One would also guess that US voting citizens NOT living overseas would have pretty much made up their mind now, too. Why not shut down the site entirely by your logic?
Absentee voting is based on the postmark, not the time of arrival. This was of particular interest during 2000 when the recounts were STOPPED before it could be guaranteed that all oversea absentee ballots had even arrived. Look it up.
Gigarectum is one that's probably not so frequently used
Well, yeah, I'd say so as it wasn't even defined in the link you included. Also not frequently used are glorbershistenfook and whyareyoustillreadingthisyouslashdotfuckwads, the latter being what I think you meant as the definition of gigarectum?
come on, that's a personal vs public property argument. If it were on the street, it would be illegal search and seizure. As it is on premises, you are being granted a privilege to enter persuant to your accepting the contract of allowing them to search your bags. They wouldn't be obligated to sign squat, simple enough to deny you access and ask you to go elsewhere.
However, I'd love to see this happen at say, a public library, or a post office.
You may want to be more specific in your statement there was no way to install that library, I don't see how that is possible... did you mean easily? or automatically?
I think the grandparent is referring not to the fact that Linux doesn't have the Upgrade-or-die mentality, but rather that the upgrade is painless on the wallet (it isn't a business model), is painless on the CPU (doesn't have so much cruft in the latest version in an attempt to justify itself), and is painless in terms of choice of exactly what updates you want to install and why and exactly what is being upgraded.
I guess the part I really had a problem with is the "security through obscurity" flippancy. I totally agree that simply hiding and hoping is worthless. But let's take the "scan port 22 and move on" example and delve. You say change ports and hide the version, I say basically the same thing, except do a better job of hiding.
Let's change the example into a lock on a door. With a normal door lock, you can look at it and determine the make and model, maybe check if there is a master key floating around. That would be vanilla SSH, sitting on port 22 with version 2.exploitable branded on the connect string. You say, leave the lock where it is, but rub out the make and model, make someone try and use a bunch of different keys to figure out what's going on. You watch when someone does that. I say, hide the lock, make them push my secret squares on the door before they can even tell that there IS a lock on the door. I don't think our solutions are at all mutually exclusive.
Put this way, I feel that more bits to decode means I have more time to realize I am being attacked. (My answer to that 2 years ago was to implement IDS and bond with IPFW and disable all connections from whatever IP was bothering me for 24 hours.. hugely entertaining in my head to think of someone saying.. umm, where did it go!?!?) And maybe we both will end up with scripts that say, hmm, nothing here no port 22, next machine. I still better not exposing a possibly critical/vulnerable service at all until someone has messed with my machine and given my IDS a chance to trigger "IPFW 10 DENY IP $Bad-person to $EXT_NIC"
Nope. You are wrong. Consider it as another key. Normal ssh would require you to have a username and a password. Paranoid firewall rules might say that you need to ssh from a specific IP. Even more paranoid rules would require that specific IP to portknock.
Besides that point, what you say about ssh on an obscure port is much worse that you think. The very moment someone does a portscan, finds a responsive host (remember that a portknock protected computer wouldn't even show up) and then has open ports on some obscure port, then it becomes INTERESTING. I hold that that description is the LAST thing you want to have for your site... like having a.gov URL. Plus, it would take all of about 2 seconds to guess what the protocol running on that port would be:
Telnet to that port... hmmm, no version number, no service description.. therefore not http, not smtp, etc
ssh to that port.. hey, a login prompt. Joy. Let's run known scripts against it now.
You can certainly return it for not working in your CD player. If I can't play it on my high end stereo system, then it might as well *be* a piece of shit...
Slashdot Mirror
Scary shit, that. How close is the election going to be this time? 27 votes in Hawaii?
Absentee voting is based on the postmark, not the time of arrival. This was of particular interest during 2000 when the recounts were STOPPED before it could be guaranteed that all oversea absentee ballots had even arrived. Look it up.
'cept when a rogue scientist sells nuclear secrets to countries such as N. Korea, in which case India is probably pretty safe.
Oh won't Reeve be pissed when he finds himself out hunting for brains in a couple years. . . You'll be the first to go, disbeliever!
Is it not part of the Department of the Treasury? ah, yes it is.
The Department of Engraving and Printing deals with paper currency and the US Mint deals with coinage.
Maybe better proof is found in this PDF explaining the organization of the US Treasury (US Mint is clearly at the bottom-middle)
Is it possible you were referring the the Federal Reserve?
Nah, I'm pretty sure Jesus kept kosher ;)
2 to bring up firefox and go to SourceForge
3 to type in "Diskless workstation" in the search box
5 to scan the results and find this project.
Oh lookie, you want the server to be debian? Amazingly enough, there is a link.
Actually, that would be Tivo at 3pm the next day.
Well, shit. Now his post wasn't nearly as funny. Thankyouverymuch.
Of course, I would also have accepted the word "interface".
You mean Kramer?
However, I'd love to see this happen at say, a public library, or a post office.
subtle humor.. on /. ?!?!?!?!? neat trick that.
true.. true... ANYTHING will set them off..
Only if I were allowed to take notes... now where would you say is the best place to start *looking* for loose women?
pretty, it's a fractal.
I think the grandparent is referring not to the fact that Linux doesn't have the Upgrade-or-die mentality, but rather that the upgrade is painless on the wallet (it isn't a business model), is painless on the CPU (doesn't have so much cruft in the latest version in an attempt to justify itself), and is painless in terms of choice of exactly what updates you want to install and why and exactly what is being upgraded.
What do you mean, "Maybe"? ;)
True true, and knowing those people would not make this funny, or even mildly interesting.
Let's change the example into a lock on a door. With a normal door lock, you can look at it and determine the make and model, maybe check if there is a master key floating around. That would be vanilla SSH, sitting on port 22 with version 2.exploitable branded on the connect string. You say, leave the lock where it is, but rub out the make and model, make someone try and use a bunch of different keys to figure out what's going on. You watch when someone does that. I say, hide the lock, make them push my secret squares on the door before they can even tell that there IS a lock on the door. I don't think our solutions are at all mutually exclusive.
Put this way, I feel that more bits to decode means I have more time to realize I am being attacked. (My answer to that 2 years ago was to implement IDS and bond with IPFW and disable all connections from whatever IP was bothering me for 24 hours.. hugely entertaining in my head to think of someone saying.. umm, where did it go!?!?) And maybe we both will end up with scripts that say, hmm, nothing here no port 22, next machine. I still better not exposing a possibly critical/vulnerable service at all until someone has messed with my machine and given my IDS a chance to trigger "IPFW 10 DENY IP $Bad-person to $EXT_NIC"
Besides that point, what you say about ssh on an obscure port is much worse that you think. The very moment someone does a portscan, finds a responsive host (remember that a portknock protected computer wouldn't even show up) and then has open ports on some obscure port, then it becomes INTERESTING. I hold that that description is the LAST thing you want to have for your site... like having a .gov URL. Plus, it would take all of about 2 seconds to guess what the protocol running on that port would be:
Telnet to that port... hmmm, no version number, no service description.. therefore not http, not smtp, etc
ssh to that port.. hey, a login prompt. Joy. Let's run known scripts against it now.
You can certainly return it for not working in your CD player. If I can't play it on my high end stereo system, then it might as well *be* a piece of shit...