It's called a Document Managment System, and I've been kicking myself for not writing one at work. For some reason, people who otherwise have good organizational skills - and understand how an office filing system works - completely lose it around PCs. Couple that with share names and drive letters, and people completely lose track of that single folder with ten years worth of documents all lumped to together, all without properly descriptive names.
I only wish I'd patented the idea, because it looks like it's going to become popular. Granted, there are DMSes that already exist, but none that I'd consider feature-complete for a work environment.
I think that depends largely on how popular the depedencies are. For example, chances are that qt and gtk+ aren't going to be difficult to resolve. It's why I prefer "dumb" packaging systems. Just install the program, I'll find the dependencies. If the author doesn't document the dependencies, it doesn't really matter, because as sure as he'll forget to list them in INSTALL.txt, he'll forget to include the dependencies when he creates the RPM.
Ok, for one, that's just putting words in my mouth. I never said that any package systems "were not ready for the desktop". I said that package systems create a dependency hell in complex systems that's just as bad as DLL Hell.
Well, I'm certainly not going to put words into your mouth, but I will argue against this point. I've never had a situation similar to DLL Hell on my Linux systems. To me, DLL Hell is when two applications that have the ability to restore libraries stored in the system areas of a Windows system continually restore their prefered version. The result is that the user has little control over the situation, other than to not run one of the programs. One or both of the programs get broken.
The closest I've got to that level of frustration in the GNU/Linux world is when either a) the developer fails to mention all the dependencies or doesn't include the rare ones (like I can track down some library out of CVS from a host that was used by only 3 other developers and was shut down 6 months prior). Or, b) the application uses a deprecated function, and I need to get an updated version of the program. I don't know what you'd define as a complex system, but I very rarely have these problems on my desktops or servers.
It adds up to some pretty poor security procedures. Actually, I'd guess there was no security implemented at all, if I judge by the portion you quoted. Behold:
"He was named as the chief suspect after a series of electronic break-ins occurred over 12 months at 92 separate US military and Nasa networks."
Point #1: No monitoring tools are in place, no one monitors the systems on a regular basis. I could see one week, but to not notice, and to not secure the network over the course of a year leads me to believe that they have no network admins.
"It is alleged that he used software available on the internet to scan tens of thousands of computers on US military networks from his home PC, looking for machines that might be exposed due to flaws in the Windows operating system.
#2: Good grief, the machines were connected directly to the DMZ without NAT, a proxy or any type of traffic monitoring? What's more, the NBT ports were obviously not blocked, as that's the only common Windows service I can think of that would allow an attacker to log-on. I bet the Administrator passwords were blank. The quote doesn't mention any tools besides a port-scanner, so he must have just done it the old fashioned way.
Many of the computers he broke into were protected by easy-to-guess passwords, investigators said. In some cases, McKinnon allegedly shut down the computer systems he invaded. "
Further suggesting that the Administrator passwords were never set. These systems would likely be Win2k/XP in order to be compromised in this manner. I believe the default is to have an account lockout after three tries. If he guessed wrong, the users would have noticed. So he must have guessed right the first time.
"The charge sheet alleges that he hacked into an army computer at Fort Myer, Virginia, where he obtained codes, information and commands before deleting about 1,300 user accounts.
#3: Either he was snooping the network and cracking passwords, or the workstations and server superuser accounts had the same password.
Note that these same terrible security procedures would put almost any other operating system at risk. Doesn't anyone read the old DoD security publications?
Personal use of company computers/networks is grounds for dismissal." I don't work for a Fortune 500 company, I work for a school district. What kind of trade secrets am I going to leak? 2+2=4? No Child Left Behind is a bad idea?
If it's a school system, then the biggest motivator is probably liability. A lot of workers make the mistake of using e-mail to send official policy or to authorize important (from a liability standpoint) actions. I've been inbetween warring staff and administration, and it's the most stressful thing in the world to recover a lost message under those circumstances. I'd like to smack these people and tell them to conduct their business in a closed office with lawyers present, or at least print out the important messages. But I can't, because then I'd be fired and possibly arrested for assault.
The other aspect of liability are loose-lipped or ditsy teachers that invite lawsuits. As an administrator, you wouldn't want to be caught unaware when some parent shows up, threatening to sue, because one of your staff has been threatening/harassing him through the school's e-mail system, for example. Or perhaps your wayward faculty-member is conducting an inappropriate relationship with a student, and they're communicating through the e-mail system. It looks really bad if the parents find out before you do.
Can't say I've ever run into this. How fast is your machine? No program is able to scan every file of every size instantaneously. At least AVG detects all those "trojan" programs that come along with other spyware, which many other scanners miss. My advice for you is to scan before you open any foreign file.
AVG isn't free as-in-beer or free as-in-speech. I never said otherwise. I'm assuming that McAfee is also in it for the money, and I was pointing out that the most effective commercial virus scanner (that I've seen) already has a GNU/Linux port, albiet a binary-only one. If you follow my thinking here: Guess who will be to blame when McAfee doesn't get rich quick in the GNU world? That's right, those damn GNU hippies!
Also, I use the free alternative, and it is good, but not the equivalent in terms of features. Otherwise, I'm not in disagreement with you.
I use ClamAV on the server-side, but only as a proactive tool; It halts the spread of viruses when used in conjunction with dazuko, because it blocks access to the infected files. ClamAV's drawbacks are that it can't repair files, and its quarantine feature isn't sophisticated enough to properly file away infected files. It can only dump them in one location, which is obviously bad when two files with otherwise important data happen to have the same name.
I note that ClamAV might have had a memory leak up until 0.80, but it appears to be fixed now. Also, it's totally sweet how easily it can be configured to target certain areas, certain files, or even certain sizes of files. As you can see, I have not forgotten about ClamAV.:o)
Plus there's klamav (kde frontend) which is quite good.
By the way, the most effective and affordable AV program of the Windows world, namely Grisoft's AVG, already runs on Linux. Prepare for competition, McAfee!
And then there's RedHat to charge just a bit less.
Less than whom? They're already undercutting Microsoft, and Microsoft is the low end. RHEL ES is the same price as Windows Server (which only has 10 CALs at that price level), yet it has no connection limits and includes support. Honestly, how much better can they do?
Free Software mostly eliminates those problems, because there's always a new vendor that can take over the management of your current technology.
Awesome point! Had that airline invested in a more portable solution, say based on development framework around Apache server, they could have had their pick of the litter for the underlying architecture, including Windows!
And it took years before those desktop systems were as useful and reliable as UNIX was in the 1970s. And UNIX wasn't that reliable compared to other "big iron" operating systems of the time.
What exactly is your argument here? Is it that UNIX and all it's derivatives have remained unchanged since the 1970s? Are you sure you want stand behind that?
No, the survey isn't even shown. The article, however, is very specific: For the 500 North-American companies surveyed , 7 per cent of companies that don't currently have Linux installed on anything, plan to buy "some" servers with Linux installed over the next 12 months.
Take that how you will, but to me it looks like microscope focus. Generally when someone looks that closely, they're looking for a specific thing to begin with.
It's MS marketing in action, no more. Apparently they're clearing the path for some new announcement, so the shill army has been deployed.
Selected excerpts:
But a new report suggests that growth rate could be about to slow.
"A" report "suggests" it's about to slow. Windows growth is zero, but Linux growth in 500 corporation buyers, limited to those who a) plan on buying new servers, and b) plan on having Linux installed, may slow to 7% growth.
The survey only shows that a smaller number of companies not using Linux plan to try the software than in previous surveys.
Have all the companies that began adopting stopped or reversed adoption entirely?
Most analysts expect Linux use to grow at the companies that have already rolled it out -- and do so at a healthy rate.
But not these guys, apparently.
Brosseau thinks Linux won't find as many new customers as in the past in large part because it has already tapped the market that includes its most likely buyers: Unix users.
So this guy says. If anything, it shows where those marketing Linux-based solutions aren't reaching out to customers with other needs. Linux does a fine job as a low- to mid-range file and print server, document-server and company intranet web-app server. That's about as easy a drop-in replacement that you can get. However, thinking is required.
What's more, some companies that experimented with Linux hoping for big cost savings found that the open-source software wasn't what they expected. "Some of the bloom is coming off," says Brosseau.
Who are these companies, and what do they do? How did they implement it? Where is the report with cited sources to back up this statement?
Take Independence Air, a low-cost Washington (D.C.) carrier that... needed to hire consultants who could write code for Linux, since its Windows developers couldn't.
...
...replaced the system with Windows and a batch of other Microsoft applications, which he believes will cut his costs by 70% a year...
Ouch! This seriously undercuts the credibility of MS-certification, since this crew doesn't seem to know how to read. Of course there will be greater costs during the switch, but will that remain at 70% above the current costs forever? Also, this is an anti-argument for Microsoft, because this same company is obviously going to have a hard time dealing with the API changes coming in Longhorn. If anything, this message is: "It will cost a lot more to move away from a Microsoft solution if you buy into it, and your applications won't be portable to other platforms. Microsoft can't grow with your business, and you'll be stuck with them!"
Naturally, Microsoft sees the Cowen survey as proof that Linux is finding resistance. "This data completely validates what I've seen," says Martin Taylor, Microsoft's general manager for platform strategy. Not only is Linux maxing out on Unix users but it's not finding new customers among stalwart Windows users, he says.
This guy works for MS marketing strategy. Did we really need to quote him? Also, his statments contradict the concessions made by the author of the article. Who is right?
Siemens, for example, has Linux servers handling some of its firewall and communication applications. Now, it's pushing Linux into its data center, heavy-duty computing that hasn't been the open-source operating system's forte.
It hasn't? Linux has been the platform on which to build a "super"-computers with commodity hardware. It's also a popular platform for serving massive loads in heavily-used websites. It can do more. The author also fails to point out that Microsoft, despite its major marketing effort to get Windows into the "data center", is encountering resistance. Let me put this forth: If operating systems such as Solaris and AIX are in the "data center", and Linux is replacing UNIX, where is Linux going?
I think it's important here to note that Dvorak is attempting to cash in credibility gained from leaked, but truthful information to put forth another of his zany predictions. I he wouldn't be published for so many years if he sat there and just reported what he saw, so I understand why he uses this type of tactic.
I'm wondering how exactly Apple could do any more damage to GNU/Linux? Linux runs on every platform worth mentioning (and some that aren't, like toasters) and runs well with the exception of Apple equipment. It's because of that damned Apple ROM. And since that's what makes a Mac stay a Mac, I don't see how shifting from one arch to another is going to change anything. They're going to stop producing PPC-based units.
Selected quotes and comments:
I'm on the side of benefit as Apple can now champion its design and aesthetic strategies in the world of Intel and allow people who prefer the Windows OS to actually buy a Macintosh for its design and run Windows on it.
There's nothing magical about the switch, aside from the fact that Apple equipment will have more bang for the buck. It'll still have Apple ROMs, and unless Apple decides to license it to Microsoft, those machines aren't going to be running Windows. And who would be stupid enough to pay more for an Apple, and toss OS 10 to pay $300 extra for XP Pro? Sure, people do stupid things, but they generally don't when it costs them money.
It's quite possible that this new Apple strategy while obviously harmful to the computer makers in general and to Microsoft somewhat
How is it harmful to Microsoft? Apple is only swapping processors, not selling OEM versions of OS 10 to Dell. How will it be harmful to IBM-compatible makers? Am I missing something here? Do Apple buyers really care what's under to hood? Is Apple planning on selling sub-$500 PCs with no OS at WalMart?
The Mac OS was built around a Unix kernel not unlike Linux, but with a very advanced and slick user interface.
Advanced, from the developers standpoint, as Apple exerts some overall control and planning. Advanced from a feature standpoint? KDE has all the features from every modern GUI. That's probably a drawback, but to be pedantic, Linux distros have the more "advanced" user interface, and it's pretty slick, too. Apple's strength is that it's comparatively simple, yet still very functional.
The normal Apple menu structures and way of doing things are what the majority of both Mac and Windows users expect to see. The operative word is "intuitive."
The operative word is "functional", "intuitive" works well in the Apple world, but it only gets users so far. "Intuitive" doesn't work as well as we thought, as evidenced by all the adult ed and community college courses covering those purportedly obvious interface designs.
The Linux world suffers from a lack of modern intuitive menus and commands. Anyone who has played with the Open Office Programs such as the Powerpoint clone called "Impress" soon finds themselves lost in a jungle of menu structures and naming conventions.
Well, Linux desktop environments ape the features of everything else out there, so by association, I guess we could also say that Windows and MacOS lack "modern intuitive menus and commands"? I'm looking at Impress right now, and it's like PowerPoint, but with less menus and buttons. I don't follow.
These stem from old Unix roots and none of the Unix-trained Linux users find it peculiar or difficult. In fact, they cannot even recognize these problems. Part of the reason that Linux has not broken onto the desktop is because of these old Unix roots.
By the same logic, isn't MacOS 10 "broken" on the desktop? Linux desktop environments and Open Office have almost nothing to do with
Every time they enact and attempt to enforce some sweeping control like this, it costs money. Before you know it, there will be a collapse of the government (okay, so maybe in 50 years). Say what you will about buying Chinese-made products, but there aren't enough deep-pocketed Americans to support all the grand schemes of Communist China.
This type of article seems like a monthly thing on Slashdot, no? Console buyers seem to like simplicity, and owning a console eliminates all the maintenance and upgrade headaches that come with a PC. However, the advantage of the PC is that it can be made to do complex things, and has a much wider range of input devices to use.
Frankly, I wouldn't want to play something like Battlefield: 2 on a console, because any attempt to match the input of a 104-key keyboard, 5-button wheel mouse, 8-button 2-axis stick, a throttle and a pair of pedals is likely going to be tedious.
Also: Like I mentioned in my last reply to an article like this, I traded up from TV-resolution twenty years ago, and I like game modding. So there.:p
How about a little intelligence collection? It'd be nice to get some of the potential targets to run a program that snoops for connections to IRC servers (provided they're on standard ports), and reports back to a central site. The effects of a botnet could be mitigated if those connections were blocked, or the point of control was shut down. I'm sure the ISP hosting the IRC server could either be pressured to shut it down, or domestic ISPs to block it.
I'm surprised that, in all the years DDoS attacks have been happening, the only solutions put forth thus far are to shut down the target host because he's a liability, or to attempt to scale bandwidth to absorb the attack.
I've thought before, while adding sites and ranges of IPs to my organization's firewall rules, wouldn't it be great if all of the stuff was in a.xxx TLD so it would be trivial to block? It's not going to happen, though. The smut industry guarantees the success of its addictive product by saturation, so no one in his right mind would only do business through a.xxx domain, because then it would be too easy to shield the generation of smut consumers from that exposure.
No, he's got a point. It only infected machines running specific applications. A less grand and sweeping statement, but entirely accurate, would be to say, "if the technique had been paired with a more common Windows vulnerability, only a bug in the worm's RNG would have prevented it from infecting all Internet-connected hosts with that vulnerability."
I think it had more to do with two firewall applications that happened to run on MS operating systems than with Windows itself. But hey, I didn't pay that much attention to it because I don't run those products, and my firewalls are all iptables-based.
I've tested this in a laboratory environment and can confirm that applying a coat of wax with a high-RPM orbital buffer does indeed render the platters mostly unreadable.
One hundred nodes is a drop in the bucket. I wonder just how anonymous it is, say, compared to script kiddies that just use a stranger's compromised home PC, where there is a much larger pool of machines from which to choose. That's a "zero knowledge" system, since the host often isn't even aware of the fact.
I also wonder how many of these nodes are already in my spammers list, where I've got 2,200+ blocked addresses and subnets already.
Slashdot Mirror
It's called a Document Managment System, and I've been kicking myself for not writing one at work. For some reason, people who otherwise have good organizational skills - and understand how an office filing system works - completely lose it around PCs. Couple that with share names and drive letters, and people completely lose track of that single folder with ten years worth of documents all lumped to together, all without properly descriptive names.
I only wish I'd patented the idea, because it looks like it's going to become popular. Granted, there are DMSes that already exist, but none that I'd consider feature-complete for a work environment.
I think that depends largely on how popular the depedencies are. For example, chances are that qt and gtk+ aren't going to be difficult to resolve. It's why I prefer "dumb" packaging systems. Just install the program, I'll find the dependencies. If the author doesn't document the dependencies, it doesn't really matter, because as sure as he'll forget to list them in INSTALL.txt, he'll forget to include the dependencies when he creates the RPM.
The closest I've got to that level of frustration in the GNU/Linux world is when either a) the developer fails to mention all the dependencies or doesn't include the rare ones (like I can track down some library out of CVS from a host that was used by only 3 other developers and was shut down 6 months prior). Or, b) the application uses a deprecated function, and I need to get an updated version of the program. I don't know what you'd define as a complex system, but I very rarely have these problems on my desktops or servers.
Point #1: No monitoring tools are in place, no one monitors the systems on a regular basis. I could see one week, but to not notice, and to not secure the network over the course of a year leads me to believe that they have no network admins.
#2: Good grief, the machines were connected directly to the DMZ without NAT, a proxy or any type of traffic monitoring? What's more, the NBT ports were obviously not blocked, as that's the only common Windows service I can think of that would allow an attacker to log-on. I bet the Administrator passwords were blank. The quote doesn't mention any tools besides a port-scanner, so he must have just done it the old fashioned way.
Further suggesting that the Administrator passwords were never set. These systems would likely be Win2k/XP in order to be compromised in this manner. I believe the default is to have an account lockout after three tries. If he guessed wrong, the users would have noticed. So he must have guessed right the first time.
#3: Either he was snooping the network and cracking passwords, or the workstations and server superuser accounts had the same password.
Note that these same terrible security procedures would put almost any other operating system at risk. Doesn't anyone read the old DoD security publications?
The other aspect of liability are loose-lipped or ditsy teachers that invite lawsuits. As an administrator, you wouldn't want to be caught unaware when some parent shows up, threatening to sue, because one of your staff has been threatening/harassing him through the school's e-mail system, for example. Or perhaps your wayward faculty-member is conducting an inappropriate relationship with a student, and they're communicating through the e-mail system. It looks really bad if the parents find out before you do.
Can't say I've ever run into this. How fast is your machine? No program is able to scan every file of every size instantaneously. At least AVG detects all those "trojan" programs that come along with other spyware, which many other scanners miss. My advice for you is to scan before you open any foreign file.
AVG isn't free as-in-beer or free as-in-speech. I never said otherwise. I'm assuming that McAfee is also in it for the money, and I was pointing out that the most effective commercial virus scanner (that I've seen) already has a GNU/Linux port, albiet a binary-only one. If you follow my thinking here: Guess who will be to blame when McAfee doesn't get rich quick in the GNU world? That's right, those damn GNU hippies!
Also, I use the free alternative, and it is good, but not the equivalent in terms of features. Otherwise, I'm not in disagreement with you.
I note that ClamAV might have had a memory leak up until 0.80, but it appears to be fixed now. Also, it's totally sweet how easily it can be configured to target certain areas, certain files, or even certain sizes of files. As you can see, I have not forgotten about ClamAV.
By the way, the most effective and affordable AV program of the Windows world, namely Grisoft's AVG, already runs on Linux. Prepare for competition, McAfee!
And it took years before those desktop systems were as useful and reliable as UNIX was in the 1970s. And UNIX wasn't that reliable compared to other "big iron" operating systems of the time.
What exactly is your argument here? Is it that UNIX and all it's derivatives have remained unchanged since the 1970s? Are you sure you want stand behind that?
No, the survey isn't even shown. The article, however, is very specific: For the 500 North-American companies surveyed , 7 per cent of companies that don't currently have Linux installed on anything, plan to buy "some" servers with Linux installed over the next 12 months.
Take that how you will, but to me it looks like microscope focus. Generally when someone looks that closely, they're looking for a specific thing to begin with.
Selected excerpts:"A" report "suggests" it's about to slow. Windows growth is zero, but Linux growth in 500 corporation buyers, limited to those who a) plan on buying new servers, and b) plan on having Linux installed, may slow to 7% growth.
Have all the companies that began adopting stopped or reversed adoption entirely?But not these guys, apparently.
So this guy says. If anything, it shows where those marketing Linux-based solutions aren't reaching out to customers with other needs. Linux does a fine job as a low- to mid-range file and print server, document-server and company intranet web-app server. That's about as easy a drop-in replacement that you can get. However, thinking is required.
Who are these companies, and what do they do? How did they implement it? Where is the report with cited sources to back up this statement?
Ouch! This seriously undercuts the credibility of MS-certification, since this crew doesn't seem to know how to read. Of course there will be greater costs during the switch, but will that remain at 70% above the current costs forever? Also, this is an anti-argument for Microsoft, because this same company is obviously going to have a hard time dealing with the API changes coming in Longhorn. If anything, this message is: "It will cost a lot more to move away from a Microsoft solution if you buy into it, and your applications won't be portable to other platforms. Microsoft can't grow with your business, and you'll be stuck with them!"
This guy works for MS marketing strategy. Did we really need to quote him? Also, his statments contradict the concessions made by the author of the article. Who is right?
It hasn't? Linux has been the platform on which to build a "super"-computers with commodity hardware. It's also a popular platform for serving massive loads in heavily-used websites. It can do more. The author also fails to point out that Microsoft, despite its major marketing effort to get Windows into the "data center", is encountering resistance. Let me put this forth: If operating systems such as Solaris and AIX are in the "data center", and Linux is replacing UNIX, where is Linux going?
I'm wondering how exactly Apple could do any more damage to GNU/Linux? Linux runs on every platform worth mentioning (and some that aren't, like toasters) and runs well with the exception of Apple equipment. It's because of that damned Apple ROM. And since that's what makes a Mac stay a Mac, I don't see how shifting from one arch to another is going to change anything. They're going to stop producing PPC-based units.
Selected quotes and comments:
There's nothing magical about the switch, aside from the fact that Apple equipment will have more bang for the buck. It'll still have Apple ROMs, and unless Apple decides to license it to Microsoft, those machines aren't going to be running Windows. And who would be stupid enough to pay more for an Apple, and toss OS 10 to pay $300 extra for XP Pro? Sure, people do stupid things, but they generally don't when it costs them money.
How is it harmful to Microsoft? Apple is only swapping processors, not selling OEM versions of OS 10 to Dell. How will it be harmful to IBM-compatible makers? Am I missing something here? Do Apple buyers really care what's under to hood? Is Apple planning on selling sub-$500 PCs with no OS at WalMart?
Advanced, from the developers standpoint, as Apple exerts some overall control and planning. Advanced from a feature standpoint? KDE has all the features from every modern GUI. That's probably a drawback, but to be pedantic, Linux distros have the more "advanced" user interface, and it's pretty slick, too. Apple's strength is that it's comparatively simple, yet still very functional.
The operative word is "functional", "intuitive" works well in the Apple world, but it only gets users so far. "Intuitive" doesn't work as well as we thought, as evidenced by all the adult ed and community college courses covering those purportedly obvious interface designs.
Well, Linux desktop environments ape the features of everything else out there, so by association, I guess we could also say that Windows and MacOS lack "modern intuitive menus and commands"? I'm looking at Impress right now, and it's like PowerPoint, but with less menus and buttons. I don't follow.
By the same logic, isn't MacOS 10 "broken" on the desktop? Linux desktop environments and Open Office have almost nothing to do with
Every time they enact and attempt to enforce some sweeping control like this, it costs money. Before you know it, there will be a collapse of the government (okay, so maybe in 50 years). Say what you will about buying Chinese-made products, but there aren't enough deep-pocketed Americans to support all the grand schemes of Communist China.
Hi, I'm here to kill the joke: The 6510 was the brain in the C64. Lesser computers such as the VIC-20 and the Apple II used the 6502.
This type of article seems like a monthly thing on Slashdot, no? Console buyers seem to like simplicity, and owning a console eliminates all the maintenance and upgrade headaches that come with a PC. However, the advantage of the PC is that it can be made to do complex things, and has a much wider range of input devices to use.
:p
Frankly, I wouldn't want to play something like Battlefield: 2 on a console, because any attempt to match the input of a 104-key keyboard, 5-button wheel mouse, 8-button 2-axis stick, a throttle and a pair of pedals is likely going to be tedious.
Also: Like I mentioned in my last reply to an article like this, I traded up from TV-resolution twenty years ago, and I like game modding. So there.
How about a little intelligence collection? It'd be nice to get some of the potential targets to run a program that snoops for connections to IRC servers (provided they're on standard ports), and reports back to a central site. The effects of a botnet could be mitigated if those connections were blocked, or the point of control was shut down. I'm sure the ISP hosting the IRC server could either be pressured to shut it down, or domestic ISPs to block it.
I'm surprised that, in all the years DDoS attacks have been happening, the only solutions put forth thus far are to shut down the target host because he's a liability, or to attempt to scale bandwidth to absorb the attack.
I'll believe it when I see it. The problem isn't going away until the customer is the one that specifies the format. Example: The banking industry.
I've thought before, while adding sites and ranges of IPs to my organization's firewall rules, wouldn't it be great if all of the stuff was in a .xxx TLD so it would be trivial to block? It's not going to happen, though. The smut industry guarantees the success of its addictive product by saturation, so no one in his right mind would only do business through a .xxx domain, because then it would be too easy to shield the generation of smut consumers from that exposure.
No, he's got a point. It only infected machines running specific applications. A less grand and sweeping statement, but entirely accurate, would be to say, "if the technique had been paired with a more common Windows vulnerability, only a bug in the worm's RNG would have prevented it from infecting all Internet-connected hosts with that vulnerability."
I think it had more to do with two firewall applications that happened to run on MS operating systems than with Windows itself. But hey, I didn't pay that much attention to it because I don't run those products, and my firewalls are all iptables-based.
I've tested this in a laboratory environment and can confirm that applying a coat of wax with a high-RPM orbital buffer does indeed render the platters mostly unreadable.
One hundred nodes is a drop in the bucket. I wonder just how anonymous it is, say, compared to script kiddies that just use a stranger's compromised home PC, where there is a much larger pool of machines from which to choose. That's a "zero knowledge" system, since the host often isn't even aware of the fact.
I also wonder how many of these nodes are already in my spammers list, where I've got 2,200+ blocked addresses and subnets already.