Slashdot Mirror


User: TheLink

TheLink's activity in the archive.

Stories
0
Comments
12,789
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,789

  1. Re:On the bridge of the USS Linux on Microsoft Releases WTL To SourceForge · · Score: 3, Interesting

    No, but the malware people are shooting plenty of bullets.

    MS just stops providing patches and the pressure to switch increases. Win95 without patches isn't that unsafe - you can remove all the network services. But it's hard to do that with Win2K, XP etc.

  2. Re:Windows on Mac Trojan Horse Disguised as Word 2004 · · Score: 1

    For better security, what a normal user needs is a way to _easily_ run something in a sandbox out of a choice of various different sandboxes (gamebox, soundbox, greetingcardbox, defaultlimited - e.g. need 3D video, need sound, need generic disk space, need read access to my documents, need write access to docs, need network access - need to send data, need to listen on socket as server). It's got to be easy so they do the right thing without having to think (thinking hurts their poor little heads).

    Most apps don't need full R/W access to your home directory. Heck most of those stupid flash stuff don't need write access to anything except files they create.

    People say Linux/Unix is more secure, but I don't really think that most are more secure than Windows. In fact even with a B level O/S you have to make things easy for the user to understand otherwise the user will do the wrong thing and keep doing it.

    The UI plays an important part of making things secure.

  3. Try vmware on How Would You Distribute Root Access? · · Score: 1

    If it's x86 stuff maybe you should try vmware or something similar.

    Then everyone gets their own machine or ten, or however many they want that fits into say the 120GB drive you give them. 40GB for main PC stuff, rest of 80GB: if 5GB per virtual machine = 16 virtual machines..

    If they screw up or whatever, they can either rollback from a snapshot they've saved or they can just get a copy from various pristine vmware images you make available on a network share - e.g. Win2Kpro-SP4, Win2Kpro-SP3, WinXP-nopatch WinXP-SP1 Win95-last Win95-nopatch, FreeBSD49, FreeBSD52, OpenBSD, RHL, Deb. etc. Note: for windows stuff they need to use the SID changer from sysinternals or something before using the images.

    It's hard to ensure that when someone reinstalls software that they choose the same settings each time... With this method, getting a known install is just a matter of making a copy.

    We don't do this at my workplace coz we don't do much dev that requires root/full PC access anymore and we have fair numbers of old PC hardware that's been paid for.

    The vmware workstation prices dropped recently, so it's a good deal if you're in the US or somewhere with a higher cost of living.

    Sure nothing beats testing on a real machine, but often you can do most of the stuff on virtual machines and only do the last stages of testing and dev on real machines.

  4. Re:One Word. on How Would You Distribute Root Access? · · Score: 1

    Heh, maybe Novell needs you to help them explain things.

    When you're not the dominant player, not many are going to bother sifting through all the marketing bullshit and crap to figure out what your product actually is and does.

    Anyone remember HP's espeak?

  5. Re:Lightning protection on How to Protect a Network Against Lightning? · · Score: 1

    Recommended lightning rod usage:

    Install lightning rods on OTHER tall buildings within a 250-1000 metre radius of the building to be protected.

    Make sure that lightning rods + buildings end up much taller than the building to be protected.

  6. Re:let's not confuse communism with totalism on Forget MTV, I Want My Internet! · · Score: 1

    Trying to implement a political system that explicitly proposes the use of force in order to get it applied will typically result in a system ruled by the ones able to exert the most force.

    Seems to be a design flaw if you actually want a system not based on force but on freedom and all the other nice stuff. Of course it's a design feature if you're the happy dictator sitting on top of it all.

  7. Re:Zounds! on How to Protect a Network Against Lightning? · · Score: 1

    "when it's just easier to fix the results after the fact?"

    Not if you're a dead 5th level Cleric.

  8. Do read the link from the article on Life-Ruining Browser Hijackers · · Score: 2, Informative

    What Brian Rothery actually said. I dunno why the article spun what he said so differently.

    I'm 95% sure the guy is innocent of the child porn thing.

    I wouldn't send anyone to jail with crappy evidence like this. Browsers and PCs can be hijacked and hijacking is widespread. The scum who do the hijacking are the ones who should be sent to jail - they throw kids into jail for writing worms/viruses, well they should throw the hijacking scumbags in first.

    I use IE but have scripting etc off (it's even off for my Local computer zone - so many of the zone crossing exploits won't work on me), so I have no such probs, but think of your nonsavvy friends and relatives.

  9. Re:Scramdisk on Locally Secure Email Clients? · · Score: 1

    In my old office we could easily set things up with Eudora so that any user can log in to any PC and read their mail from the network drive. Just have a shortcut on the desktop and in the start menu.

    With Outlook you'd have to create profiles for each user on each PC. This was in the Win9x days. Didn't really get to try roaming profiles. Do you know how well that works in practice?

  10. Re:Overclocking Dothan on Intel Releases New Pentium M Processors · · Score: 1

    Probably because Intel didn't realize how badly they screwed up till too late. Takes years from plan to tape out.

    Now they have to convince enough suckers to buy Prescotts till they turn things around.

    There's also the server market to worry about. Imagine an SMP Prescott server - 2 X 100+W in a 1-U, or how about quads 8-). Alternative? Does the Dothan/Banias support SMP? Does it work with popular server chipsets? So Dell will probably stick to Northwood for servers.

    Looks like it could be a really good year for AMD, that is if they don't screw up :). They have till mid 2005 whilst Intel does their damage control and emergency stuff.

    I don't see them being able to improve Prescott significantly before then.

    Dothan isn't really much of an improvement compared to Banias. Performance/clock is about the same.

  11. Re:laptop woes on Intel Releases New Pentium M Processors · · Score: 2, Insightful

    I recently used a Pentium-M notebook with 512MB RAM, Windows XP and some junk on it (instant messaging stuff).

    It was slow. In one case it did lots of paging out for dunno what reason, then when I tried to switch tasks I had to wait a long time for things to page in and for the system to regain its senses.

    A 1GHz Duron, 128MB pc with Windows 2000 was more responsive and stable in comparison - same apps (two apps).

    From my experience with other XP machines, Windows XP is a downgrade from Win2K. The only advantage XP has over Win2K pro is you get to see the various owners of processes in the task manager. For some stupid reason you have to get Windows 2000 Server with the terminal server stuff to get that feature on the task manager.

    Windows XP is the Windows ME of the NT family.

  12. Re:S3 is a bad idea IMHO on ACPI and S3 Sleep on the Linux Desktop? · · Score: 2, Funny

    Re: your sig
    "Suicide prevention put me on hold."

    You said you were going to hang yourself and they told you to hold the line? ;).

    Hang in there...

  13. Re:I don't understand this on Cry To Beat Iris Scanners · · Score: 3, Interesting

    Well they're not all made the same. Just like anything there are different specs. Not sure of the ones used in the ATMs - I heard some of those can work from quite a significant distance- 1 metre? The one I played around with only could do about 10 cm to 20cm maybe 30 cm.

    To register a person you'd want the best pic possible, so you normally want a cooperative subject. But after that the one I tested was pretty OK, even IDs people with scratched eyewear and even some sunglasses.

    As for the danger to epileptics claims thats stupid - the stuff can work with IR light. The one I played around with had 3 red LEDs for illumination and was made by LG.

    Just buy the right iris scanner for the task and it'll work OK, unless the iris is obscured - I suppose really thick/long eyelashes might cause problems.

    Epileptic thing really sounds fishy, perhaps there's a hidden story/agenda somewhere. Now if they had said that fake contact lenses could cause problems I'd believe them - then you need fancy scanners that detect pulses and the usual involuntary iris size changes - I doubt the cheap scanners do that.

    Whatever it is, with biometrics for real security you always need a guard there, otherwise you can bring in equipment to fool the sensors. No self respecting guard is going to let you stick some fancy gizmo into/in front of a biometric sensor...

  14. Re:Normal people, that's who. on Stopping Overseas Fax Spam? · · Score: 1

    Well if you don't trust the person, don't make any contract with them so the signature shit whether crypto or not is not worth anything. If GPG/PGP becomes really common and signatures become binding then there'll be worms snarfing passphrases and signing stuff. So it's really silly to rely on stuff like this as foolproof (despite what BS the Corps/Orgs spout).

    Credit cards have crappy security, but still the card companies and issuers do better than OK. There are plenty of services that rely on trust and they do ok. Many eating places here trust you to tell them what you eat so they can charge you. They do fine.

    All that paperwork is to help the lawyers do their stuff in event of a disagreement.

    If you don't trust the person and still need to make a contract then you need a mutually trusted 3rd party/parties as witness. That way everyone sees everyone signing, even if it's a stupid X mark or an throwaway GPG key, when it comes to court, if you say "Nyah, it's not my sig" you'd get the book thrown at you.

  15. Scramdisk on Locally Secure Email Clients? · · Score: 1

    Since you're using windows 98 try Scramdisk.

    I used it some years back in my Win9x days and it was very reliable (well version 2.02h was anyway). I used Eudora for email, but any email program that isn't so tied to the registry is good - e.g. uses ini files and you can tell the program where to find the ini and mails.

    Here's how I did it:
    Create a scramdisk container (encrypted file which you mount as a drive) big enough to hold your emails and other stuff.

    Mount it as say M: (or z: or whatever - don't clash with local, cdrom or network drives)

    You can install eudora on the M drive - or leave eudora on C: for them to use. Then you create a shortcut for your own use which points to "C:\Program Files\Qualcomm\Eudora\Eudora.exe" "m:\mymaildir"

    Eudora is smart enough to use m:\mymaildir as the maildir when you launch it that way.

    Note you can even put the scramdisk container on a network drive which is what I did at my office - that way I can mount my office mail from any LAN machine and access it, and the data goes over the network encrypted.

    I've also had scramdisk and a scramdisk container on a CD-R to store my remote admin SSL certs.

    Scramdisk does not work with NT/W2K/WXP you have to buy the author's next version for that.

  16. Re:Hello! World to Miguel! on de Icaza: Rest of World Will Force US Into Linux · · Score: 2, Insightful

    Moderators disagree? :) Ok I'll back it up my reasoning (and try to speak slower):
    "Another strategy Miguel discussed was about moving as many F/OSS applications as possible to Windows in order to familiarize the casual users with open source."

    It is not easy to move Linux/Unix stuff to Windows. It is expensive - costs the developers time and effort, and there are other costs supporting a rather different architecture- look at the various apache-win bugs. And what does that gain Linux and the rest? More Windows software. Wow, great move that.

    What next? Get people to write more native windows software, instead of just porting Linux apps to windows? Oh yah he's trying that too:

    "Another Microsoft spokesperson told internetnews.com that, "Mono is just one example of the level of excitement within the developer community around .NET," he said. "At this point, we have millions of developers building .NET connected applications." "

    Insert image of MS spokesperson "rubbing hands with glee" - More Windows software.

    If more Linux developers write Mono software for Linux and Mono software runs on Windows with no modifications, AND MS office and other Windows-only software doesn't run on Linux.

    THEN the software available for Windows increases more than software available for Linux. Go figure.

    Do I need to talk slower and more loudly? Doh.

    And what if there's an "embrace and extend" war? With some slight incompatibilities? Who wins? Mono-certified .Net apps or MS/Windows Logo certified?

    And now this joker talks about the World Forcing the US into Linux if the EU doesn't do the US thing.

    Doh. What next the World Forcing the US into signing the CO2 treaty? Sorry I must have lost track of which universe I was in. This must be the universe where the World forced the US into Iraq eh? And where Miguel ends up being the whole reason for the universe entire existence.

  17. Hello! World to Miguel! on de Icaza: Rest of World Will Force US Into Linux · · Score: 0, Interesting

    Wakey, wakey!

    Don't forget: this guy also thinks Mono is a great idea.

    Sometimes I wonder if he's actually working for MS with the ideas or "strategies" he comes up with.

  18. Re:What? on Lucent: Down But Not Out · · Score: 1

    Don't they still make those firewalls they call "bricks".

    Wonder how well they worked in practice.

  19. Re:Why do you care? on Pointers for Developing x86 Virtualization? · · Score: 1

    AMD had an opportunity to add easy virtualization at least in some modes when they introduced the AMD64 instructions. But unfortunately I don't think they did, did they?

  20. Re:Ever tried Real Life? on Tough Love - Can A Game Be Too Hard? · · Score: 1

    Players can still consider certain actions as cheating even though it's allowed by the game physics/engine.

    For example: in soccer/association football even though nongoalies can (by physics) deflect the ball with their hands/arms, doing it intentionally is considered cheating. Even unintentional deflections can be considered fouls by the referee.

  21. Re:We Want Low Power CPU on the *DESKTOP* too on AMD Launches Low-Voltage Processors · · Score: 1

    So when are you moving to Alaska? ;)

  22. Re:Managed environments on Programming As If Performance Mattered · · Score: 1

    The last I checked there are only a few programmers who put personal/monetary guarantees on their code - e.g. Knuth, DJB. So IMO the rest of the programmers suck and any "self respect" they have as programmers can't be worth very much.

    A brief look at bugtraq will show you that the other programmers can't code for shit and should use languages designed for bad programmers.

    But they're not even smart enough to realize that. They think they are good programmers and many even use stuff like C and C++[1].

    If your program operates in a hostile environment (network server, online app etc), I recommend you stick to languages designed for bad programmers. I do, which is why even though I am a crappy programmer I know my program won't have those buffer/stack overflow crap (it'll be the language programmer's mistake not mine), instead of counting bits one by one I can stick to getting the job done.

    Maybe stuff like the NX thingy and other stuff might help eventually. But meanwhile, the IT security business is still OK.

    [1] Dangerous languages where common silly mistakes will "allow the attacker to execute _arbitrary_code_ of the attacker's choice". Safe and sane languages won't do that.

  23. Re:speed/easy coding on Programming As If Performance Mattered · · Score: 1

    You prefer getting an almost/usually correct answer really fast?

    I hope that's not how you do your MD5s...

  24. Re:The killer features in Excel on Excel Clone for Linux Now in Beta · · Score: 1

    Uh I thought the "killer" features in Excel were the macroviruses. Those were really killer stuff :).

    The Antivirus industry wouldn't be so big without all that stuff.

  25. Re:But what about the Macros? on Excel Clone for Linux Now in Beta · · Score: 1

    How about 100% macrovirus compatibility?

    Seriously though, how about supporting macros BUT have a mode that turns off the "auto stuff" - the stuff that runs automatically on open, on save etc, whilst letting the rest of the macros run (when the user clicks X or something).

    I suspect most of the macro viruses use a few functions to spread. And those functions can be locked down or made conditional.

    A spreadsheet software that is just like Excel, the only difference is macroviruses won't work can be a good selling point.