...I doubt any of you could work on a piece of software as complex and elegant as IIS without letting a few bugs slip through QA once in a while. It should not even be necessary to check for exploits in software; hackers shouldn't be trying to hack server software in the first place...
Confusing IIS with elegance is a misnomer at best, at worst it shows the typical ignorance of inexperienced, uneducated IIS admins. Its no secret Microsoft's FIRST priority in product releases isn't security, to wit: Win95, IIS, IE, OE...etal, ad infinitum.
Explain why hackers shouldn't hack server software? Maybe you LIKE using deficient software, and are afraid to use more secure alternatives (ie; APACHE). How did you think Apache's security record got where it is today? By NOT hacking at it? Do you think innovation comes ONLY from corporate R&D labs?
I'm not at all sympathetic with Napster Inc., or its client base. They filter my own original non-RIAA music. I use the Ogg Vorbis OpenNap server at 64.71.163.205 to distribute my own music, search for Rick Dicaire.
I have to wonder, if their filtering was in place, then one of my own compositions was filtered out. I discovered this on the weekend when I connected my client, did a user search for myself, and found one of my songs missing in the list returned, this never used to be the case. I am not an RIAA artist. I gave no one any rights to my own music, in fact my music is copywritten under my own company.
None of this is really news, home recording equipment costs have plummeted since the initial introduction of the TEAC PortaStudio cassette multitracker many years ago.
I wrote/recorded my own music on a home studio, mp3s of some of them are available at mp3music.kritek.com.
The notion of relying on a big record company is absurd to me, but then I'm not trying to make a living playing music anymore, I write/record/release my material for the PEOPLE, not the corporations. I know there are people that enjoy freely available music, and my music in particular, so have at it.
Open your eyes man, this is a company who's primary concern is to MAKE MONEY. They're not concerned about the actual children they'll harm in the long run.
Do you seriously take the contents of that FAQ at face value? I have some beahchfront property in Arizona for you if thats the case.
I have 3 children, and I'm extremely concerned about the potential for abuse of this WAVE system.
Its run by a corporation, there's no compassion in that equation.
Worry less about your personal opinion of John Katz, and more about the impact this has on us as a society, your energies are better directed to helping solve the problem, instead of exacerbating it with pointless rhetoric.
Where did this notion that Linux must trounce Microsoft come from, all Linux has to do is offer a viable alternative. People/users will decide whether it trounces Microsoft.
OS evangelism isn't the answer, interoperability is.
Why do they even HAVE to advertise on the Internet? Just because its there DOESN'T mean it has to be advertised on. How many times have you waited for a site to load because some ad company server is lagged trying to serve the ad in the page? How does THAT benefit Joe Average Web Surfer? They ought to stick to TV and radio, and leave the Internet for those that want ad-free surfing.
If thats the way MS wants to be, then release bugs/exploits on bugtraq first. This way the security community will be advised first. MS can read about it on bugtraq, like everyone else. The idea of working with a vendor to help them solve problems before advisories are released works as a two way street, give and take for all parties involved. MS has clearly shown they're not interested as such in working with the security community in this latest decision by their management.
"channel ownership, in my experience, only works in a small network where there is some feasibility of controlling the channels... you can't do that on efnet..."
What technical merits is this assumption based on? DALNET has as many users (approximately) as EFNET and its services function for the most part.
at 13:40 EDT:
-twisted.ma.us.dal.net(***)- Got Ident response
BitchX: For more information about BitchX type/about
NOQUIT WATCH=128 SAFELIST are available on this server
[local users on irc(9995)] 17%
[global users on irc(1706)] 3%
[invisible users on irc(56208)] 97%
[ircops on irc(70)] 0%
[total users on irc(57914)]
-----------------------------------------
irc.east.gblx.net at 13:40 EDT:
[local users on irc(9319)] 19%
[global users on irc(10259)] 21%
[invisible users on irc(39050)] 79%
[ircops on irc(197)] 0%
[total users on irc(49309)]
The only people who use anonymous features both on K5 and/. are what/. calls them, cowards. All anonymous cowards here have nothing important to say...unless they're trolling or flaming....."
Interesting...its been mentioned here in other articles about how people need to take responsibility for their actions online, much the same as in real life. I personally think ACs should *not* have a voice, I mean lets get real here, the Internet may be *mostly* American, but it is not *completely* American. Applying American values/morals/Constitutional dribble to a global community is short sighted, not to mention Ameri-centric. Guess what, America is *not* the center of the world, contrary to popular belief. With that said, I submit to the Slashdot Management: remove the AC access. Its not about "Free Speech", its about taking responsibility for ones self online. If a person has something to say, they can say it as an identified person. This would not only cut down on the number of trolls, but would raise the IQ level of the comments in general.
I'm not saying there shouldn't be AC-type speech online in general, there are newsgroups, and other forums, where anonymous posts are preferred for both security and personal issues, usually but not limited to, recovery from some type of traumatic experience. Slashdot is not one of these forums.
Once again, I implore the Slashdot Management to drop AC access.
"I would like to see the linux community make a better email program then outlook. We all know it won't happen, the so called linux community is only able to steal ideas"
Better is totally subjective. MS Outlook may be better for you, but not for me, and I venture I'm not the only one that doesn't have to rely on it. But hey, even ACs must be given their right to express themselves.Once a troll, always a troll.
I use a Linksys KVM with *bsd, NT, and Linux. Works fine, and the box it comes in says Linux is supported, as does most, if not all of their products boxes, say. I haven't had a need to call their techsup though.:)
More and more, the BUGTRAQ mailing list members are not publishing the actual exploits, or are publishing them b0rked, so the skr|p7 k|dd|35 can't use them, at least not without trying to fix them first.
I used to work for a Federal gov agency that used software to restrict users access to their Windows95/98 desktops. The Melissa and ILOVEYOU trojans were a non issue due to the severe restrictions on most of the users desktops. Those that had less restrictions were more PC literate, and if they got infected, it was truly their own fault.
In that enterprise level environment, even the restricted users were able to break some things they weren't supposed to be able to. This was, and still is, a problem for the IT dept, not just at this agency, but any company that institutes this type of desktop restriction.
Home users? CAVEAT EMPTOR
Those workplaces that utilize NT workstations (where the user does not have admin access), suffer far less damage than the Windows 95/98 based environments.
Both education and more stringent security in sofware are the keys to cutting down on these types of trojans from spreading so vastly.
Laying blame is just buck-passing, something that isn't new to humanity as a whole. This shirking of responsibility is what's leading Society down the dark road it's on. When one is responsible for their actions, products, etc, the attitude is far less "screw the customer, lets make money". Just look at what MS has done in the past in the name of "innovation".
Quit looking to blame others for your (not you personally harmonica, just people in general) own mistakes, or ignorance.
We live in an age where information is a commodity to be bought and sold. The power goes to those that possess the information. Corporatism dictates that nothing is free, so free information is anathema to the corporatist mindset. Corporations will always fight the notion of "free" anything.
"Okay, I have said this previously, and I will say it again: Don't let *any* operating system be preloaded on computers by OEMs."
If you were an OEM, would you want this? I'd think not. Windows occupies over 90% of desktops, this isn't going to change any time soon. Why should OEMs be dictated how they build machines? Most people buy a PC expecting an OS to be preloaded, and its usually Windows, its what the majority of customers want. The majority of customers don't want to have to deal with buying a PC, then installing an OS, and any additional software. The business model for an OEM isn't going to change much in this respect. The OEM cares more about an individual (the key word here being "individual") customers needs than MS does. OEMs assemble large quantities of PCs, and sell them. Why should they have to wait for specific orders before they assemble them? This would drive PC costs up, is this in the consumers best interests?
I once watched a VH1 docu on Metallica, the relevant part of that docu was Lars' explanation of some fans accusation of the band being a "sell out". Yeah, this current action "on behalf" of Metallica only further cements the notion that a lot of us OLDER FANS (the ones that liked them from the start) feel regarding the band. YOU HAVE SOLD OUT. Gone from a hard working garage band, to a hard working corporate greed tool, you may have gained more mainstream listeners, but you've alienated your core fan group.
They worry about the money? Worry about fans boycotting your CDs/tapes. I won't be purchasing any product you release, period. You don't care what I as a fan think, your actions quite apparently show more concern for your "business model". Gotta wonder what kind of business model can exist WITH NO CUSTOMERS in a consumer oriented business.
As for Napster (or gnapster in my case), I don't download ANY songs. I use it to promote my OWN music, yeah, that right, my music is FREE. The more of it I see on Napster, the better. I'm not concerned about making a living from it, I have a career in a completely different field. My kids don't starve, my bills get paid with plenty left over at the end of the month to spend on CDs, etc.
Slashdot Mirror
What hasn't been answered is WHY the article misquoted the overwhelming grief statement attributed to him.
Confusing IIS with elegance is a misnomer at best, at worst it shows the typical ignorance of inexperienced, uneducated IIS admins. Its no secret Microsoft's FIRST priority in product releases isn't security, to wit: Win95, IIS, IE, OE...etal, ad infinitum.
Explain why hackers shouldn't hack server software? Maybe you LIKE using deficient software, and are afraid to use more secure alternatives (ie; APACHE). How did you think Apache's security record got where it is today? By NOT hacking at it? Do you think innovation comes ONLY from corporate R&D labs?
What utter ignorance.
Damned troll.
I'm not at all sympathetic with Napster Inc., or its client base. They filter my own original non-RIAA music. I use the Ogg Vorbis OpenNap server at 64.71.163.205 to distribute my own music, search for Rick Dicaire.
The external web server is NOT part of the internal network, said network includes over 11,000 desktops.
I have to wonder, if their filtering was in place, then one of my own compositions was filtered out. I discovered this on the weekend when I connected my client, did a user search for myself, and found one of my songs missing in the list returned, this never used to be the case. I am not an RIAA artist. I gave no one any rights to my own music, in fact my music is copywritten under my own company.
I wrote/recorded my own music on a home studio, mp3s of some of them are available at mp3music.kritek.com.
The notion of relying on a big record company is absurd to me, but then I'm not trying to make a living playing music anymore, I write/record/release my material for the PEOPLE, not the corporations. I know there are people that enjoy freely available music, and my music in particular, so have at it.
Just because you *can*, doesn't mean you *should*.
Is it just me or is this just another attempt my Microsoft to commoditize a part of the Internet to help maintain their monopoly?
I have 3 children, and I'm extremely concerned about the potential for abuse of this WAVE system. Its run by a corporation, there's no compassion in that equation.
Worry less about your personal opinion of John Katz, and more about the impact this has on us as a society, your energies are better directed to helping solve the problem, instead of exacerbating it with pointless rhetoric.
OS evangelism isn't the answer, interoperability is.
Why do they even HAVE to advertise on the Internet? Just because its there DOESN'T mean it has to be advertised on. How many times have you waited for a site to load because some ad company server is lagged trying to serve the ad in the page? How does THAT benefit Joe Average Web Surfer? They ought to stick to TV and radio, and leave the Internet for those that want ad-free surfing.
If thats the way MS wants to be, then release bugs/exploits on bugtraq first. This way the security community will be advised first. MS can read about it on bugtraq, like everyone else. The idea of working with a vendor to help them solve problems before advisories are released works as a two way street, give and take for all parties involved. MS has clearly shown they're not interested as such in working with the security community in this latest decision by their management.
I thought you could.
What technical merits is this assumption based on? DALNET has as many users (approximately) as EFNET and its services function for the most part.
at 13:40 EDT: /about
-twisted.ma.us.dal.net(***)- Got Ident response
BitchX: For more information about BitchX type
NOQUIT WATCH=128 SAFELIST are available on this server
[local users on irc(9995)] 17%
[global users on irc(1706)] 3%
[invisible users on irc(56208)] 97%
[ircops on irc(70)] 0%
[total users on irc(57914)]
-----------------------------------------
irc.east.gblx.net at 13:40 EDT:
[local users on irc(9319)] 19%
[global users on irc(10259)] 21%
[invisible users on irc(39050)] 79%
[ircops on irc(197)] 0%
[total users on irc(49309)]
The only people who use anonymous features both on K5 and /. are what /. calls them, cowards. All anonymous cowards here have nothing important to say...unless they're trolling or flaming....."
Interesting...its been mentioned here in other articles about how people need to take responsibility for their actions online, much the same as in real life. I personally think ACs should *not* have a voice, I mean lets get real here, the Internet may be *mostly* American, but it is not *completely* American. Applying American values/morals/Constitutional dribble to a global community is short sighted, not to mention Ameri-centric. Guess what, America is *not* the center of the world, contrary to popular belief. With that said, I submit to the Slashdot Management: remove the AC access. Its not about "Free Speech", its about taking responsibility for ones self online. If a person has something to say, they can say it as an identified person. This would not only cut down on the number of trolls, but would raise the IQ level of the comments in general.
I'm not saying there shouldn't be AC-type speech online in general, there are newsgroups, and other forums, where anonymous posts are preferred for both security and personal issues, usually but not limited to, recovery from some type of traumatic experience. Slashdot is not one of these forums.
Once again, I implore the Slashdot Management to drop AC access.
Better is totally subjective. MS Outlook may be better for you, but not for me, and I venture I'm not the only one that doesn't have to rely on it. But hey, even ACs must be given their right to express themselves.Once a troll, always a troll.
Keep up the good work BUGTRAQ.
In that enterprise level environment, even the restricted users were able to break some things they weren't supposed to be able to. This was, and still is, a problem for the IT dept, not just at this agency, but any company that institutes this type of desktop restriction.
Home users? CAVEAT EMPTOR
Those workplaces that utilize NT workstations (where the user does not have admin access), suffer far less damage than the Windows 95/98 based environments.
Both education and more stringent security in sofware are the keys to cutting down on these types of trojans from spreading so vastly.
Laying blame is just buck-passing, something that isn't new to humanity as a whole. This shirking of responsibility is what's leading Society down the dark road it's on. When one is responsible for their actions, products, etc, the attitude is far less "screw the customer, lets make money". Just look at what MS has done in the past in the name of "innovation".
Quit looking to blame others for your (not you personally harmonica, just people in general) own mistakes, or ignorance.
If you were an OEM, would you want this? I'd think not. Windows occupies over 90% of desktops, this isn't going to change any time soon. Why should OEMs be dictated how they build machines? Most people buy a PC expecting an OS to be preloaded, and its usually Windows, its what the majority of customers want. The majority of customers don't want to have to deal with buying a PC, then installing an OS, and any additional software. The business model for an OEM isn't going to change much in this respect. The OEM cares more about an individual (the key word here being "individual") customers needs than MS does. OEMs assemble large quantities of PCs, and sell them. Why should they have to wait for specific orders before they assemble them? This would drive PC costs up, is this in the consumers best interests?
aRDy Music © 2000 - mp3's available
They worry about the money? Worry about fans boycotting your CDs/tapes. I won't be purchasing any product you release, period. You don't care what I as a fan think, your actions quite apparently show more concern for your "business model". Gotta wonder what kind of business model can exist WITH NO CUSTOMERS in a consumer oriented business.
As for Napster (or gnapster in my case), I don't download ANY songs. I use it to promote my OWN music, yeah, that right, my music is FREE. The more of it I see on Napster, the better. I'm not concerned about making a living from it, I have a career in a completely different field. My kids don't starve, my bills get paid with plenty left over at the end of the month to spend on CDs, etc.
Want some free music? aRDy Music