* more secure - Windows is harder to crack, because it's not designed so that something like cracking the mouse driver (gpm) gives you root access
This is funny. I remember the mouse my friend bought few years age. I don't remember the manufacturer, It was a small shop anyway. Probably crushed out of market by Microsoft/Logitech.
Back to the point. The mouse driver it came with, had a nice option to map commands to the extra buttons. While testing on NT3.5, we soon found out that the commands bound were run as (drum rolls) Administrator!
So what, it was a third party driver but techically speeking so GPM as well... And I'm pretty sure that NT's drivers have local security holes just waiting for finders. So far nobody has cared to search for them since remote use of NT has been so hard. I call it Security via unusability.
..well, I remember their first "promise on paper" was pyramid3d. That was 1996 summer, I think... A few name changes, new papers, and they have yeat another killer "just around corner". As long as computer newspaper reports change more often than their design, they will be able to generate hype.
..Essentially,.NET is an effort to help traditional Visual C++ and Visual Basic programmers catch up with the times....
Both these languages has still a huge market share than anything else in the world.
Yeah, just like cobol had a huge market share. Remind thee, that nearly every college teaches basics of programming in Java - Clean api, pure object orientness, no need to force students nor collages buy any licenses.
visual basic may be easy, but doesn't teach well o-o and doesnt have a clean class library. c++ is way too complex for the first language. C# is a lot better, but still suffers from win32 api. I woudn't expose a newbie to it. Heck, one can scare kids with something like win32 threads!
Wonder what all those who have been teached Java will do once they graduate? Learn another language while the one they know already does what they want?
well... I client planned to phase out HPUX on desk, but din't do so, because they counted that (from experience on other departments) that NT network maintanance requires twice (!) the support staff than the Unix lan.
But the users are not satisfied with the tools/CDE available on HPUX, and situation is still open. I tried to suggest Linux, but they don't want to make their users pioneers.
With w2k as a huge improvment over NT on managment side and on the other side GNOME/KDE/Openoffice usability improvment looks competition is getting really tough.
I Assume they thought that he could just as well be the hacker who had just thought of a even funnier joke to add on the front page.
Still, assuming that your activities are not logged is stupid and even more stupid to think that poiking around a recently hacked site wont be noticed.
...But they still need to relax their Distribution restrictions - If java2 doesn't come as a standard part of Linux distributions, they will have hard Time trying to attract Linux users. Windows users will go with.net anyway. Which leaves OS X/Solaris as the only serious java2 platforms.
Both have the problem of running on hardware with a bad bang/buck ratio.
Hopefully their co-operation with apache project might eventually wake them up.
This is a nice example of window security is the following worm. Or how about password passing? The only reason windows machines aren't cracked so often is that are not so easy to use remotly as Unixen. Windows 2000 is about to change this....
DO NOT post exploits to the general public; insist that securityfocus, bugtraq, and others only allow legitimate developers to view them. Exploits are
the equivalent of guns and ammo, and there is a great need for background checks!
No way. I insist on being able to review the exploits, review the vulnerabilities and so forth. I want to patch my holes, but I want that they're there
before I go ahead and patch. Also, the exploits puts a fire in the asses of the developers. It makes sure that they do produce a fix, and fast. I, as a
security admin for my company want those fixes asap. I don't want to live months without them because there is a bunch of lazy admins in the world
that should "be protected". No thank you.
No. Make an exploit. send it to to developer. Publish it on bugtraq only if the developers don't respond. exploits are ammunition. handle them with care.
Having developers/distributions distribute fixed versions before exploit gets wild is win for everyone.
Whatever, finding unix jobs as a newbie can be hard, most require some experiense. dotcoms are usually less picky about experiense. use netcraft to find dotcoms that haven't been assimilated.
well... I don't feel 1337 for using debian. I use it, because keeping it up to date is so easy / installing new software is even more ridicolously easy. apt-get my ass before I'll go to the hell my mate has finding/installing grip,pan,openssh and satisfiyng their depencies on redhat. However, to get support for oracle/smallworld, I still need redhat on some of our work servers.
Dan (the maker of djdns) sure makes secure code, but at anno domini 2000 it is totally unnaceptable to have the following restrictions for distribution. this definetly not a open source license.
If I wanted to Improve djdns and distribute it, i couldn't. Same applies to qmail. Only sysadmins with unlimited time install Dan's software, as no distribution can accept Dan's restrictions and distribute precompiled versions.
Re:Is this kind of security needed for IRC?
on
IRC Improvements
·
· Score: 1
Well, having a more secure irc can't be bad. currently many corporations
block irc traffic with security as an excuse, with the real reason ofcourse
that users should not be wasting time on irc anyway.
But currently irc is a security threat, as the favourite hobby of
script kiddies is invading channels on irc. However, I don't see how ssl
connections to IRC will make it any more secure. Ofcourse, you can't
be sniffed, but channel/nick invasions remain.
personally, I have better expectations for silc,
which seems to be IRC Done right.
... Yes, it is slick, but AD2000 Most sites
have hardwired javascript, which Konqueror
seems not to be able to do... Probably
because of autodetection on the code,
but mozilla usually survives.
I mean, c'mon, never seen a core dump? It usually doesn't take me that much nastiness:-)
Yes, one night of agressive drinking should make even the toughest daemon core dumped.
Re:That's just your sick imagination
on
Qt Going GPL
·
· Score: 2
It uses viral effect to protect our software (Yes, our, not your or mine), by being viral. You can modify/extend/embrace GPL'd code, but the result will always be GPL'd. So you can't hide GPL'd code inside propierty code. (Unfortunatly, this hasn't been court tested yeat.)
What I ment to say, is that GPL's viral effect is a good thing, and we have just seen another victory of it. QT is brilliant piece of code, a fact that has been overseen while we have been fighting over the licences.
GPL virus has yeat another victim
on
Qt Going GPL
·
· Score: 4
For immedeate release 4th september 2000
The widespread virus called 'GPL' is spreading at alarming rate. Because most patients don't notice any symptoms, 'GPL' has managed to lurk it's way into so many lines of code, that many anylysts believe that all other copyright forms are about to become extinct. RMS, the author of the virus, has been spotted partying like a wild animal and laughing his beard off.
How about an add-on that lets you order airline tickets from inside your Evolution
program, with arrival and departure times automatically loaded into your
schedule?
Oh yeah, don't you just love the shop button on netscape and all the crap in the bookmarks? Looks like gnome desktop will start to remind the deja portal slowly...
the MSSQL7 issue will not be fixed, even in MSSQL2000, has resulted in hundreds of thousands of breakins
this is pathetic microsoft bashing. Please prove the hundreds of thousands of breakings, before making such claims. I think the magnitude is at hundreds...
Anyway, they have a useless firewall, if they let connections from internet to sql server. Although microsoft doesn't make it easier by locating sql server in port 1433,a unprivileged port... Even that would not be a problem, if Microsoft would respectt he spec and use local port ranges >= 4000.
Bad maintanance leads to breakings, but Microsoft has a done a nice job making good maintaning hard to achieve.
Slashdot Mirror
* more secure - Windows is harder to crack, because it's not designed so that something like cracking the mouse driver (gpm) gives you root access
This is funny. I remember the mouse my friend bought few years age. I don't remember the manufacturer, It was a small shop anyway. Probably crushed out of market by Microsoft/Logitech.
Back to the point. The mouse driver it came with, had a nice option to map commands to the extra buttons. While testing on NT3.5, we soon found out that the commands bound were run as (drum rolls) Administrator!
So what, it was a third party driver but techically speeking so GPM as well... And I'm pretty sure that NT's drivers have local security holes just waiting for finders. So far nobody has cared to search for them since remote use of NT has been so hard. I call it Security via unusability.
..well, I remember their first "promise on paper" was pyramid3d. That was 1996 summer, I think... A few name changes, new papers, and they have yeat another killer "just around corner". As long as computer newspaper reports change more often than their design, they will be able to generate hype.
..Essentially, .NET is an effort to help traditional Visual C++ and Visual Basic programmers catch up with the times....
Both these languages has still a huge market share than anything else in the world.
Yeah, just like cobol had a huge market share. Remind thee, that nearly every college teaches basics of programming in Java - Clean api, pure object orientness, no need to force students nor collages buy any licenses.
visual basic may be easy, but doesn't teach well o-o and doesnt have a clean class library. c++ is way too complex for the first language. C# is a lot better, but still suffers from win32 api. I woudn't expose a newbie to it. Heck, one can scare kids with something like win32 threads!
Wonder what all those who have been teached Java will do once they graduate? Learn another language while the one they know already does what they want?
Go to www.google.com and type "ppp atm linux" in the search box and hit the i'm feeling lucky button.
2)How many people/corperations are there who do have 45Mb/s access? The last 2 fortune 500 IT companies (one 100, one 100-200) I worked for had2Mb/s
I think He has 22x2mb or something similar. Not one 45mb link. Most of his boxes are probably rooted.
well... I client planned to phase out HPUX on desk, but din't do so, because they counted that (from experience on other departments) that NT network maintanance requires twice (!) the support staff than the Unix lan.
But the users are not satisfied with the tools/CDE available on HPUX, and situation is still open. I tried to suggest Linux, but they don't want to make their users pioneers.
With w2k as a huge improvment over NT on managment side and on the other side GNOME/KDE/Openoffice usability improvment looks competition is getting really tough.
Ever heard of criminal returning to the scene?
I Assume they thought that he could just as well be the hacker who had just thought of a even funnier joke to add on the front page.
Still, assuming that your activities are not logged is stupid and even more stupid to think that poiking around a recently hacked site wont be noticed.
...But they still need to relax their Distribution restrictions - If java2 doesn't come as a standard part of Linux distributions, they will have hard Time trying to attract Linux users. Windows users will go with .net anyway. Which leaves OS X/Solaris as the only serious java2 platforms.
Both have the problem of running on hardware with a bad bang/buck ratio.
Hopefully their co-operation with apache project might eventually wake them up.
This is a nice example of window security is the following worm. Or how about password passing? The only reason windows machines aren't cracked so often is that are not so easy to use remotly as Unixen. Windows 2000 is about to change this....
fte is the best "windows" keybinding editor around.
Then again, emacs's pc-select (activated with meta-x pc-select) is usually good enough, if you just like the shift+arrow shift+del & stuff.
Whatever. after learning the basics vi i've been using alarming lot just vim for random editing.
Instead of joining the religous editor war, I'm happily using them all.
Nedit - well it depended on motif, which made me skip it on the first place. ugly and used to be nonfree.
No way. I insist on being able to review the exploits, review the vulnerabilities and so forth. I want to patch my holes, but I want that they're there before I go ahead and patch. Also, the exploits puts a fire in the asses of the developers. It makes sure that they do produce a fix, and fast. I, as a security admin for my company want those fixes asap. I don't want to live months without them because there is a bunch of lazy admins in the world that should "be protected". No thank you.
No. Make an exploit. send it to to developer. Publish it on bugtraq only if the developers don't respond. exploits are ammunition. handle them with care.
Having developers/distributions distribute fixed versions before exploit gets wild is win for everyone.
This looks like monster.com or something...
Whatever, finding unix jobs as a newbie can be hard, most require some experiense. dotcoms are usually less picky about experiense. use netcraft to find dotcoms that haven't been assimilated.
see here and scroll down to the dogfood department. or check the links at here. They still haven't got rid of frisbee totally.
well... I don't feel 1337 for using debian. I use it, because keeping it up to date is so easy / installing new software is even more ridicolously easy. apt-get my ass before I'll go to the hell my mate has finding/installing grip,pan,openssh and satisfiyng their depencies on redhat. However, to get support for oracle/smallworld, I still need redhat on some of our work servers.
don't really exist.
FTP is probably the only protocol simple enough for handhelds anyway...
Dan (the maker of djdns) sure makes secure code, but at anno domini 2000 it is totally unnaceptable to have the following restrictions for distribution. this definetly not a open source license.
If I wanted to Improve djdns and distribute it, i couldn't. Same applies to qmail. Only sysadmins with unlimited time install Dan's software, as no distribution can accept Dan's restrictions and distribute precompiled versions.
Well, having a more secure irc can't be bad. currently many corporations
block irc traffic with security as an excuse, with the real reason ofcourse
that users should not be wasting time on irc anyway.
But currently irc is a security threat, as the favourite hobby of
script kiddies is invading channels on irc. However, I don't see how ssl
connections to IRC will make it any more secure. Ofcourse, you can't
be sniffed, but channel/nick invasions remain.
personally, I have better expectations for silc,
which seems to be IRC Done right.
... Yes, it is slick, but AD2000 Most sites
have hardwired javascript, which Konqueror
seems not to be able to do... Probably
because of autodetection on the code,
but mozilla usually survives.
Sorry for beeing ignorant -
/proc/ide/hda/identify
cat
Hdd's already have an serial number since, uh, foreaver?
I mean, c'mon, never seen a core dump? It usually doesn't take me that much nastiness :-)
Yes, one night of agressive drinking should make even the toughest daemon core dumped.
It uses viral effect to protect our software (Yes, our, not your or mine), by being viral. You can modify/extend/embrace GPL'd code, but the result will always be GPL'd. So you can't hide GPL'd code inside propierty code. (Unfortunatly, this hasn't been court tested yeat.)
What I ment to say, is that GPL's viral effect is a good thing, and we have just seen another victory of it. QT is brilliant piece of code, a fact that has been overseen while we have been fighting over the licences.
For immedeate release 4th september 2000
The widespread virus called 'GPL' is spreading at alarming rate. Because most patients don't notice any symptoms, 'GPL' has managed to lurk it's way into so many lines of code, that many anylysts believe that all other copyright forms are about to become extinct. RMS, the author of the virus, has been spotted partying like a wild animal and laughing his beard off.
Did not! Did start! Did not! Did start!...
Ever heard, that you need two for a fight?
I thought that I would add some "co-operation would be better than fighting", but at this stage of discussion, I realize it is pretty pointless...
Oh yeah, don't you just love the shop button on netscape and all the crap in the bookmarks? Looks like gnome desktop will start to remind the deja portal slowly...
the MSSQL7 issue will not be fixed, even in MSSQL2000, has resulted in hundreds of thousands of breakins
,a unprivileged port... Even that would not be a problem, if Microsoft would respectt he spec and use local port ranges >= 4000.
this is pathetic microsoft bashing. Please prove the hundreds of thousands of breakings, before making such claims. I think the magnitude is at hundreds...
Anyway, they have a useless firewall, if they let connections from internet to sql server. Although microsoft doesn't make it easier by locating sql server in port 1433
Bad maintanance leads to breakings, but Microsoft has a done a nice job making good maintaning hard to achieve.