I'd say IOS isn't just the software that runs their routers and so on, IOS is behind a product portfolio and provides Cisco with a vendor lock-in strategy (for want of a better phrase)...
Firstly, IOS is the operating system but on top of that, they can sell IOS as an individual product (even if it only comes bundled with other ones, it's good material for the marketing department) and they also have the numerous Cisco certifications that revolve around (or heavily involve) the usage of IOS.
Secondly, the lock-in thing. You train up a load of engineers to use just IOS for routers and of course the next time kit needs replacing those engineers (or their managers) will instinctively go for Cisco kit because no re-training is required. That is, of course, unless some other provider offered a product that touted benefits that outweighed these retraining costs... but I think that unlikely.
This is just an attempt by the Guardian to steal the thunder of the Daily Telegraph, who have been at the centre of this by publishing uncensored figures.
And what's the point of 'investigating' this stuff when we know the Telegraph has all the answers? Well, I'm sure the guys at the Guardian will publish the results of their so-called 'investigations' when the Telegraph release the rest of their data...
Er, I should add that I totally agree with your point about the ease of management - this is definitely a benefit, particularly in smaller businesses (the cost of a UTM is also lower than that of separate IDS/firewall/anti-virus/etc appliances).
My point was just that from the technical perspective is isn't optimal. Realisticly, it is a good compromise for those who can't afford/don't need anything better.
Multiple security controls, yes, but these must be independent.
If I have a firewall and an IDS on the same machine, and someone exploits a hole in the TCP stack or the IDS to get local root/admin priviledges, they then have control of not only the firewall but also the IDS. If I have two separate machines, a firewall and an IDS, if one gets compromised it does not affect the other.
Thinking about it, the way to get around it in the case of a UTM is to use VMs for each task, but that will have a hit on performance presumably, as well as integration and thus usability.
You are comparing apples and oranges. DVD-Rs and flash drives are aimed at different markets. How many movie players do you see with SD/USB slots? How many people carry powerpoint presentations and other odd documents on DVDs?
> He also talks about what it's like to be one of the most often-targeted DDoS sites on the planet.
Microsoft.com is a DDoS site? I knew it! All this time they have secretly been DDoSing their competitors and customers alike to achieve world dominance.
Until your central database gets hacked, or those managing it are bribed into submission by some dubious third party for political or commercial gain.
In theory it sounds like a perfect system, but in reality you need decentralisation to get over the fallen nature of humans - the internet is a good example.
Given that IBM has built a lot on Java, I wonder if, now that Oracle controls Sun, IBM will consider forking it? (They then start using their fork, thus retaining control of the platform...)
I don't think that'd be a good thing but if Java is open source it could happen...
How on earth can email/web usage history help with investigations of flytipping?!
Do they think that we'll change our facebook statuses to reflect that we're doing things like that? On second thoughts, maybe that's not so unreasonable (sigh).
If I record a movie in my own garden, I can release the video on my website or even on The Pirate Bay with a license saying that only the people in my home town have the right to download the video and the rest don't.
IsoHunt will index the torrent file nevertheless and from your point of view, IsoHunt indexes an illegal torrent that should be taken down, but from my (the creator) point of view it's perfectly legal.
It's the USER'S RESPONSIBILITY to read the terms of the license, the description of the torrent file I made and download the movie if he believes he's allowed to.
Yup, agreed. I don't know how it is phrased in legalese, but if I give someone the opportunity to do something illegal, but they make the final choice about whether to do it or not, I shouldn't be held liable if they break the law. For example, Google presenting me with a link to some ill-gotten MP3. If I click it, that's my act, I should be liable, not Google for presenting me with the link.
Let's try a car analogy: if I buy a car, take it on the road, crash it and kill someone, the cops don't go back to the showroom claiming the car manufacturer is liable because they provided me with a machine that is capable of breaking the law.
If I legally buy a gun, that's fine. If I go out and kill someone with it, I've broken the law. It's not the fault of the guy who sold me the gun, it's my fault.
Estimated to have already saved the force 50 Million Euros, the migration is due to be completed on all 90,000 workstations by 2015.
The article says they've saved that 50m since 2004. I'd be interested to see what the savings are over the long term, given that people cite long-term costs ('Total Cost of Ownership' or TCO in MS-speak) as a factor in the whole Windows-Linux debate.
Don't get me wrong - I'd like to see Linux succeed, but have there been many really big-scale rollouts of this nature that show that the flexibility and choice that Linux/FOSS offers trumps the inflexible but less costly (in terms of training/config) Windows/proprietary alternatives?
One thinks immediately of the Munich Linux rollout, but this link suggests that it has been delayed (I haven't been following the story).
Without elaborating what Windows Server service that might be... Are there really that many vulnerable, not firewalled Windows servers connected to the Internet? Or is this a Server function that has no business on a Desktop that is getting infected?
The Server service provides file/print sharing in Windows. Technically that means it should only run on servers, but think of the number of Windows boxes (e.g. on home networks) where people use file sharing between machines. You can stop it, though.
If you de-select 'File and Print sharing' in the Windows firewall exceptions page, you block access to the Server service. (If memory serves correctly, Windows XP SP2 and Windows Server 2003 SP1 block file/print sharing by default.)
"We can uninstall the applications, but they will not actually be uninstalled, it'll just look like that. So, this new switch just adds/removes shortcuts to IE/WMP/etc."
Tell me, isn't this precisely what we already have in Windows XP? I've never used Vista but in XP you could "uninstall" IE, Windows Messenger and Windows Media Player from the Windows Setup part of the Add/Remove programs control panel applet. When you did uninstall them, it would simply remove Start Menu/Desktop/Quick Launch shortcuts (it even tells you that this is all it does in the description).
Exactly. To my mind it also seems a little ironic/oxymoronic: an 'open-source' DRM system.
We know that these systems get cracked soon after they make it into the wild. Open sourcing such a system just makes the cracking process easier. Now, when they release an updated version, all it takes is a diff of the sources, and you know what to change in your crack to have it overcome the new version of the system.
As the parent says, DRM is a pipe dream: 0's and 1's can be copied. There's no getting around that. As such, existing DRM systems employ the 'security by obscurity' approach (you can crack it if you don't know how it works, thus you must reverse engineer it first)-- again, making the idea of an open source DRM a little silly.
Absolutely.
However, Mozilla has shown that it is aware of the concerns users will have over privacy - they've assured us that Firefox will make it very easy for users to decline sending this information. As long as most browsers adopt this approach, website designers won't feel (one would hope) that they can force users to allow browsers to send the information in order to use their site.
This is in contrast to JavaScript - when it came out, in 1995, it was around the time of the browser wars, it was implemented amongst the key players (Netscape and IE particularly) pretty quickly - enabled by default. That is to say, it was intended for many sites to adopt its use. And until more recently the web has come to expect that JS has been enabled in all the leading browsers that are able to deal with content-rich sites.
The landscape is somewhat different now, with browser vendors giving more attention to privacy and security, so hopefully this feature will not suffer that which JS did.:)
Slashdot Mirror
I'd say IOS isn't just the software that runs their routers and so on, IOS is behind a product portfolio and provides Cisco with a vendor lock-in strategy (for want of a better phrase)...
Firstly, IOS is the operating system but on top of that, they can sell IOS as an individual product (even if it only comes bundled with other ones, it's good material for the marketing department) and they also have the numerous Cisco certifications that revolve around (or heavily involve) the usage of IOS.
Secondly, the lock-in thing. You train up a load of engineers to use just IOS for routers and of course the next time kit needs replacing those engineers (or their managers) will instinctively go for Cisco kit because no re-training is required. That is, of course, unless some other provider offered a product that touted benefits that outweighed these retraining costs... but I think that unlikely.
This is just an attempt by the Guardian to steal the thunder of the Daily Telegraph, who have been at the centre of this by publishing uncensored figures.
And what's the point of 'investigating' this stuff when we know the Telegraph has all the answers? Well, I'm sure the guys at the Guardian will publish the results of their so-called 'investigations' when the Telegraph release the rest of their data...
Hey, the Times isn't like the Sun, ok. :/
Did you figure that out all by yourself, or did you do something as unslashdot-like as read the summary?
Did you figure that out all by yourself, or did you do something as unslashdot-like as read the title ?
Mono Squeezed Into Debian Default Installation
Here, here - this story is old.
Link: here.
You sound like you read way too much into an offhand comment.
Ah, you must be new here. Welcome to Slashdot ;)
Er, I should add that I totally agree with your point about the ease of management - this is definitely a benefit, particularly in smaller businesses (the cost of a UTM is also lower than that of separate IDS/firewall/anti-virus/etc appliances).
My point was just that from the technical perspective is isn't optimal. Realisticly, it is a good compromise for those who can't afford/don't need anything better.
Multiple security controls, yes, but these must be independent.
If I have a firewall and an IDS on the same machine, and someone exploits a hole in the TCP stack or the IDS to get local root/admin priviledges, they then have control of not only the firewall but also the IDS. If I have two separate machines, a firewall and an IDS, if one gets compromised it does not affect the other.
Thinking about it, the way to get around it in the case of a UTM is to use VMs for each task, but that will have a hit on performance presumably, as well as integration and thus usability.
This was in BBC news at the beginning of the week! Come on, Slashdot!
You are comparing apples and oranges. DVD-Rs and flash drives are aimed at different markets. How many movie players do you see with SD/USB slots? How many people carry powerpoint presentations and other odd documents on DVDs?
> He also talks about what it's like to be one of the most often-targeted DDoS sites on the planet.
Microsoft.com is a DDoS site? I knew it! All this time they have secretly been DDoSing their competitors and customers alike to achieve world dominance.
If you have any caching proxies on your network or your ISP has any transparent caches (many do nowadays), that might affect things.
:)
Also, has the Acid3 site been slashdotted?
Until your central database gets hacked, or those managing it are bribed into submission by some dubious third party for political or commercial gain.
In theory it sounds like a perfect system, but in reality you need decentralisation to get over the fallen nature of humans - the internet is a good example.
Given that IBM has built a lot on Java, I wonder if, now that Oracle controls Sun, IBM will consider forking it? (They then start using their fork, thus retaining control of the platform...)
I don't think that'd be a good thing but if Java is open source it could happen...
Did anyone else see the headline and thought it said 'IBM Withdraws $78 offer for Sun Microsystems'?
Do they think that we'll change our facebook statuses to reflect that we're doing things like that? On second thoughts, maybe that's not so unreasonable (sigh).
If I record a movie in my own garden, I can release the video on my website or even on The Pirate Bay with a license saying that only the people in my home town have the right to download the video and the rest don't.
IsoHunt will index the torrent file nevertheless and from your point of view, IsoHunt indexes an illegal torrent that should be taken down, but from my (the creator) point of view it's perfectly legal.
It's the USER'S RESPONSIBILITY to read the terms of the license, the description of the torrent file I made and download the movie if he believes he's allowed to.
Yup, agreed. I don't know how it is phrased in legalese, but if I give someone the opportunity to do something illegal, but they make the final choice about whether to do it or not, I shouldn't be held liable if they break the law. For example, Google presenting me with a link to some ill-gotten MP3. If I click it, that's my act, I should be liable, not Google for presenting me with the link.
Let's try a car analogy: if I buy a car, take it on the road, crash it and kill someone, the cops don't go back to the showroom claiming the car manufacturer is liable because they provided me with a machine that is capable of breaking the law.
If I legally buy a gun, that's fine. If I go out and kill someone with it, I've broken the law. It's not the fault of the guy who sold me the gun, it's my fault.
Estimated to have already saved the force 50 Million Euros, the migration is due to be completed on all 90,000 workstations by 2015.
The article says they've saved that 50m since 2004. I'd be interested to see what the savings are over the long term, given that people cite long-term costs ('Total Cost of Ownership' or TCO in MS-speak) as a factor in the whole Windows-Linux debate.
Don't get me wrong - I'd like to see Linux succeed, but have there been many really big-scale rollouts of this nature that show that the flexibility and choice that Linux/FOSS offers trumps the inflexible but less costly (in terms of training/config) Windows/proprietary alternatives?
One thinks immediately of the Munich Linux rollout, but this link suggests that it has been delayed (I haven't been following the story).
Without elaborating what Windows Server service that might be... Are there really that many vulnerable, not firewalled Windows servers connected to the Internet? Or is this a Server function that has no business on a Desktop that is getting infected?
The Server service provides file/print sharing in Windows. Technically that means it should only run on servers, but think of the number of Windows boxes (e.g. on home networks) where people use file sharing between machines. You can stop it, though.
If you de-select 'File and Print sharing' in the Windows firewall exceptions page, you block access to the Server service. (If memory serves correctly, Windows XP SP2 and Windows Server 2003 SP1 block file/print sharing by default.)
Or even just increase your read cache size? Isn't performance the point of a read cache?
"We can uninstall the applications, but they will not actually be uninstalled, it'll just look like that. So, this new switch just adds/removes shortcuts to IE/WMP/etc."
Tell me, isn't this precisely what we already have in Windows XP? I've never used Vista but in XP you could "uninstall" IE, Windows Messenger and Windows Media Player from the Windows Setup part of the Add/Remove programs control panel applet. When you did uninstall them, it would simply remove Start Menu/Desktop/Quick Launch shortcuts (it even tells you that this is all it does in the description).
A grammar nazi is often a very confused person who believes that is 'one true grammar.'
A grammar nazi is often a very confused person who believes that there is 'one true grammar.'
There, fixed that for you.
Er, hacking is not illegal. The summary is confusing 'hacking' with 'cracking'.
http://wiki.answers.com/Q/What_is_the_difference_between_hacking_and_cracking
Exactly. To my mind it also seems a little ironic/oxymoronic: an 'open-source' DRM system.
We know that these systems get cracked soon after they make it into the wild. Open sourcing such a system just makes the cracking process easier. Now, when they release an updated version, all it takes is a diff of the sources, and you know what to change in your crack to have it overcome the new version of the system.
As the parent says, DRM is a pipe dream: 0's and 1's can be copied. There's no getting around that. As such, existing DRM systems employ the 'security by obscurity' approach (you can crack it if you don't know how it works, thus you must reverse engineer it first)-- again, making the idea of an open source DRM a little silly.
Just my thoughts.
Absolutely. However, Mozilla has shown that it is aware of the concerns users will have over privacy - they've assured us that Firefox will make it very easy for users to decline sending this information. As long as most browsers adopt this approach, website designers won't feel (one would hope) that they can force users to allow browsers to send the information in order to use their site. This is in contrast to JavaScript - when it came out, in 1995, it was around the time of the browser wars, it was implemented amongst the key players (Netscape and IE particularly) pretty quickly - enabled by default. That is to say, it was intended for many sites to adopt its use. And until more recently the web has come to expect that JS has been enabled in all the leading browsers that are able to deal with content-rich sites. The landscape is somewhat different now, with browser vendors giving more attention to privacy and security, so hopefully this feature will not suffer that which JS did. :)