I had Mozilla do the same thing on Windows & Linux - it asked what I wanted to do with the file, but on Windows at teh exact same time, McAfee popped up a virus alert window. I just clicked 'Stop' and clicked cancel on the file save window and deleted the email - easy enough.
One of the biggest problems I've faced is that fact that while many users now have anti-virus programs, they are not configured properly. Usuaully the AV program is just doing background scans. No download or email attachment scanning is enabled and auto update is rarely enabled. I've spent weeks ensuring that users get the programs configured for maximum protection with minimal user impact. Surprisingly enough - the users don't mind the full scan popping up minimized to run during hte day once a week along with transparent background/email scanning. Works great, except when something like Goner hits and there are no dignatures out for it yet - we got hit hard by that one (the users KNOW they shouldn't have opened the file but did anyway:) - even admitted they knew better)
Of course my next step is to experiment with hueristics which will help protect against new stuff but the trick is ensuring the AV warnings aren't popping up all the time....
I don't see how the root poster had a "problem" with PayPal. He had a problem with a bad seller that used PayPal to screw him over.
Which means he had a problem with PayPal - Paypal's big selling point is protection if a party in the transaction screws you. Thats the whole point! But in most cases it seems the person bringing the complaint gets screwed (frozen accounts, etc) and the lengthy investigation generally yields little for all the hassle.
Re:Hard to install and setup?
on
Future Of IDS
·
· Score: 2
Disclaimer: I'm the author and v1.1 needs to be released soon:)
Re:Arrogance more powerful than its technology?
on
This is IT?
·
· Score: 2
Imagine leaning forward less than a millimeter and it all the sudden starts moving forward.
Which sucks if you happen to lean forward in front of a wall:) Whats it do? Move forward and crash you into the wall or stop and let you fall into the wall?
And thus you have your choices. Is it cheaper to purchase an MS platform with off the shelf products and wait for your vendor to release the version of an app you need (no telling how long you'll wait and waste $$$) vs using Linux and writing some stuff yourself if the apps you need aren't already there.
There's nothing wrong with either - its whatever is best for you. I can't imagine porting gzip from 32-bits to 64-bits would take 6 months but who knows.
Yes but this is typical Microsoft user mindset - having to wait for the vendor to release a new version with a feature you need. The beauty of Linux is - you want it badly enough? Write it! If not stick with what works or see if others out there have the same concern and are willing to help out
We run a Windows 2000 Adv. Server domain that seems to run well for the most part but acts... haunted, as if it's just scared to run stable all the time.
ROFLMAO! Best description of Windows servers I've ever seen acting... haunted:)
The AV companies share viruses amongst themselves because there is a high level of trust even though they are in competition
Which raises an interesting question. Are virus signatures or better yet the def file to match against a virus signature copyrightable? I'm not an AV guru by any means, but if someone figured out how to reverse engineer the signatures for various virii from a comercial def file - would there be copyright issues? Heck - teh virus writer owns the copy right to the virus:) Isn't a signature often a cobination of code snippets to match against? So I can't see how an AV company could claim copyright on a signature - but maybe I'm wrong. Thoughts?
C'mon people, we won't be taken seriously if we can't even learn the jargon.
Wait - I believe almost everyone here will tell you they believe fair use to mean 'If I buy a song/movie, I can make copies of that said media for MY personal use only. This is commonly referred to as 'fair-use' and grew out of the rulingas and laws passwed when VCRs first came onto the scene. Now the jargon may be wrong, though EVERYONE seems to use it when referring to this scneario) SO if the term fair-use isn't the right term IYHO for personal copying for personal use, what is?
Do you honestly think ATI is the only one doing this? I sincerely doubt it. All teh video card makers know the HW sites use X set of benchmarks and will work to ensure the best possible performance for them. Besides - who cares? Its not cheating. Just because you have certain optomizations which kick in for various popular apps is just giving your customer better performance for stuff they are likely to use.
There are unknowns like perhaps these optomizations impact overall performance? So they are selective? What would you rather have? Faster Quake performance at the expense of over all performance or better Quake performance with the best overall performance you can get?
This is just nitpicking to try and make news. Everyone knows the HW makers tune their systems around benchmarks - hell even the CPU makers try to do it I'm sure.
From the look of the pictures I'm afraid you used the wrong type of box. I don't know how to describe it, but boxes from Asia have a greenish tan tint to them and it is very weak to side impact. Most US boxes have a more of a brown/tan tint and are often MUCH sturdier. The way the box collapsed and tore looks just like the damage I've seen with cheap asian cardboard.
I'm sure UPS dropped this multiple times from extremely high levels nad probably ran into it with a forklift:) but it really seems like the box you used did contribute to the damagae since it wasn't even close to sturdy enough.
I'll second that. I've got an Inspiron 5000e with the UXGA display and I run @ 1600x1200 - its awesome. But I just got another laptop - COmpaq N400c for ultra portability - so I was bumped back to XGA. However, it has all the ports (some get dropped on Dell & IBM ultra thins) and it has 8MB of vid memory while most others still have 4MB - hate it if you dock it. But at 3.5lbs and.89" - very sweet. Only problem with ultra portables is the battery life SUCKS for obvious reasons (they're small to reduce weight)
Re:The true potential for the XBOX
on
XBox Released
·
· Score: 2
I'm with you - while MS makes my skin crawl, its a decent box for the price which I expect will drop. Anyone up for starting www.hackxbox.org?:) If this thing can be hacked so it'll run linux - that would be fun! Thats why Tivo's are so much fun! Of course, my only beef is the thing is HUGE. Box is an understatement.:)
But I look forward to hearing folks stories of hack attempts - it could bath new life into the Xbox:)
Strange. I've got an Irongate board (Biostar M7MKA) with a Slot A 700MHz Athlon and AI All In Wonder with AGPgart compiled in - never had a problem. I don't doubt its an issue - but it may not be THAT widespread.
And even if it is - what is AMD going to do about it? Why aren't you hassling the folks who hack agpgart for assistance in implementing the workaround?
The grades are based on information the departments gave to the Office of Management and Budget (OMB). Under a new federal law, agencies must report regularly to OMB on their efforts to keep computers safe.
Please - this was just an audit of what agencies SAID they did. Can you imagine the grade they'd get if they actually scanned the systems and networks for vulnerabilities? A monumental task no doubtm but still scary to contemplate.
Of course the flip side is that the security may be much better than this report leads you to believe. I'd imagine many gov't sysadmins have secured systems beyond what the paper pushers have speced out for them.
I might as well get a real banking business account, they'd let me accept MC/Visa too
How bad are the fees? Credit Cards are scary expensive to accept. First you pay the discount fee, anywhere from 2.5% to like 3.75% or worse if the address verification fails. Plus you have to pay the processor (the place that processes the transaction. Either via a monthy fee ($25 to $100/month), transaction charge (like 25 cents or so) or both. Then you have to pay the bank that maintains your merchant account - they charge you $10 just to send you a statement each month. Then they charge you the minimum discount fee - usually $20 or so which means if you only have a couple transactions that month and the discount charges are
So is paypal this bad? Credit cards are nice - no doubt. Easy to challeneg, etc. But you also have to realize they are clamping down on online merchants HARD. They now have VERY detailed security policies in terms of where CC info can be stored, how its encrypted, etc. This is a good thing, but it adds to the cost.
So don't assume it'll be a cake walk with credit cards.
Ugh - really wish that edit feature was in slashcode:) I never seem to catch them all in Preview!
What I meant to say in the paragraph near the end was we used to have a two stage release cycle: 2.odd for development and 2.even for stable prodcution, now we have a 3 stage release. 2.odd for development, 2.even.low# for large scale beta test and late features, and 2.even.high#/maintenance handoff from Linus for production stable releases. I think the latter is a good thing.
how this wound up in a 2.4.* kernel instead of 2.5.*, where right now it really belongs,
Heck if we can swap out the VM midstream, this is nothing:) Actually I think Linus was VERY smart to push the new VM into the kernel. Why? Because I believe he avoided a LOT of people running patched kernels until 2.5 was released. It was obvious the 2.4 VM was broken. Had he held off, folks would have realized (though probably slowly) that the new VM was better and they'd have patched it in anyway.
The same holds true for ext3. RedHat is already shipping it with RH 7.2. Its rock solid from their standpoint. So it makes sense to include it in the stable kernel. Sure, we all wish Linus had the ESP ability to have known to include these things at 2.4.0 (wait the new VM didn't exist then:) ) but given current circumstances, these are smart moves. Otherwise we'd all be patching kernels for another year to get ext3 (if we wanted it) and the new VM.
Yes, I realize patching kernels is a fact of life - I do it all the time to get XFS for my desktops and servers, but the less patches I need to worry about the better.
We can stick our noses in teh air and talk about how Linus never let big feature patches into the kernel before - well, everyone is allowed to change their mind. Besides, its not THAT huge a deal. If you're worried about stability, stick with what works. But if you need newer features for your setup, you can use a more recent stable kernel.
In the end, this ensures stuff in high demand sees production use earlier. If we waited to 2.6, you'd just be delaying it to far, not just for the new kernel development time, but also the 'I can't use 2.6.0 in a production box) so you'd wait until a later release. Just like you've waited to deploy 2.4.x production, right?:)
Things change. RIght now, I'd say for the bulk of the production systems, the smart move is to wait until Linus hands the kernel off for maintenance. Once that happens it'll see MUCH less churn. Befure we had 2 release stages... 2.x where x is odd for development, 2.even#.low# for release beta, and 2.even#.big# for stable production ready kernels I think thats a good thing. Besides its all relative - saying Linus shouldn't put x, y, z in the kernel because the last number is too high is pointless. We just need to adjust to the new release schedule!
I'm glad 2.4 has what it has. Now hopefully 2.6 will have XFS and I can run vanilla kernels again (nah - never gonna happen:) )
How about some web sites return valid data that can be many K? Like front ends to a data base? Even with minimal HTML. Not all large web pages are bloated - they may actually conain valid data.
I knew modems compressed, but I always thought gzip and friends did text better. I'm only looking at compressing text based files (HTML, etc) larger than a certain size since my site often has long text files (not messy HTML - just lots of data) Can you point to some papers that outline the difference between modem compression of text to gzip? It would make interesting research. we're looking at mod_gzip for numerous reasons which include reducing our bandwidth use on the server end. But I'd like to make sure I won't make things WORSE for modem users. If I make them better or its a wash - thats fine - the broadband users will benefit (and so will we) But I wouldn't want to worsen a modem users experience by any large measure.
I didn't mean to imply I was surprised that the majority of users still use modems - I realize that. My point was that the ratio isn't changing regarding broadband to modem users. Thats all. Broadband is showing growth - the trick is answering at the expense of modems OR are they new users completely (not likely) So, I actualyl do have a clue. But I can still be surprised the # of modem users isn't dropping faster.
It still amazes me the # of users of my websites that still use modems. We are now planning to install mod_gzip for Apache to help modem users download our larger pages faster. It didn't seem worth it at first with folks moving to broadband, but we still found many of our users listing 'modem' as their primary access method when they register. Plus it'll reduce our bandwidth demand for users who have broadband - they'll get larger files faster too. Yeah, it adds overhead on teh server CPU, but for us its worth it since we have headroom to spare.
That's convoluted? Under your proposal hardly anyone would be able to edit their comment after like 30 minutes - and even worse, if someone replies and says 'you made a mistake' you can't go and fix it! My proposal eliminates just about all avenues of abuse without penalizing people left and right. You can't edit yourself out of -1 or 0 and you can't toss goatse.cx into a +5 comment and expect it to stay there - it goes to +1 and will disappear in no time.
I wasn't saying don't allow 0/-1 comments to be edited - I said don't change teh mod score - let them edit it at will since they're so close to the hole. But anything at +1 or higher would have its mod score reset to +1 - simply easy
Slashdot Mirror
One of the biggest problems I've faced is that fact that while many users now have anti-virus programs, they are not configured properly. Usuaully the AV program is just doing background scans. No download or email attachment scanning is enabled and auto update is rarely enabled. I've spent weeks ensuring that users get the programs configured for maximum protection with minimal user impact. Surprisingly enough - the users don't mind the full scan popping up minimized to run during hte day once a week along with transparent background/email scanning. Works great, except when something like Goner hits and there are no dignatures out for it yet - we got hit hard by that one (the users KNOW they shouldn't have opened the file but did anyway :) - even admitted they knew better)
Of course my next step is to experiment with hueristics which will help protect against new stuff but the trick is ensuring the AV warnings aren't popping up all the time....
Which means he had a problem with PayPal - Paypal's big selling point is protection if a party in the transaction screws you. Thats the whole point! But in most cases it seems the person bringing the complaint gets screwed (frozen accounts, etc) and the lengthy investigation generally yields little for all the hassle.
Disclaimer: I'm the author and v1.1 needs to be released soon :)
Which sucks if you happen to lean forward in front of a wall :) Whats it do? Move forward and crash you into the wall or stop and let you fall into the wall?
There's nothing wrong with either - its whatever is best for you. I can't imagine porting gzip from 32-bits to 64-bits would take 6 months but who knows.
Yes but this is typical Microsoft user mindset - having to wait for the vendor to release a new version with a feature you need. The beauty of Linux is - you want it badly enough? Write it! If not stick with what works or see if others out there have the same concern and are willing to help out
ROFLMAO! Best description of Windows servers I've ever seen acting ... haunted :)
Which raises an interesting question. Are virus signatures or better yet the def file to match against a virus signature copyrightable? I'm not an AV guru by any means, but if someone figured out how to reverse engineer the signatures for various virii from a comercial def file - would there be copyright issues? Heck - teh virus writer owns the copy right to the virus :) Isn't a signature often a cobination of code snippets to match against? So I can't see how an AV company could claim copyright on a signature - but maybe I'm wrong. Thoughts?
Wait - I believe almost everyone here will tell you they believe fair use to mean 'If I buy a song/movie, I can make copies of that said media for MY personal use only. This is commonly referred to as 'fair-use' and grew out of the rulingas and laws passwed when VCRs first came onto the scene. Now the jargon may be wrong, though EVERYONE seems to use it when referring to this scneario) SO if the term fair-use isn't the right term IYHO for personal copying for personal use, what is?
There are unknowns like perhaps these optomizations impact overall performance? So they are selective? What would you rather have? Faster Quake performance at the expense of over all performance or better Quake performance with the best overall performance you can get?
This is just nitpicking to try and make news. Everyone knows the HW makers tune their systems around benchmarks - hell even the CPU makers try to do it I'm sure.
I'm sure UPS dropped this multiple times from extremely high levels nad probably ran into it with a forklift :) but it really seems like the box you used did contribute to the damagae since it wasn't even close to sturdy enough.
I'll second that. I've got an Inspiron 5000e with the UXGA display and I run @ 1600x1200 - its awesome. But I just got another laptop - COmpaq N400c for ultra portability - so I was bumped back to XGA. However, it has all the ports (some get dropped on Dell & IBM ultra thins) and it has 8MB of vid memory while most others still have 4MB - hate it if you dock it. But at 3.5lbs and .89" - very sweet. Only problem with ultra portables is the battery life SUCKS for obvious reasons (they're small to reduce weight)
But I look forward to hearing folks stories of hack attempts - it could bath new life into the Xbox :)
And even if it is - what is AMD going to do about it? Why aren't you hassling the folks who hack agpgart for assistance in implementing the workaround?
Of course the flip side is that the security may be much better than this report leads you to believe. I'd imagine many gov't sysadmins have secured systems beyond what the paper pushers have speced out for them.
*cough*Netscape*cough* Though I use Mozilla as my primary browser and love it, NS 6.00 off M1x was still a bonehead move IMHO.
How bad are the fees? Credit Cards are scary expensive to accept. First you pay the discount fee, anywhere from 2.5% to like 3.75% or worse if the address verification fails. Plus you have to pay the processor (the place that processes the transaction. Either via a monthy fee ($25 to $100/month), transaction charge (like 25 cents or so) or both. Then you have to pay the bank that maintains your merchant account - they charge you $10 just to send you a statement each month. Then they charge you the minimum discount fee - usually $20 or so which means if you only have a couple transactions that month and the discount charges are So is paypal this bad? Credit cards are nice - no doubt. Easy to challeneg, etc. But you also have to realize they are clamping down on online merchants HARD. They now have VERY detailed security policies in terms of where CC info can be stored, how its encrypted, etc. This is a good thing, but it adds to the cost.
So don't assume it'll be a cake walk with credit cards.
What I meant to say in the paragraph near the end was we used to have a two stage release cycle: 2.odd for development and 2.even for stable prodcution, now we have a 3 stage release. 2.odd for development, 2.even.low# for large scale beta test and late features, and 2.even.high#/maintenance handoff from Linus for production stable releases. I think the latter is a good thing.
Heck if we can swap out the VM midstream, this is nothing :) Actually I think Linus was VERY smart to push the new VM into the kernel. Why? Because I believe he avoided a LOT of people running patched kernels until 2.5 was released. It was obvious the 2.4 VM was broken. Had he held off, folks would have realized (though probably slowly) that the new VM was better and they'd have patched it in anyway.
The same holds true for ext3. RedHat is already shipping it with RH 7.2. Its rock solid from their standpoint. So it makes sense to include it in the stable kernel. Sure, we all wish Linus had the ESP ability to have known to include these things at 2.4.0 (wait the new VM didn't exist then :) ) but given current circumstances, these are smart moves. Otherwise we'd all be patching kernels for another year to get ext3 (if we wanted it) and the new VM.
Yes, I realize patching kernels is a fact of life - I do it all the time to get XFS for my desktops and servers, but the less patches I need to worry about the better.
We can stick our noses in teh air and talk about how Linus never let big feature patches into the kernel before - well, everyone is allowed to change their mind. Besides, its not THAT huge a deal. If you're worried about stability, stick with what works. But if you need newer features for your setup, you can use a more recent stable kernel.
In the end, this ensures stuff in high demand sees production use earlier. If we waited to 2.6, you'd just be delaying it to far, not just for the new kernel development time, but also the 'I can't use 2.6.0 in a production box) so you'd wait until a later release. Just like you've waited to deploy 2.4.x production, right? :)
Things change. RIght now, I'd say for the bulk of the production systems, the smart move is to wait until Linus hands the kernel off for maintenance. Once that happens it'll see MUCH less churn. Befure we had 2 release stages... 2.x where x is odd for development, 2.even#.low# for release beta, and 2.even#.big# for stable production ready kernels I think thats a good thing. Besides its all relative - saying Linus shouldn't put x, y, z in the kernel because the last number is too high is pointless. We just need to adjust to the new release schedule!
I'm glad 2.4 has what it has. Now hopefully 2.6 will have XFS and I can run vanilla kernels again (nah - never gonna happen :) )
How about some web sites return valid data that can be many K? Like front ends to a data base? Even with minimal HTML. Not all large web pages are bloated - they may actually conain valid data.
I knew modems compressed, but I always thought gzip and friends did text better. I'm only looking at compressing text based files (HTML, etc) larger than a certain size since my site often has long text files (not messy HTML - just lots of data) Can you point to some papers that outline the difference between modem compression of text to gzip? It would make interesting research. we're looking at mod_gzip for numerous reasons which include reducing our bandwidth use on the server end. But I'd like to make sure I won't make things WORSE for modem users. If I make them better or its a wash - thats fine - the broadband users will benefit (and so will we) But I wouldn't want to worsen a modem users experience by any large measure.
I didn't mean to imply I was surprised that the majority of users still use modems - I realize that. My point was that the ratio isn't changing regarding broadband to modem users. Thats all. Broadband is showing growth - the trick is answering at the expense of modems OR are they new users completely (not likely) So, I actualyl do have a clue. But I can still be surprised the # of modem users isn't dropping faster.
It still amazes me the # of users of my websites that still use modems. We are now planning to install mod_gzip for Apache to help modem users download our larger pages faster. It didn't seem worth it at first with folks moving to broadband, but we still found many of our users listing 'modem' as their primary access method when they register. Plus it'll reduce our bandwidth demand for users who have broadband - they'll get larger files faster too. Yeah, it adds overhead on teh server CPU, but for us its worth it since we have headroom to spare.
That's convoluted? Under your proposal hardly anyone would be able to edit their comment after like 30 minutes - and even worse, if someone replies and says 'you made a mistake' you can't go and fix it! My proposal eliminates just about all avenues of abuse without penalizing people left and right. You can't edit yourself out of -1 or 0 and you can't toss goatse.cx into a +5 comment and expect it to stay there - it goes to +1 and will disappear in no time.
I wasn't saying don't allow 0/-1 comments to be edited - I said don't change teh mod score - let them edit it at will since they're so close to the hole. But anything at +1 or higher would have its mod score reset to +1 - simply easy