IMHO, Panther, the major version of OS X right after Jaguar, was the first version to be ready for prime time. With Jaguar, you will have to keep on top of the file system all the time with a utility such as Alsoft DiskWarrior or Prosoft Drive Genius. It's much less stable and less refined, in general than Panther and above. The UNIX environment is more BSD-like and less Linux-like compared to Tiger and Leopard. Bundled Open Source stuff, especially Samba, is not as complete and well configured as later versions. Fortunately, any machine that can run Jaguar can run Panther and the requirements for Tiger are not much worse (a bit more RAM).
I'm not quite sure what the "playnamethatparty" tag is supposed to be getting at but I'll name Governor Rell's party. She's a Republican. I would say a very moderate one, to the point that she could easily be mistaken for a Democrat at times.
At one point, I looked over all the Secunia advisories about OS X and came across one which said that OS X would send passwords in clear text without warning when logging into Appleshare volumes and that this vulnerability was "unpatched". I thought this was strange since I had, in fact, seen such warning dialog boxes in OS X. It was in an unusual case where I was connecting from OS X 10.2 to an old 68k Mac running MacOS 8.1. I also remembered seeing that there is an options button when you make an Appleshare connection. If you hit that options button, you get a screen with check boxes for allowing clear text passwords and warning when a clear text password is needed. The default is to allow with a warning. I sent email to Secunia asking for clarification about what circumstances would lead to sending a clear text password without notice. Do those check boxes not actually work? Are the defaults less secure in some cases? I never got a reply but the issue disappeared from the Secunia site. No explanation. Just gone. I wonder if enough other issues have just disappeared to affect the numerology.
Keyloggers can be installed at a variety of levels. They can be installed at a hardware level if someone has physical access to your machine. In software, they can be installed anywhere from the kernel level to the level of a specific application like IE. One of the most likely kinds of keyloggers for the average user to run into is the spyware/trojan browser redirect variety. These are browser-specific and will only capture what you do in that specific browser. Using separate browsers will protect you somewhat against that one kind of keylogger.
I had an incident a few years back where one of the end users I support got infected with an IE specific keylogger trojan. It quickly became apparent because the machine was using a restricted IP address which requires proxy access with a login to reach sites outside the LAN. IE started asking for a login to the proxy server even when the user was only browsing internal sites. It took some investigation to figure out what had happened but we discovered the trojan and how its activity sending keylogger data to an outside site was what was triggering the unexpected proxy login requests.
I use FF, with some extra lock-down settings, for my promiscuous browser and Safari for my safe browser. That's a good option for OS X users because of practical considerations. There are actually a number of financial services sites which work with Safari and not FF. The FF developers have had trouble with situations where the site is secure and requires a login by a member. It's difficult for an Open Source project to get access for testing. I'm not sure what Apple does with Safari. Maybe they put administrative resources into signing all kinds of NDAs to get access to a cross section of sites for testing.
It's probably a similar situation for Windows users and IE. Unfortunately, many of the sites which people would most want to have secure access to only work with IE. At that point, your best bet is to use IE for the minimum number of sites and not risk using it with others.
My experience differs. I wonder if you have corrupted fonts on your machine or some such thing and it isn't really the fault of Firefox. I'm using the Firefox 3 prerelease "Minefield" right now to write this reply and I've been using it as my main browser for some time now. I have found very few bugs in it and it's at least as stable as any shipping version of IE.
Since GPG is open source wouldn't your institution be able to modify GPG so that the institution's public key was always used when encrypting in addition to any other keys specified?
Last I heard, there is (or was) a project to add ADK functionality to GPG in a similar way to what PGP has but it's being hosted at another university. I'm not sure what the status of the project is but I should ask, now that you mention it. We are a large university and our governance is hardly monolithic. At the last meeting I attended on the topic, there were differing opinions and differing levels of understanding on what we really need, how much to trust end users and how much to try and enforce policy by technical means. The point is that there are political issues as well as technical ones.
We have many needs for encryption technology, with confidentiality of files, emails, digital signatures, etc. If we hope to ever have a standard which can be used across the whole university, it will have to run on many different platforms and it will have to be free, as in beer, because of the fragmented funding structure we have. I think that all makes a strong case for an open source solution but there's too much resistance from IT management for us to officially take the lead on such a project (even if it's as simple as a modification to always include the institution's public key, as you suggest). That situation will probably change dramatically once a few top IT executives retire.
Central management is the key. Where I work, we would really like to switch from PGP to GPG but we can't because of the lack of ADK (Additional Decryption Key) functionality. This is a sort of master key which is held by the institution in case someone forgets their password or gets hit by a bus or some such thing. ADK is absolutely necessary because we have to ensure availability of data as well as confidentiality.
On the Mac side, FileVault is good because it has central management but it has the one drawback that you have to make sure that clueless users are restricted from saving sensitive data outside of their home folders since FileVault only protects the home folder.
You have to accept cookies
on
Will Privacy Sell?
·
· Score: 3, Informative
I just tried it out and found that you have to accept cookies from ask.com for the askEraser feature to stick. That's not surprising but it seems that you have to give up one privacy measure to get another.
Actually, court records are all publicly available in the US. It's just a little more work to locate info of interest on your neighbors that way than it is with a convenient database like the sex offender registries but it's well known that spammers data mine court records for people who recently got speeding tickets so they can market radar detectors, laser detectors, infrared scattering spray for license plates, etc.
If I'm reading this correctly, this law only becomes an issue if you know about traffic in illegal images on your Wi Fi network. The practical upshot of this is that if you want to run an open Wi Fi point, you need to be sure you don't look at the traffic. Don't run a packet sniffer or a NIDS.
Along the lines of what you're saying, I wonder if Windows will go the way of terminals like the VT-100 and such where emulators running on PCs gradually replaced the genuine terminal machines. Increasingly, Windows will be used in virtual machines running on other OSes. VMWare is one example, but noting your mention of WINE in your sig, I suppose WINE is a sort of minimal VM... in a sense.
I think the point of this quote in the article is not that there was something wrong with the technician's response but with IT management's response. It's perfectly logical for individual technicians, who have minimal information, to do whatever troubleshooting they can with what they have. The failure was at a higher level where they should have known about the change made to port configurations.
I should also point out that you often have to be careful of instantly blaming the last change made before a problem. Anyone with experience knows that, whenever you make a change, especially one that end users know about, you get blamed for the next thing that goes wrong, even if it is completely unrelated to what you did. Obviously, that isn't what happened here since part of the problem was that the people who made the change didn't report it properly. My point is that these systems are complex enough that changes occur frequently enough and problems occur frequently enough that you have a lot of coincidences where a change happens and then there is a problem unrelated to the change. Beware of post hoc ergo propter hoc.
This goes to show the importance of using the technique of adding salt values to passwords before hashing. Also, your salt value shouldn't be a common word ( or something which would make a common word or phrase in combination with something people are likely to use in a password).
Medicine, as an academic field, is very scientific. It's the common practice of medicine that gets caught up in politics and some areas of medical practice are more political than others. Nutrition has always been very political because there are large commercial interests in selling food to people. The government can't change regulations to fit new scientific understanding without there being huge amounts of money at stake.
I know here in the United States, "search and seizure" is a popular law-enforcement tool for the purpose of slowing/stopping activities they can't really find sufficient evidence to prosecute. (All you need is a judge's signature saying it's ok to proceed with a search and seizure, and they can waltz in with the warrant in hand, seizing the "offending" property. Then just lock it away in an evidence locker for a few years, sitting on it and depriving the owner of it. Eventually, sure, they'll probably just return it, claiming "insufficient evidence" to make a case against them - but they accomplished what they were really after.)
I would say that this is something to consider when you do Business Continuity and Disaster Recovery Planning. Loss of equipment due to this kind of issue is not that different from loss due to a fire or flood. That is, assuming that you don't also have some kind of cease and desist order.
Like many of the other people responding, I save in different formats, depending on the situation. Often it's ODF for myself and MS Office for a final copy sent to someone else. PDF and HTML certainly have their place as well.
I think ODF is the better archival format because the binary formats of MS Office are not even 100% compatible across different versions of MS Office today. They are convoluted and difficult to support. Microsoft is sure to phase out support eventually. Once you get into the newer xml based format for MS Office, the difference is not so great but I think you're still better off with an open standard in the long run.
Of course, now that Novell's openSUSE can run Windows in a window in a VM [slashdot.org], there's more reason to buy a new machine with linux, then move your old copy of XP or 2k to a virtual machine on your new box, rather than paying the Microsoft tax a second time (and yes, you can move your license to your new hardware, despite what Microsoft tries to FUD. Just make sure you remove it from your old hardware at the same time).
Actually, you can't do that legally. Read the EULA. Once you install Windows on a machine, it's locked to that machine and you can't transfer the license. Furthermore, the EULA of most (if not all) retail boxed copies of Windows require that it is installed on a machine which was originally bundled with an "upgradeable OS" which includes any version of Windows (older or newer) and Mac OS X (and possibly a few others). Otherwise, it would actually be illegal to use Apple's Boot Camp to run Windows on a Mac. Maybe Microsoft does offer some package which will allow you to install on a bare PC but I have yet to see a version of the Windows EULA which allows that. Someone please provide a reference if you can find such a thing.
About a year ago, there was a finding that the institution I work for had misclassified about 300 positions, including mine, and we should be eligible for overtime pay. I'm a sysadmin, DBA and a few other things. We are also now eligible for membership in the union. I did, in fact, decide to join the union, mainly because of one particularly bad manager, who is going to become my direct supervisor starting in a few months. Most of the people who I work with are fine people but this manager is well known to have had problems with many employees.
It is also interesting to note that salaries do seem to be being passively adjusted because of the change. June is the time that we typically get pay raises and every year, up until this one, there were both general pay raises (which essentially adjust for market conditions, inflation and cost of living) and merit pay raises. This year, after the overtime decision, there were only merit pay raises.
Several other readers have pointed out various ways that advertisers are abusing advertisements to the point that they aren't just advertisements. Let me add one other point. When do a web search and then start going through the results, you often don't know exactly what kind of content you're going to find until you click each link and actually look at the page. If you don't protect yourself with ad-blocking software, you will hit all kinds of obnoxious stuff from sites you really weren't interested in viewing in the first place.
The point of the GPL is to keep the project, which you wrote code for, going in a publicly available form. The main complaint of TFA is that these people using GPL code aren't making their snapshot of code (with any modifications they made) available to the public. Without the GPL, public domain code for a project can be taken, modified and close-sourced. If some people start using the closed source version, then you have development forks which can't be synced and your version of the project can suffer as a result. Then, when the company maintaining the closed source version looses interest and lets the project languish, people aren't making use of your work anymore.
So, if all you want to do is make a chunk of code available for use, however people want to use it, then the BSD license or just public domain, are good choices. In other words, I agree with your comment, in this case. On the other hand, if you want to design a project to fill a specific need and want that project to survive in the public space, then the GPL is the way to go.
Slashdot Mirror
IMHO, Panther, the major version of OS X right after Jaguar, was the first version to be ready for prime time. With Jaguar, you will have to keep on top of the file system all the time with a utility such as Alsoft DiskWarrior or Prosoft Drive Genius. It's much less stable and less refined, in general than Panther and above. The UNIX environment is more BSD-like and less Linux-like compared to Tiger and Leopard. Bundled Open Source stuff, especially Samba, is not as complete and well configured as later versions. Fortunately, any machine that can run Jaguar can run Panther and the requirements for Tiger are not much worse (a bit more RAM).
I'm not quite sure what the "playnamethatparty" tag is supposed to be getting at but I'll name Governor Rell's party. She's a Republican. I would say a very moderate one, to the point that she could easily be mistaken for a Democrat at times.
At one point, I looked over all the Secunia advisories about OS X and came across one which said that OS X would send passwords in clear text without warning when logging into Appleshare volumes and that this vulnerability was "unpatched". I thought this was strange since I had, in fact, seen such warning dialog boxes in OS X. It was in an unusual case where I was connecting from OS X 10.2 to an old 68k Mac running MacOS 8.1. I also remembered seeing that there is an options button when you make an Appleshare connection. If you hit that options button, you get a screen with check boxes for allowing clear text passwords and warning when a clear text password is needed. The default is to allow with a warning. I sent email to Secunia asking for clarification about what circumstances would lead to sending a clear text password without notice. Do those check boxes not actually work? Are the defaults less secure in some cases? I never got a reply but the issue disappeared from the Secunia site. No explanation. Just gone. I wonder if enough other issues have just disappeared to affect the numerology.
Keyloggers can be installed at a variety of levels. They can be installed at a hardware level if someone has physical access to your machine. In software, they can be installed anywhere from the kernel level to the level of a specific application like IE. One of the most likely kinds of keyloggers for the average user to run into is the spyware/trojan browser redirect variety. These are browser-specific and will only capture what you do in that specific browser. Using separate browsers will protect you somewhat against that one kind of keylogger.
I had an incident a few years back where one of the end users I support got infected with an IE specific keylogger trojan. It quickly became apparent because the machine was using a restricted IP address which requires proxy access with a login to reach sites outside the LAN. IE started asking for a login to the proxy server even when the user was only browsing internal sites. It took some investigation to figure out what had happened but we discovered the trojan and how its activity sending keylogger data to an outside site was what was triggering the unexpected proxy login requests.
I use FF, with some extra lock-down settings, for my promiscuous browser and Safari for my safe browser. That's a good option for OS X users because of practical considerations. There are actually a number of financial services sites which work with Safari and not FF. The FF developers have had trouble with situations where the site is secure and requires a login by a member. It's difficult for an Open Source project to get access for testing. I'm not sure what Apple does with Safari. Maybe they put administrative resources into signing all kinds of NDAs to get access to a cross section of sites for testing.
It's probably a similar situation for Windows users and IE. Unfortunately, many of the sites which people would most want to have secure access to only work with IE. At that point, your best bet is to use IE for the minimum number of sites and not risk using it with others.
Right, security by obscurity doesn't work... unless you take it to the level of non-functionality.
My experience differs. I wonder if you have corrupted fonts on your machine or some such thing and it isn't really the fault of Firefox. I'm using the Firefox 3 prerelease "Minefield" right now to write this reply and I've been using it as my main browser for some time now. I have found very few bugs in it and it's at least as stable as any shipping version of IE.
Are you sure that's the correct IP address? When I do a reverse DNS lookup on it, I get what appears to be a grammar school in Illinois:
$ host 209.174.104.2
2.104.174.209.in-addr.arpa domain name pointer host-209-174-104-2.kewanee.k12.il.us.
Central management is the key. Where I work, we would really like to switch from PGP to GPG but we can't because of the lack of ADK (Additional Decryption Key) functionality. This is a sort of master key which is held by the institution in case someone forgets their password or gets hit by a bus or some such thing. ADK is absolutely necessary because we have to ensure availability of data as well as confidentiality.
On the Mac side, FileVault is good because it has central management but it has the one drawback that you have to make sure that clueless users are restricted from saving sensitive data outside of their home folders since FileVault only protects the home folder.
I just tried it out and found that you have to accept cookies from ask.com for the askEraser feature to stick. That's not surprising but it seems that you have to give up one privacy measure to get another.
Actually, court records are all publicly available in the US. It's just a little more work to locate info of interest on your neighbors that way than it is with a convenient database like the sex offender registries but it's well known that spammers data mine court records for people who recently got speeding tickets so they can market radar detectors, laser detectors, infrared scattering spray for license plates, etc.
Right! First magic markers, now the internet!
If I'm reading this correctly, this law only becomes an issue if you know about traffic in illegal images on your Wi Fi network. The practical upshot of this is that if you want to run an open Wi Fi point, you need to be sure you don't look at the traffic. Don't run a packet sniffer or a NIDS.
Along the lines of what you're saying, I wonder if Windows will go the way of terminals like the VT-100 and such where emulators running on PCs gradually replaced the genuine terminal machines. Increasingly, Windows will be used in virtual machines running on other OSes. VMWare is one example, but noting your mention of WINE in your sig, I suppose WINE is a sort of minimal VM... in a sense.
I think the point of this quote in the article is not that there was something wrong with the technician's response but with IT management's response. It's perfectly logical for individual technicians, who have minimal information, to do whatever troubleshooting they can with what they have. The failure was at a higher level where they should have known about the change made to port configurations.
I should also point out that you often have to be careful of instantly blaming the last change made before a problem. Anyone with experience knows that, whenever you make a change, especially one that end users know about, you get blamed for the next thing that goes wrong, even if it is completely unrelated to what you did. Obviously, that isn't what happened here since part of the problem was that the people who made the change didn't report it properly. My point is that these systems are complex enough that changes occur frequently enough and problems occur frequently enough that you have a lot of coincidences where a change happens and then there is a problem unrelated to the change. Beware of post hoc ergo propter hoc.
This goes to show the importance of using the technique of adding salt values to passwords before hashing. Also, your salt value shouldn't be a common word ( or something which would make a common word or phrase in combination with something people are likely to use in a password).
Medicine, as an academic field, is very scientific. It's the common practice of medicine that gets caught up in politics and some areas of medical practice are more political than others. Nutrition has always been very political because there are large commercial interests in selling food to people. The government can't change regulations to fit new scientific understanding without there being huge amounts of money at stake.
I would say that this is something to consider when you do Business Continuity and Disaster Recovery Planning. Loss of equipment due to this kind of issue is not that different from loss due to a fire or flood. That is, assuming that you don't also have some kind of cease and desist order.
Like many of the other people responding, I save in different formats, depending on the situation. Often it's ODF for myself and MS Office for a final copy sent to someone else. PDF and HTML certainly have their place as well.
I think ODF is the better archival format because the binary formats of MS Office are not even 100% compatible across different versions of MS Office today. They are convoluted and difficult to support. Microsoft is sure to phase out support eventually. Once you get into the newer xml based format for MS Office, the difference is not so great but I think you're still better off with an open standard in the long run.
Actually, you can't do that legally. Read the EULA. Once you install Windows on a machine, it's locked to that machine and you can't transfer the license. Furthermore, the EULA of most (if not all) retail boxed copies of Windows require that it is installed on a machine which was originally bundled with an "upgradeable OS" which includes any version of Windows (older or newer) and Mac OS X (and possibly a few others). Otherwise, it would actually be illegal to use Apple's Boot Camp to run Windows on a Mac. Maybe Microsoft does offer some package which will allow you to install on a bare PC but I have yet to see a version of the Windows EULA which allows that. Someone please provide a reference if you can find such a thing.
About a year ago, there was a finding that the institution I work for had misclassified about 300 positions, including mine, and we should be eligible for overtime pay. I'm a sysadmin, DBA and a few other things. We are also now eligible for membership in the union. I did, in fact, decide to join the union, mainly because of one particularly bad manager, who is going to become my direct supervisor starting in a few months. Most of the people who I work with are fine people but this manager is well known to have had problems with many employees.
It is also interesting to note that salaries do seem to be being passively adjusted because of the change. June is the time that we typically get pay raises and every year, up until this one, there were both general pay raises (which essentially adjust for market conditions, inflation and cost of living) and merit pay raises. This year, after the overtime decision, there were only merit pay raises.
Several other readers have pointed out various ways that advertisers are abusing advertisements to the point that they aren't just advertisements. Let me add one other point. When do a web search and then start going through the results, you often don't know exactly what kind of content you're going to find until you click each link and actually look at the page. If you don't protect yourself with ad-blocking software, you will hit all kinds of obnoxious stuff from sites you really weren't interested in viewing in the first place.
The point of the GPL is to keep the project, which you wrote code for, going in a publicly available form. The main complaint of TFA is that these people using GPL code aren't making their snapshot of code (with any modifications they made) available to the public. Without the GPL, public domain code for a project can be taken, modified and close-sourced. If some people start using the closed source version, then you have development forks which can't be synced and your version of the project can suffer as a result. Then, when the company maintaining the closed source version looses interest and lets the project languish, people aren't making use of your work anymore.
So, if all you want to do is make a chunk of code available for use, however people want to use it, then the BSD license or just public domain, are good choices. In other words, I agree with your comment, in this case. On the other hand, if you want to design a project to fill a specific need and want that project to survive in the public space, then the GPL is the way to go.