I know security through obscurity slows things down and may even stop some script kiddies, but than again, when you have something to fear from random script kiddies you have a bigger security issue. But hey, I run ssh on different ports, simply because it keeps the log files a bit cleaner.
So the obscurity could be usefull, sometimes, a little bit. If your fin-vms1 is not reachable from the outside world in the first place, why does it matter if someone knows about it? And by the time it does matter, e.g. when your network it allready compromised, does one really need to do a zone transfer do discover the existence of this machine?
And all of that is assuming you are mixing public and private machines in the same zone, which I guess is not the case for the majority of domains found on the internet. To make a rule (a holy rule for some) out of a thing which has a very limited use in a very limited number is scenarios is a useless waste of time. I have several domains for which only www. and mail. resolve, there are millions of those types of domains on the net and they gain absolutely nothing by prohibiting zone transfers.
Yeah, one of those lovely best practices. Prohibit promiscuous zone transfers, because no-one will ever guess you name your webservers www1 to www8 and your database servers db1 to db6. And because it is really hard to add or substract 1 from an ip addres. Unless you are generating random hostnames and using random IPv6 adresses it is pretty naive to think prohibiting zone transfers will help you security.
And whatever else there is to say about it, it's still nothing but security by obscurity. Most burglars don't know where I live, do you really believe that significantly lowers the risk someone breaks into my house?
And here is what the/. summary has to say about that:
Hardly anyone is using DNSSEC; and 31% of nameservers allow promiscuous zone transfers, a number little changed from last year. Common guys, lets all stop allowing promiscuous zone transfers and then start allowing it again using a different mechanism. Way to go!
Well, you can either not buy an iPhone, or unlock it yourself. Or, at least for people living in actual an democracy and/or a country that gives a shit about an actually free market, you could have a law which makes these kinds of coupled selling illegal. That's not to be whining about stuff like that, it is a necessity to maintain a proper competing free market. When companies are allowed to make deals where you can have A but only if you also by B from him they create artificial monopolies and raise the barrier of entry for other players on the market. When this goes unchallenged it will create a market where you have to roll out a whole mobile network before you can release a smartphone, simply because the others won't let you join there club. That may seem pretty 'normal' when the USA is your reference, but it is not what a free market should be.
I think your may be right on target there, although there is a somewhat deeper cause behind it. We are living in a 'Shiny Happy People' society and whe are unable to cope with things that are an unavoidable part of this world such as ugliness, pain and death. This leads to very cramped attempts to avoid these things, don't get dirty, be sure you don't fall, don't hurt yourself, get botox done, don't ever tell your age, don't fly planes, don't cross the street and when you are becomming old and weak we'll lock you someplace out of sight.
It really is everywhere, it's broadcasted on TV all the time, everything has to be clinically perfect. Except that it just isn't. Accepting that make life a lot easier, just keep the first aid kit handy.
My kids hurt themself every at times, i'm not going to try to stop that, they may even die in some accident someday, it will try to stop that, but I'm not going to take their live away from then just to avoid any and all possible risk. Not even if it would actually be possible.
And if anyone wants a very conservative (older than the whole notion of 'conservative') Christian angle on all this. Go out and live, it's what you were intended to do in the first place. "Whoever watches the wind will not plant; whoever looks at the clouds will not reap."
The sole purpose of a webserver is to publish content (such content can have restricted access, but examples of that are very much the exception to the rule). The sole purpose of a WAP is *not* to share an internet connection with anyone who happens to be driving by...
The sole purpose of an Access Point (what's in a name) is to provide access to a network. No more, no less. And the cases where webservers are either used internally, or provide limited access to the information they publish are numerous, or would you call every online music store, every webmail server, every closed forum or corperate intranet a exception? That would be millions of exceptions...
...nor is it reasonable to assume that someone wants you to piggyback off their WAP any more than it is reasonable to assume they want you to piggyback off their electricity, gas, water, satellite TV or telephone "just because you can".
There is no assumption, there is a (perfectly formilized even) request for access to a (publicly advertised) network. The answer can be either yes or no. But when the answer it turns out to be yes, why should I still assume it actually meant no? That exactly the same with a webserver, a doorbell and borrowing a car, you communicate a request, and may or may not receive an answer. But when you do recieve an answer and it happens to be yes you recieved permission.
No, it's not, any more than leaving you car unlocked with the keys in it is giving "permission" for someone to take it.
Ofcourse it isn't, but did I argue anybody should be allowed to take away an AP when it is unsecured? But when a door is open, it is, at least it is overhere, allowed to enter a house. Also it is generally needed to enter somebody elses property just to ring the doorbell. Unless there is a clear indication otherwise you are allowed to enter. That's why there are fences and 'No tresspassing' signs. APs provide perfect equivalents of these things, totally useless as protection someone with bad intentions, but very effective as a means to indicate intent and to keep passers-by of your network. Use them, or accept the incidental visitor.
Please quote the relevant part of the standard where having an unsecured WAP implied consent to use services accessible through it. I'll be happy to wait.
You first, the http specification (you know, the webserver stuff) is found in.
Let me put it this way. You will have a very easy time convincing a judge and/or jury that someone publishing a website is doing so with the knowledge that it will be open and accessible to others because a) that's what the common understanding of the pupose of a website is and b) it's pretty much impossible publish a website "accidentally". You will have a very difficult time convincing a judge and/or jury that an unsecured WAP is an advertisement and implied consent for free internet access based on the principle it gave you an IP address because a) that's not what most people want to do with their WAPs and b) because it's _very_ easy to ignorantly setup an unsecured WAP.
You personally will have a very hard time arguing just that when someone links you to this very slashdot discussion. Put pulling up the user manual for a AP will pretty much do the same in most cases. Failing to read it should not be and excuse.
But also, the amount of ignorance about these things declining, the amount of accesspoints with stupid default configurations is dropping even faster. So even it it is a valid argument, it is running away from you as we speak.
Further, no amount of arguing "but look how easy it is" (which is essentially all you're doing) is going to change their mind. Neither is arguing "it's just like putting up a website", when typically the intent behind doing that is completely different.
No, that is not what i'm arguing. What i'm arguing is tha
So how does all of that work out when in comes to a webserver. There is a good change that http://example.com/ is on some sort of metered connection. Is it reasonable to assume you are allowed to use it, or do you never click on a link without calling the owner of a server first? And if it is reasonable to assume you can access an other computer over the public internet, why is it unreasonable you can access a wireless network over public airwaves? Even more so when the access point is broadcasting to the world around it it is there and available. When it is not broadcasting it's presence, when it protect with even the most trivial matter you are right. But when it screams 'I'm here!' all the time and answer 'Go right ahead' when you ask if you can use it, than that comunicates an permission to use it. If you don't want that, don't broadcast your network, answer no to a request to use it, ignore the request at all if you like. But when the answer is 'Yes, and here is your ipadress', that is what we call 'permission'. And, unlike social rules, the procedure for granting or refusing access is clear, well defined, properly documented and an official industry standard.
Unless there was a big sign on the house advertising "Cable TV access here", no locks on the door and a remote control dispenser at the entrance the analogy is broken. When the door is locked, you can't enter. When there is (useless) WEP encryption, you can't enter. But when it all advertises 'Go on, use it', then use it.
And really has to be personally, because communication betweens two phones is not communication with their owners. And nevermind getting it in writing, unless it's done with blood, cause a pen is a machine too.
Now lets explore the implication of this when it comes to ATMs...
That's buying vote's, the article is about giving up your vote. And when that is done, there is an important upside, the votes of the people caring enough not to give up their vote becomes more important. I'd say, bring on the iPods...
There is this thing however that keeps amazing me, over 50% of the americans don't bother to show up to vote, but somehow the other half still manages to screw it up. Imagine what would happen if all those "I d don't care" people actually would show up to vote. Scary stuff.
Unfortunately, the chambers in which our legislature meet have no windows, and the windows in the oval office aren't very far off the ground at all... We'd probably need firearms. Because a angry mob of americans is totally incapable of killing a president without using firearms? *Gasp*
I can't blame the voter when you have the choices you have today. I can.
I'm no expert on the US system, but that is just a lame couch patato excuse for not doing anything. Aren't there elections within the parties first about who becomes the candidate? Aren't there independant candidates at each election?
Can't you just run for president/senator yourself? Either you can and you just get lousy candidates because everybody else is to lame to do anything themself, or you can't which would mean you are not actually living in a democracy. (In which case your vote becomes worthless and trading it for an iPod becomes a really good deal.)
And these two options happen to be exactly the same two options there are right now, either 'God' docs it all and he would be a lame God if he couldn't somehow hand out a spirit to a clone. Or God doesn't exist. Again, what has changed?
There actually are quite a few more options, your views of what one could religiously believe seem quite limited, but that's not the point here...
Grow a clone without a brain to avoid the ethical implications. If you really believe that would avoid all ethical implications I suggest we remove your brain and see if the clone is any smarter.
If cloned human beings are manufactured one day and they act, live, breathe, behave just like anyone of us, including having religious worries/sensitivities, then that means that the act of acquiring a "spirit" is internal and not divinely ordained... That just really weird reasoning, the process of conception and the physical growth of an embryo after that are rather well know and documented, the process also is not all that different from cloning. So I really don't expect a clone to be ay different from a 'normal' human being. And I surely don't know how a clone is going to tell us anything new about "the act of aquiring a spirit".
Frankly, I don't see the use of cloning humans at all, if we really need to have more of those we can just have more sex. It's easier and more fun.
Unless ofcourse you think you can somehow choose to not treat clones not as human beings, that might make them more usefull then 'normal' humans, but you seem to argue clones are not different.
It's not just a matter of priority, it also largely depend on the complexity of the issue and/or the solution as well as the risk of introducing new problems with the fix. Last week 1 got a problem fixed, tested, approved and released in 3 hours. This was an string handling issue affecting localizations which aren't even released yet, but the fix was trivial, and a bunch of translators did need it to get on with there work. Priority minor, internal issue, but a save and trival fix. I really don't know why such an issue should take more than a day to get fixed, unless there is other stuff which needs attention first.
However, I've seen issues which could not even be properly located in 48 hours, some solutions really need a lot of discussion to decide the correct approach, some need a lot of testing or a lot of work to assure backwards compatibility, I all really depends on what the issue is (and what type of software it is in). But in general I think someone who properly knows it's way around the software he is working on should be able to fix most issues within a few days, a week at most. If that is not achieved i'd say there is something wrong with the developer, the procedures or the software you are dealing with. But hey, that's the rule, there are exceptions ofcourse.
And it all seems to be about maps (e.g. about the data google doesn't put under an opensource license). Did anybody actually see a dialer application, you like what you get on a phone? And by the way, Opera's small screen rendering beats really beats being able to zoom in and out and (e.g. having to choose between not being able to read the whole scentence and being able to read half a scentence) when it comes to web usability.
I am sick and tired of revisionists coming up with this tripe every time the nuclear bombings of Japan are discussed. Who are you to decide what is revisionism and what isn't? You where there? You made the decision?
Frankly, a lot of stories about 'the true reason for dropping the bomb' are likely wrong. But I really don't believe there ever was a single reason for this, decisions like that are influenced by a lot of things, some writen down, some unspoken. Of these reasons, some are noble, some are not. But for each of the factors there seems to be a camp thinking that was the one real reason for dropping the bomb, and somehow they all fail to be entirely convincing. Why whould that be? Perhaps because there is no such thing a simple single reason for dropping it.
For example, i'm fairly sure that the fact that this type of bomb had never been used before contributed in the decision to 'try' it, but I would never claim it was droppen just because someone wanted to fined out how it would work out. It's simply one of the factors involved.
Java utterly failed in the "Write once, run everywhere" arena As opposed to what? I really like to know about this language which does allow me to write something once and then run it anywhere, because being able to run your app on just 95% of all mobile phones is annoying sometimes. There sure is loads of room for improvement, but until someone gives me something better, Java is the most succesfull attempt so far. That's not "utterly failed", thats better then anything else. But feel free to try and do a better job.
Although the author of the linked page says he wrote much of the disputed text and released it into public domain, the license governing Wikipedia is GNU FDL, as can be seen by a link at the bottom of every page. The combined work, because it includes work by others, is covered by that license. I'm not really into how 'public domain' works in copyright, but surely you can't just claim something is your own writing when it is a public domain written by somebody else? Apart from the morals of it when you know who the author is, it is a flat a lie to claim it's written by you when it's actually written by somebody else. The fact that this someone else doesn't care about getting credits for his work doesn't mean you can take credit for what is not your work.
I think there is a fair chance someone will port android to the Neo1973, which should meet the minimum requirements fairly easily and is *very* developer friendly. To me, that will also be (part of) the benchmark on the 'openness' of google with this, if it cannot be ported to hardware of vendors not in the consortium it's not open enough to me.
God, I hate that. It's she. I am not going get into al the arguments about wether or not it was God's fault, or if he is able to fix it. At least not on slashdot.
But, even though I don't mind the fact that you are a girl (and I supposed this goes for 99.8% of the slashdot readers), if you really hate it that bad you can have that fixed these days. Being a boy isn't as terrible as you may think it is, I for one have quite liked it so far.
Nobody wants to fight that fight. Which is, in a nuttshell, why companies get away with crap like this. Eat it (but then, stop whining about it), or fight the fight. You may very well win.
Put this WorldNetDaily.com on your list of propaganda websites that are too stupid to even try to appear objective. It's WND, Weapon of News Destruction...
Slashdot Mirror
I know security through obscurity slows things down and may even stop some script kiddies, but than again, when you have something to fear from random script kiddies you have a bigger security issue. But hey, I run ssh on different ports, simply because it keeps the log files a bit cleaner.
So the obscurity could be usefull, sometimes, a little bit. If your fin-vms1 is not reachable from the outside world in the first place, why does it matter if someone knows about it? And by the time it does matter, e.g. when your network it allready compromised, does one really need to do a zone transfer do discover the existence of this machine?
And all of that is assuming you are mixing public and private machines in the same zone, which I guess is not the case for the majority of domains found on the internet. To make a rule (a holy rule for some) out of a thing which has a very limited use in a very limited number is scenarios is a useless waste of time. I have several domains for which only www. and mail. resolve, there are millions of those types of domains on the net and they gain absolutely nothing by prohibiting zone transfers.
Yeah, one of those lovely best practices. Prohibit promiscuous zone transfers, because no-one will ever guess you name your webservers www1 to www8 and your database servers db1 to db6. And because it is really hard to add or substract 1 from an ip addres. Unless you are generating random hostnames and using random IPv6 adresses it is pretty naive to think prohibiting zone transfers will help you security.
And whatever else there is to say about it, it's still nothing but security by obscurity. Most burglars don't know where I live, do you really believe that significantly lowers the risk someone breaks into my house?
I think your may be right on target there, although there is a somewhat deeper cause behind it. We are living in a 'Shiny Happy People' society and whe are unable to cope with things that are an unavoidable part of this world such as ugliness, pain and death. This leads to very cramped attempts to avoid these things, don't get dirty, be sure you don't fall, don't hurt yourself, get botox done, don't ever tell your age, don't fly planes, don't cross the street and when you are becomming old and weak we'll lock you someplace out of sight.
It really is everywhere, it's broadcasted on TV all the time, everything has to be clinically perfect. Except that it just isn't. Accepting that make life a lot easier, just keep the first aid kit handy.
My kids hurt themself every at times, i'm not going to try to stop that, they may even die in some accident someday, it will try to stop that, but I'm not going to take their live away from then just to avoid any and all possible risk. Not even if it would actually be possible.
And if anyone wants a very conservative (older than the whole notion of 'conservative') Christian angle on all this. Go out and live, it's what you were intended to do in the first place. "Whoever watches the wind will not plant; whoever looks at the clouds will not reap."
The sole purpose of a webserver is to publish content (such content can have restricted access, but examples of that are very much the exception to the rule). The sole purpose of a WAP is *not* to share an internet connection with anyone who happens to be driving by...
The sole purpose of an Access Point (what's in a name) is to provide access to a network. No more, no less. And the cases where webservers are either used internally, or provide limited access to the information they publish are numerous, or would you call every online music store, every webmail server, every closed forum or corperate intranet a exception? That would be millions of exceptions...
...nor is it reasonable to assume that someone wants you to piggyback off their WAP any more than it is reasonable to assume they want you to piggyback off their electricity, gas, water, satellite TV or telephone "just because you can".
There is no assumption, there is a (perfectly formilized even) request for access to a (publicly advertised) network. The answer can be either yes or no. But when the answer it turns out to be yes, why should I still assume it actually meant no? That exactly the same with a webserver, a doorbell and borrowing a car, you communicate a request, and may or may not receive an answer. But when you do recieve an answer and it happens to be yes you recieved permission.
No, it's not, any more than leaving you car unlocked with the keys in it is giving "permission" for someone to take it.
Ofcourse it isn't, but did I argue anybody should be allowed to take away an AP when it is unsecured? But when a door is open, it is, at least it is overhere, allowed to enter a house. Also it is generally needed to enter somebody elses property just to ring the doorbell. Unless there is a clear indication otherwise you are allowed to enter. That's why there are fences and 'No tresspassing' signs. APs provide perfect equivalents of these things, totally useless as protection someone with bad intentions, but very effective as a means to indicate intent and to keep passers-by of your network. Use them, or accept the incidental visitor.
Please quote the relevant part of the standard where having an unsecured WAP implied consent to use services accessible through it. I'll be happy to wait.
You first, the http specification (you know, the webserver stuff) is found in .
Let me put it this way. You will have a very easy time convincing a judge and/or jury that someone publishing a website is doing so with the knowledge that it will be open and accessible to others because a) that's what the common understanding of the pupose of a website is and b) it's pretty much impossible publish a website "accidentally". You will have a very difficult time convincing a judge and/or jury that an unsecured WAP is an advertisement and implied consent for free internet access based on the principle it gave you an IP address because a) that's not what most people want to do with their WAPs and b) because it's _very_ easy to ignorantly setup an unsecured WAP.
You personally will have a very hard time arguing just that when someone links you to this very slashdot discussion. Put pulling up the user manual for a AP will pretty much do the same in most cases. Failing to read it should not be and excuse.
But also, the amount of ignorance about these things declining, the amount of accesspoints with stupid default configurations is dropping even faster. So even it it is a valid argument, it is running away from you as we speak.
Further, no amount of arguing "but look how easy it is" (which is essentially all you're doing) is going to change their mind. Neither is arguing "it's just like putting up a website", when typically the intent behind doing that is completely different.
No, that is not what i'm arguing. What i'm arguing is tha
So how does all of that work out when in comes to a webserver. There is a good change that http://example.com/ is on some sort of metered connection. Is it reasonable to assume you are allowed to use it, or do you never click on a link without calling the owner of a server first? And if it is reasonable to assume you can access an other computer over the public internet, why is it unreasonable you can access a wireless network over public airwaves? Even more so when the access point is broadcasting to the world around it it is there and available. When it is not broadcasting it's presence, when it protect with even the most trivial matter you are right. But when it screams 'I'm here!' all the time and answer 'Go right ahead' when you ask if you can use it, than that comunicates an permission to use it. If you don't want that, don't broadcast your network, answer no to a request to use it, ignore the request at all if you like. But when the answer is 'Yes, and here is your ipadress', that is what we call 'permission'. And, unlike social rules, the procedure for granting or refusing access is clear, well defined, properly documented and an official industry standard.
Unless there was a big sign on the house advertising "Cable TV access here", no locks on the door and a remote control dispenser at the entrance the analogy is broken. When the door is locked, you can't enter. When there is (useless) WEP encryption, you can't enter. But when it all advertises 'Go on, use it', then use it.
And really has to be personally, because communication betweens two phones is not communication with their owners. And nevermind getting it in writing, unless it's done with blood, cause a pen is a machine too.
Now lets explore the implication of this when it comes to ATMs...
That's buying vote's, the article is about giving up your vote. And when that is done, there is an important upside, the votes of the people caring enough not to give up their vote becomes more important. I'd say, bring on the iPods...
There is this thing however that keeps amazing me, over 50% of the americans don't bother to show up to vote, but somehow the other half still manages to screw it up. Imagine what would happen if all those "I d don't care" people actually would show up to vote. Scary stuff.
I'm no expert on the US system, but that is just a lame couch patato excuse for not doing anything. Aren't there elections within the parties first about who becomes the candidate? Aren't there independant candidates at each election?
Can't you just run for president/senator yourself? Either you can and you just get lousy candidates because everybody else is to lame to do anything themself, or you can't which would mean you are not actually living in a democracy. (In which case your vote becomes worthless and trading it for an iPod becomes a really good deal.)
And these two options happen to be exactly the same two options there are right now, either 'God' docs it all and he would be a lame God if he couldn't somehow hand out a spirit to a clone. Or God doesn't exist. Again, what has changed?
There actually are quite a few more options, your views of what one could religiously believe seem quite limited, but that's not the point here...
Yeah, postdated seems an appropriate title when using "two-thousand-year-old" and "Gospel of Thomas" in one message.
Frankly, I don't see the use of cloning humans at all, if we really need to have more of those we can just have more sex. It's easier and more fun.
Unless ofcourse you think you can somehow choose to not treat clones not as human beings, that might make them more usefull then 'normal' humans, but you seem to argue clones are not different.
It's not just a matter of priority, it also largely depend on the complexity of the issue and/or the solution as well as the risk of introducing new problems with the fix. Last week 1 got a problem fixed, tested, approved and released in 3 hours. This was an string handling issue affecting localizations which aren't even released yet, but the fix was trivial, and a bunch of translators did need it to get on with there work. Priority minor, internal issue, but a save and trival fix. I really don't know why such an issue should take more than a day to get fixed, unless there is other stuff which needs attention first.
However, I've seen issues which could not even be properly located in 48 hours, some solutions really need a lot of discussion to decide the correct approach, some need a lot of testing or a lot of work to assure backwards compatibility, I all really depends on what the issue is (and what type of software it is in). But in general I think someone who properly knows it's way around the software he is working on should be able to fix most issues within a few days, a week at most. If that is not achieved i'd say there is something wrong with the developer, the procedures or the software you are dealing with. But hey, that's the rule, there are exceptions ofcourse.
And it all seems to be about maps (e.g. about the data google doesn't put under an opensource license). Did anybody actually see a dialer application, you like what you get on a phone? And by the way, Opera's small screen rendering beats really beats being able to zoom in and out and (e.g. having to choose between not being able to read the whole scentence and being able to read half a scentence) when it comes to web usability.
Frankly, a lot of stories about 'the true reason for dropping the bomb' are likely wrong. But I really don't believe there ever was a single reason for this, decisions like that are influenced by a lot of things, some writen down, some unspoken. Of these reasons, some are noble, some are not. But for each of the factors there seems to be a camp thinking that was the one real reason for dropping the bomb, and somehow they all fail to be entirely convincing. Why whould that be? Perhaps because there is no such thing a simple single reason for dropping it.
For example, i'm fairly sure that the fact that this type of bomb had never been used before contributed in the decision to 'try' it, but I would never claim it was droppen just because someone wanted to fined out how it would work out. It's simply one of the factors involved.
I think there is a fair chance someone will port android to the Neo1973, which should meet the minimum requirements fairly easily and is *very* developer friendly. To me, that will also be (part of) the benchmark on the 'openness' of google with this, if it cannot be ported to hardware of vendors not in the consortium it's not open enough to me.
But, even though I don't mind the fact that you are a girl (and I supposed this goes for 99.8% of the slashdot readers), if you really hate it that bad you can have that fixed these days. Being a boy isn't as terrible as you may think it is, I for one have quite liked it so far.