Slashdot Mirror


User: _Sprocket_

_Sprocket_'s activity in the archive.

Stories
0
Comments
5,182
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,182

  1. Re:PGP owns... on Zimmermann Suggests Freeing PGP Source · · Score: 2

    The problem is that _right now_ it's just kinda weak.
    I agree that the GnuPG GUI/Windows clients do not yet meet the level already found in later versions of PGP. But once again - I would point out that until NAI started to esentially kill PGP as a product line, there was little incentive to drive that development. Now, in a relatively short period of time, we are seeing some real progress.

    GPL/OSI developers _usually_ put their win32 work on hold that is what scares/bothers me.
    I would suggest its less a matter of puting win32 work on hold and more a matter of a lack of win32 developers. Open Source development seems to be far more common within Unix and (not suprisingly) Linux environments. I suspect its a cultural issue; the whole Open Source concept seems very foreign in a Windows world. That's not to say there aren't some really nice OS projects for Windows (or excellent work to extend OS projects to Windows).

    But there is now more of a demand for GnuPG solutions for Windows. And OS development has been showing up more and more often in Windows environments. So the future is good, I think.

  2. Re:Shroud evidence: Jesus underwent nuclear fissio on Slashback: Disclosure, Maricopa, Telecoms · · Score: 5, Funny


    One theory is that Jesus became pure energy and the radiation burned the image into the cloth.

    ...

    In fact this is the same concept of an atom bomb - matter becoming pure energy using radioactive material as a catalyst.


    "Yea. I knew Jesus. Nice guy. Real concern for his fellow man. Kinda quiet. But boy... once you set him off... what a temper!"
  3. Re:MOD DOWN- NASTY PORN PICTURE on Data Mining, Cocaine and Secrecy · · Score: 2


    Mods, follow the link yourselves. It's a data mining site I found a while ago while researching for my 2nd year databases project at college. No porn, just useful links.


    Then why not post the link directly? Why the redirect?


    Whats kind of amusing about the whole thing is the series of popup/under, banner-adds, and tracking cookies gracing the initial redirect page. It actually plays to the "datamining isn't evil" argument rather nicely.


    Either the poster is clueless, trying to play troll games, trying to convert the Slashdot Effect to cash, or has a really crooked sense of humor.

  4. Re:PGP owns... on Zimmermann Suggests Freeing PGP Source · · Score: 3, Insightful


    Now I see one project to bring it to the Windows desktop but it's being developed by linux developers.


    I've found a whole series of GnuPG interfaces and email plugins for windows (WinPT being my favorite sofar). I don't know if the developers are "Linux developers" or not - but I fail to see how that matters.


    If people expect Phil to come over to the GnuPG camp then you have to be ready to develop as much time to the Windows product as *nix.


    Nobody is stopping any developers from running with GnuPG development on their favorite platform. In fact, as already pointed out, Windows development is definately picking up (probably due to NAI's dropping PGP - way to create an itch / need). And the GnuPG developers are definately thinking ahead with libraries such as their GPGME API. No more shell front-ends like the old PGP GUI days. GPGME provides direct hooks in to GnuPG (WinPT uses it).


    In short, the door is wide open.

  5. Re:Sad for Zimmerman but irrelevant on Zimmermann Suggests Freeing PGP Source · · Score: 2


    When Zimmerman sold PGP, what did he expect? That people would start paying
    Network Associates money to use something that most people still don't
    see the need for?


    Maybe he expected a large company like Network Associates might know how to properly market and maintain the product. Its seems that if that assumption was made, it was incorrect.
  6. Re:GPG is just fine but GUI needs work on Zimmermann Suggests Freeing PGP Source · · Score: 2

    It might be worth noting that WinPT isn't the usual front-end / GUI shell like the old PGP days. WinPT actually uses GnuPG's new API called GPGME.

  7. Re:good newssource? on Zimmermann Suggests Freeing PGP Source · · Score: 2


    He's concerned about having a decent product out there that everyone can use. GnuPG is great, but not everyone is willing/able to use it without a pretty GUI attached to it.


    Then use one of the many GUI's or email clients / plugins that support GnuPG.
  8. Re:OpenSSH vs Commercial SSH on SSH-Based Solutions - Looking for Industry Proof? · · Score: 3, Interesting


    There really is no reason to use a commercial product unless the management is stuck on the "We need someone to sue if it breaks" business model of software acquisition.


    SSH, Inc.'s Windows server offering had much better system integration than any of the Windows OpenSSH projects. Granted - this may no longer be the case (last I looked at this issue was over a year ago).
  9. Cisco Systems & SSH on SSH-Based Solutions - Looking for Industry Proof? · · Score: 2


    What large organizations are implementing SSH?"


    Cisco Systems uses SSH extensively. You can find SSH supported in some of their commercial products. And internally, SSH is becoming one of the standards for remote access. It might be interesting to note that they use a combination of SSH2 from SSH, Inc AND OpenSSH with both being officially sanctioned solutions.
  10. Re:What servicemen? on The True Story of Website Results · · Score: 2


    Free Housing: Does exist if you are not-married, enlisted and want to live on-post. But if you're an officer or married you get a housing allowance and usually live off post. A few luck ones do get on post housing.


    True enough. However, I was responding to the situation presented - a married couple. On a further (even more off-topic) note, on base housing was often a limited resource, even for enlisted (at least in the AF). Single NCOs often got BAQ and lived off-base too.


    Free Food: Eat on post, it's free, Off post you pay.


    Not for me: I got BAS. So if I ate at the chowhall, there was a fee. Though it WAS cheap food and there was a selection of things they managed not to screw up... so it became a valid lunch choice (and there was an express line for flightline troops rushing to catch early afternoon sorties).


    About 16 hour work days: When I was active duty I rarely worked more than 8 hours a day. Only when I was in the field did I work 16 hour (sometimes 24hour) days.


    I have to agree here - though my work days were usually a pretty solid 8 hours. There were policies in place that made 12hr shifts the limit without very special cause (usually that was for exercises - 12hrs of "sucking rubber" during a simulated chemical attack on rare occasion). I do know an avionics shop whos systems were so screwed, they were on 12s for a couple years trying to keep up. When TDY to the sand-box, we usually continued with offical 8hr shifts but we would often work over-time. After all it was either work or sitting around in a tent. Sometimes we even had shift production supervisors making the rounds looking for people who are supposed to be back at tent city and kicking them out (assuming there wasn't some emergency going on). Its an entirely different experience in that environment.
  11. Re:What servicemen? on The True Story of Website Results · · Score: 2


    They get free housing, food, and free tuition to any college they want.


    Free Housing - Either they managed to make it through the waiting list for base housing (often several years) or they're getting BAQ (Basic Allowance for Quarters) which often helps, but doesn't always completely pay, for rent / mortgage payments.


    Free Food - Being married and off-base, they both get a BAS (Bassic Allowance for Subsistance). This is a nice plus, but hardly pays for the monthly groceries (but it will cover the majority of the chowhall bill if they eat on-base a lot).


    Free Tuition - They have enrolled in the GI Bill which basically is a very agressively paying investment system - invest X amount and get XX amount back to be spent at a college of your choice in several years. Its a nice program, but it hardly counts as "free tuition to any college".


    The question is - if these basic facts are misunderstood, is what your sister and brother-in-law also doing equally misunderstood?

  12. Re:And you Americans accuse OBL on The True Story of Website Results · · Score: 2


    This paints a picture of children who are not mad because Microsoft has unfair practices, but are upset because they did not think of it first.


    ...or it simply explains why Slashdot has been seeing more and more pro-Microsoft posts over the past few years. :P
  13. Re:Between a valid point and paranoia on Analyzing Palladium · · Score: 3, Interesting


    I remember working with GPL'd stuff back in 1989, a few years before the name Linux had even first been mentioned... why didn't [Microsoft] see it as a threat then?

    ...

    It wasn't until Linux actually entered the fray of being a serious operating system that MS sat up and took notice. Yep. I think it's more about Linux than the GPL -- the GPL just happens to stand in their way of being able to control Linux, so they attack it that way.


    Its kind of like noting that the Internet was in (somewhat) widespread use well before 1996, so why didn't Microsoft pay attention if this Internet thing is such a big deal. It wasn't until the graphical web browser showed up that Microsoft paid attention. Therefore, its not the Internet - its the Web.


    In some people's minds the two ARE the same thing. And while they really are seperate entities, one depends greatly on the other for its success. And once the Internet with its more user-friendly flashy graphical Web front-end hit the scene... businesses, even those who had spent years running competing technology / practices, were forced to adopt it.


    Linux and the GPL share many of the same traits. To the uninformed, the GPL and Linux are the same thing (if both aren't simply labled 'freeware'). The GPL license and GNU project layed the foundation for Linux. Linux drove the popularity of the GPL. At first GPL/Linux went unnoticed by the IT industry. And then it sprung forward, caught momentum, and is now an issue most IT Industry players must tackle - including Microsoft.


    The GPL and Linux provide a whole range of threats to Microsoft. Competing software. Competing standards. Demand for open standards. Loss of control over implementation of those standards. Loss of control over publically available code, to include technology and code developed at Universities and through the US Government. Competative advantages to competing businesses able to adopt a business model that can make use of this code base. It doesn't matter if its specifically Linux or the GPL - its all full of nasty potential for Microsoft.


    Microsoft's strategy is pretty simple. Linux presents a unique threat - it can't be bought, out-marketed, or simply smothered. Linux is grassroots and now a part of a wide number of corporate strategies. Its an IT industry hydra and the time-tested strategy of lopping off a head won't work. So Microsoft has decided to go for the heart; the GPL. Which would be a nice and neat thing to do - poison the GPL and ALL the issues of Linux and the GPL begin to fade.

  14. Re:Don't look/laugh now, but... on Warchalking Visual Cues To Urban WLANs · · Score: 2

    Hmmm. How to explain away that one. You can refer to computers and PDAs as "golems". But what would a Segway be? An etheral warhorse-driven chariot?

  15. Re:SSID on Warchalking Visual Cues To Urban WLANs · · Score: 2

    They'll probably blame the City.

  16. Re:What's next? on Warchalking Visual Cues To Urban WLANs · · Score: 2

    I think "WarSegwaying" is actually a form of jousting.

  17. Re:Checking out the competition.. on Warchalking Visual Cues To Urban WLANs · · Score: 2

    I was working for a major tech company when it became "the big idea" amoung business units to purchase and deploy their own wireless access points. Needless to say, simply walk by or in to our company parking lots / campus and you had unrestricted access to the internal network. As we went through the process of getting a handle on this situation, we used to joke about how our competitors were just down the street... and say... has anybody noticed any new antenas on their building?

  18. Re:My god you are all pricks! on Ransom Love's Answers About UnitedLinux · · Score: 2


    Here goes my karma.


    Any post that starts with a comment about karma is immediately suspect. If you truely have conviction in your words, don't try to paint yourself the martyr.


    A CEO takes time out from his busy day, and the highest ranked comments accuse him of being a liar or against the 'cause'.


    Moby says that just maybe P2P cost him a dime or two, and now he's a no-clue traitor to the cause who sucks now anyway.


    Both Ransom Love and Moby CAN, in fact, be wrong. And when people perceive that they are wrong, they will voice those observations in forums like this one. Its less about "the cause" and more about differing opinions, perceptions, and fact.


    Now I understand the trolls.


    Now I agree with the trolls!


    Trolls either enjoy the sport of creating chaos or are simply unable to fathom differing opinion and possibly lack the ability to properly frame their own argument. In the end, they are either simply noise or the exact foaming-at-the-mouth zealot they like to claim to be exposing.


    Please people, learn how to be decent human beings!


    Right. And use phrases such as "My god you are all pricks" and "You suck. You all suck" perhapse? Good point.


    The purpose of an environment such as Slashdot is to discuss issues. This discussion will include opinion and nobody will agree on every opinion expressed. But this is the stuff of good debate. Join in. But don't take it personally if someone find fault with your thoughts.

  19. Verification and testing on Ransom Love's Answers About UnitedLinux · · Score: 3, Insightful


    Example: we want to move to an LDAP mail and message server, akin to Exchange. So, I hit the boards and forums, check SourceForge (of course), and come across 8 - 10 server products that *sound* like they fit our needs. My problem is this: how can I tell that this is going to work as advertised on our systems, and how do I know that it's not going to bork everything else we're running? Sure, it's all *supposed* to run properly and play nice with the other boys in the garden, but everyone knows that server platforms, regardless of manufacturer, have interop glitches. Yes, it's true that, if I had all the time in the world and was being paid 200% more, I could download each of these products, set up a staging environment, and try to hammer out the bugs myself.


    Or, I could install Exchange and be up and running with a high confidence level in about 3 hours. I know, I know- you all think Exchange is a steaming pile; but the reality is that it's quick and easy to install and administrate. Why? Because Microsoft has farms full of paid developers making sure that it is.


    I'm kind of curious as to where the leap happened between

    "Sure, it's all *supposed* to run properly and play nice with the other boys in the garden, but everyone knows that server platforms, regardless of manufacturer, have interop glitches"

    and

    "...I could install Exchange and be up and running with a high confidence level in about 3 hours."

    I would assume at some point, your organization took Exchange and ran some tests against it to ensure it would manage to deliver what it claimed. Perhapse you even talked to Microsoft and got some information as to what to expect out of their product and good implementation strategies. And you would have sought out reviews and opinions from industry news sources and technical discussion forums.


    Many of the same strategies apply to investigating Open Source applications for the Enterprise. One advantage to Open Source is that its community and developers are rather exposed to the public - discussions over implementation, scalability, bugs, and other technical issues are often a google search away. Furthermore, these projects usually offer forums (web forums, mailing lists, usenet groups, etc) where one can seek out informed answers to direct questions. Sometimes these projects are the product of a group who consult on implementing the software - engage them. Or seek out some of the other organizations involved in providing business support for Linux and associated products (such as RedHat, SuSE, or Caldera). There may be enough free information available - or a small enough fee that is easily absorbed as a "cost of business" when compared to future licensing fees (or lack thereof).


    The final step is simply testing. After you've narrowed down on a few possible products based on your desired needs (you DO know what your user base NEEDS, right?), underlying architecture, etc... implement it. Set up a testbed. Stress test it. Look for odd performance kinks and usability or administration issues.


    Of course, this should be old hat. After all, we know not to trust the glossy brochure. The proof is in the performance. And that holds true no matter if the product comes from a Mega-corporation or a modest listing on Sourceforge.


    UL does not change any of this. Granted - it does provide another vendor listing. But this is not something new. Linux vendors, contractors, and independant contractors have been serving business interests and concerns for years.

  20. Sceptical Claim on Scotland: Aliens' Official Favorite Destination · · Score: 4, Funny

    I have a hard time believing Scotland would lead in UFO sightings. It doesn't strike me as an area of the world with the right popluation center. After all, do they even HAVE trailer parks there?

  21. Re:What an ironic Subject! on Microsoft's 'Palladium' Privacy/DRM Scheme · · Score: 4, Insightful


    People on /. rejoice when bugs are found in Microsoft's code. Then they complain that MS should do something about this, and fix it. Then MS takes steps to do something about it, and address security. Then people on /. complain that MS is trying to do something about security...


    Take another look at the criticisms being voiced. The issue is whether this really has anything to do with security, or more to do with providing an architecture to lock out competitors and control, or eliminate, fair use rights.


    Microsoft's insecurity woes have little to do with encrypting signals between your keyboard/monitor and the computer. Signed code also misses the issue. The problem is that Microsoft has a long history of bad implementation and flawed architectural design. Environments that will remain flawed even as Microsoft moves on to their next Big Thing.


    This casts further doubt on Microsoft's intentions and even ABILITY to provide a secure architecture. This is not entirely a technical issue. This has as much to do with Microsoft's culture and focus as it has to do with their engineer's abilities. There has to be a fundimental shift within Microsoft such as changing the focus on last-minute features at the cost of debugging. And that is a challenge for even a company as nimble as Microsoft.

  22. Re:Security Bugs are inevitable on Security of Open vs. Closed Source Software · · Score: 2


    Yeah, but closed source operates in "stealth mode." Their planes are harder to see because you don't get to see the source. Open source, on the other hand, is like a plane the size of a blimp.


    The analogies in this thread bear little resemblance to the subject at hand. That makes the exercise a bit silly - but no less fun. :)


    Closed Source is less "stealth" and more "electronic warfare" in nature. More specifically, Close Source resembles barrage jamming. The target is certainly visible, but exactly what it is has been obscured. That's not to say such a target can't be attacked. And history has shown Closed Source software taking plenty of hits.


    It is worth stressing that these analogies fail rather miserably. Physical security issues deal with enirely different environments than information security - even electronic warfare which, like other physical secuirty, operates within the realms of physics. Limitations and methods of attack and countermeasure are entirely different.

  23. Re:you can't get 100% on Fair Use Computer Game · · Score: 5, Funny

    A strange game. The only way to win is not to play. How about a nice mp3 from an independant artist's web site?

  24. Relevance on Security Concerns When Consoles Go Online? · · Score: 4, Interesting



    Too bad MS shipped the Nimda virus with their Korean version of .Net Visual Studio


    Come on. This really looks childish. That's an irrelevant story. Just let the facts speak for themselves or you lose credibility.


    Yea. It looks childish. But that doesn't mean the event has no relevance here. Let's look at this a bit deeper.


    Data integrity is often one of the goals of an organization's infosec posture. This is more than simply ensuring the data is not improperly accessed and is available. It is also ensuring the data has not been altered without authorization.

    In this case, Microsoft's data being offered to its customer had its integrity violated. Malicious code made its way in to an external distribution; not obscure code but a well known virus. Now, Microsoft is not the only one to suffer the embarrassment of distributing a virus. But it does highlight a breakdown in Microsoft's internal infosec practices. And that comes at a very inopportune time for Microsoft.


    So the question would then be - how does this apply to the security of the XBox? Microsoft has a long history of troubles not only with security, but an almost arrogantly blatant disregard for security practices and concepts. This has eventually backfired on Microsoft and they have been faced with a growing PR issue. The answer to this situation has been Trusted Computing - a bottom-up change in Microsoft where everyone has been trained in infosec concepts and practices. If Trusted Computing pans out, Microsoft's security woes are behind them.


    The cynical in the infosec / IT industry have already noted that they've heard this song before. Microsoft's PR and Marketing departments constantly promise security - especially after incidents that focus on MS products. Furthermore, experienced infosec workers know that addressing infosec issues often requires a complete change in methodology and outlook. And this translates in to changing Corporate culture. Microsoft may be nimble, but this change may be too demanding for even Microsoft to accomplish.


    The relevance of Nimda appearing on a Microsoft software release is the question of whether this incident was a simple embarrassment or an indication of a continued lack of understanding for infosec issues within the Microsoft culture. And that certainly has a bearing on the question of Microsoft's concepts of information security and the XBox.

  25. Re:Misnomer on Windependence Day · · Score: 2


    More systems are leaving traditional Unix for Linux than are leaving Windows for Linux.


    Yea. I've heard that theory too. Though I haven't seen any good data on it - got a reference?


    One concept to consider is a loss for Solaris or AIX to Linux is still a loss for Microsoft.


    I used to administer a lab of Unix (Solaris, HP/UX) workstations used for engineering applications. The apps were often also available for the Windows NT environment. Thus, Management was constantly being courted by vendors who offered Windows NT engineering workstation solutions - the draw was the cheaper, commodity hardware. But the engineers largely preferred the Unix workstations after experiencing WinNT during training seminars. None the less, the promise of cheaper hardware was always tempting.


    These applications are now largely available for Linux. Thus Linux competes with Windows for the market of those who are seeking a way to run these applications on commodity hardware. When a shop migrates away from, say, Solaris it may be a loss for Solaris. But when the shift is to Linux, it is likely to be at the expense of a move to Windows.