No viri or malware here! I was.... uh,popup... *click*..I was just say... what the?..*click*...*click*... I was just going to sa... *click*..*click*... +++ ath0
Uptime numbers are just another stupid dick-measuring contest. Resources consume ram and some resources leak memory. You can't reclaim that leaked ram without a reboot.
Kernel updates and some system patches take reboots too. If you're not rebooting, you're not current.
You cannot fsck a mounted slash. fsck always finds something wrong on the filesystems when I *do* reboot after a year of uptime.
This business of rebooting a server everytime there is an issue is a sign of a larger problem. There are more options available for fixing problems on *nix systems, that's just the way it is. You don't always *need* a reboot to fix things, but sometimes you do (stuck tape drives, zombie processes, crappy iscsi software, etc).
Sooooooo..... what's the problem? If there are 447 patent infringement problems in Java itself, it seems like the issue is going to affect more than just Google.
Teaching kids to be sneaky is the answer!? Kids have been "going to their friends house" since the dawn of time. Understanding the lessons of decision making will be of more use to them when you are not around. If they are too young to understand decision making, they are too young to be on Facebook.
FTFA: "Below is the application info screen, which doesn't say much that's informative." Really? The Big Red Text kinda catches my attention. It's supposed to. You even get a pop-up when installing that informs you about the app's resource usage.
It's not like the application circumvented Active-X or IE, or somethigng to get installed. It needs ignorance to work. Google the friggin app and author before installing. This is no different than installing crap from warez sites or bittorrent. Actually, Android is better in that regard because at least you get an enumerated list of the application's resource usage.
"A basic Android application has no permissions associated with it, meaning it can not do anything that would adversely impact the user experience or any data on the device. " *
"At application install time, permissions requested by the application are granted to it by the package installer, based on checks against the signatures of the applications declaring those permissions and/or interaction with the user. No checks with the user are done while an application is running: it either was granted a particular permission when installed, and can use that feature as desired, or the permission was not granted and any attempt to use the feature will fail without prompting the user."
this is the accepted way for a lot of places to transfer credentials. I'm really surprised a place like HBGary did the same. It was a long time coming if this is SOP for them.
When I leave a place, or a contract is over, I usually work it into an email to request my credentials be removed, or account disabled. When something goes wrong, the first thing everyone does is point a finger at the last person that left. If my account has been disabled, it's pretty easy for me to prove my innocence and not waste time trying to convince anyone. Also puts a little more weight into your argument when you produce an account revocation document which a company was negligent in following through with. Doesn't sound like much, but makes a *huge* difference when the witch hunt starts.
It's not surprising. I would bet the pwnage is larger than they think. Most admins I know are bright people but just simply lack the sills to even secure a resource in the nost mediocre way. In fact, many of them view the corporate lan as and extension of their home network and apply the same 'security' methods across both.
- MS. EULA agreement when installing qt - kde4 will now come with regedit and Tweakui-95 - will ship with Norton antivirus - all kde system services will now run as root - system tray icons in Kde will mysteriosly multiply like drunken gerbils
"I can see why Debian, while still popular as a building block for other Linux distributions, is no longer as important as it once was. " Steven J. Vaughan-Nichols & Paula Rooney
The war-game model works fine when you have a group of employees with an invested interest in making their infra more secure. I can't see how this could work in any of the places I've ever worked for. Many of the co-workers I've had do not want to expend any more energy in their jobs than what is needed to get a paycheck. Many, many companies hire the cheapest labor they can find to click buttons on a windoze box and often they do not have the attention span, skill, interest or enthusiasm to make a 'war-game' anything less than a folly. Don't get me wrong, I think the idea is great I just don't see it working effectively for 90% of the IT industry.
> There are plenty of city workers with city-issued phones to find all the potholes. Take off the tinfoil hat.
True, however we could argue the point that there are also plenty of city workers *driving* over the same potholes as everyone else, yet we still have potholes.
This is Just Another Database of information containing people's whereabouts which has potential to be hacked, lost on a laptop or smartphone, or used for something other than what it was originally intended.
If you could care less, then argue for opt-in/opt-out.
A lot of those crappy android tablets are under $200 bucks and will get weeded out. It's the natural evolution of gadgets and just the way the consumer market space works. If anything, it sounds to me like the iFans are getting a little worried and trying to find anything they can to argue with. If you want a great android tablet the Moto Xoom is the one you want. Oh, and it comes with a USB port and dual cameras. Apple doesn't give you either. Apple wants you to be an iWhore and they are succeeding en masse. At least with even the crappiest android tablet you can still get your data off/on it without having to try and go through the steel fist of apple.
how much blood can apple squeeze out of people? I'll never own an i-whatever. Seems like you just end up bending over one way or the other with little choice.
just because a company holds a patent doesn't automatically mean someone is infringing on something. Many patent disputes can be solved by simply changing the code. For instance, if microsoft were to patent, lets say, a protocol to create a botnet over port 80, one could simply not use port 80 to infect a machine and not include IE or ActiveX in the software stack.
Another example would be if your product restricted users to run a handful of apps which you deem appropriate, or locked up their content in DRM, then you would simply not include support for Apple or iTunes in your device.
seriously, until something substantial comes out of an infringemnt claim, it's just a bunch of saber rattling and out-of-context interpretations and allegations on 'some dudes blog'. Remember the sco debacle.
The benefits of vendor lock-in and proprietary file formats cost me way less money every year. The ROI of adopting the latest and greatest version of my proprietary software gets faster every year too. I really like the way my choices become more and more limited, and dictated by a governing body focused mainly on capital and politics. Not to mention that secure feeling of having a digital noose around my neck, dragging my head towards a grinding wheel with each revision of my server software. The benefits of meeting new and exciting people is a big plus as well. Just last month, I upgraded my proprietary mail server software only to find out there was some sort of misconfiguration error on my part which was causing my users to be unable to log in. I was on the phone with so many people from so many third world countries that I actually managed to learn a new language! We didn't fix the mail server issue, but for now, we use a Swingline stapler balanced on the spacebar to automatically close the error message dialogs to keep them from taking all available memory over night. What a creative solution! And it only took two weeks to figure it out! The vendor of our proprietary system promised us they will have it fixed in the next release. You can't get that kind of commitment with open source.
It's not hard to verify Wikipedia information which is paramount to using it as a reference. If Tony Blair were a closet nazi as a teenager you would find a lot of information to back up the wiki entry. Thing is, too many people (>90% ?) lap up for fact whatever lands in their Inbox or Browser page and simply refuse to spend two minutes to see if the piece of information carries any authenticity. It's the root cause for soooo many other problems.
FTFA under "How it works": * Download and prompt the user to install an app * Prompt the user to uninstall an app
Question: If you were asked to punch yourself in the genitals, would you still click "Ok" ?
FTFA under "How to stay safe": * Only download applications from trusted sources * Always check the permissions an app requests
I think it's pretty obvious the malware writers were not able to circumvent the normal Android security measures to get the software installed. The problem is that people who don't take responsibility to keep crap off their phones are going to get pwn3d. Big surprise.
They probably closed the US operation because China could manufacture it cheaper. Kinda puts the California company in a position to exploit the market.
I don't find the android platform any harder to code for than anything else; younger programmers do not want to learn Java and that is creating far more problems for the platform than malware.
Slashdot Mirror
No viri or malware here! I was.... uh,popup... *click* ..I was just say... what the?..*click*...*click*... I was just going to sa... *click*..*click*... +++ ath0
Uptime numbers are just another stupid dick-measuring contest. Resources consume ram and some resources leak memory. You can't reclaim that leaked ram without a reboot.
Kernel updates and some system patches take reboots too. If you're not rebooting, you're not current.
You cannot fsck a mounted slash. fsck always finds something wrong on the filesystems when I *do* reboot after a year of uptime.
This business of rebooting a server everytime there is an issue is a sign of a larger problem. There are more options available for fixing problems on *nix systems, that's just the way it is. You don't always *need* a reboot to fix things, but sometimes you do (stuck tape drives, zombie processes, crappy iscsi software, etc).
http://developers.slashdot.org/story/06/11/13/0724252/Sun-Open-Sources-Java-Under-GPL
Sooooooo..... what's the problem? If there are 447 patent infringement problems in Java itself, it seems like the issue is going to affect more than just Google.
Teaching kids to be sneaky is the answer!? Kids have been "going to their friends house" since the dawn of time. Understanding the lessons of decision making will be of more use to them when you are not around. If they are too young to understand decision making, they are too young to be on Facebook.
FTFA: "Below is the application info screen, which doesn't say much that's informative."
Really? The Big Red Text kinda catches my attention. It's supposed to. You even get a pop-up when installing that informs you about the app's resource usage.
It's not like the application circumvented Active-X or IE, or somethigng to get installed. It needs ignorance to work. Google the friggin app and author before installing. This is no different than installing crap from warez sites or bittorrent. Actually, Android is better in that regard because at least you get an enumerated list of the application's resource usage.
"A basic Android application has no permissions associated with it, meaning it can not do anything that would adversely impact the user experience or any data on the device. " *
"At application install time, permissions requested by the application are granted to it by the package installer, based on checks against the signatures of the applications declaring those permissions and/or interaction with the user. No checks with the user are done while an application is running: it either was granted a particular permission when installed, and can use that feature as desired, or the permission was not granted and any attempt to use the feature will fail without prompting the user."
* http://developer.android.com/guide/topics/security/security.html
this is the accepted way for a lot of places to transfer credentials. I'm really surprised a place like HBGary did the same. It was a long time coming if this is SOP for them.
http://dazzlepod.com/site_media/txt/rootkit.com.txt
When I leave a place, or a contract is over, I usually work it into an email to request my credentials be removed, or account disabled. When something goes wrong, the first thing everyone does is point a finger at the last person that left. If my account has been disabled, it's pretty easy for me to prove my innocence and not waste time trying to convince anyone. Also puts a little more weight into your argument when you produce an account revocation document which a company was negligent in following through with. Doesn't sound like much, but makes a *huge* difference when the witch hunt starts.
It's not surprising. I would bet the pwnage is larger than they think. Most admins I know are bright people but just simply lack the sills to even secure a resource in the nost mediocre way. In fact, many of them view the corporate lan as and extension of their home network and apply the same 'security' methods across both.
Tapping the wires doesn't help when your stream is encrypted. Your stream is encrypted, isn't it? :)
This would make an awesome Dukes of Hazzard episode.
- MS. EULA agreement when installing qt
- kde4 will now come with regedit and Tweakui-95
- will ship with Norton antivirus
- all kde system services will now run as root
- system tray icons in Kde will mysteriosly multiply like drunken gerbils
> Who's calling it irrelevant?
RTFA courtesy of zdnet.
"I can see why Debian, while still popular as a building block for other Linux distributions, is no longer as important as it once was. "
Steven J. Vaughan-Nichols & Paula Rooney
The war-game model works fine when you have a group of employees with an invested interest in making their infra more secure. I can't see how this could work in any of the places I've ever worked for. Many of the co-workers I've had do not want to expend any more energy in their jobs than what is needed to get a paycheck. Many, many companies hire the cheapest labor they can find to click buttons on a windoze box and often they do not have the attention span, skill, interest or enthusiasm to make a 'war-game' anything less than a folly. Don't get me wrong, I think the idea is great I just don't see it working effectively for 90% of the IT industry.
> There are plenty of city workers with city-issued phones to find all the potholes. Take off the tinfoil hat.
True, however we could argue the point that there are also plenty of city workers *driving* over the same potholes as everyone else, yet we still have potholes.
This is Just Another Database of information containing people's whereabouts which has potential to be hacked, lost on a laptop or smartphone, or used for something other than what it was originally intended.
If you could care less, then argue for opt-in/opt-out.
A lot of those crappy android tablets are under $200 bucks and will get weeded out. It's the natural evolution of gadgets and just the way the consumer market space works. If anything, it sounds to me like the iFans are getting a little worried and trying to find anything they can to argue with. If you want a great android tablet the Moto Xoom is the one you want. Oh, and it comes with a USB port and dual cameras. Apple doesn't give you either. Apple wants you to be an iWhore and they are succeeding en masse. At least with even the crappiest android tablet you can still get your data off/on it without having to try and go through the steel fist of apple.
how much blood can apple squeeze out of people? I'll never own an i-whatever. Seems like you just end up bending over one way or the other with little choice.
Finally.
just because a company holds a patent doesn't automatically mean someone is infringing on something. Many patent disputes can be solved by simply changing the code. For instance, if microsoft were to patent, lets say, a protocol to create a botnet over port 80, one could simply not use port 80 to infect a machine and not include IE or ActiveX in the software stack.
Another example would be if your product restricted users to run a handful of apps which you deem appropriate, or locked up their content in DRM, then you would simply not include support for Apple or iTunes in your device.
seriously, until something substantial comes out of an infringemnt claim, it's just a bunch of saber rattling and out-of-context interpretations and allegations on 'some dudes blog'. Remember the sco debacle.
The benefits of vendor lock-in and proprietary file formats cost me way less money every year. The ROI of adopting the latest and greatest version of my proprietary software gets faster every year too. I really like the way my choices become more and more limited, and dictated by a governing body focused mainly on capital and politics. Not to mention that secure feeling of having a digital noose around my neck, dragging my head towards a grinding wheel with each revision of my server software. The benefits of meeting new and exciting people is a big plus as well. Just last month, I upgraded my proprietary mail server software only to find out there was some sort of misconfiguration error on my part which was causing my users to be unable to log in. I was on the phone with so many people from so many third world countries that I actually managed to learn a new language! We didn't fix the mail server issue, but for now, we use a Swingline stapler balanced on the spacebar to automatically close the error message dialogs to keep them from taking all available memory over night. What a creative solution! And it only took two weeks to figure it out! The vendor of our proprietary system promised us they will have it fixed in the next release. You can't get that kind of commitment with open source.
It's not hard to verify Wikipedia information which is paramount to using it as a reference. If Tony Blair were a closet nazi as a teenager you would find a lot of information to back up the wiki entry. Thing is, too many people (>90% ?) lap up for fact whatever lands in their Inbox or Browser page and simply refuse to spend two minutes to see if the piece of information carries any authenticity. It's the root cause for soooo many other problems.
Yeah, if you're impressed with the ability to DRM your streaming video, then yeah, I'm impressed with Intel's audacity.
FTFA under "How it works":
* Download and prompt the user to install an app
* Prompt the user to uninstall an app
Question: If you were asked to punch yourself in the genitals, would you still click "Ok" ?
FTFA under "How to stay safe":
* Only download applications from trusted sources
* Always check the permissions an app requests
I think it's pretty obvious the malware writers were not able to circumvent the normal Android security measures to get the software installed. The problem is that people who don't take responsibility to keep crap off their phones are going to get pwn3d. Big surprise.
They probably closed the US operation because China could manufacture it cheaper. Kinda puts the California company in a position to exploit the market.
restored from cdrom in summer of 2010. Burned somewhere around 1995.
I don't find the android platform any harder to code for than anything else; younger programmers do not want to learn Java and that is creating far more problems for the platform than malware.