I kind of wondered if this wasn't in part why attrition.org finally shut down. While they were helping to publicize problems, they also sort of encouraged the problems by giving them publicity.
I've decided that I'm no longer happy being CIO of Sodablue.org. I'm giving myself a promotion to CEO.
Now that I'm CEO and don't have to worry about technical issues I just want to point out that our website runs off Windows 2000. It's a really cool new thing this web stuff, and correct me if I'm wrong but I don't believe you can do that on Linux.
Anyway, my new CIO(aka the neighbors dog) tells me that most commercial building access systems he's encountered run off a small PC in the security office using DOS or Windows. Actually a surprising number of them are still old 386 computers running DOS because it's not that demanding of an application.
That message is from this page:
http://www.gateway.gov.uk/html/bad_browser.asp
I know it's called if you don't have Javascript. According to that same article it also doesn't work if you have cookies and Java turned off.
It's been a long time since I tried to use browsers other than IE. I know last year Opera had problems with Java and Javascript. I don't know what the current state of Mozilla is.
It just seems to me that this UK website is on the bleeding edge of technology, especially with it's use of PKI. To expect luddite browsers to work might be a bit much.
Sigh... Your the type of person who gives MCSE a bad name.:(
I also have an MCSE I obtained a couple of years ago, and it's really quite simple to secure an NT box:
#1. Subscribe to NTBUGTRAQ.COM
#2. Read www.microsoft.com/security
Microsoft has provided tools which will notify you when security related hotfixes are released. They have provided tools to automate the installation of hotfixes, as well as automate the configuration of servers.
The DNS issue wasn't a bug in Microsoft's software. They suffered a DoS attack on their web servers, so they subcontracted with Akamai to protect against this. If you don't know who or what Akamai does, that's another problem with your paper MCSE.
What security through obscurity argument? Do you even know what that means?
I don't disagree that the lack of qualified admins is the problem. But the documentation and tools are out there, you just have to use them.
But my main point for responding... You shouldn't consider yourself a qualified admin, because you clearly are not.
The ILoveYou virus could be replicated on a Unix system exactly like on Windows without any increased security.
It would require the following assumptions to be true:
#1. A well known way to send email from the system. This is mostly true already.
#2. A well known address book system. i.e. Groupware of some sort, possibly using LDAP services. This exists, but not in a standard well known way.
#3. An email system which is designed with user convenience in mind and allows the opening and execution of attachments.
That's it. Everything else can be automated with scripts or binaries in user-mode.
From then on, our new Iloveyou only needs to modify files available to the user. Why modify system files when I have full access to the login scripts in your user directory.
But for the record. I have never spread any email virus from any computer of mine. I use Windows NT/2k, I use Office, I use Outlook.
The reason? I've never been stupid enough to open any such attachments.
There is a difference between Unix and Windows, but it is primarily the types of users. Since Unix is hard to use, it tends to only have users who are either not able to figure out how to save and execute an attachment, or not stupid enough to do so.
It has nothing to do with the security models. At least not in this case.
What I felt was inefficient was all the manageability and configuration.
I have looked at the recent RedHat and Debian distributions. Debian has remained virtually unchanged and is still a bear to work with. RedHat has some nice pretty GUI stuff, but still has a plethora of problems. But then those problems are due to the architecture of Unix and not likely to change without a radical shift.
Umm... You must not be aware that Mozilla started from the Netscape code base. Netscape released their source back in '97, what was then probably a later 4.x release.
Mozilla appears to have spent the last 3 years cleaning up the mess, trying to get it to handle standards compliant HTML, etc.
My suspicion is that the Netscape code was a complete utter mess, and the Microsoft code is much more clean and object-oriented thus making it easier to maintaing and extend.
This may be more of a battle between hackers and mature software engineers than it is open and closed source.
"exercises oppressive control over the programming powers of its employees"
Does it?
I believe you'll have a really hard time backing that statement up. At least from talking to the Microsoft employees I know, it's still the best tech company in the world to work at.
And not because of stock options. This is a company that realized long ago that giving programmers offices instead of cubicles makes them more productive, etc.
As far as your other comments. The bottom dropped out of the Consulting market last year.
I did not relate this to Go, but I made a similar comment last year after the PocketPC was released.
If you look at what Microsoft did, they looked at the existing climate of Palm domination and then asked, "Great, but where do people want to be in the future?"
They then designed towards that future. More powerful, more capable devices. Color, sounds, fast, powerful, lot's of storage, etc...
The first versions of WinCE were not successful, primarily because they hadn't clearly defined this vision, and the hardware was not capable of it. After several years of refinement and evolution, the hardware began to catch up.
And now you have the iPaq and it's ilk capturing 20% marketshare.
Meanwhile Palm is changing case colors and releasing Supermodel versions of the same device that first came to market back in 1996. Any bets if they will merge with AOL within 2 years time?
Actually SQL Server does work better with Win2k/IIS. At least if you are trying to do serious software development, the database connectivity to Oracle is problematic.
It's also not Microsoft's fault. Rather it seems to be Larry Ellison who is to blame. He's almost purposefully crippling Oracle's ability to work with Microsoft in a sad idea that people will switch from Microsoft over to his Java application crap.
I know a number of companies who use Oracle now who are contemplating moving pieces over to SQL Server to get better stability and performance.
But I'm a little bit confused by the contradiction this has with slashdot's typical editorial policy.
It appears that what this Avant! was guilty of was intellectual property theft. But on slashdot we're frequently innundated by editorials that claim IP laws are outdated and unnecessary.
Forgive me, it's just so hard to keep track of what I'm supposed to be for and against.:(
If it's only 10% of the users you are seeking to gain, then maybe I can see your point.
If it's 70%, 50% or even 30%... it will never happen because of those other 40,000 apps.(Actually it's a lot more than 40k)
There is another platform out there already besides Windows which has Office, Quicken, even Internet Explorer and a whole slew of other very popular applications.
Did you read the same article I did. The only real mention of commercial programming he made was simply to state that they don't bother to toot their own horns when they create something. As compared to Linux which someone makes a big announcement every time something is sold.
He then goes on later in the article to point out why the Motif library is better in his opinion. It's somewhat technical, but he basically attributes this to the component model.
Word and Excel might be the one suite of apps that all users have in common.
But it is not the only app that all users need. There are the remaining 40,000 or whatever. You won't know about those apps until you talk to an individual user.
Linux advocates always seem to get caught up in this "What one app do we need to make this popular?"
The thing is, it isn't one app. It's 40,000 applications that make Microsoft Windows popular.
You have to have an environment where anything that is needed, especially anything sent to you by partners or regulatory agencies... just runs.
I used to run into this same issue back in the days supporting OS/2. At the time it meant we had many users with two desktops. One to run OS/2 and our "standard" apps, one to run all the other apps that didn't work under OS/2.
I don't know what is the best answer to this.
I kind of wondered if this wasn't in part why attrition.org finally shut down. While they were helping to publicize problems, they also sort of encouraged the problems by giving them publicity.
I've decided that I'm no longer happy being CIO of Sodablue.org. I'm giving myself a promotion to CEO.
Now that I'm CEO and don't have to worry about technical issues I just want to point out that our website runs off Windows 2000. It's a really cool new thing this web stuff, and correct me if I'm wrong but I don't believe you can do that on Linux.
Anyway, my new CIO(aka the neighbors dog) tells me that most commercial building access systems he's encountered run off a small PC in the security office using DOS or Windows. Actually a surprising number of them are still old 386 computers running DOS because it's not that demanding of an application.
McDonald's Secret Sauce is Thousand Island Dressing.
:)
damn, I hope I didn't ruin the surprise for you.
That message is from this page:
http://www.gateway.gov.uk/html/bad_browser.asp
I know it's called if you don't have Javascript. According to that same article it also doesn't work if you have cookies and Java turned off.
It's been a long time since I tried to use browsers other than IE. I know last year Opera had problems with Java and Javascript. I don't know what the current state of Mozilla is.
It just seems to me that this UK website is on the bleeding edge of technology, especially with it's use of PKI. To expect luddite browsers to work might be a bit much.
First of all the website is WWW.gateway.gov.uk. If you try to go to gateway.gov.uk you will not get any content.
But other than that, it seems like a number of wild complaints with no coesion to the story.
Something about the PKI technology used. Well if other browsers don't support this, uhh what can be done about it?
PKI is here to stay, and it would be wise for other browser makers to come up with support for this would it not?
Ohwell the Register is the National Enquirer of the IT world for a reason, I guess.
Sigh... Your the type of person who gives MCSE a bad name. :(
I also have an MCSE I obtained a couple of years ago, and it's really quite simple to secure an NT box:
#1. Subscribe to NTBUGTRAQ.COM
#2. Read www.microsoft.com/security
Microsoft has provided tools which will notify you when security related hotfixes are released. They have provided tools to automate the installation of hotfixes, as well as automate the configuration of servers.
The DNS issue wasn't a bug in Microsoft's software. They suffered a DoS attack on their web servers, so they subcontracted with Akamai to protect against this. If you don't know who or what Akamai does, that's another problem with your paper MCSE.
What security through obscurity argument? Do you even know what that means?
I don't disagree that the lack of qualified admins is the problem. But the documentation and tools are out there, you just have to use them.
But my main point for responding... You shouldn't consider yourself a qualified admin, because you clearly are not.
No they didn't. They subcontracted content caching out to Akamai in order to make their internet services much less prone to DNS attacks.
Hmm, sounds like he should have used the hotfix tool off Microsoft's website instead of Windowsupdate.
Windowsupdate isn't meant for servers.
The ILoveYou virus could be replicated on a Unix system exactly like on Windows without any increased security.
It would require the following assumptions to be true:
#1. A well known way to send email from the system. This is mostly true already.
#2. A well known address book system. i.e. Groupware of some sort, possibly using LDAP services. This exists, but not in a standard well known way.
#3. An email system which is designed with user convenience in mind and allows the opening and execution of attachments.
That's it. Everything else can be automated with scripts or binaries in user-mode.
From then on, our new Iloveyou only needs to modify files available to the user. Why modify system files when I have full access to the login scripts in your user directory.
But for the record. I have never spread any email virus from any computer of mine. I use Windows NT/2k, I use Office, I use Outlook.
The reason? I've never been stupid enough to open any such attachments.
There is a difference between Unix and Windows, but it is primarily the types of users. Since Unix is hard to use, it tends to only have users who are either not able to figure out how to save and execute an attachment, or not stupid enough to do so.
It has nothing to do with the security models. At least not in this case.
What I felt was inefficient was all the manageability and configuration.
I have looked at the recent RedHat and Debian distributions. Debian has remained virtually unchanged and is still a bear to work with. RedHat has some nice pretty GUI stuff, but still has a plethora of problems. But then those problems are due to the architecture of Unix and not likely to change without a radical shift.
Umm... You must not be aware that Mozilla started from the Netscape code base. Netscape released their source back in '97, what was then probably a later 4.x release.
Mozilla appears to have spent the last 3 years cleaning up the mess, trying to get it to handle standards compliant HTML, etc.
My suspicion is that the Netscape code was a complete utter mess, and the Microsoft code is much more clean and object-oriented thus making it easier to maintaing and extend.
This may be more of a battle between hackers and mature software engineers than it is open and closed source.
"Ever hear of someone choosing to switch to windows ?"
:(
HERE!
I switched from Linux to Windows back in 1996. Haven't looked back since.
Once you've worked with Windows for awhile you realize just how incredibly inefficient the Unix model is.
"exercises oppressive control over the programming powers of its employees"
Does it?
I believe you'll have a really hard time backing that statement up. At least from talking to the Microsoft employees I know, it's still the best tech company in the world to work at.
And not because of stock options. This is a company that realized long ago that giving programmers offices instead of cubicles makes them more productive, etc.
As far as your other comments. The bottom dropped out of the Consulting market last year.
All good points!
I did not relate this to Go, but I made a similar comment last year after the PocketPC was released.
If you look at what Microsoft did, they looked at the existing climate of Palm domination and then asked, "Great, but where do people want to be in the future?"
They then designed towards that future. More powerful, more capable devices. Color, sounds, fast, powerful, lot's of storage, etc...
The first versions of WinCE were not successful, primarily because they hadn't clearly defined this vision, and the hardware was not capable of it. After several years of refinement and evolution, the hardware began to catch up.
And now you have the iPaq and it's ilk capturing 20% marketshare.
Meanwhile Palm is changing case colors and releasing Supermodel versions of the same device that first came to market back in 1996. Any bets if they will merge with AOL within 2 years time?
Actually SQL Server does work better with Win2k/IIS. At least if you are trying to do serious software development, the database connectivity to Oracle is problematic.
It's also not Microsoft's fault. Rather it seems to be Larry Ellison who is to blame. He's almost purposefully crippling Oracle's ability to work with Microsoft in a sad idea that people will switch from Microsoft over to his Java application crap.
I know a number of companies who use Oracle now who are contemplating moving pieces over to SQL Server to get better stability and performance.
Ummm... Being a college graduate from a lofty named school doesn't make one intelligent or interesting.
Case in point... President Bush is a Yale graduate.
Umm... I've seen every episode of TOS, TNG, DS9 and Voyager. As well as every movie, and even the cartoon series.
TNG was by far the worst of them all.
Or don't you remember Wesley Crusher, or the Black Ooze that got rid of Lt. Yar?
Bleah, perhaps 10% of the episodes of TNG were any good and those mostly included the Borg.
It's an interesting article, and such...
:(
But I'm a little bit confused by the contradiction this has with slashdot's typical editorial policy.
It appears that what this Avant! was guilty of was intellectual property theft. But on slashdot we're frequently innundated by editorials that claim IP laws are outdated and unnecessary.
Forgive me, it's just so hard to keep track of what I'm supposed to be for and against.
I think this is a great idea and should be incorporated into the GPL immediately!
I guess it depends on what your goal is.
If it's only 10% of the users you are seeking to gain, then maybe I can see your point.
If it's 70%, 50% or even 30%... it will never happen because of those other 40,000 apps.(Actually it's a lot more than 40k)
There is another platform out there already besides Windows which has Office, Quicken, even Internet Explorer and a whole slew of other very popular applications.
And yet it barely has 10% of the market.
The Macintosh.
Huh?
Did you read the same article I did. The only real mention of commercial programming he made was simply to state that they don't bother to toot their own horns when they create something. As compared to Linux which someone makes a big announcement every time something is sold.
He then goes on later in the article to point out why the Motif library is better in his opinion. It's somewhat technical, but he basically attributes this to the component model.
You should go back and reread the article.
No, I'm afraid you missed the point.
Word and Excel might be the one suite of apps that all users have in common.
But it is not the only app that all users need. There are the remaining 40,000 or whatever. You won't know about those apps until you talk to an individual user.
Linux advocates always seem to get caught up in this "What one app do we need to make this popular?"
The thing is, it isn't one app. It's 40,000 applications that make Microsoft Windows popular.
You have to have an environment where anything that is needed, especially anything sent to you by partners or regulatory agencies... just runs.
I used to run into this same issue back in the days supporting OS/2. At the time it meant we had many users with two desktops. One to run OS/2 and our "standard" apps, one to run all the other apps that didn't work under OS/2.
This is expensive and a nightmare to maintain.
Anyway, it's not just one app... It's everything.
I did make one mistake, I thought the $1.35 was what Bush had proposed.
That's actually what the moderate Republicans pared it down to. The original Bush plan was $1.6 trillion.
The fact that you didn't know this makes your other comments about ignorance all the more funny.
P.S. The Star Wars program has a 70% disapproval rating in the US. It will never happen.
Which of course means the vote of the Supreme Court was 5-4.