Slashback: Dell, 800, Disclosure

Slashback this evening brings you an update on the (departed, or departing) Bleem; an open letter from Dell on Linux support for some of its line; another creative way to fight spam; and some gaming updates for everyone whose thumbs still function.

Spinning so had they can feel it in Ft. Worth. L-Wave writes: "This Story is running on linux.com. Apparently Dell has written an open letter toLinux users. 'Dell has published an open letter to its Linux customers "clarifying" its position as regards the insurgent OS. Actually, the letter is headed "Clarifying Dell and Linux," but either of these would be a massive task, and we think we know what they meant to say.'"

Please note that all Dell is saying here is that they will load customer-specified software at the factory -- it's probably convenient for some customers, but nothing new for Dell. In the case of software with expensive licenses, it means some simplified paperwork. With Free software, it just means convenience. The letter is therefore rather lukewarm, but at least a lot better than refusing to install software that doesn't include a licensing markup.

Brush up on your polite conversation skills. doublem writes: "This site lists the toll-free numbers of known Spammers, so they can be called, harassed and otherwise vented against for their crimes. Something tells me the ./ crowd will like this sort of thing as evidenced by this recent article. I'd like to add 1-888-288-9043 as the number for the well-known VORTEX SUPPLIES, a collection of jerks who refuse to take me off their mailing lists." I started doing the same a few months ago, but this guy has me beat by miles, even if he doesn't list Miss Cleo's number thanks to Psychic spam that knew I'd react with a call.

Yessir, our team goes into action right after the first fortnight. jeffy124 writes "Microsoft has admitted knowledge of an IE bug a full week before a security firm announced it. Turns out sec firm Online Solutions privately informed MS of the bug Nov. 1, but MS initially said they first heard of it Nov. 9 after Online made the find public the same day. MS claims standard procedure of allowing themselves two weeks in order to make sure someone's not cryin wolf and write a patch. They also claimed that no breaches occured during that wait. MS says that Online acted responsibly in their actions, and "'apologizes for innacurate statements.'"

You mean the lawsuits didn't kill it? Far from certain conpiracy theories advanced after Bleem published their own epitaph ShadeEagle writes: "Here we find out that Sony didn't know about Bleem's death until they were asked about it. Gamespot has more relevant information as to the possible (or impossible) future of Bleem." And another gaming note: mickeyreznor writes "According to this article on CNet, Sega appears to be in good financial shape despite the trouble they've had with the dreamcast. In addition, 60 games are being planned for X-box and PS2 over the next year. Sega's future looks bright, and that can only be a good thing for gamers."

A couple of notes

[Legion303]

Regarding the tollfree spam site: he mentions that you should *67 first to disable Caller ID. 800 numbers, as he almost mentions, use ANI to track calls. Call these spamming motherfuckers from payphones unless you want them to have your home phone.

Also, he talks about some 800 lines being on a flat monthly rate. Don't let that stop you from calling up and wasting their time anyway (or calling and setting the phone down for the 3-minute message). When 10,000 bored Slashdot readers call these guys and rack up the minutes, believe me, the phone company will notice. Enough calls might be enough to make the telco selling a flat rate line think twice about renewing a contract.

-Legion

Law

[VA+Software]

Autodialing laws by state.

If you are so inclined ....

lets cost the spammers some real money!!!

[4444444]

got to http://www.goto.com and do a search for "bulk email" each link you click will cost the spam companys up to several dollars per click It's a great way to fight back it would be nice to /. their bank account

Dell and Linux kinda a big deal

[compugeek007]

Getting Dell to maintain installation of Linux is kinda a big deal. I scope out servers from Dell often for my job, and I know as well as any other sys admin that when a box comes with any OS pre-loaded the first thing to do is wipe it out, resetup your RAID set and reinstall.

The importance is not that they load the OS, it's that they are treating Linux the same as Microsoft. PHB's like to feel secure, and knowing that Dell, a major player in the OEM server / PC market, is offering Linux as a platform they stand behind just like Netware and NT/2000 - makes them feel secure. It all comes down to big management catch words like "Enterprise" "Scalable" and maybe even a little "TCO."

The fight for Linux is not a fight of technical profecciency, that is already achieved, it is a fight of making managers at 35,000 feet feel comfotable with it. (IMO)

Re:why anti-MS?

[innocent_white_lamb]

"We are obviously not going to
respond instantly--we have to sieve the wheat from the chaff to determine how reliable the vulnerability warning is," said Neil Laver, Windows product marketing manager for Microsoft. "Until we can investigate the issue, we are not going to issue a bulletin, as that would create a crying wolf situation."

can anyone argue with this?

I can. It doesn't take a week to recreate an exploit like this and say, "OH shit!"
br>Microsoft is a large enough company to have someone on the job whose exclusive responsibility is to read incoming exploit reports and IMMEDIATELY test the described method. Immediately after that (ten minutes after the report arrived, if they have a bunch of configured machines immediately available - again, MS is big enough to afford this) they can say, "Report verified. Issue a bulletin and get the engineers on the job fixing that bug."

In the case of a major (or any) exploit, there is no excuse for a large outfit like MS to require more than an hour or two to verify that a problem exists. Actually fixing it will probably take longer, but the fact that the expolit exists should be immediately published so those running the affected software can decide if they want to take their servers off-line or take some kind of self-protective action.

Too late Dell ... too late....

[reaper20]

Nice Try Dell,

A buddy of mine bought 5 rackmount servers with cabinet and a kit to convert his company's current server to a rackmount.

We had to call Dell multiple times and sit through at least half a dozen nested menu options (the dead end ones that force you to hang up suck) trying to get the bundled Red Hat deal with them. Half of the reps didn't even know they offered linux, this is from the server people mind you. And then, come to find, the linux options are just as expensive as the windows options, if not more.

"No, I want Linux, I don't want you to email me information about win2k advanced server." Say that a few dozen times. sigh.

So, the poor wretch bought the Red Hat 7.1 package "specialy certified to run on Dell hardware" for $150.

When the servers arrrives he gets the cardboad box for RH7.1 (no cover, so you can't even put it on a shelf to look cool), and NO STICKERS. Oh yeah, a photocopied sheet of instructions for installing Redhat.

Dell buys Red Hat, and then jacks up the price, THEY COULD HAVE AT LEAST GIVEN US THE DAMN REDHAT STICKERS!!

Don't let any of these OEMs try to kiss up and say that they support linux, and they are doing everything they can to help the community blah blah ... This letter is a reaction to the bad karma that they got from "he Register Cable Select Debacle"

So far, IBM is the only large company that is doing a damn to help Linux. At least HP was smart enough to say "We don't know shit about Linux or their community, let's hire Bruce Perens...."

These phone numbers are helping spammers.

[MongooseCN]

All these phone numbers are taken from spam mailings. The whole reason these numbers were put in the emails was because spammers WANT people to call them. Most of these numbers are just automated machines with menus you have to endlessly punch through before you can get to a real person. It's just like trying to reply to a spam mailing itself asking to be taken off the mailing list.

there is a script

[4444444]

There are a couple scripts and other ideas here

http://www.lenny.com/spam/

Re:Stop bashing the X-Box!

[fm6]

Everyone here is all upset because the X-Box runs Windows. Well, guess what. So did the much-beloved Dreamcast

Wrong on two counts. First, people care less about what OS the X-Box runs than the fact that any profit it makes goes into Mister Bill's pocket. Petty of us, perhaps, but he's already the richest person in the world. Shouldn't somebody else have a chance?

Second, the Dreamcast is Windows CE compatible. The OS is actually on the CD (shades of AppleDOS!) and its up to the developer which OS to use. I have three DC games (D2, Seaman, Shenmue), and only the D2 uses Windows. Sega's in-house developers seem not to like it -- can't imagine why.

Re:why anti-MS?

[Darkfred]

In the case of a major (or any) exploit, there is no excuse for a large outfit like MS to require more than an hour or two to verify that a problem exists.

Wow! you really have no idea how software development and engineering departments work. With an engineering department that can switch gears and start projects as fast as the one you described we would be able to get a new version of windows ever 2 months.

I will explain to you how most large bug reporting/engineering systems work. First a secretary or intern will be assigned to read the bug mail and sort out the legitimate problems from the lunatics writing in that your product just SUCKS.
If it is a legitimate bug report and it includes all the information necessary to reproduce it then it gets entered in the bug tracking/administration system. An email or memo will be sent to the manager of the division that handles testing.
The manager will assign the bug to a tester who will try to reproduce it. That is after he has worked on all the other items in his queue that have a higher priority. Once he has reproduced it he identifys what component causes the problem (or guesses). And add adds the item as a reproduced bug to the bug tracking system.
The manager in charge of the division that handles that system or component will get the notice and eventually get around (depending on priority) to assigning the bug to an engineer.
The engineer will then start working on the bug, but only after he has already completed what he was working on at the time, and cleared any higher priority items out of his queue as well.

It would take at least a day to go through any one of these steps. And even more time depending on how busy people are and what priority rating the bug gets. Plus in larger companies these things actually go through more steps such as priority assignment meetings and impact analysis.

In short your expenctations are insane. When you are dealing with a company of any size about 30 employees you have to use a system to kepp all of them working, or you are loosing money. That means you need to manage tasks and verify bugs before assigning them to engineers. And you don't have 30 engineers just sitting in the back room waiting to work on whatever you give them. They are probably already working on fixing another terrible exploit. The resources have to be allocated as you go based on what you see the threat as.

Anyway i hope this gives you a little more respect for the engineers who actually do this.

Regards,