OK, I guess I wasn't clear on the main point I was trying to make. I think this is evidence that Microsoft intends to use the same techniques against other companies to force them either to pay licensing fees to MS, or to waste person-hours working around the disputed technology.
Like another person in this thread said, if MS were to come after RedHat with the same patent-trolling, then RedHat would simply work around the dispute rather than paying fees. What's being missed is that *having to do that* *still* costs RedHat, in the form of development resources that could be used for X instead of re-writing working code to avoid litigation.
It seems like by taking this action, Microsoft is actually *reenforcing* the validity of software patents. Yes, bully to them for refusing to pay licensing, but by dropping the disputed technology, Microsoft is tacitly admitting that the patent is valid.
Of course that makes total sense, giving the MS is patenting software techniques left and right, and has reserved the right to sue Free Software distributors over it. If they can get e.g. RedHat to devote person-hours to removing patented algorithms from their distribution, then that's time and money that they're essentially forcing RedHat to throw out the window.
Errr, I don't see where I mentioned economic concerns. I was thinking that the DoD might not want e.g. debugging info from sensitive networks leaving the country.
Maybe you're missing the possibility that whoever's using Snort in the DoD doesn't want to have to hire a full-time programmer to act as tech support when they can just get a contract with Sourcefire instead? As far as I can tell, this isn't about code, it's about support. Sensitive information occasionally needs to be given to tech support in order to diagnose/fix problems, and the DoD would prefer whoever's on the recieving end to be an American. I wonder if Sourcefire have any support personnel with gov't security clearances.
The stuff posted in the article was alright, and given the guy is 17, I'll cut him some slack. However, as a professional sysadmin for the last 10 years, I think I can whip up a good list of my favorite tools.
Bash. If you don't know how to write a for-loop in bash to connect to all your hosts and make some changes, you don't know what you're missing.
SSH, with an agent and keys. If you get asked for the password every time you connect to a host with the above bash loop, you're missing on a very powerful tool. Passwords are a once-daily thing for me now, and that's only because my screen lock also kills my ssh agent.
Osiris. Because you should know what's happening on the computers you maintain. File integrity monitoring is a Good Thing. File integrity monitoring with a client/server architecture is a Very Good Thing.
Snort. Use snort. You have no idea what's happening on your network until you use snort. If you have desktop users, load up the bleeding-snort rulesets and be prepared to panic in horror as you see all the crapware flowing over your network.
Perl. With bash-fu. Like this: $ perl -i.BAK -pe 's/(http://192/\.168\.0)\.2/$1.3/' `find . -iname "*.htm"` You'll never look at sed again;)
Finally, if you've got a boss who will let you, rip out those expensive proprietary firewalls and replace them with OpenBSD on a Soekris solid-state computer. OpenBSD pf is a joy to work with, and for VPNs, ipsecctl can't be beat. You can literally VPN two remote networks together in about five minutes.
People from the Peoples' Republic of China are called Chinese People from the Federal Republic of Germany are called Germans For that matter, people from the Estados Unidos Mexicanos are called Mexicans.
So why shouldn't people from the United States of America be called Americans?
Are there any other countries with the word "America" in their name?
agottschalk@shark:~ :-) $ mount /dev/system/root on / type ext3 (rw) none on/proc type proc (rw) none on/sys type sysfs (rw) /dev/md0 on/boot type ext3 (rw) /dev/storage/d1 on/d1 type ext3 (rw) /dev/storage/d2 on/d2 type ext3 (rw) /dev/storage/d3 on/d3 type ext3 (rw) /dev/system/home on/home type ext3 (rw) /dev/system/tmp on/tmp type ext3 (rw) /dev/system/usr on/usr type ext3 (rw) /dev/system/var on/var type ext3 (rw) none on/proc/bus/usb type usbfs (rw,devmode=0664,devgid=43)
There are three disks: a single small boot disk, and a mirrored pair of big disks for storage. Not that I ever really have to worry about which disks are where once the initial setup is done.
I was in a similar position prior to my current job (yay). What I would do was have a *good* cover letter and resume saved in my web email, and every time they had me work (unpaid) overtime, I'd spend an additional 25-50% of that time to send out resumes. I had a new job within six weeks.
Basically, you have to accept that it's going to suck, and you're going to be spending another 5-10 hours a week on top of your work week just sending out applications.
Also, I had to take some unpaid time off to go to interviews. After the second morning that I couldn't come in, my boss kind of caught on and wouldn't let me use any comp time. Fortunately, that third unpaid morning off was the one that landed me a job.
Nothing is more satisfying than knowing that it was your boss's making you work overtime that landed you a new job.
By your logic, Microsoft also has not patched the vulnerability. From the MS006-001 FAQ:
Does this update contain any security-related changes to functionality?
Yes. The change introduced to address this vulnerability removes the support for the SETABORTPROC record type from the META_ESCAPE record in a WMF image. This update does not remove support for ABORTPROC functions registered by application SetAbortProc() API calls.
So, they basically used exactly the same workaround as the 3rd party patch that's been out for a week.
Have you ever actually tried to run Windows XP as a non-admin user? You can't install any new USB devices, and on about 1/2 of the devices I've tried, you need admin rights to plug them in whether or not the drivers have been previously installed. I tried to set my dad up that way, and after about a day we both agreed it was hopeless. He's got a digital camera, card reader, printer/scanner, and VoIP headset all of which need Admin rights *JUST TO BE PLUGGED IN*. It's not a policy mistake if the "correct" policy prevents the computer from being useful.
Well, currently my options for planning commutes on public transit involves this lovely website, which, like most every California public project, sucks goats. I'm not in favor of monopolies, but I am in favor of the better product winning, and in this case, some homeless guy drawing a map with a piece of chalk on the sidewalk while divining the timetable with rat entrails would be a better product.
By the way, did I mention that transit.511.org sucks? Just to be clear, in case the Google spider finds this page. It sucks big time.
Vfolders are good for some things, but not everything. If I want to do a keyword search for a single message someone sent me once, I don't want to have to create a vFolder just to do that.
Much as I'd like to use Evolution, it's got a few show-stopping problems:
* Leaving POP3 mail on the server is all-or-nothing. I'd like to see the "delete after X days", "delete after it's gone from the inbox" options that have existed in other POP3 clients for the past ten years or so.
* Displaying large messages is slooooow. As a sysadmin, I regularly deal with 1-5MB log files in my email. If I have to wait 30 seconds each for them to display, I'm not gonna use that program.
* No advanced search. You can't search more than a single mailbox at a time.
On the upside, the GPG integration is better than any other mail client I've used. Still, until they can deal with these fairly basic problems/lack of features, it's a no-go.
That's not informative - it's retarded. Or funny, depending on whether you're a 13-year-old nerd or not. Look at the damn power suppy - it's covered in plastic. Heatsinks attached to plastic will do nothing! Well, actually they probably block any ventilation and add some additional insulation.
Read the article. At the end, they mention how these observations were based on about 10% of the total data they expect the telescope to gather. Something about "precision increasing by orders of magnitude."
Nope, no ribbon cable. Looks like SATA has trickled down to consumer electronics. No hard drive either -- it snaps onto the side. And a couple of those rectangles are made of silicon and ceramic, not plastic.
I believe that you're mistaken in how the scientific method works. It's not about proving things, it's about *disproving* things. If someone could come up with a repeatable experiment that, say, contradicted general relativity, then that would be a big scientific advancement, and either relativity would have to be modified to fit the new evidence, or a new theory would have to be developed that explained all observations, new and old.
This, I think, is where a large amount of the scientific community's frustration with I.D. and so forth comes from. Intelligent Design advocates *cannot* provide repeatable evidence that disproves any major aspect of evolutionary theory.
Real World Tech has a great interview between David Kanter and two of the engineers working on Horus. If you're interested in actual information about how it works and what it does, its good reading.
OK, they've redesigned the web site since I last looked at it, and it's a big improvement. Still can't get to qa.mandriva.com from the front page - where is it linked from? When I searched the site for 'bugzilla' and 'bug report', it didn't come up.
It seems like Mandriva have put out a fine operating system, but as an admin, it sucks to not have any kind of documentation or bug support. For example, both Debian and FreeBSD have extensive documentation easily accessable from their web sites. Where's the equivelant for Mandriva? Same goes with bug reporting; I'm not going to track down the links, but it's pretty trivial to submit bug reports for any of Ubuntu, Debian, FreeBSD, even RedHat, but I looked all up and down Mandriva's site and didn't see any kind of bug tracking system, not even a mailto: field.
So, like I said, as an IT admin, I'm not going to support an OS that isn't going to support me.
my question for Slashdotters - are we on the verge of something big that will make fusion a practical reality in a much shorter time frame?
And my answer for you, Zonk, as it frequently is for giant world-changing questions like these, is, "How the hell should I know? I'm a freakin' sysadmin."
What would be funny, is to write a little daemon that would instantly lock anyone using one of those passwords out of all the systems on your network, maybe by source IP.
Slashdot Mirror
$ while true; do
> mail -s "HAPPY BIRFDAY HEMUS!!!!!" hemos@slashdot.org done
OK, I guess I wasn't clear on the main point I was trying to make. I think this is evidence that Microsoft intends to use the same techniques against other companies to force them either to pay licensing fees to MS, or to waste person-hours working around the disputed technology.
Like another person in this thread said, if MS were to come after RedHat with the same patent-trolling, then RedHat would simply work around the dispute rather than paying fees. What's being missed is that *having to do that* *still* costs RedHat, in the form of development resources that could be used for X instead of re-writing working code to avoid litigation.
It seems like by taking this action, Microsoft is actually *reenforcing* the validity of software patents. Yes, bully to them for refusing to pay licensing, but by dropping the disputed technology, Microsoft is tacitly admitting that the patent is valid.
Of course that makes total sense, giving the MS is patenting software techniques left and right, and has reserved the right to sue Free Software distributors over it. If they can get e.g. RedHat to devote person-hours to removing patented algorithms from their distribution, then that's time and money that they're essentially forcing RedHat to throw out the window.
These guys knew. Fat lotta good it did 'em.
Errr, I don't see where I mentioned economic concerns. I was thinking that the DoD might not want e.g. debugging info from sensitive networks leaving the country.
Maybe you're missing the possibility that whoever's using Snort in the DoD doesn't want to have to hire a full-time programmer to act as tech support when they can just get a contract with Sourcefire instead? As far as I can tell, this isn't about code, it's about support. Sensitive information occasionally needs to be given to tech support in order to diagnose/fix problems, and the DoD would prefer whoever's on the recieving end to be an American. I wonder if Sourcefire have any support personnel with gov't security clearances.
The stuff posted in the article was alright, and given the guy is 17, I'll cut him some slack. However, as a professional sysadmin for the last 10 years, I think I can whip up a good list of my favorite tools.
;)
Bash. If you don't know how to write a for-loop in bash to connect to all your hosts and make some changes, you don't know what you're missing.
SSH, with an agent and keys. If you get asked for the password every time you connect to a host with the above bash loop, you're missing on a very powerful tool. Passwords are a once-daily thing for me now, and that's only because my screen lock also kills my ssh agent.
Osiris. Because you should know what's happening on the computers you maintain. File integrity monitoring is a Good Thing. File integrity monitoring with a client/server architecture is a Very Good Thing.
Snort. Use snort. You have no idea what's happening on your network until you use snort. If you have desktop users, load up the bleeding-snort rulesets and be prepared to panic in horror as you see all the crapware flowing over your network.
Perl. With bash-fu. Like this: $ perl -i.BAK -pe 's/(http://192/\.168\.0)\.2/$1.3/' `find . -iname "*.htm"` You'll never look at sed again
Finally, if you've got a boss who will let you, rip out those expensive proprietary firewalls and replace them with OpenBSD on a Soekris solid-state computer. OpenBSD pf is a joy to work with, and for VPNs, ipsecctl can't be beat. You can literally VPN two remote networks together in about five minutes.
People from the Peoples' Republic of China are called Chinese
People from the Federal Republic of Germany are called Germans
For that matter, people from the Estados Unidos Mexicanos are called Mexicans.
So why shouldn't people from the United States of America be called Americans?
Are there any other countries with the word "America" in their name?
My linux box doesn't use hda hdb, etc.
/proc type proc (rw) /sys type sysfs (rw) /boot type ext3 (rw) /d1 type ext3 (rw) /d2 type ext3 (rw) /d3 type ext3 (rw) /home type ext3 (rw) /tmp type ext3 (rw) /usr type ext3 (rw) /var type ext3 (rw) /proc/bus/usb type usbfs (rw,devmode=0664,devgid=43)
agottschalk@shark:~
:-) $ mount
/dev/system/root on / type ext3 (rw)
none on
none on
/dev/md0 on
/dev/storage/d1 on
/dev/storage/d2 on
/dev/storage/d3 on
/dev/system/home on
/dev/system/tmp on
/dev/system/usr on
/dev/system/var on
none on
There are three disks: a single small boot disk, and a mirrored pair of big disks for storage. Not that I ever really have to worry about which disks are where once the initial setup is done.
I was in a similar position prior to my current job (yay). What I would do was have a *good* cover letter and resume saved in my web email, and every time they had me work (unpaid) overtime, I'd spend an additional 25-50% of that time to send out resumes. I had a new job within six weeks.
Basically, you have to accept that it's going to suck, and you're going to be spending another 5-10 hours a week on top of your work week just sending out applications.
Also, I had to take some unpaid time off to go to interviews. After the second morning that I couldn't come in, my boss kind of caught on and wouldn't let me use any comp time. Fortunately, that third unpaid morning off was the one that landed me a job.
Nothing is more satisfying than knowing that it was your boss's making you work overtime that landed you a new job.
By your logic, Microsoft also has not patched the vulnerability. From the MS006-001 FAQ:
So, they basically used exactly the same workaround as the 3rd party patch that's been out for a week.
Have you ever actually tried to run Windows XP as a non-admin user? You can't install any new USB devices, and on about 1/2 of the devices I've tried, you need admin rights to plug them in whether or not the drivers have been previously installed. I tried to set my dad up that way, and after about a day we both agreed it was hopeless. He's got a digital camera, card reader, printer/scanner, and VoIP headset all of which need Admin rights *JUST TO BE PLUGGED IN*. It's not a policy mistake if the "correct" policy prevents the computer from being useful.
Well, currently my options for planning commutes on public transit involves this lovely website, which, like most every California public project, sucks goats. I'm not in favor of monopolies, but I am in favor of the better product winning, and in this case, some homeless guy drawing a map with a piece of chalk on the sidewalk while divining the timetable with rat entrails would be a better product.
By the way, did I mention that transit.511.org sucks? Just to be clear, in case the Google spider finds this page. It sucks big time.
Vfolders are good for some things, but not everything. If I want to do a keyword search for a single message someone sent me once, I don't want to have to create a vFolder just to do that.
Much as I'd like to use Evolution, it's got a few show-stopping problems:
* Leaving POP3 mail on the server is all-or-nothing. I'd like to see the "delete after X days", "delete after it's gone from the inbox" options that have existed in other POP3 clients for the past ten years or so.
* Displaying large messages is slooooow. As a sysadmin, I regularly deal with 1-5MB log files in my email. If I have to wait 30 seconds each for them to display, I'm not gonna use that program.
* No advanced search. You can't search more than a single mailbox at a time.
On the upside, the GPG integration is better than any other mail client I've used. Still, until they can deal with these fairly basic problems/lack of features, it's a no-go.
That's not informative - it's retarded. Or funny, depending on whether you're a 13-year-old nerd or not. Look at the damn power suppy - it's covered in plastic. Heatsinks attached to plastic will do nothing! Well, actually they probably block any ventilation and add some additional insulation.
Read the article. At the end, they mention how these observations were based on about 10% of the total data they expect the telescope to gather. Something about "precision increasing by orders of magnitude."
Nope, no ribbon cable. Looks like SATA has trickled down to consumer electronics. No hard drive either -- it snaps onto the side. And a couple of those rectangles are made of silicon and ceramic, not plastic.
My all-time most useful tool for dealing with multiple servers (think 'web farm') is the humble for-loop.
for host in www{0..9}; do
ssh $host "do stuff"
done
Works best when combined with ssh-agent for that wonderful lack of passwords.
I believe that you're mistaken in how the scientific method works. It's not about proving things, it's about *disproving* things. If someone could come up with a repeatable experiment that, say, contradicted general relativity, then that would be a big scientific advancement, and either relativity would have to be modified to fit the new evidence, or a new theory would have to be developed that explained all observations, new and old.
This, I think, is where a large amount of the scientific community's frustration with I.D. and so forth comes from. Intelligent Design advocates *cannot* provide repeatable evidence that disproves any major aspect of evolutionary theory.
Real World Tech has a great interview between David Kanter and two of the engineers working on Horus. If you're interested in actual information about how it works and what it does, its good reading.
BTW, Linus Torvalds posts to RWT :-D
OK, they've redesigned the web site since I last looked at it, and it's a big improvement. Still can't get to qa.mandriva.com from the front page - where is it linked from? When I searched the site for 'bugzilla' and 'bug report', it didn't come up.
So yeah, I looked for it.
It seems like Mandriva have put out a fine operating system, but as an admin, it sucks to not have any kind of documentation or bug support. For example, both Debian and FreeBSD have extensive documentation easily accessable from their web sites. Where's the equivelant for Mandriva? Same goes with bug reporting; I'm not going to track down the links, but it's pretty trivial to submit bug reports for any of Ubuntu, Debian, FreeBSD, even RedHat, but I looked all up and down Mandriva's site and didn't see any kind of bug tracking system, not even a mailto: field.
So, like I said, as an IT admin, I'm not going to support an OS that isn't going to support me.
And my answer for you, Zonk, as it frequently is for giant world-changing questions like these, is, "How the hell should I know? I'm a freakin' sysadmin."
What would be funny, is to write a little daemon that would instantly lock anyone using one of those passwords out of all the systems on your network, maybe by source IP.