That's 4 stories linked from random people's blogs today.
Never mind that silly little storm in the southern states.. or the fact that the tech knowledge on this site would make finding useful coverage easy.
Stuff that matters, all right.
I've brought this up once or twice, but why not allow readers to moderate entire articles? I have 5 mod points at the moment. Instead of distributing them around various articles, I could "bank" them, and withdraw them at a later time. Maybe 50 saved up points would allow a group of users to moderate pointless, redundant, waste of space artices like this one into digital oblivion.
Slashdot needs to be more current than 2 page reviews of a long-since released game.
I still think the point is valid. Consider that a) That means that the vendor has had 7 years to secure their product. I any other industry they would have litigated into oblivion by now. It is *NOT* the end user's fault that the current world standard for personal computer operating systems is frequently bugged.
Sure, carrying $1000 in cash is dumb, but there are easily accessible alternatives. Credit cards, debit cards, traveller's cheques, travel wallets, etc are all viable alternatives. Carrying cash is like opening attachments from unknown senders. Getting your windows box 0wned without your action because a new exploit came out 8 hours ago is like the jacket manufacturer attaching a big red "steal from me!" sign to the back and cutting a pickpockt access hole out, too. (Except then they take over the world jacket manufacturing business and force you to wear one unless you want to freeze or learn to sew).
To use the token comparison to a vehicle - yes, when you buy a car you should be responsible enough to get it serviced from time to time, and act on any critical recall issues that might arise. You shouldn't however have to open the hood and check the internals 3 times per day to ensuire it doesn't explode and require expensive maintenance the next time you turn the key in the ignition.
Don't get me wrong - I'm not saying sysadmins should have no responsability whatsoever. They are after all paid to deal with systems. But when was the last time you head of a dell salesperson telling an unexperienced buyer that if they wish to have their computer on regularly they'll need to spend 5 minutes every single day, and an hour of two each week making sure they're machine doesn't get destroyed?
Hi, you've missed the point. I hope you're not trolling, because I'm going to bite.
Every box at my workplace is patched with SP2. In this case, it doesn't matter - one of the exploits is still useable.
The problem is not (this time, thankfully) the corporate enterprise deployment of windows. It's friends and family. Every time a new windows exploit like this comes out, jerk spyware/worm/virus writers are on it within 24 hours, populating their zombie networks with your mom's, friends' and families' computers. Manditory regular patching at work is easy. The same for people you see occaisionally who are not computer literate is not. These are the people who it really screws with - for example, all one of my buddies wants to do with his dell is play games, send email and surf. He knows nothing beyond that, and is certainly not going to run down to the basement on christmas eve to make sure his operating system is secure RIGHT NOW.
This business of "patch or you deserve it" is utter BS. I maintain that virus writers should be dragged into the street and beaten with keyboards, followed shortly by geeks who empower them by putting any of the blame on the end user. If I paid thousands for an OS site license, I should not be spending my holidays fixing it. If I spend hundreds for an oem copy at home, the same applies. The only ones who deserve ANYTHING bad here are the exploiters and the providers of the crappy OS in question.
Depending on the reaction you'll get, you can always reset the admin password on your box to a new one of your choosing, and install away... Whether or not this is a good idea in your situation is left to your judgement.
A useful utility to accomplish this can be found here:
I always thought that sniffing, hijacking, etc was just too much effort for federal burocracy. Wouldn't the preferred technique be:
1. get court order by invoking draconian security/copyright/terrorism law for the day
2. drive to ISP's colocation facility
3. leave with the server in question, and a few extras, too (just in case)
4. litigate!
I have to agree with some of the previous posts. I would welcome the end of their desktop line, but their thinkpad laptops are, in my opinion, the best "all-round" laptops out there. My old 570 (pII 333) is still my primary workstation on the road.
I've dropped that bad boy down the freaking STAIRS before, and it's only got a couple scratches to show for it. Durable, quiet, good battery, solid construction, etc etc etc. My next laptop will be an IBM again if they still sell 'em.
As the admin of my mail system's spam filter, I would like to see nothing more than "drag a spammer in to the street and beat them with a keyboard until they repent day" but I worry about this system.
Who controls the list of "spam sites"? What are the criteria for becomming a victim? I would personally like this process to be transparent before I encourage anyone to participate - I do think they have the best intentions, but the potential for abuse is a bit scary.
That's what sucks about the spam war.. the good guys have to be careful how they deal with the problem to avoid accidentally screwing someone innocent. The bad guys just double their output.
What the hell is wrong with the editors writing the bylines? Microsoft is entering a product into a sector of internet services they have not before. Naturally the rational reaction is to call it a takeover attempt.
It's called competition. They aren't buying out existing services and squashing smaller providers (well, yet)
Note that I don't particualarly care about MS in any way, really. But article text like this makes the editors look childish and less credible, which is a disservice to the comunity.
.. and then you try to use the scroll wheel in a ms product such as the VBA editor that comes with excel (don't laugh - modeling systems in excel macros is NOT funny) and the stupid thing DOESN'T WORK. Scrolling through hundreds of lines of text with the mouse button held down.. nnngh.. tendons... tightening... argh..
This is nothing new. I purchased a copy of "my Big Fat Greek Wedding" to watch w/ my wife around the time it was available on video. The lead in to the movie features a fantastically annoying ad for windex. Attempting to return to the menu, skip the scene or do anything to avoid watching it brings up the "operation currently prohibited by disc" message you get on a standard un-molested DVD player if you try to skip the stupid copyright warning.
If she hedn't been so set on watching the film, I would have taken it back an demanded a refund right then.
but.. isn't google the infallible poster-boy for internet success? I have a gmail account and love it - I do have the impression though that alot of the success google enjoys is due to reputation. (Their services are great, too.. but you have to get people to use them, right?). Hope they fix it before it hits the media.
Silly me, I though the point of sport was physical activity. How exactly does taking a sport of speed skill and serious balls (ever seen polo live? It's scary to WATCH, let alone contemplate playing) and reducing it to standing on a glorified remote control car an improvement?
The fact that a large quantity of people consider this to be a good idea probably says more about the generally poor physical fitness in N. America vs the world than diet, anyhow.
Go kick around a soccer ball. Play tennis. Play basketball, hocky, ultimate, go for a rollerblade or bike ride or jog or hell.. walk somewhere. Please don't call riding a segway around a sport though. It's the fitness version of getting IE to run natively on linux and calling is making it better. yuck.
I appreciate that gmail is in a test phase, but it sucks that this hack is wasting his account on a publicity stunt (don't for a second think it's more than that) when there are thousands of people begging for invites all over the world.
like me: matthyw at canoemail dot ca
Sorry. Lame begging aside, what does he think he's going to accomplish by this? It's basically an excuse to say something dirty over a public media stream.
This is sufficiently lame that I'm actually posting for once.
There's slow news days where we end up with pretty random stuff over real news, which is ok. But what happened here? "Hmm.. not enough submissions to reject.. I know. I'll paste a lame random email to the front page. woo!"
I vote for a trade in program: Accumulate sufficient mod points, and form a moderation lynch mob. Combine your points and moderate the whole story into oblivion?
MAC filtering? You're kidding, right?
ifdown eth0
ifconfig eth0 hw ether de:ad:be:ef:00:00
ifup eth0
mooooOOo.
MAC filtering as a security measure is not very useful imho. Good for tracking end-user computers on your own network, yes. Keeping someone from gaining access to said network? Not so much.
You do realise that blocking domain names isn't going to help? About 50% of my network's spam comes from hotmail and yahoo addresses. How many of those hits do you think come from microsoft or yahoo servers?
There is some merit to blind domain name blocking. china.com, sina.com and juno.com are all good candidates for my particular organization, since we don't expect mail from anyone there regardless.
We use a linux-based bayesian filter sitting on a proxy box w/ qmail routing email on to our main server, and this, combined with some firewall rules, expression checking and a few other tweaks is dropping about 99.3-99.5% of our spam these days.
IF you want to be truly aggressive though, you can always login to your firewall, and add:
iptables -A INPUT -s 61.0.0.0/8 -j DROP iptables -A INPUT -s 200.0.0.0/8 -j DROP iptables -A INPUT -s 210.0.0.0/8 -j DROP iptables -A INPUT -s 211.0.0.0/8 -j DROP iptables -A INPUT -s 218.0.0.0/8 -j DROP iptables -A INPUT -s 219.0.0.0/8 -j DROP iptables -A INPUT -s 220.0.0.0/8 -j DROP iptables -A INPUT -s 221.0.0.0/8 -j DROP... etc. Most of those spaces are in China and Korea (and some south america).. 81 is also a possibility, as are most of the other 200 range A-classes.
This is a bit draconian, but my company doesn't host our own web server, so a potential client can always call us up. Besides, in the last month, we've had 50k+ spams and many attacks form those address ranges, and 0 legitimate emails.
bah.. it's worth it when I figure out how many lost hours we've saved already by cleaning up manager's mailboxes.
Slashdot Mirror
That's 4 stories linked from random people's blogs today. Never mind that silly little storm in the southern states.. or the fact that the tech knowledge on this site would make finding useful coverage easy. Stuff that matters, all right.
I've brought this up once or twice, but why not allow readers to moderate entire articles? I have 5 mod points at the moment. Instead of distributing them around various articles, I could "bank" them, and withdraw them at a later time. Maybe 50 saved up points would allow a group of users to moderate pointless, redundant, waste of space artices like this one into digital oblivion.
Slashdot needs to be more current than 2 page reviews of a long-since released game.
I still think the point is valid. Consider that a) That means that the vendor has had 7 years to secure their product. I any other industry they would have litigated into oblivion by now. It is *NOT* the end user's fault that the current world standard for personal computer operating systems is frequently bugged.
Sure, carrying $1000 in cash is dumb, but there are easily accessible alternatives. Credit cards, debit cards, traveller's cheques, travel wallets, etc are all viable alternatives. Carrying cash is like opening attachments from unknown senders. Getting your windows box 0wned without your action because a new exploit came out 8 hours ago is like the jacket manufacturer attaching a big red "steal from me!" sign to the back and cutting a pickpockt access hole out, too. (Except then they take over the world jacket manufacturing business and force you to wear one unless you want to freeze or learn to sew).
To use the token comparison to a vehicle - yes, when you buy a car you should be responsible enough to get it serviced from time to time, and act on any critical recall issues that might arise. You shouldn't however have to open the hood and check the internals 3 times per day to ensuire it doesn't explode and require expensive maintenance the next time you turn the key in the ignition.
Don't get me wrong - I'm not saying sysadmins should have no responsability whatsoever. They are after all paid to deal with systems. But when was the last time you head of a dell salesperson telling an unexperienced buyer that if they wish to have their computer on regularly they'll need to spend 5 minutes every single day, and an hour of two each week making sure they're machine doesn't get destroyed?
Hi, you've missed the point. I hope you're not trolling, because I'm going to bite.
Every box at my workplace is patched with SP2. In this case, it doesn't matter - one of the exploits is still useable.
The problem is not (this time, thankfully) the corporate enterprise deployment of windows. It's friends and family. Every time a new windows exploit like this comes out, jerk spyware/worm/virus writers are on it within 24 hours, populating their zombie networks with your mom's, friends' and families' computers. Manditory regular patching at work is easy. The same for people you see occaisionally who are not computer literate is not. These are the people who it really screws with - for example, all one of my buddies wants to do with his dell is play games, send email and surf. He knows nothing beyond that, and is certainly not going to run down to the basement on christmas eve to make sure his operating system is secure RIGHT NOW.
This business of "patch or you deserve it" is utter BS. I maintain that virus writers should be dragged into the street and beaten with keyboards, followed shortly by geeks who empower them by putting any of the blame on the end user. If I paid thousands for an OS site license, I should not be spending my holidays fixing it. If I spend hundreds for an oem copy at home, the same applies. The only ones who deserve ANYTHING bad here are the exploiters and the providers of the crappy OS in question.
Depending on the reaction you'll get, you can always reset the admin password on your box to a new one of your choosing, and install away... Whether or not this is a good idea in your situation is left to your judgement.
A useful utility to accomplish this can be found here:
http://home.eunet.no/~pnordahl/ntpasswd/
While it's kinda overkill in this case, I think I'd trust it over a newly released exploit. Hope that helps a bit.
I always thought that sniffing, hijacking, etc was just too much effort for federal burocracy. Wouldn't the preferred technique be:
1. get court order by invoking draconian security/copyright/terrorism law for the day
2. drive to ISP's colocation facility
3. leave with the server in question, and a few extras, too (just in case)
4. litigate!
I've dropped that bad boy down the freaking STAIRS before, and it's only got a couple scratches to show for it. Durable, quiet, good battery, solid construction, etc etc etc. My next laptop will be an IBM again if they still sell 'em.
Who controls the list of "spam sites"? What are the criteria for becomming a victim? I would personally like this process to be transparent before I encourage anyone to participate - I do think they have the best intentions, but the potential for abuse is a bit scary.
That's what sucks about the spam war.. the good guys have to be careful how they deal with the problem to avoid accidentally screwing someone innocent. The bad guys just double their output.
It's called competition. They aren't buying out existing services and squashing smaller providers (well, yet)
Note that I don't particualarly care about MS in any way, really. But article text like this makes the editors look childish and less credible, which is a disservice to the comunity.
.. and then you try to use the scroll wheel in a ms product such as the VBA editor that comes with excel (don't laugh - modeling systems in excel macros is NOT funny) and the stupid thing DOESN'T WORK. Scrolling through hundreds of lines of text with the mouse button held down.. nnngh.. tendons... tightening... argh..
This is nothing new. I purchased a copy of "my Big Fat Greek Wedding" to watch w/ my wife around the time it was available on video. The lead in to the movie features a fantastically annoying ad for windex. Attempting to return to the menu, skip the scene or do anything to avoid watching it brings up the "operation currently prohibited by disc" message you get on a standard un-molested DVD player if you try to skip the stupid copyright warning. If she hedn't been so set on watching the film, I would have taken it back an demanded a refund right then.
but.. isn't google the infallible poster-boy for internet success? I have a gmail account and love it - I do have the impression though that alot of the success google enjoys is due to reputation. (Their services are great, too.. but you have to get people to use them, right?). Hope they fix it before it hits the media.
Silly me, I though the point of sport was physical activity. How exactly does taking a sport of speed skill and serious balls (ever seen polo live? It's scary to WATCH, let alone contemplate playing) and reducing it to standing on a glorified remote control car an improvement? The fact that a large quantity of people consider this to be a good idea probably says more about the generally poor physical fitness in N. America vs the world than diet, anyhow. Go kick around a soccer ball. Play tennis. Play basketball, hocky, ultimate, go for a rollerblade or bike ride or jog or hell.. walk somewhere. Please don't call riding a segway around a sport though. It's the fitness version of getting IE to run natively on linux and calling is making it better. yuck.
I appreciate that gmail is in a test phase, but it sucks that this hack is wasting his account on a publicity stunt (don't for a second think it's more than that) when there are thousands of people begging for invites all over the world.
like me: matthyw at canoemail dot ca
Sorry. Lame begging aside, what does he think he's going to accomplish by this? It's basically an excuse to say something dirty over a public media stream.
if you back the ticker out to 6 months...
m &q=l&c=
http://finance.yahoo.com/q/bc?s=SCOX&t=6m&l=on&z=
You get a more realistic view of how they're doing. Why is anyone worried about them anymore anyways? They're dead, they deserved it, end of story.
This is sufficiently lame that I'm actually posting for once.
There's slow news days where we end up with pretty random stuff over real news, which is ok. But what happened here? "Hmm.. not enough submissions to reject.. I know. I'll paste a lame random email to the front page. woo!"
I vote for a trade in program: Accumulate sufficient mod points, and form a moderation lynch mob. Combine your points and moderate the whole story into oblivion?
yeesh.
Woo! I hope I'm not the only one who sees this as a coupling refrerence. British TV is better!
MAC filtering? You're kidding, right? ifdown eth0 ifconfig eth0 hw ether de:ad:be:ef:00:00 ifup eth0 mooooOOo. MAC filtering as a security measure is not very useful imho. Good for tracking end-user computers on your own network, yes. Keeping someone from gaining access to said network? Not so much.
You do realise that blocking domain names isn't going to help? About 50% of my network's spam comes from hotmail and yahoo addresses. How many of those hits do you think come from microsoft or yahoo servers?
... etc. Most of those spaces are in China and Korea (and some south america) .. 81 is also a possibility, as are most of the other 200 range A-classes.
There is some merit to blind domain name blocking. china.com, sina.com and juno.com are all good candidates for my particular organization, since we don't expect mail from anyone there regardless.
We use a linux-based bayesian filter sitting on a proxy box w/ qmail routing email on to our main server, and this, combined with some firewall rules, expression checking and a few other tweaks is dropping about 99.3-99.5% of our spam these days.
IF you want to be truly aggressive though, you can always login to your firewall, and add:
iptables -A INPUT -s 61.0.0.0/8 -j DROP
iptables -A INPUT -s 200.0.0.0/8 -j DROP
iptables -A INPUT -s 210.0.0.0/8 -j DROP
iptables -A INPUT -s 211.0.0.0/8 -j DROP
iptables -A INPUT -s 218.0.0.0/8 -j DROP
iptables -A INPUT -s 219.0.0.0/8 -j DROP
iptables -A INPUT -s 220.0.0.0/8 -j DROP
iptables -A INPUT -s 221.0.0.0/8 -j DROP
This is a bit draconian, but my company doesn't host our own web server, so a potential client can always call us up. Besides, in the last month, we've had 50k+ spams and many attacks form those address ranges, and 0 legitimate emails.
bah.. it's worth it when I figure out how many lost hours we've saved already by cleaning up manager's mailboxes.