I worked for a university about eight years ago, and there was nothing like this in use there at that time. There was much talk among the faculty about "wouldn't it be nice if...", and there was some talk among us staff about "wouldn't it be cool to...", but it never happened (while I was there).
From your perspective, what would be the best way to handle lost passwords? It's easy for me (as a programmer/admin geek) to say "show up in person, show photo ID with university ID, and we'll give you a temporary password that you have to change at first login" and write that into the system -- but what would you, as a user of the system, want to see?
So while the access point security is awful, there are processes in place to flag potential problems. At least they are practicing security in depth, even if one of their layers is paper-thin.
Excellent point, and agreed. Prevention only goes so far, but an audit goes as far as you want it to.
... when the policy enforced by the program is broken to begin with?
From TFA:
The university's grading system, eGrades, is an in-house program that professors can access via the Internet to submit and alter students' grades. eGrades uses UCSB NetID, a campuswide authentication system, to check a user's identity. If a user forgets their password, they can reset it by entering their Social Security number and date of birth, Schmidt said.
This is evil. SSNs and DoBs are far too easy to find. The suspect worked for an insurance agency, but it would not be difficult to find this information through other means.
For more examples of such problems in systems, check out Risks Digest.
I don't think he's on our side... Take a look at this comment:
[comment about MC not having a problem about individual file-sharers being sued]
He's not on your side. He's not trying to make sharing copyrighted content legal. However, if you'd read down a little further, you would find that he is after something much more important:
MC: [snip] Peer-to-peer has been around for about 20 years. I remember selling Artisoft software on LANs way back when and offering various applications that allowed for sharing of files and content of all types across those networks. Peer-to-peer isn't new. It's just that the music industry recently decided to be litigious about it. Just because the RIAA doesn't like an application and its uses 20 years later doesn't mean they should be able to stop any and all implementations of it.
So far as I'm concerned, MC is right on the money. The problem with what is going on isn't that copyright violation should be protected; the problem is that the baby is getting thrown out with the bathwater.
Frankly, it doesn't surprise me that attendees are acting as media for such an event. The alternative is expecting the mainstream press to get it right.
I look forward to seeing what the "geek media" comes up with.
Verisign aren't doing a bad job as it is, why bother going through all the change. because we know if someone else takes over, the internet will go down for at least a week
Please tell me you're being facetious in your last sentence. If not, you know painfully little about the subject at hand, and would do much better to read and learn than to comment and look the fool.
How about just bringing the machine back up again, spending a few minutes making sure the same p roblem won't take down the machine again (iff you know the cause), and being happy that you set your editor to autosave every few minutes?
That being said, my primary machines (Solaris/x86, Mac OS X, Linux/PPC) almost never put me through that, so I don't have to do it often. I can see how one would get upset if it were a weekly/daily thing, though.
Its great to see governments spend their taxpayers money wisely.
This is true, but I think there's a lot more to it than that.
What I see as the biggest benefit to government adoption of open source operating systems is that it means local demand for developers for those systems. The cost of entry for people who want to develop for the systems is low, so it's possible for more people.
Another high point is that when the government wants a skill set in the populace, it tends to be pushed a bit in schools. I would love to see the results of fifteen years of open source software use in schools in any country.
Social bookmarking helps make a better super-nerd.
You betcha. If I can't find information on Google, I often check del.icio.us to see if anyone has stumbled on anything.
The other thing I find interesting is finding the number of people who have a bookmark in common with me. There are quite a few pages I have bookmarked (user kjw) that I consider to be obvious and easy to find, but few people (if anyone else) have them bookmarked.
Re:Now that we've seen the PSP nude,
on
Inside the PSP
·
· Score: 1
How do we get nudes on the PSP?
If I recall correctly, there was an article on browsing the web on the PSP a day or three ago...
That statement would defintely hold more water if they actually had numbers from five years ago to compare to. Even though their site didn't exist five years ago, maybe check out a similar site that DID exist way back then...
Those numbers are publically available, and easy to find. Google is your friend.
I use ITexMac, which is in a similar vein. It's great for the edit/compile/view grind. I haven't checked out TexShop yet, though -- are the trade-offs worth it?
I must be honest and admit that I haven't looked at the TUG website in aeons (just hit the ftp site:) ). I'll check that out now, so next time I just have to post a link.
I would happily rant on about how great their laptops are. Currently, I only use them as an example of how you can make money in a computing niche market.:)
My take on this is to give credit where credit is due. By all means, acknowledge that Google(tm) is a trademark. However, I think it's insane for Google(tm)'s legal team to get their knickers in a knot over being included in a dictionary. Especially if the same dictionary is willing to introduce a noun Google(tm) that acknowledges the trademark, and is willing to put a see-also reference in. The dictionary author hasn't explicitly offered to do this, but I think it would be reasonable to suspect that he would, since the link suggests he's willing to give credit.
Of course, co-operation (by Google(tm)) doesn't buy their legal team expensive cars -- but aren't the legal team supposed to report to someone?
Actually, newer Macs use OpenFirmware. I have it on both of my Macs, and they're both over two years old.
For a little bit of fun, hold down CMD+OPT+O+F at the boot chime. This will put you into the PROM, which is scriptable in Forth.
Given that board test and driver suites are written in OF, I don't see any reason at all why a web browser would be difficult. Text-only, perhaps -- but not terribly difficult.
There is also a project I noticed one day on Freshmeat that I think was called Retro Native Forth, for the IA32 arch. I wonder if that could be molded into an OF-like role on that platform?
Oddly enough, I've got one just down the street from me. I thought it odd that there would be a private hyperbaric clinic -- Vancouver (Canada) has lots of divers, but how many come up with the bends?
To be honest, I can't claim to know which hospitals around town have them, but to have (at least) one in a little clinic just down the street is pretty cool.
Hmmm....I'm not convinced, you'll have to try harder.
A BSD variant that lent itself to easy embedding (base system in less than 16 meg, say for one of the older iPAQs) would be most welcome, for instance. I know there are similar projects in Linux and there is a NetBSD port, but they require much more storage.
Oddly enough, it was a very similar event that led to the creation of the OpenBSD project. Theo started it after a (rather extended, IIRC) tiff with the rest of the NetBSD core team.
If Matt decides to fork the code and start his own project, I think the technical world would be a better place for it. A fifth open source BSD might seem excessive to some, but there are still many ways for such a project to differentiate itself.
Performance in the data center isn't there yet for Linux. Almost nobody with a serious databasee will run it on Linux. Even though DB2 and Oracle run on Linux, it's just not as fast yet. 2.6 should hopefully change this, as the kernel developers have been taking suggestions in this area to heart.
I do have to agree with you -- I have no experience with that personally (all of my large databases are filesystem based, and are not "data centre large", as my largest is about 100 meg), but I have heard that complaint before.
Is there a good web page or document that addresses the specific concerns wrt. that level of performance (proposed changes to the scheduler, vm, etc.)?
I think the only things holding back Linux from replacing AIX are:
buy-in from the AIX customer base -- AIX users tend to be fairly loyal (and large, such as telcos)
advanced AIX tools and such ported to Linux (SMIT was mentioned in a previous post)
documentation for Linux comparable to that available for AIX
I installed Linux on an IBM eServe recently and it took to it really well, although I did have to use the "vanilla" install option of the Debian netinst to get it to use the ServeRAID card.
Slashdot Mirror
I worked for a university about eight years ago, and there was nothing like this in use there at that time. There was much talk among the faculty about "wouldn't it be nice if...", and there was some talk among us staff about "wouldn't it be cool to...", but it never happened (while I was there).
From your perspective, what would be the best way to handle lost passwords? It's easy for me (as a programmer/admin geek) to say "show up in person, show photo ID with university ID, and we'll give you a temporary password that you have to change at first login" and write that into the system -- but what would you, as a user of the system, want to see?
Thanks again for the reply and the pointer.
Excellent point, and agreed. Prevention only goes so far, but an audit goes as far as you want it to.
... when the policy enforced by the program is broken to begin with?
From TFA:
The university's grading system, eGrades, is an in-house program that professors can access via the Internet to submit and alter students' grades. eGrades uses UCSB NetID, a campuswide authentication system, to check a user's identity. If a user forgets their password, they can reset it by entering their Social Security number and date of birth, Schmidt said.
This is evil. SSNs and DoBs are far too easy to find. The suspect worked for an insurance agency, but it would not be difficult to find this information through other means.
For more examples of such problems in systems, check out Risks Digest.
He's not on your side. He's not trying to make sharing copyrighted content legal. However, if you'd read down a little further, you would find that he is after something much more important:
MC: [snip] Peer-to-peer has been around for about 20 years. I remember selling Artisoft software on LANs way back when and offering various applications that allowed for sharing of files and content of all types across those networks. Peer-to-peer isn't new. It's just that the music industry recently decided to be litigious about it. Just because the RIAA doesn't like an application and its uses 20 years later doesn't mean they should be able to stop any and all implementations of it.So far as I'm concerned, MC is right on the money. The problem with what is going on isn't that copyright violation should be protected; the problem is that the baby is getting thrown out with the bathwater.
Frankly, it doesn't surprise me that attendees are acting as media for such an event. The alternative is expecting the mainstream press to get it right.
I look forward to seeing what the "geek media" comes up with.
Please tell me you're being facetious in your last sentence. If not, you know painfully little about the subject at hand, and would do much better to read and learn than to comment and look the fool.
How about just bringing the machine back up again, spending a few minutes making sure the same p roblem won't take down the machine again (iff you know the cause), and being happy that you set your editor to autosave every few minutes?
That being said, my primary machines (Solaris/x86, Mac OS X, Linux/PPC) almost never put me through that, so I don't have to do it often. I can see how one would get upset if it were a weekly/daily thing, though.
This is true, but I think there's a lot more to it than that.
What I see as the biggest benefit to government adoption of open source operating systems is that it means local demand for developers for those systems. The cost of entry for people who want to develop for the systems is low, so it's possible for more people.
Another high point is that when the government wants a skill set in the populace, it tends to be pushed a bit in schools. I would love to see the results of fifteen years of open source software use in schools in any country.
You betcha. If I can't find information on Google, I often check del.icio.us to see if anyone has stumbled on anything.
The other thing I find interesting is finding the number of people who have a bookmark in common with me. There are quite a few pages I have bookmarked (user kjw) that I consider to be obvious and easy to find, but few people (if anyone else) have them bookmarked.
If I recall correctly, there was an article on browsing the web on the PSP a day or three ago...
Those numbers are publically available, and easy to find. Google is your friend.
Quite possibly true -- I'm going to give TeXShop a try tonight and see which I like better.
Cheers,
~kj
I use ITexMac, which is in a similar vein. It's great for the edit/compile/view grind. I haven't checked out TexShop yet, though -- are the trade-offs worth it?
Cheers,
~kjFor LaTeX supporting Unicode, try Omega. You can find information about it at http://www.tug.org/.
Cheers,
~kjThank you, William!
I must be honest and admit that I haven't looked at the TUG website in aeons (just hit the ftp site :) ). I'll check that out now, so next time I just have to post a link.
Cheers!
~kj
Actually, you're thinking of Ken, one of the fathers of Unix -- and it wasn't gcc. :)
I would happily rant on about how great their laptops are. Currently, I only use them as an example of how you can make money in a computing niche market. :)
My take on this is to give credit where credit is due. By all means, acknowledge that Google(tm) is a trademark. However, I think it's insane for Google(tm)'s legal team to get their knickers in a knot over being included in a dictionary. Especially if the same dictionary is willing to introduce a noun Google(tm) that acknowledges the trademark, and is willing to put a see-also reference in. The dictionary author hasn't explicitly offered to do this, but I think it would be reasonable to suspect that he would, since the link suggests he's willing to give credit.
Of course, co-operation (by Google(tm)) doesn't buy their legal team expensive cars -- but aren't the legal team supposed to report to someone?
Actually, newer Macs use OpenFirmware. I have it on both of my Macs, and they're both over two years old.
For a little bit of fun, hold down CMD+OPT+O+F at the boot chime. This will put you into the PROM, which is scriptable in Forth.
Given that board test and driver suites are written in OF, I don't see any reason at all why a web browser would be difficult. Text-only, perhaps -- but not terribly difficult.
There is also a project I noticed one day on Freshmeat that I think was called Retro Native Forth, for the IA32 arch. I wonder if that could be molded into an OF-like role on that platform?
Oddly enough, I've got one just down the street from me. I thought it odd that there would be a private hyperbaric clinic -- Vancouver (Canada) has lots of divers, but how many come up with the bends?
To be honest, I can't claim to know which hospitals around town have them, but to have (at least) one in a little clinic just down the street is pretty cool.
A BSD variant that lent itself to easy embedding (base system in less than 16 meg, say for one of the older iPAQs) would be most welcome, for instance. I know there are similar projects in Linux and there is a NetBSD port, but they require much more storage.
A BSD-based RTOS would be nice as well.
Oddly enough, it was a very similar event that led to the creation of the OpenBSD project. Theo started it after a (rather extended, IIRC) tiff with the rest of the NetBSD core team.
If Matt decides to fork the code and start his own project, I think the technical world would be a better place for it. A fifth open source BSD might seem excessive to some, but there are still many ways for such a project to differentiate itself.
Sweet -- thank you muchly for the great links!
I do have to agree with you -- I have no experience with that personally (all of my large databases are filesystem based, and are not "data centre large", as my largest is about 100 meg), but I have heard that complaint before.
Is there a good web page or document that addresses the specific concerns wrt. that level of performance (proposed changes to the scheduler, vm, etc.)?
I think the only things holding back Linux from replacing AIX are:
I installed Linux on an IBM eServe recently and it took to it really well, although I did have to use the "vanilla" install option of the Debian netinst to get it to use the ServeRAID card.