Aaaand in this corner, the idiots come out of the woodwork.
When you, through negligence, ignorance, or malice, are responsible for something so heinous as to cause massive death and suffering to a large number of people, refuse to stand up for your actions, and have a government immorally protecting you from just punishment, you are shit. Walking excrement.
It has nothing to do with hating progress, capitalism, democracy, freedom, America, and my god won't somebody finally think of the children? Nobody is suggesting gas bombing the homes of animal researchers, or not funding stem cell research because it kills innocent gobs of discarded embryos. Nor is anyone advocating communism, or returning back to the fucking trees.
The actions, or failure to take them, of a company killed a large number of people and crippled others, in addition to causing a serious environmental disaster. Those in that company required both ethically and, in many countries, legally to take responsibility for such an action have not only been too spineless to face the consequences of their faulty leadership, but have even refused to compensate those whose lives their actions destroyed.
What would you think if Dow sent a cloud of dioxin gas over Hoboken? If IG Farben contributed directly to the deaths of a few thousand measly Jews? There's a reason for government relations to PREVENT this sort of thing, not circumscribe your precious freedoms to drop hunks of plutonium in neighborhod rivers, god forbid.
Ever heard of the phrase "the buck stops here"? Look it up. Your malformed opinions piss me off.
Seriously, at a very very stressful contract job I once had, I inherited a baseball bat (fine wood Louisville Slugger) from my predecessor (covering whose escape from there was the agreed-upon purpose of my presence there.) I named it "Molly", from the Neuromancer character Molly Millions.
The thing had come into existence years previously, during a horrible project that was totally overbudget and schedule, where a psycho manager had apparently walked around wielding the bat and a sword and screaming things like "I'm gonna break some fuckin' heads!" When he was called into a meeting, someone stole the bat and sword--nobody knows where the blade is now, but generations of network security guys husbanded the bat until I got it.
I brought it to meetings and to server rooms in emergencies, as kind of a safety blanket. We got really good at training our clientele (major international bank) to understand that we were there for them, we'd fix all their problems, but (a) they had to ask nicely, (b) they had to come to us with the issue, and (c) they'd have to trust us.
We always came through, which translated into a lot of credibility, but also meant that we had the best-stocked "thank you" bar in the whole company, but sitting in your office, listening to some flustered manager blubbering about a dead trading system while patting Molly (but always smiling!) was pretty funny.
It got to the point where it became an icon around the bank--people on the internal IRC channels picked up on it, so whenever someone made some horribly stupid security-related remark, there'd be a loaded pause before somebody would make a comment along the lines of "uh, xxx, I think Molly would like to speak with you"...
So as you see, it's all a question of user re-education, tovarich.
There's a difference between single sign-on (a fundamentally flawed concept) and having a single set of credentials. In the latter case, the user may be required to enter, say, a PIN code multiple times for multiple applications.
If you combine this with some sensible physical medium, like a biometric identifier or a hardware token (smart card, etc.) you're not going to be worried about loss of confientiality as much as if you have a single stupid service that just lets you authenticate to everything in one blast.
The concept of having users enter the same password, when (a) that password is reasonably secure, (b) the means used to transmit the authentication is reasonably secure, and (c) the whole thing is combined with some factor that makes it impractical to replay an authentication sequence means you're not going to be subject to phishing/fraud.
...I realize that this wouldn't be practical in, say, populated or build-up areas, but wouldn't it just be cheaper and easier to throw hand grenades at a bomb until it blows up on its own?
The Turks did a few nasty numbers on the Kurds, Armenians, and myriad other folks for wanting to speak their native tongues. And jailing editors for speaking out about this sort of thing is by any civilized standards inexcusable.
That doesn't change the fact, however, that the PKK are a pretty thuggish, militant lot who've engaged in some extremely questionable activities themselves (extortion, drugs, terrorism) no matter how noble their stated goals may be.
The problem arises when you start equating condemnation of Turkey's approach with praise for the PKK.
Use what he calls an "FQDN", i.e. john.doe@foo.com.
It can be any value you want (doesn't have to have any relationship to real domains, it's just a session identifier); use the undocumented link https://your.m0n0.box/status.php (at least I hope you're using https) to check on racoon.conf. You need to make sure your local identifier/remote identifier are in sync.
Feel free to drop me a message if you can't get it working, I'm a bit tired and drunk right now.
M0n0wall is great. Hardware-wise I would strongly recommend a PCEngines WRAP board (WRAP 1D-2) instead of the 4501. We're deploying these on a grand scale, and they are amazingly robust (and cheap--$150-ish.)
As for the M0n0 VPN component, you don't even need static IPs on each end (just on the central location assuming you have a star configuration), as long as it's the branch offices initiating the connection.
PHPGroupware is nice, but I found PHProjekt to be a bit more stable and simpler, as well as further down the development path (I don't remember why, but I got the impression that the PHPGroupware guys couldn't figure out exactly what they were trying to accomplish.)
PHProjekt is nice, including multiple profiles, email support, Palm sync, objects, chat, bulletin board, helpdesk, file storage, and a host of other useful stuff. I have set it up for my own company as well as for a number of clients and it works a charm.
This will be worse than people concentrating on their cell phones being run over in traffic.
I predict a wave of guys getting nailed by buses because they're totally focused on their Gameboys, and having an entire city block nuked when the jet fuel tank on the guy's back goes up in flames as a result...
- ~/bin -- my own executables and scripts - ~/tmp -- gets nuked every time I log out - ~/public_html -- obvious - ~/Graphics -- pics 'n crap - ~/Funny -- obvious - ~/Mail -- imap folders - ~/Work -- anything work-related - ~/Docs -- well, docs - ~/Tunes -- mp3s and the likes - ~/Misc -- depending on the account
I try to keep the "standard" folders and those containing my personal junk separated by capitalizing the first letter of the ones I tend to dump stuff into manually. I know it's utterly anal, but it's worked for me for > 13 years.
"We don't want to record someone's whole route," Holloway says. "We're focusing on the last few seconds before an accident. Granted, some people could use that information (in criminal prosecutions or lawsuits), but that is not our concern."
Well it sure as hell is my concern, and it should be yours as well.
...not to mention the fact that GWB and his running dog capitalist crony gang of imperialist pigs already have satellites capable of measuring the size of a small guinea pig's you-know-what anywhere on the globe. Move along:)
(a) I don't have to go to work. (b) I can go work somewhere else. (c) I choose not to work for companies that do this (I'm a consultant, I get called by clients to go and help them out, I deliver results, they don't see a need to look over my shoulder as long as things work.)
The children, on the other hand, don't have that choice. Won't someone please think of the children?
Heh, nice equation. Only a few problems with it though:
-Half-naked women won't get you mugged (by giving away how much cash you have in your wallet) -Half-naked women won't get you killed (by giving away that you're a national of country xyz in a place that doesn't like xyz too much) -Half-naked women won't allow people whom you don't want tracking me to find you anyplace, anytime (telemarketers, spammers, con men) -Half-naked women won't do the electronic equivalent of ripping my curtains open all the way, all the time (by allowing everyone with a half-assed grasp of technology complete information on what you're wearing, where you go, what you eat, where you work--although I admit, that's an objection based purely on the principle that, oh, I dunno, it's nobody's goddamn business but my own) -Half-naked women won't allow a government that gradually or not-so-gradually erodes my fundamental rights, such as trial by jury, freedom of expression, right to bear arms, habeas corpus and a few other niceties, to suppress any opportunity I have to oppose it.
And before you mention it, forcing the little brats (or anyone, for that matter) to check in via swipe cards, enforced cellphone/GPS tracking, punch cards, or other means, is equally bad.
Sad to say, but I'm an American citizen, and the only thing that keeps me traveling there is the fact that I have family in the country. When that's the case, I'm not going back either.
How dare you suggest that power tools are not absolutely 5up3r10r to all conventional weaponry for any kind of culinary undertaking?!?
Heathen.
I made a cake for my girlfriend once. I spent about half an hour giving myself a sore wrist (stop it, get out of the gutter) trying to make whipped cream.
Then I hit on the idea of taking a wire coat hanger, twisting it up a bit, and clamping it into a Bosch industrial masonry drill. Presto! The hammer action made it all that more fluffy and luscious.
That, and you get the effect of seeing whipped cream coming out of your girlfriend's nose when she laughs so hard she almost chokes after you tell her how you made the cake.
That said, make sure you do this in the middle of easily cleaned surfaces.
On first thought, I think that a lot of the people developing OSS don't know how to market themselves, as opposed to software.
If you have a piece of software out there, that's a good thing, it looks good on a resume, but you will rarely be able to sell it. What you want to look into is offering support and development expertise for similar classes of apps.
I am in the middle of a fairly large project for a big corporation, to deploy around 3-5000 security boxes. One of the candidates is a BSD-licensed (!) OSS product, and we are seriously considering taking the developer (young student) in on retainer to manage future development and bugfixes (he's currently working at a PC shop.)
As the external consultant, I was charged with evaluating various products; I gave the client a very (I think) set of decision criteria on which to base their choice between the two final candidates; they never once flinced at the idea of OSS out of general principle, and the companies I contacted for support were able to provide professional, rational arguments and models of how they work.
Not bad, really. I have, however, found that this is very uncommon in banking clients of mine--they prefer to have someone to sue, I guess. Rather, the companies that are pragmatic about IT in terms of product development (e.g. industrial goods and pharmaceuticals) seem to be more embracing of this sort of thing.
Slashdot Mirror
Aaaand in this corner, the idiots come out of the woodwork.
When you, through negligence, ignorance, or malice, are responsible for something so heinous as to cause massive death and suffering to a large number of people, refuse to stand up for your actions, and have a government immorally protecting you from just punishment, you are shit. Walking excrement.
It has nothing to do with hating progress, capitalism, democracy, freedom, America, and my god won't somebody finally think of the children? Nobody is suggesting gas bombing the homes of animal researchers, or not funding stem cell research because it kills innocent gobs of discarded embryos. Nor is anyone advocating communism, or returning back to the fucking trees.
The actions, or failure to take them, of a company killed a large number of people and crippled others, in addition to causing a serious environmental disaster. Those in that company required both ethically and, in many countries, legally to take responsibility for such an action have not only been too spineless to face the consequences of their faulty leadership, but have even refused to compensate those whose lives their actions destroyed.
What would you think if Dow sent a cloud of dioxin gas over Hoboken? If IG Farben contributed directly to the deaths of a few thousand measly Jews? There's a reason for government relations to PREVENT this sort of thing, not circumscribe your precious freedoms to drop hunks of plutonium in neighborhod rivers, god forbid.
Ever heard of the phrase "the buck stops here"? Look it up. Your malformed opinions piss me off.
That rocks.
That's almost as good as the elegant wood/brass plaque labelled "complaints department, take a number".
It has a hand grenade mounted on it, with a little red tag marked '1' attached to the pin.
Wield the LARG, clue bat, maulinator, whatever.
Seriously, at a very very stressful contract job I once had, I inherited a baseball bat (fine wood Louisville Slugger) from my predecessor (covering whose escape from there was the agreed-upon purpose of my presence there.) I named it "Molly", from the Neuromancer character Molly Millions.
The thing had come into existence years previously, during a horrible project that was totally overbudget and schedule, where a psycho manager had apparently walked around wielding the bat and a sword and screaming things like "I'm gonna break some fuckin' heads!" When he was called into a meeting, someone stole the bat and sword--nobody knows where the blade is now, but generations of network security guys husbanded the bat until I got it.
I brought it to meetings and to server rooms in emergencies, as kind of a safety blanket. We got really good at training our clientele (major international bank) to understand that we were there for them, we'd fix all their problems, but (a) they had to ask nicely, (b) they had to come to us with the issue, and (c) they'd have to trust us.
We always came through, which translated into a lot of credibility, but also meant that we had the best-stocked "thank you" bar in the whole company, but sitting in your office, listening to some flustered manager blubbering about a dead trading system while patting Molly (but always smiling!) was pretty funny.
It got to the point where it became an icon around the bank--people on the internal IRC channels picked up on it, so whenever someone made some horribly stupid security-related remark, there'd be a loaded pause before somebody would make a comment along the lines of "uh, xxx, I think Molly would like to speak with you"...
So as you see, it's all a question of user re-education, tovarich.
There's a difference between single sign-on (a fundamentally flawed concept) and having a single set of credentials. In the latter case, the user may be required to enter, say, a PIN code multiple times for multiple applications.
If you combine this with some sensible physical medium, like a biometric identifier or a hardware token (smart card, etc.) you're not going to be worried about loss of confientiality as much as if you have a single stupid service that just lets you authenticate to everything in one blast.
The concept of having users enter the same password, when (a) that password is reasonably secure, (b) the means used to transmit the authentication is reasonably secure, and (c) the whole thing is combined with some factor that makes it impractical to replay an authentication sequence means you're not going to be subject to phishing/fraud.
...I realize that this wouldn't be practical in, say, populated or build-up areas, but wouldn't it just be cheaper and easier to throw hand grenades at a bomb until it blows up on its own?
The Turks did a few nasty numbers on the Kurds, Armenians, and myriad other folks for wanting to speak their native tongues. And jailing editors for speaking out about this sort of thing is by any civilized standards inexcusable.
That doesn't change the fact, however, that the PKK are a pretty thuggish, militant lot who've engaged in some extremely questionable activities themselves (extortion, drugs, terrorism) no matter how noble their stated goals may be.
The problem arises when you start equating condemnation of Turkey's approach with praise for the PKK.
Use what he calls an "FQDN", i.e. john.doe@foo.com.
It can be any value you want (doesn't have to have any relationship to real domains, it's just a session identifier); use the undocumented link https://your.m0n0.box/status.php (at least I hope you're using https) to check on racoon.conf. You need to make sure your local identifier/remote identifier are in sync.
Feel free to drop me a message if you can't get it working, I'm a bit tired and drunk right now.
M0n0wall is great. Hardware-wise I would strongly recommend a PCEngines WRAP board (WRAP 1D-2) instead of the 4501. We're deploying these on a grand scale, and they are amazingly robust (and cheap--$150-ish.)
As for the M0n0 VPN component, you don't even need static IPs on each end (just on the central location assuming you have a star configuration), as long as it's the branch offices initiating the connection.
Oh yeah, I should probably mention, in all fairness, that PHPGroupware supports at least most of these as well, and is really pretty :-)
PHPGroupware is nice, but I found PHProjekt to be a bit more stable and simpler, as well as further down the development path (I don't remember why, but I got the impression that the PHPGroupware guys couldn't figure out exactly what they were trying to accomplish.)
PHProjekt is nice, including multiple profiles, email support, Palm sync, objects, chat, bulletin board, helpdesk, file storage, and a host of other useful stuff. I have set it up for my own company as well as for a number of clients and it works a charm.
There are 8 people in North Dakota?
:-)
*ducks*
This will be worse than people concentrating on their cell phones being run over in traffic.
I predict a wave of guys getting nailed by buses because they're totally focused on their Gameboys, and having an entire city block nuked when the jet fuel tank on the guy's back goes up in flames as a result...
- ~/bin -- my own executables and scripts
- ~/tmp -- gets nuked every time I log out
- ~/public_html -- obvious
- ~/Graphics -- pics 'n crap
- ~/Funny -- obvious
- ~/Mail -- imap folders
- ~/Work -- anything work-related
- ~/Docs -- well, docs
- ~/Tunes -- mp3s and the likes
- ~/Misc -- depending on the account
I try to keep the "standard" folders and those containing my personal junk separated by capitalizing the first letter of the ones I tend to dump stuff into manually. I know it's utterly anal, but it's worked for me for > 13 years.
The advertising film they have on the page cites 400km/h.
:)
Although I seriously doubt the people inside would be drinking coffee and smiling at those speeds
"We don't want to record someone's whole route," Holloway says. "We're focusing on the last few seconds before an accident. Granted, some people could use that information (in criminal prosecutions or lawsuits), but that is not our concern."
Well it sure as hell is my concern, and it should be yours as well.
...not to mention the fact that GWB and his running dog capitalist crony gang of imperialist pigs already have satellites capable of measuring the size of a small guinea pig's you-know-what anywhere on the globe. Move along :)
(a) I don't have to go to work.
(b) I can go work somewhere else.
(c) I choose not to work for companies that do this (I'm a consultant, I get called by clients to go and help them out, I deliver results, they don't see a need to look over my shoulder as long as things work.)
The children, on the other hand, don't have that choice. Won't someone please think of the children?
Heh, nice equation. Only a few problems with it though:
-Half-naked women won't get you mugged (by giving away how much cash you have in your wallet)
-Half-naked women won't get you killed (by giving away that you're a national of country xyz in a place that doesn't like xyz too much)
-Half-naked women won't allow people whom you don't want tracking me to find you anyplace, anytime (telemarketers, spammers, con men)
-Half-naked women won't do the electronic equivalent of ripping my curtains open all the way, all the time (by allowing everyone with a half-assed grasp of technology complete information on what you're wearing, where you go, what you eat, where you work--although I admit, that's an objection based purely on the principle that, oh, I dunno, it's nobody's goddamn business but my own)
-Half-naked women won't allow a government that gradually or not-so-gradually erodes my fundamental rights, such as trial by jury, freedom of expression, right to bear arms, habeas corpus and a few other niceties, to suppress any opportunity I have to oppose it.
And before you mention it, forcing the little brats (or anyone, for that matter) to check in via swipe cards, enforced cellphone/GPS tracking, punch cards, or other means, is equally bad.
..now if Boeing can come up with an anti-inconspicuous-guy-carrying-a-bomb-laden-suitc ase-laser, I'll start feeling safe.
Oh wait, CAPPS-II and removing our shoes before boarding an airplane has already completely removed that threat.
Sad to say, but I'm an American citizen, and the only thing that keeps me traveling there is the fact that I have family in the country. When that's the case, I'm not going back either.
"Duck...and cover!"
How dare you suggest that power tools are not absolutely 5up3r10r to all conventional weaponry for any kind of culinary undertaking?!?
Heathen.
I made a cake for my girlfriend once. I spent about half an hour giving myself a sore wrist (stop it, get out of the gutter) trying to make whipped cream.
Then I hit on the idea of taking a wire coat hanger, twisting it up a bit, and clamping it into a Bosch industrial masonry drill. Presto! The hammer action made it all that more fluffy and luscious.
That, and you get the effect of seeing whipped cream coming out of your girlfriend's nose when she laughs so hard she almost chokes after you tell her how you made the cake.
That said, make sure you do this in the middle of easily cleaned surfaces.
On first thought, I think that a lot of the people developing OSS don't know how to market themselves, as opposed to software.
If you have a piece of software out there, that's a good thing, it looks good on a resume, but you will rarely be able to sell it. What you want to look into is offering support and development expertise for similar classes of apps.
I am in the middle of a fairly large project for a big corporation, to deploy around 3-5000 security boxes. One of the candidates is a BSD-licensed (!) OSS product, and we are seriously considering taking the developer (young student) in on retainer to manage future development and bugfixes (he's currently working at a PC shop.)
As the external consultant, I was charged with evaluating various products; I gave the client a very (I think) set of decision criteria on which to base their choice between the two final candidates; they never once flinced at the idea of OSS out of general principle, and the companies I contacted for support were able to provide professional, rational arguments and models of how they work.
Not bad, really. I have, however, found that this is very uncommon in banking clients of mine--they prefer to have someone to sue, I guess. Rather, the companies that are pragmatic about IT in terms of product development (e.g. industrial goods and pharmaceuticals) seem to be more embracing of this sort of thing.
WHAT? So our calls are happily sent across the country through random strangers?
No, only when you call tech support. And Pakistan isn't technically "across the country".
This is almost as good as a mail from BT tech support I saw pasted into an IRC channel a few years ago.
The guy was trying to get a DSL card working with a Slackware box. BT: "the internet doesn't support linux".
*groan*