Maine, since 1972, and Nebraska, since 1996, both give EC votes based on proportionate popular vote in the state.
Maine could go 3 EC Votes for Kerry, 1 for Bush etc.
I would rather see a proportionate system like this for EC reform than going to straight popular vote. It would also have the effect of giving those who live in states with a bias a vote. Why would I vote in Maryland? It has always gone Democrat. If my vote could swing a few otherwise lockstep EC votes to my candidate of choice, it might get me out. All theory of course, I vote in any case.
We ran this configuration for about 3 months. The problem is the shear number of false positives by the default snort rules. If you can't spend the time trimming down the ruleset to bare minimum to cover your needs, you will be locking out end users.
Classic for us was one user who had multiple domains with us got blocked every time she went to view one of her pages. Turns out the snort rule was so generic it was just looking for/calendar, so anything containing that would get trashed.
In the general sense, most likely you won't get a whole lot of cooperation from the ISP (gone are the days of the minions at Erol's). Stay patched, use common sense, and ignore it.
Actually I'd prefer the marine to realize that one-handed works great in movies but is for-shit in real life. Give me a modified 45 degree weaver stance any day. You can even use a flashlight and still brace with that. Trick is using a flashlight you can get flashes of light with. Never full on, unless you want to lose that limb.
Love the feel of the game. And yet... Forget the far future, the laser sight mounted on the trigger guard of my Glock 21 is bright enough to use as a flashlight in a dark room. Is it so hard to imagine laser sights as available standard options that far in the future?
Though I have to admit when I go shooting, the laser stays off and I use only the ghost ring sites on the pistol. Ghost rings work much much better than I ever expected them to given the short sight plane.
Re:What, you want me to put wallpaper on my window
on
Anti-Wi-Fi Wallpaper
·
· Score: 1
A real world example of a reasonable use: We have no less than 5 visible access points at certain locations, each from different companies, each on varying frequencies, usually somewhere smack in the middle interferring with 1/6/11.
Being able to wallpaper the outter walls, means the difference between a poor signal with pingponging speeds and an excellent signal. Talking with the other companies doesn't help, heck the hospital next door (with 2 wireless links to a remote location on channels 2 and 3 no less), refused to understand when we spelled out to them why they were getting lossy signals and were walking on us.
Give me reasonable pricing on this wallpaper in an acceptable blah color, and I'd buy rolls tomorrow.
We're in the opposite boat. 110 user medical practice. We use Exchange 2000, which required us to upgrade our site from a Domain to Active Directory.
1) Exchange is expensive per chair. In our situation, Medicare cuts have tightened our budget enough I'd rather spend the money somewhere else. 2) Exchange is hardware intensive. While that server is also a home directory server, I really wouldn't care to run many more users on a single server, while with alternatives (postfix for example), I'd feel comfortable running a much higher user-to-server ratio. 3) There are just certain things that require mucking about with the Active Directory internals. It's unsupported by MS, but the only way to do certain things. I'll grant some of our issues here are due to having to run in a mixed domain/ADS mode for a while. 4) We'd still require running Exchange behind a mail filtering incoming/outgoing server. Take our bias with a bit of salt as you will, we also don't allow any MS product to touch the outside world without filters/firewalls/scanning in place.
Very few companies use all the functionality that Exchange provides. Better to look at alternatives. Do remember that for most cases, you are also tying yourself into Outlook and all the problems that entails, so that should factor in as well.
In any case, expect a heck of a lot more handholding of the service than you have with sendmail.
Agreed that no record of voting should ever leave with the voter.
That said, I absolutely disagree with the "we want everyone to vote" bit. If you (as a voter) are unwilling or unable to understand the issues, and can't even take enough interest to know who is running in the major offices of an election, you should not vote. I'd also add in that if you (in the general) are receiving federal handouts you should not be able to vote.
Government should always be what is needed, not what can I get out of it.
Can't work a voting machine? Sure, we'll dumb that right down for ya! Here's your rock, drop it on the candidate's foot you want to win...
gentoo-sources (2.4) and gentoo-dev-sources (2.6) are both heavily patched and modified versions of the respective sources anyway. They are in no way a vanilla kernel.
I can't see the new change actually affecting Gentoo all that much.
After base box is set, emerge unmerge gcc, emerge inject ggc-version so portage doesn't add it back, set package repository in make.conf and use emerge -k for all installs.
Viola no compiler...
Another slightly less secure option is to simply go through and set ALL compile tools: chown root:root * chmod 500 *
Similar experience. Built 200+ machines (custom shop for 3 years), and worked on a bunch more... Only board/cpu I ever toasted was my first week when the manager handed me the mb/cpu (486/66) with cpu already in place as we were rushing.
*faint pop* and a low dense ground-fog kind of smoke on the mb later...
She put the cpu's in 180 degrees from proper... Probably why Intel started pin keying.
Have to agree with parent. Even experience in other fields of computing (networking, sysadmin, building even) is a big win. I've been in consulting jobs working with other programmers (Indian and American), and the problem with most was their focus only on programming. They just didn't have any other experience to draw from.
Actually, even stand alone fat Linux clients are generally trivial.
It's simple to set up a "gold master" and just sync clients to it, even from a cron job. Use LDAP/Kerberos + NFS (or equivalent, OpenAFS for example) for user account info. New machine needs to be set up? Ok, fdisk, dump data, lilo and reboot. Done.
Windows is a nightmare by comparision to roll out, especially so in an environment where PCs have been ordered in small batches here and there, making Ghost or imagining pretty darned worthless. Linux at least, you can easily build a kernel with broad support, or build it all modular and hotplug it.
Definately true that Linux shines in a "thin-client" roll, but once you get over 4-5 clients, there isn't really a reason for fat clients to be that much of a bother either.
A reasonable idea... I however doubt that any service would issue anything alert wise unless it was caused by some sensational event. New nasty worm, terrorism... A simple outage, even on this scale just isn't exciting enough for the newschannels.
Shame that. Might warrant a blurb tonight on the news, but it certainly won't dislodge the scroller that has the most recent body count in it, and probably no "this just in" by the talking heads.
Err.. What are they supposed to do? Spam everyone who ever registered a domain and say, "oops our bad, but by the time you get this, it'll all be over?"
If it's really that critical, then set up Nagios to monitor those ips or something.
I had one person call this morning because they couldn't reach Google. And what was she trying to use it for? She broke a window this weekend and was looking for a dealer who sells her type of window.
I have a much bigger issue with spams clogging my incoming mail folders than I do with transient DNS issues.
as an aside, does yours ever lock up so hard that you have to pop the battery out to reset it?
Good. I'm not crazy. Both mine and my wife's T720 lock hard, usually while charging from wall outlet (never charging in car), both are plugged into surge suppressors. Ah well, only another year on the contract...
Bingo. Some of those examples are rather bad as well. The "search for.c and compile to.o" script for example.
I can't speak to the others, but coding it with os.path.walk in 2.2 python or os.walk in 2.3 is significantly more concise than the sample program used.
I hazard a guess that others are the same. Problem with knowing so many languages at a shallow level, you don't necessarily know the best way to do something.
Actually I did have this happen once in all my years with a Debian stable production box. It helped move data from a Vax box to be injected into an Oracle DB running under Windows for ERP.
There was an update to the nfs code to solve a potential exploit, which unfortunately also broke the NFS shares on the Vax side.
Was easy to revert to the previously "broken" NFS server though.
That was one time in 5 years of running though. The number of times an update has borked windows though is much more of a concern.
Don't even get me started on the lobotomy done on a machine by Mandrake's autoupdate function though.
Ignorance is indeed bliss. I used to feel the exact same way. Then had a virus nail me through a share I'd made available to a coworker.
With free for single computer personal use AV packages such as grisoft.com's AVG, there just isn't any excuse, no matter how careful you are, there's always something you can miss.
So long as Sports get first funding before classrooms, teachers are underpaid, classes are held in trailer parks, F's are now E's because we don't want kids feeling bad, and fights result in sessions of Conflict Resolution rather than a suspension, computers as a teaching tool never had a chance.
How is it rediculous? 5 minutes of poking around at NewEgg nets you (for just under $2k):
A Shuttle XPC SN85G4 A Athlon 64 3400+ A ATI 9800Pro 2 gig of ram A 17inch LCD display with speakers A DVD-R/RW+R/RW And a 120gig 7200rpm HD.
You or I could do this right now, this second with off the shelf parts. There's a huge premium on the Athlon 64 right now due to it being the fastest in that line. Given 2 more years, I can see the specs in question, perhaps not your average box, but definately readily available.
Anecdotal evidence never really works. Everyone I know has 1gig+ standard.
Powerbook 867mhz G4 (1 gig) PowerPC dual 1.25 G4 (2 gig) My wife's pc 1.1 Duron (1 gig) My pc (3.0ghz P4) (2 gig) My MythTV 2.6 Athlon (1 gig)
Is this the norm? Nope, but it's trending up in general. When I first started building PCs, it was 486/33s and some 486DX2/66s with a meg of ram. Now a Shuttle XPC box I built to hide behind the dresser in the bedroom is several orders of magnitude higher. And that's in just over 10 years.
Given the rate of storage growth, I would not be at all surprised by specs like these.
As far as not needing 3ghz to read email or surf the web, you do when every website is bloated with flash or shockwave, and every email is bloated with various smiley face inserting media enhancements... Not to mention the computer is panting trying to give fair clockcycles to the 28 average Spyware/Malware applications competing on it.../ugh
Dispite the fact that the operator is more then able to click on the reccomended patches, doing so could get you into alot of trouble.
Having to support over 100 nurses, physicians, and office staff.. I can think of three that might, I stress MIGHT, be able to apply patches themselves. The rest of them either can't or won't be bothered to learn basic troubleshooting (ie: is the printer online), even when shown on multiple occasions.
Add to that that certain patches will break various vertical apps. It's compounded by the reality that MS's security scheme is overly complicated. Having looked at over a dozen electronic medical record systems, most required "Domain Users" to be added to the local machine Administrators group. Ditto for practice management. I can only imagine what other fields are like.
MS SUS server for distributing critical updates does help alot, though it can be a bit twitchy. If you have to deal with more than a handful of machines, you owe it to yourself to look at MS SUS.
I've always been against this, or at least the more anal implementations of it, in that forcing people to choose hard-to-remember passwords typically leads to writing the passwords down--often in obvious places--which makes the problem worse instead of better. Good encryption (e.g. ssh instead of telnet) and good security measures (e.g. shadow passwords) are much more effective than draconian policies that don't achieve their ends anyway.
You have a point, excepting that a weak, easy to guess password is still just as vulnerable to guessing over ssh unless you only use certificates, and disallow passwords. At least if it's written down, it narrows your scope (ah! it's a janitor, not some guy in Russia).
Admittedly I've not been in college for some time, but my guess is most use a NIS or YP scheme for user accounts, with a few using Kerberos/LDAP. Last time I looked at YP, you didn't have an equivalence to shadow passwords, as any user could dump the database of passwords.
I just somehow doubt that most compromised sites use (sasl)LDAP+KERBEROS for authentication and user accounts. That would make life living hell for a cracker. On the other hand, given the pains I've had trying to move my home network to exactly that with ipsec between machines, it's non-trivial in the extreme and most likely severe overkill.
You trade a user level issue (figuring out how to remember a non-word password) for a difficult technical solution. There are times where the user will have to be accountable, and it simply isn't reasonable to add another tech solution.
Or maybe just move to USB dongles and X509 certificates, and do away with passwords... No, don't like that either.
Slashdot Mirror
Maine, since 1972, and Nebraska, since 1996, both give EC votes based on proportionate popular vote in the state.
Maine could go 3 EC Votes for Kerry, 1 for Bush etc.
I would rather see a proportionate system like this for EC reform than going to straight popular vote. It would also have the effect of giving those who live in states with a bias a vote. Why would I vote in Maryland? It has always gone Democrat. If my vote could swing a few otherwise lockstep EC votes to my candidate of choice, it might get me out. All theory of course, I vote in any case.
We ran this configuration for about 3 months. The problem is the shear number of false positives by the default snort rules. If you can't spend the time trimming down the ruleset to bare minimum to cover your needs, you will be locking out end users.
/calendar, so anything containing that would get trashed.
Classic for us was one user who had multiple domains with us got blocked every time she went to view one of her pages. Turns out the snort rule was so generic it was just looking for
In the general sense, most likely you won't get a whole lot of cooperation from the ISP (gone are the days of the minions at Erol's). Stay patched, use common sense, and ignore it.
Actually I'd prefer the marine to realize that one-handed works great in movies but is for-shit in real life. Give me a modified 45 degree weaver stance any day. You can even use a flashlight and still brace with that. Trick is using a flashlight you can get flashes of light with. Never full on, unless you want to lose that limb.
Love the feel of the game. And yet... Forget the far future, the laser sight mounted on the trigger guard of my Glock 21 is bright enough to use as a flashlight in a dark room. Is it so hard to imagine laser sights as available standard options that far in the future?
Though I have to admit when I go shooting, the laser stays off and I use only the ghost ring sites on the pistol. Ghost rings work much much better than I ever expected them to given the short sight plane.
A real world example of a reasonable use: We have no less than 5 visible access points at certain locations, each from different companies, each on varying frequencies, usually somewhere smack in the middle interferring with 1/6/11.
Being able to wallpaper the outter walls, means the difference between a poor signal with pingponging speeds and an excellent signal. Talking with the other companies doesn't help, heck the hospital next door (with 2 wireless links to a remote location on channels 2 and 3 no less), refused to understand when we spelled out to them why they were getting lossy signals and were walking on us.
Give me reasonable pricing on this wallpaper in an acceptable blah color, and I'd buy rolls tomorrow.
We're in the opposite boat. 110 user medical practice. We use Exchange 2000, which required us to upgrade our site from a Domain to Active Directory.
1) Exchange is expensive per chair. In our situation, Medicare cuts have tightened our budget enough I'd rather spend the money somewhere else.
2) Exchange is hardware intensive. While that server is also a home directory server, I really wouldn't care to run many more users on a single server, while with alternatives (postfix for example), I'd feel comfortable running a much higher user-to-server ratio.
3) There are just certain things that require mucking about with the Active Directory internals. It's unsupported by MS, but the only way to do certain things. I'll grant some of our issues here are due to having to run in a mixed domain/ADS mode for a while.
4) We'd still require running Exchange behind a mail filtering incoming/outgoing server. Take our bias with a bit of salt as you will, we also don't allow any MS product to touch the outside world without filters/firewalls/scanning in place.
Very few companies use all the functionality that Exchange provides. Better to look at alternatives. Do remember that for most cases, you are also tying yourself into Outlook and all the problems that entails, so that should factor in as well.
In any case, expect a heck of a lot more handholding of the service than you have with sendmail.
Good luck!
Agreed that no record of voting should ever leave with the voter.
That said, I absolutely disagree with the "we want everyone to vote" bit. If you (as a voter) are unwilling or unable to understand the issues, and can't even take enough interest to know who is running in the major offices of an election, you should not vote. I'd also add in that if you (in the general) are receiving federal handouts you should not be able to vote.
Government should always be what is needed, not what can I get out of it.
Can't work a voting machine? Sure, we'll dumb that right down for ya! Here's your rock, drop it on the candidate's foot you want to win...
gentoo-sources (2.4) and gentoo-dev-sources (2.6) are both heavily patched and modified versions of the respective sources anyway. They are in no way a vanilla kernel.
I can't see the new change actually affecting Gentoo all that much.
Well, we use a 2nd box for all building actually.
After base box is set, emerge unmerge gcc, emerge inject ggc-version so portage doesn't add it back, set package repository in make.conf and use emerge -k for all installs.
Viola no compiler...
Another slightly less secure option is to simply go through and set ALL compile tools:
chown root:root *
chmod 500 *
Guess again. The more stupid DMCA lawsuits that are upheld, the more precedence is set.
Overturn a law? When the yahoos on Capitol Hill can't agree on what truth is, and corporations pour money into their pockets?
Similar experience. Built 200+ machines (custom shop for 3 years), and worked on a bunch more... Only board/cpu I ever toasted was my first week when the manager handed me the mb/cpu (486/66) with cpu already in place as we were rushing.
*faint pop* and a low dense ground-fog kind of smoke on the mb later...
She put the cpu's in 180 degrees from proper... Probably why Intel started pin keying.
Howso? Various incarnations of gcc have existed for Windows NT/2000 for years. Cygwin and MinGW have both been available for years.
If all you wanted was gcc, then those are a heck of a lot more digestable than a full Linux distribution just to get vi and gcc.
Have to agree with parent. Even experience in other fields of computing (networking, sysadmin, building even) is a big win. I've been in consulting jobs working with other programmers (Indian and American), and the problem with most was their focus only on programming. They just didn't have any other experience to draw from.
Actually, even stand alone fat Linux clients are generally trivial.
It's simple to set up a "gold master" and just sync clients to it, even from a cron job. Use LDAP/Kerberos + NFS (or equivalent, OpenAFS for example) for user account info. New machine needs to be set up? Ok, fdisk, dump data, lilo and reboot. Done.
Windows is a nightmare by comparision to roll out, especially so in an environment where PCs have been ordered in small batches here and there, making Ghost or imagining pretty darned worthless. Linux at least, you can easily build a kernel with broad support, or build it all modular and hotplug it.
Definately true that Linux shines in a "thin-client" roll, but once you get over 4-5 clients, there isn't really a reason for fat clients to be that much of a bother either.
A reasonable idea... I however doubt that any service would issue anything alert wise unless it was caused by some sensational event. New nasty worm, terrorism... A simple outage, even on this scale just isn't exciting enough for the newschannels.
Shame that. Might warrant a blurb tonight on the news, but it certainly won't dislodge the scroller that has the most recent body count in it, and probably no "this just in" by the talking heads.
Err.. What are they supposed to do? Spam everyone who ever registered a domain and say, "oops our bad, but by the time you get this, it'll all be over?"
If it's really that critical, then set up Nagios to monitor those ips or something.
I had one person call this morning because they couldn't reach Google. And what was she trying to use it for? She broke a window this weekend and was looking for a dealer who sells her type of window.
I have a much bigger issue with spams clogging my incoming mail folders than I do with transient DNS issues.
Good. I'm not crazy. Both mine and my wife's T720 lock hard, usually while charging from wall outlet (never charging in car), both are plugged into surge suppressors. Ah well, only another year on the contract...
Bingo. Some of those examples are rather bad as well. The "search for .c and compile to .o" script for example.
I can't speak to the others, but coding it with os.path.walk in 2.2 python or os.walk in 2.3 is significantly more concise than the sample program used.
I hazard a guess that others are the same. Problem with knowing so many languages at a shallow level, you don't necessarily know the best way to do something.
Actually I did have this happen once in all my years with a Debian stable production box. It helped move data from a Vax box to be injected into an Oracle DB running under Windows for ERP.
There was an update to the nfs code to solve a potential exploit, which unfortunately also broke the NFS shares on the Vax side.
Was easy to revert to the previously "broken" NFS server though.
That was one time in 5 years of running though. The number of times an update has borked windows though is much more of a concern.
Don't even get me started on the lobotomy done on a machine by Mandrake's autoupdate function though.
Ignorance is indeed bliss. I used to feel the exact same way. Then had a virus nail me through a share I'd made available to a coworker.
With free for single computer personal use AV packages such as grisoft.com's AVG, there just isn't any excuse, no matter how careful you are, there's always something you can miss.
/clap /clap
So long as Sports get first funding before classrooms, teachers are underpaid, classes are held in trailer parks, F's are now E's because we don't want kids feeling bad, and fights result in sessions of Conflict Resolution rather than a suspension, computers as a teaching tool never had a chance.
How is it rediculous? 5 minutes of poking around at NewEgg nets you (for just under $2k):
A Shuttle XPC SN85G4
A Athlon 64 3400+
A ATI 9800Pro
2 gig of ram
A 17inch LCD display with speakers
A DVD-R/RW+R/RW
And a 120gig 7200rpm HD.
You or I could do this right now, this second with off the shelf parts. There's a huge premium on the Athlon 64 right now due to it being the fastest in that line. Given 2 more years, I can see the specs in question, perhaps not your average box, but definately readily available.
Anecdotal evidence never really works. Everyone I know has 1gig+ standard.
/ugh
Powerbook 867mhz G4 (1 gig)
PowerPC dual 1.25 G4 (2 gig)
My wife's pc 1.1 Duron (1 gig)
My pc (3.0ghz P4) (2 gig)
My MythTV 2.6 Athlon (1 gig)
Is this the norm? Nope, but it's trending up in general. When I first started building PCs, it was 486/33s and some 486DX2/66s with a meg of ram. Now a Shuttle XPC box I built to hide behind the dresser in the bedroom is several orders of magnitude higher. And that's in just over 10 years.
Given the rate of storage growth, I would not be at all surprised by specs like these.
As far as not needing 3ghz to read email or surf the web, you do when every website is bloated with flash or shockwave, and every email is bloated with various smiley face inserting media enhancements... Not to mention the computer is panting trying to give fair clockcycles to the 28 average Spyware/Malware applications competing on it...
Add to that that certain patches will break various vertical apps. It's compounded by the reality that MS's security scheme is overly complicated. Having looked at over a dozen electronic medical record systems, most required "Domain Users" to be added to the local machine Administrators group. Ditto for practice management. I can only imagine what other fields are like.
MS SUS server for distributing critical updates does help alot, though it can be a bit twitchy. If you have to deal with more than a handful of machines, you owe it to yourself to look at MS SUS.
You have a point, excepting that a weak, easy to guess password is still just as vulnerable to guessing over ssh unless you only use certificates, and disallow passwords. At least if it's written down, it narrows your scope (ah! it's a janitor, not some guy in Russia).
Admittedly I've not been in college for some time, but my guess is most use a NIS or YP scheme for user accounts, with a few using Kerberos/LDAP. Last time I looked at YP, you didn't have an equivalence to shadow passwords, as any user could dump the database of passwords.
I just somehow doubt that most compromised sites use (sasl)LDAP+KERBEROS for authentication and user accounts. That would make life living hell for a cracker. On the other hand, given the pains I've had trying to move my home network to exactly that with ipsec between machines, it's non-trivial in the extreme and most likely severe overkill.
You trade a user level issue (figuring out how to remember a non-word password) for a difficult technical solution. There are times where the user will have to be accountable, and it simply isn't reasonable to add another tech solution.
Or maybe just move to USB dongles and X509 certificates, and do away with passwords... No, don't like that either.