Cool logo! Anyway, it's in the wild. This is known for two reasons:
I knew about this about a day before the/. post, and so have many other folks. Manual exploits are obviously out, and script kiddies are bound to follow within another 24 hours.
It's posted on/. - EVERYBODY knows!
One way or another you should upgrade because any security risk that is preventable is too much of a risk...
The problem with capped Karma is it only goes down...
Frankly, I can't imagine countries doing that kind of thing to each other. All's good in love and war, yes, but when both countries lose from such ridiculous tactics then their is no longer a point. If I kept intentionaly crashing my car into yours and you did the same, don't you think we'd fast realize that we're both wasting one another's money in fixing our cars and agree to stop? Politicians may be pretty numb in the head, but they do have SOME sense.
The reasoning behind this? We'd make it stop. There'd never would be a war where stuff like that happened. They spent our money on an exercise that is based on practicing for something that just won't happen. It's like schools doing drills for nuclear bombings back in WWII: ducking under your desk won't do a thing if an A-bomb lands nearby - you should be more worried about the radiation because if you're close enough to the blast that it might hurt you, the rads will definitely kill you. In other words there was no point in the duck-and-cover thing and there's none in this either...
I suggest that the higher-ups in the military that plan this read some of Isaac Asimov's work - he wrote a good one about something like this.
The problem with capped Karma is it only goes down...
Left out "understood" details - such as Java(script) can run on any platform (with an interpreter).
I was right about Javascript (which I typed as Java...) being open source. Go to any webpage with Javascript, then view the source (button/menu SOMEWHERE in your browser)
While.NET software could be run on a client platform, it would be run on the server in order to follow M$'s strategy.
In reference to some other comments:
JdV!!'s comment - read above. I left out the script that should have been appended to Java. I do know the difference...
yoz's comment - The bulk of the software, critical parts, etc., will be run server side. See above for the rest of it.
Tips for everyone else: Don't type in a rush, and make sure you explain EVERYTHING. Also, spell right:)
My apologies for making that post innacurate through neglect. I now feel stupid for doing what I critisize so many other for on Slashdot...
The problem with capped Karma is it only goes down...
Java software is run client-side, while.NET software is (will be) run server-side. That means that all the work for.NET is done off of your computer - you just do the input and get the output.
Other differences include that Java, by its very nature, is open source (that means that you can always read the source - that doesn't mean that it is free though...). OTOH,.NET can be kept so that it is not open sourced.
Further more, Java is an interpreted language and can run on any platform..NET is comiled and must be run on platforms that it is compiled for. And since M$ has its dirty hands all over it, we can presume that it will be some time before compilers are available for non-M$ systems - and even then not 'legal' compilers.
So, difference or no differnce? Difernce...
The problem with capped Karma is it only goes down...
Up north in Maine and areas around there, electric heating is a death wish - the bill would kill you. We get around that problem by uing boilers. They create a fire that uses heating oil and boils water within the pipes. Of course, you'd need to install radiators for this.
They're very efficient and well worth the cost too...
If you're worried about any single point of failure, run a Sun T3 storage array. The only single point of failure there is the drive controller, which hardly fails. And since we're into eliminating ALL failure points, buy two. You can link them together so that even if one controller fails, the controller on the other machine kicks in. Zero points of failure!
For the sake of specs, the thing takes 9 SCSI disks, using FC/AL for linkup, and works with Linux and Solaris (among other systems I believe). Placing 2 together DOES NOT make a RAID5+1 array, the whole thing is straigh RAID5. The systems also have 256 MB of RAM to remove the RAID5 write penalty. Should a catastrophic failure occcur (all power to the box kicks), internal UPSes will dump the info in the RAM to the disks and power down correctly.
The investment is definitely worth it, and makes things easier than other systems. As for fire damage, get a Halon system and BACKUP YOUR DATA!
If you're really paranoid, you can seperate the boxes a little...
My name is Jeffrey. The guy down the street (Geoffrey) is suing me for registering the domain name jeffrey.com - his case is that people will spell his name like mine and go to the wrong site. He's also mad about jeff.com (also registered to me) because people often shorten his name to Geoff, but that gets mis-spelled often too.
Does this sound stupid to you? Of course it does. It's the same thing as what the two companies here are doing. Note: THIS IS NOT A TRUE STORY!
is when you get to the point you're at. If you see a problem, or realize that a redesign will make it better than just a little here and a little there, then you re-write it. It's your decision and not managements. On the other hand, they fund you so you'll have to convince them.
Specifcally: communicating with space dust, optical searching a better way to find aliens, and now this. I know you people keep a back-log of about 250 stories at any given time, and this is the best you could get out of all those?
Now to be moderated down for bashing SlashDot and wondering about the poster's sanity. Oh yeah, and as they said: THIS ONE'S ALREADY BEEN POSTED!
Of course, everything in nature is basically analog, so hard and soft hits have to be defined in analog terms just like bits in computers - but if it really hurts it's a 1.
You're damned wrong. Stating that you won't share information means that you will do your best to protect it. That's like me saying I won't give out your SSN - and then I leave it stuck on a post-it note attached to a payphone. Isn't that violation? If you agree not to share something, then you make sure that nobody gets it. If the other companies find out, then the provider is indeed responsible.
Now, as you've said - and you're right - it's perfectly legal to snoop traffic on the network. That doesn't mean it's legal for the online company to make it possible. That's neglect.
Ergo, it's perfectly legal (or at least it should be:) to recieve the DirecTV signal. Whatever they want to do to it doesn't matter - it's their signal. Whatever you want to do doesn't matter either because they've given you access to it whether or not they want to.
I've got a picture of that right above my monitor here at school, along with a 64-way STARFIRE system, the T3 storage array, and an Expert3D Graphics card. Oh what fun!
It's like playing with matches next to gasoline. You might discover the power of gasoline, and then again you might discover that gasoline has the power to blow you away.
I think that this could be a good development, but I'm curious as to how they're going to test this without making anybody croak.
One more thing: we're slowly destroying Darwin's theory - the fittest no longer survive. Now everyone makes it, even if they have some genetic disease that gives them no chance in life. It's just another view to consider...
That's what it's all about - the market. I believe that custom ready-to-run images are actually much better than distros, and Tuxtops can still keep their existing customers. You pick out a laptop (or, at this point, any computer) and then tell them what you want. TADA! 1 custom-made system without 15 text editors you don't use! It sounds like a very good plan to me. Best off for Tuxtops, however, is that they can now market to any linux-hungry computer user, not just people that want their laptops. And what big corporation moving to Linux wouldn't want CDs with images you can just copy instead of having to install? Not to mention the IT folks in charge of it...
Based on what I can tell from the report, this "members only" group sends warnings only among its own. That means that if one of these companies finds this nasty virus, all the other companies find out but we don't. When you look at the list of companies that have joined, you'll note that most of the companies have something to gain from knowing about such a virus before anyonne else. Take for example Symantec who makes antivirus programs, and VeriSign - who will ineveiteably bring up the "if you signed all your messages with our keys, then people would know it wasn't from you because you didn't sign it" junk. That in itself may be a good thing (encouraging crypto), but they'll find a way to twist facts so that only VeriSign gains from such a thing. Don't tell me know either: these companies are run by CEOs that worry more about how fat their wallets are than anything else.
Another way this is bad: we have CERTs for a reason - to deal with this kind of thing. By forming this "coalition", they're further fragmenting the system of disaster recovery. CERT.org was created some time ago just for things like this, and it doesn't cost $5k a year to get warnings. It's free.
Propaganda is the best term for this, and marketing is a close runner up. If they really want to team up and help stop attacks on computer systems, they can work with everyone else instead of creating a members-only club.
First off, the Reiser File System is what we call a journaling file system. That means that as something is about to be written to the disk, another item describing what is about to be done is written to the disk first (the journal). Now, if you system crashes while the journal is being written, that's no big deal for the filesystem: whatever you were going to save/delete just doesn't get done and the computer happily moves on. However, if your computer crashes after the journal has been written and you're saving that special file, the systems looks at the journal on boot and says "oops, this didn't get done - let's throw it out." Obviously you lose your file here, but it's no worse than in a non-journaling system. In one of those you lose your file, corrupt your filesystem, and lose your data anyway.
For further details on Reiser FS, check out this page. Freshmeat links to it, but I'm not entirely certain it works (I can't bring it up from here).
Also note that the maker of the file system, Hans Reiser, is suing Microsoft for the information that he needs to market the filesystem to Windows users:)
Slashdot Mirror
I was reffering to the one were nobody remembers how to do math without a calculator so they just use computers for everything...
The problem with capped Karma is it only goes down...
- I knew about this about a day before the
/. post, and so have many other folks. Manual exploits are obviously out, and script kiddies are bound to follow within another 24 hours.
- It's posted on
/. - EVERYBODY knows!
One way or another you should upgrade because any security risk that is preventable is too much of a risk...The problem with capped Karma is it only goes down...
Frankly, I can't imagine countries doing that kind of thing to each other. All's good in love and war, yes, but when both countries lose from such ridiculous tactics then their is no longer a point. If I kept intentionaly crashing my car into yours and you did the same, don't you think we'd fast realize that we're both wasting one another's money in fixing our cars and agree to stop? Politicians may be pretty numb in the head, but they do have SOME sense.
The reasoning behind this? We'd make it stop. There'd never would be a war where stuff like that happened. They spent our money on an exercise that is based on practicing for something that just won't happen. It's like schools doing drills for nuclear bombings back in WWII: ducking under your desk won't do a thing if an A-bomb lands nearby - you should be more worried about the radiation because if you're close enough to the blast that it might hurt you, the rads will definitely kill you. In other words there was no point in the duck-and-cover thing and there's none in this either...
I suggest that the higher-ups in the military that plan this read some of Isaac Asimov's work - he wrote a good one about something like this.
The problem with capped Karma is it only goes down...
In reference to some other comments:
JdV!!'s comment - read above. I left out the script that should have been appended to Java. I do know the difference...
yoz's comment - The bulk of the software, critical parts, etc., will be run server side. See above for the rest of it.
Tips for everyone else: Don't type in a rush, and make sure you explain EVERYTHING. Also, spell right :)
My apologies for making that post innacurate through neglect. I now feel stupid for doing what I critisize so many other for on Slashdot...
The problem with capped Karma is it only goes down...
Other differences include that Java, by its very nature, is open source (that means that you can always read the source - that doesn't mean that it is free though...). OTOH, .NET can be kept so that it is not open sourced.
Further more, Java is an interpreted language and can run on any platform. .NET is comiled and must be run on platforms that it is compiled for. And since M$ has its dirty hands all over it, we can presume that it will be some time before compilers are available for non-M$ systems - and even then not 'legal' compilers.
So, difference or no differnce? Difernce...
The problem with capped Karma is it only goes down...
They're very efficient and well worth the cost too...
My karma's bigger than yours!
For the sake of specs, the thing takes 9 SCSI disks, using FC/AL for linkup, and works with Linux and Solaris (among other systems I believe). Placing 2 together DOES NOT make a RAID5+1 array, the whole thing is straigh RAID5. The systems also have 256 MB of RAM to remove the RAID5 write penalty. Should a catastrophic failure occcur (all power to the box kicks), internal UPSes will dump the info in the RAM to the disks and power down correctly.
The investment is definitely worth it, and makes things easier than other systems. As for fire damage, get a Halon system and BACKUP YOUR DATA!
If you're really paranoid, you can seperate the boxes a little...
My karma's bigger than yours!
Does this sound stupid to you? Of course it does. It's the same thing as what the two companies here are doing. Note: THIS IS NOT A TRUE STORY!
My karma's bigger than yours!
is when you get to the point you're at. If you see a problem, or realize that a redesign will make it better than just a little here and a little there, then you re-write it. It's your decision and not managements. On the other hand, they fund you so you'll have to convince them.
My karma's bigger than yours!
And that my friends, IS the point ... Which is all the more reason this topic doesn't belong on Slashdot TWICE!
My karma's bigger than yours!
DUH!
My karma's bigger than yours!
Now to be moderated down for bashing SlashDot and wondering about the poster's sanity. Oh yeah, and as they said: THIS ONE'S ALREADY BEEN POSTED!
My karma's bigger than yours!
Also, "Soft hit = binary" should have a zero after it. Don't know what happened there...
My karma's bigger than yours!
Australia is no longer a continent, it has instead been demoted to an island!
My karma's bigger than yours!
Soft hit = binary
Of course, everything in nature is basically analog, so hard and soft hits have to be defined in analog terms just like bits in computers - but if it really hurts it's a 1.
My karma's bigger than yours!
You're damned wrong. Stating that you won't share information means that you will do your best to protect it. That's like me saying I won't give out your SSN - and then I leave it stuck on a post-it note attached to a payphone. Isn't that violation? If you agree not to share something, then you make sure that nobody gets it. If the other companies find out, then the provider is indeed responsible.
Now, as you've said - and you're right - it's perfectly legal to snoop traffic on the network. That doesn't mean it's legal for the online company to make it possible. That's neglect.
Ergo, it's perfectly legal (or at least it should be :) to recieve the DirecTV signal. Whatever they want to do to it doesn't matter - it's their signal. Whatever you want to do doesn't matter either because they've given you access to it whether or not they want to.
Make sense?
My karma's bigger than yours!
I've got a picture of that right above my monitor here at school, along with a 64-way STARFIRE system, the T3 storage array, and an Expert3D Graphics card. Oh what fun!
My karma's bigger than yours!
When you switch companies, see if you can refer your friends also. They'll like you very much!
My karma's bigger than yours!
I think that this could be a good development, but I'm curious as to how they're going to test this without making anybody croak.
One more thing: we're slowly destroying Darwin's theory - the fittest no longer survive. Now everyone makes it, even if they have some genetic disease that gives them no chance in life. It's just another view to consider...
My karma's bigger than yours!
Anyway, for all you Linux users, check out www.linuxfreemail.com. I've had nothing but good experiences with them.
My karma's bigger than yours!
Will it fit in my wallet to, or do I need more RAM there?
My karma's bigger than yours!
That's what it's all about - the market. I believe that custom ready-to-run images are actually much better than distros, and Tuxtops can still keep their existing customers. You pick out a laptop (or, at this point, any computer) and then tell them what you want. TADA! 1 custom-made system without 15 text editors you don't use! It sounds like a very good plan to me. Best off for Tuxtops, however, is that they can now market to any linux-hungry computer user, not just people that want their laptops. And what big corporation moving to Linux wouldn't want CDs with images you can just copy instead of having to install? Not to mention the IT folks in charge of it...
My karma's bigger than yours!
Another way this is bad: we have CERTs for a reason - to deal with this kind of thing. By forming this "coalition", they're further fragmenting the system of disaster recovery. CERT.org was created some time ago just for things like this, and it doesn't cost $5k a year to get warnings. It's free.
Propaganda is the best term for this, and marketing is a close runner up. If they really want to team up and help stop attacks on computer systems, they can work with everyone else instead of creating a members-only club.
My karma's bigger than yours!
For further details on Reiser FS, check out this page. Freshmeat links to it, but I'm not entirely certain it works (I can't bring it up from here).
Also note that the maker of the file system, Hans Reiser, is suing Microsoft for the information that he needs to market the filesystem to Windows users :)
My karma's bigger than yours!
About embedded systems: Linux is used on many of these because of its modularity, but if you're into it, try using other things on them...
My karma's bigger than yours!