can be used to introduce malware or steal corporate data
Sounds like what they really need to ban is Internet Explorer.
On a more serious note, it comes down to how the corporation treats its employees. Study after study has shown that well-paid, fairly-treated employees protect their employer's interest. Abused employees who work for companies that regard their employees as "resources" to be exploited tend to hate their employer and feel no loyalty at all. Disguntled employess tend to feel that stealing from their employer or sabotaging them is a form of justice or payback. When your employees feel this way, there is little that can stop them (after all, who can you trust if you can't trust your own people?).
So the lesson here for employers is "Take Care of Your Soldiers and Your Soldiers will take Care of You". Unfortunately, PHBs up at the executive suite never seem to be able figure that out.
My point is that a default vanilla install of Windows itself does not have these utilities or anything close, but a default vanilla install of unix does. And yes, I know about Cygwin. I use X on Cygwin everyday to log into my Fedora box.
While Services for Unix or Cygwin might be great at emulating a unix envirnoment, these tools are not
Windows defaults. You won't find them on vanilla NT/2K/XP installs. You have to hunt for them and install them. Even though Service for Unix is great (hey.. its based on OpenBSD!), those tools are not part of the core OS.
Well. I don't think Morlath should have been modded as a troll, but I do disagree with his post. My point is that the default windows tools (when they even exist) are weak compared to their default unix counterparts. I don't think VB or the windows scripting tool comes anywhere close to the power of the unix shells and tools.
You prove my point for me. I would have to hunt down, download, and install all of those things to do what I can already do in unix with a barebones install. And I still probably wouldn't be able to pipe them togather or script them to build a more powerful sum of the indivdual parts. On unix, those capabilities are built into a default install.
All the things you mentioned are not what you would typically find on a default windows install or even on the Windows CD. But they *ARE* found by default on every unix system (except perhaps somehthing like a stripped down appliance). Nor is there an easy all-in-one system of packages and mirrors to install such things in windows.
If I wanted to, I could point my browser to sourceforge and download and install all the gnuwin32 utilities, but again, that would prove my point. They are not native or default components of Windows, nor are they available in the "Add windows component" section of control panel.
Unix Tools and Shells.. that's what windows lacks
on
Linux Users Are Spoiled
·
· Score: 4, Informative
What I find lacking in Windows is not so much the third-party applications (like work-processers and such), but what really is lacking is a powerful toolset and shell. When I set down at a linux or bsd box (even a barebones minimal install), I will find by default things like grep, awk, sed, zcat, tar, mail, and probably perl (to mention just a few). Add in the power of pipes to glue it all togather and a good scriptable shell (like bash or ksh) and a unix user is superman compared to a windows user. I don't know how many times I've found myself sitting at a Win2k box and wanted to parse and rearange some stupid ascii text report only to have to fire up notepad and start editing line-by-line. A unix box would have let me pipe it through awk or sed and be done with it in seconds.
And if your install doesn't have what you want then grab it from a mirror (apt-get for linux or pkg_add for bsd) and seconds later you are working away productively. Windows doesn't even come close to that kind of power.
Is IE targeted because it is widespread? Perhaps. But that does not mean Mozilla is just as insecure.
It's not just that IE is widespread, but its a design issue. If the usage numbers were inverted, IE would still have more exploits because it has some extremely poor design concepts behind it. First, it is directly hooked into the OS. If an exploit executes on the browser, then it is a very short leap for it to execute on the OS. Second, IE has a promiscuous plug-in model that allows nasty malware to execute without enough checks or controls.
What drug was the IE design team engineers taking when they decided to to let (or at least failed to prevent) untrusted program execution? The drug is named "Market-share". They were trying to turn on as many features as possible to capture every possible market. Microsoft made an early design decision to tout features over correctness. It is a fatal defect that now is probably nearly impossible to correct.
Now that MS is re-starting IE development, they should probably do what the Mozilla team was forced to do years ago. When Mozilla first inherited NS-Navigator 4.X, they looked at it and decided to ditch most of it. They started clean with new design concepts. I think MS is going have to do the same thing. The current design of IE is fattaly flawed. It will have to be rebuilt from the ground up with a new security model.
Unfortunatly this describes 90% of people out there. The only way I can think of to overcome that kind of pervasive ignorace is a public service campaign like the anti-drug campaigns.
[joke] "This is your computer.. this is your computer on Internet Explorer" -or- "Friends don't let Friends use Internet Explorer" -or- "Just say No to Internet Explorer" [/joke]
Seriously, there needs to be a TV campaign or even public service banners on high traffic sites like google or CNN.
Before you make a knee-jerk reaction and moderate - read the entire post and following the links. You will might learn something you didn't know before.
Michael Moore does not just disagree with Bush Administration policies, he hates America and Americans generally. He actually thinks America's enemies are the good guys and Americans are the bad guys (or at best, Americans are idiots). Michael Moore has gone so far as to say that the terrorists who are car-bombing civilians and cutting off civilians' heads in Iraq are the moral equivalent of America's Founding Fathers. (See David Brooks' June 26 column in the NY Times )
Moore goes beyond "loyal opposition" against failed polies. Disagreeing with Bush is *NOT* disloyal. Hoping that your own country's soldiers die, working to make your country loose a war by undermining morale, and overtly supporting its enemies *IS* disloyal and *IS* treason. Michael Moore is not a legitimate dissenting voice against the Bush Administration, he is a traitor against America.
I myself think that Bush & company have bungled the entire Iraq mess. But I'll never cross the line to hoping my own countrymen get butchered by our enemies.
"To store at a house, you need to get additional storage permission, and for me, since I live in a residential area, it's basically impossible," Ebert said. "You have to get local fire marshal approval. The fire marshal's not going to give you permission to store explosives."
Do you want your neighbor storing explosives next door?
I plan to have another crack at that Thinkpad, now that OpenBSD 3.5 has new boot code.
I was using a 3.4 install disk. The Compaq that I tried it on wouldn't even boot at all with 3.4. If the boot code is different on 3.5, I'll give it another try.
I a few weeks ago, I decided to give OpenBSD a try, having used FreeBSD and Linux quite a lot. So I downloaded and wrote the ftp install disk and booted it on my old AMD Athlon 750. I set up all the disks slices and everything was going fine until it was time to initialize the NIC so I could start downloading packages. The install issued an error message about a "stray interrupt" on IRQ 7 and then it locked up hard. So, I thought "that was strange" and power cycled the machine and tried again. Same thing. So I googled through countless message boards and determined that the kernel probably didn't like the chipset on my motherboard. There were various fixes offered (such as enabling lpt in the bios) but none worked.
Now the interesting thing is that a vanilla linux kernel (I built Linux From Scratch on this box before) will issue a similar message ("spurious interrupt"), but Linux won't lock up like OpenBSD did. Linux just sends the message to stderr and keeps on working. Most distribution tweaked kernels don't have any problem at all and never complain.
Well, "no problem, you've got some flaky hardware" you are probably getting ready to say. I thought so too. So I tried it on another box (This one a P-3 450 Compaq). This time the installer wouldn't even boot. It issued some cryptic message and stopped before the installer's kernel was even booted. Having struck out on two machines, I gave up and installed FreeBSD without incident.
I had started with high hopes of giving OpenBSD a whirl because I wanted to try out what has been described as a bloat-less, minimal, well put togather unix that emphasized correctness over bleed-edge features. I was not impresed. The whold affair has sort of put me off from OpenBSD. I know OpenBSD is focused on security and not having pretty installers. I don't care if the installer is pretty, but I do care it it locks up and is unusable on fairly standard equipment. Neither of these machines have anything exotic about them. They are just standard x86 boxen that work well with FreeBSD and Linux. The OpenBSD team needs to give their installer some more polish (from the functional standpoint not the prettiness standpoint)
First, you are redefining war. A war does not have to be a conflict between nations. A civil war, for instance, is not a war between nations, but is between two political groups. A belligerant party to war need not control territory. For instance, gueriila armies often do not "control" territory.
A war is an armed conflict in which one or both parties seek to impose a policital aim on the other. Terrorism is certainly a war. Calling terrorism "war" is not hyperbole like the "War on drugs" or the "War on Crime" or the "War on Copyright Infringement", all of which are not wars. But the organized use of armed force to impose a political aim is war and terrorism falls within that definition.
I suggest that you reevaluate your threat estimates; when you can be killed without a trial, you can be killed for any reason or no reason at all.
Under the laws of war, nobody is summarily executed. A combatant who is captured but who's status is undetermined is to be brought before a military tribunal who will make a determination of his status (e.g. POW, a non-combantant accidentially caught, a common criminal, or an illegal combantant). He will then be treated accordingly. I do have a problem with the Bush administration simply hodling people and not conviening the tribuals quickly as they are required to under the laws of war.
A terrorist is an enemy soldier. He is fighting a war, not shoplifting. We need to stop looking at terrorism as a crime issue and realize it is a National Security/War issue. The FBI is simply a glorified police force and has proven itself to be either completely inadequate or completely incompetent in fighting a war.
Arrest and try criminals according to the applicable penal laws, but capture or kill enemy terrorist according to the applicable customs and laws of war.
The map has no link (not even faded) between C/C++ and PHP, but does have one from Perl. Granted, PHP was orginally a wrapper for Perl scripts and it does use some Perl type syntax for regular expressions, but it's overall syntax and "look & feel" is much more C-ish than Perl-ish.
Maybe somebody can correct me if I'm wrong (and I know they will), but I don't think I've ever seen binary incompatibility brought on by a minor version increment in FreeBSD. With glibc, it seems that moving from say 2.2 to 2.3 is guaranteed to break your binaries unless you install the compatibility patch or re-compile.
Quandt also contends that FreeBSD is not currently on the same level as Linux when it comes to supporting heavy enterprise workloads. "The community activity around Linux in the late 1990s and support from system vendors and large independent software vendors fueled key enhancements in Linux," Quandt said. "Improvements in symmetric multiprocessing (SMP) virtual memory, asynchronous I/O, a native POSIX thread library, as well as other features and support from multiple vendors [in Linux] made FreeBSD a less likely choice for enterprise workloads."
Big Business has put a lot of money into Linux, and it is just now overtaking FreeBSD (and then only in some areas). If just half of the money and effort that has been poured into Linux had been put into *BSD, FreeBSD would be a truly bad-ass system and would probably smoke any other Unix/Unix clone. I had high hopes that Apple would contribute back to the community, but I don't think that has materialized like I had hoped. Although I don't like to get into the license religous wars (I prefer the BSD license for freedom), I think this is a case where the GPL has served Linux well by forcing users (i.e. developing corporations) to give back.
As far as stability and consistancey goes, only Debian-Stable approaches BSD, because Debian enforces a strict development and testing process (as opposed to adding in just any random unstable bleeding edge package because it is "new").
Apparently BayStar wanted SCO to get out of the Unix business and into the lawsuit business. But what if they did the opposite? What if they stopped forking money over to lawyers and concentrated on developing and selling Unix? They still had 10M in revenue from this quarter. They only spent 1.9M to make that revenue plus another 2.8M in R&D. That's a potential operating profit of 5.3M. There are many small businesses that would be glad to make 5.3M every quarter. The IP-licensing side of their business with all their lawsuits cost SCO 4.4M (see the line about Cost of SCOsource licensing revenue) and only paid back 11K. I think you can see where the money is hemorrhaging.
I was never a SCO Unix user, but I understand it was (at one time) a repectable unix back in the day and I don't see why it can't be again with a quarterly R&D bugdet of 2.8M. If I was a serious shareholder (not a speculator) interested in growing the business, I would want to know why they don't stop wasting money on this longshot lawsuit crapshoot and start concentrating on what they themselves describe as their "core" business.
Slashdot Mirror
On a more serious note, it comes down to how the corporation treats its employees. Study after study has shown that well-paid, fairly-treated employees protect their employer's interest. Abused employees who work for companies that regard their employees as "resources" to be exploited tend to hate their employer and feel no loyalty at all. Disguntled employess tend to feel that stealing from their employer or sabotaging them is a form of justice or payback. When your employees feel this way, there is little that can stop them (after all, who can you trust if you can't trust your own people?).
So the lesson here for employers is "Take Care of Your Soldiers and Your Soldiers will take Care of You". Unfortunately, PHBs up at the executive suite never seem to be able figure that out.
My point is that a default vanilla install of Windows itself does not have these utilities or anything close, but a default vanilla install of unix does. And yes, I know about Cygwin. I use X on Cygwin everyday to log into my Fedora box.
While Services for Unix or Cygwin might be great at emulating a unix envirnoment, these tools are not Windows defaults. You won't find them on vanilla NT/2K/XP installs. You have to hunt for them and install them. Even though Service for Unix is great (hey.. its based on OpenBSD!), those tools are not part of the core OS.
Well. I don't think Morlath should have been modded as a troll, but I do disagree with his post. My point is that the default windows tools (when they even exist) are weak compared to their default unix counterparts. I don't think VB or the windows scripting tool comes anywhere close to the power of the unix shells and tools.
You prove my point for me. I would have to hunt down, download, and install all of those things to do what I can already do in unix with a barebones install. And I still probably wouldn't be able to pipe them togather or script them to build a more powerful sum of the indivdual parts. On unix, those capabilities are built into a default install.
All the things you mentioned are not what you would typically find on a default windows install or even on the Windows CD. But they *ARE* found by default on every unix system (except perhaps somehthing like a stripped down appliance). Nor is there an easy all-in-one system of packages and mirrors to install such things in windows.
If I wanted to, I could point my browser to sourceforge and download and install all the gnuwin32 utilities, but again, that would prove my point. They are not native or default components of Windows, nor are they available in the "Add windows component" section of control panel.
What I find lacking in Windows is not so much the third-party applications (like work-processers and such), but what really is lacking is a powerful toolset and shell. When I set down at a linux or bsd box (even a barebones minimal install), I will find by default things like grep, awk, sed, zcat, tar, mail, and probably perl (to mention just a few). Add in the power of pipes to glue it all togather and a good scriptable shell (like bash or ksh) and a unix user is superman compared to a windows user. I don't know how many times I've found myself sitting at a Win2k box and wanted to parse and rearange some stupid ascii text report only to have to fire up notepad and start editing line-by-line. A unix box would have let me pipe it through awk or sed and be done with it in seconds.
And if your install doesn't have what you want then grab it from a mirror (apt-get for linux or pkg_add for bsd) and seconds later you are working away productively. Windows doesn't even come close to that kind of power.
Is IE targeted because it is widespread? Perhaps. But that does not mean Mozilla is just as insecure.
It's not just that IE is widespread, but its a design issue. If the usage numbers were inverted, IE would still have more exploits because it has some extremely poor design concepts behind it. First, it is directly hooked into the OS. If an exploit executes on the browser, then it is a very short leap for it to execute on the OS. Second, IE has a promiscuous plug-in model that allows nasty malware to execute without enough checks or controls.
What drug was the IE design team engineers taking when they decided to to let (or at least failed to prevent) untrusted program execution? The drug is named "Market-share". They were trying to turn on as many features as possible to capture every possible market. Microsoft made an early design decision to tout features over correctness. It is a fatal defect that now is probably nearly impossible to correct.
Now that MS is re-starting IE development, they should probably do what the Mozilla team was forced to do years ago. When Mozilla first inherited NS-Navigator 4.X, they looked at it and decided to ditch most of it. They started clean with new design concepts. I think MS is going have to do the same thing. The current design of IE is fattaly flawed. It will have to be rebuilt from the ground up with a new security model.
Let's see... how many manhours can a consultant charge the PHB to run the following SQL query
alter table VEHICLES modify column VIN varchar(50);
Yup.. that took countless manhours.
Unfortunatly this describes 90% of people out there. The only way I can think of to overcome that kind of pervasive ignorace is a public service campaign like the anti-drug campaigns.
[joke]
"This is your computer.. this is your computer on Internet Explorer"
-or-
"Friends don't let Friends use Internet Explorer"
-or-
"Just say No to Internet Explorer"
[/joke]
Seriously, there needs to be a TV campaign or even public service banners on high traffic sites like google or CNN.
LOL....STFU? That's a really intelligent counter-argument. How about some facts please. Or even some informed opinion in the absence of facts.
I forgot to include this link for an article that I mentioned "Right or Wrong? Obscene gloating over US failures in Iraq" By Cathy Young
Before you make a knee-jerk reaction and moderate - read the entire post and following the links. You will might learn something you didn't know before.
Michael Moore does not just disagree with Bush Administration policies, he hates America and Americans generally. He actually thinks America's enemies are the good guys and Americans are the bad guys (or at best, Americans are idiots). Michael Moore has gone so far as to say that the terrorists who are car-bombing civilians and cutting off civilians' heads in Iraq are the moral equivalent of America's Founding Fathers. (See David Brooks' June 26 column in the NY Times )
There is a difference between government disagreeing with policies and treasonous behavior (i.e. working for a foreign enemy, adhering to them, and trying to advance their war aims). As noted in Reason (a libertarian and generally anti-war magazine) some Americans are gloating over the deaths of American soldiers because it discredits Bush. That is disgusting. Gloating over the deaths of your own country's soldiers to win political points is outrageous. Michael Moore has actually written on his own web-site that he wants more Americans to die as punishment. He said "I'm sorry, but the majority of Americans supported this war once it began and, sadly, that majority must now sacrifice their children until enough blood has been let that maybe -- just maybe -- God and the Iraqi people will forgive us in the end.". It you think that is taken out of context , then read the whole message yourself and decide.
Moore goes beyond "loyal opposition" against failed polies. Disagreeing with Bush is *NOT* disloyal. Hoping that your own country's soldiers die, working to make your country loose a war by undermining morale, and overtly supporting its enemies *IS* disloyal and *IS* treason. Michael Moore is not a legitimate dissenting voice against the Bush Administration, he is a traitor against America.
I myself think that Bush & company have bungled the entire Iraq mess. But I'll never cross the line to hoping my own countrymen get butchered by our enemies.
I a few weeks ago, I decided to give OpenBSD a try, having used FreeBSD and Linux quite a lot. So I downloaded and wrote the ftp install disk and booted it on my old AMD Athlon 750. I set up all the disks slices and everything was going fine until it was time to initialize the NIC so I could start downloading packages. The install issued an error message about a "stray interrupt" on IRQ 7 and then it locked up hard. So, I thought "that was strange" and power cycled the machine and tried again. Same thing. So I googled through countless message boards and determined that the kernel probably didn't like the chipset on my motherboard. There were various fixes offered (such as enabling lpt in the bios) but none worked.
Now the interesting thing is that a vanilla linux kernel (I built Linux From Scratch on this box before) will issue a similar message ("spurious interrupt"), but Linux won't lock up like OpenBSD did. Linux just sends the message to stderr and keeps on working. Most distribution tweaked kernels don't have any problem at all and never complain.
Well, "no problem, you've got some flaky hardware" you are probably getting ready to say. I thought so too. So I tried it on another box (This one a P-3 450 Compaq). This time the installer wouldn't even boot. It issued some cryptic message and stopped before the installer's kernel was even booted. Having struck out on two machines, I gave up and installed FreeBSD without incident.
I had started with high hopes of giving OpenBSD a whirl because I wanted to try out what has been described as a bloat-less, minimal, well put togather unix that emphasized correctness over bleed-edge features. I was not impresed. The whold affair has sort of put me off from OpenBSD. I know OpenBSD is focused on security and not having pretty installers. I don't care if the installer is pretty, but I do care it it locks up and is unusable on fairly standard equipment. Neither of these machines have anything exotic about them. They are just standard x86 boxen that work well with FreeBSD and Linux. The OpenBSD team needs to give their installer some more polish (from the functional standpoint not the prettiness standpoint)
Nobody said anything about combat divisions rolling through Times Square. The article was about "agents" (i.e. spys) conducting surviellance.
First, you are redefining war. A war does not have to be a conflict between nations. A civil war, for instance, is not a war between nations, but is between two political groups. A belligerant party to war need not control territory. For instance, gueriila armies often do not "control" territory.
A war is an armed conflict in which one or both parties seek to impose a policital aim on the other. Terrorism is certainly a war. Calling terrorism "war" is not hyperbole like the "War on drugs" or the "War on Crime" or the "War on Copyright Infringement", all of which are not wars. But the organized use of armed force to impose a political aim is war and terrorism falls within that definition.
A terrorist is an enemy soldier. He is fighting a war, not shoplifting. We need to stop looking at terrorism as a crime issue and realize it is a National Security/War issue. The FBI is simply a glorified police force and has proven itself to be either completely inadequate or completely incompetent in fighting a war.
Arrest and try criminals according to the applicable penal laws, but capture or kill enemy terrorist according to the applicable customs and laws of war.
The map has no link (not even faded) between C/C++ and PHP, but does have one from Perl. Granted, PHP was orginally a wrapper for Perl scripts and it does use some Perl type syntax for regular expressions, but it's overall syntax and "look & feel" is much more C-ish than Perl-ish.
"Your Bagle is ready. Would you like to see an add about Philly Cream Cheese?"
How did these 1-900 charges get on my phone bill?
Maybe somebody can correct me if I'm wrong (and I know they will), but I don't think I've ever seen binary incompatibility brought on by a minor version increment in FreeBSD. With glibc, it seems that moving from say 2.2 to 2.3 is guaranteed to break your binaries unless you install the compatibility patch or re-compile.
As far as stability and consistancey goes, only Debian-Stable approaches BSD, because Debian enforces a strict development and testing process (as opposed to adding in just any random unstable bleeding edge package because it is "new").
Apparently BayStar wanted SCO to get out of the Unix business and into the lawsuit business. But what if they did the opposite? What if they stopped forking money over to lawyers and concentrated on developing and selling Unix? They still had 10M in revenue from this quarter. They only spent 1.9M to make that revenue plus another 2.8M in R&D. That's a potential operating profit of 5.3M. There are many small businesses that would be glad to make 5.3M every quarter. The IP-licensing side of their business with all their lawsuits cost SCO 4.4M (see the line about Cost of SCOsource licensing revenue) and only paid back 11K. I think you can see where the money is hemorrhaging.
I was never a SCO Unix user, but I understand it was (at one time) a repectable unix back in the day and I don't see why it can't be again with a quarterly R&D bugdet of 2.8M. If I was a serious shareholder (not a speculator) interested in growing the business, I would want to know why they don't stop wasting money on this longshot lawsuit crapshoot and start concentrating on what they themselves describe as their "core" business.