Slashdot Mirror


User: Tony+Hoyle

Tony+Hoyle's activity in the archive.

Stories
0
Comments
5,728
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,728

  1. Re:Why does MS still care? on MSIE 7 May Beat Longhorn Out The Gate · · Score: 2, Insightful

    Hell, with XP SP2 you're forced to buy an encryption certificate if you want to distribute software...

    Verisign are making a *hell* of a lot of money of MS' back.

    They can safely disable activex as it was dying anyway... they've found a better money spinner now.

  2. Re:Just do what I do on Passwords - 64 Characters, Changed Daily? · · Score: 1

    Count yourself lucky.

    The admins at work have recently stopped *anyone* changing their password (I can get around it as I have privs for now...). They also insist they know every single password and write it down and stuff it in a drawer.

    I'd love to work somewhere where I could keep a secure password :)

  3. Re:Hmmm on Windows XP SP2 Goes Gold · · Score: 1

    I wasn't aware Win2003 even ran on a P2 in 4GB, or are you making that up?

    I'm seriously thinking of calling in sick on Monday so someone else can clear up the mess... I've got a horrible sinking feeling that the MCSE didn't actually remove automatic updates when I warned him...

  4. Re:The Firewall on Windows XP SP2 Goes Gold · · Score: 1

    Yeah the new firewall does seem a bit pointless...

    They even *encourage* software to add itself to the exception list.

    They've made it harder for stuff to break (blocking activex, making it hard to run things automatically) but once something is on your machine the first thing it'll do is blow your firewall wide open.

  5. Re:Hmmm on Windows XP SP2 Goes Gold · · Score: 1

    It's not my decision. MCSE has spoken and that's how it shall be.

    I'm still expected to fix the PCs when they break though, because I'm the 'expert'. Sucks to be in the IT business huh?

    (btw. the hardware requirements come from MS themselves during an MSDN conference... they said dedicated server box, not desktop machine). It's only 30 users but I'm quite used to MS stuff sucking up hardware for no good reason.

    $4k is about 100* the IT budget at the moment. We're having to debug leaks by hand because they refuse to pay $1k for BoundsChecker (developer time is a different budget and therefore considered 'free').

    Like I said, sucks to work in IT...

  6. Re:Bad Press and Release.... on Windows XP SP2 Goes Gold · · Score: 1

    There's two ways to look at it:

    1) bad, because all your friends will be phoning up expecting you to 'fix' their PCs
    2) good, because all you friends will be phoning up expecting you to 'fix' their PCs, and you can name your own price.

  7. Re:Oh sure on Windows XP SP2 Goes Gold · · Score: 1

    MS have convermed they're going RTW (release to web) on Monday.

    Ya' know, just before all the support staff get into work...

    I don't admin any more as our MCSE won't let me do it (the same one that insists that he keeps a copy of all the passwords on a printout on his desk and gets shirty when I refuse to tell him it... pity they don't teach squat about security at MCSE school).

  8. Re:Hmmm on Windows XP SP2 Goes Gold · · Score: 2, Informative

    No, we let automatic update do it. That's what it's for.

    Our MCSE refuses to touch SUS with a bargepole. there are some valid reasons (it requires a dedicated server and large hard disk, and we can't spare the hardware) and some just because he hates it it didn't work when we trialled it.

    It's pretty pointless anyway as the company is on a fast leased line so a proxy like SUS is just sucking up administration time.

  9. Re:Hmmm on Windows XP SP2 Goes Gold · · Score: 2, Informative

    There is every valid reason for it.

    For a start, they're testers and our software won't even begin to install for a non-administrator.

    btw. you need to realize how automatic updates work - you do *not* need to be an administrator to use it. They download in the background and and are made 'live' by a scheduled reboot overnight. You could have all your users as 'guest' and you'd still be hosed.

    If it didn't work like that it'd be pretty damned useless... you'd have to pay someone to manually log in as an admin and update the machines which defeats the object of automatic update.

  10. Re:Hmmm on Windows XP SP2 Goes Gold · · Score: 2, Interesting

    So?

    I bet a lot more than 3 out of 5 home users machines are full of spyware too. ..and they're just about to get a visit from 'Mister Servicepack'.

    Oh dear....

  11. Re:Hmmm on Windows XP SP2 Goes Gold · · Score: 3, Informative

    ..then make sure you don't have 'automatic updates' on otherwise all hell will break lose.

    We got wind of the decision to push it out via that channel just in time to switch windows update off via a group policy. Which is lucky otherwise we'd be looking at a lot of dead machines on monday morning (putting up a eula is *not* going to stop users installing it... most of them click blindly on anythign they're asked).

  12. Re:Windows Beta site getting hammered on Windows XP SP2 Goes Gold · · Score: 1

    Torrents have been around for ages...

    I've counted a dozen of them in the last couple of hours.

  13. Re:Is it really golden? on Windows XP SP2 Goes Gold · · Score: 1

    This is going to be a critical update on Windows update on Monday.

    If they haven't got all the bugs out it'll be headline news by Friday evening...

    I'm trying to get an early copy to make sure my software works before the apocalypse on Monday (I managed to trigger some nasty bugs in RC2 which MS claim to have fixed... we'll see...)

  14. Re:Wait, what? on Katie Jones Interviewed · · Score: 1

    Amazon routinely remove 'unfavourable' reviews.

    I've had a few of mine deleted, sometimes several days after they were written.

  15. Re:Almost too weird to be true on The Saga of Katie.com · · Score: 3, Funny

    when was the last time you clicked on a link in a book you were reading

    Just a few minutes ago, actually. I thing the book is broken though as nothing happened.

  16. Re:Why would you WANT to bring the Daleks back? on Dr Who, Daleks Kiss And Make Up · · Score: 2, Informative

    They can levitate. There's at least one episode where they did this (Dr. Who screamed "Run up the stairs", did do then turned around to see the levitating dalek following them).

  17. Re:Some online typing tests on Is Typing a Necessary Skill? · · Score: 1

    Typing pal seemed to be borked (I typed the whole paragraph and then what??? nothing happened).

    TypingTest started OK then dropped to 20wpm and threw me off for now apparent reason.

  18. Re:you mean like... on Linux Apps On Solaris · · Score: 2, Insightful

    If you really want developers to consider Linux as a viable to Windows, then the first thing that should be done is to make it easy to port projects designed for MFC/Visual Studio into KDdevelop projects.

    Uhh Why?

    MFC is dead. It hasn't been updated since version 4.2 and even MS don't use it any more. It was a hideous abortion to start with anyway.

    Porting a project that's written properly is trivial - I write multiplatform stuff all the time . If your code is correctly written then it'll run anywhere with minor tweaks (it's no coincidence that doom3 can reach Linux so fast... it's because ID have programmers that are actually half decent).

  19. Re:There is a simple reason on Windows Accelerators - Do They Really Work? · · Score: 3, Insightful

    This is why in business most 'power users' have dual processors. Windows is notorious for going unresponsive just because something wants the CPU (just try hitting compile in VS.NET) and dual processors at least makes sure you've got a processor free to do some work.

  20. Re:Sure on Syllable - The Little OS with a Big Future? · · Score: 2, Insightful

    I gave up on portage simply because the simplicity you describe is its greatest weakness.

    Sure, you can pass flags when you first install, but it doesn't save them for each app, so when you do an upgrade of your system all the recompiles take the default settings - *and* the default dependencies. That sucks.

    I really wanted a copy of lynx that didn't require X (like, you know, every other frikkin distro ships by default). This worked fine for about 10 minutes until I accidentally unmasked a later version when doing a system upgrade. It pulled in the whole of X, about a zillion fonts and produced a lynx binary that was useless to me.

  21. Re:90% of the internet is valnerable ... on Network Attacks Via DNS · · Score: 1

    "You can upgrade BIND to the latest version in the 9.x series, which is not vulnerable to this attack."

    Yes it does...

    Note that was in January *2003*. Any admin not running a server patched against this should be shot (or given an MCSE).

  22. Re:Eh? on Combining Port Knocking With OS Fingerprinting · · Score: 1

    Port knocking seems a bit pointless (even dangerous - I don't run software on my firewall and am not going to start running undested 'knocking' daemons with the ability to open ports... hell, they'll be saying upnp is sane next...)

    However security through obscurity is not the reason. Most security is to some extent reliant on obscurity (eg. you can bet there are security bugs in the browser you're using, but nobody knows about them yet). Every time you enter your password to login you're relying on obscurity (unless you're in the habit of posting your password on public websites).

    Where obscurity is wrong is where you know about the vulnerability and hope nobody else has guessed it yet, so you try to keep it quiet rather than fix it.

    Ruinning open services and using knocking to 'hide' your server is a bad use of security through obscurity (if someone sniffs your knock there's no other layers and you're dead).

    Running nothing but an ssh daemon then hiding it behind another layer is a good use (but redundant if you're using PKI to authenticate anyway).

  23. Re:It's kinda cool on Combining Port Knocking With OS Fingerprinting · · Score: 2, Informative

    Well, as long as it goes through tcpwrappers anyway....

    Most services don't though. You should be updating iptables not hosts.deny.

  24. Re:90% of the internet is valnerable ... on Network Attacks Via DNS · · Score: 2, Informative

    Bind9 isn't vulnerable to that. Heck, I doubt even bind8 was.. sounds like a pretty lame attack.

  25. Re:Jacking in from the "Big Fucking Deal" port on Sony's $700 Linux-based Remote Control · · Score: 1

    Running a linux kernel doesn't give you any particular access to anything... on an embedded device you'll be lucky to get access to anything significant.

    eg. the <a href="www.netgem.com">Netgem iPlayer</a> has Linux inside and a lot of very buggy, crashy, software. Netgem won't let you get into the machine, won't let you even talk about trying to get into its userspace (you'll be banned from the forums if you try) and they charge $$$ for custom versions. It might as well have been running WinCE for all the help you get off the manufacturer (I'm assuming they haven't actually modified the kernel therefore aren't in violation of the GPL, but it's impossible to tell).