True enough, but you really would be amazed how many people seem to be physically incapable of picking up the phone or putting together a quick IM/email and will instead sit around doing nothing terribly useful for hours on end.
(Oh, and BTW, there's no need to be personal. I'm usually the one complaining that I can communicate all I like but get nothing but a wall of silence back!)
It is damn difficult to put together a cohesive team when they seldom meet each other. My own employer's been trying that for years, and so far failed miserably. Oh sure, you can point to any number of F/OSS projects and say "but they work!" - but for every F/OSS project which has a team working really well together scattered across the world, there's probably a hundred which are either being carried by one or two people or are marred by infighting and arguments.
I don't know how it works in the US, but if the UK is anything to go by your view is probably wrong.
Commercial landlords - indeed, the entire commercial letting industry - is a law unto itself. My own employer moved offices when our previous landlord would not reduce the rent (even though the going rate was dropping as offices were becoming empty). They were told clearly, in simple terms: rent goes down or we go out. Rent did not go down. We left a couple of months after a number of other tenants in that building did. I wouldn't be surprised if that building is 70 or 80% empty today.
There's all sorts of other things you can get in commercial leases which anyone who didn't know the industry would think absurd. "Repairing leases" (where you have to carry out any repairs to the fabric of the building - all the responsibilities of ownership, none of the benefits!) aren't that uncommon, and if you happen to take on a building which requires a lot of repair work - tough. You can actually be forced to return the building to the landlord in a better state to how you took it on.
Another one I've heard of is where the landlord charges you £X/square foot then includes things like staircases and toilets in their calculation of how large the office is. (You don't normally include these things when you do this arithmetic - £X/square foot usually means £x/useful square foot, not including staircases, kitchen areas etc). Next thing you know you've accidentally signed yourself to a contract paying double the going rate, you can't get out of it and you can't sub-let it without losing money unless you can find someone equally stupid. For bonus points, the landlord has demanded that the director of the business acts as a personal guarantor - only way out of the contract then is to declare yourself bankrupt.
Faced with an industry full of sharks like that, anyone with any sense will do everything in their power to minimise their exposure.
Couldn't get much stronger short of a sex scene. Juliet is wailing about Romeo not being there on their wedding night (they married in secret, then Romeo scarpered after killing Juliet's cousin) and retires to bed, announcing "Death, not Romeo shall take my maidenhead!" [virginity]; meanwhile Nurse seeks out Romeo and tells him to go comfort his bride.
Romeo (after much melodrama - he reckons Juliet will be at least slightly peeved that he killed her cousin and Nurse has to persuade him that this isn't the case) leaves for Juliet. Next scene we see them together in Juliet's room the morning after, Nurse comes up to warn that Juliet's mum is on the way up. Romeo jumps out the window - Juliet may not be too bothered about Romeo having killed her cousin, but the rest of the family sure are.
It's probably safe to assume that seeing as Romeo spent the wedding night with Juliet (who was fully expecting to lose her virginity that night), they did have sex.
"The computer equivalent of keeping a list of cheap crack-addled whores who are known to have an STD and merrily having unprotected sex with any whose names aren't on the list."
Forcing people to buy health care is not a great idea if you take away choice as to what they can buy and make sure that all plans you can purchase are loaded with options many may not want.
This is where single-payer comes in - don't tell any republicans but most single payer systems do not outlaw private healthcare. They simply provide a government-run option.
The private healthcare is often of a higher standard - for instance, individual rooms in hospitals in the UK are quite unusual in the NHS unless you're in isolation for something really nasty. And you don't usually have waiting lists for private care.
The NHS won't let you die if they can help it, but at the same time there's no guarantee that you'll have a particularly comfortable time in hospital or that you'll get seen all that quickly.
Specifically, mostly around the Pakistan/Afghan border.
I'm no expert, but I'm given to understand that geographically speaking, this is not exactly a fortified border in the plains with views for miles around. It's mountainous, which means that if you're on the ground, the first time you realise a bunch of enemies are coming at you is when mortars start flying.
Your idea, while clever, isn't going to solve the problem. Javascript will just wind up being pulled in at the server side rather than through <script src="http://dooberidooberidoo....">
The problem is a combination of idiot ideas concerning computer security. Read something like "The Six Dumbest Ideas in Computer History" some time - it's eye-opening and it explains a lot. In the case of web browsing and Javascript, you've essentially integrated four of those ideas into basic computer use.
For those who haven't time to read the article, I'll summarise the idiot ideas that have made it into web browsing:
1. Default Permit. Why on Earth is it the default for most web browsers to run every single little thing they download? It's completely insane - seriously, I can't think of a better way to transmit malware than to sit somebody at a computer and give them a nice easy way to download and automatically run every silly thing they can find, even if the only thing they will run is supposedly sandboxed.
2. Enumerating Badness. We tell ourselves that it's OK to do this, as long as the end user (if they must run Windows at all) does so with half-decent AV installed. But AV works by keeping a list of "things that are bad" and blocking them all - you know how long that list is these days? You only need one thing to slip the net and your system's 0wned anyway. It's the computer equivalent of having sex with every disease-ridden cheap whore you can find working the streets and hoping to Christ the condom never breaks. The bad thing only needs to be lucky once, you need to be lucky every time.
3. Penetrate and Patch. Today the issue is at the server end. Four days ago, the issue was in Firefox (latest release was on the 9th December, it fixes a number of security holes). Next week it might be in Adobe Reader or Chrome. Exactly when did it start making good sense to play whack-a-mole with security holes? You don't see them building high-security prisons out of temporary Portakabins and then tacking extra things on in a blind panic every time inmates escape, so why are so many pieces of software that are likely to be exposed to malware designed in exactly this way?
4. Educating users. Telling people not to click blindly on every ad doesn't work, as anyone who's ever done serious amounts of user support can attest. You always have some people who will click on everything that appears on their PC, if education was going to fix that it would have stopped being a problem years ago. There's a damn good reason why larger companies frequently lock their PCs down so thoroughly they may as well be dumb terminals, and it's not because the IT department is run by a bunch of power-thirsty mini-hitlers. It's because it's the only way to stop the helpdesk being overrun with people ringing in to say "I clicked on this attachment and now I've got everyone complaining that I emailed them a virus. I didn't!".
"Que" is what the Spanish waiter Manuel said in the cult British sitcom Faulty Towers. ITYM "cue"
Oh, and pure Javascript/social engineering driven malware is starting to appear. Right now it's only annoying (it does silly things like spams all your friends on facebook) but it does exist and it runs on OS X just fine, TYVM.
Does seem a little odd. Google has malware filters for ads, the filters detected the malware but (and this is the big but) not before it had been served out for a while.
That sounds rather more like a human malware filter than a machine one.
Don't you start. This discussion has been done a million times before on/., particularly around the time of the Microsoft antitrust trials.
There is more than one definition of monopoly, and only one of those is "has 100% market share". The word can be - and frequently is - used to mean "has so much market share that the market is distorted".
Thinking about it, your explanation is probably rather more likely. If you live in a country where you stand a good chance of getting shot just walking down the street, you're probably a lot more concerned about walking down the street safely than you are about whether or not people on the other side of the planet stuff their face with bacon.
Still, the correct course of action is not to instigate forced public nudity at airports. It's to work with these countries to keep the peace. And if that means leaving them to work it out themselves, so be it.
This is precisely my point. We're told there's a "highly trained, highly resourceful terror organisation with effectively limitless funds that hates the West and wants to blow us up".
This "highly resourceful terror organisation with an unlimited budget that wants to blow us up" is carrying out almost all their attacks locally - they ship out maybe one (or one small group of) terrorists every year. Maybe every two years. 70% of the time the guys they ship out fail to blow anything up; the other 30% they do something that all of our security is useless against.
That is not the work of a highly trained, resourceful terror organisation. That is the work of a bunch of nutcases who occasionally get lucky.
Don't apologise, it's useful to hear. I was sort-of hoping someone who really knew what they were talking about would reply.
If I'm being perfectly honest, though, it doesn't sound much different to what I described - albeit rather more sophisticated. I've seen videos where there are two datacenters mirrored and they simulate destroying one, and the other picks up the load within one or two minutes pretty seamlessly, but I've never set up such a system before.
A company looking to cloud providers can save on the capital costs - they don't have to buy a physical bit of tin - and in theory (assuming their provider actually sprung for the whole kit & caboodle, which is a pretty big assumption, seeing as most won't reveal even the smallest detail of their infrastructure) they get something that is for all practical purposes immune to hardware failure. Something they couldn't possibly afford were they to price things up themselves, but the cloud provider can because the same bit of tin will be providing virtual servers to a number of other clients.
Assuming the company is not buying a full SaaS solution, AFAICT they've still got to set up an OS, still got to configure their applications, still got to ensure that their OS remains secure and still got to deal with the fall out if it transpires that even if the hardware's bulletproof by virtue of being virtualised, the software may not be. Hang on a minute - didn't there used to be companies that rented out mainframes in a similar fashion way back when, before such things became unnecessary because we all had perfectly adequate PCs on our desktops?
as someone who's allergic to buzzwords - WTF is the difference between "cloud computer services" and "a VMWare instance on a suitably redundant infrastructure with a reputable hosting firm"?
This makes some sense if you're a relatively small company which could neither afford nor justify that sort of infrastructure for themselves. But the government?
I'm deadly serious, if Al Qaeda et al were anything like the threat they're supposed to be, we'd be hearing of attempted bombings every month. With regular successes.
What we hear is of amazing cockups and attempts at blowing things up which are not only jaw-droppingly stupid, but the time it takes for anyone to spot them and say "Hang on a minute... since when did arabs ship printers to synagogues?" is also jaw-dropping.
"I've had a kidney transplant, OK? Here's the letter from a doctor confirming this."
We are told that the enemy has enormous resources at their disposal, with a budget so high it's effectively limitless.
We are told that there's no point in racial profiling because "they'll start recruiting Swedish blondes. Or they'll get plastic surgery and look like Swedish blondes. They've got the money, they've got the resources". What was the last thing we saw? Er.... explosives hidden in printers sent as freight. Specifically, printers shipped from an Arab country that's not exactly well known for being a centre for technology to an otherwise fairly anonymous synagogue. In the US. You couldn't have made the package much more suspicious if you'd included an old-fashioned clockwork alarm clock with a few wires sticking out the top.
I'm too young to remember this - and I'm not American - but am I alone in drawing parallels with McCarthyism and "reds under the bed"?
Obviously this doesn't apply to anyone with more than a bit of knowledge, but thinking of the people who are using this tool: spoofing your IP address won't do much good when you're sat behind the NAT'ing router your ISP sent you.
Maybe someone who works for an ISP can confirm this, but I wouldn't imagine it'd be that difficult for your ISP to spot traffic that's coming in on an interface it shouldn't be given its IP address and drop it. Hard at the core of the network, but pretty easy at the edge on other end of the link to the customer. In which case, all you'd be likely to do is piss off your ISP.
Using them covertly is an entirely different matter, though. Unless the OS recognizes the device, reads the device IDs, loads the appropriate driver, and mounts the volume r/w, your device is a paperweight. That is the obvious area that the military should be focusing on. In pretty much any modern OS, a system that logs all devices connected/disconnected from any bus, with timestamp and present user, if any, and refuses to mount MSC devices/unexpected volumes without authentication shouldn't be all that difficult. Even a defense contractor could probably get something going, given 3-5 years and $100 million...
Particularly considering about 5 seconds with Google will tell you precisely how to roll this out with Active Directory. It wouldn't be difficult to configure udev to studiously ignore USB flash devices (actually I'd just remove usb_storage.ko, that way it's much harder to misconfigure), and I don't doubt something similar is already well known for OS X.
So what the Hell was he doing in possession of that information in the first place? Kind of suggests he either had help or the military's systems aren't as secure as they'd like them to be.
Slashdot Mirror
True enough, but you really would be amazed how many people seem to be physically incapable of picking up the phone or putting together a quick IM/email and will instead sit around doing nothing terribly useful for hours on end.
(Oh, and BTW, there's no need to be personal. I'm usually the one complaining that I can communicate all I like but get nothing but a wall of silence back!)
You're not, I assure you.
It is damn difficult to put together a cohesive team when they seldom meet each other. My own employer's been trying that for years, and so far failed miserably. Oh sure, you can point to any number of F/OSS projects and say "but they work!" - but for every F/OSS project which has a team working really well together scattered across the world, there's probably a hundred which are either being carried by one or two people or are marred by infighting and arguments.
I don't know how it works in the US, but if the UK is anything to go by your view is probably wrong.
Commercial landlords - indeed, the entire commercial letting industry - is a law unto itself. My own employer moved offices when our previous landlord would not reduce the rent (even though the going rate was dropping as offices were becoming empty). They were told clearly, in simple terms: rent goes down or we go out. Rent did not go down. We left a couple of months after a number of other tenants in that building did. I wouldn't be surprised if that building is 70 or 80% empty today.
There's all sorts of other things you can get in commercial leases which anyone who didn't know the industry would think absurd. "Repairing leases" (where you have to carry out any repairs to the fabric of the building - all the responsibilities of ownership, none of the benefits!) aren't that uncommon, and if you happen to take on a building which requires a lot of repair work - tough. You can actually be forced to return the building to the landlord in a better state to how you took it on.
Another one I've heard of is where the landlord charges you £X/square foot then includes things like staircases and toilets in their calculation of how large the office is. (You don't normally include these things when you do this arithmetic - £X/square foot usually means £x/useful square foot, not including staircases, kitchen areas etc). Next thing you know you've accidentally signed yourself to a contract paying double the going rate, you can't get out of it and you can't sub-let it without losing money unless you can find someone equally stupid. For bonus points, the landlord has demanded that the director of the business acts as a personal guarantor - only way out of the contract then is to declare yourself bankrupt.
Faced with an industry full of sharks like that, anyone with any sense will do everything in their power to minimise their exposure.
Couldn't get much stronger short of a sex scene. Juliet is wailing about Romeo not being there on their wedding night (they married in secret, then Romeo scarpered after killing Juliet's cousin) and retires to bed, announcing "Death, not Romeo shall take my maidenhead!" [virginity]; meanwhile Nurse seeks out Romeo and tells him to go comfort his bride.
Romeo (after much melodrama - he reckons Juliet will be at least slightly peeved that he killed her cousin and Nurse has to persuade him that this isn't the case) leaves for Juliet. Next scene we see them together in Juliet's room the morning after, Nurse comes up to warn that Juliet's mum is on the way up. Romeo jumps out the window - Juliet may not be too bothered about Romeo having killed her cousin, but the rest of the family sure are.
It's probably safe to assume that seeing as Romeo spent the wedding night with Juliet (who was fully expecting to lose her virginity that night), they did have sex.
I'm sure someone else must use hunter2
Hmm. Nicely done, if a little wordy. Maybe:
"The computer equivalent of keeping a list of cheap crack-addled whores who are known to have an STD and merrily having unprotected sex with any whose names aren't on the list."
Forcing people to buy health care is not a great idea if you take away choice as to what they can buy and make sure that all plans you can purchase are loaded with options many may not want.
This is where single-payer comes in - don't tell any republicans but most single payer systems do not outlaw private healthcare. They simply provide a government-run option.
The private healthcare is often of a higher standard - for instance, individual rooms in hospitals in the UK are quite unusual in the NHS unless you're in isolation for something really nasty. And you don't usually have waiting lists for private care.
The NHS won't let you die if they can help it, but at the same time there's no guarantee that you'll have a particularly comfortable time in hospital or that you'll get seen all that quickly.
Pretty sure the prototype for whatIsItGoodFor is:
null whatIsItGoodFor(const char *war);
so that wouldn't work.
Don't need to. The parent wasn't kidding (NSFW)
Specifically, mostly around the Pakistan/Afghan border.
I'm no expert, but I'm given to understand that geographically speaking, this is not exactly a fortified border in the plains with views for miles around. It's mountainous, which means that if you're on the ground, the first time you realise a bunch of enemies are coming at you is when mortars start flying.
Your idea, while clever, isn't going to solve the problem. Javascript will just wind up being pulled in at the server side rather than through <script src="http://dooberidooberidoo....">
The problem is a combination of idiot ideas concerning computer security. Read something like "The Six Dumbest Ideas in Computer History" some time - it's eye-opening and it explains a lot. In the case of web browsing and Javascript, you've essentially integrated four of those ideas into basic computer use.
For those who haven't time to read the article, I'll summarise the idiot ideas that have made it into web browsing:
1. Default Permit. Why on Earth is it the default for most web browsers to run every single little thing they download? It's completely insane - seriously, I can't think of a better way to transmit malware than to sit somebody at a computer and give them a nice easy way to download and automatically run every silly thing they can find, even if the only thing they will run is supposedly sandboxed.
2. Enumerating Badness. We tell ourselves that it's OK to do this, as long as the end user (if they must run Windows at all) does so with half-decent AV installed. But AV works by keeping a list of "things that are bad" and blocking them all - you know how long that list is these days? You only need one thing to slip the net and your system's 0wned anyway. It's the computer equivalent of having sex with every disease-ridden cheap whore you can find working the streets and hoping to Christ the condom never breaks. The bad thing only needs to be lucky once, you need to be lucky every time.
3. Penetrate and Patch. Today the issue is at the server end. Four days ago, the issue was in Firefox (latest release was on the 9th December, it fixes a number of security holes). Next week it might be in Adobe Reader or Chrome. Exactly when did it start making good sense to play whack-a-mole with security holes? You don't see them building high-security prisons out of temporary Portakabins and then tacking extra things on in a blind panic every time inmates escape, so why are so many pieces of software that are likely to be exposed to malware designed in exactly this way?
4. Educating users. Telling people not to click blindly on every ad doesn't work, as anyone who's ever done serious amounts of user support can attest. You always have some people who will click on everything that appears on their PC, if education was going to fix that it would have stopped being a problem years ago. There's a damn good reason why larger companies frequently lock their PCs down so thoroughly they may as well be dumb terminals, and it's not because the IT department is run by a bunch of power-thirsty mini-hitlers. It's because it's the only way to stop the helpdesk being overrun with people ringing in to say "I clicked on this attachment and now I've got everyone complaining that I emailed them a virus. I didn't!".
"Que" is what the Spanish waiter Manuel said in the cult British sitcom Faulty Towers. ITYM "cue"
Oh, and pure Javascript/social engineering driven malware is starting to appear. Right now it's only annoying (it does silly things like spams all your friends on facebook) but it does exist and it runs on OS X just fine, TYVM.
Does seem a little odd. Google has malware filters for ads, the filters detected the malware but (and this is the big but) not before it had been served out for a while.
That sounds rather more like a human malware filter than a machine one.
Don't you start. This discussion has been done a million times before on /., particularly around the time of the Microsoft antitrust trials.
There is more than one definition of monopoly, and only one of those is "has 100% market share". The word can be - and frequently is - used to mean "has so much market share that the market is distorted".
Thinking about it, your explanation is probably rather more likely. If you live in a country where you stand a good chance of getting shot just walking down the street, you're probably a lot more concerned about walking down the street safely than you are about whether or not people on the other side of the planet stuff their face with bacon.
Still, the correct course of action is not to instigate forced public nudity at airports. It's to work with these countries to keep the peace. And if that means leaving them to work it out themselves, so be it.
I am.
This is precisely my point. We're told there's a "highly trained, highly resourceful terror organisation with effectively limitless funds that hates the West and wants to blow us up".
This "highly resourceful terror organisation with an unlimited budget that wants to blow us up" is carrying out almost all their attacks locally - they ship out maybe one (or one small group of) terrorists every year. Maybe every two years. 70% of the time the guys they ship out fail to blow anything up; the other 30% they do something that all of our security is useless against.
That is not the work of a highly trained, resourceful terror organisation. That is the work of a bunch of nutcases who occasionally get lucky.
Don't apologise, it's useful to hear. I was sort-of hoping someone who really knew what they were talking about would reply.
If I'm being perfectly honest, though, it doesn't sound much different to what I described - albeit rather more sophisticated. I've seen videos where there are two datacenters mirrored and they simulate destroying one, and the other picks up the load within one or two minutes pretty seamlessly, but I've never set up such a system before.
A company looking to cloud providers can save on the capital costs - they don't have to buy a physical bit of tin - and in theory (assuming their provider actually sprung for the whole kit & caboodle, which is a pretty big assumption, seeing as most won't reveal even the smallest detail of their infrastructure) they get something that is for all practical purposes immune to hardware failure. Something they couldn't possibly afford were they to price things up themselves, but the cloud provider can because the same bit of tin will be providing virtual servers to a number of other clients.
Assuming the company is not buying a full SaaS solution, AFAICT they've still got to set up an OS, still got to configure their applications, still got to ensure that their OS remains secure and still got to deal with the fall out if it transpires that even if the hardware's bulletproof by virtue of being virtualised, the software may not be. Hang on a minute - didn't there used to be companies that rented out mainframes in a similar fashion way back when, before such things became unnecessary because we all had perfectly adequate PCs on our desktops?
as someone who's allergic to buzzwords - WTF is the difference between "cloud computer services" and "a VMWare instance on a suitably redundant infrastructure with a reputable hosting firm"?
This makes some sense if you're a relatively small company which could neither afford nor justify that sort of infrastructure for themselves. But the government?
Really? Who?
I'm deadly serious, if Al Qaeda et al were anything like the threat they're supposed to be, we'd be hearing of attempted bombings every month. With regular successes.
What we hear is of amazing cockups and attempts at blowing things up which are not only jaw-droppingly stupid, but the time it takes for anyone to spot them and say "Hang on a minute... since when did arabs ship printers to synagogues?" is also jaw-dropping.
"I've had a kidney transplant, OK? Here's the letter from a doctor confirming this."
We are told that the enemy has enormous resources at their disposal, with a budget so high it's effectively limitless.
We are told that there's no point in racial profiling because "they'll start recruiting Swedish blondes. Or they'll get plastic surgery and look like Swedish blondes. They've got the money, they've got the resources". What was the last thing we saw? Er.... explosives hidden in printers sent as freight. Specifically, printers shipped from an Arab country that's not exactly well known for being a centre for technology to an otherwise fairly anonymous synagogue. In the US. You couldn't have made the package much more suspicious if you'd included an old-fashioned clockwork alarm clock with a few wires sticking out the top.
I'm too young to remember this - and I'm not American - but am I alone in drawing parallels with McCarthyism and "reds under the bed"?
Obviously this doesn't apply to anyone with more than a bit of knowledge, but thinking of the people who are using this tool: spoofing your IP address won't do much good when you're sat behind the NAT'ing router your ISP sent you.
Maybe someone who works for an ISP can confirm this, but I wouldn't imagine it'd be that difficult for your ISP to spot traffic that's coming in on an interface it shouldn't be given its IP address and drop it. Hard at the core of the network, but pretty easy at the edge on other end of the link to the customer. In which case, all you'd be likely to do is piss off your ISP.
Using them covertly is an entirely different matter, though. Unless the OS recognizes the device, reads the device IDs, loads the appropriate driver, and mounts the volume r/w, your device is a paperweight. That is the obvious area that the military should be focusing on. In pretty much any modern OS, a system that logs all devices connected/disconnected from any bus, with timestamp and present user, if any, and refuses to mount MSC devices/unexpected volumes without authentication shouldn't be all that difficult. Even a defense contractor could probably get something going, given 3-5 years and $100 million...
Particularly considering about 5 seconds with Google will tell you precisely how to roll this out with Active Directory. It wouldn't be difficult to configure udev to studiously ignore USB flash devices (actually I'd just remove usb_storage.ko, that way it's much harder to misconfigure), and I don't doubt something similar is already well known for OS X.
So what the Hell was he doing in possession of that information in the first place? Kind of suggests he either had help or the military's systems aren't as secure as they'd like them to be.
I know it's UK prices, but you are getting seriously ripped off.
Macs have DisplayPort connectors, and have done for some time.
Though I wouldn't be too surprised to see this continue for some time - hell, you can still buy a PC with PS/2 connectors, FFS.