Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Re:We will audit it for you on How Do You Deal With Pirated Programs At Work? · · Score: 5, Funny

    This reminds me of an occurance on a mailing list. Someone asked if they should report their employer for pirating a certain fairly expensive program, posting from their work E-mail.

    Reply from someone who worked at the company, "You just did."

  2. Re:Let's flip the question.... on No Business Case For IPv6, Survey Finds · · Score: 1

    I've not messed with IOS in ages, but didn't Cisco have a router to do just exactly this? hand the router one IP, and it would happily round-robin any traffic handed to it to DMZ servers. foo.com on port 80 would go to a different machine than blarf.com, and foo.com port 443 could be configured to go to another machine as well. Even better, if one of the hosts in the round robin was unreachable, the router would automatically take that host out of the table until it was back operational.

  3. Re:Apple's line up sucks on Ballmer Scorns Apple As a $500 Logo · · Score: 1

    I think its because of marketing which Apple is the top of its game at. Apple knows that people want a "Mac Pro Mini". And they will not make it. Mainly because it will mean that few people will buy the Mac Pro, even with the price difference. The time they had the Mac 2x and the Mac 2cx showed this -- lots of people went with the 2cx and few bought the bigger cousin.

  4. Re:meh on Ballmer Scorns Apple As a $500 Logo · · Score: 1

    This is my biggest complaint with Windows, product activation. I understand if apps need a license key to run, but why the OS? Meh. I also hate the fact that a large company has to have a special KMS infrastructure in place to keep Vista and Windows Server 2008 machines activated (unless they want to activate all their machines one by one off of MS's servers, and do that again when a box needs reimaged.)

    Businesses are the area where MS needs to worry the least about product activation. All it takes is one disgruntled employee to sic the BSA on a business's head, and they either prove they have the licenses (the BSA wants invoices, not license keys), or a deal is made the business can't refuse to ensure they will have the licenses.

    So, with activation not needed in businesses because of the heavy civil enforcement, the only real thing product activation does is just cause more work and hassle in large business IT departments. Yes, people will find a VLK copy and use that like what is done with XP, but pirates will bypass activation somehow.

    Microsoft needs to just pitch activation out wholesale in Windows 7.

  5. Re:Simple solution on Windows Home Directory Encryption? · · Score: 4, Informative

    Vista and Windows Server 2008 prompt you to back up your encryption key. Then, if you do need to reinstall, you import that key into your key store, and you can decrypt the files.

    With XP, you have to manually make a data recovery agent key by using cipher /r, then import the created certificate as a data recovery policy.

  6. Re:Maybe there could be gov. regulation of ATM des on Card-Sniffing Malware On Diebold ATMs · · Score: 2, Informative

    Ages ago in the past, OS/2 was the ATM platform of choice. Now, its either Windows 2000 Pro, or XP Embedded.

    As for Windows 98, I can see that being used, but the ATM would require a watchdog card. This is a special hardware card that automatically resets the machine should the watchdog driver not send pulses after a certain period of time, or if a certain application is not present and running. This case, Windows 98 can be used, because if the ATM's app crashes, the card will reset the machine to a hopefully known good state.

  7. Re:Well, on iPhone App Causes Google To Shut Down SMS Service · · Score: 4, Insightful

    Not just people, criminal organizations. SMS spam is already a problem, and if the same people sending the same unwanted junk mail manage to get ahold of a free SMS service, then they have the ability to not just hit millions of phones, but attack people they don't like with big phone bills. For example (obligatory car mention), sending someone 30,000 text messages likely will make most people's monthly phone bills cost more than the MSRP of a decent vehicle.

    In some ways, SMS spam is worse than E-mail spam. Unless the recipiant has unlimited text messaging, they pay up to a buck just to read about someone's new pharmacy.

  8. Re:Shiny and tiny! on iPod Shuffle Finds Its Voice · · Score: 1

    I remember that tape drive, which tried to emulate a disk device.

    I also remember someone trying to defragment the emulated filesystem, and left it shoe-shining for a week.

  9. Re:Headphones on iPod Shuffle Finds Its Voice · · Score: 5, Insightful

    I'm not sure who Apple is catering to by forcing people to either wait for third parties to license the earbud chip, or use the "one size fits some" earbuds that are included.

    Children who are given this as their first MP3 player might not be able to use the earbuds.

    People who want an inexpensive iPod for jogging or campus won't be able to use these earbuds, because earbuds tend to fall out.

    Which leaves people who are just buying a really low end iPod for financial reasons. If someone wants a generic MP3 player, choices abound in this market segment. Apple has competition here, as opposed to the other models which the choices thin out dramatically, especially the high capacity iPod Classic.

    This is a head scratcher, because Apple tends to know better than this. Maybe they will make an adapter with the volume controls and button for $29 or so, so people can use their own cans.

    UI-wise, features seem to have been lost. Say I have a long DJ mix with no breaks in it. From what I've seen, I can't fast forward or rewind in a song, its either go to the beginning or skip, with no in between.

    All and all, I am disappointed. Yes, this is their low-end product, but there are some definite features that some people use everyday that are missing. At least the 2G Shuffle is still for sale. If I had to buy a Shuffle, I'd buy the 2G which has half the capacity, but allows me to do basic music navigation actions with a single button press as opposed to multiple triple-clicks.

  10. Re:Your experience on What Does a $16,000+ PC Look Like, Anyway? · · Score: 1

    That is true. If this were a production server that was being used for more than old files, I would have bought a decent hardware RAID card and used that. However, for a box that sits idle 90% of its life, software RAID is good enough.

    I do wish hardware RAID vendors could make a standard for RAID metadata stored on drives, so if a controller fails on one array, I don't have to worry about the brand or type of card when replacing it. I could just drop in a better card, go into the BIOS and make sure it sees the volume, then boot the OS and import/mount the volume.

  11. Re:Where have I seen this before? on What Does a $16,000+ PC Look Like, Anyway? · · Score: 2, Informative

    There is also one other advantage of Windows Server 2008: Software RAID. I can have the OS mirror onto two drives without any dedicated RAID controllers, and can have a RAID array. Of course, there are plenty of inexpensive hardware RAID controllers out there, but when I had a controller glitch on me and fail the entire contents of a multi-terabyte RAID 5 array, I went to software RAID, and other than using a bit of CPU on a core for disk I/O (calculating parity and encrypting/decrypting through BitLocker), it has been working quite well for a year now. Another advantage of software RAID is that one can move the disks to another machine and not have to be concerned if the controller on the new machine can understand the config on the old setup.

  12. Re:Energy Independence on National Ignition Facility Fires 192-Beam Pulse · · Score: 1

    Again, like I stated, "advanced mode" has moved research forward, similar with using different types of containers (inertial for example), but we are still as far off from something that powers a city as we were 20 years ago. Tokamaks are great research tools, but the key will be getting a reaction to sustain and give usable energy for more than an instant or a few milliseconds. A reactor needs to have a continuous burn, and this technology is far off.

    Fusion doesn't just need a reaction that can make more energy than one puts in, but make harnessable energy (as in electricity). This needs to take place for not just milliseconds or even seconds, but constantly. Fusion needs to be able to be able to put on the grid and work 24/7 just like coal, oil, and nuclear reactors.

    This is not to say I'm opposing funding for fusion. We NEED fusion, and there really needed to be a well funded international effort to provide the cash to have research bear fruit. I'd like to see fusion get its needed cash, just because the payoff would be so big. Getting sustainable fusion would completely change the world's landscape. We would have more tools to fight global warming, and we would be able to do large projects to make more arable land. For example, a large scale desalination plant coupled with a massive water pipeline could make large parts of the western US, Africa, the Middle East, and Asia self sustaining when it comes to food growing. Plastics that make up a huge floating trash can in the pacific can be recovered and depolymerized into short chain hydrocarbons which can be used for more polymer synthesis, or used as a replacement for crude oil.

    It wouldn't bring world peace, because the world pissing contests would change from trying to grab oil in the Middle East to grabbing raw materials (nickel, gold, silver). However this is something that can be mitigated with recycling, and be nowhere near as an international hot button issue as oil is right now.

  13. Re:Energy Independence on National Ignition Facility Fires 192-Beam Pulse · · Score: 1

    Devils advocate/party pooper here:

    I hate to bust bubbles, but I have seen pretty much zero advances in being able to use fusion as an energy source in the past 20 years. We might get slightly improved containment system here, a more powerful laser there, but fundamentally, we are as far away from having a commercially sustainable reactor (as something that can produce in the megawatt to gigawatt basis 24/7) as we were in the 1960s.

    I'd love to be proven wrong on this, but we are as far from sustainable nuclear fusion as someone lighting bottle rockets is from making a sucessful manned trip to Mars and back.

    Call me a pessimist, but I don't see much in the way of anything new other than solar advances. Solar will help the grid as more places are able to turn sunlight into electricity. However, unless something majorly changes, it will still be coal and oil for the indefinite future. Nuclear is good, but the anti-nuclear lobby is so strong, it is impossible to get a new reactor for production power built in the US.

  14. Re:And You Wonder Why Amazon MP3 Only Works in the on iTunes Gift Card Key System Cracked, Exploited · · Score: 1

    What Apple should have done was create a large database with random numbers, and each random number is cross references to a currency value such as USD 10, 5 Euro, etc. This database is used to print numbers and kept offline. Each number is then hashed with a SHA-512 hash, and that hash is stored on the validation server.

    Of course, a cryptographically secure random number generator is used to generate the numbers so one can't obtain one number by knowing the value of its predecessor and sucessor.

    This would allow iTunes to validate numbers, but prevent people from generating new numbers other than actively hacking the backend database and adding new numbers. Nobody who has no access to the database would be able to generate bogus numbers.

    Of course, perhaps add a check digit or checksum to stop typos.

    Failing to do a system like this and relying on an algorithm system will end up just having it cracked and a keygen available.

  15. Re:ebay maybe? on What To Do With Old USB Keys, Low-Capacity Hard Drives? · · Score: 1

    The problem is getting access to that functionality to be able to tell a drive to lock then erase itself. HDDErase is a utility that can get some machines to erase themselves via the IDE/ATS secure erase mechanism, but on a lot of computers, it won't run or be able to access the low level commands (usually the BIOS blocks access).

    I have used this utility in my last job (combined with a pass of zeroing using DBAN for good measure) to ensure that repurposed computers are completely blank before leaving a secure premises.

  16. Re:This seems strangely familiar on Microsoft Shoots Own Foot In Iceland · · Score: 1

    Devils advocate here:

    Microsoft might have its own hand forced to extract revenue from their resellers. If MS said the debt was null and void, their shareholders could have a cause for a lawsuit because MS isn't collecting on revenue that is technically (under the eyes of the law) theirs, causing loss of income (and stock value.)

    Companies are often forced through a narrow legal strait between the Scylla of shareholders suing at a drop of a hat for not maximizing revenue, and the Charybdis of bad PR if they do something noxious.

  17. Re:More information on what you want to lock down? on Locking Down Linux Desktops In an Enterprise? · · Score: 1

    Group policy serves a second tool. It enforces corporate policy in a manner that one could use the phrases "due diligence" and "good faith" when it comes to regulatory enforcement, and contract obligations.

    It is not perfect, but having the ability to have the ability to lock down something on desktops with a gpedit, and a gupdate /force to push out the revised GPO is one of the key things of why Windows is king in the enterprise. Say something occurs with USB flash drives, and top brass have to make assurances to customers, shareholders, or clients that they are disallowed in the finance department. The Windows admins can push out a policy disallowing use of them in that OU in very short order, allowing the company to put out a PR notice saying the problem was taken care of with mechanisms in place.

    Big business lives and dies on assurances and PR, and the licensing fees that Windows costs are more than made up in the assurances of online enforcement of whatever the top brass wants to do, be it turning on auditing on certain directories on all servers, disallowing all USB flash drives, or forcing every user to have the corporate logo as the official screensaver. No, these decisions are not great, but this is what the deep pockets pay for.

  18. Re:Trusted Computing Group reputation? on Self-Encrypting Hard Drives and the New Security · · Score: 1

    This is IMHO, but that functionality you offered to write would help ease Linux into a number of installations. I personally can see some useful areas for this, such as servers that are at remote branch locations where there isn't anyone with administrative authority, or there is a risk of theft of a server.

    Right now, if I want this functionality, my only choice is to use Windows Server 2008 and BitLocker (using Hyper-V for Linux VMs), or find some way of getting a console that plugs in over Ethernet (which can be a security risk, as I'm trusting an unknown third party adapter). Linux having BitLocker like functionality would allow for a lot more flexibility, especially in locations that are not manned and where equipment is vulnerable to theft.

  19. Re:Trusted Computing Group reputation? on Self-Encrypting Hard Drives and the New Security · · Score: 1

    tboot comes to mind for Linux. Also, IBM has documentation and source code about use of the TPM as an onboard smart card.

    I agree with you about TPM chips being useful. When building systems, its difficult to find TPM enabled motherboards, other than server class ones. They are out there, but finding them is a pain because TPM 1.2 capability isn't usually a spec listed, and one has to cross-check the mobo with the maker's site.

    I wish other server operating systems had BitLocker like functionality where they would offer the option to store the encryption keys in the TPM to allow an OS to boot unattended. This would provide excellent security for remote servers where console access is hard or impossible to obtain. This also would provide security from people stealing drives out of servers (which does happen... especially the 2.5" ones that are pretty easy to stuff in a lunch bag.)

  20. Re:I want one with a removable key on Self-Encrypting Hard Drives and the New Security · · Score: 1

    Biometrics can replace the username, not the password. Using biometrics alone is foolish. Using biometrics along with a PIN, a smart card, or some type of key, can add substantial security.

    Usual three things with security: Something you own, something you know, something you are. Biometrics can't replace the other two, but they can augment.

  21. Re:If it's self encrypting and self decrypting on Self-Encrypting Hard Drives and the New Security · · Score: 1

    If it uses a TPM, disable the chip in BIOS, and see if you get a "Recovery passphrase please" dialog.

  22. Re:Propriety Encryption on Self-Encrypting Hard Drives and the New Security · · Score: 2, Interesting

    Even though the TPM is specced to not be armored against attack, it would take someone with access to a chip fab to try to get the key off the silicon itself.

    With a TPM and a hard disk that can use this the way BitLocker does (where it boots to the OS without needing any passwords, but attempts to boot to other media to access the drive require access to the volume's recovery key), this is good protection for a laptop, making the main attack front the username/password of users or administrators. One can also have the TPM require a PIN and enough wrong guesses the TPM either locks access or adds substantial increasing delays between password attempts.

    One note here:

    This functionality is more aimed at the enterprise than individual users. The enterprise needs to be able to have some way of regaining access to a laptop of an employee should they forget their password or leave the company. They also require access due to data retention laws.

    I'm almost certain that the drives will end up tested for FIPS compliance. If not, then they won't pass a lot of DAR (data at rest) encryption specs that the US government has put in place.

    As for comparing this with TrueCrypt, this and TC are apples and oranges, or more like a ball peen hammer versus a claw hammer. Both hammer nails, but one is suited to one type of job versus another. For home machines where there is only one person using them, I'd go with TrueCrypt (because TC doesn't require hardware support to provide top notch protection). For machines that have more than one user, or require access by another party due to various regulations, I'd go with TPM based functionality. Or do like I do and use both. BitLocker functionality for the boot volume, and TrueCrypt to automount external drives using a keyfile. This way, if I need to use the volumes on a machine that doesn't support BitLocker, I can just plug them in, read the keyfile off a smart card, and mount it without needing Windows Server 2008 or Vista Enterprise/Ultimate [1].

    [1] I really wish Microsoft would put BitLocker in Windows 7 Professional. It is hard to beat for "install and forget" protection of data.

  23. Re:I'm missing one step... on Apple Mac Mini 1TB Upgrade — Not Easy But Possible · · Score: 1

    If worse comes to worst, one can buy an external USB DVD drive and boot from that.

  24. Re:Uhm...? on Symantec Support Gone Rogue? · · Score: 1

    If one can, and its tough in this economy, try to buy the Pro version of Avast! This is to help them keep being able to do timely updates and keep one step ahead of the malware/worm/virus authors.

  25. Re:Most common use of virtualization on Microsoft Windows, On a Mainframe · · Score: 2, Insightful

    Exchange wins because of two other factors, and its not related to costs:

    The first is the fact that Exchange is the standard in the industry. It isn't perfect, but it is the lingua franca of its department.

    The second is regulation compliance. Sarbanes Oxley, HIPAA, and other laws require E-mail in various departments to be archived for seven years, 50 years if its aircraft related. It is easy to add archiving and retention capability to Exchange and have it pass audits, be it SEC audits, financial audits, ISO audits, or business specific audits. You can add third party extensions for more finer grade control. Managers can pay the steep ticket for entry and know that this base is covered.

    Of course, there are other solutions that do the same thing, but buying Exchange is mainly a CYA move. Something happens and mail gets lost, Microsoft can be blamed, as opposed to the company facing potential lawsuits by shareholders and company officers facing prison times for failing to do due diligence with a system that isn't proven or certified.