There's a third reason, and the one makes it a bad idea IMNSHO.
Define porn. In a way that people from (non-inclusively) the Vatican, Tehran, Singapore, Beijing, and a small Baptist congregation in the US Bible Belt will agree to.
Does it include a site from a plastic surgeon that has before and after pictures? How about information about safe sex, including proper condom use? Does it include the picture of a celebrity with a bit of cellulite that the National Enquirer paid US $50,000 for? How about pictures from a family vacation that include an unmarried woman tanning on a beach? Where can you draw the line internationally?
I just needed to rant. I think that's a reasonable and expected use of/., going by my years of experience.
I encountered one of these vile rodents recently, and it was the only pointing device on the computer I was using. I was not pleased by the design. I spent about 30 seconds wondering why the right mouse button didn't work, then I realized that it was the asinine one-button mouse that Apple's been shipping for years, just with a bloody heat sensor where the finger sits. That displeased me.
Honestly, it annoys me more because I consider Apple's other hardware to be very well designed and useable. That includes everything from laptops to servers and storage. I just wish they'd bring back the Newton.;)
Re:Jealousy is a terrible thing. In the meantime..
on
Boot Camp For Suckers?
·
· Score: 1
A 7800 would probably draw more power than the rest of the system combined, especially if you use OS X (Quartz Extreme has the GPU active at all times) or Vista (Aero will do the same.) The battery life of such a card under OS X would be extraordinarily short. There are reasons that Apple underclocks the GPU -- heat, battery life, etc.
Huh. I can't use the mighty mouse. It doesn't work for me. I'm a traditional unix user, who's seen the light of OS X (as long as X11.app and Darwinports are installed). I am used to three-button mice. Not two button with some pansy wheel, though those work as three button mice, but a three-button mouse. Because I am used to three-button mice, I leave three fingers on the top of the mouse at all times. Index on button 1, ring on button 2, and middle finger on button 3/4/5 (wheel). The not-so-Mighty mouse detects that my finger is touching button 1 (through heat) and every frickin' click is interpreted as button 1. Not usable for a real programmer.
Redhat has copyright-protected, non-redistributable graphics and docs.
Otherwise, CentOS is RHEL. People do pay Redhat to supply support -- for most corp installs, it is that important. There are a few edge cases as well -- if you're running any commercial software, like Oracle, SPSS, or SAS -- you will definitely run RHEL over CentOS, or your vendor won't even talk to you.
For an academic install, RHEL is cheap enough that it's worth the cost ($50/year/host) to have the possibility of support. Just like it's worth the $120/year/host for basic service on Solaris 10 machines.
Alternately (and far more likely), they're comparing permutations of your *new* password against the old hash. They're not recovering plaintext for the old password, but using the plaintext of the new password to create the permutations. See pam_passwdqc for an example of this technique, or npasswd. Most password checking systems will do this.
You can switch the password encryption algorithm by editing/etc/security/policy.conf. On Solaris 9 and 10, the available algorithms are __unix__ (crypt()), BSD MD5, BSD Blowfish, and Sun MD5.
By default, it's set to allow other algorithms, but new passwords set (including root) are __unix__.
Under FERPA, even a name and a grade for a paper is federally-protected private data. So, if you have a spreadsheet with the scores from the last quiz, that's sensitive, personal data about students that triggers those laws. It isn't necessarily SSNs and CC#s.
Hell, under FERPA, even the names of students in a class can be protected if one student has preferred to have their directory info suppressed. There's a report available from my current employer that has names and ID pictures for all the students in a class -- again, protected data.
The threshold is so low for private data that basically any academic staff is using it every day, and carrying it on their laptops, on USB sticks, on their home computers, etc.
Traditionally, that's basically how it's done for videogames. What would normally be the operating system is contained in a set of runtime libraries that are stored with the game, and can therefore never be upgraded. That also limits the ability of the system manufacturer to update hardware, if say, a bug is found in the video hardware.
The Xbox was the first to break that cycle by having a hard drive for patches, but MS has gone back on that idea by shipping the 360 without a standard hard drive. Although, AFAIK, the xbox did not leave an OS running but passed control completely to the code on the game disc.
Everybody's jumpin' on poor Bill, and he said the same thing -- just poor wording. "I don't know what it does" can be interpreted as "I don't know what data it is transmitting, because it's encrypted, and it isn't monitored and recorded in accordance with Sarbanes-Oxley like that employee's phone line."
Look at the target demographic for the article. It isn't security people, technical people, firewall administrators. It's the frickin' Wall Street Journal.
At most financial institutions (covered by SOX), you need exceptions up the yazoo to get a CD writer, or tape backup, or any other kind of media writer. Any client data written has to be auditable.
That's why Dell still sells a DVD reader on most business machines, instead of the writer that's probably cheaper in quantity.
Sounds more like a bank that decided to screw someone. Odds are, the ATM came out even on the day,because the next person "won" at the ATM to the tune of $40. My point is that he was still charged, even if the physical mechanism didn't work right.
Rather than giving up, he should have contacted the Attorney General for the state and filed an official complaint. Odds are the banks would have sorted it out between themselves if there was an external entity bearing down on them.
When you use a Diebold ATM, it prints a paper trail inside the box, and gives you a printed receipt with a transaction number that can be matched to both the internal database and to the paper trail inside. If the printer inside jams, it stops accepting transactions. Detailed information about the inner workings and software are shared with the banks, and all transactions are registered in real-time with a central system (nearly instantaneous over ISDN or similar connection).
When was the last time your bank "forgot" that you took money from an ATM? Do you ever hear of problems like that? No? Why does it happen with a vote?
I've become far more cynical about the process as every recount that's happened has had discrepancies. New, uncertified code is loaded on the machines the day before the election. The code is not available for examination by third parties (yet, a slot machine is.)
Why were exit polls so much more accurate in the days of paper ballots? I find it unlikely that the methodology has gotten that much worse, especially considering that similar districts in the same election have varying margins of error that correlate to the voting system in use at the polling location.
Define porn in objective terms. Do not use the phrase "community standards," but have a definition that will be agreed to be all cultures that use the internet.
Once that is done, apply that definition to all existing sites.
You will never reach step two. A European country will not consider a woman's breasts as pornographic, but a country under Sharia (Islamic law) may consider a woman wearing a bathing suit to be porn. The Internet is a global entity. Blanket descriptions, such as "pornographic," "illegal," or "family-friendly" will not aplly globally. Something a Spaniard may consider suitable for kids, an American evangelical would not. Even a.kids domain is doomed by this simple fact.
No, SuSE is not pure FOSS software. They include quite a few non-free, patent-encumbered bits.
Redhat has made the choice not to include those things in any distribution they ship, including Fedora. There are a couple of reasons -- RH wants the corporate market, who as a general rule aren't going to worry about MP3 support in a desktop OS. Also, their main market is servers, not desktops. You don't need a NVidia (non-free) driver on a server. If you need X to work enough to configure something (and I hope that's not the case if it's a server), the nv driver will do fine.
Debian is the same way, for different reasons (ideology vs. legal), but with the same end result. No MP3s, no non-free drivers, no firmware bits for hardware like the keyspan USB->Serial adapter sitting next to me or for various wireless cards in the kernel, etc. It's a pain in the ass, but it's a principled pain in the ass.
That's the key -- unlike in some nation's legal systems, the US has no provision for a plaintiff in a civil suit who wins to recover legal fees. The company (or government) can just bury you in paper until you either go completely bankrupt trying to pay a lawyer to make sense of it, or just settle for some arbitrary fee. This isn't so likely to apply in kiddie pr0n cases, but is entirely a reasonable scenario in a case of a company suing for damages after a website defacement or DoS attack from your connection.
I do allow public access to my connection, though for neither ignorance nor idealism... pure cynicism. I know enough about the technology to know that any security features I use on that connection can be broken (WEP, WPA, MAC address filtering), and I have devices that won't work with security measures that will work, such as IPsec VPNs. If my connection is used for illicit purposes, I think that I will have a much better chance of convincing a judge that it wasn't me if it's explicitly open, rather than trying to explain how those security measures (that the sales-weasel at CompUSA told him would make *his* wireless connection at home safe) can be bypassed. It gets even worse when you involve a 12-member jury of your "peers" (hint: in cases like that, consider waiving your right to a jury trial and asking for the decision to be rendered by the judge based on the evidence. Don't consider without talking to an actual lawyer and knowing about the judge's record.)
Unfortunately, civil suits, unlike criminal suits, do not require that you be found guilty beyond a reasonable doubt -- only that you are found to be *more likely* guilty than not. It's a huge loophole in the legal system, in my opinion.
I work for a public university. My salary is a public record. Lying about it would be a very bad idea, methinks, once I start looking for another job. However, I'd need quite a bit more money to leave -- right now I get full tuition (and most fees) waived for any classes I take, a traditional pension from the state, and a fairly loose schedule. If I was trading that for money, that's quite a chunk of change.
Slashdot Mirror
Define porn. In a way that people from (non-inclusively) the Vatican, Tehran, Singapore, Beijing, and a small Baptist congregation in the US Bible Belt will agree to.
Does it include a site from a plastic surgeon that has before and after pictures? How about information about safe sex, including proper condom use? Does it include the picture of a celebrity with a bit of cellulite that the National Enquirer paid US $50,000 for? How about pictures from a family vacation that include an unmarried woman tanning on a beach? Where can you draw the line internationally?
I will give my personal guarantee that Jack will be all over this shit.
I just needed to rant. I think that's a reasonable and expected use of /., going by my years of experience.
I encountered one of these vile rodents recently, and it was the only pointing device on the computer I was using. I was not pleased by the design. I spent about 30 seconds wondering why the right mouse button didn't work, then I realized that it was the asinine one-button mouse that Apple's been shipping for years, just with a bloody heat sensor where the finger sits. That displeased me.
Honestly, it annoys me more because I consider Apple's other hardware to be very well designed and useable. That includes everything from laptops to servers and storage. I just wish they'd bring back the Newton. ;)
Huh. I can't use the mighty mouse. It doesn't work for me. I'm a traditional unix user, who's seen the light of OS X (as long as X11.app and Darwinports are installed). I am used to three-button mice. Not two button with some pansy wheel, though those work as three button mice, but a three-button mouse. Because I am used to three-button mice, I leave three fingers on the top of the mouse at all times. Index on button 1, ring on button 2, and middle finger on button 3/4/5 (wheel). The not-so-Mighty mouse detects that my finger is touching button 1 (through heat) and every frickin' click is interpreted as button 1. Not usable for a real programmer.
Otherwise, CentOS is RHEL. People do pay Redhat to supply support -- for most corp installs, it is that important. There are a few edge cases as well -- if you're running any commercial software, like Oracle, SPSS, or SAS -- you will definitely run RHEL over CentOS, or your vendor won't even talk to you.
For an academic install, RHEL is cheap enough that it's worth the cost ($50/year/host) to have the possibility of support. Just like it's worth the $120/year/host for basic service on Solaris 10 machines.
You can switch the password encryption algorithm by editing /etc/security/policy.conf. On Solaris 9 and 10, the available algorithms are __unix__ (crypt()), BSD MD5, BSD Blowfish, and Sun MD5.
By default, it's set to allow other algorithms, but new passwords set (including root) are __unix__.
The threshold is so low for private data that basically any academic staff is using it every day, and carrying it on their laptops, on USB sticks, on their home computers, etc.
Traditionally, that's basically how it's done for videogames. What would normally be the operating system is contained in a set of runtime libraries that are stored with the game, and can therefore never be upgraded. That also limits the ability of the system manufacturer to update hardware, if say, a bug is found in the video hardware.
The Xbox was the first to break that cycle by having a hard drive for patches, but MS has gone back on that idea by shipping the 360 without a standard hard drive. Although, AFAIK, the xbox did not leave an OS running but passed control completely to the code on the game disc.
Everybody's jumpin' on poor Bill, and he said the same thing -- just poor wording. "I don't know what it does" can be interpreted as "I don't know what data it is transmitting, because it's encrypted, and it isn't monitored and recorded in accordance with Sarbanes-Oxley like that employee's phone line."
Look at the target demographic for the article. It isn't security people, technical people, firewall administrators. It's the frickin' Wall Street Journal.
At most financial institutions (covered by SOX), you need exceptions up the yazoo to get a CD writer, or tape backup, or any other kind of media writer. Any client data written has to be auditable.
That's why Dell still sells a DVD reader on most business machines, instead of the writer that's probably cheaper in quantity.
Rather than giving up, he should have contacted the Attorney General for the state and filed an official complaint. Odds are the banks would have sorted it out between themselves if there was an external entity bearing down on them.
When was the last time your bank "forgot" that you took money from an ATM? Do you ever hear of problems like that? No? Why does it happen with a vote?
I've become far more cynical about the process as every recount that's happened has had discrepancies. New, uncertified code is loaded on the machines the day before the election. The code is not available for examination by third parties (yet, a slot machine is.)
Why were exit polls so much more accurate in the days of paper ballots? I find it unlikely that the methodology has gotten that much worse, especially considering that similar districts in the same election have varying margins of error that correlate to the voting system in use at the polling location.
- Define porn in objective terms. Do not use the phrase "community standards," but have a definition that will be agreed to be all cultures that use the internet.
- Once that is done, apply that definition to all existing sites.
You will never reach step two. A European country will not consider a woman's breasts as pornographic, but a country under Sharia (Islamic law) may consider a woman wearing a bathing suit to be porn. The Internet is a global entity. Blanket descriptions, such as "pornographic," "illegal," or "family-friendly" will not aplly globally. Something a Spaniard may consider suitable for kids, an American evangelical would not. Even aRedhat has made the choice not to include those things in any distribution they ship, including Fedora. There are a couple of reasons -- RH wants the corporate market, who as a general rule aren't going to worry about MP3 support in a desktop OS. Also, their main market is servers, not desktops. You don't need a NVidia (non-free) driver on a server. If you need X to work enough to configure something (and I hope that's not the case if it's a server), the nv driver will do fine.
Debian is the same way, for different reasons (ideology vs. legal), but with the same end result. No MP3s, no non-free drivers, no firmware bits for hardware like the keyspan USB->Serial adapter sitting next to me or for various wireless cards in the kernel, etc. It's a pain in the ass, but it's a principled pain in the ass.
And of course, there's the triangle button. The trinity. ;)
I do allow public access to my connection, though for neither ignorance nor idealism... pure cynicism. I know enough about the technology to know that any security features I use on that connection can be broken (WEP, WPA, MAC address filtering), and I have devices that won't work with security measures that will work, such as IPsec VPNs. If my connection is used for illicit purposes, I think that I will have a much better chance of convincing a judge that it wasn't me if it's explicitly open, rather than trying to explain how those security measures (that the sales-weasel at CompUSA told him would make *his* wireless connection at home safe) can be bypassed. It gets even worse when you involve a 12-member jury of your "peers" (hint: in cases like that, consider waiving your right to a jury trial and asking for the decision to be rendered by the judge based on the evidence. Don't consider without talking to an actual lawyer and knowing about the judge's record.)
Unfortunately, civil suits, unlike criminal suits, do not require that you be found guilty beyond a reasonable doubt -- only that you are found to be *more likely* guilty than not. It's a huge loophole in the legal system, in my opinion.
Calm down, younguns.
Minnesota has an open records act. For non-U employees, you have to go to the library to look it up, but it's definitely public.
I work for a public university. My salary is a public record. Lying about it would be a very bad idea, methinks, once I start looking for another job. However, I'd need quite a bit more money to leave -- right now I get full tuition (and most fees) waived for any classes I take, a traditional pension from the state, and a fairly loose schedule. If I was trading that for money, that's quite a chunk of change.
s/could/should/ and I'd agree with that statement. Hell, I could have made it. Buffer overflows should be painful for the programmer.
Sell. Now. The bubble will burst. Take the money and run.
ITYM "Don't try to confuse me with the facts." (Phil Hartman's character on NewsRadio, a crappy US sitcom that died with Phil).