Slashdot Mirror


User: twitter

twitter's activity in the archive.

Stories
0
Comments
7,913
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,913

  1. blah, blah, blah, where's the news? on Windows 2000 Gets Common Criteria Certification · · Score: 2
    I looked at that silly M$ page and came up with a big zero. Having worked at a company that implemented this steaming pile of horse shit I can laugh at the "organizational security policies":

    • The users of the system shall be held accountable for their actions within the system.
    • Only those users who have been authorized access to information within the system may access the system.
    • NEED_TO_KNOW The system must limit the access to, modification of, and destruction of the information in protected resources to those authorized users which have a "need to know" for that information.
    • AUTHORIZATION The system must have the ability to limit the extent of each user's authorizations.
    • P-ADD-IPSEC The system must have the ability to protect system data in transmission between distributed parts of the protected system
    • WARN The system must have the ability to warn users regarding the unauthorized use of the system.

    All that boils down to the usual "blame the user". At my company we were forced to sign an "agreement" that said employees were accontable for all things done with our login. I objected as it would make me responsible for the actions of others, viruses and any real breach which, of course, I had no ability to avoid. I was told there was no option, sign or be denied computer usage, and not to worry, I'd be treated fairly. The implementing officer told me that they could in no way garuntee that any of the bad things I was able to think of would not happen, but that they had no choice but to do as my company wished. Yes, the implementing officer worked for SAIC which told my company what to do then told me they had to do what they were told.

    Any OS with real users can follow those requirements, duh, M$ discovers the multiuser environment. It's too bad M$ has yet to implement real user accounts and other standard good practices and instead beats around with elaborate work arounds. Any reasonable company would know better than to blame the user when their software vendor fails them.

  2. Re:What the CC means on Windows 2000 Gets Common Criteria Certification · · Score: 2
    in the 'so what' category ... these certs are of no use except to PR flaks. And trolls.

    Oh, I suppose that the article was posted by SAIC as "news" because they found the results of their test dubious? Right, the article is just what they need to sell more of their services to a broken OS built on a long discredited development model and designed by the marketing flaks you dismiss. Excuse me while I continue to expect more exploits and losses for corporations and individuals who continue to waste their money trusting Micro$oft.

  3. proof that labs don't work on Windows 2000 Gets Common Criteria Certification · · Score: 2
    Labratory tests often fail to mimic real world conditions. I offer these breathtaking quotes from the M$ article:

    The common criteria evaluation methodologies we used were applied to Windows 2000 without using evidence from any previous evaluations.

    Yes, it's obvious that they did not actually look at the systems performance.

    "We have embraced the Common Criteria evaluation process from its inception..." said Bill Veghte, corporate vice president, Windows Server Group, Microsoft Corp.

    We all know what happens to things M$ embraces, wink.

    I would not use Win2k to run a dog house and SP3 on win2k is no better than anything they've ever made. Woo-hoo, forced screen savers and other cosmetics on top of system that still has no real users and is more and more owned directly by M$. Why should anyone believe SP3 is any better than any other closed binary junk M$ has been putting out?

    What is SAIC's deal? SAIC has a huge infrastructure of hard working and competent techs. Well, as competent as they can be running aroung the worthless web of product famililiarization M$ weaves. Why their management is willing to prostitute them all for M$ is beyond explaination.

    Trusted Path, what's that? Give me a break.

  4. Support is a bad word to use. on Online Banking And Browser Support · · Score: 2
    I'm tired of hearing that term, "support" and it phrases the problem incorrectly. I don't need anyone to support my OS, my browser or any other software I use. My OS and software are made and maintained by Debian. Sites I visit should comply with published standards. Only browsers that are not standards complient need support and mine does not. You are at a disadvantage when you ask your bank to go out of it's way to deal with your browser's quirks or to make special content available for your browser's particualar set of here today gone tomorrow extentions. You are within your rights to demand that your bank do things right to start with.

    It seems that banks are getting the message that 10% or so of their clients are inconvinenced by IE only software. My bank now bosts a big long compatibiltiy table on their website. They might be tired of the constant rework required to make the average IE only site stay working. No one here would think that an IE 4.x only site would really work today do they?

    Be nice and drop your bank a little letter when you run into this kind of thing. Let them know that you don't own M$ software and can't use their online banking feature. It's much like M$ Word forms, it's going to bother you just once but 10% or more of their potential online customers walking through their front door are going to bother them all day long. The whole point of putting these things up is to prevent that walkin and printed forms.

  5. I care. on Online Banking And Browser Support · · Score: 2
    How many banks really *block* a given browser? And if they do, how many really wouldn't work if you masqueraded your user agent?

    It only takes one to make most people care, their own bank. Other people just don't like to see banks get taken advantage of by software vendors.

    ...you know that there is just so many combinations of things your QA department can test, and a good company will only say they support those

    Yes I do know that. That's why there are published standards. If you can say that your site meets standards then all standards meeting browsers are supported. It's just that simple, and QA can sign off. Good companies work that way, officially. It's companies that don't work that way that will lose your money for you.

  6. poppy-cock on Advocacy Prompts Reconsideration of Anti-GPL Letter · · Score: 2
    The Yorktown's propulsion system software would only be released to those who had Yorktown class ships. Inspection of said software could aid people in sabotage of Yorktown class ships or might contain operational details that would be of benefit to someone engaging a Yorktown class ship in battle.

    It's easy to argue that millitary software should be free. If you compare the quality of free software to that of comercial software in actual performance, you have to conclude that free software is superior. See here for a dramatic example of high profile, high visiblity, and high risk software. Would you send people into battle with second rate goods? Not me. If you took the time to follow that Yorktown link you will find a ship that had to be towed back to port because it's NT system failed when a sailor input a 0, which the program devided by and then took down the local OS which disabled the entire propusion system of the ship. Contrary to your belief, software for a Yorktown class ship can be used for any ship. Well designed software is modular and takes parameters to make it fit specific systems. That is why the BSD and linux have been ported to so many different types of computers, from embeded systems to Los Alamos supercomputer. Externaly, the systems are completely different, but closer inspection reveals common features. A turbine is a turbine and the software to control it should be able to work with any turbine with a few paramiter changes.

    The sabotage threat is silly. First, free software is more resiliant to such things. Second, if your enemy has gotten that far you have much greater problems than securing your computers.

  7. Re:Oh come on on Big Brother Lifetime Award Goes To Microsoft · · Score: 3, Interesting
    Yeah, we would not want to look as dumb as some senators passing around letters about how bad the GPL is, or software vendors who say things like the free software model will never produce anything more than toys, or that now those toys have exceeded the quality of their own software spout bullshit about how free software can't produce user friendly software. No we would not, we have been telling the truth and the above are lies.

    It's hard to constructivly criticise closed source software from a company like Microsoft. To do so you must first waste your time figuring out what the junk does. This is not a trival task but many people do it. Then, what those people find is not so easy to constructivly citicise. What constructive thing is there to say for an operating system that reports all user installed programs, songs and movies played, and now whatever M$ desires? It's kind of like trying to be constructive with a child molester, the leagal system needs to deal with it. The most constructive criticism available is to teach the user why free software is better than what they now own and how to use it. I think these folks do both.

  8. nope, it's just more people seeing the same. on Big Brother Lifetime Award Goes To Microsoft · · Score: 3, Insightful
    If MS windows were not a desirable product why would so many people use it?

    For the same reason so many people in India drink arsenic tainted wellwater, they feel they have no easy alternative. Public education is the answer here and there. First people need to be made aware of the what they are doing to themselves. Second they need to know alternate sources are available and how to get them. The worse the consequenses the greater the effort should be. For software the alternatives are easy to come by.

    Big Brother is just another voice that has recognized how bad M$'s software and licensing has become.

    It is apparent that individuals and companies that use M$ trash will suffer. You might enjoy your mail being under the control of others, not being able to listen to anything but RIAA music, spam, continual format purge, and all the other joys of M$ software. Good for you. Others might not.

  9. a serious question deserves an answer. on Studios, RIAA Warn CEOs On File Trading · · Score: 2
    Why should people be fiddling around on the corporate network passing around music when there's work they could be doing?

    People are not robots, they enjoy music and so should the company. If you try to treat your people like robots they will be miserable, get less done, make mistakes, and rue the day they joined your company. Music is something that can be enjoyed while increasing productivity. A sla^H^H^H employee with a set of earphones is less easily distracted from the task at hand and is less likely to get bored. Employees who can take care of bithday gifts and other stuff like that from their desk is less likely to realize how much of their personal life their job costs them.

    Music swapping programs that operate on the coporate intranet should be encouraged. They create a sense of participation, belonging and comradship. The music posted there is generally worlds better than the barren static the RIAA fills the sky with and so, your employees will come to think of their place of work as special and enjoyable. Copyrighted works can be removed when found so the RIAA won't be able to steal your pension fund, but corporate america really should make a stand for music sharing. It's in their best interests and the RIAA would bo broke fast if everyone in the world told them to shove it.

  10. Now realize what this means for them and you. on Studios, RIAA Warn CEOs On File Trading · · Score: 3, Interesting
    CD (only local artists now)

    If you work at some big dumb company, your CEO will now keep you from sharing those songs, regardless of the artist's intent. Duh, Big Dumb CEO is going to be convinced that music is not something for the coporate intranet if he is not already. The policy will be made and the violators shit canned. Thank the RIAA both for threatening lawsuits and raising FUD over bandwith.

    In the end, you will be lucky to have music at all in that kind of company. Just a little more FUD about company IP walking off in iPods and USB keyfobs, evil backdoored music software that's not MS Media Player and real info on the Media Player's licensing that makes it a backdoor and poof, you are without music.

    There are two things to remember as you are expected to put in more of your personal time for work and are alowed to do less of what you need to get done there. First, enjoying your job is like stealing from the company. Second, get back to work, you are not being paid for the power of your dreams.

  11. Define "very little", OK, that's easy. on Advocacy Prompts Reconsideration of Anti-GPL Letter · · Score: 3, Interesting
    You have pointed to some fine software that was published GPL. We all know and love our network card drivers from NASA's effort (what's that guy's name Donald Beowolf Beckner?). Other GPL'd federal software is equally famous and bug free, because the GPL works.

    Now consider how tiny the NSF and NASA are in the grand scheme of things. Consider all the software written for a much larger agency like the US Navy. Think you will ever see any chunk of the Yorktown's propulsion system software? Not m a chance, but think of how huge a project that was. Now consider all the Navy's work from design to implementiation. Now consider that the Navy is just one branch of the enormous US Military, which literally supports whole cities of people on land and at sea. Then consider that the US Military only accounts for one fourth of the US Federal Budget and realize how much software goes to the federal government each year that you will never see, but will pay for again and again.

    Very little can be thought of as vast but visible next to the incomprehsibly large.

    Darn those academicians who seek to educate and otherwise benifit the public by frank and honest publications! Public libraries, hurt publishers. Free software hurts software vendors who would sell us the same crap forever. Yep, they love the GPL. So should the rest of us.

  12. wow on Cable Industry Taking Control of the Net · · Score: 1, Flamebait
    you are an ass licker are'nt you?
  13. Re:Tiered Pricing on Cable Industry Taking Control of the Net · · Score: 2
    I think you meant to say, "it's the only way to be sure that we're paying for what we get." Which makes a hell of a lot of sense to me.

    I think what you meant to say was, "It's the only way to be sure that we're paying for what we own again and again."

    I paid an inflated rate for my cable when it was rolled out as an exclusive franchise. The same can be said for the telephone network. Both services use the public right of way and own the public a service.

    Companies operating on a publicly owned resource, the right of way, live and die by public approval of that use. They can't just up and charge whatever they please. That's what public service commisions are for. We all pay for that right of way, and we all deserve to benifit from that cost of co-operation. The article was fundamentally correct it claimed the cable companies were disingenious about "bandwith hogs" and then quoted cable represtentivies who said that their bandwith was effectively unlimited to prove it. The whole thing reeks worse than the five feet of my property that's occupied by that right of way that I may not build uppon nor lessen access to. Demand what you are owed and quit begging to pay out the nose without providing sound cost data.

    Fools will lose in the end. Cable operators, telcos, Micrsoft and publishers would just love to crush the internet and create some stupid thing where you could pick and choose one or two highly inflated services. If my governement lets me down like that, I'll just have to move into 802.11a meshing directly and let the local cable and telco go bankrupt. It's hard to make money when you're obsolete, baby, yeah! Just ask the RIAA, your local dead tree newspaper, your favorite glossy magazine, even your local broadcast TV station. Push media sucks, no one is going back, and people are going to demand the right to publish on public networks as a fundamental free speach and press right.

    goodnight all your trolls, asslickers and greedy bastards.

  14. fine, unless the company is a monopoly. on Cable Industry Taking Control of the Net · · Score: 2
    I have no problem with a company deciding to cap connections in one way or another, but at least be honest in your advertising and mention that you are capped.

    That's all fine and good if you have a choice of companies. The fact of the mater is that the cable companies were granted exclusive franchises in most areas that they have never relinquished. Many have been bought be the same giant telcoms that opposed the internet to begin with. Tada - your choice in most places, if you are so lucky to have a choice is telcom or telcom. You know, the same folks that fought tooth and nail to keep people from hooking up 300 baud modems to their phone networks that we paid for as an exclusive franchise and really own. Would you complain if that were your only option? 300 baud modem at $5.00/min or 300 baud device that works on a different principle at $5.00 a minute, or just plain voice service with rotary dial? How about the honest nursing home that mentions that they kill their patients?

    Just remember that companies that use public rights of way, which ARE scare resources, owe the public a service. The public, such as myself, don't tollerate those rights of way on their property out of the goodness of our heart or to make big_fat_telco's lots of money. We co-operate in this way to realize a group benifit. Demand your rights to your property! They are uspposed to serve you not skin you.

  15. Re:Very good on Water Computing · · Score: 2
    good indeed. Sounds like basic hydraulic control circuits, easily implemented with hydraulic moving cylinder switches or AOV like diaphrams. Diapharm takes signal from flow to acuate further flow.

    First drill a small hole through your bar stock for flow. This is a restriction of flow so that your controler can work. Now drill a larger hole through the length of your bar stock that intersects and devides the smaller hole and hone it well. Now shove a machined cylinder with a hole into the larger hole. When you move the cylinder with the hole in it to line up with your flow path, you have an open switch. When the flow path is obstructed with the larger cylinder, you have a closed switch. The degree of obstruction determines the amount that flows. You, of course, will have to use O-rings on the cylinder and weep holes in the barstock the feed to a return to make this switch pratical. A spring is used to keep our cyliner in place and two diaphams or small hydraulic rams can be set up on either side to make an exclusive nor gate. A not gate would have only a spring and one diaphram. As you say, you can build any gate like this.

  16. about twenty years too late, but that's OK on First Worm with a EULA? · · Score: 2
    To get really tricky, you could create a Web site that allows users to upload the text of each EULA, and a distilled summary.

    Or you could set up a website where people could just get a EULA free Operating System and all the trimmings.

    Not that brave? Then you can help the Free Software Foundation to Maintain this site, which deals with the specifics of software licenses. I know, EULAs are typically used to extend copyright deprivation by contract agreement, but it all starts with the license, and most are contain unacceptable clauses like unilateral termination. That's right M$ and Apple can litterally take their software away for any reason they please.

    If all of that's not really interesting, just use Slashdot's great search of it's reporting to chronicle your favorite non-free software's audacity and abuse. It's all fun and games till the BSA has the FBI bust down your door and throw you in jail. Don't touch that dial and don't remove that worm!

  17. One OS to bind them in the dark. on First Worm with a EULA? · · Score: 1, Troll
    The tie goes to the machine's owner, M$, silly.

    My computer is EULA free, yours can be too.

  18. Good on First Worm with a EULA? · · Score: 2
    You could have asked the same question without being abusive. Remove the fuck next time and treat your peers with respect. Everyone makes mistakes from time to time, and we all have to pay for them. Upper management gave you Outlook, right? They will now fire employees for using it. There is no need to make them feel bad on the way out. You should make them feel like a failure, not a victim.

    By the way, we have too many techs. I'm expecting significant improvement from you if you wish to keep your job. You won't make those improvements by posting embarsing stories about the company on Slashdot. Now get busy fixing the server, you stupid fuck.

    Love,

    Your Supervisor's Manager's Boss's Boss.

  19. Is it wrong? on First Worm with a EULA? · · Score: 2
    People like that don't believe that they're doing anything wrong.

    If M$ licensing is doing nothing wrong, neither are these folks. The only difference is the means of delivery. Microsoft gets it's rights denying software to you by bullying vendors and have you agree to it by opening the shrink wrap or turning it on. These folks get this to you by you graning it permision to do the same thing to others that was done to you.

    My company got a similar worm to this two weeks ago. It was an email from a friend that came brightly colored with a button at the bottom that you could press to "upgrade" outlook. When you upgraded it uploaded God knows what and put a button on all of your outbound email, even after you removed it.

    Of course it's wrong. It's deceptive and slimey to had someone a 15 page long unilaterally changeable EULA in the first place. All M$ and other comercial software has had this potential for abuse and many applications have taken advantage of it. The corporate world is going to be decimated by leaks of confidential information so long as they continue to use software that's designed from a marketing perspective to push shit onto the user and deny the owner control of their machine.

    The free software model, which seeks to give the owner complete configuration management and control, is obviously superior for moral and practical reasons. This silly worm and others like it are going to clog mailservers everywhere. M$ IIS will simply die. They won't be able to filter out the hundres of varients that are sure to come. Nor will they be able to train their people to tell the difference between legitimate buttons that come from the company and bogus ones like this that come from peers, but can be made to look official. Rebuilding infected machines is going to cost all sorts of time and money, and that is intentional. The risks are much lower with free software, which is designed correctly in the first place, and the recovery is trivial when the attack is triggered from the kind of non privalidged account that should be used when browsing or emailing.

  20. better use free software on Financial Institutions Balk at MS Licensing · · Score: 2
    These things are obviously going to be Specific to the facility and/or company, and are impossible to replace with "free" software that is readily available.

    What nonsense! The building blocks for making any free program are available, but that's beside the point when the company already has the program made and could free it. Well designed software, free or comercial, can be tailored to any facility. The time spent fitting a generic piece of comercial software is wasted when you already have your own inhouse program or a piece of free software you know you can always get back. Industry people trust industry people before they trust some silly software comapny that lacks a working clue. The benifits to opening that code far outweigh the costs.

  21. I have not figured that one out yet on Blogger Hacked · · Score: 3, Interesting
    if you can find your own web hosting

    I'm waiting for the day I can host my own web again. Why should anyone have to go any further than their own 486 to put up a website? The quality of free software available and ease of set up is astounding. There are a dozen or so web servers in Debian, and many fine automation programs for putting content onto those sites. It's as easy as:

    1. type deselect

    2. press spacebar

    3. type /apache

    4. press +

    5. repeat steps 3 and 4 for igal and other programs you want.

    6. press enter a few times.

    7. pull up a browser, a command line and an editor and enjoy building your site.

    I'm not sure why everyone interested has not done this. OK, ipchains takes a little more work, but it can be done in a few days with knowlegable help, so you can look at the rest of the web with the rest of your computers. The problem has something to do with the last mile, greedy and stupid publishers and fools that listen to them.

    My cable company has made all but ftp impossible and ftp is painful to most of the people I'd like to reach. Outbound port 80, and 25 are blocked. Most cable companies don't block port 21 because that would kill AOL's instant messenger. Still, the upload rate is crimped worse and worse, and html files don't work well over the system. The overall performance is poor, but I'd rather send my mom there to look at baby pictures than send her to some advert filled crap I don't have any control over now or ever. Eventually they will block port 21.

    It's stupid. My cable company could make more charging $20 a month to three people than $45 to one. I'd recomend people move to cable if cable were really worth anything to me, but it isn't so I don't.

    blogging services are nice, but only needed because the net is not free.

  22. A bad reputation will put you out of business. on Microsoft Vandalizes NYC · · Score: 2
    "It's Miller Time, let's go get a Bud." is what millions of beer drinkers did with a Miller ad campain. Miller, now SABMiller, was not very happy.

    Kind of like this current flap. Those that know will tell you they are both pisswater anyway, but it's much easier to switch your pisswater than it is to change your email address. That and your beer won't try to take over your fridge, your mail, your air conditioner and so on ad nauseum.

    Bad publicity will kill your business. A good reputation takes years to build. A bad reputation can be made in a day, it only takes one lie. Micrsoft has a really really bad reputation and it's well deserved. This well deserved lack of trust will kill them as others are more trusted and have better reputations.

  23. practice makes perfect! on The Most Dangerous Server Rooms · · Score: 3, Funny

    Halon Escape looks like fun.

  24. OK, thanks. on The Most Dangerous Server Rooms · · Score: 2
    According to this site, halon exposure is not harmful, unless...
    • Concentraions greater than 4% (17 lb/ 1000 ft^3 of air) are breathed for more than a few minutes. This causes dissiness, impaired coordination and cardiac effects.
    • It is exposed to flames above 1000 F because it will then produce hydrogen fouride and hydrogen bromide.

    As your site says 8% is required to fight a fire, we can assume the average deployment you might not be able to run out if you hang around. Also, you might expect an electrical fire to produce the required temperatures to let those baddies out.

    So yes, do leave the room. As others have pointed out, smoke inhalation will get you before any of the above does. So, screw the data, screw your stuff, screw everything and leave. When a fire alarm goes off, calmly exit the building and let trained responers do their job.

  25. Inside the lego shrine ... on The Most Dangerous Server Rooms · · Score: 1, Redundant
    Inside the lego shrine is a naked barbie doll.

    Twitter dons helmet over bra cups to shield against the obvious beating to follow post.