Me, I would have placed the blame squarely on all of the admins
Exactly, blame it on the admins. Those overpaid evildoers that do nothing but sit around and dig their nose all day unless they get a chance to annoy someone with useless policies ("why can't our server support 100mb-attachments?") or disrupt an important service ("why don't we maintain our requested 99,999999% uptime on that $200 noname-server?").
Know what, as an admin and developer, let me enlighten you: Software security can be achieved only through proper developement practice. Software that needs a security-patch once is likely to need one again because its usually suffering from some kind of braindead design decision that took place in the very early days of its evolution.
Even the most clueless windows-admin (and most of them are clueless) wouldn't cause trouble if the commercial software offered by a certain greedy corporation and bought by certain clueless decision makers wasn't such utter crap.
You want to put blame where it belongs? Fine, start at Microsoft. Half of the wintendo-exploits popping up every week are plain old buffer overflows. This whole class of exploits can be easily avoided without too much effort (you know there are libraries for memory management and stuff...).
What's their excuse to not apply the lowest common determinator in secure design practices? Let me enlighten you on that one, too: they don't care. Now they begin to care because it starts to affect their bottomline. But as I stated earlier its pretty hard to fix software that's broken by design. So, that's what we are seeing from the company nowadays; broken patches for broken software. And then a rushed out a patch for the broken patch which usually breaks other stuff completely unrelated to the initial problem ("Oh, the patch switched your locale to chinese?"). But don't worry, the next service bag due in 8 months will address all of these problems and only introduce a very tiny little few of new ones. Big promise, mmkay?
In fact, the MS approach to availability has been (and i suppose still is) clustering. They know their software can't run straight for months or (gasp) years so they deploy n machines for a given task and shedule regular reboots in a roundrobin fashion.
I don't understand why this is any more of a problem and any more corruptible than the current "credit rating" system (and a bad credit rating could screw your life a lot more than a bad "internet rating").
The point is that just as the current "credit rating" doesn't work, your proposed "internet rating" thing wouldn't either. Grandparent's question kinda hit the nerve; you'd need a trusted authority to maintain the system. And the credit rating authorities are looking back on quite a questionable track record in their field...
The ISPs can work together to form a single database, and in the long run this will save them money: 1. How much bandwidth do you think ISPs have to buy to support virus traffic? 2. How much support do they have to give to people who have been compromised?
The problem with your idea is not a technical but a social one.
And the problem you were trying to address is actually quite easily solved by simply disconnecting individual ports for increasing timespans (1h, 2h, 4h...) when worm signatures are detected. There appears to be little incentive on the ISPs side to implement such a system, tho. Maybe because traffic is what they are living on and less traffic would mean less bills...
Do people really buy a shuttle to fit it with a 3GHZ CPU? I mean c'mon, small is nice, quiet is nice. There's only so much you can expect from a box that small. Running the latest and hottest (pun intended) prescott CPU in one is probably stretching it a bit. Or more bluntly: a stupid idea.
What's next? Someone informing us that a Shuttle Dual Xeon setup will run into thermal issues, too?
Last time I tried (admittedly some time ago) it also was lacking good data import beyond CSV. For automatic label creation I'd prefer a non-gui app anyday, anyways. Don't want to repeat all that clickery all the time...
Still the same worker probably doesn't need a "standard" PC (which, by your definition, costs 11,000 hours) but would be perfectly fine with an "older" PC for, like, 500 hours? Or probably with a free PC?
In our "modern" world old hardware becomes worthless so rapidly that donating it to 3rd world countries for free is often cheaper than trying to recycle it.
Someone should put together a "low hardware"-knoppix that can run with little hardware but provides all the office-/net-related goodies. I guess that's already happened and I just don't know about it...
No, which is one of the main problems with counting your sheeple. Here's some info on that subject.
The fun really starts when you try to deal with large accelerator-cache farms that AOL and I guess most other large ISPs are using. As I've learned just recently a visitor coming via AOL can actually change her IP address *in the middle of a session* because any individual request may be forwarded by any of their n proxy servers to your site.
So the trace an invididual visitor can leave in your logs may be: - 0 IP addresses (content cached remotely) - 0.1415926532 IP addresses (behind a shared proxy/NAT) - 1 IP address - n IP addresses (proxy farm or disconnect/reconnect at any time)
The bottom line is that there is no relation between the number of hits to your webserver and the actual number of visitors.
Slashdot Mirror
Me, I would have placed the blame squarely on all of the admins
Exactly, blame it on the admins. Those overpaid evildoers that do nothing but sit around and dig their nose all day unless they get a chance to annoy someone with useless policies ("why can't our server support 100mb-attachments?") or disrupt an important service ("why don't we maintain our requested 99,999999% uptime on that $200 noname-server?").
Know what, as an admin and developer, let me enlighten you: Software security can be achieved only through proper developement practice. Software that needs a security-patch once is likely to need one again because its usually suffering from some kind of braindead design decision that took place in the very early days of its evolution.
Even the most clueless windows-admin (and most of them are clueless) wouldn't cause trouble if the commercial software offered by a certain greedy corporation and bought by certain clueless decision makers wasn't such utter crap.
You want to put blame where it belongs?
Fine, start at Microsoft. Half of the wintendo-exploits popping up every week are plain old buffer overflows. This whole class of exploits can be easily avoided without too much effort (you know there are libraries for memory management and stuff...).
What's their excuse to not apply the lowest common determinator in secure design practices? Let me enlighten you on that one, too: they don't care.
Now they begin to care because it starts to affect their bottomline. But as I stated earlier its pretty hard to fix software that's broken by design. So, that's what we are seeing from the company nowadays; broken patches for broken software. And then a rushed out a patch for the broken patch which usually breaks other stuff completely unrelated to the initial problem ("Oh, the patch switched your locale to chinese?"). But don't worry, the next service bag due in 8 months will address all of these problems and only introduce a very tiny little few of new ones. Big promise, mmkay?
So, who were you gonna blame again?
In fact, the MS approach to availability has been (and i suppose still is) clustering. They know their software can't run straight for months or (gasp) years so they deploy n machines for a given task and shedule regular reboots in a roundrobin fashion.
Isn't this what Systems Analysts are supposed to do?
Most clients aren't willing to pay for a systems analyst.
Or even have an idea why they really should...
unstable+paris+hilton gives 12,500 hits.
Now what do we learn from that?
I don't understand why this is any more of a problem and any more corruptible than the current "credit rating" system (and a bad credit rating could screw your life a lot more than a bad "internet rating").
...) when worm signatures are detected. There appears to be little incentive on the ISPs side to implement such a system, tho. Maybe because traffic is what they are living on and less traffic would mean less bills...
The point is that just as the current "credit rating" doesn't work, your proposed "internet rating" thing wouldn't either.
Grandparent's question kinda hit the nerve; you'd need a trusted authority to maintain the system. And the credit rating authorities are looking back on quite a questionable track record in their field...
The ISPs can work together to form a single database, and in the long run this will save them money:
1. How much bandwidth do you think ISPs have to buy to support virus traffic?
2. How much support do they have to give to people who have been compromised?
The problem with your idea is not a technical but a social one.
And the problem you were trying to address is actually quite easily solved by simply disconnecting individual ports for increasing timespans (1h, 2h, 4h
Do people really buy a shuttle to fit it with a 3GHZ CPU?
I mean c'mon, small is nice, quiet is nice. There's only so much you can expect from a box that small. Running the latest and hottest (pun intended) prescott CPU in one is probably stretching it a bit. Or more bluntly: a stupid idea.
What's next? Someone informing us that a Shuttle Dual Xeon setup will run into thermal issues, too?
Here's a review.
That's why I'd prefer a Sharp SL-Cxxx any day.
So, what exactly do you need installed on your workstation that requires root privileges?
Just curious.
mldonkey.
I think you somehow got the wrong link.
The teletubbies game is here.
Never mind. Found it.
That one is really pretty cool, I think UPS uses that (or a similar code), at least in my area.
But is there a free version?
Machine learning?
Give me a break.
What I'd like to see if I could finally use vim for these damn textareas (or any editor of choice for that matter).
If you are not paying for codecs, then you are stealing.
Your comment was modded -1 Retard.
Here
because unlike Open Source, the liability is on YOU if people can't get their work done.
Oh, really now?
So where do I have to send my bill on lost work hours due to MS exploits to get a refund?
Give google a shot for blackbox, fluxbox, openbox and ion.
Last time I tried (admittedly some time ago) it also was lacking good data import beyond CSV. For automatic label creation I'd prefer a non-gui app anyday, anyways. Don't want to repeat all that clickery all the time...
I'm looking forward to see the first photo-gallery of spammer-ears and tails on the web.
And who pays my energy bill?
I guess that'd be another $200/pa.
No, thanks.
So what is more dangerous.
Microsoft mindshare leaking into the DOD. Or the other way round?
Still the same worker probably doesn't need a "standard" PC (which, by your definition, costs 11,000 hours) but would be perfectly fine with an "older" PC for, like, 500 hours?
Or probably with a free PC?
In our "modern" world old hardware becomes worthless so rapidly that donating it to 3rd world countries for free is often cheaper than trying to recycle it.
Someone should put together a "low hardware"-knoppix that can run with little hardware but provides all the office-/net-related goodies.
I guess that's already happened and I just don't know about it...
No, which is one of the main problems with counting your sheeple.
Here's some info on that subject.
The fun really starts when you try to deal with large accelerator-cache farms that AOL and I guess most other large ISPs are using.
As I've learned just recently a visitor coming via AOL can actually change her IP address *in the middle of a session* because any individual request may be forwarded by any of their n proxy servers to your site.
So the trace an invididual visitor can leave in your logs may be:
- 0 IP addresses (content cached remotely)
- 0.1415926532 IP addresses (behind a shared proxy/NAT)
- 1 IP address
- n IP addresses (proxy farm or disconnect/reconnect at any time)
The bottom line is that there is no relation between the number of hits to your webserver and the actual number of visitors.