Sorry, I wasn't dismissing the idea, it was more of a joke showing the wonders of Altavista Babelfish, that cannot even reverse its own translations properly. Anyway, it does seem to me that using these tools would create nearly as much, if not more, work than just paraphrasing the paper yourself.
My understanding is that water is a relatively common compound, but the problem is that oxygen and hydrogen (esp. hydrogen) are light and therefore less likely to survive the creation of a rocky inner planet. A planet is formed from the outcasts of matter from a forming star. The heavier elements converge toward the center and the lighter ones get pushed out. Any water that is not blown away from the rocky planet by solar winds and such are boiled away by the hot, forming planet. These less-dense materials get pushed further out and freeze. They eventually form into ice-comets that over billions of years crash back into the now-cooling planets, helping to form the atmosphere and oceans of inner rocky planets.
I would have thought the absorption of water-soluble salts and minerals by the water itself would have more of an impact on saltiness than life ingesting the minerals and then releasing them. Then again, I am not a biologist so maybe there are some salts produced by living things that do not occur otherwise. I would think in this case that there would be no freshwater lakes as they are teaming with life. Maybe I am misunderstanding though.
Even if distribution within a company applies, the GPL only requires them to distribute their code to those that they distribute the software to, or to distribute the changes to those that request it. The latter only applies if they do not distribute the changes along with the software. This means if they include a source directory on the media they distribute the software internally to, they do not have to comply with requests from those outside the company requesting the code.
IANAL, so I may have misinterpreted the GPL here. Please correct me if I am wrong.
I think the problem is that many people think the controversy is whether or not global warming is happening. The answer is that it is happening, the global average temperature is climbing. This is based on hard evidence obtained by measuring. Arguing that it isn't is like arguing that the world is flat. The real question and controversy is whether or not our past and present actions are having a measurable effect. All scientists can do is run small controlled experiments, and eventually come up with a theory that can predict. However, there are so many variables that by the time a well-tested theory can be made, it might be too late. The other problem is that there are people with agendas on both sides of the issue, that pay for experiments with results that skew thinking in the direction they want. Our space program seems to be waning, and it will be a long way off before we can have viable colonies that do not depend on Earth. If we don't at least try to curb our production of greenhouse gasses, we might be the cause of Earth's next big extinction.
Where is the salt that life is pissing into the water coming from? Pretty sure it would come from the salty water as well. This would mean the water would not get saltier as more life pisses into the water. Not saying the rest of your statement is wrong, but the life making water saltier seems to be circular logic.
However, someone else made the point that the current theory is that Earth received much of its water from "magical" water comets. I seem to recall that many of them are made of ice, now what does ice melt into again?
Anyway, Debian stable is a fantastic server OS, where you install, configure it for your needs, and leave it, installing security updates as needed.
Ubuntu server LTS versions are good too if you want to have an easy install and paid support from Canonical, but you pay for it by some stupid dependency configs and unnecessary packages. I'm not sure if they fixed this in more recent versions, but if for example you have the "ubuntu-desktop" package installed, you can't remove Firefox without removing the entire "ubuntu-desktop" package. Granted, you can configure X, Gnome (or KDE or XFCE or whatever), and the rest of the DE. But you might as well use Debian at that point. Before you say that you should not need a DE on a server, I know this, but many paying clients wont accept that.
For normal desktop use, Ubuntu is fantastic, it is nice to not spend many hours configuring the base OS, and just have a quick install with most things configured the right way by default.
Vaguely similar in theme to Firefox, also the name of a car
I'm pretty sure the name thunderbird came before firefox. Originally it was called Minotaur when Firefox was called Phoenix. The Phoenix BIOS people complained of trademark violation, so Mozilla started calling it Mozilla Phoenix. Phoenix Technologies was still pissed so they renamed it Firebird. The Firebird database people then complained about the name. Again, Mozilla tried "Mozilla Firebird" before changing to Firefox. Thunderbird was named in reference to Firebird, but I'm not 100% sure if that move was before or after the switch to Firefox.
Original English Text: The Stranger (1942), by Albert Camus, is one of the most famous French novels of the twentieth century and is among the most notable literary expositions of the absurdity of human existence in an indifferent universe. Philosophically, it is an existential novel, despite Camus not considering himself an existentialist.
Translated back to English: The foreigner (1942), by Albert Camus, is one of the French novels most famous of the 20th century and is among the literary exposures most notable of the nonsense of the human existence in an indifferent universe. Philosophically, it is an existential novel, in spite the Pug one not being considered existentialist.
Translated to German: Der AuslÃnder (1942), durch Albert Camus, ist einer der franzÃsischen Romane, die vom 20. Jahrhundert am berühmtesten sind und gehÃrt zu den literarischen Berührungen, die vom Unsinn des menschlichen Bestehens in einem gleichgültigen Universum am bemerkenswertesten sind. Philosophisch ist es ein Existenzroman, in der Bosheit der Pug einer, der nicht als Existenzialisten gilt.
Translated back to English: The foreigner (1942), by Albert Camus, is one the French novels, of 20. Most famous are belonged to century and to the literary contacts, which are most remarkable from the nonsense of the human existence in an indifferent universe. It is philosophical an existence novel, in which malice of the Pug of one, which not when Existenzialisten is valid.
Translated to Italian: Lo straniero (1942), da Albert Camus, à uno i romanzi francesi, di 20. Il pià famoso sono appartenuti al secolo ed ai contatti letterari, che sono i pià notevoli dall'assurdità dell'esistenza umana in un universo indifferente. à filosofico un romanzo di esistenza, in cui malizia del Pug di uno, che non quando Existenzialisten à valido.
Translated back to English: Alien (1942), from Albert Camus, is French novels, of 20. Most famous they are belonged to the century and the literary contacts, that they are most remarkable from the absurdity of the human existence in an indifferent universe. An existence novel is philosophical, in which malizia of the Pug of one, than not when Existenzialisten is valid.
Translated back to English: Foreigner (1942), of Albert Camus, is French novels, of 20. Most famous they are belonged to the literary century and contacts, of that they are most remarkable of the absurdidade of the human existence in an indifferent universe. A novel of the existence is philosophical, where malizia of the Pug of one, of what not when Existenzialisten is valid.
Translated to Spanish: Foreigner (1942), de Albert Camus, es novelas francesas, de 20. El mÃs famoso se pertenecen al siglo literario y los contactos, de eso son las mÃs notables del absurdidade de la existencia humana en un universo indiferente. Està filosÃfica una novela de la existencia, donde malizia del
No, assuming the other DVD-R (and/or DVD+R, depending on the extent of the patent) manufacturers(Memorex, Verbatim, Fujifilm, etc.) do pay the licensing fees as they are required, competition is now fair. If they are paying the licenses and this company is not, they have to lower their prices to compete. Doing so may cause them to sell the parts at a loss while the other company profits. This kills competition and causes a monopoly, which generally causes prices to go up in the long run.
On the other hand, if the patents are illegal, obvious, or have prior art, Toshiba should lose this case and control over the patents in question. IANAL, so its not my business to argue that.
True. Just as few users would be able to really tell the difference between windows 98 and NT 4 from the just the desktop environment. The underlying OS is completely different, but the user space looks very similar. This is a problem in pushing linux for desktop machines, in that most users really don't know or care about the differences between kernels. If Ubuntu decided to switch to nexenta instead of debian as its base, many would not realize there was a change to an OpenSolaris kernel. The DE would be the same, the package manager would be the same, but all of the underlying things that the average user does not know about would be completely different. Different kernel, different file system, possibly a different shell (bash is available but IIRC zsh is the default).
The number of characters that can be printed across CowboyNeal's buttocks. He has a very long yet narrow ass that contains a tattoo of every sig in slashdot.
As end-user goes, there is a very little difference between Linux and *BDS when some DE runs on top of it.
Except with hardware compatibility. Many consider OpenSolaris or FreeBSD to be superior to the linux kernel as far as stability and performance, and there are distros of each to simplify administration (Nexenta and PC-BSD, respectively), but the linux kernel has always had much better compatibility for me.
Maybe you could have read his post instead of imagining what it was and then commenting that he is wrong.
He was talking about PC-BSD, a FreeBSD-based distro designed for desktop use. Since it has many pre-built packages and a GUI front-end for ports, it is actually quite a usable desktop distro. Pretty much about as easy as Ubuntu. I normally prefer linux because of hardware compatibility, so I usually use Ubuntu as my desktop and debian or Ubuntu-server for servers, but PC-BSD is pretty nice.
I am a network guy myself, and am only an MCSE in training. However, I am in the process of migrating a school district to WPA with EAP-TLS from WEP with EAP-TLS, deployed WPA with PEAP to another district (they did not want to deal with PKI), and am in the process of migrating and expanding the wireless of another district from WEP Shared to WPA/WPA2 with PEAP.
The AP itself is not secured with a certificate. You secure the RADIUS server with a certificate from your PKI, and both the AP and the RADIUS server will be configured to talk to one-another with a shared-secret key. In AD group policy, you configure a wireless security policy. When you define preferred networks to connect to, the user cannot change the settings for that SSID. If you properly configure EAP-TLS or PEAP, the client will not connect if it cannot validate the RADIUS server's certificate, and the RADIUS server will not let the client connect if it cannot validate the client's certificate (EAP-TLS or PEAP) or AD credentials (PEAP, uses EAP-MS-CHAPv2 to autheticate).
If the users have the rights to configure wireless settings, they can configure their own preferred networks, but cannot change the domain-supplied networks. Not even domain administrators can change that setting on the machine without assigning it through group policy. I am not sure, and can't check now, if users with proper rights can configure a non-domain network and give it higher priority. I'm also not sure if there is a threshold where they will switch to a non-domain network if it is closer than the domain preferred network.
One main problem, and probably the reason your AD people said it is not possible, is that without Server Advance (or maybe it was Enterprise), you cannot automatically assign users a user certificate. So wireless would authenticate on the computer-level only(computer certificates can be assigned automatically, another group policy setting), or each user would have to manually retrieve and install their certificate on any machine they use in order to be able to connect to a wireless network requiring a user certificate. This is why many just use PEAP and MS-CHAPv2 to authenticate clients, but use the server certificate for the client to authenticate the server.
This makes a lot more sense than the article. Is this the "hisecws" security policy applied by default, or a custom one for the Air Force? Will Microsoft distribute the.inf to any customers, or is it limited to them?
Much of the problem is backwards compatibility. I recall some or all of the Win2000 source code was leaked a few years ago, and I remember the general consensus of the people that reviewed it was that the most of the bad bits come from the "nasty hacks" to get XXXXXX application working. I think Office was one of the big problems.
Another problem is usability, many things are not locked down because they would be unusable if they weren't. Have you ever seen the "Internet Explore Enhanced Security" mode that Server 2003 defaults to? It has problems searching Google! This is because they disable nearly all scripting and plugins.
Finally, and probably the biggest reason, is that security was not as much of a concern to people in the early 2000s when 2000 and XP were released. Microsoft just wanted to get things out as fast as possible to make more money. Now, people are worried about security, so they tried to start nearly from scratch with Vista(codenamed Longhorn at the time, I believe) to be secure and stable. It was taking too long, so they scratched it and started over from the 2003 kernel. Vista seems like it might actually be quite a bit more secure than XP, but they did a terrible job covering backwards compatibility. Instead of just cutting out all backwards compatibility, they did a hack job of it, I mean just look at all the fucking recursive junction points in the system drive(Why the fuck does robocopy back these up by default???). The fix for this in Win7? They put XP in a fucking virtual machine, but only for Professional, Enterprise and Ultimate. I haven't looked, but does anyone know if Win7 is loaded to the gills with recursive junction points?
Hmm, I see your point. If you configure it in group policy, it works like this:
Computer can be set to not automatically associate to any networks, except those configured.
Computer can be assigned preferred networks by the domain controller. These cannot be overridden, so the settings for those SSIDs cannot be changed. You configure the authentication, and by default it will validate the certificate of the RADIUS server. The user cannot change the configuration settings of that network, and they cannot connect to any access points with different security. They may try, but it will fail, assuming you configured your end correctly.
So that still leaves "uninformed user connects to an open network that looks like it belongs to the company". The SSID has to be different, but the person doing the attack could change an I for a 1 or something that is difficult to detect. This can only be fixed by either preventing users from changing wifi settings, or informing the users. So there is a flaw here. One possible saving grace is that I do not think user-defined preferred access points can be connected to when within range of a domain-assigned access point. I've never tried giving a non-domain network preference over a domain network and do not have the chance at the moment.
One problem with downloading over the internet is with reliability, try downloading VMWare server over a wireless link. They give you a 1-time session key to download, so no resuming, and it is well over 500 MB.
You would need all of that to setup good network security on the wired end as well, it is just that wireless has no physical security at all, whereas wired requires someone to be there and be plugged in. I'm also against the concept in the article, and the only uses for wireless that I find were stated in the previous post:
Wireless is mostly nice for the workers with laptops that move around a lot, especially between buildings. It is also nice to have a isolated, guest wireless for when you have people from outside your company coming in to do presentations.
It is pretty useless otherwise in an organization. And when the higher-ups want to push wireless, you need to explain to them the costs(including labor) of all that shit and tell them to compare it to the uses.
Anyway, my original point was that if you ARE implementing wireless in an organization, you should already have the authentication in place with some form of LDAP, you just need to configure your APs and client machines to use it. No-one except home users should be using pre-shared keys, and even they may need to implement RADIUS if I understand a new law that was discussed here before.
Then please post a link or shed some details on how you advertise an access point "as being part of your company network"?
If your AP has a name that looks like it might be an open network that belongs to the company, and uninformed users attempt to connect to it, then there is a problem with users having too much control of their machines.
If the AP has the same SSID as the company wireless, but a different or no encryption, they will not connect. The workstations will have been configured to connect to the company network using some form of EAP with RADIUS. They will not connect using anything else. They can be locked down this way using security policies, either group or local.
If you try to configure the same security as the company wireless, your AP would need to be configured against the RADIUS server as a client with a shared secret. If you are able to get the shared secret and have your access point on the same IP address as another AP, or make configuration the RADIUS server, I'm afraid theres not much to stop you. At that point the network has been attacked to the point of wireless being the network admin's least concern.
Wireless does not require authentication. It only has authentication if you configure it with WPA/WPA2 and RADIUS. This is called 802.1x or EAP. In fact, you can configure your wired switches with 802.1x and RADIUS and get the same result, no connection without authentication. Just because many places do not use 802.1x on their wired LAN doesn't mean it isn't there.
Also, if the encryption is broken with wireless, I believe you can "listen" to the traffic from the other wireless clients and use that to steal information(I am almost certain this is the case with pre-shared keys, but I am not so sure with WPA/WPA2 RADIUS). With wired, even unencrypted, you can only listen to network traffic that is broadcast or directed to your MAC address. There are attacks where you can convince other computers that you are the router or you can DoS the switch into hub mode, but those attacks can be tricky to pull off and may depend on the network equipment used.
Yes, reducing 1 cable per server would have been worth that huge drop in speed and reliability. Now all you need is wireless power, wireless KVM, wireless management interface, and wireless eSATA/SCSI/FiberChannel storage connections and you can have a completely wire-free server rack...
Yes I realize you are joking, but look at it like an extreme continuation of the article's premise. What good is a wireless net connection for a desktop when it has so many other cables? Wireless only makes sense if your machine is mobile, and you are actually mobile with it and don't just keep the laptop on your desk.
Someone in the parking lot could still put up an access point which advertises itself as being part of your company network, and your users will connect to it.
Not sure where you are getting your info from, but even Windows won't connect to insecure networks without you telling it to. Plus, if you configure the security for a network, it will not connect if the security is wrong or off on the access point.
As far as speed and reliability goes, I definitely agree with you that wired is the way to go. 802.11 doesn't even have an official spec that works faster than 100 Mbps Ethernet, and even draft N will degrade rapidly as more clients connect (works more like a hub than a switch). Also, 1000 Mbps Ethernet is pretty much the standard now on workstations. I'd say it will be a long time before wireless reaches Gigabit.
In a large operation, you should not be using pre-shared keys. That is fucking retarded and there is no reason for it. You should have some sort of LDAP anyway (Active Directory, OpenLDAP, whatever), so use WPA or WPA2 with RADIUS. Everyone uses their regular user login or a certificate to connect to the wireless. If you have a problem with users having insecure/stolen passwords, it is a user problem, not wireless. However, I still would recommend wired over wireless for the speed and reliability. Wireless is mostly nice for the workers with laptops that move around a lot, especially between buildings. It is also nice to have a isolated, guest wireless for when you have people from outside your company coming in to do presentations. For that, setup an Access Point on a different VLAN (or physically separate, if you are paranoid enough) with a preshared-key that is rotated often. No desktops should ever need wireless, ever.
Slashdot Mirror
Sorry, I wasn't dismissing the idea, it was more of a joke showing the wonders of Altavista Babelfish, that cannot even reverse its own translations properly. Anyway, it does seem to me that using these tools would create nearly as much, if not more, work than just paraphrasing the paper yourself.
My understanding is that water is a relatively common compound, but the problem is that oxygen and hydrogen (esp. hydrogen) are light and therefore less likely to survive the creation of a rocky inner planet. A planet is formed from the outcasts of matter from a forming star. The heavier elements converge toward the center and the lighter ones get pushed out. Any water that is not blown away from the rocky planet by solar winds and such are boiled away by the hot, forming planet. These less-dense materials get pushed further out and freeze. They eventually form into ice-comets that over billions of years crash back into the now-cooling planets, helping to form the atmosphere and oceans of inner rocky planets.
I would have thought the absorption of water-soluble salts and minerals by the water itself would have more of an impact on saltiness than life ingesting the minerals and then releasing them. Then again, I am not a biologist so maybe there are some salts produced by living things that do not occur otherwise. I would think in this case that there would be no freshwater lakes as they are teaming with life. Maybe I am misunderstanding though.
Even if distribution within a company applies, the GPL only requires them to distribute their code to those that they distribute the software to, or to distribute the changes to those that request it. The latter only applies if they do not distribute the changes along with the software. This means if they include a source directory on the media they distribute the software internally to, they do not have to comply with requests from those outside the company requesting the code.
IANAL, so I may have misinterpreted the GPL here. Please correct me if I am wrong.
I think the problem is that many people think the controversy is whether or not global warming is happening. The answer is that it is happening, the global average temperature is climbing. This is based on hard evidence obtained by measuring. Arguing that it isn't is like arguing that the world is flat. The real question and controversy is whether or not our past and present actions are having a measurable effect. All scientists can do is run small controlled experiments, and eventually come up with a theory that can predict. However, there are so many variables that by the time a well-tested theory can be made, it might be too late. The other problem is that there are people with agendas on both sides of the issue, that pay for experiments with results that skew thinking in the direction they want. Our space program seems to be waning, and it will be a long way off before we can have viable colonies that do not depend on Earth. If we don't at least try to curb our production of greenhouse gasses, we might be the cause of Earth's next big extinction.
Where is the salt that life is pissing into the water coming from? Pretty sure it would come from the salty water as well. This would mean the water would not get saltier as more life pisses into the water. Not saying the rest of your statement is wrong, but the life making water saltier seems to be circular logic.
However, someone else made the point that the current theory is that Earth received much of its water from "magical" water comets. I seem to recall that many of them are made of ice, now what does ice melt into again?
This was funny the first few times it was posted.
Anyway, Debian stable is a fantastic server OS, where you install, configure it for your needs, and leave it, installing security updates as needed.
Ubuntu server LTS versions are good too if you want to have an easy install and paid support from Canonical, but you pay for it by some stupid dependency configs and unnecessary packages. I'm not sure if they fixed this in more recent versions, but if for example you have the "ubuntu-desktop" package installed, you can't remove Firefox without removing the entire "ubuntu-desktop" package. Granted, you can configure X, Gnome (or KDE or XFCE or whatever), and the rest of the DE. But you might as well use Debian at that point. Before you say that you should not need a DE on a server, I know this, but many paying clients wont accept that.
For normal desktop use, Ubuntu is fantastic, it is nice to not spend many hours configuring the base OS, and just have a quick install with most things configured the right way by default.
- Thunderbird
Vaguely similar in theme to Firefox, also the name of a car
I'm pretty sure the name thunderbird came before firefox. Originally it was called Minotaur when Firefox was called Phoenix. The Phoenix BIOS people complained of trademark violation, so Mozilla started calling it Mozilla Phoenix. Phoenix Technologies was still pissed so they renamed it Firebird. The Firebird database people then complained about the name. Again, Mozilla tried "Mozilla Firebird" before changing to Firefox. Thunderbird was named in reference to Firebird, but I'm not 100% sure if that move was before or after the switch to Firefox.
Good luck with that.
Original English Text:
The Stranger (1942), by Albert Camus, is one of the most famous French novels of the twentieth century and is among the most notable literary expositions of the absurdity of human existence in an indifferent universe. Philosophically, it is an existential novel, despite Camus not considering himself an existentialist.
Translated to French:
L'étranger (1942), par Albert Camus, est l'un des romans franÃais les plus célÃbres du 20Ãme siÃcle et est parmi les expositions littéraires les plus notables de l'absurdité de l'existence humaine dans un univers indifférent. Philosophiquement, c'est un roman existentiel, en dépit de Camus ne se considérant pas un existentialiste.
Translated back to English:
The foreigner (1942), by Albert Camus, is one of the French novels most famous of the 20th century and is among the literary exposures most notable of the nonsense of the human existence in an indifferent universe. Philosophically, it is an existential novel, in spite the Pug one not being considered existentialist.
Translated to German:
Der AuslÃnder (1942), durch Albert Camus, ist einer der franzÃsischen Romane, die vom 20. Jahrhundert am berühmtesten sind und gehÃrt zu den literarischen Berührungen, die vom Unsinn des menschlichen Bestehens in einem gleichgültigen Universum am bemerkenswertesten sind. Philosophisch ist es ein Existenzroman, in der Bosheit der Pug einer, der nicht als Existenzialisten gilt.
Translated back to English:
The foreigner (1942), by Albert Camus, is one the French novels, of 20. Most famous are belonged to century and to the literary contacts, which are most remarkable from the nonsense of the human existence in an indifferent universe. It is philosophical an existence novel, in which malice of the Pug of one, which not when Existenzialisten is valid.
Translated to Italian:
Lo straniero (1942), da Albert Camus, à uno i romanzi francesi, di 20. Il pià famoso sono appartenuti al secolo ed ai contatti letterari, che sono i pià notevoli dall'assurdità dell'esistenza umana in un universo indifferente. à filosofico un romanzo di esistenza, in cui malizia del Pug di uno, che non quando Existenzialisten à valido.
Translated back to English:
Alien (1942), from Albert Camus, is French novels, of 20. Most famous they are belonged to the century and the literary contacts, that they are most remarkable from the absurdity of the human existence in an indifferent universe. An existence novel is philosophical, in which malizia of the Pug of one, than not when Existenzialisten is valid.
Translated to Portuguese:
Estrangeiro (1942), de Albert Camus, é novelas francesas, de 20. O mais famoso são pertencidos ao século e os contatos literÃrios, de que são os mais notÃveis da absurdidade da existÃncia humana em um universo indiferente. Uma novela da existÃncia é filosÃfica, em que malizia do Pug de um, do que não quando Existenzialisten é vÃlido.
Translated back to English:
Foreigner (1942), of Albert Camus, is French novels, of 20. Most famous they are belonged to the literary century and contacts, of that they are most remarkable of the absurdidade of the human existence in an indifferent universe. A novel of the existence is philosophical, where malizia of the Pug of one, of what not when Existenzialisten is valid.
Translated to Spanish:
Foreigner (1942), de Albert Camus, es novelas francesas, de 20. El mÃs famoso se pertenecen al siglo literario y los contactos, de eso son las mÃs notables del absurdidade de la existencia humana en un universo indiferente. Està filosÃfica una novela de la existencia, donde malizia del
No, assuming the other DVD-R (and/or DVD+R, depending on the extent of the patent) manufacturers(Memorex, Verbatim, Fujifilm, etc.) do pay the licensing fees as they are required, competition is now fair. If they are paying the licenses and this company is not, they have to lower their prices to compete. Doing so may cause them to sell the parts at a loss while the other company profits. This kills competition and causes a monopoly, which generally causes prices to go up in the long run.
On the other hand, if the patents are illegal, obvious, or have prior art, Toshiba should lose this case and control over the patents in question. IANAL, so its not my business to argue that.
True. Just as few users would be able to really tell the difference between windows 98 and NT 4 from the just the desktop environment. The underlying OS is completely different, but the user space looks very similar. This is a problem in pushing linux for desktop machines, in that most users really don't know or care about the differences between kernels. If Ubuntu decided to switch to nexenta instead of debian as its base, many would not realize there was a change to an OpenSolaris kernel. The DE would be the same, the package manager would be the same, but all of the underlying things that the average user does not know about would be completely different. Different kernel, different file system, possibly a different shell (bash is available but IIRC zsh is the default).
The number of characters that can be printed across CowboyNeal's buttocks. He has a very long yet narrow ass that contains a tattoo of every sig in slashdot.
As end-user goes, there is a very little difference between Linux and *BDS when some DE runs on top of it.
Except with hardware compatibility. Many consider OpenSolaris or FreeBSD to be superior to the linux kernel as far as stability and performance, and there are distros of each to simplify administration (Nexenta and PC-BSD, respectively), but the linux kernel has always had much better compatibility for me.
Maybe you could have read his post instead of imagining what it was and then commenting that he is wrong.
He was talking about PC-BSD, a FreeBSD-based distro designed for desktop use. Since it has many pre-built packages and a GUI front-end for ports, it is actually quite a usable desktop distro. Pretty much about as easy as Ubuntu. I normally prefer linux because of hardware compatibility, so I usually use Ubuntu as my desktop and debian or Ubuntu-server for servers, but PC-BSD is pretty nice.
I am a network guy myself, and am only an MCSE in training. However, I am in the process of migrating a school district to WPA with EAP-TLS from WEP with EAP-TLS, deployed WPA with PEAP to another district (they did not want to deal with PKI), and am in the process of migrating and expanding the wireless of another district from WEP Shared to WPA/WPA2 with PEAP.
The AP itself is not secured with a certificate. You secure the RADIUS server with a certificate from your PKI, and both the AP and the RADIUS server will be configured to talk to one-another with a shared-secret key. In AD group policy, you configure a wireless security policy. When you define preferred networks to connect to, the user cannot change the settings for that SSID. If you properly configure EAP-TLS or PEAP, the client will not connect if it cannot validate the RADIUS server's certificate, and the RADIUS server will not let the client connect if it cannot validate the client's certificate (EAP-TLS or PEAP) or AD credentials (PEAP, uses EAP-MS-CHAPv2 to autheticate).
If the users have the rights to configure wireless settings, they can configure their own preferred networks, but cannot change the domain-supplied networks. Not even domain administrators can change that setting on the machine without assigning it through group policy. I am not sure, and can't check now, if users with proper rights can configure a non-domain network and give it higher priority. I'm also not sure if there is a threshold where they will switch to a non-domain network if it is closer than the domain preferred network.
One main problem, and probably the reason your AD people said it is not possible, is that without Server Advance (or maybe it was Enterprise), you cannot automatically assign users a user certificate. So wireless would authenticate on the computer-level only(computer certificates can be assigned automatically, another group policy setting), or each user would have to manually retrieve and install their certificate on any machine they use in order to be able to connect to a wireless network requiring a user certificate. This is why many just use PEAP and MS-CHAPv2 to authenticate clients, but use the server certificate for the client to authenticate the server.
This makes a lot more sense than the article. Is this the "hisecws" security policy applied by default, or a custom one for the Air Force? Will Microsoft distribute the .inf to any customers, or is it limited to them?
Much of the problem is backwards compatibility. I recall some or all of the Win2000 source code was leaked a few years ago, and I remember the general consensus of the people that reviewed it was that the most of the bad bits come from the "nasty hacks" to get XXXXXX application working. I think Office was one of the big problems.
Another problem is usability, many things are not locked down because they would be unusable if they weren't. Have you ever seen the "Internet Explore Enhanced Security" mode that Server 2003 defaults to? It has problems searching Google! This is because they disable nearly all scripting and plugins.
Finally, and probably the biggest reason, is that security was not as much of a concern to people in the early 2000s when 2000 and XP were released. Microsoft just wanted to get things out as fast as possible to make more money. Now, people are worried about security, so they tried to start nearly from scratch with Vista(codenamed Longhorn at the time, I believe) to be secure and stable. It was taking too long, so they scratched it and started over from the 2003 kernel. Vista seems like it might actually be quite a bit more secure than XP, but they did a terrible job covering backwards compatibility. Instead of just cutting out all backwards compatibility, they did a hack job of it, I mean just look at all the fucking recursive junction points in the system drive(Why the fuck does robocopy back these up by default???). The fix for this in Win7? They put XP in a fucking virtual machine, but only for Professional, Enterprise and Ultimate. I haven't looked, but does anyone know if Win7 is loaded to the gills with recursive junction points?
Hmm, I see your point. If you configure it in group policy, it works like this:
Computer can be set to not automatically associate to any networks, except those configured.
Computer can be assigned preferred networks by the domain controller. These cannot be overridden, so the settings for those SSIDs cannot be changed. You configure the authentication, and by default it will validate the certificate of the RADIUS server. The user cannot change the configuration settings of that network, and they cannot connect to any access points with different security. They may try, but it will fail, assuming you configured your end correctly.
So that still leaves "uninformed user connects to an open network that looks like it belongs to the company". The SSID has to be different, but the person doing the attack could change an I for a 1 or something that is difficult to detect. This can only be fixed by either preventing users from changing wifi settings, or informing the users. So there is a flaw here. One possible saving grace is that I do not think user-defined preferred access points can be connected to when within range of a domain-assigned access point. I've never tried giving a non-domain network preference over a domain network and do not have the chance at the moment.
What is this gibberish, did you mean to type this and have an aneurysm?
mke2fs -j /dev/sda1
One problem with downloading over the internet is with reliability, try downloading VMWare server over a wireless link. They give you a 1-time session key to download, so no resuming, and it is well over 500 MB.
You would need all of that to setup good network security on the wired end as well, it is just that wireless has no physical security at all, whereas wired requires someone to be there and be plugged in. I'm also against the concept in the article, and the only uses for wireless that I find were stated in the previous post:
Wireless is mostly nice for the workers with laptops that move around a lot, especially between buildings. It is also nice to have a isolated, guest wireless for when you have people from outside your company coming in to do presentations.
It is pretty useless otherwise in an organization. And when the higher-ups want to push wireless, you need to explain to them the costs(including labor) of all that shit and tell them to compare it to the uses.
Anyway, my original point was that if you ARE implementing wireless in an organization, you should already have the authentication in place with some form of LDAP, you just need to configure your APs and client machines to use it. No-one except home users should be using pre-shared keys, and even they may need to implement RADIUS if I understand a new law that was discussed here before.
Then please post a link or shed some details on how you advertise an access point "as being part of your company network"?
If your AP has a name that looks like it might be an open network that belongs to the company, and uninformed users attempt to connect to it, then there is a problem with users having too much control of their machines.
If the AP has the same SSID as the company wireless, but a different or no encryption, they will not connect. The workstations will have been configured to connect to the company network using some form of EAP with RADIUS. They will not connect using anything else. They can be locked down this way using security policies, either group or local.
If you try to configure the same security as the company wireless, your AP would need to be configured against the RADIUS server as a client with a shared secret. If you are able to get the shared secret and have your access point on the same IP address as another AP, or make configuration the RADIUS server, I'm afraid theres not much to stop you. At that point the network has been attacked to the point of wireless being the network admin's least concern.
This is false.
Wireless does not require authentication. It only has authentication if you configure it with WPA/WPA2 and RADIUS. This is called 802.1x or EAP. In fact, you can configure your wired switches with 802.1x and RADIUS and get the same result, no connection without authentication. Just because many places do not use 802.1x on their wired LAN doesn't mean it isn't there.
Also, if the encryption is broken with wireless, I believe you can "listen" to the traffic from the other wireless clients and use that to steal information(I am almost certain this is the case with pre-shared keys, but I am not so sure with WPA/WPA2 RADIUS). With wired, even unencrypted, you can only listen to network traffic that is broadcast or directed to your MAC address. There are attacks where you can convince other computers that you are the router or you can DoS the switch into hub mode, but those attacks can be tricky to pull off and may depend on the network equipment used.
Yes, reducing 1 cable per server would have been worth that huge drop in speed and reliability. Now all you need is wireless power, wireless KVM, wireless management interface, and wireless eSATA/SCSI/FiberChannel storage connections and you can have a completely wire-free server rack...
Yes I realize you are joking, but look at it like an extreme continuation of the article's premise. What good is a wireless net connection for a desktop when it has so many other cables? Wireless only makes sense if your machine is mobile, and you are actually mobile with it and don't just keep the laptop on your desk.
Someone in the parking lot could still put up an access point which advertises itself as being part of your company network, and your users will connect to it.
Not sure where you are getting your info from, but even Windows won't connect to insecure networks without you telling it to. Plus, if you configure the security for a network, it will not connect if the security is wrong or off on the access point.
As far as speed and reliability goes, I definitely agree with you that wired is the way to go. 802.11 doesn't even have an official spec that works faster than 100 Mbps Ethernet, and even draft N will degrade rapidly as more clients connect (works more like a hub than a switch). Also, 1000 Mbps Ethernet is pretty much the standard now on workstations. I'd say it will be a long time before wireless reaches Gigabit.
In a large operation, you should not be using pre-shared keys. That is fucking retarded and there is no reason for it. You should have some sort of LDAP anyway (Active Directory, OpenLDAP, whatever), so use WPA or WPA2 with RADIUS. Everyone uses their regular user login or a certificate to connect to the wireless. If you have a problem with users having insecure/stolen passwords, it is a user problem, not wireless. However, I still would recommend wired over wireless for the speed and reliability. Wireless is mostly nice for the workers with laptops that move around a lot, especially between buildings. It is also nice to have a isolated, guest wireless for when you have people from outside your company coming in to do presentations. For that, setup an Access Point on a different VLAN (or physically separate, if you are paranoid enough) with a preshared-key that is rotated often. No desktops should ever need wireless, ever.