I have a PhD cust who spends like 400 a month for ISDN as opposed to DSL (it is available to him) and I always shamefully get his transferred calls:
PhD: Look I know what I'm doing I have a PhD and I'm telling you your system is erratic
Meanwhile the guy has his modem set to dial his own phone number AND HE USES CAPS ALL THE TIME so his username/password is almost always the issue. This after I've spoken to him like umpteen who knows how many times. He also has a T1 at his company and always calls:
PhD: my router isn't working and I'm getting very tired of your company doing this to me.
Meanwhile he disconnects his routers to put on wireless switches, faxes, jams phone cords in his ethernet ports, tries to jam his T1 cord into his phone, tries to make calls through his T1 you name it. I have no pity for people you have to explain things over to a trillion times. Users suck
Ive dealt with the bosses from hell at one point or another. Currently I'm working at an ISP so I'm more into DS3/OC3/DSL/DUN issues right now. Currently the company I work for is pretty cool, laid back, and even though I could make a killing elsewhere I would have to contend with people not understanding shit and wanting things done like you describe. As a system engineer you're hired to make systems run not argue with management about their uptimes but prove your points. Again on issues of patching anyone could script something to do something at say 4:30am on Sun/Mon morning where there is a smaller chance of annoying the end user. Aside from that, it's what load balancing and fallbacks are for. If you would like info on companies hiring (companies not headhunters) in the NYC area check out Craig List
Sure good planning doesn't help legacy systems, but good knowledge does. If you know X_LEGACY_SYSTEM is vulnerable to certain things, then you seek out the fixes for them, if the amount of the machines is overwhelming, then being a system admin, you wouldn't be hinder. Somehow - if you're using say a cluster of machines - you have some mechanism to do certain things cluster-wide, then you use your admining skills. Its not that hard to write an expect script to run through your network and download, install patches. Now being I say expect is because most Unix' run expect, and you don't have to independantly run through machine to machine to install the patches... I've dealt (as a system and security admin) with over 1000+ servers in one company combinations of legacy and new systems. While you can't plan on doing anything with a preconfigured system, you damn sure can make sure it's patched and secured any way you try to reason around this is basically an excuse to not do your work.
for i in `someshit to get your hostlists' addresses` do lazyslashdotadmin.exp $i done
Would you look at that... I could chop up something in seconds to run around patching shit. Didn't test variables, I did it to prove a point. Sure admins all get busy, but most admins also get lazy
Using mod_security I replaced mod_redirect since I can achieve the same thing. One thing I've been doing when vulnerable Windoze hosts connect (/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMVE R=4&CAPREQ=0), is sending them to the support.microsoft.com fix page for their machine. They won't connect period unless they put a patch on. I know it sounds a bit cheesy, and I don't think the end user knows why they get redirected, but I know if I didn't know compsec that much I would want someone to tell me. Again mod_sec on a server is a pretty cool tool to use. You can also script it to ipf(ipchain) out users or run any other command you want. For instance on servers where content is extremely sensitive, you can have it email your cellphone and let you know when someone is doing something stupid etc.. oh well last rant on it I promise.
for those using apache, if you haven't had the chance to play with it you should, and you should also check out the snort2modsec perl script if you're too lazy to make your own SetFilter rules. Sorry for the multiple postings
If you use PHP, for instance, as a frontend to your database, you might want to be sure that some "script kiddie" won't slip in some extra SQL in the form fields. This can easily be fixed using mod_security . Remember - for the PHPNuke/Postnuke, or any other content management based site - there needs to be a connection to your admin page at some point in order to manipulate anything. Another fix:
<Location/admin.php> Order deny,allow Allow from MY_IP_ADDRESS Deny from all ErrorDocument 403 http://www.disney.com <Location>
I still don't see the big hooplah. If you need to connect via various addresses you could add them to httpd.conf or install squid with an ACL of accepted hosts, and add that address in your httpd.conf. I don't need to buy a book to tell me this, I would rather RTFM's and know what the heck is running beforehand
It's nice to see there is no lack of someone/somecompany trying to make some money off of the security FUD/Errata scene nowadays. Strangely I've been running webservers, databases, clients without problems for years. I keep a slight watch on lists, and I think (IMO) I keep systems pretty tight either via normal tools, whether they're open source or not.
I still don't understand how hard it is for companies to throw up a so called webserver and have who knows how many ports open. If it's a webserver its a webserver, mailserver then its a mailserver. I call it shoddy administration. Taking the time beforehand to configure something properly will definitely save you a heck of a lot of time down the line, it becomes a matter of watching for new holes and patching them up quickly. If servers are an issue write some script to install patches/fixes to clusters or so.
Sometimes I sit back and wonder what the hell is happening to the security field as a whole. Within the past four years it went from a couple of individuals to everything being overrun by corporations. Security Focus to me pretty much sucks nowadays, but yet aside from lists such as NANOG, Secfocus, ISP-Lists, there are little resources left. I say strong planning nulls out any information you can get from a book. Besides most of the information one could ponder looking for can be found using good old google. Why should I keep waisting money to see the same things over and over again.
If he could prove his costs were $9090.90 per month in bandwidth fees, then he has a valid argument bottom line. I have a customer who happens to be a Sgt of the police department where i work, and the guy is a total prick. I'm not saying this as antipolice, I mean it the guy is an asshole. He uses a DS3 and whenever there is a problem with Verizon, he tries to ream anyone in the company to the point of workers feeling threatened. Even knowing VZ is the reason to blame, he still insists on DAMNIT I want my line on now! and mysteriously workers' cars fall victims to tickets for shit we never even knew existed. "Ticketed for degraded Windshield wiper" Hell I would fight too if I can prove it cost me 300k in fees in bandwidth.
Is it going to get to Mars in 3 weeks now too? Let's do some quick rover math...
Distance to Mars 34.65 million miles
Original Rovers got there in 3 weeks according to NASA
3 weeks (21 days) 504 hours divided by distance?
69023 miles per hour
Those are some fast little 'ships' even if it took 6 months (180 days) it would have to travel at 8020.8333333333333333333333333 to get to mars. A year? Oh you get the point. It's a conspiracy I tell you
It's the fact taht trials are slow, expensive, and predictable, if there was some question about the chances of a convition the prosecuter offers a deal. Wrong deals are offered because DA's don;t like going to trials period. Most of the times, yes people are sleaze, but if you know you're going against an 800lb gorilla with deeper pockets than you can imagine, and you're being told take 30 days at home with a bracelet as I was offered versus losing and doing ten years, most people take the deal. As for your "trials are slow" statement. That's utter bullshit. Trials that go slow are typically trials where the DA is lost in the sauce and desperately trying to dig out as much dirt as he can for reinforcements before he goes to trial.
It's a lot like Law & Order, I really hope you never become a juror. It's this same line of thinking that has jurors falling for the same arguments of "Well he has been known to associate with..."
the guy might be a sleaze, but if they don't think they can prove he's a sleaze to the jury they offer him a plea. It has nothing to do with proving he's anything more than the person who committed a crime. In my case I was a systems/security engineer. I used security tools on a daily basis. Know what the DA said? "Defendant previously portscanned FOO_NETWORK and has used numerous hacking tools"... Thats because it was part of my job description. Now when you run around using 4-5 days shouting "hacker hacker hacker, evil evil evil" then get to the part that these tools are used in the job description, the juror already thinks "Hacker hacker hacker evil tools."
They guy considers the terms, and decides that it's not worth the risk that he will be convicted so he takes it (boosting conviction rates (guy pleading guilty to 2nd degree manslaughter still counts as a conviction). You've got it distorted. A heck of a lot.
The only trials that take place are the few that are questionable enough or have defendant's who firmly believe they are innocent, and have lots of money. Defendant's who believe they are innocent? So what you're saying is defendants who did something and believe they are innocent? S'what I'm gathering. Lots of money counts I can tell you that because it is not cheap going to trial. Aside from the monetary values of it all, the psychological value is a lot higher. What are you going to do when all of your friends are being unfairly visited at 2-3am by feds who just want to ask you a few questions? Believe me you will not be popular with your friends, family. There is a lot that is not seen that goes on which in my eyes makes the DA's no better than those charged. If you think they don't wrongfully prosecute ever your mistaken. Again it all boils down to money. Perception management... Better learn what it is.
As a more recent example, Martha should have just settled with the SEC paid a few hundred grand and gotten on with her life. For whatever reason, she decided that the expense and risk of a trial was worth the attempt to clear her name. We'll probably find out next week if her gamble paid off. Martha is being charged with declaring her innocence nothing more. She went on live television and said she is innocent. What did the DA do, according to them, by declaring her innocence, she maliciously sought to raise her stock price in Omnimedia. Know what you're talking about. She's not charged with insider trading. She's charged with obstruction of justice, and the route they took even boggled the judge in case you didn't know. Martha's case if you also didn't know is the first of its kind being it's high profile though, most people don't even have a real clue about it, and look to the media to hold their hands and have it explained to them.
Re:Other mappable relationship environments?
on
Guilty By Association
·
· Score: 5, Interesting
Well speaking from experience, I can tell you a little something about the Department of Justice and most will probably say i'll sound like disgruntled employee, or someone antigovernment, or something along those lines, but this is my take on them. Having gone to court against the DOJ for a 'cybercrime', I can tell you that they will try to bring out anything and everything you ever did, or that looks bad. If you showed up late to work, and were written up, they'll look for ways to spin the issue into you being an uncooperative work or something along those lines.
If you can find anyone who has fought for their rights in a court of law against the DOJ just ask them what they do to one pretrial. Past 5-10 year history comes on the table tax records, employee records, hell ex girlfriend/boyfriend records if they can get em. Better hope you don't have someone against you with an axe to grind and I mean it. In order to understand why, you have to understand that it's all about money bottom line. Most of the DA's offices are allocated budgets, and more convictions means the crime rate in your district is up which means, your office needs more money. Aside from that, you'd better hope your case (hopefully you won't/don't have one) is not high profile whereas it will lead to promotion, or an entire new 'crime division' being opened up because of you. Remember cases define the prosecutor. "Well I convicted foo foo foo for foo!" and then the book deal. It's sad, but it's what happens.
In Federal Court in the District of Massachusetts in 1998, the conviction rate was nearly 91.7% This closely follows the national trend in which conviction rates in federal court are around 90%.source Some put the rate at like 98% conviction. Either the feds are the best at finding the worse or there are a lot of dirty tricks going on. Now I'll leave it at that and you make your assumptions. I can tell you offhand associations will harm you point blank.
I say according to logic, if everyone cross sues everyone for everything and countersues those countersuing, will the DOJ label them as Suers of Mass Destruction? On the flip side this could work out for everyone, if everyone spends all their money suing one another, eventually everyone will run out of money then we won't have to hear about anything lawsuit.
We henceforth move on with our plans to sue our lawyers
No exploits? You mean clicking on the pif file doesn't run though MS and do its deed? Regardless if its social engineering, reverse engineering it is an MS issue. Do you deny Outlook, Outlook Express and other programs on Microsoft aren't the cluprits?
And yes you should expect them to pay up, MS knows their issues which is why Outlook and OE version 6 by default removes attachments. Did you think MS just put that there because they didn't want their users to be flooded with Viagra spam?
For the most part I see what you mean in a sense but take it from a different perspective. User buys a car, car has a so called alarm. Thieves continously engineer their way around the alarm and cause accidents. Car manifacturer knows about this problem and does nothing. Do you think it's fair to the clueless car buyer that this happen to them? Give me a break.
It's surpring no consortium (like an ISP group) has come together and filed a lawsuit against MS for having to mop up their work. It's definitely costing to pass the traffic, having to explain 12! times a day to customers that we didn't send them a moronically written "Your account is suspend for virus activity" (yes I know it's a typo). MS should definitely be dishing out some money for this. After the first 100 or so viruses from the years 2000-2002 you would figure they would get their act together, but it's the same old story. And for the users (non geek users) of MS, the grandmothers, housewives, and non techies, you would figure they would wise up to the same shit different day. Instead they still open attachments, and rather altogether, still use the same chopperating system they often have to reinstall after having been infected 12! per year.
Seriously mind boggling. As for the virus creators they too need to be punished for their actions, and severely at that. I'm skeptical about the entire 'cybercrime' terrorist approach the DOJ and others have taken on this, but this is definitely something that's getting out of hand. And if you too also work in an ISP, you would know the guys of headaches one deals with on these virus issues. Hopefully our 3rd party antispam/virus filter mail provider gets their act together. Think about the costs for a mid sized ISP on something like technical support alone. 1000 calls a day to explain why someone should not open those emails multiplied by the salaries. Wasted money.
I'm republican moron, and I don't need anonyminity to post my feelings. I would never vote for Bush as a REPUBLICAN. But if you think I'm the only one who feels this way think again.
You're missing my point. In order for Freeswan to have been as successful as they'd like to have been, they kind of sold their hopes too high. Not everyone cares about security though most should. How many people/companies do you know of that still use ftp as opposed to sftp or scp, and even use passive ftp. It's easier to use, and you won't have to spend time explaining things to the non-geek user. Majority rules remember that, like it or not.
No I'm not trolling I'm asking a question here. Outside of admins, how many people really care whether their connection is secure or not. I always reference this out regarding IPSec and the likes, so I'll point out eBay as an example. Now a company such as eBay in my opinion should have SSL based log on by default, period. It's optional. Why? Because most users outside of the geekrealm, and system admin realm don't understand the escape key from their space bar. So when it comes to things like... "Will you accept this certificate?" and the likes, they don't know, and they certainly don't care. Same goes for VPN's. Why should the people care if Freeswan "was not making much progress with its political goals of encrypting a significant portion of all Internet communications" when the typical user doesn't know about Freeswan, and more than likely wouldn't care.
Seriously,.. It's about time some US cities finally are getting their act together. If Saddam and company did so through the late 80's then why should some citites over here lag?
The fiber optic Tiger Song air defense network was installed in Iraq during the 1990s by China in violation of the U.N. ban on weapons sales to Baghdad. The Chinese network has been bombed several times, suffering only a slight degrade in service until Iraqi engineers could repair it.
Tiger Song is a more widely distributed network than the French Kari system and is similar to the Internet, allowing Iraqi mobile radars and missile units to link into the network from pre-positioned fiber optic sites. Both systems are linked together, with the French Kari network providing the overall command and control.
U.S. warriors hope to be able to penetrate the Kari and Tiger Song systems through computer links from the Internet or Iraqi phone system. The Tiger Song network is reportedly also cross-linked with an Iraqi oil pipeline communications network that employs microwave communications links. U.S. forces could tap into the Tiger Song system using the microwave links.
Another alternative is for U.S. Special Forces teams to penetrate Iraq and plant active electronic taps into the Iraqi systems. The Tiger Song network of fiber optic lines is much more difficult to attach hardware electronic taps to. However, U.S. cyber warriors may be able to use the same pre-positioned link points that Iraqi air defense units utilize.
Problem with this country is the (ir)regulations and big money by corps. such as Verizon who lobby to congress, who then in turn coincidentall find the idea of free enterprise a bad idea.
have grown from $2.5 billion in 1990 to $4.1 billion in 2002 as well. So maybe this outsourcing thing isn't so bad after all. Only during the Great Depression have we had such a crappy economy so 1990 would be a null comparison. It's easy to work some fuzzy math numbers now, but the effect can only be 'guesstimated' unless the author cares to dip back that far back.
One of the main differences back then (Great Depression) was the sense of patriotism amongst EVERYONE to pull together for country. Hard push when we (Americans) - the majority - feel conned about this current war on (t)error. We haven't even felt the effect of the baby boomers retiring yet, something that has never happened in the history of the U.S. - this many people retiring at once, so there can be no true number to put out as factual, and we already know Greenspan'll be jacking up the date retirees call it a day.
Slashdot Mirror
I have a PhD cust who spends like 400 a month for ISDN as opposed to DSL (it is available to him) and I always shamefully get his transferred calls:
PhD: Look I know what I'm doing I have a PhD and I'm telling you your system is erratic
Meanwhile the guy has his modem set to dial his own phone number AND HE USES CAPS ALL THE TIME so his username/password is almost always the issue. This after I've spoken to him like umpteen who knows how many times. He also has a T1 at his company and always calls:
PhD: my router isn't working and I'm getting very tired of your company doing this to me.
Meanwhile he disconnects his routers to put on wireless switches, faxes, jams phone cords in his ethernet ports, tries to jam his T1 cord into his phone, tries to make calls through his T1 you name it. I have no pity for people you have to explain things over to a trillion times. Users suck
Ive dealt with the bosses from hell at one point or another. Currently I'm working at an ISP so I'm more into DS3/OC3/DSL/DUN issues right now. Currently the company I work for is pretty cool, laid back, and even though I could make a killing elsewhere I would have to contend with people not understanding shit and wanting things done like you describe. As a system engineer you're hired to make systems run not argue with management about their uptimes but prove your points. Again on issues of patching anyone could script something to do something at say 4:30am on Sun/Mon morning where there is a smaller chance of annoying the end user. Aside from that, it's what load balancing and fallbacks are for. If you would like info on companies hiring (companies not headhunters) in the NYC area check out Craig List
Would you look at that... I could chop up something in seconds to run around patching shit. Didn't test variables, I did it to prove a point. Sure admins all get busy, but most admins also get lazy
Using mod_security I replaced mod_redirect since I can achieve the same thing. One thing I've been doing when vulnerable Windoze hosts connect (/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMV
for those using apache, if you haven't had the chance to play with it you should, and you should also check out the snort2modsec perl script if you're too lazy to make your own SetFilter rules. Sorry for the multiple postings
If you use PHP, for instance, as a frontend to your database, you might want to be sure that some "script kiddie" won't slip in some extra SQL in the form fields. This can easily be fixed using mod_security . Remember - for the PHPNuke/Postnuke, or any other content management based site - there needs to be a connection to your admin page at some point in order to manipulate anything. Another fix:
I still don't see the big hooplah. If you need to connect via various addresses you could add them to httpd.conf or install squid with an ACL of accepted hosts, and add that address in your httpd.conf. I don't need to buy a book to tell me this, I would rather RTFM's and know what the heck is running beforehandIt's nice to see there is no lack of someone/somecompany trying to make some money off of the security FUD/Errata scene nowadays. Strangely I've been running webservers, databases, clients without problems for years. I keep a slight watch on lists, and I think (IMO) I keep systems pretty tight either via normal tools, whether they're open source or not.
I still don't understand how hard it is for companies to throw up a so called webserver and have who knows how many ports open. If it's a webserver its a webserver, mailserver then its a mailserver. I call it shoddy administration. Taking the time beforehand to configure something properly will definitely save you a heck of a lot of time down the line, it becomes a matter of watching for new holes and patching them up quickly. If servers are an issue write some script to install patches/fixes to clusters or so.
Sometimes I sit back and wonder what the hell is happening to the security field as a whole. Within the past four years it went from a couple of individuals to everything being overrun by corporations. Security Focus to me pretty much sucks nowadays, but yet aside from lists such as NANOG, Secfocus, ISP-Lists, there are little resources left. I say strong planning nulls out any information you can get from a book. Besides most of the information one could ponder looking for can be found using good old google. Why should I keep waisting money to see the same things over and over again.
If he could prove his costs were $9090.90 per month in bandwidth fees, then he has a valid argument bottom line. I have a customer who happens to be a Sgt of the police department where i work, and the guy is a total prick. I'm not saying this as antipolice, I mean it the guy is an asshole. He uses a DS3 and whenever there is a problem with Verizon, he tries to ream anyone in the company to the point of workers feeling threatened. Even knowing VZ is the reason to blame, he still insists on DAMNIT I want my line on now! and mysteriously workers' cars fall victims to tickets for shit we never even knew existed. "Ticketed for degraded Windshield wiper" Hell I would fight too if I can prove it cost me 300k in fees in bandwidth.
Is it going to get to Mars in 3 weeks now too? Let's do some quick rover math...
Distance to Mars 34.65 million miles Original Rovers got there in 3 weeks according to NASA
3 weeks (21 days) 504 hours divided by distance? 69023 miles per hour
Those are some fast little 'ships' even if it took 6 months (180 days) it would have to travel at 8020.8333333333333333333333333 to get to mars. A year? Oh you get the point. It's a conspiracy I tell you
It's the fact taht trials are slow, expensive, and predictable, if there was some question about the chances of a convition the prosecuter offers a deal. Wrong deals are offered because DA's don;t like going to trials period. Most of the times, yes people are sleaze, but if you know you're going against an 800lb gorilla with deeper pockets than you can imagine, and you're being told take 30 days at home with a bracelet as I was offered versus losing and doing ten years, most people take the deal. As for your "trials are slow" statement. That's utter bullshit. Trials that go slow are typically trials where the DA is lost in the sauce and desperately trying to dig out as much dirt as he can for reinforcements before he goes to trial.
It's a lot like Law & Order, I really hope you never become a juror. It's this same line of thinking that has jurors falling for the same arguments of "Well he has been known to associate with..."
the guy might be a sleaze, but if they don't think they can prove he's a sleaze to the jury they offer him a plea. It has nothing to do with proving he's anything more than the person who committed a crime. In my case I was a systems/security engineer. I used security tools on a daily basis. Know what the DA said? "Defendant previously portscanned FOO_NETWORK and has used numerous hacking tools" ... Thats because it was part of my job description. Now when you run around using 4-5 days shouting "hacker hacker hacker, evil evil evil" then get to the part that these tools are used in the job description, the juror already thinks "Hacker hacker hacker evil tools."
They guy considers the terms, and decides that it's not worth the risk that he will be convicted so he takes it (boosting conviction rates (guy pleading guilty to 2nd degree manslaughter still counts as a conviction). You've got it distorted. A heck of a lot.
The only trials that take place are the few that are questionable enough or have defendant's who firmly believe they are innocent, and have lots of money. Defendant's who believe they are innocent? So what you're saying is defendants who did something and believe they are innocent? S'what I'm gathering. Lots of money counts I can tell you that because it is not cheap going to trial. Aside from the monetary values of it all, the psychological value is a lot higher. What are you going to do when all of your friends are being unfairly visited at 2-3am by feds who just want to ask you a few questions? Believe me you will not be popular with your friends, family. There is a lot that is not seen that goes on which in my eyes makes the DA's no better than those charged. If you think they don't wrongfully prosecute ever your mistaken. Again it all boils down to money. Perception management... Better learn what it is.
As a more recent example, Martha should have just settled with the SEC paid a few hundred grand and gotten on with her life. For whatever reason, she decided that the expense and risk of a trial was worth the attempt to clear her name. We'll probably find out next week if her gamble paid off. Martha is being charged with declaring her innocence nothing more. She went on live television and said she is innocent. What did the DA do, according to them, by declaring her innocence, she maliciously sought to raise her stock price in Omnimedia. Know what you're talking about. She's not charged with insider trading. She's charged with obstruction of justice, and the route they took even boggled the judge in case you didn't know. Martha's case if you also didn't know is the first of its kind being it's high profile though, most people don't even have a real clue about it, and look to the media to hold their hands and have it explained to them.
Well speaking from experience, I can tell you a little something about the Department of Justice and most will probably say i'll sound like disgruntled employee, or someone antigovernment, or something along those lines, but this is my take on them. Having gone to court against the DOJ for a 'cybercrime', I can tell you that they will try to bring out anything and everything you ever did, or that looks bad. If you showed up late to work, and were written up, they'll look for ways to spin the issue into you being an uncooperative work or something along those lines.
If you can find anyone who has fought for their rights in a court of law against the DOJ just ask them what they do to one pretrial. Past 5-10 year history comes on the table tax records, employee records, hell ex girlfriend/boyfriend records if they can get em. Better hope you don't have someone against you with an axe to grind and I mean it. In order to understand why, you have to understand that it's all about money bottom line. Most of the DA's offices are allocated budgets, and more convictions means the crime rate in your district is up which means, your office needs more money. Aside from that, you'd better hope your case (hopefully you won't/don't have one) is not high profile whereas it will lead to promotion, or an entire new 'crime division' being opened up because of you. Remember cases define the prosecutor. "Well I convicted foo foo foo for foo!" and then the book deal. It's sad, but it's what happens.
In Federal Court in the District of Massachusetts in 1998, the conviction rate was nearly 91.7% This closely follows the national trend in which conviction rates in federal court are around 90%. source Some put the rate at like 98% conviction. Either the feds are the best at finding the worse or there are a lot of dirty tricks going on. Now I'll leave it at that and you make your assumptions. I can tell you offhand associations will harm you point blank.
that's where that urban legend comes from... Alligators in the Suer
Lawsuit bloodbaths
Durle McLame
CEO SCUMGROUP
I say according to logic, if everyone cross sues everyone for everything and countersues those countersuing, will the DOJ label them as Suers of Mass Destruction? On the flip side this could work out for everyone, if everyone spends all their money suing one another, eventually everyone will run out of money then we won't have to hear about anything lawsuit.
We henceforth move on with our plans to sue our lawyers
And yes you should expect them to pay up, MS knows their issues which is why Outlook and OE version 6 by default removes attachments. Did you think MS just put that there because they didn't want their users to be flooded with Viagra spam?
For the most part I see what you mean in a sense but take it from a different perspective. User buys a car, car has a so called alarm. Thieves continously engineer their way around the alarm and cause accidents. Car manifacturer knows about this problem and does nothing. Do you think it's fair to the clueless car buyer that this happen to them? Give me a break.
I'm so lucky I only watch porn 24/7 on my television I thought for a minute there I was going to jail for being unpatriotic or something
It's surpring no consortium (like an ISP group) has come together and filed a lawsuit against MS for having to mop up their work. It's definitely costing to pass the traffic, having to explain 12! times a day to customers that we didn't send them a moronically written "Your account is suspend for virus activity" (yes I know it's a typo). MS should definitely be dishing out some money for this. After the first 100 or so viruses from the years 2000-2002 you would figure they would get their act together, but it's the same old story. And for the users (non geek users) of MS, the grandmothers, housewives, and non techies, you would figure they would wise up to the same shit different day. Instead they still open attachments, and rather altogether, still use the same chopperating system they often have to reinstall after having been infected 12! per year.
Seriously mind boggling. As for the virus creators they too need to be punished for their actions, and severely at that. I'm skeptical about the entire 'cybercrime' terrorist approach the DOJ and others have taken on this, but this is definitely something that's getting out of hand. And if you too also work in an ISP, you would know the guys of headaches one deals with on these virus issues. Hopefully our 3rd party antispam/virus filter mail provider gets their act together. Think about the costs for a mid sized ISP on something like technical support alone. 1000 calls a day to explain why someone should not open those emails multiplied by the salaries. Wasted money.
# whereis microsoft /sbin /bin /usr/sbin /usr/bin /usr/ccs/bin/ /usr/games /usr/local/sbin /usr/local/bin
microsoft:
# which microsoft
no microsoft in
# uname
SunOS
Ok all joking aside, here is a nice article. Search Engine Watch editor Danny Sullivan's Keynote speech yesterday was entitled "Search Wars."
I wonder if my SCO spoof will be the target
I'm republican moron, and I don't need anonyminity to post my feelings. I would never vote for Bush as a REPUBLICAN. But if you think I'm the only one who feels this way think again.
# ssh diebold.machines.gov
bush@diebold.machines.gov's password:
# gcc -o misunderestimated misunderestimated.c
#
# echo "Is our children learning?"
ground control to Major Tom
You're missing my point. In order for Freeswan to have been as successful as they'd like to have been, they kind of sold their hopes too high. Not everyone cares about security though most should. How many people/companies do you know of that still use ftp as opposed to sftp or scp, and even use passive ftp. It's easier to use, and you won't have to spend time explaining things to the non-geek user. Majority rules remember that, like it or not.
No I'm not trolling I'm asking a question here. Outside of admins, how many people really care whether their connection is secure or not. I always reference this out regarding IPSec and the likes, so I'll point out eBay as an example. Now a company such as eBay in my opinion should have SSL based log on by default, period. It's optional. Why? Because most users outside of the geekrealm, and system admin realm don't understand the escape key from their space bar. So when it comes to things like... "Will you accept this certificate?" and the likes, they don't know, and they certainly don't care. Same goes for VPN's. Why should the people care if Freeswan "was not making much progress with its political goals of encrypting a significant portion of all Internet communications" when the typical user doesn't know about Freeswan, and more than likely wouldn't care.
have grown from $2.5 billion in 1990 to $4.1 billion in 2002 as well. So maybe this outsourcing thing isn't so bad after all. Only during the Great Depression have we had such a crappy economy so 1990 would be a null comparison. It's easy to work some fuzzy math numbers now, but the effect can only be 'guesstimated' unless the author cares to dip back that far back.
One of the main differences back then (Great Depression) was the sense of patriotism amongst EVERYONE to pull together for country. Hard push when we (Americans) - the majority - feel conned about this current war on (t)error. We haven't even felt the effect of the baby boomers retiring yet, something that has never happened in the history of the U.S. - this many people retiring at once, so there can be no true number to put out as factual, and we already know Greenspan'll be jacking up the date retirees call it a day.