Slashdot Mirror


User: khasim

khasim's activity in the archive.

Stories
0
Comments
5,818
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,818

  1. Well, you got one thing right. on Two Groups File Domestic Spying Lawsuits · · Score: 1
    You think I'm stupid because of what I wrote.
    Yep. Big time.

    You didn't get a single other item correct, but you got that one spot on.
  2. What the ... on Two Groups File Domestic Spying Lawsuits · · Score: 1
    The government is not obligated to protect you from exposure to someone else's religion, be it in a government meeting or not.
    Nor have I ever said that it was. Anyone can wear whatever jewelery they want and such.

    But no one is allowed to use that meeting to push their religion.
    You and I do not have a right to prayer-free zoning meetings, though we do have a right to campaign to replace those public officials who allow zoning meeting time to be wasted in that manner.
    They are violating the separation of church and state. They are not allowed to do that.
    I consider prayer at official government functions to be at about the same level of badness as political pork projects.
    Yeah. Right. It's great you have an opinion. But I really don't care what your opinion is. The law is different.
    It would be nice if it went away, but it's only a civil rights issue if somebody uses its religious nature as a reason to promote or oppose it.
    No. It is a violation of the separation of church and state. They can practice whatever religion they want, but they cannot use a governmental meeting to push it on others.
    I oppose it because it's irrelevant and unnecessary and because it makes some people uncomfortable, not because it's religious, and that's why my opposition to it is not bigotry.
    Yeah, great, whatever.

    Okay, you have an opinion that isn't based on any laws. That's fine. Who the fuck brought up "bigotry"? How stupid are you?

    You aren't worth discussing this with. You're just too fucking stupid.
  3. Not the same. on Two Groups File Domestic Spying Lawsuits · · Score: 1
    When somebody prays or carries out other religious expression during meetings or on government property, it does not force everyone else to support their religion.
    It does force that religion upon them. If I am there to discuss zoning issues, I should not be forced to listen to someone else's religous propaganda first.

    I, personally, think it's stupid and offensive to bring overt religious activity into a government meeting (like praying before a school awards dinner), but that's not government supporting religion (it's government tolerance of specific religious individuals who feel that they should conduct that religious activity at that time and place), and it's not at all unreasonable to use government property for religious activity as long as it's done in a fair and equitable manner.
    Those are two different issues. The first issue is that it is forcing a religion upon other people who are there to discuss/watch the government meeting.

    Government property can be used for religious functions. Although why you would want to when there are lots of churches around doesn't make sense. It just cannot be used for religious displays. Many local governments just ban all religious usage of governmental property rather than face the lawsuits should there ever be a conflict of scheduling.

    A government-owned religious statue in a park hurts nobody (though paying for one is an unwise use of government resources.)
    It's not about "hurt". It's about whether the government is seen as favouring one religion over another.
  4. Mod parent up! on Two Groups File Domestic Spying Lawsuits · · Score: 1

    Of course a police state would allow that.

    And they'd even support it coming before the court system.

    That way, their hand picked judges could officially rule that the government had not exceeded its limits in protecting the population.

    Then everyone could be happy that justice was served, the law upheld and those traitorous anti-state whiners were publicly shown how wrong they were.

  5. I don't see that. on ZDNet on the Essence of Geek · · Score: 2, Insightful
    "Nerds are people that are fascinated by technology. Geeks are people that are fascinated by technology, but know what to do with it."

    Case in point, Bill Gates is a nerd. Linus Torvalds is a geek. IMHO.
    I'd say the first person is just a toy-phile. It isn't the technology, it's the toy.

    They don't care about the GPS technology. But when it came out in a toy, they bought them.

    They can't tell the difference between xDSL and a cable modem. But they buy whatever claims to give them the fastest access.

    The toy-philes will be able to take a picture with their phone, email to their work account and print it on the colour printer there. But they won't know how to convert it to a different format or even that there are different formats.

    Driver
    Driver who takes advanced driving classes
    Mechanic
    Automotive engineer
  6. And geek is not chic. on ZDNet on the Essence of Geek · · Score: 5, Insightful

    Until the high school cheerleaders start hanging out at the chess club, geek ain't chic.

    This is just about toys. Pre-packaged, nearly idiot proof, toys.

  7. That's the way they work here. on Smart Elevators Coming to Seattle · · Score: 1

    If you hit every button, all the them go off.

    It's been in practice for a while to keep the kids from being jerks.

    Of course, they can hit all but 1 button. But when you get on, you just hit the other buttons until they all clear and then choose your floor.

  8. Any game like that will be tactical. on Iron Heroes: A low magic tabletop game · · Score: 2, Insightful

    Any game that relies upon individual combat for progression will end up being tactical.

    If for no other reason than the players will want to be VERY specific when their characters are in danger.

  9. Ba-dum-CHING! on RFID Cookware · · Score: 1

    Ba-dum-CHING!

  10. Wrong target market. on RFID Cookware · · Score: 3, Insightful

    The people who would cook by plugging a card into a pot would not be using a pot in the first place. They'd be using a microwave.

    The people who cook with pots and pans already know how to cook so they won't spend money on this. Gas stoves are much better for cooking anyway.

    Which leaves the only market being people with too much money, a love for new toys and no culinary skills.

  11. Also ... on Real ID Act Poses Technical Challenges · · Score: 4, Insightful

    It's a good thing that bad guys would never get a job at the agency handling all that information and get access to those databases.

  12. Are you sure it isn't about price? on iPod Owners Not Thieves · · Score: 4, Insightful
    Proving that iPod users are either scrupulously honest or more paranoid they'll get sued by RIAA than owners of lesser music players.
    Personally, I think it is just like we saw with the advent of cheap VHS tapes. When the moves were $100+, most people rented them and copied them. When the price dropped to $20, people buy them instead.

    Once you bring the price down to a certain point, the average person will pay for a legal copy.
  13. I'm going to post my hierarchy of vulnerabilities. on WMF Vulnerability is an Intentional Backdoor? · · Score: 2, Interesting

    I've posted this once today.

    1. Remote--root access that does NOT require human intervention or other app running.

    2. Remote non-root access that does NOT require human intervention or other app running.

    3. Local root access that does NOT require human intervention or other app running.

    4. Local non-root access that does NOT require human intervention or other app running.

    5. Remote root access that requires some human interaction or some combination of apps.

    6. Remote non-root access that requires some human interaction or some combination of apps.

    7. Local root access that requires some human interaction or some combination of apps.

    8. Local non-root access that requires some human interaction or some combination of apps.

    9. Remote OS crash.

    10. Remote app crash.

    11. Local OS crash.

    12. Local app crash.

    So, Microsoft's criteria would be equivalent to #1 here. And I agree that it is "critical". It is the WORST possible vulnerability. Which is why I listed it as #1.

    But #2 is only slightly less devastating. And if you combine #2 with #3, you'll have the equivalent of #1.

    Therefore, ANY remote attack that gives you ANY user level or above access should be "critical".

    But who really cares what name you assign them? "Critical", "Red", "Emergency", "Category 1", whatever.

    What matters is what avenue is open for attack and what the results of that attack will be.

    1,000 level 12 vulnerabilities aren't anything compared to one single level 1 vulnerability.

  14. Prior to patching, reduce the avenues of attack. on MS Patches Go For Quality Over Quantity? · · Score: 1

    You cannot rely upon patching. Therefore, the OS must be designed with the smallest attackable surface. Ubuntu rocks in this regard. A default desktop installation has NO open ports. That makes it 100% worm proof.

    So I've made a hierarchy of vulnerabilities to help me determine the actual seriousness of the "threat". Note: these are only applicable to a default installation.

    1. Remote--root access that does NOT require human intervention or other app running.

    2. Remote non-root access that does NOT require human intervention or other app running.

    3. Local root access that does NOT require human intervention or other app running.

    4. Local non-root access that does NOT require human intervention or other app running.

    5. Remote root access that requires some human interaction or some combination of apps.

    6. Remote non-root access that requires some human interaction or some combination of apps.

    7. Local root access that requires some human interaction or some combination of apps.

    8. Local non-root access that requires some human interaction or some combination of apps.

    9. Remote OS crash.

    10. Remote app crash.

    11. Local OS crash.

    12. Local app crash.

    There, now it should be easy to exactly compare different systems. A thousand #12's (local app crash vulnerability) is still not worth a single #1 (remote root access).

    And with a bit of thought (like Ubuntu has), it is easy to increase the security of your OS without relying upon the user to install patches.

    Of course, once that level is achieved, then it comes down to the items discussed in the article: ease of patching, speed of patch release. Again, all things that Ubuntu rocks at.

  15. Done correctly, it would be great. on Lawmakers Try to Protect Kids From Spam · · Score: 1

    For every single real address listed, the FBI should put at least 2 fake addresses.

    That way, there is a 2/3 chance that the pervs will be emailing an FBI agent. Why spend time lurking in chat rooms when they'll just email you?

    Do it in secret to begin with. Then let it become public when you've busted a ring or three.

    At that point, the pervs won't risk emailing anyone on that list.

  16. That's not my problem. on NSA Wiretapping Whistleblower · · Score: 1
    If you're going to use terms in narrow or specialized ways, you shoule really give the definition up front and not wait for someone to use the broadly accepted definition and then act as though they're wrong. It's both disingenous and unhelpful.
    I apologize for suspecting that you might have a basic understanding of the US legal system.

    The FBI can get a warrant to have a bank open your safety deposit box and take all your stuff.

    The FBI can get a warrant to take your girlfriend's stuff from your apartment.

    In both cases, the people forced to release the items do not own the items.
    In this case in the broad sense it's reasonable to say that I own my own body - even though in fact I can not sell myself legally in this country (or even certain parts thereof - like organs).
    What you do not own, you do not have any legal right to sell/distribute/etc.

    What you do own, you may sell/distribute/etc, within the limits of the law. I take it that these are NEW concepts to you.

    Well, that's about it for this thread.

    Sorry I confused you for someone with a basic grasp of the issues. It won't happen again.
  17. None of it is, yet. on NSA Wiretapping Whistleblower · · Score: 3, Informative
    I'd like to hear a lawyer inform us as to how much of it has any reflection whatsoever in case law.
    None of it is, yet. At least, not in the USofA.

    In other countries, they're taking personal information much more seriously.
    For example if you buy some fertilizer at Store A and they have your credit card # (your personal ID) and then you go blow something up with a bomb made from that fertilizer and the FBI comes calling - do they have the right or responsibility to transmit the data they have on you?
    Law enforcement is entirely different. The FBI can get a warrant and get any and all information about such sales.

    "Ownership" does not mean that the store cannot provide the info when served with a warrant.

    "Ownership" means that the store cannot SELL that info or provide it to any 3rd party (non-law enforcement).
    So let's not be hopelessly idealistic.
    Why not? Our country was founded on such idealism.
    If you buy something from a store w/ a check or a credit card - they DO have your info.
    They have it, but it is not their's.
    It's silly to say they "don't own it".
    No it is not. Just as it is not "silly" to expect that your HR department won't go posting your social security number on the web along with your name and home address.
    They have it - the question is what can they do with it?
    Right now, they can do anything they want with it, in the USofA. Other countries are more strict. And there is no reason why we cannot become stricter.

  18. Easy answer. on NSA Wiretapping Whistleblower · · Score: 3, Insightful
    If you buy something from me, then who owns the information about that transfer?
    You own the information that you sold item X.

    You do NOT own the information on who bought item X.

    You, being the vendor, have more limited privacy rights than I as the private customer do.

    When you load slashdot, you handing bytes to your ISP requesting that they hand it to several of their peers, then have those peers hand it back to you. Who "owns" those exchanges?
    Again, look at the vendors and the private customers. /. is a public site, so they don't own the info on my connection.

    Comcast is a public vendor so they don't own the info on my connection.

    Comcast does own the info that they were requested to connect to /.
    & /. does own the info that Comcast requested a connection.
    but
    neither of them own my name.
  19. It's all about how you dedicate your resources. on Microsoft Taking Longer to Fix Flaws · · Score: 1
    The software that we write at my current employer is a complex vector editing system and image RIPing. Our regression test suite can take up to 3 days to run. Whoops, that last fix broke something in abc.dll that depended on some behavior coming from def.dll. That will take a day to fix, 4 hours to build and rerun the test suite. Rince repeat until no more errors. An average fix may take us up to 10 days to code, test and deploy for patching.
    The question is, how many people and machines do you have dedicated to that?

    There are various approaches that are possible:

    #1. We have one guy writing the patch and one guy doing the testing and it's released when it is released.

    #2. We want 95% of our patches coded, tested and released within 4 weeks of notification, how many people and machines do we need to dedicate to hit that target?
  20. How much would it cost? on Microsoft Taking Longer to Fix Flaws · · Score: 4, Insightful
    when you're accountable to that many customers with so many "supported" configurations, it takes a while to test.
    What is this "a while"?

    Is it a day?
    Is it a week?
    Is it a month?

    Doesn't Microsoft have enough money to maintain images of different configurations just for such testing?

    Doesn't Microsoft have the people who could automate such testing?

    Is the problem that they don't have enough money? Or that they don't have people who are smart enough? Or that they just aren't doing it?
  21. I just went through that today. on Equipment Suppliers You Can Trust? · · Score: 1
    One of the help desk guys is now into getting user profiles re-created to fix just about EVERYTHING. Since only myself and a couple others have access to do it, I've had to fuck with roaming profiles all day instead of doing my project work. So yesterday, I bitched him out about it. I said "What's the problem?" and I fixed it in four minutes without touching the user profile. I then proceeded to lecture him on how it should now be considered a last resort.
    Instead of wiping out the entire profile$ and homedir$, the fix was to change two settings in an ini file that one of our stupidly broken apps uses.

    And the only reason I got to that was because our Windows admin's last day was Friday. For years they've been dealing with this stupid app problem by deleting/renaming the user's profile (or recreating the entire user) when 15 minutes of digging would find the real problem (the app is crap) and the best immediate solution (user gets out of that app and their ini file is overwritten by a known good one). That is, until the app can be replaced/upgraded.

    And the fix is now scripted. They're acting like I'm a genius. They never thought to compare a few ini files to see what, exactly, is different between them.
  22. Preventive maintenance! on Equipment Suppliers You Can Trust? · · Score: 1
    I personally don't even keep hard drives past their warranty expiration.
    The same with ANY components.

    Replace the hardware on a regular schedule BEFORE its estimated failure date. Sure, it might SEEM like more work and expense, but you'll spend more time and money if anything ever does fail.
  23. That's not really the "JIT" model. on Equipment Suppliers You Can Trust? · · Score: 2, Insightful
    The JIT model isn't so bad and it would seem some companies are building around that. I had some time to chat with the service tech and he was telling me about the shipping setup various companies have. Dell actually had a facility nearby that warehoused and shipped out parts as needed.
    If the company has a warehouse of parts, that isn't "JIT".

    "JIT" is where the company attempts to predict exactly how many parts it will need tomorrow and only order that number of parts from its vendors today.

    Those vendors also practice "JIT" with the vendors supplying them with parts.

    So, it all breaks down on those days when the demand is higher than any of the companies anticipated.

    Warehouses cost money, storing parts that aren't needed today costs money. JIT is supposed to save all of that money by predicting exactly what will be needed and how long it will take to get it and then having the part arrive at the company Just In Time to be shipped out to you.
  24. Massive sympathy. on Equipment Suppliers You Can Trust? · · Score: 1
    I know that in the place I work, I'll get the shaft if something critical (such as a backup) can't be restored, even though the backup system is in place, documented, and easy to maintain.
    I'm there, too.

    It is IMPOSSIBLE to get through the other IT people's heads (including my boss's) that the backups are the LAST RESORT in case of TOTAL FAILURE.

    They are NOT a substitute for planning and maintenance.

    And I am getting really sick and tired of spending weekends making sure that the backups are working and then finding out that the people doing some database upgrade didn't even bother to make a backup before they started.

    When you perform miracle after miracle to save their asses time after time, they get lazy and start believing that that is the nature order of things.
  25. I prefer my way. on The Annual US-CERT FUD Festival · · Score: 2, Informative

    Simply evaluate each vulnerability in a simple hierarchy. When evaluating a distribution or a version of Windows, use only the apps installed by default.

    1. Remote--root access that does NOT require human intervention or other app running.

    2. Remote non-root access that does NOT require human intervention or other app running.

    3. Local root access that does NOT require human intervention or other app running.

    4. Local non-root access that does NOT require human intervention or other app running.

    5. Remote root access that requires some human interaction or some combination of apps.

    6. Remote non-root access that requires some human interaction or some combination of apps.

    7. Local root access that requires some human interaction or some combination of apps.

    8. Local non-root access that requires some human interaction or some combination of apps.

    9. Remote OS crash.

    10. Remote app crash.

    11. Local OS crash.

    12. Local app crash.

    There, now it should be easy to [b]exactly[/b] compare different systems. A thousand #12's (local app crash vulnerability) is still not worth a single #1 (remote root access).

    SECURITY is about REDUCING the avenues of attack. A default Ubuntu install will never have any vulnerability above a #3 simply because it has no open ports, by default. This is extremely important when your machine is connected to the Internet.