Just as vulnerable, perhaps. However, with open source software one has the ability to go in and fix the problem rather than waiting for some vendor to do it for you. That's where the power lies -- often, when a vulnerability is discovered, a report is sent out including exploit code and a patch to correct the issue.
That's what makes open source software overall more secure -- the turnaround time with patches is a lot faster.
Okay, so this vulnerability was published and correctedover a month ago. Of course it's still growing; a lot of people still haven't patched their servers. How is that newsworthy? It's been out for quite a while now, anyway, and nothing is different today from yesterday. Nothing horrible has happened, it's just continuing to do what it was designed to do.
Besides which, the impact is a lot less than, say, Code Red which affected a much larger number of machines -- it hit all unpatched IIS servers versus unpatched SSL-enabled Apache servers.
Again, I ask, how is this news? What has changed that made this story worth reporting again?
Cache and so on and so forth
on
When Users Attack
·
· Score: 5, Informative
Obligatory Google cache, though it seems to be largely a picture collection, so it's not too helpful.
According to the news on this page, the URL posted originally belonged to jonnyguru.com. But, unfortunately, the Wayback machine's archive for that site goes back to just after it was displaced, so it appears we're SOL until the server comes back to life.
Open source software is plenty stable -- when it's mature. But, when "one wrong move can cost you millions", can you afford a kernel oops because someone forgot a \n?
See, in this case, the nice part about commercial software is that you have someone to blame, and you at least stand a chance in court (IANAL, but it would be under contract law), so you have an opportunity to recoup your losses. In this case, an "oh yeah, fixed in CVS" isn't good enough.
... SDSL (the Newer T1 service) can do it for you. It *IS* exactly like T1 service...
First, SDSL is not a "newer T1 service", it is a means to transfer data over analog lines using high frequency ranges and comparable rates. A T-1 has 24 64 kilobit lines, is digital end-to-end, and can be used in a number of ways SDSL cannot. For instance, depending on your provider, you could allocate 8 channels for voice and 16 for data, giving you 8 dial tones and 1.0 megabit both ways. You can't do that with SDSL.
Furthermore, SDSL coverage is spotty and rare compared to T-1. Standard DSL distance limitations apply, and the local teleco has to have some fairly new equipment. For businesses (the main consumers of T-1s), SDSL pricing is far higher than for residential. T-1s tend to be more expensive (though not by much), but the level of service with a T-1 is generally much higher than that of a DSL line, which makes for a much more convincing business case.
In short, SDSL is *NOT* "exactly like T1 without the extra costs".
For example, I could have bought and installed a Windows 2000 license for that machine for less than $500, but I wouldn't have been able to also run DNS and DHCP services on it without more software.
Assuming you're talking Windows 2000 Server (you indicated it was a server, after all) you check the little box next to DNS and DHCP during the install procedure and they're installed and ready to be configured out-of-the-box. Or, if you forget, you can go into Add/Remove Components and install them there. Also, if you know what you're doing, both can be configured in a couple of minutes.
I was referring to the following comments on the UPDATE page:
Simone Sagheddu: I'm a new user and so I'm not very expert using mysql. The problem i have is this: "UPDATE table1 INNER JOIN table2 ON table1.fieldname=table2.fieldname SET table1.fieldname = table2.fieldname" generate error 1064: "You have an syntax error in....". Does MySQL support Join using UPDATE keyword?
And:
Carl Furst: What about natural join updates?? If I have two tables and I want to put the value of one fields into another of the same type (tinytext can go into varchar, char and ints can go into blobs or tiny ints etc) couldn't I say something like this???
update table_name set table1.field1=table2.field2 where table1.key=table2.key
this would make life soooo much easier. I know this can't be done in 3.22.23 can it be done in 3.23.23??
Roaming profiles work if you set them up correctly. Terminal server is IMO a huge resource hog and is a waste of licensing.
And as far as deploying the SUS client goes, you can use Group Policy to do it. Group Policy is quite powerful, if you take the time to actually understand it. I dislike Microsoft as much as the next guy (and move as much as possible to *nix), but Microsoft is not a bad choice on a corporate desktop.
Not to flame, but: as someone else had said, I sincerely hope you are not responsible for maintaining a significant number of machines. Ignoring things like Group Policy (because "it's a piece of") results in losing a lot of functionality (like automatic deployment of whatever software you choose) -- but, hey, go around to each machine if you want. Install that software, change that local security policy, add that registry key...
Look. Microsoft thought of these things long before you started complaining about it. If you don't like their solution, fine. There's nothing to stop you from sitting down at all of those hundred machines and setting stuff up manually.
mySQL tends to favor read-intensive activities but is a little weak on write-intensive and transaction stuff.
Agreed. I use MySQL in a few different production environments, and it works great -- speed is good (even on old, old hardware) and the flexibility is excellent (different formats on a per-table basis). However, I find the SQL implementation somewhat lacking.
UNION support is a little late -- why did it take until 4.0.0 to implement? Furthermore, the lack of subselects makes everyday activities such as multi-table UPDATEs a little arcane. (Read the "it can't be done this way" comments on the bottom to see what I mean. AFAIK the only solution is to create a new table, do an INSERT... SELECT on your source tables, DROP the first table, and rename the temporary table. Very, very icky.)
MySQL also lacks triggers and views -- views are kind of handy, but if given subselects, can usually be done without. Triggers, though, give one a way to enforce logic (say, relational integrity), which would be very nice to have.
Oh well. I really would like to have my cake, but I guess I'll settle for eating it...
How about using Software Update Services? Takes you ten seconds to click on the update, download it to your local SuS server, and have it automatically installed onto all of the clients with whatever parameters (install at 3:00 AM and automatically reboot, install silently in the background and prompt, etc.) you specify.
Look, you may simply be blindly bashing Microsoft, but they actually do have some decent administrative tools. Ever hear of "Group Policy"?
Believe it or not, people have thought of this a long time ago. Code 128A and B allow an alphanumeric string of any length, while Code 128C is optimized for numbers. No limit on length, except for possibly the scanner.
Basic information as to how this particular system works: the scanner returns a series of numbers between 0-127. The software then determines based on the lead-in information what code is used initially and checks for control codes (so you can switch from 128B to 128C for a string of numbers and back for a letter or two). Each sub-code (A, B, C) has a different "character set" if you will; code 128C consists of all possible two digit numbers (and control codes), so a 12-digit Code 128 barcode is comparable in size to a standard UPC.
Wait, didn't Sony claim the Playstation 2 could do movie-quality graphics in realtime? Ah, here's a copy of the press release, back three years ago. The second paragraph reads:
The current PlayStation introduced the concept of the Graphics Synthesizer via the real-time calculation and rendering of a 3D object. This new GS rendering processor is the ultimate incarnation of this concept - delivering unrivalled graphics performance and capability. The rendering function was enhanced to generate image data that supports NTSC/PAL Television, High Definition Digital TV and VESA output standards. The quality of the resulting screen image is comparable to movie-quality 3D graphics in real time.
No one knows what sort of data they're sharing... and there's no way to track the users of the system
You could always send queries with a "hops to live" of zero, meaning the destination node is the only node that will answer the request. If you get an error, then it's not stored on that node. If you start getting data back, then it's obviously stored on that node, and you can sue them -- even if they didn't request it. (Which is one thing Freenet does insure; data is moved around without the user's intervention.) Said node is storing it and helping to distribute it, which is cause enough to slam somebody in jail for fifty years... right?
But enter a search key and a number of hosts will send you their portion of the file.
Wrong. Freenet doesn't work that way. One host returns data per key, but you can aggregate requests if one file is split up into multiple keys.
However, freenet is still in development, so buyer beware.
Freenet has been having, erm, problems. (As usual.) Somebody comes up with a fix for some obscure but heinous bug, checks it into CVS, and then once most of the network upgrades the performance is worse than before the fix or routing enhancement or what have you. Can't blame the developers, but Freenet isn't anywhere near up to par compared to even the old-school Gnutella clients.
Surely there are damages. Bandwidth may not be as expensive as paper, but possible productivity used to delete spam is costly. Besides which, the porno spammers could get sued for lots of money by the parents of minors...
Can it really be true that the best tool we have for heavy duty computing is a 25 year old language, or have you found anything better - free or non-free?
How about SQL? Depends on the type of heavy duty computing, I guess.
Slashdot Mirror
Just as vulnerable, perhaps. However, with open source software one has the ability to go in and fix the problem rather than waiting for some vendor to do it for you. That's where the power lies -- often, when a vulnerability is discovered, a report is sent out including exploit code and a patch to correct the issue.
That's what makes open source software overall more secure -- the turnaround time with patches is a lot faster.
Okay, so this vulnerability was published and corrected over a month ago. Of course it's still growing; a lot of people still haven't patched their servers. How is that newsworthy? It's been out for quite a while now, anyway, and nothing is different today from yesterday. Nothing horrible has happened, it's just continuing to do what it was designed to do.
Besides which, the impact is a lot less than, say, Code Red which affected a much larger number of machines -- it hit all unpatched IIS servers versus unpatched SSL-enabled Apache servers.
Again, I ask, how is this news? What has changed that made this story worth reporting again?
Obligatory Google cache, though it seems to be largely a picture collection, so it's not too helpful.
According to the news on this page, the URL posted originally belonged to jonnyguru.com. But, unfortunately, the Wayback machine's archive for that site goes back to just after it was displaced, so it appears we're SOL until the server comes back to life.
Oh well...
Open source software is plenty stable -- when it's mature. But, when "one wrong move can cost you millions", can you afford a kernel oops because someone forgot a \n?
See, in this case, the nice part about commercial software is that you have someone to blame, and you at least stand a chance in court (IANAL, but it would be under contract law), so you have an opportunity to recoup your losses. In this case, an "oh yeah, fixed in CVS" isn't good enough.
Furthermore, SDSL coverage is spotty and rare compared to T-1. Standard DSL distance limitations apply, and the local teleco has to have some fairly new equipment. For businesses (the main consumers of T-1s), SDSL pricing is far higher than for residential. T-1s tend to be more expensive (though not by much), but the level of service with a T-1 is generally much higher than that of a DSL line, which makes for a much more convincing business case.
In short, SDSL is *NOT* "exactly like T1 without the extra costs ".
Assuming you're talking Windows 2000 Server (you indicated it was a server, after all) you check the little box next to DNS and DHCP during the install procedure and they're installed and ready to be configured out-of-the-box. Or, if you forget, you can go into Add/Remove Components and install them there. Also, if you know what you're doing, both can be configured in a couple of minutes.
And:
Roaming profiles work if you set them up correctly. Terminal server is IMO a huge resource hog and is a waste of licensing.
And as far as deploying the SUS client goes, you can use Group Policy to do it. Group Policy is quite powerful, if you take the time to actually understand it. I dislike Microsoft as much as the next guy (and move as much as possible to *nix), but Microsoft is not a bad choice on a corporate desktop.
Not to flame, but: as someone else had said, I sincerely hope you are not responsible for maintaining a significant number of machines. Ignoring things like Group Policy (because "it's a piece of") results in losing a lot of functionality (like automatic deployment of whatever software you choose) -- but, hey, go around to each machine if you want. Install that software, change that local security policy, add that registry key...
Look. Microsoft thought of these things long before you started complaining about it. If you don't like their solution, fine. There's nothing to stop you from sitting down at all of those hundred machines and setting stuff up manually.
Agreed. I use MySQL in a few different production environments, and it works great -- speed is good (even on old, old hardware) and the flexibility is excellent (different formats on a per-table basis). However, I find the SQL implementation somewhat lacking.
UNION support is a little late -- why did it take until 4.0.0 to implement? Furthermore, the lack of subselects makes everyday activities such as multi-table UPDATEs a little arcane. (Read the "it can't be done this way" comments on the bottom to see what I mean. AFAIK the only solution is to create a new table, do an INSERT
MySQL also lacks triggers and views -- views are kind of handy, but if given subselects, can usually be done without. Triggers, though, give one a way to enforce logic (say, relational integrity), which would be very nice to have.
Oh well. I really would like to have my cake, but I guess I'll settle for eating it...
How about using Software Update Services? Takes you ten seconds to click on the update, download it to your local SuS server, and have it automatically installed onto all of the clients with whatever parameters (install at 3:00 AM and automatically reboot, install silently in the background and prompt, etc.) you specify.
Look, you may simply be blindly bashing Microsoft, but they actually do have some decent administrative tools. Ever hear of "Group Policy"?
Know the facts.
A few, yes. Not most of them though, and not the ones of the actual mod.
I neutered the page a little bit (stripped the thousands of lines of comments, changed image URLs, etc.) and is now posted. Same place.
:)
So, if anyone wants to translate it, now is the time.
No text (it's in Korean), but I have almost all of the pictures.
See here.
Believe it or not, people have thought of this a long time ago. Code 128A and B allow an alphanumeric string of any length, while Code 128C is optimized for numbers. No limit on length, except for possibly the scanner.
Basic information as to how this particular system works: the scanner returns a series of numbers between 0-127. The software then determines based on the lead-in information what code is used initially and checks for control codes (so you can switch from 128B to 128C for a string of numbers and back for a letter or two). Each sub-code (A, B, C) has a different "character set" if you will; code 128C consists of all possible two digit numbers (and control codes), so a 12-digit Code 128 barcode is comparable in size to a standard UPC.
Silly people.
All the concrete in the airports have been doing this for years. Ever hear of urban heat islands?
You could always send queries with a "hops to live" of zero, meaning the destination node is the only node that will answer the request. If you get an error, then it's not stored on that node. If you start getting data back, then it's obviously stored on that node, and you can sue them -- even if they didn't request it. (Which is one thing Freenet does insure; data is moved around without the user's intervention.) Said node is storing it and helping to distribute it, which is cause enough to slam somebody in jail for fifty years... right?
Wrong. Freenet doesn't work that way. One host returns data per key, but you can aggregate requests if one file is split up into multiple keys.
Freenet has been having, erm, problems. (As usual.) Somebody comes up with a fix for some obscure but heinous bug, checks it into CVS, and then once most of the network upgrades the performance is worse than before the fix or routing enhancement or what have you. Can't blame the developers, but Freenet isn't anywhere near up to par compared to even the old-school Gnutella clients.
Nifty. Some quick Googling resulted in an MPEG and a suggested retail of $100, but the more common price being $85 (such as this site).
I may have to get one of those.
So, wait, if there's only a handful of spammers that account for 90% of the spam in my inbox, when do they get a 5.4 million dollar fine?
Surely there are damages. Bandwidth may not be as expensive as paper, but possible productivity used to delete spam is costly. Besides which, the porno spammers could get sued for lots of money by the parents of minors...
Besides, then you can get said enemy all scared about aliens and stuff. That's always good.