Believe me, I like thousands of others here that are responsible for more computers than their own read that article before the ink was dry, and immediately acted upon it. The interaction of Server and RPC services is beside the point, and for many machines if you're going to disable RPC, you might as well unplug it from the network - it'd be practically useless.
Mod informative. In this case, it's the "Server Service", not the RPC service. And yeah, they sure are needed for certain things. Did you think these services were only included to provide an attack vector? Oh wait, don't answer that.
Great, but what's under the hood? Linux? Some update to the old PalmOS? Apple's Copland OS?
Most importantly, it isn't Windows Mobile. I'm sure it's still well within' Palm's capacity to make a device seriously suck without it, but they'll have their work cut out for them.
You've probably wasted more of the boss' money reading this comment:)
That's pretty much what I said in an IT meet a couple of weeks ago, when an email from a receptionist was tabled suggesting unplugging her (automatically powersaving) laser copier at end of day. Fine idea, but you could see from the email it went from her, all the way up the chain of management to the CEO, and back down again through IT management to me.
And even if they do catch the perp (and the headlines read something seemingly glamorous) who's to know whether the data won't still be in someone else's hands? - net result adding a $1m insult to $? injury.
If you know what vulnerability you'd be attacking up front (e.g. an historical web server buffer overflow / stack smash) all you need is a compiler / assembler for whatever language you choose. Difference with nmap and nc is, they're more readily idendifiable as tools that could assist breakins.
Thanks for being one of the few not to descend to personal attacks/
To others: well, I might be wrong on this point - I certainly can see both sides of the argument, and I've chosen one. If that necessarily means to you that I therefore cannot be an engineer, well, you have bigger problems than some twit on slashdot disagreeing with you on a piece of terminology, and can only conclude that to be qualified, one must be in agreement with you completely. You've got to at least accept that it took more balls from me to log in push an unpopular viewpoint than it took for you to take a stab while providing no more of a counterargument than reminding me of the title of a 20 year old paper, simply appealing to authority and tradition.
It used to be you used three cheap 4 gig drives instead of a single nine. That was when 4 gig drives were "cheap". Capacity/Spindle never kept with the rate of growth of the data we keep, now we have to build SANs out of shelves and shelves of disks. We don't do it because it's cheaper than buying single multi-Exabyte drives, we do it because it's the only way.
When you build a SAN in a datacenter, one typically installs the largest, fastest (not disregarding application usage patterns of course), and implicitly most expensive spindles you can get. Like hell would you install disks a generation old (inexpensive) and use twice as many shelves (and power) these days. What little meaning "inexpensive" ever held, it has well and truly gone.
I was politely saying "inexpensive" was an obviously bad choice of words in the first place. For whatever reasons the otherwise smart chaps who devised RAID decided to use that word, at no stage was it a characteristic of RAIDsets that they were made of inexpensive disks.
I don't really care if that satisfies a gutless twerp like you that a RAID really is an array of "inexpensive disks" - anybody actually dealing with them knows they're not inexpensive. Engineers like myself have one definition, laypeople like yourselves have another, how very unusual.
Well, while the original intention might have been to get big money disk performance out of relatively cheap disks, these days I would think most people mean 'independent' instead. When we built our RAID, we used some of the most expensive FC disks going. Inexpensive has no meaning in RAIDs of today, if it ever did.
If a single pair of disks matching the performance of my RAID could be had (for say, twice as much money) then yes, my disks would be "inexpensive". But such a disk set doesn't exist (or didn't at the time), and saving money was certainly not our intention.
Neither Apple nor the various Linux/OSS developers have anywhere near the testing unit that Microsoft has to uncover these flaws, nor do they have anywhere near the level of real-world users testing their software
Right, that's why this bug has lurked undetected for almost a decade, right?
Mine is an interpretation, yours is an assumption. Situations resulting in you not getting your deposit back are almost certainly not limited to damage of it. What about taking longer than 3 days? What about simply refusing to return it?
However the condition specified for receiving the deposit is return of the drive - which you won't be doing if you win it.
Hell, for the pathetic amount of money, I'm considering paying the depost, receiving the drive and simply keeping it, just for shits and giggles.
Slashdot Mirror
My grandmother used anecdotal evidence all the time - she lived to be 125, and never had this problem with her Belkin USB hub.
Believe me, I like thousands of others here that are responsible for more computers than their own read that article before the ink was dry, and immediately acted upon it. The interaction of Server and RPC services is beside the point, and for many machines if you're going to disable RPC, you might as well unplug it from the network - it'd be practically useless.
If disappearing is outlawed, only outlaws will disappear.
Mod informative. In this case, it's the "Server Service", not the RPC service. And yeah, they sure are needed for certain things. Did you think these services were only included to provide an attack vector? Oh wait, don't answer that.
Most importantly, it isn't Windows Mobile. I'm sure it's still well within' Palm's capacity to make a device seriously suck without it, but they'll have their work cut out for them.
Just stick to the standard 'Whoosh!', please.
And 'trained to be criminals', sheesh!
It's going to create a shipping in handling industy so that neither it, nor you, will need to continue to swim to Europe for beer any longer.
Dear god how I wish that were still true.
Awright?
That's pretty much what I said in an IT meet a couple of weeks ago, when an email from a receptionist was tabled suggesting unplugging her (automatically powersaving) laser copier at end of day. Fine idea, but you could see from the email it went from her, all the way up the chain of management to the CEO, and back down again through IT management to me.
FIVE DOLLARS per kilowatt-hour? In New Zealand I'm currently paying 12 cents, roughly USD 0.22.
And even if they do catch the perp (and the headlines read something seemingly glamorous) who's to know whether the data won't still be in someone else's hands? - net result adding a $1m insult to $? injury.
If you know what vulnerability you'd be attacking up front (e.g. an historical web server buffer overflow / stack smash) all you need is a compiler / assembler for whatever language you choose. Difference with nmap and nc is, they're more readily idendifiable as tools that could assist breakins.
Thanks for being one of the few not to descend to personal attacks/
To others: well, I might be wrong on this point - I certainly can see both sides of the argument, and I've chosen one. If that necessarily means to you that I therefore cannot be an engineer, well, you have bigger problems than some twit on slashdot disagreeing with you on a piece of terminology, and can only conclude that to be qualified, one must be in agreement with you completely. You've got to at least accept that it took more balls from me to log in push an unpopular viewpoint than it took for you to take a stab while providing no more of a counterargument than reminding me of the title of a 20 year old paper, simply appealing to authority and tradition.
It used to be you used three cheap 4 gig drives instead of a single nine. That was when 4 gig drives were "cheap". Capacity/Spindle never kept with the rate of growth of the data we keep, now we have to build SANs out of shelves and shelves of disks. We don't do it because it's cheaper than buying single multi-Exabyte drives, we do it because it's the only way.
When you build a SAN in a datacenter, one typically installs the largest, fastest (not disregarding application usage patterns of course), and implicitly most expensive spindles you can get. Like hell would you install disks a generation old (inexpensive) and use twice as many shelves (and power) these days. What little meaning "inexpensive" ever held, it has well and truly gone.
I was politely saying "inexpensive" was an obviously bad choice of words in the first place. For whatever reasons the otherwise smart chaps who devised RAID decided to use that word, at no stage was it a characteristic of RAIDsets that they were made of inexpensive disks.
I don't really care if that satisfies a gutless twerp like you that a RAID really is an array of "inexpensive disks" - anybody actually dealing with them knows they're not inexpensive. Engineers like myself have one definition, laypeople like yourselves have another, how very unusual.
If a single pair of disks matching the performance of my RAID could be had (for say, twice as much money) then yes, my disks would be "inexpensive". But such a disk set doesn't exist (or didn't at the time), and saving money was certainly not our intention.
Phew. Until you chimed in I was starting to think I was the only one.
Rather than simply suggest the G.P. might be oblivious, why didn't you provide examples of the explots that seem to have escaped his attention?
Right, that's why this bug has lurked undetected for almost a decade, right?
Personally, I like the notion of not having to download a whole lot of crap that I'm bound to use on Day 1.
Wow, that reaction and comment really made you look intelligent.
The only time they're predictable is straight after you've shot 'em.
However the condition specified for receiving the deposit is return of the drive - which you won't be doing if you win it.
Hell, for the pathetic amount of money, I'm considering paying the depost, receiving the drive and simply keeping it, just for shits and giggles.