While you are at it, no blue LEDs. They are way too bright and blue colored light supposedly messes with your brain's concept of day/night and your sleep cycle. If I am up late at night, I don't like the bright lights and I certainly don't want my sleep cycle messed up.
The fact that it existed as a default for sooo long though... I mean, at what point in time did that seem like a Good Idea ?
Probably at the same point in time that it seemed like a good idea to enable SSH to a box. I mean, oh my god, with the root password (or an account that has sudo privileges) someone could remote in and access the whole computer!
The administrative shares on a Windows box really aren't all that different, you need an administrative account (root) to use them and if you have an administrative account you get full access. You could argue that they are "hidden" and not well known, but I would counter that are plenty things on the Linux side of the world that are not well known and can lead to serious security exposure (SSH port forwarding to bypass firewalls for example.)
Security in any environment requires that those using and configuring systems understand how they work and assign the appropriate access to the appropriate actors. All environments have their security strengths and weaknesses.
adding to this, some things still work surprisingly poorly. "show me the nearest gas station" is especially bad. it's a shame because when you're driving, this is occasionally a very important question.
The best implementation would be this: if you're already navigating a route, siri would show you stations that are ahead of you (so you don't have to turn around) and don't cause you to deviate from the route too much.
Even better, if you've been moving at 75 mph for the last 40 minutes along the same path as say, an interstate, then maybe suggest ones on the road, not 40 miles off the road to Radiator Springs.
Of course if it did this, we would be complaining about how Siri is "tracking our movements".
I'm not the least bit sold on the security of these new cards. I had one issued to me by my bank a couple months ago, and the card was nonetheless compromised within a month. I made exactly one POS transaction with it at a chip terminal (several at non-chip terminals) and all of a sudden someone else decided to pay their cell phone bill with my card.
Rather unsurprisingly said cell phone company didn't give a flying fuck about the fraud and refused to be the least bit helpful. Now I have to pay my bank to go after it.
What does the cell phone company have to do with it? Your dispute is with the bank that issued your credit card. If your bank is charging you to dispute a fraudulent credit card charge, you need to find a different bank.
The money has to come from somewhere and that somewhere is the taxpayers. Redistribution of wealth may be a good or bad thing depending on your political opinion, but giving out money has to be a cost to someone, somewhere - it is not free.
Another problem with postal votes is what happens in a close election.
In 2000 there were some attempts by the Dems to exclude Overseas Military Ballots, but it came too late and didn't have much impact.
Next time there is a really close election both parites will have databases & software that based on individual voter profiles will allow then to identify postal votes that are more than X% likely to go "the wrong way" and assist in finding plausible reasons for challing these votes. That could get really ugly.
I don't see how this is a problem, not in Oregon anyway. Ballots for Overseas military (and regular citizens overseas) are the same as those for folks at home in Oregon. They are processed the same way and are not identified as "special" ballots during processing. The only difference is that they are mailed out earlier in order to give voters more time. For reference here are the details. There is an option for people to email or fax in their ballot, but you have to agree to give up your right to secrecy in advance to exercise this option. There is no extension in the voting deadline for overseas voters (or any other voter for that matter), ballots must be at the election office by 8pm on election day. Postmarks don't count.
Separate Infrastructure != separate equipment. Logical separation != Physical separation.
I'd keep ALL administrative interfaces on a separate VLAN which does not logically connect to the network used by the rest of the world except at known points which are firewalled, controlled and monitored. Access to this VLAN would be limited to network admins who presented valid up to date credentials.
If you consider firmware compromise, you have to forget about the isolation given to you by firewalls and VLANs. VLANs are only a logical separation, A VLAN is just a couple of extra bytes added to each network packet that you hope whatever is on the wire will honor. If the firmware of your network equipment is compromised, you can't depend VLAN isolation being honored.
One of the interesting things I've noticed is when I raise the subject with friends, the ones who are opposed almost always grew up east of the Mississippi, and are terrified that large-scale fraud will occur. There's a PhD dissertation for a sociologist or political scientist in there somewhere.
And what makes you think they are wrong?
You honestly trust the voting system as it stands? Really?
I do. Here in Oregon, the vote by mail system has reasonable checks and balances. You receive your ballot, which is a "fill in the bubble" optical scan form, in the mail. You mark your ballot and place it in a "secrecy envelope" and then inside a different "mailing envelope" that contains your voter ID. You sign the mailing envelope. You mail your ballot back, or hand deliver it to a near by drop off station. Upon receipt, one election official hand verifies your signature against the one on file when you registered to vote and adds you to the list of people that have voted. If a signature doesn't match or there is a duplicate vote, someone investigates and contacts the voter. Next the inner "secrecy envelope" is placed in a box of votes to be counted. A different set of election officials opens the secrecy envelopes and feeds the ballots into the optical scanning machine. Members of the public are welcome to personally observe both processes. If a recount is necessary the forms can be re-scanned or manually counted.
And by "Exchange" I mean software that provides all the functionality of Exchange beyond simple email. Calendar and contact management; synchronization of mailbox folders, calendar, contacts with mobile devices; user specific server side email processing rules; replication of mailboxes (email databases) for high availability; security model that allows administrative assistant and other delegations; etc.
In short the features that cause large companies to choose Exchange and therefore Microsoft Office.
I know we like to whine here about patent stuff, so let us start whining!
Because scanning a network in order to find a specific set of MAC addresses has never been done before...
if Facebook wants to do business in Germany, then it must abide by German laws.
Does "do business" mean sell advertising or does it mean allowing citizens of Germany to access it's pages. I can see how Germany could legally control allowing foreign companies from doing business in Germany (selling advertising in this case), but I don't see how Germany could prevent its citizens from accessing the whole internet (Facebook in this case), unless it wants to try to be like China or North Korea. I can see trying to restrict the monetary flow in or out of a country, but trying to restrict the information flow seems both wrong and futile.
My suspicion there is a feature which gets the machine hibernated while sleeping, to recover in the case of a power outage. The feature pretty much kills the usefulness of sleep, though, if every wake is a wake from hibernate.
Assuming your machine is configured properly:
When you sleep, as you suspected, memory is written out to disk as insurance against power is lost. When you come out of sleep (assuming you didn't lose power), Windows resumes from sleep without reading everything back in from disk. If you did lose power, Windows resumes from hibernate and reads memory back in from disk.
Depends on where you are. Here in Oregon, there are additional subsidies - both state and non-governmental. With these subsidies, my break even point is between 6 and 7 years, so it is a much less risky proposition. Of course in Western Oregon, we don't get as much sun as other places and without the subsidies the break even point for me would have been about 40 years...
SOAP also supports signing and encrypting within the SOAP payload. Just because the outer connection isn't over SSL doesn't necessarily mean the transmission is not secure. You do have to turn on the encryption within SOAP and you have to verify certificates... I don't know if WSUS does this or not.
You are getting a salary like any other job, and you have the chance of becoming rich on top of that, without any more investment. Doesn't seem like a lie to me.
As long as you don't consider the the value of your stock options as part of your compensation, I would agree. If you are making as much in salary and other benefits that have current value (health care, retirement plans, working conditions, etc.) than you would at another job without options, then it is not a lie. If, on the other hand, you are forgoing some salary in exchange for a future possible value (stock options), then it is likely a lie (or at least a gamble with low odds).
I was hoping that the final quote at the end of my post would answer that question, but for those who can't browse to imdb.com and don't recognize the quote, the movies were the 1968 movie "2001: A Space Odyssey" and the 1984 sequel titled "2010". The sequel reveals the conflict that caused the problems shown in the first movie. Of course the two movies are really about other things, the policy conflict I used as an example is just an (important) part of the back story driving the plot. Basically an artificial intelligence computer goes insane with dire consequences when it receives conflicting instructions.
You ask why users break policies. I guess there can be many reasons but for me anytime a policy gets in the way of accomplishing a task, it gets broken.
Another way of saying this is polices are likely to be broken when policies conflict. While not using your smart phone may be a policy, getting your job done is also a policy. In this case people will generally choose to break the policy with the least personal risk. If I am more likely to be fired (or not paid my bonus) if I don't get my job done than if I use my cell phone, I am going to choose getting my job done and use the phone anyway.
If am using my phone against policy, I may also do things that are detrimental to the business while I am trying to hide my phone usage. At a minimum I am wasting time and brain cycles thinking about how to deal with the policy conflict.
There was this movie that among other things was about unintended consequences that can happen if you have conflicting policies / instructions. "Open the pod bay doors, HAL".
Do you think gmail would have become the most popular email service if it would have used ACID? ACID is *not* the only option. It's the *old* option. It's the expensive and slow option.
Maybe ACID doesn't mean what you think it means. It is not a technology that is "old" or "new", it is a way to think about the requirements of your system. Each of the four letters in ACID stands for a particular property of a database system and these properties (in various combinations) may or may not be needed by the system being built.
If your system is processing something where the integrity of the data is important (like financial systems), you are very likely going to need all four properties. If you are moving money from one place to another, you want to guarantee that that the the money is completely moved or not. You don't want the money partially moved, you don't want money to be lost, and you don't want money to be created out of thin air. ACID (as a concept) guarantees this.
If your solution requires ACID, you don't have to use a database that supports all of the properties of ACID, you could instead implement ACID in your application layer. However if you do this, you have to guarantee that that your application layer implements it properly and that there is no possible way to get to the underlying data store without going through the application layer. You also have to guarantee that no changes, updates, upgrades, or bugs in your application layer every break the ACID guarantee at any time. Making all of these guarantees in your application layer is VERY HARD, which is why people use ACID complaint databases instead to solve this particular problem set.
If your requirements don't need the properties described by ACID, than there isn't anything wrong with using a non ACID database. If may be acceptable for your data to "eventually" become consistent, to be inconsistent, or maybe even lost.
In the gmail example, you don't really need all the ACID properties, so you don't need to use that sort of database to hold the information. Email is not transactional end to end; when you send an email you are not guaranteed that it will get there. Email is also not order guaranteed; if you send multiple emails there is not a guarantee (or need) for them to arrive in the destination mailbox in order. If you are bulk moving messages from one mailbox to another, and only some of them get moved, it is okay and you can just move the remaining messages later.
As always, it is important to chose the right technology to solve the problem you need to solve. ACID compliant databases solve a lot of important problems (usually involving money), and if you have one of those problems, there is nothing "old" about ACID.
VMS supports very elegant file versioning, which I found a very useful feature. By default, every time you open a file for write (and you modify the file) you get a new version of the file (kind of like copy on write at the file level). When you list the files in a directory, you can see all the versions of the file with the version number being an actual part of the file name(file.text;1, file.text;2). On a per file basis you can set how many versions you want to keep around and the file system will automatically purge the old versions as new ones are created. When opening a file you can specify any version you want, or if you don't specify a version you just get the latest.
The file system also supports specific backup related attributes that integrate with the backup system. This lets you specify that a file should be excluded from backup and if I recall, tracks if the file has been modified since the last backup.
DCL (the VMS CLI) could also do with a major rework and enhancements.
True, but there are elements of DCL that are worth bringing forward as well - particularly the ability to define the command syntax at operating system (shell) level and bind it to programs. For those who who haven't developed under VMS, there is operating system (shell) defined syntax with which you declare what parameters, switches, options, etc. that your program desires. The syntax is robust enough to specify which options are optional, required, mutually exclusive, etc. When you build your program, you "compile" in your command syntax and at run time DCL handles syntax checking for you. Coding work for processing command line parameters is greatly reduced. You also get bonus stuff like integration to the help system and automatic shortening of non ambiguous switches.
Slashdot Mirror
While you are at it, no blue LEDs. They are way too bright and blue colored light supposedly messes with your brain's concept of day/night and your sleep cycle. If I am up late at night, I don't like the bright lights and I certainly don't want my sleep cycle messed up.
There used to be laserdisc rips of the original trilogy on bittorrent. That is about as close as you'll get.
Or you could just watch the laserdiscs.
The fact that it existed as a default for sooo long though... I mean, at what point in time did that seem like a Good Idea ?
Probably at the same point in time that it seemed like a good idea to enable SSH to a box. I mean, oh my god, with the root password (or an account that has sudo privileges) someone could remote in and access the whole computer!
The administrative shares on a Windows box really aren't all that different, you need an administrative account (root) to use them and if you have an administrative account you get full access. You could argue that they are "hidden" and not well known, but I would counter that are plenty things on the Linux side of the world that are not well known and can lead to serious security exposure (SSH port forwarding to bypass firewalls for example.)
Security in any environment requires that those using and configuring systems understand how they work and assign the appropriate access to the appropriate actors. All environments have their security strengths and weaknesses.
adding to this, some things still work surprisingly poorly. "show me the nearest gas station" is especially bad. it's a shame because when you're driving, this is occasionally a very important question.
The best implementation would be this: if you're already navigating a route, siri would show you stations that are ahead of you (so you don't have to turn around) and don't cause you to deviate from the route too much.
Even better, if you've been moving at 75 mph for the last 40 minutes along the same path as say, an interstate, then maybe suggest ones on the road, not 40 miles off the road to Radiator Springs.
Of course if it did this, we would be complaining about how Siri is "tracking our movements".
I'm not the least bit sold on the security of these new cards. I had one issued to me by my bank a couple months ago, and the card was nonetheless compromised within a month. I made exactly one POS transaction with it at a chip terminal (several at non-chip terminals) and all of a sudden someone else decided to pay their cell phone bill with my card. Rather unsurprisingly said cell phone company didn't give a flying fuck about the fraud and refused to be the least bit helpful. Now I have to pay my bank to go after it.
What does the cell phone company have to do with it? Your dispute is with the bank that issued your credit card. If your bank is charging you to dispute a fraudulent credit card charge, you need to find a different bank.
The money has to come from somewhere and that somewhere is the taxpayers. Redistribution of wealth may be a good or bad thing depending on your political opinion, but giving out money has to be a cost to someone, somewhere - it is not free.
Another problem with postal votes is what happens in a close election. In 2000 there were some attempts by the Dems to exclude Overseas Military Ballots, but it came too late and didn't have much impact. Next time there is a really close election both parites will have databases & software that based on individual voter profiles will allow then to identify postal votes that are more than X% likely to go "the wrong way" and assist in finding plausible reasons for challing these votes. That could get really ugly.
I don't see how this is a problem, not in Oregon anyway. Ballots for Overseas military (and regular citizens overseas) are the same as those for folks at home in Oregon. They are processed the same way and are not identified as "special" ballots during processing. The only difference is that they are mailed out earlier in order to give voters more time. For reference here are the details. There is an option for people to email or fax in their ballot, but you have to agree to give up your right to secrecy in advance to exercise this option. There is no extension in the voting deadline for overseas voters (or any other voter for that matter), ballots must be at the election office by 8pm on election day. Postmarks don't count.
Separate Infrastructure != separate equipment. Logical separation != Physical separation.
I'd keep ALL administrative interfaces on a separate VLAN which does not logically connect to the network used by the rest of the world except at known points which are firewalled, controlled and monitored. Access to this VLAN would be limited to network admins who presented valid up to date credentials.
If you consider firmware compromise, you have to forget about the isolation given to you by firewalls and VLANs. VLANs are only a logical separation, A VLAN is just a couple of extra bytes added to each network packet that you hope whatever is on the wire will honor. If the firmware of your network equipment is compromised, you can't depend VLAN isolation being honored.
One of the interesting things I've noticed is when I raise the subject with friends, the ones who are opposed almost always grew up east of the Mississippi, and are terrified that large-scale fraud will occur. There's a PhD dissertation for a sociologist or political scientist in there somewhere.
And what makes you think they are wrong?
You honestly trust the voting system as it stands? Really?
I do. Here in Oregon, the vote by mail system has reasonable checks and balances. You receive your ballot, which is a "fill in the bubble" optical scan form, in the mail. You mark your ballot and place it in a "secrecy envelope" and then inside a different "mailing envelope" that contains your voter ID. You sign the mailing envelope. You mail your ballot back, or hand deliver it to a near by drop off station. Upon receipt, one election official hand verifies your signature against the one on file when you registered to vote and adds you to the list of people that have voted. If a signature doesn't match or there is a duplicate vote, someone investigates and contacts the voter. Next the inner "secrecy envelope" is placed in a box of votes to be counted. A different set of election officials opens the secrecy envelopes and feeds the ballots into the optical scanning machine. Members of the public are welcome to personally observe both processes. If a recount is necessary the forms can be re-scanned or manually counted.
And by "Exchange" I mean software that provides all the functionality of Exchange beyond simple email. Calendar and contact management; synchronization of mailbox folders, calendar, contacts with mobile devices; user specific server side email processing rules; replication of mailboxes (email databases) for high availability; security model that allows administrative assistant and other delegations; etc.
In short the features that cause large companies to choose Exchange and therefore Microsoft Office.
I know we like to whine here about patent stuff, so let us start whining! Because scanning a network in order to find a specific set of MAC addresses has never been done before...
if Facebook wants to do business in Germany, then it must abide by German laws.
Does "do business" mean sell advertising or does it mean allowing citizens of Germany to access it's pages. I can see how Germany could legally control allowing foreign companies from doing business in Germany (selling advertising in this case), but I don't see how Germany could prevent its citizens from accessing the whole internet (Facebook in this case), unless it wants to try to be like China or North Korea. I can see trying to restrict the monetary flow in or out of a country, but trying to restrict the information flow seems both wrong and futile.
The child, identified only as "G" in court documents
Well there is the problem. If the child identified himself as "N", there wouldn't be a conflict and the kid would learn faster.
My suspicion there is a feature which gets the machine hibernated while sleeping, to recover in the case of a power outage. The feature pretty much kills the usefulness of sleep, though, if every wake is a wake from hibernate.
Assuming your machine is configured properly: When you sleep, as you suspected, memory is written out to disk as insurance against power is lost. When you come out of sleep (assuming you didn't lose power), Windows resumes from sleep without reading everything back in from disk. If you did lose power, Windows resumes from hibernate and reads memory back in from disk.
Depends on where you are. Here in Oregon, there are additional subsidies - both state and non-governmental. With these subsidies, my break even point is between 6 and 7 years, so it is a much less risky proposition. Of course in Western Oregon, we don't get as much sun as other places and without the subsidies the break even point for me would have been about 40 years...
SOAP also supports signing and encrypting within the SOAP payload. Just because the outer connection isn't over SSL doesn't necessarily mean the transmission is not secure. You do have to turn on the encryption within SOAP and you have to verify certificates... I don't know if WSUS does this or not.
You are getting a salary like any other job, and you have the chance of becoming rich on top of that, without any more investment. Doesn't seem like a lie to me.
As long as you don't consider the the value of your stock options as part of your compensation, I would agree. If you are making as much in salary and other benefits that have current value (health care, retirement plans, working conditions, etc.) than you would at another job without options, then it is not a lie. If, on the other hand, you are forgoing some salary in exchange for a future possible value (stock options), then it is likely a lie (or at least a gamble with low odds).
They just need to be enough to make it through standard operating conditions, not outright attacks.
As soon as you connect something to the Internet, "standard operating conditions" include outright attacks.
I was hoping that the final quote at the end of my post would answer that question, but for those who can't browse to imdb.com and don't recognize the quote, the movies were the 1968 movie "2001: A Space Odyssey" and the 1984 sequel titled "2010". The sequel reveals the conflict that caused the problems shown in the first movie. Of course the two movies are really about other things, the policy conflict I used as an example is just an (important) part of the back story driving the plot. Basically an artificial intelligence computer goes insane with dire consequences when it receives conflicting instructions.
You ask why users break policies. I guess there can be many reasons but for me anytime a policy gets in the way of accomplishing a task, it gets broken.
Another way of saying this is polices are likely to be broken when policies conflict. While not using your smart phone may be a policy, getting your job done is also a policy. In this case people will generally choose to break the policy with the least personal risk. If I am more likely to be fired (or not paid my bonus) if I don't get my job done than if I use my cell phone, I am going to choose getting my job done and use the phone anyway.
If am using my phone against policy, I may also do things that are detrimental to the business while I am trying to hide my phone usage. At a minimum I am wasting time and brain cycles thinking about how to deal with the policy conflict.
There was this movie that among other things was about unintended consequences that can happen if you have conflicting policies / instructions. "Open the pod bay doors, HAL".
They do have lawyers, those lawyers wrote the EULA that you accepted. Chances are good that the EULA contains enough legal crap to protect Microsoft.
Do you think gmail would have become the most popular email service if it would have used ACID? ACID is *not* the only option. It's the *old* option. It's the expensive and slow option.
Maybe ACID doesn't mean what you think it means. It is not a technology that is "old" or "new", it is a way to think about the requirements of your system. Each of the four letters in ACID stands for a particular property of a database system and these properties (in various combinations) may or may not be needed by the system being built.
If your system is processing something where the integrity of the data is important (like financial systems), you are very likely going to need all four properties. If you are moving money from one place to another, you want to guarantee that that the the money is completely moved or not. You don't want the money partially moved, you don't want money to be lost, and you don't want money to be created out of thin air. ACID (as a concept) guarantees this.
If your solution requires ACID, you don't have to use a database that supports all of the properties of ACID, you could instead implement ACID in your application layer. However if you do this, you have to guarantee that that your application layer implements it properly and that there is no possible way to get to the underlying data store without going through the application layer. You also have to guarantee that no changes, updates, upgrades, or bugs in your application layer every break the ACID guarantee at any time. Making all of these guarantees in your application layer is VERY HARD, which is why people use ACID complaint databases instead to solve this particular problem set.
If your requirements don't need the properties described by ACID, than there isn't anything wrong with using a non ACID database. If may be acceptable for your data to "eventually" become consistent, to be inconsistent, or maybe even lost.
In the gmail example, you don't really need all the ACID properties, so you don't need to use that sort of database to hold the information. Email is not transactional end to end; when you send an email you are not guaranteed that it will get there. Email is also not order guaranteed; if you send multiple emails there is not a guarantee (or need) for them to arrive in the destination mailbox in order. If you are bulk moving messages from one mailbox to another, and only some of them get moved, it is okay and you can just move the remaining messages later.
As always, it is important to chose the right technology to solve the problem you need to solve. ACID compliant databases solve a lot of important problems (usually involving money), and if you have one of those problems, there is nothing "old" about ACID.
VMS supports very elegant file versioning, which I found a very useful feature. By default, every time you open a file for write (and you modify the file) you get a new version of the file (kind of like copy on write at the file level). When you list the files in a directory, you can see all the versions of the file with the version number being an actual part of the file name(file.text;1, file.text;2). On a per file basis you can set how many versions you want to keep around and the file system will automatically purge the old versions as new ones are created. When opening a file you can specify any version you want, or if you don't specify a version you just get the latest.
The file system also supports specific backup related attributes that integrate with the backup system. This lets you specify that a file should be excluded from backup and if I recall, tracks if the file has been modified since the last backup.
DCL (the VMS CLI) could also do with a major rework and enhancements.
True, but there are elements of DCL that are worth bringing forward as well - particularly the ability to define the command syntax at operating system (shell) level and bind it to programs. For those who who haven't developed under VMS, there is operating system (shell) defined syntax with which you declare what parameters, switches, options, etc. that your program desires. The syntax is robust enough to specify which options are optional, required, mutually exclusive, etc. When you build your program, you "compile" in your command syntax and at run time DCL handles syntax checking for you. Coding work for processing command line parameters is greatly reduced. You also get bonus stuff like integration to the help system and automatic shortening of non ambiguous switches.
Perhaps my bad spelling makes me a moron, perhaps it doesn't. It does give my post a more humorous version of what I had intended to say.