Slashdot Mirror


User: symbolset

symbolset's activity in the archive.

Stories
0
Comments
9,127
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 9,127

  1. Re:Adequate Reward? Please... on Volunteers Simulate Mission To Mars · · Score: 1

    So... I live in a different economy and would be willing to pay for some online work in your spare time if you were interested. I need some light web design, some content filtering, or would pay for local art photography (not nudes or anything like that - just tour guide and naturalist type stuff). You interested? Do you know someone who might be? Send contact info to the gmail at my slashdot user name.

  2. Re:Confidence? on Star Trek Sequel Already Planned · · Score: 1

    Star Trek will always do well at the box office; there's enough die hard trekkies that will go & watch regardless of quality.

    I'll agree - unless Paramount sells the franchise to Sony. I'll bet Sony could kill even this. They are that bad.

  3. Re:Star Trek Reloaded? on Star Trek Sequel Already Planned · · Score: 5, Insightful

    Hm. What are you, 12? It's not possible for a Trek movie to fail. It won't win an Oscar but they're not supposed to. It can't do that and fulfill Roddenberry's vision for social change through fantasy.

    Not one Trek movie has ever failed to get more box office than its production cost, let alone before you figure DVD sales and merchandising. Nemesis came close but over the history of the franchise they're running 2:1 just in box. With a Costneresque budget on Trek XI they're doing their best to see if they can spend more than any box office can handle and it might just happen, but net of DVDs and books and merch the movie will make money. Old jerks like me will still drag their kids out to see it no matter how much they don't want to. We'll buy the new lightsabers for birthday gifts and the scale models for Christmas, the desk calendars and action figures and hundreds of cobranded happy meals with the cheesy Chinese lead-based toy. We'll do it because we're struggling to connect our spoiled brats with the hopeful social message of yesteryear when you didn't know the doomed guy's shirt was red because the TV was black and white. As a side effect we'll perpetuate the exploitation of a franchise that's gradually losing the vision of its creator, but hey -- that's what memes and pop culture are about.

    One day my kids will be dragging their kids to Trek films. They won't know why and the films won't contain anything that makes the endeavor worthwhile. Perhaps the tradition will die with that generation. In the meantime the landfill is going to see billions of those happy meal toys. Hollywood is going to try to milk this one long after it's dry because they ran out of new ideas 15 years ago if they ever had any.

    Let me condition that: If Sony buys the franchise from Viacom/Paramount it's over in one movie flat. Sony just doesn't get it and they never will.

  4. Wow on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 1

    So UIDs are up to a mil and half now, huh?

  5. So what we need now on Google Launches Free, Legal Music Downloads in China · · Score: 1

    Is some sort of server that indexes these links and based on some form of translation helps you find the song that's relevant to your interests. A kind of 'search engine' if you get my meaning.

  6. You are SO correct on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 3, Insightful

    Why are we discussing Windows/Linux/OS X preference at all?

    If you want a system that's not vulnerable to Conficker, Koobface, Torpig, Storm, Antivirus 2009, Bitfrost, Sasser, MyDoom, Sober, Sobig, Welchia, Blaster, Nimda and Code Red, you need look no farther than "anything that's not Windows".

  7. My best answer on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 2, Funny

    Don't be a target. Use some system that doesn't have these problems.

  8. Re:The Title's Wording on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 2, Interesting

    So what is exaggerated? How much people are afraid of Cornficker or its potential to cause damage?

    Neither. The fear is warranted because the potential damage will almost certainly be realized to a significant degree. It's already proven its capacity to cause damage or we wouldn't be talking about it. What's exaggerated may be the April First date. April 1 might just be a mode shift day planned by the programmer where the thing goes into a "less stealthy" mode in order to improve a node's chances of catching a control.

    For each 1% of infected systems that attach with a successful domain hit, the botmaster will have a net of 150,000 zombies to give up their secrets and do his bidding. Remember that he can continue to sow his infectious apps and reap his harvest of bots for the rest of forever while his owned bots do his work. If the rest of his network is as bulletproof as his infection apps, he's not going to be caught and this is going to be a bad one. The worst case would be if the app started to look at DSNs. What grouped databases might your clients have access to? Would there be SSNs in there? Maybe credit applications? You wouldn't have transaction processing on this consumer grade crap, would you?

    I have to admit that I was at first dismissive of "The Cathedral and the Bazaar". It turns out that Eric S. Raymond deserves some credit for capturing a primitive truth and crystallizing it into an essay, even if the elements were common knowledge at the time. It turn out that this work defines the source of this problem and contains the cure.

  9. Re:Windows Update? on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 2, Insightful

    I doubt Microsoft could agree to the license terms.

  10. At least it's not Lupus. on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 4, Interesting

    Maybe I'm wrong here, but doesn't it make more sense to get everyone trying to fight this virus/bot/whatever early rather than wait?

    They're trying. Microsoft has released a patch that supposedly blocks the primary vector (a vulnerability in the Server service affecting all Microsoft operating systems since Windows 98), and updated their repair tool MSRT to detect and remove it (download it from a machine that's not infested). It has probably removed it from several million of the estimated 15 million infested machines. Microsoft is working with ICANN to block registration of the generated domain names in the case where they're not yet registered and the owners of the domains that were previously registered to mitigate downtime. Every managed service provider and major IT shop I know of has pushed out all of this stuff. Unfortunately, this is not even close to enough. The secondary vector, autorun, is pernicious. This thing is now on the root thousands of major shares and every time they remove it one of the thousands of Conficker clients puts it back. It's on millions of pen drives, millions of backups. It's been burned to millions of CDs. It's on iPods and mp3 players, Blackberries and iPhones and Windows Mobile phones, picture frames and DVDs. It's probably now in the root of DVD ISOs distributed via all the popular media distribution sites. Tertiary vectors include compromising network neighbors. Your grandchildren are going to be installing this thing if they don't figure out the whole "autorun is stupid" thing.

    This thing is really very well engineered. The next one will be even better. And the next one better still. If you're in a Microsoft shop you're going to be working half your holiday weekends for the rest of your career, and a lot of planned vacations too. Remember that this is not the only Windows malware currently making the rounds. There are at least three major development groups and all of them have active botnets and a release schedule for new exploits.

    We've been playing this game for a long time and the black hats are getting more proficient than the white hats. The problem is that the target platform - Windows - cannot be made invulnerable to these threats without defeating its main selling point: application compatibility. Most of the people who work with this toxic stuff do their development on BSD, OS-X or Linux and refer to Windows boxes as "targets". If Microsoft makes Windows so secure that this junk won't spread, most of the apps for it won't run. You might as well run an OS that's not a target now as wait for that to happen.

    But TFA is right. April Fools is the day the botmaster begins to harvest his crop of bots. May 22 is more likely the beginning of operations. I could be wrong about this because I previously guessed January 16.

  11. You might have a point... on Fears of a Conficker Meltdown Greatly Exaggerated · · Score: 3, Informative

    If there were only one Linux. There's not. There are thousands. The kernel itself doesn't require services that need open ports and application level security is a per-distribution thing so no two are going to have the same set of vulnerabilities. Linux is not a "monoculture".

    We live in the world as it is, not as it might be. What-ifs really aren't worth spit. You can choose to run an OS that was vulnerable to Conficker, Koobface, Torpig, Storm, Antivirus 2009, Bitfrost, Sasser, MyDoom, Sober, Sobig, Welchia, Blaster, Nimda and Code Red and will be the target of the next six. Or not. It's up to you. Don't try to pretend that there's no functional security difference between the two because that's absurd. Add up the amount of data that was and will be compromised by that list of malware and you have enough to bring the world economy to a screaming halt. Between them those computers probably had access to financial or personal data on a majority of people who've had a digital record and more corporate secrets than should be in a hundred data pools.

    What the other guy does shouldn't matter. It should be about being responsible with the data entrusted to you, about being a good steward of your own gear. If you are in IT then your customers are counting on your professional expertise to save them from inadvertently disclosing information via system compromise, and that's a solemn duty. From that perspective the choice is clear. If you can choose to not be a target why would you not leap at that option?

  12. Re:Huh? on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    When your body is spent and you sit there in the wheelchair with the nurse spoon feeding you your whirled peas, something will be going on behind your glassy eyes. Will you be recounting the temptations you passed by? Will it be with pride, or regret?

  13. Prove it on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    If not, then prove your assertion.

    Bah. Stupid stripping.

    There you go. Did you need anything else?

  14. Re:Bastards! on 10 OSes We Left Behind · · Score: 1

    Back in the day "long distance" was often across town, or even your neighbor across the street. The phone company had no competition so they could charge you $1 a minute to talk to your friend two blocks down and get away with it. You couldn't even own your own phone -- you had to lease it from the phone company. Although I am hesitant to give such a prodigious failure praise, the peanut farmer who saved us from this via lawsuit before he became a public figure, was the former US President Jimmy Carter.

    All he wanted was to make phone calls from his tractor in the field. AT&T couldn't find a way to offer that to him, so eventually they were cut into pieces, dissolved, bankrupted and reorganized into companies more tenable. That's a long way to go to get good service. If they had had even one person in a responsible position in their company with a vision of the importance of customer service, we would still be renting our phones from them, and cellular would be nonexistent.

    Let us be thankful their motto was "We don't have to care. We're the phone company."

  15. Karma? Is it real? on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    You get a multiple of what you give. You lose a multiple of what you take. Somewhere in between is balance. It's really that simple. It's kind of funny when you think about it.

  16. Re:Dating myself. on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    Although I'm tempted to agree with you, I'm not going to. It's good to try and fix the broken stuff you encounter in life, especially crooked businesses.

    Unless their malfeasance was particularly egregious though, and you were quite cautious about not entering into agreements that allow them to be jerks, and careful to keep good records of this, a suit does nothing except demonstrate you're litigious. That makes a public record of your tendency to file suit, which will make a future employer who does due diligence take pause. And if you took that due care, what does that say except that you knew you were laying down with dogs and expected to get up with fleas?

    It's my experience that generally these jerks fail on their own in a reasonable time, and saving myself is the best I can do. But I don't get jerked by the same jerk twice, and I judge how people will treat me by how they treat others. The day I realize I'm dealing with somebody who doesn't get that "a deal is a deal" and "a good deal harms none" I'm looking for the exit. And of course I always always have a Plan B because sometime I judge character poorly and I can't afford a failure of my judgment because I have promises to keep. Do you see? I don't even trust me. A couple of times that has been all of the difference between finding a good spot and living under a bridge.

    Good luck to you.

  17. Re:Huh? on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    Discipline is what your Public Service is for. If you haven't finished your Americorps or Peace Corps or military service by the time you're 22, you're doing it wrong.

  18. Of course, the Tao of Programming on With a Computer Science Degree, an Old Man At 35? · · Score: 3, Funny

    Thus spake the master programmer: ``When you have learned to snatch the error code from the trap frame, it will be time for you to leave.''

    The Tao of Programming, Book 1, Verse 1.

    One of the problems with older programmers is that they cling to archaic concepts like their old favorite programming languages - C, C++, Assembler, Fortran. They worship at the shrines of the old pantheon of Wirth, Venn, and Turing. They don't grasp the modern subtleties of .NET and the modular beauty of DirectX without deliberate effort. They think that security is some absolute virtue having to do with cleansing your inputs, trusting noone and considering pathological conditions.

    Pity them. They don't understand the beauty of rapidly advancing the user interface until the end user can with little understanding of the underlying technology create vast perfect representations of his vision until the whole thing seizes up just before he saves it just like it's a Visio diagram. That's computer science at its most cruel, its most perfect. If those geezers don't get it it's because they just don't understand how things are done these days. They've lost touch with the course of modern progress. They'll never be able to code a word processor app that consumes all the processor power of a quad core with 8 gigs of RAM. They'll never get why automatically executing code attached to a word processing document is an essential feature. They just don't know and they'll never know because they're old.

    Pity them.

  19. Re:Build on your strengths? on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    Some orgs are working on "high concept" abstracts like cloud architecture. All of these young turks you dealt with probably wanted to get theirs in building frameworks for others to flesh out with mix-ins. That way they get to glom onto all the credit without doing most of the work.

    The role you abdicated was probably to say "Look, punk. I don't care how well it tested on your bench. If you can't get Andre with the lisp down in HR to use it for two weeks and sign off on it, it's not user friendly." Older folks are valued for their life experience because that is the very thing that separates them from the idealistic kids who don't really grasp that we've already tried dumb terminals and tablets and symmetric encryption over and over and nobody liked them or they didn't work. They didn't need you to rewrite the hashing algorithm - that's settled science. It's a library function now. I can't describe exactly what it is because the very thing is as broad and deep as your exprience might be. Your problem is that you held back, and didn't give what you had because you were concerned about acceptance. Let it go. You've got what they needed. Give it.

    When you get hired in a development environment, nobody has the slightest clue what you're capable of. They really don't. It's your golden opportunity to make an ass of yourself. I couldn't count the number of times I've had to ask "and who thought that feature was a good idea?" or "That was creative the first time I saw it, in the '70's. It didn't work then and it's less likely to work now. What else you got?"

    Next time, give them what you've got and don't hold back. It will be more fun.

  20. Re:Dating myself. on With a Computer Science Degree, an Old Man At 35? · · Score: 1

    Jerks who cheat you are distressingly common in all fields. The best course is to keep an eye on how they deal with others. If you find that your employer can't keep a square deal or works the deal to the detriment of their partner in every case, it's time to look at your options because eventually you're going to be choosing between putting on the lotion or getting the hose again.

    That's why I'm surprised people actually retire from Microsoft.

  21. Huh? on With a Computer Science Degree, an Old Man At 35? · · Score: 3, Insightful

    (currently trying not to piss my 20's away)

    Misspending is what youth is for. The wine is never so sweet as it is upon the lips of youth.

  22. A share of the profit on Why Fear the End of the R-Rated Superhero Movie? · · Score: 1

    Is a share of nothing.

    I too found the movie interesting, thoughtful, well written and played. It was an intelligent movie, and probably too insightful to be popular.

    What's not helping the studio is that the merchandising opportunities will probably be more limited.

  23. The obvious question on .CA Registrar Trying To Preempt Conficker · · Score: 1

    Have you tried OS-X or Ubuntu? I heard they're not prone to this sort of thing.

  24. Duh on Did the Netbook Improve Windows 7's Performance? · · Score: 2, Interesting

    Intel giveth, Microsoft taketh away.

    The thing that breaks this paradigm is an Intel platform that moves backwards in net performance. When the goal shifts from ever increasing net performance to performance per power it's only expected that Microsoft should miss the turn.

    The question is, how did they miss being informed that the turn was coming? Did they get told and disbelieve, or were they just not told? I believe the former, not the latter.

  25. Re:Think of the opportunities here! on No Business Case For IPv6, Survey Finds · · Score: 1

    And the script kiddies will once again have entertainment.

    They get their amusement from 4chan. There's nothing you could do to avoid their entertainment.

    Sadly, the ever increasing number of exploits for Windows clients are a ripe field for the entertainment of script kiddies. They have the metasploit project to feed them exploits in a format that delivers the ability to generate viruses that defeat your infrastructure defenses in real time, and your patching process is still dependent on vendor patches that take a year or more to be published and even longer to be installed. Linux and OS/X clients have less exposure. Maybe that's because they're designed better. Maybe it's because they're not the biggest target. Ask yourself: does it matter why? Alternate platforms are not the preferred target. If you're in information security, this is a no brainer. Don't be the preferred target.