| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 2001/6/19 [Recreation/Dating] UID:21571 Activity:high 52%like:21565 |
6/18 If I got laid today, I would:
look for more hot chix: ..
\_ That's because I need to support my
addiction to sex
get a hooker: .
go back to school: .
go back to highschool: .....
thank yermom for the sex: .. |
| 2001/6/19 [Computer/SW/OS/Solaris, Computer/SW/Unix] UID:21572 Activity:very high |
6/19 My supervisor is suggesting we switch all our solaris servers (NFS
home,mail,web,E450s,Ultras) over to Cobalt boxes. Has anyone done
this before? Can anyone give me pro/con arguments for this idea
from a user/cost/support perspective? We're a field office
but still need to interface with the out-of-state parent company
that still runs solaris. We lost our two SAs and I've basically
become part-time computer support (with pay raise TBD). It's still
UNIX/Linux, so transition should be fairly easy? Users (and my sup)
use laptops a lot.
\_ Don't use cobalt for NFS. They don't support NFSv3 and the NFSv2
implementation is stock linux, and is buggy as hell. As far as
mail (sendmail,imap,pop) go, a raq4 should be able to replace a
low-end ultra1/2.
\- if you have invested in the hardware and setup already, what is
the point of changing? growth? --psb
\_ I'm not sure. coolness? newness? easier to grow or support??
\_ You can scale much higher with Sparc's than PC hardware.
\_ What do you mean? x86 linux farms scale just as well
\_ At least for the cobalt's, the Web Admin GUI can be used
by total idiots to keep the box running. Sparc's required
moderately clued in people (at least as clued in as Tom).
\_ You cant see any detailed DHCP logs/usage-info from
web-gui.
\_ This is not a heavily requested feature.
\_ If the question involves NFS, the answer is never Linux.
\_ Unless the question is, 'What is the K3W1357 05 3V3R?' (or
some variation thereof), the answer is never Linux. |
| 2001/6/19 [Computer/SW/Security, Computer/Theory] UID:21573 Activity:high |
6/18 I have a question about diffie-hellman. After going through the initial
key exchange and generating the session key k', how do you use this key
with 3des or blowfish? Do you just trucate the key to the appropriate
length (doesn't seem right) or is there some other method? tia.
\_ Probably feed the key into a one way hash function (i.e. MD5) that
outputs the appropriate number of bits.
\_ This is correct. You would use a hash function. However, you
should not use Diffie-Hellman straight, much the same as you
should not use plain RSA. Get a cryptography book and read
about it.
\_ Okay, I understand the bit about the hash function, but
I don't understand why the session key k' can't be used
directly? I've been referring to Applied Cryptography,
but I can't seem to find a place where he explains why
the session keys should not be used directly.
\_ Here's a hand-wavy argument:
Your DH key must be larger than your 3DES key since
otherwise it's easy to break DH. This means that
you'll have to shrink your DH key to make your 3DES
key. You want to make your 3DES key by using all of
the randomness that you've got in your DH key, but
you don't know if truncating the DH key will do this.
However, you DO know that using a good hash function
to make your 3DES key will conserve all of the
randomness of your DH key.
\_ I guess I wasn't clear. I understand that I
need to hash the session key in a way that
preserves the randomness of the key and that
I need to use the hash value as the key for
my crypto algorithm.
The bit I don't understand is related to the
following: I keep reading that one should use
the hashed value of the session key *only* for
encrypting a different secret key and then that
encrypted secret key should be transmitted so
that all other transmissions are encrypted with
the secret key rather than the hash of the
session key.
Why can't I just keep using the hash of the
session key? It seems much simpler to do this
than to maintain a separate secret key. |
| 2001/6/19 [Computer/SW/Languages/C_Cplusplus] UID:21574 Activity:nil |
6/18 Association game. Place one of Republican, Democrat, Commie, Libertarian
after each term:
Microsoft D (omnibus)
Linux C (bike), Fascist (kernel)
Unix L
Bill Gates D
Steve Jobs D
C++ L (harrier jet)
\_ wrong! harrier jet == ada
Java L (dog and pony show)
Lisp C (steam engine!)
Microsoft D emocrat
Linux I ndependent
Unix C ommie
Bill Gates K lu klux klan ass sucking fuck
Steve Jobs L ibertarian
C++ I ndependent
Java C ommie
Lisp K indergarten |
| 2001/6/19 [Computer/SW/Database] UID:21575 Activity:high |
6/19 database question
is there a way to have a unique ID span a database as opposed to only a
table... (so that no 2 tables will have records tied using the same
"autonumber")
\_ you could have a skinny table of just ID's and have all other tables
that you care about reference this column. I'm not sure if that
actually solves your problem. - rory
\_ yes, have your keys be drawn from a sequence table. In Oracle,
you can do this with a sequence object. Do a search on
google.
\_ my irrelevant orig. solution deleted... mis-read the question.
\_ In the oracle world this is called a sequence number. You create
them like so: "create sequence someIdSeq start with 7070"
You create new ids this way: select someIdSeq.nextval from dual;
\_ i'm not sure if that's the situation. The way it was
described seemed more like a foreign key, but I don't
understand the need for that unique id. Actually,
sequences aren't unique to Oracle; they're standard
SQL (or that's what the ANSI group says). Naturally
fuckers like MySQL won't support it. Anyway...
\_ Hence the oracle qualification. But you're right about
the standard SQL part.
\_ I m sure there's a way, but why would you want to do that?
If you use natural numbers, you can't do much with the entries.
If you combined all the keys to create a unique ID,
the key will be very very very long. Waste of space.
Might as well stick with unique key of the table.
(whatever it's called)
Can't remember much from Oracle class. Ugh. -- ivy
whatever it's called Can't remember much from DB class.
Ugh. -- ivy
\_ primary key? |
| 2001/6/19 [Computer/SW/OS/Windows] UID:21576 Activity:high |
6/19 What is the equiv of a pipe in windows?
\_ that would be.. uhhh.. a pipe.
"type autoexec.bat | more"
\_ But that's Microsoft Pipe 2000, Small Office Edition "PLUS!".
^- Crack
You can purchase a license for it for a small price of $99.99/mo. |
| 2001/6/19 [Computer/SW/Security] UID:21577 Activity:high |
6/19 Here is another question for all you knowledgable crypto people.
How bad is the ability of a PC to generate random numbers for
cryptography? Is this at all a limiting factor in PC based
encryption? If someone were to build a little box that made
random numbers based on a physical process that was provably
uncorrelated, would that interest people?
\_ PC's running reasonable OS'es generate good random numbers. -tom
\_ Depending on the sources of entropy used, a ordinary PC
can generate sufficiently random numbers for use with
cryptography. Look at how ssh does it for more info.
\_ P3s can generate random numbers based on thermal noise, right?
\_ I don't know. There IS a thermal diode on it, but I'm not
sure of the response time. Actually, that might be an
interesting little problem/implementation to do, since a
lot of devices have thermal diodes these days, for over
temperature protection. -nweaver |
| 2001/6/19 [Uncategorized] UID:21578 Activity:nil |
6/19 YADHQ: In DH, when you pick the random exponents x and y, are
there any requirements on the range for these values? It seems
to me be bigger the range the more secure the session key will
be, but as far as I can tell there isn't anything in Applied
Crypto on this. |
| 2001/6/19 [Computer/SW/OS/Linux] UID:21579 Activity:nil |
6/19 H3Y D00D5, C0M3 V073 4 L1NUX 1N 7H15 K3WL P0LL!
I think the Linux company will make the kewlest OS!
http://www.systemlogic.net |
| 2001/6/19 [Computer/SW/Security] UID:21580 Activity:high |
6/19 some fuck in russia the other day "found" a security hole in our
system and sent us a letter that more or less said,
"If you give me $150k I won't reveal this security
hole to the public." Blackmail. One guy, some
liberal dude, remained unconvinced that the intent was
blackmail. Should we call the FBI?
\_ What can the FBI do in this situation?
\_ Yes. FBI Special Agent Kevin D. Johnson has helped us in exactly
this matter: +1 (415) 553-7400.
\_ Why are seemingly all FBIs "special" agents? Are there actually
regular agents?
\_ Most field agents who interact with the public are special
agents. Whereas they have a supporting staff, such as lab
techs and etc. who are just agents. it's all on the FBI www
\_ Why are the FBI folks called "agents", why not just "officers"
or "cops"?
\_ why are real estate agents called agents instead of
salesmen? |
| 2001/6/19 [Politics/Domestic/California] UID:21581 Activity:nil |
6/19 California companies cannot make california full-time employees take
time off. They can't "force vacation".
\_ That's fine. Employees can have a choice: time off or layoff
With this economy, most employees really don't have a choice. |
| 3/15 |