If you haven't already deleted your old source tree, copy/usr/src/linux-old.version.number/.config into/usr/src/linux-new.version.number and run make oldconfig.
It's a set of extensions to gcc (g++, actually) which can be programmed to look for semantic, rather than syntactic flaws in code, automatically. The theory is that if a class of bug turns up once, it'll probably occur throughout a given codebase. More details at http://hands.stanford.edu/.
I wasn't aware of the US situation until this post. In the UK, most cards require that the holder pay the first £50 or £100 of any loss. That's why I pointed out MBNA's arrangement as being unusual. Guess it isn't so unusual over the pond...:)
...and get a credit card that has no consumer liability for fraudulent purchases and use THAT card for any transaction where you don't have complete faith in the organisation that you're dealing with.
Gratuitious plug: MBNA's card works like this, at least in the UK.
...enough to have had many great teachers during my academic career.
Bob Cooke, at secondary school, for recognising at entrance that I could be good at Maths if given appropriate challenges. Up to that point, I was failing badly because the maths work wasn't challenging enough; I'd learn how to do something early enough, but couldn't be bothered with all the endless repetitive practice exercises when I was getting them 100% right. Thanks to Mr Cooke, he placed my in the top stream and I ended up taking maths a year early. Incidentally, he picked up his maths degree from an Open University (UK TV-based distance learning) course, or so I heard.
Also at secondary school were Mr Moore, teaching Physics and Chemistry and Brendan McLoughlan teaching English Lit. Both had such enthusiasm for their subject that you couldn't help but work hard. I was doing OK at the sciences, but Mr's Moore's encouragement helped greatly. Particular praise goes to Mr McLoughlan though, as English Lit was yet another course I was failing badly. Thanks to his efforts, I can't help looking for deeper meanings in any book, film or song I experience even today!
College was a bit dry, but university had a number of stars; Dr Vic Callaghan, Dave Lyons, Mike Sanderson all stand out. Mr Lyons stands out for introducing me to the concepts of "Keep It Simple, Stupid" and "Never use a computer when a coathanger will do". He also made me aware of the need to consider usability by people with disabilities when designing interfaces, something I'd never considered previously. Mike Sanderson's Abstract Data Types & Compiler Construction course was a real trial-by-fire. You either flunked it badly or came out a much better, cleaner programmer than before.
Thanks to all these teachers (and the ones I haven't mentioned!) for helping me to make it to where I am today.
IMHO, A CTO is responsible for guiding the company w.r.t the technical products that it develops (thinking here of people like Marcus Ranum of NFR and Bruce Schneier of Counterpane). They may also be a figurehead for the user community.
A CIO, on the other hand, is responsible for all IT systems used internally and how they interact with the business. Head of Internal Systems if you like. Also responsible for things like setting Information Security policy, Acceptable Use Policy, the phone system, and, in the UK, probably the person the spooks would get in touch with if they wanted a private key under the terms of the RIP bill.
Quite different roles, y'see. CTO is primarily customer-facing, CIO is primarily internally-facing. If you don't want both, just have a Technical Director who's "in charge of anything technical".:)
[ Declaration of interest: I work for the UK S3 group of Articon Integralis AG. Add salt to taste. These opinions are my own and are NOT to be associated with those of my employer. ]
- Are the reports custom written, or merely [Nessus|Cybercop|ISS] piped through a prettifier?
- Do the reports attempt to eliminate false positives and negatives (e.g. sendmail warnings reported against a Microsoft Exchange server)?
- Do the reports correlate disparate exposure points, which, when combined, could result in deeper intrusion?
- Have the consultants a track record of providing criticism of (installations of) products sold by other divisions of the company?
I've spoken with directors of small consultancies and seen reports of mid-to-large consultancies. Often the small consultancies have very talented people amongst their number, but their professionalism is highly variable. Reports from all the mid-to-large consultancies (except our own, naturally!) I have seen have been mediocre pretty versions of scanner reports. I've not seen enough reports from the "big five" to draw any conclusive opnions.
Re:But this doesn't solve any of the real problems
on
An RPM Port Of APT
·
· Score: 1
Easy.
Create two SDL packages, one linked against (and requiring) Mesa and one not. Both of them will satisfy SMPEG's SDL dependency. The user can choose which to install.
Yup, that's the way my employer does things also (as an aside, I suspect that my employer might be your trainer...)
Only problem is, and this has happened to me, if the possibility of training comes up at the same time as I'm fed up with the job, then it puts me off taking the training in case I end up quitting (on account of paying back 2-3K a month or so later). This is counter-productive both for me and my employer.
I suspect that this is the right approach, but a year is quite a long time in a twenty-something's career...
Updating the microcode on your CPU is NOTHING to do with updating your BIOS. Yes, BIOS updates usually include updated microcode which is squirted onto the CPU at boot time, but that's where the relationship ends. As other posters have pointed out, you can even update the microcode of your CPU under Linux using the new 2.3/2.4 interface.
As to concerns about security; well, I wouldn't be so naïve to say it'll/never/ be exploited, but it's fairly safe - the microcode is reset on boot.
Based on the opinions from my German colleagues, I get the impression that Linux (SuSE particularly, duh...) is very popular in Germany.
Maybe this is because the Germans that I have dealt with have always been happy to RTFM/before/ calling support...
In fact, since my UK employer merged with a German company, our management has been much more amenable to Linux- and Open Source-based solutions. This can only be a good thing.
1) Send hash of document to be timestamped to timestamping agency.
2) Agency takes the hash, adds a timestamp to it and signs the resulting product.
3) Agency sends the hash/timestamp/signature tuple back to you.
3) You append the tuple to your document.
The agency doesn't need to store the timestamps, just be trustable (in terms of security and a reliable clock source) and have a private/public key pair.
For instance, if the sales folks stopped selling, we go out of business. But by the same token, if the IT folks stop developing, the sales folks have
nothing to sell, and we go out of business. Same result.
Call me a militant techie, but I reckon that if Sales resigned en masse us techies could still sell some product, just not as much. Whether the revenues would be enough to sustain the company long term is another matter...
On the other hand, perhaps although the sales volume would be smaller, the average sale value may very well increase AND the customer might sometimes end up with a much better solution for their money...
Isn't that an oxymoron?:)
(Fire Extinguisher: I run an Indy at home and I like SGI and all their tech, not to mention how generous they've been to the whole Free Software movement).
Works for me. I just zgrep -i for a word that's likely to turn up in the file/dir name and it gives me a list of all the files that match and the names of the CDs they're on.
Slashdot Mirror
If you haven't already deleted your old source tree, copy /usr/src/linux-old.version.number/.config into /usr/src/linux-new.version.number and run make oldconfig.
It's a set of extensions to gcc (g++, actually) which can be programmed to look for semantic, rather than syntactic flaws in code, automatically. The theory is that if a class of bug turns up once, it'll probably occur throughout a given codebase. More details at http://hands.stanford.edu/.
Actually, Maxtor (IIRC) again have features in this area; their recent drives have 3 modes: normal, fast (but noisy) and slow (but quiet).
I wasn't aware of the US situation until this post. In the UK, most cards require that the holder pay the first £50 or £100 of any loss. That's why I pointed out MBNA's arrangement as being unusual. Guess it isn't so unusual over the pond... :)
The only time you are liable for anything, in any case I've ever seen, is if your card is physically stolen, you can be held liable for up to $50.
That's what I was getting at; my card has a $0 liability limit, regardless of cause. Dunno how they can do that, but that's not my problem. :)
Gratuitious plug: MBNA's card works like this, at least in the UK.
my login name at Uni was butcau, which I used to pronounce as Butt-cow, hence my nick of cowbutt.
Hmmm... the Windows source code must be like some ancient and unspeakable Lovecraftian tome if it does that to one's mind. :)
Bob Cooke, at secondary school, for recognising at entrance that I could be good at Maths if given appropriate challenges. Up to that point, I was failing badly because the maths work wasn't challenging enough; I'd learn how to do something early enough, but couldn't be bothered with all the endless repetitive practice exercises when I was getting them 100% right. Thanks to Mr Cooke, he placed my in the top stream and I ended up taking maths a year early. Incidentally, he picked up his maths degree from an Open University (UK TV-based distance learning) course, or so I heard.
Also at secondary school were Mr Moore, teaching Physics and Chemistry and Brendan McLoughlan teaching English Lit. Both had such enthusiasm for their subject that you couldn't help but work hard. I was doing OK at the sciences, but Mr's Moore's encouragement helped greatly. Particular praise goes to Mr McLoughlan though, as English Lit was yet another course I was failing badly. Thanks to his efforts, I can't help looking for deeper meanings in any book, film or song I experience even today!
College was a bit dry, but university had a number of stars; Dr Vic Callaghan, Dave Lyons, Mike Sanderson all stand out. Mr Lyons stands out for introducing me to the concepts of "Keep It Simple, Stupid" and "Never use a computer when a coathanger will do". He also made me aware of the need to consider usability by people with disabilities when designing interfaces, something I'd never considered previously. Mike Sanderson's Abstract Data Types & Compiler Construction course was a real trial-by-fire. You either flunked it badly or came out a much better, cleaner programmer than before.
Thanks to all these teachers (and the ones I haven't mentioned!) for helping me to make it to where I am today.
Although admittedly, I've never tried to compile it on Solaris...
IMHO, A CTO is responsible for guiding the company w.r.t the technical products that it develops (thinking here of people like Marcus Ranum of NFR and Bruce Schneier of Counterpane). They may also be a figurehead for the user community.
A CIO, on the other hand, is responsible for all IT systems used internally and how they interact with the business. Head of Internal Systems if you like. Also responsible for things like setting Information Security policy, Acceptable Use Policy, the phone system, and, in the UK, probably the person the spooks would get in touch with if they wanted a private key under the terms of the RIP bill.
Quite different roles, y'see. CTO is primarily customer-facing, CIO is primarily internally-facing. If you don't want both, just have a Technical Director who's "in charge of anything technical". :)
- Are the reports custom written, or merely [Nessus|Cybercop|ISS] piped through a prettifier?
- Do the reports attempt to eliminate false positives and negatives (e.g. sendmail warnings reported against a Microsoft Exchange server)?
- Do the reports correlate disparate exposure points, which, when combined, could result in deeper intrusion?
- Have the consultants a track record of providing criticism of (installations of) products sold by other divisions of the company?
I've spoken with directors of small consultancies and seen reports of mid-to-large consultancies. Often the small consultancies have very talented people amongst their number, but their professionalism is highly variable. Reports from all the mid-to-large consultancies (except our own, naturally!) I have seen have been mediocre pretty versions of scanner reports. I've not seen enough reports from the "big five" to draw any conclusive opnions.
Create two SDL packages, one linked against (and requiring) Mesa and one not. Both of them will satisfy SMPEG's SDL dependency. The user can choose which to install.
Only problem is, and this has happened to me, if the possibility of training comes up at the same time as I'm fed up with the job, then it puts me off taking the training in case I end up quitting (on account of paying back 2-3K a month or so later). This is counter-productive both for me and my employer.
I suspect that this is the right approach, but a year is quite a long time in a twenty-something's career...
Hey... why not hand it over to the guys at TheSpark?
Get it here.
Maybe, but some of their rock/metal crushes; Entombed, The Haunted, At the Gates and Arch Enemy r00l.
As to concerns about security; well, I wouldn't be so naïve to say it'll /never/ be exploited, but it's fairly safe - the microcode is reset on boot.
Look into AMaViS for scanning mail as it enters sendmail. AMaViS integrates with a number of third-part virus scanners.
If you didn't do anything to prevent RIP, it's too late to complain.
Maybe this is because the Germans that I have dealt with have always been happy to RTFM /before/ calling support...
In fact, since my UK employer merged with a German company, our management has been much more amenable to Linux- and Open Source-based solutions. This can only be a good thing.
1) Send hash of document to be timestamped to timestamping agency.
2) Agency takes the hash, adds a timestamp to it and signs the resulting product.
3) Agency sends the hash/timestamp/signature tuple back to you.
3) You append the tuple to your document.
The agency doesn't need to store the timestamps, just be trustable (in terms of security and a reliable clock source) and have a private/public key pair.
Call me a militant techie, but I reckon that if Sales resigned en masse us techies could still sell some product, just not as much. Whether the revenues would be enough to sustain the company long term is another matter...
On the other hand, perhaps although the sales volume would be smaller, the average sale value may very well increase AND the customer might sometimes end up with a much better solution for their money...
Isn't that an oxymoron? :)
(Fire Extinguisher: I run an Indy at home and I like SGI and all their tech, not to mention how generous they've been to the whole Free Software movement).
Works for me. I just zgrep -i for a word that's likely to turn up in the file/dir name and it gives me a list of all the files that match and the names of the CDs they're on.