You have to realize that most people who are able to retire in their 60s have either a pension or good investments. Those that are able to retire sooner have been really smart about their money, paid off their mortage early and made a conscious effort to live on cash alone. The problem with most people is that they look at financing vehicles and credit cards as a way of life, just like the electric and phone bill. The people who do retire comfortably are the ones that save and invest what would have otherwise been spent on interest and more expensive, unneeded material things. The more time you have money earning interest, the better it is, but investing takes time. Bringing in more money alone won't get you to retirement. Time, steady income and smart spending/saving is what gets you to retirement.
I second this whole heartedly. People don't realize that there is geography and multiple layers of networking equipment at play in the "speedtest". I rarely get single downloads over 250 to 300 KB/s (Kilobytes) and I have a 7Mbit down/512Kbit up cable connection. The other day, I downloaded the Ubuntu Dapper ISO via BitTorrent. Holy hell, I was getting upward of 850KB/s (Yes, kilobytes). Typically, when downloading something directly from my ISP's NNTP server, I get 900KB/s to 1MB/s down. Usually, for upload speeds, it tops out at around 55 to 60KB/s. When looking at connection speed, you have to realize there are multiple factors at play and the biggest thing people forget is what is on the other side and how much stuff you have to go through to get to it. Even if the speedtest is across town, you may go half way across the country by wire before it hits their server.
Has no one heard of the Privacy Act of 1974? Things such as SSN, birth dates, telephone numbers, addresses, etc are all protected. Somehow, it only makes sense to blank that out, even when it comes to freedom of information actions. I'm ashamed to call Florida my state of residence now.
I hate to burst your bubble, but you can enable the root account on Ubuntu. It's a simple sudo passwd root. Following that, you can be root.
I'm still confused why it's considered a stupid idea to disable the root account though? I think it's a great idea. There are few times that your really need to be root. Most things should be done with sudo, if you need root permissions.
You know, I have to maintain Windows servers at work. I wouldn't call their system inherently insecure. No less secure than Linux at least. If you don't use good passwords, don't update packages and run lots of open services, a Linux box can be compromised just as quickly as a Windows machine. The OS is rarely the weakness in the security chain; most of the time, it's the admins running the box.
We run Exchange for our mailserver at work. Each user is only allowed 100MB. After that, warnings are sent to the user. After 125MB, the user cannot send mail and after 150MB, no send or receive is allowed. Attachments are limited to 15MB (I think...somewhere around there) and users are encouraged to keep PSTs, but they are not allowed on the fileservers. There is a trade off between convenience and the amount of money you throw at storage and infrastructure. Since most people only use one computer for their email, they should be fine with keeping the PST on their desktop system. If they need their mail to follow them, then they can keep it in the mailbox on the server. 100MB should be plenty for the average user to have for anywhere access.
While not used on every desktop, I know of a lot of F/OSS being used everyday in the military. It would be stupid to not use it. Why would companies like Redhat and Novell spend money on getting their software certified to run on classified systems if it wasn't going to get used? While we may be selling out to Microsoft a lot, there are times when those of us who know better manage to convince the decision makers of the right tool for the job. In some cases, it's a MS product, in others, it's something else.
This is why it's important to have good policies and proper seperation of permissions on your resources. Where I work, no personal storage devices, to include thumb drives, music players and external hard drives, are allowed to enter the building. Personal laptops must be signed in and they are forbidden from going on the network. If they do and we find out about it, the laptop is seized, thoroughly searched and then wiped. Too bad, so sad. They knew the policy when they walked through the door.
How many times have you admins been told to use a non-administrator account for your day to day operations and to give users the least privleges possible? Don't make users local administrators to their machines. Don't give all of your user's domain admin access on a windows network. Don't give sensitive network shares full access to everyone. So many people focus on boundary security and leave their internal network absolutely open. Like others have said, it doesn't take software to do this. It also doesn't take an idiot with some clue of permissions to stop this sort of thing from happening in the first place.
People seem to forget about a thing in writing called "Scope". Say it with me now, "Scope". The scope of this article is not to inform you, the reader, of Qt, Motif or anything other than GTK+. Baby Jesus on a cross, I'm sick and tired of everyone turning crap into holy wars. You guys sure you don't worship (GNU/Linux-distro of choice|FreeBSD|OpenBSD|Solaris|Windows|OS X|XFree86|X.org|Gnome|GTK+|KDE|Qt|Bread|Water)?
What the hell happened to reading an article about one thing and not getting INSANELY JEALOUS that YOUR thing of choice, which happens to be similar to the thing in the article, isn't also being talked about?
It lists other bounties, but seeing as it is so new, I'm guessing they haven't found very many yet. If people aren't visiting the site and sending them info for other bounties, then the listing on there will be very limited.
There were bounties for Limewire, Horde and DTV. I'm sure if someone submitted a KDE bounty, they would post it.
Just a little advice, you don't sound like you're from Public Affairs. To correct you, we do work with the other services, and a lot. You're an airman and must not have seen that much of the AF yet. A lot of the IT folks in the AF do have a clue. Give us a little more credit.
Also, there are multiple layers of scanning that goes into the emails that come into and go off a base. The typical setup is a mail gateway on the external side of the firewall, another filter on the internal side of the firewall and antivirus on the servers themselves. You then have antivirus running on the end user desktops. Those products are COTS (commercial off the shelf) products and some are even opensource, but just because we're the AF doesn't mean Symantec and whoever else writes anti-virus definitions come out with updates any faster for us. Stuff is going to slip through. It's an unfortunate truth and if we were running all UNIX stuff, then there would probably be some viruses written for it still coming in the email.
In that case he makes 7 partitions and uses software to do a raid5 setup over the first 6 partitions, using the last one as parity. 428GB with a perfect, online safety net. Pretty smart, huh?
How the hell is this redundant? You still have 1 drive that can fail. Of all of the drives I've seen die, not once have I saved data because it was on a seperate partition. The entire drive died and that was all she wrote.
You should be calling your local COMPUSEC manager or Information Assurance manager, who probably works in the local COMM Sqadron. There are tons of guidance out there for the proper use of SECRET level systems. Basically, anything that goes into the system, once it has anything classified on it, becomes that level of classification. In other words, any CD that is burned, any floppy, thumbdrive or any other removable media, all classified to the highest level of any information on that system. If that system is connected to a classified network, then it is to the highest classification level of that network. Also, you have to seperate that classified system at least 3 feet from any unclass system. Also, you are right, the system must have a removable hard drive and that drive and any classified media must be secured in a GSA approved secure container such as a safe and that safe must be treated as classified also to the level of the highest classified item in it. There are Regs that cover all of this and the commander of the unit or installation may have rules regarding removable media (what is and isn't allowed).
Wrong. I'm military and have been on enough satellite connected networks. Typical ping is about 300ms and up depending on the load of the link. The only times I've seen 800ms is when a link was nearly saturated. If that were the case, you would have at least 800ms of delay from any voice network that went through a satellite as well. I just talked to a guy in Iraq yesterday and there definitely wasn't 800ms of delay on that line.
All of that "pay-for" stuff is covered by the $500/yr education package. All of their systems, $500/yr license for support and full versions. Much better than Windows. I look at it as a gateway dr....istro. Yeah, that's it.
More than likely, they will take their current IT staff and send them to some training classes to get them spun up and have a couple of linux savy consultants on standby for when stuff breaks that is over the full time staff's heads.
And why won't the sell go through? Cheaper licensing, cheaper service? How is that a bad thing for a cash strapped school system?
I know most schools don't operate in class computers and labs in a traditional Windows Domain environment, most of the time running as stand alone workstations. Provided the right setup of these systems, it could be great for them. Not only can they lock the systems down from students, they also remove most of the chance for spyware and other malware. Best of luck to them.
This is off topic, but have you tried XP x64 Edition? There are so many driver/compatibility issues that it doesn't even come close to being worth using...yet.
I'll still with SuSE 9.3 x86_64 for my Athlon64, thank you very much.
But the GP post is right about 2k3. I ran it as a domain controller on a P3 550 with 384 MB PC100 memory for a while (before switching to a Samba PDC) and it ran admirably. At times, I thought Firefox actually ran faster on it than my XP machine did.
I'm on my brand spankin' new debian install with xorg going and the latest nvidia drivers. The only things I had to change in the transition from XFree86 to X.org was to change the driver for the keyboard from "Keyboard" to "kbd". Everything else was standard with the nvidia install.
There are 100% free/open-source distributions out there. And if you ask anyone at the GNU, then Linux is just a kernel. And as far as I can remember, that is all free.
What is someone gets into your home wireless and captures the traffic for that ssl session? They would have your key if they see the first part of it and then you're screwed.
The fact remains that the burden of proof is on "them". It makes me laugh to see all of these arm chair lawyers throwing in their knowledge of law from Law and Order, Perry Mason and Matlock.
Slashdot Mirror
You have to realize that most people who are able to retire in their 60s have either a pension or good investments. Those that are able to retire sooner have been really smart about their money, paid off their mortage early and made a conscious effort to live on cash alone. The problem with most people is that they look at financing vehicles and credit cards as a way of life, just like the electric and phone bill. The people who do retire comfortably are the ones that save and invest what would have otherwise been spent on interest and more expensive, unneeded material things. The more time you have money earning interest, the better it is, but investing takes time. Bringing in more money alone won't get you to retirement. Time, steady income and smart spending/saving is what gets you to retirement.
I second this whole heartedly. People don't realize that there is geography and multiple layers of networking equipment at play in the "speedtest". I rarely get single downloads over 250 to 300 KB/s (Kilobytes) and I have a 7Mbit down/512Kbit up cable connection. The other day, I downloaded the Ubuntu Dapper ISO via BitTorrent. Holy hell, I was getting upward of 850KB/s (Yes, kilobytes). Typically, when downloading something directly from my ISP's NNTP server, I get 900KB/s to 1MB/s down. Usually, for upload speeds, it tops out at around 55 to 60KB/s. When looking at connection speed, you have to realize there are multiple factors at play and the biggest thing people forget is what is on the other side and how much stuff you have to go through to get to it. Even if the speedtest is across town, you may go half way across the country by wire before it hits their server.
Has no one heard of the Privacy Act of 1974? Things such as SSN, birth dates, telephone numbers, addresses, etc are all protected. Somehow, it only makes sense to blank that out, even when it comes to freedom of information actions. I'm ashamed to call Florida my state of residence now.
I'm still confused why it's considered a stupid idea to disable the root account though? I think it's a great idea. There are few times that your really need to be root. Most things should be done with sudo, if you need root permissions.
You know, I have to maintain Windows servers at work. I wouldn't call their system inherently insecure. No less secure than Linux at least. If you don't use good passwords, don't update packages and run lots of open services, a Linux box can be compromised just as quickly as a Windows machine. The OS is rarely the weakness in the security chain; most of the time, it's the admins running the box.
We run Exchange for our mailserver at work. Each user is only allowed 100MB. After that, warnings are sent to the user. After 125MB, the user cannot send mail and after 150MB, no send or receive is allowed. Attachments are limited to 15MB (I think...somewhere around there) and users are encouraged to keep PSTs, but they are not allowed on the fileservers. There is a trade off between convenience and the amount of money you throw at storage and infrastructure. Since most people only use one computer for their email, they should be fine with keeping the PST on their desktop system. If they need their mail to follow them, then they can keep it in the mailbox on the server. 100MB should be plenty for the average user to have for anywhere access.
While not used on every desktop, I know of a lot of F/OSS being used everyday in the military. It would be stupid to not use it. Why would companies like Redhat and Novell spend money on getting their software certified to run on classified systems if it wasn't going to get used? While we may be selling out to Microsoft a lot, there are times when those of us who know better manage to convince the decision makers of the right tool for the job. In some cases, it's a MS product, in others, it's something else.
How many times have you admins been told to use a non-administrator account for your day to day operations and to give users the least privleges possible? Don't make users local administrators to their machines. Don't give all of your user's domain admin access on a windows network. Don't give sensitive network shares full access to everyone. So many people focus on boundary security and leave their internal network absolutely open. Like others have said, it doesn't take software to do this. It also doesn't take an idiot with some clue of permissions to stop this sort of thing from happening in the first place.
People seem to forget about a thing in writing called "Scope". Say it with me now, "Scope". The scope of this article is not to inform you, the reader, of Qt, Motif or anything other than GTK+. Baby Jesus on a cross, I'm sick and tired of everyone turning crap into holy wars. You guys sure you don't worship (GNU/Linux-distro of choice|FreeBSD|OpenBSD|Solaris|Windows|OS X|XFree86|X.org|Gnome|GTK+|KDE|Qt|Bread|Water)?
What the hell happened to reading an article about one thing and not getting INSANELY JEALOUS that YOUR thing of choice, which happens to be similar to the thing in the article, isn't also being talked about?
It lists other bounties, but seeing as it is so new, I'm guessing they haven't found very many yet. If people aren't visiting the site and sending them info for other bounties, then the listing on there will be very limited. There were bounties for Limewire, Horde and DTV. I'm sure if someone submitted a KDE bounty, they would post it.
Also, there are multiple layers of scanning that goes into the emails that come into and go off a base. The typical setup is a mail gateway on the external side of the firewall, another filter on the internal side of the firewall and antivirus on the servers themselves. You then have antivirus running on the end user desktops. Those products are COTS (commercial off the shelf) products and some are even opensource, but just because we're the AF doesn't mean Symantec and whoever else writes anti-virus definitions come out with updates any faster for us. Stuff is going to slip through. It's an unfortunate truth and if we were running all UNIX stuff, then there would probably be some viruses written for it still coming in the email.
How the hell is this redundant? You still have 1 drive that can fail. Of all of the drives I've seen die, not once have I saved data because it was on a seperate partition. The entire drive died and that was all she wrote.
You should be calling your local COMPUSEC manager or Information Assurance manager, who probably works in the local COMM Sqadron. There are tons of guidance out there for the proper use of SECRET level systems. Basically, anything that goes into the system, once it has anything classified on it, becomes that level of classification. In other words, any CD that is burned, any floppy, thumbdrive or any other removable media, all classified to the highest level of any information on that system. If that system is connected to a classified network, then it is to the highest classification level of that network. Also, you have to seperate that classified system at least 3 feet from any unclass system. Also, you are right, the system must have a removable hard drive and that drive and any classified media must be secured in a GSA approved secure container such as a safe and that safe must be treated as classified also to the level of the highest classified item in it. There are Regs that cover all of this and the commander of the unit or installation may have rules regarding removable media (what is and isn't allowed).
Hope this helps.
Wrong. I'm military and have been on enough satellite connected networks. Typical ping is about 300ms and up depending on the load of the link. The only times I've seen 800ms is when a link was nearly saturated. If that were the case, you would have at least 800ms of delay from any voice network that went through a satellite as well. I just talked to a guy in Iraq yesterday and there definitely wasn't 800ms of delay on that line.
All of that "pay-for" stuff is covered by the $500/yr education package. All of their systems, $500/yr license for support and full versions. Much better than Windows. I look at it as a gateway dr....istro. Yeah, that's it.
More than likely, they will take their current IT staff and send them to some training classes to get them spun up and have a couple of linux savy consultants on standby for when stuff breaks that is over the full time staff's heads.
And why won't the sell go through? Cheaper licensing, cheaper service? How is that a bad thing for a cash strapped school system?
I know most schools don't operate in class computers and labs in a traditional Windows Domain environment, most of the time running as stand alone workstations. Provided the right setup of these systems, it could be great for them. Not only can they lock the systems down from students, they also remove most of the chance for spyware and other malware. Best of luck to them.
Those were two different guys. The one that looked to Microsoft was from Baptist Healthcare.
This is off topic, but have you tried XP x64 Edition? There are so many driver/compatibility issues that it doesn't even come close to being worth using...yet. I'll still with SuSE 9.3 x86_64 for my Athlon64, thank you very much. But the GP post is right about 2k3. I ran it as a domain controller on a P3 550 with 384 MB PC100 memory for a while (before switching to a Samba PDC) and it ran admirably. At times, I thought Firefox actually ran faster on it than my XP machine did.
I'm on my brand spankin' new debian install with xorg going and the latest nvidia drivers. The only things I had to change in the transition from XFree86 to X.org was to change the driver for the keyboard from "Keyboard" to "kbd". Everything else was standard with the nvidia install.
Yeah...I'm an idiot. I misread that at first and realized what the poster was saying.
So you don't go to hospitals?
Not if you don't want it to be.
There are 100% free/open-source distributions out there. And if you ask anyone at the GNU, then Linux is just a kernel. And as far as I can remember, that is all free.
What is someone gets into your home wireless and captures the traffic for that ssl session? They would have your key if they see the first part of it and then you're screwed.
I got to the page just fine. Quit quickly actually.
The fact remains that the burden of proof is on "them". It makes me laugh to see all of these arm chair lawyers throwing in their knowledge of law from Law and Order, Perry Mason and Matlock.