Slashdot Mirror


User: jimicus

jimicus's activity in the archive.

Stories
0
Comments
7,388
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,388

  1. Re:Yeah yeah. But what does it /mean/? on Red Hat Linux Gets Top Govt. Security Rating · · Score: 1

    I prefer the "bucket of concrete" description. It's rather more final than "disable network and floppy drive", and has the advantage that it's substantially easier to understand by people who are just blindly demanding such certifications.

    Anyone demands a secure system, I would be inclined to point out "I can give you a 100% guaranteed secure system. But I will have to bury it in reinforced concrete."

    On a side note, has anyone attempted to get a system buried in concrete certified as secure?

  2. Re:A little meaning, perhaps on Blockbuster Chooses Blu-ray · · Score: 1

    There's a few huge differences there:

    1. Audio CDs still play in DVD players.
    2. Audio CDs generally ship in radically different packaging.
    3. When DVDs first came out, there wasn't at the time a competing format in the same form factor. (I'm discounting Video CDs because they were never sufficiently widespread as to be described as a "competing format").
    4. Audio CDs predated DVDs by many years. Nobody reasonably expected "the latest technology - the DVD" to play in a CD player from 1992.

  3. Re:A little meaning, perhaps on Blockbuster Chooses Blu-ray · · Score: 1

    More importantly, even if you tell your aunt Becky 4 times (twice in writing no less,) you'll still get the wrong damned format come the great unwrapping time. Never mind the fact it's not even the film you asked for.

    Exactly. Right now, it only makes sense for enthusiasts with money to burn to give either format a go - much like LaserDisc was - and don't even mention to the rest of the family that you've got a new type of DVD player for fear of being given the wrong type of disc. Whether or not either will be substantially more successful than LaserDisc remains to be seen.

  4. A little meaning, perhaps on Blockbuster Chooses Blu-ray · · Score: 5, Insightful

    More interesting will be to see what the retail giants do.

    If Wal-Mart decides not to stock HD-DVD (or, for that matter, Blu-Ray) titles, then that's more interesting.

    Myself, I think the idea of two formats which (unlike VHS/Betamax) are, at first glance, practically identical and come in very similar cases yet require different players is absurd. Unless and until either one wins or dual-format players become commonplace, there's going to be some very pissed off people when they get their shiny new film home only to find that it won't play.

  5. Yeah yeah. But what does it /mean/? on Red Hat Linux Gets Top Govt. Security Rating · · Score: 3, Interesting

    Any idiot can build a Linux system which runs absolutely no services whatsoever and SELinux to delegate authority appropriately with modern RedHat versions.

    What's more interesting is does the resulting system do anything useful? Web server? Mail server? DNS? File server?

    Do you lose certification as soon as any extra services are running? In which case, it's fairly meaningless because the certification only applies if the system is broadly useless.

  6. Re:Uh Oh... on Michael Moore's New Film Leaked To BitTorrent · · Score: 1

    IME, that's a fairly accurate description of most of Michael Moore's work.

    While he may or may not be 100% accurate all the time, the general thrust of what he's saying comes across very clearly. Interestingly, most of his detractors seem concerned with nitpicking tiny aspects of what he says, claiming that because some inconsequential throwaway sentence was factually incorrect, therefore his entire argument is nonsensical.

  7. Re:This is bad for linux on Ubuntu Linux Validates As Genuine Windows · · Score: 1

    I'd rather see bulletproof license control for commercial software.

    So would I, but for quite different reasons.

    I'm an IT manager and, whether I like it or not, it simply isn't practical for my employer to migrate everyone to 100% F/OSS desktops. I'm not getting into the "Yes it is!" "No it isn't!" argument so please don't reply if that's what you plan to say. Servers are mostly Linux and licensing-wise, I don't have to care that much about them. But for desktop machines, I have to put an inordinate amount of work into ensuring that all the licensing is accurate and up to date.

    There isn't, AFAICT, a complete, easy, one-click solution to managing licensing even for an individual product, let alone a generic PC with whatever may be installed on it. Plenty of companies advertise management systems which are supposed to alleviate this problem but I've found them all to be fantastically expensive, have even more complicated licenses than the licenses they're meant to be managing and remarkably reticent at offering a trial of any description.

    Sure, there are auditing tools but I'd far rather not have to audit because I'd rather know it's impossible for us to be running anything illegal in the first place. Even if I accept that this isn't really practical, auditing tools vary hugely in their effectiveness. Basic tools often do no more than check the "Add/remove programs" list in the registry - no damn good at all when there's plenty of software that can and is installed by simply extracting a .zip file to the directory of your choice. More sophisticated tools scan for .exe's and try and figure out what each one does, but that's a crapshoot because you never quite know if the next update you do of Office, Adobe CS or (insert package here) will replace the .exe with a different one which has a different checksum.

    The upshot is that I am absolutely convinced that it is not physically possible to place hand on heart and guarantee with no fear of being proved wrong that everything is legit in a business which uses even some proprietary software.

    At the end of the day, a simple tool which I could install in the base image to make it dead easy to ensure 100% compliance with every license for every commercial product I ever use, now or in the future would be fantastic. It probably can't exist on a general purpose PC unless it's locked down so tightly it's no longer general purpose.

  8. Re:Nothing to see here on RIAA Web Site Moved To Linux · · Score: 1

    The irony is there's plenty of hosting providers who advertise offering Windows as a hosting platform because it's "so easy to use" but don't actually make any aspect of the Windows desktop available, instead doing everything through a web-based interface which could be running on practically anything.

  9. Re:Given the competition... on Can Apple Find a European iPhone Partner? · · Score: 1

    When you're within your contract, they have you and they know it. Once you're off-contract, they get a hell of a lot nicer.

    Ah yes, that bit's the same. Frankly, it would make life a lot easier if they were open and honest enough to start each call with saying "OK, sir, I see you're still on contract. We don't care to look after you because you're paying us every month and there's nothing you can do about it, so go fuck yourself."

    Not exactly. The closest thing we have is called an MVNO - mobile virtual network operator. They contract with one of the major providers (Sprint Nextel, T-Mobile, AT&T/Cingular, or Verizon) to provide the network, but handle billing and other customer issues directly. MVNOs typically offer themed or otherwise differentiated service (prepaid service, low-cost no-roaming service, etc.).

    Sounds almost identical, except generally "service providers" in the UK have zero leeway - they can only offer the tariffs that the network offers. Every once in a while a service provider will cut a deal with a network to offer some exclusive tariff, but it's very rare.

    Generally they try and differentiate themselves by offering a better range of phones, flashier adverts or gimmicks like cashback.

  10. Re:Now all we need to do on Smart Car Coming To the US In Jan. 2008 · · Score: 1

    Plenty of people in the real world don't quite understand this.

    I had to explain the concept to a neighbour a couple of years ago who was shocked to hear of someone's car suffering a great deal of expensive crumpling from a relatively small accident - even in simple terms like "it's a choice between that and the occupant crumpling, which do you prefer?", this person simply could not grasp that there is a reason that many cars in the UK are not built like tanks any more. She was more upset about the idea that repairing the newer car would be that much more expensive.

  11. Re:Given the competition... on Can Apple Find a European iPhone Partner? · · Score: 2, Insightful

    I think that's as much a function of Nokia's engineering approach ("put the fancy new experimental features in the expensive phones few people buy, then iron them out for the cheaper phones which sell by the million") than anything else, and is not really how Apple tend to work.

    The experience you discuss in sorting it out is just typical of UK customer service within the mobile phone industry. Just like their fixed-line counterparts, mobile phone networks are run by a bunch of arrogant tossers whose attitude is "We don't care. We don't have to. Everyone else is just as bloody awful so there's precious little point in you going elsewhere."

    And the whole idea of the "service provider" - does that exist in the US? - whereby you have an operator who runs the network but they don't actually deal with the customer directly - the customer has to go through a service provider. Absolutely nuts. The only reason I can think of for it existing as a concept is to make the industry more complicated.

  12. Re:Answer: yes on Can Apple Find a European iPhone Partner? · · Score: 1

    I call bullshit.

    Here's why:

    When a mobile phone registers with the HLR on a GSM network, it sends a bunch of information. Most notably, however, it sends:

    1. The IMEI. This is a serial number unique to the phone. To the best of my knowledge, there is no easy way of working out the specific model from it. Even if there was, it's quite possible to reprogram this on some older phones.

    This can be blocked if a phone is reported stolen. Most European countries have agreements between all the operators within that country to honour a common blacklist of stolen phones, and there is talk of making such a blacklist worldwide. If you bought a phone off ebay and it didn't work on any network, this is likely what's happened.

    2. The IMSI. This is the serial number held on the SIM card and the mobile network uses this to register the SIM card to a particular customers' account.

    Not sure if the MSISDN is sent or even known by the SIM card. I'm pretty certain it can be set by the carrier as I recently had a SIM swap and they didn't have to touch the SIM card itself - just register its IMSI to my account and de-register the old one.

    You will notice that nowhere in there has the phone had to say "Hi, I'm a Nokia 6310" or "Hi, I'm an Apple iPhone".

    That's because it doesn't. The entire GSM standard (and it's abso-fscking-lutely huge) doesn't actually care much about the phone itself. It only cares about how the phone talks to the network and various aspects of how things are handled within the network itself.

  13. Re:Genuine question on Microsoft's IIS is Twice as Likely to Host Malware? · · Score: 1

    It's not as simple as that.

    Unlike much of Windows, Linux systems are extremely modular. Apache has literally dozens if not hundreds of modules which can be enabled or disabled more or less at the will of the sysadmin.

    A security hole in a specific module which is part of the core Apache distribution will be described as a hole in Apache - but that's a bit disengenous because it only affects systems which have that module loaded. If it's distributed in a separate package to the main program by the Linux distribution, the vulnerable package may not even be installed. And any Unix sysadmin worth his salt only enables exactly what he needs - nothing more. The less there is running, the less there is to go wrong.

  14. Re:Is the tide turning? on Navy Now Mandated To Consider FOSS As an Option · · Score: 1

    That being the case, the PHBs you describe are not PH.

    I've worked with both the pointy and the non-pointy variety. The non-pointy are far easier to work with - and believe me, there's plenty of them out there.

  15. Re:How good are the others at playing catch up? on How Big Will the iPhone Become? · · Score: 1

    Apple have (arguably) raised the bar on screen quality, usability, features and memory size

    Really? So, how long have you had an iPhone?

  16. Re:KISS it on RAID Vs. JBOD Vs. Standard HDDs · · Score: 1

    The thing you missed was that the array spent most of its time trying to recreate the redundancy which had been lost by pulling the mirror.

    In other words, yes it was a RAID but 90% of its working life it wasn't redundant.

  17. Re:ya.. on New York Jumps Into Open Formats Fray · · Score: 1

    I'm not bothered by the politicians not being tech-savvy. What I am bothered by is the implication of the sentence:

    Betzold and other politicians quickly felt overwhelmed by the technical jargon presented by each side. "I wouldn't know an open document format if it bit me on the butt,"

    To me, that says "Nobody's bothered to explain this to me in clear English".

    Yet most of the things we might want politicians to get involved with can be easily explained in clear English. "Open document format - the method the computer uses to store the document is not encumbered by patents, is published and is freely available for anyone to use. Therefore any company can compete to provide your department's computer systems on an even footing, rather than being forced to go down a particular route."

    The only way I can make sense of the above sentence is if someone has intentionally tried to blind the politician with science, with a view to sneaking their own wording in while the politician is still sat at his desk trying to remember his own name.

  18. I disagree: rights management can be made to work. on Jeremy Allison On Why DRM Will Never Work · · Score: 4, Insightful

    Rights management can be made to work better than it does now. Not perfect, you understand. Just "improved". But only subject to a number of caveats. Let's assume I'm talking about a high-def film:

    1. The medium on which the data is shipped to the customer must not be readable on any standardised hardware which is sold with an interface to plug into a PC. (See also: Sega Dreamcast GD-ROM).
        - This immediately eliminates the percentage of the hacker world whose expertise doesn't stretch as far as "taking a hardware player to pieces and following paths".
        - It implies that the design of the player is encumbered with so many patents that even if you did build such a drive, you'd have a hard time selling it in much of the world.

    2. The device which plays the data has no output except for a built-in screen. Rationale: You can't trust anything you plug into the device. (See also: Portable travel DVD players).
        - This prevents anyone from exploiting possible issues in any security which may be attached to output data.
        - For best results, and to minimise the impact of the analogue hole, the screen should be sized such that lining up a camera is very difficult and even if you did it would be impossible to get very good results.

    There's only one minor issue. I've just invented the Sony PSP, which we all know has been a runaway success as a media player and movie releases tend to hit the PSP first. </sarcasm>

  19. Re:Is the tide turning? on Navy Now Mandated To Consider FOSS As an Option · · Score: 1

    Yes, I know.

    But the OP's point was "I'm posting this in a random mailing list" is generally not an acceptable answer to the PHBs of this world who want someone they can point at and shout "fix it", and (while I have no direct experience) I would imagine the military is chock-full of such PHBs.

  20. Re:Nice pitch, but... on After Ubuntu, Windows Looks Increasingly Bad · · Score: 1

    For every example, there's a counter example.

    In my case the laptop was 3 weeks old, the hard disk had died.

    The good news was they shipped out install CDs free.

    The bad news was the install CDs consisted of 7 discs - 1 with Windows and a handful of genuinely useful utiltiies, and 6 with craplets. And the installation had been so thoroughly customised that there was no way you could stop after just installing Windows.

  21. Re:Is the tide turning? on Navy Now Mandated To Consider FOSS As an Option · · Score: 2, Funny

    I dont think the navy will settle for:
    "Man, this thing doesnt work"
    "Uhhh, post a question on the fourm, and hope you hear back"


    That is exactly why companies like IBM and RedHat exist.

  22. I've got a better solution on Safemedia's CEO Tells Congress He Can Stop P2P · · Score: 1

    And this doesn't require expensive snake oil - just your existing firewall.

    Block everything in both directions.

    Then, allow what you need from where you need it. Example: Your web proxy can be granted access to port 80 going out, your mail relay can be granted access to port 25 etc etc.

    This has the added bonus that you probably won't have to go around frantically patching holes when the Next Big Scary Thing comes about.

    Granted, it means you'll have to understand what the hell you're doing, but any half-competent admin looking to solve a problem shouldn't be put off by that.

  23. Re:I would like to see them come after me on RIAA Accused of Extortion & Conspiracy · · Score: 1

    You're kidding.

    Yep. I'm not even an American, and the amount I know about the DMCA could be written on the back of a postage stamp.

    I don't know which is worse, actually. That I wasn't modded into oblivion, or that the current political state in the US is such that I was so easily believed.

  24. Re:I would like to see them come after me on RIAA Accused of Extortion & Conspiracy · · Score: 1

    It wouldn't work.

    Paragragh 27, clause 3 specifically states:

    "This law may only be invoked by companies registered in the United States of America with a gross turnover in excess of $10,000,000 per annum".

  25. This has been known for years on Inkjet Photo Print Longevity Lacking · · Score: 1

    I read about this in a magazine in about 1999, and I tested it by taking a sample print, stapling a sheet of black paper to one half of it then leaving it in a window for a few months.

    Three months later, the red component of the uncovered part had faded to almost nothing. I know red isn't used in inkjets, but nevertheless that was what it looked like.

    It's not so bad these days - I have many inkjet prints at home which are behind glass in the form of a photo frame, and I've had them for a few years now. I've even got test prints which I ran off comparing OEM to cheap third-party inks and papers, and it's still practically impossible to tell any of the prints apart. But I do wonder if the prints will look as good in 5 or 10 years.