Slashdot Mirror


User: Martin+Blank

Martin+Blank's activity in the archive.

Stories
0
Comments
4,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,446

  1. Re:Fucking Great on McAfee Will Ignore FBI Spyware · · Score: 1

    One of the items mentioned in recent articles is that the FBI will be contacting trusted agents it think it can turn in order to send you the attachments containing the virus. I'm not particularly afraid of them sending stuff into my mailbox (yet), but it does have me looking at alternate methods of protecting my systems, such as file integrity checkers, and considering methods of checking my keyboard cables without having to do the gymnastics required to get behind my case.

    Anyone know anything about TEMPEST shielding?

  2. Re:Classic games on Sid Meier on Civ III · · Score: 4, Informative

    A couple of previous interviews and mentions on the main site have addressed this. Units now do stack, as opposed to the prior method of fighting against the biggest unit and destroying all if you win. In addition, you can form armies of mixed units, provided you have a Leader. I think interdiction of units at sea (always my favorite) will become much more necessary. After all, the tanks below-deck can't fire back, can they?

    Terrain will, reportedly, play a different role in the new version, with combat units able to better guard passes because enemy units will effectively be forced into a given field of fire. There will also be a bit of a slaughter factor, with Pikemen no longer able to effectively fend off riflemen. I just hope I can get DaVinci's Workshop early enough...

    And you don't know how big those Locusts of Chiron are. They carried my car off the other day! :)

  3. Re:This is Stupid on £10,000 Prize for Linux Virus Challenge Re-Issued · · Score: 1
    How many admins out there have been burned by applying MS hot-fixes and wait until a full service pack before doing anything, if even then?

    Everyone who has really gotten into the guts Windows 95 or later has had the painful experience of a file or registry corruption. Some of us have had the doubly unpleasant experience of both at the same time. This is not, however, a valid argument for avoiding hotfixes.

    In October of 2000, I asked one of the guys handling standards at my company (theoretically a smart guy with lots of admin experience) if I could install a particular NT4 hotfix on someone's computer. His response: "We don't install anything later than SP4 on NT systems because nothing later has been tested, and we never install hotfixes because they might be unstable, so we wait for the service packs."

    I couldn't quite believe what he had just said. I understood the initial lockdown of SP4 in 1999, which was for Y2K compliance, but by the time I had asked the question, TWO service packs had been released, not to mention a couple of dozen hotfixes. A year later now, my own Windows 2000 system has about the lowest chance of any system in the company (5000 people worldwide) becoming infected or hacked because I do keep up to date on the patches and service packs. Every time a new virus comes out, the security team goes running around crying about how we're doomed, and we have to get the latest Trend (AAAARGH!!! Saying that name hurts.....) patches and signatures out. When I calmly look at the description, there's usually something about a patch released for Windows two or three months before that was never installed, except for my system and perhaps a handful of others I've visited.

    It's not a perfect solution, but I've talked the tech guys I work with into installing all of the post-SP2 hotfixes onto the W2K systems as we roll them out. I'm also working with the level-headed head of security to get something else implemented more or less behind the scenes. Unfortunately, despite being CSO, he has little power because of the "distributed" nature of security at the company, where each business unit is responsible for its own security. This is a bad idea when most of the business units barely have people who can install software.

  4. Happens on the 30GB drives, too on IBM DeskStar 75GXP Hard Drive Failures? · · Score: 1
    I purchased the 30GB variant of the 75GXP after reading some rave reviews and seeing them shipped in dozens of new Dell systems at work without any problems. They were a little more expensive than my normal Maxtor purchase, but the speed was supposed to be so much better.

    Until the Great Annoying Hard Drive Crash of 2001.

    Ironically, I had just bought a new CD-R that day which was to be used for data backups. The clicking noise had been there for a couple of days, but I thought it was the ancient 4GB Quantum drive I used for a swap. I shut down the system, installed the new CD-R drive, and attempted to boot. Windows 2000 gave me an INACCESSIBLE_BOOT_DEVICE error. After two solid days of trying different recovery techniques, I found that I had a dead drive.

    Well, mostly. This is when I discovered the wonders of OnTrack Easy Recovery Pro. I'm not doing a commercial here, other than to say it's now a mandatory part of my toolkit. I recovered all but one small website, a total of about 20GB.

    Anyway, when I got in contact with IBM, they gave me an address in NorCal to which I had to ship the drive (after denying the reports I had seen on various web sites about severe problems with the 75GXP drive line), and then was told that a replacement would be in my hands in 7-10 working days of their receipt. I live in SoCal, UPS said it was a two-day trip up there, so I figured it would only be a couple of weeks until I could get back to normal.

    Wrong. After ten working days, I called, and they were backordered, but expected to be able to ship in three days. Then I called back five days later, and was told that the shipment was coming from overseas. A few days later, the shipment was "stuck in Customs". I finally got my drive (a refurbished unit, dammit) a little more than a month after originally sending it, and it has since worked more or less normally. I am, however, antsy about it, and I am looking forward to getting a couple of good-sized, high-speed Maxtors later this year and setting them up in RAID-1 configuration.

    I used to heartily recommend IBM drives, and now my faith has been shaken to the core. Maxtor has regained my respect for top brand, with Seagate second (primarily for price), and then IBM. Of course, I still won't touch a Western Digital if I can avoid it. I've had EIGHT of those go bad in my systems and in those of friends and family.

  5. Re:This is bad on Salon Goes For Annoying Jump-Through Ads · · Score: 1

    I have to disagree with you on this. It took a little bit of getting used to, but the interactive ad idea is working for me, and I don't mind it at all now, as I've learned to tailor my reading patterns on that particular site to tune out the ads when I don't want to see them. I've even explored a few of the ads, although most of those in which I've taken interest are for server packages costing many times my salary and so were more for curiosity than real exploration. In my mind, they're more effective than banners, less annoying than pop-up/under windows, and less intrusive than click-throughs. If I had such a website, I might well go in that direction.

  6. Re:It won't work on AMD To Hide MHz Rating From Consumers · · Score: 1

    They've been fighting the war over inferiority since the K5 chip. I bought a 200MHz K6 chip at the same time as a friend bought a 200MHz Pentium MMX chip. We swapped CPUs through each other's systems for hours running various benchmarks, and determined that even though my K6 cost me something like $300 and his Pentium around $450 (I may be off, but the ratio is right), his 50% higher price netted him maybe 5% more performance on average, with Quake running about 10% faster.

    As far as the running inferiority war, my parents are still leery about the Duron 600 chip in their system because it's AMD. Windows 2000 loads very slowly for them (although their games look beautiful on it), and while *I* know it's an issue with the chipset and a few settings I should have made, they blame it on the chip and don't complain much only because I gave them the system for free.

    I don't want to see AMD lose the marketing battle again. We'll end up back in the Dark Ages of SPU marketing, where only low-end no-name systems will have AMD CPUs inside. I just don't think I could handle the Blue Man Group doing a victory dance over the ashes of an Athlon.

  7. Re:How can this work? on Wireless Freenets As The Parasitic Grid · · Score: 1

    The guys at O'Reilly working on this have an idea that uses a hash of your MAC as your IP address, so you can keep the same address when you move from cell to cell.


    I'm still a bit fuzzy on it, but doesn't IPv6 work in a similar way, where the MAC address can be used as part of the IP address? And wouldn't IPv6 be a better protocol to run over such networks anyway? I know the drivers are still not quite mature, but this could be a good test bed. Also, with the recent news on the security of 802.11b, I'd hate to have someone listening in on my e-mail because I either didn't know about the security gaps or was too lazy to do anything about it. What about VPNs of some sort, or is that even possible in this kind of open environment?

  8. Re:Yeah, it's SO much better to do NOTHING... on Triana Mothballed · · Score: 1
    Actually, that's a pretty poor percentage on which to base such a decision. However, if it works, say, 20% of the time, then ten ABM missiles could be launched at an incoming missile from China, North Korea, etc., and you would expect a very good chance of intercepting the inbound.

    Personally, I prefer the idea of knocking the damned things down in the boost phase with the 747-mounted laser.

  9. Re:Shuttle - why? on Triana Mothballed · · Score: 1

    The General Accounting Office says a shuttle launch costs about $512 million. Or at least it did as of last autumn. There's a line about two-thirds through this Houston Chronicle article mentioning that cost.

  10. Re:Sign of the times on Triana Mothballed · · Score: 1

    Most people I know couldn't care less about their tax rebates. I consider myself fairly conservative, in favor of tax cuts, but not like this. More science, more space, IMHO. In fact, what we could have done with a tiny part of an extra $125B a year is resurrect the damed Super-Conducting Super-Collider. It was $2B short, and was cut in a time of tight budgets. We're not under those restrictions, anymore, so PUT THE WORKERS BACK ON SITE.

    Ahem.

  11. Re:Seems jike another frivolous lawsuit on Lawsuit Alleges That Palms Damage Motherboards · · Score: 1

    We had an identical problem with two Palms here. Turned out that Dell was right: The Palms were defective. Palm replaced them, and they work fine now.

  12. Re:Old Days on TCP/MS, We'll Cure What Ails You · · Score: 1
    Actually, this makes me consider writing up an instruction manual on security and mail it to everyone I know, beginning with the easy (and most critical) stuff like how to do Windows Update, how to turn on file extensions, how to turn off VBS, etc, so that people get that info before they lose interest, and then move on to more complex topics like PGP, which, as easy as I make it, will cause some eyes to glaze over. It's a matter of using the trust in me as a very computer-savvy person to get people to change their ways.

    Now, here's a HUGE catch in things. Considering that there is no practical way to recover a password for PGP, do I then make myself responsible for key recovery for these people? It's a potentially huge job, and not one I take lightly. What happens if I get hit by an asteroid? These people (and their encrypted files) are potentially all screwed. I can really push the "signed e-mail only" aspect of it, but some of them will invariably encrypt files, and then lose their passwords, and then blame me for files they cannot retrieve.

    :: sigh ::

    I have to say, however bad it sounds, that Outlook virii make me happy that a significant portion of the people I know use either web-based e-mail services or AOL. Most web-based services catch these before they can even be directed at the users, and AOL's otherwise crappy e-mail client is so limited as to not allow most VBS virii to execute. I guess that means (assuming that story about the change in e-mail clients was true) that we won't be seeing a lot of these virii propagate from AOL/TW.

  13. Re:Cops can help... on Tracking A Thief Via The Sircam Virus? · · Score: 1

    Something else to consider is that the detective could well get some press coverage for both him and the department, and that may turn into dollars from various government agencies to help them boost their technical abilities.

  14. Re:More than just two contests on Win $200,000 In RSA's Factoring Challenge · · Score: 1

    I really should read my posts for clarity before clicking Submit.

    I meant that the 2048-bit wouldn't be solved anytime soon.

    ::sigh :: I need some Jolt.

  15. Cops can help... on Tracking A Thief Via The Sircam Virus? · · Score: 1

    ...if they are willing to look at technical details.

    If your friends are using any e-mail program that allows one to see the headers without opening the message itself, then tracing the Receiving headers back to the IP of origin should be able to help. Contact the owner of the original server, find out how the person connected, and see if that connection can be traced back to an ISP login. It's not perfect, but it's a start.

  16. Re:More than just two contests on Win $200,000 In RSA's Factoring Challenge · · Score: 1
    I seem to remember in Applied Cryptography that Bruce Schneier suggested that at a most efficient possible level of computing, harnessing all of the sun's energy for the next four billion years would not be enough to brute-force a 4096-bit key. While keys ranging from 576-bit to 2048-bit keys are theoretically far more simple, we're still nowhere near that level of computing efficiency or power, so unless someone figures out a far more elegant manner of cracking such numbers than are currently in use, RSA may as well spend the prize money, since they'll never have to award it.

    Makes me wish I had known about the NSA's recruitment programs in high school....

  17. Re:Why not RFC standard? on AOL May Open Instant Messaging To Other Servers · · Score: 1

    I have been a lurker on the mailing list for the IETF IMPPWG (Instant Messaging and Presence Protocol Working Group) since Aug 8, 2000. In that time, I have racked up a total of 1313 messages. While there are occasional bursts of progress, rarely have I seen a project get more bogged down in semantics and personal egos than I have in witnessing the exchanges there. Flame wars can be started over minor differences in viewpoints, and it's not uncommon to see people sulk when they end up on the minority side of a significant decision. There are also periods of near silence lasting for days and even weeks at a time, and I gave up hope about three months ago of anything worthwhile coming out of the group before next summer, by which it may well be too late, and the standard they were chartered to set may be set from a practical standpoint by the various companies agreeing on their own standard (or at least opening up to others' protocols).

  18. Re:solution: don't use outlook on Another Nasty Outlook Virus Strikes · · Score: 1

    My Visor Deluxe can access the Contacts without question if Outlook XP is not running, but the question is raised when it is. Makes me wonder what starts the security model, although I do appreciate the added step when it is running. I also like the extension lockdown in Outlook XP. I can't wait for my company to deploy it, although we will have to open up a handful of extensions, like .exe for the self-executing zip files that are occasionally sent.

  19. Re:About domain expiration-- on VeriSign Accuses Competitors Of 'Slamming' · · Score: 1

    I ran into the same thing as I watched for my wanted domain to open up. It expired in December, and I did not get to grab it until March. Contacts with NSI resulted in essentially this response:

    'Domain records are updated periodically. Since this is expired and the registrant does not seem to have renewed, it should become available in the next few days as weekly maintenance is done.'

    Not exact wording, but enough to annoy when one gets that every couple of weeks.

  20. Re:Isn't this exactly what Sun wanted- not exactly on MS XP Drops Java Support · · Score: 1

    I was using Sun as an example. There are plug-ins other than QT that play .MOV files, just like there are non-Sun JVMs. Sorry for the confusion.

    Until Java is made into a true standard, it is still proprietary. Windows is (arguably) essentially a standard, but essentially != actual. Until Sun completely relinquishes control to the standards community, it remains proprietary, and licensing thus remains under Sun's control.

  21. Re:Correction of Monopoly Abuse on MS XP Drops Java Support · · Score: 1

    Should Sun then be required to support C# if (when) it becomes a popular language? After all, as I understand it, only Sun produces Solaris boxes, and by not supporting C#, they are limiting Microsoft's ability to compete with Sun on that platform.

    Don't get me wrong; I was all for a break-up, and I do think that MS should be smacked around a bit with a week-dead trout, but forcing Java support would put Sun in a powerful position of being able to ask for almost anything for the licensing. They could demand $25 per copy of Windows sold, and make a killing, simply because Microsoft has no other choice lest they be found in contempt of court.

    Making the same documentation available to outside programmers as is used by Microsoft's own C# dev team is a fix; forcing full support is not.

  22. Re:Isn't this exactly what Sun wanted on MS XP Drops Java Support · · Score: 2
    You make a good point. Another point to consider is that many of the posters here are essentially advocating forcing Microsoft to implement another company's product. That is a bad trend to get started, even if it is with Microsoft. Instances in which a company is required to include support for another company's products should be rare and used only under the most extreme circumstances, and to be honest, I can't think of many such instances.

    Let the other companies develop their own products, their own plug-ins, and their own marketing. A few other people have mentioned Flash and Quicktime, both of which do just fine in the current web environment. There's no reason that a webmaster can't include a little link that says, "To view this page properly, you must install Sun's Java engine. Click here to download it." I see plenty of sites doing just that with a half-dozen other major plug-ins.

  23. Re:Hardware? on Lossy Music Formats Compared · · Score: 2

    Ever been to an orchestra? I used to date a girl who plays the French horn, and the individuality of the concert notes in real life makes even my orchestral MP3s at 256 and higher sound poor. My CDs are a bit better, but there's little that can replace the true sounds using current CD-level recording. I look forward to new, higher-fidelity recordings to replace my existing Strauss, Holst, and Beethoven collection.

  24. Re:What are you talking about? on Lossy Music Formats Compared · · Score: 1

    Your five-second wait is under the 10-second response time built into Windows. Sometimes processes can suck up CPU time and make a system unresponsive. It can happen even in Linux. In both cases, it's almost always a misconfiguration.

    One minor point: One can hit Ctrl-Shift-Esc and find and kill an offending process in Windows 2000 without taking one's hand from the keyboard. Ctrl-Shift-Esc, then Ctrl-Tab, then Tab, then type the first few letters of whatever's pulling 99%+ CPU usage, and Alt-E. Sounds like a lot, but it takes only seconds. It's a different method, but the first sign of getting old is a refusal to adapt. ;-)

  25. Re:clear trademark infringement... on Slashback: Mono, Names, Locking Up · · Score: 1

    The issue here isn't the look and feel (which is the cloning you mention), but rather the name (which is covered by trademark law). That they picked a name similar to something already in use should not be an issue. If they had named it identically, then there could be a problem. However, they based the name on that of another product with a change to differentiate it. The question is whether there was enough differentiation.