Slashdot Mirror
Slashback: Unstranding, Xecurity, Spurning
Multi-player markets are a good thing. Indiana University seems to be one of the first big fish to publicly announce a license agreement with Progeny's Transition Service. This service provides updates for RedHat 7.2, 7.3, and 8.0 beyond January 1st 2004, and RedHat 9 after May 1, 2004. According to the press release, this will allow for 'a flexible migration path as the University considers various options regarding Linux distributions during the coming year.'"
But I thought MPlayer ... Simon Bysshe writes "In response to some complaints about the WMV encoding of the recent pro-gaming film 'Intel Extreme Edition Challenge' (featured here on Slashdot). Intel have requested that the film also be encoded as a DIVX file especially for Slashdot. This divx file can now be downloaded here."
More on (At Least) 100 Years Of Powered Human Flight relbs was one of many to submit word (as reported by MIT News) of a replica of the Wright brothers' Flyer perched above the Great Dome early yesterday morning, and relbs adds a link to additional photos, too.
They had better luck getting off the ground than did those trying to actually fly a Wright flyer: CrazyTalk writes "As a follow-on to the earlier story, the much-ballyhooed attempt to recreate the first flight of the Wright's literally fell flat."
Maltese Falcon writes with another candidate for First Powered Flight. "Or was it Gustave Weiskopf (aka Gustave Whitehead)? There are many claims that he flew up to 2 yrs before the Wright Bros. NPR's report yesterday seemed to imply almost paranoia as far as a conspiracy to why the NASM only recognizes the Wrights, but this link provides more info on why this could be true. Look here for another article."
Speaking of audacious pilots, jcenters writes "An earlier Slashdot story reported that Australian adventurer Jon Johanson was trapped in Antarctica, and scientists stationed there refused to sell him fuel. Reuters is reporting that Johanson has now obtained fuel from a British rival, but weather conditions are preventing his departure. Johanson hopes to leave by the end of the weekend."
BlameFate writes that "British adventurer, Polly Vacher has allowed Johanson to use her pre-stored fuel at the base after her expedition was forced to be cancelled. Fox News has the scoop. Choice quote from the head of NZ's Antarctic Research dept: 'Polly's trip was well organized and properly planned,' he said. 'It is ironic that she is now assisting a stranded pilot who embarked upon an ill-prepared and secret flight over the South Pole.'"
If something happens in Berkeley, does it count as a "real world" experience? codythefreak writes to deflect certain barbs lately directed at the security level of Mac OS X: "Working as a sysadmin at UC Berkeley's Residential Computing, since we serve more than 6,000 clients living in the dorms, we tend to know the major computing trends. There are 5,120 registered Windows XP machines in our system, and our staff have logged 2,452 duty logs to assist them (about one in two). On the other hand, there are 341 Mac OS X machines, and only 56 duty logs (about one in six). If we restrict these to virus and security related duty logs: Windows XP has 491 (about one in ten) and OS X has 2 (less than one in a hundred)!"
(See also this well-reasoned response to the recent OS X criticism.)
Was it the tail? Really, is the pointy tail a deal-breaker? Mister.de points out this Seattle Post-Intelligencer story which says "VMware Inc., a business-software maker that is being acquired by EMC Corp. for $635 million, turned down an offer last year from Microsoft Corp.
'"We were unable to come to terms, so they bought out our distant competitor, Connectix" Corp., said Diane Greene, VMware's chief executive officer and co-founder.'"
Alas, we hardly knew ye. dlc3007 writes "The Register has published the results of the JenniCam Poetry Competition. There is little funnier in the world than creative geeks pouring their hearts and souls into 'a haiku or limerick lamenting the demise of JenniCam.'" I can think of some things ...
Battlestar Galactica 2003: Series Highly Likely, Say Recent Rumors Cliff writes: "Syfy Portal reports that officials for the Sci-Fi channel are likely to announce that the new Battlestar Galactica will become a series, most likely to air as early as Summer of 2004. No official announcement has yet been made, but since the 'mini-series' is Sci-Fi channel's third highest rated program, it is assumed that such an announcement will be made before the end of 2003, if they are going to keep options on the major actors. Personally, I'm looking forward to the show, as long as they stay away from monkeys in robot-dog suits!"
The news of the day:
Real is suing Microsoft for abusing its OS monopoly in digital audio/video markets
The BBC had her standing up for the stranded Jon, although interestingly enough, the new page (just checked it) hasn't got the quote on it any more. It went something like "Jon's flight was as carefully planned as mine, and it was the highly unseasonal winds that caused us both problems".
It just seems to me as though there's a lot more going on behind the scenes than the scientists out there are all admitting to...
Simon.
Physicists get Hadrons!
Well folks, that's it for Slashback Forum. Now standby for Battlestar Galatica Forum.
Puts on Robot Helmet.
(Robot Voice) Welcome to Battlestar Galatica Forum.
They have about 20 or more poems up on the Register website, so for those of you who are too lazy to wade through to the two winners:
Jennicam is dead
good. For so many reasons
voyeurs sob. goodbye.
Jennicam is dead.
Good for so many reasons.
Voyeurs sob goodbye.
and...
We wanted to see Jenni's muff
But PayPal's now said that's enough
So no view of the rug
'Cause they've pulled the plug
Fuck PayPal, they can get stuffed
WARNING: If accidentally read, induce vomiting.
Can we stop calling all MPEG4 video "DIVX?" It is quite annoying. It would be like calling all operating systems "Windows." I am downloading the file now, and it may indeed be compressed with DIVX, but it should be called an MPEG-4 video since that is the final output format, regardless of the AVI FOURCC marker. Maybe we should call "HTML" "MicroSoft Web Content" if I use Microsoft Notepad to generate it, but "Emacs Markup-language" if I use Emacs.
Sorry, pet peeve, I'm done now.
They are using the number of support calls to determine the security of an OS? Maybe the fact that they are using OSX immediately indicates that in many cases they are a more technical user and so are less likely to need support.
The unwashed masses don't make a choice, and thus get WinXP by default - of course they will need more support.
Read reviews of shopping cart software
Nothing there counts as a 'real world' experience.
Steve's Computer Service, Hobbs, NM
Was it the tail? Really, is the pointy tail a deal-breaker?
Hmmm. I don't get it? The header seemed to refer to some potential BSD deal that was quashed, but the story is talking about VMWare, Microsoft and EMC Corp.
What gives? Did I miss something?
http://yetanotherpoliticalrant.blogspot.com
According to the piece Discovery Channel was running on the Wright Flyer yesterday (Dec. 17th), the Wright Brothers specifically steered away from steam powered engines because it took roughly 100 lbs. per horsepower and tehy wanted 8 horse power from each engine. That would have been a whopping 1600 lbs. for the engines alone. They wound up developing an gas powered aluminum engine similar to the ones Henry Ford was developing at the time as well. The engines painstakingly recreated for the replica weighed in at 170lbs. a piece and produced about 14 horse power each. Either Whitehead discovered a way to magically make significantly lighter steam-powered engines or the Discovery Channel show was grossly wrong in their estimates.
-- -- There is little funnier in the world than creative geeks pouring their hearts and souls into 'a haiku or limerick lamenting the demise of JenniCam.'"
...
-- I can think of some things
"Full body cavity searches" is an easy start to what would turn out to be a pretty lengthy list.
So the well-reasoned article explaining why Apple's way of doing things is okay basically says "they're following RFC2131, so they're okay." But it is a well-known and much-lamented fact that DHCP provides no security. So if you depend on DHCP to be secure, you are not secure. At all. That's not well-reasoned, at least in my book.
I'm sorry, but saying "but the RFC doesn't provide security, so it's not our fault that our setup isn't secure" is no good. The mistake Apple is making is precisely that if you try to build a secure system whose security depends on a non-secure protocol, you can't possibly wind up with a system that's secure.
This has nothing to do with Microsoft, and everything to do with bad system design. It'd be fine if Apple was using DHCP to get the address of the LDAP server, and then verifying the identity of the LDAP server, but they aren't currently doing this. This is what's missing. It is really, honest to god, a problem that Apple is shipping systems wide open like this. It is easy for me to get root on your laptop if you haven't disabled LDAP passwords (which are enabled by default) and you bring it onto an open network.
I agree with the general idea that the PC guy who wrote the article was out of line, but that doesn't mean we should turn a blind eye to an actual security problem just because it's on MacOS X and not on Windows. If we do that often enough, we'll be fulfilling this guy's prophecy.
And I'm sorry, but I don't care if leaving this security hole makes Macs a tiny bit easier to administer. Get over it. The first time someone compromises all the Macs on your network by setting up a fake LDAP/DHCP service, you'll be wishing you'd had the opportunity to spend a minute longer setting up each shiny new Mac in exchange for spending an hour less rebuilding each compromised Mac.
They made a DivX file just for slashdot? I would have thought this crowd would rather have had Ogg Media files.
I worked at the technical support desk for the university I attend. I don't have any hard numbers to give but from my experience there about 99% of the calls for assitance were for machines running Windows. I never once in the two years I worked for the help desk had a call about a Mac virus, or worm. Almost all calls concerning Mac were problems with our long range etherenet and OS X computers not getting an IP address properly from the DHCP server without a reboot. There just wasn't anything to troubleshoot with Mac's they just seemed to work.
And no I'm no Mac zealot, although I use them quite a bit (I now work for the UNIX System Admin group and there are quite a few Xserves popping up around campus).
-- Is it a right to remain ignorant? -- Calvin
Windows people buy Pontiac Firebirds thinking they are powerful but really getting 4 cylinder peice of maintinence hell.
linux users are like fiat owners. And people who re-program their honda's computers. Fun cars if you can keep up with the tweaking and constant search for parts.
by the way did any one read that rebuttal on the DNS security hole. After you get past the neener neener bit the discussion on the DNS protocol makes the guy who reported it and the Slashdotters who slammed mac look like total idiots.
Some drink at the fountain of knowledge. Others just gargle.
Q.
Insert Signature Here
codythefreak writes to deflect certain barbs lately directed at the security level of Mac OS X: "Working as a sysadmin at UC Berkeley's Residential Computing, since we serve more than 6,000 clients living in the dorms, we tend to know the major computing trends. There are 5,120 registered Windows XP machines in our system, and our staff have logged 2,452 duty logs to assist them (about one in two). On the other hand, there are 341 Mac OS X machines, and only 56 duty logs (about one in six). If we restrict these to virus and security related duty logs: Windows XP has 491 (about one in ten) and OS X has 2 (less than one in a hundred)!"
I was a sysadmin at Berkeley for 5 years.
I have the following observations: 1. The attitude of Windows users was less snobbish (i.e., they viewed their computer as a tool, not a fashion accessory),
2. There were less Macs, resulting in less assistance tickets for that platform, but the amount of time we spent dealing with each Mac issue was far greater than the amount of time. This was usually due to the fact that Apple had made some change, rendering recent hardware (~2 years) useless. (i.e. changes like dropping floppies, dropping SCSI, extremely poor hardware support with the launch of OS X, the OS 9/OS X dual boot requirement, shoddy DVD/USB support in OS X.0, etc)
3. We kept all machines patched, firewalled, and up-to-date with antiviral software, so viruses were not an issue.
Your Mileage May vary, of course.
The theory of relativity doesn't work right in Arkansas.
the head of NZ's Antarctic Research dept: 'Polly's trip was well organized and properly planned,' he said. 'It is ironic that she is now assisting a stranded pilot who embarked upon an ill-prepared and secret flight over the South Pole.'"
First of all, DAD, that's not ironic. I guess English skills are suffering down in the NZ research department? Second, she did the moral thing while the rest of you stood around with an over-inflated parent complex. Even Polly admitted that Jon's trip was not any worse planned than hers, but that crap happens and you have to deal with it. It's not like he was asking for a free handout. Next time, save your lectures for your kids.
-------
"Every artist is a cannibal, every poet is a thief."
God forbid that anyone outside of the USA might have ever been first at anything
455fe10422ca29c4933f95052b792ab2
Evening shadows fall
Heart! betray me not again!
Will I see a tit?
If someone can install DHCP servers on your network, then it's *ALREADY* *COMPROMISED*. In short, your security is already crap, so a couple of extra compromised macs is not going to make a huge amount of difference.
Plus, if you're willing to spend an extra minute setting up security, you could always use it to turn the damn option off. It's not exactly hard. You get a whole 55 seconds left over to do other things. Like maybe securing that damn XP box that people keep installing rogue DHCP servers on. Yeesh, treat the cause, not the symptoms.
Yeah, why does Apple use open standards, when everybody knows they are not secure. In case you've missed the point of the article, it was "DHCP is known to be insecure".
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
DHCP is a broadcast protocol. Any device connected to the network can be a DHCP server, and there is no way to prevent it unless you have a really smart managed network. Smart managed networks are nice, but by no means ubiquitous. BTW, I actually wrote the book on this... :')
The problem is that the average user never reads bugtraq, and has no idea that s/he needs to do something special to avoid getting rooted while drinking a latte at Starbucks.
Usually anytime there is an apple bashing article or a response to an apple bashing article (as seen in the last few days and in this slashback), there is at least one person who claims to work for apple and is posting anonymously. So anonymous apple informant, did anyone get fired this time? did apple find weapons of mass destruction? i know this will get modded down, but seriously, some fanboys really need to get a grip... i mean when was the last time you saw some who supposedly worked for microsoft anonymously posting? Or someone saying "I work for Linus and the volunteer programmer has been fired"
Kerberos is also an open standard. Apple actually supports Kerberos, but configures its systems to use LDAP for security by default, thus unfortunately not taking advantage of the secure open standard that they could be using. :'(
You're right. I forgot they linked the two props via chains to a single engine. Regardless, this would have been an 800 lbs. engine and even that was far too heavy.
emphasis on more. No computer system is ever secure in absolute terms.
while security surrounding DHCP has been and will continue to be a non-trivial issue, that one DHCP/directory issue that'd allow a malicious user on a LOCAL network to root a few boxes are still not the kind of vulnerabilities that'd allow worms to wreac wild havoc on the internet. In the case of this vulnerability, an exploit could spread to a local network and stop right there. There is just no way some worm could be written to spread outside of that local network. And worst, the exploit still needs to rely on the victim's machine actually DOING SOMETHING to be potentially vulnerable, in this case, rebooting, or renewing a DHCP lease, which are actions that seldom happen, especially on a network full of idling desktop boxes.
that exploit was interesting, needs to be addressed, requires more than a mere patch to a piece of C code and will require Apple and many Darwin/BSD developers to come-up with a complex solution that could involve user-interface updates or the development of certificates mechansisms which have been in discussion since 2001 in some rfc.
but this is hardly grounds for a windows user to gloat. and if the above didn't make sense, here are concepts that are simpler to understand:
Ever since OS X came out in its 10.1 version in late 2001, has any worm managed to spread thru OS X machines?
answer: no. Regardless of potential security holes found here and there, all OS X boxes ship by default with ALL NETWORK SERVICES TURNED OFF. Run nmap against a freshly installed OS X system, and guess what you get: NOTHING. NOT A SINGLE PORT OPENED. Hi there. Security 101 anyone? Even if OS X was the #1-used operating system in the world by millions and millions of people connected thru always-on broadband internet, any infection would stem from marginal power-users enabing certain remote services, at which point an infection or worm still wouldn't manage to reach the rest of the populace.
This is a far cry from windows boxes who have shipped for many years with services turned-on by default such as IIS and SMB, which allowed silly worms such as CodeRed and Nimda to make their initial way in, while further exploiting many exotic windoz system-level vulnerabilities surrounding Outlook and Internet Explorer, whereby previewing an e-mail or stumbling upon a malicious web page after pasting a URL found in an IRC chat room could get your computer thoroughly owned by inferior lifeforms also known as script kiddies, as your computer would secretly become one among thousands of unwitting drones awaiting their commands from a hidden IRC chatroom to launch DDoS attacks against some web sites, while seriously congesting the Internet. Hey Ulanoff, kinda sounds like what has happened at your office? thought so. Go Windoz.
Since System Mac 7.6 aka harmony with Open Transport which actually made internet access via dial-up and DHCP actually practical and easy-to-use circa 1996, has any internet-connected mac user running the default operating system as it was first installed from the Apple CDs ever gotten infected by a worm from just sitting on an un-NAT'ed, unfirewalled internet connection?
NO. That's because prior to OS X, Apple stuck to doing what they were good at: building an out-of-the-box single user, narrowly focused operating system targetted at your average joe-user and graphic designer, that had the ability to be extended thru 3rd-party software or other system configuration to better interoperate within, say, a corporate network. "Dave Client" comes to mind.
On the other hand Microsoft thought it would be fun to create worthless pieces of ass-ware such as windoz 95, NT, 98, ME, 2000 which they'd sell to BOTH enterprises and average joe-users, and enable, out-of-the-box, by default, a slew of services and features most users would never ever need or use, just so regardless of who the customer was, the operating syste
Extraordinary Vacations. Exceptional Prices
I downloaded the DivX version of Intel Extreme Edition Challenge to see how the quality compared to the WMV version. However, the conclusions that I've drawn come from the encoding process itself, and really don't concern the particular codec choices themselves. (I should note that Ben Waggoner voiced the same concerns when Modern Day Gamer 2 was released.)
The video could have been compressed a lot smaller (and quite possibly with an increase in quality, to boot), if it had been deinterlaced first--after all, PC monitors are progressive scan--and resized to something smaller and in the proper aspect ratio, like 640x480, instead of leaving it in native PAL resolution as it was here. Also, using non-square pixels requires user intervention to correct during viewing, unless the video was encoded with the pixel aspect ratio stored in the file, which is possible--but not used in this case--for WMV, but not AVI.
Just the small changes of not having to deal with all the little lines created by interlacing, and also having fewer pixels in general to encode would result in a lighter download and less artifacted video for all.
These films have all been great, content-wise, even for a non-team-oriented gamer such as myself, but once in a while, I can't help but wonder what would have been possible at the same download size with just a little bit of filtering and resizing.
Many people somehow think that Polly Vacher's flight around the world is better planned and organized than Jon Johanson's trip.
She, like Jon Johanson, had made sure that fuel was available at all her planned stops, but she did not make sure that fuel was available at all possible diversion airfields (the list of planned legs on her web site shows that McMurdo was a planned fuel stop).
She, like Jon Johanson, ran into higher than expected winds over Antartica, and had to divert. She, like Jon Johanson, diverted to an airfield that did not have fuel for her (she went back to her destination, but she had already used all the fuel in her fuel cache).
http://www.worldwings.org/route.htm& ID=226 & ID=228
http://worldwings.mantaur.co.uk/diary.aspx?mode=D& ID=230
http://worldwings.mantaur.co.uk/diary.aspx?mode=D& ID=232
http://worldwings.mantaur.co.uk/diary.aspx?mode=D
http://worldwings.mantaur.co.uk/diary.aspx?mode=D
Kevin Horton
For the record ... I happen to currently be a residential network administrator at Stanford, as well as ResComp support. I also work closely with a ex Berkley ResComp admin.
... they don't take any longer (and usually less time) than a Windows user. Another thing to note: every time I sit down at a OS X machine, I ask, what's wrong? Everytime I sit down to a
If anything, your first point is outdated. I have to deal with both Windows and Mac users on a regular basis, and if anything PC users are the ones with tweaked out (either software or hardware) computers, with 1001 different accessories making their computer less and less useful as a tool. Mac users on the other hand, usually have a core application suite (ie. Safari, Mail or Entourage, Word Proc / Graphics / Coding IDE depending on use) and no gimmicks. Sure Apple's design phase is more indepth to begin with and more asthetically pleasing, but I wouldn't call that snobbish. I'd classify it as stylish and functional.
As for your second point. I'm not even gonna touch the majority of that. Let me just say that your example may have been Apple in the Pre-OS X days, but now we don't see those problems.
The post clearly referes to the number of trouble tickets per system on campus being an order of magnitude different. I don't see how less Macs would explain a difference in ratio.
As for your third point, so do we. All machines are patched and users are recommended to patch their machines as often as possible. Even with that, the fall RPC exploit managed to infect over 6000 machines, with a maximum infection time of 10 seconds during the peak (ie. plug your machine in while running, 10 seconds later it was infected). Yep, keeping up to date sure helped there, especially since Microsoft kept sending out different patches, resulting in several custom patch packages which our coding team had to spit out, none of which were compatable.
As for my own experience with OS X users
Windows machine, I run Ad-Aware, find between 30 and 800 spyware objects, clean the machine repeatedly, and then try to see if the behavior has stopped, if it hasn't _then_ I start troubleshooting. Don't even start to lecture me about the ease of administrating Windows.
**AA: a bunch of mindless jerks who'll be the first against the wall when the revolution comes
And, since the series will be on the SCI-FI channel, might as well note that the series is canceled (just as soon as you decide you like it) while you're at it.
Can You Say Linux? I Knew That You Could.
The Vatican is not a member of the United Nations. It has a non-voting observer to the UN.