Yeah I was about to reply to that too... wtf... Mandrake is an RPM distro so if you can't install something *becaue* it's in RPM, you may want to RTFM.
You're not getting the point. They acquire the Gnome Experts. A few weeks later, they acquire the KDE experts. That doesn't mean they are dropping KDE for Gnome or Gnome for KDE... it simply means they are going to invest in both and strengthen themselves in both areas.
You buy a ford car. Someone tells you to pay $100/year and they won't punch holes through your tires for a year. Is ford to blame for selling you a car with tires that could be deflated? likely no.
Call me paranoid but I wonder if those 40,000 'volunteers' are even aware that they have agreed to install monitoring software on their computer and that someone is checking everything they do.
I wouldn't even be surprised if the monitoring was handled by Gator:P
They say that they will defend you as an HP user and represent you in Court. That gives you a hell of a better chance but that doesn't mean they will *win* your case for you.
In 3 years, Microsoft's business model will switch exclusively to the SCO business model. Since they won't be able to sell their product because it takes them too long to develop them and the quality is barely acceptable in most cases, they'll just start sueing any company that did any work based on MS technologies (Novell/Ximian), any company that cloned the looks of windows (Lindows/Lycoris/Xandros), but also any user who ever used any pirated copy of any MS software (about 80% of the planet).
As you can see, we shouldn't be too worried about the future of Microsoft as a business entity.
But the flood is not the SSH bug itself, the fact that you can flood a box running SSH is not a design flaw of SSH in any way. You can flood any service and eat resources... no matter what service is running. I think if you can just configure SSH or port-sentry to simply allow 3 attempts from the same IP address or even network block, it's not a fix but a good workaround as it will definitely help you secure your ssh-based system.
Wait.. you mean to tell me some people are getting paid to smell farts? If we could only get a penny for every fart we smell whenever we take public transportation (planes and trains probably being the worst), work, university, etc... Most of us would probably never have to work... I sure wouldn't...
Agreed... Also thanks for pointing out that this upgrade will most likely involve quite a massive amount of systems, it seems obvious that the idea mentioned above to hire someone to do the support is a very bad idea considering hiring a support person is really a terrible idea... You just can't allow that kind of stuff in the real world... Not only is it quite a bit to handle for a large and experienced support team but it's a very scary thought to have one person do all the support on their own...
When Redhat goes up a major version it breaks binary compatibility
You're saying this like it happens every time... It just so happened that the binary compatibility of ANY linux distro based on older GCCs at this point had been broken... That's also the case for SuSe, etc... When you compile a distro say... Debian, with gcc 2.x, when they upgrade to 3.x in 5 years or so, all the packages will be broken at that point... That really has nothing to do with RedHat in particular...
Yes oh my god.. they run this on a PRODUCTION server... you're right, this is very foolish... everyone knows s represent an enormous security vulnerability on whatever server you put it...
And yeah, since there's an iframe, that totally means OpenSource software is not reliable...
Slashdot Mirror
Yeah I was about to reply to that too... wtf...
Mandrake is an RPM distro so if you can't install something *becaue* it's in RPM, you may want to RTFM.
You're not getting the point.
They acquire the Gnome Experts.
A few weeks later, they acquire the KDE experts.
That doesn't mean they are dropping KDE for Gnome or Gnome for KDE... it simply means they are going to invest in both and strengthen themselves in both areas.
I think a better way of seeing this is as follow:
You buy a ford car.
Someone tells you to pay $100/year and they won't punch holes through your tires for a year.
Is ford to blame for selling you a car with tires that could be deflated? likely no.
Call me paranoid but I wonder if those 40,000 'volunteers' are even aware that they have agreed to install monitoring software on their computer and that someone is checking everything they do.
:P
I wouldn't even be surprised if the monitoring was handled by Gator
Privoxy (formerly known as JunkBuster) has been doing this very successfully for years now.
And it does it to the scale of your entire network (since you integrate it with your proxy server) and with any browser you can possibly think of.
very clever
It's true though.
Linux is a complete monopoly over 5% of the desktop market... this should be illegal... aren't there anti-trust laws against that?
No, more like threaten to sue anyone who ever purchased a smart-cart reader for whatever purpose, even not direct-tv related.
Let's not forget DirectTV's business plan as well.
They say that they will defend you as an HP user and represent you in Court.
That gives you a hell of a better chance but that doesn't mean they will *win* your case for you.
In 3 years, Microsoft's business model will switch exclusively to the SCO business model.
Since they won't be able to sell their product because it takes them too long to develop them and the quality is barely acceptable in most cases, they'll just start sueing any company that did any work based on MS technologies (Novell/Ximian), any company that cloned the looks of windows (Lindows/Lycoris/Xandros), but also any user who ever used any pirated copy of any MS software (about 80% of the planet).
As you can see, we shouldn't be too worried about the future of Microsoft as a business entity.
All the prices you see on the sun website are negatives... They're all just the amounts they're willing to pay you for using it.
Seriously, this entry has been part of the Compaq FAQ for YEARS!
Only if they can prove this affected your business and prove that it led to the loss of some of your clients, then yes.
Portsentry actually has the ability to perform this operation for one specific host at a time so this rule would only apply to the attacker.
Har Har Har... Told ya!
I agree with you on that one.
However, there's not much that can be done except set up decent firewall rules.
But the flood is not the SSH bug itself, the fact that you can flood a box running SSH is not a design flaw of SSH in any way.
You can flood any service and eat resources... no matter what service is running.
I think if you can just configure SSH or port-sentry to simply allow 3 attempts from the same IP address or even network block, it's not a fix but a good workaround as it will definitely help you secure your ssh-based system.
And in order to do this, all they have to do is show the court The letter sent from SCO to RedHat's clients... pretty sure that'll do it...
Wait.. you mean to tell me some people are getting paid to smell farts?
If we could only get a penny for every fart we smell whenever we take public transportation (planes and trains probably being the worst), work, university, etc... Most of us would probably never have to work... I sure wouldn't...
In that case, shouldn't SGI be suing SCO for ... ???
profit?
Agreed...
Also thanks for pointing out that this upgrade will most likely involve quite a massive amount of systems, it seems obvious that the idea mentioned above to hire someone to do the support is a very bad idea considering hiring a support person is really a terrible idea...
You just can't allow that kind of stuff in the real world... Not only is it quite a bit to handle for a large and experienced support team but it's a very scary thought to have one person do all the support on their own...
When Redhat goes up a major version it breaks binary compatibility
You're saying this like it happens every time...
It just so happened that the binary compatibility of ANY linux distro based on older GCCs at this point had been broken...
That's also the case for SuSe, etc...
When you compile a distro say... Debian, with gcc 2.x, when they upgrade to 3.x in 5 years or so, all the packages will be broken at that point...
That really has nothing to do with RedHat in particular...
Totally agreed...
Debian zealotry is a plague
Yes oh my god.. they run this on a PRODUCTION server... you're right, this is very foolish... everyone knows s represent an enormous security vulnerability on whatever server you put it...
And yeah, since there's an iframe, that totally means OpenSource software is not reliable...