None of those high profile vulnerabilities would have affected the linux desktops being used by munich, and would not have affected most default installations either.
Heartbleed affected openssl, and affected a lot of operating systems (including windows) where software using the library is installed. In fact the problem is often worse on windows because you have random third party applications which bundle their own (often outdated) version of openssl which becomes a pain to update. On linux you typically have a single version centrally installed by the system which is easily updated by the package manager.
Shellshock also affected multiple operating systems, and while technically many linux systems came with a vulnerable version of bash there was usually no vector to actually reach the vulnerability.
Dirty cow is a privilege escalation, so it requires that you actually have some privileges in the first place in order to exploit it.
The vulnerabilities in SMB affected all windows versions in active use, in a service that is enabled by default and difficult to turn off.
but the monthly discount is laughably low on it so it's obvious that the difference between that plan and a full featured plan isn't the actual cost of the phone
There are various ways the carrier can offer lower prices this way than you would get if you bought the phone directly...
The carrier doesn't need to profit from the sale of the phone, as they are already profiting from the service. No retailer overheads on the handset etc. The carrier has a lot more buying power than you do, phone manufacturers will offer steep discounts to a carrier looking to buy 500k units. The carrier doesn't have to pay sales tax etc on the phones they buy.
You may find that the actual cost of the phone is a lot lower than you expect.
But i do find carrier locks offensive... If i bought the phone it should be mine to do with as i please. There are already penalties in place for breaching the contract, but why should someone who obeys the contract terms be punished? If i'm still paying the monthly fee it should be no business of theirs what i do with the handset.
Have you never worked with people who slacked off all day in the office and got nothing done? Or those who stay late to give the impression that they're working harder? Many people do both of the above, sit around slacking off in the office for a long time which fools people into thinking they're working hard when in reality they're on facebook or slashdot etc..
Workers slacking off is not unique to home workers.
At least around here, most employers are concentrated in a few small areas which contain pretty much only offices... Residential properties generally become smaller, fewer and more expensive the closer you get to these business districts.
For the price of a small cramped apartment within commuting distance, i could get a large house with land a few hours away.
Informal chatter can also be done in a text based medium, so you have a record of it which you can refer to later... People forget things, if you tell them face to face and they forget they have to come back and ask you again. If it's logged somewhere they can just refer to it, no having to remind someone and none of this "i thought you said..." when theres a record of exactly what you did say.
Most businesses seem keen to locate their offices in the business districts of large cities... When you have densely packed offices in one area which all open at the same time there will always be huge traffic congestion at opening and closing time.
I would be far more inclined to come into the office if it was located somewhere i could find reasonable affordable housing nearby.
Using time and resources to make employees who could just as well work from home come sit in an office is the very opposite of productive.
Exactly... The typical business districts in major cities are expensive, both to locate your office there and to live within reasonable commuting distance... Plus the time spent commuting is utterly wasted and provides no benefit to anyone.
And a game that becomes unplayable without a centralised server... So you can't play it with poor or no connectivity, can't play it after the company shuts the servers down etc. Look what happened recently with simcity.
Capitalism is inherently unethical... Why would these companies perform a security review (which costs money and reduces profit) unless they are forced to? Clients don't demand it, laws don't mandate it, its just a cost with no benefit. It's much cheaper to threaten anyone who finds and exploits the holes, as the enforcement of those threats will be carried out by the police who aren't on your payrole.
On the contrary, you use whatever information you have available to you and white hats are more likely to be *given* information as part of a legitimate sanctioned pentest.
When an organisation is paying for someone's time, its pointless paying them to spend time finding out information you could just have given them. Insider threats can and do happen, information does become available, and by giving that information to your paid testers you make better use of the available resources.
Information about your network or code should not result in it being compromised, and won't unless there are serious flaws lurking somewhere.
In the days of a 486 there was no such thing as a "core", it would be a "per physical cpu" license if anything... And you could always create a VM on any modern hardware which only exposed a single core to the guest OS.
NFS is much easier to set up (single line config and start the service) and works better with kodi... I can't imagine going to the trouble of installing samba for a scenario like this.
They would have been better off if they'd continued to develop Alpha instead of IA64... Existing customer base, existing software, existing compilers, existing x86 emulation, existing older models available cheaply for hobbyists and open source developers to buy etc...
The money spent on developing IA64 should have been invested in Alpha instead.
It's not that they couldn't increase the frequency, it's that they chose not to... Motorola thought PowerPC was the future, and many of their m68k customers abandoned them to move to other architectures (or in many cases develop their own). If anything, m68k would have been easier to scale than x86, but motorola wanted a clean break and not to be held back by legacy baggage (even tho their legacy baggage wasn't as heavy as intel's).
2 is an important point... Apple changes their power connectors (magsafe, magsafe2, usb-c) but not nearly as often as other manufacturers.. Getting a replacement power supply for an other brand laptop can be a huge pain.
Or due to their minority status they found it easier to get another (better pay/conditions) job at another company who wanted to satisfy their diversity quota.
I can turn the question around: If you hire me to do some work in your house, would you be ok if I cleaned the next doors swimming pool during that time?
And the answer is: it depends.
If i hired you to do some DIY work on my house and i was paying you for the job, you said the job would be complete in X days / by X date, and your activities on the side didn't impede your ability to meet that deadline then sure, i wouldn't care.
If i was paying you by the hour then i would generally expect not to pay you for the hours you were doing something else, but if you billed 8 hours a day, spent 4 hours in the morning working, went to do something else for 4 hours then came back and did another 4 i'd have no problem with it... Similarly if you billed 8 hours a day but worked 6 hours some days and 10 on other days, if it averaged out to around the rate i was paying i'd have no problem. Also if you were unable to do any work for some reason outside of your control (eg you're waiting for materials and cannot do anything until they arrive) i'd have no problem with you doing something else rather than just sitting around doing nothing.
There's a lot to be said for flexibility, providing it cuts both ways.
In the UK it's actually much harder to fire someone than in the US, due to the various employment laws, although employees need to be aware of the law and stand up for their rights. In the US you can generally fire someone at any time for any reason... In the UK you have to have a justifiable reason, and except in cases of gross misconduct you have to have given the employee both verbal and written warnings as well as having given them a chance to improve (ie in the case of incompetence).
The employment agreement does not imply that you will be given increased compensation for doing more work...
On the other hand, if you are paid the same as your peers then it's reasonable to perform a similar level of work. If you are more skilled than your peers then you should either be able to complete the same amount of work to the same standard in less time than they do and have some free time, or you should be paid more if you're completing more work in the same time.
If the employee in question is performing to a similar level as his peers on a similar salary, and he's not doing anything which damages the company or his colleagues then there's no justification to fire him as he's every bit as useful to the company as his colleagues.
Slashdot Mirror
None of those high profile vulnerabilities would have affected the linux desktops being used by munich, and would not have affected most default installations either.
Heartbleed affected openssl, and affected a lot of operating systems (including windows) where software using the library is installed. In fact the problem is often worse on windows because you have random third party applications which bundle their own (often outdated) version of openssl which becomes a pain to update. On linux you typically have a single version centrally installed by the system which is easily updated by the package manager.
Shellshock also affected multiple operating systems, and while technically many linux systems came with a vulnerable version of bash there was usually no vector to actually reach the vulnerability.
Dirty cow is a privilege escalation, so it requires that you actually have some privileges in the first place in order to exploit it.
The vulnerabilities in SMB affected all windows versions in active use, in a service that is enabled by default and difficult to turn off.
but the monthly discount is laughably low on it so it's obvious that the difference between that plan and a full featured plan isn't the actual cost of the phone
There are various ways the carrier can offer lower prices this way than you would get if you bought the phone directly...
The carrier doesn't need to profit from the sale of the phone, as they are already profiting from the service.
No retailer overheads on the handset etc.
The carrier has a lot more buying power than you do, phone manufacturers will offer steep discounts to a carrier looking to buy 500k units.
The carrier doesn't have to pay sales tax etc on the phones they buy.
You may find that the actual cost of the phone is a lot lower than you expect.
But i do find carrier locks offensive... If i bought the phone it should be mine to do with as i please. There are already penalties in place for breaching the contract, but why should someone who obeys the contract terms be punished? If i'm still paying the monthly fee it should be no business of theirs what i do with the handset.
It works better for some than others, but then traditional office spaces don't work for some people either.
It's good to have options available, and let the staff choose what works best for them.
And how do those virtual machines provide access to the ISA cards your 16-bit application requires?
Have you never worked with people who slacked off all day in the office and got nothing done?
Or those who stay late to give the impression that they're working harder?
Many people do both of the above, sit around slacking off in the office for a long time which fools people into thinking they're working hard when in reality they're on facebook or slashdot etc..
Workers slacking off is not unique to home workers.
At least around here, most employers are concentrated in a few small areas which contain pretty much only offices... Residential properties generally become smaller, fewer and more expensive the closer you get to these business districts.
For the price of a small cramped apartment within commuting distance, i could get a large house with land a few hours away.
Informal chatter can also be done in a text based medium, so you have a record of it which you can refer to later...
People forget things, if you tell them face to face and they forget they have to come back and ask you again. If it's logged somewhere they can just refer to it, no having to remind someone and none of this "i thought you said..." when theres a record of exactly what you did say.
Most businesses seem keen to locate their offices in the business districts of large cities... When you have densely packed offices in one area which all open at the same time there will always be huge traffic congestion at opening and closing time.
I would be far more inclined to come into the office if it was located somewhere i could find reasonable affordable housing nearby.
Using time and resources to make employees who could just as well work from home come sit in an office is the very opposite of productive.
Exactly... The typical business districts in major cities are expensive, both to locate your office there and to live within reasonable commuting distance... Plus the time spent commuting is utterly wasted and provides no benefit to anyone.
Not to mention all the default unpassworded accounts that IRIX came with...
And a game that becomes unplayable without a centralised server...
So you can't play it with poor or no connectivity, can't play it after the company shuts the servers down etc. Look what happened recently with simcity.
Capitalism is inherently unethical...
Why would these companies perform a security review (which costs money and reduces profit) unless they are forced to?
Clients don't demand it, laws don't mandate it, its just a cost with no benefit. It's much cheaper to threaten anyone who finds and exploits the holes, as the enforcement of those threats will be carried out by the police who aren't on your payrole.
On the contrary, you use whatever information you have available to you and white hats are more likely to be *given* information as part of a legitimate sanctioned pentest.
When an organisation is paying for someone's time, its pointless paying them to spend time finding out information you could just have given them. Insider threats can and do happen, information does become available, and by giving that information to your paid testers you make better use of the available resources.
Information about your network or code should not result in it being compromised, and won't unless there are serious flaws lurking somewhere.
In the days of a 486 there was no such thing as a "core", it would be a "per physical cpu" license if anything...
And you could always create a VM on any modern hardware which only exposed a single core to the guest OS.
And many of these will also be too old to contain the vulnerability...
NFS is much easier to set up (single line config and start the service) and works better with kodi... I can't imagine going to the trouble of installing samba for a scenario like this.
They would have been better off if they'd continued to develop Alpha instead of IA64...
Existing customer base, existing software, existing compilers, existing x86 emulation, existing older models available cheaply for hobbyists and open source developers to buy etc...
The money spent on developing IA64 should have been invested in Alpha instead.
North Korea already have their own government controlled and regulated internet...
It's not that they couldn't increase the frequency, it's that they chose not to...
Motorola thought PowerPC was the future, and many of their m68k customers abandoned them to move to other architectures (or in many cases develop their own).
If anything, m68k would have been easier to scale than x86, but motorola wanted a clean break and not to be held back by legacy baggage (even tho their legacy baggage wasn't as heavy as intel's).
In the app store settings, "check for updates" - turn it off...
2 is an important point... Apple changes their power connectors (magsafe, magsafe2, usb-c) but not nearly as often as other manufacturers.. Getting a replacement power supply for an other brand laptop can be a huge pain.
Or due to their minority status they found it easier to get another (better pay/conditions) job at another company who wanted to satisfy their diversity quota.
I can turn the question around: If you hire me to do some work in your house, would you be ok if I cleaned the next doors swimming pool during that time?
And the answer is: it depends.
If i hired you to do some DIY work on my house and i was paying you for the job, you said the job would be complete in X days / by X date, and your activities on the side didn't impede your ability to meet that deadline then sure, i wouldn't care.
If i was paying you by the hour then i would generally expect not to pay you for the hours you were doing something else, but if you billed 8 hours a day, spent 4 hours in the morning working, went to do something else for 4 hours then came back and did another 4 i'd have no problem with it... Similarly if you billed 8 hours a day but worked 6 hours some days and 10 on other days, if it averaged out to around the rate i was paying i'd have no problem.
Also if you were unable to do any work for some reason outside of your control (eg you're waiting for materials and cannot do anything until they arrive) i'd have no problem with you doing something else rather than just sitting around doing nothing.
There's a lot to be said for flexibility, providing it cuts both ways.
In the UK it's actually much harder to fire someone than in the US, due to the various employment laws, although employees need to be aware of the law and stand up for their rights.
In the US you can generally fire someone at any time for any reason... In the UK you have to have a justifiable reason, and except in cases of gross misconduct you have to have given the employee both verbal and written warnings as well as having given them a chance to improve (ie in the case of incompetence).
The employment agreement does not imply that you will be given increased compensation for doing more work...
On the other hand, if you are paid the same as your peers then it's reasonable to perform a similar level of work. If you are more skilled than your peers then you should either be able to complete the same amount of work to the same standard in less time than they do and have some free time, or you should be paid more if you're completing more work in the same time.
If the employee in question is performing to a similar level as his peers on a similar salary, and he's not doing anything which damages the company or his colleagues then there's no justification to fire him as he's every bit as useful to the company as his colleagues.