Just an FYI, you can't really compare Eve's "single world" design with WoW's, as there are some interesting considerations to take into account here.
-WoW has 4 continents, each continent is on its own server/cluster of servers. Every player therefore sees every other player. Continents otherwise are not "instanced". Every player can see and interact with every other player. There's no "rooms"-style selection for this. You log in, you go into a city, and you're there with everyone else.
-Cities are the most popular areas of WoW, usually a single capital city. Come Cataclysm (next expansion) it will be broken into 2 cities again (horde and alliance).
Even can get away with splitting off players because it's a virtually limitless world, and there's a loading screen in between most areas. WoW favors far fewer loading screens than most other MMORPG games.
-Battlegrounds, Dungeons, Raids, and Arenas are all instanced.
I would argue that we do not know enough about what causes what medical conditions to accurately say whether something was a guaranteed "fault" of the person involved.
Even then, how far do you take it?
"You shouldn't have lived near that huge coal mine that opened up in your town! You inflicted that on yourself!"
"You shouldn't have lived in the city, so close to all of the CO being pumped out of the cars, no wonder you have asthma!"
"Obviously, why did you eat bacon when you should have been eating lettuce? It's your fault that you ended up with heart disease!"
Even though, through all of these, we have no specific correlation here.
Not every person who eats bacon gets heart disease. Not every person who lives in a city gets asthma. And not every person who lives near a coal mine gets cancer.
I fail to see how anything on their list of features provides any more security over what can be obtained with a properly configured Exchange/Outlook system.
You're right, but only technically. Eve *does* have instances--there are missions that DO instance you off from the rest of the player base.
Not to mention, the way Eve's warping system works, is that not every character is on the same set of servers as they move between zones. They achieve this with the warping stuff they have in the game.
The equivalent you can get to in WoW is that WoW has 4 continents. Each continent is set on its own server. You also have the "instance" servers, which handle battlegrounds, arenas, dungeons, and raids. They also have the chat server.
A) WoW is split up so the following happens:
If Northrend's server goes down, players in Azeroth, Outlands, and Eastern Kingdoms are not affected.
B) All players on a downed/crashed server can still maintain 100% communication with each other via the chat channels.
WoW did this to maintain the open world look and feel. They could accomplish something similar by placing loading screens between every zone in the game, but that defeats the purpose of making the game truly "open world" to begin with.
Guild Wars, at least when I played it, treated cities as lobbies. There were maybe 20 different copies of a city, and you were auto balanced into one or the other, but could optionally choose to port to another lobby of the city to facilitate trading. When you did missions, the missions are all instanced off.
My observation as a male of your observation as a female says the following to me:
[HOT] men prefer "hot dumb blonde chicks" over more 'regular gals' per say, without intelligence being factored in at all.
That's the key point there. I'm not trying to be sexist here, but there are a lot of intelligent, smart, well-paid, well off, sane, and very single men on slashdot that probably say the same thing about women. "Damnit, they always go for the douchebags."
What you should look at doing is lower your physical attraction ratio quotient a bit, and you should end up with exactly what you're looking for.
Is it just me, or do the people hyping up vinyl's superiority not really caring about the music?
I am a "quality-phile" in that I have to have the highest quality of which I can afford.
A) I can tell you the difference between Pandora radio and my ipod. B) I can tell you the difference between my 128kbps mp3s and my 224kbps AAC (itunes) files. C) I can do all of this on rather low end speaker systems (stock speakers in my Elantra).
Digital audio is far superior to anything analog that can come before it. That said, of course, there's something to be said about live music in a concert hall.
-You make system-specific changes (Control Panel, Adding languages, etc.) -You attempt to write to C: -You attempt to write to C:\Users\All Users -You attempt to write to C:\Windows -You attempt to write outside of HKCU registry hive. -You attempt to write to C:\Program Files (in 64-bit, this is Program Files and Program Files (x86))
In Windows 7, Item #1 in that list has been toned down a bit. Microsoft's system control applications can control the system with silent elevation.
In both Vista and 7, UAC is a simple prompt. When the user is under a "Standard User Account", it will prompt them for a password of an Administrator account.
It's not that they have permissions incorrect, it's that a lot of applications tend to do things that require elevated privileges. Many linux users are saved this hassle by having centralized repos where they do something like "sudo apt-get install <application name>".
But then you have to trust the repository maintainer.
I read an interesting article in group policy a few months ago regarding the performance processing of group policy. It came down to the following:
Do you create a giant, single flat group policy object that handles every shared security setting that you need? or do you create small, targetted group policies that have everything "not configured" and only configure what you need?
When updating group policy in the first scenario, indeed every system needs to apply the entire group policy object again. When updating specific policies in the second scenario, it will only update what is configured.
This is, however, not necessarily a problem unless you're in a gigantic organization with a multitude of connection types, tons of users, etc.
Or if you need to change a policy setting often, you can do so with far less overhead by separating it out into its own policy.
You can read about it here: http://www.windowsnetworking.com/articles_tutorials/Optimizing-Group-Policy-Performance.html
Then you run into applications and permissions hell. What if you have 2 or 3 different applications that need to communicate with each other? Or Application A needs to write to Application B's directory to fix something that Application B broke?
In this case, you would use sudo or UAC to temporarily give Application A super-user privileges to override the security permissions on Application B to make the changes.
But then this doesn't really solve the problem that this whole thread is about--that is malware being run that is allowed to screw with the system. It might move it into more semi-findable locations, but some XML configurations are not quite as human-readable as you would want them to be.
The idea that all applications are an island works in a managed environment. But out here in the real world we have applications that sometimes need to communicate and play nice with others.
Without package managers to create such users and permissions properly for repository-based installs, I really do question how many people go out and create these structures by hand? I know I have, on very small and specific applications--and it's certainly not easy to do.
You need to create the folders, create the user, change the user's shell to a non-valid shell, apply the user as owner of the folder, use your distro-specific launcher (sometimes start-stop-daemon) to launch the application under specific user privileges, or hope your application has some sort of built-in de-elevation privilege.
And of course, typing out start-stop-daemon --start/path/to/file --user application_name becomes a bit of a pain in the ass to start and stop the app, so then you need to write your init script, and to make it pretty put it in/etc/init.d/ and set it as executable.
Since when has slashdot had anyone on here that has understood the Windows registry?
Even worse--it seems the people screaming about how terrible the registry is don't even understand how to make changes to an offline registry:(
I think part of the problem is all the GUID keys within the registry, and the structure of how everything is laid out. It's very technical in nature, rather than "easy".
But the fact of the matter is, and I stand by Microsoft's point in this--you shouldn't be in the registry unless you know what you are doing, and even then the most you should concern yourself with is HKCU\Software and HKLM\Software.
I would imagine at some point they might modify the layout a little bit to be a bit easier to follow, but it wasn't really meant to be human readable so....
there is a point where password complexity requirements become annoying to end users. So while it may be cool or doable for your average nerd to use a password like @$#l33tS4uc3#! ; the average end user is more likely to use things like their first and last name, the names of a kid, their pets, their street name and house number, or something along those lines. Such as "1313mockingbird" or along those lines.
It has gotten a lot better on the proprietary platform, but unfortunately so far the reception to UAC has been lackluster at best. Everyone, short of the people who know why it's there, hates it. This is a really bad idea of things to come. I suppose the solution would to be install apps in the user's home directories, but you infinitely increase space requirements on each system for each user. We're not talking small scripts and IRC applets and vi versus nano here. We're talking huge applications such as Office (either OO or MSO), Photoshop, any of the other Adobe utilities, proprietary-internal only applications, etc.
I'm not saying we don't necessarily have the space to do it, but when there is a rather sizeable IT community that strives on lowering disk space usage of the OS to the point that they're going to delete unnecessary icons and drivers in the OS, I can assure you that something like this would cause them to freak out. In turn, they would turn around and turn off such a feature on any machine they worked on.
Actually, what you just described is as easy as Windows, and it's precisely what they do on Windows. Have you seen Antivirus 2009/2010? That shit is insane....
My assumption is that this guy's malicious software is not necessarily something that can be patched, in that since it expects the user to run it manually, then no amount of "patching" can fix the problem at hand, which is ultimately the end user's hand.
At some point in time you are going to have more linux users than those that are interested in attending your LUG. In fact, I would imagine there are a lot of Ubuntu users who never visit a LUG. Why? Because they don't want to be seen as "too nerdy" in public.
If Linux was to explode on the desktop, the problems would be pretty severe for security. Short of installing SELinux on every user's machine and teaching them how to use it.
But this is exactly the same problem with Windows.
wow, someone with a brain on slashdot when it comes to information security.
"The fact is that all the information the user cares about is accessible (read and write) with this "unprivileged" account, in Linux, Windows and OsX."
From someone that works in IT (Systems Engineer, official title), I can assure you that to us you CS Majors are the real idiots. We most certainly are not. I know a lot of Software Developers (Architects/programmers/whatever you want to call them) that can do a wide range of programming from C, to C#, to C++, to Java, to PHP, to whatever-the-hell-language-is-cool-on-the-street and I assure you that YOU are the idiot.
I have been consulted by many developer-oriented friends to fix their virus-infected PCs. I know quite a few that don't even know the basics of the systems placed in front of them.
And this person is writing software on these platforms?
The guy at the help desk could probably tell you nearly every in and out of the Windows OS including service interaction, monitoring performance of a system, to understanding underlying parts of what makes the PC tick.
In fact, In my company, we, the "IT guys" end up bug tracking and supporting rather poor software development practices. They can't even write decent software that works well enough on the system.
Take it from me--if you want to be an effective software developer, you should try working in the help desk and support infrastructure first. It will give you a rather nice, clear view of peoples' expectations and what kinds of problems you might encounter in your software.
Your $1,000 router/firewall couldn't handle NAT speeds of 100Mbit?
I find that hard to believe--unless you paid $1,000 15 years ago for it.
A Juniper SSG5 could handle this without much of a problem. You could also pick up a Sonicwall TZ200 or TZ210 series.
While arguably more expensive up front than your average pfsense configuration, the legitimate devices are ultimately the best solution since they also provide extra services such as AV scanning, etc.
Oh, and the flip side is these devices operate on much more stable hardware with much lower power envelopes than a completely wasteful pfsense machine.
I think the outrage this time is that everyone thought Verizon and Droid would keep people from the evil "oppressive", and "expensive" iphone plans. From what I'm seeing, short of the 5G/month difference, the plans are exactly the same.
FYI, there is no limit on the iphone data plan, it is separate from the Blackberry data plan on AT&T.
Slashdot Mirror
Just an FYI, you can't really compare Eve's "single world" design with WoW's, as there are some interesting considerations to take into account here.
-WoW has 4 continents, each continent is on its own server/cluster of servers. Every player therefore sees every other player. Continents otherwise are not "instanced". Every player can see and interact with every other player. There's no "rooms"-style selection for this. You log in, you go into a city, and you're there with everyone else.
-Cities are the most popular areas of WoW, usually a single capital city. Come Cataclysm (next expansion) it will be broken into 2 cities again (horde and alliance).
Even can get away with splitting off players because it's a virtually limitless world, and there's a loading screen in between most areas. WoW favors far fewer loading screens than most other MMORPG games.
-Battlegrounds, Dungeons, Raids, and Arenas are all instanced.
Then this would confuse people, because, you know, they're so used to the round traffic light design.
I would argue that we do not know enough about what causes what medical conditions to accurately say whether something was a guaranteed "fault" of the person involved.
Even then, how far do you take it?
"You shouldn't have lived near that huge coal mine that opened up in your town! You inflicted that on yourself!"
"You shouldn't have lived in the city, so close to all of the CO being pumped out of the cars, no wonder you have asthma!"
"Obviously, why did you eat bacon when you should have been eating lettuce? It's your fault that you ended up with heart disease!"
Even though, through all of these, we have no specific correlation here.
Not every person who eats bacon gets heart disease. Not every person who lives in a city gets asthma. And not every person who lives near a coal mine gets cancer.
I fail to see how anything on their list of features provides any more security over what can be obtained with a properly configured Exchange/Outlook system.
NTFS has too much overhead for removable media devices, which is why they created exFAT (FAT64).
You're right, but only technically. Eve *does* have instances--there are missions that DO instance you off from the rest of the player base.
Not to mention, the way Eve's warping system works, is that not every character is on the same set of servers as they move between zones. They achieve this with the warping stuff they have in the game.
The equivalent you can get to in WoW is that WoW has 4 continents. Each continent is set on its own server. You also have the "instance" servers, which handle battlegrounds, arenas, dungeons, and raids. They also have the chat server.
A) WoW is split up so the following happens:
If Northrend's server goes down, players in Azeroth, Outlands, and Eastern Kingdoms are not affected.
B) All players on a downed/crashed server can still maintain 100% communication with each other via the chat channels.
WoW did this to maintain the open world look and feel. They could accomplish something similar by placing loading screens between every zone in the game, but that defeats the purpose of making the game truly "open world" to begin with.
Guild Wars, at least when I played it, treated cities as lobbies. There were maybe 20 different copies of a city, and you were auto balanced into one or the other, but could optionally choose to port to another lobby of the city to facilitate trading. When you did missions, the missions are all instanced off.
My observation as a male of your observation as a female says the following to me:
[HOT] men prefer "hot dumb blonde chicks" over more 'regular gals' per say, without intelligence being factored in at all.
That's the key point there. I'm not trying to be sexist here, but there are a lot of intelligent, smart, well-paid, well off, sane, and very single men on slashdot that probably say the same thing about women. "Damnit, they always go for the douchebags."
What you should look at doing is lower your physical attraction ratio quotient a bit, and you should end up with exactly what you're looking for.
Is it just me, or do the people hyping up vinyl's superiority not really caring about the music?
I am a "quality-phile" in that I have to have the highest quality of which I can afford.
A) I can tell you the difference between Pandora radio and my ipod.
B) I can tell you the difference between my 128kbps mp3s and my 224kbps AAC (itunes) files.
C) I can do all of this on rather low end speaker systems (stock speakers in my Elantra).
Digital audio is far superior to anything analog that can come before it. That said, of course, there's something to be said about live music in a concert hall.
@sorak
The warnings are pointless?
The only times UAC prompts you is when:
-You make system-specific changes (Control Panel, Adding languages, etc.)
-You attempt to write to C:
-You attempt to write to C:\Users\All Users
-You attempt to write to C:\Windows
-You attempt to write outside of HKCU registry hive.
-You attempt to write to C:\Program Files (in 64-bit, this is Program Files and Program Files (x86))
In Windows 7, Item #1 in that list has been toned down a bit. Microsoft's system control applications can control the system with silent elevation.
In both Vista and 7, UAC is a simple prompt. When the user is under a "Standard User Account", it will prompt them for a password of an Administrator account.
It's not that they have permissions incorrect, it's that a lot of applications tend to do things that require elevated privileges. Many linux users are saved this hassle by having centralized repos where they do something like "sudo apt-get install <application name>".
But then you have to trust the repository maintainer.
Otherwise the exact same problem exists in Linux.
I read an interesting article in group policy a few months ago regarding the performance processing of group policy. It came down to the following:
Do you create a giant, single flat group policy object that handles every shared security setting that you need? or do you create small, targetted group policies that have everything "not configured" and only configure what you need?
When updating group policy in the first scenario, indeed every system needs to apply the entire group policy object again. When updating specific policies in the second scenario, it will only update what is configured.
This is, however, not necessarily a problem unless you're in a gigantic organization with a multitude of connection types, tons of users, etc.
Or if you need to change a policy setting often, you can do so with far less overhead by separating it out into its own policy.
You can read about it here: http://www.windowsnetworking.com/articles_tutorials/Optimizing-Group-Policy-Performance.html
Applications not properly cleaning out the registry is not Microsoft's fault.
@sorak
/path/to/file --user application_name becomes a bit of a pain in the ass to start and stop the app, so then you need to write your init script, and to make it pretty put it in /etc/init.d/ and set it as executable.
Then you run into applications and permissions hell. What if you have 2 or 3 different applications that need to communicate with each other? Or Application A needs to write to Application B's directory to fix something that Application B broke?
In this case, you would use sudo or UAC to temporarily give Application A super-user privileges to override the security permissions on Application B to make the changes.
But then this doesn't really solve the problem that this whole thread is about--that is malware being run that is allowed to screw with the system. It might move it into more semi-findable locations, but some XML configurations are not quite as human-readable as you would want them to be.
The idea that all applications are an island works in a managed environment. But out here in the real world we have applications that sometimes need to communicate and play nice with others.
Without package managers to create such users and permissions properly for repository-based installs, I really do question how many people go out and create these structures by hand? I know I have, on very small and specific applications--and it's certainly not easy to do.
You need to create the folders, create the user, change the user's shell to a non-valid shell, apply the user as owner of the folder, use your distro-specific launcher (sometimes start-stop-daemon) to launch the application under specific user privileges, or hope your application has some sort of built-in de-elevation privilege.
And of course, typing out start-stop-daemon --start
Since when has slashdot had anyone on here that has understood the Windows registry?
:(
Even worse--it seems the people screaming about how terrible the registry is don't even understand how to make changes to an offline registry
I think part of the problem is all the GUID keys within the registry, and the structure of how everything is laid out. It's very technical in nature, rather than "easy".
But the fact of the matter is, and I stand by Microsoft's point in this--you shouldn't be in the registry unless you know what you are doing, and even then the most you should concern yourself with is HKCU\Software and HKLM\Software.
I would imagine at some point they might modify the layout a little bit to be a bit easier to follow, but it wasn't really meant to be human readable so....
there is a point where password complexity requirements become annoying to end users. So while it may be cool or doable for your average nerd to use a password like @$#l33tS4uc3#! ; the average end user is more likely to use things like their first and last name, the names of a kid, their pets, their street name and house number, or something along those lines. Such as "1313mockingbird" or along those lines.
dbll:
It has gotten a lot better on the proprietary platform, but unfortunately so far the reception to UAC has been lackluster at best. Everyone, short of the people who know why it's there, hates it. This is a really bad idea of things to come. I suppose the solution would to be install apps in the user's home directories, but you infinitely increase space requirements on each system for each user. We're not talking small scripts and IRC applets and vi versus nano here. We're talking huge applications such as Office (either OO or MSO), Photoshop, any of the other Adobe utilities, proprietary-internal only applications, etc.
I'm not saying we don't necessarily have the space to do it, but when there is a rather sizeable IT community that strives on lowering disk space usage of the OS to the point that they're going to delete unnecessary icons and drivers in the OS, I can assure you that something like this would cause them to freak out. In turn, they would turn around and turn off such a feature on any machine they worked on.
Actually, what you just described is as easy as Windows, and it's precisely what they do on Windows. Have you seen Antivirus 2009/2010? That shit is insane....
My assumption is that this guy's malicious software is not necessarily something that can be patched, in that since it expects the user to run it manually, then no amount of "patching" can fix the problem at hand, which is ultimately the end user's hand.
silentcoder:
At some point in time you are going to have more linux users than those that are interested in attending your LUG. In fact, I would imagine there are a lot of Ubuntu users who never visit a LUG. Why? Because they don't want to be seen as "too nerdy" in public.
If Linux was to explode on the desktop, the problems would be pretty severe for security. Short of installing SELinux on every user's machine and teaching them how to use it.
But this is exactly the same problem with Windows.
wow, someone with a brain on slashdot when it comes to information security.
"The fact is that all the information the user cares about is accessible (read and write) with this "unprivileged" account, in Linux, Windows and OsX."
^^^^^ Everyone needs to read this statement.
From someone that works in IT (Systems Engineer, official title), I can assure you that to us you CS Majors are the real idiots. We most certainly are not. I know a lot of Software Developers (Architects/programmers/whatever you want to call them) that can do a wide range of programming from C, to C#, to C++, to Java, to PHP, to whatever-the-hell-language-is-cool-on-the-street and I assure you that YOU are the idiot.
I have been consulted by many developer-oriented friends to fix their virus-infected PCs. I know quite a few that don't even know the basics of the systems placed in front of them.
And this person is writing software on these platforms?
The guy at the help desk could probably tell you nearly every in and out of the Windows OS including service interaction, monitoring performance of a system, to understanding underlying parts of what makes the PC tick.
In fact, In my company, we, the "IT guys" end up bug tracking and supporting rather poor software development practices. They can't even write decent software that works well enough on the system.
Take it from me--if you want to be an effective software developer, you should try working in the help desk and support infrastructure first. It will give you a rather nice, clear view of peoples' expectations and what kinds of problems you might encounter in your software.
Your $1,000 router/firewall couldn't handle NAT speeds of 100Mbit?
I find that hard to believe--unless you paid $1,000 15 years ago for it.
A Juniper SSG5 could handle this without much of a problem. You could also pick up a Sonicwall TZ200 or TZ210 series.
While arguably more expensive up front than your average pfsense configuration, the legitimate devices are ultimately the best solution since they also provide extra services such as AV scanning, etc.
Oh, and the flip side is these devices operate on much more stable hardware with much lower power envelopes than a completely wasteful pfsense machine.
Shouldn't this be enough proof that having a jailbroken device capable of running anything under the sun is a problem from a security standpoint?
"That's not what users want"....
Okay, so the iphone is the hottest selling smart phone on the market, and no users "want what it offers".....seriously.
Do you actually get up every day and just say you're going to sound like an idiot?
Did you even read the dude's Pro's response or what?
I think the outrage this time is that everyone thought Verizon and Droid would keep people from the evil "oppressive", and "expensive" iphone plans. From what I'm seeing, short of the 5G/month difference, the plans are exactly the same.
FYI, there is no limit on the iphone data plan, it is separate from the Blackberry data plan on AT&T.