1. no security team presence, probably 1 guy who realized the overwhelming of his situation and just gave up and only shows up to work to collect $. Textbook start of a hacking story.
2. No security audits... what internet based company ever needs those... I've never known a security professional who leaves critical malware/spyware on a machine after they are finished, the malware's stealthy, but NOT that stealthy.
3. Poor corporate leadership... nobody was concerned about it, just raking in the $ and the christmas bonus.
Ladies and gentlemen I present you with every single IT shop that is not government or forture 500 based.
The thing is... IT cost money, usually a lot, there is no visible ROI, IT people are not sales people, and typically don't pitch system enhancements cause they'd rather ask for a raise (basic human nature). If you were the CEO, it's a seemingly easy choice, until your on the news for the wrong reasons and goodbye PR. Still most CEOs skate on air when it comes to securing their sh*t.
Having your product proved defective spells the end for most companies, GM almost went under and they are 1000x the size. PR and image > everything.
Shame certs are set up in a manner where it is very difficult to fix... anything wrong with them. I believe in the whole handshake principle, but why are there root certs on my computer by default? I feel I should have to sign a EULA for those outside of the windows EULA.
Sure it's inconvenient, but I really really really don't need MS or DigiNotar telling me what/ who to trust out of the box. Maybe I don't want to trust microsoft.com cause ms just got owned by a monopoly suite..
The correct implementation would be every site has a cert and YOU choose which ones to trust, this would require the browser to implement features such as warnings on when a cert is expiring as well as user education, but if you want security, you typically need to trade convenience for it, thus my banks 4 step login process, I had to re-memorize my answers several times and call customer service twice to unlock my account, but in the end, its nearly impossible to break at least through front facing means make sense? Such is life.
Seriously, small business gets away w this all the time, even chain bars like hooters (more past than present). I've always wondered what kind of "men" sign up for TSA positions. I stop wondering because i quickly realize I DONT WANT TO KNOW.
Still... I somehow can't help feel like it's my natural right not to get groped, but if somebody's gotta do it, I agree with OP of the sub thread.
All in all, this reminds me of the divx deal, it's patented, nobody cares its patented, and though it was a bit popular before the lockdown, it got quickly and promptly replaced and phased out. The only difference is this is a much grander scale for format patent wars:)
The only feature that doesn't already exist in ms sql in the same context, probably oracle and mysql too.
I can almost... deploy psql, do what I need to in it and spit back out sql or something. This seems like a really cool feature if it goes the way of OLEDB and becomes a standard, since with oledb I can use any programming language that talks to databases (php,.NET, C) and still talk to my sql instance.
What I can't think of is... why would I ever use psql over taking the straighter ms sql approach?
I'd love to wrap mysql data in ms sql and vice versa in a reliable manner, and better yet wrap sql 2000 in 2008 to prevent the coalescence goodness, but at least the feature exists somewhere.
Really? I use tsql, but I work on an inhouse app i didn't write, and of course the previous developers sometimes used "" and sometimes null like the fine professional coders they were (unused methods are sometimes found). Could this be the developer's reasoning? Then again i don't need to switch rdms to take advantage of this fine feature, dbo.ISNULLOREMPTY() anyone?
And in terms of a recode to switch rdms, it's 99.9% out of the question for everybody, the software costs $, recoding costs way more $, bug fix costs more $, support costs more $, where's the gain?
I had to re read it, CEO bankers in the states buy submariner rollex and fly on private jets and don't acknowledge that poor people exist. And this guy is actually thinking about something besides money and sex? As I said I had to re read it. If rich people in the states showed 1/2 as much responsibility as what this man is even thinking about, we'd probably have a settlement on Mars by now. Oh well, such is life, kudos to you sir.
Ghost is so simple its effective almost anywhere, the command line version is still available and works for OS independent operations. It's too low level for this scope though, norton does add the GUI, and the OS support.
dd is great except it can't be done to a live OS as far as I know, and if your doing file level copies rather than system, dd isn't the fastest either. Then again Linux has apps that allow anybody to back it up.
This is consistent with A LOT of sports players, love the sport, play the sport, and when you retire, wear a suit and manage. The thing is... a lot of our really good music is made by some really f'ed up people, they're great to watch on stage, but if you've ever watched a documentary, they all have some major problems emotionally. Thus the problems when the flow of money starts coming in, some people just aren't good with money, and musicians tend to be some of the worst.
I would imagine the RIAA, or the band manager's should be taking care of this, but sometimes some people just don't want to be helped.
On that note, there are gov. programs in place, financial firms that will do retirement plans for you if your say self employed, just gotta be motivated enough to think far enough ahead and opt. in. Then again it seems we lose the best ones prior to 30 so maybe they're right all along in not investing:)
Syncback is great, you need to network your stuff together separately, but it will copy the minimum amount of files for you to speed up your backups. http://www.2brightsparks.com/
We use it, works great, we use intranet not internet though, but that's just a networking setup deal I shouldn't have to explain.
Norton Ghost is another one, it goes on sale on newegg sometimes for dirt cheap and isn't that expensive to begin with, might be worth looking into, it's getting better, but I'm not a fan of their interface.
The internet was the least of their concerns, Egypt had a secret police department similar to the Nazi's... usually when something like this happens, revolt is next, see in America, you can sit on your couch and fear the FBI will bust in and take w/e they came for and take you to jail... not a torture chamber, if your going to die because of your government, might as well do something about it right?
So, Japan got hit by an earthquake and the reactor failed, shit happens, without risk there is no gain... and we are going to run out of coal, the wind sometimes stops blowing, and there are weeks when it's cloudy, wave energy doesn't solve japan's problem in the least bit rofl. We have a path to energy with little trade off granted safety precautions. We just need to do a better job with radiation containment,our current stuff is obviously not melt down proof. Oh well, not like Germany is going to be the ones responsible for a breakthrough anyways.
What happened to fusion research??? This was the solve all when I went to school, also probably the only viable means of space travel.
Taking a week to get a critical patch done is the point with it's competitors exceeding them by a mile, as there are almost no AV vendors for Macs, Apple is responsible.
Going back to discussion though about why it takes apple a week to do things: Apple is great on presentation, however when i pay 3k for something I don't expect it to go out in 2-3 years, Maybe the airbook was a bad example, all laptops have replaceable batteries lo, on that note I didn't bother reading the article too closely, replicating the google search brings up dozens morel, let's look at the other product lines, ipods and iphones, battery dies, the service > the value of the device after that time period. This is clearly a f'in trap, thanks for being blinded by the presentation to see it, how hard would it to be to make a battery replaceable in an iphone as in oh say an android, its not so apple's design is deliberate?
You striving to be creative apple users sure are blind... apple != value.
On that note I still like my touch rofl if only for its faster than standard interface and beautiful screen, but I know I will be buying a permanent doc for it to become a radio in 3 years because the battery life will probably be under 30 minutes.
it is legal for me to own gogle.com anywhere if it's not registered, google can't take it from me by any means, if you (the user) goes to gogle.com, google will count it as a legitimate hit, but what actually happens when you go to gogle.com?:) Exactly, google owns it, among a hord of other commonly misspelled variants of google and its services. This is called intelligence and wise investing in IT infrastructure. The company that owns a domain such as @sony.com should also own @osny.com, @soyn.com, etc... not like these domains cost a fortune compared to the hits they generate / in this case information they save. Can everybody afford to this? Hell no, can all the fortune 500 companies afford to do this? They spend more on bonuses per department, so yes, easily.
On that note, I've never heard of an experiment like this, I've heard of shadow domains to try and steal information, ex. gogle.com looks EXACTLY like google.com but is actually redirecting you to some crazy sites. Maybe this might be the wake up call needed for those IT departments, shame those domain names are already bought:P
Apple only cares about the sale of the product, not support, that's why so many of their products fail 2-3 years off shelf life conveniently after warranty. I bet their security team is grossly underfunded too.
I like SC2, I play games as they come out, playing crysis 2 and waiting on Elder Scrolls V, I play a game I can never beat and just variate off it, the problem is too much free time namely for kids here in America. Drive by a school if you don't have kids, imagine the #### pounds of fat in the play yard, these kids go home and put in 8 hours of video games on weekdays and 16 on the weekends, no shit every game is going to suck lol. There is a always a niche in every market of hardcore zealots that will just never be satisfied, in most cases this is healthy to industry growth, but here's the deal... we actually need worse video games or interactive video games like Wii fit that encourage people not to die of heart attacks and cancer.
Only time I've heard of it has been on slashdot lol, nobody cares cause their lawsuits are untested and appeared illegitimate only to be proven so by the US courts.
See... that's the difference, so you have a bunch of hard coded numbers you don't know off the web, you just copy pasted your code... what now, it's useless. So... play with the numbers, alt + f5 is your best friend, and figure out what they do by changing them, I don't mean to give off the impression to copy paste code w/o understanding, but in the end all blocks of code are are inputs/outputs. I've used business tailored string parser functions off the web that probably took days to write and are illegible if only because of their formatting and the edge cases they take into account. I don't care to understand those, I'm just trying to go home lol, however if I know I have to revisit it, or modify the code, or expand on it, understanding the code becomes the standard (I almost never get this kind of code off the web, it's just too customized, thus the job of a coder). Write enough code and you won't care either, but then again I'm more interested in code theory than business functions so maybe thats the apathy. On that note about 90% of the web revolves around business (porn is a business;)) and i have yet to see a single canvas deployment, if your an artist your in heaven, otherwise:( also jquery has done canvas for years in an extremely complex form (one of those code examples I don't care to figure out).
I'll still stick to nobody with a decent/good understanding of code would consider jscript as any sort of replacement to any system bigger than a personal html site.
and if there are legitimate sites on that domain and the server is compromised and sending spam? Stop thinking rofl, it's already done for email somewhat effectively and it doesn't stop shit cause keyboard key combinations are infinite and most work as domain names.
I think there should be an audit system, the problem is its hard to tell between advertisers and spammers, with the former being legal and the latter illegal, I never signed up for viagra to be delivered to my email, I don't half mind the newegg daily deals, from an IT standpoint looking at the spam server and the newegg server, you can't tell what's what without knowing the background of both companies. So audit them: "where did you get these email addresses?" off a hijacked email list? great, cease or desist. From paying customers? Carry on.
The problem is most of these are overseas in under developed countries with little to no internet laws, thus block DNS, IP, audits, all fall out of the picture cause the US has no jurisdiction. We can take steps like blacklist the DNS, but then it just changes. The ultimate solution lies with user education and to stop clicking on spam, if people didn't click on it and make it profitable nobody would do it...
So you wannabe coders keep saying, all of javascript is documented on google searches, its so easyyy to copy paste those functions and input your own field names and just seem them work. Trace tools for the browser make it even easier, they work for EVERYBODY since its client side. Wanna input your SSN into a jscript page while your browser is compromised with spyware? Identity theft would reach a whole new level then, hackers wouldn't even have to try, your only protection is your browser, not a corporate security team, I'm sure all of you can handle that no problem right (masters required min or 1337)?
Seriously stop pitching this band aid language as a solve all, it wasn't designed for, it isn't being designed to become such, nor are the security holes even meant be fixed, the language just isn't mean to work for anything serious and how long do you go on the web without logging into something or giving out other personal information?
The X factor here is human nature itself, how do we motivate ourselves to invest the resources to create a viable alternate power. Usually it takes something huge, like a world war or catastrophe where many of us die to spur the rest of us to invest their resources into progress. A lot of the innovations we have right now are a result of this.
So, talk all you want, but here's whats going to happen imho:
We will use 99.5% of our coal, gas will be become affordable only to the well off, bike sales skyrocket. The atmosphere will survive, it will be a little hotter (dur). As we are about to run out of energy, trillions, not millions of dollars are invested into alternative energy, we build fission or fusion reactors and cross our fingers. Someone invents a way to make gas through electrolysis, problem solved. We say we learn our lesson, and lose a few reactors and some surface area on earth.
Slashdot Mirror
Sounds like...
1. no security team presence, probably 1 guy who realized the overwhelming of his situation and just gave up and only shows up to work to collect $. Textbook start of a hacking story.
2. No security audits... what internet based company ever needs those... I've never known a security professional who leaves critical malware/spyware on a machine after they are finished, the malware's stealthy, but NOT that stealthy.
3. Poor corporate leadership... nobody was concerned about it, just raking in the $ and the christmas bonus.
Ladies and gentlemen I present you with every single IT shop that is not government or forture 500 based.
The thing is... IT cost money, usually a lot, there is no visible ROI, IT people are not sales people, and typically don't pitch system enhancements cause they'd rather ask for a raise (basic human nature). If you were the CEO, it's a seemingly easy choice, until your on the news for the wrong reasons and goodbye PR. Still most CEOs skate on air when it comes to securing their sh*t.
Having your product proved defective spells the end for most companies, GM almost went under and they are 1000x the size. PR and image > everything.
Shame certs are set up in a manner where it is very difficult to fix... anything wrong with them. I believe in the whole handshake principle, but why are there root certs on my computer by default? I feel I should have to sign a EULA for those outside of the windows EULA.
Sure it's inconvenient, but I really really really don't need MS or DigiNotar telling me what/ who to trust out of the box. Maybe I don't want to trust microsoft.com cause ms just got owned by a monopoly suite..
The correct implementation would be every site has a cert and YOU choose which ones to trust, this would require the browser to implement features such as warnings on when a cert is expiring as well as user education, but if you want security, you typically need to trade convenience for it, thus my banks 4 step login process, I had to re-memorize my answers several times and call customer service twice to unlock my account, but in the end, its nearly impossible to break at least through front facing means make sense? Such is life.
Seriously, small business gets away w this all the time, even chain bars like hooters (more past than present). I've always wondered what kind of "men" sign up for TSA positions. I stop wondering because i quickly realize I DONT WANT TO KNOW.
Still... I somehow can't help feel like it's my natural right not to get groped, but if somebody's gotta do it, I agree with OP of the sub thread.
Google's dropping it,
http://blog.chromium.org/2011/01/html-video-codec-support-in-chrome.html
Then there's x264, which is GNU based, can't patent that, but it only works one way, makes the H.264 patent that much more complicated,
http://mewiki.project357.com/wiki/X264_Settings
All in all, this reminds me of the divx deal, it's patented, nobody cares its patented, and though it was a bit popular before the lockdown, it got quickly and promptly replaced and phased out. The only difference is this is a much grander scale for format patent wars :)
The only feature that doesn't already exist in ms sql in the same context, probably oracle and mysql too.
I can almost... deploy psql, do what I need to in it and spit back out sql or something. This seems like a really cool feature if it goes the way of OLEDB and becomes a standard, since with oledb I can use any programming language that talks to databases (php, .NET, C) and still talk to my sql instance.
What I can't think of is... why would I ever use psql over taking the straighter ms sql approach?
I'd love to wrap mysql data in ms sql and vice versa in a reliable manner, and better yet wrap sql 2000 in 2008 to prevent the coalescence goodness, but at least the feature exists somewhere.
Really? I use tsql, but I work on an inhouse app i didn't write, and of course the previous developers sometimes used "" and sometimes null like the fine professional coders they were (unused methods are sometimes found). Could this be the developer's reasoning? Then again i don't need to switch rdms to take advantage of this fine feature, dbo.ISNULLOREMPTY() anyone?
And in terms of a recode to switch rdms, it's 99.9% out of the question for everybody, the software costs $, recoding costs way more $, bug fix costs more $, support costs more $, where's the gain?
I had to re read it, CEO bankers in the states buy submariner rollex and fly on private jets and don't acknowledge that poor people exist. And this guy is actually thinking about something besides money and sex? As I said I had to re read it. If rich people in the states showed 1/2 as much responsibility as what this man is even thinking about, we'd probably have a settlement on Mars by now. Oh well, such is life, kudos to you sir.
Ghost is so simple its effective almost anywhere, the command line version is still available and works for OS independent operations. It's too low level for this scope though, norton does add the GUI, and the OS support.
dd is great except it can't be done to a live OS as far as I know, and if your doing file level copies rather than system, dd isn't the fastest either. Then again Linux has apps that allow anybody to back it up.
http://www.techrepublic.com/blog/10things/10-outstanding-linux-backup-utilities/895
I like Rsync, it's not easy to use, nor does it have a lot of overhead, an acceptable tradeoff.
This is consistent with A LOT of sports players, love the sport, play the sport, and when you retire, wear a suit and manage. The thing is... a lot of our really good music is made by some really f'ed up people, they're great to watch on stage, but if you've ever watched a documentary, they all have some major problems emotionally. Thus the problems when the flow of money starts coming in, some people just aren't good with money, and musicians tend to be some of the worst.
I would imagine the RIAA, or the band manager's should be taking care of this, but sometimes some people just don't want to be helped.
On that note, there are gov. programs in place, financial firms that will do retirement plans for you if your say self employed, just gotta be motivated enough to think far enough ahead and opt. in. Then again it seems we lose the best ones prior to 30 so maybe they're right all along in not investing :)
THE RIAA is killing music, besides if your making music for $, do I really want to listen?
Syncback is great, you need to network your stuff together separately, but it will copy the minimum amount of files for you to speed up your backups.
http://www.2brightsparks.com/
We use it, works great, we use intranet not internet though, but that's just a networking setup deal I shouldn't have to explain.
Norton Ghost is another one, it goes on sale on newegg sometimes for dirt cheap and isn't that expensive to begin with, might be worth looking into, it's getting better, but I'm not a fan of their interface.
The internet was the least of their concerns, Egypt had a secret police department similar to the Nazi's... usually when something like this happens, revolt is next, see in America, you can sit on your couch and fear the FBI will bust in and take w/e they came for and take you to jail... not a torture chamber, if your going to die because of your government, might as well do something about it right?
So, Japan got hit by an earthquake and the reactor failed, shit happens, without risk there is no gain... and we are going to run out of coal, the wind sometimes stops blowing, and there are weeks when it's cloudy, wave energy doesn't solve japan's problem in the least bit rofl. We have a path to energy with little trade off granted safety precautions. We just need to do a better job with radiation containment,our current stuff is obviously not melt down proof. Oh well, not like Germany is going to be the ones responsible for a breakthrough anyways.
What happened to fusion research??? This was the solve all when I went to school, also probably the only viable means of space travel.
Taking a week to get a critical patch done is the point with it's competitors exceeding them by a mile, as there are almost no AV vendors for Macs, Apple is responsible.
Going back to discussion though about why it takes apple a week to do things: Apple is great on presentation, however when i pay 3k for something I don't expect it to go out in 2-3 years, Maybe the airbook was a bad example, all laptops have replaceable batteries lo, on that note I didn't bother reading the article too closely, replicating the google search brings up dozens morel, let's look at the other product lines, ipods and iphones, battery dies, the service > the value of the device after that time period. This is clearly a f'in trap, thanks for being blinded by the presentation to see it, how hard would it to be to make a battery replaceable in an iphone as in oh say an android, its not so apple's design is deliberate?
You striving to be creative apple users sure are blind... apple != value.
On that note I still like my touch rofl if only for its faster than standard interface and beautiful screen, but I know I will be buying a permanent doc for it to become a radio in 3 years because the battery life will probably be under 30 minutes.
it is legal for me to own gogle.com anywhere if it's not registered, google can't take it from me by any means, if you (the user) goes to gogle.com, google will count it as a legitimate hit, but what actually happens when you go to gogle.com? :) Exactly, google owns it, among a hord of other commonly misspelled variants of google and its services. This is called intelligence and wise investing in IT infrastructure. The company that owns a domain such as @sony.com should also own @osny.com, @soyn.com, etc... not like these domains cost a fortune compared to the hits they generate / in this case information they save. Can everybody afford to this? Hell no, can all the fortune 500 companies afford to do this? They spend more on bonuses per department, so yes, easily.
On that note, I've never heard of an experiment like this, I've heard of shadow domains to try and steal information, ex. gogle.com looks EXACTLY like google.com but is actually redirecting you to some crazy sites. Maybe this might be the wake up call needed for those IT departments, shame those domain names are already bought :P
Apple only cares about the sale of the product, not support, that's why so many of their products fail 2-3 years off shelf life conveniently after warranty. I bet their security team is grossly underfunded too.
ex. http://mark-knowles.hubpages.com/hub/Apple-MacBook-Air or just google apple product longevity,
I like SC2, I play games as they come out, playing crysis 2 and waiting on Elder Scrolls V, I play a game I can never beat and just variate off it, the problem is too much free time namely for kids here in America. Drive by a school if you don't have kids, imagine the #### pounds of fat in the play yard, these kids go home and put in 8 hours of video games on weekdays and 16 on the weekends, no shit every game is going to suck lol. There is a always a niche in every market of hardcore zealots that will just never be satisfied, in most cases this is healthy to industry growth, but here's the deal... we actually need worse video games or interactive video games like Wii fit that encourage people not to die of heart attacks and cancer.
Only time I've heard of it has been on slashdot lol, nobody cares cause their lawsuits are untested and appeared illegitimate only to be proven so by the US courts.
See... that's the difference, so you have a bunch of hard coded numbers you don't know off the web, you just copy pasted your code... what now, it's useless. So... play with the numbers, alt + f5 is your best friend, and figure out what they do by changing them, I don't mean to give off the impression to copy paste code w/o understanding, but in the end all blocks of code are are inputs/outputs. I've used business tailored string parser functions off the web that probably took days to write and are illegible if only because of their formatting and the edge cases they take into account. I don't care to understand those, I'm just trying to go home lol, however if I know I have to revisit it, or modify the code, or expand on it, understanding the code becomes the standard (I almost never get this kind of code off the web, it's just too customized, thus the job of a coder). Write enough code and you won't care either, but then again I'm more interested in code theory than business functions so maybe thats the apathy. On that note about 90% of the web revolves around business (porn is a business ;)) and i have yet to see a single canvas deployment, if your an artist your in heaven, otherwise :( also jquery has done canvas for years in an extremely complex form (one of those code examples I don't care to figure out).
I'll still stick to nobody with a decent/good understanding of code would consider jscript as any sort of replacement to any system bigger than a personal html site.
and if there are legitimate sites on that domain and the server is compromised and sending spam? Stop thinking rofl, it's already done for email somewhat effectively and it doesn't stop shit cause keyboard key combinations are infinite and most work as domain names.
I think there should be an audit system, the problem is its hard to tell between advertisers and spammers, with the former being legal and the latter illegal, I never signed up for viagra to be delivered to my email, I don't half mind the newegg daily deals, from an IT standpoint looking at the spam server and the newegg server, you can't tell what's what without knowing the background of both companies. So audit them: "where did you get these email addresses?" off a hijacked email list? great, cease or desist. From paying customers? Carry on.
The problem is most of these are overseas in under developed countries with little to no internet laws, thus block DNS, IP, audits, all fall out of the picture cause the US has no jurisdiction. We can take steps like blacklist the DNS, but then it just changes. The ultimate solution lies with user education and to stop clicking on spam, if people didn't click on it and make it profitable nobody would do it...
I have no idea why I would want to switch, this article is kinda meh. Go speculate some more.
For those in universities, picture how long it would take to adopt such a language.
For those with inhouse systems, wanna recode your app for google? :)
So you wannabe coders keep saying, all of javascript is documented on google searches, its so easyyy to copy paste those functions and input your own field names and just seem them work. Trace tools for the browser make it even easier, they work for EVERYBODY since its client side. Wanna input your SSN into a jscript page while your browser is compromised with spyware? Identity theft would reach a whole new level then, hackers wouldn't even have to try, your only protection is your browser, not a corporate security team, I'm sure all of you can handle that no problem right (masters required min or 1337)?
Seriously stop pitching this band aid language as a solve all, it wasn't designed for, it isn't being designed to become such, nor are the security holes even meant be fixed, the language just isn't mean to work for anything serious and how long do you go on the web without logging into something or giving out other personal information?
The X factor here is human nature itself, how do we motivate ourselves to invest the resources to create a viable alternate power. Usually it takes something huge, like a world war or catastrophe where many of us die to spur the rest of us to invest their resources into progress. A lot of the innovations we have right now are a result of this.
So, talk all you want, but here's whats going to happen imho:
We will use 99.5% of our coal, gas will be become affordable only to the well off, bike sales skyrocket. The atmosphere will survive, it will be a little hotter (dur). As we are about to run out of energy, trillions, not millions of dollars are invested into alternative energy, we build fission or fusion reactors and cross our fingers. Someone invents a way to make gas through electrolysis, problem solved. We say we learn our lesson, and lose a few reactors and some surface area on earth.
Love yourself yet?
Corporate bullshit meet the legal circus :)
They WANT you to pay for tethering, the devices support it just fine without them.