Puppy linux. Running it right now on my eeepc 2g surf--800 Celeron with 512 MB. Works great!
I like Puppy, honest - but I don't like Puppy's security model.
I get that Puppy's supposed to be a reasonably fast single-user system but there are distributions out there that are just as fast with a better software channel - such as Xbuntu, Vector Linux or damn near anything else that's got Enlightenment or xfce available as a window manager - and those distributions don't require you to run as root.
I know they sucked and hardly anyone used them, but that kind of overlooks Windows v1 & v2. I think it makes more sense if you go with the major steps of the UI:
Windows 1 - Initial release.
Windows 2 - Now with over-lapping Windows!
Windows 3 - And pseudo 3D effects!
Windows 9x (& ME) - Look Ma, we can multitask without... Oh, never mind.
Windows XP - So easy a toddler could use it... Which might explain why it looks a lot like Duplo.
Windows Vista - UAC: Making your PC more secure by training you to click "Yes" to everything!
Windows 7 - What do you want us to fsck up today?
Um - no. Windows 5 = Windows 2000. Windows 5.1 = Windows XP.
Is there any point to separate partitions for / and/home?
IMO there's no other safe way to do it. Here's an example why -
Let's say a runaway process fills up/var/log, trashing that particular filesystem. If/home is on that filesystem it also gets trashed and is the reason why I always put/var on its own partition if I'm building a server.
Also, on my test box that doubles as a home media server I tend to run late alpha or beta versions of Linux distributions - if something breaks and/home is on a separate partition I can reinstall or even change distributions without losing data or settings.
I have a music-related site so I gateway alt.bass, alt.guitar.bass and rec.music-makers.builders into my vBulletin forum.
The gateway runs every 20 minutes and my users can read and post in the newsgroups. They're indexed with my regular discussion forums so they can be searched as well.
I still hang around on alt.dbs.echostar and a couple of Linux newsgroups as well.
I work for an agency under DoD and have had what they call a Common Access Card (CAC) for more than three years.
Leaving my CAC at home has never happened to me but I imagine the experience would be fairly uncomfortable as the CAC is also used for building access - someone would have to sign me into the facility if I forgot my smartcard. I don't imagine I'd have to be embarrassed that way more than eight or ten times for it to sink in that I need to keep my smartcard with me;-)
Humans (at least most adult humans) are conditioned to carry their driver's license with them when they operate a vehicle so learning to carry a smartcard with you wouldn't be all that difficult. To address the issue of requiring a keyboard and display (and a smartcard reader) there are contactless smartcards available and I *think* the technology's compact enough to include in a cell phone or other device.
IM frequently less than HO physical security will always be paramount - a physical token requires a user to have both the token and the PIN to that token to access a protected resource. In this agency there have been a few misplaced smartcards but there hasn't been one instance of a protected resource compromised because a bad guy had both the user's CAC and the PIN to it.
People tend to write down "what they know" if it's fairly complex - which compromises physical security. All I have to remember is an eight character PIN. My PC will lock my CAC after three unsuccessful PIN entries, which requires me to visit the card issuer to have my PIN reset.
All in all it's been fairly secure and easy to use. The transition to smartcards hasn't been completely painless but these days I use the card for building access (I have access to the raised floor area in the basement), to the network (smartcard authentication to the network is mandatory), to secure websites hosted on the network that use CAC authentication and to government-only applications that ping your smartcard to see if you're supposed to be running that application.
All in all it's been a pretty good thing and I was originally one of the naysayers on the project.
That's awfully subjective. I find the GG interface to be an exercise in masochism.
I use pan at home but am forced to use GG at the office because my employer (the federal gummint) blocks NNTP at my site.
I argued that being in a direct support role they'd cut off one of my primary research tools but I didn't win the argument - so now I have to use GG at work.
It's bad, but it's not worse than no Usenet at all;-)
I live in Michigan and this problem's been aired on local NPR for the last few days - introducing foreign marine life into the Great Lakes has been a problem for years.
Starting this year cargo vessels are required to "swish and spit" - flush their ballast tanks 200 miles before entering the St. Lawrence seaway.
This probably doesn't do much good for saltwater invasive marine life but is a good solution for the freshwater nasties.
...it was mentioned in another post but I'm gonna add to it.
I work for the federal gummint and am routinely required to provide connectivity in solutions like this. I issue the user with the requriement a cellular aircard and if necessary an aircard router. Several companies make them and right now I'm particularly happy with NexAira's hardware as most other aircard routers are carrier- and hardware-specific.
You still have to check the manufacturer's compatibility list but NexAira's router can move with you between carriers and is one of the few that supports USB aircards. I've got a Linksys PCMCIA aircard router that works well with Sprint also. NexAira's router only has one Ethernet output but does do WiFi. They're not cheap as aircard routers run between $180 and $250 on the street but they've been a godsend to me.
I'm a federal geek providing technical support to the agency that sells this stuff.
Defense Reutilization and Marketing Service is the DoD agency that gets rid of damaged and excess military equipment. They sell all kindsa stuff to the general public. If you want to buy a whole pallet of old computers or uniforms or something they're the place to go.
That said, they also used to sell F-14 parts that had been through or didn't require demilitarization to the general public - but DRMS no longer sells F-14 parts. They quit doing it after the GAO caught some sensitive equipment being sold and DRMS is well aware of Iran's interest in F-14 hardware.
It was about four years ago but we received an infected build from a major hardware manufacturer.
We bought several hundred computers and provided the laptop image to the manufacturer after we'd installed our standard suite of applications. The major hardware manufacturer certified the build and started imaging machines - we had about a hundred of them in house before the first ones got stood up and tripped virus scanners as soon as they were powered up.
The image we sent the manufacturer was virus-free but the preloaded machines we received with that image were not. Major hardware manufacturer had to do a fair bit of tapdancing and machine-replacing to make things right.
We do use SMS but SMS in itself wouldn't prevent the install. Local Windows Update is disabled by domain policy.
My guess is as another poster mentioned - the update was blocked by a firewall rule. That's interesting, though - because I'd figure a heck of a lot of Windows machines - especially those owned by/.ers would be on nonroutable networks and there'd be no way for MS to push to them. Wonder if the installation is initiated by the client?
From what I read on Wikipedia Google salaries are on the low side. I work as a sysadmin for the federal government - I don't carry a corporate cell phone, work 40 hours a week (16 of those from home) in an environment where working overtime is strongly discouraged because of budget cuts and I make more than twice what Google's entry-level sysadmin does - and live in a considerably lower-cost area than the Bay Area.
I don't get free food but do get a free gym, 10 federal holidays, 13 sick days and 26 vacation days a year - on top of the 104 personal days I already get - and I go home at 3pm every single day. I don't understand why someone would want to work in that kind of a sweatshop. For me, a job is necessary to be able to do the fun stuff - not my reason for existence.
The operative word in my post was "inadvertently" and I'll maintain my position that it's not possible to inadvertently email something from the classified network to an unclassified one.
Yes, the data would have had to have been either transferred to the unclassified network or duplicated on it, but 'inadvertent' implies error when in reality the user would have had to bypass several safeguards to send a classified email on an unclassified network.
...In the email instance, anyone can at any time send classified information over an unclassified network. It is up to the user to not do this. Granted, there are various technical and other procedures that can help prevent this, but it can never be completely avoided. These incidents seem rather tame, but since Los Alamos is under the microscope, every such incident will be greatly scrutinized - and sometimes blown out of proportion.
It's not possible to inadvertently email classified information off the DoD classified network - the classified network isn't connected to the internet for this reason;-)
The user would had to have moved the data off the secure network to send it over the internet.
After reading TFA I'm still a bit confused about how the email got off the SIPRNET (secure DoD network for classified material) and onto the NIPRNET (regular unclassified DoD network that is connected to the internet).
SIPRNET computers don't have internet access - or access to any other network. It appears to me someone would have to have taken the data out of the vault and composed it on an unclassified PC to send it anywhere off the secured network.
Something's not quite right. 4Mw - 5361 horsepower.
This just might win the award for least efficient energy conversion. Of course, using LPG to fire boilers to run a steam engine is only considerably less efficient running an internal combustion engine on LPG and using *that* to drive the wheels;-)
But - I guess the objective here isn't efficiency, it's setting a world record with a steam powered car.
Slashdot Mirror
Puppy linux. Running it right now on my eeepc 2g surf--800 Celeron with 512 MB. Works great!
I like Puppy, honest - but I don't like Puppy's security model.
I get that Puppy's supposed to be a reasonably fast single-user system but there are distributions out there that are just as fast with a better software channel - such as Xbuntu, Vector Linux or damn near anything else that's got Enlightenment or xfce available as a window manager - and those distributions don't require you to run as root.
I know they sucked and hardly anyone used them, but that kind of overlooks Windows v1 & v2. I think it makes more sense if you go with the major steps of the UI:
Um - no. Windows 5 = Windows 2000. Windows 5.1 = Windows XP.
Is there any point to separate partitions for / and /home?
IMO there's no other safe way to do it. Here's an example why -
Let's say a runaway process fills up /var/log, trashing that particular filesystem. If /home is on that filesystem it also gets trashed and is the reason why I always put /var on its own partition if I'm building a server.
Also, on my test box that doubles as a home media server I tend to run late alpha or beta versions of Linux distributions - if something breaks and /home is on a separate partition I can reinstall or even change distributions without losing data or settings.
I have a music-related site so I gateway alt.bass, alt.guitar.bass and rec.music-makers.builders into my vBulletin forum.
The gateway runs every 20 minutes and my users can read and post in the newsgroups. They're indexed with my regular discussion forums so they can be searched as well.
I still hang around on alt.dbs.echostar and a couple of Linux newsgroups as well.
Yes. They kept shooting potatoes at all the motorized office chairs.
And a new Olympic sport is born.
Y'know, not all countries require you to carry a driving licence with you when you are driving.
Hence the qualifier "most" ;-)
I work for an agency under DoD and have had what they call a Common Access Card (CAC) for more than three years.
Leaving my CAC at home has never happened to me but I imagine the experience would be fairly uncomfortable as the CAC is also used for building access - someone would have to sign me into the facility if I forgot my smartcard. I don't imagine I'd have to be embarrassed that way more than eight or ten times for it to sink in that I need to keep my smartcard with me ;-)
Humans (at least most adult humans) are conditioned to carry their driver's license with them when they operate a vehicle so learning to carry a smartcard with you wouldn't be all that difficult. To address the issue of requiring a keyboard and display (and a smartcard reader) there are contactless smartcards available and I *think* the technology's compact enough to include in a cell phone or other device.
IM frequently less than HO physical security will always be paramount - a physical token requires a user to have both the token and the PIN to that token to access a protected resource. In this agency there have been a few misplaced smartcards but there hasn't been one instance of a protected resource compromised because a bad guy had both the user's CAC and the PIN to it.
People tend to write down "what they know" if it's fairly complex - which compromises physical security. All I have to remember is an eight character PIN. My PC will lock my CAC after three unsuccessful PIN entries, which requires me to visit the card issuer to have my PIN reset.
All in all it's been fairly secure and easy to use. The transition to smartcards hasn't been completely painless but these days I use the card for building access (I have access to the raised floor area in the basement), to the network (smartcard authentication to the network is mandatory), to secure websites hosted on the network that use CAC authentication and to government-only applications that ping your smartcard to see if you're supposed to be running that application.
All in all it's been a pretty good thing and I was originally one of the naysayers on the project.
That's awfully subjective. I find the GG interface to be an exercise in masochism.
I use pan at home but am forced to use GG at the office because my employer (the federal gummint) blocks NNTP at my site.
I argued that being in a direct support role they'd cut off one of my primary research tools but I didn't win the argument - so now I have to use GG at work.
It's bad, but it's not worse than no Usenet at all ;-)
I have told scouts at fundraisers that the reason I don't support the Boy Scouts is because of their position on atheism and homosexuality.
Interestingly, the Girl Scouts' official position is that they have no official position on homosexuality.
Penn and Teller's show on the Boy Scouts was fascinating - turns out a huge chunk of the Boy Scouts is financed by the Mormon church.
As others have mentioned the range for passive RFID detection is painfully short - to do what OP wants he needs active tags and readers.
A passive RFID tag is powered by the reader - hence its short range. An active tag carries its own power supply - like the toll booth speedpass tags.
Active tags run from about the size of a dime to about the size of a paperback book - in my job I deal with the paperback book-sized tags.
As God is my witness I thought turkeys could fly.
I live in Michigan and this problem's been aired on local NPR for the last few days - introducing foreign marine life into the Great Lakes has been a problem for years.
Starting this year cargo vessels are required to "swish and spit" - flush their ballast tanks 200 miles before entering the St. Lawrence seaway.
This probably doesn't do much good for saltwater invasive marine life but is a good solution for the freshwater nasties.
...it was mentioned in another post but I'm gonna add to it.
I work for the federal gummint and am routinely required to provide connectivity in solutions like this. I issue the user with the requriement a cellular aircard and if necessary an aircard router. Several companies make them and right now I'm particularly happy with NexAira's hardware as most other aircard routers are carrier- and hardware-specific.
You still have to check the manufacturer's compatibility list but NexAira's router can move with you between carriers and is one of the few that supports USB aircards. I've got a Linksys PCMCIA aircard router that works well with Sprint also. NexAira's router only has one Ethernet output but does do WiFi. They're not cheap as aircard routers run between $180 and $250 on the street but they've been a godsend to me.
...will be devoted to DRM?
Inquiring minds want to know.
I'm a federal geek providing technical support to the agency that sells this stuff.
Defense Reutilization and Marketing Service is the DoD agency that gets rid of damaged and excess military equipment. They sell all kindsa stuff to the general public. If you want to buy a whole pallet of old computers or uniforms or something they're the place to go.
That said, they also used to sell F-14 parts that had been through or didn't require demilitarization to the general public - but DRMS no longer sells F-14 parts. They quit doing it after the GAO caught some sensitive equipment being sold and DRMS is well aware of Iran's interest in F-14 hardware.
...where are you gonna find a shark big enough to carry the thing?
It was about four years ago but we received an infected build from a major hardware manufacturer.
We bought several hundred computers and provided the laptop image to the manufacturer after we'd installed our standard suite of applications. The major hardware manufacturer certified the build and started imaging machines - we had about a hundred of them in house before the first ones got stood up and tripped virus scanners as soon as they were powered up.
The image we sent the manufacturer was virus-free but the preloaded machines we received with that image were not. Major hardware manufacturer had to do a fair bit of tapdancing and machine-replacing to make things right.
We do use SMS but SMS in itself wouldn't prevent the install. Local Windows Update is disabled by domain policy.
/.ers would be on nonroutable networks and there'd be no way for MS to push to them. Wonder if the installation is initiated by the client?
My guess is as another poster mentioned - the update was blocked by a firewall rule. That's interesting, though - because I'd figure a heck of a lot of Windows machines - especially those owned by
Curiouser and curiouser.
...What about the defense department?Present!
I work for an agency under DoD and my machine was *not* updated. Perhaps corporate versions of XP are unaffected?
Jeez, I don't wanna work that hard.
From what I read on Wikipedia Google salaries are on the low side. I work as a sysadmin for the federal government - I don't carry a corporate cell phone, work 40 hours a week (16 of those from home) in an environment where working overtime is strongly discouraged because of budget cuts and I make more than twice what Google's entry-level sysadmin does - and live in a considerably lower-cost area than the Bay Area.
I don't get free food but do get a free gym, 10 federal holidays, 13 sick days and 26 vacation days a year - on top of the 104 personal days I already get - and I go home at 3pm every single day. I don't understand why someone would want to work in that kind of a sweatshop. For me, a job is necessary to be able to do the fun stuff - not my reason for existence.
source: http://www.gao.gov/new.items/d04375.pdf
The operative word in my post was "inadvertently" and I'll maintain my position that it's not possible to inadvertently email something from the classified network to an unclassified one.
Yes, the data would have had to have been either transferred to the unclassified network or duplicated on it, but 'inadvertent' implies error when in reality the user would have had to bypass several safeguards to send a classified email on an unclassified network.
...In the email instance, anyone can at any time send classified information over an unclassified network. It is up to the user to not do this. Granted, there are various technical and other procedures that can help prevent this, but it can never be completely avoided. These incidents seem rather tame, but since Los Alamos is under the microscope, every such incident will be greatly scrutinized - and sometimes blown out of proportion.It's not possible to inadvertently email classified information off the DoD classified network - the classified network isn't connected to the internet for this reason ;-)
The user would had to have moved the data off the secure network to send it over the internet.
After reading TFA I'm still a bit confused about how the email got off the SIPRNET (secure DoD network for classified material) and onto the NIPRNET (regular unclassified DoD network that is connected to the internet).
SIPRNET computers don't have internet access - or access to any other network. It appears to me someone would have to have taken the data out of the vault and composed it on an unclassified PC to send it anywhere off the secured network.
Something's not quite right. 4Mw - 5361 horsepower.
;-)
This just might win the award for least efficient energy conversion. Of course, using LPG to fire boilers to run a steam engine is only considerably less efficient running an internal combustion engine on LPG and using *that* to drive the wheels
But - I guess the objective here isn't efficiency, it's setting a world record with a steam powered car.