But I've certainly used the tar over ssh method a few times, and I will be using it again soon for a nightly build install to a remote machine (cat tarball | (ssh rmachine tar -C / -x -f -))
Happens all the time on big networks. There's a seperate admin account, you call server ops and describe why you need admin access, they reset the password and tell you what it is. When you're done your task, you call them back and the reset the password again.
That is *insane*. I would never allow that on a network I ran. If you need someting and explain it, *it gets done*.
For anything else to happen means that your admins are having things installed that they either don't understand, can't [be bothered to] maintain, and/or are too lazy to implement.
I mean, really, what is less responsible - me installing and admin accessible ssh key when I install software, so that I can maintain it, or an admin letting someone install software that that they have no intention of maintaining? All software has bugs, and a lot of software has security issues. Who is gonna fix it when it breaks? The admin who could not be bothered to install it themself?
There have only been 2 places where I had to do f'd up security things (VPN, or admin type acces). BTW, I never installed ssh keys in a root acount, only admin stuff (access to a webroot that I needed to do work on because the IT folks wouldn't get around to it, etc). And really, the proof is in the pudding. When would you ever, EVER, give someone an admin password so they could do something, then change it later? OK, I could see logging in for someone who is there and needs something done on the spot, with you looking over their shoulder, but that's pretty lame. When you get right down to it, that just means you're not doing your job.
One of the places I needed to do that went out of business not all that long after I left (couple years). The other place was a group in a large company that imploded not 6 months after I left. Neither was because I was so cruicial to the project/company - they were just terribly run.
Having to do that kind of thing is generally a strong sign that I shouldn't be there, anyway (which is made more clear by the fact that neither survived).
I've done IT work for small companies (where I was mostly a programmer), and I've had root access on company machines, and I know what it means to be responsible security-wise, etc. These were good companies. But the bad ones that I had to work around - well, like I said: I did what needed doing.
Replaced the OS on my desktop with a more useful one. (goodbye, solaris) Implemented a VPN so I could work from home (twice, both "outbound" connectors - that is, they connected out from the company so as to defeat the company NAT/Firewall). Set up bugzilla instead of using their homebrew bug tracker (later adapted by the company). Set up a mailing list server to handle mailing lists (mailman, I think - on an unsupported OS on a "grey box" machine that had fallen off IT's tracker list). Dropped my ssh public key in various root or admin accounts that I was given "one shot access to - here's the password that we'll change after you log in". Set up an http proxy tunnel so that my group could surf via tunneled ssh through my home proxy (because the company proxy server would crash for half a day at a time, and I need online javadoc, thanks).
Note that most of these things are not needed most of the time - I usually work for companies that have their shit together. But there are times when I need to get stuff done.
To my future employers who find this posting (that I have decided not to post anon): treat me honestly and respectfully, and I'll do the same with you! I need VPN access, and I need a good bug tracker, and I need a mailing list server. None of that is unreasonable. If you don't provide it, though, I will. If you don't let me, I will anyway.
Square roots by hand aren't any more complicated than long division.
Actually, they are more complicated (there are a few more steps involved) - just no harder.
My father taught me how to do roots by hand... when I was young. It was never mentioned that it was even possible in any of my math classes (up through various calculus classes).
How do you define racist speech? Believe me, there would be as many definitions as there are people. For example, if I say "White men are violent" is that racist?
Yes. Try "Many white men are violent".
What if I say "Black males comprise 6% of the population in the US, but perpetrate 40% of the murders" Is that racist, if a statement of fact, because I didn't qualify it by saying that the high rate is due to 200+ years of oppression?
Not racist. Try "Blacks are murderers."
If I say "everyone but Asians are dumb" is that racist? What If I show test scores that show that Asians are more intelligent?
Racist. Try "on average, Asians tested better than other races".
Believe me- just about anything you say can be construed as racist. "The sky is blue" "Why it gotta be blue? Why can't it be black, you racist..."
How about this: applying a term uniformly across a mixed [ethnic/religious/whatever] group is [rac]ist.
You're kidding? Our phones are now silent. And I report every violation that calls in (had one yesterday for the first time in months). We used to get telemarketer calls several times a week (at least).
I have a business line, too, and it hasn't gotten any telemarketing calls that I can remember...
[If you work for a small company, the boss is the final word].
In which case you don't have an IT department. You have people (person) doing IT work.
[IT budgets suffer a lot when a company suffers]... but it's overstating things to say that they 'set their own budget', I think.
No department sets their own budget (for long). But that's not what I was saying - I was saying that an IT department HAS a budget. As opposed to just asking someone for money for something as things come up. As for the IT department having to borrow a user's desktop to replace a server? That's just bad planning.
What business do *you* work in? Everywhere I've ever been, the upper management controls the budget.
Various. You can find my resume if you look.
Your IT departments didn't have a presence in upper management?
It sounds like you have chosen your workplaces poorly. The last place that I insisted a hardware purchase be made, and it was not... was in 1991 or so.
However I feel his boss is the problem. Not himself.
Takes 2 to tango.
I read stories here about even fortune 500 companies running email servers off of sun desktops in people's cubicles as servers because the bean counters wanted to save money. Its insane whats going on.
And I read that pigs are gonna take flight any minute now.
If your "single person" IT department is unwilling to take a stand, it's their fault. It is also their manager's fault for having a single person IT department. Unless everyone is in agreement that it is an acceptible risk.
If you are not given the tools to do your job, you are not doing your job - part of which is managing your manager. If your manager is in your way - or their manager above them (in which case your manager isn't doing their job), then it is time to leave.
I've got news for you - the IT department often doesn't have control over its budget. They have to go through the bean counters.
That's not true.
Peons don't have control over a budget.
IT Departments do.
If you think you [are/run] an IT department, but don't control a [reaonably large] budget, you've be mislabeled, and you're misleading yourself (and maybe your employer).
On a side note, that 60 days/1400 hours of play is spread out over at least 10 years.
60 days/played in 10 years is LOW for WoW. Like... really really low. Which means people have a LOT less time to play other games than you did while they are "also" playing WoW.
Will people still be playing WoW in 10 years?
That's a toughie, and depends on a lotta factors. Will people continue to pay for subscription games? Will Bliz continue to charge as much as they do? How much new content will they add? Do you consider WoW2 (or whatever they call it) a new game, or still WoW?
D2 was still pretty popular wheen WoW came out (as these things go) - but it was also free.
http://en.wikipedia.org/wiki/Everquest EverQuest is still going after 5ish years, and their peak population seems to have been around half a million - which is about 1/8th! WoW's current.
So I figure the fair guess is that folks will be playing in 10 years, unless something kinda big changes.
Last time I checked, my favorite MUD character had logged almost 2 months of time online over the years. That is months total, 24 hours a day, 7 days a week.
This investment had no impact on how many games I bought. Is there some difference between my MUD experience and that of WoW?
There are 2 important factors to consider when answering that question:
1. Are there more players of WoW than MUDs. [hint: yeah, a few] 2. Is 60 days/played "over the years" a large, average, or small number? [hard to say, since "over the years" is pretty vague, but I'm guessing that serious gamers who "also" play WoW are logging more hours/month than you did on the MUD - which leaves them with fewer hours to play other games].
And point #3 is that WoW players are blowing $15/month on "games" without buying another game. I'm guessing that the MUD you played didn't cost that.
If this argument holds water, then couldn't I let you buy a copy of World of Warcraft, which I could then legally reverse engineer by sniffing the packets while you play it?
Maybe.
How packets passing through Bill's router any different than a document emailed to Bob?
If I hand you 1000 word documents and their corresponding files and say "make me an app that can load these files and will then print out these documents", you need AT NO TIME see the app that generated them originally.
bnet.d could not reasonably be reverse engineered without using the client, I think. While I've never used bnet.d server, I *think* you must alter the client in order to use them (retarget the server address).
Let's look at the ramifications of this ruling to some of the most popular OSS. OpenOffice: Interoperability with Microsoft product by... reverse engineering GAIM: interoperability with Microsoft/Yahoo/AOL product by... reverse engineering Two huge players that could never be produced if this ruling is upheld. Anyone else scared?
I'll start with the GAIM folks: yup - they should be scared. Who cares - use Jabber.
But the important one is OpenOffice: they should not be scared. *craft talks to Battle.net. There is no third party involved. Just the software purchaser and blizzard. Don't like using Battle.net? then don't use it. We're done.
OpenOffice vs. Office is totally different. If I fire up Word, write a document, save it, email it to Bob, and hand Bob a printout, nobody has much to say to Bob about what he does with the file I emailed him. He never signed a EULA. If he writes OpenOffice and it lets him open the Word doc I emailed him so that he can print it, etc, more power to him. I'm thinkin this would be similar to the old X86 cleanroom clone case. Here's what I do, here's what comes out, make it do the same thing, but don't look at the proprietary machine while you do that.
The bnet.d folks should do what the jabber folks have done. They like the game, but are willing to write their own (and make it better).
This article is lame for so many reasons, but I'll just pick at the first sentence of the post:
"On ebay people are paying real money to buy WoW gold."
No they aren't.
They're connecting to a virtual auction house (ebay) to exchange virtual money (credit card/paypal/whatever) for virtual goods (MMO junk).
I'm half inclined to go an about the value of various pieces of paper (greenbacks) vs. blank pieces of paper and the implication of the phrase "real money" - which is a lot like saying "real promises of value", or even "virtual wealth". But I'm not going to, because I've already put more thought into this comment than I think the author of the article or the post did.
Slashdot Mirror
rsync is now smart and uses ssh.
But I've certainly used the tar over ssh method a few times, and I will be using it again soon for a nightly build install to a remote machine (cat tarball | (ssh rmachine tar -C / -x -f -))
ssh is awesome. ssh -L, keys, encryption, compression. Awesome.
sort -n
grep is an amazing tool.
You obviously have an attitude problem. It is either your way or no way.
...I hope the day your cavalier attitude catches with you (which it will) you are grown up enough to stand and take repsonsibility for your exploits.
...
Yeah, I'm given a job to do and I expect tools. Call me crazy.
I hope that it doesn't, as I hope to never work for a company that f'd up again. It's been years and years since I've needed to do that kind of thing.
But you'd better believe that I'd take full responsibility.
What a lack of professionalism.
Happens all the time on big networks. There's a seperate admin account, you call server ops and describe why you need admin access, they reset the password and tell you what it is. When you're done your task, you call them back and the reset the password again.
That is *insane*. I would never allow that on a network I ran. If you need someting and explain it, *it gets done*.
For anything else to happen means that your admins are having things installed that they either don't understand, can't [be bothered to] maintain, and/or are too lazy to implement.
I mean, really, what is less responsible - me installing and admin accessible ssh key when I install software, so that I can maintain it, or an admin letting someone install software that that they have no intention of maintaining? All software has bugs, and a lot of software has security issues. Who is gonna fix it when it breaks? The admin who could not be bothered to install it themself?
That is *insane*.
Ah, a thoughtful response.
There have only been 2 places where I had to do f'd up security things (VPN, or admin type acces). BTW, I never installed ssh keys in a root acount, only admin stuff (access to a webroot that I needed to do work on because the IT folks wouldn't get around to it, etc). And really, the proof is in the pudding. When would you ever, EVER, give someone an admin password so they could do something, then change it later? OK, I could see logging in for someone who is there and needs something done on the spot, with you looking over their shoulder, but that's pretty lame. When you get right down to it, that just means you're not doing your job.
One of the places I needed to do that went out of business not all that long after I left (couple years). The other place was a group in a large company that imploded not 6 months after I left. Neither was because I was so cruicial to the project/company - they were just terribly run.
Having to do that kind of thing is generally a strong sign that I shouldn't be there, anyway (which is made more clear by the fact that neither survived).
I've done IT work for small companies (where I was mostly a programmer), and I've had root access on company machines, and I know what it means to be responsible security-wise, etc. These were good companies. But the bad ones that I had to work around - well, like I said: I did what needed doing.
Fast and loose isn't what I'd call it. I implement secure stuff when I need it to get work done.
But you have a VPN solution, a mailing list server, and maintain your systems, so I'm not sure what your beef is.
But if I worked for you, you wouldn't be slow to make critical changes that I need to get done in a timely fashion. So we'd be fine.
Replaced the OS on my desktop with a more useful one. (goodbye, solaris)
Implemented a VPN so I could work from home (twice, both "outbound" connectors - that is, they connected out from the company so as to defeat the company NAT/Firewall).
Set up bugzilla instead of using their homebrew bug tracker (later adapted by the company).
Set up a mailing list server to handle mailing lists (mailman, I think - on an unsupported OS on a "grey box" machine that had fallen off IT's tracker list).
Dropped my ssh public key in various root or admin accounts that I was given "one shot access to - here's the password that we'll change after you log in".
Set up an http proxy tunnel so that my group could surf via tunneled ssh through my home proxy (because the company proxy server would crash for half a day at a time, and I need online javadoc, thanks).
Note that most of these things are not needed most of the time - I usually work for companies that have their shit together. But there are times when I need to get stuff done.
To my future employers who find this posting (that I have decided not to post anon): treat me honestly and respectfully, and I'll do the same with you! I need VPN access, and I need a good bug tracker, and I need a mailing list server. None of that is unreasonable. If you don't provide it, though, I will. If you don't let me, I will anyway.
Square roots by hand aren't any more complicated than long division.
Actually, they are more complicated (there are a few more steps involved) - just no harder.
My father taught me how to do roots by hand... when I was young. It was never mentioned that it was even possible in any of my math classes (up through various calculus classes).
My girlfriend's sister bought a Dell refurb a few years back. It came complete with the previous owner's files, porn, etc.
Thanks, Dell!
(yes, nuked the drive, installed anti-virus, etc)
How do you define racist speech?
Believe me, there would be as many definitions as there are people.
For example, if I say "White men are violent" is that racist?
Yes. Try "Many white men are violent".
What if I say "Black males comprise 6% of the population in the US, but perpetrate 40% of the murders" Is that racist, if a statement of fact, because I didn't qualify it by saying that the high rate is due to 200+ years of oppression?
Not racist. Try "Blacks are murderers."
If I say "everyone but Asians are dumb" is that racist? What If I show test scores that show that Asians are more intelligent?
Racist. Try "on average, Asians tested better than other races".
Believe me- just about anything you say can be construed as racist. "The sky is blue" "Why it gotta be blue? Why can't it be black, you racist..."
How about this: applying a term uniformly across a mixed [ethnic/religious/whatever] group is [rac]ist.
Did I miss anything?
Welcome, visitor from another dimension. It turns out that in THIS dimension, words and acronyms can change meaning over time.
You're kidding? Our phones are now silent. And I report every violation that calls in (had one yesterday for the first time in months). We used to get telemarketer calls several times a week (at least).
I have a business line, too, and it hasn't gotten any telemarketing calls that I can remember...
[If you work for a small company, the boss is the final word].
In which case you don't have an IT department. You have people (person) doing IT work.
[IT budgets suffer a lot when a company suffers]... but it's overstating things to say that they 'set their own budget', I think.
No department sets their own budget (for long). But that's not what I was saying - I was saying that an IT department HAS a budget. As opposed to just asking someone for money for something as things come up. As for the IT department having to borrow a user's desktop to replace a server? That's just bad planning.
HAHAHAHAHAHAHAHA!
... was in 1991 or so.
What business do *you* work in? Everywhere I've ever been, the upper management controls the budget.
Various. You can find my resume if you look.
Your IT departments didn't have a presence in upper management?
It sounds like you have chosen your workplaces poorly. The last place that I insisted a hardware purchase be made, and it was not
However I feel his boss is the problem. Not himself.
Takes 2 to tango.
I read stories here about even fortune 500 companies running email servers off of sun desktops in people's cubicles as servers because the bean counters wanted to save money. Its insane whats going on.
And I read that pigs are gonna take flight any minute now.
If your "single person" IT department is unwilling to take a stand, it's their fault. It is also their manager's fault for having a single person IT department. Unless everyone is in agreement that it is an acceptible risk.
If you are not given the tools to do your job, you are not doing your job - part of which is managing your manager. If your manager is in your way - or their manager above them (in which case your manager isn't doing their job), then it is time to leave.
That's all there is to it.
I've got news for you - the IT department often doesn't have control over its budget. They have to go through the bean counters.
That's not true.
Peons don't have control over a budget.
IT Departments do.
If you think you [are/run] an IT department, but don't control a [reaonably large] budget, you've be mislabeled, and you're misleading yourself (and maybe your employer).
On a side note, that 60 days/1400 hours of play is spread out over at least 10 years.
/played in 10 years is LOW for WoW. Like... really really low. Which means people have a LOT less time to play other games than you did while they are "also" playing WoW.
e )
60 days
Will people still be playing WoW in 10 years?
That's a toughie, and depends on a lotta factors. Will people continue to pay for subscription games? Will Bliz continue to charge as much as they do? How much new content will they add? Do you consider WoW2 (or whatever they call it) a new game, or still WoW?
Diablo came out in 1996
http://en.wikipedia.org/wiki/Diablo_(computer_gam
D2 came out in 2000
http://en.wikipedia.org/wiki/Diablo_2
D2 was still pretty popular wheen WoW came out (as these things go) - but it was also free.
http://en.wikipedia.org/wiki/Everquest
EverQuest is still going after 5ish years, and their peak population seems to have been around half a million - which is about 1/8th! WoW's current.
So I figure the fair guess is that folks will be playing in 10 years, unless something kinda big changes.
Last time I checked, my favorite MUD character had logged almost 2 months of time online over the years. That is months total, 24 hours a day, 7 days a week.
/played "over the years" a large, average, or small number? [hard to say, since "over the years" is pretty vague, but I'm guessing that serious gamers who "also" play WoW are logging more hours/month than you did on the MUD - which leaves them with fewer hours to play other games].
This investment had no impact on how many games I bought. Is there some difference between my MUD experience and that of WoW?
There are 2 important factors to consider when answering that question:
1. Are there more players of WoW than MUDs. [hint: yeah, a few]
2. Is 60 days
And point #3 is that WoW players are blowing $15/month on "games" without buying another game. I'm guessing that the MUD you played didn't cost that.
Please watch Akira Kurosawa's Ikiru.
The old x86 cloning case failed for just this reason. They documented and videod the ENTIRE process.
Everything you say is theoretically true, but I don't think you'd convice a judge, jury, or most reasonable people that that's the way it happened.
If this argument holds water, then couldn't I let you buy a copy of World of Warcraft, which I could then legally reverse engineer by sniffing the packets while you play it?
Maybe.
How packets passing through Bill's router any different than a document emailed to Bob?
If I hand you 1000 word documents and their corresponding files and say "make me an app that can load these files and will then print out these documents", you need AT NO TIME see the app that generated them originally.
bnet.d could not reasonably be reverse engineered without using the client, I think. While I've never used bnet.d server, I *think* you must alter the client in order to use them (retarget the server address).
Let me start by saying I'm a blizzard fanboy.
Let's look at the ramifications of this ruling to some of the most popular OSS. OpenOffice: Interoperability with Microsoft product by... reverse engineering GAIM: interoperability with Microsoft/Yahoo/AOL product by... reverse engineering Two huge players that could never be produced if this ruling is upheld. Anyone else scared?
I'll start with the GAIM folks: yup - they should be scared. Who cares - use Jabber.
But the important one is OpenOffice: they should not be scared. *craft talks to Battle.net. There is no third party involved. Just the software purchaser and blizzard. Don't like using Battle.net? then don't use it. We're done.
OpenOffice vs. Office is totally different. If I fire up Word, write a document, save it, email it to Bob, and hand Bob a printout, nobody has much to say to Bob about what he does with the file I emailed him. He never signed a EULA. If he writes OpenOffice and it lets him open the Word doc I emailed him so that he can print it, etc, more power to him. I'm thinkin this would be similar to the old X86 cleanroom clone case. Here's what I do, here's what comes out, make it do the same thing, but don't look at the proprietary machine while you do that.
The bnet.d folks should do what the jabber folks have done. They like the game, but are willing to write their own (and make it better).
This article is lame for so many reasons, but I'll just pick at the first sentence of the post:
"On ebay people are paying real money to buy WoW gold."
No they aren't.
They're connecting to a virtual auction house (ebay) to exchange virtual money (credit card/paypal/whatever) for virtual goods (MMO junk).
I'm half inclined to go an about the value of various pieces of paper (greenbacks) vs. blank pieces of paper and the implication of the phrase "real money" - which is a lot like saying "real promises of value", or even "virtual wealth". But I'm not going to, because I've already put more thought into this comment than I think the author of the article or the post did.