Granted, I've never worked with Windows servers in any real-world environment
Well then you're hardly qualified to refute the parent comment, are you? The problems highlighted in the original reply are right on the money, unfortunately.
Great post regarding the P3P. In answer to #2, the FTC's job is the promotion of consumer protection and the elimination and prevention of what regulators perceive to be `anticompetitive` business practices. They also levy fines and prosecute violators of GLBA, FCRA, and COPPA.
So no, the Gubment doesn't have full control of our lives, but the FTC is looking out for your privacy (somewhat).
The problem here isn't that dumb Government users running their computers as Administrator/root have installed P2P software and indexed their entire unencrypted disks for searching.
The problem is that the Government can't get their shit together enough to enforce a security policy that won't let those users do this kind of thing.
I hope that folks can/will know to use the boot-up manager (BUM) to disable many of the services that come on by default. Ubuntu, I know, is trying to be useful and all things to all people but they do start too many services at load time.
Usually, the terms `flip-flop` and `Microsoft` together in a sentence bring out the MS-bashers and Linux advocates. But to be frank, this is a good thing for Microsoft to do. Their previous argument was pretty solid, because how are Microsoft to anticipate each and every URL registration made by a third-party application writer? Answer: they can't.
So by now admitting to plans to write a more strict handling routine for the shell URI interpreter, Microsoft is not kowtowing to pressure from the free market (IMHO), but actually taking a step towards better security.
Microsoft fanboiz or not, that's what we all want, right?
The poster's reply does sound a bit glib, but he's not far off. Of course no law magically causes bugs to be patched; the point is, hit these data custodians (companies) in the pocketbook.
Ask yourself: why do these kinds of thing happen so infrequently in the EU? The reason is that they have a more comprehensive approach to data security and personally identifiable information (PII) that permeates government and private industry. In the U.S., our laws take a sectoral approach. This myriad of laws and regulations leaves plenty of holes and gaps, which results in data theft. Companies that store PII hire lawyers to help them find the bare minimum of data security compliance.
No, you're way off base. The problem is persistent credentials (cached stuff, and cookies that save your username and password). Sending your cached credentials through an encrypted connection does nothing to protect you; it only obfuscates the data being transmitted.
But thank God there are still systems for sale with Windows XP. I just bought a new laptop today (Lenovo) from an OEM computer shop here in town. I will avoid Vista with its hefty requirements and whacky security `features` as long as humanly possible.
Even before you responders get going, I have 2 Linux systems also. I have a specific need for Windows, so don't bash me.
If anything happens, it's YOUR arse on the line - not the dopy admin or lazy programmer or stupid end user, YOURS. Your job is to secure the (virtually) unsecurable.
Not quite. Information security is about risk management. That means clearly identifying what can and cannot be done within the boundaries of technology, budget constraints, and feasibility. A good IS professional can clearly articulate risk and transfer the `responsibility` back to management.
If you stopped reading after this sentence, then you missed the reason why the author made the statement. Oh, by the way he's 100% correct in what he said. The OS integration that IE4-6 employs makes any Windows system more vulnerable to malicious code and exploit.
I recommend you give the article another try. If you read the whole thing, you'll see that the author is actually applauding Microsoft's changes to IE7 running on Vista. It isn't perfect, but few things are (even on Linux/Mac/UNIX).
...that most computers won't have either the Trusted Computing Module (TCM) chip or the super-duper expensive version(s) of Vista that come with BitLocker. And even if some consumer did have all that, he'd have to figure out how to enable and configure it.
The majority of Windows users stick with the defaults. No barrier? 'Course not, because it won't be heavily used...
You claim that Windows XP is a `seemed like a bug-ridden hideous security and usability nightmare`, then you go on to indicate that you didn't ever use XP. Your statements lose a lot of steam when you contradict yourself.
Exactly. Anybody at IBM who claims to be `Chief Architect` needs to architect himself/herself a clue. FYI, there are 5 levels of management between Catherine Crawford and the CEO. She does not speak for IBM.
Good try; you're missing the crucial part. The problem is who exactly defines `unreasonable`. That's where all the debate comes into the picture, my friend.
Your point is valid, but I think one issue you're missing is the fact that the government and/or law enforcement gain the ability to correlate multiple sources of video and other data about you into a more complete picture. A private citizen most likely couldn't do that.
when it becomes more affordable, do you think people are going to go out and get HD-DVD players, when they most likely already have one in their Dell or Apple computer? Not to mention that it's already in their PS3 that they have in the home media center, if they don't have a HTPC.
Boy, you're making a lot of assumptions. I have never, nor will I own a game console or a Dell. OK, maybe an Apple. But the reason this battle is important is because I want to buy a DVD player that will play the damn discs I buy or rent. Are we going to have to have 3 devices just to watch a frikkin' movie?
This just in: parents in the "Me Generation" are putting themselves before their kids/families/significant others!
Seriously, the woman in this article makes me sick. I know she's an "executive", but you know what? You're not that fscking important. I'd even wager that her company's stock price will stay about the same the following day even if she doesn't send that last e-mail before dessert. Lady, sit the fsck down and eat your dinner.
It's a big deal because now, viruses and malware can slow your network access automagically, so that it'll take weeks for you to download those security patches and antivirus signatures that you should've already downloaded.:-)
Right now, we need a change in attitude, in our community and our politics, to start slowing the damage we're doing every day to our grandchildren's Earth -- to buy them time, and give them more options. The only way that happens is when the governments of industrialized and developing nations decide this is a priority.
Note: I have not yet seen the movie. I agree with the submitter's statement above! I have to say though that no government is going do anything unless it is financially beneficial, or at least beneficial to their reelection efforts. It's all about short-term thinking, unfortunately. Kind of like corporations and their balance sheets.
And do we really believe that and Microsoft co-president (outgoing or otherwise) has the technical wherewithal to really understand what he's saying?
Re:I haven't seen the obvious conclusion yet.
on
Oracle Linux?
·
· Score: 1
What seems more logical is that Oracle create a hardened or stripped Linux version meant only to run Oracle database code. You know, almost like an appliance. It seems that there'd be a lot of interest in such a system. You know, such as an Oracle server that you don't have to reboot every month due to Microsoft patches...
Slashdot Mirror
Well then you're hardly qualified to refute the parent comment, are you? The problems highlighted in the original reply are right on the money, unfortunately.
It's a video game toy. Go outside and play.
Great post regarding the P3P. In answer to #2, the FTC's job is the promotion of consumer protection and the elimination and prevention of what regulators perceive to be `anticompetitive` business practices. They also levy fines and prosecute violators of GLBA, FCRA, and COPPA. So no, the Gubment doesn't have full control of our lives, but the FTC is looking out for your privacy (somewhat).
The problem here isn't that dumb Government users running their computers as Administrator/root have installed P2P software and indexed their entire unencrypted disks for searching.
The problem is that the Government can't get their shit together enough to enforce a security policy that won't let those users do this kind of thing.
I hope that folks can/will know to use the boot-up manager (BUM) to disable many of the services that come on by default. Ubuntu, I know, is trying to be useful and all things to all people but they do start too many services at load time.
Usually, the terms `flip-flop` and `Microsoft` together in a sentence bring out the MS-bashers and Linux advocates. But to be frank, this is a good thing for Microsoft to do. Their previous argument was pretty solid, because how are Microsoft to anticipate each and every URL registration made by a third-party application writer? Answer: they can't.
So by now admitting to plans to write a more strict handling routine for the shell URI interpreter, Microsoft is not kowtowing to pressure from the free market (IMHO), but actually taking a step towards better security.
Microsoft fanboiz or not, that's what we all want, right?
The poster's reply does sound a bit glib, but he's not far off. Of course no law magically causes bugs to be patched; the point is, hit these data custodians (companies) in the pocketbook.
Ask yourself: why do these kinds of thing happen so infrequently in the EU? The reason is that they have a more comprehensive approach to data security and personally identifiable information (PII) that permeates government and private industry. In the U.S., our laws take a sectoral approach. This myriad of laws and regulations leaves plenty of holes and gaps, which results in data theft. Companies that store PII hire lawyers to help them find the bare minimum of data security compliance.
No, you're way off base. The problem is persistent credentials (cached stuff, and cookies that save your username and password). Sending your cached credentials through an encrypted connection does nothing to protect you; it only obfuscates the data being transmitted.
But thank God there are still systems for sale with Windows XP. I just bought a new laptop today (Lenovo) from an OEM computer shop here in town. I will avoid Vista with its hefty requirements and whacky security `features` as long as humanly possible.
Even before you responders get going, I have 2 Linux systems also. I have a specific need for Windows, so don't bash me.
Not quite. Information security is about risk management. That means clearly identifying what can and cannot be done within the boundaries of technology, budget constraints, and feasibility. A good IS professional can clearly articulate risk and transfer the `responsibility` back to management.
...they still make Red Hat Linux? That's cute.
If you stopped reading after this sentence, then you missed the reason why the author made the statement. Oh, by the way he's 100% correct in what he said. The OS integration that IE4-6 employs makes any Windows system more vulnerable to malicious code and exploit.
I recommend you give the article another try. If you read the whole thing, you'll see that the author is actually applauding Microsoft's changes to IE7 running on Vista. It isn't perfect, but few things are (even on Linux/Mac/UNIX).
...that most computers won't have either the Trusted Computing Module (TCM) chip or the super-duper expensive version(s) of Vista that come with BitLocker. And even if some consumer did have all that, he'd have to figure out how to enable and configure it.
The majority of Windows users stick with the defaults. No barrier? 'Course not, because it won't be heavily used...
You claim that Windows XP is a `seemed like a bug-ridden hideous security and usability nightmare`, then you go on to indicate that you didn't ever use XP. Your statements lose a lot of steam when you contradict yourself.
Exactly. Anybody at IBM who claims to be `Chief Architect` needs to architect himself/herself a clue. FYI, there are 5 levels of management between Catherine Crawford and the CEO. She does not speak for IBM.
Good try; you're missing the crucial part. The problem is who exactly defines `unreasonable`. That's where all the debate comes into the picture, my friend.
Your point is valid, but I think one issue you're missing is the fact that the government and/or law enforcement gain the ability to correlate multiple sources of video and other data about you into a more complete picture. A private citizen most likely couldn't do that.
Boy, you're making a lot of assumptions. I have never, nor will I own a game console or a Dell. OK, maybe an Apple. But the reason this battle is important is because I want to buy a DVD player that will play the damn discs I buy or rent. Are we going to have to have 3 devices just to watch a frikkin' movie?
So then no worries, right? The first virus I get will surely disable CTCP for me, no sweat...
This just in: parents in the "Me Generation" are putting themselves before their kids/families/significant others!
Seriously, the woman in this article makes me sick. I know she's an "executive", but you know what? You're not that fscking important. I'd even wager that her company's stock price will stay about the same the following day even if she doesn't send that last e-mail before dessert. Lady, sit the fsck down and eat your dinner.
Take that, J.D. Power & Associates!
It's a big deal because now, viruses and malware can slow your network access automagically, so that it'll take weeks for you to download those security patches and antivirus signatures that you should've already downloaded. :-)
Note: I have not yet seen the movie. I agree with the submitter's statement above! I have to say though that no government is going do anything unless it is financially beneficial, or at least beneficial to their reelection efforts. It's all about short-term thinking, unfortunately. Kind of like corporations and their balance sheets.
And do we really believe that and Microsoft co-president (outgoing or otherwise) has the technical wherewithal to really understand what he's saying?
What seems more logical is that Oracle create a hardened or stripped Linux version meant only to run Oracle database code. You know, almost like an appliance. It seems that there'd be a lot of interest in such a system. You know, such as an Oracle server that you don't have to reboot every month due to Microsoft patches...