Slashdot Mirror


User: jonadab

jonadab's activity in the archive.

Stories
0
Comments
5,933
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,933

  1. Re:This is great ... on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    > I personally think that the software update mechanism (where the window pops
    > up if there are updates) is great under OS X. You would have to be really
    > retarded to ignore it. Maybe Windows and Linux could do with something like
    > this ?

    Windows has this. (Well, technically it doesn't pop up a window right away,
    but a *really* annoying thingydoo pops up above the system tray, repeatedly,
    and refuses to give you any peace until you click on it, at which point the
    window does pop up then. The average end user can't make it 60 seconds when
    the thingydoo activates without screaming to the Computer Guy for help.)

    Various Linux distros have various sorts of autoupdate facilities. I don't
    know of any that pop up a window, but it would certainly be possible. Even
    better IMO would be to just put the updates on a cron job (2am local time or
    first thing in the morning if the computer was off at 2am seems reasonable;
    equip it with the ability to only use maybe 25% of available bandwidth).

    For security updates, why bother the user? Just *do* it. Security updates
    aren't supposed to have any incompatibilities or feature changes; just the
    fix. Unless it's a kernel bug or something like that that requires reboot,
    the user doesn't even need to *know*. Users who do want to know can read the
    logs. Users who know enough about what is going on to make their own
    decisions about security updates will know where to find the config file;
    everyone else should just receive the updates automagically.

    Of course, this kind of default policy would mean you'd have to be very
    careful about protecting your update servers...

  2. Re:Microsoft to remove the @ symbol from URLs on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    > Unfortunately they never seem to have realized they could avoid the problem
    > by doing like Opera for example... Dialog:

    That would be a pointless guesture for MSIE. Any dialog box with a "Yes" or
    "Ok" button never gets read anymore (largely because of the many stupid
    idiotic warning and information messages that have been foisted on users
    since 1994 or so, such as the one that warns you when you use a search engine
    that the search terms are not encrypted (horrors)). People see dialog boxes
    so often, the first part they look at is the buttons; if there's a "good"
    button that they recognize ("Yes", "Ok", ...) or if there's only one button,
    they just frob the button without any further thought. And, if I used MSIE
    I'd be tempted to do this too. It cries wolf over some of the stupidest things.

    I should note that the feature is not pointless for Opera, because it caters
    to a different demographic, and more importantly because Opera foists fewer
    superfluous dialog boxes on the user. Mozilla is also working toward fewer
    spontaneous dialog boxes. (If the user clicks a UI element to get the dialog
    box, that's okay (e.g., the prefs dialog), but things like unreachable server
    errors and whatnot are being changed to error _pages_, that display in the
    actual content area, to cut down on the number of dialogs.

  3. Re:Use colors on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    > The only character that could plausably display as a blank area is the
    > byte with the value 32

    Decimal 32 is not a valid character in a URI. Never has been, never will be,
    unicode or no unicode. There are important technical reasons for this. If the
    value decimal 32 needs to be communicated (e.g., in a GET query string), it has
    to be encoded (usually as %20).

    > and even that could show an underscore or something

    No! Confusing underscore with space would be Very Bad. The representation
    for decimal 32 that can be used in a URI is '%20'. This should be displayed
    in the location bar as '%20'.

    > the text "%00" in the url should not cause the rest to disappear.

    Heh. Is somebody programming in C and using the lazy kind of strings?
    But in any case, %00 should be shown in the location bar as %00.

    > Display all non-ascii characters in a different color.

    If the color is hardcoded, this is a serious accessibility problem. (You
    *cannot* have hardcoded colors for text. Ever. It's *not* allowed, because
    it circumvents necessary contrast settings. Some users who don't see well
    need high contrast, and some whose eyes are sensitive to light need low
    contrast with the foreground lighter than the background.) Since most
    platforms do not provide a system color for this, you have basically two
    choices: use the link color, or add another color option to the prefs. The
    Evil Anti-Features Jihad will probably not allow you to add a preference
    based on such flimsy reasons as "it's needed to provide a security feature",
    at least, not without extensive usability testing, so that leaves you
    re-using the link color (or perhaps the visited color). Actually, though,
    this doesn't seem like a bad solution.

    > Display as much of the URL that corresponds to a site you have visited
    > before in a different color.

    Now, that would be a nice way to re-use the visited color. But what do you
    do with a non-ASCII character that's within the part you've visited before?
    Also, it should be noted that current browsers may need backend support
    for this; changes to the chrome might not cover it, really, because you need
    to keep the list of "visited" URIs in such a way that it's easy to look them
    up based on the first N characters, and they may not currently do this.
    (I suspect that they do not. They probably use a hash table, for reasons
    of efficiency. It would be possible to just the domain portion as the basis
    for calculating the hash and store the list of URIs at that domain in that
    bucket, which would be efficient enough probably, but I suspect that this is
    not currently how it is done. This would likely be a significant change and
    might break some extensions. So somebody in charge of deciding what changes
    get included would have to be convinced it's important. I'm thinking of
    Mozilla here, but I suspect other browsers would have similar considerations.)

  4. Re:Homograph attacks might bite us all on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    Actually, I always spot those right away. I'd be slightly less likely to spot
    a transposition (e.g., slahsdot.org), though I usually notice those if they
    have a strong impact on pronunciation, especially by moving a consonant. The
    best bet is probably to transpose a dipthong (e.g., Anonymuos Coward). I
    *might* miss that, if I wasn't paying attention. But I would never miss
    e.g. s1ashdot.org, because my preprocessor would split that as s 1 ashdot
    before I even read it. Numbers and letters are separate categories of
    symbols entirely; I'd be no more likely to mistake one for the other than
    to mistake an analog clock for a digital one or an icon for a textual title.

    Of course, it probably helps that, being a programmer, I refuse to *ever*
    use a font that makes different characters look like one another. When I
    get a new font, The first thing I do is type chars like oO0 iIl|1!: `'"; if
    any two of them look very similar, I throw out the font; I don't want it on
    my system, lest I inadvertently select it at some point for something.

  5. Re:Homograph attacks might bite us all on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    > A simple solution is to render characters from a different code page
    > than the default in a different color in urls.

    For my purposes, it would be perfectly satisfactory if the browser had an
    option (just an option, mind you, off by default) in the preferences to
    disallow "foreign" characters (i.e., any not from the user's chosen default
    character set in URIs, or to ask for confirmation before visiting such a URI.

    I understand the value for the world in allowing URIs to contain characters
    from any character set, but I personally have no need to visit any URIs with
    non-ASCII characters in them. Some users might wish to construct a list of
    several charsets that URIs are allowed to come from (most likely their
    native charset plus ASCII (or plus Latin-1 maybe)).

    Another possibility would be to use a font that simply does not render any
    characters outside the user's native charset, but this is undesirable for
    me because, being a math geek, I'd like to be able to see page content that
    contains, e.g., Greek letters, though the URI and most of the text on the
    page would be in ASCII. Really, a confirmation before visiting URIs with
    characters not from the user's chosen charset would be the best thing IMO.

  6. Re:Almost on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    > I believe Microsoft intentionally has a slightly broken CSS

    I doubt they needed to go out of their way. Any implementation is slightly
    broken at first, and then (if you intend to implement the standard as written)
    you refine it until it's right. Sometimes things in the standard are quite
    inconvenient to implement because of the way in which your implementation
    handles certain things. Mozilla went through this, but it was mostly back
    in the days when Mozilla was so crashy and buggy that nobody much used it,
    back when their milestones were numbered with the letter M (for "milestone")
    and a number, before the switchover to the 0.x naming scheme. By the time
    0.9 came around, the most glaring deviations had been ironed out already.

    All Microsoft did (and yes, they may have made the decision deliberately,
    based *partly* on the reasons you point out, but also partly on mere lack of
    desire to work hard on something that didn't matter to them) is not bother to
    iron out their non-compliance issues. They had (partly for the reasons you
    point out, and partly because end users don't know the difference) no
    particular motivation to work very hard at adhering to the standard.

    In other words, it is unnecessary to attribute overt malice when plain old
    garden-variety laziness and ordinary incompetence explain things adequately.

    Now, the question of whether Microsoft *would have* deliberatly sabatoged
    their standards-compliance if circumstances had been such that that were
    necessary to protect their network effect, that is another question. The
    answer would probably depend on which person within MS got to make the call.

  7. Re:Almost on Microsoft Advises to Type in URLs Rather than Click · · Score: 1

    > Btw, my W3C-validated, visually confirmed (opera, mozilla) good webpages
    > look like shit in IE. And, no I don't bother to make IE-CSS.

    Yeah, but if you think they look bad in recent versions of MSIE, try them in
    Navigator 4.08 (which a few people are still using, especially on Mac OSes
    prior to X) or (shudder) IE4.

    Another tip: just once, spend the time to get a page looking right in MSIE
    for Windows, and then try it in MSIE for Mac. Or vice versa. Whee.

    Out of fairness, I should point out that there are also still serious
    inadequacies in the CSS support in other browsers, including those based
    on Gecko, *especially* in regards to printing -- just *try* to get page
    breaks where you want them, or even just try to keep it from breaking
    pages in a particularly inconvenient place such as between a header and
    the paragraph immediately following. *Ugh*.

  8. Re:Needless amounts of effort! on Nit-Pickers Guide to Deviations in Jackson's LotR · · Score: 1

    > The movies, by virtue of being very good movies in this age of visual
    > information, will in fact become the standard telling of LOTR. The books
    > will become the "other, harder to absorb" telling

    I doubt it. Movies have been made from Tolkein's work before and will be again,
    and each time the books are used as the primary source, though of course there
    are copious quantities of deviation, as always happens with movies. The writing
    in the books is of such quality that people who once read a few paragraphs have
    soon read the books in their entirety and are discussing finer points excitedly
    with anyone else they can find who has read them -- which can be contagious if
    there happens to be anyone else present at the time who has not.

    Some tales when retold are improved; Cinderella, for example, is of such poor
    quality that *several* times it has been retold and the new version became the
    standard telling subsequently, most recently the Disney animated flick, which
    will certainly not be the last "standard telling", since it is of such quality
    (ahem) that it can still stand a large amount of enhancement. However, the
    retellers neither look back to the oldest *nor* to the newest retelling that
    they can find; they look to the *best* one. Disney retold mostly from the
    Perrault story (which was in written form) rather than from one of the many
    movie versions already extant at the time, because that version was the best
    version up to that time. The Disney version was embellished and made more
    interesting than Perrault's, not because it was a movie but because it made
    actual improvements to the storyline -- that is why virtually all subsequent
    remakes have been based on the Disney flick.

    The latest LOTR movies, though fairly good and certainly better than any
    previous movie adaptation, are not of higher quality than the original (not,
    even, of comparable quality really), and so future retellers will look at the
    original; it's better materiel. They can then make their own modifications
    and adaptations and, with a lot of work, hope to produce something better
    than Jackson's version. It is possible that someone will put together at
    some point a version that does exceed the original and become the standard
    telling, but this isn't it, not by a longshot, though it's a good deal
    closer than the previous movie versions.

  9. It's cheaper if you do it the preventative way. on What's The Actual Cost of A Virus? · · Score: 1

    The figure they give is what it costs you if your IT department is totally
    incompetent and allows the computers to get infected in the first place. An
    ounce of prevention is worth a pound of cure. I have a checklist of things
    I do to every new computer we get at my workplace. Not all of the things are
    security-related (for example, I make sure all the corefonts are installed).
    But some of them are. Among these, uninstalling or disabling Outlook is the
    most important. Setting up the IP settings to go through the NAT gateway
    instead of sitting directly on the internet also helps. Now, this *does*
    take some time; by the time I do everything on the list it's 8 or 10 hours
    I spend with each new PC, getting it set up before it's deployed. Most of
    that is installing and configuring stuff, but probably 1-2 hours of it is
    security related. By the time you figure in what I actually make plus the
    various other costs of having an employee (retirement system and insurances
    and whatnot) that's probably $50 or more per computer that we spend on
    preventative maintenance, plus the overhead of maintaining the NAT gateway
    (which is not that much) and maybe 15 minutes a day (average) that I spend
    on the clock reading headlines on the web (e.g., on slashdot) to see if there
    are any major new security issues I should be aware of.

    I'm not sure exactly what all that adds up to, but it's a heck of a lot
    less than $58,000 per virus that we don't catch.

  10. Re:If I had a dollar on Another Serious MSIE Hole · · Score: 1

    > Mozilla is good. It's not the end all be all of web browsing.

    No, of course not. There are at least fifty improvements I personally am
    wanting to see. (Just check the bugs in bugzilla that I'm on the Cc list for.)

    > It has some neat features.

    Neat? It has some *compelling* features, features without which many sites
    (including slashdot) are virtually unusable. Tabbed browsing springs to mind.
    Then there are other sites that are unusable without the other seriously
    compelling feature, capability policies.

    > It doesn't work with all websites. It renders some things stupid.

    This is true of all web browsers. I've virtually given up trying to make
    layouts look the way I want in MSIE, for example; it's layout engine is
    simply too lame to handle resolution-independent layouts. In 1996 when
    everyone was still using 640x480 you could just do a rigid inflexible page
    design (ultimately, one big imagemap), but with the variety of resolutions
    people are using these days, you can't do that anymore. You have to do
    layouts that scale -- and MSIE has a very hard time with these.

    > It has a tendancy to ignore css pixel sizes

    Pixel sizes are very 1996. Today, a pixel could be anywhere from 1/2400th
    to 1/640th of the browser's width or even more if the user's not maximizing
    (e.g., if they like to keep the icons on the left side of their desktop
    visible, or if they just don't understand how maximize works or don't think
    it matters). Basically, you have no idea how many pixels you want anything
    to be, because you have no idea how big a pixel is. So you size things in
    ems or percentages, or let the layout engine determine the correct size.
    About the only things I size in pixels anymore are borders.

    > It is not without bugs (check bugzilla).

    Yeah, but the security bugs in b.m.o are things like, a website could read a
    cookie set by a different website, or it is possible for a website to pop up
    an unrequested window by tricking the user into rolling the mouse pointer
    over something. The security bugs are *not* things like, the browser will
    show the user a harmless data-only extension such as .pdf but actually will
    execute the content if the user clicks "open", allowing the code to do quite
    literally anything it wants with the user's computer.

  11. Re:It depends. on Another Serious MSIE Hole · · Score: 1

    > I've also done work for free for some people, and they're never happy- to
    > the point of hassling me every time they see me because they need help with
    > some piece of software

    I've managed thus far to avoid doing any free tech support work for people like
    that, by my policy of only providing free tech support for a select group of
    people.

    > All in all, refusing to deal with Windows has saved me countless hours

    I support Windows for 1: my employer (while I am on the clock), 2: my parents,
    3: my pastor, and 4: one other family I'm close to. At work, I also have the
    luxury of helping anyone who can bring their problem in to me. (I work at a
    public library, so helping patrons is part of my job.) But I don't make house
    calls, except for the people listed above. (Actually, I have made exceptions
    for two additional people in isolated situations, but not on an ongoing basis.)

    I have discovered that most of the problems people have and want my help with
    turn out not to be such a big emergency if you ask them to bring their PC to
    you for help. The thing that was such a big deal they really wanted me to
    come to their house turns out not to be worth their trouble to unplug a couple
    of cords and bring the computer to me. I now understand why doctors no longer
    make house calls as a general rule.

    MacOS 9 and earlier I support at work *only*.

    As for Linux, or any Unix (well, only including OS X if the user's problem is
    related to the Unix underpinnings), I'd really like to get a users' group
    started here in Galion, and in that capacity would be pleased to try to help
    someone, if I could only find anybody else in town that uses *nix. The
    linuxcounter claims there's another person in Galion, but they don't wish to
    be listed, so I don't know who they are :-(

    As far as people just asking me questions, I don't mind that, especially if
    the questions are fairly sensible or have fairly straightforward answers.

    Sometimes I get questions that I'm not able to answer in the way the person
    hoped, though. The two most common of these are which ISP is best and which
    brand of computer is best. Perhaps my least favorite question like this,
    though, is whether some figure is a "good price" for a computer. (Me:
    "Well, it depends on the computer..." Them: "It's a [some brand that comes
    in 512 different models]" Me: "Yeah, but whether it's a good price depends
    on the technical details like how much RAM it has and what video card chipset
    it uses and so on..." Them: "It's a [brand name]". Me: "I don't know.")
    I get this question a lot, and I hate it, because there's no decent answer.
    It's like asking whether $14,699 is a good price for a vehicle and when
    asked for more details about the vehicle saying, "It's a General Motors."

  12. Re:We've gotta do something about Russia on More MyDoom Gloom · · Score: 1

    > doesent east asia account for 99.985% of all viruses?

    Dunno, but they account for roughly that percentage of all the spam I get.
    Heck, a full third of the spam I get is in Asian character sets; then there's
    the spam that's UTF8 but uses ideographic characters. Then there's the
    English-language spam that comes from the same Asian mailservers...

    Most of the spam I get that's *not* from Asia is 419 stuff.

  13. Re:We've gotta do something about Russia on More MyDoom Gloom · · Score: 1

    > but the line between organized crime and government power seems blurriest
    > in Russia at the moment.

    Um, the *really* corrupt governments are mostly in the third world. Nigeria,
    Columbia, and other small podunk bribe-oriented countries are in a league of
    their own, corruption-wise. Russia has nothing on them. (Yes, bribery is a
    problem in most countries, if not all. But it's a much BIGGER problem in the
    third world.)

  14. Re:Can Someone Explain Forensics? on More MyDoom Gloom · · Score: 1

    > How do they dissect the virus code?

    You take the machine code executable and disassemble it into crude, low-level
    assembly language. (There is a one-to-one correspondance between individual
    low-level assembly instructions and machine code.) Now, you still have a
    mess because you don't know right away what's code and what's data. (The
    disassembly process pretends it's all code but puts the actual numerical
    value of the instruction as a comment in case it's data.) So now you step
    through execution either with a debugger or by hand (the latter is called
    "desk checking" and takes a while), starting at the beginning, going step
    by step. Whenever the code pulls data from a certain location, you mark
    that location as definitely data; when it jumps to or otherwise executes an
    instruction, you mark that location as definitely code. (Unless the thing
    was written by Mel, the Real Programmer, no location is likely to be both.)
    Gradually you puzzle out what the thing is doing. (It's not easy.)

    > How does it help determine country of origin?

    That's another kind of fornesics, wherein you pick some places that got the
    thing and figure out where they got it from. If you trace a number of
    infections from well-separated places around the internet back several steps
    each and most of them got it from the same general area, it's likely that
    the thing came from somewhere near there -- though it's hard to be sure.

    > How can that lead to finding the writer?

    That's harder, but the basic idea is to trace back until you find where the
    thing was originally introduced into the wild.

    > Do virus writers have their own signatures?

    Some may; others may not.

    > And are they not smart enough to just not include that in the virus that
    > they distribute?

    I suspect that in some cases the virus gets loose into the wild before the
    writer intends to release it, while they're still testing/revising it.

  15. Re:spammers? on More MyDoom Gloom · · Score: 1

    > in order for worm/spammers to profit from spam, they have to put some
    > link back to themselves in the spam, don't they?

    To themselves? Directly? No. They have to put something in there that has
    to do with whatever they're selling, but that likely can be traced to a
    *customer*. A customer who can deny having anything to do with it or any
    prior knowledge. ("Yeah, *someone* has been sending out this mail that
    mentions us; we got some of it too. But it wasn't us that sent it.) It in
    theory is possible to get enough information out of one of these customers
    to trace it back to the spammer, but then you still have to prove it.
    There's also of course the approach of using packet logging to watch an
    infected system and see where the control messages that result in the spam's
    being sent are coming from. However, they're probably coming from another
    compromised system. Ultimately they come from the spammer/cracker/loser,
    but tracing it back can be hard.

    I'm not saying they can't be tracked down, only that it's probably not as
    easy as you make it sound.

  16. Re:Good for Optus! on More MyDoom Gloom · · Score: 1

    > please take note, and block egress port 25 traffic. Otherwise, you are
    > part of the problem.

    I don't block port 25 traffic from my network, and my network is *not* part
    of the problem. (Of course, I don't allow Outlook on my network either...)

  17. Re:Not to condone writing worms.... on More MyDoom Gloom · · Score: 1

    > Wouldn't it be ironic if a worm were to DDoS slashdot.

    No, ironic would be if a worm locked down various security holes in the OS,
    installed a firewall, disabled known-vulnerable software (e.g., Outlook),
    and so on and so forth.

  18. Re:What about the open source community? on Linus Speaks Out, Calls SCO 'Cornered Rat' · · Score: 1

    > It is very interesting that Darl & Co haven't yet mentioned this new worm.
    > Why? Perhaps Darl & Co put it out there in the first place to make SCO look
    > even more like a victim

    I very much doubt this. It's not that I think they'd have an ethical objection,
    so much as that I really don't think they're that clever. Much more likely it
    was created by one of the same losers who created the last six Outlook viruses.
    The author is obviously *aware* of the SCO lawsuits, but it's probably a cover
    as has been suggested for the worm's real activities and the author's identity.

    If a member of the Linux community were to take the trouble to create an
    Outlook virus, it would do something more spectacular, such as masquerade as
    a "Microsoft Security Control Panel" or whatnot and warn the user about various
    vulnerabilities of their system periodically. "WARNING: Your computer has
    Windows Messaging service enabled. This service is intended only for use
    behind a firewall and is not needed for most users, but could provide a point
    of entry for an attacker to take control of your system. It also allows
    advertisers to pop up messages on your screen at any time, which could be an
    invasion of your privacy. Would you like to disable this service?
    [Disable Messenger Service] [Keep Enabled] [Ask Again Later]".

    It could pop up a warning like that every couple of days for several months,
    warning the user to disable IIS or lock it down a bit, replace Outlook with
    a safe mailreader, turn off unneeded CIFS and related services, turn on the
    builtin firewall (if the user has WinXP), et cetera, ad infinitum, ad nauseaum.
    Or perhaps it would install Mozilla and make it the default browser. Or maybe
    it would rotate the user's signature through a repertoire of a couple hundred
    anti-microsoft comments. Or change the homepage to point to OSDN. There are
    a virtually unlimited number of interesting, creative, mostly-harmless things
    that could be done. If a member of the OSS community were to write a virus,
    this is the sort of thing it would do. If we wanted to DDOS SCO, there are
    easier ways to do that, but what would be the point? It's not as if SCO's
    ability to advertise or support their products on their website is in any way
    important to their business model at this point.

  19. Re:we just bounce the headers on Why Do Email Admins Make Viruses Worse? · · Score: 1

    > I'm not (very) worried about bandwidth

    That's because you're only bouncing the text parts. I don't mind that quite
    so much (though it still annoys me, getting hundreds of bounces for messages
    that I didn't send, just because a bunch of idiots who think it's a good
    idea to use Outlook have me in their address book). The real problem is
    the AV packages that bounce the entire message, including the attachment.
    That adds up to quite a lot of bandwidth. During the last big Outlook virus
    outbreak I found that my dialup connection was barely able to keep up with
    retrieving my mail as fast as it was arriving, due to all the huge attachments.
    (I'm apparently in quite a lot of Outlook users' address books, for some
    reason.) At least a third of that consisted of bounced copies.

    I long for the days when I used to explain to people why it was impossible to
    get a virus by email. Okay, so a lot of the software we had back then sucked;
    the browsers sucked quite badly -- but oh, email was better then.

  20. Re:Accept and remove, or bounce? on Why Do Email Admins Make Viruses Worse? · · Score: 1

    > What is worse, bouncing it, or accepting it?

    There's no reason to do either. Just drop it into the bit bucket. You don't
    save any bandwidth by rejecting it, since by the time you've detected the
    virus you have already incurred the bandwidth burden. So just route it
    direct to the dustbin.

  21. Re:Check for valid source before notification on Why Do Email Admins Make Viruses Worse? · · Score: 2, Interesting

    > For now, I'd settle for enforcing strict compliance with RFCs

    Indeed. I'd pay money to get my ISP to block messages that don't have a
    valid Subject: header.

    > helo must be a FQDN that can be forward and reverse dns matched with the
    > connecting IP would be an excellent start

    I've considered merely rejecting mail from sending servers whose IP address
    has no PTR record whatsoever. The only problem with this is that it blocks
    approximately 110% of the continent of Asia from sending you mail. (Then
    again, I'm of two minds about whether that would be bad...)

  22. Re:bounces are good on Why Do Email Admins Make Viruses Worse? · · Score: 1

    > I run a mail server with 13000 users! Getting every bounce of these things to
    > postmaster no matter who sent it would make me route postmaster to /dev/null

    Dude, why don't you just route the "Warning: someone forging your address in
    the From field sent us a virus!" messages to /dev/null? Nobody wants them.

  23. Re:I'll stand up and be flamed. on Forums for Windows Admins? · · Score: 3, Insightful

    > The original story appears to come from a professional windows admin. By the
    > nature of ths OS, that is an easier job to be competent at than a UNIX admin.

    Actually, I'd say it's much harder to be a *competent* Windows admin. I have
    more experience with Windows than with *nix (though not as *much* more as I
    used to have), but I'm definitely more competent with *nix.

    > If you need to setup an email / groupware server then go and install MS
    > Exchange on a Windows 2000 server. I've done it. Click, Click, Click and
    > you're done.

    Heh. Rose-tinted glasses you're wearing. More like Click, click, click,
    (most of those clicks are on "Next" BTW) and then you're just getting
    started, because next week you're going to be googling for some obscure
    error message trying to figure out what the heck it means. (Granted, this
    happens with Linux too, but less often -- and when it does happen on Linux,
    it's usually when you were making changes (e.g., installing a new version),
    not out of the blue. Unless you have a hard drive start to quietly go bad,
    in which case all *sorts* of weird things happen, as I know from experience.)

    > For your clients you can install MS Outlook

    Sure, and then your whole network goes down for two days at a time once or
    twice per quarter. See, that's what I'm talking about; it's easy enough to
    be a novice Windows admin, but competence is harder; you have to learn things
    the hard way. For Windows desktops, you install Pegasus Mail for email, or
    at least Eudora, or Agent, or *something*. No competent admin would install
    Outlook for a fresh deployment unless directly ordered to do so by management,
    because Outlook is virtually impossible to keep running smoothly over the
    medium term. But you don't find that out (unless you're the kind who does
    research on every piece of software before you deploy it) until you've been
    running it for a few weeks/months, and by then your users have invested time
    in learning it that you don't want to take away from them, so you're stuck
    between a rock and a hard place. So you scour the internet for tips on
    securing Outlook and Exchange. Now you have to learn five or ten times as
    much (as you would have needed to learn if you installed a different option),
    because you have to filter all the mail traffic, removing not only certain
    content types, but also *any* content-type with certain filename extensions,
    and you need to block outgoing connections to port 110 and 143 and 220 and
    maybe 993. So you need to set up a firewall that all of your network's
    traffic goes through... Now you've branched out into content-filtering
    *and* firewalls, two relatively technical subjects, just to keep email
    working properly. This is typical with Windows administration.

    > Try and do the same thing on UNIX.

    It takes longer to be "done" on *nix, yes, but when you're done your
    actually mostly done. Say for example you install Postfix. (This is
    really hard: in rpmdrake you click on the checkbox for postfix and hit
    the "Install" button.) Now, granted, before you're "done" you have to
    configure it, because otherwise nothing's going to work. So you fire up
    a text editor and read through the config file (which is well commented,
    as virtually all config files are on the major distros these days) and
    change the options you need to change. Now, this *does* take longer than
    installing Exchange, *and* it requires more technical knowledge, such as
    how to use a text editor.

    However, once you're done you can hire a chimpanzee to administer it, provided
    you tie up the chimp so he can't touch anything. Security is mostly a matter
    of scanning the slashdot headlines once a day just in case there's a big
    exploit (in which case, you fire up the "update" utility, look for a Postfix
    update, click its checkbox, and hit "install".)

    > What about a web server. Add Remove programs, Windo

  24. Re:I'll stand up and be flamed. on Forums for Windows Admins? · · Score: 1

    > stringing together awk | sed | cut | sort | grep to do things

    Ew. I sometimes string together grep and sort with ls, ps, or whatnot, but
    when you get the urge to use awk or sed, it's time for a Perl one-liner.

  25. Commander Keen on Neglected Classic Games That Deserve Remakes? · · Score: 5, Interesting

    I was greatly disappointed when Duke Nukem got redone as 3D but Commander Keen
    didn't. Keen was a much better game than Nukem in almost every respect and
    had a lot more vertical action, which would have made for a lot of interesting
    possibilities in a 3D version -- platforms up above your head and all that
    would make the game play like more than just another Doom clone, as you'd
    have to be alert to things going on above (and below) you. Plus, the light,
    cartooney spirit of Keen is something the FPS world could really use; I mean,
    aren't you tired of seeing skulls and blood all the time? Wouldn't it be nice
    to see some weird slugs and neon green slime for a change?

    Plus, it would probably be the first FPS to include a pogo stick with
    exaggerated bounce. Bonus points if you also get to fly the Beans-with-Bacon
    rocketship.

    I don't buy a lot of games, but I think I'd buy Keen3D, if it were done well.