When Brandon Sanderson was tapped as the man to finish this series of books, I picked up Mistborn to see what I could expect from his writing style. After I read Mistborn, I was hooked on his writing style and have since read the rest of his Mistborn series, as well as Elantris, and Warbreaker. I haven't read his young adult fiction, but it's apparently been well received. The thing that I like about Sanderson as opposed to Jordan are that a) he isn't afraid to kill a main character, especially if they're likable, b) his pacing of the book makes reading a challenge so that you don't read it too fast, as opposed to dragging through 15 pages of braid pulling and disapproving looks. However, their similarities are that Mr. Sanderson does as good of a job of character development as Robert Jordan, and Sanderson's development of political and interpersonal intrigue is usually a little better and more to the point than Jordan's.
I think that Harriet did an excellent job choosing Brandon Sanderson to finish her husband's work. It's true that Mr. Jordan became a victim of his success earlier in the series, trying to keep so many threads going at the same time, never daring to kill more than the occasional character, and perhaps trying too hard to develop additional character stories at the expense of the initial handful of major characters. However I look forward to reading this book, and hopefully the final two books. I think that if what I've read of Brandon Sanderson's other work is indicative of how he'll treat the remainder of Robert Jordan's storyline, then it will be a great read.
Wow, go-go-gadget misinformation. Mac OS X Server is BSD based, and I've had great success installing any open source project that I needed, using ports, fink, gems, or CPAN if what came with operating system didn't do what I needed.
Also, the vast majority of services available on OS X Server are open source, which Apple does contribute back. So if you don't like how the Server Admin tool works, you can be a r3@l l33t h4xx0r and edit the config files in vi or emacs and do it yourself.
As for the submitter's original question, there are a number of useful tools available for mass deployments of Macs across a network. Tools like radmind, LanRev, Apple's PackageMaker, InstaDMG, and Casper Suite all have varying degrees of management of machine images, image distribution, etc. Also consider at least downloading the PDFs Apple provides for their built in services to learn the ins and outs of their tools allow you to do and not do. You can even modify existing services to use more recent versions of projects that come with OS X if you're missing something or need to upgrade to a newer version for some reason (although this will likely make you have to freeze your OS version in place, or else future updates will probably overwrite your changes.)
Administration of a network of Macs falls somewhere in between an Active Directory environment and a roll your own Linux/BSD network. The client administration is great, but not as comprehensive as Active Directory. However, you still have the freedom to tinker with the services that come with OS X Server and borrow and add capabilities from open source. There are also manyotherforumsout there that have a much lower troll count than what you'll find here, with many knowledgeable and helpful folks who will actually attempt to address and answer your question.
Because seriously, why go to Slashdot if not for the trolling?
Well, it's Eudora in name and in some seemingly useless features and crappy UI options. Even the Penelope page is sparse on details on why someone would use Eudora 8.0 instead of Thunderbird. Does anyone know of a reason why we should use this instead of Thunderbird? I have Eudora 6.2 on my machine at work, and I couldn't run to Thunderbird fast enough. I downloaded Eudora 8.0 just now, and I noticed nothing all that spectacular about it when I gave the features a once over.
Also, thanks a bunch Eudora for going into my Thunderbird settings and screwing with my Inbox columns. I guess deviating too far away from Thunderbird and making your own user folder would have been too much? Not a serious problem, just lame. I know I sound like a jerk, but this is the equivalent of the Eudora folks croaking "I'm not dead!" right before we all throw them on the cart.
And no, you won't get better. You'll be stone dead in a moment.
Why, quite obviously you didn't use the bloated P.O.S. that was IE3.:) Quite obviously he has been using Lynx and Gopher to browse the intertubes for 10 years. N00b!:)
I work for a company that independently tests and certifies products to the FIPS 140-2 standard. After looking over the requirements for FDE, it's not anything particularly new or exciting. All FDE seems to be is a directive to use FIPS 140-2 (soon to be 140-3 http://csrc.ncsl.nist.gov/cryptval/140-3.htm) certified products that have some requested features, on government machines. Even the requirements themselves are just specific highlights of FIPS and Common Criteria requirements. I definitely think it's well past due that mandates like this are being pushed in the government.
The federal government has used certification programs like FIPS, Common Criteria, and others to give agencies choices in what they can buy to improve their own security. However the biggest problem is that most branches don't take advantage of the technology because either they don't want to fund it, or don't understand the importance of how vulnerable they may be. Some parts of the government are ridiculously advanced with their security standards and practices, but it's absolutely woeful how other departments lag behind, like Education, HUD, and others.
What really needs to be done is something more streamlined and efficient to get technology certified faster and according to the right standards. Take a look at the FIPS 140-2 standard if you can survive the mind numbing guhb'mentese. It's geared more towards hardware based designs as opposed to software. 140-3 is going to be much better, but it's not great. Algorithms like AES256 are a good start, but there's definitely better encryption out there. The good thing is that a great deal of really smart people work on encryption products. With the kind of money that just one or two government purchases can bring, those who are certified early will make beaucoup bucks.
There are already look to be 3 or 4 products (http://csrc.ncsl.nist.gov/cryptval/140-1/140val-a ll.htm) that are FIPS certified, but I'm not sure if they meet the EAL 3 requirements. Expect to see more of these mandates for all kinds of things from networking, to the new PIV project http://csrc.nist.gov/piv-program/index.html. Actually, I'm kind of suprised that FDE doesn't specifically require PIV for it's user authentication. That's the problem with government projects like these, too many cooks and not enough kitchen.:)
Re:Good case why not to trust "community" services
on
ORDB.org Going Offline
·
· Score: 3, Informative
As far as community services go, I always put ORDB in the category of "means well, but a half assed effort." I inherited a job taking care of the mail servers at a company I used to work at, and I came to find out that we had an open relay and had been blacklisted. If memory serves me right, I want to say this was almost 5 years ago.
How did I come to find out that we had an open relay? Did ORDB notify us? Hell no. They just slapped us on their list, and our users started getting bounce messages from other mail servers. I fixed the problem quite easily once I knew about it, but the biggest problem was getting off the list!!! That was a whole other nightmare take took longer than hearing about the problem and fixing it.
So I say good riddance. Those guys are pretty bright and meant well, but my experience with them left me with a very bad impression. Hopefully they were more professional in recent years, but from the way they're ending their service, it sure as hell doesn't seem like it.
"As far as how a guy breaks into a mostly female clique, I suspect most Slashdotters would desperately love to know that one. So if anyone has more insight into that general conundrum, tey should post it.;-)"
That's pretty easy, I'll put it into a list. 1. Take a shower, use deodorant. 2. Brush teeth, use mouth wash. 3. Wear clothes without rips, stains, preferably a shirt with a collar. 4. Don't mention you live in your mom's basement.
After that, it's kind of like playing old video rpg's in your mom's basement.:) Listen to what they're saying, and ask more questions about that. Think of Steve Carell in the 40 Year Old Virgin when he's at the book store. Except with less of the innuendo.:)
No, the CMVP does not provide the information regarding the status or reason on the website that lists all the approved modules. It does however inform the certification lab that performs the testing on the module of the problem, and then the lab informs the OpenSSL folks. Then the vendor and lab work together to fix whatever it is that brought up the problem.
I don't know what the specific problem is with their module validation, but it's probably more of a paperwork issue than a technical problem. There are testing requirements that are described in the publically available Derived Test Requirements at http://csrc.nist.gov/cryptval/ as well as more information than you'll ever want to know about the FIPS 140-2 cert.
Each crypto module has a publically available Security Policy that describes how the module works in regards to each section of the FIPS 140-2 standard. Skim through http://csrc.nist.gov/cryptval/140-1/140sp/140sp642 .pdf to read the Security Policy for OpenSSL. It could be that information in that security policy doesn't jive with how the module actually works, or how CMVP thinks that it works. That's enough of a discrepency that CMVP would start this whole hub-bub.
So hopefully the OpenSSL people will be able to provide whatever other information that they have to and they'll be revalidated and all the noise will die down. Could the competition have gone through the source code and looked for any possible reason to make problems for the OSS institute? Absolutely. But that's not the guhb'ment.
But hey, it's a lot more fun to put on the tinfoil hats and speak of dark conspiracies and governmental corruption.:)
As I'm sure everyone else who's had to design, deliver, test, present, and repeat again and again, there are lots of things that can push back delivering projects on time. I was told early on by someone wiser than me that when planning a project to figure out the number of hours you figure something will take and multiply it by 2 or 3. That's a good rule of thumb that makes the eventual completion closer to the actual intended date.
Then again as things increase in scale there are more things that can go wrong and hold things up. In the category of what can "go wrong" the biggest time waste are what customers want for the "Gee Whiz!" features that don't add any appreciable functionality, but take up most of the time.
I believe I read in here once that 90% of the project is completed in 10% of the time, and the last 10% takes 90% of the remaining time.
When I was 8, my parents came up with these wooden dinosaur skeleton models. You could put them together with Elmer's glue, and the kits we had came with a paint brush and little pots of tempra paint. A good thing to keep you busy for a few hours at time. Not to mention the educational value of general anatomy.
And then there was one holiday when I got a wood burning kit...:)
Why go with an alternative? You can still get all the old Winamp versions back to 0.20 right here. The site also has lots of old revisions of old free/shareware apps from years past like ICQ.
Besides, until there's a version of Ryan Geiss' kick ass winamp plugins, for another player (let's not pretend that iTunes visualizations are even in the same league) I'll stay with the old stuff, thank you. How up to date do you have to be with MP3 software anyway?
If you have one of the notorious Thompson drives you can spend on tenth ($13) of that $130 price tag on a replacement lens. We bought one a couple of weeks ago off Ebay, opened up the optical drive and removed the old lens and replaced it with our new piece. It's not any harder than piecing together your own rig or seating a CPU. And every self respecting geek has access to a soldering iron any way.
Since then it's worked great, even better than when we first got the Xbox. No skipping, it loads and reads quicker, and all around works. Of course you can also get replacement drives like the Samsung 616T if you can find them for less than that repair price as well ($60-$80).
Now if you don't mind, I have to get back to playing Rainbow Six 3.:)
Well if you're going to Brewer's, go on Monday night. The house beers are $2.50 on Mondays. Except the cerberus Tripel. Apparently that was a little too well appreciated in it's 10% goodness. Not that me and my monday night crowd partially responsible for that.:) And the monday night bartender is totally awesome.
Generally speaking, you're dead right. However, there is one piece of the puzzle to add, tech companies don't want to do tech support either. They have to supply it though, or else no one will buy the product. There are plenty of ways that companies think of to get you to fix the problem yourself instead of ring up. Web based knowledge bases, help systems in the program and documentation on the product discs are resources usually available to customers, depending on the product.
I currently work at a call center out of convenience. I had a good job doing Solaris administration, but didn't like the hustle and bustle of the big city. So I moved somewhere quieter and picked up a job at a call center until I get back to what I like to do. I do Tier 1 support, and it's a pretty interesting mix. Most people are here for the same reason I am, there are bills to pay. However there are finer distinctions in this group.
The first group of tech support lackeys are those who have some sort of technical prowess and have a general interest in this type of work. This includes college kids taking class, kids out of high school looking to learn new things, or people like myself who would rather work IT fast food instead of real fast food while we hunt for real jobs. This group of people is unfortunately very small in general, but seemingly does a much larger share of the work more competently that our fellows.
The other groups are much less note-worthy. There are people just getting into it fresh from their fly by night training/cert shack who believe the B.S. that their uber-l33t McMCSE will earn them the bling-bling, a benz, and J-Lo. These also tend to be the shortest lived group, partly due to the fact that they don't seem to teach proper critical analyzation and piecemeal troubleshooting and just do a bad job. The next are people coming from McJobs, where this tech support gig is better than burger flipping and they get to learn how to use a computer to boot.
The simple fact is that tech support is crappy job. It doesn't pay enough to keep talented people, and if it's a busy call center, the burnout rate of talking to 35-50+ people every day is around 6 months. This makes live technical support a very expensive process to maintain. That's why many companies now charge for their support and only offer limited free support. Sure, you can bitch if you want, but 95% of what I'm going to tell you is available on the support website or in the manuals. So deal with it. It's a tax on laziness.
Well I listened to the two mp3 files that are up on the site based off of this "algorithim." Utter tripe. She surely did her homework and was able to pick out the bits and pieces that make up popular songs. Looping samples over and over, erratic breakbeats here and there, funny little effects and distortions, etc. Basically all the "tricks" they insert into music these days.
It definitely brings to light how manufactured and computerized popular music has become. As we all know, just because it's popular, doesn't mean it's good. The song "Kissing God" seems to be closer to being a real song than "I'm Already Dead". That doesn't mean either of them are good, they both sound pretty contrived and artificial.
But I guess that's what the kids are listening to these days? Give me a band who can play a song live that sounds as good or better than it does on the album. Beethoven and Mozart didn't need a freakin' drum machine.
Well I voted this morning in Maryland on one of the new DieBold machines. When I came in, I registered just like always, signed a pink card and was given a little credit card sized card with a copper colored chip on it. It's the same type of chip you've probably seen on American Express cards, military ID cards, or maybe even at your laundromat.
After being handed my paper and card, an election judge took me over to one of the machines. All the machines were in the cafeteria of a local school. All machines were in plain sight by anyone walking into the room, and there was only one door that was unlocked to allow access in and out. At the machine, I was instructed to insert the card into a small slot until it clicked. Then the election judge opened the tutorial on how to use the new system. It amounted to "touch the box on the screen for who you want to vote for." Nothing difficult about that.
So I went through, chose my votes, and before it allowed me to confirm my votes, it showed me who I had voted for, ommitting any candidates I had not chosen. Then I confirmed my choices, the card popped out, the election judge took my card and that was that.
It doesn't seem to me that the your actual votes are stored on the voting machine itself, but instead on the actual card. If that is the case, I would assume that the cards are later read into a different machine that tallies up an entire location at a time.
What happens with the cards after that is an interesting question. Logically one would think that the cards themselves are archived, stuck in boxes and stored for however long before they are reused. That way after their data is tallied with everything else, if a recount is required, the cards themselves would be used and the data that was collated from different locations and stored on the central server would be overwritten.
I wouldn't say that it's any easier to tamper with the voting results than it has been before. Even mechanical voting machines have been tampered with in ways to vote for someone other than who you though you were voting for. It seems to me it's more likely it's possible to have more safeguards in place with electronic voting.
As for companies such as DieBold and their possible nefarious plots, well you better get a tinfoil jumpsuit.:) It's not a matter of the technology, but how who is in charge of it and how they use it.
I remember how much I could cram into my head before I had things like bills, work, and life filling up the gaps. I'd say first get them used to the GUI, since presumably most of these aspiring nerds have a windows machine at home. It's likely they'll quickly get a grasp of how it works, but get them used to how similar the desktop is to what they already know; then highlight the subtle differences like wharfing, the menu that pops up when you click the middle button, etc. Then right after, get them to open up a terminal window, and then get them started on the good geek stuff.:)
There's a plethora of 'cheat sheets' that have all the common shell commands in them, so it would probably be a good thing to hand out photocopies of those while they're fiddling around, just make sure you let them know the devastating power of -R.:) It would probably be a good thing to have alias rm to rm -i or -noclobber depending on what you end up using.
Debian would probably just as good a starting distro as anything else, but let's not start that war here. Make sure if you give those CD's out to put a nice big disclaimer on the label or case warning them not to wipe out Mom and Dad's taxes. Then again there's whatever distribution it is that installs on a windows partition, less of a chance of destroying the home PC.
Of course make sure they get a good dose of how to do everything they already do with a *NIX box. Make sure you have OpenOffice or StarOffice on there, and whatever other browser on there, if you're really brave, put your favorite IM clone on there, but don't expect them to pay any attention to you afterwards.:) Then once they get to see all this cool software that they're using does what they want, mention that it was free and slip them some Open Source propaganda.:)
Remember to keep it interesting for them, show them where the games are if need be, after all when we were their age, who didn't check to make sure Xbill functioned properly after a new install? Speaking of installs, I'm sure plenty of these youngsters have already nuked the family computer at least once, and Linux installs have come a long long way in the past few years, they'll figure it out.
Well maybe the reason people aren't seeing a reason to upgrade to a faster connection is because there's simply nothing they do that justifies faster access. How fast does your mom need to download her email and send you instant messages? Not to mention that with the various and sundry financial problems going around with collapsed 401(k)'s, layoffs, and other nastiness, luxuries like this hang below the simple stuff like rent, food, and electricity.
Not to mention, there's not all that much to do on the web that doesn't appeal to a very specific Slashdot type crowd. Between gaming, peer to peer file stealing, and super fast pr0n, I can't think of much else I use my cable modem for. Perhaps when someone can offer some type of compelling reason to go online more often and use the bandwidth, then more people will sign up. But until then, all that fiber everyone was so crazy to start running a few years ago is going to remain dark, and DSL, cable,
and fiber connections are still going to more expensive than we all know they should be.
It's not like people haven't been spoofing files and renaming them for years now just to be annoying. Then again it does make one wonder if the RIAA folks are actually smart enough to see if the files they download actually are the songs they say they are. I think this whole thing is going to get horribly out of hand with tactics like this. As much as I really love the idea of an ISP taking a stand for their customers who have no means to really fight back or stand up against these loud mouth bullies, it makes me wonder what their next ridiculous plan will be?
If you really want to piss off the RIAA, stop listening to the crap they shove down your throat every week on the radio and various music channels. Do yourself a favor, go to a show at a club and run into a band you've never seen before but might actually really dig. Not to mention buying their small run CD after the show helps them out a lot more than buying from Amazon or Sam Goody.
The simple fact is the only way you'll get the RIAA to listen is to keep your money in your pockets and out of their hands. Buy albums online at small friendly places that carry bands you may have never heard but would possibly like. I've never met anyone who's said they've started going to live shows and regretted it. Musicians make their money on tour more often than these crappy record contracts.
So the best way to keep those RIAA bastards off of your computer is to first make a backup of your stuff. Yeah, we all have the CD's to all our mp3s:-p Then really stick it to the bastards and stop giving them your money.
Slashdot Mirror
The application can be found at "/System/Library/CoreServices/Wi-Fi Diagnostics" along with some other fun tools that are hidden there.
When Brandon Sanderson was tapped as the man to finish this series of books, I picked up Mistborn to see what I could expect from his writing style. After I read Mistborn, I was hooked on his writing style and have since read the rest of his Mistborn series, as well as Elantris, and Warbreaker. I haven't read his young adult fiction, but it's apparently been well received. The thing that I like about Sanderson as opposed to Jordan are that a) he isn't afraid to kill a main character, especially if they're likable, b) his pacing of the book makes reading a challenge so that you don't read it too fast, as opposed to dragging through 15 pages of braid pulling and disapproving looks. However, their similarities are that Mr. Sanderson does as good of a job of character development as Robert Jordan, and Sanderson's development of political and interpersonal intrigue is usually a little better and more to the point than Jordan's.
I think that Harriet did an excellent job choosing Brandon Sanderson to finish her husband's work. It's true that Mr. Jordan became a victim of his success earlier in the series, trying to keep so many threads going at the same time, never daring to kill more than the occasional character, and perhaps trying too hard to develop additional character stories at the expense of the initial handful of major characters. However I look forward to reading this book, and hopefully the final two books. I think that if what I've read of Brandon Sanderson's other work is indicative of how he'll treat the remainder of Robert Jordan's storyline, then it will be a great read.
Wow, go-go-gadget misinformation. Mac OS X Server is BSD based, and I've had great success installing any open source project that I needed, using ports, fink, gems, or CPAN if what came with operating system didn't do what I needed.
Also, the vast majority of services available on OS X Server are open source, which Apple does contribute back. So if you don't like how the Server Admin tool works, you can be a r3@l l33t h4xx0r and edit the config files in vi or emacs and do it yourself.
As for the submitter's original question, there are a number of useful tools available for mass deployments of Macs across a network. Tools like radmind, LanRev, Apple's PackageMaker, InstaDMG, and Casper Suite all have varying degrees of management of machine images, image distribution, etc. Also consider at least downloading the PDFs Apple provides for their built in services to learn the ins and outs of their tools allow you to do and not do. You can even modify existing services to use more recent versions of projects that come with OS X if you're missing something or need to upgrade to a newer version for some reason (although this will likely make you have to freeze your OS version in place, or else future updates will probably overwrite your changes.)
Administration of a network of Macs falls somewhere in between an Active Directory environment and a roll your own Linux/BSD network. The client administration is great, but not as comprehensive as Active Directory. However, you still have the freedom to tinker with the services that come with OS X Server and borrow and add capabilities from open source. There are also many other forums out there that have a much lower troll count than what you'll find here, with many knowledgeable and helpful folks who will actually attempt to address and answer your question.
Because seriously, why go to Slashdot if not for the trolling?
Well, it's Eudora in name and in some seemingly useless features and crappy UI options. Even the Penelope page is sparse on details on why someone would use Eudora 8.0 instead of Thunderbird. Does anyone know of a reason why we should use this instead of Thunderbird? I have Eudora 6.2 on my machine at work, and I couldn't run to Thunderbird fast enough. I downloaded Eudora 8.0 just now, and I noticed nothing all that spectacular about it when I gave the features a once over.
Also, thanks a bunch Eudora for going into my Thunderbird settings and screwing with my Inbox columns. I guess deviating too far away from Thunderbird and making your own user folder would have been too much? Not a serious problem, just lame. I know I sound like a jerk, but this is the equivalent of the Eudora folks croaking "I'm not dead!" right before we all throw them on the cart.
And no, you won't get better. You'll be stone dead in a moment.
Why, quite obviously you didn't use the bloated P.O.S. that was IE3. :) Quite obviously he has been using Lynx and Gopher to browse the intertubes for 10 years. N00b! :)
:)
I keed, I keed.
The federal government has used certification programs like FIPS, Common Criteria, and others to give agencies choices in what they can buy to improve their own security. However the biggest problem is that most branches don't take advantage of the technology because either they don't want to fund it, or don't understand the importance of how vulnerable they may be. Some parts of the government are ridiculously advanced with their security standards and practices, but it's absolutely woeful how other departments lag behind, like Education, HUD, and others.
What really needs to be done is something more streamlined and efficient to get technology certified faster and according to the right standards. Take a look at the FIPS 140-2 standard if you can survive the mind numbing guhb'mentese. It's geared more towards hardware based designs as opposed to software. 140-3 is going to be much better, but it's not great. Algorithms like AES256 are a good start, but there's definitely better encryption out there. The good thing is that a great deal of really smart people work on encryption products. With the kind of money that just one or two government purchases can bring, those who are certified early will make beaucoup bucks.
There are already look to be 3 or 4 products (http://csrc.ncsl.nist.gov/cryptval/140-1/140val-a ll.htm) that are FIPS certified, but I'm not sure if they meet the EAL 3 requirements. Expect to see more of these mandates for all kinds of things from networking, to the new PIV project http://csrc.nist.gov/piv-program/index.html. Actually, I'm kind of suprised that FDE doesn't specifically require PIV for it's user authentication. That's the problem with government projects like these, too many cooks and not enough kitchen. :)
How did I come to find out that we had an open relay? Did ORDB notify us? Hell no. They just slapped us on their list, and our users started getting bounce messages from other mail servers. I fixed the problem quite easily once I knew about it, but the biggest problem was getting off the list!!! That was a whole other nightmare take took longer than hearing about the problem and fixing it.
So I say good riddance. Those guys are pretty bright and meant well, but my experience with them left me with a very bad impression. Hopefully they were more professional in recent years, but from the way they're ending their service, it sure as hell doesn't seem like it.
"As far as how a guy breaks into a mostly female clique, I suspect most Slashdotters would desperately love to know that one. So if anyone has more insight into that general conundrum, tey should post it. ;-)"
:) Listen to what they're saying, and ask more questions about that. Think of Steve Carell in the 40 Year Old Virgin when he's at the book store. Except with less of the innuendo. :)
That's pretty easy, I'll put it into a list.
1. Take a shower, use deodorant.
2. Brush teeth, use mouth wash.
3. Wear clothes without rips, stains, preferably a shirt with a collar.
4. Don't mention you live in your mom's basement.
After that, it's kind of like playing old video rpg's in your mom's basement.
No, the CMVP does not provide the information regarding the status or reason on the website that lists all the approved modules. It does however inform the certification lab that performs the testing on the module of the problem, and then the lab informs the OpenSSL folks. Then the vendor and lab work together to fix whatever it is that brought up the problem.
2 .pdf to read the Security Policy for OpenSSL. It could be that information in that security policy doesn't jive with how the module actually works, or how CMVP thinks that it works. That's enough of a discrepency that CMVP would start this whole hub-bub.
:)
I don't know what the specific problem is with their module validation, but it's probably more of a paperwork issue than a technical problem. There are testing requirements that are described in the publically available Derived Test Requirements at http://csrc.nist.gov/cryptval/ as well as more information than you'll ever want to know about the FIPS 140-2 cert.
Each crypto module has a publically available Security Policy that describes how the module works in regards to each section of the FIPS 140-2 standard. Skim through http://csrc.nist.gov/cryptval/140-1/140sp/140sp64
So hopefully the OpenSSL people will be able to provide whatever other information that they have to and they'll be revalidated and all the noise will die down. Could the competition have gone through the source code and looked for any possible reason to make problems for the OSS institute? Absolutely. But that's not the guhb'ment.
But hey, it's a lot more fun to put on the tinfoil hats and speak of dark conspiracies and governmental corruption.
http://video.google.com/videoplay?docid=-262774490 184348066&q=spore
It's about 35 minutes long, but it's pretty sweet.
As I'm sure everyone else who's had to design, deliver, test, present, and repeat again and again, there are lots of things that can push back delivering projects on time. I was told early on by someone wiser than me that when planning a project to figure out the number of hours you figure something will take and multiply it by 2 or 3. That's a good rule of thumb that makes the eventual completion closer to the actual intended date.
Then again as things increase in scale there are more things that can go wrong and hold things up. In the category of what can "go wrong" the biggest time waste are what customers want for the "Gee Whiz!" features that don't add any appreciable functionality, but take up most of the time.
I believe I read in here once that 90% of the project is completed in 10% of the time, and the last 10% takes 90% of the remaining time.
And then there was one holiday when I got a wood burning kit... :)
Besides, until there's a version of Ryan Geiss' kick ass winamp plugins, for another player (let's not pretend that iTunes visualizations are even in the same league) I'll stay with the old stuff, thank you. How up to date do you have to be with MP3 software anyway?
Since then it's worked great, even better than when we first got the Xbox. No skipping, it loads and reads quicker, and all around works. Of course you can also get replacement drives like the Samsung 616T if you can find them for less than that repair price as well ($60-$80).
Now if you don't mind, I have to get back to playing Rainbow Six 3. :)
Well if you're going to Brewer's, go on Monday night. The house beers are $2.50 on Mondays. Except the cerberus Tripel. Apparently that was a little too well appreciated in it's 10% goodness. Not that me and my monday night crowd partially responsible for that. :) And the monday night bartender is totally awesome.
Generally speaking, you're dead right. However, there is one piece of the puzzle to add, tech companies don't want to do tech support either. They have to supply it though, or else no one will buy the product. There are plenty of ways that companies think of to get you to fix the problem yourself instead of ring up. Web based knowledge bases, help systems in the program and documentation on the product discs are resources usually available to customers, depending on the product.
I currently work at a call center out of convenience. I had a good job doing Solaris administration, but didn't like the hustle and bustle of the big city. So I moved somewhere quieter and picked up a job at a call center until I get back to what I like to do. I do Tier 1 support, and it's a pretty interesting mix. Most people are here for the same reason I am, there are bills to pay. However there are finer distinctions in this group.
The first group of tech support lackeys are those who have some sort of technical prowess and have a general interest in this type of work. This includes college kids taking class, kids out of high school looking to learn new things, or people like myself who would rather work IT fast food instead of real fast food while we hunt for real jobs. This group of people is unfortunately very small in general, but seemingly does a much larger share of the work more competently that our fellows.
The other groups are much less note-worthy. There are people just getting into it fresh from their fly by night training/cert shack who believe the B.S. that their uber-l33t McMCSE will earn them the bling-bling, a benz, and J-Lo. These also tend to be the shortest lived group, partly due to the fact that they don't seem to teach proper critical analyzation and piecemeal troubleshooting and just do a bad job. The next are people coming from McJobs, where this tech support gig is better than burger flipping and they get to learn how to use a computer to boot.
The simple fact is that tech support is crappy job. It doesn't pay enough to keep talented people, and if it's a busy call center, the burnout rate of talking to 35-50+ people every day is around 6 months. This makes live technical support a very expensive process to maintain. That's why many companies now charge for their support and only offer limited free support. Sure, you can bitch if you want, but 95% of what I'm going to tell you is available on the support website or in the manuals. So deal with it. It's a tax on laziness.
It definitely brings to light how manufactured and computerized popular music has become. As we all know, just because it's popular, doesn't mean it's good. The song "Kissing God" seems to be closer to being a real song than "I'm Already Dead". That doesn't mean either of them are good, they both sound pretty contrived and artificial.
But I guess that's what the kids are listening to these days? Give me a band who can play a song live that sounds as good or better than it does on the album. Beethoven and Mozart didn't need a freakin' drum machine.
Well I voted this morning in Maryland on one of the new DieBold machines. When I came in, I registered just like always, signed a pink card and was given a little credit card sized card with a copper colored chip on it. It's the same type of chip you've probably seen on American Express cards, military ID cards, or maybe even at your laundromat.
:) It's not a matter of the technology, but how who is in charge of it and how they use it.
After being handed my paper and card, an election judge took me over to one of the machines. All the machines were in the cafeteria of a local school. All machines were in plain sight by anyone walking into the room, and there was only one door that was unlocked to allow access in and out. At the machine, I was instructed to insert the card into a small slot until it clicked. Then the election judge opened the tutorial on how to use the new system. It amounted to "touch the box on the screen for who you want to vote for." Nothing difficult about that.
So I went through, chose my votes, and before it allowed me to confirm my votes, it showed me who I had voted for, ommitting any candidates I had not chosen. Then I confirmed my choices, the card popped out, the election judge took my card and that was that.
It doesn't seem to me that the your actual votes are stored on the voting machine itself, but instead on the actual card. If that is the case, I would assume that the cards are later read into a different machine that tallies up an entire location at a time.
What happens with the cards after that is an interesting question. Logically one would think that the cards themselves are archived, stuck in boxes and stored for however long before they are reused. That way after their data is tallied with everything else, if a recount is required, the cards themselves would be used and the data that was collated from different locations and stored on the central server would be overwritten.
I wouldn't say that it's any easier to tamper with the voting results than it has been before. Even mechanical voting machines have been tampered with in ways to vote for someone other than who you though you were voting for. It seems to me it's more likely it's possible to have more safeguards in place with electronic voting.
As for companies such as DieBold and their possible nefarious plots, well you better get a tinfoil jumpsuit.
I remember how much I could cram into my head before I had things like bills, work, and life filling up the gaps. I'd say first get them used to the GUI, since presumably most of these aspiring nerds have a windows machine at home. It's likely they'll quickly get a grasp of how it works, but get them used to how similar the desktop is to what they already know; then highlight the subtle differences like wharfing, the menu that pops up when you click the middle button, etc. Then right after, get them to open up a terminal window, and then get them started on the good geek stuff. :)
:) It would probably be a good thing to have alias rm to rm -i or -noclobber depending on what you end up using.
:) Then once they get to see all this cool software that they're using does what they want, mention that it was free and slip them some Open Source propaganda. :)
There's a plethora of 'cheat sheets' that have all the common shell commands in them, so it would probably be a good thing to hand out photocopies of those while they're fiddling around, just make sure you let them know the devastating power of -R.
Debian would probably just as good a starting distro as anything else, but let's not start that war here. Make sure if you give those CD's out to put a nice big disclaimer on the label or case warning them not to wipe out Mom and Dad's taxes. Then again there's whatever distribution it is that installs on a windows partition, less of a chance of destroying the home PC.
Of course make sure they get a good dose of how to do everything they already do with a *NIX box. Make sure you have OpenOffice or StarOffice on there, and whatever other browser on there, if you're really brave, put your favorite IM clone on there, but don't expect them to pay any attention to you afterwards.
Remember to keep it interesting for them, show them where the games are if need be, after all when we were their age, who didn't check to make sure Xbill functioned properly after a new install? Speaking of installs, I'm sure plenty of these youngsters have already nuked the family computer at least once, and Linux installs have come a long long way in the past few years, they'll figure it out.
Well maybe the reason people aren't seeing a reason to upgrade to a faster connection is because there's simply nothing they do that justifies faster access. How fast does your mom need to download her email and send you instant messages? Not to mention that with the various and sundry financial problems going around with collapsed 401(k)'s, layoffs, and other nastiness, luxuries like this hang below the simple stuff like rent, food, and electricity.
Not to mention, there's not all that much to do on the web that doesn't appeal to a very specific Slashdot type crowd. Between gaming, peer to peer file stealing, and super fast pr0n, I can't think of much else I use my cable modem for. Perhaps when someone can offer some type of compelling reason to go online more often and use the bandwidth, then more people will sign up. But until then, all that fiber everyone was so crazy to start running a few years ago is going to remain dark, and DSL, cable, and fiber connections are still going to more expensive than we all know they should be.
It's not like people haven't been spoofing files and renaming them for years now just to be annoying. Then again it does make one wonder if the RIAA folks are actually smart enough to see if the files they download actually are the songs they say they are. I think this whole thing is going to get horribly out of hand with tactics like this. As much as I really love the idea of an ISP taking a stand for their customers who have no means to really fight back or stand up against these loud mouth bullies, it makes me wonder what their next ridiculous plan will be?
:-p Then really stick it to the bastards and stop giving them your money.
If you really want to piss off the RIAA, stop listening to the crap they shove down your throat every week on the radio and various music channels. Do yourself a favor, go to a show at a club and run into a band you've never seen before but might actually really dig. Not to mention buying their small run CD after the show helps them out a lot more than buying from Amazon or Sam Goody.
The simple fact is the only way you'll get the RIAA to listen is to keep your money in your pockets and out of their hands. Buy albums online at small friendly places that carry bands you may have never heard but would possibly like. I've never met anyone who's said they've started going to live shows and regretted it. Musicians make their money on tour more often than these crappy record contracts.
So the best way to keep those RIAA bastards off of your computer is to first make a backup of your stuff. Yeah, we all have the CD's to all our mp3s