Slashdot Mirror


User: msobkow

msobkow's activity in the archive.

Stories
0
Comments
5,287
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,287

  1. Lock down your desktops on HP Introduces Transmeta Thin Clients · · Score: 2, Insightful

    In an environment which locks down the desktops to keep the users from installing additional software, Bonzai buddies, and all that other drek, your support costs are not substantially different between cheap PCs and thin clients.

    The problems show up when you have to deal with users demanding access they don't need. With a thin client, you tell them it can't be done and they believe you. With a cheap PC, they know it can be done and some PHB always forces you to make an exception for that one user. And another. And another.

    If system/network admins were allowed to make the final security decision, half of the problems would be gone before the users could finish typing the email requesting special access.

  2. Agreed on More on SCO Code Snippets · · Score: 1

    Maybe instead of harassing SCO's execs directly, people could make sure that their own business manager's and clients know about the SCO issues.

    Don't flame, don't make false accusations -- just forward the pertinant quotes and links from slashdot articles to the people you know who are in the financial businesses. Your accountant, your own broker, your bank manager, etc. Find out if your 401K is investing in SCO -- and demand your share be invested elsewhere. Put it in writing, too, and threaten them with charges if they continue to invest in a stock you know is being illegally pumped. If they don't listen, follow through and send a letter to the SEC with your concerns.

    If we could get the financial institutions taking notice, you can bet SCO will be swatted faster than you can blink -- nobody wants another Enron.

  3. Re:Dead wrong on License to Surf, Take Two · · Score: 1

    ...mission critical systems that provide life support could cause a loss of life - but what are they doing in a place where inadvertent virus propagations can access them anyway?

    Let's walk through some basics, a modern hospital emergency ward for example. The monitoring equipment is linked to a local network or monitoring computer that is isolated to the ward, but there are subnet bridges to the administration departments that collect information from those monitoring systems. The admin systems also happen to be connected to the financial systems, the desktops in various offices in the hospital, and at least a few of those are going to have internet access for shared resources such as drug interaction databases.

    Even though each layer is "protected" by filters and firewalls, one of the admin desktops gets infected somehow (most likely a laptop that someone took home, or a disk they brought in from home to show someone.) Lo and behold, the rest of the admin systems get infected and start ping-flooding their subnet -- which happens to impact the financial and emergency ward systems they have access to.

    Oh, look! Someone is using a WinXX system to collect and report the data from the monitoring systems. What a shame all the reports and data have been rendered useless by the infection.

    Oops! Mr. Smith just died in E7 because the ping flood kept the alerts from being forwarded on the night shift, and the duty nurse happened to be checking up on E12 who'd pressed their call button after pissing the bed again.

    The problem with computer infections is they don't know the difference between life-threatening systems and regular user's desktops that are going to cause financial losses or lost save-game data. They attack and impact everything -- including systems that they cannot possibly infect.

    Now, who's responsible for the code that made those infections possible in the first place? The user for not anticipating the programmer's mistakes?

    Yes, the user -- for not applying patches at least once in the past month or two. Zero day exploits are unavoidable and might justify a penalty against a corp like Microsoft for lack of due diligence, but zero day exploits are not what is causing the backbone problems and consuming 15% of my bandwidth with ping floods.

    The American people really need to stop trying to blame everyone else for their personal issues. I'm not talking global politics here, but personal responsibility. The failure of the consumer to be educated about the toys and tools they buy does not imply irresponsibility or incompetance on the part of the manufacturer or developer, especially in cases where patches were made available.

    Just because the American legal system is so screwed up that some stupid woman can successfully sue for spilling coffee on herself does not mean it's rational, morale, or right. It just means the legal system is hopelessly mired in trying to make everyone else responsible for the ignorance of the individual, and that is not right nor reasonable.

    The benefit of mandatory licensing does not outweigh the burden imposed on the free speech of internet users, plain and simple.

    The benefit of free speech does not outweigh the individual's responsibility for their words and actions, nor does it outweigh the general public's right to be protected from the incompetance and ignorance of the few.

    I see no one mandating that anyone not be able to own or use a computer. If you are so uneducated and incompetant that you can't do so safely, you have access to "taxis" like internet terminals and thin-client systems that don't let you screw them up. Your ability to play games, install software, etc. would be lost, but not your right to speak.

    I find it highly amusing how American posters love to hide behind "freedom of speech" and "fair use" platitudes rather than taking responsibility for their actions

  4. Internet "police" on License to Surf, Take Two · · Score: 1

    I agree that taxing the internet resources would be a bad idea, but having an organization of internet "police" whose role is to identify infected systems for the ISPs to disconnect is not a bad idea. If the ISPs or their users fail to cooperate, start pulling the plugs closer to the backbones.

    I have no sympathy at all for those who don't take the time to learn enough about their system to ensure that patches and updates are applied. Most of the backbone floods could be avoided by simply applying patches with a couple weeks of their release.

    Your "right" to free speech stops when it directly impacts the lives of others. Even the racists know there is a line between "free speech" and abuse that exceeds their right to speak.

  5. Dead wrong on License to Surf, Take Two · · Score: 0

    You cannot blame the programmer for users and clients who refuse to apply patches and updates. The vast majority of infections and the perpetual ping flood my firewall blocks are the result of users who don't maintain their systems, not the result of incompetant code.

    Yes, there are cases where a zero-day exploit might affect those who paranoically update their systems, but that isn't what is sucking the bandwidth of the backbones right now. That waste of resources is 99% due to people who are too cheap and/or incompetant to be allowed on the 'net.

    You can't put an unmaintained beater car on the road, and you can't legally drive until you've demonstrated you understand the basics of safe driving. I see no reason why home and corporate users should not be required to demonstrate their ability and willingness to follow similar safety principles for the shared internet resources.

    As to those who create the infection vectors, they're no better than the drunken idiot who careen around a highway with a stolen car, vandalizing anything that catches their fancy.

    If you want to crack systems for the sake of learning how, I say go ahead. If you want to crack systems for the sake of doing damage, then you should be treated as the vandalizing criminal you are and locked up accordingly. Maybe "bubba" can teach you a few lessons your parents forgot to.

  6. You forgot one more option on Mandrake Linux 9.2, Adware Version · · Score: 1

    Support your distro and buy a membership or a shelf-package of Mandrake. At least part of the distro vendor's financial issues are the number of people who never pay for a copy.

  7. Solaris on SCO Run-Time Licenses: Get 'em While They're Hot! · · Score: 1

    SCO says Solaris is safe because of the terms Sun negotiated. That has no bearing on any BSD heritage at all, but on the non-standard licensing terms Sun paid for.

  8. Serious professionals don't pull punches on SCO Run-Time Licenses: Get 'em While They're Hot! · · Score: 3, Interesting

    Serious professionals don't pull punches with their opinions, and stand behind their statements.

    Faced by a "case" that is comprised largely of barratry, fraudulent accusations, and public grandstanding such as SCO is delivering, I see no reason anyone should "watch what you say".

    SCO is going to lose, of that I have no doubt. Darl is going to plead insanity because there is no other way he can hope to avoid jail time in such a massive case of fraud. Those stuck with the stock with cry that the government owes them payback for allowing the fraudulent case to continue, and if it's in the hands of investment corps, they'll turn around and recover their losses on the backs of the consumers.

    This case serves one purpose and one purpose only -- to highlight the utter insanity of the current US legal system with respect to IP law and it's enforcement.

    Or have you not noticed that IP law is the only case where one is guilty until proven innocent, with no way to recover the costs of defending against the barratry? The fact that SCO is being allowed to demand license fees and threaten charges against those who don't pay for their unproven claims is the worst abuse of US law I've seen to date.

    Calling McBride and SCO "asshats" is being extremely polite in the face of their behavior.

  9. Re:terrorist on SCO's Next Target: SGI? · · Score: 1

    You, sir, need to develop a sense of humour -- badly. In case you haven't noticed, I don't kiss the posteriors of the "politically correct". Worse, you are suggesting that people should not speak their mind because some wacko might take it seriously. It'll be a sad, sad day when everyone has to filter their thoughts and speech down to protect the deranged and irrational. Perhaps you also feel we should completely censor all games and media to a level suitable for 12 year olds, seeing as so many parents seem to have abdicated responsibility for those decisions. Personally I consider SCO's actions to be far worse than any damage done by 9/11. The US doesn't need terrorists to destroy the country -- they're doing just fine on their own by supporting a legal system that panders to the kind of fraud and stock abuse being perpetrated by SCO.

  10. Ever watch "Dark Angel"? on Congress Again Considering Database Protection Bill · · Score: 1

    When the miserable future of "Dark Angel" has been made real by corporate greed and government jack-boots, then the US citizens might try to rise up and retake the freedom they so foolishly keep letting go.

    By the time they wake up to what they're doing to themselves, the American Apparatchik will be too firmly entrenched. They will of course claim to be capitalists in a democracy, but you won't be able to tell the difference in the common citizen's life.

  11. Re:It is suggested on Microsoft Settles Be Antitrust Suit for $23.25M · · Score: 3, Insightful

    When your bank balance is in the billions, would you worry about spending less than 1% of the total to avoid the risk of being found guilty in court?

  12. Murderer, Assassin, or Hero? on SCO's Next Target: SGI? · · Score: 2, Interesting

    When someone finally snaps and takes that sniper shot at McBride or turns the SCO headquarters into a fireball, will they be considered a murderer, an assassin, or a hero?

    Or will the world just shrug and be glad someone finally hired an exterminator?

    After all, between SCO and the wrist-slaps Microsoft has been given, it's clear the US legal system is nothing but a toothless sham for sale to the highest bidder. Given SCO's real value, the bid isn't even that high.

  13. First generation on Code Generation in Action · · Score: 1

    If the complexity of your generator is too much for people to maintain, it sounds like you're still working with ad-hoc hard-coded generators. It's helpful, but as you say, it creates a whole new set of code to maintain.

    There are better approaches.

  14. Oh yes it is, it's just not widely accepted yet on Code Generation in Action · · Score: 1

    I've spent the past 7-10 years working with different code generation approaches. My latest R&D efforts meld a variety of the techniques I'd used in previous efforts to provide a code generation engine that has proven flexible enough to produce RDBMS schema scripts, C++, Java, etc.

    Even better, I've been able to work towards a higher level abstraction which allows me to change the architectural "glue" while maintaining a consistant application developer API. (i.e. Choose amongst different RDBMS servers, different network interface technologies, different system architectures, etc.)

    In a sense, I've spent years trying to "teach" my computer to produce code the same way I do by hand. With any luck, it'll be production ready in another few months, and used to service a few early adopters as a test replacement for the offshore junior coders that write the same code by hand.

    The question isn't whether the technology is feasible, but whether I can make a living by providing code factory services.

  15. Re:P.S. on Universal Music To Cut CD Prices · · Score: 1

    Sure I've been unemployed. Not once have I been able to collect UI, because you have to take any job that comes up to qualify. There are always shit jobs out there for minimum wage that you're supposed to take, even if they won't cover the rent and pay less than UI would have.

    The UI program is nothing but a union-led scam, and completely useless to the professional community that is forced to pay into it.

  16. P.S. on Universal Music To Cut CD Prices · · Score: 1

    I really don't care whether it was the fault of tax brackets, UI contributions, CCP, or any of the other dozens of ways the Canadian government picks our pockets clean. The bottom line fact was I had less cash in pocket after the raise, regardless of which government department stole it.

  17. Wrong! on Universal Music To Cut CD Prices · · Score: 1

    You are dead wrong, and I had the pay stubs to prove it several years ago. A $2000 raise pushed me over a tax bracket, which led to me losing almost $100/mo in disposable income -- in other words my "raise" cost me about $1100/year.

    Not that it mattered in the long run -- [i]thousands[/i] were laid off about six months later, myself included.

  18. Re:It's about time on Universal Music To Cut CD Prices · · Score: 1

    Yes, even though the artists don't benefit directly. The fact that the artists are getting boned by bogus contracts and abusive agents doesn't make theft right. With all the info out there about abusive RIAA contracts, I have no sympathy for artists who continue to sign up for the abuse instead of signing with small labels, going independant, or fighting the contract abuses in court. (Don't whine about how small the artists are compared to the RIAA -- they could band together in the lawsuit same as any class action or RICO case.)

    Despite the constant bleating from people trying to justify the downloads and P2P networks, the only moral use for an unauthorized track download is to decide if you want to buy the album -- and deleting the download if you don't buy it.

    I used to buy 5-10 CDs/month. I've bought less than that per year for quite some time, because I refuse to pay the artifically inflated prices. I just keep listening to the same 800-900 CDs I already own...

  19. Re:I wonder what... on Microsoft Longhorn Delayed · · Score: 1

    My point is more that once again, Microsoft's "new" technology has been in production with other companies for many, many years.

  20. I wonder what... on Microsoft Longhorn Delayed · · Score: 1

    Could it be that Bill & co. just realized they were trying to glue their UI abortion on top of a rewrite of IBM's AS400 concept of a database [i]system[/i]?

    Perhaps they realized that doing so would break all the games that are responsible for a huge chunk of Wintendo sales.

    Maybe they've decided to wait for the SCO mess to settle out. After all, if the pressure from Linux were taken off, you can bet Microsoft would stretch out the features from Longhorn over a couple intermediate releases. What better way to pick the pockets of the community again?

    Or perhaps it's the second coming and Bill just realized it'd be easier to port the entire suite of Microsoft applications to Linux than to finish Longhorn in this century.

  21. Six batteries? on Segway Riders Get High on Mount Washington · · Score: 3, Insightful

    Wouldn't carrying six battery packs on a Segway be even more absurd than as trying to carry a couple five-gallon gas cans on a motorcycle?

    What's next -- a shoebox on rollerblades as a "trailer"?

  22. Timing the cable failures on Handling User Grown Machines on a Large Network? · · Score: 2, Interesting

    It's amazing how many students seem to have wiring problems after they crash the local nets on certain campuses. I just wish the same approach could be applied to home users.

    Many of the worms and viruses that bog the net have had patches for months or even years. I say if the patch was out three months ago, cut the user off at their ISP -- permanently.

    You can't drive without a license -- if you can't update, you don't know how to "drive" the internet. And no, I really don't care about the "rights" of the brain-dead to access public resources.

    Even my techno-illiterate parents know enough to keep the virus files and patches up to date -- because they were taught before the machine was ever plugged in to the 'net.

  23. How many 1.6GB HDDs sell nowadays? on Is Linux as Secure as We'd Like to Think? · · Score: 1

    The point is for new users installing on stock, default hardware. Where exactly did you buy a system less than 5 years old with a 1.6GB HDD?

  24. P.S. on Is Linux as Secure as We'd Like to Think? · · Score: 2, Interesting

    I'm not kidding about the install time. A SuSE 8.1 3-disk install was asking for the config details before WinXP was done identifying hardware (same box.)

    Add in the time and hassle of temporarily swapping out NVidia GeForce series video cards to do the initial WinXP install, and the raw-hardware-to-internet time is less than an hour for Linux, and almost 1.5 for WinXP on the same hardware (CUSL2 PIII/933 512M/PC133/CAS2 60G/7200RPM GF2MX.)

  25. Savvy Linux users? on Is Linux as Secure as We'd Like to Think? · · Score: 2, Insightful

    It's not necessary to be all that "savvy" anymore. If you're running a stock box, you can have a SuSE or Mandrake system running on the 'net with a high speed link in less time than it takes to install WinXP.

    Just leave it at the default workstation settings, and answer the questions -- same as you do for Windows.

    Granted it's not set up the way I'd want it, but current releases are pretty damned good for mom & pop who just want to browse the net and read their email. It even helps protect them from the "social engineering" click-me trojans, as most of that junk is engineered for Win32.

    What bothers me more is the mix and match of OS and webserver stats in the main slashdot article. Most desktop Win32 users aren't running IIS, so why would we include Apache breakins and such under Linux when comparing/discussing security?