While I personally feel Meh towards kitchensink-style cms's it's probable worth mentioning directory and/or file renaming, because sooner or later those morons that run automated scanners will exploit a vunerability that will effect you.
someone got drunk and made a wager to out-do the Americans? Seriously, as many times as I ask myself what's going on in my own country, I find myself looking at bizarre stories like this that my own countries weird puritanical/mega-business playbook fails to explain.
Our countries agenda seems to mostly be simple, business at all cost, with a good dose of racism (terrorists!), protectivism (teh fearz!) and homophobia, masqueraded naturally as Gods will (OMG! they wantz deh pinux!).
It's almost like you're over there trying to make me feel better, but I know enough to know you're as intelligent and concerned about your rights as we are.
How about if FF just tracks the extensions you've toggled and pressed the OKAY button for and simply offers to allow you to enable or to delete those extensions that helpfully get installed for you.
Frankly, I'd consider this a bug in FF behavior as much as anything and while wouldn't fault Mozilla developers for it I would love to see it quickly and efficiently addressed. Which to my mind is still what sets apart great open source projects from most of their closed/proprietary family.
Pretending for a second that there's a snowballs chance in hell, who is it you think would be paid for for the work? When you fund open source *someone* gets paid. Maybe your concerned about the open source CEO will shuffle funds into shells outside the country? Or pay out the open C-level team bonuses?
My understanding is it's the developers on funded projects that get paid for doing the work. Which is probably a good thing.
Do _YOU_ check the security link every time you login to your bank website?
I do. And I certainly don't mean to suggest being smart == impervious, in fact I believe it's more likely that an educated user will avoid many of the low-hanging fruit scenarios precisely because of their increase in vigilance.
I think he's saying he's probably smarter then the average program. A targeted attack, unlike a lazier automated attack still has a better chance of success. What you present is a low-hanging fruit argument.
your name to something just a little different, like C3P0. That way you're google-proofed *and* and guaranteed more then just a cursory glance by any Star Wars-loving HR-drone.
Disclaimer: your mileage, needs and interests may vary.
1) I liked MythTV on Ubuntu which I most recently installed using Mythbuntu. The Xbmc derivatives look nice, but never so compelling I actually used one (because I was already using something I liked).
2) If you plan to use it, consider not fscking with it. Having a TV on the fritz because you tweak the software constantly can sometimes be pretty annoying (maybe mostly to the *other* people).
3) Consider 2 disks. Maybe it's just me, but after a few reinstals/etc I occasionally get sloppy and screw up my partitioning.
4) Keep a hobby PC to play around (if you like to) with and let the HTPC just work TM.
5) If you have a (non-geek) wife, consider not going the home-build route and using a Xbox or something like (which, after 4 or so years is what I use, exclusively) the D-Link DSM-750 (along with a DNLA server like the cross-platform Twonky) this way you end up with a slim, attractive, wireless (803.11n), fanless, HD streaming media device that will allow you to plug your previously computer-bound content (Ogg and MKV included) directly into your HDTV (without having hassle with it).
Of all the solutions I've used this has worked the best for me. But like I said, your ymmv (and I'd be curious to hear about it).
I'm sure in enterprise things can be different but working for a small/medium sized developer I know my CEO isn't so un-clued in that I couldn't explain something like this over drink and have a good laugh.
But then we've used Oracle and seen what happens when cost and bad economics limit your businesses growth. Let them smoke our RHEL and MySQL licensing, maybe their getting something out of the ink.
Better yet, when your PHB approaches you why don't *you* ask him to point out a security situation that *wasn't* caused or aggravated by something that wasn't open source.
Just because some idiot says it's true doesn't mean anything.
If Samba, or Mono, or any other project starts to hurt or threaten them they'll do whatever they feel is in their own best interest.
Just because their comfortable letting Mono act as a marketing tool doesn't mean they value the ideas or principles behind the free software movement.
Unless I missed something in the not currently linked story, part of having branch offices is having local branch managers. Sticking your head in, then badgering everyone with OMG phyracey! might make it sound like you've simply got too much free time (you probably do). Good luck with that Dwight.
Would you fucking morons ALL get off your high-horses? Freedom is being able to CHOOSE between any fucking license that suites your personal/business/religous/world view. Therefore: BSD == free, GPL == free and it's perfectly OKAY that BSD != GPL. Like one and not the other? Great, shut-up about it and use what you like.
Personally, I'm a big fan of both. Ifuckingmagine that.
You've probably already tried but technically, good load balancing and redundancy would be the answer (and/or where possible, scrap the funky Winboxen and squeeze in *nix). As a server platform, in my opinion Windows 2003 is still pretty backwards (the OS, not the businesses stuck using it), but if the goal is uptime and you don't have real (often costly) redundancy, down-time is the natural trade-off.
Yes their installation methods were suspect - but remember MS's major user base is The Doe Family, who can just about turn their PC on and off. Do you really thing they know the answer to 'Do you really want to install the.NET Framework Assistant ?' - If course they wont know what that is, or whether they need it.
Yes their installation methods were creepy
There, fixed that for you.
So do you thinking that everyone who's not a computer geek is too stupid to be provided with a notice or an uninstaller or that Microsoft is too stupid to provide one?
If Microsoft can tamper with 3rd party software, perhaps some 3rd party software developer should nest an oblique clause in their EULA and remove that pesky ie extension once and for all?
You mean you think not providing an extension would prompt the same complaints as having one installed surreptitiously?
Let me assure you, tampering with *competing* 3rd party software without explicitly asking for my permission, no matter what you might be trying to do, is not equivalent.
After that maybe body language and eye contact.
At some point we can view any limitation as an impediment to doing our jobs but I think with civil rule it's important to remember that part of that impediment, the limits and checks and balances, are an equally important part of the job. Because unless I missed the memo, absolute power still corrupts (or gets misused eventually anyway).
And if any of your argument was true we'd have to ban psychoactive medications out-right or presume that no-one could develop and market effective blood or saliva testing (either of which are possible).
I'm not personally a fan of weed or the pocket of culture that's developed around it, but trying to rationalize it's prohibition as logical is about as stupid as the prohibition itself.
Slashdot Mirror
While I personally feel Meh towards kitchensink-style cms's it's probable worth mentioning directory and/or file renaming, because sooner or later those morons that run automated scanners will exploit a vunerability that will effect you.
Someone's finally just thinking of the children. Too bad that seems to include all of Ireland, but that's a small price to pay for safety!
I think you forgot Russia. I expect they'll have to cut off .ru and .cz, just to be thorough.
someone got drunk and made a wager to out-do the Americans? Seriously, as many times as I ask myself what's going on in my own country, I find myself looking at bizarre stories like this that my own countries weird puritanical/mega-business playbook fails to explain.
Our countries agenda seems to mostly be simple, business at all cost, with a good dose of racism (terrorists!), protectivism (teh fearz!) and homophobia, masqueraded naturally as Gods will (OMG! they wantz deh pinux!).
It's almost like you're over there trying to make me feel better, but I know enough to know you're as intelligent and concerned about your rights as we are.
How about if FF just tracks the extensions you've toggled and pressed the OKAY button for and simply offers to allow you to enable or to delete those extensions that helpfully get installed for you.
Frankly, I'd consider this a bug in FF behavior as much as anything and while wouldn't fault Mozilla developers for it I would love to see it quickly and efficiently addressed. Which to my mind is still what sets apart great open source projects from most of their closed/proprietary family.
Pretending for a second that there's a snowballs chance in hell, who is it you think would be paid for for the work? When you fund open source *someone* gets paid. Maybe your concerned about the open source CEO will shuffle funds into shells outside the country? Or pay out the open C-level team bonuses?
My understanding is it's the developers on funded projects that get paid for doing the work. Which is probably a good thing.
Do _YOU_ check the security link every time you login to your bank website?
I do. And I certainly don't mean to suggest being smart == impervious, in fact I believe it's more likely that an educated user will avoid many of the low-hanging fruit scenarios precisely because of their increase in vigilance.
No problem!
Maybe he's writing in character? *queue fat man leaning at the top of a long staircase*
I think he's saying he's probably smarter then the average program. A targeted attack, unlike a lazier automated attack still has a better chance of success. What you present is a low-hanging fruit argument.
plus a little bad luck and architecture trouble would do it. Unless of course you're thinking of Twitter as being a single apache/mysql pair.
your name to something just a little different, like C3P0. That way you're google-proofed *and* and guaranteed more then just a cursory glance by any Star Wars-loving HR-drone.
Rent them out for use as gaming pcs. Could be fun (if you like to game yourself) and might even cover your costs.
Wouldn't the dll issue simply be related to code signing? The exe is probably signed and the cracked dll not, Windows complains.
A few quick points:
Disclaimer: your mileage, needs and interests may vary.
1) I liked MythTV on Ubuntu which I most recently installed using Mythbuntu. The Xbmc derivatives look nice, but never so compelling I actually used one (because I was already using something I liked).
2) If you plan to use it, consider not fscking with it. Having a TV on the fritz because you tweak the software constantly can sometimes be pretty annoying (maybe mostly to the *other* people).
3) Consider 2 disks. Maybe it's just me, but after a few reinstals/etc I occasionally get sloppy and screw up my partitioning.
4) Keep a hobby PC to play around (if you like to) with and let the HTPC just work TM.
5) If you have a (non-geek) wife, consider not going the home-build route and using a Xbox or something like (which, after 4 or so years is what I use, exclusively) the D-Link DSM-750 (along with a DNLA server like the cross-platform Twonky) this way you end up with a slim, attractive, wireless (803.11n), fanless, HD streaming media device that will allow you to plug your previously computer-bound content (Ogg and MKV included) directly into your HDTV (without having hassle with it).
Of all the solutions I've used this has worked the best for me. But like I said, your ymmv (and I'd be curious to hear about it).
I'm sure in enterprise things can be different but working for a small/medium sized developer I know my CEO isn't so un-clued in that I couldn't explain something like this over drink and have a good laugh.
But then we've used Oracle and seen what happens when cost and bad economics limit your businesses growth. Let them smoke our RHEL and MySQL licensing, maybe their getting something out of the ink.
Better yet, when your PHB approaches you why don't *you* ask him to point out a security situation that *wasn't* caused or aggravated by something that wasn't open source.
Just because some idiot says it's true doesn't mean anything.
Correction:
kdawson. Nuff said.
If Samba, or Mono, or any other project starts to hurt or threaten them they'll do whatever they feel is in their own best interest. Just because their comfortable letting Mono act as a marketing tool doesn't mean they value the ideas or principles behind the free software movement.
Unless I missed something in the not currently linked story, part of having branch offices is having local branch managers. Sticking your head in, then badgering everyone with OMG phyracey! might make it sound like you've simply got too much free time (you probably do). Good luck with that Dwight.
Would you fucking morons ALL get off your high-horses? Freedom is being able to CHOOSE between any fucking license that suites your personal/business/religous/world view. Therefore: BSD == free, GPL == free and it's perfectly OKAY that BSD != GPL. Like one and not the other? Great, shut-up about it and use what you like.
Personally, I'm a big fan of both. Ifuckingmagine that.
You've probably already tried but technically, good load balancing and redundancy would be the answer (and/or where possible, scrap the funky Winboxen and squeeze in *nix). As a server platform, in my opinion Windows 2003 is still pretty backwards (the OS, not the businesses stuck using it), but if the goal is uptime and you don't have real (often costly) redundancy, down-time is the natural trade-off.
There, fixed that for you.
So do you thinking that everyone who's not a computer geek is too stupid to be provided with a notice or an uninstaller or that Microsoft is too stupid to provide one?
If Microsoft can tamper with 3rd party software, perhaps some 3rd party software developer should nest an oblique clause in their EULA and remove that pesky ie extension once and for all?
You mean you think not providing an extension would prompt the same complaints as having one installed surreptitiously? Let me assure you, tampering with *competing* 3rd party software without explicitly asking for my permission, no matter what you might be trying to do, is not equivalent.
After that maybe body language and eye contact. At some point we can view any limitation as an impediment to doing our jobs but I think with civil rule it's important to remember that part of that impediment, the limits and checks and balances, are an equally important part of the job. Because unless I missed the memo, absolute power still corrupts (or gets misused eventually anyway).
They can tell if you have THC in your body but you could have ingested marijuana in some form or another weeks ago.
I'm going to guess you might have been smoking something when you posted that.
You're thinking of metabolites in urine tests.
And if any of your argument was true we'd have to ban psychoactive medications out-right or presume that no-one could develop and market effective blood or saliva testing (either of which are possible).
I'm not personally a fan of weed or the pocket of culture that's developed around it, but trying to rationalize it's prohibition as logical is about as stupid as the prohibition itself.