I think they are just starting off, just as we do on a new topic. We quickly accumulate a variety of off-topic, trolls, redundant, insightful, interesting, funny, etc. posts. In their case, they will quickly accumulate a wide variety of music - of all types - just as we have types of posts.
Oh and I really hate people that wanna constantly dumb everyone down cause else their mom and pop won't understand it. Ever heard of genetics? If you parents are idiots then so are you.
Actually, it's not really a matter of idiocy at all. It's more a matter of acclimating yourself to a way of thinking about something that is different that what you are used to. The reason kids seem to "get" technology more easily than there parents has nothing to do with the intelligence of the parents, the kids just lack preconceptions of what this "thing that kind of looks like a tv" should do. The parents have to fight against their own mental model to understand.
Your Grandmother probably can't play Quake. Not because she's not smart enough, or because she doesn't have the reflexes, but because her brain most likely can't process that much visual stimulation so quickly--and it's not because she's old. We are more "visually literate" than our predecessors. We've been raised on MTV, fast-moving cartoons (compare some of the kid's cartoons today to looney tunes), and the like. It's more natural to the younger generations. The same thing goes for adapting to new technologies.
[And yes, I know this is off the original topic of the article, but sometimes you gotta feed the trolls;-)]
Generally speaking, firewalls tend to lull users into a false sense of security. The whole "I've got a firewall, I don't need no stinkin' patches" complex. As we all know, it only takes one person to take their laptop to starbucks and come back with a worm to screw everyone behind the firewall.
It's a lot better to try and instill in people a sense of importance and personal responsibility to keep their systems secure. Sometimes a little negative reinforcement does the trick. (I know a guy who got hit twice. He updates regularly now.;-))
As a whole, we try to impose as little restrictions on the network as possible. (We did do some port blocking temporarily to try to slow the worm, but it wasn't as effective as you might think.) What you do with your little slice of bandwidth is up to you, as long as you're not encroaching on anyone else's. (i.e. flood pinging all of campus with your worm;-)) Freedom is good. 8-)
They actually need to be patched (this obviously requires some sort of non-internet based medium to do, which is available all over the place) or have enabled the built in tcp/ip filtering before they're allowed back online. They don't need to keep the filtering once they're patched, that's up to them at that point.
The problem is not Blaster. The problem is that we have no way of knowing who else got into their machine while they were still vulnerable. Most users lack the experience to properly say that nothing else has been altered, and as I mentioned before, we lack the manpower to go through and verify the thousands of computers on campus.
Mandating up to date antivirus software is good, and the fact that you are able to make sure everyone has it before getting on the network is noteworthy. However, do you also periodically sweep through and ensure that they keep their virus definitions up to date? Do you go through and make sure everyone's got their operating systems patched? We did as extensive a "pr" campaign for patching windows machines as we could when the vulnerability was announced. We still got hit hard. There are just too many points of failure, and most of them human--and, therefore, very unpredictable.
The fact of the matter is, there are tens of thousands of computers on campus (granted, not all windows). Just because we are a techinical school does not mean that everyone who runs a computer on campus is a computer whiz. There are plenty of X Engineering majors who posses only basic computer knowledge. They don't need it, so why bother? There's also a ton of office workers, administrative assistants, etc, etc. It's just not practical to do much of anything on a per-machine basis. So we go with what we know works in every case: a full format and reinstall will get rid of everything and have you squared away.
Besides, Windows needs a little f&r every now and again anyway.;-)
Of course, no patches have been installed, since they are available as downloads unless MIT is distributing service packs and patches to the students via CD.
Actually, we are, but aside from that, we also tell them how to (temporarily) use the built in firewalling of winxp and win2k to prevent a compromise while installing the patches. Yes, there were cases of people getting recompromised before patching was finished. As a test, an unpatched laptop was placed on the network. Time to compromise: ~1 minute.
Besides, given the ease of fixing problems like these without reinstalling the OS, why bother forcing a drive wipe?
As someone who works for Network Security, I feel I have to chime in here.
Basically, what Chris said was right. A format and reinstall is the standard response to a root-level system compromise, which the RPC vulnerability leaves a system open to. It's also enough of a pain in the rear, that people don't want to have to do it again.
Furthermore, Network Security only has two full-time staff members, a handful of student employees (the category I fall under), and a handful of volunteers from here & there. Under normal loads, we don't have the resources to do forensics or any type of individually tailored recovery advice. With the thousands of computers being compromised on campus, it's the quickest (and easiest, believe it or not) solution for everyone.
Give us a break, this thing has generated way more overtime hours than any one (or two now) security hole(s) should be allowed to do.:-p
It's been said a couple of times here all ready that you should make sure you're using the most appropriate tool for the job (a good philosphy in general). If you wanna check out some of the open-source CMS (Content Management Systems) out there to see what suits you best, you can visit OpenSourceCMS it has live demos of various CMS solutions that you can get a feel for--you can even log in as an admin and check out its admin interface. These are all free, but they're also all php/mysql based. I don't know if there's a similiar sites for other CMS/blog systems (MT uses Perl, for example), but Google probably has a pretty good idea.;-)
I'm a bit partial to e107 myself, but I'll admit that I haven't tried a whole lot of them.;-)
I actually used to find some pretty decent bands on Napster's new artist thing they had on the front page when napster starts up (you know, back when it still worked;-)).
I, for one, am not hoping for a world government. I'm all about everyone getting along. I'm all about world peace. But I'm also all about everyone being able to do their own thing. I don't think we need a world government, I think we need a world where people can get along, but one government... nah, I'll pass on the one group of people ruling the world. You don't like the US government? That's fine, you don't have to live here. Maybe I don't like the EU. So why should I have to live under the EU? (BTW, I don't have anything against you guys, just making a point.)
Which is why they have to move to larger ads to stay afloat. One of the main reason the internet ad business is floundering (aside from not doing a good job of send the right ads to the right target audiences) is because of the millions of people who just fire up junk buster or web washer or just remap all the advertiser domains they can think of to point to localhost (you can even do this very easily in windows, if you are wondering). So what to the advertisers do? They make the ads more in-your-face for the few people who aren't shutting them out. Just because they are advertisers and they are evil and whatever else you want to say about them, doesn't change the fact that they are businesses, and they will try to adapt to the market as best they can in order to survive. And since Slashdot is a free site (now with some very optional subscriptions) they need to get money from somewhere. And if advertising it what it takes, they have to do what the advertisers think needs to be done to save revenue. And, of course, since people all ready block the ads, and now that they're bigger more people will want to block them, having subscriptions will help them off-set some of the loss of all the ads that won't be viewed.
Seriously, if you're going to block all the ads on the site, you could at least pay 'em $5 and get them officially taken off, say, the front page for example. People are willing to pay a taxi cab a nice chunk of change for the convenience of not walking, yet you ask them to give you a few dollars a month so that a site which them frequent won't have to rely on advertising revenues, and it's like asking for their firstborn. It would be different if they wanted to charge for access to the site, but not having to view advertisements is just a convenience. Slashdot is a good site and $5 a month isn't that much, let's not kill off/. just for the sake of being anal about advertisements.
They write some software, release the source, and tell you "Okay, you can take this source code that we wrote and go wild with it, go ahead. Just don't use it in any way that's making you money. (not only selling it, but using it in your business. you business makes money, therefore you can't use it in that environment)" Not letting you make money off the code they wrote. Those bastards!!!
Now, do go jumping down my throat. I'm just playing the devil's advocate here. Seriously, though, this is Microsoft, you can't expect something like the GPL to go flying out their doors on the first try. From the looks of things, it's a relatively fair license. (Not 100%, but pretty reasonable). So you can either take or leave it. Don't knock it just because it's Microsoft. So they're a little restrictive with their code. There's better code out there than what comes from Redmond anyway.:-)
-------------------------------------------
I like nonsense, it wakes up the brain cells.
The problem with this sort of thinking, is that it does no real good. Sure, it may get you somewhere you're happier, but it does nothing to fix the underlying problem. You can't run and hide from everything. We have what's called the "fight or flight" response when we're threated. Our bodies prepare to do either, should they need to. It's not just the "flight" response, there are two options.
If I'm a wolf looking for a place to sleep, and every time I lay down some other wolf comes and scares me away, I'll never get a place to stay. Sometimes you have to stand your ground.
"So, go somewhere where there's no wolves to bother you."
Sounds good in theory, but it's gonna be awfully lonely come mating season...;-)
The bottom line is, if you simply move to another country when some corporation does something you don't like, then they've won. You're giving them the power to push you out. If all the people who didn't like the MPAA moved to different countries, they'd have no opposition from within the country and no problem doing whatever they want.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
Doesn't common sense dictate that you keep off-line copies ("master copies" if you will) somewhere safe? I mean, it doesn't take a genius to know that any device can and probably will fail at some point in time. If you're not keeping good back-ups, you're setting yourself up for some pain.:-)
I have my old webpages saved. I probably won't ever need them, but, just in case, I've got various revisions and layouts and etc., etc., ad nauseum... all safe and sound.:-) The more paranoid may choose to print out all their code in and keep that stored somewhere safe... I'm starting to rant, so I'd better quit now, but you get the point:-)
-------------------------------------------
I like nonsense, it wakes up the brain cells.
Linux has its (many) uses, but it's still not the be-all-and-end-all of operating systems.
Nor should it be.
I'm not saying that it's not good for Linux to gain wider acceptance, but it's always good to have alternatives. Even if what you have (Linux) is good, it's always a good thing to have extra competition.
If you could use your toaster to cook all your food, would you really want to?:-)
-------------------------------------------
I like nonsense, it wakes up the brain cells.
That is, I find myself going out and buying a cd as a direct result of downloading a song off napster. I don't download whole CD's. The few CD's which are on my computer in their entirety I ripped myself from my own collection. I find that the ratio of mp3's from CD's I don't have to mp3's that I've gone out and bought the CD's to be steadily decreasing. In my collection there's three types of songs: those that I own the CD, those that I intend to buy the CD, and those that I wouldn't ever buy anyway (like Vanilla Ice, or some crappy song you get just "for old time's sake":-)). So, personally, my mp3 downloading habits aren't a financial risk to the RIAA at all. If nothing else, they've increased the number of CD's I've been buy (as evidenced by the growing stack of CD's on my desk that I'm too lazy to put into the CD wallet). I'm sure I'm not the only person for whom this is true.
The RIAA really should utilize the Internet rather than fight it.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
There've been several studies on the affects of sleep deprivation. Lemme see what links I can dig up....
This study (sorry, dead link, maybe you can find the right one) discusses the effects of sleep deprivation on short term memory loss. On the other hand, this one claims sleep deprivation increases activity in certain areas of the brain. And here's yet another story talking about the effects of sleep on brain development. And here's another article claiming naps could increase worker productivity. And, also, this article on the correlation between sleep and learning.
(Sorry for all the Yahoo! News links, I was trying to find the first one, and I came across the latter articles)
There was another study done in the U.K. which linked lack of sleep to a drop in I.Q. levels, but I can't seem to find the appropriate link...
If you're curious as to what other people had to say, the slashdot articles on first two links are here and here, respectively.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
Slashdot Mirror
I think they are just starting off, just as we do on a new topic. We quickly accumulate a variety of off-topic, trolls, redundant, insightful, interesting, funny, etc. posts. In their case, they will quickly accumulate a wide variety of music - of all types - just as we have types of posts.
;-)
(+1 interesting analogy)
Oh and I really hate people that wanna constantly dumb everyone down cause else their mom and pop won't understand it. Ever heard of genetics? If you parents are idiots then so are you.
;-)]
Actually, it's not really a matter of idiocy at all. It's more a matter of acclimating yourself to a way of thinking about something that is different that what you are used to. The reason kids seem to "get" technology more easily than there parents has nothing to do with the intelligence of the parents, the kids just lack preconceptions of what this "thing that kind of looks like a tv" should do. The parents have to fight against their own mental model to understand.
Your Grandmother probably can't play Quake. Not because she's not smart enough, or because she doesn't have the reflexes, but because her brain most likely can't process that much visual stimulation so quickly--and it's not because she's old. We are more "visually literate" than our predecessors. We've been raised on MTV, fast-moving cartoons (compare some of the kid's cartoons today to looney tunes), and the like. It's more natural to the younger generations. The same thing goes for adapting to new technologies.
[And yes, I know this is off the original topic of the article, but sometimes you gotta feed the trolls
Generally speaking, firewalls tend to lull users into a false sense of security. The whole "I've got a firewall, I don't need no stinkin' patches" complex. As we all know, it only takes one person to take their laptop to starbucks and come back with a worm to screw everyone behind the firewall.
;-))
;-)) Freedom is good. 8-)
It's a lot better to try and instill in people a sense of importance and personal responsibility to keep their systems secure. Sometimes a little negative reinforcement does the trick. (I know a guy who got hit twice. He updates regularly now.
As a whole, we try to impose as little restrictions on the network as possible. (We did do some port blocking temporarily to try to slow the worm, but it wasn't as effective as you might think.) What you do with your little slice of bandwidth is up to you, as long as you're not encroaching on anyone else's. (i.e. flood pinging all of campus with your worm
They actually need to be patched (this obviously requires some sort of non-internet based medium to do, which is available all over the place) or have enabled the built in tcp/ip filtering before they're allowed back online. They don't need to keep the filtering once they're patched, that's up to them at that point.
The problem is not Blaster. The problem is that we have no way of knowing who else got into their machine while they were still vulnerable. Most users lack the experience to properly say that nothing else has been altered, and as I mentioned before, we lack the manpower to go through and verify the thousands of computers on campus.
;-)
Mandating up to date antivirus software is good, and the fact that you are able to make sure everyone has it before getting on the network is noteworthy. However, do you also periodically sweep through and ensure that they keep their virus definitions up to date? Do you go through and make sure everyone's got their operating systems patched? We did as extensive a "pr" campaign for patching windows machines as we could when the vulnerability was announced. We still got hit hard. There are just too many points of failure, and most of them human--and, therefore, very unpredictable.
The fact of the matter is, there are tens of thousands of computers on campus (granted, not all windows). Just because we are a techinical school does not mean that everyone who runs a computer on campus is a computer whiz. There are plenty of X Engineering majors who posses only basic computer knowledge. They don't need it, so why bother? There's also a ton of office workers, administrative assistants, etc, etc. It's just not practical to do much of anything on a per-machine basis. So we go with what we know works in every case: a full format and reinstall will get rid of everything and have you squared away.
Besides, Windows needs a little f&r every now and again anyway.
Of course, no patches have been installed, since they are available as downloads unless MIT is distributing service packs and patches to the students via CD.
0 610 and my reply
:-p
Actually, we are, but aside from that, we also tell them how to (temporarily) use the built in firewalling of winxp and win2k to prevent a compromise while installing the patches. Yes, there were cases of people getting recompromised before patching was finished. As a test, an unpatched laptop was placed on the network. Time to compromise: ~1 minute.
Besides, given the ease of fixing problems like these without reinstalling the OS, why bother forcing a drive wipe?
see also http://slashdot.org/comments.pl?sid=78878&cid=699
Just wondering if they're forcing everyone with the SSH hole to reformat and reinstall? (Yes, not as serious since it isn't a worm, but still)
No, that's a vulnerability, not a compromise.
As someone who works for Network Security, I feel I have to chime in here.
:-p
Basically, what Chris said was right. A format and reinstall is the standard response to a root-level system compromise, which the RPC vulnerability leaves a system open to. It's also enough of a pain in the rear, that people don't want to have to do it again.
Furthermore, Network Security only has two full-time staff members, a handful of student employees (the category I fall under), and a handful of volunteers from here & there. Under normal loads, we don't have the resources to do forensics or any type of individually tailored recovery advice. With the thousands of computers being compromised on campus, it's the quickest (and easiest, believe it or not) solution for everyone.
Give us a break, this thing has generated way more overtime hours than any one (or two now) security hole(s) should be allowed to do.
It's been said a couple of times here all ready that you should make sure you're using the most appropriate tool for the job (a good philosphy in general). If you wanna check out some of the open-source CMS (Content Management Systems) out there to see what suits you best, you can visit OpenSourceCMS it has live demos of various CMS solutions that you can get a feel for--you can even log in as an admin and check out its admin interface. These are all free, but they're also all php/mysql based. I don't know if there's a similiar sites for other CMS/blog systems (MT uses Perl, for example), but Google probably has a pretty good idea. ;-)
;-)
I'm a bit partial to e107 myself, but I'll admit that I haven't tried a whole lot of them.
Happy blogging!
Oh good, we were being overrun by a bunch of no-names like Abelson and Sussman.... ;-)
My Method: I just got a job w/ those guys. ;-)
Studies have shown naked women to have such an effect... ;-)
I actually used to find some pretty decent bands on Napster's new artist thing they had on the front page when napster starts up (you know, back when it still worked ;-)).
I used to have mo-dem. But that that was when I had mo-money. Now I just have no-dem, and the repo man has mo-mo-dem den all-dem.
I, for one, am not hoping for a world government. I'm all about everyone getting along. I'm all about world peace. But I'm also all about everyone being able to do their own thing. I don't think we need a world government, I think we need a world where people can get along, but one government... nah, I'll pass on the one group of people ruling the world. You don't like the US government? That's fine, you don't have to live here. Maybe I don't like the EU. So why should I have to live under the EU? (BTW, I don't have anything against you guys, just making a point.)
:-)
Choice is good. Diversity is even better.
Odds are, the newest of newbies probably don't have a SCSI setup.
John Romero!
We know he can lead developers to put out quality software in record time. If he can do with Linux what he with Dakitana, Redmond would cower in fear!
Which is why they have to move to larger ads to stay afloat. One of the main reason the internet ad business is floundering (aside from not doing a good job of send the right ads to the right target audiences) is because of the millions of people who just fire up junk buster or web washer or just remap all the advertiser domains they can think of to point to localhost (you can even do this very easily in windows, if you are wondering). So what to the advertisers do? They make the ads more in-your-face for the few people who aren't shutting them out. Just because they are advertisers and they are evil and whatever else you want to say about them, doesn't change the fact that they are businesses, and they will try to adapt to the market as best they can in order to survive. And since Slashdot is a free site (now with some very optional subscriptions) they need to get money from somewhere. And if advertising it what it takes, they have to do what the advertisers think needs to be done to save revenue. And, of course, since people all ready block the ads, and now that they're bigger more people will want to block them, having subscriptions will help them off-set some of the loss of all the ads that won't be viewed.
/. just for the sake of being anal about advertisements.
;-)
Seriously, if you're going to block all the ads on the site, you could at least pay 'em $5 and get them officially taken off, say, the front page for example. People are willing to pay a taxi cab a nice chunk of change for the convenience of not walking, yet you ask them to give you a few dollars a month so that a site which them frequent won't have to rely on advertising revenues, and it's like asking for their firstborn. It would be different if they wanted to charge for access to the site, but not having to view advertisements is just a convenience. Slashdot is a good site and $5 a month isn't that much, let's not kill off
As long as there are no pop-up/under ads.....
They write some software, release the source, and tell you "Okay, you can take this source code that we wrote and go wild with it, go ahead. Just don't use it in any way that's making you money. (not only selling it, but using it in your business. you business makes money, therefore you can't use it in that environment)" Not letting you make money off the code they wrote. Those bastards!!!
:-)
Now, do go jumping down my throat. I'm just playing the devil's advocate here. Seriously, though, this is Microsoft, you can't expect something like the GPL to go flying out their doors on the first try. From the looks of things, it's a relatively fair license. (Not 100%, but pretty reasonable). So you can either take or leave it. Don't knock it just because it's Microsoft. So they're a little restrictive with their code. There's better code out there than what comes from Redmond anyway.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
The problem with this sort of thinking, is that it does no real good. Sure, it may get you somewhere you're happier, but it does nothing to fix the underlying problem. You can't run and hide from everything. We have what's called the "fight or flight" response when we're threated. Our bodies prepare to do either, should they need to. It's not just the "flight" response, there are two options.
;-)
If I'm a wolf looking for a place to sleep, and every time I lay down some other wolf comes and scares me away, I'll never get a place to stay. Sometimes you have to stand your ground.
"So, go somewhere where there's no wolves to bother you."
Sounds good in theory, but it's gonna be awfully lonely come mating season...
The bottom line is, if you simply move to another country when some corporation does something you don't like, then they've won. You're giving them the power to push you out. If all the people who didn't like the MPAA moved to different countries, they'd have no opposition from within the country and no problem doing whatever they want.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
I vote that the codename for Mozilla 1.0 be "When It's Ready" :-)
-------------------------------------------
I like nonsense, it wakes up the brain cells.
Doesn't common sense dictate that you keep off-line copies ("master copies" if you will) somewhere safe? I mean, it doesn't take a genius to know that any device can and probably will fail at some point in time. If you're not keeping good back-ups, you're setting yourself up for some pain. :-)
:-) The more paranoid may choose to print out all their code in and keep that stored somewhere safe... I'm starting to rant, so I'd better quit now, but you get the point :-)
I have my old webpages saved. I probably won't ever need them, but, just in case, I've got various revisions and layouts and etc., etc., ad nauseum... all safe and sound.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
Linux has its (many) uses, but it's still not the be-all-and-end-all of operating systems.
:-)
Nor should it be.
I'm not saying that it's not good for Linux to gain wider acceptance, but it's always good to have alternatives. Even if what you have (Linux) is good, it's always a good thing to have extra competition.
If you could use your toaster to cook all your food, would you really want to?
-------------------------------------------
I like nonsense, it wakes up the brain cells.
If Microsoft cared about the people using their OS (haha) they would have a version or two which supported both, and then dump MBR later
:-)
Isn't this how we got stuck w/ MS-DOS for so long?
-------------------------------------------
I like nonsense, it wakes up the brain cells.
That is, I find myself going out and buying a cd as a direct result of downloading a song off napster. I don't download whole CD's. The few CD's which are on my computer in their entirety I ripped myself from my own collection. I find that the ratio of mp3's from CD's I don't have to mp3's that I've gone out and bought the CD's to be steadily decreasing. In my collection there's three types of songs: those that I own the CD, those that I intend to buy the CD, and those that I wouldn't ever buy anyway (like Vanilla Ice, or some crappy song you get just "for old time's sake" :-)). So, personally, my mp3 downloading habits aren't a financial risk to the RIAA at all. If nothing else, they've increased the number of CD's I've been buy (as evidenced by the growing stack of CD's on my desk that I'm too lazy to put into the CD wallet). I'm sure I'm not the only person for whom this is true.
The RIAA really should utilize the Internet rather than fight it.
-------------------------------------------
I like nonsense, it wakes up the brain cells.
This study (sorry, dead link, maybe you can find the right one) discusses the effects of sleep deprivation on short term memory loss. On the other hand, this one claims sleep deprivation increases activity in certain areas of the brain. And here's yet another story talking about the effects of sleep on brain development. And here's another article claiming naps could increase worker productivity. And, also, this article on the correlation between sleep and learning.
(Sorry for all the Yahoo! News links, I was trying to find the first one, and I came across the latter articles)
There was another study done in the U.K. which linked lack of sleep to a drop in I.Q. levels, but I can't seem to find the appropriate link...
If you're curious as to what other people had to say, the slashdot articles on first two links are here and here, respectively.
-------------------------------------------
I like nonsense, it wakes up the brain cells.