a hash is just to slow down an attacker should be get hold of your shadow file. even salted MD5 stores the hash alongside the password (see the $1 part). without a salt, multiple logins with the same password are readily apparent and a break in one results in a break in the other. with the salt, the attacker has to do the whole processing for every salt and a break in one is just that, a break of one password
patriot does not apply to true american companies and bush's cronies, especially if it prevents them from making money and/or protecting the True American Dream
memtest is awesome. the only problem with it (and i really dont see how they could fix it) is that it takes so damn long to run. some mem failures will only appear after 2-6 hours of runtime. that's not really reasonable for a house call. of course you can always leave the disk to the customer and tell them to call you if any red line appears:)
AD has a directory service part, but i seem to remember microsoft considering it as their whole auth stack, and it uses their borgified krb5 to auth the machines
also, if you want to argue about directory services only, AD is just a borgified ldap with lots of non-standard extensions
easily is stretching it a bit but kerberos was designed for just that. in fact, AD is just a Borgified kerberos (just enough so it's incompatible with every other krb servers)
they're not running it anymore:) it's been at least 4 years (probably more) since this incident, but the point was that not everything written by IBM is as easily portable as the OP's wanted you to believe
though it might still very well be a remarkable platform;)
i have a customer who's been told by ibm, with a 2 weeks notice, that they'd have to change their whole network because the firewall module for their as/400 (or something to that effect) would not run after applying the patch, and they had no plan to make it work
my sister spent 3 months in senegal and from her own account, yes they do abuse whatever they own (or dont own) to a pretty large extent. they managed to break a sturdy plastic fresbee (something which i've never seen or heard done in the "first world") and my sister's walkman, along with clothes, jewelry, shoes or anything they got their hands on.
what's sad is that in their mind, they're imitating us. they break them to show that they don't care, to give the impression that they're rich enough that they can afford to break them (even if it's not true, it's part of an image that they want to give themselves)
heavy water is "common", but there's very few facilities to extract it from normal water and the process is extremely (iirc) energy ineficient and toxic
at least you were greeted by the login screen. i had one "reboot" for patches, except it didnt reboot, it SHUTDOWN. very nice when you want to use it remotely
i've tried the VM app of zenoss. the config is easier at first glance, but it gets tedious as soon as you want to monitor something other than the default.
no, but then i take my job seriously and i at least verified that the new timezone matched the correct data and that no deamons had crashed. instead of blindly pushing a potentially disruptive update to 2000 computers
if you want to be blind and half assed about it, redhat's tool does it just like microsoft. one click and it'll be deployed on the next check
Slashdot Mirror
no it's not
a hash is just to slow down an attacker should be get hold of your shadow file. even salted MD5 stores the hash alongside the password (see the $1 part). without a salt, multiple logins with the same password are readily apparent and a break in one results in a break in the other. with the salt, the attacker has to do the whole processing for every salt and a break in one is just that, a break of one password
patriot does not apply to true american companies and bush's cronies, especially if it prevents them from making money and/or protecting the True American Dream
a simpler fix, that doesn't involve breaking any standards /etc/init.d/apache stop
yes, there's a lot of dumb pseudo security-expert sysadmins out there. that's the main reason
memtest is awesome. the only problem with it (and i really dont see how they could fix it) is that it takes so damn long to run. some mem failures will only appear after 2-6 hours of runtime. that's not really reasonable for a house call. of course you can always leave the disk to the customer and tell them to call you if any red line appears :)
AD has a directory service part, but i seem to remember microsoft considering it as their whole auth stack, and it uses their borgified krb5 to auth the machines
also, if you want to argue about directory services only, AD is just a borgified ldap with lots of non-standard extensions
easily is stretching it a bit but kerberos was designed for just that. in fact, AD is just a Borgified kerberos (just enough so it's incompatible with every other krb servers)
uhh, woody had shadow passwords and probably even before that
my experience mirrors yours. based on many dozens of PCs running AVG: it's excellent at detection but once a virus does get past it you're fucked
they tried that on cd-roms already, and failed. give it some time and it will be cracked.
drm is a fallacy
they're not running it anymore :) it's been at least 4 years (probably more) since this incident, but the point was that not everything written by IBM is as easily portable as the OP's wanted you to believe
;)
though it might still very well be a remarkable platform
i have a customer who's been told by ibm, with a 2 weeks notice, that they'd have to change their whole network because the firewall module for their as/400 (or something to that effect) would not run after applying the patch, and they had no plan to make it work
so much for 100% compatibility
decompiled java can be recompiled most of the time
one could argue that java isn't really compiled, but that's the term they use
i can't blame you. i did read it, twice even, but the writing style is pretty dense and it's hard to stay focused on it
my sister spent 3 months in senegal and from her own account, yes they do abuse whatever they own (or dont own) to a pretty large extent. they managed to break a sturdy plastic fresbee (something which i've never seen or heard done in the "first world") and my sister's walkman, along with clothes, jewelry, shoes or anything they got their hands on.
what's sad is that in their mind, they're imitating us. they break them to show that they don't care, to give the impression that they're rich enough that they can afford to break them (even if it's not true, it's part of an image that they want to give themselves)
heavy water is "common", but there's very few facilities to extract it from normal water and the process is extremely (iirc) energy ineficient and toxic
no, a quadraplegic wouldnt protect you against anything.
a better analogy would be
Buying a Symantec product to protect your Windows PC is like hiring a suicide bomber to be your bodyguard.
it protects you, and blows you and everyone around you to pieces in the same run!
at least you were greeted by the login screen. i had one "reboot" for patches, except it didnt reboot, it SHUTDOWN. very nice when you want to use it remotely
he did say human readable
have you tried gocr? it's nice as a random number generator, but beside that... it's pretty much garbage
tags
i've tried the VM app of zenoss. the config is easier at first glance, but it gets tedious as soon as you want to monitor something other than the default.
i'll try to remember that one, thanks
outside of our solar system? neptune belongs to this solar system. http://en.wikipedia.org/wiki/Kuiper_belt
no, but then i take my job seriously and i at least verified that the new timezone matched the correct data and that no deamons had crashed. instead of blindly pushing a potentially disruptive update to 2000 computers
if you want to be blind and half assed about it, redhat's tool does it just like microsoft. one click and it'll be deployed on the next check