Being a programmer rather than a sys admin I don't install a new system more than about one or two times a month, and that's at busy times. Also, the systems I do install are often on very different hardware, especially when provided by the customer.
Guess I could give sysprep a try, but I'm not sure how it'll handle the variances in hardware.
Course I'm not sure how sysprep is going to help when installing SP3 on existing machines and IIS (and who knows what else) gets re-enabled...
It can't be fair to give all the credit to one secondary contribution (Linux) while omitting the principal contribution (GNU).
Well gee, you nearly had me up to this point Mr. Stallman. But how many people truly agree that GNU and the FSF is the "primary contributor" in Linux? And what exactly does "primary contributor" mean? For example if I write a piece of code with 2 friends, say i code 40%, one friend codes 35% and the other codes 25%. Does that mean I am the "primary contributor" and that my name should be on the app? What if my contribution is 51%? How bout if I do 95% of the work, but am partnered as an assistant to a college professor?
Personally I hold much more respect for the 51% contributor who can denigrate their own contribution and hold up the other "little players" to encourage them, rather than the 51% contributor who feels they must exercise their influence to further their own goals.
In light of this has the FSF earned the right to ask that we call our favorite OS GNU/Linux? Yes.
Is it wrong to honor this request? No. Is it wrong not to? No.
The hacker ethic in it's purest sense existed before the FSF was created and will continue to exist when the FSF is gone. The FSF does not own the hacker ethic nor is the GPL the only way to express this ethic.
Give me a break. You go count the number of "root" exploits in Apache, then you go count the number of exploits in IIS that allow "arbitrary code execution". (Especially the number of days versions with such exploits remained current after disclosure)
When you're done come back and try to say that again with a strait face!
Not putting Apache on an LDAP server is simply a good practice that is easy and "default" so it's generally done that way. IIS on the other hand comes default installed and fully exploitable on MS server OS. Why should I have to be un-installing/disabling ISS on every new server install (or sometimes system update)??!!
You've heard of it right? Well it runs cross platform, only problem is it works at a more basic level than your typical GUI interface...
Maybe someone needs to build on that.
I also have to point out... IMHO customization is over rated. How useful is it really to disable or move the menu bar? Changing colors is certainly important, but there is a pretty short list of things that are actually worth customizing in any "standard" user interface.
An interface that can be hosed in a couple clicks is a headache for everyone.
Not even defacto. Things might be reasonable when it comes to SQL server, but have you ever tried supporting version 5-6 of IE or versions 97/2000/XP of office all for one website or set of documents? The hot fixes and bug patches alone can throw everything you've got into chaos, even when everyone's on the same revision!
What I meant by that was that often times, employees will mistrust the network, and do things on a local machine rather than keeping backups updated regularly on the network.
Well... while obscurity helps a bit, disorganization is a poor substitute for security. I should know, it was the predominent method my company used to use!
Also, keep in mind that computers are getting more reliable, and most mid to large sized companies I've seen lately (okay a lot more mid-sized ie: 100-1000 employees) do have very reliable networks. Once a network works for a year or two without hicups, people start to trust it... Whether it is secure or not.
Funny that you mention that. Most actual mis-uses of sensitive information and computer networks come from current or past employees of the company compromised.
Funny thing is, most companies don't have anything to offer in the way of financial 'secrets' or documents of any worth that are on a network.
This isn't nearly as true as it used to be, even for the government.
One of the things Companies will never understand is advice for Free
IMHO, companies like that deserve to go out of business.
There's a reason 50% of all employees work for a small business in the US. Some large companies do an ok job of learning from their mistakes and not punishing those wishing to help them (cough*IBM*cough). But if a company thinks they can stay in business just by leveraging their position at the top (cough*Microsoft*cough), they've got another think coming.
If you can't know your own products well enough to know when something important comes up, and if you aren't willing to learn from your mistakes, I don't think you've got much business in software. (Yes, there is some hope for Microsoft left, but I don't see them properly chasing it just now)
It's funny, but it seems many of the "grey areas" exist precisely because so called "white hats" haven't done their job very well. Here's one example.
It shouldn't be considered ok to invade someone else's computer as long as there's "no harm done."
Most of the computer profession had been starting to agree with that statement. Unfortuneatly gaining closure requires some compromise from both sides. You see it also isn't RIGHT to create a shoddy piece of software and bill it as "secure and easy to use". Just as it isn't RIGHT to manage a "critical" server so poorly an average 12 year old can break in. Further it's outright WRONG to misuse consumer information or to create and sell spyware to unsuspecting folks.
Perhaps "grey hats" are merely "white hats" willing to get a bit dirty in order to ensure that others don't stray into even worse colors. I personally applaude the work of bugtraq, @stake and others like them.
Hmm... this sounds like an obvious troll, but since you've been modded insightful, I'll byte.
The term "hacker" has a lot of confusion tied to it. Where I come from it's a term of respect for someone's raw technical abilities. A hacker is someone who is so good at taking things apart and understanding them that they can make gadgets and software do things the original designers never dreamed of. If you think everyone fitting that description without "proper approval" belongs in jail you've got another think coming.
Maybe when you say hacker you mean someone who breaks into systems belonging to someone else without permission. Yes, that is a minor criminal act, much like trespassing. And there is no excuse for responsible adults doing such things without very good reason, but kids will be kids (Sometimes a system is so insecure this can happen by accident. )
The term hacker in general usage today usually covers both the system hacker who gains access to systems not belonging to them as well as the software hacker who takes apart software they have rightfully purchased on their own system. Classically system hacking has been seen as wrong or illegal, but software hacking has always been accepted, and only disclosure has ever been at issue. The DMCA attempts to deal with both in one fell swoop and does so very badly. I take your comment to mean we should just enforce the law to it's fullest even while it is changing in subtle and terrible ways.
White hats hide information. It seems they *never* disclose exploit code. Black hats hide information. They only use vulnerabilities for themselves. It would seem to be only Grey hats who hold the advancement of security important by sharing their code and knowledge fully. In fact, I'd say it is highly unethical for a White hat to get a vulnerability fixed without ever disclosing it. Perhaps we need criminal penalties for that as well? It also seems a tragedy that white hats will never be inclined to disclose their exploit code even after a fix has been made. They just don't seem to realize that information sharing really is a power positive good. (wasn't that the hacker eithic?)
Actually there are a whole host of other things White hats can and do that are wrong. Like implanting spyware in a product or being negligent in protecting customer information. I don't see criminal penalties for those...
If he does not have the resources to litigate against people that abuse his patent, he'll lose it.
Does this mean that if enough people infringe on a copyrighted work without getting sued, the copyright becomes invalid? How about just in the medium that wasn't properly protected?
Maybe the MPAA and RIAA really *should* be scared...
Then just tell me what path I should get on to at least have a shot at deflating this problem in the US!! (Voting libertarian doesn't seem to have helped)
Naw, Romans were pretty much despots. They may have pretented to have some representative government going on, but it wasn't like the representatives were really elected...
Plato was a Greek was he not? Thought he was the one who wrote "The Republic"... That would seem more the basis of the US system than the Romans. Come to think of it, we *act* a bit like Romans...
Re:I thought the Greeks (geeks?) invented it
on
Want Freedom?
·
· Score: 2
Hey, we're a free market, good at the mass market, not necessarily at fairness.
Nice we finally did come around (at least somewhat) on those issues.
amending the Constitution to prohibit flag burning
on
Want Freedom?
·
· Score: 2
Gah!! never was there a more messed up concept or following arguments about it.
If I buy a flag and burn it, that's my right. If I burn a flag owned by someone else, that's a very different matter. Especially if that other person's flag had sentimental value (like the one my grand-daddy was buried in)
There's a huge difference between the two. Part of why we think we have a monopoly on these concepts is because our system really is that much different than most others. If you think checks and balances are just "little details that don't matter" you've got another think coming.
I thought the Greeks (geeks?) invented it
on
Want Freedom?
·
· Score: 2
We just applied it to it's rational conclusion.
Of course, the Greeks only did it for the aristocracy... I believe we were the among the first to share it with the masses. (non-landowners, women, etc)
BTW, Ya they do pretty much teach that in our schools though.
Actually, anyone using this information to show that everyone uses IE on the internet, or who thinks IE is all anyone uses, needs their head examined.
Considering the number of surfers that run OSes that don't even support IE, I don't see how these statistics can be right:
Microsoft 95.97 % Netscape 3.39 % Other 0.64 %
Perhaps if they actually broke down Other into Mozilla, Konqueror, Opera etc. and explained how they tell IE from them I could have a little more faith...
For my two cents, keep using Mozilla and Konqeror as much as you can, and keep pushing your friends to use them. Don't do anything that might make things more difficult and tempt you to switch back to IE, and do no more "advocation" then you are comfortable with. (But do all you *are* comfortable with!)
Understatement of the year:
on
Mr Anti-Google
·
· Score: 2
link popularity may not provide the most intelligent top rankings
Slashdot Mirror
Being a programmer rather than a sys admin I don't install a new system more than about one or two times a month, and that's at busy times. Also, the systems I do install are often on very different hardware, especially when provided by the customer.
Guess I could give sysprep a try, but I'm not sure how it'll handle the variances in hardware.
Course I'm not sure how sysprep is going to help when installing SP3 on existing machines and IIS (and who knows what else) gets re-enabled...
It can't be fair to give all the credit to one secondary contribution (Linux) while omitting the principal contribution (GNU).
Well gee, you nearly had me up to this point Mr. Stallman. But how many people truly agree that GNU and the FSF is the "primary contributor" in Linux? And what exactly does "primary contributor" mean? For example if I write a piece of code with 2 friends, say i code 40%, one friend codes 35% and the other codes 25%. Does that mean I am the "primary contributor" and that my name should be on the app? What if my contribution is 51%? How bout if I do 95% of the work, but am partnered as an assistant to a college professor?
Personally I hold much more respect for the 51% contributor who can denigrate their own contribution and hold up the other "little players" to encourage them, rather than the 51% contributor who feels they must exercise their influence to further their own goals.
In light of this has the FSF earned the right to ask that we call our favorite OS GNU/Linux? Yes.
Is it wrong to honor this request? No.
Is it wrong not to? No.
The hacker ethic in it's purest sense existed before the FSF was created and will continue to exist when the FSF is gone. The FSF does not own the hacker ethic nor is the GPL the only way to express this ethic.
Like they said on the great space coaster when I was a kid: "No gnus is good gnus I'm gary gnu."
Note for those who missed this experience: He pronounced the 'g's.
Give me a break. You go count the number of "root" exploits in Apache, then you go count the number of exploits in IIS that allow "arbitrary code execution". (Especially the number of days versions with such exploits remained current after disclosure)
When you're done come back and try to say that again with a strait face!
Not putting Apache on an LDAP server is simply a good practice that is easy and "default" so it's generally done that way. IIS on the other hand comes default installed and fully exploitable on MS server OS. Why should I have to be un-installing/disabling ISS on every new server install (or sometimes system update)??!!
You've heard of it right? Well it runs cross platform, only problem is it works at a more basic level than your typical GUI interface...
Maybe someone needs to build on that.
I also have to point out... IMHO customization is over rated. How useful is it really to disable or move the menu bar? Changing colors is certainly important, but there is a pretty short list of things that are actually worth customizing in any "standard" user interface.
An interface that can be hosed in a couple clicks is a headache for everyone.
Not even defacto. Things might be reasonable when it comes to SQL server, but have you ever tried supporting version 5-6 of IE or versions 97/2000/XP of office all for one website or set of documents? The hot fixes and bug patches alone can throw everything you've got into chaos, even when everyone's on the same revision!
Too bad I didn't know what to do with it at the time.
Maybe too good if you enjoy your freedom...
What I meant by that was that often times, employees will mistrust the network, and do things on a local machine rather than keeping backups updated regularly on the network.
Well... while obscurity helps a bit, disorganization is a poor substitute for security. I should know, it was the predominent method my company used to use!
Also, keep in mind that computers are getting more reliable, and most mid to large sized companies I've seen lately (okay a lot more mid-sized ie: 100-1000 employees) do have very reliable networks. Once a network works for a year or two without hicups, people start to trust it... Whether it is secure or not.
They could even hire him as sysadmin
Funny that you mention that. Most actual mis-uses of sensitive information and computer networks come from current or past employees of the company compromised.
Funny thing is, most companies don't have anything to offer in the way of financial 'secrets' or documents of any worth that are on a network.
This isn't nearly as true as it used to be, even for the government.
One of the things Companies will never understand is advice for Free
IMHO, companies like that deserve to go out of business.
There's a reason 50% of all employees work for a small business in the US. Some large companies do an ok job of learning from their mistakes and not punishing those wishing to help them (cough*IBM*cough). But if a company thinks they can stay in business just by leveraging their position at the top (cough*Microsoft*cough), they've got another think coming.
If you can't know your own products well enough to know when something important comes up, and if you aren't willing to learn from your mistakes, I don't think you've got much business in software. (Yes, there is some hope for Microsoft left, but I don't see them properly chasing it just now)
It's funny, but it seems many of the "grey areas" exist precisely because so called "white hats" haven't done their job very well. Here's one example.
It shouldn't be considered ok to invade someone else's computer as long as there's "no harm done."
Most of the computer profession had been starting to agree with that statement. Unfortuneatly gaining closure requires some compromise from both sides. You see it also isn't RIGHT to create a shoddy piece of software and bill it as "secure and easy to use". Just as it isn't RIGHT to manage a "critical" server so poorly an average 12 year old can break in. Further it's outright WRONG to misuse consumer information or to create and sell spyware to unsuspecting folks.
Perhaps "grey hats" are merely "white hats" willing to get a bit dirty in order to ensure that others don't stray into even worse colors. I personally applaude the work of bugtraq, @stake and others like them.
I was under the impression that right and wrong were mutually exclusive.
So is posting to slashdot on company time "RIGHT"?
Like he said... down hill.
Hmm... this sounds like an obvious troll, but since you've been modded insightful, I'll byte.
The term "hacker" has a lot of confusion tied to it. Where I come from it's a term of respect for someone's raw technical abilities. A hacker is someone who is so good at taking things apart and understanding them that they can make gadgets and software do things the original designers never dreamed of. If you think everyone fitting that description without "proper approval" belongs in jail you've got another think coming.
Maybe when you say hacker you mean someone who breaks into systems belonging to someone else without permission. Yes, that is a minor criminal act, much like trespassing. And there is no excuse for responsible adults doing such things without very good reason, but kids will be kids (Sometimes a system is so insecure this can happen by accident. )
The term hacker in general usage today usually covers both the system hacker who gains access to systems not belonging to them as well as the software hacker who takes apart software they have rightfully purchased on their own system. Classically system hacking has been seen as wrong or illegal, but software hacking has always been accepted, and only disclosure has ever been at issue. The DMCA attempts to deal with both in one fell swoop and does so very badly. I take your comment to mean we should just enforce the law to it's fullest even while it is changing in subtle and terrible ways.
White hats hide information. It seems they *never* disclose exploit code. Black hats hide information. They only use vulnerabilities for themselves. It would seem to be only Grey hats who hold the advancement of security important by sharing their code and knowledge fully. In fact, I'd say it is highly unethical for a White hat to get a vulnerability fixed without ever disclosing it. Perhaps we need criminal penalties for that as well? It also seems a tragedy that white hats will never be inclined to disclose their exploit code even after a fix has been made. They just don't seem to realize that information sharing really is a power positive good. (wasn't that the hacker eithic?)
Actually there are a whole host of other things White hats can and do that are wrong. Like implanting spyware in a product or being negligent in protecting customer information. I don't see criminal penalties for those...
Ahh, so I can hold a patent or copyright undefended for 10 years, then all of a sudden sue any infringer I please.
This would certainly seem to match much more closely with recent court cases I've heard about.
If he does not have the resources to litigate against people that abuse his patent, he'll lose it.
Does this mean that if enough people infringe on a copyrighted work without getting sued, the copyright becomes invalid? How about just in the medium that wasn't properly protected?
Maybe the MPAA and RIAA really *should* be scared...
O(n^1.5) seems slightly worse than linear to me.
Is total government spending going down? No
Then just tell me what path I should get on to at least have a shot at deflating this problem in the US!! (Voting libertarian doesn't seem to have helped)
Naw, Romans were pretty much despots. They may have pretented to have some representative government going on, but it wasn't like the representatives were really elected...
Plato was a Greek was he not? Thought he was the one who wrote "The Republic"... That would seem more the basis of the US system than the Romans. Come to think of it, we *act* a bit like Romans...
Hey, we're a free market, good at the mass market, not necessarily at fairness.
Nice we finally did come around (at least somewhat) on those issues.
Gah!! never was there a more messed up concept or following arguments about it.
If I buy a flag and burn it, that's my right. If I burn a flag owned by someone else, that's a very different matter. Especially if that other person's flag had sentimental value (like the one my grand-daddy was buried in)
The US is(was?) a Republic, as the ancient Greeks were. The countries in Europe you're talking about were mostly Democracies.
Republic: representative rule
Democracy: majority rule.
There's a huge difference between the two. Part of why we think we have a monopoly on these concepts is because our system really is that much different than most others. If you think checks and balances are just "little details that don't matter" you've got another think coming.
We just applied it to it's rational conclusion.
Of course, the Greeks only did it for the aristocracy... I believe we were the among the first to share it with the masses. (non-landowners, women, etc)
BTW, Ya they do pretty much teach that in our schools though.
Burning his money. It worked for freedom didn't it?
Actually, anyone using this information to show that everyone uses IE on the internet, or who thinks IE is all anyone uses, needs their head examined.
Considering the number of surfers that run OSes that don't even support IE, I don't see how these statistics can be right:
Microsoft 95.97 %
Netscape 3.39 %
Other 0.64 %
Perhaps if they actually broke down Other into Mozilla, Konqueror, Opera etc. and explained how they tell IE from them I could have a little more faith...
For my two cents, keep using Mozilla and Konqeror as much as you can, and keep pushing your friends to use them. Don't do anything that might make things more difficult and tempt you to switch back to IE, and do no more "advocation" then you are comfortable with. (But do all you *are* comfortable with!)
link popularity may not provide the most intelligent top rankings