No matter how secure you think a network is, there's always some idiot that does something like: 1. Upload 50 GB of downloaded music onto a secure network. 2. Upload 1 TB of downloaded movies onto a secure network. 3. General wants his/her Wikipedia fix, so there's one hole in the network security. 4. General #2 wants to check his/her Fantasy Football team from a secure network, hole #2 in security. 5. Etc. Etc. Etc.
So-called "secure" networks are nothing of the sort. They leak like a colander.
Second, the Libyan President went on TV 1 week after the attack and said it was a terrorist attack. With the enormous intelligence budget we give to all the various Three-Letter Agencies, the U.S. should have known before a fledgling country with no intelligence agencies.
10. I would also look into alternate ways to cool your server room. For example, if you are somewhere that has cold winters, look into an intake fan for server room cooling. Why run your AC when the air outside is already 40 degrees?
So where is the proof that he was in front of the computer and uploaded the video? Was his Probation officer taking a nap since July, when the video was actually uploaded? Just because someone makes a Facebook account with my name on it that has a picture of me doesn't mean that I uploaded it. There is ZERO attributable on the internet.
This is the government grasping at straws. They have no case, they just want to safe face 1 month before the election.
Meanwhile, this guy is in jail. While the actual terrorists who assassinated a U.S Ambassador and 3 other State Department officials are still at large. Glad to see our priorities are straight.
Are they going to place the cameras and microphones behind their other patent, the "telescreen"? While we are at it, let's call this company the "Ministry of Love".
Sounds like the Great Firewall engineers are looking for some free security pointers from the rest of the world. Any idea we come up with will be blocked before this schmuck gets over there.
But seriously, you should just take a real vacation and not work. Or cancel the vacation and stay at home, working. Better to play it safe and not end up in Chinese gulag for the next 30 years.
Finally, a long term solution so that my great-great-great-great-great-great-great-great-great grandkids can see my baby pictures, listen to my Fallout Boy CDs, and watch my disturbing pr0n collection. I'll order a dozen!
Population density in Guangdong province is 1,390/sq mi . Let's compare to some other US cities: Anaheim, CA - 6,600/sq mi (Guangdong is not Anaheim, CA) San Jose, CA - 5,400/sq mi
So Guangdong is 3 times less densely populated than Anaheim California. You could compare the province to Santa Clara County (1,400/sq m), which has the San Jose metro area within it. However there are places like Gilroy, Morgan Hill, Henry Coe State Park, and other largely uninhabited areas of the county. Just look at a map, or be someone who grew up in the San Jose area (me)
That's why their factories are in the middle-of-nowhere China. The real ironic part is the same people who buy Apple products are the same people who complain about Wal-Mart not offering a "fair wage" to their employees.
When I go to that site, I get the following error message:
BANNED: This website has been blocked by the Ayatollahs for promoting intolerance against Muslims. For attempting to access it, our Revolutionary Guard ninjas will be coming to arrest you, put you in front on a puppet court, and sentence you to death. To save yourself some time, you can always leave a loaded AK-47 in your doorstep and the ninjas will be more than happy to stage a suicide for you.
Hi Slashdotters, I work for the Ayatollahs of Iran. As you may know, we have decided to create our own internet, without the dangers of a free society like porn (seeing any part of a woman besides her eyes), pictures of Muhammed (Allah Akbar!), and Jewish influence (banks). I bought a Linksys router and am reading the user manual, however I do not understand how this works. There is a thin cable with 2 large metal sticks on one side. I thought it would plug into my camel, but when I tried she just spit on me and kicked me in the face. Also, I only see 4 ports. How am I going to wire the internet for an entire country with only 4 connections? Does the rest of the free world have some sort of timeshare for the internet? Please help my government oppress free speech!
We are a pretty small and informal shop. Our managers only require approval if we will be violating or circumventing any sort of security policy with the intended operation. So if I wanted to install some sort of P2P or VOIP client, they would have a fit. However if I am just adding another Apache instance, updating Perl, or throwing in some.jar files, there are no problems with it.
And yes, while I am sure most developers see such simple e-mails, I've always found it best to start "script" before I install anything, that way I can show them the exact error message.
I disagree with the BETA comment as in most enterprises I have worked in, there comes a point where new internal software needs to be tested by the actual users for proper feedback to be received before final deployment. Refusing to install BETA versions in a controlled test environment is just plain dumb and hinders the progress of such project.
No problem with installing beta versions in a test environment. Admittedly I put the most important description of the system at the end of that sentence.... "production box". The developers I work with have a test server (that I maintain) with their sandbox for controlled testing. However I was more focusing on live systems that other people use regularly.
In some environments, you are 100% correct. Not in my environment, which the developers are not contractors and as the systems administrator I have full control of the boxes, as long as they do not want some sort of terrible security practice (telnet, password123, etc). In a more restrictive environment, you are 100% correct.
When I get the e-mail from a developer, I hunt them down to figure out what exactly is going on, what the software does, etc. Then I bring up the logs, install it, and watch them try to use the software. I use the logs to find any settings which have to be changed, usually changing them before the developer even e-mails me.
As a systems administrator, nothing frustrates me more than when a developer sends me an e-mail that says "install this".
First, they do not always say what the software is supposed to do, so I cannot prepare for any security requirements. I am rarely told if it needs a port opened, I have to check the security logs to see if the software is trying to communicate through the network.
Second, while I may have the ability to fix their software, I prefer not to mess with their code or configuration. Since I may not know what their software is supposed to do, I may get it running I do not know if it is operating properly.
Third, if you are asking me to install alpha or beta versions on a live system, it's usually a bad idea. I have no problem installing it on a test server or a VM, but I hate putting it on a production box.
It is good to know that signal intelligence agencies everywhere bend and break the law of their own countries. Not because it is good, but because I now know that no country's communications are truly safe.
While they are at it, perhaps their accounting department should replace the plumbing in their office building, the secretaries should swap the engine in the CEO's car, and let's have the janitors install a new security system. What could possibly go wrong?
Slashdot Mirror
No matter how secure you think a network is, there's always some idiot that does something like:
1. Upload 50 GB of downloaded music onto a secure network.
2. Upload 1 TB of downloaded movies onto a secure network.
3. General wants his/her Wikipedia fix, so there's one hole in the network security.
4. General #2 wants to check his/her Fantasy Football team from a secure network, hole #2 in security.
5. Etc. Etc. Etc.
So-called "secure" networks are nothing of the sort. They leak like a colander.
So tell me, how many years did you spend "serving your country"?
IE6? You are being way too generous. Try Netscape 3.0.
First off, CSI Miami is 42 minutes long.
Second, the Libyan President went on TV 1 week after the attack and said it was a terrorist attack. With the enormous intelligence budget we give to all the various Three-Letter Agencies, the U.S. should have known before a fledgling country with no intelligence agencies.
It takes the White House 2 weeks to acknowledge that the assassination of a U.S. Ambassador is a terrorist attack.
It takes the White House less than one day to acknowledge that Chinese hackers have breached an unclassified system.
10. I would also look into alternate ways to cool your server room. For example, if you are somewhere that has cold winters, look into an intake fan for server room cooling. Why run your AC when the air outside is already 40 degrees?
11. Jeffries tubes. They work great on starships.
So where is the proof that he was in front of the computer and uploaded the video? Was his Probation officer taking a nap since July, when the video was actually uploaded? Just because someone makes a Facebook account with my name on it that has a picture of me doesn't mean that I uploaded it. There is ZERO attributable on the internet.
This is the government grasping at straws. They have no case, they just want to safe face 1 month before the election.
Meanwhile, this guy is in jail. While the actual terrorists who assassinated a U.S Ambassador and 3 other State Department officials are still at large. Glad to see our priorities are straight.
Time to have a funeral for the 1st Amendment.
Solaris 5 (work) > Red Hat 5 (work) / Fedora 12 (home) > Ubuntu 12.04 (work/home), openSUSE 12.1 (work), CentOS 6.2 (work)
Are they going to place the cameras and microphones behind their other patent, the "telescreen"? While we are at it, let's call this company the "Ministry of Love".
So that's who wrote Flame and Stuxnet.....
Sounds like the Great Firewall engineers are looking for some free security pointers from the rest of the world. Any idea we come up with will be blocked before this schmuck gets over there.
But seriously, you should just take a real vacation and not work. Or cancel the vacation and stay at home, working. Better to play it safe and not end up in Chinese gulag for the next 30 years.
I am Sparticus and my collection is amazing.
It's just Fallout Boy, no big loss. However, my Lisa Ann video collection needs to be preserved for all eternity.
Finally, a long term solution so that my great-great-great-great-great-great-great-great-great grandkids can see my baby pictures, listen to my Fallout Boy CDs, and watch my disturbing pr0n collection. I'll order a dozen!
Population density in Guangdong province is 1,390 /sq mi . Let's compare to some other US cities:
Anaheim, CA - 6,600/sq mi (Guangdong is not Anaheim, CA)
San Jose, CA - 5,400/sq mi
So Guangdong is 3 times less densely populated than Anaheim California. You could compare the province to Santa Clara County (1,400/sq m), which has the San Jose metro area within it. However there are places like Gilroy, Morgan Hill, Henry Coe State Park, and other largely uninhabited areas of the county. Just look at a map, or be someone who grew up in the San Jose area (me)
That's why their factories are in the middle-of-nowhere China. The real ironic part is the same people who buy Apple products are the same people who complain about Wal-Mart not offering a "fair wage" to their employees.
When I go to that site, I get the following error message:
BANNED: This website has been blocked by the Ayatollahs for promoting intolerance against Muslims. For attempting to access it, our Revolutionary Guard ninjas will be coming to arrest you, put you in front on a puppet court, and sentence you to death. To save yourself some time, you can always leave a loaded AK-47 in your doorstep and the ninjas will be more than happy to stage a suicide for you.
Sincerely - The Ayatollahs
Ask Slashdot: Creating your own network.
Hi Slashdotters, I work for the Ayatollahs of Iran. As you may know, we have decided to create our own internet, without the dangers of a free society like porn (seeing any part of a woman besides her eyes), pictures of Muhammed (Allah Akbar!), and Jewish influence (banks). I bought a Linksys router and am reading the user manual, however I do not understand how this works. There is a thin cable with 2 large metal sticks on one side. I thought it would plug into my camel, but when I tried she just spit on me and kicked me in the face. Also, I only see 4 ports. How am I going to wire the internet for an entire country with only 4 connections? Does the rest of the free world have some sort of timeshare for the internet? Please help my government oppress free speech!
We are a pretty small and informal shop. Our managers only require approval if we will be violating or circumventing any sort of security policy with the intended operation. So if I wanted to install some sort of P2P or VOIP client, they would have a fit. However if I am just adding another Apache instance, updating Perl, or throwing in some .jar files, there are no problems with it.
And yes, while I am sure most developers see such simple e-mails, I've always found it best to start "script" before I install anything, that way I can show them the exact error message.
I disagree with the BETA comment as in most enterprises I have worked in, there comes a point where new internal software needs to be tested by the actual users for proper feedback to be received before final deployment. Refusing to install BETA versions in a controlled test environment is just plain dumb and hinders the progress of such project.
No problem with installing beta versions in a test environment. Admittedly I put the most important description of the system at the end of that sentence.... "production box". The developers I work with have a test server (that I maintain) with their sandbox for controlled testing. However I was more focusing on live systems that other people use regularly.
In some environments, you are 100% correct. Not in my environment, which the developers are not contractors and as the systems administrator I have full control of the boxes, as long as they do not want some sort of terrible security practice (telnet, password123, etc). In a more restrictive environment, you are 100% correct.
When I get the e-mail from a developer, I hunt them down to figure out what exactly is going on, what the software does, etc. Then I bring up the logs, install it, and watch them try to use the software. I use the logs to find any settings which have to be changed, usually changing them before the developer even e-mails me.
As a systems administrator, nothing frustrates me more than when a developer sends me an e-mail that says "install this".
First, they do not always say what the software is supposed to do, so I cannot prepare for any security requirements. I am rarely told if it needs a port opened, I have to check the security logs to see if the software is trying to communicate through the network.
Second, while I may have the ability to fix their software, I prefer not to mess with their code or configuration. Since I may not know what their software is supposed to do, I may get it running I do not know if it is operating properly.
Third, if you are asking me to install alpha or beta versions on a live system, it's usually a bad idea. I have no problem installing it on a test server or a VM, but I hate putting it on a production box.
It is good to know that signal intelligence agencies everywhere bend and break the law of their own countries. Not because it is good, but because I now know that no country's communications are truly safe.
While they are at it, perhaps their accounting department should replace the plumbing in their office building, the secretaries should swap the engine in the CEO's car, and let's have the janitors install a new security system. What could possibly go wrong?