I Live in Amsterdam, and on this faithfull day I just looked out of the window to see if the weather was passable. So when I got on my bicycle and drove to the other end of town, everything looked more or less ok.

Ok, a tree fell on the spot i was just 6 seconds before, but all in all it was no big biggy (I've seen much worse). People weren't blown from their bikes, and no dogs where blown in the river.

Only when I arrived in the office did I found out that there was officially a 'code red', and that all my coworkers has decided to work from home. I still think people are overreacting.

They couldn't stop the furnace because the last guy who used to operate it ran of with the control-panel is a more accurate description.

We shouldn't defend him. We should spit him out, and say that he's a shame to the profession. Everybody has had her/his fair share of mismanagement, but it's not up to us the determine what good or bad management is.

No matter how incompetent his supervisers are, it's not *his* network, nor has it ever been. If the administration screws up then it's up to the voters to punish them. The right thing to do would be to hand over the passwd's and complain to the mayor / write a letter to a local newspaper, etc.

I would fire him. There is no excuse for what he did. This guy willingly bypassed password management which is partly there to make sure that no person is indispensable. What if he was hit by a car? This guy was more then irresponsible, he was malicieus (since he refused to hand over the passwd's).

I've used several nokia comunicators, symbian based phones, and several others, but the Nokia N900 is my best choice so far for my specific needs. It's not as cool as a iPhone or as funky as a Android, but it gets the jobs done. It's a mini debian desktop system, which can also make phone call's. .

You have higher cognitive ability, you realize how the world runs, you get depressed. Not the other way 'round.

or try http://springrts.com/

Open source RTS engine which formed around the idea of being a '3d TA' . There's a bunch of variations of TA for it and some nice other games.

A lot of old TA and SupCom players come to spring.

less polish more game.

I've found that the combination of a PC and a Wii serves my gaming needs excellently. The Wii has an excellent set of casual games (Wii Sports, Wii Fit, Mario Kart, Super Smash Bros, etc) that I can pick up and play with my gf whenever we have a few minutes to kill. The PC is great for serious gaming. A keyboard and mouse are, IMO, the best input controllers ever and the graphics on a mid-range gaming PC beat those on a 360 or PS3. I also like the fact that my games are all $50 (and not $60) new at retail.

Of course, everyone is different and I do miss out on a few 360 and PS3 exclusives, but nothing has come out for either system that has been that compelling for me.

I think when people say the Wii has "no good games", they mean it doesn't have good games like GTA, CoD, WoW, and other TLAs. But it has a ton of quick and fun, easy to learn, easy to play games that are great to play with friends, coworkers, kids, gf's, non-gamers etc.

Firewalls are capable of providing all of the positive benefits of NAT (transient traffic flow approval instead of mapping for example, blocking traffic not originated from the LAN, etc) save obfuscating the source address. Obfuscating the source address isn't particularly relevant from an attack perspective given that the entire LAN is still protected by the same Firewall process, NAT or not.

For example: you could NAT your LAN in 192.168.10.x space behind IP 1.2.3.4 .. you connect to shady.com port 80 sport 192.168.10.101:2000, NAT/firewall allocates 1.2.3.4:3000 for you. Shady sees all the traffic coming from 1.2.3.4:3000, but has no way (short of client-side malware) to know that maps to 192.168.10.101; nor can Shady care since all access to 192.168.10.101 is mediated by 1.2.3.4. Shady.com might try to port scan 1.2.3.4, and see any port forwards your entire LAN uses in one swoop, try to exploit them if possible. Moral: make sure you know what you are doing when you port forward.

Or, if you use IPv6 for your LAN, let's say you are allocated 1:2:3::/112. No need to NAT it, so you just firewall behind your gateway, let's say 1:2:3::4. You connect to shady.com port 80, sport [1:2:3::101]:2000. Firewall doesn't have to allocate a damned thing for you, but instead records the flow for [1:2:3::101]:2000 shady.com:80 as established from within the LAN and thus authorized. Shady sees all the traffic coming from [1:2:3::101]:2000, but it's not relevant since all access to 1:2:3::101 is still mediated by the firewall at gateway 1:2:3::4. Shady.com can port scan 1:2:3::101 if it likes, but won't see any open ports if you only allow LAN established traffic, or else sees your whitelisted ports for that IP only (instead of your entire LAN). Just like the IPv4/NAT scenario, keep your open ports secure.

As you can see, source IP obfuscation provides no meaningful advantage to the end user in this scenario. If anything, IPv6 users who feel like they want to use NAT could have the firewall choose random source addresses as well as random source ports out of their /112, and hide their 3 LAN devices within a pool of 65 thousand addresses. Would that not confuse a would-be attacker?

Still, the major drawback to be avoided with NAT is in breaking the globally unique address space and complicating inbound connection access, which will become a growing part of popular network policy over the next few decades. One thing Bit Torrent teaches us is that "the server" will less and less frequently have resources comparable to the "client swarm", so crowdsourcing the heavy lifting (from distribution to content creation to editing to caching) becomes vital to any scaling strategy worth it's salt. The hub/spoke communication model is slowly eroding in the presence of more sophisticated, decentralized many-to-many connection models.

NAT reduces a peer to a "consumer" which can only fetch data, but never re-offer it without convoluted port forwarding messes. Entire LAN's are limited to one named service per outbound IP, unless one wishes to screw with what port they offer services on, further complicating the job for other firewalls and participants of the content network.

You'll know what I mean if you've ever tried to configure mobile SIP access. Half the time you are behind a NAT, and you'll never know in advance if it's full cone, symmetric, or just somehow pathological. Sometimes you are nested within multiple NATs which each behave differently!

Some legacy UDP protocols I've worked with need to make connections to thousands of remote IP addresses at multiple, highly transient port mappings which bring NAT mapping tables to their knees. In a firewall-only environment, it's easy to whitelist access to swaths of ports for clients and then the gateway need not maintain tables for related traffic, but can continue to protect unrelated ports unlike with SOHO DMZ.

To sum up, NAT is not only a bandaid, but it's already pulling at our short-hairs.

Ohh, so the same way my parents created me.

Why use this instead of git svn?

it can't hurt and the price is certainly right

The price is right only if your time is free. The price of the entire adobe suite is less than a few days of billable work.

Members of parliament need to be reminded that they work for us, not Big Media Corp. They need to be reminded that their job security depends heavily on our support, not the support of a corporate lobby group - especially a FOREIGN lobby group. Members of parliament need to become aware that serving the interests of the people whom they represent is their number one priority and serving the interests of lobby groups can come somewhere much further down on that list. They need to be reminded in the simplest and best way possible - they need to be informed that, if they fail to represent the best interests of the people, the people will replace them with someone who understands their role better. They need to be reminded that Big Media Corp might be represented by a large and powerful lobby group but "the population at large" is a much large, much more powerful lobby group and we, as the population at large", are willing to flex our muscles if we aren't being represented properly.

Write to your member of parliament. Vote smart.

They did a better job with Subaru than with Degree, so there is some hope for the future.