Well, my situation with AMD is as follows: about one or two years ago, I bought a AMD Athlon 64 x2 3800+, ASUS A8N Sli Premium mobo (top of the line mobo on those days, it has two IDE, SLI support, 8 SATA connectors, blablabla), nVidia 6500 PCI-Express 256MB RAM card. Of course, it is a socket 939 type mobo.
The issue is: given the ongoing price cuts based on the AMD/Intel wars and the new Core Duo architecture, I would have willingly bought a faster CPU for my mobo or one with better virtualization support (even without DDR2 memory), since it has served my well, it's compatible with everything I use, and I do not use any MS software on it.
*BUT* I will no go thru all the pain of having to ditch such a system while even right now, the X2 3800+ serves me well. I guess that maybe AMD was a little on the "rude" side when cutting 939-CPU types production, since I guess it was thanks to the people that bought those socket-939 high-end systems that AMD made such a come back on the early AMD64/X2 years. AMD: I wish you had a product for me.
Of course it's a good thing to have options, but maybe it might help having PCBSD and http://www.desktopbsd.org/ help each other to bring an easier experience to end-users.
Punish it, definitely. Really destroy a life because of people being inconvenienced? Definitely not. Proportional sentencing 11 years is not
I guess a few factors must be considered:
a) As spam (and the act of spamming) cost almost nothing, so if it is so "ok", then it could get much worse if unchecked. So, as we can not add much cost to bandwidth, the problem is that it might land you in jail. That's the spammer "cost" or "risk". Basically, why would be a requirement for me or my employer that I must give attention to every potential seller on this planet that thinks he has something something I need (a nigerian scam, \/14gr4, whatever) on a no-question-asked basis?
b) A relative of mine died a few months ago. I'm having trouble communicating with my lawyer because of the spam software he/she is using to get rid of spam. Sometimes, key information was delayed because it was wrongly classified as spam, or maybe lost. So, it costs me in both time and resources and money. On top of that the law here stipulates a certain period of time in which all this issues have to be dealt with. My sisters live in other continent, so it's tricky for them to call our local lawyer given the time difference, and phone call costs.
c) In my work we have bought or have to look after the following things because of spam: servers, sw licenses, high availability clusters, e-mail administrator, software, updates, patches, IDS's, security reports, security monitoring, utilities bill because of servers and HVAC. So, spam "costs" us a lot.
Bottom line, I'm more than just "inconvenienced" because of spam. And if you think I shouldn't: Would you be so kind to allow me to bill you our spam-related problems? I'm having a much harder time down here because of the nice little trick of a few people getting richer because of sending millons of low cost email on "products" I don't need, or I did not ask for.
that translates to me as "No thanks, GPLv3". Also, the man says:
All I've heard are shrill voices about "tivoization" (which I expressly think is ok)
which that translates to me as : "Why would I move to a license that forbids what I think it's ok to do?". if that's correct, with all that in mind, then I'd say we are ready for a GPLv2 kernel/GPLv3&v2 userspace. Is that a problem?
Re:ISO to the rescue (somewhere in the future) ?
on
Security Metrics
·
· Score: 2, Informative
If it's anything like the British Standard (BS7799, IIRC) which is supposed to do the same thing, it will do nothing of the sort, mainly because these standards are all too often used as a box-ticking exercise.
Well, ISO 17799 (or more precisely ISO 17799:2005) is the "second generation" BS7799-1 (there's also BS-7799-2, which is the standard your organization might certify).
The original ISO 17799:2000 (IIRC) was more or less the same as BS7799-1. ISO 17799:2005 has a lot of stuff rewritten, and also a Security Incident Management portion (which you could find on ISO 18044, which still is much more detailed). ISO 18044 has even "forms" for incident management, so it is not a box-ticking excersise.
About ISO 27004: today it is still a draft, so, it being circulated for people to review and give feedback upon. I was able to get a copy of the draft. Good thing is, we should be able to help to not make it a box-ticking excersice.
More to the point of what you said. ISO 17799 are a set of broad recommendations, so yes, it list a whole list of things an organization should be looking at when dealing with security. For example PCI-DSS, the VISA/MC/Other security standards is less vague and more to the point (the asset is defined: the credit-card holder information, and how it should be protected), but in ISO 17799, there's no specific asset to be protected, so the recommendations are more general in nature.
We have done work in customers on security, and we have implemented security in different organizations. To get a picture, some of them might be banks, others a pharmaceutical company. So, requirements, risks, assets, regulations might be different for said organizations. In both scenarios, ISO 17799 might be used to create the security management system they need anyway. I don't know if in your case the consultant built, supports or is performing the administration of your ISMS. In that case, I'd say you should have something more than just a report on compliance/non-compliance.
ISO to the rescue (somewhere in the future) ?
on
Security Metrics
·
· Score: 5, Informative
ISO 27004 is supposed to deal with security metrics/management measurement when it is published. It belongs to the same familiy of security standards as ISO 17799 and 27001.
About ISO 27004: "The scope is to "provide guidance on the specification and use of measurement techniques for providing assurance as regards the effectiveness of information security management systems. It is intended to be applicable to a wide range of organisations with a correspondingly wide range of information security management systems. [It] provides guidance for measurement procedures and techniques to determine the effectiveness of information security controls and information security processes applied in an ISMS. The purpose of the Information security management measurements development and implementation process, defined in this Standard is to create a base for each organization to collect, analyse, and communicate data related to ISMS processes. This data is ultimately to be used to base ISMS-related decisions and to improve implementation of an ISMS."
Also, NIST has also something to add to the issue of security metrics in SP800-55. A few links:
"Oh, cut the bleeding heart crap, will ya? We've all got our switches, lights, and knobs to deal with, Striker. I mean, down here there are literally hundreds and thousands of blinking, beeping, and flashing lights, blinking and beeping and flashing - they're *flashing* and they're *beeping*. I can't stand it anymore! They're *blinking* and *beeping* and *flashing*! Why doesn't somebody pull the plug! "
this might be a test to see if/.'rs actually read stories... Guess they had to come up with some really artificial and/or unbelievable subject/story to prove the point and catch as much/.'rs attention as possible.
Well... you must not be a LatinAmerican then. When I went to Europe (Spain, Germany, Sweeden, Belgium) they asked me the same thing: What was the purpose of my travel, where I was going to stay, and I needed to show my two-way ticket. And wait: it gets funnier: I can not go into Canada without a Visa. Up to 2002, my country was in the visa Waiver program and I could get in the US without a Visa. I went to Cancun, Mexico, and they asked me an International Credit Card at the customs... go figure...
and of course, being this slashdot, we will of course mention Brazil and recall it maybe by its coffee or Football/soccer, but not because of brazil's mulatas/garotas....
This is why the GPL makes code Free, while the BSD license makes programmers Free.
That's true!.. But also, the BSD license makes the code *free" to go to a non-open source project, while the GPL code is not so free as to do so....semantics... free as in beer, or free as a bird ?
Yes, that's official now. I also remember the RS/6000 S70 days: its boot display will start by displaying AS/400 boot codes, then jump into normal "RS/6000" led display codes...
I suggest you to look into IBM's System i product line.
They've got a fancy Hypervisor in Hardware (called the FSP, flexible service processor). Linux is supported natively.
Actually, S/390 has been doing that trick for ages (OS390, Linux, VM, VM/ESA...). i Series does that now, p Series does too (hmmm, even p and i series are based on "very" similar HW) so you can run AIX and Linuxes all on the same HW. Now, x Series will also join the fun.
As far as I can tell, this does not apply in IBM Latin America either. As far as I know, LATAM IBMers in the hardware support area do get OT payments. But, if you are a software support guy, developer, IT Architect, product specialist, PM, or anything else, you are pretty much out of luck. That of course means, say goodbye to your weekends in exchange for passion over the business and customer success. I guess that might be one of the reasons why IBM likes Linux, no payrolls, no OT, good software, passionate people...:)
NEW YORK (Reuters) -- Microsoft Corp's upcoming Windows Vista computer operating system will include technology that is designed to prevent pirated copies from fully functioning, the software giant said.
Reduced functionality is already a part of the Windows XP activation process, but Windows Vista will have a reduced functionality mode that is enhanced, Microsoft said on its Web site on Wednesday.
Microsoft said the upcoming releases of Windows Vista and also Windows Server "Longhorn" will be the first two products to ship with the new anti-piracy measures included, but more Microsoft products will eventually adopt the technology.
Windows Vista systems must activate with Microsoft as genuine within 30 days and failure to do so will result in "reduced functionality mode" until successful validation occurs, Microsoft said.
Customers that use genuine versions of Windows Vista will get an enhanced set of features that will not work on non-genuine or unlicensed versions of Vista, it said.
Users of non-genuine Windows Vista software will also be notified by the appearance of a persistent statement in the lower right hand corner of their desktop that reads: "This copy of Windows is not genuine."
A Wall Street analyst said on Wednesday that Microsoft will most likely ship the Windows Vista system on time and meet its deadline for both corporate and retail consumers.
Goldman Sachs analyst Rick Sherlund sent a note to clients saying Microsoft may be ready to send the final test version of its much-anticipated Windows upgrade later this week or next week, indicating that Vista will be available for business customers in November and retail PCs by late January.
Windows Vista, five years in the making, has been postponed by Microsoft several times.
Microsoft Windows sits on more than 90 percent of the world's personal computers and the Windows business accounts for about 30 percent of the company's $44 billion in revenue.
Here in Uruguay, we have our government refine the oil, so that private hands don't try to make money out of our need for oil. So, we ended up with a liter of gas at U$S 1.4, or U$S 5.38 a gallon of gas "95".
Of course we have a public transportation system, but every now and then, it goes on strike, and all of a sudden a few thousend people are "trapped" in their workplace and can't get back home. There's no law/regulation/mechanism preventing such a large scale strike happening at least with some time in order to inform the public transport users to take precautions. When a bus driver is hurt/killed by some burglar or other (they killed a bus driver a couple of month ago where the driver also was a drug dealer or something, and someone killed him in revenge. The whole city was left with no means of transportation ), which regretably happens, all public transport dissapears within 30 minutes, leaving honest users with no means to go back home.
* Routing: Static entries and Gateway, BGP, OSPF & RIP2 via (BIRD (http://bird.network.cz/))
* Samba FS Automount
* Syslog to remote server
* Rx/Tx Antenna (Select or Auto)
* Show Status of Wireless Clients and WDS with System Uptime/Processor Utilization
* Site Survey
* SNMP
* SSH server & client (dropbear (http://matt.ucc.asn.au/dropbear/dropbear.html))
* Startup, Firewall, and Shutdown scripts (startup script (http://wrt-wiki.bsr-clan.de/index.php?title=Start up_Scripts))
* Static DHCP Assignment
* Style (Changeable GUI; v.23)
* Supports New Devices (WRT54G V3, V3.1, V4, V5 and WRT54GS V2.1, V3, V4)
* Telnet server & client
* Transmit Power Adjustment (0-251mW, default is 28mW, 100mW is safe)
* UPnP
* VLAN
* Wake On Lan client (WOL (http://ahh.sourceforge.net/wol/))
* WDS Connection Watchdog
* WDS Repeater Mode
* Wireless MAC Addresses Cloning
* Wireless MAC filter
* WMM (Wi-Fi MultiMedia QoS)
* WPA over WDS
* WPA/TKIP with AES
* WPA2
* Xbox Kaid (Kai Engine (http://www.teamxlink.co.uk/))
About the "fun that you might leave out" if you go for the WRT54V5, with the smaller linux image loaded:
The DD-WRT micro build does not contain: chillispot, nocat, rflow, kaid, samba client, SNMP, IPv6, MMC/SD Card Support, SSH, PPTP/PPTP Client, UPnP. This file is under 2MB in size. While it is aimed at routers with less than 2MB of flash space (e.g., Linksys WRT54G version 5), any router should be able to run this version, including Linksys WRT54G versions before 5. Note that the Micro version is considered in beta, so it has a chance of instability. For flashing a version 5 of the WRT54G, look at Flash_Your_Version_5_WRT54G.
Slashdot Mirror
Well, I don't know about Lenovo, buy IBM (which still keeps its PC server business) does preload its servers with Linux:
/ xseriesnos.html
http://www.ibm.com/systems/x/solutions/os/linux/
http://www-03.ibm.com/servers/eserver/xseries/cog
Well, my situation with AMD is as follows: about one or two years ago, I bought a AMD Athlon 64 x2 3800+, ASUS A8N Sli Premium mobo (top of the line mobo on those days, it has two IDE, SLI support, 8 SATA connectors, blablabla), nVidia 6500 PCI-Express 256MB RAM card. Of course, it is a socket 939 type mobo.
The issue is: given the ongoing price cuts based on the AMD/Intel wars and the new Core Duo architecture, I would have willingly bought a faster CPU for my mobo or one with better virtualization support (even without DDR2 memory), since it has served my well, it's compatible with everything I use, and I do not use any MS software on it.
*BUT* I will no go thru all the pain of having to ditch such a system while even right now, the X2 3800+ serves me well. I guess that maybe AMD was a little on the "rude" side when cutting 939-CPU types production, since I guess it was thanks to the people that bought those socket-939 high-end systems that AMD made such a come back on the early AMD64/X2 years. AMD: I wish you had a product for me.
Of course it's a good thing to have options, but maybe it might help having PCBSD and http://www.desktopbsd.org/ help each other to bring an easier experience to end-users.
I guess a few factors must be considered:
a) As spam (and the act of spamming) cost almost nothing, so if it is so "ok", then it could get much worse if unchecked. So, as we can not add much cost to bandwidth, the problem is that it might land you in jail. That's the spammer "cost" or "risk". Basically, why would be a requirement for me or my employer that I must give attention to every potential seller on this planet that thinks he has something something I need (a nigerian scam, \/14gr4, whatever) on a no-question-asked basis?
b) A relative of mine died a few months ago. I'm having trouble communicating with my lawyer because of the spam software he/she is using to get rid of spam. Sometimes, key information was delayed because it was wrongly classified as spam, or maybe lost. So, it costs me in both time and resources and money. On top of that the law here stipulates a certain period of time in which all this issues have to be dealt with. My sisters live in other continent, so it's tricky for them to call our local lawyer given the time difference, and phone call costs.
c) In my work we have bought or have to look after the following things because of spam: servers, sw licenses, high availability clusters, e-mail administrator, software, updates, patches, IDS's, security reports, security monitoring, utilities bill because of servers and HVAC. So, spam "costs" us a lot.
Bottom line, I'm more than just "inconvenienced" because of spam. And if you think I shouldn't: Would you be so kind to allow me to bill you our spam-related problems? I'm having a much harder time down here because of the nice little trick of a few people getting richer because of sending millons of low cost email on "products" I don't need, or I did not ask for.
exactly... that's a manifestation of "freedom" :)
I still think GPLv2 is simply the better license.
that translates to me as "No thanks, GPLv3". Also, the man says:
All I've heard are shrill voices about "tivoization" (which I expressly think is ok)
which that translates to me as : "Why would I move to a license that forbids what I think it's ok to do?". if that's correct, with all that in mind, then I'd say we are ready for a GPLv2 kernel/GPLv3&v2 userspace. Is that a problem?
ISO 27004 is supposed to deal with security metrics/management measurement when it is published. It belongs to the same familiy of security standards as ISO 17799 and 27001.
l
/ sp800-55.pdf
About ISO 27004: "The scope is to "provide guidance on the specification and use of measurement techniques for providing assurance as regards the effectiveness of information security management systems. It is intended to be applicable to a wide range of organisations with a correspondingly wide range of information security management systems. [It] provides guidance for measurement procedures and techniques to determine the effectiveness of information security controls and information security processes applied in an ISMS. The purpose of the Information security management measurements development and implementation process, defined in this Standard is to create a base for each organization to collect, analyse, and communicate data related to ISMS processes. This data is ultimately to be used to base ISMS-related decisions and to improve implementation of an ISMS."
Also, NIST has also something to add to the issue of security metrics in SP800-55. A few links:
http://www.iso27001security.com/html/iso27004.htm
http://csrc.nist.gov/publications/nistpubs/800-55
"Oh, cut the bleeding heart crap, will ya? We've all got our switches, lights, and knobs to deal with, Striker. I mean, down here there are literally hundreds and thousands of blinking, beeping, and flashing lights, blinking and beeping and flashing - they're *flashing* and they're *beeping*. I can't stand it anymore! They're *blinking* and *beeping* and *flashing*! Why doesn't somebody pull the plug! "
this might be a test to see if /.'rs actually read stories... Guess they had to come up with some really artificial and/or unbelievable subject/story to prove the point and catch as much /.'rs attention as possible.
Well... you must not be a LatinAmerican then. When I went to Europe (Spain, Germany, Sweeden, Belgium) they asked me the same thing: What was the purpose of my travel, where I was going to stay, and I needed to show my two-way ticket. And wait: it gets funnier: I can not go into Canada without a Visa. Up to 2002, my country was in the visa Waiver program and I could get in the US without a Visa. I went to Cancun, Mexico, and they asked me an International Credit Card at the customs... go figure...
and of course, being this slashdot, we will of course mention Brazil and recall it maybe by its coffee or Football/soccer, but not because of brazil's mulatas/garotas....
Guess that happened in Germany... not in france.
This is why the GPL makes code Free, while the BSD license makes programmers Free.
...semantics... free as in beer, or free as a bird ?
That's true!.. But also, the BSD license makes the code *free" to go to a non-open source project, while the GPL code is not so free as to do so.
Yes, that's official now. I also remember the RS/6000 S70 days: its boot display will start by displaying AS/400 boot codes, then jump into normal "RS/6000" led display codes...
yeah.I guess the common "Cuban Microsoft representatives where not available for comment" takes a whole new level there...
We dont need no stinkin dumb terminals. We already have a lot of dumb users around here.
no wonder they call the new MS OS Windows "Bosta" around here. Bosta is spanish for horse-shit.
Hmm... Solaris 1 (aka SunOS 4.x) was BSD based. Solaris 2 ( SunOS 5.x) is SysV based.
As far as I can tell, this does not apply in IBM Latin America either. As far as I know, LATAM IBMers in the hardware support area do get OT payments. But, if you are a software support guy, developer, IT Architect, product specialist, PM, or anything else, you are pretty much out of luck. That of course means, say goodbye to your weekends in exchange for passion over the business and customer success. I guess that might be one of the reasons why IBM likes Linux, no payrolls, no OT, good software, passionate people... :)
... this might push nvidia into making the 9xxx drivers available sooner. I hope that solves the googleearth rendering problem.
From TFA:
NEW YORK (Reuters) -- Microsoft Corp's upcoming Windows Vista computer operating system will include technology that is designed to prevent pirated copies from fully functioning, the software giant said.
Reduced functionality is already a part of the Windows XP activation process, but Windows Vista will have a reduced functionality mode that is enhanced, Microsoft said on its Web site on Wednesday.
Microsoft said the upcoming releases of Windows Vista and also Windows Server "Longhorn" will be the first two products to ship with the new anti-piracy measures included, but more Microsoft products will eventually adopt the technology.
Windows Vista systems must activate with Microsoft as genuine within 30 days and failure to do so will result in "reduced functionality mode" until successful validation occurs, Microsoft said.
Customers that use genuine versions of Windows Vista will get an enhanced set of features that will not work on non-genuine or unlicensed versions of Vista, it said.
Users of non-genuine Windows Vista software will also be notified by the appearance of a persistent statement in the lower right hand corner of their desktop that reads: "This copy of Windows is not genuine."
A Wall Street analyst said on Wednesday that Microsoft will most likely ship the Windows Vista system on time and meet its deadline for both corporate and retail consumers.
Goldman Sachs analyst Rick Sherlund sent a note to clients saying Microsoft may be ready to send the final test version of its much-anticipated Windows upgrade later this week or next week, indicating that Vista will be available for business customers in November and retail PCs by late January.
Windows Vista, five years in the making, has been postponed by Microsoft several times.
Microsoft Windows sits on more than 90 percent of the world's personal computers and the Windows business accounts for about 30 percent of the company's $44 billion in revenue.
Here in Uruguay, we have our government refine the oil, so that private hands don't try to make money out of our need for oil. So, we ended up with a liter of gas at U$S 1.4, or U$S 5.38 a gallon of gas "95".
Of course we have a public transportation system, but every now and then, it goes on strike, and all of a sudden a few thousend people are "trapped" in their workplace and can't get back home. There's no law/regulation/mechanism preventing such a large scale strike happening at least with some time in order to inform the public transport users to take precautions. When a bus driver is hurt/killed by some burglar or other (they killed a bus driver a couple of month ago where the driver also was a drug dealer or something, and someone killed him in revenge. The whole city was left with no means of transportation ), which regretably happens, all public transport dissapears within 30 minutes, leaving honest users with no means to go back home.
* 13 languages
* 802.1x (EAP (Extensible Authentication Protocol) encapsulation over LANs)
* Access Restrictions
* Adhoc Mode
* Afterburner
* Client Isolation Mode
* Client Mode (supports multiple connected clients)
* Client Mode WPA
* DHCP Forwarder (udhcp (http://udhcp.busybox.net/))
* DHCP Server (udhcp (http://udhcp.busybox.net/) or Dnsmasq (http://thekelleys.org.uk/dnsmasq/doc.html))
* DNS forwarder (Dnsmasq (http://thekelleys.org.uk/dnsmasq/doc.html))
* DMZ
* Dynamic DNS (DynDNS (http://www.DynDNS.org/), TZO (http://www.TZO.com/), ZoneEdit (http://www.ZoneEdit.com/))
* Hotspot Portal (Sputnik Agent (http://www.sputnik.com) ,Chillispot (http://www.chillispot.org/))
* IPv6 Support
* JFFS2 (http://sourceware.org/jffs2/)
* MMC/SD Card Support (hardware modification required)
* NTP client in a client-server basis
* Ntop Remote Statistic
* OpenVPN Client & Server (only in -vpn build of the firmware)
* Port Triggering
* Port Forwarding (max. 30 entries)
* PPTP VPN Server & Client
* QoS Bandwidth Management (Optimize for Gaming and Services / Netmask / MAC / Ethernet Port Priority)
* QoS L7 Packet Classifier l7-filter (http://l7-filter.sourceforge.net/))
* RFlow/MACupd
* Routing: Static entries and Gateway, BGP, OSPF & RIP2 via (BIRD (http://bird.network.cz/))
* Samba FS Automount
* Syslog to remote server
* Rx/Tx Antenna (Select or Auto)
* Show Status of Wireless Clients and WDS with System Uptime/Processor Utilization
* Site Survey
* SNMP
* SSH server & client (dropbear (http://matt.ucc.asn.au/dropbear/dropbear.html))
* Startup, Firewall, and Shutdown scripts (startup script (http://wrt-wiki.bsr-clan.de/index.php?title=Start up_Scripts))
* Static DHCP Assignment
* Style (Changeable GUI; v.23)
* Supports New Devices (WRT54G V3, V3.1, V4, V5 and WRT54GS V2.1, V3, V4)
* Telnet server & client
* Transmit Power Adjustment (0-251mW, default is 28mW, 100mW is safe)
* UPnP
* VLAN
* Wake On Lan client (WOL (http://ahh.sourceforge.net/wol/))
* WDS Connection Watchdog
* WDS Repeater Mode
* Wireless MAC Addresses Cloning
* Wireless MAC filter
* WMM (Wi-Fi MultiMedia QoS)
* WPA over WDS
* WPA/TKIP with AES
* WPA2
* Xbox Kaid (Kai Engine (http://www.teamxlink.co.uk/))
About the "fun that you might leave out" if you go for the WRT54V5, with the smaller linux image loaded: The DD-WRT micro build does not contain: chillispot, nocat, rflow, kaid, samba client, SNMP, IPv6, MMC/SD Card Support, SSH, PPTP/PPTP Client, UPnP. This file is under 2MB in size. While it is aimed at routers with less than 2MB of flash space (e.g., Linksys WRT54G version 5), any router should be able to run this version, including Linksys WRT54G versions before 5. Note that the Micro version is considered in beta, so it has a chance of instability. For flashing a version 5 of the WRT54G, look at Flash_Your_Version_5_WRT54G.