I read further. Ya, sniffing seems to be how they did it. But my point stands: the only way not to send passwords in the celar, besides TLS/SSL, is some kind of shared secret mechanisim. And that implies that the passwords will be stored on a server somewhere to be stolen.
The theory here is that it is very easy to sniff passwords, whereas servers should be "secure". "Sniffing" might not happen on the local LAN - it could be a corrupt ISP, for example. There are many points on the trip that could be hacked - either by outside forces, or corrupt admins - most, if not all, are not the responsibility of either the user or the respective server admins... And if the server holding the passwords is hacked, then all is lost anyway.
Where did you read "passwords being sent in the clear"? While sniffing may be how they got them, nothing says that. To have passowrds not sent cleartext, excluding TLS/SSL, then the server would need to know the passwords - that is, you could steal the unhashed/unencrypted passwords from the server side.
In the US you can open a bank with about $500 worth of paperwork. As a result there are about 2-3 banks per person. The banks dont talk to each other. They dont have a common banking network. They often go belly up taking all of their customers money with them.
I dont know if the interest rates are better or worse in Canada. I do know that if you are interested in interest rates (interest hehe) then a bank is not where you want to go. Moot point.
As we get a lot of US media, I am aware that VISA is pushing hard there "cheque card". In Canada you have been able to use your ATM card in retail outlets for a decade. This is as a direct result of having finite numbers of banks. People get there card more or less automaticly when they open a bank account. Retailers can rent the machine for about $25/mo, transaction fees are typically less then $0.10 per. So where as it is difficult for people, and retailers, to get a "cheque card" system setup, there is almost no barrier to do the same in Canada.
I suppose we are "close". But there is SFA between Moscow and the Berring Straight except frozen ground.
Your point about the Soviets (possibly) attacking NA is, well, pointless. There was no Russian leader bent on global domination... Virtually every retired Soviet officer who was around durring the Cold War will tell you that they were on the defensive. MAD is MAD, but the 'Merkins came far closer to attacking the Soviets then the reverse.
OpenExchange and GroupWise are colab servers. Sure they both have clients, but just about everyone agrees that the GW client sucks. Evolution is a client. Ev in CVS has support for talking to a GW server. A good cross platform GW client alone covers the purchase price of Ximian.
http://www.suse.com/us/business/products/openexcha nge/slox_future.html says that Novell/SuSE are themsleves thinking about combining OE and GW.
Id never previously heard of NetMail. It seems to me that while GW is desigined for internal/intranet use, NM is desigined as an Internet mail system. It looks like it was once a supplement to GW, rather then a replacement. It seems not to be as popular, so while it isnt specificly mentioned in that doc above, its likely on the drawing board as well.
NDS, by itself, is next to useless. Even as "just" an accounts database, it isnt much better then what we had before. What makes it cool (and usefull) is when you have a bunch of things that can input data into it (like Peoplesoft), and a bunch of things reading data from it. That is, its usefullness is directly related to how much you use it. ZenWorks is insanely usefull, and it heavily uses NDS. The same applies to most of Novells products. This is called "vertical integration".
I agree, they do have a few warts in there product line, especially now after the Linux acquisitions. Some duplication of effort, for sure. Ya, they should trim down on the dups. But I think I see how it all fits together... I dont think they are in any market that they shouldnt be.
I seriously doubt that. In the last 5-7 years at the 4 or 5 Novell conferences/trade shows Ive been to there was on common theme: we are living in a multi platform world. Different hardware, different software, different OSs. And it is Novell who brings it all together with NDS/eDir, DirXML, and its prebuilt connections with damm near everything: Windows, Peoplesoft, etc, etc. (or so goes the pitch). They dont care if you arent running Netware exclusivly, they dont care if you are running Windows Server. There stuff works with everything. (well, most things). They make heterogeneous enviroments work not by replacing everything with Novell stuff, but by suppmenting everything with Novell stuff.
Furthermore, various Novell (server things) things that currently run on Linux run on a bunch of different distros. And the have stated that they will continue to support different distros. XD already runs on a bunch of different distros, maintaing that shouldnt be hard. Making XD exclusive to SuSE would be contrary to everyhing they have done in the last decade.
I never said that copy protection was good, or bad. I said that while (strong) copy protection may decrease piracy, it will not necessaraly increase sales by the same ammount. There are alternative zero cost solutions - OSS - and they will be explored.
Commercial software providers make it more and more difficult to get warez. More effective copy protection, better enforment, fines, etc. You have a huge class of people (say: those who dont live in the G7) who are used to getting software for zero cost. When they no longer can get the commercial stuff for zero cost, what will they do? But it, or go with OSS? Thats what I thought....
The problem is the level of maturity of MS programmers. (both inside MS, and app programers) The assumption is that potential attackers are mearly curious or otherwise easily thwarted. You only need to keep honest people out because everyone is honest.
To be fair, UNIX, and the rest of the Internet world, also went through this phase. SMTP being the prime example (still unsolved. Grr..). Everyone online are friends, so you only need enough security to keep out curious friends. The Morris Worm was the kick in the balls to get people thinking about security. The assumption changed from "everyone is friends who play nice" to "attacks will happen by determened (and smart) people." The "bug of the month club" that Sendmail admins were members of is quite similar to todays with MS.
This is no excuse for Microsoft programmers, or 3rd party app for Windows programmers. The evolution of internet security is well documented. And even if no MS programmer ever was at a university in around 1985-1995 durring this transition on the Internet (computer nerds at a Uni assumably having (some, limited) 'net access) there is enough foklore floating around that they should know better.
So what are they to do? Well, taking Sendmail as an example, many users gave up and wrote better mailers. And the Sendmail folks did fix many of its problems. Writing a mailer from scratch was probabaly less effort then "fixing" Sendmail, esp given the stupid design of Sendmail. (compared to modern mailer designs, anyway). I dont realy know enough about the internals of Windows (NT), but I do know that it was desigined by more-or-less the same team as that that desigined VMS. VMS is paticularly anal about security. So lets say that WNT is at its core, "secure". It is all the user level OS apps, add on packages, and 3rd party packages that suck. So it should be, line for line, easier to "fix" the windows problems then it was to "fix" Sendmail. (Because at its core Windows should be OK).
I call shenanigans on the Stanley Cup story. Since 1995 the Cup has always traveled under the companionship of at least one rep of the Hockey Hall of Fame. The worst it could get lost is in an airport bagage system. It does NOT travel via courier.
That being the case, why wouldnt you install the "GNU enviroment" on Solaris? It even comes with recent versions of Solaris.. Not to mention sunfreeware.com and pkg-get.
You mention free stuff. Of course they give away upgrades for free stuff for free.
As for drivers, I would consider that a bug fix. A drivers job is to allow the OS to use a piece of hardware. "New" drivers that add functionality are bug fixes. You have the hardware. The OS can use some feature of it, then the driver has a bug. Moot point anyway: except for the most generic hardware, drivers come from the vendors, for free.
Software does some things far better then a person can do them. Hoe many lives have been "saved" by various computer assisted processed in an aircraft? The Osprey is an aircraft that is virtually impossible for a human alone to fly. How many lives will be saved because of increased battlefield mobility?
Things fail. Software. Electronics. Mechanics. People. "Software" is far too broad a term to point a finger at.
Even Microsoft is aware of the "paper MCSE" problem.
To MS, that is not a problem. Having a seemingly important certification easy to get is intentional. Mind share.
And that strategy is not uncommon: CNA and CNE certs from Novell, back in Netware 3.x days, were also intentionally easy to get. It is a double edged sword though: it has taken Novell years to regain respect for their certs.
With cron-ed yum, or apt upgrades just happen. The upgrade process consists of showing up in the morning. Microsoft Update could do the same thing, but they only give away bug fixes: features cost money.
Well, OK. Maby not the kernel. But they "take" as much as they "give". Not that there is anything wrong with that - its the very nature of OSS. But many places "give" far more then.
Bzz. Wrong. There are Sun clones. Or perhaps to be more accurate, Sun and others produce computers based on the same reference design. Fujitsu, amongst others, make systems compatable with Sun stuff. See: Sparc International. Im sure that Fijitsu must have there own OS, but a lot of the sytems I see at http://www.sparc.com/ come with preinstalled Solaris.
Not having clones means they refuse to license their OS, their BIOS (or whatever the Mac equivelent is) and what not. It is not a direct analogy to MS, but an example of them trying to be like MS. (And if these adds I see for Windows powered NAS boxen are true, it would seem that MS does license their OSs to non-end users.)
Backwards. The core of Apples OS is an Open Source system: BSD. Highly customized BSD, yes. But they started with BSD. They did not start with nothing, write a Unix-ish OS and then give it away.
Examples: the non-existant Mac clone market. Quicktimes codecs. How much is it that they charge for 1394 royalties?
This limited warranty does not cover damages due to external causes, including accident, problems with electrical power, usage not in accordance with product instructions, misuse, neglect,
alteration, repair, improper installation, or improper testing.
Emphasis mine... The fans come from the factory glued on with better adhesive then they use on the Shuttles heat tiles. I can't see how you would have gotten it off without using some serious, damaging, force.
Slashdot Mirror
The theory here is that it is very easy to sniff passwords, whereas servers should be "secure". "Sniffing" might not happen on the local LAN - it could be a corrupt ISP, for example. There are many points on the trip that could be hacked - either by outside forces, or corrupt admins - most, if not all, are not the responsibility of either the user or the respective server admins... And if the server holding the passwords is hacked, then all is lost anyway.
Where did you read "passwords being sent in the clear"? While sniffing may be how they got them, nothing says that. To have passowrds not sent cleartext, excluding TLS/SSL, then the server would need to know the passwords - that is, you could steal the unhashed/unencrypted passwords from the server side.
I dont know if the interest rates are better or worse in Canada. I do know that if you are interested in interest rates (interest hehe) then a bank is not where you want to go. Moot point.
As we get a lot of US media, I am aware that VISA is pushing hard there "cheque card". In Canada you have been able to use your ATM card in retail outlets for a decade. This is as a direct result of having finite numbers of banks. People get there card more or less automaticly when they open a bank account. Retailers can rent the machine for about $25/mo, transaction fees are typically less then $0.10 per. So where as it is difficult for people, and retailers, to get a "cheque card" system setup, there is almost no barrier to do the same in Canada.
As far as banks go, we win hands down.
Your point about the Soviets (possibly) attacking NA is, well, pointless. There was no Russian leader bent on global domination... Virtually every retired Soviet officer who was around durring the Cold War will tell you that they were on the defensive. MAD is MAD, but the 'Merkins came far closer to attacking the Soviets then the reverse.
http://www.suse.com/us/business/products/openexcha nge/slox_future.html says that Novell/SuSE are themsleves thinking about combining OE and GW.
Id never previously heard of NetMail. It seems to me that while GW is desigined for internal/intranet use, NM is desigined as an Internet mail system. It looks like it was once a supplement to GW, rather then a replacement. It seems not to be as popular, so while it isnt specificly mentioned in that doc above, its likely on the drawing board as well.
NDS, by itself, is next to useless. Even as "just" an accounts database, it isnt much better then what we had before. What makes it cool (and usefull) is when you have a bunch of things that can input data into it (like Peoplesoft), and a bunch of things reading data from it. That is, its usefullness is directly related to how much you use it. ZenWorks is insanely usefull, and it heavily uses NDS. The same applies to most of Novells products. This is called "vertical integration".
I agree, they do have a few warts in there product line, especially now after the Linux acquisitions. Some duplication of effort, for sure. Ya, they should trim down on the dups. But I think I see how it all fits together... I dont think they are in any market that they shouldnt be.
Furthermore, various Novell (server things) things that currently run on Linux run on a bunch of different distros. And the have stated that they will continue to support different distros. XD already runs on a bunch of different distros, maintaing that shouldnt be hard. Making XD exclusive to SuSE would be contrary to everyhing they have done in the last decade.
The Job Control Language.
I never said that copy protection was good, or bad. I said that while (strong) copy protection may decrease piracy, it will not necessaraly increase sales by the same ammount. There are alternative zero cost solutions - OSS - and they will be explored.
Commercial software providers make it more and more difficult to get warez. More effective copy protection, better enforment, fines, etc. You have a huge class of people (say: those who dont live in the G7) who are used to getting software for zero cost. When they no longer can get the commercial stuff for zero cost, what will they do? But it, or go with OSS? Thats what I thought....
To be fair, UNIX, and the rest of the Internet world, also went through this phase. SMTP being the prime example (still unsolved. Grr..). Everyone online are friends, so you only need enough security to keep out curious friends. The Morris Worm was the kick in the balls to get people thinking about security. The assumption changed from "everyone is friends who play nice" to "attacks will happen by determened (and smart) people." The "bug of the month club" that Sendmail admins were members of is quite similar to todays with MS.
This is no excuse for Microsoft programmers, or 3rd party app for Windows programmers. The evolution of internet security is well documented. And even if no MS programmer ever was at a university in around 1985-1995 durring this transition on the Internet (computer nerds at a Uni assumably having (some, limited) 'net access) there is enough foklore floating around that they should know better.
So what are they to do? Well, taking Sendmail as an example, many users gave up and wrote better mailers. And the Sendmail folks did fix many of its problems. Writing a mailer from scratch was probabaly less effort then "fixing" Sendmail, esp given the stupid design of Sendmail. (compared to modern mailer designs, anyway). I dont realy know enough about the internals of Windows (NT), but I do know that it was desigined by more-or-less the same team as that that desigined VMS. VMS is paticularly anal about security. So lets say that WNT is at its core, "secure". It is all the user level OS apps, add on packages, and 3rd party packages that suck. So it should be, line for line, easier to "fix" the windows problems then it was to "fix" Sendmail. (Because at its core Windows should be OK).
A PCI modem perhaps? And the phone was ringing? Ah, the wonders of +45v.
I call shenanigans on the Stanley Cup story. Since 1995 the Cup has always traveled under the companionship of at least one rep of the Hockey Hall of Fame. The worst it could get lost is in an airport bagage system. It does NOT travel via courier.
Novell did not by Word Perfect Corp to buy Word Perfect. The bought it to buy what is now called Groupwise, which they make a lot of money on.
StoreCase Technologies
RAID boxen with ATA on the inside, SCSI and/or FC on the outside. Seemingly incredable warrenties of as long as 7 years.
That being the case, why wouldnt you install the "GNU enviroment" on Solaris? It even comes with recent versions of Solaris.. Not to mention sunfreeware.com and pkg-get.
As for drivers, I would consider that a bug fix. A drivers job is to allow the OS to use a piece of hardware. "New" drivers that add functionality are bug fixes. You have the hardware. The OS can use some feature of it, then the driver has a bug. Moot point anyway: except for the most generic hardware, drivers come from the vendors, for free.
Software does some things far better then a person can do them. Hoe many lives have been "saved" by various computer assisted processed in an aircraft? The Osprey is an aircraft that is virtually impossible for a human alone to fly. How many lives will be saved because of increased battlefield mobility?
Things fail. Software. Electronics. Mechanics. People. "Software" is far too broad a term to point a finger at.
To MS, that is not a problem. Having a seemingly important certification easy to get is intentional. Mind share.
And that strategy is not uncommon: CNA and CNE certs from Novell, back in Netware 3.x days, were also intentionally easy to get. It is a double edged sword though: it has taken Novell years to regain respect for their certs.
With cron-ed yum, or apt upgrades just happen. The upgrade process consists of showing up in the morning. Microsoft Update could do the same thing, but they only give away bug fixes: features cost money.
Bzz. Wrong. There are Sun clones. Or perhaps to be more accurate, Sun and others produce computers based on the same reference design. Fujitsu, amongst others, make systems compatable with Sun stuff. See: Sparc International. Im sure that Fijitsu must have there own OS, but a lot of the sytems I see at http://www.sparc.com/ come with preinstalled Solaris.
Not having clones means they refuse to license their OS, their BIOS (or whatever the Mac equivelent is) and what not. It is not a direct analogy to MS, but an example of them trying to be like MS. (And if these adds I see for Windows powered NAS boxen are true, it would seem that MS does license their OSs to non-end users.)
Examples: the non-existant Mac clone market. Quicktimes codecs. How much is it that they charge for 1394 royalties?
Get on the national DNC list(s). Get on any local ones. If/When you get calls anyway, get on their company specific list. Put your dog on the list.
Tell the Oracle salesdroids that it is a home number.
Why would a crooked contractor join the BBB? He wouldn't. Everyone else would. BBB members are good, non BBB members are likely not.