Was the password set by an individual who then gave each part to the respective person, or did each of the 3 type their own part of the password that they came up with?
It was generatede by one person , who then split it between 3 people. But root login was allowed only from terminals, (no root login over intranet , very strict policy, su command disabled).
And the person , who generated the password, was not allowed anywhere near the terminals, he had no access the server rooms, so he couldn't use it.
it is still a bit weak,as in he could pass the password to someone who has access to the terminal, but any password breach would immediately point to him , and he would not only loose his job but risk criminal insvigation.
Neat idea though, and sounds like they had a good security policy.
no kidding, Mention the word craker and everybody in a typical corporate freaks out, not these guys, they used to hire them regularly to find holes in their netowrk/systems. They were very much positive to white caps, though I don't know their stance on grey caps.
Yes this may not be prevented , but can definitely be detected by periodically checking proxy server logs.
first off all, I am very uncomfortable with a corporate LAN , which is on the internet. The least you can do is set up a gateway and NAT the local lan. And use a proxy server.
A periodic check of proxy-server log, should indicate any suspicious activity, and can be prevented in future.
What kind of stupid sys-admin allows.vbs,.js ,.exe,.sws attachements thru the corporate email ?
What kind of idiot sys-admin would allow the corporate users , to run their PCs with admin previleges , so that any unwanted junk s/w be installed on their PCs ?
Which genius allows unrestricted access to confidential corporate data to its users ?
Why do the corporate firewalls not block out-bound traffic to all ports but a select few HTTP/SSL ect ?
I mean come on, granted that this guy Darl is a major league a-hole,but he is doing a great job as far as a CEO is concerned.
After all if you are a CEO, all you need to do is create enough confidence in stock investors, and he is doing that for sometime.
Now when the $|-,1+ hits the fan, then its going to be a totally different story, but by then he would have sold all his stocks, retired on a a fat bonus and earning 10% on his savings, and crusing in bahamas.
You don't need to recompile the kernel to watch DivX movies. You just need a new version of mplayer.
Dude, Have you ever tried getting help from mplayer authors ? All you get is RTFA, even if you have read TFA and not able to find what you want. The help , faq, codec infos all are so apthetically written, they would fail both the english class and technical writing class too.
Don't get me wrong , mplayer is one true amazing product, but compiling it, installing it with win32 dlls, realplayer dlls, quicktime support is a royal PITA.
As compared to that recompiling the kernel is much much easier, all one needs is a basic understanding of PC architecture, and read all the help about each option. I know it can be very timeconsuming to read all that help, but afeter you have read it and follow the instructions step-by-step , you can't go too wrong.
I don't mean to troll, but I am speaking from personal experience.
As to grandma question, i think recompiling kernel and installing mplayer both are out of question.
How about suing the dog of the kid that live's next door to the ISP's employee's mother-in-law's sister's step-son's friend ?
I am sure he is also connected in some way or OTHER to this, no ?
Newsflash:- It's not the same Gore, this guy is Gore Vidal, a political and social critique, the guy who lost was "Al gore", (The inventor of internet, oatleast as per dublya).
Pure high quality top management PR bull$hit. I don't see free software dying anytime soon, as long as debain, gentoo, slackware, LFS are around.
And if Microsoft's business model is indeed true and going by their word, that s/w amounts to only a fraction of total cost, then whether linux is free or not, really doesn't matter does it ?
So going by microsoft's argument, it really doesn't matter costwise (only software) whether you are using linux or Windows. But by using linux you get a much stable, scalable, SECURE, reliable , easily configurable, accountable s/w, instead of propritory, unsecure, un-scalable, s/w.
Truth (Marketing definition):- A blatant lie, told with utmost confidence, and backup up by forged yet sensational statistics and meaningless pie-charts, and bar graphs.
What happens, if you return the product for any reason, and the company wants to recredit you the money.
Can they recredit the money to your actual CC number using your disposable CC number ?
When I buy of the web, I want to cross verify my order, address, CC details etc., atleast once before I hit the final submit button. Especially with the shady practice of Amazon and the others to add, unwanted gift wrappings even if i didn't order one explictly, or to default to next-day air shipping (more $s) , even if I want free 5-7 days ground shipping.
I want to make sure, They charge my CC, nothing more, if not any less.:-)
Slashdot Mirror
It was generatede by one person , who then split it between 3 people. But root login was allowed only from terminals, (no root login over intranet , very strict policy, su command disabled). And the person , who generated the password, was not allowed anywhere near the terminals, he had no access the server rooms, so he couldn't use it .
it is still a bit weak ,as in he could pass the password to someone who has access to the terminal, but any password breach would immediately point to him , and he would not only loose his job but risk criminal insvigation.
Neat idea though, and sounds like they had a good security policy.
no kidding, Mention the word craker and everybody in a typical corporate freaks out, not these guys, they used to hire them regularly to find holes in their netowrk/systems. They were very much positive to white caps, though I don't know their stance on grey caps.
Two years ago I was working for a major bank's international head office, and the security there was paranoidal. It was a sys-admins dream come true.
first off all, I am very uncomfortable with a corporate LAN , which is on the internet. The least you can do is set up a gateway and NAT the local lan. And use a proxy server.
A periodic check of proxy-server log, should indicate any suspicious activity, and can be prevented in future.
well cought and well said.
Finally someone ther has enough sense and not just a MBA degree.
Seriously if common sense would prevail in IT industry over marketing hype and FUD, ...Oh the possibilities.
Funny, I always thought of him as the french guard, who fart's in everbody's general direction.
-1 Redundunt , shall we say
After all if you are a CEO, all you need to do is create enough confidence in stock investors, and he is doing that for sometime.
Now when the $|-,1+ hits the fan, then its going to be a totally different story, but by then he would have sold all his stocks, retired on a a fat bonus and earning 10% on his savings, and crusing in bahamas.
Not bad if you ask me.
Dude, Have you ever tried getting help from mplayer authors ? All you get is RTFA, even if you have read TFA and not able to find what you want. The help , faq, codec infos all are so apthetically written, they would fail both the english class and technical writing class too.
Don't get me wrong , mplayer is one true amazing product, but compiling it, installing it with win32 dlls, realplayer dlls, quicktime support is a royal PITA.
As compared to that recompiling the kernel is much much easier, all one needs is a basic understanding of PC architecture, and read all the help about each option. I know it can be very timeconsuming to read all that help, but afeter you have read it and follow the instructions step-by-step , you can't go too wrong.
I don't mean to troll, but I am speaking from personal experience.
As to grandma question, i think recompiling kernel and installing mplayer both are out of question.
And if not , then this will definitely shut them up.
How about suing the dog of the kid that live's next door to the ISP's employee's mother-in-law's sister's step-son's friend ?
I am sure he is also connected in some way or OTHER to this, no ?
Btw, thanks for almost killing me, boromir.
Yes, but there is a very tracable trail of that corruption, just look up all his former posts.
Just tell him, you had $3x with his wife.
This drama is giving all those soaps a serious run for their money.
Pure high quality top management PR bull$hit. I don't see free software dying anytime soon, as long as debain, gentoo, slackware, LFS are around.
And if Microsoft's business model is indeed true and going by their word, that s/w amounts to only a fraction of total cost, then whether linux is free or not, really doesn't matter does it ?
So going by microsoft's argument, it really doesn't matter costwise (only software) whether you are using linux or Windows. But by using linux you get a much stable, scalable, SECURE, reliable , easily configurable, accountable s/w, instead of propritory, unsecure, un-scalable, s/w.
Don't belive me ? ask anyone here on /.
Its not like iraq has billions of $$ worth of fuel, oh wait, ..nevermind.
Truth (Marketing definition) :- A blatant lie, told with utmost confidence, and backup up by forged yet sensational statistics and meaningless pie-charts, and bar graphs.
they even encoded it in ogg.
gee, but for the explaination in the brackets, i would have never got it. thanks so much
But then african elks don't run...
What happens, if you return the product for any reason, and the company wants to recredit you the money.
Can they recredit the money to your actual CC number using your disposable CC number ?
When I buy of the web, I want to cross verify my order, address, CC details etc., atleast once before I hit the final submit button. Especially with the shady practice of Amazon and the others to add, unwanted gift wrappings even if i didn't order one explictly, or to default to next-day air shipping (more $s) , even if I want free 5-7 days ground shipping.
I want to make sure, They charge my CC, nothing more, if not any less. :-)