Hurd seems to be an ongoing project to demonstrate that, while interesting in theory, producing a microkernel OS isn't really practical-- it is a software fix to hardware problems that have gone away, and basically no one really needs it. It seems to be "biding its time," waiting for a killer app. Maybe in some new Oracle product? Bwahaha.
I, for one, plan to purchase every anti-virus product I can possibly put on my credit card, and then I'll send a letter to StratFor, to find out what they recommend for additional security hardening for the upcoming conflict. I expect they'll recommend I switch to Linux immediately, and to help me protect myself as well as my neighbors, I shall be following that advice.
How did we start from someone hacking the network of the distributor of a 3rd rate Xmas-release comedy to apocalyptic throw-downs from a child dictator? This sounds like a South Park episode.
1. The North Koreans have absolutely nothing to gain from the Sony hack. 2. No one who knows actual facts about this case has any interest in letting the truth be known. 3. We will never, ever know who hacked Sony, or why, until it IS in someone's interest for the truth to be known. 4. That won't happen.
Also, there have been no reviews of the film, either positive or negative. For a movie that looked as bad as the one shown in the previews I saw, this could what saves the box office. I can see no possible advantage for NK to invest the resources into hacking Sony over a second-rate comic movie. Who would get an advantage from the Sony hack? I'll bet a lot of Symantec licenses will be renewed before the end of the year. Sorry, just free-associating here. If I had mod points you'd get an insightful.
Are you implying that DPNK will cause "a million [deaths] over 20 years" with the Sony hack? Most of the estimates I've seen are much lower than that. I do believe the animosity most Americans harbor against North Korea is based on PR and not on facts. The largest threat the Un-regime poses is to their own people, for whom I feel nothing but pity.
It seems like a lot of the high bandwidth claims related to the NSA and other spooks indicate they want an iSCSI connection or other high speed, low-latency access to their sources to make for more efficient and cheaper connections. Why bother recording everything when that's already done by the telcos? My inner spook just wants a fast connection to data that is already on disk.
According to the description I read on a link above, the unescaped sql (and hence the injection vector) was a one-off administration page the intruder found by poking around on the disk. A mistake, but not quite as bad as leaving the error on a published page.
Probably OT, but I just upgraded my ~8 y/o XP laptop with Mint Linux, and I am quite happy with it. The trackpad support is much better, and the SSD driver is much better. That said, it's not my only PC, and I did have to give up some "good-enough" windows software in the process. I gave away my old Canon camera whose software only ran on XP, I've not yet found how to make Mint talk to my very old parallel port scanner, and I still haven't gotten it to work well in the docking station (which is hooked to a KVM switch to the monitor, keyboard, mouse on my desk). I am comforted by knowing if I had $10 million, I could get Microsoft to support my XP laptop for a few more years so I could continue to use my obsolete camera, scanner, and dock.
Your argument breaks down as soon as the boss buys the new, improved Hamm-R-Matic with improved Head-hitter aim control, and the exclusive Whack-Tracker (using a standard ultra-speed parallel interface), that is both manageable and scalable, and sports the new laser guided "Nail Head Finder" front-end with indestructible low-power LED success indicators. Updates are continually provided directly from the manufacturer on convenient High Density diskettes.
Within two years, no one is left on the staff who can still operate the "big iron" interface of the old "nail smashing devices" and now there's system-wide version lock-in. The boss bought in because of the blinky lights, reduced training time, highly-granular tracking, and the cost was only $15.00 more per unit than the manual version. He has already been promoted for his perspicacity. Capital equipment purchases nowadays tend to be for processes rather than actual equipment. I don't believe this is a great state of affairs, but I believe it's the true state of affairs, and people ignore it at the risk of their own irrelevance.
This is the type of government organization that hires groups like RATFOR as security consultants. Who knows what they used for security procedures? Password list in/?
I agree 100%. The security companies who advise the likes of Target aren't talking about the whole exploit-- indeed, are pro-actively hiding the details-- because they don't want to explain how their hideously expensive security best practices were utterly pwned by some foreigners who weren't interested in any of their acronyms. These security guys are like Stratfor-- pugnacious, pistol-packing, ex-military folk who think computer security is just a variation on any other kind of security detail, and are prepared to sell the hell out of their ideas, even when they can't secure their own passwords.
My "official" copy of WordPerfect was the last (group) of floppy disks I owned (along with a licensed copy of MASM). But do you have the function key template, without which WP is practically useless?
I fail to see how placing control of health care in the hands of government is more scary than having health care in the hands of piranha-capitalist medical care organizations. Healthcare Inc. is an extremely powerful and vicious adversary, bankrupting millions every year, and basically preying on the weakest and sickest among us. I've worked in a side industry (medical malpractice insurance) for 20 years, and I know the entire medical industry is a vicious money-grab from bottom to top.
I'll take my chances with the government over any possibility of getting a fair deal from the likes of big-pharma, big-hospital, big-insurance. The logic of this choice becomes more clear the closer to retirement age we get, or the less healthy we get. A thirty year-old who contracts a leukemia that would have been fatal 30 years ago may likely be saved from the disease today, but their finances will likely never recover-- even if they're insured. By the time we're 75, we'll basically be signed over to the system, healthy or not. Would you rather petition the government or UnitedHealthcare? I'll take the former, though I respect those who choose the latter.
It occurs to me this is Apple's way of spreading out the "early-adopter tax" over their product life cycle. Their new graphics hardware isn't available yet, but will be soon. In three to five years, a new Mac Pro will be at least a generation behind, graphics-wise. The generic hardware that follows will benefit from manufacturing and integration efficiencies, as well as driver support. Apple customers will have underwritten all that.
Bravo. Very well said. I wonder why using specific software is so often compared to a religious choice-- after conversion to PHP, Oracle, jquery,.NET, whatever, then no other software can be used or contemplated. Bah. Every paged email client, like Yahoo, gmail, or even Outlook's web client, is a dog for managing any more than a screenful of emails at a time.
I have been doing this for the last 18 months, since our sys admin was terminated. Write stuff down. Find a secure place (or two) on the network to store an Excel spreadsheet with IP addresses, dns names, and credentials for servers, databases, routers, printers. Encryption keys, vendor support websites. Save root, administrator, and sys passswords, and any other admiinistrivia, in some sort of order you can decipher in 3 months at midnight. I use worksheets to identify categories of information.. It's probably more secure to not keep this stuff all in one spreadsheet, but the fact is the document becomes a corporate asset. You can be the keeper of it, and the central answer person--lots of parties need that kind of information. Back it up, encrypt it, whatever. Where I work, only the CIO, two database admins, and the network admin have read permissions on it. Do not print it out, or carry it on a usb stick that can be misplaced. It's an admirable gesture, but probably masochistic to try and store this information in a secure database, because that may run on the server that goes down at midnight when you most need that list. Plus it's freeform-- we keep different columns of data for OS's, servers, cert keys, routers, databases, etc.. It's also nice to have it handy and organized, so you can paste it into vendor inquiries. Saves money and consternation next time you don't have to look up the info ad hoc. It's easy enough to find out the MySql version, but when there are 10+ servers, you will be glad you've got it in one spreadsheet.
Save model numbers, sales staff information, customer contacts, warranty information, service contracts. Also record server software versions. It's easy to remember if you just bought it, but in two years, you will be glad you know It's Oracle 10.1.0.5 and not just 10g. All the big IT suppliers-- Oracle, Microsoft, HP, Dell, NetApp, SAP-- have their own twisted bureaucracies, ticket tracking systems, incident reporting and escalation, and lines of communication. Put as much of that info in the spreadsheet as you can. You can even embed links to support sites in Excel.
Try and figure out which servers talk to each other, which have dependencies and would be affected by an issue with another server. It's good to learn the network topology-- which equipment and services are in which segment and why. Where does the internet come in? Try not to work too late. Don't carry a gun to work. Be nice to the users. That's about all I've got.
I understood the headline the first time I read it, but I am familiar with the company, the product, and the market, so maybe it was more obvious to me. I assumed the dangling "in an illegal fashion" was attached to the provision of Solaris Support, but you're right. It's ambiguous.
As far as I know, Oracle treats their 3rd party support companies as badly as they treat their customers. They charge full price for all their products, even if it's used in education or software development. The software is readily available online (once you sign up), but be prepared to pay up if the Oracle police visit. Every Oracle support company I've worked with do their own audits. If they work with a customer who is infringing, Oracle partly blames them, their 3rd party consultants. Larry wants every part of his company to gobble at money like piranhas. The tech glow of SUN and Oracle (still an excellent database) is completely eclipsed by the ravenous capitalism his company practices. There's no pleasure left working with them, and I'll never recommend that company again.
Oracle is like herpes: You never get rid of it completely, it pops up in the worst situations, and it is never a pleasure to work with. As if they're continually trying to gyp you out of something, waiting for a mistake, or letting your guard down, or having a failed backup, then WHAM! You gotta pay to get out of trouble. Fie on them all!.Sail on, Larry!
Slashdot Mirror
Hurd seems to be an ongoing project to demonstrate that, while interesting in theory, producing a microkernel OS isn't really practical-- it is a software fix to hardware problems that have gone away, and basically no one really needs it. It seems to be "biding its time," waiting for a killer app. Maybe in some new Oracle product? Bwahaha.
I, for one, plan to purchase every anti-virus product I can possibly put on my credit card, and then I'll send a letter to StratFor, to find out what they recommend for additional security hardening for the upcoming conflict. I expect they'll recommend I switch to Linux immediately, and to help me protect myself as well as my neighbors, I shall be following that advice.
How did we start from someone hacking the network of the distributor of a 3rd rate Xmas-release comedy to apocalyptic throw-downs from a child dictator? This sounds like a South Park episode.
This will surely nudge some patriots to update their Symantec license, amirite?
The parallels to this country are simply amazing!
1. The North Koreans have absolutely nothing to gain from the Sony hack.
2. No one who knows actual facts about this case has any interest in letting the truth be known.
3. We will never, ever know who hacked Sony, or why, until it IS in someone's interest for the truth to be known.
4. That won't happen.
Also, there have been no reviews of the film, either positive or negative. For a movie that looked as bad as the one shown in the previews I saw, this could what saves the box office. I can see no possible advantage for NK to invest the resources into hacking Sony over a second-rate comic movie. Who would get an advantage from the Sony hack? I'll bet a lot of Symantec licenses will be renewed before the end of the year. Sorry, just free-associating here. If I had mod points you'd get an insightful.
Are you implying that DPNK will cause "a million [deaths] over 20 years" with the Sony hack? Most of the estimates I've seen are much lower than that. I do believe the animosity most Americans harbor against North Korea is based on PR and not on facts. The largest threat the Un-regime poses is to their own people, for whom I feel nothing but pity.
It seems like a lot of the high bandwidth claims related to the NSA and other spooks indicate they want an iSCSI connection or other high speed, low-latency access to their sources to make for more efficient and cheaper connections. Why bother recording everything when that's already done by the telcos? My inner spook just wants a fast connection to data that is already on disk.
According to the description I read on a link above, the unescaped sql (and hence the injection vector) was a one-off administration page the intruder found by poking around on the disk. A mistake, but not quite as bad as leaving the error on a published page.
That also may be wasted effort (which means money). Prevention is much cheaper than mitigation.
Probably OT, but I just upgraded my ~8 y/o XP laptop with Mint Linux, and I am quite happy with it. The trackpad support is much better, and the SSD driver is much better. That said, it's not my only PC, and I did have to give up some "good-enough" windows software in the process. I gave away my old Canon camera whose software only ran on XP, I've not yet found how to make Mint talk to my very old parallel port scanner, and I still haven't gotten it to work well in the docking station (which is hooked to a KVM switch to the monitor, keyboard, mouse on my desk). I am comforted by knowing if I had $10 million, I could get Microsoft to support my XP laptop for a few more years so I could continue to use my obsolete camera, scanner, and dock.
Your argument breaks down as soon as the boss buys the new, improved Hamm-R-Matic with improved Head-hitter aim control, and the exclusive Whack-Tracker (using a standard ultra-speed parallel interface), that is both manageable and scalable, and sports the new laser guided "Nail Head Finder" front-end with indestructible low-power LED success indicators. Updates are continually provided directly from the manufacturer on convenient High Density diskettes.
Within two years, no one is left on the staff who can still operate the "big iron" interface of the old "nail smashing devices" and now there's system-wide version lock-in. The boss bought in because of the blinky lights, reduced training time, highly-granular tracking, and the cost was only $15.00 more per unit than the manual version. He has already been promoted for his perspicacity. Capital equipment purchases nowadays tend to be for processes rather than actual equipment. I don't believe this is a great state of affairs, but I believe it's the true state of affairs, and people ignore it at the risk of their own irrelevance.
This is the type of government organization that hires groups like RATFOR as security consultants. Who knows what they used for security procedures? Password list in /?
I agree 100%. The security companies who advise the likes of Target aren't talking about the whole exploit-- indeed, are pro-actively hiding the details-- because they don't want to explain how their hideously expensive security best practices were utterly pwned by some foreigners who weren't interested in any of their acronyms. These security guys are like Stratfor-- pugnacious, pistol-packing, ex-military folk who think computer security is just a variation on any other kind of security detail, and are prepared to sell the hell out of their ideas, even when they can't secure their own passwords.
My "official" copy of WordPerfect was the last (group) of floppy disks I owned (along with a licensed copy of MASM). But do you have the function key template, without which WP is practically useless?
I fail to see how placing control of health care in the hands of government is more scary than having health care in the hands of piranha-capitalist medical care organizations. Healthcare Inc. is an extremely powerful and vicious adversary, bankrupting millions every year, and basically preying on the weakest and sickest among us. I've worked in a side industry (medical malpractice insurance) for 20 years, and I know the entire medical industry is a vicious money-grab from bottom to top.
I'll take my chances with the government over any possibility of getting a fair deal from the likes of big-pharma, big-hospital, big-insurance. The logic of this choice becomes more clear the closer to retirement age we get, or the less healthy we get. A thirty year-old who contracts a leukemia that would have been fatal 30 years ago may likely be saved from the disease today, but their finances will likely never recover-- even if they're insured. By the time we're 75, we'll basically be signed over to the system, healthy or not. Would you rather petition the government or UnitedHealthcare? I'll take the former, though I respect those who choose the latter.
Brilliant!
It occurs to me this is Apple's way of spreading out the "early-adopter tax" over their product life cycle. Their new graphics hardware isn't available yet, but will be soon. In three to five years, a new Mac Pro will be at least a generation behind, graphics-wise. The generic hardware that follows will benefit from manufacturing and integration efficiencies, as well as driver support. Apple customers will have underwritten all that.
Bravo. Very well said. I wonder why using specific software is so often compared to a religious choice-- after conversion to PHP, Oracle, jquery, .NET, whatever, then no other software can be used or contemplated. Bah. Every paged email client, like Yahoo, gmail, or even Outlook's web client, is a dog for managing any more than a screenful of emails at a time.
To get to the other side?
Just like in the US, the healthcare system guarantees that no valuable money is wasted on actually delivering healthcare to actual people.
I have been doing this for the last 18 months, since our sys admin was terminated. Write stuff down. Find a secure place (or two) on the network to store an Excel spreadsheet with IP addresses, dns names, and credentials for servers, databases, routers, printers. Encryption keys, vendor support websites. Save root, administrator, and sys passswords, and any other admiinistrivia, in some sort of order you can decipher in 3 months at midnight. I use worksheets to identify categories of information.. It's probably more secure to not keep this stuff all in one spreadsheet, but the fact is the document becomes a corporate asset. You can be the keeper of it, and the central answer person--lots of parties need that kind of information. Back it up, encrypt it, whatever. Where I work, only the CIO, two database admins, and the network admin have read permissions on it. Do not print it out, or carry it on a usb stick that can be misplaced. It's an admirable gesture, but probably masochistic to try and store this information in a secure database, because that may run on the server that goes down at midnight when you most need that list. Plus it's freeform-- we keep different columns of data for OS's, servers, cert keys, routers, databases, etc.. It's also nice to have it handy and organized, so you can paste it into vendor inquiries. Saves money and consternation next time you don't have to look up the info ad hoc. It's easy enough to find out the MySql version, but when there are 10+ servers, you will be glad you've got it in one spreadsheet.
Save model numbers, sales staff information, customer contacts, warranty information, service contracts. Also record server software versions. It's easy to remember if you just bought it, but in two years, you will be glad you know It's Oracle 10.1.0.5 and not just 10g. All the big IT suppliers-- Oracle, Microsoft, HP, Dell, NetApp, SAP-- have their own twisted bureaucracies, ticket tracking systems, incident reporting and escalation, and lines of communication. Put as much of that info in the spreadsheet as you can. You can even embed links to support sites in Excel.
Try and figure out which servers talk to each other, which have dependencies and would be affected by an issue with another server. It's good to learn the network topology-- which equipment and services are in which segment and why. Where does the internet come in? Try not to work too late. Don't carry a gun to work. Be nice to the users. That's about all I've got.
I understood the headline the first time I read it, but I am familiar with the company, the product, and the market, so maybe it was more obvious to me. I assumed the dangling "in an illegal fashion" was attached to the provision of Solaris Support, but you're right. It's ambiguous.
As far as I know, Oracle treats their 3rd party support companies as badly as they treat their customers. They charge full price for all their products, even if it's used in education or software development. The software is readily available online (once you sign up), but be prepared to pay up if the Oracle police visit. Every Oracle support company I've worked with do their own audits. If they work with a customer who is infringing, Oracle partly blames them, their 3rd party consultants. Larry wants every part of his company to gobble at money like piranhas. The tech glow of SUN and Oracle (still an excellent database) is completely eclipsed by the ravenous capitalism his company practices. There's no pleasure left working with them, and I'll never recommend that company again.
Oracle is like herpes: You never get rid of it completely, it pops up in the worst situations, and it is never a pleasure to work with. As if they're continually trying to gyp you out of something, waiting for a mistake, or letting your guard down, or having a failed backup, then WHAM! You gotta pay to get out of trouble. Fie on them all!.Sail on, Larry!