There was a very blatant oversight and an unfortunate assumption on the part of WHT and iNET Interactive.
They quite obviously overlooked the fact that the WHT servers (and ONLY the WHT servers) would ever need routine access to the backup servers. Therefore it was an obvious security hole that could have been plugged by restricting traffic through iptables to only iNET-affiliated IPs. Any teleworkers who needed access should simply use a VPN to iNet's offices if they really need access to the backup systems. If under some extreme circumstance (such as the loss of a database) an outside party needs access to the backup servers, the system admin can then add an exception under iptables.
And on that note, the other incredibly thoughtless assumption was that any traffic coming from the backup servers would be approved traffic. So once the attacker gained access to the backup servers, the database servers were one insecure hop away.
I think this proves the following very important points to the entire IT industry: 1) Internal infrastructure should remain just that - internal! Restrictions should always be put in place as to who can (or can't) access a system. 2) No traffic can be guaranteed authorized or authentic. It's one thing to add an SSH keyfile to your home servers, but in an enterprise environment everything must be highly scrutinized. It's no longer a matter of protecting systems from users - it's now a matter of protecting systems from other systems as well.
I was personally affected by the loss of information at WHT and while it's annoying, it's a fact of life and can't be undone. All that's left now is to pick up the pieces, secure the site as best they can and move on with lessons learned.
We have ConAgra, First National, Mutual of Omaha, CoSentry, Google just across the bridge, UNO's Peter Kiewit Institute and so on. People need to realize that Omaha isn't some backwater town with banjo players and cowboy hats. (Okay, well, no banjo players at least.)
It is not an entirely legitimate question. For the most part it's rhetorical but I asked it to prove a point: Just because he's BLACK doesn't mean it should be covered more than a white man's inauguration. Civil rights activists have been screaming about equal treatment, but what they need to accept along with that is equal recognition. If we make a big deal about the fact that he's black, we will never look any deeper into him than the color of his skin.
Why is it a historic moment? He's a man who was elected President. Don't make a big deal out of it, for the sake of equality. Equal treatment means equal recognition.
P.S. My school never showed us the OJ verdict because it had nothing to do with any of our actual studies.
Okay, now that many posters have recommended VLC (which I as well recommend for stream rebroadcasting), I have one final question.
Why does this need to be a live feed? Seriously, record the stream on a computer or bust out one of those ancient VHS tapes and record it. Then, show the kids the video the next day in their Social Studies/History classes. There's no reason to disrupt the school's daily flow for something that happens every four years.
Well then the community needs to become more accepting of originality. I personally love KDE4 and GIMP. Anyone who flames a project for being too "original" or "bleeding-edge" is really retarding the development process and is essentially forcing the Linux community to adapt to an environment of conformity that only serves to push it two steps further behind the competition.
Walk up to somebody in your local [insert supermarket here]. Ask them if they use Linux. Ask them if they've HEARD of Linux.
The chances of those two answers being "yes" is going to be low, lower than if you ask about Windows or Mac. Why? Because Microsoft and Apple put their names out there! What does the Linux community do? We make blogs. And give out free CDs. Guess who else gives out free CDs? AOL. Guess what they turn in to? Coasters.
Not everybody cares about their computer as much as you do. Furthermore, non-technical people don't have the time or desire to search the internet and learn all about Linux. Why? Because their Windows/Mac computers work for them and they don't see a need to change. So we need to actively show them why Linux is so great, and do it through the same channels as Microsoft and Apple.
The least effective way to get somebody to do something is to make them go out of their way to do it.
Tell that to the Linux Foundation who would rather put millions into advertising than award millions to the developers who create the next "killer app" for Linux.
You guys want to advertise, I'll give you advice on how to do so. I'm not holding a knife to your throat demanding that you waste your time making a damn commercial, but the Foundation has already expressed their interest in doing so, so you can't talk down to ME as if I came up with the damn idea!
...And you're entirely missing the point. If you show one video showing how Synaptic works, then you need another video to show how yum works, and another video to show how up2date works, and another video for portage... And don't even get me started on the GUIs. One video for GNOME means one video for KDE which means one video for Xfce which means a video for every goddamn GUI out there.
The Linux community has 500 entirely different ways of doing one little thing. Making an advertisement showing the distro software would either mean a feature-length film encompassing everything, or only mentioning one distro like Ubuntu and pissing off the other 99% of Linux users out there who want their distro advertised, too.
It would be cool if Canonical would put out the ad specifically for Ubuntu. But then every other distro would start to do it and there would be more Linux commercials on TV than people could handle. If you thought seeing ShamWOW! every 5 minutes was annoying...
Linux is finally beginning to implement things that Microsoft and Apple have been doing for years?
Wow! Who would have guessed?
Uh oh, I badmouthed Linux and probably pissed off Richard M. "Jesus Christ Reborn" Stallman. I know I'm going to be modded a troll just for that. But before you hit "Flamebait" and censor me into oblivion, LISTEN. Seriously. This is why 2009, 2010, 2011 and 2012 are NOT going to be the "Year Of The Linux Desktop"... because all the freetards (to quote Fake Steve) can do is just copy the two big names in the industry. Let's see something original... put that community-minded, many-eyes-on-one-problem mentality to use on advertising and maybe Linux would become a household name to the point where people will actually ASK you about it!
When World of Warcraft bites the dust, you'll have a whole hell of a lot of people with 10gigs of data on their drives that does seemingly nothing. Thankfully, when that happens, it's a simple matter for the 11-million-some subscribers to switch over to a private server.
However, for fans of smaller, less popular MMOs, they're essentially screwed if their provider shuts down and nobody's reverse-engineered the server software.
I think it would be a good publicity stunt for the software companies if, when they shut down an MMO, they release the server software for private use. They don't necessarily have to open-source it since their own proprietary code might be re-used in future projects, but if they at least gave the die-hard fans a way to keep enjoying the game, they could build up an even more loyal following rather quickly.
The article in question lacks a significant amount of information - hell, it didn't even give a number for Microsoft. It just said that Apple was "below 20" and then got better.
Until I see an article that doesn't throw out one number and then fill the rest of the page with useless fluff and speculation, I'm putting my money on Apple.
In related news, privacy activists are heavily protesting this new form of data mining and are pushing Congress to mandate that all newborns come with an opt-out check box and a Privacy Policy.
Slashdot is *greatly* overestimating the mainstream audiences and general public.
The sad truth is, the general public really doesn't care about open source. They want something that works, and to them, the things that you buy from Sony, LG, Microsoft and others work. They don't care whether the hardware is open-source or proprietary. The fact that the iPhone lacks support for 3rd party applications surely didn't stop hundreds of thousands of people from getting one on opening day.
I think you all are greatly overestimating the capabilities of the mainstream public when it comes to "open source". I'm guessing that the millions and millions of readers of the New York Times will just skip over the article and move on to reading about Britney Spears.
tl;dr: Too much is going on in the news - this was a terrible time to release an article like this that is supposed to introduce the mainstream audience to *anything*.
Correction: In Windows on Boot Camp, the two-finger right click method is fully implemented, thanks to Apple's touchpad drivers for Windows. Additionally, the multitouch scroll functionality is completely intact, along with the command-click and ctrl-click methods.
Slashdot Mirror
There was a very blatant oversight and an unfortunate assumption on the part of WHT and iNET Interactive.
They quite obviously overlooked the fact that the WHT servers (and ONLY the WHT servers) would ever need routine access to the backup servers. Therefore it was an obvious security hole that could have been plugged by restricting traffic through iptables to only iNET-affiliated IPs. Any teleworkers who needed access should simply use a VPN to iNet's offices if they really need access to the backup systems. If under some extreme circumstance (such as the loss of a database) an outside party needs access to the backup servers, the system admin can then add an exception under iptables.
And on that note, the other incredibly thoughtless assumption was that any traffic coming from the backup servers would be approved traffic. So once the attacker gained access to the backup servers, the database servers were one insecure hop away.
I think this proves the following very important points to the entire IT industry:
1) Internal infrastructure should remain just that - internal! Restrictions should always be put in place as to who can (or can't) access a system.
2) No traffic can be guaranteed authorized or authentic. It's one thing to add an SSH keyfile to your home servers, but in an enterprise environment everything must be highly scrutinized. It's no longer a matter of protecting systems from users - it's now a matter of protecting systems from other systems as well.
I was personally affected by the loss of information at WHT and while it's annoying, it's a fact of life and can't be undone. All that's left now is to pick up the pieces, secure the site as best they can and move on with lessons learned.
What's wrong with Omaha?
We have ConAgra, First National, Mutual of Omaha, CoSentry, Google just across the bridge, UNO's Peter Kiewit Institute and so on. People need to realize that Omaha isn't some backwater town with banjo players and cowboy hats. (Okay, well, no banjo players at least.)
It is not an entirely legitimate question. For the most part it's rhetorical but I asked it to prove a point: Just because he's BLACK doesn't mean it should be covered more than a white man's inauguration. Civil rights activists have been screaming about equal treatment, but what they need to accept along with that is equal recognition. If we make a big deal about the fact that he's black, we will never look any deeper into him than the color of his skin.
Why is it a historic moment? He's a man who was elected President. Don't make a big deal out of it, for the sake of equality. Equal treatment means equal recognition.
P.S. My school never showed us the OJ verdict because it had nothing to do with any of our actual studies.
Okay, now that many posters have recommended VLC (which I as well recommend for stream rebroadcasting), I have one final question.
Why does this need to be a live feed? Seriously, record the stream on a computer or bust out one of those ancient VHS tapes and record it. Then, show the kids the video the next day in their Social Studies/History classes. There's no reason to disrupt the school's daily flow for something that happens every four years.
Well they certainly know how to ram an object into one.
http://en.wikipedia.org/wiki/Deep_Impact_(space_mission)
The only difference is some Physics-intensive calculation and a big boom.
Chicken Little, after many years of mockery, finally has the last laugh.
If you want to sue yourself
Okay, I know the legal system can sometimes be confusing, but you lost me there...
Well then the community needs to become more accepting of originality. I personally love KDE4 and GIMP. Anyone who flames a project for being too "original" or "bleeding-edge" is really retarding the development process and is essentially forcing the Linux community to adapt to an environment of conformity that only serves to push it two steps further behind the competition.
Walk up to somebody in your local [insert supermarket here]. Ask them if they use Linux. Ask them if they've HEARD of Linux.
The chances of those two answers being "yes" is going to be low, lower than if you ask about Windows or Mac. Why? Because Microsoft and Apple put their names out there! What does the Linux community do? We make blogs. And give out free CDs. Guess who else gives out free CDs? AOL. Guess what they turn in to? Coasters.
Not everybody cares about their computer as much as you do. Furthermore, non-technical people don't have the time or desire to search the internet and learn all about Linux. Why? Because their Windows/Mac computers work for them and they don't see a need to change. So we need to actively show them why Linux is so great, and do it through the same channels as Microsoft and Apple.
The least effective way to get somebody to do something is to make them go out of their way to do it.
Tell that to the Linux Foundation who would rather put millions into advertising than award millions to the developers who create the next "killer app" for Linux.
You guys want to advertise, I'll give you advice on how to do so. I'm not holding a knife to your throat demanding that you waste your time making a damn commercial, but the Foundation has already expressed their interest in doing so, so you can't talk down to ME as if I came up with the damn idea!
To hell with my Karma.
...And you're entirely missing the point. If you show one video showing how Synaptic works, then you need another video to show how yum works, and another video to show how up2date works, and another video for portage... And don't even get me started on the GUIs. One video for GNOME means one video for KDE which means one video for Xfce which means a video for every goddamn GUI out there.
The Linux community has 500 entirely different ways of doing one little thing. Making an advertisement showing the distro software would either mean a feature-length film encompassing everything, or only mentioning one distro like Ubuntu and pissing off the other 99% of Linux users out there who want their distro advertised, too.
It would be cool if Canonical would put out the ad specifically for Ubuntu. But then every other distro would start to do it and there would be more Linux commercials on TV than people could handle. If you thought seeing ShamWOW! every 5 minutes was annoying...
Linux is finally beginning to implement things that Microsoft and Apple have been doing for years?
Wow! Who would have guessed?
Uh oh, I badmouthed Linux and probably pissed off Richard M. "Jesus Christ Reborn" Stallman. I know I'm going to be modded a troll just for that. But before you hit "Flamebait" and censor me into oblivion, LISTEN. Seriously. This is why 2009, 2010, 2011 and 2012 are NOT going to be the "Year Of The Linux Desktop"... because all the freetards (to quote Fake Steve) can do is just copy the two big names in the industry. Let's see something original... put that community-minded, many-eyes-on-one-problem mentality to use on advertising and maybe Linux would become a household name to the point where people will actually ASK you about it!
Well, at least now the phrase "Slower than Steven Hawking in a snowstorm" might actually have some basis in fact.
When World of Warcraft bites the dust, you'll have a whole hell of a lot of people with 10gigs of data on their drives that does seemingly nothing. Thankfully, when that happens, it's a simple matter for the 11-million-some subscribers to switch over to a private server.
However, for fans of smaller, less popular MMOs, they're essentially screwed if their provider shuts down and nobody's reverse-engineered the server software.
I think it would be a good publicity stunt for the software companies if, when they shut down an MMO, they release the server software for private use. They don't necessarily have to open-source it since their own proprietary code might be re-used in future projects, but if they at least gave the die-hard fans a way to keep enjoying the game, they could build up an even more loyal following rather quickly.
The article in question lacks a significant amount of information - hell, it didn't even give a number for Microsoft. It just said that Apple was "below 20" and then got better.
Until I see an article that doesn't throw out one number and then fill the rest of the page with useless fluff and speculation, I'm putting my money on Apple.
I only read /. for the articles... honest...
One student? What would you say for if you were the parent of a child who was killed by a student who just "flipped out"?
They use Windows Server.
Case closed.
In related news, privacy activists are heavily protesting this new form of data mining and are pushing Congress to mandate that all newborns come with an opt-out check box and a Privacy Policy.
Slashdot is *greatly* overestimating the mainstream audiences and general public.
The sad truth is, the general public really doesn't care about open source. They want something that works, and to them, the things that you buy from Sony, LG, Microsoft and others work. They don't care whether the hardware is open-source or proprietary. The fact that the iPhone lacks support for 3rd party applications surely didn't stop hundreds of thousands of people from getting one on opening day.
I think you all are greatly overestimating the capabilities of the mainstream public when it comes to "open source". I'm guessing that the millions and millions of readers of the New York Times will just skip over the article and move on to reading about Britney Spears.
tl;dr: Too much is going on in the news - this was a terrible time to release an article like this that is supposed to introduce the mainstream audience to *anything*.
Correction: In Windows on Boot Camp, the two-finger right click method is fully implemented, thanks to Apple's touchpad drivers for Windows. Additionally, the multitouch scroll functionality is completely intact, along with the command-click and ctrl-click methods.
------------>>> Joke
O
\|/
| You
A
/ \
Microsoft had innovation?
Maybe Traf-O-Data, but even that's a stretch...