I'll just add that Patch Tuesday isn't only for convenience.
Often times security holes are fixed for exploits that aren't even in the wild, but have been discovered by the internal teams. Any time a security patch is released, the exploit becomes known since it's then trivial to compare the fix to the original and reverse-engineer the exploit. Releasing security fixes as they are ready would be akin to releasing exploits several times per month.
Patch Tuesday is simpler to manage for large corporations, and overall a more secure approach.
If you're referring to the guest OS licensing, then yes the Standard edition of Windows Server 2008 R2 includes one guest OS license as long as you don't run anything else on the hypervisor. Enterprise gives 4 guest licenses and Datacenter gives unlimited (although it's licensed per-socket). Only the latter two allow failover clustering.
I was referring to Microsoft Hyper-V Server which is completely free and allows clustering to boot.
It's true that Hyper-V lacks the features of VMware, but it still has better bang for the buck simply because you can cluster and Live Migrate (vMotion) in the free edition. I don't know how Xen compares so maybe it's even better.
Also, much to my dismay SP1 doesn't support shared memory (overcommit). What it does have now is Dynamic Memory which I'm not all that impressed with. You can basically give a machine a minimum amount of memory and it can increase that on the fly based on the use of the guest OS.
VMware is still king when you have the money for it. ESX 4.1 allows vMotion now starting with Essentials Plus, but you need to shell out some big bucks for the really cool stuff like Storage vMotion and DRS.
Weird cutoff -- preview looked fine. Was trying to say that during normal operation the key is pulled from the TPM chip but in the event of failure you can use the recovery key to unlock the drive.
When you encrypt the drive with BitLocker you save the recovery key to a text file, or have it stored in Active Directory. During normal operation, the key is
As far as the trust issue, consulting firms typically have dozens of clients. Those of us in the consulting field don't go through your email, data, whatever, simply because we deal with so much of it, that it's all viewed holistically. The content of your data isn't important to us. The maintenance and protection of it is.
Your in-house admin, however, might not have much else to do besides muck around in your files when everything else is running smoothly. And if you fire him/her... well who do you think is more likely to exact revenge? Hint: it's not the consultant with other clients to tend to.
Google was an improvement, but lately it's been going downhill.
It's gotten to the point where it assumes you're a complete moron typing with your fists. It doesn't even ask anymore if what I typed was what I meant, it just serves up what it feels like.
I find putting quotes around terms isn't good enough for some searches, I need to use +"search terms" which can be a pain in the ass sometimes.
I realize that it probably can't be done anymore with today's index engines, but bring me back the NEAR keyword and I'd be one happy camper. It was either Altavista or Lycospro (or both) that had that and it made searching so much easier.
Clicking NEAR Link would match "clicking on a link", "clicking on the link", "clicking the link", etc.
I have always wondered exactly why sea levels would rise with global warming. Since liquid water is denser than ice, I would think that the melting of ice would lower sea levels. Granted, ice above water would melt first but wouldn't that cause the body of ice to rise displacing it with denser water? I guess I'm probably thinking in simple terms of icebergs as I really don't understand how glaciers work. Now I believe the experts, I've just never heard this point made in any discussions about it.
The inability to transfer Vista to different hardware setup is BS and I hope they do something about that.
As far as everything else, it's just licensing. You're getting the ability to do more by paying more for the product. I don't see anything wrong with that. If you think of it in reverse, you get to pay less for excluding features you don't need. Of course we'll have to see how the different editions compare to XP pricing.
You are absolutely right. I was never trying to say NAT should be used as a firewall, only that it's function provides a little more security to those who simply do not have a firewall. I was mostly considering home users when I made my original point. Of course most newer devices that support NAT have limited firewall capabilites that won't allow private IP ranges from the WAN side, but I digress.
It's not necessarily different at all from what a firewall "does", it just achieves it in a different way. My point is that NAT alone can improve security. If your point is that it can not, then you are simply wrong.
When I say NAT, I don't mean firewall, I mean Network Address Translation. True, its function is usually performed by a firewall or gateway, but I'm not talking about stateful inspection or anything like that. NAT simply replaces the source and destination addresses in IP packet headers to allow multiple private IPs to use a single public IP (keeping track of conversations and such). More importantly for security, however, NAT prevents uninitiated outside connections from reaching devices inside the private network unless specifically configured as a server. What this means is that even without a firewall, a worm exploiting some neat new Vista "feature" will not be able to penetrate NAT to access ports on the not-yet-patched computers inside.
As current IPv4 addresses are becoming scarce, IPv6 will provide easier connectivity across the Internet and remove the need for IPv4-addressing schemes such as network address translation, which can require additional management burdens and cause application incompatibilities.
While IPv6 will certainly give us all the IP addresses we'll ever need (until every nanomachine gets one), do we really want to do away with NAT? I've always considering NAT to be a blessing regardless of the scarcity of IP addresses. Not giving every user a public IP is a good idea, and as long as protocols don't try to do something silly like putting the IP address in the Application layer (seriously H323... why?) then NAT should always function as intended. Of course, IPv6 address are 4 times larger (bitwise) so I can see some increase in overhead, but not much.
Normally, the site will install an ActiveX control that verifies that your copy of Windows is genuine. Instead you can bypass this check by running the mgadiag too and modifying the download URL with the code that the tool displays. My copy of Windows is genuine so I don't know if a non-genuine copy gives a working code or if you have to use a code from a legal copy.
So did Company X have to pay $10,000 for each bogus registrar they created? If so, isn't there some risk of them actually losing money on this scam? I realize some of these domain names will go for more than $10,000 a piece, but wouln't it be funny if the whole.eu TLD turns out to be a flop and Company X loses a ton of money on the deal. Assuming they registered 300 phantom registrars, that's $3 million in domain names they need to sell, not counting the $12.50 per name. I realize they probably will recoup tenfold and it's still pretty shady, but it seems to me there is still some risk for them.
Although upon re-reading the blog entry, it says a "deposit" of $10,000, which suggests to me that the $12.50 registration fees come out of this deposit. Can anyone clarify this?
Slashdot Mirror
I'll just add that Patch Tuesday isn't only for convenience.
Often times security holes are fixed for exploits that aren't even in the wild, but have been discovered by the internal teams. Any time a security patch is released, the exploit becomes known since it's then trivial to compare the fix to the original and reverse-engineer the exploit. Releasing security fixes as they are ready would be akin to releasing exploits several times per month.
Patch Tuesday is simpler to manage for large corporations, and overall a more secure approach.
If you're referring to the guest OS licensing, then yes the Standard edition of Windows Server 2008 R2 includes one guest OS license as long as you don't run anything else on the hypervisor. Enterprise gives 4 guest licenses and Datacenter gives unlimited (although it's licensed per-socket). Only the latter two allow failover clustering.
I was referring to Microsoft Hyper-V Server which is completely free and allows clustering to boot.
No, it's free as in beer.
http://www.microsoft.com/hyper-v-server/en/us/default.aspx
It's true that Hyper-V lacks the features of VMware, but it still has better bang for the buck simply because you can cluster and Live Migrate (vMotion) in the free edition. I don't know how Xen compares so maybe it's even better.
Also, much to my dismay SP1 doesn't support shared memory (overcommit). What it does have now is Dynamic Memory which I'm not all that impressed with. You can basically give a machine a minimum amount of memory and it can increase that on the fly based on the use of the guest OS.
VMware is still king when you have the money for it. ESX 4.1 allows vMotion now starting with Essentials Plus, but you need to shell out some big bucks for the really cool stuff like Storage vMotion and DRS.
Weird cutoff -- preview looked fine. Was trying to say that during normal operation the key is pulled from the TPM chip but in the event of failure you can use the recovery key to unlock the drive.
When you encrypt the drive with BitLocker you save the recovery key to a text file, or have it stored in Active Directory. During normal operation, the key is
Do you own a radio?
Parent is dead-on.
As far as the trust issue, consulting firms typically have dozens of clients. Those of us in the consulting field don't go through your email, data, whatever, simply because we deal with so much of it, that it's all viewed holistically. The content of your data isn't important to us. The maintenance and protection of it is.
Your in-house admin, however, might not have much else to do besides muck around in your files when everything else is running smoothly. And if you fire him/her... well who do you think is more likely to exact revenge? Hint: it's not the consultant with other clients to tend to.
Here's an interesting discussion on the topic ;)
How is this off-topic?
Google was an improvement, but lately it's been going downhill.
It's gotten to the point where it assumes you're a complete moron typing with your fists. It doesn't even ask anymore if what I typed was what I meant, it just serves up what it feels like.
I find putting quotes around terms isn't good enough for some searches, I need to use +"search terms" which can be a pain in the ass sometimes.
I realize that it probably can't be done anymore with today's index engines, but bring me back the NEAR keyword and I'd be one happy camper. It was either Altavista or Lycospro (or both) that had that and it made searching so much easier.
Clicking NEAR Link would match "clicking on a link", "clicking on the link", "clicking the link", etc.
I could be wrong, but I assume he's considering the dumbass-who-gets-drunk-and-runs-naked-through-a-park type of "predator".
I searched for all of the words and found this
It's dated 2002 and has names.
FYI, Exchange 2007 no longer includes Outlook CALs.
Ever seen Gattaca?
Unfolds chair. Grabs popcorn.
Try this. Lite-on makes great drives and this DVD burner is only $28.99. You can save a whopping $5 if you don't need to burn.
I have always wondered exactly why sea levels would rise with global warming. Since liquid water is denser than ice, I would think that the melting of ice would lower sea levels. Granted, ice above water would melt first but wouldn't that cause the body of ice to rise displacing it with denser water? I guess I'm probably thinking in simple terms of icebergs as I really don't understand how glaciers work. Now I believe the experts, I've just never heard this point made in any discussions about it.
The inability to transfer Vista to different hardware setup is BS and I hope they do something about that.
As far as everything else, it's just licensing. You're getting the ability to do more by paying more for the product. I don't see anything wrong with that. If you think of it in reverse, you get to pay less for excluding features you don't need. Of course we'll have to see how the different editions compare to XP pricing.
You are absolutely right. I was never trying to say NAT should be used as a firewall, only that it's function provides a little more security to those who simply do not have a firewall. I was mostly considering home users when I made my original point. Of course most newer devices that support NAT have limited firewall capabilites that won't allow private IP ranges from the WAN side, but I digress.
It's not necessarily different at all from what a firewall "does", it just achieves it in a different way. My point is that NAT alone can improve security. If your point is that it can not, then you are simply wrong.
When I say NAT, I don't mean firewall, I mean Network Address Translation. True, its function is usually performed by a firewall or gateway, but I'm not talking about stateful inspection or anything like that. NAT simply replaces the source and destination addresses in IP packet headers to allow multiple private IPs to use a single public IP (keeping track of conversations and such). More importantly for security, however, NAT prevents uninitiated outside connections from reaching devices inside the private network unless specifically configured as a server. What this means is that even without a firewall, a worm exploiting some neat new Vista "feature" will not be able to penetrate NAT to access ports on the not-yet-patched computers inside.
While IPv6 will certainly give us all the IP addresses we'll ever need (until every nanomachine gets one), do we really want to do away with NAT? I've always considering NAT to be a blessing regardless of the scarcity of IP addresses. Not giving every user a public IP is a good idea, and as long as protocols don't try to do something silly like putting the IP address in the Application layer (seriously H323... why?) then NAT should always function as intended. Of course, IPv6 address are 4 times larger (bitwise) so I can see some increase in overhead, but not much.
Normally, the site will install an ActiveX control that verifies that your copy of Windows is genuine. Instead you can bypass this check by running the mgadiag too and modifying the download URL with the code that the tool displays. My copy of Windows is genuine so I don't know if a non-genuine copy gives a working code or if you have to use a code from a legal copy.
So did Company X have to pay $10,000 for each bogus registrar they created? If so, isn't there some risk of them actually losing money on this scam? I realize some of these domain names will go for more than $10,000 a piece, but wouln't it be funny if the whole .eu TLD turns out to be a flop and Company X loses a ton of money on the deal. Assuming they registered 300 phantom registrars, that's $3 million in domain names they need to sell, not counting the $12.50 per name. I realize they probably will recoup tenfold and it's still pretty shady, but it seems to me there is still some risk for them.
Although upon re-reading the blog entry, it says a "deposit" of $10,000, which suggests to me that the $12.50 registration fees come out of this deposit. Can anyone clarify this?