Sounds bogus to me, since it was only brought up as an issue after they couldn't get him on misuse of company property.
That doesn't make it bogus at all - if I were going to fire somebody, I'd look for the clearest way to get the firing through HR. Misuse of company property is harder to fight. Also, it may not have been decided whether to fire or discipline based on taking a picture.
Hell, just look through the archives at What Really Happened -- the history the gov't hopes you don't learn. The guy running the show may be a crackpot, may not. I'll keep my own opinions on the matter private, but there's plenty o' links in his archives about ChoicePoint (among a great many other things). If nothing else, it's something to think about. Just for a reference point, I read foxnews.com and newsmax.com as well. I don't like only seeing one side of the story. Most likely, neither side is the truth.
I'm not so sure that it'd be that easy. A lot of users will install a en_US application (when there's no localized release) on other language distributions. Since the Classic MacOS didn't use Unicode, neither does HFS+. It seems like there would be problems when moving filesystems or applications between systems with different collations and equivalences.
There are other issues that I didn't go in to -- the major one is case-sensitivity, but there are issues with resource forks (AppleSingle or AppleDouble formats on disk, not sure how it's actually handled) and with extended attributes (the various type and creator bits, etc.). My guess is that Yellow Box or (most) Carbon apps will run fine with UFS, but Bluebox (Classic) applications are much more likely to have problems, if the bluebox even loads at all.
Just for reference, I haven't tested this by installing on UFS (but I think that I'm going to give it a try), so I'm just pulling this right out of my arse.
Only for security fixes. Most fixes to libc are fixes for 1-in-a-million bugs. Security fixes that need every service to be restarted are rare. Also, if it's a constrained problem (like the gethostbyname() example), if you understand your system, you know what services are affected. Actually, a good percentage of Sun patches are for problems in libraries that were exposed by the Java VM.;) No need to restart the system for most of those.
The point is that if you can't reboot, it doesn't mean that you have to wait to apply a critical security fix (generally)... unlike Windows, or Mac OS X, with their limited filesystems.
Depends on the patch. Depends on *why* you patched it too. The old libc still exists on disk, and running processes still use it. If you're trying to get a security fix in libc, like a fix in gethostbyname() where a rogue DNS server could smash the stack, you need to restart any processes that use that function. Usually, security fixes don't occur at that level, or are very tightly bound. The kernel doesn't use libc -- no reboot needed.
It breaks quite a few things, actually. HFS+, HFS (and the truly ancient MFS) all have one major limitation: filenames are not case-sensitive. (How the hell you localize *that* I don't know...) On UFS, filenames are. So, we've got applications (particularly in the blue box) that open a file named "preferences" -- but the file was actually created as "Preferences". On UFS, not the same file. On HFS, it is.
It's sloppy-ass programming, but it's fairly common in the Macintosh world.
I call bullshit, actually. IE for the Mac is a steaming pile in one respect: SSL. A standard apache configuration with mod_ssl can't talk to a Mac running IE, any recent version, OS X or Classic. If you disable SSLv3 or certain ciphers, you can make it work. Not what I consider acceptable.
Bullshit. Just because you're paranoid, it doesn't mean they aren't out to get you. At work, we've had to deal with data that had privacy limitation on the order of disabling all output devices. No printer, no network, no floppy, no CD, and no USB ports, and the data itself was on a PGP disk.
For testing, you can set up a *private* routed internet (not the Internet, an internet) that the development machines are connected to, and separate boxes for non-code activity (documentation that isn't local, downloading a patch, updating the MS Project files, whatever). Any documentation that's needed (MSDN) can be loaded on a local server that's not internet-connected and then accessed over the network. Local instant messaging for the developers with Jabber and private email systems for code-related crap.
Paranoia is a good thing. If the only assets your company has are that ephemeral and easy to duplicate, you do what has to be done to protect it. Canary traps generated by a few custom mods to CVS might not be a bad idea either (so we can tell who leaked the code).
That'd be dependent on yer config, there, sonny. If you leave it at that thar dee-fault configuraration, it drives on over to the MSN search page. I reckon the option in question is "Internet Options -> Advanced -> Search From Address Bar."
IIRC, by default it's set to "Display results and go to the most likely site." It may be set by default to "Just display the results."
Now, if y'all are on a Mac, all bets are off. Been that way since it came out, my ass. Create a new user profile on your box and see what the default is, boy.
Ah, hell, I shouldn't feed the trolls, but this looks like fun... No, I don't remember the name of the company that ported it. I do remember SCO shipping it. IIRC, there are ports to HP/UX, Solaris, Tru64/OSF, and probably other systems.
I don't think that it's likely that it crashed for that reason -- older boxes (UNIX and otherwise) could be taken down with a traffic flood as well, and if they're older boxes on a 100M network, you could probably crush them fairly easily with just random packets.
I also do know that SCADA (sorry about the horrible page design, but can't be arsed to find a better link) systems in use by utility companies do use DCOM for communication between nodes. Example: iPower.
I also choose to continue using the word port. Deal with it.
Keep in mind that SCO (IIRC) and other vendors have shipped and used DCOM libraries for UNIX systems, as part of MS's (aborted) strategy to use DCOM to enable the enterprise... just like.NET now. Any non-Windows non-ia32 system wouldn't be exploitable (well, not by the existing worm), but may well be DoSable.
Just because it's Unix doesn't mean that it's not Microsoft's fault.;) I'll freely admit that I don't know that this is the case, but I do know that DCOM was ported to UNIX systems, and this seems a logical result.
Please, please, please: killall is *not* the same on Linux systems and everywhere else. On (most?) Linux systems, killall will basically grep the process table for a pattern (killall $pattern) and kill the processes that match.
On most UNIX systems, killall is somewhat less selective. Typing 'killall metacity' on a Solaris system, for example, will send a kill signal to every process on the system. If you're not root, you "only" commit suicide on your own processes. If you're root, say goodnight. On OpenBSD, killall doesn't exist.
A better alternative is to use pkill. Check the man page for your system.
I don't think that the goal is to copy their content -- 'tis to create new content, or to be able to use the player for my own content. If I have a recorded television show (time-shifted, if you will), why shouldn't I be able to put it on the appropriate media and watch it on the bus with this little thingamajig? Why should I respect a lock on hardware that I have purchased?
No, that's not the point. The interface I use *is* for ME. If a given distribution decided to "standardize" on a single environment, good for them. I may or may not choose to use it. In fact, RH seems to be going that way. That's fine. I still have choice -- I can use Debian. Or, I can use a KDE application inside Gnome. Would it be the default app, since it won't "match"? No. But I would still have the choice for myself.
You will pry the xterm and bash from my cold, dead fingers. And WindowMaker had better still be around too.
The "iRock?" $DEITY, do they wish to invite down the wrath of Jobs by copying one of his pretty playthings? Was this an actual device attached, or is this a UI mockup?
As they said on the Simpsons, "It's the Shinnin', boy, do ye want to get sued?"
I'm not advocating that law -- I'm talking about use of laws that already exist. It is negligence to not fix this, especially something this high-profile.
If you're running Windows 2000 or XP, there is notification of updates from Microsoft. You are told that an update is available, it offers to download it for you... unless you have explicitly turned this off. By doing so, you make a choice.
Practically, suing the majority of the population will not happen, can't happen, and shouldn't happen. It does not absolve those people of the responsibility to prevent their systems from damaging others. People had almost a month after this patch was available to update. That's negligence, and it has caused damage. This specific worm isn't the best example.
Here's a hypothetical for you -- BigCorp is running Windows, has no firewall, and has not patched it's 8,000 desktops in 42 locations in over a year. A worm hits this corporation, and proceeds to DoS the root name servers from 42 different network feeds on different ISPs, taking out what most people call the Internet, for all practical purposes. Your company is doing B2B shit over VPNs ont he Interweb. You are down for 6 hours, causing you to lose a contract worth over a million $$. Are they liable in any way, or is ignorance a valid excuse?
Like I said, I don't want laws. The negligence is a civil tort, much as if your dog chewed on a three-year-old's arm when you didn't have it properly tied up. You had a responsibility to control that animal. You have a responsibility to make sure that the brakes work on your car. You have a responsibility to patch your systems.
See some of my other posts about this. I buy a CD from cheapbytes -- does this make someone liable? OpenBSD CDs are another good example.
If you really want something interesting, look at the theories in the security community about SCADA systems, Windows DCOM bugs, and the Great Blackout(tm). I still will not grant that MS should be liable, even if that massive clusterfuck was because of a bug in their software. It was a known bug, and not patching it was criminal negligence on the part of the user, not the manufacturer. (Assuming, of course, that the DCOM bug has something to do with it, of which we'll probably never know. We'll never know because too many large donors to the administration own energy companies, who could be liable for anything except a freak accident.)
Where do you draw the line? Just because I get a free car (in a hypothetical contest) does not mean that the company does not have liability. Price is not a good dividing line.
Cheapbytes will sell me a CD with Debian. Is Cheapbytes now liable for defects in Debian? I can buy an OpenBSD CD, and in fact am encouraged to do so by Theo. Is that now commercial software?
IE is a free download. Is it commercial software? [Note that IE is not only for Windows, there is a (neglected) IE for UNIX systems and a Mac version].
Once the government is involved, all bets are off. My libertarian tendencies come out on this one. The feds need to stay out of this. If they get involved, it won't be to create liability for the (large donor) software companies like Microsoft, they will create additional restrictions on the market, like the SSSCA or requiring other "Trusted Computing" technologies (palladium, but without being able to turn it off) in all computers sold.
And about the name-calling, I hadn't had my coffee yet. Never in a good mood without coffee. Once, I even ordered my wife to go clean the "fucking bathroom" before I had coffee. After my bones knit, I never did that again.
By law? No. But if their negligence causes significant damage, it is a civil tort. As much as I don't like the USian sue-everybody attitude, it has it's uses. I don't want the government involved either, but people have to take responsibility for their action, or for their inaction.
They also don't want to upgrade their car or their dishwasher to add capabilities -- like installing new software. I can just imagine the call to BMW now... "Well, the car stopped working correctly after I installed the new hovercraft attachment, and I need you to fix this now." That shit doesn't happen, because you don't expect the car manufacturer to give you new functionality. What software updates (or say, installing a new game, which most home users demand) do is add new functionality to a device. You can't compare that to a dishwasher, unless you can install a mod in your dishwasher to let it wash clothes or the cat.
I'm going to leave the "resistance from arrogant fucks like you..." alone, but would you buy a computer that you can't add software to? Would you then complain that even though it just works, for the exact things you bought it for, you can't run the new Flash XP-MX-27.3?
Slashdot Mirror
What's your point?
Eh, I was bullshitting. The blog was down, so I couldn't read the original post. I just know what you generally have to go through to fire someone.
Hell, just look through the archives at What Really Happened -- the history the gov't hopes you don't learn. The guy running the show may be a crackpot, may not. I'll keep my own opinions on the matter private, but there's plenty o' links in his archives about ChoicePoint (among a great many other things). If nothing else, it's something to think about. Just for a reference point, I read foxnews.com and newsmax.com as well. I don't like only seeing one side of the story. Most likely, neither side is the truth.
There are other issues that I didn't go in to -- the major one is case-sensitivity, but there are issues with resource forks (AppleSingle or AppleDouble formats on disk, not sure how it's actually handled) and with extended attributes (the various type and creator bits, etc.). My guess is that Yellow Box or (most) Carbon apps will run fine with UFS, but Bluebox (Classic) applications are much more likely to have problems, if the bluebox even loads at all.
Just for reference, I haven't tested this by installing on UFS (but I think that I'm going to give it a try), so I'm just pulling this right out of my arse.
The point is that if you can't reboot, it doesn't mean that you have to wait to apply a critical security fix (generally)... unlike Windows, or Mac OS X, with their limited filesystems.
Depends on the patch. Depends on *why* you patched it too. The old libc still exists on disk, and running processes still use it. If you're trying to get a security fix in libc, like a fix in gethostbyname() where a rogue DNS server could smash the stack, you need to restart any processes that use that function. Usually, security fixes don't occur at that level, or are very tightly bound. The kernel doesn't use libc -- no reboot needed.
It's sloppy-ass programming, but it's fairly common in the Macintosh world.
I won't go into reboots.
I call bullshit, actually. IE for the Mac is a steaming pile in one respect: SSL. A standard apache configuration with mod_ssl can't talk to a Mac running IE, any recent version, OS X or Classic. If you disable SSLv3 or certain ciphers, you can make it work. Not what I consider acceptable.
For testing, you can set up a *private* routed internet (not the Internet, an internet) that the development machines are connected to, and separate boxes for non-code activity (documentation that isn't local, downloading a patch, updating the MS Project files, whatever). Any documentation that's needed (MSDN) can be loaded on a local server that's not internet-connected and then accessed over the network. Local instant messaging for the developers with Jabber and private email systems for code-related crap.
Paranoia is a good thing. If the only assets your company has are that ephemeral and easy to duplicate, you do what has to be done to protect it. Canary traps generated by a few custom mods to CVS might not be a bad idea either (so we can tell who leaked the code).
IIRC, by default it's set to "Display results and go to the most likely site." It may be set by default to "Just display the results."
Now, if y'all are on a Mac, all bets are off. Been that way since it came out, my ass. Create a new user profile on your box and see what the default is, boy.
I don't think that it's likely that it crashed for that reason -- older boxes (UNIX and otherwise) could be taken down with a traffic flood as well, and if they're older boxes on a 100M network, you could probably crush them fairly easily with just random packets.
I also do know that SCADA (sorry about the horrible page design, but can't be arsed to find a better link) systems in use by utility companies do use DCOM for communication between nodes. Example: iPower.
I also choose to continue using the word port. Deal with it.
Just because it's Unix doesn't mean that it's not Microsoft's fault. ;) I'll freely admit that I don't know that this is the case, but I do know that DCOM was ported to UNIX systems, and this seems a logical result.
On most UNIX systems, killall is somewhat less selective. Typing 'killall metacity' on a Solaris system, for example, will send a kill signal to every process on the system. If you're not root, you "only" commit suicide on your own processes. If you're root, say goodnight. On OpenBSD, killall doesn't exist.
A better alternative is to use pkill. Check the man page for your system.
How, by creating my own content, am I preventing them from producing their own? I'm honestly interested in the answer.
I was just pissed off by weaselnuts saying that he hoped that H*sbro would sue them all. It caused me to rant slightly.
I don't think that the goal is to copy their content -- 'tis to create new content, or to be able to use the player for my own content. If I have a recorded television show (time-shifted, if you will), why shouldn't I be able to put it on the appropriate media and watch it on the bus with this little thingamajig? Why should I respect a lock on hardware that I have purchased?
You will pry the xterm and bash from my cold, dead fingers. And WindowMaker had better still be around too.
As they said on the Simpsons, "It's the Shinnin', boy, do ye want to get sued?"
If you're running Windows 2000 or XP, there is notification of updates from Microsoft. You are told that an update is available, it offers to download it for you... unless you have explicitly turned this off. By doing so, you make a choice.
Practically, suing the majority of the population will not happen, can't happen, and shouldn't happen. It does not absolve those people of the responsibility to prevent their systems from damaging others. People had almost a month after this patch was available to update. That's negligence, and it has caused damage. This specific worm isn't the best example.
Here's a hypothetical for you -- BigCorp is running Windows, has no firewall, and has not patched it's 8,000 desktops in 42 locations in over a year. A worm hits this corporation, and proceeds to DoS the root name servers from 42 different network feeds on different ISPs, taking out what most people call the Internet, for all practical purposes. Your company is doing B2B shit over VPNs ont he Interweb. You are down for 6 hours, causing you to lose a contract worth over a million $$. Are they liable in any way, or is ignorance a valid excuse?
If you really want something interesting, look at the theories in the security community about SCADA systems, Windows DCOM bugs, and the Great Blackout(tm). I still will not grant that MS should be liable, even if that massive clusterfuck was because of a bug in their software. It was a known bug, and not patching it was criminal negligence on the part of the user, not the manufacturer. (Assuming, of course, that the DCOM bug has something to do with it, of which we'll probably never know. We'll never know because too many large donors to the administration own energy companies, who could be liable for anything except a freak accident.)
Cheapbytes will sell me a CD with Debian. Is Cheapbytes now liable for defects in Debian? I can buy an OpenBSD CD, and in fact am encouraged to do so by Theo. Is that now commercial software?
IE is a free download. Is it commercial software? [Note that IE is not only for Windows, there is a (neglected) IE for UNIX systems and a Mac version].
Once the government is involved, all bets are off. My libertarian tendencies come out on this one. The feds need to stay out of this. If they get involved, it won't be to create liability for the (large donor) software companies like Microsoft, they will create additional restrictions on the market, like the SSSCA or requiring other "Trusted Computing" technologies (palladium, but without being able to turn it off) in all computers sold.
And about the name-calling, I hadn't had my coffee yet. Never in a good mood without coffee. Once, I even ordered my wife to go clean the "fucking bathroom" before I had coffee. After my bones knit, I never did that again.
Freedom does not come without responsibility.
I'm going to leave the "resistance from arrogant fucks like you..." alone, but would you buy a computer that you can't add software to? Would you then complain that even though it just works, for the exact things you bought it for, you can't run the new Flash XP-MX-27.3?