For the record, I actually kept the damned wireless AP off entirely until I figured out it was running Linux. Now I have it on, and MAC filtering in place. Haven't set up WEP yet, mainly because I'm in an out of the way area and I'd notice anyone with a laptop or PDA around in range -- and they'd be frozen stiff standing out there in below zero weather, especially with the winds we've been having lately...
Your operating system provides threads as a programming primitive that permits applications to scale transparently and perform better as multiple processors, multiple cores per die, or more hardware threads per core are added. Your operating system also provides virtual memory as a programming abstraction that allows applications to scale transparently with available physical memory resources. Now we need our operating systems to provide the new abstractions that will enable self-healing activities or graceful degradation in service without requiring developers to rewrite applications or administrators to purchase expensive hardware that tries to work around the operating system instead of with it.
Neither the applications nor the OS should depend on the other providing any failover or self-healing services; they should always be prepared to go it alone if necessary (as it might be the failover system). Services that crash should restart themselves, etc. This part is pretty well done by most enterprise-grade server software. It's the operating systems we're waiting to play catch-up.
And I'm still waiting to see any box that can replace its own power supply after someone flips the 115/230 switch. Once we get that, then we'll have truly self-healing systems. And all you BOFH's out there might be looking for a new career...
This is wacky. You dismiss WEP and SSID hiding as useless, yet seriously recommend turning off the DHCP server will help?
You obviously missed my tongue firmly lodged in my cheek.
I'm saying ALL of the above are useless, because ALL of the above can be worked around. I should know, I've done it. Purely in a test environment, of course. Nevermind that the name of the test environment bears a strong resemblance to the name of the city in which I live...
Yes, implementing any of the above will cause the casual complete idiot to go ten feet down the street and play with your neighbor's wide open AP with the SSID still set to "netgear", but we're more concerned with the not-at-all-casual person who knows what he's doing, for that's the one who will cause you the most grief.
The only solution I've seen that actually worked was someone who put up a nice, wide open access point and then stuck a firewall/VPN behind it. You have to connect to the VPN over the wireless connection to get anywhere.
This story is old news, as I posted the following way back in April:
If you bought one of those shiny new 802.11{abg} access points so you could be lazy and use your laptop in bed without a bunch of cords dangling all over the place, you have a decision to make. Do you want your neighbors and random strangers using your Internet connection?
If you decide you don't want other people using your connection, then don't do these things:
Hide your SSID. Your access point will broadcast it anyway whenever your computer associates, and if you're using Windows XP then it associates every few seconds.
Use MAC filtering. Your access point will broadcast valid MAC addresses whenever those stations are in use, and anybody can pick those up and change their MAC address to match yours.
Use WEP. It's easy enough to crack that anybody listening can recover your WEP key in a fairly short time if you actually use your wireless connection for anything.
Use a Microsoft access point. Microsoft access points will gladly send their WEP key to anybody who asks, making WEP completely useless.
Use LEAP. It is based on Microsoft CHAP and a poor implementation at that. It's easy to crack.
Hm, what's the point of enabling all that security if it's so easy to get around? Here are some other things you might try:
Turn off the access point's DHCP server. Won't do you much good, since somebody can just "borrow" your IP address when you aren't using it or use an unused IP address in your subnet.
Reorient the access point's antenna. Then you'll just have the people on the other side of your apartment using it.
Hm, you may as well just take the damn thing back and get a refund, and suffer the Ethernet cord.
Operating systems expand to fill the available boot media.
No, they expand far past that. Seen SuSE lately? I remember when Red Hat was just TWO CDs, one of which was source, and SuSE came with SIX. I have no idea what they're up to now.
Of course, if you threw everything in Gentoo onto DVD, it would take up about 10 DVDs...20, with sources.
Even Windows isn't immune. Longhorn has outgrown even the 700MB CD, and will ship on DVD.
Yeah, it's pretty sad. I get modded down all the time. Check out these egregious examples of bizarre moderation (keeping in mind the starting score of 2):
He's got a point though. I could volunteer my services as a random Firefox mirror and who's to know if I'm distributing doctored copies? And where's the digital signature? How can you trust that binary from 207.177.45.61?
Now I know the usual answer is going to be "well you can download the source yourself!" or "you can check the md5sums!" The 9.3 million of those 10.1 million Windows downloads probably won't bother. You see how they already clicked through IE's multiple warnings in order to get Firefox installed.
I'll kick in $20 to Firefox if it goes toward a signing certificate.
Before you mod this too far down, keep in mind I run Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041115 Superunicorn/1.0 (All your Firefox/1.0 are belong to Firesomething)
You need to go get your product into wide use now. On one project I'm involved with, we're working with a certain.com on a project I can't say much about yet, but we're going to give a certain Microsoft product a run for their money, using open source software. I don't expect any of us to see money from the project for at least two years, though you can bet you'll see the product -- when it's ready -- on the front page of slashdot.:)
In the meantime, keep maintaining your software, and keep getting the word out. If it's good stuff, someone will take notice, and an opportunity to make money off it will come your way.
Re:Seriously... Why would you use this?
on
GIMP 2.2 Released
·
· Score: 2, Funny
I'll sell you The GIMP for the bargain basement price of $649.99. Just write out a check or money order to CASH and mail it to the address in my whois record.
I get the security holesemailed to me every day and fix them on an ongoing basis. This is a normal course-of-business expense, and charging the expense to someone else is...well...just a little bit gray ethically. NASA should have been fixing their security holes rather than waiting for someone to come along and try to pass the expense off on.
I'm not at all saying the cracker was right to break into NASA's systems. What I am saying is NASA has a responsibility to keep its systems secure, and spend the required $$$ to do so, and they failed. That they failed does not give them the right to charge that expense to the next person to walk through the door.
It was also interesting that no lawyers were present for the trial.
The spammers weren't present either, apparently. Now in order to collect this money, the poor guy has to go find the spammers. And they are probably just arriving in New Zealand right about now...
Yes, but warez are perfectly safe. If any group let warez get out with viruses in them, they'd lose their reputation and everyone would point and laugh at them. That's a powerful motivator.
The stuff you have to watch out for is software on nice flashy websites with drooling vapid marketing prose and dancing monkeys.
Last weekend I made $5.01 off of slashdot readers just clicking on my sig and then wandering around my site and buying stuff. And I didn't post any referral links, just the usual trolls and off-topic flamebaiting. Fortunately I have a day job.
If I were going to give anyone a book, it would be from the Bastard Operator from Hell series. The poor clueless users who can't even program their VCR need to know what they're in for if they cross one of us....
You can take a look at my blog to get some idea of what is available, but be aware that I run nightly builds (don't try this at home, kids!) so a few things you see might not be available. And the Google search box at my site definitely is not part of WordPress, and might never be; I developed that bit myself. I can't imagine anything you can do with MT that you can't with WP.
The Department of Justice takes a somewhat different view than the ACLU. I would have included this link earlier but it was forwarded to me by an anonymous coward after I made the grandparent post.
The only limitation on the Second Amendment espoused by the DOJ is to restrict it from those who aren't responsible enough to keep and bear arms. (i.e. the mentally ill, etc.)
Slashdot Mirror
Click here to ruin the joke.
For the record, I actually kept the damned wireless AP off entirely until I figured out it was running Linux. Now I have it on, and MAC filtering in place. Haven't set up WEP yet, mainly because I'm in an out of the way area and I'd notice anyone with a laptop or PDA around in range -- and they'd be frozen stiff standing out there in below zero weather, especially with the winds we've been having lately...
Neither the applications nor the OS should depend on the other providing any failover or self-healing services; they should always be prepared to go it alone if necessary (as it might be the failover system). Services that crash should restart themselves, etc. This part is pretty well done by most enterprise-grade server software. It's the operating systems we're waiting to play catch-up.
And I'm still waiting to see any box that can replace its own power supply after someone flips the 115/230 switch. Once we get that, then we'll have truly self-healing systems. And all you BOFH's out there might be looking for a new career...
You obviously missed my tongue firmly lodged in my cheek.
I'm saying ALL of the above are useless, because ALL of the above can be worked around. I should know, I've done it. Purely in a test environment, of course. Nevermind that the name of the test environment bears a strong resemblance to the name of the city in which I live...
Yes, implementing any of the above will cause the casual complete idiot to go ten feet down the street and play with your neighbor's wide open AP with the SSID still set to "netgear", but we're more concerned with the not-at-all-casual person who knows what he's doing, for that's the one who will cause you the most grief.
The only solution I've seen that actually worked was someone who put up a nice, wide open access point and then stuck a firewall/VPN behind it. You have to connect to the VPN over the wireless connection to get anywhere.
If you bought one of those shiny new 802.11{abg} access points so you could be lazy and use your laptop in bed without a bunch of cords dangling all over the place, you have a decision to make. Do you want your neighbors and random strangers using your Internet connection?
If you decide you don't want other people using your connection, then don't do these things:
Hm, what's the point of enabling all that security if it's so easy to get around? Here are some other things you might try:
Hm, you may as well just take the damn thing back and get a refund, and suffer the Ethernet cord.
No, they expand far past that. Seen SuSE lately? I remember when Red Hat was just TWO CDs, one of which was source, and SuSE came with SIX. I have no idea what they're up to now.
Of course, if you threw everything in Gentoo onto DVD, it would take up about 10 DVDs...20, with sources.
Even Windows isn't immune. Longhorn has outgrown even the 700MB CD, and will ship on DVD.
And let's not even get into my rejected story submissions.
Click here to ruin the joke.
Now I know the usual answer is going to be "well you can download the source yourself!" or "you can check the md5sums!" The 9.3 million of those 10.1 million Windows downloads probably won't bother. You see how they already clicked through IE's multiple warnings in order to get Firefox installed.
I'll kick in $20 to Firefox if it goes toward a signing certificate.
Before you mod this too far down, keep in mind I run Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041115 Superunicorn/1.0 (All your Firefox/1.0 are belong to Firesomething)
It can run Windows but you're going to have a hard time finding drivers for the Linmodem.
I think I'm going to wait until they come out with the version that writes in color.
You need to go get your product into wide use now. On one project I'm involved with, we're working with a certain .com on a project I can't say much about yet, but we're going to give a certain Microsoft product a run for their money, using open source software. I don't expect any of us to see money from the project for at least two years, though you can bet you'll see the product -- when it's ready -- on the front page of slashdot. :)
In the meantime, keep maintaining your software, and keep getting the word out. If it's good stuff, someone will take notice, and an opportunity to make money off it will come your way.
I'll sell you The GIMP for the bargain basement price of $649.99. Just write out a check or money order to CASH and mail it to the address in my whois record.
This is the United States, land of the fee and home of the censored.
I'm not at all saying the cracker was right to break into NASA's systems. What I am saying is NASA has a responsibility to keep its systems secure, and spend the required $$$ to do so, and they failed. That they failed does not give them the right to charge that expense to the next person to walk through the door.
The spammers weren't present either, apparently. Now in order to collect this money, the poor guy has to go find the spammers. And they are probably just arriving in New Zealand right about now...
The stuff you have to watch out for is software on nice flashy websites with drooling vapid marketing prose and dancing monkeys.
It makes you wonder just how much money the attorney general got behind the scenes. Not saying this actually happened, but you have to wonder...
Treason is the only crime defined in the Constitution and it does indeed carry the death penalty.
Last weekend I made $5.01 off of slashdot readers just clicking on my sig and then wandering around my site and buying stuff. And I didn't post any referral links, just the usual trolls and off-topic flamebaiting. Fortunately I have a day job.
If I were going to give anyone a book, it would be from the Bastard Operator from Hell series. The poor clueless users who can't even program their VCR need to know what they're in for if they cross one of us....
You should read it. Ashcroft's name isn't in there anywhere, not even on the signatures at the bottom.
Multiple blogs are partially supported in 1.2, and 1.3 will have much better support for this type of installation (e.g. web hosting, etc.)
You can take a look at my blog to get some idea of what is available, but be aware that I run nightly builds (don't try this at home, kids!) so a few things you see might not be available. And the Google search box at my site definitely is not part of WordPress, and might never be; I developed that bit myself. I can't imagine anything you can do with MT that you can't with WP.
The only limitation on the Second Amendment espoused by the DOJ is to restrict it from those who aren't responsible enough to keep and bear arms. (i.e. the mentally ill, etc.)