Systemd is about fragmentation. Is to be requires all the services to be modified to work properly with it because it has to see their exit status because it doesn't exec itself. What this will do is effectively kill the non Linux ecosystem for any software that doesn't ship the core OS. It'll effectively make like software incompatible with the non-Linux world.
Systemd represents a major step backwards and compatibility and is going to undermine the entire open-source effort.
Yes accounts should be cleaned up when people term and if they are not or are not always its an off boarding process problem, or you know like I stated identity management issue. Thing is most companies have problems like that. So not rotate passwords just makes the problem worse, no it's not a solution but it's an additional control that should be in place.
I hate people who insist that password changes are not a good thing. Look very very few organizations have proper identity and account management.
Password rotation at least closes the hole of former employees still having access at some point in the future.
Everyone's password ends up in a log file somewhere some time, in plain text just laying around. Usually its because they are in a hurry and enter it in a user name field. Password rotation ensures this password will at least at some point no longer be valid.
People choose crappy passwords even when you don't force changes. Someone may well get access to an account by slowly guessing likely passwords over a long period of time. Password rotation reduces persistence of access to said account.
All of these should be covered by other controls yes, but sometimes any given control can fail, especially in an organization where there is anything less than total maturity around IT processes (most) someone misses a step one time, and things can go terribly wrong. Good security is about layers. Changing of password is one layer. If someone claims to be a security professional and says you don't need at least some password rotation policy. They are a know nothing; who is just repeating someone equally incompetent's blog post to you and you should fire them.
I have spent alot of years both in Minneapolis and in Wilkesboro NC. There is nothing similar about the winters. MN does not get icing like they do in the South except on very very rare occasions because its always cold in MN winter. The precip comes down as snow and it stays snow. MN has the interesting property that the snow gets deeper and deeper because it never melts, which cause load problems on roof tops and like but the snow mostly shakes out of trees and finds its way to the ground before it does them any harm.
Both places have their winter weather challenges but they are very different.
I agree but in the context of "I can't work with these other idiots" which is what the the original "ask slashdot" was about, solving the problem, usually comes down to recognizing the actual problem. More importantly getting the truly responsible party to admit its their problem and deal with it or have that responsibility shifted to someone else who will deal with it.
That isn't being an asshole, its getting the truth out into the light; but you also better be no-bs all the time. If the problems are your problems you need to admit that too, openly and readily. People usually like a strait-shooter in the end.
I don't know what the rules are in the UK, in the US there are legal actions an other citizen might file to try and force a prosecutor or district attorney's office take some action they are ostensibly legally required to do such as charging someone who is widely suspected to be violating the law.
These are rarely successful though for reasons of standing. Is there really anything standing in the way of UK executive agencies for just saying "you know Assange just isn't a threat to the population and therefore isn't a law enforcement priority regardless of his legal status so we are going to pull the resources away from watching him?"
I mean they can still arrest him when/if he does something impossibly stupid like try and checkin at an airport or cross a customs controlled border but seems the UK is doing it to themselves as far as the 'cost' of watching him sit in the Ecuadorian embassy goes.
It gets to the question of what you think your job actually is. Though if the job description said must work well with others or something and most of them do these day then yes to some degree part of your job is playing nice. You are called a human resource for a reason, at least some of your value depends on you being compatible with the existing infrastructure.
Companies don't hire people that would require them reorganize the rest of their technical team unless the do; but in that case you usually know when you have been brought in specifically to transition/transform some group. So it very much is your job to do what you need to do in order to get the strategic mission accomplished even when you know there are more elegant solutions; sometime you have to just accommodate what the rest of the team can do.
Here is a story from when I was pretty recently out of school. I had been working with the firm during much of my college career and they had promoted to a full time position on a different team after I graduated. So I knew people there and already had bit of trust. Like most places there were talented and not so talented, the dedicated and no so dedicated and the various combinations you can make of those. The IT director assigned one of my shall we say lessor performing co-workers a task to automate some reports a customer wanted. They data needed to come from two different systems. I heard drips and drabs in various high level meetings but it eventually became apparent to me this persons 'solution' was essentially to have the one system generate PDFs with some of the data and the other system OCR (the PDFs were rendered as images) before import to write the ultimate report. This was all stapled together with ftp scripts, cron jobs, and vbscripts on the windows side run from task scheduler.
I went to the director and explained, that our development group should really be doing this, as we have perfectly functional middleware with all the necessary adapters to do this all we really need to do is configure the connectors , write the queries and generate the reports. I went on this would be more reliable would be easy to run the job whenever instead of having to want for multiple schedules to converge and the hours of head banging that would come when someone eventually has to troubleshoot the mess would be avoided.
His answer was that me and the rest of the team certainly could do it better and in half the time; but none of us had even that time, were all doing things that he considered higher priorities and more business critical already. This was the guy he had under-scheduled *could* do it and it just needed to work/.
Now I suppose you'd argue I should have continued to protest out of professional pride; insisting that could not just sit by while a kludgey brittle mess was build by an incompetent where I could instead create a proper robust IT solution. Instead I realized that the director was doing both me and the other guy a favor. For the other guy it was letting do something useful so the CXO folks did not decided they could cut some dead weight, for me it was ensuring after putting in a day of doing good work earning my salary I got to go have a beer with some friends instead of spending the remain nights that week at the office trying to get something done I really did not have time for. Is that really a "sociopath attitude" or is your attitude psychopathic?
Right! It usually does not hurt to be nice but its ultimately much more important be the guy that is right in the eyes of others. Bring the measurements and facts to the e-mail thread or the meeting and you will nearly always prevail over the other guys who are just finger pointing and going "well maybe its the {insert tech jargon or subsystem}". Say what you will about the PHBs but give them their spread sheets and they will usually get on board, just make sure the numbers are ones the usual suck-ups are afraid to challenge.
Federal Government cut off all forms of Financial Funding for Education and Unemployment.
Oh please please if only they would do that! The federal government has no mandate whatsoever to be messing with education they NEVER should have started funding it and tinkering with it in the first place.
I think the transit systems ought to charge a fare that correctly reflects the incremental cost of transporting a passenger down a given transport lane. There should be no arbitrage opportunity.
A fee structure that enables this sort of arbitrage in the first place was the childish thing. Adults don't deny reality, and deal with facts. The fact is humans optimize activities around whatever resource they perceive to be the most scarce in the very short term, for a largish number of public transport riders that is going to be the cash they have in their wallet. If they can save a buck the will.
Usually I would agree with this assessment but in this case not so much. The administrations responses to the public concern have been half measures at best.
I think the NSA does not really want to give up the data, and the Administration does not want to make but wants to be able to say they did something.
Clearly the plan here is for the NSA to tinker with the 'requirements' until nobody can meet them and use this as an excuse to delay any real changes indefinitely; meanwhile Obummer gets to sit back and say its being worked on.
As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.
Something like SwearPoint typically sees tens of GETs from a single client over a very short period so any kind of log analyzer is very very likely to be trained against alterting on HTTP success logs from such a server. I should mention those would be 2XX since you are obviously a zero knowledge basement dweller trying to sound smart by nitpicking my post and failing at it.
Also there is this concept call filesystem audition almost any Linux/UNIX/Windows system supports generally you have that ON for things like backup servers that handle data from other sensitive systems and so when you go to copy that database backup file, FLAG GOES UP! unless its the normally scheduled job that writes it off to tape.
So yes *I* would have done it they way Snowden did as well, because like Snowden I would have wanted to get the data egress-ed and get myself out of dodge before the CERT team came bangin on my office door with one of the gun toting security thugs in tow. You would have done it that way because some wget one liners you found on stackoverflow is most likely all you know.
Well if you knew a SIEM system had rules which might trigger alters if a database backup is started off hours or if the backup files are accessed for one. As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.
Questioning if who you might eventually leak the data to will have the technical chops and resources put the information together from the database file, as opposed to just reading through a bunch of handy precomputed html pages and office documents for another.
Think of the average level of intelligence - 50% of the population are stupider than that!
Intelligence is hard to come by, as evidenced that even on Slashdot so few have even a basic graps of statistics. It also explains why the pols can get away with so much...
With the exception of incidents of violence many of which have as much to do with the drugs be expensive and illegal in the first place, and DUI which would still be illegal even if the drugs weren't this is a bs. Drug addicts mostly harm other people who put themselves in harms way.
Your failure to recognize someone who is "out of control" whatever the reason drugs or otherwise isn't good company to keep, makes you at least partly responsible if you come to harm. Life is hazardous if you are in a dangerous situation extricate yourself or accept possible consequences rather than trying to tell others what to do.
Honestly the modern Olympics is shameful enterprise all around. Nations and cities compete with each other to get the games by playing who can saddle their local tax payers with crippling debt in order to build giant venues that more often then not have no real use after the games.
The local residents get to pay, and suffer major interruption so a handful of real estate developers and international media conglomerates can rake it in. In some cities that have won the games many of those local tax payers probably could barely afford to attend.
If that is not bad enough we have seen scandal after scandal, the IOC proving itself to be completely corrupt.
Oh and then there is little matter of the hugely negative environmental impact of not only all that construction but all that jet travel. Just think of the habitat destruction and how carbon intensive the entire production is.
Honestly anyone supporting the Olympics ought to be ashamed of themselves.
Sure you can put ACLs are switch ports and you can do layer two firewalls; in general you don't. Usually if you have a switch that can do ACLs you have a switch that can also do routing, so you can segment the network as well for little cost. That segment makes the broadcast domains smaller. Usually that leads to better performance. If you are doing layer 2 firewalls its usually in the data center. Doing it on the plant floor would probably just create lots a problems for protocols like ARP, and if it does not its leaving open lots of side channels that you can't monitor as easily.
Please make a discussion system like D1 available, even if it has to be limited to some table that won't flow the page to accomodate the rest of the new page layout.
Nobody is freaking out just because its different. We are upset because is buggy, the threashold system simply does not offer the functionality of the v1 discussion system. Its difficult to use because the page no longer flows, etc.
Honestly the only more broken site out there is slate.com.
Wait so your argument is that "you are charged with running drugs because we say you were running drugs" is what the sixth amendment is supposed to mean?
The language of the amendment is meaningless if that dog hunts
"Americans don't like it". Did anyone note how they did not use "we" or "some people" they used "Americans" it's almost as if they recognize they are outside and apart from the rest of us.
These people hate freedom, they hate the rule of law, and they don't think of themselves as citizens and neighbors. I really think it's time the rest of 'us' start treating these folks accordingly, that is anyone working for a three letter should be assumed a scumbag until proven otherwise. Don't help them, if you see something say nothing, don't socialize with them, shun them. We can dismantle this crap from the ground up, nobody will join these organizations if they know it mean being blackballed the rest of there lives.
and to be informed of the nature and cause of the accusation;
. It's in the sixth amendment. Parallel construction can't be legal because it denies you being informed of the cause of the accusation, a possible cause for the accusation domes not count, the Constitution says THE cause.
I have been advising anyone who will listen to keep their personal information the hell away from that site. My assumption is the fraudsters that eventually got hold of it would be criminals, not the government and the insurers themselves.
WOW you read a whole lot of things into what I wrote, that I never said. As long as we are name calling, I am going to apply the "waste of space" label to you as well since you apparently can't parse our shared language.
We have laws, which declare the guy peeing in the bushes a sex offender; until that changes if he enters a guilty plea or is found to be guilty, said individual is a sex offender. That is not an avocation or an attempt to use a technicality to protect or preserve a broken system; its a very simple factual statement about how the system works. If people like you refuse to accept or understand the facts than I promise you have virtually no chance at changing the system.
I don't fail to distinguish moral and ethical from legal; which is why I used the Scarlet Letter as a reference to both the sex offender list and the Hawthorne novel, which most educated English speakers in the USA (and we are talking about US laws here) would recognize as a parable about the moral hazards of permanently fixing labels to people. I went on to question if such a punishment was justified (without mentioning the consequences we are all aware of, and I thought needless after the Scarlet Letter reference ), and if the labels actually of any practical use to the rest of society.
Next time you might try reading and listening careful to what others write an say before you attack them. There are lot people with bad ideas and bad values out there and in a political system such as ours its about aggregating numbers of people who share your opinions, if you want to win. You might want to be more careful to not mistake potential friends as foes, its going to make things much harder for you.
Slashdot Mirror
Systemd is about fragmentation. Is to be requires all the services to be modified to work properly with it because it has to see their exit status because it doesn't exec itself. What this will do is effectively kill the non Linux ecosystem for any software that doesn't ship the core OS. It'll effectively make like software incompatible with the non-Linux world.
Systemd represents a major step backwards and compatibility and is going to undermine the entire open-source effort.
Yes accounts should be cleaned up when people term and if they are not or are not always its an off boarding process problem, or you know like I stated identity management issue. Thing is most companies have problems like that. So not rotate passwords just makes the problem worse, no it's not a solution but it's an additional control that should be in place.
I hate people who insist that password changes are not a good thing. Look very very few organizations have proper identity and account management.
Password rotation at least closes the hole of former employees still having access at some point in the future.
Everyone's password ends up in a log file somewhere some time, in plain text just laying around. Usually its because they are in a hurry and enter it in a user name field. Password rotation ensures this password will at least at some point no longer be valid.
People choose crappy passwords even when you don't force changes. Someone may well get access to an account by slowly guessing likely passwords over a long period of time. Password rotation reduces persistence of access to said account.
All of these should be covered by other controls yes, but sometimes any given control can fail, especially in an organization where there is anything less than total maturity around IT processes (most) someone misses a step one time, and things can go terribly wrong. Good security is about layers. Changing of password is one layer. If someone claims to be a security professional and says you don't need at least some password rotation policy. They are a know nothing; who is just repeating someone equally incompetent's blog post to you and you should fire them.
I have spent alot of years both in Minneapolis and in Wilkesboro NC. There is nothing similar about the winters. MN does not get icing like they do in the South except on very very rare occasions because its always cold in MN winter. The precip comes down as snow and it stays snow. MN has the interesting property that the snow gets deeper and deeper because it never melts, which cause load problems on roof tops and like but the snow mostly shakes out of trees and finds its way to the ground before it does them any harm.
Both places have their winter weather challenges but they are very different.
I agree but in the context of "I can't work with these other idiots" which is what the the original "ask slashdot" was about, solving the problem, usually comes down to recognizing the actual problem. More importantly getting the truly responsible party to admit its their problem and deal with it or have that responsibility shifted to someone else who will deal with it.
That isn't being an asshole, its getting the truth out into the light; but you also better be no-bs all the time. If the problems are your problems you need to admit that too, openly and readily. People usually like a strait-shooter in the end.
I don't know what the rules are in the UK, in the US there are legal actions an other citizen might file to try and force a prosecutor or district attorney's office take some action they are ostensibly legally required to do such as charging someone who is widely suspected to be violating the law.
These are rarely successful though for reasons of standing. Is there really anything standing in the way of UK executive agencies for just saying "you know Assange just isn't a threat to the population and therefore isn't a law enforcement priority regardless of his legal status so we are going to pull the resources away from watching him?"
I mean they can still arrest him when/if he does something impossibly stupid like try and checkin at an airport or cross a customs controlled border but seems the UK is doing it to themselves as far as the 'cost' of watching him sit in the Ecuadorian embassy goes.
It gets to the question of what you think your job actually is. Though if the job description said must work well with others or something and most of them do these day then yes to some degree part of your job is playing nice. You are called a human resource for a reason, at least some of your value depends on you being compatible with the existing infrastructure.
Companies don't hire people that would require them reorganize the rest of their technical team unless the do; but in that case you usually know when you have been brought in specifically to transition/transform some group. So it very much is your job to do what you need to do in order to get the strategic mission accomplished even when you know there are more elegant solutions; sometime you have to just accommodate what the rest of the team can do.
Here is a story from when I was pretty recently out of school. I had been working with the firm during much of my college career and they had promoted to a full time position on a different team after I graduated. So I knew people there and already had bit of trust. Like most places there were talented and not so talented, the dedicated and no so dedicated and the various combinations you can make of those. The IT director assigned one of my shall we say lessor performing co-workers a task to automate some reports a customer wanted. They data needed to come from two different systems. I heard drips and drabs in various high level meetings but it eventually became apparent to me this persons 'solution' was essentially to have the one system generate PDFs with some of the data and the other system OCR (the PDFs were rendered as images) before import to write the ultimate report. This was all stapled together with ftp scripts, cron jobs, and vbscripts on the windows side run from task scheduler.
I went to the director and explained, that our development group should really be doing this, as we have perfectly functional middleware with all the necessary adapters to do this all we really need to do is configure the connectors , write the queries and generate the reports. I went on this would be more reliable would be easy to run the job whenever instead of having to want for multiple schedules to converge and the hours of head banging that would come when someone eventually has to troubleshoot the mess would be avoided.
His answer was that me and the rest of the team certainly could do it better and in half the time; but none of us had even that time, were all doing things that he considered higher priorities and more business critical already. This was the guy he had under-scheduled *could* do it and it just needed to work/.
Now I suppose you'd argue I should have continued to protest out of professional pride; insisting that could not just sit by while a kludgey brittle mess was build by an incompetent where I could instead create a proper robust IT solution. Instead I realized that the director was doing both me and the other guy a favor. For the other guy it was letting do something useful so the CXO folks did not decided they could cut some dead weight, for me it was ensuring after putting in a day of doing good work earning my salary I got to go have a beer with some friends instead of spending the remain nights that week at the office trying to get something done I really did not have time for. Is that really a "sociopath attitude" or is your attitude psychopathic?
Right! It usually does not hurt to be nice but its ultimately much more important be the guy that is right in the eyes of others. Bring the measurements and facts to the e-mail thread or the meeting and you will nearly always prevail over the other guys who are just finger pointing and going "well maybe its the {insert tech jargon or subsystem}". Say what you will about the PHBs but give them their spread sheets and they will usually get on board, just make sure the numbers are ones the usual suck-ups are afraid to challenge.
Federal Government cut off all forms of Financial Funding for Education and Unemployment.
Oh please please if only they would do that! The federal government has no mandate whatsoever to be messing with education they NEVER should have started funding it and tinkering with it in the first place.
What's the stupidest quesiton you have seen on Slashdot, since Dice took over?
Fuck Beta.
I think the transit systems ought to charge a fare that correctly reflects the incremental cost of transporting a passenger down a given transport lane. There should be no arbitrage opportunity.
A fee structure that enables this sort of arbitrage in the first place was the childish thing. Adults don't deny reality, and deal with facts. The fact is humans optimize activities around whatever resource they perceive to be the most scarce in the very short term, for a largish number of public transport riders that is going to be the cash they have in their wallet. If they can save a buck the will.
Usually I would agree with this assessment but in this case not so much. The administrations responses to the public concern have been half measures at best.
I think the NSA does not really want to give up the data, and the Administration does not want to make but wants to be able to say they did something.
Clearly the plan here is for the NSA to tinker with the 'requirements' until nobody can meet them and use this as an excuse to delay any real changes indefinitely; meanwhile Obummer gets to sit back and say its being worked on.
Nice fail AC
From my original post:
As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.
Something like SwearPoint typically sees tens of GETs from a single client over a very short period so any kind of log analyzer is very very likely to be trained against alterting on HTTP success logs from such a server. I should mention those would be 2XX since you are obviously a zero knowledge basement dweller trying to sound smart by nitpicking my post and failing at it.
Also there is this concept call filesystem audition almost any Linux/UNIX/Windows system supports generally you have that ON for things like backup servers that handle data from other sensitive systems and so when you go to copy that database backup file, FLAG GOES UP! unless its the normally scheduled job that writes it off to tape.
So yes *I* would have done it they way Snowden did as well, because like Snowden I would have wanted to get the data egress-ed and get myself out of dodge before the CERT team came bangin on my office door with one of the gun toting security thugs in tow. You would have done it that way because some wget one liners you found on stackoverflow is most likely all you know.
Well if you knew a SIEM system had rules which might trigger alters if a database backup is started off hours or if the backup files are accessed for one. As apposed to normalish get query logs with 2XX results, its likely been trained to ignore.
Questioning if who you might eventually leak the data to will have the technical chops and resources put the information together from the database file, as opposed to just reading through a bunch of handy precomputed html pages and office documents for another.
Think of the average level of intelligence - 50% of the population are stupider than that!
Intelligence is hard to come by, as evidenced that even on Slashdot so few have even a basic graps of statistics. It also explains why the pols can get away with so much...
With the exception of incidents of violence many of which have as much to do with the drugs be expensive and illegal in the first place, and DUI which would still be illegal even if the drugs weren't this is a bs. Drug addicts mostly harm other people who put themselves in harms way.
Your failure to recognize someone who is "out of control" whatever the reason drugs or otherwise isn't good company to keep, makes you at least partly responsible if you come to harm. Life is hazardous if you are in a dangerous situation extricate yourself or accept possible consequences rather than trying to tell others what to do.
Honestly the modern Olympics is shameful enterprise all around. Nations and cities compete with each other to get the games by playing who can saddle their local tax payers with crippling debt in order to build giant venues that more often then not have no real use after the games.
The local residents get to pay, and suffer major interruption so a handful of real estate developers and international media conglomerates can rake it in. In some cities that have won the games many of those local tax payers probably could barely afford to attend.
If that is not bad enough we have seen scandal after scandal, the IOC proving itself to be completely corrupt.
Oh and then there is little matter of the hugely negative environmental impact of not only all that construction but all that jet travel. Just think of the habitat destruction and how carbon intensive the entire production is.
Honestly anyone supporting the Olympics ought to be ashamed of themselves.
Sure you can put ACLs are switch ports and you can do layer two firewalls; in general you don't. Usually if you have a switch that can do ACLs you have a switch that can also do routing, so you can segment the network as well for little cost. That segment makes the broadcast domains smaller. Usually that leads to better performance. If you are doing layer 2 firewalls its usually in the data center. Doing it on the plant floor would probably just create lots a problems for protocols like ARP, and if it does not its leaving open lots of side channels that you can't monitor as easily.
Okay,
Please make a discussion system like D1 available, even if it has to be limited to some table that won't flow the page to accomodate the rest of the new page layout.
Nobody is freaking out just because its different. We are upset because is buggy, the threashold system simply does not offer the functionality of the v1 discussion system. Its difficult to use because the page no longer flows, etc.
Honestly the only more broken site out there is slate.com.
Wait so your argument is that "you are charged with running drugs because we say you were running drugs" is what the sixth amendment is supposed to mean?
The language of the amendment is meaningless if that dog hunts
"Americans don't like it". Did anyone note how they did not use "we" or "some people" they used "Americans" it's almost as if they recognize they are outside and apart from the rest of us.
These people hate freedom, they hate the rule of law, and they don't think of themselves as citizens and neighbors. I really think it's time the rest of 'us' start treating these folks accordingly, that is anyone working for a three letter should be assumed a scumbag until proven otherwise. Don't help them, if you see something say nothing, don't socialize with them, shun them. We can dismantle this crap from the ground up, nobody will join these organizations if they know it mean being blackballed the rest of there lives.
Sure there is
and to be informed of the nature and cause of the accusation;
. It's in the sixth amendment. Parallel construction can't be legal because it denies you being informed of the cause of the accusation, a possible cause for the accusation domes not count, the Constitution says THE cause.
I have been advising anyone who will listen to keep their personal information the hell away from that site. My assumption is the fraudsters that eventually got hold of it would be criminals, not the government and the insurers themselves.
In retrospect I am really not surprised.
WOW you read a whole lot of things into what I wrote, that I never said. As long as we are name calling, I am going to apply the "waste of space" label to you as well since you apparently can't parse our shared language.
We have laws, which declare the guy peeing in the bushes a sex offender; until that changes if he enters a guilty plea or is found to be guilty, said individual is a sex offender. That is not an avocation or an attempt to use a technicality to protect or preserve a broken system; its a very simple factual statement about how the system works. If people like you refuse to accept or understand the facts than I promise you have virtually no chance at changing the system.
I don't fail to distinguish moral and ethical from legal; which is why I used the Scarlet Letter as a reference to both the sex offender list and the Hawthorne novel, which most educated English speakers in the USA (and we are talking about US laws here) would recognize as a parable about the moral hazards of permanently fixing labels to people. I went on to question if such a punishment was justified (without mentioning the consequences we are all aware of, and I thought needless after the Scarlet Letter reference ), and if the labels actually of any practical use to the rest of society.
Next time you might try reading and listening careful to what others write an say before you attack them. There are lot people with bad ideas and bad values out there and in a political system such as ours its about aggregating numbers of people who share your opinions, if you want to win. You might want to be more careful to not mistake potential friends as foes, its going to make things much harder for you.