gee, look at all those people there in new york. i bet they're drawing all kinds of attention to themselves and the situation. oh wait, that's normal foot traffic for new york, nevermind...
new york city probably wasn't the *best* place in the world to hold a protest, unless they were able to get at least a sizable crowd, which, in manhattan, would need to be several thousand people.
but i definitely applaud the efforts. it's good to know that adobe is at least *trying* to listen.
-mike
"I would kill everyone in this room for a drop of sweet beer."
how is asking a question about what a certain unfamiliar icon does "funny?" i should hope you aren't ridiculing the user (haha, laugh at the user, he doesn't know what that button does, what a moron) such "humor" has no place in the community
-mike
"I would kill everyone in this room for a drop of sweet beer."
crazy, an article you wrote that I actually didn't hate. although you're still way too heavy on the thesaurus (iconoclast? i have to use a dictionary to read your articles sometimes, chill with the large vocabulary, it's annoying)
anyhow, i hope now you see why so many view America as all that is evil and wrong. true, the USofA was founded primarily on the belief that every man should be free, but we have long since moved far away from the original priniciples. humans flock toward consistency and uniformity and routine for some reason. order vs chaos, right? there's quite a difference between order and turning the world's population into mindless zombies.
corporations suck. the corporate world sucks. and the US government is much worse than these corporations because the US is a world power. you have your policies and your orders and your laws. everything has to be clean cut, by the book, like the rules say. that's a load of crap. uniformity will be the human race's downfall. you will be assimilated. resistance is futile.
i'm really not quite sure if technology is to blame for the massive corporatization of just about everything. technology is capable of replacing manual labor and this is where we start having problems. human lives are now competing with machines and machines really don't care how you treat them. it seems corporations believe humans don't care either. it's really rather sad when you look back and see how greed is destroying the human race. greed is a horrible, horrible thing, especially when money is involved. money is a horrible thing as well.
anyhow, i've gone on and on about the dangers of conformity. i have so much i'd love to talk and write about, but i don't want to be downright boring. i do hope that my country will not fall to its own mistakes, but instead learn from them and become the great nation it once was. i still stand for the principles this nation was originally founded on.
i sincerely doubt that the population will take the corporate cockshafting from american corporatism or the US government much longer. you say you want a revolution?
"I would kill everyone in this room for a drop of sweet beer."
Why? Because, unfortunately, the average user cannot click on anything, they don't know where the Start button is, they don't know what a checkbox is. Ever read userfriendly? Do you have any idea how TRUE some of those tech support calls? I used to do some tech support, and I've taken quite a few calls that are unbelievable.
I try to make the installation require as LITTLE user interaction as possible. The more automated the setup process is, the better. It leads to less call volume.
If you call us up and you need just a phone number or the DNS server IPs or the mail server hostname, we'll gladly give it to you. We don't force you to take a cd with the software on it, but we HAVE to have it because of the people that have no idea how to use a computer.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Believe it or not, there are some of us that actually don't spend the entire day bashing Microsoft and boasting that we don't go to their website. Do you think we care if you haven't been there in months? Do you believe that the entire slashdot community is together in your anti-Microsoft holy war? I'm no Microsoft fan, but there are those of us that actually rely on Microsoft. Like it or not, Microsoft IS an important part of the industry. Do you have any idea where we'd be without Microsoft?
I myself probably visit microsoft.com at least once every day or so. Their Knowledge Base is a great place to find out loads of information on just about any product they make. MSDN Online is a great resource for developers!
I'm a sysad for an ISP. Most all of our users use Windows (we've got a few Mac users, a few Win3.1 users, and a few Linux users). I wrote our installation software in VC. I actually was going to write a utility today that uninstalls DUN, all of the Network components, and deleted all of the network-related files, and then forced a reinstallation from CD. To do this, I was going to refer to KB article Q181599, which details all of the network-related files to remove and which cab files to find them in to put them back. And now I can't do that because microsoft's site (one of the most reliable sites I've ever frequented, I might add) is down.
And all you have to do is sit over there and say "do you people actually visit microsoft.com?" like it's some sort of unholy act to go there.
I knew there was a reason I stopped going to slashdot recently. I actually hit the wrong button on my IE (yup, i'm using Win98!) Links bar and caught the "Microsoft DNS is down" line, so I thought I'd read it, but all I got was disgusted.
Mike
P.S. The correct phrase is "everybody and their brother."
"I would kill everyone in this room for a drop of sweet beer."
Hip-hop culture is as much a reality as geek culture. I've been involved in both, although the former is much more creative.
I believe this wholeheartedly. Hip-hop is very creative. A friend of mine has a pair of turntables, another friend of mine has a phat ass keyboard, and I've got a buttload of audio software. Another friend of mine is a producer and has a couple racks of audio equipment at his studio.
I love hip-hop, I've written several rhymes, I've made several tracks. I'd love to get into the hip-hop industry, it's the only thing that I love more than computers.
Ms. Jackson is a very good song. Unfortunately, I get the impression that it's going to become quickly overplayed from what people have told me. I hear it's on TV all the time, they play it at clubs all the time, and it's always on the radio. I don't watch MTV, I don't listen to the radio, and I haven't been to a club in about 3 months, so I'm oblivious to the whole overplayed scenario. It's a great song, but I don't believe it's the best on the CD. Red Velvet, Humble Mumble, and Spaghetti Junction are all rivals.
Lately, I've been listening to The Roots' illadelph halflife a lot as well as De La Soul's new cd. I'm awaiting both Method Man and Redman's new cds (both solos). De La Soul is slated to release 2 more cds in the Art Official Intelligence series. I was disappointed with Phife's Ventilation. A couple of good tracks, the rest sucked, IMHO. Q-Tip definitely outshined him in the solo realm, even though I like Phife better than his former anal-retentive nasal partner. It's Q-Tip's fault that the tribe fell apart, and I believe TCQ will see a reunion only if Q-Tip apologizes to Phife. I hope we see it happen.
Anyhow, I'm way off-topic.
Mike
"I would kill everyone in this room for a drop of sweet beer."
You know it's interesting, but I almost never encounter geeks that listen to hip-hop. It's most always metal/punk.
Of course, I differ a lot from most geeks. I was pretty popular in high school. I knew everybody. I knew the preps, I knew the skaters, I knew the punkers, I knew the geeks, I just knew everybody. I don't listen to punk. Can't stand it. I love hip-hop. A Tribe Called Quest, Q-Tip, Phife, Outkast (IMHO the best rap group ever, period, been listening to Kast since southernplayalisticadillacmuzik dropped in '94). EPMD, Redman, Eightball & MJG, Mos Def, Black Eyed Peas, Common, Talib Kweli, Goodie Mob, Jurassic 5, Twista, Timbaland, All City, Scarface, De La Sol, Tupac, Busta Rhymes, Wu-tang, etc... Of course, I've always loved Sublime & 311, too, way back before either of them were ever on the radio or MTV.
I'm just wondering if there's *anybody* that reads slashdot that listens to hip-hop as well, because I've never encountered a fellow geek that enjoys it as much as I do.
Mike
"I would kill everyone in this room for a drop of sweet beer."
First off, for about 2 seconds, I thought your sig was part of your comment. I thought you were ripping on my sig, hehe.;)
Anyhow, yes, I suppose not running IRC makes it less usable. But you have the *option* of using it. You're just taking a chance. And you most certainly should run IRC as root. It's a shame that some people do.
My stance on everything vulnerability-related is that it is most always the programmer's fault, and we are placing a lot of trust in the author's ability to write decent, secure code. If protocols were designed flawlessly and apps were written flawlessly, then there is absolutely no reason why any "secure" system would be less usable than an insecure one. In this situation, the only way a system could become insecure is by fault of the admin.
By secure, I mean a system that can't be cracked, has no way to leak information, has no holes anywhere. It's a hypothetical system. Nobody knows for sure whether a system is secure. It's a concept.
My core point is there is absolutely no reason that a secure system should be less usable than an insecure one. It's because we will never know whether a system is secure or not that we have to place a certain amount of trust into it.
You can never prove a system to be secure, but you sure as hell can prove it to be insecure.
Mike
"I would kill everyone in this room for a drop of sweet beer."
No, I haven't. I place a specific amount of trust in the systems I set up and a specific amount of faith in my abilities as a sysad. If anything looks peculiar or out of place, I place faith in my abilities to find any security issues in my setup and/or responsible code.
And it's true, *in general*, more secure systems are more difficult to use.
Yes, I'll agree with you, in general, they are. My point is that they don't *have* to be and just because a majority of them *are*, doesn't mean a well-designed secure system neccessarily be user unfriendly.
Try jacking up the kernel security level in any BSD and see how much stuff you would use normally breaks.
Oh I have. Case in point: trying to run X under FreeBSD with the default kernel security level. It confused me the first time I tried it, but after mucking around in the system, I found out why the X server was dying at the point it tried to open the console. I adjusted my kernel.securelevel to compensate.
There are lots of things you can do in most unices that you can't do in OpenBSD, due to them not being the most secure practices in the world - this makes the system more secure, and less usable
Very valid point. We don't have to keep the scope to UNIX though. I'm talking about the security of any computerized system, really. But, perhaps we've gotten away from the security controls the UNIX model provides. Whatever happened to the principle of least privilege anyway?
If you ask me, vendors nowadays are placing too much trust in the programmers.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Oh yes, how can I forget that? Laziness is, of course, the father of invention.
But there's a good laziness and there's a bad laziness.:)
When laziness prompts you to find a better, more efficient, and often ingenious way to tackle the problem, it's grand. But when you don't implement a specific sanity check, or a buffer length check because of laziness, then it's a bad thing (tm).
Mike
"I would kill everyone in this room for a drop of sweet beer."
The more secure a computer is, the less useable it is.
This statement is opinion and is fundamentally flawed. Of course it is possible to have a completely secure and completely usable multi-user system. Where did you get the idea that a secure system is less usable than an unsecure one?
It is true that many vulnerabilities are discovered on a daily basis. These vulnerabilities are the result of only ONE thing: programmer error.
Eliminate programmer error and, assuming we're not introducing vendor/admin error into the equation, you have a secure system. The largest causes of programmer error are:
ignorance
carelessness
laziness
Unfortunately, even the best coders in the world are still human, and that leaves the possibility for error. The larger and more complex the project, the larger the chance for error. So what's the answer? Collaboration. Peer review. Open source is the best method for peer review.
You could also set it so you have NO ports open, but then you can't get on most irc networks because of no ident...
This is a moot point. IRC is not something you would be running on a mission-critical must-be-secure box. You must also understand that just because a box has no ports open doesn't mean it's secure.
so just stick with slak 7.1 with a chmod'd suid perl
Are you implying that slackware 7.1 is a secure system? Have you audited the entire distribution yourself? Can you honestly say that you trust your distribution to be 100% secure?
If you do, one of these days, you're going to be in for a rude awakening. Unfortunately, that's a problem with admins these days. They blindly trust their systems. I don't care if a specific OS wasn't vulnerable to ANY bugs disclosed in the last 3 years, that doesn't mean that that OS is secure. You should ALWAYS assume all systems to be insecure and untrusted.
It's not really a question of secure/insecure, because no system is completely secure; it's more a question of faith and trust.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Wow, actually got a response, maybe we can have an interesting conversation.:)
Concerned parents who take an active interested in their children's wellbeing and letting them only watch Mary Poppins don't exactly go hand-in-hand.
Yes, I do believe nowadays that crappy parenting is a problem. Neglect is a problem.
No, I don't have any children. And I'm glad I don't, and I'm not going to have any for some time now because I know I'm not suitable for being a parent at the age of 21.
Let me see here, out of about 10 of my close friends, 8 of them are married. 6 of them have kids. 4 of them have more than one kid. And NONE of them are above the age of 23.
I'm sure that you want the absolute best for your kids, and I'm not questioning that, I'm simply questioning what's the best way to go about it?
I do believe that it's extremely important for kids to find out for themselves what is right and wrong, what they should do and what they shouldn't. And I also believe it is extremely important for kids to be respected. It's also extremely important for them to respect you.
I don't think that sheltering your kids from TV or society in general is the way to go about it.
I respect my parents, I love em, I think I had the greatest upbringing. I have respect for just about every individual I run across. I'm generally a nice guy.
It really disgusts me to run across kids who have lived a really sheltered life. In general, they are more shy, they don't have fun with the other kids, and they are generally confused most of the time.
Case in point, my cousin Mason. I'm the oldest in my family, and I have around 30 cousins. Mason is around 13 years old now. His parents are the sort that don't have cable on their TV, they don't have a computer, they don't have any video games. They generally try to keep the rest of society out of their children's lives.
Now, when we all meet for family gatherings, he never plays with the other kids his age. In fact, he doesn't play with any of the other kids. He's extremely shy, he doesn't talk to people, he generally stays by himself. Same goes with his sister Tracie.
I mean, I really do think it is important for kids to be respected by their peers and by other people. And I think it's important that they have respect for you.
I hope to be a great parent one of these days, whenever I'm through with being a kid.;)
Mike
"I would kill everyone in this room for a drop of sweet beer."
Look, I use MAPS, and before I even thought of using it, I went to their webpage, and yeah, I researched it. I read a lot of stuff there before deciding to use the MAPS RBL on our mail server.
I never once saw the multihop eBGP4 while reading the info there. In fact, the whole time I spent there, the ONLY information that was all over the page was about blocking SMTP mail, and nothing else. Never once did they even IMPLY that there was another method of using the RBL. There was absolutely no information that I read that suggested otherwise. It looks like they've changed the site around since I was last there several years ago.
If that makes me ignorant, fine, whatever.
In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.
Mike
"I would kill everyone in this room for a drop of sweet beer."
So that I can get on the best of both worlds, I've seperated my response by posting attitudes. Those of you interested in only the appropriate attitudes can check the label at the top of each paragraph to determine whether or not to read that particular paragraph. Okay:
INFORMATIVE:
The MAPS RBL is used for blocking spam. There are rulesets you can add to sendmail to make it check a reverse DNS lookup if you'd like to verify reverse entries exist. You can change it just slightly to make it query something like 40.182.65.207.mail-abuse.org, and, depending on the result, allow or reject the mail. And that's how the MAPS RBL database works. It works via DNS.
TROLL:
This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.
INFORMATIVE:
I suppose it would be possible to alter bind to double-query and check the MAPS RBL for the ip and then return HOST_NOT_FOUND if it's blacklisted by MAPS, but what's the point? This is just pure punishment, not even on the same track as trying to cut down on spam. I seriously doubt many (if any) ISPs are actually resorting to something like this. And if MAPS is actually promoting doing this, then they really need a slap in the face, or a rude awakening or something.
TROLL:
So I believe this is when you update your article, say enough people convinced you you had absolutely no clue what you're talking about, and you remove the text of the article, and then you put it back up later because people bitched at you for taking it down because they wanted to see what everyone was making fun of you for and maybe get it on the action.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Buzzword: Mobile Internet-capable devices.
This is what the Crusoe was designed for. From Transmeta's webpage, speaking about the Crusoe TM3200, which ranges from 333-400 mhz with 96K of L1 cache:
"The TM3200 is the ideal engine for a new class of mobile Internet devices weighing just a pound or two. With up to 400 MHz in performance, the TM3200 is designed to allow a full day of web browsing on a single battery charge."
The current crop of Crusoe processors comes in a 474-pin grid array. This is pretty big if you think about it. This is basically a socket A processor. And when you think of how little room you have in a device such as a Palm Pilot, the comparitavely huge size of the Crusoe processor(s) might present a space problem.
Current PDAs are equipped with (usually) Intel's SA-110 (StrongARM) line of processors, the fastest of which runs at only 233mhz. Offhand, I really don't know how big StrongARM processors are physically, but I recall them usually being soldered onto the board and being pretty small, like the size of an old 80487 math co-processor or smaller. In sharp contrast, Crusoes are available from 333mhz-700mhz. Crusoe would definitely provide an infusion of power into the PDA market. PDAs with 400, 500, even 700 mhz processors in them combined with 256MB+ memory have have the potential to be really powerful, but also really expensive.
But I guess we all know that already. Unfortunately, I cannot justify spending $500 on something I probably would never use.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Slashdot Mirror
gee, look at all those people there in new york. i bet they're drawing all kinds of attention to themselves and the situation. oh wait, that's normal foot traffic for new york, nevermind...
new york city probably wasn't the *best* place in the world to hold a protest, unless they were able to get at least a sizable crowd, which, in manhattan, would need to be several thousand people.
but i definitely applaud the efforts. it's good to know that adobe is at least *trying* to listen.
-mike
"I would kill everyone in this room for a drop of sweet beer."
how is asking a question about what a certain unfamiliar icon does "funny?" i should hope you aren't ridiculing the user (haha, laugh at the user, he doesn't know what that button does, what a moron) such "humor" has no place in the community -mike
"I would kill everyone in this room for a drop of sweet beer."
crazy, an article you wrote that I actually didn't hate. although you're still way too heavy on the thesaurus (iconoclast? i have to use a dictionary to read your articles sometimes, chill with the large vocabulary, it's annoying)
anyhow, i hope now you see why so many view America as all that is evil and wrong. true, the USofA was founded primarily on the belief that every man should be free, but we have long since moved far away from the original priniciples. humans flock toward consistency and uniformity and routine for some reason. order vs chaos, right? there's quite a difference between order and turning the world's population into mindless zombies.
corporations suck. the corporate world sucks. and the US government is much worse than these corporations because the US is a world power. you have your policies and your orders and your laws. everything has to be clean cut, by the book, like the rules say. that's a load of crap. uniformity will be the human race's downfall. you will be assimilated. resistance is futile.
i'm really not quite sure if technology is to blame for the massive corporatization of just about everything. technology is capable of replacing manual labor and this is where we start having problems. human lives are now competing with machines and machines really don't care how you treat them. it seems corporations believe humans don't care either. it's really rather sad when you look back and see how greed is destroying the human race. greed is a horrible, horrible thing, especially when money is involved. money is a horrible thing as well.
anyhow, i've gone on and on about the dangers of conformity. i have so much i'd love to talk and write about, but i don't want to be downright boring. i do hope that my country will not fall to its own mistakes, but instead learn from them and become the great nation it once was. i still stand for the principles this nation was originally founded on.
i sincerely doubt that the population will take the corporate cockshafting from american corporatism or the US government much longer. you say you want a revolution?
"I would kill everyone in this room for a drop of sweet beer."
hey man, i thought it was fucking hillarious. i was kinda upset too that it was marked offtopic.
:)
oh well
"I would kill everyone in this room for a drop of sweet beer."
Thanks! That's really cool, Google is the shit. :)
Mike
"I would kill everyone in this room for a drop of sweet beer."
Sorry, my bad, I was never good with the more eccentric rules of English.
Everybody is singular? What's the plural form? Everybodies?
Mike
"I would kill everyone in this room for a drop of sweet beer."
Why? Because, unfortunately, the average user cannot click on anything, they don't know where the Start button is, they don't know what a checkbox is. Ever read userfriendly? Do you have any idea how TRUE some of those tech support calls? I used to do some tech support, and I've taken quite a few calls that are unbelievable.
I try to make the installation require as LITTLE user interaction as possible. The more automated the setup process is, the better. It leads to less call volume.
If you call us up and you need just a phone number or the DNS server IPs or the mail server hostname, we'll gladly give it to you. We don't force you to take a cd with the software on it, but we HAVE to have it because of the people that have no idea how to use a computer.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Believe it or not, there are some of us that actually don't spend the entire day bashing Microsoft and boasting that we don't go to their website. Do you think we care if you haven't been there in months? Do you believe that the entire slashdot community is together in your anti-Microsoft holy war? I'm no Microsoft fan, but there are those of us that actually rely on Microsoft. Like it or not, Microsoft IS an important part of the industry. Do you have any idea where we'd be without Microsoft?
I myself probably visit microsoft.com at least once every day or so. Their Knowledge Base is a great place to find out loads of information on just about any product they make. MSDN Online is a great resource for developers!
I'm a sysad for an ISP. Most all of our users use Windows (we've got a few Mac users, a few Win3.1 users, and a few Linux users). I wrote our installation software in VC. I actually was going to write a utility today that uninstalls DUN, all of the Network components, and deleted all of the network-related files, and then forced a reinstallation from CD. To do this, I was going to refer to KB article Q181599, which details all of the network-related files to remove and which cab files to find them in to put them back. And now I can't do that because microsoft's site (one of the most reliable sites I've ever frequented, I might add) is down.
And all you have to do is sit over there and say "do you people actually visit microsoft.com?" like it's some sort of unholy act to go there.
I knew there was a reason I stopped going to slashdot recently. I actually hit the wrong button on my IE (yup, i'm using Win98!) Links bar and caught the "Microsoft DNS is down" line, so I thought I'd read it, but all I got was disgusted.
Mike
P.S. The correct phrase is "everybody and their brother."
"I would kill everyone in this room for a drop of sweet beer."
Hip-hop culture is as much a reality as geek culture. I've been involved in both, although the former is much more creative.
I believe this wholeheartedly. Hip-hop is very creative. A friend of mine has a pair of turntables, another friend of mine has a phat ass keyboard, and I've got a buttload of audio software. Another friend of mine is a producer and has a couple racks of audio equipment at his studio.
I love hip-hop, I've written several rhymes, I've made several tracks. I'd love to get into the hip-hop industry, it's the only thing that I love more than computers.
Ms. Jackson is a very good song. Unfortunately, I get the impression that it's going to become quickly overplayed from what people have told me. I hear it's on TV all the time, they play it at clubs all the time, and it's always on the radio. I don't watch MTV, I don't listen to the radio, and I haven't been to a club in about 3 months, so I'm oblivious to the whole overplayed scenario. It's a great song, but I don't believe it's the best on the CD. Red Velvet, Humble Mumble, and Spaghetti Junction are all rivals.
Lately, I've been listening to The Roots' illadelph halflife a lot as well as De La Soul's new cd. I'm awaiting both Method Man and Redman's new cds (both solos). De La Soul is slated to release 2 more cds in the Art Official Intelligence series. I was disappointed with Phife's Ventilation. A couple of good tracks, the rest sucked, IMHO. Q-Tip definitely outshined him in the solo realm, even though I like Phife better than his former anal-retentive nasal partner. It's Q-Tip's fault that the tribe fell apart, and I believe TCQ will see a reunion only if Q-Tip apologizes to Phife. I hope we see it happen.
Anyhow, I'm way off-topic.
Mike
"I would kill everyone in this room for a drop of sweet beer."
You know it's interesting, but I almost never encounter geeks that listen to hip-hop. It's most always metal/punk.
Of course, I differ a lot from most geeks. I was pretty popular in high school. I knew everybody. I knew the preps, I knew the skaters, I knew the punkers, I knew the geeks, I just knew everybody. I don't listen to punk. Can't stand it. I love hip-hop. A Tribe Called Quest, Q-Tip, Phife, Outkast (IMHO the best rap group ever, period, been listening to Kast since southernplayalisticadillacmuzik dropped in '94). EPMD, Redman, Eightball & MJG, Mos Def, Black Eyed Peas, Common, Talib Kweli, Goodie Mob, Jurassic 5, Twista, Timbaland, All City, Scarface, De La Sol, Tupac, Busta Rhymes, Wu-tang, etc... Of course, I've always loved Sublime & 311, too, way back before either of them were ever on the radio or MTV.
I'm just wondering if there's *anybody* that reads slashdot that listens to hip-hop as well, because I've never encountered a fellow geek that enjoys it as much as I do.
Mike
"I would kill everyone in this room for a drop of sweet beer."
First off, for about 2 seconds, I thought your sig was part of your comment. I thought you were ripping on my sig, hehe. ;)
Anyhow, yes, I suppose not running IRC makes it less usable. But you have the *option* of using it. You're just taking a chance. And you most certainly should run IRC as root. It's a shame that some people do.
My stance on everything vulnerability-related is that it is most always the programmer's fault, and we are placing a lot of trust in the author's ability to write decent, secure code. If protocols were designed flawlessly and apps were written flawlessly, then there is absolutely no reason why any "secure" system would be less usable than an insecure one. In this situation, the only way a system could become insecure is by fault of the admin.
By secure, I mean a system that can't be cracked, has no way to leak information, has no holes anywhere. It's a hypothetical system. Nobody knows for sure whether a system is secure. It's a concept.
My core point is there is absolutely no reason that a secure system should be less usable than an insecure one. It's because we will never know whether a system is secure or not that we have to place a certain amount of trust into it.
You can never prove a system to be secure, but you sure as hell can prove it to be insecure.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Have you?
No, I haven't. I place a specific amount of trust in the systems I set up and a specific amount of faith in my abilities as a sysad. If anything looks peculiar or out of place, I place faith in my abilities to find any security issues in my setup and/or responsible code.
And it's true, *in general*, more secure systems are more difficult to use.
Yes, I'll agree with you, in general, they are. My point is that they don't *have* to be and just because a majority of them *are*, doesn't mean a well-designed secure system neccessarily be user unfriendly.
Try jacking up the kernel security level in any BSD and see how much stuff you would use normally breaks.
Oh I have. Case in point: trying to run X under FreeBSD with the default kernel security level. It confused me the first time I tried it, but after mucking around in the system, I found out why the X server was dying at the point it tried to open the console. I adjusted my kernel.securelevel to compensate.
There are lots of things you can do in most unices that you can't do in OpenBSD, due to them not being the most secure practices in the world - this makes the system more secure, and less usable
Very valid point. We don't have to keep the scope to UNIX though. I'm talking about the security of any computerized system, really. But, perhaps we've gotten away from the security controls the UNIX model provides. Whatever happened to the principle of least privilege anyway?
If you ask me, vendors nowadays are placing too much trust in the programmers.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Oh yes, how can I forget that? Laziness is, of course, the father of invention.
:)
But there's a good laziness and there's a bad laziness.
When laziness prompts you to find a better, more efficient, and often ingenious way to tackle the problem, it's grand. But when you don't implement a specific sanity check, or a buffer length check because of laziness, then it's a bad thing (tm).
Mike
"I would kill everyone in this room for a drop of sweet beer."
I would probably have to say luser. Check out his email addy.
Mike
"I would kill everyone in this room for a drop of sweet beer."
This statement is opinion and is fundamentally flawed. Of course it is possible to have a completely secure and completely usable multi-user system. Where did you get the idea that a secure system is less usable than an unsecure one?
It is true that many vulnerabilities are discovered on a daily basis. These vulnerabilities are the result of only ONE thing: programmer error.
Eliminate programmer error and, assuming we're not introducing vendor/admin error into the equation, you have a secure system. The largest causes of programmer error are:
ignorance
carelessness
laziness
Unfortunately, even the best coders in the world are still human, and that leaves the possibility for error. The larger and more complex the project, the larger the chance for error. So what's the answer? Collaboration. Peer review. Open source is the best method for peer review.
You could also set it so you have NO ports open, but then you can't get on most irc networks because of no ident...
This is a moot point. IRC is not something you would be running on a mission-critical must-be-secure box. You must also understand that just because a box has no ports open doesn't mean it's secure.
so just stick with slak 7.1 with a chmod'd suid perl
Are you implying that slackware 7.1 is a secure system? Have you audited the entire distribution yourself? Can you honestly say that you trust your distribution to be 100% secure?
If you do, one of these days, you're going to be in for a rude awakening. Unfortunately, that's a problem with admins these days. They blindly trust their systems. I don't care if a specific OS wasn't vulnerable to ANY bugs disclosed in the last 3 years, that doesn't mean that that OS is secure. You should ALWAYS assume all systems to be insecure and untrusted.
It's not really a question of secure/insecure, because no system is completely secure; it's more a question of faith and trust.
Mike
"I would kill everyone in this room for a drop of sweet beer."
I know that if I win the lottery, I'll get paid, but you don't see me going out and buying up a bunch of tickets.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Wow, actually got a response, maybe we can have an interesting conversation. :)
;)
Concerned parents who take an active interested in their children's wellbeing and letting them only watch Mary Poppins don't exactly go hand-in-hand.
Yes, I do believe nowadays that crappy parenting is a problem. Neglect is a problem.
No, I don't have any children. And I'm glad I don't, and I'm not going to have any for some time now because I know I'm not suitable for being a parent at the age of 21.
Let me see here, out of about 10 of my close friends, 8 of them are married. 6 of them have kids. 4 of them have more than one kid. And NONE of them are above the age of 23.
I'm sure that you want the absolute best for your kids, and I'm not questioning that, I'm simply questioning what's the best way to go about it?
I do believe that it's extremely important for kids to find out for themselves what is right and wrong, what they should do and what they shouldn't. And I also believe it is extremely important for kids to be respected. It's also extremely important for them to respect you.
I don't think that sheltering your kids from TV or society in general is the way to go about it.
I respect my parents, I love em, I think I had the greatest upbringing. I have respect for just about every individual I run across. I'm generally a nice guy.
It really disgusts me to run across kids who have lived a really sheltered life. In general, they are more shy, they don't have fun with the other kids, and they are generally confused most of the time.
Case in point, my cousin Mason. I'm the oldest in my family, and I have around 30 cousins. Mason is around 13 years old now. His parents are the sort that don't have cable on their TV, they don't have a computer, they don't have any video games. They generally try to keep the rest of society out of their children's lives.
Now, when we all meet for family gatherings, he never plays with the other kids his age. In fact, he doesn't play with any of the other kids. He's extremely shy, he doesn't talk to people, he generally stays by himself. Same goes with his sister Tracie.
I mean, I really do think it is important for kids to be respected by their peers and by other people. And I think it's important that they have respect for you.
I hope to be a great parent one of these days, whenever I'm through with being a kid.
Mike
"I would kill everyone in this room for a drop of sweet beer."
It's people like you that raise children that go into classrooms and shoot people.
If all I got to watch on TV was "something wholesome like Mary Poppins," I'd probably be shooting up schools too.
Earth to AC: your kids are going to grow up to be dorks and losers and they won't be respected by ANYBODY.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Unlimited lives in Contra, if I recall correctly.
Mike
"I would kill everyone in this room for a drop of sweet beer."
This is bullshit then. They should burn in hell. :)
"I would kill everyone in this room for a drop of sweet beer."
Ignorant, eh?
Look, I use MAPS, and before I even thought of using it, I went to their webpage, and yeah, I researched it. I read a lot of stuff there before deciding to use the MAPS RBL on our mail server.
I never once saw the multihop eBGP4 while reading the info there. In fact, the whole time I spent there, the ONLY information that was all over the page was about blocking SMTP mail, and nothing else. Never once did they even IMPLY that there was another method of using the RBL. There was absolutely no information that I read that suggested otherwise. It looks like they've changed the site around since I was last there several years ago.
If that makes me ignorant, fine, whatever.
In any case, using MAPS in this way is just plain wrong. I support only blackholing via mail, not anything else.
Mike
"I would kill everyone in this room for a drop of sweet beer."
So that I can get on the best of both worlds, I've seperated my response by posting attitudes. Those of you interested in only the appropriate attitudes can check the label at the top of each paragraph to determine whether or not to read that particular paragraph. Okay:
INFORMATIVE:
The MAPS RBL is used for blocking spam. There are rulesets you can add to sendmail to make it check a reverse DNS lookup if you'd like to verify reverse entries exist. You can change it just slightly to make it query something like 40.182.65.207.mail-abuse.org, and, depending on the result, allow or reject the mail. And that's how the MAPS RBL database works. It works via DNS.
TROLL:
This only blocks SMTP ****MAIL****, not websites. What kind of bullshit is that? "They can't go to their websites" blah blah blah, some more stuff i made up, blah blah blah.
INFORMATIVE:
I suppose it would be possible to alter bind to double-query and check the MAPS RBL for the ip and then return HOST_NOT_FOUND if it's blacklisted by MAPS, but what's the point? This is just pure punishment, not even on the same track as trying to cut down on spam. I seriously doubt many (if any) ISPs are actually resorting to something like this. And if MAPS is actually promoting doing this, then they really need a slap in the face, or a rude awakening or something.
TROLL:
So I believe this is when you update your article, say enough people convinced you you had absolutely no clue what you're talking about, and you remove the text of the article, and then you put it back up later because people bitched at you for taking it down because they wanted to see what everyone was making fun of you for and maybe get it on the action.
Mike
"I would kill everyone in this room for a drop of sweet beer."
It's also wrong.
An IPv4 address is a sequence of 4 numbers (bytes), grouped into sets of one.
Mike
"I would kill everyone in this room for a drop of sweet beer."
This is what the Crusoe was designed for. From Transmeta's webpage, speaking about the Crusoe TM3200, which ranges from 333-400 mhz with 96K of L1 cache:
- "The TM3200 is the ideal engine for a new class of mobile Internet devices weighing just a pound or two. With up to 400 MHz in performance, the TM3200 is designed to allow a full day of web browsing on a single battery charge."
The current crop of Crusoe processors comes in a 474-pin grid array. This is pretty big if you think about it. This is basically a socket A processor. And when you think of how little room you have in a device such as a Palm Pilot, the comparitavely huge size of the Crusoe processor(s) might present a space problem.Current PDAs are equipped with (usually) Intel's SA-110 (StrongARM) line of processors, the fastest of which runs at only 233mhz. Offhand, I really don't know how big StrongARM processors are physically, but I recall them usually being soldered onto the board and being pretty small, like the size of an old 80487 math co-processor or smaller. In sharp contrast, Crusoes are available from 333mhz-700mhz. Crusoe would definitely provide an infusion of power into the PDA market. PDAs with 400, 500, even 700 mhz processors in them combined with 256MB+ memory have have the potential to be really powerful, but also really expensive.
But I guess we all know that already. Unfortunately, I cannot justify spending $500 on something I probably would never use.
Mike
"I would kill everyone in this room for a drop of sweet beer."
No taxation without representation!
"I would kill everyone in this room for a drop of sweet beer."