 3/26/06, Uri Even-Chen [EMAIL PROTECTED] wrote: Yonah Russ wrote: People that are interested in changing the size of the text on your website may be using screen magnifiers, or may be using personal style sheets to overide your styles. They may be hearing your webpage instead of reading it. They may have the pictures turned off.I know.But I want my website to look good even for these people.Idon't want them to think that my website is ugly just because it looksugly on their browser, even though they could use Opera (for example) to zoom it the whole site.Compare it to a painting or a movie.Theauthor or the painting or movie wants people to see his work as it is.He doesn't want people to change the way it looks when they see it.So the same it with the web graphic designer and webmaster.I checked (forexample) how my website looks with no style and it looks terrible.Idon't want anybody to see my website this way! But that's exactly the point. There are people that will see the site that way because they don't see at all or because they need very high contrast to read or for whatever reason. Do you think that blind people don't go to movies? The basic questions you need to ask are: 1) is all the information there without the pictures. 2) is all the information there without sound (if you have a narrarated flash intro- use subtitles) 3) is the information organized in a logical manner (using tables for design often breaks this) 3) lastly - does it look good in default installations of IE 5+, Mozilla 1.6+, Firefox, Opera, SafariI can't check each page with all the 5 browsers.Time is not infinite,you know.So I think there should be a standard - much like in PDF.In PDF you can't change text size, but you can zoom in and out.I thinkthis is the correct way to handle it. But zooming is not the only way people deal with web pages they view. It is very narrow minded to think that way. I hardly think that PDF is a format to be so amazed with. With proper web design you can do amazing things with your information. You can control the way a site is presented over various medium- aural, screen, print. You can link automatically to different translations. If you really want you can create multiple stylesheets for multiple zoom levels and create 3 different versions of the web page(but that again is missing the point a little). You can present the information in one visual order while presenting it in a different machine order- this is great for designing with screen readers in mind- you can move long lists of links after the content but display them visually before the content for sighted browsers. Sometimes the information can't be there without pictures.For example,a website about paintings.The pictures ARE the information! Not true- a well built site about paintings would have a longdesc tag for each picture describing the painting, who painted it, points of interest, etc. Do you think that blind people don't paint? In addition, there is always the classic example of using colors like green and red to indicate good and bad or functional and nonfunctional. To a color blind person (8% of all males I believe) that has no meaning. A properly designed site needs to have text along with the color to describe the same information ie. write the word 'Good' in green and the word 'Bad' in red. yonah Best Regards,Uri Even-ChenSpeedy NetRaanana, Israel.E-mail: [EMAIL PROTECTED]Phone: +972-9-7715013Website: www.uri.co.il
Re: HTML/CSS font sizes
That is the exact opposite point of the Internet- no offense. You have no clue who is browsing your website. The person could be color blind, or totally blind, or deaf or dyslexic, or motorically challenged, or just Old. Everyone sees a web page differently. Are they using 640x480, 800x600, 1024x768? True, it's nice to make a nice looking website but your goal has to be the information in the website - not the way the website looks. The design should be a secondary factor. People that are interested in changing the size of the text on your website may be using screen magnifiers, or may be using personal style sheets to overide your styles. They may be hearing your webpage instead of reading it. They may have the pictures turned off. The basic questions you need to ask are: 1) is all the information there without the pictures.2) is all the information there without sound (if you have a narrarated flash intro- use subtitles) 3) is the information organized in a logical manner (using tables for design often breaks this) 3) lastly - does it look good in default installations of IE 5+, Mozilla 1.6+, Firefox, Opera, Safari good luck yonah On 3/25/06, Uri Even-Chen [EMAIL PROTECTED] wrote: Hi people,I'm looking for forums or mailing lists where I can discuss the standardHTML/CSS font sizes in browsers in general, and FireFox in particular.What bothers me is that I can't find a way to create a website that will display a specific font size, comparing to other graphic elements (thatis, if the font size will grow, the graphic elements will grow too).Ican do it with Internet Explorer, but not with FireFox.For example, look at [http://www.speedy.co.il/].If you change the text size inFireFox (make it bigger), it doesn't look good.The same problem isalso with Google ads (for example, look at [http://www.speedywhois.com/]).I think this is either a bug thatshould be fixed, or a bad standard that should be amended.Google adsshould look good with all browsers, and so should websites.If people want to see text bigger, they would be able to do this by zooming in orout of a page.I think the webmaster should have the ability to force aspecific text size, relevant to the graphics.It is possible to do it with Internet Explorer, but not with FireFox.I didn't check otherbrowsers.Best Regards,Uri Even-ChenSpeedy NetRaanana, Israel.E-mail: [EMAIL PROTECTED] Phone: +972-9-7715013Website: www.uri.co.il= To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]
Re: My Anti-qmail Page
On 11/11/05, Ira Abramov [EMAIL PROTECTED] wrote: Quoting Yonah Russ, from the post of Sat, 05 Nov: On the other hand, qmail is such a pain to install (I mean download, patch, patch, patch,,patch and install) it ends up wasting more time than any server update.I apt-get install qmail-src and the patching and building is done forme. I know no other secure and smooth-looking free pop-toaster than aqmail+qmailadmin+vpopmail combo and from my experience it has the lowest maintenence demands compared to any of the other options I have had thepleasure of admining. I found that the standard debian qmail didn't have the features I needed and then you have the even more annoying job of patching something that has already been patched. In general I prefer IMAP microwaves over pop toasters anyway ;) yonah yes, it bothers me it's not anywhere near GPL-complience, but I give DJBa lot of credit for for being a stubborn bastard where it counts. fact is that less security-critical bits of his published work are licensedalmost as loosely as public-domain. his reasoning behind the strictQmail distribution requirements is that many bugs get introduced during recompilations and ports that the original author is not able tocontrol. he used to give the wide varaity of sendmail versions that onceproliferated and at the time, there were indeed cases where the SunOS'sendmail had a sechole that did not happend on other vendors' sendmails since the source was radicly changed by Sun, yet still called Sendmail.If it was the case today I'd understand his reasoning, but those daysare over.I offered him once to release Qmail under the GPL and under a different name, so there was sure to be no confusion if a man would want tocompile the original or get a precompiled deriviative. sadly I never gota reply from him on the matter.Options that face the community: 1. rewrite the bloody thing from spec and make it GPL (lots threaten todo it but never do)2. redist with patches and a script to automate patching andinstallation (done in many places in different ways) 3. bug DJB some more.4. fork the code under a different name and give attribute to DJB, It'snot clear from his blurb if that's legitimate or not. I should look intoit.5. Swallow the redist frog, distribute it as binaries as DJB instructs and maintain location links for compatibility.6. continue regarding it as the niche solution that it has become, anduse it only when it's the best solution (hey wait, that IS the case,afterall no distro comes with it as the default MTA!) I set up an anti-qmail page at: http://www.shlomifish.org/open-source/anti/qmail/ Comments, suggestions, corrections and flames are welcome. The concept of an anti page is in itself a bit rude and vulgar, theidea that your very personal opinions and misinformation is not markedas such is dishonest and I personally find it odd that someone whould take so much time and energy to attack a perfectly good, a-moral andpopular product and dזmonize it (excuse the pun).but then again, it's a Fish-ism and I've come to accept them asnecessary evi^H^H^Hweirdness. --The silver liningIra Abramovhttp://ira.abramov.org/email/=To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]-- I have gmail invitations. Let me know if you want an account.
Re: My Anti-qmail Page
I personally agree with every word. So what if people don't find bugs in qmail. Does it make a difference to me whether the bug exists or whether the bug is found and patched before anyone exploits it. Chances are that if you use a supported distribution and you update regularly, any bugs will be taken care of before something happens. On the other hand, qmail is such a pain to install (I mean download, patch, patch, patch,,patch and install) it ends up wasting more time than any server update. yonah On 11/5/05, i Fish [EMAIL PROTECTED] wrote: Hi all!I set up an anti-qmail page at:http://www.shlomifish.org/open-source/anti/qmail/Comments, suggestions, corrections and flames are welcome. Regards,Shlomi Fish-Shlomi Fish[EMAIL PROTECTED]Homepage: http://www.shlomifish.org/95% of the programmers consider 95% of the code they did not write, in thebottom 5%.= To unsubscribe, send mail to [EMAIL PROTECTED] withthe word unsubscribe in the message body, e.g., run the commandecho unsubscribe | mail [EMAIL PROTECTED]-- I have gmail invitations. Let me know if you want an account.
Re: Hackable (Linux-based?) 802.11g wireless router
Ilya Konstantinov wrote: Hi, I'm looking to buy a wireless router that allows traffic prioritization and flow control (like Linux TBF queueing discipline does). I found it greatly improves the responsiveness of my broadband connections. Linksys WRT54G / WRT54GS seem to be the perfect solution, since it runs Linux it does run linux but you shouldn't think that it runs a full version of linux. It runs a stripped version compiled for it's MIPS processor. There are firmwares which will do what you want though. and I could use any feature of the Linux traffic control on it, by using simple 'tc' commands. However, I couldn't find this model (or any Linksys wireless router) selling in Israel. So: 1. Does anyone know a store selling WRT54G(S) in Israel? (I'm trying to avoid ordering overseas on eBay...) 2. Is this model considered outdated, thus the reason nobody seems to sell it? There are not out of date- the WRT54GS has more ram and memory so you have more room to play. It also has the speedboost feature which will only make a difference to you if you are using a speedboost capable adapter. It is important to know that these models have version numbers as well. Not every version of the router has been successfully hacked yet. this includes the wrt54g v2.2 and the wrt54gs v1.1 For more information, check these sites: http://www.seattlewireless.net/index.cgi/LinksysWrt54g http://openwrt.org/ 3. Are there any other Linux-based or similarily-open wireless routers? there are plenty. See here: http://openwrt.org/OpenWrtDocs/Hardware yonah I'll appreciate any tips. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
OT: Gmail invites
I just got 50 gmail invites- I'm sure I'm not the only one. If anyone wants one, two, three, or a dozen, just email me. yonah = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Centos ?
Gilad Ben-Yossef wrote: Michael Ben-Nes wrote: Today i heard of Centos, I heard its amazing and that its equal to RH commercial versions. Considering it is a recompilation of the RedHat Enterprise line code, equal isn't the right word here. Try identical. I wouldn't say it's identical- it aims to be identical but to rebuild all the packages without having the exact same build environment is not going to give you the same packages. For the most part, though, I would say that you're right- chances are you won't notice the difference. yonah I'm taking about the programs only of course, there is no Redhat support for Centos. Whether that is actually a plus or a minus I leave as an excersize to the alert reader... :-) How good is it ? Any one can tell me more ? Never used it myself but since it's the exact code sans support and logo what there is to tell? Gilad = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Centos ?
Gilad Ben-Yossef wrote: Yonah Russ wrote: I wouldn't say it's identical- it aims to be identical but to rebuild all the packages without having the exact same build environment is not going to give you the same packages. For the most part, though, I would say that you're right- chances are you won't notice the difference. Since Centos / RHEL include a development envrionment and I *hope* they self host the thing, you might as well have the same build environment as well, but I admi I don't really know. I can't tell you for sure either but a similar project, TAO Linux - http://taolinux.org/?q=node/view/14, seems to have had problems. I quote: So, while I have gone to great lengths to parallel RHEL3 as closely as possible, Tao Linux is by no means equivalent. It is impossible (or at least very hard) to know the exact toolchain and libraries present when the original RPMs were built; my 'comparerpms.sh' script can only tell me how close individual RPMs are; so I know fairly certainly just how close (or far off) It seems the only way to know if the build environments match is to compare all the rpms that come out of the build process. In the end, I admit- your guess is as good as mine. yonah Gilad = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: FOSS status in the eye of encryption law
what a joke! Have you seen the list of free means? better make sure your cordless phone, your network card, and your favorite unzip program are on the list- winzip is but 7zip isn't. Don't forget your DB server- ORACLE yes, Mysql NO. agav- linux (at least suse) seems to have been taken care of by IBM, whatever... yonah Lior Kaplan wrote: Hi All, As a result of the lake discussion in hamakor's list about the Encryption Order, I wrote a letter to recognize FOSS software as open means by the Israeli law. The text is at my blog: http://linmagazine.co.il/node/view/4192 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Open-Source projects menegment
www.sf.net Ido Kanner wrote: Hello, Recently I was reacived a question by a person if the open source community need/want a website that will manage: 1. All the projects that existed. 2. Requst for help (more developers, documentation, web site contributers) 3. People who wish to help projects like so. What do you think on this idea ? Ido = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Open-Source projects menegment
Ido Kanner wrote: Hi, I hope this will make it more clear: Open Source Coordination Draft The idea is to make a website which will coordinate Open Source projects and Open Source programmers with each other. Each project that seeks for extra help from programmers will be able to post its needs, and each programmer who has the time and will to contribute will publish his/her skills. First of all I believe you will find this at http://sourceforge.net/people/ every sourceforge developer can publish a profile with his/her skills and people can post requests for help with their projects... I believe this works fairly well. The system will list the available programmers for the project managers, and the list of available projects for the programmers, thus making the process of finding each other far better and faster than today's systems. considering (no offense intended) the complete lack of knowledge you seem to have in the subject I'm wondering what systems you are refering to... The web might will also include in its second phase a system for programmers to get help from other programmers (experts-exchange style). Aside from the sf forums which aren't exactly what you mean here but they can be a way to accomplish the above- I've always found google groups/usenet a winning combination We will be happy to hear your comments on the above, and will appreciate any help on the matter. I would say that success on the level of sf.net is incredibly unlikely and the likelyhood of creating one site to do everything sf does and more is much more unlikely (E1000) especially when well built tools like sourceforge exist. You might be better off trying to give some suggestions to the developers of the sf backend. yonah Ido = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] ISPs and fixed IP
Ira Abramov wrote: Quoting Yonah Russ, from the post of Mon, 03 May: they wanted me to pay 200- I complained and they lowered it to 150. I should have complained more. indeed you should have. when my current prepaid year is up I intend to make it VERY clear to them that I do not intend to pay more for the service that was so far built-in. afterall my machine is online 24/7, what difference does it make if it is a fixed IP or a long lease? either way I am always occupying an IP address, may as well be a fixed one. unfortunately they called me the night before my prepaid year was up- it was either get cut off the next morning and shop around for an ISP with a better deal, or pay up and stay connected :( yonah = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] ISPs and fixed IP
Gilad Ben-Yossef wrote: Ira, On Tuesday 04 May 2004 08:10, Ira Abramov wrote: indeed you should have. when my current prepaid year is up I intend to make it VERY clear to them that I do not intend to pay more for the service that was so far built-in. afterall my machine is online 24/7, what difference does it make if it is a fixed IP or a long lease? either way I am always occupying an IP address, may as well be a fixed one. You obviously know nothing about economics. :-) The reason they charge more for a fixed IP is the same reason dogs leak their genitals: because they can. Or to put it in economic terms: because people are willing to pay extra for it. It has nothing to do with the their cost. This is possible- on the other hand they might be running out of static IP's to give out. Either way, the real question is do any other ISP's even offer static IP's and if so, for how much? yonah Gilad = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Single sign-on in Linux ?
Oded Arbel wrote: ?Thursday 29 April 2004 01:00, ?? ??? Yonah Russ: Active directories is very heavy on kerberos- it's theoretically possible to use the same kerberos for both the active directory and linux- I've read you can even convince active directories to use a linux kerberos server. I only briefly looked into this b/c it means switching to kerberized deamons, etc. very annoying. Why ? I get them with the distribution, I think. I'm a bit hazy how does using kerberos prevents me from needing to type passwords all the time. you do get some with the distribution but they aren't active by default- you need to at least change lines in the inetd or xinetd to activate them- possibly more. With kerberos, when you log in you authenticate against the kerberos server and you get a ticket which is used for authentication against all other kerberized services. Therefore if all your computer clocks are in sync(very important) kerberos will let you not have to type in any passwords. I personally think the way to go is a TACACS+ server with an LDAP backend. Not that I'm going to change the way the office handles directory, but will the setup you mentioned allow me to use single sign-on ? yes- also you could possibly use ldap of active directory as the backend although I wouldn't suggest it. Almost everything today can support TACACS+ - windows is supposed to support it, unix supports via pam modules, cisco inverted it so all their stuff supports it. correctly configured you will get not only single sign on, but central logs of logins- who was on what and for how long, and the ability to reconfigure cisco acl's for a computer based on who logs in. those are two big advantages - also TACACS+ is encrypted so worrying about cleartext passwords there. yonah = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
mozilla rejects ssl certificate
I had some problems replacing the ssl certificate in ntop and I didn't find anything on google so I thought I'd post the solution. The problem was that mozilla rejected the certificate saying that it was invalid or corrupted - error code 12284 the solution - courtesy of Issac Goldstand was to use the following command line: openssl req -newkey rsa:1024 -keyout a.key -nodes -x509 -sha1 -extensions v3_req -days 365 -out b.pem the key being to add the '-extensions v3_req' which sets CA:False in the certificate. yonah keywords for search replace ntop certificate ntop-cert.pem mozilla rejects certificate error code: -12284 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
mozilla rejects ssl certificate
I had some problems replacing the ssl certificate in ntop and I didn't find anything on google so I thought I'd post the solution. The problem was that mozilla rejected the certificate saying that it was invalid or corrupted - error code 12284 the solution - courtesy of Issac Goldstand was to use the following command line: openssl req -newkey rsa:1024 -keyout a.key -nodes -x509 -sha1 -extensions v3_req -days 365 -out b.pem the key being to add the '-extensions v3_req' which sets CA:False in the certificate. yonah keywords for search replace ntop certificate ntop-cert.pem mozilla rejects certificate error code: -12284 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Single sign-on in Linux ?
Active directories is very heavy on kerberos- it's theoretically possible to use the same kerberos for both the active directory and linux- I've read you can even convince active directories to use a linux kerberos server. I only briefly looked into this b/c it means switching to kerberized deamons, etc. very annoying. I personally think the way to go is a TACACS+ server with an LDAP backend. yonah Oded Arbel wrote: Hi list. I recently read somewhere about kerberos 5 mentioned in the same sentence with single sign-on. I wonder how can I get single sign-on on my Linux workstation ? I currently log in using the office's Active Directory (winbind 3), use some windows and samba file servers, fish and FTP, and maybe HTTP logins (we have squirelmail for accessing the office mail server, and sometimes its useful to use it instead of kmail or whatever). I would like to have as little password typing as possible after the inital login (lets put aside for a while SSH key exchange and password wallets). is there any way to get at least SMB access a-la-windows ? = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] Old hardware
Yedidyah Bar-David wrote: On Sun, Apr 25, 2004 at 01:45:55PM -0400, Martha H Greenberg wrote: My new job has huge piles of old hardware (mostly pc) which I need to evaulate and then dispose of what we don't want. Can anyone recommend: 1) A company that buys old PCs and monitors? Or a tzedakah that would take them? Failing that, someone we can pay to come and dispose of them safely? I know YAD-SARAH used to. I don't have a contact there, I volunteered there a few times assembling PCs from donated parts some years ago. I think they still do this- you can try amiram - at - jct.ac.il for a contact- he's very involved in these things. yonah I also know there are several list members (me included) that would love to buy specific parts if they are usable and not too old (that is, anything less than about 7 years old, at least for me). This will be, of course, much more work for you, but much more valuable, as I have a feeling the only commercial body you can do business with is a company that buys it for the metal. 2) A good place to buy machine room accessories (anything from machine room tables/racks to cable ties)? I never bought such things directly, others did it for me. If noone else here has opinions on this, I can find some. 3) A good FAT/NTFS disk/file recovery program? I guess there are quite many. I worked with ntfsundelete from the linux-ntfs project, and managed to rescue some files, but not all. A tool I recently saw, that seems promising, is filesystem-agnostic - it works like 'file', with magic numbers. It's called 'Magic Rescue'. 4) A good PC hardware testing program (preferally self-booting)? I know there are a few, but I never used one. I only run memtest86 for a few hours or days, and zcav to read the disk(s) (getting a speed measurment as well). I think there are a few CDs/floppies that have both. Search google for something like 'bootable CD memtest86'. memtest users will be interested to know there is a fork called memtest86plus, which works on newer chipsets (well, at least one machine which did not work with memtest86 3.0 did work with it). Martha Greenberg [EMAIL PROTECTED] I guess your new job isn't in MIT, or you wouldn't send this to here. Is it so? PS - I have long thought that we need an Israeli system/network admin list. I'd love to have a place to ask these sort of questions, or other admin questions not relating to Linux. Is anyone else interested? I know this isn't too politically-correct, but unless it's getting frequent, posting here is a good bet. For at least some of your questions there are also forums in whatsup.co.il, but I think many people read only linux-il (and many read only whatsup, OTOH). = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: RHEL missing components rant
Henry Ficher wrote: Tzafrir Cohen wrote: Hi all A small rant, if I may. Due to strange circumstances I ended up using RHEL3 (RedHat Enterprise Linux 3. Actually: Centos 3.1, which is a clone of it). This seems to be a bad decision to make: RHEL misses many highly-useful packages. To name those I currently miss most of all: gvim (vim-X11. vim-basic and vim-enhanced are there, though) ncftp lynx/links/elinks/w3m: no text-mode browser in sight. mc gv (ggv is there, though. I'm not sure about kghostview) In other words: will make your life misserable as a server if you ever want to do decent remote administration. A slightly louder rant, if I may. RHEL ships without mysql server, firewire and mailman, which is quite incomprehensible since redhat.com mailing lists run on mailman. RHEL WS (workstation) doesn't come with mysql-server except via the extras but RHEL AS (advanced server) does of course come with mysql-server. I can't vouch for the other packages but you can't really blame redhat for leaving servers out of their workstation distribution. yonah I was forced to use third party binaries for these packages, except for firewire, which seems to be a dead project. Mysql server is now on the RHEL extras channel, but it took a while before they put it there. On the whole installing RHEL can be quite a frustrating experience. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [OT] the biggest Knoppix super computer
Assuming there were that many people in Israel who have computers they would be willing to sacrifice to the hackers connected to a network like that, where in Israel could you possibly plug so many people into a network? yonah shany pozin wrote: http://www.flashmobcomputing.org/ Can't our community do that also ? Shany _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli summer time - Was Re: Runtime changing of timezones
[EMAIL PROTECTED] wrote: I understand this completly (I've been through this myself when I admin'ed at HUJI CS), and you are certainly right with your concernes. I just think you are looking at the wrong direction. Existing tools will help you do a pull protocol (cron+ftp, for instance, BTW - NTP is a pull protocol too). If you'll get down to write a push protocol (a mistake, IMHO, since clients go up and down all the time and the server won't be able to track them all) then you'll have to write your own protocol, and by then I don't see the advantage of piggy-backing on NTP of all things. Look at this in another way - just like you setup NTP clients on all the machines you are responsible for, setup another procedure to pull the timezone file. Ok- mercy- I give up ntp. The point I was trying to make is that we all should get together and do it the same way. Let's try to make the script to run these updates part of standard distributions, part of the same rpm that distributes the TZ files in the first place maybe. Let it add a couple cronjobs/year which check: am I set to Israeli time, if yes- update zicfile, if no- exit. why shouldn't this be transparent to linux users? yonah yonah Cheers, --Amos = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli summer time - Was Re: Runtime changing of timezones
I meant to solve the problem of israeli summer time in a way that we shouldn't have to update every individual station every year but rather that one computer be updated and let the update propogate automatically throughout israel. perhaps we could piggy back the timezone settings on the existing ntp infrastructure so that ntp.ac.il would propogate the correct timezone information to all the stations downstream yonah Shachar Shemesh wrote: Yonah Russ wrote: With such a huge community of techies, why can't we come up with a way to make this easier for all of us- or maybe someone has? yonah It's awfully easy, assuming you are not trying something irrelevant. If all you want is to get daylight saving at the apropriate time, you don't need to touch anything. This, of course, assumes you live in a country with predictable daylight saving. If you live in Israel, you need to keep your linux system up to date at least once a year, and your'e set. If, on the other hand, you want to move your computer from Israel to the US without terminating any process, you may find that some processes go on in their old time zone. Tough, but totally harmless. I think that once we understand what the problem is, we may be able to come up with a solution. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Israeli summer time - Was Re: Runtime changing of timezones
With such a huge community of techies, why can't we come up with a way to make this easier for all of us- or maybe someone has? yonah guy keren wrote: On Tue, 16 Mar 2004, Nachum Kanovsky wrote: If I use tzselect to change my time zone, is there any way to get applications that are already running to notice the timezone change, and update their clocks appropriately? perhaps by sending them some signal? As an example application, I would like to get the gnome clock to be updated without having to restart gnome. I am also running a custom application, and I would like them to all display the correct time. what _are_ you trying to achieve? are you trying to adjust the machine for daylight saving time changes? or you're running a test machine and testing some software that need to be tested in different timezones? in the former case, you are not supposed to touch the time-zone at all, but rather make sure that the TZ file you have is updated with the dates of daylight saving time's changes, and then the switch will be made automatically - man 'zic' for more information, and look at ftp://ftp.cs.huji.ac.il/pub/tz/israel (look at the 'README' file) for easy instructions for the madness called israeli summer-time ;) if you're talking about the later, i'm afraid tzselect cannot help - since (i pressume) you're using it to set the TZ environment variable - and this change does not effect existing processes. you _might_ be able to apply such a change to them by attaching a debugger to them and using it to invoke the relevant library function - but i'm not sure how various applications will react to such a change. if you change the time zone of the entire machine - perhaps this will effect currently-running applications. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Apache virtual server redirection
Try mod_virtual_host VirtualDocumentRoot /www/host/sites/%1 yonah Tal Achituv wrote: Hi! I would like to redirect every foo.mydomain.com to www.mydomain.com/sites/foo My guess is that it could be done using the virtualserver directive in httpd.conf But i was unable to find any reference to such an example. Anyone knows how to do that?! Thanks! Tal. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Discountbank.net web site
I have been using this site for a while- I actually tried playing with the user agents a little and it seems that do some more interesting browser snooping to prevent you from tricking them. I wonder if Ie5 for mac works either. yonah Alex Gontmakher wrote: Hi everybody, If anybody of you have tried to access the Discountbank.net web site (for online account access), you would surely notice that it accepts connections originated from Internet Explorer only. That's quite a problem for Linux users - it wouldn't even try to communicate with Mozilla ;-(. I have tried to contact the bank technical support on this issue, and got a response stating that Since the Internet Explorer is the mostly used browser, we don't support any others. In the future the bank will discuss working with additional browsers. Have any of you tried to access that site, or would you like to do it? It's very convenient, and it's a shame to have a Windows installation around just for this (and yes, yes, I know about Wine... not working very well for me unfortunately). Now this problem is not specific to Discount bank - there are many others that not only make the minimal effort to communicate with non-IE browsers, but specifically go forward and make them IE-only. That's no way to promote Mozilla in particular and Linux in general!!! What we can do is collect some amount of signatures and contact the bank again, showing that the interest in the site is not from several people only. And then, we can probably write to something like Captain Internet of Haaretz for more exposure. So, if you want to get this site, and probably others, to work with Mozilla browsers, write me and we'll roll this on! Alex P.S. Below is the approximate text that I'd like to send to the webmasters (probably in Hebrew). Comments welcome. Dear webmaster of site name here! We have tried to access your site using the Mozilla browser, and got the response stating that The site is designed to work with Internet Explorer only. Unfortunately, we, as Linux users, are unable to use the Internet Explorer browser. We feel that this situation is unwarranted. The Mozilla browser supports the Web standards to a level which is not worse, and at times exceeding, that of Internet Explorer. In addition, due to the recurring security problems with Microsoft Windows in general, and Internet Explorer in particular, Mozilla (and other non-IE browsers as well) is actually *more secure* to use. Replying that the majority of users of the site use IE anyway is incorrect in its nature. Of course non-IE users won't access your site once they know that it works with IE only. The situation is worsened by the fact that your site actively disables connections that originate from Mozilla, thus preventing the Mozilla developers from ever fixing compatibility problems if such exist. This situation is unduly discriminating for the Linux and MacOS users, and it stifles the competition in the operating systems and in WWW browsers in Israel. We ask you to support other browsers on your site, or at least stop actively disabling it. With respect, list of signatures = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Unique identification of a computer
all the more reason to use non-commecial software, since the MAC address is about as unique as MS operating systems. 1) manufacturers reuse mac addresses to begin with 2) mac addresses can be changed read: http://yro.slashdot.org/yro/02/10/22/1213252.shtml?tid=126 Rony Shapiro wrote: In commercial systems, the MAC address of the Ethernet NIC is considered a unique identifier of the computer. Assuming that the machine has a NIC, of course. Rony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tzafrir Cohen Sent: Monday, January 19, 2004 12:32 To: [EMAIL PROTECTED] Subject: Re: Unique identification of a computer On Mon, Jan 19, 2004 at 11:04:01AM +0200, David Sapir wrote: Hi, When I read from /proc/ide/ide0/hda/identify : is it a unique number? Is this the unique ID of the hard disk? If the computer has such a disk. What about all-scsi system? If the disk is replaced? If the disk is moved to a different system? -- Tzafrir Cohen +---+ http://www.technion.ac.il/~tzafrir/ |vim is a mutt's best friend| mailto:[EMAIL PROTECTED] +---+ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Broadband Connection Speed
Here is an article covering the basic differences b/w cable and dsl- http://compnetworking.about.com/library/weekly/aa111200a.htm In short, cable is theoretically faster but since the bandwidth is shared b/w all the cable traffic in the neighborhood, it will very often give less bandwidth per household during peak hours (if everyone in your neighborhood is a kazaa-lite master, every hour is a peak hour) yonah Amichai Rotman wrote: Hi All, At home, I am connected to the Internet through Cable. I went to a friend with ADSL. I noticed a dramatic difference in speed in favor of the ADSL connection. Is it possible? Am I imagining things? Thanks, ::. Amichai Rotman Short text-only e-mails: [EMAIL PROTECTED] UIN#: 6401746 Registered Linux User#: 201192 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
small linux
Hi, I'm looking for a cheap, small, and empty linux appliance to put a little soho firewall/proxy on without taking up more room in my house. The smallest things I've found so far are the mini itx boxes but I can't find anyone selling them in Israel. Any ideas? Thanks! Yonah = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: small linux
yes- I did. I've seen the ones at lamir but thank you anyway. unfortunately, as you said they are overkill and he also seems to have only tall cases. I'm hoping to find something as small as possible- about the size of a cdrom drive. Yonah Alon Weinstein wrote: I think Yonah meant small in the physical aspect -- I know Lamir sell bare-bone systems with mini-itx motherboards in them, costs around 1000nis. You should check their site, maybe it'll fit your needs. Do note that these computers are an over-kill for the resources a router/firewall/proxy Linux box needs. Alon. Alexander Cheskis wrote: Hi, I'm using www.smoothwall.org You can download ~60MB ISO image from them, which formats disk, installs Linux + firewall, with friendly WEB server for maintanence. FreeSWAN and Co included. And it even works on 486 computers ;-) Regards, Alexander -Original Message- From: Yonah Russ [mailto:[EMAIL PROTECTED] Sent: Monday, January 05, 2004 10:36 AM To: [EMAIL PROTECTED] Subject: small linux Hi, I'm looking for a cheap, small, and empty linux appliance to put a little soho firewall/proxy on without taking up more room in my house. The smallest things I've found so far are the mini itx boxes but I can't find anyone selling them in Israel. Any ideas? Thanks! Yonah = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: small linux
well - I have to say they have a really aweful website- I think I saw what you mentioned though- it looks like a rebranded cappucinopc- http://www.cappuccinopc.com/ they sell for way more than $200 and have everything a desktop has- a cool gadget but doesn't fit the bill- Thanks for the try! yonah Aaron wrote: Ativ sells something that is the size of a cdrom drive. I think they are Ezgo PIII's and PIV I am not sure if you can infact format the hd and add linux. But they have used ones and new older version ones as well. www.ativ.co.il = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]