I don't think either one was actually an iPod. The first time it says it was an "iDJ iPod DJ System", and this time it was an Altec Lansing iPod Portable Audio System. This from the police report on thesmokinggun.com.
And where exactly are you going to get the huge bandwidth that will be necessary to do that?
Portage updates use rsync for a reason - so that the entire Portage tree doesn't have to be downloaded every time an "emerge sync" is run.
If you use a zip file, everybody will be downloading the whole thing every time they update, and bandwidth usage on the Portage mirrors will go through the roof.
Reiser barfs that bad on a lousy 120,000 files? Geez, no wonder I've always been suspicious of it, apparently rightfully so...
That's because they backport security fixes to the same version installed with the distribution, and the app version number doesn't change until you upgrade to a newer version distribution.
If they're keeping up to date on patches (not a given with RH9, obviously, and that's a poor example for you), then they should be fine.
You can enable local security checks on newer versions of Nessus with the registered plugins, and it will SSH into the box and actually verify the RPM patch levels to really tell you what's going on.
Guess stuff like this is why real security guys get the big(ger) bucks.
I just had to go through a tech support round with Dell, and got a quite nice (American too!) lady who was, in fact, in South Carolina, so he may have been telling the truth.
Wow, yeah - and I'd definitely put a lot of faith in the post of an asshat who actually thinks that commercial airliners are even capable of reaching "60k feet", much less ever fly that high...
Hey, I know this is/. but good grief! You really should RTFA.
Do you honestly think that a mechanical generator is the only way they have of breathing up there? In fact, there is 140 days' worth of O2 stored in a tank AND there are SFOG generators as well, which are also known as a "candle" - light it up and it generates oxygen.
And, even failing that, it's not like they'll die - there is always a Soyuz docked at the station to allow an emergency return.
I would agree with you on the desktop side, but for a server with no GUI (which is the way a server should be, IMHO!) I don't think Gentoo changes all that often at all, other than the timely security updates I want.
I have a box that's running Snort for IDS, MySQL, Apache, MRTG and an FTP server and local email server - I log into it once a month or so, run an "emerge sync" and "emerge -uDp world" to check for anything that looks out of whack (nothing ever does), then start the actual update via Screen. Detach it, come back later, spend maybe ten minutes fixing up the config files, restart services, and voila, I'm up to date.
As far as stability goes, I have an old Toshiba P3 laptop that I have all my critical services loaded on and I update that first.
Everybody would drop Fedora like a hot rock and move to a distribution that isn't just a free development vehicle for Red Hat to make tons of bucks.
Gentoo, Debian, Slackware, Ubuntu... They'd all be the biggest beneficiaries of such a move, and Microsoft would be left with a worthless property.
I dropped Red Hat after Red Hat 9, because it started to become clear to me that my customer space wouldn't be able to afford Enterprise and that Fedora was (by design) too fast-changing to support. I now run all my servers and desktops on Gentoo and it's working great for me. The main advantage I see is that I can control and minimize the dependency hell that Red Hat was and create tighter servers with less subsystems loaded on them to update in the first place.
Overall, though, this is just pie in the sky - it'll never happen. It definitely must be a slow news day in the IT world if this is even a valid topic to discuss.
Hmm - you should read up on reliability statistics for European (read: BMW and Mercedes) cars over the last few years - they're pretty abysmal. Check out "Automobile" magazine recently, not sure what month. I read it on a plane a couple of weeks ago.
IMHO you can NEVER go wrong with Toyota. Ever.
I had a 1988 Toyota Tercel which I bought a couple of months used with 11K miles on it. I drove it to 145K with nothing but oil changes, tires and a new muffler. I sold it to a guy who then sold it to a guy in SoDak who drove it all over the state and ran it up to 345K miles before he totalled it.
Stories like this abound with Toyotas.
Just my two cents.
Re:Here's a good pic of satellite messaging...
on
Satellite Easter Eggs
·
· Score: 1
Chapter 5 is titled "Uses of On-line Connections".
It details how they can send out titles that don't have the keys on the media, then use an online transaction to get the key.
Section 5.1.1.3 talks about "Cacheable Permissions", which means the device can get the key via an online transaction, which can be stored on the player and "may contain an expiration period after which the device must destroy the permission..."
Wow! It's DIVX all over again! Heaven knows that was OH SO SUCCESSFUL last time...
Any schmuck (well, let me rephrase that, any schmuck who can run a Linux box or who can buy NeWT from Tenable) can run a Nessus scan - and, as you've seen, get a lot of meaningless output as well.
Nessus is definitely nowhere near perfect - for one thing, a lot of the plugins tend to yell about things that may matter if you're doing an external scan, but are perfectly normal on an internal scan. (Like, for example, port 135 being accessable on a Windows box).
The value a consultant should provide is going through that output, checking for false positives, doing hand inspection of some results, then calling out the ones that really matter. I'm in the documentation phase of an assessment for a major law firm right now, and, although I'll provide them scan output with the final document, I won't talk from it or even print it out - the important stuff will be in MY document, spelled out in understandable terms, and ordered according to level of risk versus remediation effort.
Tell your boss that any security consultant that hasn't done that hasn't done anything worth a damn.
First off, Fox put it in a cruddy timeslot on a cruddy day - Friday night.
They didn't advertise it worth a crap.
They showed it out of order.
They preempted it CONSTANTLY so that it got to the point that, unless you had a really good guide, you didn't even know if it was going to be on or not.
Basically, just about everything a network can do to not encourage a following, they did.
True, it's been in progress awhile (and, as a computer security professional, it's scary as all get-out, especially with most companies still using Internet Exploder and all the security risk just that entails), but the summary that was referenced in this article was posted in the last three or so days.
Bottom line is, if you're depending on Slashdot to keep you up-to-date on the latest security threats, you're not being too bright.
You should try Gentoo. Portage is not difficult to figure out. You're actually very close - installing Myth on Gentoo (guide here) is darn close to that easy. Setting the USE flags to get a good compilation is somewhat daunting the first time, but the Gentoo install guide helps with that.
The harder part, sadly, is getting the hardware to record the TV going, but that's the case pretty much everywhere. As somebody's mentioned, Plextor recently open-sourced the drivers for their USB 2.0 boxes and Myth supports them in CVS, but you won't get that with a standard Gentoo emerge at this point, I don't think. I'm sure it will be in the next release, though.
And, as far as I know, you can boot KnoppMyth from the CD and install it on the hard drive.
Well, that would be in keeping with the stupid decisions they've been making lately....
See, MythTV is open source. So Tivo can buy MythTV (not bloody likely!), but anybody that wants can then feel free to take the source at that point and continue development.
Personally, I've had great luck, especially as far as installing and locating dependencies, with Gentoo. If it's in Portage, so are the prereqs and they're mirrored on many, many servers.
Now, I'll freely admit that I'm not wild at times about the amount of time Gentoo needs to compile updates, but, since those updates aren't binary and I can keep stupid dependencies off my system, like KDE, it's a necessary evil.
Can I ask what you'd need such a contract for ? I'm not sure how that'd be a deal-breaker. What's the purpose of such a contract?
Is that a joke? On-site hardware service for critical infrastructure isn't a deal-breaker?
Unless you have replacement parts for every major component of every server you run, and the know-how to replace them within four hours, I can easily see how it'd be a deal-breaker. Especially after the first hardware problem that takes things down for well over a day.
Slashdot Mirror
I don't think either one was actually an iPod. The first time it says it was an "iDJ iPod DJ System", and this time it was an Altec Lansing iPod Portable Audio System. This from the police report on thesmokinggun.com.
First post? Wierd.
This definitely looks cool - I hope it will work better for Gmail than the notifier did, I was quite underwhelmed by it.
And where exactly are you going to get the huge bandwidth that will be necessary to do that?
Portage updates use rsync for a reason - so that the entire Portage tree doesn't have to be downloaded every time an "emerge sync" is run.
If you use a zip file, everybody will be downloading the whole thing every time they update, and bandwidth usage on the Portage mirrors will go through the roof.
Reiser barfs that bad on a lousy 120,000 files? Geez, no wonder I've always been suspicious of it, apparently rightfully so...
Red Hat *always* shows up that way.
That's because they backport security fixes to the same version installed with the distribution, and the app version number doesn't change until you upgrade to a newer version distribution.
If they're keeping up to date on patches (not a given with RH9, obviously, and that's a poor example for you), then they should be fine.
You can enable local security checks on newer versions of Nessus with the registered plugins, and it will SSH into the box and actually verify the RPM patch levels to really tell you what's going on.
Guess stuff like this is why real security guys get the big(ger) bucks.
I just had to go through a tech support round with Dell, and got a quite nice (American too!) lady who was, in fact, in South Carolina, so he may have been telling the truth.
Kinda ironic that you'd post a direct link to an EXE in a spyware discussion thread...
Wow, yeah - and I'd definitely put a lot of faith in the post of an asshat who actually thinks that commercial airliners are even capable of reaching "60k feet", much less ever fly that high...
See here for more information.
And I heartily suggest reading Dragonfly by Bryan Burrough if you want a good read about these kinds of issues onboard Mir.
Hey, I know this is /. but good grief! You really should RTFA.
Do you honestly think that a mechanical generator is the only way they have of breathing up there? In fact, there is 140 days' worth of O2 stored in a tank AND there are SFOG generators as well, which are also known as a "candle" - light it up and it generates oxygen.
And, even failing that, it's not like they'll die - there is always a Soyuz docked at the station to allow an emergency return.
I would agree with you on the desktop side, but for a server with no GUI (which is the way a server should be, IMHO!) I don't think Gentoo changes all that often at all, other than the timely security updates I want.
I have a box that's running Snort for IDS, MySQL, Apache, MRTG and an FTP server and local email server - I log into it once a month or so, run an "emerge sync" and "emerge -uDp world" to check for anything that looks out of whack (nothing ever does), then start the actual update via Screen. Detach it, come back later, spend maybe ten minutes fixing up the config files, restart services, and voila, I'm up to date.
As far as stability goes, I have an old Toshiba P3 laptop that I have all my critical services loaded on and I update that first.
Everybody would drop Fedora like a hot rock and move to a distribution that isn't just a free development vehicle for Red Hat to make tons of bucks.
Gentoo, Debian, Slackware, Ubuntu... They'd all be the biggest beneficiaries of such a move, and Microsoft would be left with a worthless property.
I dropped Red Hat after Red Hat 9, because it started to become clear to me that my customer space wouldn't be able to afford Enterprise and that Fedora was (by design) too fast-changing to support. I now run all my servers and desktops on Gentoo and it's working great for me. The main advantage I see is that I can control and minimize the dependency hell that Red Hat was and create tighter servers with less subsystems loaded on them to update in the first place.
Overall, though, this is just pie in the sky - it'll never happen. It definitely must be a slow news day in the IT world if this is even a valid topic to discuss.
I think that was probably his exact thought process - "I have to pay for it, so why not tape it and recoup my costs?"
Hmm - you should read up on reliability statistics for European (read: BMW and Mercedes) cars over the last few years - they're pretty abysmal. Check out "Automobile" magazine recently, not sure what month. I read it on a plane a couple of weeks ago.
IMHO you can NEVER go wrong with Toyota. Ever.
I had a 1988 Toyota Tercel which I bought a couple of months used with 11K miles on it. I drove it to 145K with nothing but oil changes, tires and a new muffler. I sold it to a guy who then sold it to a guy in SoDak who drove it all over the state and ran it up to 345K miles before he totalled it.
Stories like this abound with Toyotas.
Just my two cents.
Here then, lazybutt.
See the runway? Look just northwest of the northwest end of the runway. Upper-left quadrant of the highway cloverleaf there. Zoom in.
Cool, no?
Chapter 5 is titled "Uses of On-line Connections".
It details how they can send out titles that don't have the keys on the media, then use an online transaction to get the key.
Section 5.1.1.3 talks about "Cacheable Permissions", which means the device can get the key via an online transaction, which can be stored on the player and "may contain an expiration period after which the device must destroy the permission..."
Wow! It's DIVX all over again! Heaven knows that was OH SO SUCCESSFUL last time...
Any schmuck (well, let me rephrase that, any schmuck who can run a Linux box or who can buy NeWT from Tenable) can run a Nessus scan - and, as you've seen, get a lot of meaningless output as well.
Nessus is definitely nowhere near perfect - for one thing, a lot of the plugins tend to yell about things that may matter if you're doing an external scan, but are perfectly normal on an internal scan. (Like, for example, port 135 being accessable on a Windows box).
The value a consultant should provide is going through that output, checking for false positives, doing hand inspection of some results, then calling out the ones that really matter. I'm in the documentation phase of an assessment for a major law firm right now, and, although I'll provide them scan output with the final document, I won't talk from it or even print it out - the important stuff will be in MY document, spelled out in understandable terms, and ordered according to level of risk versus remediation effort.
Tell your boss that any security consultant that hasn't done that hasn't done anything worth a damn.
In the case of Firefly, I can tell you why.
First off, Fox put it in a cruddy timeslot on a cruddy day - Friday night.
They didn't advertise it worth a crap.
They showed it out of order.
They preempted it CONSTANTLY so that it got to the point that, unless you had a really good guide, you didn't even know if it was going to be on or not.
Basically, just about everything a network can do to not encourage a following, they did.
True, it's been in progress awhile (and, as a computer security professional, it's scary as all get-out, especially with most companies still using Internet Exploder and all the security risk just that entails), but the summary that was referenced in this article was posted in the last three or so days.
Bottom line is, if you're depending on Slashdot to keep you up-to-date on the latest security threats, you're not being too bright.
The harder part, sadly, is getting the hardware to record the TV going, but that's the case pretty much everywhere. As somebody's mentioned, Plextor recently open-sourced the drivers for their USB 2.0 boxes and Myth supports them in CVS, but you won't get that with a standard Gentoo emerge at this point, I don't think. I'm sure it will be in the next release, though.
And, as far as I know, you can boot KnoppMyth from the CD and install it on the hard drive.
See, MythTV is open source. So Tivo can buy MythTV (not bloody likely!), but anybody that wants can then feel free to take the source at that point and continue development.
And lots of people would.
Ah, the joys of open source....
Personally, I've had great luck, especially as far as installing and locating dependencies, with Gentoo. If it's in Portage, so are the prereqs and they're mirrored on many, many servers.
Now, I'll freely admit that I'm not wild at times about the amount of time Gentoo needs to compile updates, but, since those updates aren't binary and I can keep stupid dependencies off my system, like KDE, it's a necessary evil.
Is that a joke? On-site hardware service for critical infrastructure isn't a deal-breaker?
Unless you have replacement parts for every major component of every server you run, and the know-how to replace them within four hours, I can easily see how it'd be a deal-breaker. Especially after the first hardware problem that takes things down for well over a day.
He's a pretty cool dude, decent review.
Link here, among other places.