Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:This should be a lesson... on Hacker Destroys Avsim.com, Along With Its Backups · · Score: 0, Flamebait

    Oh, please. Most of the "crackers turned to security" are grotesquely incompetent and do not write useful tools, they are much like most CPAN publishing Perl programmers. They download more intelligent people's tools, at most change 3 lines, staple them crudely together, and pretend they've written something useful and special. And even the intelligent ones, like Mr. Kevin Mitnick, are not worth the air they breathe because of the destruction they cause with their better than average security skills. There are competent _hackers_ who do fascinating work. I love nmap, and the old 'crack' utility. But there's plenty of fascinating work they can do, and publish, without accidentally or deliberately causing this kind of destruction. I've dealt with older and newer cracker groups. (Does anyone remember the "Legion of Doom World Tour"" T-shirts, with all the sites they hacked?) And this kind of destruction is typical of idiots who think that if they walk around wearing camo pants, they army will want them.

  2. Re:Lies, damn lies. on Hacker Destroys Avsim.com, Along With Its Backups · · Score: 1

    Oh, please. SSH keys are fine, but very few people handle them correctly. Subversion, for example, stores your local passwords in clear-text, even to Subversion based servers, and far too many people find passphrase-free keys far too attractive, especially for scripting. If you are one of the many idiots who use such passphrase free keys, and use the same key for everything, I only have to steal your key once to get fairly untrammeled access to your systsems.

    The backup box should run SSH _clients_ with restricted SSH key access to the servers. Keep the private keys _off_ of the various client machines, and lock down the backup box itself, and strongly consider denying backup access to private keys for any online server.

  3. Re:This should be a lesson... on Hacker Destroys Avsim.com, Along With Its Backups · · Score: 4, Interesting

    Oh, he gets my sympathies. I've had cases where I was specifically told "that is a scratch server: do not back it up, no one is supposed to keep real data on it". And when it crashed, my employers were very fortunate indeed that I'd completely ignored this and quietly been backing it up with my reserve, emergency tape drive, partly to make sure it kept working, partly to test out new backup tools, and partly because I knew staff would ignore this and use the big lump of spare storage for convenient archival space. My employer was actually angry at me for doing so, but the QA department was very, very, very grateful indeed.

    The lesson is more subtle than some of us might realize, though. Never rely on a _single_ method of backup or data storage, because any factor that ruins that backup can ruin all copies of it. This is true for backup systems that use proprietary format, or a failed tape drive that's been screwing up backups for the last year (which I've seen happen with old mag-tape media). And I _love_ online backups: you can make the data accessible via NFS or CIFS or other file-sharing to people to recover the files they just accidentally deleted, without having to invest in a very, very expensive NetApp or similar file server. But oh, dear, I've also seen what happens when someone screws up the backup tools and deletes all the copies at the same time.

  4. Re:portable Chrome on The More Popular the Browser, the Slower It Is · · Score: 1

    Blocking googleanalytics.com, alone, is worth every penny I paid for NoScript.

  5. Re:Doesnt sound like much? on Illusion Cloak Makes One Object Look Like Another · · Score: 1

    Isn't it easier, and cheaper, to just have Dick Cheney "supervise" the people collecting data, and help them provide "enhanced" photos for the UN?

    Colin Powell's presentation of those smudgey, awful, inaccurate photos to the USA was also a great way for the Republicans to make sure they didn't have to deal with a black candidate from their own party: you could see his career nosediving along with the respect for the US every day as that mess progressed.

  6. Re:So many... on Texas Makes Zombie Fire Ants · · Score: 1

    Oh, dear. This cries out for an addition to the Steam game, 'Plants and Zombies', at http://www.popcap.com/games/pvz.

  7. Re:Just read through the PDF on 3,800 Vulnerabilities Detected In FAA's Web Apps · · Score: 2, Insightful

    No, it really doesn't secure it. Too many network based utilities require far too much privilege to operate, Internet Explorer is a sinkhole of security vulnerabilities, and autorun remains the default for CD's, USB's, and other detachable media. Proxies are like the Maginot Line of security: they provide a useful pretense at security, but only have to be pierced once to allow the invaders to overrun your internal network.

    It only takes one newly installed laptop, exposed to the Internet while pulling down its first service packs and security software, to service as the staging point for all sorts of attacks.

  8. Re:gpl comes with a license on Should Developers Be Liable For Their Code? · · Score: 1

    I'm happy to scale back, but you still seem to be missing the forest for the trees. The very idea that a person is being injured by being fired for being gay reflects a change in public policy, as does the idea that members of various groups such as parents, the disabled, blacks, Catholics, or women can sue for discrimination on that basis. More recent regulations and laws about pollution, about trespassing, and about property foreclosures are all matters of public policy embedded in civil law.

    The issues of 'public policy' involving civil lawsuits go even further. It's one reason why litigants so often settle out of court, and a plaintiff can be offered more money to settle out of court than they might get from a successful prosecution: to avoid setting a precedent, or providing evidence, that might affect another litigation.

  9. Re:Alienware are overpriced anyway on Alienware Refusing Customers As Thieves · · Score: 1

    Your experience is interesting. I've had to do a lot of cleanup from other people trying to upgrade their machines, especially desktops. (I've worked in small groups where people were responsible for their own hardware, but wound up coming to me to clean up the mess.)

    It sounds like you have pretty demanding specs for new machines. Good! People like you drive the market to get the components tested for people like me, who are cheaper and happy to be a year behind the curve and let you test out those newer, higher end components.

    And you _have_ reminded me of the RAM quality problems. Spending hours after installling the machine, properly burning in the RAM to make sure it's not failing, is very expensive time.

  10. Re:Alienware are overpriced anyway on Alienware Refusing Customers As Thieves · · Score: 1

    I'm an expert, who's been rebuilding custom hardware for decades (although less in the last decade, I finally have company staff who are well trained enough to do a good job). Let's go down your list.

    * The pre-provided heat sink paste is usually poor quality. You get better performance, and a much longer lasting heat sink, if you spend a bit of extra money for the silver heat paste and add it. (It's a noticeable the difference between bottom-of-the-line computers and server class hardware.) Also, many heat sinks are a _nightmare_ to install: the clips break, you have to be sure to get all the cabling out of the way and often cut the Ty-wraps and re-arrange the cabling to get the leverage to clip it down. There are well designed cases that minimize this, but they cost more.

    * Most cases ship with _awful_ screws. Cheap pieces of tin that strip if you blink at them. And similarly, the threaded holes in many cheap cases are badly aligned, access to the screws is badly handled and it's difficult to get a screwdriver in place to remove or thread them properly. A few extra tools, such as screwdrivers with clips on the end or magnetic screwdrivers or high-quality Snap-On tools with thin but strong shafts are invaluable for such work. The better quality screws, especially those bulky hand-tightenable external ones, make the work much easier.

    * Memory is now going to DDR-3, which now means 3 DIMM's at a time, and differing performance depending on how many slots you occupy. This is going to surprise a lot of people who think that 12 slots with 1 Gig modules are going to be the same as 3 slots with 4 Gig modules. And that kind of weirdness about memory layout and matching has been a shifting field for decades. So for a new, self-assembling person, walking through the debugging of POST messages is a nightmare begging to happen.

    * Cabling is trickier than you may realize. If you're assembling your machine from components, it _is_ tricky. Many home assemblers do a poor job of protecting their air flow. So do many professional assemblers and repair people, frankly. And until SATA and SAS became so common with their much thinner cables for disk drives, those wide IDE and SCSI cables in the way were a very, very nasty source of ventilation blocking. And few things are as much fun as finding that a cable is just a _tiny_ bit short, and somebody assembled it in a slightly different order or layout, and the power cable for the front panel that used to seat reliably now pulls free over the course of a week, and you have to open it up and recable. And those connectors are often easy to bend and damage: There's nothing like having to replace or resolder a mother board because some amateur bent and broke the power pins for the system controlled fans. (This is a reason that I like Dell machines: they do a good job of this without spending too much money.)

    Like cooking pancakes, which so many of us did for our wives and mothers on Mother's Day, there's some up-front training that's vital to doing a good job. It's the difference between Mom saying "how *nice* and having to spend the morning cleaning up the mess in the kitchen, and Mom getting to stay in bed without the fire alarm going off even once. If you've got some experience in the kitchen, or someone to teach you, enjoy the experience. But if you don't have experience, expect surprises.

  11. Re:Alienware are overpriced anyway on Alienware Refusing Customers As Thieves · · Score: 1

    There are. But if you build the boxes from components, or you rebuild from used components, those drivers are often out of date or interfere with other components. BIOS updates are pretty important for basic performance reasons, and if you get a Vista CD and want to install Windows XP, or get a Windows XP Home installation CD and have a license and want to install 64-bit Windows XP (which I did a few days ago on a Dell laptop), it's a painful amount of extra work.

    It's like knitting your own socks. If you enjoy it, fine, but it's usually a lot faster and cheaper to just buy them.

  12. Re:Fly on the wall.. on Cone of Silence 2.0 · · Score: 1

    And the data used to generate the white noise, recorded or broadcast via bluetooth or other technology, is an excellent source of wiretapping data.

    This idea is like curbing teenage violence by giving them all shotguns.

  13. Re:Seems reasonable on Warrantless GPS Tracking Is Legal, Says WI Court · · Score: 3, Insightful

    The distinction seems clear. Tailing you _on a public roadway_ is very different than tailing you onto private property, and simply installing a GPS and recording its motion makes no distinction between them. It therefore seems to be an improper search.

  14. Re:Better off not working for them... on In France, Fired For Writing To MP Against 3 Strikes · · Score: 1

    Oh, dear. Insisting on blind workforce loyalty and obedience does not mean 'unprofitable'. In fact, blatantly criminal does not automatically mean 'unprofitable and worth divesting from'. If it did, the history of American business, and Japanese business, would be far, far different.

  15. Re:Alienware are overpriced anyway on Alienware Refusing Customers As Thieves · · Score: 1

    No, I still do such things professionally. There are some hidden requirements: that first 50 hours of experience is really useful. And knowing how, and having the tools to find the drivers elsewhere and get them installed so you can even get the thing booted, connected to the Internet, and the patches downloaded before the thing gets rootkitted if you don't have a good firewall and run it in a DMZ, or having the major patches pre-downloaded on local media, is a nightmare.

    This is _especially_ the case for laptops, which often have some very strange chipsets for networks, modems, graphics, touchpads, and power control that are not part of the base operating system. And assembling a laptop, such as the original poster desired is... well, it's insane. Laptops are far, far, far worse than a normal PC tower at having individually extremely expensive, custom fitted components for their display, keyboards, and power supplies that are nightmarish to obtain except from a particular laptop vendor at a triple markup price.

  16. Re:gpl comes with a license on Should Developers Be Liable For Their Code? · · Score: 1

    So, there's a clear exception to your claims about lawsuits not being a matter of public policy, namely punitive damages, and your claim is therefore already wrong on its face. And you still insist that the very fact that there is _is_ a set of issues that can, and cannot, be sued over is not a matter of 'public policy'? Then what about the frequent laws about being unable to sue a government official? There are plenty of clear instances where a private citizen would be liable, but a government agency cannot be sued.

    And you simply do not seem to get the clear fact that many laws concerning lawsuits about copyright, trademark, patents, and discrimination are blatantly matters of public policy. They are guidelines, recorded as law or defined by legal precedent, that define the very nature and extent of related lawsuits. Even the recent Supreme Court case about the 13 year old girl who was strip-searched is establishing, as a matter of public policy, whether such searches are legal _and the school can be sued over it_.

    Lawsuits are not somehow separated from public policy, any more than browsers are somehow separate from the Internet itself.

  17. Re:Alienware are overpriced anyway on Alienware Refusing Customers As Thieves · · Score: 1

    Being a different department seems to make a difference. I've never encountered or heard of that kind of wackiness with Dell's mainline hardware.

  18. Re:Alienware are overpriced anyway on Alienware Refusing Customers As Thieves · · Score: 4, Insightful

    I'm a pro, and have built systems for.... well, longer than the lifespan of many newer Slashdot readers. Unless you like breaking equipment, wasting money, and climbing up a very steep learning curve, I recommend you buy a modest machine and spend your time instead on learning programming. The hard-won lessons of how to gracefully install or replace a heatsnk without getting silver heat sink paste into your memory slots, and to always buy a bag of those thumbscrews, what order the memory modules need to be installed, how to bundle your cabling and keep the airflow clear, how to get hard drives mounted given the knuckle-biting layout of screwing in some disk drives, etc., are a _complete_ waste of useful time for many people.

    Alienware is, admittedly, pretty silly. Buy a refurbished Dell machine at their outlet or on Ebay, and spend your money on upgrades when you need them.

  19. Re:gpl comes with a license on Should Developers Be Liable For Their Code? · · Score: 1

    You're the one who said, and I quote: "suits are brought to recover damages caused by the counter party -- not to shape public policy." This is in direct contradiction to history and the very concept of 'punitive damages', which are not merely for damages but to have a deterrent effect and discourage similar behavior. Other lawsuits affecting public policy include many of those over Guantanamo Bay detainees, and those concerning the 2000 and 2004 presidential elections.

    The very existence of the legal grounds for which lawsuits are allowed, and not allowed, is a matter of exactly the 'public policy' you claim is irrelevant to lawsuits. I see no basis for the idea in law or history or even experience. Copyright law, patent law, property law, sexual and racial discrimination law, etc., are all matters of public policy.

  20. Re:gpl comes with a license on Should Developers Be Liable For Their Code? · · Score: 1

    Oh, dear. Have you actually examined what lawsuits do? Copyright lawsuits, for example, are _designed_ to affect public behavior, by discouraging others from using that property without permission. So are trademark lawsuits. Then there are 'SLAPP' campaigns, 'Strategic Lawsuits Against Public Participation', harassing and often frivolous or even fraudulent lawsuits designed to prevent public participation in some fashion.

    Recovering damages are often the _least_ of the reasons for a lawsuit. Just look at the current set of RIAA lawsuits against music downloaders.

  21. Why do they want to buy you? on What To Do When a Megacorp Wants To Buy You? · · Score: 1

    This is an important question. If they think you bring new, important knowledge and skills to a market they have, great. Protect yourselves in what you sign, make sure they can't just bleed your intellectual property assets dry, fire you, and bar you from the field, find out who your managers will be and whether you can work well with them, but enjoy a stable income and the chances to actually test your product before selling it, and having an HR person to manage salaries and insurance for you.

    But way, way too many startups are robbed blind of their core product and their work then discarded to protect some other corporate asset with which it competes, or forged into a new direction that it should not go. We're seeing both right now with Oracle buying Sleepy Cat Software and the core development team for Berkeley DataBase (whose development over the last few years alternates between necrotic and cancerous, as people dealing with its new Java components can testify). The result is the continuing abandonment of Berkeley DB in favor of SQLite (which is plenty for light applications, and more robust) and MySQL (which works well at larger scales, supports replication far better, and is also more reliable).

    I do hope that Oracle is using the Berkeley DB knowledge for their own core product line. But now, with MySQL's core development team at Sun in the mix, they have even less incentive to burn resources on it. Be careful that if your role at the megacorp winds up outmoded by some other development, you've gotten enough money to continue your careers elsewhere.

  22. Re:Remember... on When Hacked PCs Self-Destruct · · Score: 1

    twm. She's blonde.

  23. Re:Remember... on When Hacked PCs Self-Destruct · · Score: 2, Funny

    Only if he's already installed Linux on his girlfriend.

  24. Re:buy it from North Korea or Iran on NASA Running Low On Fuel For Space Exploration · · Score: 1

    Fuel from North Korea, nuclear technologies from Pakistan: that's what outsourcing is all about.

  25. Re:Take-Two won't do the right thing. on Duke Nukem For Never · · Score: 1

    Maybe they could give it to the guys writing Sven Coop? That's a group actually doing some cool stuff for free and fun and contributions. I'd _love_ to see a Duke game translated to Steam.