Slashdot Mirror


User: Penguinisto

Penguinisto's activity in the archive.

Stories
0
Comments
5,947
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,947

  1. Re:OpenBSD vs Linux on SANS Report Says Organizations Focusing On the Wrong Security Threats · · Score: 2, Informative

    Is the OS important when someone snarfs up your web app and all data it had access to?

    Depends on how long you want to spend in doing recovery. If I have incremental copies (in addition to normal backup/DR actions) and a live copy of the DB transaction logs sitting on the local box outside of the chroot jail (and thus remain untouchable)? It is a lot easier and faster to disable the offending script (or apply the needed patch), copy over the last known good data, and be up and running - with a very short downtime.

    If the OS is untrusted, you get to rebuild the entire - which means you get to reach for disk backup or VM clone (if you're lucky) or tapes (if you're not), or you're basically screwed (if you're stupid).

    Corner cases naturally will change all of this, but that's the basic premise.

    /P

  2. Re:Thank you for identifying part of the problem on How To Make Science Popular Again? · · Score: 1

    I'm not arguing for or against the conclusion (as you are), but I am saying that the data itself was at best flawed, or at worst a fraud (depending on PoV). Your cite does not disagree at all with what I just typed, and in fact agrees with me perfectly - the specific methodology was/is flat-out wrong. They don't even try to defend the methodology - in your cite, they spend all of their efforts hotly defending the conclusion.

    Here's what I'm getting at: I can tell you all day long that the sky is blue, and I would be generally correct, yes? However, what if I tried to say the sky is blue because the CIA used a ginormous Crayon* to make it that way, and used invented/bad/falsified/whatever data to support the conclusion?

    Even in the most charitable of lights, defending bad procedure/data/etc (e.g. the hockey stick) just because you WANT the conclusion to agree with your hypothesis is a dangerous thing. It is dangerous in both directions - when that wrong procedure/data/etc is later uncovered to be wrong, it makes your conclusion all that much harder to support, even if other methods are done correctly to reach it. It makes it harder on colleagues who agree with your hypothesis, because they have to work that much harder to convince skeptics that their particular tests aren't similarly falsified (or false, etc). It gives the opponents of your conclusion a solid footing from which to attack, and accuse you of rigging the game to support what they will call dogma.

    Like I said - it has nothing to do AT ALL with being for or against AGW. It does however have to do with supporting good science over bad.

    /P

    *the specific color was "Cornflower" in case you're curious. It's part of their plot to take over the world, n' stuff...

  3. Re:OpenBSD vs Linux on SANS Report Says Organizations Focusing On the Wrong Security Threats · · Score: 1

    Sort of... but you have to remember - at least when PHP gets popped (is there really any other culprit these days?), the OS is still untouched (if you built the box right, anyway). When ASP code gets popped, you stand a good chance of losing the entire server to the penetration (though not a perfect chance, depending on setup).

    In your analogy, it's like the tent poles of the "windows" tent are made of cardboard tubes... they might hold up due to the imbalance of newly torn cloth, or they might not.

  4. Re:Most type of exploit is 'other' on SANS Report Says Organizations Focusing On the Wrong Security Threats · · Score: 1

    ...for some odd reason I can't get APT to compile on Windows Server 2003 or 2008. Help? :)

  5. Re:Thank you for identifying part of the problem on How To Make Science Popular Again? · · Score: 0, Troll

    Al Gore and James Hansen aren't just making this stuff up.

    actually, Hansen kind of did make stuff up...

    Lookit - I'm not going to jump anyone's religion (either for or against), but we are talking about a scientist who got caught literally making up the infamous "hockey stick" that almost no one in climatology dares mention these days (and for good reason...)

    /P

  6. Re:Risk aversion stems from funding sources on Risk Aversion At Odds With Manned Space Exploration · · Score: 1

    Nah, not a bitchslap, promise... and your point is still 100% valid. I just get those warm-n-fuzzy geek vibes whenever the subject of the Titanic comes up (I know, it is weird).

    And yeah, if every major corporation who suffered a tragedy every time one of their products failed in a spectacular manner (including loss of life), we'd be screwed as a species.

  7. Re:Risk aversion stems from funding sources on Risk Aversion At Odds With Manned Space Exploration · · Score: 1

    " Harland and Wolff didn't stop building ships after the Titanic sunk."

    Fixed that for you. :)

    (pedantic Titanic Geek mode is off now. It's safe to come out...)

    /P

  8. Pfft! No problem... on How Much Is Your Online Identity Worth? · · Score: 4, Funny

    Thanks to a messy divorce 4 years ago, my credit rating probably still sucks to the point that even an ID thief would be ashamed to use it.

    Go ahead, try and get a credit card with it - you'll hear laughter that would compete with an insane asylum on Bath Day...

  9. Re:Queue Microsoft Trolls in on Intel Cache Poisoning Is Dangerously Easy On Linux · · Score: 1

    Since most distros (at least the ones worth a damn) require the root password to do single-user mode?

    Nah, you're better off rebooting from a geek stick or live cd at that point so you can mount the disk and modify /etc/shadow on it...

    /P

  10. Re:Microsoft's last line of defense on Has Microsoft's Patent War Against Linux Begun? · · Score: 4, Insightful

    Just one problem: They risk stepping on the toes of folks like IBM, Apple (who has more cash in the bank right now than Microsoft does), and other biggies that can make life very, very hard for MSFT.

    Also, the payouts aren't as fast or as big as you would think: Sure, a small corp could/would cave in and settle almost immediately, and enough of them would provide an ongoing income for awhile. That said, doing so would force a lot of up-and-comers to simply abandon as much of MSFT as possible, just to avoid potential conflict.

    Look at the GIF/LZH patent as an example - the whole damned thing mostly withered and died because Unisys was too desperate and stupid to realize that they could have taken a better approach. World+dog simply avoided using compressed GIFs, instead turning to other tech to get the job done.

    I can see people start to do the same things with .NET, ASP, and more, if MSFT becomes an aggressive RIAA-style extortion machine.

    To mangle a well-worn phrase: Nowadays, application developers see patent lawsuits as damage, and tries to route around them.

    (I can also see other corps banding together and assaulting MSFT just out of preventative self-defense, too... see also SCO's troubles as a model.)

    /P

  11. Re:Microsoft confirms it! on Microsoft Sees Linux As Bigger Competitor Than Apple · · Score: 1

    Toy metal car analogies, maybe...

    /P

  12. Re:What's the purpose... on Gamer Claims Identifying As a Lesbian Led To Xbox Live Ban · · Score: 5, Funny

    Okay. I'm going to go down to the local lesbian bar (I used to drink there with some friends) and say, loudly but not unreasonably so, "I like to screw chicks!" Repeatedly.

    At risk of being labeled as a troll or worse, I would think that at least half the patrons' first response would be an immediate: "...AND SO DO I!"

    That aside, one would think that you would be thrown out for being a repetitive irritant long before you'd get pitched on philosophical/orientation grounds... much like nobody likes to talk to the little kid who always responds to everything you say with "...but why?"

    /P

  13. Re:They're setting themselves up for a lawsuit on How To Handle Corporate Blackmail? · · Score: 1

    ...and if I called the ex-employer posing as a prospective employer?

    Honestly, if you're not sure (as the guy who keeps losing out on new jobs), all you have to do is pretend your some legit-sounding HR droid in some legit-sounding company and do a few phone calls yourself. You'll find out in short order who may be giving you a bad ref. In most states, one tape recording is all it takes to nail the ex-employer who does it to the wall.

    One would think that most HR departments are smart enough to know this, which is why one would think they'd answer "yes" to "would you hire this person again". Hell, I figure they'd likely say it even if you skinned live kittens on the CEO's desk before you left just to avoid a lawsuit.

    /P

  14. Re:crazy on The Hard Upgrade Path From XP To Vista To Win 7 · · Score: 1

    Here's a challenge: try to run a MacOS 9 application on your beautiful, shiny Macintosh.

    I have a small one for you: maybe you should re-read what he was writing up there? Here, let me point out something from his post:

    and basically 100% functional with all my goodies.

    (emphasis mine)

    You were otherwise correct, but only to a point, y'know?

    /P

  15. Re:Enterprise upgrade? on The Hard Upgrade Path From XP To Vista To Win 7 · · Score: 1

    ...but if the hardware troubles they reported are still, you know - troubles? Then what?

    /P

  16. And what about SharePoint? on Zero-Day Excel Exploit In the Wild · · Score: 4, Interesting

    While such a vector would be pretty useless on the public nets, just out of academic curiosity, I wonder: how fast would this critter would travel if it got loaded onto a SharePoint site (you know, one with the handy Excel-handling plugin turned on?)

    Looking at it from the other end, how do you protect from such an eventuality without shutting off the plugin?

    /P

  17. Okay... on The Chinese (Web Servers) Are Coming · · Score: 1

    ...so is it a re-jiggered Apache (a'la Red Flag Linux), or what? If it's GPL, then cool... welcome to the pile.

    /P

  18. Re:Not too hard to ditch... on Wisconsin Passes Digital Download Tax · · Score: 1

    You forgot Intel, which has a HUGE R&D investment out here...

    (the other being, of course, the flying spaghetti monster )

    Oh, wait, no you didn't. my bad :)

  19. Re:Apple might go for it on Ballmer Pleads For Openness To Compete With Apple · · Score: 1

    Oh, cool.

    Wait - the only version that doesn't cost a bundle of money is a "Research" kernel, which I really can't use to build apps with for the latest OS versions.

    Nice try on their part, though.

  20. Not too hard to ditch... on Wisconsin Passes Digital Download Tax · · Score: 4, Insightful

    Option 1: Start using PayPal with an out-of-state relative's address
    Option 2: Get a PO box over state lines, and open a bank account there while you're at it.

    ...or Option 3: Move to Oregon, where we don't have a sales tax.

    I am curious, though - they expect to make $6.7m per year... how much of that will disappear into enforcement and accounting? Doesn't really seem like there's enough return on it to balance the hordes of pissed-off constituents.

    /P

  21. Re:Apple might go for it on Ballmer Pleads For Openness To Compete With Apple · · Score: 1

    Really? Where can I download the source code to Windows' core functions, like I can with OSX?

    /P

  22. Re:Putting aside what I spent said... on Ballmer Pleads For Openness To Compete With Apple · · Score: 5, Insightful

    Even in today's context, what Microsoft is demanding Apple do, Microsoft won't do itself.

    Let's keep it to current setups, to satisfy your demand that it all stay relevant to today:

    When will Microsoft open SharePoint so that you can use Oracle, MySQL, or Postgres? When will Microsoft open up Exchange so that competitors can code their own fully-featured clients for it? Will Microsoft open up their Windows marketing so that OEMs can fearlessly sell --and Market!-- Linux equally, in all the models that a given OEM has?

    You see - one doesn't have to look too far to realize that Ballmer is still, even by today's metrics, speaking from a deep, deep well of hypocrisy.

    /P

  23. Re:Not so hippocritical on Ballmer Pleads For Openness To Compete With Apple · · Score: 1

    To add to this, Microsoft has licensed active sync to Apple and Google for iphone and android respectively.

    Err, you know Microsoft is not licensing A/S out of charity, right? They are making a profit out of that deal. What Ballmer is demanding that Apple do, well - Apple wouldn't make any money at all from what he's wanting, and at the same time it would hurt Apple's image for reliability, safety, security...

    /P

  24. Re:What about... on Norwegian Websites Declare War On IE 6 · · Score: 1

    The suckyness that is Sharepoint is already digging its claws into the corporate market. I regularly see contracts for it, usually requiring other Microsoft lock-in technologies as well.

    Specifically, 1 MS SQL Server, at least three (yes, 3 - CA, Index, and NLB) Windows Servers, with .NET and ASP splattered all over the works... and don't forget the Office plugin licenses! (Nevermind that you can do 95% of the featureset with a decent CMS and one server at a total software cost of $0.00...)

    Don't ask about the pricetag. Little wonder SharePoint has like only one universal license key and that they literally give it away for free to most folks... they make their money back in spades off of everything else.

    They might as well be burning the money, but - no. They're investing it in ways that ensure they are stuck with the whole family of Microsoft products.

    A-yep.

    /P

  25. Re:What about... on Norwegian Websites Declare War On IE 6 · · Score: 4, Insightful

    It's more like: "...all our custom VBS-based apps that we can't afford to get rid of is IE-based, therefore so is your job."

    And if you think there's unavoidable lock-ins now, wait'll SharePoint gets its tentacles into the enterprise at large... "what, no Outlook integration? No automatic login from Active Directory!? We can't have that! Forget your wiki thingy, hire a SharePoint guy already, and let's get this thing rolling! You're wasting my time here!"

    Call me a troll if you like, but damn - it's a very slick way to make sure the folks in Redmond have continued income for at least the next decade...

    /P