Michael H. Warfield | 1 Oct 03:04 2011

IEEE... Sort of maybe off topic but... Not really...

Ok...

A LOT of you on this list know me an many of those know my option of Dan
Berstein.  To say we're not generally on the same page would send out
howls of laughter in some quarters and shivers of fear in others.

All that being said...  If what he is accusing the IEEE of is even
remotely true, we should sit up and take notice.  If you are an IEEE
member of Computer Society member, you may wish to let them know just
how you feel about this.

http://cr.yp.to/writing/ieee.html

I take what ever Dan says with a really big grain of salt but this
time...  I just don't know.  I may have to agree with him...

Regards,
Mike
--

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw@...
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
(Continue reading)

planas | 1 Oct 08:45 2011
Picon

Re: IEEE... Sort of maybe off topic but... Not really...

Mike,

On Fri, 2011-09-30 at 21:04 -0400, Michael H. Warfield wrote:
Ok... A LOT of you on this list know me an many of those know my option of Dan Berstein. To say we're not generally on the same page would send out howls of laughter in some quarters and shivers of fear in others. All that being said... If what he is accusing the IEEE of is even remotely true, we should sit up and take notice. If you are an IEEE member of Computer Society member, you may wish to let them know just how you feel about this. http://cr.yp.to/writing/ieee.html
I think this is the general policy of most academic journals; copyright must assigned to them with specific exceptions. This has been true for a long time, pre-Internet. Before the Internet there was no other reasonably efficient method of distributing papers. The problem now is the Internet is a very disruptive technology and creates problems for many distributors of information, music, movies, etc. The only value of any academic journal is peer review and it may be questionable in some areas if that is of value.
I take what ever Dan says with a really big grain of salt but this time... I just don't know. I may have to agree with him... Regards, Mike _______________________________________________ Ale mailing list Ale-S6NtOCTnm14@public.gmane.org http://mail.ale.org/mailman/listinfo/ale See JOBS, ANNOUNCE and SCHOOLS lists at http://mail.ale.org/mailman/listinfo


--
Jay Lozier
jslozier-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
LinuxGnome | 1 Oct 17:59 2011
Picon

Re: Local source for 19" rack(s)?

On 09/22/2011 11:10 AM, Derek Atkins wrote:
> Hey,
> I'm looking for a local source for one or two 19" racks, preferably
> inexpensive.  Any suggestions?
> -derek

I have a 19" rack (26" deep) I inherited, but I need shelves and rails for it.  Anyone have some shelves/rails
they are looking to part with (preferably inexpensive)?

I've tried freecycle and craigs, but without any luck as of yet.  Ebay may be next, but rack bits on there seem
to be as expensive as buying it commercially.

--Keith

_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

Michael B. Trausch | 1 Oct 18:18 2011
Picon

A simple pseudorandom password generator

Hey!  Things are quiet!  Im'ma stir 'em up!  :-)

I put together a stupid little Python script to read bytes from
/dev/urandom and chuck them out as PGP word lists.  I thought there
might be some people on the list that would be interested in it.

I'm not sure how to actually compute the entropy of the passwords that
it generates, though; the rules of the PGP word list are kind of cool
but strange.  There is a word list of 512 words.  256 of them are used
in the "even" position, and 256 of them are used in the "odd"
position.  So, for each position there are 256 possibilities.
Naïely, I'd say that there are thus 256^n possibilities for each
possible password attempt.

*BUT* that's not quite the way it works, since there are two different
symbol sets.  If there were 512 possible symbols all the way through
the password, it'd be 512^n.  Of course, this ain't that, either.

I'd be inclined to say that it's probably something along the lines of
256^n * 2.  But I don't know.  Perhaps Mike W. can chip in to help me
understand that.

Anyway, I didn't actually make this *for* password generation, but
it'd be a lot better than the tool I am using for my users currently
for setting initial passwords, so I'm going to start using it for
that.  :-)

Script is attached.

       --- Mike
Attachment (pwlpg.py): text/x-python, 7614 bytes
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Michael H. Warfield | 1 Oct 18:45 2011

Re: IEEE... Sort of maybe off topic but... Not really...

On Sat, 2011-10-01 at 02:45 -0400, planas wrote: 
> Mike,
> 
> On Fri, 2011-09-30 at 21:04 -0400, Michael H. Warfield wrote: 
> 
> > Ok...
> > 
> > A LOT of you on this list know me an many of those know my option of Dan
> > Berstein.  To say we're not generally on the same page would send out
> > howls of laughter in some quarters and shivers of fear in others.
> > 
> > All that being said...  If what he is accusing the IEEE of is even
> > remotely true, we should sit up and take notice.  If you are an IEEE
> > member of Computer Society member, you may wish to let them know just
> > how you feel about this.
> > 
> > http://cr.yp.to/writing/ieee.html

> I think this is the general policy of most academic journals; copyright
> must assigned to them with specific exceptions. This has been true for a
> long time, pre-Internet.

Oh, I agree with you this is true for most academic JOURNALS and even a
number of Universities, even when things are developed with public funds
(i.e. government grants).  We recognize these things do go on.  There
are notable exceptions, but it is what it is.

However....

This is not a journal.  This is an international "professional"
organization.  This is not even like ANSI or OSI which are international
standards bodies who charge outrageous fees for copies of "standards"
but that's how they make their money and support themselves.  IEEE is
much like ACM, ISOC, IETF, ICANN, IANA, and many many others.  It's
stated goal is that of a professional organization.  It should be
promoting the profession.  This is, after all, the origin and nature of
"profession".  To "profess".  To promote.  To advance your field for the
love of that field.  The modern perversion of "profession" (as in
"professional athletics" vs amateur) as meaning "money making" is
historically recent.  Many Amateur Radio Operators show a far FAR higher
level of professionalism than many "professional" radio operators
licensed by the FCC (I have both, been both, and know both). 

By comparison, the IETF is huge and a driving force behind the internet.
How many here remember the olden days of the competing OSI / TCP/IP
wars?  Remember that OSI 7 layer model?  The model we all learn but
TCP/IP conveniently does NOT adhere to (actually, I have a print out of
the OSI 9 layer model in my office printed from an IETF image that
includes the "financial" and "political" layers)?

POP QUIZ...  Who won?

OSI finally threw up their hands and threw the OSI networking at the
IETF and declared "HERE!  You make it work!"  So we're stuck with X.509,
LDAP (striped down DAP - definition of an elephant - mouse designed by
committee) and ASN.1 notation inherited from OSI.

Money making journals centered around money extraction based on control
of information and publication of dead trees aside...  The Internet
Society (ISOC) does not work this way.  USENIX does not work this way.
The IETF works exactly opposite of this way and is antipathetic to it.
FIRST (Forum of Incident Response Security Teams) does NOT work this
way.  I am a member of all of these professional organizations.

OSI, ITU, ANSI and others are another matter.  Those are standards
bodies and that is their sole focus and source of income.  I'll let that
stand as it is, agree or or disagree.  I do personally believe in open
standards and any standard which is NOT open is NOT a standard.  They
disagree.

I'm also a member of ARIN, IANA, and ICANN, all of which are open to all
with nominal fees depending on your level of interest and participation.
Public policy and standards participation are free!  If you hold
resources or you want some level of voting capacity, it's a different
story but not bad (ARIN costs me $100 a year for my ASN and my legacy
membership for my class B - big hairy deal).

I'm am also a member of IEEE, and its Computer Society, and almost
embarrassed by it now.  The ACM is another matter and I do not know
their standing on this matter nor have I inquired of them.

ANSI, OSI, and ITU can and will exist with or without members.

IETF, ISOC, USENIX - they obviously could not.

IEEE - I'm not so sure.  As a member driven organization, it's up to us
in the end.  As an "Open" community, what will we tolerate from our
"professional" organizations and and what level and flavor of
"professionalism" will be demand from them?  My annual dues to IEEE
alone costs me well over double the annual fees paid to any other
professional organization, other than ACM, to which I belong.  ACM is
pulling up a close second to IEEE.  Is it money well spent?  I'm
beginning to question that.

Regards,
Mike

> Before the Internet there was no other
> reasonably efficient method of distributing papers. The problem now is
> the Internet is a very disruptive technology and creates problems for
> many distributors of information, music, movies, etc. The only value of
> any academic journal is peer review and it may be questionable in some
> areas if that is of value. 
> 
> > 
> > I take what ever Dan says with a really big grain of salt but this
> > time...  I just don't know.  I may have to agree with him...
> > 
> > Regards,
> > Mike
> > _______________________________________________
> > Ale mailing list
> > Ale@...
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> 
> 
> 
> -- 
> Jay Lozier
> jslozier@...
> 

--

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw@...
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Jim Kinney | 1 Oct 22:05 2011
Picon

Re: A simple pseudorandom password generator

You actually make reasonable passwords for users? !?!
I set their account for must change and passwd= imadumbdork
They tend to not forget after a change or two
Bofh rules!

On Oct 1, 2011 12:47 PM, "Michael B. Trausch" <mike-cRPrJ27hGUicqzYg7KEe8g@public.gmane.org> wrote:
> Hey! Things are quiet! Im'ma stir 'em up! :-)
>
> I put together a stupid little Python script to read bytes from
> /dev/urandom and chuck them out as PGP word lists. I thought there
> might be some people on the list that would be interested in it.
>
> I'm not sure how to actually compute the entropy of the passwords that
> it generates, though; the rules of the PGP word list are kind of cool
> but strange. There is a word list of 512 words. 256 of them are used
> in the "even" position, and 256 of them are used in the "odd"
> position. So, for each position there are 256 possibilities.
> Naďely, I'd say that there are thus 256^n possibilities for each
> possible password attempt.
>
> *BUT* that's not quite the way it works, since there are two different
> symbol sets. If there were 512 possible symbols all the way through
> the password, it'd be 512^n. Of course, this ain't that, either.
>
> I'd be inclined to say that it's probably something along the lines of
> 256^n * 2. But I don't know. Perhaps Mike W. can chip in to help me
> understand that.
>
> Anyway, I didn't actually make this *for* password generation, but
> it'd be a lot better than the tool I am using for my users currently
> for setting initial passwords, so I'm going to start using it for
> that. :-)
>
> Script is attached.
>
> --- Mike
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Mike Harrison | 3 Oct 15:51 2011

Re: IEEE... Sort of maybe off topic but... Not really...

On Fri, 30 Sep 2011, Michael H. Warfield wrote:
> http://cr.yp.to/writing/ieee.html
> I take what ever Dan says with a really big grain of salt but this
> time...  I just don't know.  I may have to agree with him...

Having paid (ransom) for many IEEE, IEC and other publications
and being part of a few standards processes (IEEE, NFPA and IEC):

I can agree with him also.

Their (IEEE, IEC..) thought processes, control issues, and publishing
practices are leftovers from an age of information control and elitism
by the annointed few whome now have a revenue generating (mostly digital) 
publishing empire and position of power and influence to protect.

Geez, I kinda sound like Aaron. ;)

My point is, the information age has changed the way we think out 
standards and control of access to information.  Would we have
Linux or the internet today if they were attached to the IEEE
committee/review/publication process? If RFC's were hidden
behind paywalls with copyright / use restrictions, the world would
be a very different place.

Mike Harrison,
Former ASHE/AAMI Certified Clinical Engineer #2750,
Currently involved in IEC-62055 and related standards bodies.

_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

Derek Atkins | 3 Oct 16:23 2011
Picon

Re: Local source for 19" rack(s)?

LinuxGnome <lnxgnome@...> writes:

> On 09/22/2011 11:10 AM, Derek Atkins wrote:
>> Hey,
>> I'm looking for a local source for one or two 19" racks, preferably
>> inexpensive.  Any suggestions?
>> -derek
>
> I have a 19" rack (26" deep) I inherited, but I need shelves and rails for it.  Anyone have some shelves/rails
they are looking to part with (preferably inexpensive)?
>
> I've tried freecycle and craigs, but without any luck as of yet.  Ebay may be next, but rack bits on there seem
to be as expensive as buying it commercially.

Luckily the racks I got had a few sliding rails on them, but I'm not
sure how to use those rails to connect devices.  I've also been looking
for shelves.  Let us know if you find anything good.

> --Keith

-derek
--

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@...                        PGP key available
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

James Taylor | 3 Oct 18:06 2011

Remove spamassassin & clamAV from sendmail config?

I need to remove filtering from a sendmail server (the filtering is being replaced with a Barracuda box),
and I'm not clear on the changes I need to make.

I've worked with postfix but, so far, I've not had the need to do anything with sendmail.
What changes would I need to make in the sendmail.mc file to accomplish this?
I could probably figure it out with trial and error, but I kinda don't want to break a production box.

-jt

James Taylor
678-697-9420
james.taylor@...

_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

Michael H. Warfield | 3 Oct 19:35 2011

Re: Remove spamassassin & clamAV from sendmail config?

On Mon, 2011-10-03 at 12:06 -0400, James Taylor wrote:
> I need to remove filtering from a sendmail server (the filtering is
> being replaced with a Barracuda box), and I'm not clear on the changes
> I need to make.

> I've worked with postfix but, so far, I've not had the need to do
> anything with sendmail.
> What changes would I need to make in the sendmail.mc file to
> accomplish this?
> I could probably figure it out with trial and error, but I kinda don't
> want to break a production box.

First question you have to ask yourself is...  Is it even in there?

I use MailScanner driving spam assassin, clamAV, and Razor.  It doesn't
modify the sendmail configs.  Instead, it directs sendmail on the
command line to spool the mail to different queues (spool directories)
and filters them by moving it between the spool directories where
sendmail then despools them and delivers the filtered mail.  In that
way, you would just "service stop MailScanner" and "service start
sendmail" to run sendmail straight.  With the scanner, you just run
"service MailScanner start" and let it start up sendmail (or postfix)
with the command line parameters it needs them to have.

OTOH, if you're running them as milters, look for things like this in
sendmail.mc (these examples are from milters for domain keys and for
greylisting): 

INPUT_MAIL_FILTER(`dkim-filter', `S=local:/var/run/dkim-milter/dkim-milter.sock')dnl

INPUT_MAIL_FILTER(`greylist',`S=local:/var/run/milter-greylist/milter-greylist.sock')
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')
define(`confMILTER_MACROS_ENVRCPT', `{greylist}')

If you have something like that in sendmail.mc for ClamAV or Spam
Assassin then just comment them out (prefix them with dnl) or delete
them and then type "make".

> -jt

> James Taylor
> 678-697-9420
> james.taylor@...
> 
> 
> 
> 
> _______________________________________________
> Ale mailing list
> Ale@...
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> 

--

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw@...
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
_______________________________________________
Ale mailing list
Ale@...
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

Gmane