..Examples of knee-jerk zealotry I've seen. So Microsoft/finally/ followed through, and moved MSDOS on top of the Win32 kernel, instead of the other way around.. I don't know about the UMSDOS distros, but this certainly doesn't kill BeOS R5 Personal in a FAT32 image. They aren't doing away with FAT32, just moving the kernels around to better approximate the NT and 2k arrangements.
Hell, if I wanted to get nasty, I would say that half the slashdot kiddies should be happy with WinME.. After all, it does theming, now. *eye roll*
Okay, it's time for interesting stories about strangers met.. I was the sudden, and much surprised, recipient of a weekend pass at the end of a field exercise at NTC, near Barstow, Calif. Not one to look a gift horse in the mouth, I quickly got off post, and arrived in Barstow without civvies.
The next morning, I set out from my hotel room to find the nearest mall where I could at least pick up a t-shirt and some jeans so I could go to a bar, and encountered this ninety-something elderly man, wearing a rather flashy suit and some silly beads around his neck. Being country raised, I paid him a good morning and a nod of my head, and the man pretty much lit up, and changed direction to follow me.
Like I said.. It was morning.. I was in uniform.. I wasn't in any kind of hurry to go anywhere / do anything, so I stopped to talk with him. He told me about his experiences in WWII, and his family, long since scattered, and invited me for coffee and a donut..
I don't really remember much of the rest of that pass, but I've never forgotten that polite, lonely old man. It really does pay to stop and talk with people.
If your company runs vantive, file a 'Happy Sysadmin's Day' vantive and forward it to your support team's inbox. Sure, it's unprofessional, but perhaps you'll get some extra RAM out of it.;)
Old, old news.. Look around on the web for 'Chord Pads', and the Twiddler, in particular. (I'm too lazy to dig up the sites. Let some Karma Whore do the work.)
The manufacturing runs are small, so the prices are usually quite steep and you'll find that it takes a while to learn the patterns, but the speed gain they advertise is quite real, and it certainly/seems/ like a more natural action for the hands than typing.
The problem with chording, is that another, older technology is in its place, with a huge market share. It's hard to convince people to stop and learn something beyond their keyboard.
That is a more complete and mature stand than the one you made earlier. I made that ridiculous analogy, to point out that there are always exceptions, and grey areas.
I am not a grey-hat hacker, for the record.. I am a developer, and while I have occasionally gotten my nose tweaked by these grey-hats, I have never thought that silencing them would do any good for my clients.
Urr.. The only two Debian features that come to mind are:
1) It's community. 2) It's packaging methodology.
While Debian/does/ have a really good group of people behind it, and their packaging dependencies system is really clever, I don't see much similarity to FreeBSD. FreeBSD has gone the low road, and instead of trying to implement a package system, they provide very clever makefiles that will download the source, 'fix' it, then compile.
Okay.. There/is/ a third feature, that is rather BSD-like..
3) They're patient. Debian/and/ FreeBSD will label something experimental, even if it's considered tried and true by other distros, until they're/positive/ it works.
Actually, although I/am/ a FreeBSD zealot, I have been a little disappointed in the ipfilter documentation.. Much of it is either a half-finished manpage, or one of those silly Linux-like lists of common tasks and how to perform them.
I have been using Checkpoint to do some rather complex NAT manipulations, and I would love to use ipfilter to do this, but the docs are a little dodgy for anything beyond 'How do I set up masquerading for dialup access.' or 'What is the syntax?'
I just have to laugh at/any/ Linux user who makes that 'lacks native software' comment. Could you/please/ consider not copying Microsoft marketing?;) I personally like FreeBSD, because it has a different focus than Linux.. Linux tries to drag everything into the kernel, and be everything for everyone, while the BSDs tend to focus more on making a solid networking and multitasking OS that behaves nicely on common hardware. And.. Finally.. For the record, Messr Anonymous Troll, FreeBSD can quite happily run those precompiled Linux binaries you're so addicted to, 99.5% of the time, so long as they're userland apps. (No, your tcl/tk-based ipchains configuration app isn't going to work.)
The code for implementing an exploit, is entirely different from the code required for fixing the problem.
For example, or Grey Hat finds a buffer overrun in a server app, writes his 20-line exploit example, and posts to BugTraq. It takes Joe Developer, cursing and spitting the whole way, several hundred lines, carefully placed at every possible source of external data, and at possible string transformations, because the vunerability isn't in his code.. It's in the strings library that his Company has standardized on.
Make no mistake, I believe in openly posting bugs and issues, but don't confuse exploit code with resolution code.
Right. I would like to sue the Acme Crowbar Corp., because a burglar used one of their illicit tools to open my front door. They aided and abetted a criminal. The tool was/designed/ for forcing the opening of crevasses, and used to harm my property.
An individual discovers that, if he jacks the steering hard and to the left, the power steering fails, and endangers the vehicle, and everyone around him.
Does the car industry bewail him finding that problem with the car? Well.. Correction.. Do the bewail him/openly/, telling him to grow up, get a real job, and stop making trouble.
Now.. Let's take that one step further.. An/extremely/ expensive car is claimed by the manufacturer to be unstealable, because it has fashioned impenetrable door locks. Our enterprising car aficionado notices that, if he wiggles a dummy key just right, the 'impenetrable' lock opens, after which he can do whatever he wants with the car.
Does the automotive industry scream? Yes, for a little bit.. But they issue a retrofit pretty damn quick. Would they scream if he hadn't told everyone about it? Would they hurry with the refit? Would people trust them, in the future, by default?
In the I/T world, the best approach, with so many faulty packages, is a belt-and-suspenders approach. Layer several 'impenetrable' and 'infallible' packages in such a way that possible weaknesses should be isolated and shielded, then apply careful monitoring. And the/moment/ you discover a new vunerability, scream your head off about it, and try to protect the soft spot until you can get a fix.
For all these companies, complaining about how a grey hat's article on such-and-such bug ruins the safety of their entire site, I have ZERO pity, because they have obviously made the mistake of placing all their eggs in one basket.
I disagree. The source of the proposition is integral to the amount of trust I am willing to invest in the research, effort and integrity of that proposition, in an environment where I may not have access to all the data and rules applicable.
In other words.. Get a face, get a name, don't hide behind AC's skirts.
*lol* Well.. At least Duchovny was known to smile every once in a while, and managed generally not to get that constipated look that bad actors believe denotes a serious character.
The only way you could have found a more wooden actor, is if they had used a cigar store indian. I've seen this guy in several second string roles, and he never really gets being a vacant-eyed emotionless lump of flesh on the screen.
I guess it's time to start looking for something/else/ to do on Sunday night.
Actually, I'm a developer for one of the 'big boys'. I left my previous employer, also one of your big boys, because they deliberately ignored a major security hole in the name of marketing deadlines.
Let's take a look at the title of the position: 'Public Relations Representative'. It is the duty of PR geeks to act as an interface with the public. It is not to lie, to slander, to throw mud, bluff, brag or intimidate. It is to get the information about your company, and what it has to offer, into the space of the consumer, and rest on the merits of your product.
Time and time again, you will see an individual in court, for various crimes of one form or another. Auschwitz. Iran-Contra. Corporate espionage cases. In every instance, the individual will often use the excuse of 'I was only following orders.' Essentially, they are claiming the controlling organization for their actions, because of the influence they exert, directly or indirectly.
If a member of a corporation, acting on behalf of the corporation, acts in an unethical manner, as these PR reps have, it is the responsibility of the corporation to quickly get them under control. It is their duty to do this, not when they get caught by the press, but when they, themselves discover this. And if they can't get control of that employee, it is their duty to shake their hands, hand them their benefits, and have security escort them out the front door.
It may appear to be good business practice to be aggressive. To spread fear, and doubt, in the businessplace. But in actuality, it's like dropping a hand grenade in your market space. Sure, you're likely to hurt the other guy, but it's just as likely to bounce back in your face.
As consumers, it is our duty to do whatever we can to ensure that grenade/does/ bounce. Refuse to purchase the products of companies that strongarm. Send flames and derogatory emails to companies that refuse to publish specifications. Scream, kick, fuss and rant, so Joe Consumer knows something is wrong. So Jim Investor decides to put his money elsewhere. Don't put up with this nonsense.
In case you haven't noticed, I'm getting a little sick of these deceptions.
Slashdot Mirror
Funny.. I either think of OSX as 'A Rose by Any Other Name' (NextStep) or 'MacOS with Preemptive Multitasking / Mac Meets the Nineties'.
..Examples of knee-jerk zealotry I've seen. So Microsoft /finally/ followed through, and moved MSDOS on top of the Win32 kernel, instead of the other way around.. I don't know about the UMSDOS distros, but this certainly doesn't kill BeOS R5 Personal in a FAT32 image. They aren't doing away with FAT32, just moving the kernels around to better approximate the NT and 2k arrangements.
Hell, if I wanted to get nasty, I would say that half the slashdot kiddies should be happy with WinME.. After all, it does theming, now. *eye roll*
1. Provide Cigars and dedicate an Intern for Mr. Clinton's needs. (Preferably one recruited from the corner of Hollywood and Vine.)
2. Ensure there is something convenient for Mr. Gore to invent. (A wheel, perhaps?)
3. Ensure there are proper forms for Mrs.Clinton to change her residency, if it is an election year.
4. Provide cigarettes of questionable legality for Mr. Clinton not to inhale.
5. A saxophone, in case any attendees doubt Mr. Clinton is a hep cat / in touch with the Youth of America.
Okay, it's time for interesting stories about strangers met.. I was the sudden, and much surprised, recipient of a weekend pass at the end of a field exercise at NTC, near Barstow, Calif. Not one to look a gift horse in the mouth, I quickly got off post, and arrived in Barstow without civvies.
The next morning, I set out from my hotel room to find the nearest mall where I could at least pick up a t-shirt and some jeans so I could go to a bar, and encountered this ninety-something elderly man, wearing a rather flashy suit and some silly beads around his neck. Being country raised, I paid him a good morning and a nod of my head, and the man pretty much lit up, and changed direction to follow me.
Like I said.. It was morning.. I was in uniform.. I wasn't in any kind of hurry to go anywhere / do anything, so I stopped to talk with him. He told me about his experiences in WWII, and his family, long since scattered, and invited me for coffee and a donut..
I don't really remember much of the rest of that pass, but I've never forgotten that polite, lonely old man. It really does pay to stop and talk with people.
Mark me off-topic, overrated, whatever.
Or do we see a lot more of these VA Linux Conspiracy theories posted right after X-Files?
Coincidence.. I think not.
If your company runs vantive, file a 'Happy Sysadmin's Day' vantive and forward it to your support team's inbox. Sure, it's unprofessional, but perhaps you'll get some extra RAM out of it. ;)
Old, old news.. Look around on the web for 'Chord Pads', and the Twiddler, in particular. (I'm too lazy to dig up the sites. Let some Karma Whore do the work.)
/seems/ like a more natural action for the hands than typing.
The manufacturing runs are small, so the prices are usually quite steep and you'll find that it takes a while to learn the patterns, but the speed gain they advertise is quite real, and it certainly
The problem with chording, is that another, older technology is in its place, with a huge market share. It's hard to convince people to stop and learn something beyond their keyboard.
Hmmm.. Does that sound familiar?
That is a more complete and mature stand than the one you made earlier. I made that ridiculous analogy, to point out that there are always exceptions, and grey areas.
I am not a grey-hat hacker, for the record.. I am a developer, and while I have occasionally gotten my nose tweaked by these grey-hats, I have never thought that silencing them would do any good for my clients.
Of course, Marketing has a different opinion..
Urr.. The only two Debian features that come to mind are:
/does/ have a really good group of people behind it, and their packaging dependencies system is really clever, I don't see much similarity to FreeBSD. FreeBSD has gone the low road, and instead of trying to implement a package system, they provide very clever makefiles that will download the source, 'fix' it, then compile.
/is/ a third feature, that is rather BSD-like..
/and/ FreeBSD will label something experimental, even if it's considered tried and true by other distros, until they're /positive/ it works.
1) It's community.
2) It's packaging methodology.
While Debian
Okay.. There
3) They're patient. Debian
Actually, although I /am/ a FreeBSD zealot, I have been a little disappointed in the ipfilter documentation.. Much of it is either a half-finished manpage, or one of those silly Linux-like lists of common tasks and how to perform them.
I have been using Checkpoint to do some rather complex NAT manipulations, and I would love to use ipfilter to do this, but the docs are a little dodgy for anything beyond 'How do I set up masquerading for dialup access.' or 'What is the syntax?'
I just have to laugh at /any/ Linux user who makes that 'lacks native software' comment. Could you /please/ consider not copying Microsoft marketing? ;) I personally like FreeBSD, because it has a different focus than Linux.. Linux tries to drag everything into the kernel, and be everything for everyone, while the BSDs tend to focus more on making a solid networking and multitasking OS that behaves nicely on common hardware. And.. Finally.. For the record, Messr Anonymous Troll, FreeBSD can quite happily run those precompiled Linux binaries you're so addicted to, 99.5% of the time, so long as they're userland apps. (No, your tcl/tk-based ipchains configuration app isn't going to work.)
You can probably survive quite happily with old 4.0, unless you're using IPSEC or IPV6 heavily in your network environment..
They've bundled in the new OpenSSH port, with ssh2 support, but you can always just grab the new port and build it on 4.0.
<Insert Anti-Linux FUD Flame Here/>
Sorry. Feeling too lazy to give our AC troll a proper roasting.
The code for implementing an exploit, is entirely different from the code required for fixing the problem.
For example, or Grey Hat finds a buffer overrun in a server app, writes his 20-line exploit example, and posts to BugTraq. It takes Joe Developer, cursing and spitting the whole way, several hundred lines, carefully placed at every possible source of external data, and at possible string transformations, because the vunerability isn't in his code.. It's in the strings library that his Company has standardized on.
Make no mistake, I believe in openly posting bugs and issues, but don't confuse exploit code with resolution code.
Right. I would like to sue the Acme Crowbar Corp., because a burglar used one of their illicit tools to open my front door. They aided and abetted a criminal. The tool was /designed/ for forcing the opening of crevasses, and used to harm my property.
Yup. I keep mine in the flowerpot.
An individual discovers that, if he jacks the steering hard and to the left, the power steering fails, and endangers the vehicle, and everyone around him.
/openly/, telling him to grow up, get a real job, and stop making trouble.
/extremely/ expensive car is claimed by the manufacturer to be unstealable, because it has fashioned impenetrable door locks. Our enterprising car aficionado notices that, if he wiggles a dummy key just right, the 'impenetrable' lock opens, after which he can do whatever he wants with the car.
/moment/ you discover a new vunerability, scream your head off about it, and try to protect the soft spot until you can get a fix.
Does the car industry bewail him finding that problem with the car? Well.. Correction.. Do the bewail him
Now.. Let's take that one step further.. An
Does the automotive industry scream? Yes, for a little bit.. But they issue a retrofit pretty damn quick. Would they scream if he hadn't told everyone about it? Would they hurry with the refit? Would people trust them, in the future, by default?
In the I/T world, the best approach, with so many faulty packages, is a belt-and-suspenders approach. Layer several 'impenetrable' and 'infallible' packages in such a way that possible weaknesses should be isolated and shielded, then apply careful monitoring. And the
For all these companies, complaining about how a grey hat's article on such-and-such bug ruins the safety of their entire site, I have ZERO pity, because they have obviously made the mistake of placing all their eggs in one basket.
I disagree. The source of the proposition is integral to the amount of trust I am willing to invest in the research, effort and integrity of that proposition, in an environment where I may not have access to all the data and rules applicable.
In other words.. Get a face, get a name, don't hide behind AC's skirts.
*lol* Well.. At least Duchovny was known to smile every once in a while, and managed generally not to get that constipated look that bad actors believe denotes a serious character.
The only way you could have found a more wooden actor, is if they had used a cigar store indian. I've seen this guy in several second string roles, and he never really gets being a vacant-eyed emotionless lump of flesh on the screen.
I guess it's time to start looking for something /else/ to do on Sunday night.
Actually, I'm a developer for one of the 'big boys'. I left my previous employer, also one of your big boys, because they deliberately ignored a major security hole in the name of marketing deadlines.
Eh.. I was just giving you a bit of a hard time. Don't take it personal.
Slashdot Frequently Asked Questions
See also Comments and Moderation.
And "FM-1101: Stupid Newbies who Refuse to Read Documentation." available at.. Well.. Hell, you ain't going to read it anyway.
Let's take a look at the title of the position: 'Public Relations Representative'. It is the duty of PR geeks to act as an interface with the public. It is not to lie, to slander, to throw mud, bluff, brag or intimidate. It is to get the information about your company, and what it has to offer, into the space of the consumer, and rest on the merits of your product.
And occasionally, to write a catchy jingle.Time and time again, you will see an individual in court, for various crimes of one form or another. Auschwitz. Iran-Contra. Corporate espionage cases. In every instance, the individual will often use the excuse of 'I was only following orders.' Essentially, they are claiming the controlling organization for their actions, because of the influence they exert, directly or indirectly.
If a member of a corporation, acting on behalf of the corporation, acts in an unethical manner, as these PR reps have, it is the responsibility of the corporation to quickly get them under control. It is their duty to do this, not when they get caught by the press, but when they, themselves discover this. And if they can't get control of that employee, it is their duty to shake their hands, hand them their benefits, and have security escort them out the front door.
It may appear to be good business practice to be aggressive. To spread fear, and doubt, in the businessplace. But in actuality, it's like dropping a hand grenade in your market space. Sure, you're likely to hurt the other guy, but it's just as likely to bounce back in your face.
As consumers, it is our duty to do whatever we can to ensure that grenade /does/ bounce. Refuse to purchase the products of companies that strongarm. Send flames and derogatory emails to companies that refuse to publish specifications. Scream, kick, fuss and rant, so Joe Consumer knows something is wrong. So Jim Investor decides to put his money elsewhere. Don't put up with this nonsense.
In case you haven't noticed, I'm getting a little sick of these deceptions.