Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:Noah, etc on A Lost Civilization Beneath the Persian Gulf? · · Score: 1

    Interestingly, most civilizations that developped near shorelines have flood myth and most inland civilization don't have it. Floods happen really frequently you know.

    I imagine people that live near shorelines fear them the most, and spend the most hours of their lives being concerned about the possibility of rising water. Especially in extreme storm conditions.

  2. Re:Noah, etc on A Lost Civilization Beneath the Persian Gulf? · · Score: 1

    If I had a nickel for every ancient civilization that had a flood myth...

    Due to inflation, and flooding of the markets with large volumes of printed currency, you would be really poor.

  3. Re:Makes the rest of us suffer... on IT Worker's Revenge Lands Her In Jail · · Score: 1

    I've had this discussion before, and you are 100% wrong. The PHB is a middle manager. The front line worker is as much the owner of the system as the PHB.

    No, the PHB is granted authority over the "front line worker" by the owner. The "owner" being the company itself, whom their superior is an agent of.

    As an agent of the owner the PHB has all rights conferred upon them by the owner. The "front line worker" has no rights not conferred to them by their boss. The PHB "owns" the employee.

    That's what "boss" means. The boss is responsible for their employee, and dictates the conditions of their work.

    The PHB of course has their own boss; however the front line employee is not a party to that relationship, or that agency. The boss is "God" to the employees they have responsibility for.

  4. Re:Makes the rest of us suffer... on IT Worker's Revenge Lands Her In Jail · · Score: 1

    What exactly am I not getting?

    The fact that the management defines what their business is, and what the sysadmin's business is in their organization; not their subordinate, or some outsider.

  5. Re:Makes the rest of us suffer... on IT Worker's Revenge Lands Her In Jail · · Score: 2

    We aren't discussing that. We're discussing whether the CEO should have the root password to anything - the general answer is no

    And that general answer is wrong, if the CEO demands the password, it must be given to the CEO.

    It may be technically inadvisable for the CEO to use the password, and it may be inadvisable from a corporate security perspective for the CEO to have direct use of the password (other than the uninterruptable ability of the CEO to reveal the password to someone deemed qualified personnell).

    Or a corporate policy might be established, approved by the board of directors, that even the CEO has to follow.

    However, it's definitely not within a sysadmin's authority to make such a facilities security decision if counter to a requirement imposed by their boss.

  6. Re:Makes the rest of us suffer... on IT Worker's Revenge Lands Her In Jail · · Score: 1

    "Password? Oh, ya, I found that big long one hard to remember so I just changed it to my name"

    Followed by "Someone has hacked our servers! This is your fault as you're in charge of IT security!"

    That's when you say, "the audit log shows you changed the system password to this simple one; you allowed the breakin"

    And you rightly get... No... you're to blame for not having recommended appropriate password policies, and backed them up with technical enforcement measures.

  7. Re:Makes the rest of us suffer... on IT Worker's Revenge Lands Her In Jail · · Score: 1

    Are you suggesting that the PHBs are more qualified to determine who should have root passwords?

    No. I am suggesting the PHBs have a stronger bonafide legal and moral right to be able to know the root passwords, and their rights trump any rights or obligations the system engineer might otherwise have to keep anything quiet / not reveal to other employees.

    In the same manner as they have controls of all the other assets they manage, such as their staff. The CEO has a right to know the root password, just like he has the right to know the desk phone numbers of all his staff. The CEO can even fire someone without that person's manager's consent.

    You cannot deny the CEO access to your desk drawer if he demands the key, let alone root to his company's server.

    Technical ability does not grant authority, or ensure trust. Trust of people is a management decision, not a technical decision. Security is a top down thing. The people at the top impose security and security policies, sometimes at the advisement of technical staff.

    But the PHBs are the masters of their own policies, and the rule supersedes their subordinates on all matters, even if their decision is to disregard technical or security advise, whether it's good advise, or bad advise from unqualified staff does not matter, they have a right to disregard or take under advisement as they wish.

    In fact, a PHB has a right to require sysadmins don't know the passwords, so every day one starts work, and goes to their computer, the admin has to politely ask the PHB to come down, and type the password at a su prompt for the operator to become root.

    For example, keys to the forklifts, keys to the company helicopter. PHBs can have these, or require they be available to them. This does not mean the PHBs are qualified forklift drivers or pilots.

    But the PHBs have the right to those, the security control devices the same. It enables them to hire an additional driver/pilot at will, which they have a right to do.

    The PHBs have a right to hire someone to come in, login as root, and audit their computer system, without telling the admin they delegate responsibility of that system to.

    For example, as a means of quietly evaluating the sysadmin's work, or in preparation to replace the sysadmin.

    The justification doesn't matter, the PHB has a right to do it, and has a right to keep information from the sysadmin.

    The sysadmin has no right to keep security information from their employer, especially not the generic administrative keys to company owned equipment.

  8. Re:Makes the rest of us suffer... on IT Worker's Revenge Lands Her In Jail · · Score: 2

    Of course not. It just means that oftentimes someone who shouldn't have access to enable secrets or root passwords gets those as a "backup".

    You mean someone who in your technical opinion as an engineer shouldn't be using enable secrets or root passwords?

    The systems belong to the PHBs. If you want to avoid giving out root passwords, then don't have passwords.... use biometrics. Or use a "password under seal" system, where the password is available but secure, and will be changed within days if a backup needs it.

    However, you will still have to provide access, doesn't matter if it's a password or something else, and that is perfectly reasonable, as long as you have accounting measures in place, clear policies on who is authorized to use access, and severe immediate penalties for any backup abusing their access

  9. Re:Ok, but. on BitTorrent Client Offers P2P Without Central Tracking · · Score: 1

    So if you want to shut the whole thing down, you go after the "trusted entity". Sort of destroys the point of decentralizing.

    Can you point to a law against publishing a list of filenames, SHA1 checksums, and 5 or 6 "Yes/No" questions?

    It could be a service with another primary purpose, for example "Identification of unknown files"... common files on computer systems could be identified/reviewed by unrelated parties.

    The same tech could be used not only for P2P networks, but for "web safety"... for example, you download a file from any website.. 6 months later you forget what it is... have a 'metadata service' to find more information about the file for you, based on a large mass of checksums, descriptions, and "original filenames"

    XXXXX.xyz xxxxxxxxx
    "Is the filename meaningful?"
    "Does the filename accurately represent the nature of the content?"
    "Is the quality of the content reasonably acceptable?"
    "Is the content complete, without undue truncation, omission, or error?"
    "Is the item an advertisement or sales pitch?"
    "As far as you can tell, is the file with this SHA1 sum free of viruses/malware?"
    "Does the item seem to be free of unnecessary or content not disclosed by the filename or description file inside the archive?"

  10. Re:It's the Only Way to Be Sure on Iron-Eating Bug Is Gobbling Up the Titanic · · Score: 1

    If you repeat it often enough, maybe someday it will come true!

    History has already proven, based on the US past, and the effect of "war costs" on the economy, that it was true; for example World War II brought the US out of depression, if not for that, the recession condition would have lasted well into the 21st century.

  11. Re:Background on Apache Resigns From the JCP Executive Committee · · Score: 1

    You don't get any explicit license to use the software, nor does the license restrict how you can use the software, it simply doesn't have a bearing on that at all.

    A license is not required to use software in any case.

    Copyrights only restrict the exclusive rights for software: modification, distribution, and the right to prepare derivative works.

    Patents only restrict the exclusive rights to make and sell, to "practice" the patent by manufacturing and distributing a product.

    There is no type of exclusive right that prevents use of software, once you legally possess a copy, other than a signed contract where you promised not to use the software.

  12. Re:It's the Only Way to Be Sure on Iron-Eating Bug Is Gobbling Up the Titanic · · Score: 2

    Besides the fact that you're referring to the broken window fallacy

    Broken window "fallacy" is only shown to be a fallacy; in an economy that is already productive, and resources are not being left idle.

    In economies that would need stimulus, resources are being left idle, because there's nothing to invest in, other than commodities.

    In that case, there is a glut in resources, that needs to be diminished, for example, by committing resources to a huge project.

    Once excessive resources are burned off, demand for products and services will increase again with respect to supply, driving further growth

  13. Re:It's the Only Way to Be Sure on Iron-Eating Bug Is Gobbling Up the Titanic · · Score: 1

    But what happens when the paint peels off? :0

    We shouldn't worry about that; that will be our great great great grandchildren's problem.

    It'll be an excuse to replace all structural iron with other more expensive building components in new construction, and rebuild all existing buildings.

    Great economic stimulus and all that

  14. Re:Background on Apache Resigns From the JCP Executive Committee · · Score: 1

    Yes, but you still erroneously believe that you received the software from Oracle under the terms of the GPL; you did not.

    This is not erroneous. You did receive software under the terms of the GPL. When the originator of a product issues any kind of license/grant of rights, the issuer is bound to allow the recipient to exercise the rights they have licensed the right to exercise.

    For example, this creates burdens for Oracle in that they are bound by the license, and you redistributing the software received under the GPL is no longer copyright infringement, or infringement upon any exclusive right of Oracle.

    Oracle applied the terms of the GPL to the software as they distributed it to you.

    Oracle provided software under the GPL, which grants certain privileges of modification and redistribution.

    And Oracle owns all the rights required for the GPL to be effective and provide you the rights that the GPL claims you have, therefore you have a license.

    Your license is not specific about which of Oracle's "exclusive rights" are involved; Oracle is bound only to allow you to exercise the rights that were granted to you by the license.

  15. Re:Ok, but. on BitTorrent Client Offers P2P Without Central Tracking · · Score: 1

    So if you want to shut the whole thing down, you go after the "trusted entity". Sort of destroys the point of decentralizing.

    It doesn't matter if a 'trusted entity' gets taken down for their mere act of revealing which items are what they claim to be.

    Their existing reviews are already out there. If their keys become compromised, this gets reported by others, so people know to stop trusting the compromised entity.

  16. Re:Ok, but. on BitTorrent Client Offers P2P Without Central Tracking · · Score: 2

    But how does moderation work then?

    Throw in web of trust?

    Send in $1 to get your 'reviewer' certificate signed by some trusted entity. Sort search results by number of signed positive reviews; and then number of downloads which "reviewer nodes" saw occuring.

  17. Re:Not really "EveryDNS" either on EasyDNS Falsely Accused of Unplugging WikiLeaks · · Score: 1

    This is a kdawson article...there's a reason a huge chunk of us have blocked his posts as an editor.

    Perhaps the journalistic integrity of editors is something to write GeekNet corporate management / corporate governance about?

    I doubt merely posting a comment here will go far

    I'm dumping slashdot. Know a sci/tech site with functional editors and a quality comment system?

    I know of no reasonable alternative

  18. Re:Why can't they put a simple FET in there on Video Shows Why Recharging Kills Batteries · · Score: 2

    I keep wondering about this. Why do laptops not come with a switch to cut off the charge when the battery is, say, 99% full? Is it purposely so that the battery will die faster?

    Lithium ION battery life is maximized, when kept fully charged at all time; the best possible lifetime is achieved if it's never significantly discharged, so adding a switch would be detrimental. Maintaining the battery fully charged at the float voltage while plugged in increases life of the battery.

    The wiring scheme in a laptop, where the computer is always powered by the battery, also has the benefit, that should power unexpectedly go out, power to the computer power will be maintained, as if maintained by an Online UPS.

    This means data will not be lost immediately by a a power outage or surge, and the computer will be protected. The protection by the combination of this design and the external power supply with regulated DC output is a bit better than that of a consumer-level (standby) UPS design you would find used for desktop computers. When combined with a surge protector, the safety of a laptop against power issues is top notch, and much better than a standard desktop's power protection. The computer is less likely to get fried if there is a surge.

    Compared to the expense of the computer itself, the battery is an inexpensive replaceable component.

  19. Re:Has anybody thought on Video Shows Why Recharging Kills Batteries · · Score: 1

    Of making batteries out of DiLithium instaed of just Lithium?

    TriLithium resin based batteries would probably be a better choice, since they could store more energy per unit density between charge cycles

  20. Re:Innocent until proven guilty on EasyDNS Falsely Accused of Unplugging WikiLeaks · · Score: 1

    Remember, when it comes to mobs, all you need is the whisper that someone is guilty and the mob whips into a frenzy and lynching begins. To the mob, the whisper is proof.

    So what happens when you whisper that the mob itself is guilty of something?

    Do they all whip into a frenzy and lynch each other?

    What if you have two mobs, and send 'spies' to sneak into each mob and whisper that the other mob "over there" is guilty?

  21. Re:From the Article: on The First Truly Honest Privacy Policy · · Score: 1

    "At COMPANY _______ we value your privacy a great deal." and we are happy to have you trade it to us for free services

    That's why we are taking it from you. By visiting our website, you agree to share complete accurate information on all signup, profile, comments, and other forms on our web site. And you agree we can store all data collected forever, and share, license, or sell it to anyone we want.

  22. Re:Background on Apache Resigns From the JCP Executive Committee · · Score: 3, Interesting

    Oracle is not bound by the terms of the GPL since they hold there copyright to the entire source. So, I'm not sure why people think that theGPL gives then any patent protection from Oracle.

    Because the GPL'd work was created/distributed by the patent holder. When you distribute a product that contains a patented element, you cannot sue your own customer that you distributed the item to.

    When you give your customer your product, and as patent holder you give them a license (the GPL) that allows them to distribute it freely, modify, and redistribute freely, you do not enumerate which exclusive rights you are licensing. Because the GPL does not provide for listing the specific exclusive protections licensed, it only lists general rights granted by the licensor to the licensee.

    There is nothing in the GPL which states that ONLY copyrights are licensed.

    Some people might assume that the GPL only licenses exclusive rights provided by copyright law; however, there is nothing in the GPL that actually states which kinds of rights are licensed.

    One could imply, that the GPL as an agreement confers all license required by the grantor to the grantee, in order for the grantee to be able to exercise the rights the grantor claims to grant.

    For example, if you are a bank and rent out a deposit box, and your agreement with your customer states they will have keys for 24/7 access to their safety deposit box.

    That implies you can't sue your customer for "trespass" because security found them in the entrance corridor to the room with their box at 10pm one night.

  23. Not really "EveryDNS" either on EasyDNS Falsely Accused of Unplugging WikiLeaks · · Score: 3, Informative

    The name of the company is DynDNS.com. You know, the company that bought EveryDNS; disabled the ability to sign up for new EveryDNS accounts?

    And has been in the process of transitioning accounts from EveryDNS to "DynDNS.com" custom services over 2010, probably so they can eventually discontinue the free services and force everyone to pay?

    If they made the decision to kill Wikileaks' services, they should take responsibility for the shutdown, and not hide behind the legacy EveryDNS name which will be a distant memory in some time.

  24. Countersuit on Man Sues Rockstar Saying GTA:SA Is Based On His Life · · Score: 1

    'He based his life on our video game?'

    Seriously? Since when were unauthorized biographies actionable?

  25. That's cool on Google +1: Screenshot and Details · · Score: 1

    +1

    +1 it's already used frequently on various internet mailing lists as a generic way of saying "I like that" or "I agree with that"...

    I hope the USPTO doesn't let Google trademark "+1".