Why would you need it? NTFS is a journalling file system, so you dont, except in very extraordinary cases, need something like chkdsk.
It's not like running on ext2 or fat, where if you crash, you need to do a disk check/fsck on next startup.
I freely admit that you can probably fill a library with what I don't know about the low-level details of filesystems. Having said that, I'll give you my take on the description from the man page.
It only repairs some fundamental NTFS inconsistencies, resets the NTFS journal file and schedules an NTFS consistency check for the first boot into Windows.
To me, a "consistency check" on a journaling filesystem means playing back the journal to ensure a consistent state. I will speculate that the chkdsk utility that comes with Windows primary does this, and may also perform other repairs (like actually scanning/repairing the entire filesystem the same way a non-journaling filesystem would need to do) if they are necessary. The wording of "resets the NTFS journal file and schedules an NTFS consistency check for the first boot into Windows" tells me that ntfsfix is either unable or is only partly able to do this and therefore, you still need Windows for this task. Because I consider preventable data loss to be absolutely unacceptable, and not just an inconvenience that it would be nice to avoid, this does not make me feel very confident.
If I am wrong about this and it turns out that ntfsfix can completely handle all journal functions and you would only need Windows utilities in the very rare instance that damage is done that replaying the journal (and any other measures ntfsfix can handle) cannot repair, that does somewhat mitigate my concern. It doesn't completely remove my concern though because every now and then, unlikely things do happen and I greatly prefer to be prepared for them. Especially considering that I have no Windows installation and no Microsoft software, I would basically be SOL if this happened to me. So for me, this represents a gamble even if it's one in which the odds are not against me.
In light of this, your mocking tone is honestly mysterious to me.
Almost as mysterious as the idea that the military industrial complex is something that the media "almostnevertalks about". And that was after spending 30 seconds on Google News.
Using a powerful search engine, you are able to actively seek and find information about something that is rarely mentioned in the media. That sort of research, of separating the tiny fraction of information you are after from the vast ocean of information available, is in fact what a search engine is for. That is not at all the same thing as the mainstream media routinely discussing the downsides and dangers of systems that could bring about a fascist state. You have proven that search engines work; you have not demonstrated that the media appreciates the importance of this issue. To do that, you would need to perform statistical analysis of the mainstream media to determine what fraction of headlines and stories discuss this specific issue. If you did that, I maintain you would find that it's a small fraction indeed and that Britney Spears and Paris Hilton get far more coverage. This should be obvious.
So you first mock the fact that I mention the term "military-industrial complex" at all. When I explain the term's origin to show that there was no reason to do that (something you have not either admitted or refuted, by the way), now you respond by arguing about the number of occurrences of the term. Look at your paragraph above. It's like you're saying that my claim that the media seldom talks about the military-industrial complex has any bearing on the way you conduct yourself ("almost as mysterious as the idea that..."). If that's true then you have little self-control; if that's false then you're effectively saying "I know you are but what am I?" which is, shall we say, rather unenlightening. Rather than do all of that, I'd like to see the superior viewpoint with which you would replace mine if mine is indeed so flawed. I'm willing to abandom my current viewpoint and embrace a superior one at any time, in fact I would be grateful for such an opportunity; the only "catch" is that the one you advocate really does have to be superior and not merely because you say so.
Your methods and your tactics are nothing new to me. It's apparent that you want to argue for the sake of arguing and are not really interested in the strength of your position and whether it could be improved or replaced. You just want to feel like you are right and I am wrong. I doubt very much that you are deliberately planning to do this or to be this way. In fact, I strongly doubt that you seriously question your own motives or examine your own actions and their implications enough for you to be able to make a conscious choice in the matter. You are probably too worried about the other guy and how you can take him down a peg or two for it to occur to you that you should be doing this. That's alright. I'm not upset or resentful when I see this, nor is it my place to condemn it (I will, however, call it what it is). In fact, I used to do something like this and it most certainly did not make me happy. I understand that so there is no need for me to lash out at you. I will say that I would like something better than this for you and that when you give up your need to feel right in the eyes of others, you will truly understand the saying "the thing about banging your head against the wall is that it feels so good when you stop." I don't expect you to understand this right now so if you must get more belligerent now that I am speaking to the heart of the matter, I understand that too. People always feel justified because they always do what they think is right or necessary, even when they're utterly wrong.
it results in a very powerful entity that the media almost never talks about which is known as the military-industrial complex.
Bwwwwwwaaaaahahahahaha! A term invented by, wait, who was it...oh yeah, the President of the United States and transmitted and quoted and written about ad nauseum.
Yes. A President of the United States (Dwight D. Eisenhower) who had this to say about it:
A vital element in keeping the peace is our military establishment. Our arms must be mighty, ready for instant action, so that no potential aggressor may be tempted to risk his own destruction...
This conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence -- economic, political, even spiritual -- is felt in every city, every statehouse, every office of the federal government. We recognize the imperative need for this development. Yet we must not fail to comprehend its grave implications. Our toil, resources and livelihood are all involved; so is the very structure of our society. In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist. We must never let the weight of this combination endanger our liberties or democratic processes. We should take nothing for granted. Only an alert and knowledgeable citizenry can compel the proper meshing of the huge industrial and military machinery of defense with our peaceful methods and goals so that security and liberty may prosper together.
This is from Eisenhower's Farewell Address to the Nation on January 17, 1961. Every so often when a politician is about to leave high office, they are unusually honest about our situation. If that quote from Eisenhower is not a dire warning, then I really don't know what is, and if a man who helped to run this machine doesn't understand what this machine is about, then I really don't know who does. In light of this, your mocking tone is honestly mysterious to me.
And why do you think this faceless machine exists?
Because I believe that the USA is flirting with becoming a fascist police state and that most people don't understand how dangerous this really is. That some of our more dis-eased human beings (fevered egos) want to control all the other human beings is nothing new; what really gives them power is when systems (governments, corporations, etc.) take on a life of their own instead of remaining tools that serve human begins. I don't know of a single entity ever to appear on the face of the earth that can perpetuate human misery like a modern totalitarian state. It is nothing less than hell on earth. If the general public only realized what was possible, they'd see that no government program or benefit or promise of security is worth even the slight risk of allowing this to happen.
The rest of what you said about the nature of a for-profit enterprise is honestly rather obvious. There is no need to insult my intelligence or my powers of observation. The motivations of the corporations involved are easy enough to derive; I am merely saying that their motivations are irrelevant because they are effects and not causes. It is up to the government officials who hire those corporations to take this into account and make sound decisions about whether they are the best tool for the job. To better make this point, and hoping I don't belabor it (please forgive me if I do), I'll respond to this paragraph:
A for profit company's goal is 4.Profit! That means *every* process run by the company is viewed through the 'what does this do for our bottom line' lens and whether they are prepared to take a risk on a process. All this reveals is that there maybe *other* areas they are prepared to risk process compliance for profit illustrating some systemic issue exists that allows these things to happen.
I agree with you. What you have described is the inherent nature of a corporation; that is, valuing profit above all else. I certainly could blame the corporation but I would have to blame it for being true to its nature. I prefer to blame the government officials who hired that corporation for not properly understanding what they were dealing with and whether it was really the best tool for the job. They were the ones who decided that this problem would be solved in this manner. They are the ones who could fire this corporation and set up a governmental department to take care of a task that really should not have an underlying profit motive.
As long as there are incompetent government officials who will continue to hire them when they are not the best tool for the job, there will never be a shortage of corporations like this and failures like this. I'd rather realize that fact and recognize the single source of the problem than try to assign blame to a multitude of secondary results.
You do realize that Los Alamos, while it is a government project in the broad sense, is run by Los Alamos National Security LLC, a private, for profit, corporation?
If I hire an employee I am responsible for what he does. If you feel that the employee does a poor job and that something should be done about that, it would make sense to come to me because I'm the one who hired him. Do you catch my drift? That doesn't mean that the employee is blameless, of course, and it would be silly to suggest that it does. What it does mean is that none of this shifts the responsibility.
I see the outsourcing to private corporations that goes on. Even when the corporation doesn't just coincidentally happen to be owned by someone who has close connections to government officials, it results in a very powerful entity that the media almost never talks about which is known as the military-industrial complex. You talk about a faceless machine with no regard for human life or human dignity, well, there is none on the planet that matches this one. None of this changes any point I've made, however.
America's greatest threat to national security and the economy is the government itself.
That's correct, or more specifically the greatest threat is the mismanagement of government that allows it to operate outside of its legitimate roles which is why it can't correctly take care of basic things like this.
If the history of the 20th century isn't a lesson about the nature of government then I don't know what is. It's a shame that most people don't study this on their own so their primary exposure to it comes from government agents (known as "schoolteachers"). These people quite naturally believe in government (as opposed to regarding it as a necessary evil) or else they wouldn't work for it. Just do some research and add up all the known deaths during the 20th century that were caused by terrorism. Then do some more research and add up all the known deaths during the 20th century that were caused by people being murdered by their own governments. Compare those two numbers and note the vast difference in quantity. Tell me which is more dangerous.
I guess causing 'cybersecurity issues' is better than 'nuclear warfare issues'.
This comment currently shows 2, Offtopic even though it directly addresses the summary/article. I'd love a good explanation of what could possibly be regarded as "offtopic" about that. Yet another argument for why the old meta-moderation system needs to be brought back.
I have karma to burn so do your worst to me. I'd rather you waste your points doing that than more crap like this.
I just wonder one thing. How many examples of incompetency like this do we need before maybe people will reconsider whether having government get into the health care business and all these other "growth areas" for government is really such a good idea? I mean, at least law enforcement, public works, and national defense really are legitimate roles of government; this one would fall under "national defense" and they failed miserably with this too.
I suggest that this incident highlights the fundamental untrustworthiness of government even when it's performing what is without question one of its proper roles. I mentioned some implications of this that may or may not have crossed your minds. What I am not doing is endorsing any alternative proposals or anything like that. I think we already have enough presented problems and prefabricated solutions; philosophical understanding or at least a grasping of some simple principles are what I'd like to see more of. I observe that our Founding Fathers had a strong and well-founded distrust of governmental power and that history since then has only provided more reasons to feel this way. I see this and then I notice that most Americans don't appreciate it, and that's despite the fact that we are close to becoming a totalitarian police state (to you reactionary knee-jerk types, the health care issue is not why I feel that way). The stage is set for it and if you study the early history of some of the 20th century's worst dictatorships, the parallels to their situation and ours are appalling. I just wonder at what point we can all decide "hey, the government is big enough and powerful enough and nothing good will become of continuing to expand it, maybe it's time to try something new".
I appreciate you pointing this out but I looked into it and unfortunately it looks like a partial solution.
From the output of "man ntfsfix":
DESCRIPTION
ntfsfix is a utility that fixes some common NTFS problems. ntfsfix is NOT a Linux version of chkdsk. It only repairs some fundamental NTFS inconsistencies, resets the NTFS journal file and schedules an NTFS consistency check for the first boot into Windows.
Regretably, that does not make me feel very confident. Filesystem integrity is one of the few areas where I really must insist on a complete solution. I don't take that position because I want to but because it's dictated by necessity. Preventable data loss or even the possibility of such is simply not acceptable to me.
Just my personal opinion, I don't really consider trying to play catch-up with Microsoft's proprietary standards (or even when the standards are published, their proprietary implementations) to be a sound idea especially when truly open alternatives are readily available. I just feel like you're always going to have problems like this that you can never completely overcome because you're playing someone else's game. Considering the inherent difficulty of this task, the progress that Open Source has made is really quite amazing but I just don't consider this to be anything like an ideal solution.
Microsoft created NTFS, they own it, they can "upgrade" or change it on a whim, and they have no interest in anyone else being able to work with it. That's the nature of the situation and it's beyond our control. Therefore, to me, NTFS compatibility is very much like a dual-boot setup; it is to be avoided unless truly necessary.
Yes, Linux supports NTFS. You've referenced the right module NTFS-3G.
Ubuntu has had this module included by default since version 7.10: gutsy gibbon. Prior to that, it had to be manually installed.
I run a windows XP / Ubuntu 7.10 dual boot setup at home & the NTFS support is great. Ubuntu can read and write to both windows & linux partitions flawlessly. All of your windows files are accessible in the linux mode. I think that there is a slight performance hit (10% or so) for using linux rather than windows to write to the ntfs partition.
The sole downside to that arrangement is that it does not provide any facility for fsck-type maintainance of the NTFS filesystem. The NTFS-3G userspace driver unfortunately does not come bundled with anything of the sort and I've had difficulty trying to find a standalone fsck.ntfs type of program. You can find good programs to read, write, and resize an NTFS filesystem but no Open Source software seems able to repair one. I'd love to find out I'm wrong about this. A friend of mine used a setup like this and eventually experienced a small amount of data loss after unexpected shutdowns (power failures) that were not immediately repaired like Windows would have done on bootup.
If anyone does know a reliable way to repair NTFS filesystems under Linux without actually running Windows, please let me know. Otherwise I'd recommend staying away from NTFS filesystems if at all possible or considering an alternative like FAT32 (as terrible as that may be). If you don't mind Windows having read-only access to your data, you may want to try the EXT2/3 driver for Windows as an alternative.
This is about what you would expect because such critical systems should not be Internet-accessible unless there were some incredibly strong overruling need for it that could not be addressed any other way.
(Emphasis mine). In my example there is "another way", even so they use the internet. If you had just said "critical systems should not be Internet-accessible unless it's impractical" I would have understood you better.
That's a funny thing that happens to me from time to time. For a moment it will appear that there is a disagreement or a debate and then I'll find that the other person and I were actually saying (more or less) the same thing, just in different ways or from different perspectives. That most often happens when the other person and I are both knowledgable about the subject. I appreciate you taking the time to clear that up for me:-).
I should preface this by saying that I agree with you, and that if a person is going to expend energy trying to change the consensus view of something, there are far more worthy challenges than "hacker vs. cracker". What I will mention here is related to your point but does not directly address it; this is more of a side issue.
You know, or should know at any rate, that language changes over time. The correct definition of a word is the one that people actually understand. Like it or not, when people say "hacked" in this context, people understand that it means "illicitly and illegally accessing a computer system". I understand that, everyone else understands that, and therefore -- like it or not -- it is now the definition of the word.
When are YOU ever going to get that the definition has evolved and changed? YOU are the one clinging to a deprecated and archaic definition of the word that only a very small percentage of the population knows, and an even smaller percentage actually cares about.
That the word "hacker" had a more specific meaning that it has now lost is not really Newspeak because it arose out of the general public's apathy towards these issues and not, to my knowledge, out of any sort of propaganda effort. The word "conversative" is a good example of real Newspeak. The only unfortunate side-effect is that there was a distinction between someone who has strong interests and talents relating to technology versus someone who has a strong interest in attacking other people's systems. The result is that to many people, there can be an assumption that anyone who is technologically highly skilled must be using (or must have used) that skill in a harmful way because that's all they hear about in the media. "Honest security researcher maintains systems that haven't been successfully attacked" doesn't exactly make headlines. That the knowledge required to fully understand security issues and effectively safeguard systems is quite similar to the knowledge that could be abused to do harm does not help matters.
This is the sort of thing that sounds like mere semantics and doesn't seem to matter until politicians start getting interested in regulating their country's use of the Internet. Public perception is very important to politicians; it is often more important to them than unbiased fact. Look at Germany, which has outlawed many security-related tools that can be used to legitimately secure systems. It's silly to think that this will have any real effect on the black hats because they have already demonstrated a willingness to break the law. What this will do is hamstring legitimate security professionals and will cause them to be less equipped than their opponents. It also carries the message that "you are not to be trusted" and is generally a step away from the free exchange of ideas. I submit that this could not have been possible without the public perception that "hackers" are all a bunch of criminals.
I think the word "hacker" has changed and that it's pointless and counterproductive to try to wind back the clock so I am definitely not disagreeing with you. I just think more emphasis needs to be placed on the positive uses of this sort of knowledge or else we risk following Germany's example. It's just the sort of thing that doesn't seem to matter until it bites you in the ass, so to speak.
P.S. Same goes for "piracy".
I agree here, too. I don't think the semantics surrounding copyright infringement are worth debating except for when the claim is made that copyright infringement is the same thing as stealing, which it is not. Stealing is a criminal offense and it deprives the rightful owner of his or her property. Copyright infringement is generally a civil tort and does not deprive the rightful owner of the work that was infringed, but only of the exclusive right to distribute copies of that work. Equating the two is intellectually dishonest and so the distinction is worth making.
You're equating hard-won esoteric knowledge with common sense. Common sense as a concept is bankrupt - it doesn't exist in isolation, it is simply learned behavior which is not in any way universal. Dragging the term out derisively is a merely a rhetorical crutch.
A basic process of elimination, which is the only specific instance of common sense that I mentioned, is "hard-won esoteric knowledge"? I just can't go along with that.
I'm not really deriding anyone. I'm expecting better of them. There's a difference and it's a huge one. Derisive would amount to believing that they can't handle basic problem-solving because they are inferior to me; even when it appears to be humorous, derision always has this type of negative comparison as a core component. Instead, I am saying that if I can perform childishly simple problem-solving without using any special skills, so can they, which means that any obstacles they encounter are not only surmountable but worth overcoming. That is a statement of equality.
Maybe calling it "common sense" was a stumbling block for you. There are multiple terms that could be used to describe the basic faculty that I am describing so there's no need to get hung up on the verbiage or diction.
When you say that there is anything at all esoteric or hard-won about the most basic reasoning and problem-solving, there are two implications of that statement that come to my mind. The first is that you are ignoring the element of personal choice and how strongly it determines who will do what it takes to observe these simple principles and who won't. If you ignore the element of choice, then you are left with a sort of "lottery" that results in a minority of the population being able to solve basic problems and a majority that wasn't standing in line when that ability was being handed out, so to speak. The second implication is that if any literate adult lacks this understanding, that's okay and it's beyond their control because after all, it's "esoteric", so therefore it follows that they should make no effort to remedy this situation. This is a somewhat subtle rejection of personal responsibility.
The fact is, I did not wait around for someone to come along and teach me how to think and reason. I consider those matters far too important to trust to anyone else. I read, I wrote, I engaged in debate, I studied logic and other things, and so that I would not be easily mislead I also studied propaganda techniques and logical fallacies. No one made me do this. No one was looking when I did it. This wasn't for some school project or because anyone asked me to. It's because my life is mine and no one can live it for me, certainly not in any healthy fashion. I look around me and I see a world full of people to whom this sort of personal responsibility, this sort of "giving a damn", is an alien concept. They are choosing to be that way and they can choose differently any time they want. This is why I refer to their inability to solve the most basic problems as "willful helplessness". To say otherwise would amount to telling them that it's hopeless and they shouldn't bother trying and I've seen far too much evidence to the contrary.
So, you can tell me that there is anything esoteric about this process even though all of the needed information is "out there", available, and waiting to be studied by anyone who can use Google. You can watch me express deeply held beliefs that have withstood both the test of time and the test of various hardships and then tell me that they are merely "a rhetorical crutch." Perhaps that will make you feel better about your own personal shortcomings or those belonging to someone close to you or maybe it'll make you feel better about living in a world where most people just don't care. It will not work on me, and nor should it. What I can tell you is that the excuse is worse than the shortcoming because it makes sure that these things are accepted instead of identified and changed. I want something better than that for myself and I also want something better than that for you.
Am I the only one who remembers the "ANY" stickers that were usually placed on the ENTER key and were specifically designed for (l)users who kept asking that question? When I first saw them, someone had to explain to me that yes it's a serious product, it's not a joke item or a gag gift. I think I looked at the world a bit differently after that.
If I ever marvel at how even otherwise intelligent people sometimes shut down all common sense and ability to reason when they are in front of a computer, this is an example of what I'm talking about. That they wouldn't even consider whether "any" might be an adjective, or that the sentence should be written differently if it were intended to mean a key bearing the label of "ANY" just blows my mind.
Well, you have to remember that computers also have buttons people have never seen before - especially on a keyboard. Think keys like "Ctrl", "Alt", "PrtSc", "SysRq", "NumLk", "ScrLk" and the like. It's entirely possible believe that "ANY" refers to some computer-y term rather than literally, any (and in most cases, any key won't work - keys like Shift, Ctrl, Alt, the locks, other modifiers (Windows, Menu, AltGr, Compose, blah blah blah) probably won't make the message go away). A slightly better wording might be "Press a key co continue". The literalists will probably type "a", the pedants will try the modifiers and complain, and the rest of us will hit space or something.
I don't think you're appreciating how deep the lack of common sense really is.
If what you're saying were the crux of the problem, then such a user might have this problem one time. It wouldn't take very long to exhaustively perform a visual search of the keyboard and conclude that there is no key labelled "ANY". At that point, this theory that the prompt refers to a specific key has been falsified and it's time to abandon it. Isn't that simple? The only possible remaining explanation is that "any" is an adjective. Even this need not be taken on faith but can be tested by pressing an arbitrary key to see if the machine will proceed. This entire process should take a few minutes at the most.
A user who does not abandon common sense and ability to reason might go through this process one time. After that one time, they would never need to repeat this experience so there is no reason to purchase an "any key" sticker. The problem-solving involved here is really simple and does not even begin to approach what I could call advanced reasoning with a straight face. Yet, these users refused to apply it. I maintain that they are without excuse; that this amounts to willful helplessness. I will add that by making excuses for them, you are not really doing them any favors because by believing you, they will not become less helpless.
I did have one other response to you, for what it's worth. At first, you may think this is just semantics but I hope you don't feel that way after you read my full response.
Facing the Internet is not necessarily insecure. It is possible to make 100% hack proof computers - not counting DOS and physical attacks.
I think we'll have to agree to disagree on this part. The whole problem is that you'd never be able to actually prove that a computer is 100% secure (no one has found a way to do that), only that it hasn't been compromised yet and even that might be much tougher than you think, so I'd personally never make a claim like this. Then there's the network to which the computer is attached, which you also cannot actually prove is 100% secure. The best that you can do is to compare various systems in order to establish relative terms like "more secure" and "less secure" to eventually arrive at a concept of "reasonably secure", which is often abbreviated as "secure".
There's also the consideration that computers are part of a system and your security could potentially be compromised at any point in the entire system. Let's say you have incredibly secure computers and networks. Do you think attackers will just give up? No, they'll start going after your users with various social engineering techniques. At some point finding a clueless or overly trusting user is much easier than directly attacking the machines. A person who is knowledgable about security has to understand that the situation favors the attacker. That is, to secure the system, you have to prevent every possible avenue of attack; to break into the system, the attacker just has to find one thing you missed. This is why concepts like default-deny and least-privilege are so helpful.
There is absolutely nothing you can do to make a computer "100% hack proof" against a clueless user who thinks that the attacker is one of your legitimate administrators. What you can do is form a comprehensive plan that takes the entire system, including users, into account. You take reasonable measures and you avoid unnecessary exposure. Ultimately, what you can accomplish is a system that is secure enough that the effort required to break into it far exceeds any value that would be gained by doing so. The rest is damage control.
I don't know anything about the FAA or their systems but this is simply common sense. Any administrator who doesn't understand this should not be trusted with such important networks.
You cannot rule out the cost factor. It's for instance not economically feasible to link up all power stations to a separate secure network, so they use the internet.
Facing the Internet is not necessarily insecure. It is possible to make 100% hack proof computers - not counting DOS and physical attacks. Similarly, a secure network can still be compromised so that is not always the best way for securing networked computers.
That's a rather verbose way of saying that my statements are intentionally general and therefore might not describe every possible specific application. I hope we already knew that.
By the way, you quoted me slightly out of context because you left out the one previous sentence that addressed your concern. This is the full block of text:
This is about what you would expect because such critical systems should not be Internet-accessible unless there were some incredibly strong overruling need for it that could not be addressed any other way. I don't know anything about the FAA or their systems but this is simply common sense. Any administrator who doesn't understand this should not be trusted with such important networks.
All I'm saying is that the limiting of potential exposure is a valid security practice. It's one of the more common-sense approaches and it would occur to a competent administrator. Further, a good administrator would do it (would limit exposure) unless there were some overriding need not to. Do I really need to also say that it is one practice among many valid practices? I don't mean to be rude when I say that I doubt anyone who is knowledgable about the subject needs to have such a basic and obvious thing explained to them.
I mean no offense and I'm not trying to berate you. I just can't see why you made your post or what you thought you were telling me that I didn't already cover. If I really did miss something and you are able to fill me in, you'll find me an eager audience, but I don't feel like you've given me much to work with.
Re:NOTE: This is NOT the ATC network
on
FAA Network Hacked
·
· Score: 0, Offtopic
I've always wondered how often I can get modded informative for repeating a statement in the summary...maybe it's time for a broad experiment...
1. Post a re-iteration of something in the summary
2. Piss people off by getting modded "Informative"
3. ???
4. Profit!!
It's just an example of poor-quality moderation. Much of moderation involves subjective judgment calls and the like, but in this case, I can say with confidence that there is nothing "Insightful" about repeating what I just read. I'd really like to see just one discussion that doesn't include such blatantly "WTF were you thinking?" low-quality moderation (again, not referring to judgment calls). Just one -- is that so much to ask? Slashdot badly needs to bring back the old metamoderation system. The one where your mods getting marked as "Unfair" influenced how often you received mod points again and you were informed of your score. In my opinion, Idle and the new metamod system are evidence that they had a good thing going and just had to keep fucking with it, like they couldn't resist.
Am I the only one who remembers the "ANY" stickers that were usually placed on the ENTER key and were specifically designed for (l)users who kept asking that question? When I first saw them, someone had to explain to me that yes it's a serious product, it's not a joke item or a gag gift. I think I looked at the world a bit differently after that.
If I ever marvel at how even otherwise intelligent people sometimes shut down all common sense and ability to reason when they are in front of a computer, this is an example of what I'm talking about. That they wouldn't even consider whether "any" might be an adjective, or that the sentence should be written differently if it were intended to mean a key bearing the label of "ANY" just blows my mind.
Someone should ask the FAA how they managed to get an entire network (see: article title) onto one server (see: article summary). Was it a server, or a single work station? A server can dispense data, but dispensing data does not make it a server. Servers tend to act as the dispenser for data bearing machines, no?
What's the matter, wouldn't an article that said "One FAA Computer Hacked - Employee Data Stolen" be sexy enough? Probably not. The title as is misleads people into wondering if the ATC network was implicated.
If you own or administer the equipment in question, you'd have to assume that an attacker getting into the server is the same thing as an attacker getting into the network until proven otherwise. That's for the simple reasons that the attacker has already proven their ability to compromise at least one of your systems and that server can now be used as a platform to attack any other machine with which that server can communicate (i.e. that network). Incidentally, am I the only one who still says "proven"?
It's still possible that the Slashdot summary has a sensationalist title, but for those reasons it's not absurd to believe otherwise. As for your question about the ATC (air traffic control) network, you don't even need to read the fine article; the summary does specifically state:
The FAA was quick to say the server that was accessed was not connected to the operation of the air traffic control system or any other FAA operational system.
This is about what you would expect because such critical systems should not be Internet-accessible unless there were some incredibly strong overruling need for it that could not be addressed any other way. I don't know anything about the FAA or their systems but this is simply common sense. Any administrator who doesn't understand this should not be trusted with such important networks.
Techie: If you don't know how to do what I do, then if I have time I will teach you
I think most techies are surprised when they encounter a user who is interested in learning. It's a pleasant surprise since the majority of users seem to believe that computers are the one area where it's unreasonable to suggest that more skill and knowledge leads to higher productivity and fewer preventable problems. It's as though you're some kind of an elitist if you tell someone that they can choose to make investments (i.e. learning) that will lead to a more pleasant experience. I never really understood that because it seems to me that a genuine elitist would never suggest that the quality of your experience is within your control.
Then, the lawyers got together and made laws to protect their racket, driving up prices.
Except that politicians make laws, not lawyers. I seriously doubt all politicians are lawyers.
"All" is a very strong statement, but there is no question that the overwhelming majority of politicians are lawyers, at least in the USA. If you made it something of a research project, you would probably have difficulty naming even a few politicians (at least on the state and federal levels) who do not hold law degrees. It does make sense that most of the people who make new laws have the qualifications necessary to understand and work with existing laws. Unfortunately the idea that their profession is special and exclusive can also be more important to them than the idea that all citizens are expected to know and obey all laws, which is why many laws appear (in my humble unqualified opinion) to be written by lawyers, for lawyers.
As a side comment, the fact that the vast majority of politicians are lawyers is why I feel that they should be held personally responsible (i.e. face criminal charges) when a law that they created or endorsed is later found to be unconstitutional. This would be a much-needed counterbalance against the fact that a citizen cannot challenge an unconstitutional law until after he or she has suffered because of it and risked experiencing the business end of state power. But then, I have always felt that when officials and authority figures screw up, it is far worse than when an average citizen screws up because when officials do it, it undermines the respectability of the law as an institution. I think too that the prospect of power attracts some extremely undesirable personality traits; there is a shortage of good, wholesome, selfless reasons why someone would want it. So, I like the idea that if you want power, you should be held more accountable for your actions than someone who doesn't. Perhaps incorporating these ideas into our legal system would reinforce the idea that public officials are our servants and were never intended to be our masters.
This is all fine if made in good humor, but when it gets personal, or taken too far, the result is enemies and flaming rather than meaningful discussion. Simply put, there is no discussion if either side or both sides choose to close their minds to criticism.
I very much agree with this and I hope I can shed some more light on how this actually happens.
The problem is compounded because too many people automatically take criticism, even very constructive criticism, as a personal attack. They don't seem to realize that dialectic and other aspects of critical thinking and the free exchange of ideas, even those that suggest a personal flaw or shortcoming, are the tools of free minds. People are generally far too quick to become offended by mere disagreement. I believe it's because they don't apply scrutiny to their own beliefs; they don't test them to see if they stand up under examination. Because the beliefs of such people and the positions that they take are not firmly grounded, they are insecure, which leads them to equate dissent with a personal attack. Once they do that, it becomes a contest. At that point it's no longer about determining truth but about feeling like they are right and the other person is wrong.
You really cannot convince someone of anything unless they let you do it. Once it becomes a contest of who's "right", the person will become eager to prove that to you. Any further use of facts and reasoning won't work because at this point, it's no longer about the truth of the situation. Sometimes an informed audience is useful for these situations because of the objectivity that third parties can provide. If the person is acting ridiculous and trying to demonize or marginalize you for holding views that they don't like, they are unlikely to believe you when you tell them that they are doing this (since after all, you're "wrong") but they may feel a need to save face in the presence of an audience.
It's unfortunate that such petty motives sometimes have to come into play before a person will consider whether this behavior is maladaptive. Remember that people always feel justified because if they didn't, they would not say and do the things that they say and do. That's why verbally fighting with them almost never works and it's why even good constructive criticism won't work unless they are ready to receive it. From their perspective, what they are doing makes perfect sense, so if they really are ignorant, compassion and not condemnation is the preferred response. This also helps you discern whether you're operating out of a concern for truth or a (much weaker) need to convince. Of course, this does not mean you refuse to call things what they are and you can't be compromised by any concerns about whether doing so will cause further offense. If you can do that while holding no resentment or anger or malice or ill will of your own, the strength of your position will be abundantly obvious even if no such admission is made.
Well, they are a documented company backed by big finance and based in USA and especially more important, California.
I hope they're doing well. If they can continue to make good money in this sort of economy, it means that they are effective businesspeople who know what they're doing. Of course, that still doesn't have anything to do with the technical merits of their service and whether I would find them useful.
If you think they are spamming by showing couple of text ads and rough guesses instead of a "server not found" message, you should sue them. In fact, state of California should sue them.
The only consistent definition of spam that I know is "advertising that I don't want to see and don't have to see". I definitely don't want to see any advertising. If I need your product, I'll determine that on my own (it's simpler that way, too). Just because spam is perfectly legal, doesn't mean that I want to see it. Sometimes advertising is part of the package, like when you listen to broadcast radio. Other times it can be completely and easily avoided. Avoiding the advertising of the OpenDNS folks is very easy -- all I have to do is not use their service. It would be morally wrong for anyone to sue them because their entire system is optional and opt-in. They are not forcing their system on anyone and therefore they are probably good people. My criticisms of their methods do not depend on anyone being forced to do anything. I am questioning why someone would want this service, which presupposes that some people do in fact want it. The basis of my reasoning is that there is nothing that they can do for me that I cannot do for myself, and especially in the case of host security, I can do it myself using tools better suited for the job. When there is no real benefit of an arrangement, even a slight drawback becomes unacceptable.
What you're doing there is a form of misdirection. The way you worded that, you are implying that the choice is to either support an extreme measure that makes no sense (suing someone over nothing) or abandon the idea that I should avoid advertisements I don't want to see and don't have to see. It's like you intended me to say "gee, the state of California is not suing them, their service must suddenly be very useful to me so that I am willing to view occasional ads in order to have the privilege of using it". That doesn't work. It's called a false dichotomy; it is also known as the fallacy of the excluded middle. That's a tactic for an opponent, not a tool for determining truth. You're probably doing it because you were personally offended by my opinions so now this is about who's right and who's wrong. That doesn't work either because opinions are arbitrary and I don't think you appreciate how difficult it is to apply "right and wrong" to them. There's also the fact that nothing I say here could possibly prevent you from having a different opinion if you felt like doing it.
What happened there is I took a position based on how I already felt about these matters (that is, my opinion of them). The order of these things is important. When you take a position, you tend to support it with facts and reasoning especially if you want to be persuasive. That's not the same thing as making a positive claim that it's the only position available or the only conclusion that could be based on the facts. Another person who was so inclined could take a position based on the merits of OpenDNS and could find facts and reasoning to support that. He could do a good job of this and produce well-written reasoning. It's when I see that people are failing to do this without committing various logical fallacies and factual errors that I might decide they are taking a position of weakness, that is, one that they are having great difficulty supporting.
That Google proxying is a real interesting one. Appar
For the same reason I'll consider using nearly any MTA except Sendmail, which is because it has a poor security history. BIND and Sendmail both hail from a time when the Internet was a much friendlier place and I consider neither trustworthy on the hostile network that the Internet has since become. I know that version 9 of BIND was a complete rewrite, yet that too has had more security issues than I would like to see.
In my opinion, BIND is written for functionality first and security second. History has shown that security needs to be a fundamental design goal from the beginning; trying to write a program and then secure it later as vulnerabilities are found is problematic at best and causes a lot of preventable problems. Good security is not an afterthought. I just don't see security as an integral part of BIND's design, not when compared to alternatives like djbdns or maradns. For example, from its very first release, maradns has always used a cryptographically secure RNG to randomize query IDs and source port numbers and was never once vulnerable to cache poisoning attacks. BIND didn't start doing this until people started exploiting it. I've just seen too many issues like that which were better solved by more proactive approaches. I really can't rigorously prove to you that one solution is inherently superior to some other solution, especially since your needs and priorities may differ from mine, but I can explain why I have strong preferences that contribute to what I will and won't do.
BIND is also bigger and more complex than what I actually need. I have never felt like there was some must-have feature provided by BIND, so there is really no compelling reason for me to use it. Even so, using a daemon whose authors more proactively consider security issues is just one step. I take other measures, including but not limited to a well-configured software firewall (Linux kernel/iptables) that is itself behind a hardware firewall/router, a PaX/Grsecurity kernel that provides things like non-executable stacks and randomized memory addresses and chroot jails that are much harder to break, and userland measures like compiling the daemon with SSP. Many of those are part of running a Gentoo system with the Hardened profile, which also implies a hardened toolchain. A source-based distribution is definitely not for everyone, but it offers some very good options like this and I'm quite happy with it. I also use Logsentry and a few other tools to help me keep an eye on things.
Yes I'm paranoid, but it's because I believe in preparedness and I've seen too many examples of what happens when administrators don't consider attacks to be an eventuality. I'm rather "old school" in a few ways; for example, I do not believe in after-the-fact removal tools (i.e. for rootkits) at all. Once a system has been compromised, the only way to ever trust it again is to wipe the drives and reinstall from known good media. Between the two, I consider the idea that I may have put an excess of effort into locking down the system (and in the process expanded my skill) to be far more acceptable than the idea of regretting that I didn't do enough. I know there is no such thing as absolutely perfect security, so I think about my threat model and I consider a system "secure" when the effort required to have a hope of breaking into it far exceeds (by a ridiculous margin) any value that might be obtained by doing so. To give a poor analogy, it doesn't make any sense to spend one million dollars in order to earn one thousand dollars. Unless it's a personal vendetta, attackers do understand this and they greatly prefer to go after the low-hanging fruit. The standard these days is so low that it doesn't even take very much to place yourself out of that category.
Ah, yes. A "Flamebait" moderation in response to facts and reasoning that were presented in a relatively mild way. I wouldn't mind being a fly on the wall of such a moderator to see whether they feel better about themselves after doing this. My bet is that they do it only to find out that it's not so satisfying as they thought it would be.
To those moderators who think that what you do and don't agree with is what determines "Flamebait" and "Offtopic", you will be more effective if you choose an easier target than me. I have karma to burn, which I have earned, and I am not at all intimidated by your inability to handle reasoned criticism or your little temper tantrums that result from it. If anything, I'm going to post more when you do this because I will call you on it. You are lesser men who don't have what it takes to openly take me on, which is why you cower behind the moderation system when what you would really like to do is prove me wrong. This isn't because I am so great, because I am not; it is because you are so ridiculously weak and cowardly that you consider losing an Internet debate to be an unacceptable risk. If you ever try it, I'll tell you this much: I learned a lot more from those who were able to find the flaws in my reasoning than I ever did from those who said "me too!"
To those moderators who have a clue, please pardon the tone of this post. I ask that you understand that lots of low-quality moderators are operating unchecked and that this goes on because so few are willing to stand up to them (i.e. most people don't seem to care). Of course, the removal or alteration of the old metamod system also has a lot to do with this.
Why would you need it? NTFS is a journalling file system, so you dont, except in very extraordinary cases, need something like chkdsk.
It's not like running on ext2 or fat, where if you crash, you need to do a disk check/fsck on next startup.
I freely admit that you can probably fill a library with what I don't know about the low-level details of filesystems. Having said that, I'll give you my take on the description from the man page.
To me, a "consistency check" on a journaling filesystem means playing back the journal to ensure a consistent state. I will speculate that the chkdsk utility that comes with Windows primary does this, and may also perform other repairs (like actually scanning/repairing the entire filesystem the same way a non-journaling filesystem would need to do) if they are necessary. The wording of "resets the NTFS journal file and schedules an NTFS consistency check for the first boot into Windows" tells me that ntfsfix is either unable or is only partly able to do this and therefore, you still need Windows for this task. Because I consider preventable data loss to be absolutely unacceptable, and not just an inconvenience that it would be nice to avoid, this does not make me feel very confident.
If I am wrong about this and it turns out that ntfsfix can completely handle all journal functions and you would only need Windows utilities in the very rare instance that damage is done that replaying the journal (and any other measures ntfsfix can handle) cannot repair, that does somewhat mitigate my concern. It doesn't completely remove my concern though because every now and then, unlikely things do happen and I greatly prefer to be prepared for them. Especially considering that I have no Windows installation and no Microsoft software, I would basically be SOL if this happened to me. So for me, this represents a gamble even if it's one in which the odds are not against me.
In light of this, your mocking tone is honestly mysterious to me.
Almost as mysterious as the idea that the military industrial complex is something that the media "almost never talks about". And that was after spending 30 seconds on Google News.
Using a powerful search engine, you are able to actively seek and find information about something that is rarely mentioned in the media. That sort of research, of separating the tiny fraction of information you are after from the vast ocean of information available, is in fact what a search engine is for. That is not at all the same thing as the mainstream media routinely discussing the downsides and dangers of systems that could bring about a fascist state. You have proven that search engines work; you have not demonstrated that the media appreciates the importance of this issue. To do that, you would need to perform statistical analysis of the mainstream media to determine what fraction of headlines and stories discuss this specific issue. If you did that, I maintain you would find that it's a small fraction indeed and that Britney Spears and Paris Hilton get far more coverage. This should be obvious.
So you first mock the fact that I mention the term "military-industrial complex" at all. When I explain the term's origin to show that there was no reason to do that (something you have not either admitted or refuted, by the way), now you respond by arguing about the number of occurrences of the term. Look at your paragraph above. It's like you're saying that my claim that the media seldom talks about the military-industrial complex has any bearing on the way you conduct yourself ("almost as mysterious as the idea that..."). If that's true then you have little self-control; if that's false then you're effectively saying "I know you are but what am I?" which is, shall we say, rather unenlightening. Rather than do all of that, I'd like to see the superior viewpoint with which you would replace mine if mine is indeed so flawed. I'm willing to abandom my current viewpoint and embrace a superior one at any time, in fact I would be grateful for such an opportunity; the only "catch" is that the one you advocate really does have to be superior and not merely because you say so.
Your methods and your tactics are nothing new to me. It's apparent that you want to argue for the sake of arguing and are not really interested in the strength of your position and whether it could be improved or replaced. You just want to feel like you are right and I am wrong. I doubt very much that you are deliberately planning to do this or to be this way. In fact, I strongly doubt that you seriously question your own motives or examine your own actions and their implications enough for you to be able to make a conscious choice in the matter. You are probably too worried about the other guy and how you can take him down a peg or two for it to occur to you that you should be doing this. That's alright. I'm not upset or resentful when I see this, nor is it my place to condemn it (I will, however, call it what it is). In fact, I used to do something like this and it most certainly did not make me happy. I understand that so there is no need for me to lash out at you. I will say that I would like something better than this for you and that when you give up your need to feel right in the eyes of others, you will truly understand the saying "the thing about banging your head against the wall is that it feels so good when you stop." I don't expect you to understand this right now so if you must get more belligerent now that I am speaking to the heart of the matter, I understand that too. People always feel justified because they always do what they think is right or necessary, even when they're utterly wrong.
it results in a very powerful entity that the media almost never talks about which is known as the military-industrial complex.
Bwwwwwwaaaaahahahahaha! A term invented by, wait, who was it...oh yeah, the President of the United States and transmitted and quoted and written about ad nauseum.
Yes. A President of the United States (Dwight D. Eisenhower) who had this to say about it:
A vital element in keeping the peace is our military establishment. Our arms must be mighty, ready for instant action, so that no potential aggressor may be tempted to risk his own destruction...
This conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence -- economic, political, even spiritual -- is felt in every city, every statehouse, every office of the federal government. We recognize the imperative need for this development. Yet we must not fail to comprehend its grave implications. Our toil, resources and livelihood are all involved; so is the very structure of our society. In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist. We must never let the weight of this combination endanger our liberties or democratic processes. We should take nothing for granted. Only an alert and knowledgeable citizenry can compel the proper meshing of the huge industrial and military machinery of defense with our peaceful methods and goals so that security and liberty may prosper together.
This is from Eisenhower's Farewell Address to the Nation on January 17, 1961. Every so often when a politician is about to leave high office, they are unusually honest about our situation. If that quote from Eisenhower is not a dire warning, then I really don't know what is, and if a man who helped to run this machine doesn't understand what this machine is about, then I really don't know who does. In light of this, your mocking tone is honestly mysterious to me.
Because I believe that the USA is flirting with becoming a fascist police state and that most people don't understand how dangerous this really is. That some of our more dis-eased human beings (fevered egos) want to control all the other human beings is nothing new; what really gives them power is when systems (governments, corporations, etc.) take on a life of their own instead of remaining tools that serve human begins. I don't know of a single entity ever to appear on the face of the earth that can perpetuate human misery like a modern totalitarian state. It is nothing less than hell on earth. If the general public only realized what was possible, they'd see that no government program or benefit or promise of security is worth even the slight risk of allowing this to happen.
The rest of what you said about the nature of a for-profit enterprise is honestly rather obvious. There is no need to insult my intelligence or my powers of observation. The motivations of the corporations involved are easy enough to derive; I am merely saying that their motivations are irrelevant because they are effects and not causes. It is up to the government officials who hire those corporations to take this into account and make sound decisions about whether they are the best tool for the job. To better make this point, and hoping I don't belabor it (please forgive me if I do), I'll respond to this paragraph:
I agree with you. What you have described is the inherent nature of a corporation; that is, valuing profit above all else. I certainly could blame the corporation but I would have to blame it for being true to its nature. I prefer to blame the government officials who hired that corporation for not properly understanding what they were dealing with and whether it was really the best tool for the job. They were the ones who decided that this problem would be solved in this manner. They are the ones who could fire this corporation and set up a governmental department to take care of a task that really should not have an underlying profit motive.
As long as there are incompetent government officials who will continue to hire them when they are not the best tool for the job, there will never be a shortage of corporations like this and failures like this. I'd rather realize that fact and recognize the single source of the problem than try to assign blame to a multitude of secondary results.
You do realize that Los Alamos, while it is a government project in the broad sense, is run by Los Alamos National Security LLC, a private, for profit, corporation?
If I hire an employee I am responsible for what he does. If you feel that the employee does a poor job and that something should be done about that, it would make sense to come to me because I'm the one who hired him. Do you catch my drift? That doesn't mean that the employee is blameless, of course, and it would be silly to suggest that it does. What it does mean is that none of this shifts the responsibility.
I see the outsourcing to private corporations that goes on. Even when the corporation doesn't just coincidentally happen to be owned by someone who has close connections to government officials, it results in a very powerful entity that the media almost never talks about which is known as the military-industrial complex. You talk about a faceless machine with no regard for human life or human dignity, well, there is none on the planet that matches this one. None of this changes any point I've made, however.
America's greatest threat to national security and the economy is the government itself.
That's correct, or more specifically the greatest threat is the mismanagement of government that allows it to operate outside of its legitimate roles which is why it can't correctly take care of basic things like this.
If the history of the 20th century isn't a lesson about the nature of government then I don't know what is. It's a shame that most people don't study this on their own so their primary exposure to it comes from government agents (known as "schoolteachers"). These people quite naturally believe in government (as opposed to regarding it as a necessary evil) or else they wouldn't work for it. Just do some research and add up all the known deaths during the 20th century that were caused by terrorism. Then do some more research and add up all the known deaths during the 20th century that were caused by people being murdered by their own governments. Compare those two numbers and note the vast difference in quantity. Tell me which is more dangerous.
I guess causing 'cybersecurity issues' is better than 'nuclear warfare issues'.
This comment currently shows 2, Offtopic even though it directly addresses the summary/article. I'd love a good explanation of what could possibly be regarded as "offtopic" about that. Yet another argument for why the old meta-moderation system needs to be brought back.
I have karma to burn so do your worst to me. I'd rather you waste your points doing that than more crap like this.
I just wonder one thing. How many examples of incompetency like this do we need before maybe people will reconsider whether having government get into the health care business and all these other "growth areas" for government is really such a good idea? I mean, at least law enforcement, public works, and national defense really are legitimate roles of government; this one would fall under "national defense" and they failed miserably with this too.
I suggest that this incident highlights the fundamental untrustworthiness of government even when it's performing what is without question one of its proper roles. I mentioned some implications of this that may or may not have crossed your minds. What I am not doing is endorsing any alternative proposals or anything like that. I think we already have enough presented problems and prefabricated solutions; philosophical understanding or at least a grasping of some simple principles are what I'd like to see more of. I observe that our Founding Fathers had a strong and well-founded distrust of governmental power and that history since then has only provided more reasons to feel this way. I see this and then I notice that most Americans don't appreciate it, and that's despite the fact that we are close to becoming a totalitarian police state (to you reactionary knee-jerk types, the health care issue is not why I feel that way). The stage is set for it and if you study the early history of some of the 20th century's worst dictatorships, the parallels to their situation and ours are appalling. I just wonder at what point we can all decide "hey, the government is big enough and powerful enough and nothing good will become of continuing to expand it, maybe it's time to try something new".
ntfsfix is the equivalent fsck.ntfs
It comes in the package ntfsprogs.
I appreciate you pointing this out but I looked into it and unfortunately it looks like a partial solution.
From the output of "man ntfsfix":
Regretably, that does not make me feel very confident. Filesystem integrity is one of the few areas where I really must insist on a complete solution. I don't take that position because I want to but because it's dictated by necessity. Preventable data loss or even the possibility of such is simply not acceptable to me.
Just my personal opinion, I don't really consider trying to play catch-up with Microsoft's proprietary standards (or even when the standards are published, their proprietary implementations) to be a sound idea especially when truly open alternatives are readily available. I just feel like you're always going to have problems like this that you can never completely overcome because you're playing someone else's game. Considering the inherent difficulty of this task, the progress that Open Source has made is really quite amazing but I just don't consider this to be anything like an ideal solution.
Microsoft created NTFS, they own it, they can "upgrade" or change it on a whim, and they have no interest in anyone else being able to work with it. That's the nature of the situation and it's beyond our control. Therefore, to me, NTFS compatibility is very much like a dual-boot setup; it is to be avoided unless truly necessary.
Yes, Linux supports NTFS. You've referenced the right module NTFS-3G. Ubuntu has had this module included by default since version 7.10: gutsy gibbon. Prior to that, it had to be manually installed.
I run a windows XP / Ubuntu 7.10 dual boot setup at home & the NTFS support is great. Ubuntu can read and write to both windows & linux partitions flawlessly. All of your windows files are accessible in the linux mode. I think that there is a slight performance hit (10% or so) for using linux rather than windows to write to the ntfs partition.
The sole downside to that arrangement is that it does not provide any facility for fsck-type maintainance of the NTFS filesystem. The NTFS-3G userspace driver unfortunately does not come bundled with anything of the sort and I've had difficulty trying to find a standalone fsck.ntfs type of program. You can find good programs to read, write, and resize an NTFS filesystem but no Open Source software seems able to repair one. I'd love to find out I'm wrong about this. A friend of mine used a setup like this and eventually experienced a small amount of data loss after unexpected shutdowns (power failures) that were not immediately repaired like Windows would have done on bootup.
If anyone does know a reliable way to repair NTFS filesystems under Linux without actually running Windows, please let me know. Otherwise I'd recommend staying away from NTFS filesystems if at all possible or considering an alternative like FAT32 (as terrible as that may be). If you don't mind Windows having read-only access to your data, you may want to try the EXT2/3 driver for Windows as an alternative.
This is about what you would expect because such critical systems should not be Internet-accessible unless there were some incredibly strong overruling need for it that could not be addressed any other way.
(Emphasis mine). In my example there is "another way", even so they use the internet. If you had just said "critical systems should not be Internet-accessible unless it's impractical" I would have understood you better.
That's a funny thing that happens to me from time to time. For a moment it will appear that there is a disagreement or a debate and then I'll find that the other person and I were actually saying (more or less) the same thing, just in different ways or from different perspectives. That most often happens when the other person and I are both knowledgable about the subject. I appreciate you taking the time to clear that up for me :-).
That the word "hacker" had a more specific meaning that it has now lost is not really Newspeak because it arose out of the general public's apathy towards these issues and not, to my knowledge, out of any sort of propaganda effort. The word "conversative" is a good example of real Newspeak. The only unfortunate side-effect is that there was a distinction between someone who has strong interests and talents relating to technology versus someone who has a strong interest in attacking other people's systems. The result is that to many people, there can be an assumption that anyone who is technologically highly skilled must be using (or must have used) that skill in a harmful way because that's all they hear about in the media. "Honest security researcher maintains systems that haven't been successfully attacked" doesn't exactly make headlines. That the knowledge required to fully understand security issues and effectively safeguard systems is quite similar to the knowledge that could be abused to do harm does not help matters.
This is the sort of thing that sounds like mere semantics and doesn't seem to matter until politicians start getting interested in regulating their country's use of the Internet. Public perception is very important to politicians; it is often more important to them than unbiased fact. Look at Germany, which has outlawed many security-related tools that can be used to legitimately secure systems. It's silly to think that this will have any real effect on the black hats because they have already demonstrated a willingness to break the law. What this will do is hamstring legitimate security professionals and will cause them to be less equipped than their opponents. It also carries the message that "you are not to be trusted" and is generally a step away from the free exchange of ideas. I submit that this could not have been possible without the public perception that "hackers" are all a bunch of criminals.
I think the word "hacker" has changed and that it's pointless and counterproductive to try to wind back the clock so I am definitely not disagreeing with you. I just think more emphasis needs to be placed on the positive uses of this sort of knowledge or else we risk following Germany's example. It's just the sort of thing that doesn't seem to matter until it bites you in the ass, so to speak.
I agree here, too. I don't think the semantics surrounding copyright infringement are worth debating except for when the claim is made that copyright infringement is the same thing as stealing, which it is not. Stealing is a criminal offense and it deprives the rightful owner of his or her property. Copyright infringement is generally a civil tort and does not deprive the rightful owner of the work that was infringed, but only of the exclusive right to distribute copies of that work. Equating the two is intellectually dishonest and so the distinction is worth making.
You're equating hard-won esoteric knowledge with common sense. Common sense as a concept is bankrupt - it doesn't exist in isolation, it is simply learned behavior which is not in any way universal. Dragging the term out derisively is a merely a rhetorical crutch.
A basic process of elimination, which is the only specific instance of common sense that I mentioned, is "hard-won esoteric knowledge"? I just can't go along with that.
I'm not really deriding anyone. I'm expecting better of them. There's a difference and it's a huge one. Derisive would amount to believing that they can't handle basic problem-solving because they are inferior to me; even when it appears to be humorous, derision always has this type of negative comparison as a core component. Instead, I am saying that if I can perform childishly simple problem-solving without using any special skills, so can they, which means that any obstacles they encounter are not only surmountable but worth overcoming. That is a statement of equality.
Maybe calling it "common sense" was a stumbling block for you. There are multiple terms that could be used to describe the basic faculty that I am describing so there's no need to get hung up on the verbiage or diction.
When you say that there is anything at all esoteric or hard-won about the most basic reasoning and problem-solving, there are two implications of that statement that come to my mind. The first is that you are ignoring the element of personal choice and how strongly it determines who will do what it takes to observe these simple principles and who won't. If you ignore the element of choice, then you are left with a sort of "lottery" that results in a minority of the population being able to solve basic problems and a majority that wasn't standing in line when that ability was being handed out, so to speak. The second implication is that if any literate adult lacks this understanding, that's okay and it's beyond their control because after all, it's "esoteric", so therefore it follows that they should make no effort to remedy this situation. This is a somewhat subtle rejection of personal responsibility.
The fact is, I did not wait around for someone to come along and teach me how to think and reason. I consider those matters far too important to trust to anyone else. I read, I wrote, I engaged in debate, I studied logic and other things, and so that I would not be easily mislead I also studied propaganda techniques and logical fallacies. No one made me do this. No one was looking when I did it. This wasn't for some school project or because anyone asked me to. It's because my life is mine and no one can live it for me, certainly not in any healthy fashion. I look around me and I see a world full of people to whom this sort of personal responsibility, this sort of "giving a damn", is an alien concept. They are choosing to be that way and they can choose differently any time they want. This is why I refer to their inability to solve the most basic problems as "willful helplessness". To say otherwise would amount to telling them that it's hopeless and they shouldn't bother trying and I've seen far too much evidence to the contrary.
So, you can tell me that there is anything esoteric about this process even though all of the needed information is "out there", available, and waiting to be studied by anyone who can use Google. You can watch me express deeply held beliefs that have withstood both the test of time and the test of various hardships and then tell me that they are merely "a rhetorical crutch." Perhaps that will make you feel better about your own personal shortcomings or those belonging to someone close to you or maybe it'll make you feel better about living in a world where most people just don't care. It will not work on me, and nor should it. What I can tell you is that the excuse is worse than the shortcoming because it makes sure that these things are accepted instead of identified and changed. I want something better than that for myself and I also want something better than that for you.
Well, you have to remember that computers also have buttons people have never seen before - especially on a keyboard. Think keys like "Ctrl", "Alt", "PrtSc", "SysRq", "NumLk", "ScrLk" and the like. It's entirely possible believe that "ANY" refers to some computer-y term rather than literally, any (and in most cases, any key won't work - keys like Shift, Ctrl, Alt, the locks, other modifiers (Windows, Menu, AltGr, Compose, blah blah blah) probably won't make the message go away). A slightly better wording might be "Press a key co continue". The literalists will probably type "a", the pedants will try the modifiers and complain, and the rest of us will hit space or something.
I don't think you're appreciating how deep the lack of common sense really is.
If what you're saying were the crux of the problem, then such a user might have this problem one time. It wouldn't take very long to exhaustively perform a visual search of the keyboard and conclude that there is no key labelled "ANY". At that point, this theory that the prompt refers to a specific key has been falsified and it's time to abandon it. Isn't that simple? The only possible remaining explanation is that "any" is an adjective. Even this need not be taken on faith but can be tested by pressing an arbitrary key to see if the machine will proceed. This entire process should take a few minutes at the most.
A user who does not abandon common sense and ability to reason might go through this process one time. After that one time, they would never need to repeat this experience so there is no reason to purchase an "any key" sticker. The problem-solving involved here is really simple and does not even begin to approach what I could call advanced reasoning with a straight face. Yet, these users refused to apply it. I maintain that they are without excuse; that this amounts to willful helplessness. I will add that by making excuses for them, you are not really doing them any favors because by believing you, they will not become less helpless.
I think we'll have to agree to disagree on this part. The whole problem is that you'd never be able to actually prove that a computer is 100% secure (no one has found a way to do that), only that it hasn't been compromised yet and even that might be much tougher than you think, so I'd personally never make a claim like this. Then there's the network to which the computer is attached, which you also cannot actually prove is 100% secure. The best that you can do is to compare various systems in order to establish relative terms like "more secure" and "less secure" to eventually arrive at a concept of "reasonably secure", which is often abbreviated as "secure".
There's also the consideration that computers are part of a system and your security could potentially be compromised at any point in the entire system. Let's say you have incredibly secure computers and networks. Do you think attackers will just give up? No, they'll start going after your users with various social engineering techniques. At some point finding a clueless or overly trusting user is much easier than directly attacking the machines. A person who is knowledgable about security has to understand that the situation favors the attacker. That is, to secure the system, you have to prevent every possible avenue of attack; to break into the system, the attacker just has to find one thing you missed. This is why concepts like default-deny and least-privilege are so helpful.
There is absolutely nothing you can do to make a computer "100% hack proof" against a clueless user who thinks that the attacker is one of your legitimate administrators. What you can do is form a comprehensive plan that takes the entire system, including users, into account. You take reasonable measures and you avoid unnecessary exposure. Ultimately, what you can accomplish is a system that is secure enough that the effort required to break into it far exceeds any value that would be gained by doing so. The rest is damage control.
I don't know anything about the FAA or their systems but this is simply common sense. Any administrator who doesn't understand this should not be trusted with such important networks.
You cannot rule out the cost factor. It's for instance not economically feasible to link up all power stations to a separate secure network, so they use the internet. Facing the Internet is not necessarily insecure. It is possible to make 100% hack proof computers - not counting DOS and physical attacks. Similarly, a secure network can still be compromised so that is not always the best way for securing networked computers.
That's a rather verbose way of saying that my statements are intentionally general and therefore might not describe every possible specific application. I hope we already knew that.
By the way, you quoted me slightly out of context because you left out the one previous sentence that addressed your concern. This is the full block of text:
All I'm saying is that the limiting of potential exposure is a valid security practice. It's one of the more common-sense approaches and it would occur to a competent administrator. Further, a good administrator would do it (would limit exposure) unless there were some overriding need not to. Do I really need to also say that it is one practice among many valid practices? I don't mean to be rude when I say that I doubt anyone who is knowledgable about the subject needs to have such a basic and obvious thing explained to them.
I mean no offense and I'm not trying to berate you. I just can't see why you made your post or what you thought you were telling me that I didn't already cover. If I really did miss something and you are able to fill me in, you'll find me an eager audience, but I don't feel like you've given me much to work with.
I've always wondered how often I can get modded informative for repeating a statement in the summary...maybe it's time for a broad experiment... 1. Post a re-iteration of something in the summary 2. Piss people off by getting modded "Informative" 3. ??? 4. Profit!!
It's just an example of poor-quality moderation. Much of moderation involves subjective judgment calls and the like, but in this case, I can say with confidence that there is nothing "Insightful" about repeating what I just read. I'd really like to see just one discussion that doesn't include such blatantly "WTF were you thinking?" low-quality moderation (again, not referring to judgment calls). Just one -- is that so much to ask? Slashdot badly needs to bring back the old metamoderation system. The one where your mods getting marked as "Unfair" influenced how often you received mod points again and you were informed of your score. In my opinion, Idle and the new metamod system are evidence that they had a good thing going and just had to keep fucking with it, like they couldn't resist.
Windows cannot find Control Tower. Hit any key to continue.
"Where's the 'any' key?"
Am I the only one who remembers the "ANY" stickers that were usually placed on the ENTER key and were specifically designed for (l)users who kept asking that question? When I first saw them, someone had to explain to me that yes it's a serious product, it's not a joke item or a gag gift. I think I looked at the world a bit differently after that.
If I ever marvel at how even otherwise intelligent people sometimes shut down all common sense and ability to reason when they are in front of a computer, this is an example of what I'm talking about. That they wouldn't even consider whether "any" might be an adjective, or that the sentence should be written differently if it were intended to mean a key bearing the label of "ANY" just blows my mind.
Someone should ask the FAA how they managed to get an entire network (see: article title) onto one server (see: article summary). Was it a server, or a single work station? A server can dispense data, but dispensing data does not make it a server. Servers tend to act as the dispenser for data bearing machines, no?
What's the matter, wouldn't an article that said "One FAA Computer Hacked - Employee Data Stolen" be sexy enough? Probably not. The title as is misleads people into wondering if the ATC network was implicated.
If you own or administer the equipment in question, you'd have to assume that an attacker getting into the server is the same thing as an attacker getting into the network until proven otherwise. That's for the simple reasons that the attacker has already proven their ability to compromise at least one of your systems and that server can now be used as a platform to attack any other machine with which that server can communicate (i.e. that network). Incidentally, am I the only one who still says "proven"?
It's still possible that the Slashdot summary has a sensationalist title, but for those reasons it's not absurd to believe otherwise. As for your question about the ATC (air traffic control) network, you don't even need to read the fine article; the summary does specifically state:
This is about what you would expect because such critical systems should not be Internet-accessible unless there were some incredibly strong overruling need for it that could not be addressed any other way. I don't know anything about the FAA or their systems but this is simply common sense. Any administrator who doesn't understand this should not be trusted with such important networks.
I think most techies are surprised when they encounter a user who is interested in learning. It's a pleasant surprise since the majority of users seem to believe that computers are the one area where it's unreasonable to suggest that more skill and knowledge leads to higher productivity and fewer preventable problems. It's as though you're some kind of an elitist if you tell someone that they can choose to make investments (i.e. learning) that will lead to a more pleasant experience. I never really understood that because it seems to me that a genuine elitist would never suggest that the quality of your experience is within your control.
Except that politicians make laws, not lawyers. I seriously doubt all politicians are lawyers.
"All" is a very strong statement, but there is no question that the overwhelming majority of politicians are lawyers, at least in the USA. If you made it something of a research project, you would probably have difficulty naming even a few politicians (at least on the state and federal levels) who do not hold law degrees. It does make sense that most of the people who make new laws have the qualifications necessary to understand and work with existing laws. Unfortunately the idea that their profession is special and exclusive can also be more important to them than the idea that all citizens are expected to know and obey all laws, which is why many laws appear (in my humble unqualified opinion) to be written by lawyers, for lawyers.
As a side comment, the fact that the vast majority of politicians are lawyers is why I feel that they should be held personally responsible (i.e. face criminal charges) when a law that they created or endorsed is later found to be unconstitutional. This would be a much-needed counterbalance against the fact that a citizen cannot challenge an unconstitutional law until after he or she has suffered because of it and risked experiencing the business end of state power. But then, I have always felt that when officials and authority figures screw up, it is far worse than when an average citizen screws up because when officials do it, it undermines the respectability of the law as an institution. I think too that the prospect of power attracts some extremely undesirable personality traits; there is a shortage of good, wholesome, selfless reasons why someone would want it. So, I like the idea that if you want power, you should be held more accountable for your actions than someone who doesn't. Perhaps incorporating these ideas into our legal system would reinforce the idea that public officials are our servants and were never intended to be our masters.
I very much agree with this and I hope I can shed some more light on how this actually happens.
The problem is compounded because too many people automatically take criticism, even very constructive criticism, as a personal attack. They don't seem to realize that dialectic and other aspects of critical thinking and the free exchange of ideas, even those that suggest a personal flaw or shortcoming, are the tools of free minds. People are generally far too quick to become offended by mere disagreement. I believe it's because they don't apply scrutiny to their own beliefs; they don't test them to see if they stand up under examination. Because the beliefs of such people and the positions that they take are not firmly grounded, they are insecure, which leads them to equate dissent with a personal attack. Once they do that, it becomes a contest. At that point it's no longer about determining truth but about feeling like they are right and the other person is wrong.
You really cannot convince someone of anything unless they let you do it. Once it becomes a contest of who's "right", the person will become eager to prove that to you. Any further use of facts and reasoning won't work because at this point, it's no longer about the truth of the situation. Sometimes an informed audience is useful for these situations because of the objectivity that third parties can provide. If the person is acting ridiculous and trying to demonize or marginalize you for holding views that they don't like, they are unlikely to believe you when you tell them that they are doing this (since after all, you're "wrong") but they may feel a need to save face in the presence of an audience.
It's unfortunate that such petty motives sometimes have to come into play before a person will consider whether this behavior is maladaptive. Remember that people always feel justified because if they didn't, they would not say and do the things that they say and do. That's why verbally fighting with them almost never works and it's why even good constructive criticism won't work unless they are ready to receive it. From their perspective, what they are doing makes perfect sense, so if they really are ignorant, compassion and not condemnation is the preferred response. This also helps you discern whether you're operating out of a concern for truth or a (much weaker) need to convince. Of course, this does not mean you refuse to call things what they are and you can't be compromised by any concerns about whether doing so will cause further offense. If you can do that while holding no resentment or anger or malice or ill will of your own, the strength of your position will be abundantly obvious even if no such admission is made.
I hope they're doing well. If they can continue to make good money in this sort of economy, it means that they are effective businesspeople who know what they're doing. Of course, that still doesn't have anything to do with the technical merits of their service and whether I would find them useful.
The only consistent definition of spam that I know is "advertising that I don't want to see and don't have to see". I definitely don't want to see any advertising. If I need your product, I'll determine that on my own (it's simpler that way, too). Just because spam is perfectly legal, doesn't mean that I want to see it. Sometimes advertising is part of the package, like when you listen to broadcast radio. Other times it can be completely and easily avoided. Avoiding the advertising of the OpenDNS folks is very easy -- all I have to do is not use their service. It would be morally wrong for anyone to sue them because their entire system is optional and opt-in. They are not forcing their system on anyone and therefore they are probably good people. My criticisms of their methods do not depend on anyone being forced to do anything. I am questioning why someone would want this service, which presupposes that some people do in fact want it. The basis of my reasoning is that there is nothing that they can do for me that I cannot do for myself, and especially in the case of host security, I can do it myself using tools better suited for the job. When there is no real benefit of an arrangement, even a slight drawback becomes unacceptable.
What you're doing there is a form of misdirection. The way you worded that, you are implying that the choice is to either support an extreme measure that makes no sense (suing someone over nothing) or abandon the idea that I should avoid advertisements I don't want to see and don't have to see. It's like you intended me to say "gee, the state of California is not suing them, their service must suddenly be very useful to me so that I am willing to view occasional ads in order to have the privilege of using it". That doesn't work. It's called a false dichotomy; it is also known as the fallacy of the excluded middle. That's a tactic for an opponent, not a tool for determining truth. You're probably doing it because you were personally offended by my opinions so now this is about who's right and who's wrong. That doesn't work either because opinions are arbitrary and I don't think you appreciate how difficult it is to apply "right and wrong" to them. There's also the fact that nothing I say here could possibly prevent you from having a different opinion if you felt like doing it.
What happened there is I took a position based on how I already felt about these matters (that is, my opinion of them). The order of these things is important. When you take a position, you tend to support it with facts and reasoning especially if you want to be persuasive. That's not the same thing as making a positive claim that it's the only position available or the only conclusion that could be based on the facts. Another person who was so inclined could take a position based on the merits of OpenDNS and could find facts and reasoning to support that. He could do a good job of this and produce well-written reasoning. It's when I see that people are failing to do this without committing various logical fallacies and factual errors that I might decide they are taking a position of weakness, that is, one that they are having great difficulty supporting.
Why don't you use BIND?
For the same reason I'll consider using nearly any MTA except Sendmail, which is because it has a poor security history. BIND and Sendmail both hail from a time when the Internet was a much friendlier place and I consider neither trustworthy on the hostile network that the Internet has since become. I know that version 9 of BIND was a complete rewrite, yet that too has had more security issues than I would like to see.
In my opinion, BIND is written for functionality first and security second. History has shown that security needs to be a fundamental design goal from the beginning; trying to write a program and then secure it later as vulnerabilities are found is problematic at best and causes a lot of preventable problems. Good security is not an afterthought. I just don't see security as an integral part of BIND's design, not when compared to alternatives like djbdns or maradns. For example, from its very first release, maradns has always used a cryptographically secure RNG to randomize query IDs and source port numbers and was never once vulnerable to cache poisoning attacks. BIND didn't start doing this until people started exploiting it. I've just seen too many issues like that which were better solved by more proactive approaches. I really can't rigorously prove to you that one solution is inherently superior to some other solution, especially since your needs and priorities may differ from mine, but I can explain why I have strong preferences that contribute to what I will and won't do.
BIND is also bigger and more complex than what I actually need. I have never felt like there was some must-have feature provided by BIND, so there is really no compelling reason for me to use it. Even so, using a daemon whose authors more proactively consider security issues is just one step. I take other measures, including but not limited to a well-configured software firewall (Linux kernel/iptables) that is itself behind a hardware firewall/router, a PaX/Grsecurity kernel that provides things like non-executable stacks and randomized memory addresses and chroot jails that are much harder to break, and userland measures like compiling the daemon with SSP. Many of those are part of running a Gentoo system with the Hardened profile, which also implies a hardened toolchain. A source-based distribution is definitely not for everyone, but it offers some very good options like this and I'm quite happy with it. I also use Logsentry and a few other tools to help me keep an eye on things.
Yes I'm paranoid, but it's because I believe in preparedness and I've seen too many examples of what happens when administrators don't consider attacks to be an eventuality. I'm rather "old school" in a few ways; for example, I do not believe in after-the-fact removal tools (i.e. for rootkits) at all. Once a system has been compromised, the only way to ever trust it again is to wipe the drives and reinstall from known good media. Between the two, I consider the idea that I may have put an excess of effort into locking down the system (and in the process expanded my skill) to be far more acceptable than the idea of regretting that I didn't do enough. I know there is no such thing as absolutely perfect security, so I think about my threat model and I consider a system "secure" when the effort required to have a hope of breaking into it far exceeds (by a ridiculous margin) any value that might be obtained by doing so. To give a poor analogy, it doesn't make any sense to spend one million dollars in order to earn one thousand dollars. Unless it's a personal vendetta, attackers do understand this and they greatly prefer to go after the low-hanging fruit. The standard these days is so low that it doesn't even take very much to place yourself out of that category.
Ah, yes. A "Flamebait" moderation in response to facts and reasoning that were presented in a relatively mild way. I wouldn't mind being a fly on the wall of such a moderator to see whether they feel better about themselves after doing this. My bet is that they do it only to find out that it's not so satisfying as they thought it would be.
To those moderators who think that what you do and don't agree with is what determines "Flamebait" and "Offtopic", you will be more effective if you choose an easier target than me. I have karma to burn, which I have earned, and I am not at all intimidated by your inability to handle reasoned criticism or your little temper tantrums that result from it. If anything, I'm going to post more when you do this because I will call you on it. You are lesser men who don't have what it takes to openly take me on, which is why you cower behind the moderation system when what you would really like to do is prove me wrong. This isn't because I am so great, because I am not; it is because you are so ridiculously weak and cowardly that you consider losing an Internet debate to be an unacceptable risk. If you ever try it, I'll tell you this much: I learned a lot more from those who were able to find the flaws in my reasoning than I ever did from those who said "me too!"
To those moderators who have a clue, please pardon the tone of this post. I ask that you understand that lots of low-quality moderators are operating unchecked and that this goes on because so few are willing to stand up to them (i.e. most people don't seem to care). Of course, the removal or alteration of the old metamod system also has a lot to do with this.