Slashdot Mirror


User: jimicus

jimicus's activity in the archive.

Stories
0
Comments
7,388
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,388

  1. Re:they need to protect their networks on Young Employees Pose Increasing Risk to Networks · · Score: 3, Insightful

    If a piece of software needs admin privileges for no obvious reason will have lost me (and all the PCs I control) as a customer, at least until they fix their act.

    If you come to an employer which has already invested many man-hours in training to use such software and many thousands on licensing it, then you will have no job.

    If your employer comes to you and says "Make this piece of software work, we need it for the business" and you refuse because it needs admin privileges, sooner or later (probably sooner) you will have no job.

    The role of IT is to make something work. If that means ugly hacks, firewalled subnets or other measures in order to mitigate the idiocy of some commercial piece of software, 9 times out of 10 that's less work than re-engineering the business around some other piece of software.

  2. Re:No there's plenty on Vista Service Pack One Almost Here · · Score: 1

    Unlike XP (or 2000 or NT), rarely has Vista been an 'out of the box' solution to a new install.

    Then you must have a short memory.

    There was a time circa 2001-2004 when broadband was becoming common but home firewalls/routers were not (and ISP's were recommending you keep it that way - back then many a tech support call terminated with "If you won't turn off your firewall I can't help you"). XP shipped with no form of firewall whatsoever.

    If you were lucky, your OEM thought to include one. If you were really lucky, it didn't self-destruct after the 30-day trial period.

    Even then, this wasn't that great. ZoneAlarm was to firewalls what UAC is to access control - pops up so many "Are you sure?" notices that sooner or later it was likely to get turned off.

    The average time to rooting of an XP box prior to the release of SP2 was about 15-20 minutes. The default configuration was so insecure that you didn't even need to surf the web for this to happen - just plugging in your cable modem was enough.

  3. Re:Somehow... on Vista Service Pack One Almost Here · · Score: 1

    Point I'm driving at is that the kernel is a fairly big thing to describe as "only".

    I think the crux of the problem is that there is an easy, built-in way to keep a known-good version of the kernel around to boot from in the event of everything going to pot. This doesn't hold true for a lot of other things, like X.

    File versioning such as you get in VMS could help - you'd just need a list of which files you need to revert back to their previous version to get back how you were and a framework to do this fairly early on in the boot process.

  4. Re:Most Spam Comes from just Six Bots, not Botnets on Most Spam Comes From Just Six Botnets · · Score: 4, Informative

    I've just spent the last week wrestling with Vista's implementation of UAC, and I agree with what you've been told.

    For better or for worse, I administer a bunch of desktops and my current build process consists of a number of automated installations (most software installations can have all the mindless "click next next next" automated away fairly easily). I am at an awkward point where I have enough machines to want to automate the process, but not enough that I can easily just buy 100 identical systems and ghost the lot. And before you ask, I don't run Active Directory so rollout through group policy is out of the question.

    It looks like this process will require substantial redesigning for Vista, as there doesn't seem to be an easy programnatic way to say "do everything below this point without bothering me through UAC". Neither is there an easy programmatic way to disable UAC altogether, even on a temporary basis. (Yes, I know about the registry setting from the command line. But that needs to run from an elevated command line which, guess what, you can't set up without interaction).

    The way UAC works is that normal users still can't do a bunch of things. This doesn't change; they probably won't ever see a UAC prompt. Administrators can do everything they're used to, but by default if they want to do anything administrative, UAC steps in and says "Cancel or allow?".

    I can understand from Microsoft's perspective that it's somewhat pointless to create such a system and then create an easy method to work around it, but I can't believe that in the whole corporation there aren't a few people with the brains between their two ears to realise that it's a very inelegant solution which adds hassle without really solving the problem.

  5. Re:1000 cores? on Wintel, Universities Team On Parallel Programming · · Score: 1

    Yes, but they're very expensive and they only put the most recently needed instructions/data close to the core.

    Granted, in 90% of day to day uses that's all you need. But the other 10% would probably love to see RAM running synchronously with the CPU.

  6. Re:Somehow... on Vista Service Pack One Almost Here · · Score: 1

    Another big difference is that kernel updates only update the kernel, not X, KDE/Gnome/whatever and all those programs which your system won't run without. These are updated separately which, again, means that there's less chance of breaking things.

    Only the kernel? No way of knowing if it's broken or not without a reboot and if it is broken then a reboot is probably the worst thing you can do.

    You're living in a dreamworld if you think any sort of update can ever be 100% guaranteed will never under any circumstances break anything. If that was the case, larger organisations wouldn't need change control procedures. This is the same regardless of OS - and more than one Linux distribution has released updates which have broken functionality.

    Though to be fair, it does rather seem that Microsoft have some low standards compared with, say, Debian.

  7. Re:Low Carb? No Really. on Harvard Scientists Aim To Stop Cancer In Its Tracks · · Score: 3, Interesting

    He points out that cancer is one of a set of diseases that used to be called "diseases of civilization" (along with heart disease, obesity and a bunch of others) because they were extremely rare in tribal people from around the world until they became westernized.

    Purely out of curiosity, how frequently were these non-westernised tribal people examined by doctors for cancer using conventional technology when they developed an illness? And how many accurate records of death (and particularly cause of death, determined via an autopsy rather than via a witch doctor) were kept?

  8. Re:Lets be fair to the Hubberdites on Scientology Injunction Denied Against "Anonymous" · · Score: 5, Insightful

    Photograph them. Follow them. Follow them home and photograph them entering and leaving their houses. Keep shouting "Murderer!" at them, if you can. Harass them. Make their lives hell.

    For every one person you can find to do this, the CoS can find five who have many more years experience of behaving like this and getting away with it. And the people who the CoS find won't stop at following you home and photographing you.

  9. Re:Fingerprint scanners suck. on Fingerprint-Protected USB Sticks Cracked · · Score: 1
    What algorithm would you suggest using to turn 100 different scans of the same thumb into the same key every time?

    My C is a little rusty, so I apologise for any syntax errors.

    char *fingerprint_hash(char *fingerprint_scan)
    {
    // Guarantee that any two scans of the same finger always result in the same hash.
    // The argument is a block of memory containing the scanned fingerprint image.
    // Returns a pointer to the hash, or NULL if the function fails.
      return (char *)calloc(sizeof(char), 1);
    }
  10. Re:It sounds so easy but on FAA Mandates Major Aircraft "Black Box" Upgrade · · Score: 1

    I'm not an aerospace engineer, but my understanding is you want many of the components black box to break on impact. The only part you don't want to break on impact is the storage media.

    The reason being that you've only got so much storage capacity, so it is used in a loop. Pretty useless if the black box is rescued a few days after a crash and all it contains is 15 minutes of silence recorded after the plane hit the ground.

  11. Re:But can I afford them yet? on Intel Confirms It Will Ship 160GB Flash Drives · · Score: 1

    I tell you where that really wants to be.

    It wants to be in hotplug caddy with an SAS interface to go into servers.

    Disk I/O - and particularly seek time - can be a real killer on server performance, particularly with the current trend for virtualisation. And sysadmins and managers expect to pay 3-5x the price per GB compared to desktop storage anyway.

  12. Re:It sounds so easy but on FAA Mandates Major Aircraft "Black Box" Upgrade · · Score: 1

    The parts may be cheaper, which reduces ongoing costs.

    But the initial cost of engineering a device which can withstand hitting the ground at a few hundred miles per hour, still be readable afterwards and getting it through all the testing to prove it can do this is most definitely non-trivial.

  13. Re:Realtime Streaming on FAA Mandates Major Aircraft "Black Box" Upgrade · · Score: 1

    Nice idea, but black boxes have one major advantage over other technology.

    They work.

    And I don't mean that in a flippant way, I mean "they are known to work, are based on technology which is designed to be extremely reliable at every level and are the result of many years of development to keep them this way" - the last two certainly don't apply to any form of wireless communication. A radical change in how they operate would lose a lot of this, and the various aircraft designers, manufacturers and aviation authorities around the world tend to be very nervous about any major departure from known-good design concepts.

  14. Re:Show up on time, dumbass. on MacBook Air Confuses Airport Security · · Score: 1

    No, but I'm not in the habit of showing up at the airport 20 minutes before my flight leaves.

  15. Re:Is a user lying? - Use the 2 Second Rule! on The Dirty Jobs of IT · · Score: 1

    What are you going to do about it if the user is lying? Very few helpdesk jobs allow you to say "Please stop bullshitting and do as I damn well asked".

  16. Re:Kind of makes me wonder what would happen if... on MacBook Air Confuses Airport Security · · Score: 1

    You missed the second part of the sentence: "... or the laptop was defective".

    You or I might find it odd to bother carting a broken laptop around the world. A salesman who knows that despite being broken, getting that laptop to his IT department is the only hope he has of recovering some sales lead wouldn't consider it remotely odd.

  17. Re:Not always true on MacBook Air Confuses Airport Security · · Score: 1

    That's not a particularly good way to determine whether or not someone is a terrorist, because it would be trivially easy for a terrorist group to arrange for someone to spend some time building up a pattern of behaviour before carrying out whetever they have in mind.

    Mind you, I think most of it is bull anyhow. I haven't forgotten how many senior politicians in the UK went on the news after 9/11 to say "The most important thing we can do is change nothing, because changing everything about our culture through fear is what the terrorists want".

  18. Re:Show up on time, dumbass. on MacBook Air Confuses Airport Security · · Score: 1

    And I got questioned about an electric toothbrush on a recent flight.

    Your point is?

  19. Re:"Security" on T-Ray Camera Sees Through Clothes, Preserves Privacy · · Score: 1

    If you think about it for a minute, there are hundreds of issues like that - though that's a pretty good example.

    It is unthinkable that this hasn't occurred to the people responsible for airport security. Therefore, whatever the reason for "enhanced" screening and banning liquids is, it's not security. Unfortunately, I suspect the true reason is either lost or only known to a very few, who have used the magic T-word to get everyone below them to repeat the liquids ban as a mantra without really thinking about it.

    My immediate guess would be that it's for the benefit of shops after security, the benefit of companies selling screening equipment or a bit of both.

    I've heard ideas about it being the thin end of a wedge to get people to accept more asinine things so that one day the government can say "Right, anyone with an IQ above 110, please jump off a cliff. You're too clever by half and we don't trust you." but I don't think the worlds' governments are that well organised or that forward-planning.

  20. Re:I don't get it on Microsoft Tries To Prevent Further Discovery · · Score: 1

    But were you truthful? Is there no benefit? Perhaps if you'd told them Vista moved the security model of Windows into the 20th century, they might have seen more value in an upgrade?

    The security model for Windows has been in the 20th century for some time, it's just that Vista is the first time it's been enforced on software vendors.

    If the OP's clients depend on any software which doesn't account for this and hasn't been updated to, Vista is actually a step back because it means that they're going to have to go out of their way to castrate the improved security in order to do any work.

  21. Re:I don't get it on Microsoft Tries To Prevent Further Discovery · · Score: 1

    I do not know how car ads work in the US, but in much of the EU your analogy would be flawed because the advert would say "From £14,000" and in small print would say "Model shown is the flubar CDX model with optional alloy wheels and CD player, which costs £17,000".

  22. Re:You've decided the case - the court hasn't on Microsoft Tries To Prevent Further Discovery · · Score: 1

    Seeing as the more recent versions claim that the sender retains a fair degree of control even after the email is sent, I'd say that if their email server and client lived up to their advertising then recovering relevant email evidence would actually be rather tricky.

  23. Re:As has been said: They don't have to give the c on Dealing With a GPL Violation? · · Score: 1

    Could someone add, say, 7.63 yottabytes of contributed code to a GPL product in order to prevent anyone else from really working with it? You know...making the new code basically unaccessible for 99.999999999934% of programmers?

    They could, but it's pretty unlikely because there are lots of other ways around it which are far easier.

    The most obvious way is to put a stub into the GPL code which uses some form of IPC to communicate with another, proprietary program which does the donkey work.

    Another trick I've heard of (which really does violate the spirit if not the letter of GPLv2) is to distribute source code of which contains a C preprocessor command #INCLUDE_REAL_CODE_HERE - and they hacked the compiler to put in the real code on seeing that preprocessor command. But they're not distributing a compiler so they don't need to give you the hacked compiler. IIRC GPLv3 accounts for that by saying that if some strange means of compilation is necessary to get the code to work, you have to distribute this as well.

  24. Re:As has been said: They don't have to give the c on Dealing With a GPL Violation? · · Score: 1

    The most convenient and inexpensive method for most companies would be just to add a line somewhere saying "contact us" and then they work out details for those 3 or 4 people who actually do.

    No they wouldn't.

    They'd put a line saying "contact us" and then when you call customer support, you'll spend hours going around in circles trying to explain to the agent what source code is, what the GPL is, what software licensing is, telling them that their player certainly DOES have source code somewhere and that you're not asking for proprietary bits that they've written, just the parts that are covered under the GPL.

    And then your telephone call will be cut off because you've wandered way off script and the customer service agent has their performance figures to think about.

  25. Re:Good news, but how good? on NIN's Music Experiment Sells Big Numbers · · Score: 1

    Consider: all of the people who paid $300 for his special edition release, probably listen to many other artists as well. Would they spend $300, or anything close to it, for special edition releases of albums from all the other artists they like? Probably not; most almost certainly couldn't afford to pay $300 x N artists x M albums; Trent was savvy enough to do it first, so he gets to enjoy what is likely an unsustainable pricing model.

    Probably not. By definition, the special edition is only really going to appeal to really big fans who probably aren't that passionate about more than a couple of bands.

    And yes, $300 is a lot of money. But NIN were offering a fair bit for it - the whole album on vinyl, CD, DVD and BluRay, cloth-bound books signed by Trent and a box that it all came in.