When clocks struck midnight on January 1st and the dreaded Y2K bug turned out to be nothing but a mild irritant, it proved once again that the experts often don’t know what the heck they’re talking about.
No. The Experts were the ones working many, many hours in the preceding years fixing and updating things so that when the clock did turn, the problems were - for the main - no longer present. A job damned well done and the people fixing it should be praised, not ridiculed.
The people who don't know what the heck they were talking about are the media types like this guy who are quick to jump on catastrophic failures but rarely (if ever) give due praise when things are planned and done right. "Everything's fine" doesn't make good headlines for these people.
I've been using multiple screens for years, though mostly under Ubuntu on nVidia cards. I can simply drag windows from one screen to another - not exactly difficult. Maximised windows will even resize themselves as my tow monitors do not have the same resolution.
Given that, if you really waanted keyboard control...
alt-space, down arrow, down arrow (to un-maximise), return then
alt-space, down arrow, down arrow, down arrow (move)
use arrow keys to move window to wherever on your desktop you want it.
Symphony (as you would expect) was able to read LWP files a lot earlier than OO.o was able to (I have only just noticed that Version 3.0 can do so). I basically used to use Symphony as a LWP > ODF converter.
You can already play a large number of A list games 'on Linux' right now!
Go and buy yourself a PS3 and some games. Buy a TV card for your computer and plug it in and configure it under Linux. Connect the PS3's video output to the TV card. Insert a game into the PS3 and turn it on. Fire up a TV viewer software on your Linux box.
Congratulations! You are now just as much playing a game in Linux as you would be if OnLive had a Linux client an d you used that.
Exactly, if I bought a coffee for 99c (let's ignore the facts that I live in the UK and don't like coffee for the moment) and the coffee was undrinkable for whatever reason, I would expect a refund or fresh cup.
It works now - but it definitely didn't about an hour ago (after you posted that). The homepage always worked, but actually using it resulted in an error.
Symphony does read Word Pro files - I use it here for that very purpose. It doesn't do it perfectly though and sometimes loses fancy designed page headers and stuff.
It gets the main content fine though, which is what matters to me.
I will agree that it should not be in a list of Open Source products though and that apart from Word Pro importing, I don't use it for anything else. The interface is dire and slooooow.
When one mainframe needed to communicate with another we did so over leased lines, and the notion of receiving an executable from another mainframe and running it automatically I don't think would have ever occurred to anyone.
That's true, but it could be argued that similar security holes still exist. When exploiting buffer overflows and the like, you are not asking the system to run an executable automatically, you are 'confusing' it to such an extent that it can't think of anything else to do.
While not quite mainframe, I have accidentally made an AS/400 system inaccessible (and stopped the portion of the company that was relying on it) during a pen-test before. 'Big iron' is just as likely to have problems as distributed systems (often more as distributed systems are usually programmed with at least an awareness of security and defensiveness).
It sounds like we have very similar jobs and my mindset is also as distrusting and cynical as you describe and that causes me to get a bit down at times. It's different from a lot of other (certainly IT) jobs as you are dealing with the downside and worst-case scenarios all of the time.
The trick is to turn it around, concentrate on the benefits of what you are doing and the way it affects other people. The first thing you must do is set up a good relationship with your client so that they understand that you are not there to judge them, but to help them improve and protect themselves as much as possible. We've all struggled for hours over a problem something (system design, sysadmin stuff, coding etc.) and when someone uninvolved comes along and spots the problem straight away. You are that someone else, that other perspective. Some sysadmins regard their systems as though they are their baby. You are the doctor giving the baby a checkup and spotting the early symptoms of a disease that is easily treatable. Once you get the client in that mindset, having to point out multiple significant problems becomes easier for both parties. Sometimes you do have to do a demolition job on something that someone has spent many hard hours on, or you accidentally bring a large portion of a network to a stand-still (etc. etc.) it's not a nice thing to do, until you realise that the client will be ecstatic in comparison to how they would be feeling if a black-hat did the same thing maliciously. You have to deal with worst-case situations, so the client can be fully prepared for what is coming, you go through all the shit so that they don't get worse later on. It's usually a thankless task, but I can at least feel good that someone is far less likely to get hit because of the work I am doing.
And that's not even touching on the really great parts of the job, the real intellectual challenges therein and the fact that no other field requires such a breadth of knowledge and experience - absolutely everything is relevant in the security field as you don't know what risks are there until you've looked.
Technology and human society isn't 'nature'. People are put into a position of trust by others and if they are not trustworthy, they should not be there. Breaking a trust of confidentiality and looking where you should not in a position of trust is a complete no-no.
I will admit I have done so once, in a situation where innocent members of my family were threatened, and provided it after I had realised that the information was worthless. The perpetrator lost a lot of local influence and good-will and soon closed down his business and moved away (probably nothing to do with the previous situation, but I hope it was a contributing factor).
Hmm.. not sure why the ops network would have to rely on such data sent from the business network. Monitoring of levels of important stuff is an ops function to my mind.
I'll admit that I'm too drunk to read TFA at the mo, so may have missed some detail:)
At the nuc site I worked at, there were two networks. The business network and the ops network. Data flowed from the ops network to the business network for statistics gathering only. The single thing that the business network did that affected operations and safety (regardless of my boss' attempt to justify budget) was the generation of work-orders. A total failure of the buisiness network would - at worst - result ina routine observation job to be missed which would cause the systems on the ops network to detect a 'fault' and bring the reactor away from criticality.
Yes, a simple software fault can 'shut down' a nuclear plant. These things are designed to 'trip' and shut-down automatically at the slightest thing going wrong. The most advanced and safest Nuc plant in the UK (SXB) does - or at least did - trip once a month or more.
Get a volt-meter that is sensitive to a thousandth of a volt, and allow it to shut down your house when it's input is not ideal. Give yourself three thousands of a volt either way off 'normal' and you are maybe experiencing the ridiculous measures a modern nuc plant puts itself under.
The problem is that this is redefining the term for the same usage. What can you call a broadband transmission at 20Kb/s? It's broadband by it's very nature.
Yes, but isn't the FCC a technical certification or standards body, not a marketing group? (I'm not from the US, so don't shout too loud if I'm wrong!) Why are they 'defining' 'broadband' in this way?
Why were they allowed take a well-defined technical term and re-purpose it as meaningless marketing drivel?
This mis-use of 'broadband' also has repurcussions for other terms. There are many people who thuink that baseband or narrowband means 'slower then broadband'. I'd love to see a public broadband link that comes close to the speed of my baseband network.
learn the history. NaN was a design and animation house - Blender was their in-house tool to do the stuff that got them money. Blender was given away free (as in beer). Sure, they had the C-Key that would unlock a couple of features but that was cheap and probably just made enough to recoup the costs of porting to other platforms (Windows) and running the public distribution and support systems. Blender was never NaN's revenue stream and is not the reason that they went under.
The aim is to make it as awkward as possible for them. The argument that publishing a website implies consent to be wiretapped by the website owner is tenuous at best and many far better educated than I believe that it does not hold water. The RIPA states that both parties must consent to being tapped. So even if it can be argued that the implied consent of site owners holds true and such ToS clauses are legitimate, an explicit notification denying consent to be monitored by the site owners simply must be honoured as otherwise they have the consent of only a single party and therefore tapping such communication is illegal under the RIPA.
It may not prevent the introduction of the thing, but will certainly make implementing it much more difficult.
It seems pretty clear-cut to me though I am happily NAL.
I know I may sound cynical, but unfortunately I'm entirely too rarely proved wrong, or at least not nearly often enough when it comes to our legal system, politicians, and their greed and hunger for power and the disregard which they hold for the average citizen.
Heh, I wouldn't say cynical, more realist, but the government spent a lot of time fighting to get RIPA in in it's current state. Going through all that again will be a massive pain for them, that and they are all being hauled over the coals at tyhe moment for financial dodgy dealings anyway may make them want to keep shy of accepting money from these people.
Yeah, there is that possibility, but this is why I mentioned website owners too. We need a number of large(er than mine) website owners to send such notices to the ISPs in question. That way either Phorm misses a huge bunch of traffic, those ISPs refuse to provide access to popular local sites or they risk committing a clear criminal offence.
Also, there is tghe possibility that such a clause ina ToS may be ruled as objectionable (or whatever the legal term is) and therefore void, nullifying ither the contract or the ISPs supposed protection from criminal prosecution.
Another thought - there is no way that such an agreement to be wiretapped can reasonably be expected to aplpy to someone else visiting someone and using their connection.
I too am with Virgin Media. Any idea how we can defend against phorm?
Yup. The RIPA act (which received an unwelcome reception) actually helps us out here. It basically says that a wiretap without police/government sanction is illegal without the consent of both parties involved in the communication.
Phorm says that their activities do not break RIPA because hosting a publicly available website implies public monitoring (duh?) and that ISPs may include an acceptance of monitoring clause in their Ts & Cs. IMO, if you write to the ISPs involved expressly denying the right to monitor you as a user and also expressly denying the right to monitor any websites you may own puts them in clear breach of RIPA if they do so. RIPA is a criminal law, not a civil one so the penalties are potential jail-time for directors not a minor fine for the company. That is what I will be doing shortly. I run a website used regularly by a few thousand local peeps so hopefully that will et Phorm kicked out of our local network area.
Slashdot Mirror
No. The Experts were the ones working many, many hours in the preceding years fixing and updating things so that when the clock did turn, the problems were - for the main - no longer present. A job damned well done and the people fixing it should be praised, not ridiculed.
The people who don't know what the heck they were talking about are the media types like this guy who are quick to jump on catastrophic failures but rarely (if ever) give due praise when things are planned and done right. "Everything's fine" doesn't make good headlines for these people.
If they don't want to play by the rules, we won't miss them. If they do, then they will find a great resource and profit from mutual cooperation.
I've been using multiple screens for years, though mostly under Ubuntu on nVidia cards. I can simply drag windows from one screen to another - not exactly difficult. Maximised windows will even resize themselves as my tow monitors do not have the same resolution.
Given that, if you really waanted keyboard control...
alt-space, down arrow, down arrow (to un-maximise), return
then
alt-space, down arrow, down arrow, down arrow (move)
use arrow keys to move window to wherever on your desktop you want it.
... as will Symphony.
Symphony (as you would expect) was able to read LWP files a lot earlier than OO.o was able to (I have only just noticed that Version 3.0 can do so). I basically used to use Symphony as a LWP > ODF converter.
You can already play a large number of A list games 'on Linux' right now!
Go and buy yourself a PS3 and some games.
Buy a TV card for your computer and plug it in and configure it under Linux.
Connect the PS3's video output to the TV card.
Insert a game into the PS3 and turn it on.
Fire up a TV viewer software on your Linux box.
Congratulations! You are now just as much playing a game in Linux as you would be if OnLive had a Linux client an d you used that.
Exactly, if I bought a coffee for 99c (let's ignore the facts that I live in the UK and don't like coffee for the moment) and the coffee was undrinkable for whatever reason, I would expect a refund or fresh cup.
It works now - but it definitely didn't about an hour ago (after you posted that). The homepage always worked, but actually using it resulted in an error.
The difference being that microwaves suffer wear and tear and can develop a fault after five years.
This is software, the fault was there when it was purchased.
Symphony does read Word Pro files - I use it here for that very purpose. It doesn't do it perfectly though and sometimes loses fancy designed page headers and stuff.
It gets the main content fine though, which is what matters to me.
I will agree that it should not be in a list of Open Source products though and that apart from Word Pro importing, I don't use it for anything else. The interface is dire and slooooow.
After taking numerous readings of the tastes of the audience, he will produce a book that is almost, but not-quite entirely unlike HHGTTG.
GO STICK YOUR HEAD IN A PIG.
That's true, but it could be argued that similar security holes still exist. When exploiting buffer overflows and the like, you are not asking the system to run an executable automatically, you are 'confusing' it to such an extent that it can't think of anything else to do.
While not quite mainframe, I have accidentally made an AS/400 system inaccessible (and stopped the portion of the company that was relying on it) during a pen-test before. 'Big iron' is just as likely to have problems as distributed systems (often more as distributed systems are usually programmed with at least an awareness of security and defensiveness).
It sounds like we have very similar jobs and my mindset is also as distrusting and cynical as you describe and that causes me to get a bit down at times. It's different from a lot of other (certainly IT) jobs as you are dealing with the downside and worst-case scenarios all of the time.
The trick is to turn it around, concentrate on the benefits of what you are doing and the way it affects other people. The first thing you must do is set up a good relationship with your client so that they understand that you are not there to judge them, but to help them improve and protect themselves as much as possible. We've all struggled for hours over a problem something (system design, sysadmin stuff, coding etc.) and when someone uninvolved comes along and spots the problem straight away. You are that someone else, that other perspective. Some sysadmins regard their systems as though they are their baby. You are the doctor giving the baby a checkup and spotting the early symptoms of a disease that is easily treatable.
Once you get the client in that mindset, having to point out multiple significant problems becomes easier for both parties.
Sometimes you do have to do a demolition job on something that someone has spent many hard hours on, or you accidentally bring a large portion of a network to a stand-still (etc. etc.) it's not a nice thing to do, until you realise that the client will be ecstatic in comparison to how they would be feeling if a black-hat did the same thing maliciously.
You have to deal with worst-case situations, so the client can be fully prepared for what is coming, you go through all the shit so that they don't get worse later on. It's usually a thankless task, but I can at least feel good that someone is far less likely to get hit because of the work I am doing.
And that's not even touching on the really great parts of the job, the real intellectual challenges therein and the fact that no other field requires such a breadth of knowledge and experience - absolutely everything is relevant in the security field as you don't know what risks are there until you've looked.
Agreed, it is very clear from opening the jar files that the published one has undergone obfuscation.
Humans are curious by nature.
Technology and human society isn't 'nature'. People are put into a position of trust by others and if they are not trustworthy, they should not be there. Breaking a trust of confidentiality and looking where you should not in a position of trust is a complete no-no.
I will admit I have done so once, in a situation where innocent members of my family were threatened, and provided it after I had realised that the information was worthless. The perpetrator lost a lot of local influence and good-will and soon closed down his business and moved away (probably nothing to do with the previous situation, but I hope it was a contributing factor).
Hmm .. not sure why the ops network would have to rely on such data sent from the business network. Monitoring of levels of important stuff is an ops function to my mind.
:)
I'll admit that I'm too drunk to read TFA at the mo, so may have missed some detail
At the nuc site I worked at, there were two networks. The business network and the ops network. Data flowed from the ops network to the business network for statistics gathering only. The single thing that the business network did that affected operations and safety (regardless of my boss' attempt to justify budget) was the generation of work-orders. A total failure of the buisiness network would - at worst - result ina routine observation job to be missed which would cause the systems on the ops network to detect a 'fault' and bring the reactor away from criticality.
Yes, a simple software fault can 'shut down' a nuclear plant. These things are designed to 'trip' and shut-down automatically at the slightest thing going wrong. The most advanced and safest Nuc plant in the UK (SXB) does - or at least did - trip once a month or more.
Get a volt-meter that is sensitive to a thousandth of a volt, and allow it to shut down your house when it's input is not ideal. Give yourself three thousands of a volt either way off 'normal' and you are maybe experiencing the ridiculous measures a modern nuc plant puts itself under.
The problem is that this is redefining the term for the same usage.
What can you call a broadband transmission at 20Kb/s? It's broadband by it's very nature.
Yes, but isn't the FCC a technical certification or standards body, not a marketing group? (I'm not from the US, so don't shout too loud if I'm wrong!) Why are they 'defining' 'broadband' in this way?
Hear! Hear!
Why were they allowed take a well-defined technical term and re-purpose it as meaningless marketing drivel?
This mis-use of 'broadband' also has repurcussions for other terms. There are many people who thuink that baseband or narrowband means 'slower then broadband'. I'd love to see a public broadband link that comes close to the speed of my baseband network.
learn the history. NaN was a design and animation house - Blender was their in-house tool to do the stuff that got them money. Blender was given away free (as in beer). Sure, they had the C-Key that would unlock a couple of features but that was cheap and probably just made enough to recoup the costs of porting to other platforms (Windows) and running the public distribution and support systems.
Blender was never NaN's revenue stream and is not the reason that they went under.
I'm seeing 'trustedantivirus.com' here.
Trusted, my arse.
It may not prevent the introduction of the thing, but will certainly make implementing it much more difficult.
It seems pretty clear-cut to me though I am happily NAL.
Heh, I wouldn't say cynical, more realist, but the government spent a lot of time fighting to get RIPA in in it's current state. Going through all that again will be a massive pain for them, that and they are all being hauled over the coals at tyhe moment for financial dodgy dealings anyway may make them want to keep shy of accepting money from these people.
Yeah, there is that possibility, but this is why I mentioned website owners too. We need a number of large(er than mine) website owners to send such notices to the ISPs in question. That way either Phorm misses a huge bunch of traffic, those ISPs refuse to provide access to popular local sites or they risk committing a clear criminal offence.
Also, there is tghe possibility that such a clause ina ToS may be ruled as objectionable (or whatever the legal term is) and therefore void, nullifying ither the contract or the ISPs supposed protection from criminal prosecution.
Another thought - there is no way that such an agreement to be wiretapped can reasonably be expected to aplpy to someone else visiting someone and using their connection.
Yup. The RIPA act (which received an unwelcome reception) actually helps us out here. It basically says that a wiretap without police/government sanction is illegal without the consent of both parties involved in the communication.
Phorm says that their activities do not break RIPA because hosting a publicly available website implies public monitoring (duh?) and that ISPs may include an acceptance of monitoring clause in their Ts & Cs. IMO, if you write to the ISPs involved expressly denying the right to monitor you as a user and also expressly denying the right to monitor any websites you may own puts them in clear breach of RIPA if they do so. RIPA is a criminal law, not a civil one so the penalties are potential jail-time for directors not a minor fine for the company.
That is what I will be doing shortly. I run a website used regularly by a few thousand local peeps so hopefully that will et Phorm kicked out of our local network area.
Sorry, you have lost me. Which platform has 0.8% of the market
If you are seriously suggesting that the iPhone has a larger user-base than Linux, can you tell me what it is you are smoking please?