Not only that, but I seem to recall Stan doing quite a bit of publicity and advertising for the movie. I remember a few interviews with him about the movie.
Thats kind of cool, since they just released the 20 year Anniversary edition on DVD with all 3 games based on this, Dragons Lair, Dragons Lair 2 Time Warp, and Space Ace. I picked it up at the local game store for about 30 bucks. Its still the FMV based version, but it still rocks. It actually plays on the PS2 and the X-Box (I havnt tried the GC or my normal DVD player yet). Thats kind of cool that they are going to make a 3D version of it, although since I just picked this one up I dont foresee me buying it.
Im currious as to why NFS was rejected, as it is supported in Linux, doesnt cost anything since it comes with Linux, and doesnt seem to have any issues other than security with RPC. We used to have a system with an NFS drive that about 4 people would play music off of the drive and didnt have any performance issues....
On the grounds that "would prevent or discourage commercial adoption of promising cyber security technologies developed through federal R & D", I just remember, Snort is GPL based software, that is a VERY promising cyber security technology, and is used in the commercial market quite often, IE Foundstone..... I think their point is flawed....
Thanks, at the time I wrote my post, I couldnt think of the words... Licensing Scheme wasnt exactly what I meant, actually they terms "liberal" and "conservative" were the two that escaped me... It seems that trying to outlaw a licensing scheme infringes on the right of a software developer to decide his or her own grounds for distribution and use of that software. This seems, at least to me, in conflict with a liberal ideology. The words "Licensing Scheme" were not the ones I wanted to use....
This is an odd thing, considering that its the Democrats trying to pass this, as something along the lines of the GPL is more of a Democratic licensing scheme. Id expect that the Republicans would be the ones to do something like this in support of big business. Thats too bad, I now know of 4 congressman that I vote against in the upcoming election. The strange thing is that their basis is that the GPL would prevent the adoption of technologies for Federal R&D using GPL'ed code. Now the way I am reading this is more like "We cant use standards that are funded by the Ferderal Govt. that makes use of GPL code to make money". If they dont like the terms, dont use the code. If they dont like the GPL, then they should develop their systems using a proprietary license and not use GPL code. Otherwise, I think the the licensing terms are up to the author of the software, even if it is developed using Federal R&D money... Otherwise Universitys couldnt conduct research on GPL based software... I think this kind of bill is actually more limiting than the GPL could ever be since it is limiting the options of what can be used...
OSNews had a similar article yesterday with similar complaints.. I thought it was strange that they ran almost the same story today as well. Im running a Cyrix 6x86 at my house and Red Hat 8 with KDE as my desktop runs great. Not as fast as a Windows 95 setup on that box, but much faster than a Windows 98 setup. My KDE response time is pretty decent with this setup. Im running a custom kernel of course, since this box doesnt have half of the stuff that comes pre-compiled or modularized by default. In fact, Im pretty satisfied with Red Hat 8.0, although I wouldnt go so far as to say its noticable faster than 7.3 was, or if there are any noticable improvements other than the included OpenOffice, Evolution, and Synaptic (I use apt-rpm for package management off fresh-rpms). I didnt experience any of the complaints that were described in the article...
There are actually plenty of ways of doing this... the two best ways are a Linux based terminal running as a X-Terminal, or a Windows based Terminal Server setup. Both have their pros and cons of course. The Windows setup has the more familiar user interface and setup. The Linux setup would be free, secure and have plenty of alternatives for applications to choose from. Both are pretty slow as Terminals however. You could go with a easier local installation of either Linux or Windows, both can be locked down pretty tightly. With Windows you can manage the policies, get a setup you like, and image or use Nortons Ghost to copy to different machines. If I had to choose however, I would go with a Linux setup that would boot off an image on a server, so that no matter what changes were made it would always go back to the original setup. Keep it light and have NFSed directories with the applications, having the permissions set so that users could not modify. If you were really crafty, you could even set it up so that if there were compiles to be done, it could distribute the process acorss multiple machines...
Well Im satisfied, I cant wait to see where this project goes in the future. I just installed Phoenix on my box, and Im running it over a SSH tunnel from my house to work, and over this slow setup I still get better response out of this than I do Mozilla, Evolution, Opera, and a few other X applications that I run. Its not as fast as Lynx... but its tolerable for when I want a graphical browser over ssh. If the optimization in future version helps speed things up, then Ill be satisfied.
Actually, this brings up a good question... why wouldnt the two be so different? Are the 100 systems going to be fresh installs, or are they upgrades... If you have the spare time, upgrade a few and fresh install a few.. Id be interested to see the results.. Thats kind of odd, I know specifically that the installs Ive done and the upgrades Ive done, Ive had to go back and disable unwanted startup processes. This was the case with both my desktop system that got a fresh install, and my IDS sensor, which I had to back and restore backup configuration files to maintain and IPless setup, plus disable the startup processes. An interesting discrepency...
Excuse me, before you run your mouth, maybe you should get your facts straight. Ive run Red Hat since 4.2 as a matter of fact. I just did a fresh install of 8, and it had the mentioned applications, plus a few extras, start up by default. I had to MANUALLY disable those items from each runlevel init... Same goes for the box I upgraded, it added services that were previously disabled. And has been that way in every realease of RedHat that Ive run. This has been the case using the RedHat Installer AND using APT-RPM for doing the upgrades and installations. Now it may not be that way using the type of installation choices other than Custom, but since I do a custom install everytime I couldnt tell you...
Well its about time... the two most insecure products in their class, Red Hat being the most insecure of Linux distros, and Dell for shipping the most default configured Win2k Servers, seek help in their security... For Red Hat I have this advice, dont, by default, start so many damned sevices with default configurations (sendmail, RPC, ect). And Dell, dont ship standard configured servers to no tallent admins, and kill that annoying Steven kid.. All and all this is a good thing, unless mass rioting breaks out nothing bad can come from a security conference. Im not sure how much different from other security conferences this one will be. One thing did occur to me though, didnt Dell stop shipping Linux on their servers??
I thought it was kind of amusing, the list being broken up into 2 catagories. Without a doubt, the highest number of vunerabilities are on the Windows side, especially in IE and VBScript. But lets not forget that Apache isnt immune either.. and for that matter, who can forget the infamous sendmail vunerability, and also dont forget misconfigured sendmails from our friends in the East are what allow so many of those cute spam messages we all love so much to get to us. And hell, I can remember stealing password lists with a nice PHP vunerability for years (goes to show that once you get used to an attack, you stick with it).luckily with IDS systems like Snort (http://www.snort.org) companie can monitor attacks as they happen (be sure to compare the size of the Web-Vunerabilities and Virus Rules files with the others...). But either way, the higher count is definitly on the Windows side.
Actually thats true... it does become a Federal mater.... but since none of the people that settled knew that... they got screwed. There was a study done that tested peoples responses to a "official looking" person. Doctors, Lawyers, etc.. They had a person pretend to be something, and almost all the people responded to some silly requests without even questioning it, after all and "official" person requested it. This is simply one of those cases where you get an "official" sounding request and lawsuit, and they buckled not knowing this guy wasnt a real lawyer. If they had known that, they could have easily challenged it and gotten it thrown out of court.
Wow, since I cant get my mod chips off Lik Sang, next time Microsoft asks me "Where do I want to go today?", Ill be sure to say "Hong Kong, so I can buy my mod chip"...
Well the first mistakes were the people who settled. If the guy is representing himself, one good lawyer could easily outwit him in court (or maybe Im giving lawyers too much credit..). The guy is a public business, he is not immune from slander. What hes doing is the exact thing that pisses me off the most about things like the RIAA and BestBuys/Fry store policies, ect. Its companies telling us what we can and cannot do, no longer is the customer always right. Instead, we the consumers, are seen as stupid people who have to be put in our place by some snot nosed store clerk or some half assed executive hiding behind "company policy". BS... its on paper, paper does not bind us physically. This is exactly what this guy is trying to pull. he is trying to take away a consumers right to free speech. They shouldnt settle, they should just tell him to kiss their ass, and until the day that he can physically force them to not advertise the fact that a vendor did not come through with a promised transaction, he can take his lawsuit papers and shove them up his a$$. Second, they should have filed a complaint the Chamber of Commerce and the Better Business Bureua, thus having a registered and documented complaint against the company, then his lawsuit would have no grounds. Of course... maybe I should keep quite, he might try and sue me... oh no....
Well, all things considered, most products that get security certifications probally need more QA then they actually recieve. But most security flaws usually dont get caught until later dates due to higher user base, thus making them more of a target to attackers (with the exception of buffer overflows, which shouldnt be that hard to do a search for functions that do not do range checking on input). Even with a good QA team, its more likely that a group of 3000 hackers will find security flaws in a production system better than a group of 300 QA testers, due to poor administration, default settings, whatever
Well its about time... Im writing a letter to my congressman as we speak telling him that if he does NOT vote for this bill, he can forget about my vote and the vote of everyone I can convince. Im sick of the digital right minimizing acts, influenced by big business lobbying to take our rights away. Im sick of these stupid companies that think they can tell us what to do because of something on a piece of paper or in a EULA. Screw that, Ive boycotted the products made by supporters of these business products (I may not have them all...) and am quickly convincing friends and family to do so also. If this was really that big of an issue most people would do the same.
This is a good thing. Without so many different flavors of Linux, people wouldnt be able to choose a distro closer to their personal preference. This is what makes Linux stronger than Windows, that and stability, security, free applications, ect. So im sure an all source version will fill someones niche. And if their careful, they wont even have to call it GNU/Linux....
This article, dare I say, sucks! It doesnt explain anything about image improvement past buying Monster cables, and ONLY Monster Cables... What the crap is that? I was expecting an article about video adjustments using test patterns such as the SMPTE Color Bars, Bightness and Contrast test patterns, sharpness patterns with frequency response, or gray scale patterns but nothing of the sort was mentioned. Nor was there any mention about sound calibration!! The truth is, if you want a good looking picture, you can just adjust your set using a Video Test Pattern Generator, or use a reference DVD (I prefer the Avia Guide to Home Theater, which includes instruction for using the 30+ test patterns). I adjust my Brightness and Contrast to the "Brightest" condition my view room is in, but thats left up to preference. If I was really anal about it, Id go out and spend the 50+ dollars on Monster cables, but due to the misleading attempt at advertisement I just read, I think not....
Considering that the book is written by the team at Foundstone, guys who have written other books on security such as Hacking Exposed, Hacking Linux Exposed, and Hacking Windows 2000 Exposed, teach courses in network security, such as Ultimate Hacking and Ultimate IDS, and have been doing this for countless years, Id have to say itd probally be a pretty good book on the subject. While not all topics are covered, as the reviewer pointed out the book is geared towards novices to intermediate users.. so dont expect everything. Not knowing the reviewers skill level, Ill trust that the Foundstone guys wrote a fairly decent book and expect that a few things are either held back due to relevence or space. And chances are I will probally pick it up myself in one of my future book runs. If someone who reads the book is all that interested in the security field after reading it, it will at least give them a starting point to start looking and discover some of the missing elements mentioned in the review...
Slashdot Mirror
Not only that, but I seem to recall Stan doing quite a bit of publicity and advertising for the movie. I remember a few interviews with him about the movie.
Thats kind of cool, since they just released the 20 year Anniversary edition on DVD with all 3 games based on this, Dragons Lair, Dragons Lair 2 Time Warp, and Space Ace. I picked it up at the local game store for about 30 bucks. Its still the FMV based version, but it still rocks. It actually plays on the PS2 and the X-Box (I havnt tried the GC or my normal DVD player yet). Thats kind of cool that they are going to make a 3D version of it, although since I just picked this one up I dont foresee me buying it.
Im currious as to why NFS was rejected, as it is supported in Linux, doesnt cost anything since it comes with Linux, and doesnt seem to have any issues other than security with RPC. We used to have a system with an NFS drive that about 4 people would play music off of the drive and didnt have any performance issues....
Argh... you get the point... actually Ive emailed them a very interesting letter, as well as fowarding it to my representative in congress as well...
Actually, Im writing a number of members of congress, both Rep and Dem... after all, I dont have a party affiliation.
On the grounds that "would prevent or discourage commercial adoption of promising cyber security technologies developed through federal R & D", I just remember, Snort is GPL based software, that is a VERY promising cyber security technology, and is used in the commercial market quite often, IE Foundstone..... I think their point is flawed....
Thanks, at the time I wrote my post, I couldnt think of the words... Licensing Scheme wasnt exactly what I meant, actually they terms "liberal" and "conservative" were the two that escaped me... It seems that trying to outlaw a licensing scheme infringes on the right of a software developer to decide his or her own grounds for distribution and use of that software. This seems, at least to me, in conflict with a liberal ideology. The words "Licensing Scheme" were not the ones I wanted to use....
This is an odd thing, considering that its the Democrats trying to pass this, as something along the lines of the GPL is more of a Democratic licensing scheme. Id expect that the Republicans would be the ones to do something like this in support of big business. Thats too bad, I now know of 4 congressman that I vote against in the upcoming election. The strange thing is that their basis is that the GPL would prevent the adoption of technologies for Federal R&D using GPL'ed code. Now the way I am reading this is more like "We cant use standards that are funded by the Ferderal Govt. that makes use of GPL code to make money". If they dont like the terms, dont use the code. If they dont like the GPL, then they should develop their systems using a proprietary license and not use GPL code. Otherwise, I think the the licensing terms are up to the author of the software, even if it is developed using Federal R&D money... Otherwise Universitys couldnt conduct research on GPL based software... I think this kind of bill is actually more limiting than the GPL could ever be since it is limiting the options of what can be used...
OSNews had a similar article yesterday with similar complaints.. I thought it was strange that they ran almost the same story today as well. Im running a Cyrix 6x86 at my house and Red Hat 8 with KDE as my desktop runs great. Not as fast as a Windows 95 setup on that box, but much faster than a Windows 98 setup. My KDE response time is pretty decent with this setup. Im running a custom kernel of course, since this box doesnt have half of the stuff that comes pre-compiled or modularized by default. In fact, Im pretty satisfied with Red Hat 8.0, although I wouldnt go so far as to say its noticable faster than 7.3 was, or if there are any noticable improvements other than the included OpenOffice, Evolution, and Synaptic (I use apt-rpm for package management off fresh-rpms). I didnt experience any of the complaints that were described in the article...
There are actually plenty of ways of doing this... the two best ways are a Linux based terminal running as a X-Terminal, or a Windows based Terminal Server setup. Both have their pros and cons of course. The Windows setup has the more familiar user interface and setup. The Linux setup would be free, secure and have plenty of alternatives for applications to choose from. Both are pretty slow as Terminals however. You could go with a easier local installation of either Linux or Windows, both can be locked down pretty tightly. With Windows you can manage the policies, get a setup you like, and image or use Nortons Ghost to copy to different machines. If I had to choose however, I would go with a Linux setup that would boot off an image on a server, so that no matter what changes were made it would always go back to the original setup. Keep it light and have NFSed directories with the applications, having the permissions set so that users could not modify. If you were really crafty, you could even set it up so that if there were compiles to be done, it could distribute the process acorss multiple machines...
Well Im satisfied, I cant wait to see where this project goes in the future. I just installed Phoenix on my box, and Im running it over a SSH tunnel from my house to work, and over this slow setup I still get better response out of this than I do Mozilla, Evolution, Opera, and a few other X applications that I run. Its not as fast as Lynx... but its tolerable for when I want a graphical browser over ssh. If the optimization in future version helps speed things up, then Ill be satisfied.
Actually, interestingly enough... there was an article on OSnews where a guy mentioned this exact issue with Red Hat 8.0...
http://www.osnews.com/story.php?news_id=1883
Actually, this brings up a good question... why wouldnt the two be so different? Are the 100 systems going to be fresh installs, or are they upgrades... If you have the spare time, upgrade a few and fresh install a few.. Id be interested to see the results.. Thats kind of odd, I know specifically that the installs Ive done and the upgrades Ive done, Ive had to go back and disable unwanted startup processes. This was the case with both my desktop system that got a fresh install, and my IDS sensor, which I had to back and restore backup configuration files to maintain and IPless setup, plus disable the startup processes. An interesting discrepency...
OK, Id read an article a while back saying that Dell was to discontinue shipping Linux on its servers, its good to see that isnt the case.
Excuse me, before you run your mouth, maybe you should get your facts straight. Ive run Red Hat since 4.2 as a matter of fact. I just did a fresh install of 8, and it had the mentioned applications, plus a few extras, start up by default. I had to MANUALLY disable those items from each runlevel init... Same goes for the box I upgraded, it added services that were previously disabled. And has been that way in every realease of RedHat that Ive run. This has been the case using the RedHat Installer AND using APT-RPM for doing the upgrades and installations. Now it may not be that way using the type of installation choices other than Custom, but since I do a custom install everytime I couldnt tell you...
Well its about time... the two most insecure products in their class, Red Hat being the most insecure of Linux distros, and Dell for shipping the most default configured Win2k Servers, seek help in their security... For Red Hat I have this advice, dont, by default, start so many damned sevices with default configurations (sendmail, RPC, ect). And Dell, dont ship standard configured servers to no tallent admins, and kill that annoying Steven kid.. All and all this is a good thing, unless mass rioting breaks out nothing bad can come from a security conference. Im not sure how much different from other security conferences this one will be. One thing did occur to me though, didnt Dell stop shipping Linux on their servers??
I thought it was kind of amusing, the list being broken up into 2 catagories. Without a doubt, the highest number of vunerabilities are on the Windows side, especially in IE and VBScript. But lets not forget that Apache isnt immune either.. and for that matter, who can forget the infamous sendmail vunerability, and also dont forget misconfigured sendmails from our friends in the East are what allow so many of those cute spam messages we all love so much to get to us. And hell, I can remember stealing password lists with a nice PHP vunerability for years (goes to show that once you get used to an attack, you stick with it).luckily with IDS systems like Snort (http://www.snort.org) companie can monitor attacks as they happen (be sure to compare the size of the Web-Vunerabilities and Virus Rules files with the others...). But either way, the higher count is definitly on the Windows side.
Actually thats true... it does become a Federal mater.... but since none of the people that settled knew that... they got screwed. There was a study done that tested peoples responses to a "official looking" person. Doctors, Lawyers, etc.. They had a person pretend to be something, and almost all the people responded to some silly requests without even questioning it, after all and "official" person requested it. This is simply one of those cases where you get an "official" sounding request and lawsuit, and they buckled not knowing this guy wasnt a real lawyer. If they had known that, they could have easily challenged it and gotten it thrown out of court.
Wow, since I cant get my mod chips off Lik Sang, next time Microsoft asks me "Where do I want to go today?", Ill be sure to say "Hong Kong, so I can buy my mod chip"...
Well the first mistakes were the people who settled. If the guy is representing himself, one good lawyer could easily outwit him in court (or maybe Im giving lawyers too much credit..). The guy is a public business, he is not immune from slander. What hes doing is the exact thing that pisses me off the most about things like the RIAA and BestBuys/Fry store policies, ect. Its companies telling us what we can and cannot do, no longer is the customer always right. Instead, we the consumers, are seen as stupid people who have to be put in our place by some snot nosed store clerk or some half assed executive hiding behind "company policy". BS... its on paper, paper does not bind us physically. This is exactly what this guy is trying to pull. he is trying to take away a consumers right to free speech. They shouldnt settle, they should just tell him to kiss their ass, and until the day that he can physically force them to not advertise the fact that a vendor did not come through with a promised transaction, he can take his lawsuit papers and shove them up his a$$. Second, they should have filed a complaint the Chamber of Commerce and the Better Business Bureua, thus having a registered and documented complaint against the company, then his lawsuit would have no grounds. Of course... maybe I should keep quite, he might try and sue me... oh no....
Well, all things considered, most products that get security certifications probally need more QA then they actually recieve. But most security flaws usually dont get caught until later dates due to higher user base, thus making them more of a target to attackers (with the exception of buffer overflows, which shouldnt be that hard to do a search for functions that do not do range checking on input). Even with a good QA team, its more likely that a group of 3000 hackers will find security flaws in a production system better than a group of 300 QA testers, due to poor administration, default settings, whatever
Well its about time... Im writing a letter to my congressman as we speak telling him that if he does NOT vote for this bill, he can forget about my vote and the vote of everyone I can convince. Im sick of the digital right minimizing acts, influenced by big business lobbying to take our rights away. Im sick of these stupid companies that think they can tell us what to do because of something on a piece of paper or in a EULA. Screw that, Ive boycotted the products made by supporters of these business products (I may not have them all...) and am quickly convincing friends and family to do so also. If this was really that big of an issue most people would do the same.
This is a good thing. Without so many different flavors of Linux, people wouldnt be able to choose a distro closer to their personal preference. This is what makes Linux stronger than Windows, that and stability, security, free applications, ect. So im sure an all source version will fill someones niche. And if their careful, they wont even have to call it GNU/Linux....
This article, dare I say, sucks! It doesnt explain anything about image improvement past buying Monster cables, and ONLY Monster Cables... What the crap is that? I was expecting an article about video adjustments using test patterns such as the SMPTE Color Bars, Bightness and Contrast test patterns, sharpness patterns with frequency response, or gray scale patterns but nothing of the sort was mentioned. Nor was there any mention about sound calibration!! The truth is, if you want a good looking picture, you can just adjust your set using a Video Test Pattern Generator, or use a reference DVD (I prefer the Avia Guide to Home Theater, which includes instruction for using the 30+ test patterns). I adjust my Brightness and Contrast to the "Brightest" condition my view room is in, but thats left up to preference. If I was really anal about it, Id go out and spend the 50+ dollars on Monster cables, but due to the misleading attempt at advertisement I just read, I think not....
Considering that the book is written by the team at Foundstone, guys who have written other books on security such as Hacking Exposed, Hacking Linux Exposed, and Hacking Windows 2000 Exposed, teach courses in network security, such as Ultimate Hacking and Ultimate IDS, and have been doing this for countless years, Id have to say itd probally be a pretty good book on the subject. While not all topics are covered, as the reviewer pointed out the book is geared towards novices to intermediate users.. so dont expect everything. Not knowing the reviewers skill level, Ill trust that the Foundstone guys wrote a fairly decent book and expect that a few things are either held back due to relevence or space. And chances are I will probally pick it up myself in one of my future book runs. If someone who reads the book is all that interested in the security field after reading it, it will at least give them a starting point to start looking and discover some of the missing elements mentioned in the review...