Well, you've been scored funny, but I'll assume that you're serious on a couple of points:
6. Open Source Clients mean user built-in macros. If you're not a coder, you don't level as fast as the geek next cube who is Them with more time than skill will balance out those with more skill than time. That's the way any task works, even menial labor. Being creative increases your productivity. Here, as an added bonus, you can sell your work (the macros, I mean) in the game.
4. Anti-cheat security often means 'Security through Obscurity'... This is true in games where timing is critical, like Quake3:TA. There, the client must perform precise calculations based on available data to determine whether that last shot hit another player, for instance. It would be impractical for the server to do this, since network latency would seriously affect your accuracy. However, in a MMORPG, timing is not critical, and all of the important work is done on the server. The client is only responsible for requesting actions and rendering the graphics. If the rendering is just slightly off from the actual state of things on the server, it's not such a big deal.
1. Damn penguins pit for 9999 HP a peice See above:)
The kornshell.com page has the code for a script that can be included in a CGI script in which all the arguments are mapped into shell variables.
Now that just strikes me as a terrible idea. Bad things happening to shell variables is exactly why you should not write CGI's using a shell.
Really. If you don't yet believe the awesome power of unchecked variables, then read Perl's security docs and learn about Taint mode. Check the FAQ's to see a small example of how often poorly checked input in CGI leads to a compromise. Taint mode specifically is what makes Perl my prefered language for CGI (among my primary languages: C, Perl, Python)
Originally, the reason we switched to maildir was that even without NFS, mbox was corrupting our filesystems. Not just the files, mind you, but the filesystems themselves. It was a total pain in the ass, and we damn near left Linux for FreeBSD. This was using 2.0.36 and Sendmail. We had to put/var/spool/mail on it's own partition so we could unmount and fsck it until we found a solution. Between that and problems with files > 500MB, my opinion of Linux 2.0 is very bad.
Our solution was moving to qmail and using Maildir mailboxes for our users. We never saw the problem again.:)
Recently, I've switched to courier mail server (http://www.courier-mta.org/) on all my non-production machines to evaluate it. I'm really, really happy with it. Courier is a complete mail system, not just an IMAP server, so you might take a look at the whole package. The whole thing is RFC compliant, which causes troublte for software that isn't, but that's a fault in the other software.
As a final rant against UW-IMAP: I hate it. It loads the whole damn mailbox being checked into memory (regardless of the type), which creates a huge load every time someone with a large mailbox checks their mail. This problem affects the POP3 server as well, since that also uses the c-client code.
Now that just sounds like a load of FUD to me. If not, it's probably the least educated thing I've seen this morning.:)
Seriously, a statement like that without any evidence is FUD. It's not worth the bits I recieved to read it.
How? How, how, how would automatically updating signed packages introduce a "security hole"? If all of the Red Hat boxes our there today were to update themselves with security fixes regularly, then they become _more_ secure, not less.
I just sent the following email to my coworkers for a chuckle:
Subject: Notice from the management
It has come to our attention that according to a study commissioned by
Microsoft, under normal use, Windows 98 will require a reboot every 1.8
working days. With this in mind, we will be monitoring each of your
workstations for the next month. Anyone who does not reboot every 4 days
or less on average is assumed not to be using their computer to its
potential and will have to justify the continued maintenance of their
computer.
There are a lot of good answers to your question, from people who are experienced with similar setups. While other new "needs" will come up, and your question will require answering now or later, I have a question I'd like to ask...
Why would you call someone to fix your email after hours?? The only reason I can think of is that you have some urgent message to send ASAP. So you call a technician? Why not just call the person you needed to get the message to? Wouldn't that be faster for everyone?
The North Bridge that they use has a bus to each processor, so the current chipset will only handle two CPUs. I've heard rumor (but nothing from AMD themselves) that they will continue to work on chipsets to handle more processors. I suspect the reality of the situation is that IF they sell a lot of the dual processor chipsets, THEN they'll put development dollars into more complex chipsets.
I saw this message posted to Red Hat's bugzilla earlier today. The first thing that went through my mind was that I would NOT cause public panic by sending this to the SlashDot admins until I had first made a tactful inquiry to Red Hat regarding the situation. The second thing was that someone else would anyway.
I'm a programmer. I'm not on the gcc lists, and I don't stay abreast on the current version or issues so the message from the steering commitee scared me. I felt let down by Red Hat. However, having read your post (particularly where it regards the FreeBSD developers), I feel somewhat relieved.
If gcc 3.0 is released during the life cycle of Red Hat 7.x, then will Red Hat be able to include compatibility libraries for c++, and otherwise upgrade to gcc 3.0 final?
I'm still hoping that Red Hat responds to developers in a reassuring manner soon. : )
the fortune at the bottom of the page after I posted seemed entirely relevant, too:
At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.
Computer are easy to fix in comparison to humans. Computers accept any given set of instructions we see fit to give them, and they execute those instructions exactly, every time. When there's a problem in the instructions, we can give the computer a new set to fix the problem.
Humans dont WANT to be fixed. Humans don't even want to admit that they're broken. About 3 1/2 years ago, my mother was driving around a curve with my younger brother in the car when she was striken by an elderly woman nearly head on. Her car was demolished, and she was badly injured herself. (My younger brother was not.) Even after the physical therapy, she will suffer pain every day for the rest of her life. The elderly woman couldn't see well enough to see the bend in the road, or even my mothers car. She was for all intents and purposes blind, and a terrible danger to everyone on the road. Any responsible person would know that they should not drive in that condition, but people are frequently NOT RESPONSIBLE. Given the choice between safe and convenient, the woman chose convenience.
Could this problem have been prevented? Can it be fixed? Sure! First, however, someone has to admit that there is a problem. Then people would have to implement more frequent checks and more rigid requirements for the license to drive.
People don't want to go out of their way for safety or correctness. They don't want to learn good practice. They want convenience, and they want fast results. That will probably always be the case. As long as it is, those people will be the biggest source of trouble, computer related or not.
There have been a lot of good posts on this subject, but all that I've read missed the one obvious problem with Dell's claim (or the post):
100k hits per day is just over ONE PER SECOND. A 486 could do better than that.;)
Even if you assume that peak time on the site is a 6 hour period, you're getting close to four and a half hits a second, which is no big deal.
is it just me, or does the concept of security as a "side effect" seem very frightening?
Maybe it's just you. Good programmers know that stable, correct code is the cure for 99% of all security problems. The other bit is security problems due to design flaws (such flaws would exist in the RFC, for example).
If you spend the time required to do something _right_, if you make the code robust and stable, then it will be secure. It IS a side effect of programming for stability.
I've seen sonique... Sure, it's got pretty skins, but outside of that, XMMS 0wnz it. Xmms also has the benefit of maturity on Linux, so it'll probably be a lot more stable. What I'm wondering is: "when will xmms's UI be a plugin?" Everything else about xmms is based on plugins, so why not the UI, as well? With a couple of UI plugins, xmms could use any theme available.
Would using plugins for the UI make xmms a "microkernel" application?:)
Anyway, a previous post mentioned a visualization plugin for xmms, which I tried. It's almost good. But, trying to be a UI in a visualization plugin causes a few problems, like closing the application and restarting it with NO available UI. This would be a lot easier for developers and users if xmms's UI were a plugin, too.
ISA slots already have gone away on a number of motherboards. The point is that the manufacturers who are making said chipsets don't really want to support PS/2 any more. Supporting the ISA bus requires a larger, and more complex chipset. By removing legacy equipment, chipsets become smaller, more reliable, and most important: less expensive.
PS/2, serial, and parallel don't require ISA, they're part of it. You're missing my point. By removing all of this legacy garbage, PC hardware becomes a lot simpler. Simple hardware is smaller. Simple hardware is more reliable. Simple hardware is less expensive.
Not according to the documentation I read. Most current motherboards have the serial/lpt/ps2 support in the _SOUTH_ bridge, not the north bridge. None of my motherboards have those devices on the PCI bus, either. Where do you get your information? I'm not trying to be rude... if I'm wrong, then just back up your claim.
Don't underestimate the importance of easy upgrading to 2.4. This will be one of the killer features in 7.0. (as an aside, I installed a 2.4pre kernel in my mother's machine and it works great )
According to AMD, during the next year the ISA bus will no longer be available on most motherboards. That means that a lot of new systems are going to be sold with NO ISA slots, NO PS/2 ports, NO serial ports and NO parallel ports. Removing the old ISA controllers will mean more available area on the motherboard for high speed controllers or smaller, faster, and less expensive motherboards, depending on your market.
Internal expansion will be available with PCI, i810 bus from Intel, or LDT from AMD (LDT bus can be 2,4,8,16, or 32 bits wide and features 1.6GB bandwidth). External devices will use either IEEE 1394 or USB. I'm guessing that support for these buses will be (or has been) back ported to the 2.2 Linux kernel, but will be better supported in the 2.4 kernel.
I'm in the same boat. I've got a Microsoft USB IntelliMouse optical, and it's not too bad. I updated Red Hat 6.2 with the initscripts (and required modutils) from 6.95, and USB works really smoothly with 2.2.17.
Clay Claiborne of Cosmos Engineering is quoted in the article as saying "[USB] still needs to work so that moduals [sic] automatically load." In my experience, they do. I wonder what modules didn't load for him??
Anyway, the feature listed that excites me the most is including SSL support. I haven't seen this in RawHide yet, so I don't know much about what uses it. If anyone has information about what secure server (apache-ssl or mod_ssl) is used, whether or not openssh is installed, whether or not there's an SSL proxy for POP/IMAP, or whether telnet is still enabled by default, post it, please : )
The two services are actually completely opposite each other. Microsoft makes you buy the software in the first place, pay for every major upgrade, and gives you SOME bugfixes for free.
Red Hat on the other hand, will distribute the software for free, including major upgrades and bug fixes. If you'd like access to their well tested, bugfixed, signed bugfixes and updates on a high priority, high availability basis, then you can pay for such a service. These same bugfixes and updates will still be available for free on Red Hat's site and all of their mirrors.
Red Hat's way of doing business hasn't gotten any less friendly to their customers, and they aren't forcing anyone into ridiculous licensing schemes like some other companies we've been reading about here on slashdot.
You're not in the twilight zone, and nothing is backwards. Just look at the pretty GNU and repeat to yourself "It's...OK".
I moderated you up, but now I have to post a correction to your statement. sorry : )
I haven't actually compiled Bind 9 yet, but the page at http://www.isc.org/products/BIND/bind9.html says "To build shared libraries, specify "--with-libtool" on the configure command line.", so it seems you're inaccurate on one point.
I couldn't agree more. But that being said, have you seen the view from the other side?
No. If someone breaks into Western Union's computers, and they even THINK about Napster, DeCSS, or anything involving Open Source, then they have some problems of our own. This doesn't concern "us" as a hacker community. I don't see the connection that you do, obviously.
Doesn't matter to them that you specifically didn't do it, just "one of your gang". That's about as sensible as saying that since if a black man robs a convenience store, the store owners are going to blame black men. Blaming the faceless boogeyman might make some people feel better, but it doesn't solve any problems. I don't think that such scapegoating should be encouraged.
Slashdot should have a moderators-only poll:
Are you on crack?:
Yes
No
Brak
This post isn't "insightful", it's delusional. Western Union getting cracked isn't about "hacker culture" any more than a convenience store holdup. Someone broke in and stole information (potentially money). This happens every day in the real world. Anyone who thinks that the same kind of attempts aren't going to be made against their electronic storefronts isn't paying attention. It's not new, and it's no more likely to stop in cyberspace than in the real world. If you have a resource that you regard as property then you must defend it, or someone else will take it. As far as we know, that has been true as long as humans have had property.
"Hacker culture" doesn't enter into it. I've never seen any evidence that "hacker culture" encouraged theft of the property of others. The only persons I can concieve would attribute such a thing to "hacker culture" are not even close to being a part of it. (That means you!)
ESR didn't break into the server. RMS didn't do it. Linus didn't mastermind the attack. This has nothing at all to do with Open Source, as a movement or software. It's got a lot to do with Microsoft's closed source software and stupid administrators.
No, this attack is "NOT good". However, if the corporate powers want to do something about it, that _would_ be a good thing. Invest in better software. Pay for better admins. Defend our (and their) property. Making their security better makes our security better, too.
Slashdot Mirror
Well, you've been scored funny, but I'll assume that you're serious on a couple of points:
:)
6. Open Source Clients mean user built-in macros. If you're not a coder, you don't level as fast as the geek next cube who is
Them with more time than skill will balance out those with more skill than time. That's the way any task works, even menial labor. Being creative increases your productivity. Here, as an added bonus, you can sell your work (the macros, I mean) in the game.
4. Anti-cheat security often means 'Security through Obscurity'...
This is true in games where timing is critical, like Quake3:TA. There, the client must perform precise calculations based on available data to determine whether that last shot hit another player, for instance. It would be impractical for the server to do this, since network latency would seriously affect your accuracy. However, in a MMORPG, timing is not critical, and all of the important work is done on the server. The client is only responsible for requesting actions and rendering the graphics. If the rendering is just slightly off from the actual state of things on the server, it's not such a big deal.
1. Damn penguins pit for 9999 HP a peice
See above
The kornshell.com page has the code for a script that can be included in a CGI script in which all the arguments are mapped into shell variables.
Now that just strikes me as a terrible idea. Bad things happening to shell variables is exactly why you should not write CGI's using a shell.
Really. If you don't yet believe the awesome power of unchecked variables, then read Perl's security docs and learn about Taint mode. Check the FAQ's to see a small example of how often poorly checked input in CGI leads to a compromise. Taint mode specifically is what makes Perl my prefered language for CGI (among my primary languages: C, Perl, Python)
Originally, the reason we switched to maildir was that even without NFS, mbox was corrupting our filesystems. Not just the files, mind you, but the filesystems themselves. It was a total pain in the ass, and we damn near left Linux for FreeBSD. This was using 2.0.36 and Sendmail. We had to put /var/spool/mail on it's own partition so we could unmount and fsck it until we found a solution. Between that and problems with files > 500MB, my opinion of Linux 2.0 is very bad.
:)
Our solution was moving to qmail and using Maildir mailboxes for our users. We never saw the problem again.
Recently, I've switched to courier mail server (http://www.courier-mta.org/) on all my non-production machines to evaluate it. I'm really, really happy with it. Courier is a complete mail system, not just an IMAP server, so you might take a look at the whole package. The whole thing is RFC compliant, which causes troublte for software that isn't, but that's a fault in the other software.
As a final rant against UW-IMAP: I hate it. It loads the whole damn mailbox being checked into memory (regardless of the type), which creates a huge load every time someone with a large mailbox checks their mail. This problem affects the POP3 server as well, since that also uses the c-client code.
Now that just sounds like a load of FUD to me. If not, it's probably the least educated thing I've seen this morning. :)
Seriously, a statement like that without any evidence is FUD. It's not worth the bits I recieved to read it.
How? How, how, how would automatically updating signed packages introduce a "security hole"? If all of the Red Hat boxes our there today were to update themselves with security fixes regularly, then they become _more_ secure, not less.
Isn't that what they said to Jesus? Incredible...
Some people never learn.
I just sent the following email to my coworkers for a chuckle:
e ssional/reviews/zdwindows.asp
Subject: Notice from the management
It has come to our attention that according to a study commissioned by
Microsoft, under normal use, Windows 98 will require a reboot every 1.8
working days. With this in mind, we will be monitoring each of your
workstations for the next month. Anyone who does not reboot every 4 days
or less on average is assumed not to be using their computer to its
potential and will have to justify the continued maintenance of their
computer.
http://www.microsoft.com/windows2000/guide/prof
There are a lot of good answers to your question, from people who are experienced with similar setups. While other new "needs" will come up, and your question will require answering now or later, I have a question I'd like to ask...
Why would you call someone to fix your email after hours?? The only reason I can think of is that you have some urgent message to send ASAP. So you call a technician? Why not just call the person you needed to get the message to? Wouldn't that be faster for everyone?
The North Bridge that they use has a bus to each processor, so the current chipset will only handle two CPUs. I've heard rumor (but nothing from AMD themselves) that they will continue to work on chipsets to handle more processors. I suspect the reality of the situation is that IF they sell a lot of the dual processor chipsets, THEN they'll put development dollars into more complex chipsets.
I saw this message posted to Red Hat's bugzilla earlier today. The first thing that went through my mind was that I would NOT cause public panic by sending this to the SlashDot admins until I had first made a tactful inquiry to Red Hat regarding the situation. The second thing was that someone else would anyway.
I'm a programmer. I'm not on the gcc lists, and I don't stay abreast on the current version or issues so the message from the steering commitee scared me. I felt let down by Red Hat. However, having read your post (particularly where it regards the FreeBSD developers), I feel somewhat relieved.
If gcc 3.0 is released during the life cycle of Red Hat 7.x, then will Red Hat be able to include compatibility libraries for c++, and otherwise upgrade to gcc 3.0 final?
I'm still hoping that Red Hat responds to developers in a reassuring manner soon. : )
the fortune at the bottom of the page after I posted seemed entirely relevant, too:
At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.
Computer are easy to fix in comparison to humans. Computers accept any given set of instructions we see fit to give them, and they execute those instructions exactly, every time. When there's a problem in the instructions, we can give the computer a new set to fix the problem.
Humans dont WANT to be fixed. Humans don't even want to admit that they're broken. About 3 1/2 years ago, my mother was driving around a curve with my younger brother in the car when she was striken by an elderly woman nearly head on. Her car was demolished, and she was badly injured herself. (My younger brother was not.) Even after the physical therapy, she will suffer pain every day for the rest of her life. The elderly woman couldn't see well enough to see the bend in the road, or even my mothers car. She was for all intents and purposes blind, and a terrible danger to everyone on the road. Any responsible person would know that they should not drive in that condition, but people are frequently NOT RESPONSIBLE. Given the choice between safe and convenient, the woman chose convenience.
Could this problem have been prevented? Can it be fixed? Sure! First, however, someone has to admit that there is a problem. Then people would have to implement more frequent checks and more rigid requirements for the license to drive.
People don't want to go out of their way for safety or correctness. They don't want to learn good practice. They want convenience, and they want fast results. That will probably always be the case. As long as it is, those people will be the biggest source of trouble, computer related or not.
There have been a lot of good posts on this subject, but all that I've read missed the one obvious problem with Dell's claim (or the post): ;)
100k hits per day is just over ONE PER SECOND. A 486 could do better than that.
Even if you assume that peak time on the site is a 6 hour period, you're getting close to four and a half hits a second, which is no big deal.
For some good information on the state and progression of Linux, look at http://www.kegel.com/mindcraft_redux.html
is it just me, or does the concept of security as a "side effect" seem very frightening?
Maybe it's just you. Good programmers know that stable, correct code is the cure for 99% of all security problems. The other bit is security problems due to design flaws (such flaws would exist in the RFC, for example).
If you spend the time required to do something _right_, if you make the code robust and stable, then it will be secure. It IS a side effect of programming for stability.
...everyone else seems to have them.
:)
I've seen sonique... Sure, it's got pretty skins, but outside of that, XMMS 0wnz it. Xmms also has the benefit of maturity on Linux, so it'll probably be a lot more stable. What I'm wondering is: "when will xmms's UI be a plugin?" Everything else about xmms is based on plugins, so why not the UI, as well? With a couple of UI plugins, xmms could use any theme available.
Would using plugins for the UI make xmms a "microkernel" application?
Anyway, a previous post mentioned a visualization plugin for xmms, which I tried. It's almost good. But, trying to be a UI in a visualization plugin causes a few problems, like closing the application and restarting it with NO available UI. This would be a lot easier for developers and users if xmms's UI were a plugin, too.
ISA slots already have gone away on a number of motherboards. The point is that the manufacturers who are making said chipsets don't really want to support PS/2 any more. Supporting the ISA bus requires a larger, and more complex chipset. By removing legacy equipment, chipsets become smaller, more reliable, and most important: less expensive.
PS/2, serial, and parallel don't require ISA, they're part of it. You're missing my point. By removing all of this legacy garbage, PC hardware becomes a lot simpler. Simple hardware is smaller. Simple hardware is more reliable. Simple hardware is less expensive.
Not according to the documentation I read. Most current motherboards have the serial/lpt/ps2 support in the _SOUTH_ bridge, not the north bridge. None of my motherboards have those devices on the PCI bus, either. Where do you get your information? I'm not trying to be rude... if I'm wrong, then just back up your claim.
no real hardware is totally USB dependant
Ah, but that is where you are mistaken, eh? See my post here on exactly why USB support is damn important : )
Don't underestimate the importance of easy upgrading to 2.4. This will be one of the killer features in 7.0. (as an aside, I installed a 2.4pre kernel in my mother's machine and it works great )
According to AMD, during the next year the ISA bus will no longer be available on most motherboards. That means that a lot of new systems are going to be sold with NO ISA slots, NO PS/2 ports, NO serial ports and NO parallel ports. Removing the old ISA controllers will mean more available area on the motherboard for high speed controllers or smaller, faster, and less expensive motherboards, depending on your market.
Internal expansion will be available with PCI, i810 bus from Intel, or LDT from AMD (LDT bus can be 2,4,8,16, or 32 bits wide and features 1.6GB bandwidth). External devices will use either IEEE 1394 or USB. I'm guessing that support for these buses will be (or has been) back ported to the 2.2 Linux kernel, but will be better supported in the 2.4 kernel.
I'm in the same boat. I've got a Microsoft USB IntelliMouse optical, and it's not too bad. I updated Red Hat 6.2 with the initscripts (and required modutils) from 6.95, and USB works really smoothly with 2.2.17.
Clay Claiborne of Cosmos Engineering is quoted in the article as saying "[USB] still needs to work so that moduals [sic] automatically load." In my experience, they do. I wonder what modules didn't load for him??
Anyway, the feature listed that excites me the most is including SSL support. I haven't seen this in RawHide yet, so I don't know much about what uses it. If anyone has information about what secure server (apache-ssl or mod_ssl) is used, whether or not openssh is installed, whether or not there's an SSL proxy for POP/IMAP, or whether telnet is still enabled by default, post it, please : )
If that's insightful, check this out:
The two services are actually completely opposite each other. Microsoft makes you buy the software in the first place, pay for every major upgrade, and gives you SOME bugfixes for free.
Red Hat on the other hand, will distribute the software for free, including major upgrades and bug fixes. If you'd like access to their well tested, bugfixed, signed bugfixes and updates on a high priority, high availability basis, then you can pay for such a service. These same bugfixes and updates will still be available for free on Red Hat's site and all of their mirrors.
Red Hat's way of doing business hasn't gotten any less friendly to their customers, and they aren't forcing anyone into ridiculous licensing schemes like some other companies we've been reading about here on slashdot.
You're not in the twilight zone, and nothing is backwards. Just look at the pretty GNU and repeat to yourself "It's...OK".
I mod'd because it was interesting. I posted when I later found out that it wasn't entirely accurate.
I moderated you up, but now I have to post a correction to your statement. sorry : )
I haven't actually compiled Bind 9 yet, but the page at http://www.isc.org/products/BIND/bind9.html says "To build shared libraries, specify "--with-libtool" on the configure command line.", so it seems you're inaccurate on one point.
I couldn't agree more. But that being said, have you seen the view from the other side?
No. If someone breaks into Western Union's computers, and they even THINK about Napster, DeCSS, or anything involving Open Source, then they have some problems of our own. This doesn't concern "us" as a hacker community. I don't see the connection that you do, obviously.
Doesn't matter to them that you specifically didn't do it, just "one of your gang".
That's about as sensible as saying that since if a black man robs a convenience store, the store owners are going to blame black men. Blaming the faceless boogeyman might make some people feel better, but it doesn't solve any problems. I don't think that such scapegoating should be encouraged.
Are you on crack?:
This post isn't "insightful", it's delusional. Western Union getting cracked isn't about "hacker culture" any more than a convenience store holdup. Someone broke in and stole information (potentially money). This happens every day in the real world. Anyone who thinks that the same kind of attempts aren't going to be made against their electronic storefronts isn't paying attention. It's not new, and it's no more likely to stop in cyberspace than in the real world. If you have a resource that you regard as property then you must defend it, or someone else will take it. As far as we know, that has been true as long as humans have had property.
"Hacker culture" doesn't enter into it. I've never seen any evidence that "hacker culture" encouraged theft of the property of others. The only persons I can concieve would attribute such a thing to "hacker culture" are not even close to being a part of it. (That means you!)
ESR didn't break into the server. RMS didn't do it. Linus didn't mastermind the attack. This has nothing at all to do with Open Source, as a movement or software. It's got a lot to do with Microsoft's closed source software and stupid administrators.
No, this attack is "NOT good". However, if the corporate powers want to do something about it, that _would_ be a good thing. Invest in better software. Pay for better admins. Defend our (and their) property. Making their security better makes our security better, too.