yea, is difficult to see how it could cost *that* much. although, I would argue that it could be a little more complicated than you mention, if you don't have a perfect inventory of all of your software and devices.
it was/is a serious enough bug that it was drop everything and start patching/mitigating the problem...since it can take time to determine if your software/devices are vulnerable, it is likely that people had to work overtime (does anyone actually get paid overtime anymore?).
it also probably meant running scans across your public IP space to see if you have anything listening that is vulnerable that you somehow missed, then tracking down exactly what that device is.
I've heard that some CA's were charging for either the revoke, or re-issue on certs as well. although I never actually confirmed that.
you then had to roll all passwords used on those devices, and any passwords that were used on external sites.
after the initial rush to patch/scan your network...it came out that all heartbleed scanners are not accurate. so lots of people probably re-scanned with better tools.
if you work with a lot of external partners, people probably spent time scanning them as well, to see if they were still vulnerable, and reached out to them to get them to patch.
in a perfect world, a lot of the above is fairly automated...but I'd imagine most of us don't live in that perfect world...so the above tasks take a fair amount of time, which detracts from other work..so shows up as the cost of heartbleed. multiply that times X companies....and add in costs for consultants/contractors for some companies...and it gets to be big number.
Why would they want to intercept the traffic when they could just read it off the server?
from TFA:....But Lavabit offered paying customers a secure email service that stores incoming messages encrypted to a key known only to that user. Lavabit itself did not have access.
feel free to hunt away. Ontario MNR: "Hunting is an effective way to manage goose populations and prevent conflicts. Regulations, seasons and municipal bylaws must be followed. You may hunt geese in the open season with a valid hunting licence for migratory birds. You can also encourage hunting on your property. "
The author obviously doesn't know very much about government security practice, even though their handbook is available online for anybody who can Google.
hrm..you might want to google that author's name before you say that...here
Re:Can we get their userids next to their names?
on
Making a Slashdot Omelet
·
· Score: 5, Informative
refusing to interviews if the interviewer isn't willing to "properly" refer to GNU/Linux or conflates Free and Open Source Software... Arguably such people are the ones who might most benefit from his message. Appearing on stage next to a banner might produce the opportunity to talk about why he disagrees with such things... talking to a reporter who conflates "Free" and "Open Source" might provide an opportunity to talk about the difference. Both could be done in a non-confrontational way that none the less shows what he believes and why.
did you see the part where rms asks that the journalists actually attend his talk? and the references he gives to the GNU website talking about the difference between Free Software and Open Source software? by the time he finishes his speech, he has spoken at length on the differences. why repeat it to a journalist?
I agree...I don't really see why these games need "winners" and "losers"...they shouldn't even keep score...and at the end of the games...whats with the cold handshakes...why not HUG!
DVD's have DRM also. Your argument doesn't hold any water.
that is because his argument is not licensed to hold water in your region. if you were in the proper region, and paid the appropriate licensing fees you would see that the water is indeed held.
Now, there well may be technical reasons why a reboot is a bad idea, but this article doesn't present any.
hrm, the article states:...If you shrug and reboot the box after looking around for a few minutes, you may have missed the fact that a junior admin inadvertently deleted/boot and some portions of/etc and/usr/lib64 due to a runaway script they were writing. That's what was causing the segfaults and the wonky behavior. But since you rebooted the server without digging into the problem, you've made it much worse, and you'll soon boot a rescue image -- with all kinds of ponderous work awaiting you -- while a production server is down.
and: In many cases, it's extremely important not to reboot, because the key to fixing the problem is present on the system before the reboot, but will not be immediately available after. The problem will recur, and if the only known solution is to reboot, then the problem will never be fixed unless or until someone decides not to reboot and instead tries to find the root of the problem.
and while I disagree with this one slightly..as the problem may still be present after a reboot..I defintely agree with what the author is saying...find the actual root of the problem, and fix it..don't just cross your fingers and hope a reboot will fix the problem.
Also the author never mentions preserving uptime of the server as a goal..he does mention a few times patching in place..which will mean killing services, effectively making that particular server unavailable.
Slashdot Mirror
I'm at the post office, and they are saying that they need a zip code for PO Box ~SMH.
please provide the *full* address so we can make the monies!
Me too!
I was wondering when Hawking would finally weigh in on this subject.
hah, what a newb.
I really wish Greg would have told us which distro he is using though.
The first tip-off that this story is BS is that this charging technique doesn't even require an Apple-branded microwave.
There is no way that Apple would introduce a new feature that does not require new Apple hardware.
...have you seen their fans? http://cdn2.bigassfans.com/images/BAF-Dairy1.jpg
I don't think there is another accurate way to describe them. other than, 'whoa, that is a big ass fan!'
yea, is difficult to see how it could cost *that* much. although, I would argue that it could be a little more complicated than you mention, if you don't have a perfect inventory of all of your software and devices.
it was/is a serious enough bug that it was drop everything and start patching/mitigating the problem...since it can take time to determine if your software/devices are vulnerable, it is likely that people had to work overtime (does anyone actually get paid overtime anymore?).
it also probably meant running scans across your public IP space to see if you have anything listening that is vulnerable that you somehow missed, then tracking down exactly what that device is.
I've heard that some CA's were charging for either the revoke, or re-issue on certs as well. although I never actually confirmed that.
you then had to roll all passwords used on those devices, and any passwords that were used on external sites.
after the initial rush to patch/scan your network...it came out that all heartbleed scanners are not accurate. so lots of people probably re-scanned with better tools.
if you work with a lot of external partners, people probably spent time scanning them as well, to see if they were still vulnerable, and reached out to them to get them to patch.
in a perfect world, a lot of the above is fairly automated...but I'd imagine most of us don't live in that perfect world...so the above tasks take a fair amount of time, which detracts from other work..so shows up as the cost of heartbleed. multiply that times X companies....and add in costs for consultants/contractors for some companies...and it gets to be big number.
Why would they want to intercept the traffic when they could just read it off the server?
from TFA: ....But Lavabit offered paying customers a secure email service that stores incoming messages encrypted to a key known only to that user. Lavabit itself did not have access.
feel free to hunt away.
Ontario MNR:
"Hunting is an effective way to manage goose populations and prevent conflicts. Regulations, seasons and municipal bylaws must be followed. You may hunt geese in the open season with a valid hunting licence for migratory birds. You can also encourage hunting on your property. "
t's the legion of over 35 housewives that hang off her every word
I always heard that she had an army..but I never heard an actual number put to it.
so she has roughly 37 ladies who will do what she says.
these must be some very rich ladies!
The author obviously doesn't know very much about government security practice, even though their handbook is available online for anybody who can Google.
hrm..you might want to google that author's name before you say that...here
Chris DiBona
chrisd (1457)
Nathan Oostendorp
oostendo (5530)
Rob "CmdrTaco" Malda
cmdrTaco (1)
Jeff "Hemos" Bates
Hemos (2)
Jon Katz
JonKatz (7654)
Emmet Plant
emmet (70481)
Jonathan "CowboyNeal" Pater
CowboyNeal (4)
Vodka is better than beer.
I'm surprised to hear you say that VodkaGuy...I had you pegged as more of a wine-drinking-guy.
SSH can't be proxied like SSL traffic
yep, it can. there are a few commercial fw's that do it...check out page 191 of McAfee's (.pdf) userguide
here
if you don't wanna read the .pdf...check here
"Put the network firewall in charge of security again with integrated comprehensive network gateway protection technology, including:
Encrypted traffic inspection (SSH/SSL)
"
Lord... Whats a qubit?
it is more of who than a what...Qubit is Q*Bert's Chinese cousin.
hrm, well they changed their name (in 1961) to the "New Democratic Party" from the "New Party"..they seem to like the "New" name.
heh. I did come back to check to see if you responded.
HP tends to do the tall enter key...so the pipe key is to the left of that.
watch out for the consumer level laptops from HP...they are fairly cheaply made (pavilion line).
the probooks are much better quality....but you do pay for it.
other than that...great machines.
(non ac this time :))
when ever I think of BIND8, I think of my .sig:
refusing to interviews if the interviewer isn't willing to "properly" refer to GNU/Linux or conflates Free and Open Source Software... Arguably such people are the ones who might most benefit from his message. Appearing on stage next to a banner might produce the opportunity to talk about why he disagrees with such things... talking to a reporter who conflates "Free" and "Open Source" might provide an opportunity to talk about the difference. Both could be done in a non-confrontational way that none the less shows what he believes and why.
did you see the part where rms asks that the journalists actually attend his talk? and the references he gives to the GNU website talking about the difference between Free Software and Open Source software?
by the time he finishes his speech, he has spoken at length on the differences. why repeat it to a journalist?
pfft...this is clearly a slashvertisement for Linus' divelog!
haha, yep...I hear ya on the mod points thing.
it has always made me feel more connected to /.
I agree...I don't really see why these games need "winners" and "losers"...they shouldn't even keep score...and at the end of the games...whats with the cold handshakes...why not HUG!
DVD's have DRM also. Your argument doesn't hold any water.
that is because his argument is not licensed to hold water in your region. if you were in the proper region, and paid the appropriate licensing fees you would see that the water is indeed held.
Now, there well may be technical reasons why a reboot is a bad idea, but this article doesn't present any.
hrm, the article states: ...If you shrug and reboot the box after looking around for a few minutes, you may have missed the fact that a junior admin inadvertently deleted /boot and some portions of /etc and /usr/lib64 due to a runaway script they were writing. That's what was causing the segfaults and the wonky behavior. But since you rebooted the server without digging into the problem, you've made it much worse, and you'll soon boot a rescue image -- with all kinds of ponderous work awaiting you -- while a production server is down.
and:
In many cases, it's extremely important not to reboot, because the key to fixing the problem is present on the system before the reboot, but will not be immediately available after. The problem will recur, and if the only known solution is to reboot, then the problem will never be fixed unless or until someone decides not to reboot and instead tries to find the root of the problem.
and while I disagree with this one slightly..as the problem may still be present after a reboot..I defintely agree with what the author is saying...find the actual root of the problem, and fix it..don't just cross your fingers and hope a reboot will fix the problem.
Also the author never mentions preserving uptime of the server as a goal..he does mention a few times patching in place..which will mean killing services, effectively making that particular server unavailable.
yep, defintely late to the party. *cough* WebTV *cough*
yea, OK some different functionality..but the idea was there. and yes, they bought a company to make it happen.
This one could make it though..MS tends to not get things right until the second patch to the 3rd release of their code..