Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:Not reasonable on 88% of IT Admins Would Steal Passwords If Laid Off · · Score: 1

    That's fascinatingly awful. They should have had a lot of questions, like getting a written request, to do something like that. I've been asked to mirror a user's email to a company president, and made sure to get it in writing. Fortunately or unfortunately, in setting things up, I wound up having to glance at the comany president's email account, with his permission, to verify that it worked correctly, and noticed some other very suspicious traffic of the company president. It's why I made absolutely sure the off-site backups included his privately stored email, which it was supposed to do anyway, and that the backups were protected from casual flushing or re-configuraton.

    I never had to use that directly, but it helped provide me with confidence when I raised concerns to my manager about the legality of some of the president's activities related to it, where he was planning to violate a customer contract without our knowledge. We made sure the violation did not occur, at some cost to our own resources, but I felt it was worth it.

  2. Re:Don't work in shitty places .... on 88% of IT Admins Would Steal Passwords If Laid Off · · Score: 1

    Well, yes, clued up people can use thought and available tools and little money to address these. But the clued up people need time and permission to act, especially in a larger organization where there's a real tension between 'let me just do what I want or need' and 'obey the central office policies'. We can't always negotiate that ourselves: it's easy to overwhelm the core infrastructure staff with requests for special exceptions and resources, and even easier to step on their toes by pointing out when they've been complete idiots about security. So sometimes you're stuck with addressing these issues step-by-step, or accepting them as a cost of doing business and work with the tools that are available or supportable.

  3. Re:Try to be objective, everybody. on Hans Reiser Gets Sentence of 15-To-Life · · Score: 2, Interesting

    ReiserFS only worked well on filesystems where data reliability was less important than fast access and throughput, such as NNTP servers or web proxies, systems where data is automatically rebuilt if files are lost. For anything that relied on critical backup and data reliability, such as IMAP servers, home directories, or databases, it was a deadly danger likely to corrupt your backups and your databases if anything triggered a problem. I've seen nothing in the last few years to make me think those dangers were ever properly addressed: the necessary sanity checking would have made unacceptably slow the very journaling and high-performance indexing which were critical features.

    If you think he can fix that, maybe he should order another mail-order Russian wife, too. So he can do it right this time, or at least show that he's learned how to hide his traces and pretend innocence better, as ReiserFS did with its history of zeroing files and otherwise mangling filesystems when stressed in ordinary, predictable ways.

  4. Re:Try to be objective, everybody. on Hans Reiser Gets Sentence of 15-To-Life · · Score: 5, Interesting

    Hans Reiser's carelessness with his wife's murder is typical of his carelessness with his file system design: he came up with complex arrangement to reduce his perceived risk, and focused on it to the point where all else was ignored and became destructive. Then he tried to deny that it was his fault, with contrived and obviously false claims of innocence based on how clever he was rather than the actual timelines and evidence.

    Given the poor history of ReiserFS and its tendency to zero files, to lie about the availablility of files in failing hardware, or to destroy itself if you actually run the repair tools on it, why would you want him to continue to work on it?

  5. Just because it stinks, doesn't mean it will stop on Chronicling the Failures of DRM · · Score: 2, Insightful

    If a bad market and poor long-term profits ruled, then spammers would be out of business, too. As it is, far too many companies and business models rely on it. Hampered or not, failures or not, the practice will continue much like the use of social security numbers as a citizen ID number continues: because people have learned to expect it.

  6. Re:Post here if you're a minority as well on 88% of IT Admins Would Steal Passwords If Laid Off · · Score: 1

    Maybe he could become a professor at MIT, like Robert T. Morris? Of course, his father was the head of the NSA at the time Robert released the "Morris Worm". That's always helpful on a resume. (http://en.wikipedia.org/wiki/Robert_Tappan_Morris,_Jr. for reference.)

  7. Re:Not reasonable on 88% of IT Admins Would Steal Passwords If Laid Off · · Score: 2, Insightful

    In real life, including 'banking', there are often holes that are left because of business requirements and policy. These holes include not patching core servers to avoid instability, retaining legacy systems that are no longer supported but for which there is no budget to replace them, or using internal applications that are unencrypted but for which source code no longer exists or for which encrypting them would overload the server.

    I've seen all of these. I don't publish where they occur.

  8. Re:Calm down, 250 Gig is a lot on Comcast To Cap Data Transfers At 250 GB In October · · Score: 1

    Now, that is the claim of software pirates all over the world. "I'm not making money, so it's not stealing if I provide Microsoft Office/Halo 3/The Dark Knight to all my friends." The stance is, legally at least, only useful for reducing the penalties of abuse. It's not a defense.

    And don't assume that all businesses make profits. Many, including the FSF, are non-profit.

  9. Re:Calm down, 250 Gig is a lot on Comcast To Cap Data Transfers At 250 GB In October · · Score: 1

    Name two home users who legitimately use more than 250 Gig/month, without engaging in wholesale piracy. A household of 3 downloaders, each of whom has a video download contract? Maybe. But a household of one normal family, not engaging in piracy? It seems unlikely. Can you think of any examples of any acquaintance who, legitimately, downloads more than 250 Gig/month on a private connection?

    Using it for a home office is a business contract with its higher monthly fees for greater bandwidth and service, not a private contract. That's what they are for.

  10. Re:Damage or clean up bill ? on BBC Profiles Extradited Cracker Gary McKinnon · · Score: 1

    It's too bad you weren't the judge for the Robert T. Morris case. Of course, he had a 'get out of jail free' card of his father being the head of the NSA. Check out http://en.wikipedia.org/wiki/Robert_Tappan_Morris,_Jr. for more details.

  11. Calm down, 250 Gig is a lot on Comcast To Cap Data Transfers At 250 GB In October · · Score: 2, Interesting

    Let's check the numbers. 250 Gig/month means about 8 Gig/day. Divide that by a generous 86,400 seconds in a day, or round up to 100,000 seconds, and that's a constant download speed of roughly 80 Kbytes/second, every second of every day. That is quite a lot for a residential service, and it requires quite a lot of upstream infrastructure to support. It's unlikely to work well with normal web proxies, because the most likely use is Bittorrent.

    So it's completely economically reasonable to want to set a generous cap, and go after the worst residential home users and say to them "this is excessive". I'm certain their contract permits this kind of cap in the small print. Like someone at a smorgasboard who wants to bring home a shopping bag of leftovers, going over that for a residential contract is pretty ridiculous, unless you're running a big download site from your home. And if you're doing that, you should pay commercial rates.

  12. Re:It's about time on The Power Grid Can't Handle Wind Farms · · Score: 1

    Power plants and power transfer are almost automatically interstate commerce, and international commerce where we connect to Canada and Mexico: simply getting the electrical and mechanical standards right is something that would be insane to do on a state-by-state basis.

  13. Re:Clarifying for Americans on Changing Customers Password Without Consent · · Score: 2, Funny

    Don't get your knickers in a twist.

  14. Re:QA on Corporate Gaming Is Good For Business · · Score: 1

    Maybe the "game" actually worked?

    There's a lot more to making such games work than just saying "let's have a game!". Keeping a human relationship with your employees where they feel comfortable playing, and where the results of such a bug-reporting game can actually be reported and used effectively, is very real work for a good manager.

  15. Re:Solid proof!!!! on Computer Virus Aboard the ISS · · Score: 1

    There are plenty. Radiation hardened hardware is expensive, and usually seriously underpowered. Tools like Norton and Symantec anti-virus insert themselves into the kernel, interfere with other software, burn system RAM and CPU time and cooling, often slow boot times, and can block other proprietary software applicatons (such as whatever the ISS uses for its equipment) in ways that are painful to diagnose. When those computers control critical functions, you _do_not_ run extra software on them.

  16. Re:SSL on The Internet's Biggest Security Hole Revealed · · Score: 1

    Verisign is the largest single signature authority, and the signator of the master keys handled by many other smaller certificate authorities. For a certificate that installs silently and without complaint by the browser, they're the best ones to fake or steal a ticket for, and from various reports, one of the most consistently misled.

  17. Re:Hmm... on "Shimmer Vision" Scopes See Better Using Heat · · Score: 1

    Welcome to Afghanistan. The Afghans did a great job, for years, of keeping the Russians from settling in. They learned it from the British and every other colonizing force for the last few hundred years: now they're doing it to the Americans.

  18. Re:SSL on The Internet's Biggest Security Hole Revealed · · Score: 4, Informative

    And you actually trust Verisign to be a primary signature authority for SSL? Why? They've cooperated in all sorts of stupidity, such as their temporary insistence on returning their own squatting domain as a valid entry for every non-existent domain in *.com, which was particularly nasty because they own the .com master servers. Do you really think that Verisign is that secure, and wouldn't cooperate in faking keys if a national security agency asked them to?

  19. Re:Robert'); DROP DATABASE; on Terror Watchlist "Crippled By Technical Flaws" · · Score: 1

    Some people never, ever, ever, delete their email, either.

  20. Re: They Are Unhappy For a Very Good Reason on Are IT Security Professionals Less Happy? · · Score: 1

    And walking upright is not what mammals were "designed for", either. And if you think hunters don't concentrate, I suspect you've never had to catch your next meal instead of getting it at your parent's table, or a dining hall.

    Being damaged does not create "idiot savants". Being damaged makes their remaining abilities surprising and worth reporting, just as painting with a brush in their teeth is amazing for an amputee.

  21. Re:invasion of privacy? on Siemens Develops Multi-Purpose Surveillance System · · Score: 4, Interesting

    You do realize that, for email traffic, this is exactly what the 'Carnivore' program was in the USA?

  22. Re:Software used for weird purposes? on Solving Sudoku With dpkg · · Score: 1

    There used to be 'emacs -e tower-of-hanoi'. I'm not sure if it got yanked from the source tarball, but it was an interesting way to show why old tape-based rotation schemes and levels of 'dump' backups worked the way they did.

  23. Re:What a secret! on id CEO Claims PC Hardware Manufacturers Love Piracy · · Score: 1

    You should look at the 'Trusted Computing' work by Microsoft and its collaborators. This is precisely what they are trying to sell: there are security reasons to want it, but its main focus is clearly 'Digital Rights Management', the linking of individual documents or applications with particular, licensed hardware.

    The hardware makers seem to not be cooperating with it, and for many excellent reasons. But I bet the desire not to inflict DRM on their customers and drive them away is one of them.

  24. Re:The days before OpenOffice on id CEO Claims PC Hardware Manufacturers Love Piracy · · Score: 1

    Unfortunately, OpenOffice lacks one useful feature of MS Office: The Outlook client, with its built-in calendar. I, and many of my IT peers who understand how Exchange works, loathe Exchange and what it forces Outlook to do. But the calendar function remains irreplaceable: the numerous commercial 'plug-ins' for it remain unstable and unusable, or were 3 years ago when I last looked.

  25. Re:Every country has a different threshold on China Blocks iTunes · · Score: 1

    And the United States has had slavery, the Japanese/American imprisonment of WWII, Guantanamo Bay right now, the repressions of the War on Some Drugs. We do need to keep a sense that if we're 'better', it's as a matter of scale.