Obligatory pedantry: The Cougar Point chipset was the one subject to recall. The Sandy Bridge processors were fine.
Many motherboards with Marvell controllers had sufficient numbers of SATA ports for most users, making a lot of recalls logically unnecessary but still ethically correct. I think doing the right thing and doing it so quickly after discovering the problem counteracts the embarrassment factor.
Ugh, there are some bored forum trolls and they are out in force today. It looks like they did a drive-by on our conversation. Either that, or someone involved in that forum happened across this. If you're trying to say it was me trying to discredit you... how do I know it wasn't you setting up that accusation? I don't know. Whatever the case, I don't especially care for it.
I followed those links and guess what I see there... if that's you, you tend to know what you're talking about, although you get more impassioned than other people might. (See, if you weren't posting AC, I might have been able to do that with your Slashdot comments.) Looks like the troll backfired, didn't it? If it's not you, they did an excellent job impersonating you and making you look good up to the end, and you should probably do some damage control. If it is you, then you should own up to your mistakes and move on.
All I ever wanted was to say "there are better ways to do what you guys are talking about than dumping hosts files everywhere" and see if you'd thought of something I hadn't, and I was hoping the person you were replying to would get on board as well. It's clear that you're not in this for an exchange of ideas, so I'm not going to participate any further in this thread that's devolving into a flame war / troll-a-thon. It's a shame when Slashdot turns into this sort of mess. Better luck next time!
I am not one of the ACs in this thread. That being said, I have some background and experience in network administration in environments from SOHO to global enterprises.
Now, please detail how you'd set up an automatic and redundant P2P distribution network for a HOSTS file including your mechanism for securely updating said HOSTS file from a location of your choosing, and explain how your solution is more efficient than your company's infrastructure's DNS systems. If you allow updates from anywhere other than a central location, what happens when malware on a personal computer alters the HOSTS file - does it cause an erroneous update to be pushed out to the group? Can you ever tell that the one computer is stale? Would you push the updates on demand only, or every X minutes/days?
You're clearly talking about a business use of some sort here. Have you done this in a business environment? How large? How did you convince them to allow you to override DNS with myriad HOSTS files? Have improvements in their network infrastructure superceded your solution, perhaps without your knowledge?
The only benefit to having a HOSTS file distribution like that might be that it could be distributed faster than your DNS can replicate changes via a push or pull mechanism, although in a modern enterprise environment DNS changes should be able to propagate in minutes if not seconds.
Once a system is removed from that HOSTS file distribution, or the distribution fails because a server dies or a network link is broken temporarily, or a user does something that causes their personal machine to stop receiving changes, then you have stale HOSTS files everywhere conflicting with your DNS. How do you propose to clean that mess up?
DNS should at least be set up such that (in no particular order): 1) It is very redundant (multi-homed) and thus robust/reliable 2) Administrators can control it and add/alter/remove records 3) Replication is fast 4) The source of changes can be verified or at least identified 5) Poisoned updates from the untrusted wilds can be rolled back and audited once they have been identified
How often do you have significant DNS bugs whose actual (not theoretical) impact and resolution outweighs the implementation cost (time and money) of your custom HOSTS distribution solution? I propose that this scenario does not exist, but someone has created this alternate solution "just in case" which just smacks of the 1980s rather than learning how to correctly administer their DNS infrastructure. Either that, or someone is upset because they weren't permitted to alter the corporate DNS the way they wanted / anonymously, and became the squeaky wheel and pitched their solution to execs in the business who don't know the difference between a CPU and a chassis. (Nor should they have to, it's not their job.) These are possibilities, perhaps not accurate. However: None of these are acceptable for a network administrator. All network admins should be seeking ways to improve their DNS setup, staying on top of the state of the art, and using HOSTS files *only* when appropriate.
HOSTS files do have uses. * Null-routing a server that's been causing some isolated issue, such as an ad server or some other server that your software times out waiting for; Also, null-routing a server to prevent a new software package you're testing/developing from reaching a production server * Rerouting a name to your local development environment while debugging or developing software * Guarantee resolution of key server names on a portable demo workstation that often finds itself on different private networks
I think you need to chill out a little bit, regardless. There's entirely too much angry excitement in this thread, and there's a lot of arguments that seem to stem from personal experiences with isolated situations from the distant past that basically never happen in a properly configured environment, and don't cause the kind of disaster that they are imagined to cause. Let's try to stay calm, civil and professional on a public technology website.
Don't trust the major tin foil manufacturers, man! The Commies paid them to introduce subtle pattern defects in the foil so even if you make a hat out of it, specific waveforms will still penetrate the hat! The only way to be safe is to make your own! Open source the tin foil manufacturing process!!1!one!
Microsoft issued a fix for the Windows exploit Stuxnet uses in early August (or sooner). So if you've done Windows Update since then you're protected regardless of antivirus status.
Most large enterprises have patch cycles >= 30 days. Integrated systems and vendor-supported systems, 60-90 or more days. Sometimes you even see quarterly patch processes. Yes, the patch came out in August 2010. Antivirus vendors were detecting it in what, July 2010? June 2010? But: The attacks started in June 2009 and we can assume that it took at least a few months to develop Stuxnet (and who knows what else) after the exploit was discovered. That means we're talking about a year and a few months between some black hat discovering a remote ownage vulnerability and Microsoft patching it, which is not out of the ordinary for them. That's a total of a year and a half at least where enterprise computers were vulnerable - and these computers were out in the field!
My point is, you can't assume that you're safe just because you're up to date on your patches and antivirus. You have to keep yourself updated, for sure. Separating the networks? Great! You can't have an environment on one machine that works like idea 1 part 2 above - if anyone breaks into the supervisor, they have access to the environment running within it. There's more to it, though. You can't allow media to be transferred between them without controls. No amount of careful firewalling is going to stop sneakernet, so you have to basically deploy GPOs to prevent removable media from being useful and disallow PC-to-PC networking via USB/Firewire somehow.
You could buy a Sony BDP-BX57 blu-ray player for less than $200 and get all of that (1080p video, Netflix, Hulu Plus, media streaming from your PC, playback from hard drive/USB stick, remote control) and more. I have one and it's pretty nice, and I didn't have to spend the dough on a HTPC with a Win7 license nor did I have to deal with getting the exact right hardware and setting up Linux *precisely correctly* to get smooth HD video playback. Just sayin' there are easier ways to do it if the "it's a general purpose computer" aspect isn't the most important part:)
Yes, most of us old-timers remember tiny bitmap fonts on various systems and GUIs. Some of us even made our own for various purposes.
This is a new thing because it's treating the RGB subpixels of an LCD as individual pixels, effectively tripling the horizontal resolution of the font. I don't remember seeing anyone on any system doing that. This allows characters to be more true to their intended forms. For example, the letter W can now be done in a much narrower space - 3 pixels wide to have a recognizable W is pretty good.
In Braille, there needs to be space between the dots in each character and again between the characters and lines, so you need to more than double that. Go check your local ATM, pay phone, or restroom door sign.
BTW... 6 points... while I see what you were saying, points are a typographical unit (approximately 1/72 of an inch) so you should probably say square pixels instead!
The colored Munchkins do have their advantages when you are the DM, I won't lie. I can just remember that the Green one has 45 HP and is 2nd in initiative order, etc. My issue is that my players are referring to them as "green here" and "blue there" instead of "the green lizardman" or "the blue skeleton":( All of the imagination is lost.. I feel like we're playing a metagame and the only important thing is the numbers.
Games Workshop would pitch a fit? I don't really care. Games Workshop only produces so many of these things, and I have to rely on my local game store to stock them. They mostly have the ones nobody bought over the past few years, like the "generic townsfolk" and specific sir-hero-not-appearing-in-my-campaign type minis. I've had to pay upwards of $10 for each one except for rare occasions when I found a three-pack of goblin warriors or skeleton warriors for $15, and then noticed that they didn't restock them. I'm tired of spending money on things that are "oh well, close enough I guess" that some of my players recognize as the wrong ones. I've resorted to using two bags of Munchkin miniatures because I just can't get some stupid lizardman wizard/kobold archer/beholder gauth or something that's glaringly obvious that it's the wrong class. Oh look, a plastic Munchkin, that must be a minion! Kill it first!
So if I want some particular monster for my campaign, I'd like to make it - perhaps a few days before running the campaign, and I wonder how much it costs?
Obviously this requires me to be artistic and capable of making models on the computer. Maybe I can employ some of my friends who are looking for freelance work to make me some models, at which point I've spent more money (initially) but then I can justify it by printing a few models. Then I have spent roughly the same amount, made my friends able to pay their rent, and gotten exactly what I needed - and only have to pay for materials if I want more!
I wonder if doing that would fall afoul of any copyrights?
Slashdot Mirror
Apple diagnostic technicians should probably be called "Apple Veterinarians"... cat names and all that
I don't know, touching someone's insides with bullets and shrapnel seems to be pretty inappropriate.
He says he's not dead!
Well, he won't be long.
Obligatory pedantry: The Cougar Point chipset was the one subject to recall. The Sandy Bridge processors were fine.
Many motherboards with Marvell controllers had sufficient numbers of SATA ports for most users, making a lot of recalls logically unnecessary but still ethically correct. I think doing the right thing and doing it so quickly after discovering the problem counteracts the embarrassment factor.
Ugh, there are some bored forum trolls and they are out in force today. It looks like they did a drive-by on our conversation. Either that, or someone involved in that forum happened across this. If you're trying to say it was me trying to discredit you... how do I know it wasn't you setting up that accusation? I don't know. Whatever the case, I don't especially care for it.
I followed those links and guess what I see there... if that's you, you tend to know what you're talking about, although you get more impassioned than other people might. (See, if you weren't posting AC, I might have been able to do that with your Slashdot comments.) Looks like the troll backfired, didn't it? If it's not you, they did an excellent job impersonating you and making you look good up to the end, and you should probably do some damage control. If it is you, then you should own up to your mistakes and move on.
All I ever wanted was to say "there are better ways to do what you guys are talking about than dumping hosts files everywhere" and see if you'd thought of something I hadn't, and I was hoping the person you were replying to would get on board as well. It's clear that you're not in this for an exchange of ideas, so I'm not going to participate any further in this thread that's devolving into a flame war / troll-a-thon. It's a shame when Slashdot turns into this sort of mess. Better luck next time!
I addressed my post incorrectly. I was replying to the thread as a whole, which was not correctly conveyed.
Logon scripts that copy from where?
Still, it wouldn't kill you to be civil.
Does anyone know which DNS servers are either derived from or just repackaged BIND? I haven't been able to find this information anywhere.
I am not one of the ACs in this thread. That being said, I have some background and experience in network administration in environments from SOHO to global enterprises.
Now, please detail how you'd set up an automatic and redundant P2P distribution network for a HOSTS file including your mechanism for securely updating said HOSTS file from a location of your choosing, and explain how your solution is more efficient than your company's infrastructure's DNS systems. If you allow updates from anywhere other than a central location, what happens when malware on a personal computer alters the HOSTS file - does it cause an erroneous update to be pushed out to the group? Can you ever tell that the one computer is stale? Would you push the updates on demand only, or every X minutes/days?
You're clearly talking about a business use of some sort here. Have you done this in a business environment? How large? How did you convince them to allow you to override DNS with myriad HOSTS files? Have improvements in their network infrastructure superceded your solution, perhaps without your knowledge?
The only benefit to having a HOSTS file distribution like that might be that it could be distributed faster than your DNS can replicate changes via a push or pull mechanism, although in a modern enterprise environment DNS changes should be able to propagate in minutes if not seconds.
Once a system is removed from that HOSTS file distribution, or the distribution fails because a server dies or a network link is broken temporarily, or a user does something that causes their personal machine to stop receiving changes, then you have stale HOSTS files everywhere conflicting with your DNS. How do you propose to clean that mess up?
DNS should at least be set up such that (in no particular order):
1) It is very redundant (multi-homed) and thus robust/reliable
2) Administrators can control it and add/alter/remove records
3) Replication is fast
4) The source of changes can be verified or at least identified
5) Poisoned updates from the untrusted wilds can be rolled back and audited once they have been identified
How often do you have significant DNS bugs whose actual (not theoretical) impact and resolution outweighs the implementation cost (time and money) of your custom HOSTS distribution solution? I propose that this scenario does not exist, but someone has created this alternate solution "just in case" which just smacks of the 1980s rather than learning how to correctly administer their DNS infrastructure. Either that, or someone is upset because they weren't permitted to alter the corporate DNS the way they wanted / anonymously, and became the squeaky wheel and pitched their solution to execs in the business who don't know the difference between a CPU and a chassis. (Nor should they have to, it's not their job.) These are possibilities, perhaps not accurate. However: None of these are acceptable for a network administrator. All network admins should be seeking ways to improve their DNS setup, staying on top of the state of the art, and using HOSTS files *only* when appropriate.
HOSTS files do have uses.
* Null-routing a server that's been causing some isolated issue, such as an ad server or some other server that your software times out waiting for; Also, null-routing a server to prevent a new software package you're testing/developing from reaching a production server
* Rerouting a name to your local development environment while debugging or developing software
* Guarantee resolution of key server names on a portable demo workstation that often finds itself on different private networks
I think you need to chill out a little bit, regardless. There's entirely too much angry excitement in this thread, and there's a lot of arguments that seem to stem from personal experiences with isolated situations from the distant past that basically never happen in a properly configured environment, and don't cause the kind of disaster that they are imagined to cause. Let's try to stay calm, civil and professional on a public technology website.
It's a power source AND a good home defense system, all in one! Just don't forget which lever controls it...
Don't trust the major tin foil manufacturers, man! The Commies paid them to introduce subtle pattern defects in the foil so even if you make a hat out of it, specific waveforms will still penetrate the hat! The only way to be safe is to make your own! Open source the tin foil manufacturing process!!1!one!
Well that's just super, man!
Careful, now.
Microsoft issued a fix for the Windows exploit Stuxnet uses in early August (or sooner). So if you've done Windows Update since then you're protected regardless of antivirus status.
Most large enterprises have patch cycles >= 30 days. Integrated systems and vendor-supported systems, 60-90 or more days. Sometimes you even see quarterly patch processes. Yes, the patch came out in August 2010. Antivirus vendors were detecting it in what, July 2010? June 2010? But: The attacks started in June 2009 and we can assume that it took at least a few months to develop Stuxnet (and who knows what else) after the exploit was discovered. That means we're talking about a year and a few months between some black hat discovering a remote ownage vulnerability and Microsoft patching it, which is not out of the ordinary for them. That's a total of a year and a half at least where enterprise computers were vulnerable - and these computers were out in the field!
My point is, you can't assume that you're safe just because you're up to date on your patches and antivirus. You have to keep yourself updated, for sure. Separating the networks? Great! You can't have an environment on one machine that works like idea 1 part 2 above - if anyone breaks into the supervisor, they have access to the environment running within it. There's more to it, though. You can't allow media to be transferred between them without controls. No amount of careful firewalling is going to stop sneakernet, so you have to basically deploy GPOs to prevent removable media from being useful and disallow PC-to-PC networking via USB/Firewire somehow.
Actually, Apple just switched vendors. IBM manufactured and sold the G5 CPUs and chipsets to Apple.
This thread is now diamonds.
Perhaps he has only misplaced his gruntle, and is not fully disgruntled.
I've heard a lot of similar stories, mostly from the game industry. That explains the poor quality of a lot of game releases.
You need to rest your brain more than that. If you're tired enough, even the old rule of "one screen per function" starts to quit on you.
Imagine debugging "Managed C++" DirectX setup code on 5 hours of sleep and a bottle of Mountain Dew... I wouldn't expect that to end well.
You could buy a Sony BDP-BX57 blu-ray player for less than $200 and get all of that (1080p video, Netflix, Hulu Plus, media streaming from your PC, playback from hard drive/USB stick, remote control) and more. I have one and it's pretty nice, and I didn't have to spend the dough on a HTPC with a Win7 license nor did I have to deal with getting the exact right hardware and setting up Linux *precisely correctly* to get smooth HD video playback. Just sayin' there are easier ways to do it if the "it's a general purpose computer" aspect isn't the most important part :)
Hear, hear! If that happens, Nickelback will have spent all that time getting good at sucking for nothing!
Not to distract your thread of thought, but can we please not further the acceptance of that word in quotes? It's really awful.
This corn is patents! All who try to use it without Monsanto's permission shall taste of its litigious goodness!
Coming soon to a mobile phone near you! FacePalm will have its day! We promise! -- Palm, Inc.
Is there a pluggable scheduler system yet? Can we poke some value foo into a /proc/scheduler/bar and select one on the fly?
I haven't used Linux in ages because on my desktop, it just wasn't responsive at the right times.
Yes, most of us old-timers remember tiny bitmap fonts on various systems and GUIs. Some of us even made our own for various purposes.
This is a new thing because it's treating the RGB subpixels of an LCD as individual pixels, effectively tripling the horizontal resolution of the font. I don't remember seeing anyone on any system doing that. This allows characters to be more true to their intended forms. For example, the letter W can now be done in a much narrower space - 3 pixels wide to have a recognizable W is pretty good.
In Braille, there needs to be space between the dots in each character and again between the characters and lines, so you need to more than double that. Go check your local ATM, pay phone, or restroom door sign.
BTW... 6 points... while I see what you were saying, points are a typographical unit (approximately 1/72 of an inch) so you should probably say square pixels instead!
The colored Munchkins do have their advantages when you are the DM, I won't lie. I can just remember that the Green one has 45 HP and is 2nd in initiative order, etc. My issue is that my players are referring to them as "green here" and "blue there" instead of "the green lizardman" or "the blue skeleton" :( All of the imagination is lost.. I feel like we're playing a metagame and the only important thing is the numbers.
Brilliant! Pitch these to gamers!!
Games Workshop would pitch a fit? I don't really care. Games Workshop only produces so many of these things, and I have to rely on my local game store to stock them. They mostly have the ones nobody bought over the past few years, like the "generic townsfolk" and specific sir-hero-not-appearing-in-my-campaign type minis. I've had to pay upwards of $10 for each one except for rare occasions when I found a three-pack of goblin warriors or skeleton warriors for $15, and then noticed that they didn't restock them. I'm tired of spending money on things that are "oh well, close enough I guess" that some of my players recognize as the wrong ones. I've resorted to using two bags of Munchkin miniatures because I just can't get some stupid lizardman wizard/kobold archer/beholder gauth or something that's glaringly obvious that it's the wrong class. Oh look, a plastic Munchkin, that must be a minion! Kill it first!
So if I want some particular monster for my campaign, I'd like to make it - perhaps a few days before running the campaign, and I wonder how much it costs?
Obviously this requires me to be artistic and capable of making models on the computer. Maybe I can employ some of my friends who are looking for freelance work to make me some models, at which point I've spent more money (initially) but then I can justify it by printing a few models. Then I have spent roughly the same amount, made my friends able to pay their rent, and gotten exactly what I needed - and only have to pay for materials if I want more!
I wonder if doing that would fall afoul of any copyrights?