Slashdot Mirror


User: LordLimecat

LordLimecat's activity in the archive.

Stories
0
Comments
10,208
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,208

  1. Re:Well, not calling them a "fan" might be a start on Ask Slashdot: What Should a Unix Fan Look For In a Windows Expert? · · Score: 3, Insightful

    Why would you use a workgroup vs a domain?

    Workgroup
    When you cant afford a server license.
    Domain
    When you can afford a server license.

    (Bonus: Always, because inter-computer trust relationships actually work with some degree of reliability once a domain is set up.)

    Do I win a prize?

  2. Re:UNIX Differences on Ask Slashdot: What Should a Unix Fan Look For In a Windows Expert? · · Score: 1

    Without a joystick, how can you reset "holding backwards" to be "neutral", thereby allowing you to sprint forward faster than the game designers intended?
    "gee guys I dunno how my character is moving so fast."

  3. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 1

    That being the case I would advise you a little further: We are no longer in the days of "twice a year updates". Hackers get paid probably several times what you make in a year to keep their exploits up to date, on a daily schedule. Every day Norton, McAfee, and all the rest update their databases; and every day the virus writers re-compile their viruses in order to evade those definitions. Being one day out of date is now a gigantic problem-- which itself creates huge headaches for those of us who try to prevent infections.

    It would astonish you just how rapidly threats emerge, are fixed, and then become old. You will see phishing emails with links to sites that are live one hour, and are taken down by enforcement teams the next; and threats which actively try to determine if you are reverse-engineering them and block those attempts. The level of efficiency and sophistication we are dealing with on both the White- and Black-hat sides would amaze you.

    Thats why I get a little riled up about the idea that twice-annual updates are enough. Its not because someone not in the biz SHOULD know better; its because you NEED to know better if progress will ever be made. The beautiful thing about this recent trend of "update often, update silent" is that it goes a long way towards taking the burden off of the end user to need to know ANY of this, and allows the IT staff to make that decision with less hassle. We can choose to do nothing-- and in that case Mozilla's sane defaults will keep a large number of users from being horribly vulnerable; or we can block the update, in which case we presumably are taking the onus on ourselves to maintain an update schedule. In either case, it is a net win in the fight against malware, botnets, and spam.

  4. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 1

    I take it you never do windows updates or use repositories. Those are, to use your terminology, "basically backdoors".

  5. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 2

    Now explain to me why dedicated machine only used for banking would need to keep flash, PDF reader and vulnerabilities fixed on next-day kind of schedule? Now let me assure, I don't bank with Nigerian princes, so twice a year cumulative security update seems reasonable to me.

    Because you dont know what will happen on your banks website. Every day you connect to it, you are blindly trusting that their security has not been compromised in any way-- that they have NO user-generated content (forums, questions, reviews), that NO website hacks have taken place, that no ads or third-party websites are referenced on their site, etc.

    If ANY of those are not the case, you open the door to immediate rooting. One hidden embeeded flash is enough to root a machine with out of date plugins; at that point the only question is if it was a userland rooting, or a system-wide rooting (hopefully you dont run as admin).

    Whatever you thought you had learned about internet security is woefully out of date. You simply cannot trust that any website you visit, ever, is safe. You need to run as non admin, remove any unnecessary plugins, and update those that are necessary. If this is a bank-only site, I recommend you turn off all plugins in about:plugins. Thats just the friendly advice of a person who does this stuff for a living; you are, of course, free to ignore it.

  6. Re:I used to love VMware on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 1

    Version 5 introduced a web client accessible from cross-platform (AFAIK) browsers. I dont have too much experience with it as I prefer the Windows client, but from what Ive heard it does most things the full client does, and is being improved greatly in 5.1.

  7. Re:vSphere Hypervisor (Free) has 32GB Host Limit on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 1

    Thanks :(

  8. Re:Unethical ? on Air Force Openly Seeking Cyberweapons · · Score: 1

    The joke only works if you name a system file that actually exists. Perhaps you meant ntoskrnl.exe?

  9. Re:Air resistance. on White House Finalizes 54.5 MPG Fuel Efficiency Standard · · Score: 1

    3) Mandate Computer Controlled Driving in the name of safety and fuel efficiency.

    Im a republican, but I cant think of a reason such a mandate on public highways is a bad idea. If there is one I would be open to hearing it.

  10. More like "its an incredibly good reason even if a niche group doesnt like it".
    The old update process for firefox was borked in the extreme.

  11. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 3, Informative

    auto-update of Chrome because while I see it as unnecessary and inconvenient in my usecase, it is not detrimental to security to keep it on.

    You might not be aware of this, but like every piece of software ever written-- with the possible exception of Hello World-- Chrome has had numerous security flaws, and has fixed them via updates.

    Turning off updates makes you quite vulnerable indeed, and all the more so because those Chrome updates also update Flash and the built in PDF reader which are extensively targetted by malware.

    TL;DR- enjoy your botnet.

  12. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 1

    You could also use the extensive GPO ADM templates that chrome has, if that sort of thing floats your boat.

  13. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 2

    FYI: The updates are now done by the Mozilla Updater Service (or whatever its called), which runs with SYSTEM rights. In most cases this is brilliant, as it lets the program update without the program itself ever having admin. In all other cases, you can turn it off.

  14. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 4, Interesting

    Automatic updates are dangerous for high reliability systems, mission critical applications, or anything that is supposed to run unattended.

    ....Which is why in those situations you set the preference to disable auto-updates, and push that out via GPO.

    Seriously guys this isnt rocket science.

  15. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 2

    Then you turn off automatic updates. Honestly, I prefer that youtube or something breaks for all of 2 days once a year, versus having to worry about malware doing a driveby exploit. But to each his own, I suppose.

  16. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 3, Insightful

    I take it you never go on the frontlines to deal with the rampant malware problem on the internet.

    If this is an issue for you, do your reasearch and turn on the flags to block updates. From the current firefox version:
    FirefoxButton-->Options; Advanced, Update; Click "Never Check for updates (not recommended: security risk)", and uncheck "use a background service to install updates".

    According to Resource Monitor, this changes a setting in your profile's prefs.js, which if I had to guess would be these two:

    user_pref("app.update.auto", false);
    user_pref("app.update.enabled", false);

    There, 3 minutes of research and I found out how to block this company wide (you can push a prefs.js to the firefox install directory and it becomes globally enforced; Im not taking the time to find out where that is). Push it from GPO, youre all set.

    Honestly, the knee-jerk, "I refuse to research the options for myself" reactions from slashdot get old sometimes.

  17. Re:SILENT updates? on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 1

    Last thing I need is for an idiot in some far and distant place to think it fun to roll out a new version and trigger an update on all my computers that may render all the corporate apps unusable.

    As always and as with Chrome, there are mechanisms for blocking the update if you really need to.

    For everyone else, this is probably the best feature to be added in a very long time. The silent updates are why I recommended Chrome everywhere; expecting the user to care or respond to update requests was asinine. In a world where a bad google search can very easily lead to a drive-by-malware site, automatic patches to fix 0-days is a really really good idea. MOST of the viruses I see are on machines where either the brower or plugins were out of date.

  18. Re:Flash freezing on Firefox 15 Released: Silent Updates, Compressed Textures, Add-on Memory Leak Fix · · Score: 1

    I think they fixed that with a very recent release-- I was getting constant crashes and freezes before the update a couple of days ago. Try restarting chrome to get it if you havent recently.

  19. Re:not "available for purchase anywhere" on UKNova TV Torrent Tracker Shut Down After FACT Issues C&D · · Score: 1

    and "the rules necessary" are that you don't permanently deprive someone of something that's theirs except on their terms.

    Excepting that the constitution and current legislation utterly disagree with you. Most countries have some degree of IP law dealing with trademarks, copyright, and patent, recognizing that "the rules necessary" also deal with creative acts if you want to allow any kind of market for them.

    It has ALWAYS been possible to reproduce-without-taking creative works, which is why so many countries restrict that.

  20. Re:Wipe and reinstall. on Ask Slashdot: Rescuing a PC That's Been Hit By Scammers? · · Score: 1

    Yes, wiping software will generally do that. I had mistook the posts about "wiping" to refer to formatting, and wanted to make sure noone was under the illusion that a format-and-reinstall would necessarily get rid of a bad bootsector, as I have been bitten by that in the past. Its quite irritating to do a full reinstall, and start reinstalling drivers only to have the virus crop up again.

  21. Re:vSphere Hypervisor (Free) has 32GB Host Limit on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 1

    My understanding was that that was tied to the new vRAM stuff, as 4.1 did not have any RAM limit on free. Can you provide a source for that? Are you sure this announcement doesnt change that?

  22. Re:I used to love VMware on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 3, Informative

    When as far as I could see, ESXi got worse from 4.1 to 5

    In what way? Better HA, datastore heartbeating, removal of the 2TB-per-datastore limit, DPM, better ways of dealing with RAM contention (page sharing)...
    there are a LOT of ways ESXi got better in version 5. Only regression Im aware of is that the VUM no longer does guest updates, but TBQH who really cares? Just use WSUS or your package manager in Linux.

  23. Re:Too late, EMC on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 1

    Competition isnt a bad thing, and I rather like that vSphere 5 is now viable (assuming pricing is similar to v4).

  24. Re:Isn't that per socket, not per core? on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 4, Interesting

    Not really. Sometimes there just isnt a budget for multiple machines, and it is better to start by consolidating old Windows 2000 systems off of incredibly old hardware onto newer hardware.

    If the budget ever arises, we can quickly set up a full vSphere environment and migrate guests around; but there is a place for virutalization even if you cannot afford a SAN or any of the HA/DRS stuff. By consolidating, we have removed a lot of bad hardware and massively lowered switching and UPS requirements, which is incredibly helpful in this instance. The vSphere client also fits the needs of the customer particularly well, since before he relied on zillions of KVMs.

    I cant go into many particulars, but sometimes youre given a bad network and not a huge budget to work with. Ideally we would have a SAN and at least 3 boxes with Enterprise licensing. We dont have that, but its not the end of the world and I still have a job to do.

  25. Re:Isn't that per socket, not per core? on VMware Back-Pedals On vRAM Scheme, Back To Per-Socket Pricing · · Score: 1

    VMWare's PDF indicates no limit to the number of cores per socket, and no limit to the RAM per host.

    Hooray! Ive been using the 4.1 free hypervisor for some clients because of RAM limits, but with this, vSphere 5 is now viable!
    This really is great news for anyone trying to figure out if they needed to move to HyperV or Xen (at least, assuming you like working with vSphere).