Oh, and one more thing, it's 'niche,' not 'nitch', despite the interesting way you guys pronounce it.:P
I have been reading your posts with glee. I found your numerous posts very educational. The seemingly effortless way you inform and ridicule at the same time is admirable. To borrow the catch phrase from the Guinness ad campaign in the US: "Brilliant!"
Pedantic as I am, I also cannot stand when people use words incorrectly (in the case of homonyms) or use non-existent words.
Presonally, my biggest pet peeve is "irregardless" (the usage of "nitch" and pronunciation of "niche" run second and third respectively). I don't care WHAT Mirriam Webster says. Damn it all, it's a double negative. When it's used, what one is effectively saying is "with regard" (or it would if it were a word to begin with). It does not mean "without regard" - which is how most are using it. "Irregardless" does not make someone sound intelligent. "Regardless" does.
Those white headphones suck ass. Awful bass response, really horrid high range. Unlistenable. After suffering for a day, I went to Fry's (we have one in Chicagoland, yay!) and picked up some Sony MDR-EX51LP for $40. They are a little tinny sounding, but using the EQ preset "Treble Reducer" really give these a rich sound.
Another thing, these are the "canal" ear-buds (they insert directly into the ear canal). I thought they might be more uncomfortable than the traditional ear-buds (I hate them! Very uncomfortable since I have smaller than normal ears). I'm glad I was wrong. This style of earphone is one of the most comfortable I've worn. Although now I wish I had gone for the Shure "canal" buds. But at $120, I think I'll wait until my tax return comes through.
Wouldn't the EMP also disable the "lock-out" mechinism? If the all the electronics are fried, I would think a simple mechanical modification could over-ride it anyway. In fact I bet there will be hacks to bypass the lock-out feature within 24 hrs of this thing being publicly available.
Actually it started as ARPAnet. And it wasn't started to send information "all over the world" for the government offices. It was started as way to:
1 - eliminate the need for 4 different terminal types on one desk.(that was how the idea germinated)
2 - Facilitate the sharing of information beteween gov't contractors and researchers who had ARPA grants.
3 - A way to timeshare systems for researchers who would not oridinarily have access to such systems.
It was US centric at the beginning and ARPA and ARPA's subcontractors/researchers only.
And to head this off at the pass, ARPA net was NOT designed for fault tolerence of command/control during a nuclear war. That was the impetus behind Paul Baran's development of the idea of packet-switching networks (that wasn't his name - the term "packet" came from Davies who sorta developed the same idea concurrently). He could never drum up support for the idea with ATT (really the only entity that could impliment it at the time). They said it was stupid idea. ARPA later grabbed the idea and used it because it lent a robustness to otherwise unlreliable lines of communications and the IMPs that terminated each line. The fact of the fault tolerence in terms of catastrophic destruction due to war is simply a coincidental side effect when you take into account the reasons the ARPA project was using packet switched networks.
Sorry. Got on my high-horse there. I just can't stand when people say that ARPAnet was designed in a distributed manner to survive a nuclear war (and even though no one's said it yet - well, this is Slashdot, so some future comments are predictable). Not true. It was the basis of Paul Baran's conceptual model of a packet switching distributed network.
Releasing the emails would be a violation of the contract, as well as of the rights of other people whose emails are there
A little thought about the "privacy" of the senders of email. Sorry, you have whatever privacy I (as the recipient) decide you have. Once those emails hit my Inbox, they are my property. I can do anything I want. I can publish them, read them aloud, print them out and post them on kiosks, whatever. Even those little disclaimers that appear at the end of corporate eamils are most likely invalid. They appear at the end of the email so the user cannot make an informed decision until AFTER the email is read (so the whole "by reading this email you agree..." gets tossed out). Plus you have already received the email sent without entering a prior agreement as to the disposition the emails, thus relieving ANY onus or contractual obligation regarding the non-disclosure of the email's content.
Also, AFAIK unless there's a definite will, I believe all control of assets is legally given to the next-of-kin (wife, brother, son, father, etc..)
As far as whether there's something in there the father would be better off not knowing... Well, that's more of a judgement call than a legal reason to deny him access. Yes, there may be risks involved, but that should be up to the father as the de-facto owner of these emails.
There is a machine in Chicago, and one in Miami, and one in Berlin, and one in London... (actually more than one at each location for load balancing). Part of the reason for having redundant machines in disparate locations (other than network load reduction - not insignificant) is for DR. If I lose the building with ALL my mission critical servers in it (say it burns to the ground), we're dead. I need to have hot sites available to get back within hours (well, minutes really) or we've potentially lost tens of millions in transactions (a LARGE international bank). In addition, if we were to move all our servers to a central location they would require a building all to themselves. Even just the critical systems would take more than one floor (and actually do). Now if I had a smaller shop (1000-2000 users) and I could take a couple days to get a offsite location up and running, I might choose to centralize the physical systems. But I can't and our executive staff would get nailed by due care liability from all the investors, creditors, and depositors.
Also, I never said it was accessable to the Internet. This is all internal (firewalled internally as well - with MAC filters, IDS, ACL, etc..). All of our servers (mission critical) are inaccessable from the Internet (and most of the internal network segments as well). That's why we have things like Frame Relay and ATM. Hell, we have a 10 person group whose only task is to keep track of the physical topology of the network.
I will agree with you that just by being networked at all makes them vulnerable. This is where Risk Assesment comes in. You have to balance risk with ease of use for end users and front-end systems. Part of that is how to recover quickly in case disaster. Part of it is how easily can the rest of the business units (the one's that actually make the company money) perform their jobs. What you try to do is minimize that risk by imposing some order of safeguards. That means following best-practices, implementing a rigorous patch test/release cycle, seperation of duties, etc... While there is risk in allowing ANY access to systems, I find selectively allowing SSH access to certain systems is a minimal risk that we as a business are willing to assume.
Don't get me wrong. I am not saying you are wrong at all. Your method is better than mine and many times I've wished I could do things that way (it would reduce my job complexity by an order of magnatude). Unfortunately, due to the nature of my business I do not have the option of centrally locating physical systems (my security operations are mostly centralized - it's easier to control and keep track of it, and make sure everyone is on track). Because of load and DR (and other reasons I haven't even touched on), I need to do things this way. While I AM at risk (the only secure system is one that's turned off and locked in a vault no one has the combo to), I do what I can to mitigate that risk and still be able to support the various business units in the company.
Of course, if you have EFS and forgot that password (which, let's face it, is pretty damn likely if you forgot the password for root!), you've just been fucked without being given dinner first.
That's why I have a password safe on my Palm Pilot (AES encrypted - strong passphrase). Of course if I forget that passphrase.. I'm pretty fucked:)
Which is why you don't allow anybody to have ssh or telnet access to a mission critical machine. Doing so is a HUGE security risk to begin with.
So, I'm gonna have send some poor schmuck from chicago to miami whenever I need to update my machines (for MySQL updates or something similar)? Why don't we just unplug the damn things from the network?
Perhaps that should read "...don't allow just anybody to have ssh..." When you have a systems admin, part of it is that you implicitly trust him/her to NOT run exploits on the machines - why would he/she anyway? They alreay have root. If you feel you can't trust them, they never should have been given that position.
Ssh is not a HUGE security risk, as you say. Allowing unfettered access to the machine is. However I do agree with the telnet issue. NEVER use anything that sends/authenticates in the clear on a mission crit system (really on ANY system - too many people use the same passwords on both pre-production and production systems). Telnet/FTP and others should NEVER be used. If you authenticate via a web server ALWAYS use SSL. Use TLS for SMTP. And son on. This is where a proper security dept comes into play - whether you call it TRM, InfoSec, Network Security,etc...
If they're filtering everything that comes through the switches, they don't need to login, right?
Isn't Gmail SSL? If so, it should be encrypted from the Gmail server to the client computer. I don't think they'd be able to "sniff" the password or filter out info at the switches/routers/gateways (unless, of course, you work for the NSA:).
If you use gmail, just remember to clear your cache - and use a wipe util if you're real paranoid.
With a corporation with millions of shareholders and thousands of managers of some sort, who owns it?
That is why Practices and Policies are enacted by a Board of Directors. The members of the Board are voted on by the shareholders (typically at annual or semi-annual shreholder meetings). They are elected by the shareholders to handle the management of the company on their behalf.
$500 isn't inexpensive, I can get a Dell system WITH a monitor for less than that and it includes Windows and an office suite. Try again Apple.
Yes, but you see, that Dell comes with Windows. And that's more of a price than I'm willing to pay:)
Well, yes I can, because that's covered separately under the "freedom of the press" provision...right?
Hate to burst your bubble, Matlock, but it's all the same "provision". It's called the 1st Amendment.
"Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press, or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances."
...try cleaning up what they can of the hundreds of tons of depleted uranium...
Man am I sick of this depleted uranium FUD. 1st and foremost, depleted uranium has a half-life of 4.5 billion years. Background radiation is stronger! Not only that, it is an alpha emitter. Alpha particles cannot penetrate the skin. You'd have to ingest it to affect your DNA or give you radiation sickness.
Sounds like you need a little remedial nuclear chem. Try this page:
I just seriously doubt that anyone will die of hunger/cold as a result of the flood...There are enough resources being brought in to keep it under control
This is perhaps the stupidest thing I have ever read. No one said anything about the cold, BTW. There are current projections that death caused by hunger and disease may equal the number of deaths caused by the tsunami itself. There are ruptured sewage lines, rotting human and animal corpses, and NO potable water. The transportation and communications infrastructure has been destroyed. How, percisely, is the relief supposed to get there in a timely manner. There's no roads, destoyed shipping ports, and flooded airports. The World Health Organization estimates it could take up to 72 hrs to deliver food, water and medical care to many areas. How well would you handle 72 hrs with no food or potable water and most likely contracting cholera or typhus? Oh, I forgot, you're too worried about being able to download movies to wrap your little pea-brain around that.
Your additional personal donation just won't make a difference
Jesus, how pathetic. They are going to need billions for relief in that area. Every penny toward that goal is significant. But, I'm sure you know no one affected so it's OK. I hope I run across you wounded in the street so I can watch you bleed out. Hey, according to your philosophy it's not affecting me so why should I care or help?
I urge everyone to go to Amazon and donate what you can afford (don't take food off your table). Even if it's only $5. Every little bit helps! As of this posting they've raised $3,475,283.99 (in only 36 hrs!). But of course according to khrtt that won't make any impact. It's better to defend the nebulous "right" to download ripped DVDs.
Bankruptcy will not remove any encumbrances placed by the Federal Government. So any back taxes and punitive fines will still be there until they are paid, regardless of how many times one declares bankruptcy.
People here seem to think that eventually this will run through the population and be done. Why? There is nothing that says you can't go back and sign up for more stuff. So you get a circle of friends of 5 people and complete the req's for each other. I don't know if you can sign up for the 45 days of free AOL - cancel - and repeat, but there seems to be a lot of other stuff you can sign up for. Unlike traditional pyramid schemes, you are not "stuck" on the stratum you entered on.
That being said, my privacy and the privacy of my friends is not for sale. I would never enter one of these things. I make enough money and will simply cough up the simoleans if I want an iPod or a flat screen.
Slashdot Mirror
Not every OSS project is GPL.
Oh, and one more thing, it's 'niche,' not 'nitch', despite the interesting way you guys pronounce it. :P
I have been reading your posts with glee. I found your numerous posts very educational. The seemingly effortless way you inform and ridicule at the same time is admirable. To borrow the catch phrase from the Guinness ad campaign in the US: "Brilliant!"
Pedantic as I am, I also cannot stand when people use words incorrectly (in the case of homonyms) or use non-existent words.
Presonally, my biggest pet peeve is "irregardless" (the usage of "nitch" and pronunciation of "niche" run second and third respectively). I don't care WHAT Mirriam Webster says. Damn it all, it's a double negative. When it's used, what one is effectively saying is "with regard" (or it would if it were a word to begin with). It does not mean "without regard" - which is how most are using it. "Irregardless" does not make someone sound intelligent. "Regardless" does.
...the white headphones...
Those white headphones suck ass. Awful bass response, really horrid high range. Unlistenable. After suffering for a day, I went to Fry's (we have one in Chicagoland, yay!) and picked up some Sony MDR-EX51LP for $40. They are a little tinny sounding, but using the EQ preset "Treble Reducer" really give these a rich sound.
Another thing, these are the "canal" ear-buds (they insert directly into the ear canal). I thought they might be more uncomfortable than the traditional ear-buds (I hate them! Very uncomfortable since I have smaller than normal ears). I'm glad I was wrong. This style of earphone is one of the most comfortable I've worn. Although now I wish I had gone for the Shure "canal" buds. But at $120, I think I'll wait until my tax return comes through.
Wouldn't the EMP also disable the "lock-out" mechinism? If the all the electronics are fried, I would think a simple mechanical modification could over-ride it anyway. In fact I bet there will be hacks to bypass the lock-out feature within 24 hrs of this thing being publicly available.
Actually it started as ARPAnet. And it wasn't started to send information "all over the world" for the government offices. It was started as way to:
1 - eliminate the need for 4 different terminal types on one desk.(that was how the idea germinated)
2 - Facilitate the sharing of information beteween gov't contractors and researchers who had ARPA grants.
3 - A way to timeshare systems for researchers who would not oridinarily have access to such systems.
It was US centric at the beginning and ARPA and ARPA's subcontractors/researchers only.
And to head this off at the pass, ARPA net was NOT designed for fault tolerence of command/control during a nuclear war. That was the impetus behind Paul Baran's development of the idea of packet-switching networks (that wasn't his name - the term "packet" came from Davies who sorta developed the same idea concurrently). He could never drum up support for the idea with ATT (really the only entity that could impliment it at the time). They said it was stupid idea. ARPA later grabbed the idea and used it because it lent a robustness to otherwise unlreliable lines of communications and the IMPs that terminated each line. The fact of the fault tolerence in terms of catastrophic destruction due to war is simply a coincidental side effect when you take into account the reasons the ARPA project was using packet switched networks.
Sorry. Got on my high-horse there. I just can't stand when people say that ARPAnet was designed in a distributed manner to survive a nuclear war (and even though no one's said it yet - well, this is Slashdot, so some future comments are predictable). Not true. It was the basis of Paul Baran's conceptual model of a packet switching distributed network.
Releasing the emails would be a violation of the contract, as well as of the rights of other people whose emails are there
A little thought about the "privacy" of the senders of email. Sorry, you have whatever privacy I (as the recipient) decide you have. Once those emails hit my Inbox, they are my property. I can do anything I want. I can publish them, read them aloud, print them out and post them on kiosks, whatever. Even those little disclaimers that appear at the end of corporate eamils are most likely invalid. They appear at the end of the email so the user cannot make an informed decision until AFTER the email is read (so the whole "by reading this email you agree..." gets tossed out). Plus you have already received the email sent without entering a prior agreement as to the disposition the emails, thus relieving ANY onus or contractual obligation regarding the non-disclosure of the email's content.
Also, AFAIK unless there's a definite will, I believe all control of assets is legally given to the next-of-kin (wife, brother, son, father, etc..)
As far as whether there's something in there the father would be better off not knowing... Well, that's more of a judgement call than a legal reason to deny him access. Yes, there may be risks involved, but that should be up to the father as the de-facto owner of these emails.
How about grammar instead of grammer (whatever that is).
Oh yeah, your should be you're.
If you're (see how you + are works?) criticizing someone's spelling, at least be able to spell correctly. It makes you like less of an idiot.
There is a machine in Chicago, and one in Miami, and one in Berlin, and one in London... (actually more than one at each location for load balancing). Part of the reason for having redundant machines in disparate locations (other than network load reduction - not insignificant) is for DR. If I lose the building with ALL my mission critical servers in it (say it burns to the ground), we're dead. I need to have hot sites available to get back within hours (well, minutes really) or we've potentially lost tens of millions in transactions (a LARGE international bank). In addition, if we were to move all our servers to a central location they would require a building all to themselves. Even just the critical systems would take more than one floor (and actually do). Now if I had a smaller shop (1000-2000 users) and I could take a couple days to get a offsite location up and running, I might choose to centralize the physical systems. But I can't and our executive staff would get nailed by due care liability from all the investors, creditors, and depositors.
Also, I never said it was accessable to the Internet. This is all internal (firewalled internally as well - with MAC filters, IDS, ACL, etc..). All of our servers (mission critical) are inaccessable from the Internet (and most of the internal network segments as well). That's why we have things like Frame Relay and ATM. Hell, we have a 10 person group whose only task is to keep track of the physical topology of the network.
I will agree with you that just by being networked at all makes them vulnerable. This is where Risk Assesment comes in. You have to balance risk with ease of use for end users and front-end systems. Part of that is how to recover quickly in case disaster. Part of it is how easily can the rest of the business units (the one's that actually make the company money) perform their jobs. What you try to do is minimize that risk by imposing some order of safeguards. That means following best-practices, implementing a rigorous patch test/release cycle, seperation of duties, etc... While there is risk in allowing ANY access to systems, I find selectively allowing SSH access to certain systems is a minimal risk that we as a business are willing to assume.
Don't get me wrong. I am not saying you are wrong at all. Your method is better than mine and many times I've wished I could do things that way (it would reduce my job complexity by an order of magnatude). Unfortunately, due to the nature of my business I do not have the option of centrally locating physical systems (my security operations are mostly centralized - it's easier to control and keep track of it, and make sure everyone is on track). Because of load and DR (and other reasons I haven't even touched on), I need to do things this way. While I AM at risk (the only secure system is one that's turned off and locked in a vault no one has the combo to), I do what I can to mitigate that risk and still be able to support the various business units in the company.
Of course, if you have EFS and forgot that password (which, let's face it, is pretty damn likely if you forgot the password for root!), you've just been fucked without being given dinner first.
:)
That's why I have a password safe on my Palm Pilot (AES encrypted - strong passphrase). Of course if I forget that passphrase.. I'm pretty fucked
I Own any Linux box I have physical access to with any Gentoo/Slackware CD I happen to carry with me Two words:
encrypted filesystem.
Which is why you don't allow anybody to have ssh or telnet access to a mission critical machine. Doing so is a HUGE security risk to begin with.
So, I'm gonna have send some poor schmuck from chicago to miami whenever I need to update my machines (for MySQL updates or something similar)? Why don't we just unplug the damn things from the network?
Perhaps that should read "...don't allow just anybody to have ssh..." When you have a systems admin, part of it is that you implicitly trust him/her to NOT run exploits on the machines - why would he/she anyway? They alreay have root. If you feel you can't trust them, they never should have been given that position.
Ssh is not a HUGE security risk, as you say. Allowing unfettered access to the machine is. However I do agree with the telnet issue. NEVER use anything that sends/authenticates in the clear on a mission crit system (really on ANY system - too many people use the same passwords on both pre-production and production systems). Telnet/FTP and others should NEVER be used. If you authenticate via a web server ALWAYS use SSL. Use TLS for SMTP. And son on. This is where a proper security dept comes into play - whether you call it TRM, InfoSec, Network Security,etc...
If they're filtering everything that comes through the switches, they don't need to login, right?
:).
Isn't Gmail SSL? If so, it should be encrypted from the Gmail server to the client computer. I don't think they'd be able to "sniff" the password or filter out info at the switches/routers/gateways (unless, of course, you work for the NSA
If you use gmail, just remember to clear your cache - and use a wipe util if you're real paranoid.
With a corporation with millions of shareholders and thousands of managers of some sort, who owns it?
That is why Practices and Policies are enacted by a Board of Directors. The members of the Board are voted on by the shareholders (typically at annual or semi-annual shreholder meetings). They are elected by the shareholders to handle the management of the company on their behalf.
$500 isn't inexpensive, I can get a Dell system WITH a monitor for less than that and it includes Windows and an office suite. Try again Apple. Yes, but you see, that Dell comes with Windows. And that's more of a price than I'm willing to pay :)
Well, yes I can, because that's covered separately under the "freedom of the press" provision...right?
Hate to burst your bubble, Matlock, but it's all the same "provision". It's called the 1st Amendment.
"Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press, or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances."
...try cleaning up what they can of the hundreds of tons of depleted uranium...
Man am I sick of this depleted uranium FUD. 1st and foremost, depleted uranium has a half-life of 4.5 billion years. Background radiation is stronger! Not only that, it is an alpha emitter. Alpha particles cannot penetrate the skin. You'd have to ingest it to affect your DNA or give you radiation sickness.
Sounds like you need a little remedial nuclear chem. Try this page:
Radiation
Please take note of this (it's stated more than once on this page): " c. Alpha rays are so big and charged that they don't penetrate the skin"
I just seriously doubt that anyone will die of hunger/cold as a result of the flood...There are enough resources being brought in to keep it under control
This is perhaps the stupidest thing I have ever read. No one said anything about the cold, BTW. There are current projections that death caused by hunger and disease may equal the number of deaths caused by the tsunami itself. There are ruptured sewage lines, rotting human and animal corpses, and NO potable water. The transportation and communications infrastructure has been destroyed. How, percisely, is the relief supposed to get there in a timely manner. There's no roads, destoyed shipping ports, and flooded airports. The World Health Organization estimates it could take up to 72 hrs to deliver food, water and medical care to many areas. How well would you handle 72 hrs with no food or potable water and most likely contracting cholera or typhus? Oh, I forgot, you're too worried about being able to download movies to wrap your little pea-brain around that.
Your additional personal donation just won't make a difference
Jesus, how pathetic. They are going to need billions for relief in that area. Every penny toward that goal is significant. But, I'm sure you know no one affected so it's OK. I hope I run across you wounded in the street so I can watch you bleed out. Hey, according to your philosophy it's not affecting me so why should I care or help?
I urge everyone to go to Amazon and donate what you can afford (don't take food off your table). Even if it's only $5. Every little bit helps! As of this posting they've raised $3,475,283.99 (in only 36 hrs!). But of course according to khrtt that won't make any impact. It's better to defend the nebulous "right" to download ripped DVDs.
What an asshat.
Now that's quite an accomplishment, seeing as Newton hadn't even been born yet...
Haberdash!
Did you mean balderdash? Haberdash is a verb meaning to deal in small wares.
Bankruptcy will not remove any encumbrances placed by the Federal Government. So any back taxes and punitive fines will still be there until they are paid, regardless of how many times one declares bankruptcy.
Ah... don't worry. People with his views are rapidly becoming marginalized in US politics.
People here seem to think that eventually this will run through the population and be done. Why? There is nothing that says you can't go back and sign up for more stuff. So you get a circle of friends of 5 people and complete the req's for each other. I don't know if you can sign up for the 45 days of free AOL - cancel - and repeat, but there seems to be a lot of other stuff you can sign up for. Unlike traditional pyramid schemes, you are not "stuck" on the stratum you entered on.
That being said, my privacy and the privacy of my friends is not for sale. I would never enter one of these things. I make enough money and will simply cough up the simoleans if I want an iPod or a flat screen.
What challenge? Opened without a problem in mplayer... Stop spreading FUD just because you cannot configure your box correctly!
Boy, I bet you're real fun at parties... You just suck all the joy out of the room when you arrive, don't you.
I know this is OT. But I thought of a way to give RMS a stroke (or a facial tic at the vary least):
:)
:)
.. Happy Holidays
Me: Boy I sure like my Linux system
RMS : That's GNU/Linux!
Me: Yep, brand-spanking new
RMS: No, no, no! That's GNU G-N-U. GNU/Linux..
Me: GNU/Linux? What's that?
RMS: GAH! It's what you have installed!!
Me: Oh, you mean Linux
RMS: GNU/Linux!!!
*** Repeat ad infinitum
Bonus pts if you actually say Linux OS by the Red Hat people
Merry Chr.. er