Re:The great slashdot hypocrisy
on
Storage Security
·
· Score: -1, Offtopic
I don't actually spend any time or effort on my reviews. I share them with the people who actually write them and post them to amazon dot com, just like slashdot posters share mp3's and movies with the bands and movie studios who put the music/movies out.
I thought it was accepted on slashdot that information wants to be free (free like not spending money for things you can find on the web or napster) but all the reviews I've been sharing have been moderated to minus 1.
How can I view this as anything but pure unadulteratd hypocrisy?
The great slashdot hypocrisy
on
Storage Security
·
· Score: -1, Flamebait
I've been sharing book reviews here on slashdot for a little while, thinking that it would be okay since the slashdot community is pro sharing of other things like music and movies. However, it seems since all of my posts have been moderated to minus one that this is not the case.
The slashdot "community" is actually a bunch of hypocrites who aren't really interested in "sharing" information at all, but rather stealing things for free because they don't want to pay for it.
So all you slashdoters are a bunch of hypocrites eh? Gee... who would have guesed that?
I also read this book
on
Storage Security
·
· Score: -1, Redundant
What does "Information Security" mean to you? To many, it means firewalls and encryption. To some, it means intrusion detection systems. Chances are the words "file servers" weren't high on your list, but they probably should be. After all, "information security" is about information, and when it's not flying across the network it's got to be stored somewhere, right? In fact, the security of the storage mechanism is often overlooked, which makes it an attractive target for attackers. In their new book, Storage Security, Chirillo and Blaul take a comprehensive look at this often-ignored subject.
Storage Security is not about turning on the right configuration options on your XYZ brand server appliance. It's about applying solid, methodical security practices to your storage systems, regardless of whether they are disks directly attached to a single computer, Network Attached Storage or part of a Storage Area Network. The authors address the full security cycle, too, starting with evaluating the security of proposed new storage solutions. Comparative data in hand, the book shows you how to narrow the field to a single solution that offers the best balance between functionality and security. And once the system is selected, you can't stop there. You've got to decide upon appropriate security policies for the new storage system, draft and implement a backup and restore plan, deal with disaster recovery and take care of a host of other issues. In short, this is a good guide to an entire range of considerations necessary to select, deploy and manage a secure storage solution.
The book's evaluation methodology is particularly valuable. Each type of storage (direct attach, NAS and SAN) is covered in a chapter of its own. Within each chapter, the authors address specific technologies used to implement that type of storage. For example, the direct attach chapter discusses such common storage technologies as SCSI and IDE, moderately exotic systems like USB and Firewire drives, and some more advanced solutions like HiPPI and SSA. Each technology is then placed in a matrix and scored in 11 different categories, including popularity and industry acceptance, built-in data protection features, typical fault tolerance and physical security characteristics. The authors assign each rating on a scale of 1 (poor) to 5 (the best). This gives a good general indication of how each technology measures up, but they tend to rely on a straight average of the ratings when determining the "best" technology. Although it's true that the average allows you to make a quick ballpark comparison, there are many other factors to consider as well, such as the suitability for your particular environment and the way in which your users need to access their data. The matrixes are quite useful, but just remember that you can't always boil things down to a simple numerical score.
Probably the biggest problem with this book is that it's pretty dry. As a reference book, the writing style is fine: since it's easy to find what you're looking for, and the chapters are concise. It's difficult to read from cover-to-cover, though, which is a shame because that's what you should probably do the first time through. Take it in small doses, a chapter or so at a time, and you should be fine.
Storage Security is about just what you'd think: the security of your data as it's being stored on your server(s). It's not a detailed look at the configuration of any one product, but rather a comprehensive, theory-based approach to managing the security of your storage subsystem from evaluation to purchase to daily operations. If you manage a small or mid-size network, you may not need this book. If you have a larger network, though, or have significant data storage needs, this deserves a space on your shelf.
I found this book a curious pot pourri. By no stretch of the imagination is this book going to be much use to its declared readership--advanced C++ programmers. No one in that category needs to be told such simple things as that classes designed with the expectation that they will be derived from should have virtual destructors.
Code in books such as this one should be well written. In many places the authors provide before and after code in support of their guidelines/techniques. What do you think of the following as an 'after' (it does not matter what the technique is that is being written about):
class baseClass { public:
baseClass() : fltSalary(0.) {}
char *szName;
float fltSalary; }; It becomes clear, long before the chapter on using Assembly that the authors are writing about C++ on a very specific platform and based on experience with a specific implementation of C++. They have little familiarity with what are rapidly becoming standard techniques among more experienced C++ users. Couple this with a pre- occupation with what I might call micro-optimisations and we finish up with a book that not only offers nothing to advanced C++ programmers, and very little to experienced ones but it also provides a dangerous mindset for inexperienced programmers.
What I find frightening is that the authors are clearly writing about the way they write C++ code. Frankly they are, in my opinion, still at the point where they have a good deal to learn about C++ techniques from the real experts of the industry.
Finally let me quote 'Technique 129: Avoid the CRT If You Can' in its entirety. I think that may give you the sense of why I think this book is wholly misguided.
I couldn't put it down
on
Tuxedo Park
·
· Score: -1, Redundant
This must have been an extremely difficult book to write. Its subject, Alfred Loomis, never gave interviews during his lifetime and destroyed all his papers before his death. "Few men of Loomis' prominence and achievement have gone to greater lengths to foil history," writes author Jennet Conant. Had he not done these things, his name would be better known--and this probably wouldn't be the first biography about him.
So who was Alfred Loomis? "He was too complex to categorize--financier, philanthropist, society figure, physicist, inventor, amateur, dilettante--a contradiction in terms," writes Conant. Loomis established a private laboratory in New York and hired scientists whose work in the 1930s wound up making possible both the radar and the atomic bomb. These developments were essential to Allied victory in the Second World War. Conant is perhaps the only person who could have pierced Loomis's obsessive secrecy and written this book; she grew up with Loomis's children and other members of his family. Her grandfather, Harvard president James Bryant Conant, was one of Loomis's scientists
Great Book !!!
on
Kiln People
·
· Score: -1, Redundant
Just about everyone's had a day when they've wished it were possible to send an alternate self to take care of unpleasant or tedious errands while the real self takes it easy. In Kiln People, David Brin's sci-fi-meets-noir novel, this wish has come true. In Brin's imagined future, folks are able to make inexpensive, disposable clay copies of themselves. These golems or "dittos" live for a single day to serve their creator, who can then choose whether or not to "inload" the memories of the ditto's brief life. But private investigator Albert Morris gets more than he, or his "ditective" copies, bargain for when he signs on to help solve the mysterious disappearance of Universal Kilns' co-founder Yasil Maharal--the father of dittotech.
Brin successfully interweaves plot lines as numerous as our hero's ditectives and doggedly sticks to the rules of his created dittotech while Morris's "realflesh" and clay manifestations slowly unravel the dangerous secret behind Maharal's disappearance. As Brin juggles his multiple protagonists and antagonists, he urges the reader to question notions of memory, individualism, and technology, and to answer the schizoid question "which 'you' is 'you?'" Brin's enjoyment is evident as he plays with his terracotta creations' existential angst and simultaneously deconstructs the familiar streetwise detective meme--complete with a multilayered ending. Overall, Kiln People is a fun read, with a good balance of hard science fiction and pop sensibility
I've read this book
on
Hacker's Delight
·
· Score: -1, Redundant
I feel compelled to point out that this book is _not_ a few things: It's not a book that teaches you how to break into computers, or crack codes. It's also not the kind of book that teaches you how to do something which you don't know how to do.
This book is a collection of tricks that show the reader better ways to do things they already know how to do. And it's also a book that can give the reader insight into different approaches and mechanisms for solving problems.
Computer programmers translate their ideas and requirements into any of several computer languages. Those expressions are limited by the language the programmer is using, and maybe even the machine the programmer is targeting. But there is a wide continum of expressions that result in the same -- hopefully correct -- results. Choosing the most efficient, and most elegant, expression to some is "real" hacking.
This book is for real hackers. It's a great collection of tricks for performing usually simple operations in an elegant way. What's elegant? Well, elegant is efficeint. If there's a side-effect of an elegant operation, it turns out that side-effect is probably useful and not simply discarded.
This book catalogs insights into concrete binary math, shortcuts derived from different boolean operators, and even approaches some interesting numerical analysis problems.
If you already know how to write software, and you already know you want to find faster or more efficient ways to check for overflows on integers, divide nubmers, count bits, search for binary patterns, or do other twiddling, then this book is for you.
If the application of such techniques doesn't seem important to you, then this book probably isn't going to be of interest to you.
Who's going to take care of auditing the code you get from a fly-by-night software house in India?
It's one thing to write code that works but commercial code for real products must be audited for security flaws and must also be maintained for future development. Not a very good long term solution in my mind.
Perhaps if you need a quick one-time job hacked out and you don't care aboot security then this might be a good solution but otherwise the hidden long term issues make it non-viable solution.
So they are finally doing the right thing and they get villified by the geek community. True they should have done this years ago but the truth is that the public was more than happy to purchase software at a reasonable price that was "good enough" and would rather do that than pay a premium price for software that was perfect.
People who are running older versions of Windows need to be upgrading regardless so this will be a good thing for them as they can upgrade everything at once and get back to their task at hand rather than doing it piecemeal.
Really this is no big deal. If you run a business then you have to deal with things like this and if you don't want to run Windows than you can use something else. (My current boyfriend runs FreeBSD and loves it!!) Lets cut then some slack for once.
When will we wake up and smell the mocha lattee and start to realize that we have landfills filling up with trash and that the space available for trash on planet earth is finite.
The whole disposable philosophy that consumers embrace shows how short-sighted and self-centered most people are.
I for one am concerned about my children and their children and will never use one of these if at all possible. Then again I don't own a car (I jog or bike ot take the bus when I have to) and use recycled materials whenever possible.
I think the only real problem I would have with it is that there might be some problems later on when I get pregnant. There are still a lot of issues with radiation regarding females and felopian tubes that we don't know about yet and will take years for science to find out about.
Remember all the mutant freak babies that were born in some Nevada towns after the Army was performing nuclear tests back in the 40's?
Sure this thing sounds safe but are you going to risk giving birth to a retard or a one armed baby when they really don't have any conclusive studies yet? I'm not.
One one hand you can say, that RMS really is being greedy and selfish and just wants credit for his work
Actually that's not my point. He already gets credit for his work. He wants the GNU name attached to linux distributions which is not the same as wanting credit for his work, and he's an absolute jackass with no ability to compromise in that regard. Meanwhile he can't see that all the anonymous people who hack on some of the best free software projects out there, like Gnome, KDE, XFree86, Apache, etc. are the only reason why the masses are even aware of him and the GNU projects. Sure, maybe those projects aren't passionate about the GPL or the "Free Software Foundation" but nonetheless they help provide an avenue for RMS to distribute his software and spread awareness about his beliefs, which in theory is the main focus of his cause.
Instead of being grateful he acts like a pig headed three year old and makes an issue out of the name. I don't how having GNU attached to Linux helps promote his doctrine anyways, most common people would have no idea what it means, other than it looks/sounds damn goofy. I just can't make the connection between the name of a Linux distribution and the Free Software movement and I think it's a big ego thing because RMS feels slighted when he see's Linus being treated like a pseudo celebrity.
I have a GPL'd *nix project that I give away which is used by thousands of people and I don't even put my real name in the software. I give it away because I wanted to give something back to the community and in that spirit I don't want any personal recognition for it because it's really not about me. But then again, I'm not a hypocrite.
He's a hypocrite. Really. He claims that software should be free and he's done all this humanitarian work by developing software which is made available at no cost for others to use as building blocks, etc. Then, he makes a major stink about wanting credit for it???? I mean what's the point? Is he writing software for his ego or is he writing it for moral reasons?
Thanks to the Linux kernel and the XFree and Gnome and KDE developers his software is getting used by millions of people and they have allowed him to make a major contribution to the worlds computing society, yet he's hung up on what it's called.... smacks of hypochrisy to me. He should wake up every day and kiss a picture of Linus Torvalds because without the Linux kernel all those nifty gnu utilities would be virtually unknown and unused compared to what we see today.
I was a level II third tier consultant for Sun during the fold-in phase of this project and I resigned a month ago because I don't want to be there when the shit hits the fan.
I was the team lead for my tier and the only qualified IEF certified relational c++ designer in the group, if that tells you anything. I wanted to do a one to one mapping of the Linux internals in big endian and use that as a layer of abstraction which would be treated as a lightweight CORBA object that brokered all endian issues. The system one level coder ( a c coder who knows nothing about c++ ) refused to even consider it, instead opting for some old berkley style hacky kludge. I won't even mention the sexual harassment either, only to say that just because you're a wealthy geek doens't mean I'll immediatly want to jump in bed with you. It was then that I resigned.
This project is facing an uphill battle unless they are willing to move beyond legacy technology and embrace todays standards. I wish them well but under the circumstances that I left I feel they are doomed for failure.
My interest would be that they cater to minorities as well as Linux. I've been in the IT industry for over 10 years now and most of the Linux/Unix companies are run by white males who offer little opportunity for minority females to work for them, let alone get ahead.
For instance, I'm an MIT graduate and an expert in the field of TCP/IP. I've written mods for the kernel and developed specs for several hardware drivers, yet I see nothing but one closed door after another in the Linux business world as the sexist white males do do everthing in their power to stop me from getting ahead.
Why are IT men so intimidated by powerful/smart women?
Slashdot Mirror
I thought it was accepted on slashdot that information wants to be free (free like not spending money for things you can find on the web or napster) but all the reviews I've been sharing have been moderated to minus 1.
How can I view this as anything but pure unadulteratd hypocrisy?
The slashdot "community" is actually a bunch of hypocrites who aren't really interested in "sharing" information at all, but rather stealing things for free because they don't want to pay for it.
So all you slashdoters are a bunch of hypocrites eh? Gee... who would have guesed that?
Storage Security is not about turning on the right configuration options on your XYZ brand server appliance. It's about applying solid, methodical security practices to your storage systems, regardless of whether they are disks directly attached to a single computer, Network Attached Storage or part of a Storage Area Network. The authors address the full security cycle, too, starting with evaluating the security of proposed new storage solutions. Comparative data in hand, the book shows you how to narrow the field to a single solution that offers the best balance between functionality and security. And once the system is selected, you can't stop there. You've got to decide upon appropriate security policies for the new storage system, draft and implement a backup and restore plan, deal with disaster recovery and take care of a host of other issues. In short, this is a good guide to an entire range of considerations necessary to select, deploy and manage a secure storage solution.
The book's evaluation methodology is particularly valuable. Each type of storage (direct attach, NAS and SAN) is covered in a chapter of its own. Within each chapter, the authors address specific technologies used to implement that type of storage. For example, the direct attach chapter discusses such common storage technologies as SCSI and IDE, moderately exotic systems like USB and Firewire drives, and some more advanced solutions like HiPPI and SSA. Each technology is then placed in a matrix and scored in 11 different categories, including popularity and industry acceptance, built-in data protection features, typical fault tolerance and physical security characteristics. The authors assign each rating on a scale of 1 (poor) to 5 (the best). This gives a good general indication of how each technology measures up, but they tend to rely on a straight average of the ratings when determining the "best" technology. Although it's true that the average allows you to make a quick ballpark comparison, there are many other factors to consider as well, such as the suitability for your particular environment and the way in which your users need to access their data. The matrixes are quite useful, but just remember that you can't always boil things down to a simple numerical score.
Probably the biggest problem with this book is that it's pretty dry. As a reference book, the writing style is fine: since it's easy to find what you're looking for, and the chapters are concise. It's difficult to read from cover-to-cover, though, which is a shame because that's what you should probably do the first time through. Take it in small doses, a chapter or so at a time, and you should be fine.
Storage Security is about just what you'd think: the security of your data as it's being stored on your server(s). It's not a detailed look at the configuration of any one product, but rather a comprehensive, theory-based approach to managing the security of your storage subsystem from evaluation to purchase to daily operations. If you manage a small or mid-size network, you may not need this book. If you have a larger network, though, or have significant data storage needs, this deserves a space on your shelf.
I found this book a curious pot pourri. By no stretch of the imagination is this book going to be much use to its declared readership--advanced C++ programmers. No one in that category needs to be told such simple things as that classes designed with the expectation that they will be derived from should have virtual destructors.
Code in books such as this one should be well written. In many places the authors provide before and after code in support of their guidelines/techniques. What do you think of the following as an 'after' (it does not matter what the technique is that is being written about):
class baseClass {
public:
baseClass() : fltSalary(0.) {}
char *szName;
float fltSalary;
};
It becomes clear, long before the chapter on using Assembly that the authors are writing about C++ on a very specific platform and based on experience with a specific implementation of C++. They have little familiarity with what are rapidly becoming standard techniques among more experienced C++ users. Couple this with a pre- occupation with what I might call micro-optimisations and we finish up with a book that not only offers nothing to advanced C++ programmers, and very little to experienced ones but it also provides a dangerous mindset for inexperienced programmers.
What I find frightening is that the authors are clearly writing about the way they write C++ code. Frankly they are, in my opinion, still at the point where they have a good deal to learn about C++ techniques from the real experts of the industry.
Finally let me quote 'Technique 129: Avoid the CRT If You Can' in its entirety. I think that may give you the sense of why I think this book is wholly misguided.
So who was Alfred Loomis? "He was too complex to categorize--financier, philanthropist, society figure, physicist, inventor, amateur, dilettante--a contradiction in terms," writes Conant. Loomis established a private laboratory in New York and hired scientists whose work in the 1930s wound up making possible both the radar and the atomic bomb. These developments were essential to Allied victory in the Second World War. Conant is perhaps the only person who could have pierced Loomis's obsessive secrecy and written this book; she grew up with Loomis's children and other members of his family. Her grandfather, Harvard president James Bryant Conant, was one of Loomis's scientists
Brin successfully interweaves plot lines as numerous as our hero's ditectives and doggedly sticks to the rules of his created dittotech while Morris's "realflesh" and clay manifestations slowly unravel the dangerous secret behind Maharal's disappearance. As Brin juggles his multiple protagonists and antagonists, he urges the reader to question notions of memory, individualism, and technology, and to answer the schizoid question "which 'you' is 'you?'" Brin's enjoyment is evident as he plays with his terracotta creations' existential angst and simultaneously deconstructs the familiar streetwise detective meme--complete with a multilayered ending. Overall, Kiln People is a fun read, with a good balance of hard science fiction and pop sensibility
This book is a collection of tricks that show the reader better ways to do things they already know how to do. And it's also a book that can give the reader insight into different approaches and mechanisms for solving problems.
Computer programmers translate their ideas and requirements into any of several computer languages. Those expressions are limited by the language the programmer is using, and maybe even the machine the programmer is targeting. But there is a wide continum of expressions that result in the same -- hopefully correct -- results. Choosing the most efficient, and most elegant, expression to some is "real" hacking.
This book is for real hackers. It's a great collection of tricks for performing usually simple operations in an elegant way. What's elegant? Well, elegant is efficeint. If there's a side-effect of an elegant operation, it turns out that side-effect is probably useful and not simply discarded.
This book catalogs insights into concrete binary math, shortcuts derived from different boolean operators, and even approaches some interesting numerical analysis problems.
If you already know how to write software, and you already know you want to find faster or more efficient ways to check for overflows on integers, divide nubmers, count bits, search for binary patterns, or do other twiddling, then this book is for you.
If the application of such techniques doesn't seem important to you, then this book probably isn't going to be of interest to you.
It's one thing to write code that works but commercial code for real products must be audited for security flaws and must also be maintained for future development. Not a very good long term solution in my mind.
Perhaps if you need a quick one-time job hacked out and you don't care aboot security then this might be a good solution but otherwise the hidden long term issues make it non-viable solution.
People who are running older versions of Windows need to be upgrading regardless so this will be a good thing for them as they can upgrade everything at once and get back to their task at hand rather than doing it piecemeal.
Really this is no big deal. If you run a business then you have to deal with things like this and if you don't want to run Windows than you can use something else. (My current boyfriend runs FreeBSD and loves it!!) Lets cut then some slack for once.
The whole disposable philosophy that consumers embrace shows how short-sighted and self-centered most people are.
I for one am concerned about my children and their children and will never use one of these if at all possible. Then again I don't own a car (I jog or bike ot take the bus when I have to) and use recycled materials whenever possible.
Remember all the mutant freak babies that were born in some Nevada towns after the Army was performing nuclear tests back in the 40's?
Sure this thing sounds safe but are you going to risk giving birth to a retard or a one armed baby when they really don't have any conclusive studies yet? I'm not.
Silly.
Anyways, if someone can point me to a list of everything I need to update my gnome 1.4 to the new 2.0 I would be very grateful.
Best Regards,
Rossalina
He spent time behind bars because he pleaded guilty to cloning cel phones.
To summarize: He was not being held in jail awaiting trial, he was serving time for cloning cel phones.
Don't believe me? Look it up.
Sorry to destroy another great Internet myth pal.
Actually that's not my point. He already gets credit for his work. He wants the GNU name attached to linux distributions which is not the same as wanting credit for his work, and he's an absolute jackass with no ability to compromise in that regard. Meanwhile he can't see that all the anonymous people who hack on some of the best free software projects out there, like Gnome, KDE, XFree86, Apache, etc. are the only reason why the masses are even aware of him and the GNU projects. Sure, maybe those projects aren't passionate about the GPL or the "Free Software Foundation" but nonetheless they help provide an avenue for RMS to distribute his software and spread awareness about his beliefs, which in theory is the main focus of his cause.
Instead of being grateful he acts like a pig headed three year old and makes an issue out of the name. I don't how having GNU attached to Linux helps promote his doctrine anyways, most common people would have no idea what it means, other than it looks/sounds damn goofy. I just can't make the connection between the name of a Linux distribution and the Free Software movement and I think it's a big ego thing because RMS feels slighted when he see's Linus being treated like a pseudo celebrity.
I have a GPL'd *nix project that I give away which is used by thousands of people and I don't even put my real name in the software. I give it away because I wanted to give something back to the community and in that spirit I don't want any personal recognition for it because it's really not about me. But then again, I'm not a hypocrite.
Thanks to the Linux kernel and the XFree and Gnome and KDE developers his software is getting used by millions of people and they have allowed him to make a major contribution to the worlds computing society, yet he's hung up on what it's called.... smacks of hypochrisy to me. He should wake up every day and kiss a picture of Linus Torvalds because without the Linux kernel all those nifty gnu utilities would be virtually unknown and unused compared to what we see today.
I was the team lead for my tier and the only qualified IEF certified relational c++ designer in the group, if that tells you anything. I wanted to do a one to one mapping of the Linux internals in big endian and use that as a layer of abstraction which would be treated as a lightweight CORBA object that brokered all endian issues. The system one level coder ( a c coder who knows nothing about c++ ) refused to even consider it, instead opting for some old berkley style hacky kludge. I won't even mention the sexual harassment either, only to say that just because you're a wealthy geek doens't mean I'll immediatly want to jump in bed with you. It was then that I resigned.
This project is facing an uphill battle unless they are willing to move beyond legacy technology and embrace todays standards. I wish them well but under the circumstances that I left I feel they are doomed for failure.
For instance, I'm an MIT graduate and an expert in the field of TCP/IP. I've written mods for the kernel and developed specs for several hardware drivers, yet I see nothing but one closed door after another in the Linux business world as the sexist white males do do everthing in their power to stop me from getting ahead.
Why are IT men so intimidated by powerful/smart women?