The servage is cheap since it doesn't even involve talking to their servers, just checking acceptance via a signing key... ANYONE can do that..! NO infrastructure!
I think you're forgetting the part about actually verifying the authenticity of what they're signing.
IE, If I send them a certificate signing request with my public key and a name of George W Bush on the CSR, are they just gonna go ahead and sign it and give me a certificate stating that I'm George W Bush?
Certficate authorities usually require you to provide them with proof of your identity, like faxing you a driver's license, birth certificate, buisness license, trying to contact you at the stated address and phone number, etc... if they didn't do this, they wouldn't be very useful CAs... the certificates they issue would be meaningless.
Of course, this is not to say that the expensive commercial CAs are trustworthy simply because they charge money... not at all. But to be an useful CA you need to have the manpower to verify the stuff people ask you to sign. I wonder how this free CA will accomplish that.
Where is this neighborhood? Sounds like a fun place. Is this guy senile? I'm surprised some teenagers with nothing else to do don't drive back and forth in front of his house fast just to piss him off.
I'm not going to speculate because I'm not their DBA (I'm not anyone's for that matter), but if they can't export the data without brining that system down, perhaps it is a solid legal reason.
Have you read any other message in this entire story? The idea that there is a technical reason for this is complete bullshit for a number of reasons. All they're doing is *reading* the data. The data has be read in order to be used by anyone on a regular basis. Furthermore, they talked about moving the data to a new system. They would have to be able to read everything in order to accomplish that.
The whole concept of a database that will fail just by reading it is complete bullcrap, even to the most incompetent DBAs.
Where is our FBI and what are they doing about this?
They're much too busy detaining arabs in the US for no reason, searching people's homes without warrants, raiding and siezing the equipment of people they thing are computer hackers...
Oh, and they're busy punishing copyright violation too. That is clearly more important than people's bank accounts.
My neice has been getting porn in her email (hotmail) since she was 14 years old. She never signed up for it. It's called spam and she "stumbled" across it.
That's right, it is called spam. And as any intellegent parent knowledgeable about the internet will tell you it is practically impossible to avoid, espeically for the inexperienced user. If you use e-mail for a good length of time, you're going to get spam sooner or later. It is a fact of life. If you allow your children to use unfiltered, unfettered e-mail knowing this then you are an irresponsible parent.
Same thing with web access. It is definitely possible for kids to stumple upon porn through search engines or popups on shady websites. The child online protection act will not stop this. And it shouldn't. It is their website - you should have no say in what they put on it. With that in mind, the responsible parent should be setting up filters or a whitelist and enabling the safety options in google.
You mean like group orgies and Japanese Bukake images? Porn isn't mature in any way. Maturity is having respect for ones self and for the opposite sex, not exploiting it in the most depraved and demeaning ways. Maybe you watch the Cinemax B porn movies on the weekends but on the net it's no holds barred stuff like bangbus.com and brutal ass rapings with large objects. Chicks with beer bottles up their asses and cum all over their faces. That's not maturity in any way shape or form.
Are the people involved in the above mentioned activities all consenting adults? If so, then you have no buisness whatsoever telling them they're immature and shouldn't be doing what they are doing. On the contrary it is rather immature and naieve of you to label these people and think that you have some right to prevent consenting adults from engaging in sexual practices of their choosing.
I have an 18 month old daughter, and I fully recognize that how I want her to develop is my responsibility, not the government's and not some porn site operator's. She won't be using a computer with wide open internet access until she is old enough and mature enough to not have her mind and development so easily swayed by what she sees on the screen. By then I will hopefully have raised someone who has love for freedom and respect for other people's freedom, not some puritanical fundie religious whack job that believes she has some moral responsibility to tell other people to live their lives according to her personal beliefs.
"We've found ten or twelve Sarin and Mustard rounds," said Charles Duelfer, David Kay's replacement in Iraq.
Can you find references in news reports to the 10 or 12 shells found? All I've heard about are one or two they found last month sometime, and at least one of those was reported to be left over from pre-Gulf War I times.
Everyone knows Iraq had WMDs at one time. The only relevant questions are did he have them just before the war, did he have what the bush administration said he had, and did he have enough of them to justify a war.
Not that that does you much good if you're using IE. Last I checked IE blatantly ignores mime types and uses the "file extention" of the URL, or something equally retarded along those lines.
Enforcement of DRM isn't inherently bad whatsoever.
Yes, it is inherently bad because it tramples upon the product owner's rights to their private property and fair use.
Copyright owners are welcome to enforce their copyright, and I'm welcome to enforce my rights by cracking the DRM on the products I own. If someone is violating their copyrights, they can sue for copyright infringement.
A lot of DRM isn't about enforcing copyright anyway, it is about giving powers to copyright owners that they never had - legally or otherwise. DVD region coding for example.
What kind of CV (resume) would be acceptable in today's market? Would someone like me, for example, stand any chance of getting a job in the US these days?
Probably not good... most of your skills are pretty general (minus the zope stuff maybe). Which isn't to say you're incompetent or anything, its just that there are lots of under/unemployed tech people who have similar skills so there's lots of competition for you. And as many other people are mentioning in this thread, these days who you know is much more important than what you know. You could easily get a job over someone more qualified than you if you have the right social connections.
Why don't you just treat infected computers within the dorm networks the same way you do with all the other infected computers out there on the internet?
Set up a firewall between the dorm networks and the campus backbone and configure it similar to how you'd set up the one between the internet and the campus backbone.
Assume the machines in the dorm networks are hostile and are run by people (in effect) who want to screw up your machines:
Filter outbound SMTP except to the campus mail server to prevent them from sending spam.
Use traffic shaping to limit their upstream bandwidth to prevent the rest of the network from being flooded with garbage.
Do egress filtering to prevent them from spoofing their source address, at least at an aggregated level so if they cause too many problems you know where it is coming from.
If these machines cause too many problems, just cut them off from the network for abuse. The university isn't the student's personal system administrator.
What was the stated justification for them having fingerprinted you?
Re:How does this differ from other efforts?
on
Linux in Iraq
·
· Score: 1
Halliburton, et al, are screwing things up on the edges, but overall, there are very, very few corporations that could operate on that scale and actually get things done.
I suppose it is just a coincidence that Dick Cheney is a former Halliburton executive... that couldn't possibly have had anything to do with the decision. Of course not.
You don't think Yahoo tried to block third party clients? I suggest you look at this source file from the yahoo transport for jabber, search the page for the word 'complicated' and read the comment the first result appears in.
If I were in that situation and I felt it was a trap, I'd say F*CK every other word. Let them try to edit that out.
You could pull a "Tim Robbins" and wear a t-shirt that says "This TV show is a SHAM" or some other really nasty image/saying. Let them try to edit that out!
Or better yet, switch sides. In this case, promote spamming. Since the "opposition" are really actors who probably had to prepare a little to do their thing, this would probably throw them off and would be a good laugh.
I think it would be a better approach to fix the security hole in your system than to whine to the government and ask for new laws every time someone does something you don't like.
Why would that make a difference? The whole car is insulated from the ground by the rubber tires. If the lightning will go through the tires it will just as easily go through the vinyl steering wheel and anything else you're in contact with.
Why didn't you just remove the entries from the table? You did not mention which model of "piece of crap linksys broadband router". Most "piece of crap linksys broadband router(s)" have a web configuration tool built in which allows you to remove the NAT entries.
Remove what entries from what table? There's just a checkbox or radio buttons in their web interface (in the newest firmware) which disables NAT. That's it. I don't remember the exact model number we tried.
Or maybe you could have bought a better "piece of crap" router at Fry's.
We did, actually. we tried three different pieces of crap routers, all of which had some limitation that made them unusable in this situation. We tried a 3com office connect, which if you disabled NAT would cease to do any packet filtering (like the linksys), and a Netgear, which had no way to disable NAT. Netgear's tech support (also in India), said it was not possible to disable NAT on this particular model we tried but it was possible to disable NAT on a higher model router of theirs, one which was more expensive and not sold in any nearby retail stores. I could have ordered one and installed it later, but given my prior experiences with routers of this type there's a good chance we'd run into some limitation that made the thing unusable. Or maybe their tech support is just flat out wrong.
Why did you put a PC with moving parts and OS overhead in place to replace a component?
Because that's the option the customer chose (for cost and time constraint reasons). I told them of a much costlier 3com box that I knew would do everything they needed, but it was beyond their price range.
Did you get to charge these suckers for your setup time?
Of course I charge for my time. And I charge whether I'm setting up a linux machine or a linksys embedded box.
Do you get to come back every week and "Check the logs"?
No. But if only we chose the Netgear box, then I would have gotten to come back to fix that backdoor password Netgear left in. And then I would have gotten to come back again a week later after it was discovered that the "fix" was simply to change the backdoor password to something else.
What's your rate? Did you save that company money by your actions?
$110/hr
Did you save that company money by your actions? Or did the company actually pay more because you supplied the FUD about outsourced components?
It cost them more money for me to put together the linux router than it would have if the linksys worked. But that is irrelevant. The linksys router did not work so it was not an option.
Or did the company actually pay more because you supplied the FUD about outsourced components?
I never told them anything about outsourced (offshored) anything. And what FUD are you talking about? There is no FUD. There is simply the fact that the linksys box did not work, so they could not use it. If the linksys were able to perform like a real router and firewall should, then they would be using it now and not linux, regardless of who manufactured, developed or supported it.
Cheap ass American solution=OK? Cheaper ass outsourced solution=bad?
No. More like:
Secure, working solution set up by an American = OK Cheaper assed outsourced solution = did not work
Why didn't use Windows 2000 server and ISA Server? That would've generated some revenue inside our borders for software designed and supported by Americans.
The hardware used was a spare old workstation and too meager for Win2k server.
All that software+hardware would have exceeded their price range.
I need it to actually be secure.
This did generate revenue inside our borders. I live in the US and got paid to put the router together.
Slashdot Mirror
I think you're forgetting the part about actually verifying the authenticity of what they're signing.
IE, If I send them a certificate signing request with my public key and a name of George W Bush on the CSR, are they just gonna go ahead and sign it and give me a certificate stating that I'm George W Bush?
Certficate authorities usually require you to provide them with proof of your identity, like faxing you a driver's license, birth certificate, buisness license, trying to contact you at the stated address and phone number, etc... if they didn't do this, they wouldn't be very useful CAs... the certificates they issue would be meaningless.
Of course, this is not to say that the expensive commercial CAs are trustworthy simply because they charge money... not at all. But to be an useful CA you need to have the manpower to verify the stuff people ask you to sign. I wonder how this free CA will accomplish that.
Yup. its called proprietary lock-in and DRM. We bitch about Microsoft doing all the time.
I believe grandparent post is refering to transaction logs, not diagnostic logs which is what you're thinking of I think
Where is this neighborhood? Sounds like a fun place. Is this guy senile? I'm surprised some teenagers with nothing else to do don't drive back and forth in front of his house fast just to piss him off.
What people who want to blow themselves up and kill thousands of people has the FBI detained recently?
Have you read any other message in this entire story? The idea that there is a technical reason for this is complete bullshit for a number of reasons. All they're doing is *reading* the data. The data has be read in order to be used by anyone on a regular basis. Furthermore, they talked about moving the data to a new system. They would have to be able to read everything in order to accomplish that.
The whole concept of a database that will fail just by reading it is complete bullcrap, even to the most incompetent DBAs.
They're much too busy detaining arabs in the US for no reason, searching people's homes without warrants, raiding and siezing the equipment of people they thing are computer hackers...
Oh, and they're busy punishing copyright violation too. That is clearly more important than people's bank accounts.
That's right, it is called spam. And as any intellegent parent knowledgeable about the internet will tell you it is practically impossible to avoid, espeically for the inexperienced user. If you use e-mail for a good length of time, you're going to get spam sooner or later. It is a fact of life. If you allow your children to use unfiltered, unfettered e-mail knowing this then you are an irresponsible parent.
Same thing with web access. It is definitely possible for kids to stumple upon porn through search engines or popups on shady websites. The child online protection act will not stop this. And it shouldn't. It is their website - you should have no say in what they put on it. With that in mind, the responsible parent should be setting up filters or a whitelist and enabling the safety options in google.
Are the people involved in the above mentioned activities all consenting adults? If so, then you have no buisness whatsoever telling them they're immature and shouldn't be doing what they are doing. On the contrary it is rather immature and naieve of you to label these people and think that you have some right to prevent consenting adults from engaging in sexual practices of their choosing.
I have an 18 month old daughter, and I fully recognize that how I want her to develop is my responsibility, not the government's and not some porn site operator's. She won't be using a computer with wide open internet access until she is old enough and mature enough to not have her mind and development so easily swayed by what she sees on the screen. By then I will hopefully have raised someone who has love for freedom and respect for other people's freedom, not some puritanical fundie religious whack job that believes she has some moral responsibility to tell other people to live their lives according to her personal beliefs.
Was that link with that Al-Shifa factory ever proven? I know the move was heavily criticized by republicans at the time.
Can you find references in news reports to the 10 or 12 shells found? All I've heard about are one or two they found last month sometime, and at least one of those was reported to be left over from pre-Gulf War I times.
Everyone knows Iraq had WMDs at one time. The only relevant questions are did he have them just before the war, did he have what the bush administration said he had, and did he have enough of them to justify a war.
Not that that does you much good if you're using IE. Last I checked IE blatantly ignores mime types and uses the "file extention" of the URL, or something equally retarded along those lines.
Yes, it is inherently bad because it tramples upon the product owner's rights to their private property and fair use.
Copyright owners are welcome to enforce their copyright, and I'm welcome to enforce my rights by cracking the DRM on the products I own. If someone is violating their copyrights, they can sue for copyright infringement.
A lot of DRM isn't about enforcing copyright anyway, it is about giving powers to copyright owners that they never had - legally or otherwise. DVD region coding for example.
Probably not good... most of your skills are pretty general (minus the zope stuff maybe). Which isn't to say you're incompetent or anything, its just that there are lots of under/unemployed tech people who have similar skills so there's lots of competition for you. And as many other people are mentioning in this thread, these days who you know is much more important than what you know. You could easily get a job over someone more qualified than you if you have the right social connections.
Set up a firewall between the dorm networks and the campus backbone and configure it similar to how you'd set up the one between the internet and the campus backbone.
Assume the machines in the dorm networks are hostile and are run by people (in effect) who want to screw up your machines:
If these machines cause too many problems, just cut them off from the network for abuse. The university isn't the student's personal system administrator.
What was the stated justification for them having fingerprinted you?
I suppose it is just a coincidence that Dick Cheney is a former Halliburton executive... that couldn't possibly have had anything to do with the decision. Of course not.
They already have, courtesy John Ashcroft.
You don't think Yahoo tried to block third party clients? I suggest you look at this source file from the yahoo transport for jabber, search the page for the word 'complicated' and read the comment the first result appears in.
Or better yet, switch sides. In this case, promote spamming. Since the "opposition" are really actors who probably had to prepare a little to do their thing, this would probably throw them off and would be a good laugh.
I think it would be a better approach to fix the security hole in your system than to whine to the government and ask for new laws every time someone does something you don't like.
Why would that make a difference? The whole car is insulated from the ground by the rubber tires. If the lightning will go through the tires it will just as easily go through the vinyl steering wheel and anything else you're in contact with.
Remove what entries from what table? There's just a checkbox or radio buttons in their web interface (in the newest firmware) which disables NAT. That's it. I don't remember the exact model number we tried.
We did, actually. we tried three different pieces of crap routers, all of which had some limitation that made them unusable in this situation. We tried a 3com office connect, which if you disabled NAT would cease to do any packet filtering (like the linksys), and a Netgear, which had no way to disable NAT. Netgear's tech support (also in India), said it was not possible to disable NAT on this particular model we tried but it was possible to disable NAT on a higher model router of theirs, one which was more expensive and not sold in any nearby retail stores. I could have ordered one and installed it later, but given my prior experiences with routers of this type there's a good chance we'd run into some limitation that made the thing unusable. Or maybe their tech support is just flat out wrong.
Because that's the option the customer chose (for cost and time constraint reasons). I told them of a much costlier 3com box that I knew would do everything they needed, but it was beyond their price range.
Of course I charge for my time. And I charge whether I'm setting up a linux machine or a linksys embedded box.
No. But if only we chose the Netgear box, then I would have gotten to come back to fix that backdoor password Netgear left in. And then I would have gotten to come back again a week later after it was discovered that the "fix" was simply to change the backdoor password to something else.
$110/hr
It cost them more money for me to put together the linux router than it would have if the linksys worked. But that is irrelevant. The linksys router did not work so it was not an option.
I never told them anything about outsourced (offshored) anything. And what FUD are you talking about? There is no FUD. There is simply the fact that the linksys box did not work, so they could not use it. If the linksys were able to perform like a real router and firewall should, then they would be using it now and not linux, regardless of who manufactured, developed or supported it.
No. More like:
Secure, working solution set up by an American = OK
Cheaper assed outsourced solution = did not work