you can't rule out they don't have experience with Solaris or AIX, as GNU Tar can be compiled on both platforms. The first thing I do on my solaris boxes is to install gnu tar, only because I hate typing extranous characters. While I have no problem with piping like we were meant to, its just quicker to use -z.
i used to get a good chuckle when i would quiz our consultants with a problem on a random box and they gave up after they didn't know how to untar a gzipped file without gnu tar. some where smart and used gzcat, some where decent and gzipped before untarring, others gave up, but one actually fetched gnu tar, compiled it, and proceeded with the task. i passed him sheerly on effort alone.
The 'switch user' functionality allows one to easily switch between users. This allows one to easily switch among accounts with different privileges, which is useful if you want your default account to only have normal user privileges (a good idea from a security standpoint), but you want to easily install software without having to logout of your current session, login with Administrator privileges, navigate to your default user's home directory, install the software, logout of the Administrator account, and login to your normal account, and restart all your programs.
Whats wrong with runas.exe or shift->right click->run as.. on an executable in explorer?
You *should* be able to install software as a normal user if you install it into your home directory and the software does not touch the registry or kernel.
You *CAN*. This is not a fault of microsoft, this is a fault of app developers that chose to write to %SYSTEMROOT%, to the Local Machine registry keys, or other areas that are locked down from User write priviledges.
And to you I say "Use Linux!! Gentoo would pe perfect for you!"
I have yet to find a linux distribution or any alternative operating system (besides BeOS and Mac OS X) that didn't run Gnome or KDE, had a functional desktop, and could run nicely under 256mb of ram. X and Firefox alone use ~100mb of ram on my machine AND i don't get an accelerated desktop. Looks like Windows has the desktop market in the bag with Apple looking for a piece. Linux is still the red-headed stepchild that has to eat in the basement. Not bashing, just laying the facts on the table.
Linux is okay for small-to-mid server environments and making headway into the enterprise market. Desktop, it is not.
if you used AOL back in the early 90s, and i'm talking 90-92, you'd know it was actually a decent place. it wasn't until ~94-95ish when AOL took a nose dive for the worst.
pfft its going to be dvd regardless. think about it. in 10 years will your mom call you and say "this blue ray disc isn't working" or "this dvd wont play". case-and-point, it took my mom until the xbox to stop saying "nintendo games" in reference to any console video game.
someone wasn't clued in about PR Audio on AOL during the early 90s...
but yes, the clueless masses did not know about mp3s until circa 97 and wasn't common until 99-2000. however, saying it wasn't widely used is a bit of an understatement. it served its napster-like purposes very well, computers just weren't at the point where apps (read: games) could take much advantage of it. every try playing an mp3 on a 486 or low end pentium? 30-40% of your cpu time was spent decoding
Aw working in IRAQ isn't that bad. at least you take in $80k tax free (about the same as making $125k w/ taxes assuming single male, no deductions, getting fucked by uncle sam)
at my last job, i allowed consultants to fuck with each other if they left their machines open for abuse (i.e. leave a root window open or an administrator account unlocked on their computer). one consultant set his root password to abc123, another consultant found out and started abusing his machine. the hacked consultant came crying to me for justice and i threatened to fire him if he didn't find and fix his security flaws. since then he has become a bit more security-minded.
Opening up the driver projects would mean they could get OSS loving hippies to do all the grunt MTRR/PAT/Register/MMIO/OpenGL hackery for them and they could concentrate on the actual hardware.
And then rival graphics startup steals your code, rewrites a majority of the code, and releases a card that competes with you for $100 less. Haven't you noticed with every Nvidia driver update you gain a 1-2fps speed boost? I don't think Nvidia wants their optimizations in the public domain. Necessary evil, indeed. Third-party closed source modules should be included just as Atheros' binary driver is included in the bsd kernel.
wow, first of all this is a truely misconceived post. second, shame on the moderators that are artificially increasing the validity of this.
first of all, any worthwhile company running oracle WILL have a support contract. period. second, the installer (which i agree blows chunks) is not broken to the point where you REQUIRE a support contract. i speak from experience here, because i have had no problem installing oracle 9i on linux (without calling oracle support). third, oracle is a resource hog because of its design. you don't use oracle for a 10 record database, go use MySQL and worry about your tables getting corrupted for that. now when you're talking million records or more, then oracle will "hog your resources" to ensure you get lightening quick responses while ensuring data integrity. finally, moving databases from one server to another is hardly a pain, if you are a competent system administrator (or even if you're not.. if you have a competent technical lead). again, i'm speaking from experience.
and if you still hate oracle because it is a commerical product (i say this only because you sound biased towards mysql), then jump ship to postgresql. besides the fact that its autovacuum package also sucks ass, it is the only competitor to oracle that i would trust in a production environment.
You, sir, do not understand how Freenet works. Your node is constantly caching data from the freenet network. Yes, your theory is correct during the first, oh, 15 minutes of using freenet.. but no one can really find your node since no other nodes know you exist nor have a cache of the data on your node. After a week of caching data, anyone monitoring your network will have no clue if you are hosting any illicit data or if you are caching data from another node.
Additionally, there is no law you are breaking by allowing illicit data to pass since you have no idea that such data is passing through your node. However, I would not be surprised for a jury to rule against you, should a case ever be brought up, considering how 80% of america doesn't feel anything wrong was done during the NSA wiretaping scandal. But I digress....
No, but I found out something very disturbing about a woman I was interested in after I googled her name one day. Granted, it could have been someone playing a joke, but it sent me running for the hills.
uh, read the boot sector, trace whats gets loaded from there. if something is going to virtualize a clean install of windows (using for the sake of example), i'm pretty sure the initial boot device/location of ntldr will be a nonstandard windows installation.
the reason i said network boot is because in most networked environments (read: at work) the system images are the same. booting from the network gaurantees that you (the sysadmin) knows what should be on the system. shoot, in my last job, every lab machine rebooted on a nightly basis to rebuild itself from RIS. how can (for the sake of slashdot, now) linux boot from a clean network source and get faked out by a virtualization rootkit?
again, on mom and pop's computer directly connected to the internet.. who will care that they are running a virtualized instance of windows? they can still login to check their mail and check the latest on their soaps.. their machine may run a little slower, it just means 13-year old johnny won't know how to fix it right away*.
* actually 13 year old johnny probably knows all about the latest rootkit.. (if things are the same as they were 10 years ago..)
spin it around. if you boot into a virtualising os, how do you know you are virtualized. sounds like a matrix plot, but its plausable. i think we have some time before we have to worry about similar exploits, but lets not forget that a simple fix is to network boot a virus scanner, scan for a virtualizing rootkit and remove it. this is moreso a problem for the many ma and pa computers out there directly connected to the internet.
user logs into computer and connects to banking site to check balances. trojan sends a similiar https packet to decentralized bot network. bot network responds with host to attack and time to do it. trojan later begins attacking host, which could be at a time months in the future. sure if you're logging all traffic from that machine you can tell when it first occurred, but how do you know a few days/weeks/months in the past who they are going to hit and when?
As someone who has intimate knowledge about hijacking computers (i have plenty of friends from my..er.. darker days), a lot of these botnet creators employ "features" such as port knocking and stealth commands (may appear as a simple https response) which are usually encrypted. You may be able to stop the sloppy botnets, but I can tell you now that this is not an easy problem to stop nor a friendly society to penetrate. And as a previous poster foreshadowed, a lot of them are already distributed due to the ease of shutting down a headnode. Botnet creators constantly evolve, how do you think they became so elaborate today?
what happens when your corporation(s) develop a product or service that everyone wants. suddenly half of america is at your feet. you'd be surprised at what power can do to you.
Slashdot Mirror
you can't rule out they don't have experience with Solaris or AIX, as GNU Tar can be compiled on both platforms. The first thing I do on my solaris boxes is to install gnu tar, only because I hate typing extranous characters. While I have no problem with piping like we were meant to, its just quicker to use -z.
i used to get a good chuckle when i would quiz our consultants with a problem on a random box and they gave up after they didn't know how to untar a gzipped file without gnu tar. some where smart and used gzcat, some where decent and gzipped before untarring, others gave up, but one actually fetched gnu tar, compiled it, and proceeded with the task. i passed him sheerly on effort alone.
688 attack sub. case closed. next?
:-)
especially when you're an outside consultant that doesn't even have the certification.
The 'switch user' functionality allows one to easily switch between users. This allows one to easily switch among accounts with different privileges, which is useful if you want your default account to only have normal user privileges (a good idea from a security standpoint), but you want to easily install software without having to logout of your current session, login with Administrator privileges, navigate to your default user's home directory, install the software, logout of the Administrator account, and login to your normal account, and restart all your programs.
Whats wrong with runas.exe or shift->right click->run as.. on an executable in explorer?
You *should* be able to install software as a normal user if you install it into your home directory and the software does not touch the registry or kernel.
You *CAN*. This is not a fault of microsoft, this is a fault of app developers that chose to write to %SYSTEMROOT%, to the Local Machine registry keys, or other areas that are locked down from User write priviledges.
And to you I say "Use Linux!! Gentoo would pe perfect for you!"
I have yet to find a linux distribution or any alternative operating system (besides BeOS and Mac OS X) that didn't run Gnome or KDE, had a functional desktop, and could run nicely under 256mb of ram. X and Firefox alone use ~100mb of ram on my machine AND i don't get an accelerated desktop. Looks like Windows has the desktop market in the bag with Apple looking for a piece. Linux is still the red-headed stepchild that has to eat in the basement. Not bashing, just laying the facts on the table.
Linux is okay for small-to-mid server environments and making headway into the enterprise market. Desktop, it is not.
if you used AOL back in the early 90s, and i'm talking 90-92, you'd know it was actually a decent place. it wasn't until ~94-95ish when AOL took a nose dive for the worst.
network security. i guess it also helps that i've been in the field since '99
pfft its going to be dvd regardless. think about it. in 10 years will your mom call you and say "this blue ray disc isn't working" or "this dvd wont play". case-and-point, it took my mom until the xbox to stop saying "nintendo games" in reference to any console video game.
someone wasn't clued in about PR Audio on AOL during the early 90s...
but yes, the clueless masses did not know about mp3s until circa 97 and wasn't common until 99-2000. however, saying it wasn't widely used is a bit of an understatement. it served its napster-like purposes very well, computers just weren't at the point where apps (read: games) could take much advantage of it. every try playing an mp3 on a 486 or low end pentium? 30-40% of your cpu time was spent decoding
i'm getting offers for $90/hr, so its almost back to the pre-dotcom days! :D
Aw working in IRAQ isn't that bad. at least you take in $80k tax free (about the same as making $125k w/ taxes assuming single male, no deductions, getting fucked by uncle sam)
at my last job, i allowed consultants to fuck with each other if they left their machines open for abuse (i.e. leave a root window open or an administrator account unlocked on their computer). one consultant set his root password to abc123, another consultant found out and started abusing his machine. the hacked consultant came crying to me for justice and i threatened to fire him if he didn't find and fix his security flaws. since then he has become a bit more security-minded.
Opening up the driver projects would mean they could get OSS loving hippies to do all the grunt MTRR/PAT/Register/MMIO/OpenGL hackery for them and they could concentrate on the actual hardware.
And then rival graphics startup steals your code, rewrites a majority of the code, and releases a card that competes with you for $100 less. Haven't you noticed with every Nvidia driver update you gain a 1-2fps speed boost? I don't think Nvidia wants their optimizations in the public domain. Necessary evil, indeed. Third-party closed source modules should be included just as Atheros' binary driver is included in the bsd kernel.
wow, first of all this is a truely misconceived post. second, shame on the moderators that are artificially increasing the validity of this.
first of all, any worthwhile company running oracle WILL have a support contract. period. second, the installer (which i agree blows chunks) is not broken to the point where you REQUIRE a support contract. i speak from experience here, because i have had no problem installing oracle 9i on linux (without calling oracle support). third, oracle is a resource hog because of its design. you don't use oracle for a 10 record database, go use MySQL and worry about your tables getting corrupted for that. now when you're talking million records or more, then oracle will "hog your resources" to ensure you get lightening quick responses while ensuring data integrity. finally, moving databases from one server to another is hardly a pain, if you are a competent system administrator (or even if you're not.. if you have a competent technical lead). again, i'm speaking from experience.
and if you still hate oracle because it is a commerical product (i say this only because you sound biased towards mysql), then jump ship to postgresql. besides the fact that its autovacuum package also sucks ass, it is the only competitor to oracle that i would trust in a production environment.
You, sir, do not understand how Freenet works. Your node is constantly caching data from the freenet network. Yes, your theory is correct during the first, oh, 15 minutes of using freenet.. but no one can really find your node since no other nodes know you exist nor have a cache of the data on your node. After a week of caching data, anyone monitoring your network will have no clue if you are hosting any illicit data or if you are caching data from another node.
Additionally, there is no law you are breaking by allowing illicit data to pass since you have no idea that such data is passing through your node. However, I would not be surprised for a jury to rule against you, should a case ever be brought up, considering how 80% of america doesn't feel anything wrong was done during the NSA wiretaping scandal. But I digress....
No, but I found out something very disturbing about a woman I was interested in after I googled her name one day. Granted, it could have been someone playing a joke, but it sent me running for the hills.
Google is your best friend and worst enemy.
uh, read the boot sector, trace whats gets loaded from there. if something is going to virtualize a clean install of windows (using for the sake of example), i'm pretty sure the initial boot device/location of ntldr will be a nonstandard windows installation.
the reason i said network boot is because in most networked environments (read: at work) the system images are the same. booting from the network gaurantees that you (the sysadmin) knows what should be on the system. shoot, in my last job, every lab machine rebooted on a nightly basis to rebuild itself from RIS. how can (for the sake of slashdot, now) linux boot from a clean network source and get faked out by a virtualization rootkit?
again, on mom and pop's computer directly connected to the internet.. who will care that they are running a virtualized instance of windows? they can still login to check their mail and check the latest on their soaps.. their machine may run a little slower, it just means 13-year old johnny won't know how to fix it right away*.
* actually 13 year old johnny probably knows all about the latest rootkit.. (if things are the same as they were 10 years ago..)
spin it around. if you boot into a virtualising os, how do you know you are virtualized. sounds like a matrix plot, but its plausable. i think we have some time before we have to worry about similar exploits, but lets not forget that a simple fix is to network boot a virus scanner, scan for a virtualizing rootkit and remove it. this is moreso a problem for the many ma and pa computers out there directly connected to the internet.
user logs into computer and connects to banking site to check balances. trojan sends a similiar https packet to decentralized bot network. bot network responds with host to attack and time to do it. trojan later begins attacking host, which could be at a time months in the future. sure if you're logging all traffic from that machine you can tell when it first occurred, but how do you know a few days/weeks/months in the past who they are going to hit and when?
As someone who has intimate knowledge about hijacking computers (i have plenty of friends from my ..er.. darker days), a lot of these botnet creators employ "features" such as port knocking and stealth commands (may appear as a simple https response) which are usually encrypted. You may be able to stop the sloppy botnets, but I can tell you now that this is not an easy problem to stop nor a friendly society to penetrate. And as a previous poster foreshadowed, a lot of them are already distributed due to the ease of shutting down a headnode. Botnet creators constantly evolve, how do you think they became so elaborate today?
what happens when your corporation(s) develop a product or service that everyone wants. suddenly half of america is at your feet. you'd be surprised at what power can do to you.
FIX AUTOPR0N!
yep, at my last job we bought 150 dell optiplex gx270s and got them for roughly 50% off. this included 75 19" ultrasharp lcds..
"640K should be enough for everybody"
Hi Facebook
you could only be talking about squirrelmail, which is the most horrid webmail application i have ever seen. how did that crap become so popular?