There are plenty of benchmarks that use real software, or emulate the use or real software reasonably well. They won't publish those benchmarks either. If a company won't give you the information you need to make an informed decision on their products, don't buy their products.
The fact that there are a larger number of "vulnerabilities" for *NIX than Windows is misleading. I just bet the M$ people latch onto this "See, Windows is less vulnerable!"
I doubt that MS itself is going to be stupid enough to try and say this shows their product is more secure, but I could be wrong. There will always be people who try and scew any information that is presented. This is simply a list of the top twenty security risks compiled by the listed experts. There isn't any quantitative method to rank these issues, so they didn't even try. If your systems has any of these vulnerabilities, you should fix them. This isn't designed as a marketing tool, or an advocacy tool. It's a tool for administrators to check their systems for common, serious security issues.
I agree that Windows, or at least IIS seems to have more security issues that are causing wide spread problems, but the purpose of this report isn't to point that out. These experts could have spent months arguing about how to weigh the different security issues, and how to rank them. Then when the report was released they would be called partial and discriminatory by advocates from both sides. The report would have less credibility, and it's purpose of pointing out security flaws would not be served any better.
Even though most of the *NIX stuff is so old you rarely find it occuring in the real world.
People set up unsecure UNIX systems all the time. Even though these are old issues, they still exist.
Look at the CVE numbers. That tells a tale of what is going on _now_. The number has the year and there are many of the *NIX exploits that are 2 years old or more. Many of the Win exploits are within the last year.
UNIX and Windows are different. UNIX is an older more mature OS. More serious bugs listed are older, because UNIX has been around longer. There's going to be more new exploits in Windows, because there's more active development on new features in Windows. Many users don't need those new features, and would likely be better off with a more mature UNIX solution. Other users feel they need those features, and UNIX has not evolved to provide them with a solution yet. The two OSs take a different approach, and place different priorities on security.
This article doesn't take sides in that issue. The experts don't try and advocate one OS over another. They just point out the issues that they consider to be the most serious, and organize them in a way that it's easy to find the ones that apply to the reader. They did a very good job of trying to stay out of the UNIX/Windows. There are plenty of reports on who has the most vulnearabilities, if that's the kind of report you're looking for, then go read one of them.
I submit, kind sir (or madam), that, in light of the War on Drugs[sic], the war on the white male that has come of grotesque mutations on the battle for equality on the part of our melanin-enhanced bretheren
A agree that the "War on Drugs" has been far from effective making our country a better place to live. I also agree that predijuice and bigotry still exhists and is a major problem that our country faces. I'm just not sure how a violent revolt will help this problem. There are many ways to fight injustice. Violence should be a last resort, and only if it's use can make things better in the end. I am however a white male, so maybe this hasn't effected my directly enough for me to have a well formed opinion on it.
and the shameless indoctrination of our children in government institutions as an outgrowth of these and other events (like the failure of Americans to remember how to defend themselves), that we are in fact very close to the point of taking up arms to defend our freedom.
I very much respect and support the right to bear arms. Police often can only react to violent crimes rather than prevent them. People should have the right to protect themselves. I believe the fight to protect these rights is still a political one rather than a violent one.
You're probably right. Critical systems in which lives are at risk should also have physical security, and not be attached to the internet. I suspect this is true even for medical systems at hospitals. I suppost someone could posibly hack some hospital's medical database and change the medications that people are supposed to be given, but I hope those systems aren't on the internet, and there are safegards agains people being given medicine that may harm them. I would agree that cracking that requires breaking into someplace is a completely different issue.
Cracking is definitely bad and should be punished, but these right-wing over-reactionary witchhunts have simply got to stop.
I agree that this needs to stop. I don't personally believe that it's "over-reactionary witchhunts". I think it's people who have adgendas, that are using this tradegy to push those adgendas.
Tell them that security research is not cracking, that cracking is not terrorism
I agree that security research is not cracking.
Cracking is not terrorism in most cases, but if you crack some critical systems, it can get people killed. And though it doesn't rise to near the level of terrorism where people are killed, crackers who cost lots of innocent people a lot of time and money just to make their point or for the fun of it are still scum.
if you don't take the time to properly secure your systems, you need to take some liability!
People who don't secure their systems should take some responsibility for their lack of action. I think liability is the wrong word, because to me it infers that they deserve to be hacked. They don't. They have a responsibility because their lack of security can allow their system to be used against others. Trusting people that don't lock up their valuables don't deserve to be robbed. People that choose not to arm themselves don't deserve to be attacked. Defence against many forms of attack, including cracking may very well be a good idea, but lack of it does not imply guilt on part of the victim.
I strongly support free speech. I think that crypto laws requiring back doors, or making crypto insecure for the common person are wrong, and would be ineffective in their goals.
As part of supporting free speech, I am strongly against malicious cracking. Worms, viruses, trojans and the like do a lot to harm innocent people who just want to get online but don't have a lot of technical knowledge. The internet is a great tool for free speech, and it shouldn't be kept from them just because they don't know how to properly secure their home computer from malicious attacks of others. If the govenment ends up passing harsh legislation which inhibits our freedom to protect such people, it is the crackers who deserve the lion's share of the blame, not the people who got cracked.
I understand that in order to improve security, security needs to be tested. I also understand that in order to get vulnerabilities fixed, that security issues need to be made public. The way they are made public could often be handled better though.
If you really wan to stir some feathers, then remind them of the declaration of independence - "But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security"
You may stir up some feathers with this, but I doubt you'll help your cause. I agree that as a last resort, revolt is actually a responsibility of an american citizen. But only as a last resort, and only for the good of the country.
I realize that I made some comparison between terrorism and cracking in this post, and I want to state that I don't want to trivialize the problem of terrorism with this. Terrorisn is crime that far outshadows cracking. Malicious cracking is more of a petty terrorism in which lives aren't lost.
Absolutely true, I don't use the full potential of my firewire adapter, I use it only for my camcorder which pumps through 3,6 mbytes per second on average. No dropped frames, very low CPU load, try that with USB....
USB 2.0 will likely be able to only get you 2 out of 3, though implemented well, it could get all 3. The 3.6 MB/s shouldn't tax USB 2.0 much, and since it supports Isychronous transfers like Firewire does, it can reserve the bandwidth so that frames aren't dropped. The issue is CPU load. In most cases, the USB controller on the computer side doesn't have much brains to it. It relies on the system processor and a device driver to do most of the work. It may also use PIO to transfer the data from the FIFO's to system memory. This will result in high processor utilization. It doesn't have to be this way. The USB controller could contain a very basic processor that runs firmware to implement it's tasks rather than doing them in software on the system processor. Think of it as the difference between a hardware or software modem.
So if both were solid, established technologies (which USB 2.0 isn't yet), why use firewire? Wouldn't you like your nice camcorder to be able to print stills on a color printer? How about it copying that video clip to a hard/tape drive? You could even have it control lighting over firewire. There are many uses for having the additional intelligence in the camcorder, rather than just having it be a dumb device. That's the reason to use firewire.
Why? That completely depends on the application. USB 2.0 has the bandwidth to handle what most single drivers can deliver. It's true that it's not a peer-to-peer technology, but talking to a hard drive isn't a peer-to-peer task.
USB 2.0 was designed to be a way to get mouses and keyboards plugged into computers.
USB 2.0 was designed to allow higher bandwidth devices to be attached to computers. Few people need more than 1 keyboard and 1 mouse. A lot of people can use a portable backup device such as a CD-RW or tape drive. USB 1.X really wasn't fast enough for these tasks. Even printers and scanners are pushing the 12 Mbit limit.
USB still requires that a computer be part of the device chain; with FireWire, a FireWire camcorder and VCR can talk to each other without a computer. There is much more to this than just making both standards faster.
Of course there's more to this than making the standards faster. There are a lot of things Firewire can do that USB 2.0 can't. Firewire is especially good for multimedia, where you want devices to be able to control other devices, or be controlled, for lack of better, simple explaination. However, if all you need is external, portable storage, then USB 2.0 may become a more cost effective solution.
Notice I said it may become a more cost effective solution. That depends on if it becomes widely accepted. Firewire is a mature, established technology. That means that the cost of developing devices has come down, and they have become reasonably affordable. From a quick search, I still think that external firwire drives are priced too high compared to internal devices. If USB 2.0 becomes commonly used, the simplicity of the controller on the devices should make USB 2.0 devices cheaper that a firewire device that performs the same task. USB can't do everything that Firewire can. But for tasks that both can perform, USB should be cheaper. There are other costs, USB is likely to use more processor power on the host machine, but if that doesn't effect your application, and you want to save money, USB 2.0 may be right for you once it becomes established.
FireWire is not just here NOW, it was here YESTERDAY. There is no place-your-bets atmosphere on FireWire, just incredibly happy and productive users doing things they used to only dream about.
Sounds like Firewire weets your needs very well, that doesn't mean that USB 2.0 doesn't have a place of it's own where it excels as well. Firewire could probably meet those needs as well. You could easilly have a firewire mouse and keyboard, but it just wouldn't be cost effective. Use the right technology for the job. I work with Fibre Channel. It's very fast. It's peer-to-peer (and can do one to many in a limited fasion), and you can use multiple protocols over it such as FCP (SCSI) and IP. You can also use many devices over long distances. Using optical, longwave tranceivers you can have cable lengths up to 10 km. But it's not for every task. Use the right technologh for the job.
Right now the MS consultants are making a lot off money off on these worms. But if enough corporate sites go to Apache on Linux you'll likely see a lot more worms/viruses/trojans writen for Linux and Apache. Sure these systems are more secure, but there are plenty of skilled crackers that will find a way to screw up these systems if there get to be enough systems out there. An let's face it. If the people who currently run unpatched IIS servers switch to Apache, there will be a lot of unpatched Apache servers. Right now Microsoft is the Apache advocate's best friend, because they attract the largest number of lazy admins. If this changes, you'll likly see a lot more attacks going after Apache.
Why wouldn't you want a firewire external harddrive?
Price. Firewire is a better high end technology, but it cost more to implement. If USB 2.0 becomes common, then external USB 2.0 drives should cost less than firewire ones. If the performance is suficient with USB 2.0, why pay for firewire.
The only effective way I can see of getting rid of them is infiltrating their organizations, gathering as much intelligence about them as possible, then assasinating them one by one.
You have a valid point, but this is only part of the job. You can chase after terrorists forever, and more will crawl out from under the rocks of religeous fanatism. The point in going after Afganistan, is to stom them and other countries from providing these terrorists with a safe place to train and finacial resources. If govenments are supporting these terrorist activities, then they need to be stopped.
The problem is that even as we take out one terrorist cell, another will pop up. This could easily end up as unending as the "war on drugs". The real question is why do these people hate the US so much. One reason I've heard a lot lately is that the freedoms that the US stands for fly in the face of their strict religeous beliefs. They see the freedom and democracy that the US preaches as a horrible affront to their morality. They're attacking us because our way of life, and the fact that we are prosperous while living that way, is disolving the strict religeous fanatism of their countries. They see Western influence as being a horrible corruption that they must stamp out before it destroys what they believe in.
I don't see the US changin it's ways. I see us continueing to stick up for individual freedoms. I see us continuing to condem the atrocities like what the Taliban has done to the women of their own country in the name of Islam. This leads us to an impass. They are willing to kill to defend their beliefs, they've proven that. We are being force to kill to protect ours. It's important to note that it's not the religeon of Islam itself. It is the interpretation of it by some fanatics that is incompatible with our way of life. I don't see a peaceful solution when two groups are so diametrically opposed.
After the russian were done with Afganistan, there wasn't much left, and the Russians still couldn't conquer them. Bombing poor civilians while they huddle in their homes isn't a war. We need to find a way to get at Osama Bin Laden, his followers, and the Taliban.
After they are gone, it would probably be in our best interest to help rebuild this already devistated country.
You have viable feedback, you're consumers. Radio stations make money from advertising. If you don't like what a radio station is playing, listen to a different station.
I suppose if you decide you don't want to play country music on your car stereo, that's censorship too?
No one is telling the radio stations they can't paly that music. The radio stations are choosing not to play that music. THis is likely not even a long term plan. They just don't feel that the music is appripriate at this time.
It's their radio station, it's their choice, it's their right to make that decision.
They aren't keeping you from listening to this kind of music, got buy the album, or even better, you might be able to rent it from your local library.
So, basicly, you're saying that a billion dollars is worth a kid's life? What a nice world we life in.
I mean, I don't; I life in a country where a kid _is_ considered a human being.
I didn't say to put him to death. I said he should be locked up for longer than 8 months. Our juvinile justice system does have a responsibility to keep him safe from his fellow inmates, and to make it possibly for him to continue his education, but he needs to pay a price for commiting a crime. No one else made him commit the crime. He did it on his own, and is responsible for the results. Many thousands of people were effected by his crime. He cost a lot of real people real money. All that money could have also gone into the pockets of hard working people who are now laid off. Instead it was just wasted because some kid felt like playing around and seeing if he could screw up the computer systems of some big compaines. Big companies are made up of people. In the end if you cost big companies a lot of money, either people pay higher prices, or get less for their money.
This is not other people ruining his life, this is him paying the price for the actions he chose to take. In my opinion, the price he's paying isn't high enough.
Since a divide by zero in one of my applications has never crashed NT, I think probably mischaracterizing the problem. What does that app do with the zero that's set? Does it pass it to a buggy device driver that doesn't check the validity of the data sent to it? If you divide by zero in the kernel, you'll likely crash your os, even if it is Linux. If the application was properly designed it would handle this error. If the application is badly designed, then the OS will do what it's told to do. If the application puts a real time priority thread into an endless loop, your system isn't going to be real responsive, but you should be able to recover without rebooting it it's a user thread. With an embedded system, it's likely there's a number of device drivers involved. If you screw up in device drivers, you can easily crash the system. This is true on Linux, NT, Solaris, and just about every other OS I've worked on. If a divide by zero error in an application is really what brought this ship down, then there's a serious problem. I still have to question that the code wasn't more strictly reviewed before allowing it to go into a mission critical system, but it's still a serious problem that needs to be resolved.
I'm also a little skeptical because the military has been building mission critical systems using VxWorks for years. VxWorks doesn't seperate user and kernel space. It's a very simple, and powerful 32 bit, multithreaded OS. A development seat also costs almost as much as a small car. If the navy can design complex, reliable systems based on that, then they can build a system based on NT. The contractor screwed up, the people overseeing the contract screwed up, and none of them should be let off the hook by blaming NT.
How does a Monopoly case regarding a consumer OS relate to NT's use in mission critical situations? You can't get much more off topic that this post.
I'm not familiar with the problems with the Yourtown, but I suspect the problem lies with a system that is poorly designed and poorly implemented. The OS is only one small part of this systemand though it's possible that's the OS is part of the problem, and it may very well not be the best platform to handle a less than robutly designed system, I doubt it's a significant part of problem. I've seen NT used in many critical systems, including medical systems. Take a look at the computer they're using when you get LASIK done on your eyes, it's running Windows (this made me very nervous when my wife had the sugery). Those systems have to go through rigorous FDA approval, and they work.
The fact that a Navy ship would need to be towed to port because of a fatal systems failure should be a least a significant embarassment to the Navy. That system should have never been deployed without sufficient redundancy and suficient testing. To blame this on Windows is FUD. Others have built stable mission critical systems based on windows, the Navy and it's contractors faild to do so.
Sure, the hardware is cheap, but the labor and downtime for replacing the cabling, and replacing network cards is extremetly expensive. If their systems meets their needs, why should they change. The problem here isn't Token Ring, it's the buggy device driver for Linux, or possibly Linux has a bug that's causing the problem, there wasn't enough information in the article to tell.
Linux users have often prided themselves on the fact that their OS had support for old hardware, forced hardware upgrades were an aspect of Windows, not Linux.
Of course, this is off topic for the original post. I sympathize with the original poster - it always sucks when your favorite OS doesn't interoperate well and gets a bad rap. But hey, Apple is still around, so it's not a fatal problem...
Apple was banned in many corporate offices. This guys boss my never approve another another person to use Linux on the corporate network again. In this case it may very well be a fatal problem. It's always a bad thing when your unique system doesn't work right, and you can't get your job done. When you bring down the network, no one can get their job done, and they have to debug the network to isolate your system. That's pretty much a fatal problem. It's real hard to justify Linux as cost effective when they just wasted thousands of dollars because they let the first person hook up a Linux box.
I think the appropriate military action would be to establish a multicountry anti-terrorist military group. It is acceptable if it is initially heavily Western or NATO-based, with Russia and China thrown in for credibility.
I don't think it would be acceptable to most countries to allow a multinational anti-terrorist group free reign within it's borders. Do you think Great Britian would want that group going after the IRA? What if some US citizens reacted to this tradegy by setting off a bomb in a civilian area in Afganistan? Wouldn't that be terrorism? Would we want some some anti-terrorist military group commming in and attacking millitant american citizens on US soil? I think it would be against our Constitution to allow that to happen. Even those people would have a right to a trial, and even our military isn't supposed to operate domesticly. We have police and the FBI for that. I know you were just throwing out the idea, and that tentions are running high right now everywhere, but I don't think it could work.
I think the best solution would be to have the govenment of those countries stomp out terrorism as best they can. The British are trying to work through their problems with terrorists there. It's a difficult task, but they are making an effort. I know it's overly optimistic to hope that many of the countries in the Middle East will work to rid their own countries of terrorists. In those cases the rest of the world need to act together to force them to do so. State supported terrorism should not be tolerated.
The US has an important role in this as well. We have supplied arms and support for a large number of governments and militant groups in the middle east over the years. We need to make sure that those arms are not used for terrorist activities, or to suppress innocent people. I think we even have laws on the books in the US that are supposed to require our government to do so. Unfortunately, I'm never sure how much of the news we get here is filtered. It's hard to know who are truely the good guys and who are the bad guys in many of these conflicts. In the end it seems like a lot of bad things happen, a lot of finger pointing occurs, and more bad things happen.
We need to strike back against the terrorists, and those who have harbored them. But if at all possible, we need to aviod killing indiscriminantly killing the people of those nations. The goal shouldn't be revenge. The goal should be peace and freedom from such attacks. We must act so that these people cannot do this kind of thing again, and to discourage those who would attempt it in the future. But the goal has to be resolve what issues we can, and move forward toward peace.
Maybe these juvinile detention centers need better adult supervision so inmates can't be ablused by other inmates. That's a real and serious issue. But his illegal actions resulted in possibly a billion dollars in damages. The billion dollar figure is probably exaggerated, but he commited a serious crime, and should be facing a serious penalty. I don't think losing 8 months of his freedom is that serious of a penalty considering the crime he committed.
GWB's statement and others voiced in this forum about blaming an entire country for one (or a few) individuals' acts are crazy and send the wrong signals to the rest of the world.
If the government of that country is harboring and supporting these terrorists, then that government must be held accountable. Unfortunately, citizens often pay the price for the actions of their government. If the govenment isn't acting in their best interests, then they need to put in place a new govenment that will better represent them. If there is a way to directly get at the people who are responsible for these acts, including those who harbor and support them, then that is the best solution. If however, we can't do that then the people of that nation will likely suffer through economic sanctions and possibly even war. If the facts lead us to Afganistan supporting these terrorist acts, then we will likely be imposing sanction and possibly supporting the rebels that are carying on a revolutionary war there. I don't know much about those rebels, and it is possible that we really don't want them in power either. In any case, the United States needs to take action to prevent this from happening again. We must send a message to those nations who make public announcement that they don't support such actions, but still harbor these people and let them operate and even train terrorists within their borders.
attacking civilians puts you on the same level as the terrorists, think carefully about that
These people don't seem to recognize the difference between combatants and non-combatants. If we have to go to war against this kind of people it will be very hard to determine who is a civilian and who isn't. The war may be necessary, but it's not something we are going to be able to look back on with pride when it's all over. Wars are never something that people should be proud of, but they are sometimes a necessary evil. If we go to war over this, it will likely be a very evil necessity.
Have you ever considered that today's attack was a counterstrike - against America?
This isn't a counter attack simply because this act is unjustifiable. An attack on a US militay post would be a counter attack. The only military target in this attack was the Pentagon. There is no justification for hijacking civillian aircraft full of civillians and crashing them into civillian targets.
The people who are responsible for this need to be prevented from ever commiting this kind of act again. Anyone, or any nation, who harbors those individuals must also be brought to justice. Not only the US, but the entire world should not only speak out against such cowardly acts of terror, but act to prevent such acts from occuring in the future. I understand that it isn't fair for a nation to suffer for the actions of a few of it's citizens, but if those nations are harboring those terrorists, then they share the blame for this crime.
I play Asheron's Call, and there's already a free market in the game. One town in particular, Qbar is basically an open air market where people come to trade. The values of different items change as new items are intorduced, and as the Devs make changes to the game. I think that this free market is a very important part of the game, but it should remain the trade of virtual items for other virtual items, or virtual cash. When real money gets involved, things tend to get ugly. There's more to gain, so there ends up being more corruption and more cheating. In Asheron's Call the developers have limited this problem by putting timers on how often a character can do a quest. In some cases this can be 3 months before you can do a quest again after you've done it. This keeps players from camping the quests so that others can go on them. It also allows the Devs to limit the numbers of items that are supposed to be rare. With one quest, the timer was an hour. You could camp at the end of the quest and pick up an Quiddity Orb fragment every hour. The quest was always crowded, and the mraket became flooded with the things. They changed the timer to 1 week. It's a lot less crowded, and the in game value of the items will rise back up over time. I don't like people selling game items on Ebay, but as long as it doesn't harm the game, it's really none of my business. If I were playing Everquest I'd be a lot more upset about it.
Another issue is that a lot of people get these items by being in a Monarchy that runs quests. It's really frustrating to go to the trouble of setting up and running quests just to see the items in an Auction on acvault the next day. If I saw my vassals selling the stuff I helped them get on ebay I'd release them. I play for the fun of it, if you want to take advantage of my generocity, then you arent really my friends, and I don't need you ruining the fun for me.
People selling stuff on Ebay definately makes balancing the game and the game's economy more of a challenge for the developers. You can't prevent people from doing it, so I think that designing the game so it plays a very limited part is important. The developers of AC have done this well, and it's one of the reasons I play that game rather than another on-line game.
If you want to play to make real world cash, go play another game, we're both happier that way.
I agree that saying that the Bush administration directed the DOJ to do this is misleading. The DOJ decided to do this. I will agree that the DOJ is part of the executive branch, and that Bush appointed it's head and that a great deal of the responsibility for this decision rests on his shoulders. The wording used in posting the article doesn't lead you to believe that Michael's impartial on this issue. Of course I never really though that anyway.
Slashdot Mirror
There are plenty of benchmarks that use real software, or emulate the use or real software reasonably well. They won't publish those benchmarks either. If a company won't give you the information you need to make an informed decision on their products, don't buy their products.
Come on moderators, get a sense of humor.
The fact that there are a larger number of "vulnerabilities" for *NIX than Windows is misleading. I just bet the M$ people latch onto this "See, Windows is less vulnerable!"
I doubt that MS itself is going to be stupid enough to try and say this shows their product is more secure, but I could be wrong. There will always be people who try and scew any information that is presented. This is simply a list of the top twenty security risks compiled by the listed experts. There isn't any quantitative method to rank these issues, so they didn't even try. If your systems has any of these vulnerabilities, you should fix them. This isn't designed as a marketing tool, or an advocacy tool. It's a tool for administrators to check their systems for common, serious security issues.
I agree that Windows, or at least IIS seems to have more security issues that are causing wide spread problems, but the purpose of this report isn't to point that out. These experts could have spent months arguing about how to weigh the different security issues, and how to rank them. Then when the report was released they would be called partial and discriminatory by advocates from both sides. The report would have less credibility, and it's purpose of pointing out security flaws would not be served any better.
Even though most of the *NIX stuff is so old you rarely find it occuring in the real world.
People set up unsecure UNIX systems all the time. Even though these are old issues, they still exist.
Look at the CVE numbers. That tells a tale of what is going on _now_. The number has the year and there are many of the *NIX exploits that are 2 years old or more. Many of the Win exploits are within the last year.
UNIX and Windows are different. UNIX is an older more mature OS. More serious bugs listed are older, because UNIX has been around longer. There's going to be more new exploits in Windows, because there's more active development on new features in Windows. Many users don't need those new features, and would likely be better off with a more mature UNIX solution. Other users feel they need those features, and UNIX has not evolved to provide them with a solution yet. The two OSs take a different approach, and place different priorities on security.
This article doesn't take sides in that issue. The experts don't try and advocate one OS over another. They just point out the issues that they consider to be the most serious, and organize them in a way that it's easy to find the ones that apply to the reader. They did a very good job of trying to stay out of the UNIX/Windows. There are plenty of reports on who has the most vulnearabilities, if that's the kind of report you're looking for, then go read one of them.
I submit, kind sir (or madam), that, in light of the War on Drugs[sic], the war on the white male that has come of grotesque mutations on the battle for equality on the part of our melanin-enhanced bretheren
A agree that the "War on Drugs" has been far from effective making our country a better place to live. I also agree that predijuice and bigotry still exhists and is a major problem that our country faces. I'm just not sure how a violent revolt will help this problem. There are many ways to fight injustice. Violence should be a last resort, and only if it's use can make things better in the end. I am however a white male, so maybe this hasn't effected my directly enough for me to have a well formed opinion on it.
and the shameless indoctrination of our children in government institutions as an outgrowth of these and other events (like the failure of Americans to remember how to defend themselves), that we are in fact very close to the point of taking up arms to defend our freedom.
I very much respect and support the right to bear arms. Police often can only react to violent crimes rather than prevent them. People should have the right to protect themselves. I believe the fight to protect these rights is still a political one rather than a violent one.
You're probably right. Critical systems in which lives are at risk should also have physical security, and not be attached to the internet. I suspect this is true even for medical systems at hospitals. I suppost someone could posibly hack some hospital's medical database and change the medications that people are supposed to be given, but I hope those systems aren't on the internet, and there are safegards agains people being given medicine that may harm them. I would agree that cracking that requires breaking into someplace is a completely different issue.
Cracking is definitely bad and should be punished, but these right-wing over-reactionary witchhunts have simply got to stop.
I agree that this needs to stop. I don't personally believe that it's "over-reactionary witchhunts". I think it's people who have adgendas, that are using this tradegy to push those adgendas.
Tell them that security research is not cracking, that cracking is not terrorism
I agree that security research is not cracking.
Cracking is not terrorism in most cases, but if you crack some critical systems, it can get people killed. And though it doesn't rise to near the level of terrorism where people are killed, crackers who cost lots of innocent people a lot of time and money just to make their point or for the fun of it are still scum.
if you don't take the time to properly secure your systems, you need to take some liability!
People who don't secure their systems should take some responsibility for their lack of action. I think liability is the wrong word, because to me it infers that they deserve to be hacked. They don't. They have a responsibility because their lack of security can allow their system to be used against others. Trusting people that don't lock up their valuables don't deserve to be robbed. People that choose not to arm themselves don't deserve to be attacked. Defence against many forms of attack, including cracking may very well be a good idea, but lack of it does not imply guilt on part of the victim.
I strongly support free speech. I think that crypto laws requiring back doors, or making crypto insecure for the common person are wrong, and would be ineffective in their goals.
As part of supporting free speech, I am strongly against malicious cracking. Worms, viruses, trojans and the like do a lot to harm innocent people who just want to get online but don't have a lot of technical knowledge. The internet is a great tool for free speech, and it shouldn't be kept from them just because they don't know how to properly secure their home computer from malicious attacks of others. If the govenment ends up passing harsh legislation which inhibits our freedom to protect such people, it is the crackers who deserve the lion's share of the blame, not the people who got cracked.
I understand that in order to improve security, security needs to be tested. I also understand that in order to get vulnerabilities fixed, that security issues need to be made public. The way they are made public could often be handled better though.
If you really wan to stir some feathers, then remind them of the declaration of independence - "But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security"
You may stir up some feathers with this, but I doubt you'll help your cause. I agree that as a last resort, revolt is actually a responsibility of an american citizen. But only as a last resort, and only for the good of the country.
I realize that I made some comparison between terrorism and cracking in this post, and I want to state that I don't want to trivialize the problem of terrorism with this. Terrorisn is crime that far outshadows cracking. Malicious cracking is more of a petty terrorism in which lives aren't lost.
Absolutely true, I don't use the full potential of my firewire adapter, I use it only for my camcorder which pumps through 3,6 mbytes per second on average. No dropped frames, very low CPU load, try that with USB....
USB 2.0 will likely be able to only get you 2 out of 3, though implemented well, it could get all 3. The 3.6 MB/s shouldn't tax USB 2.0 much, and since it supports Isychronous transfers like Firewire does, it can reserve the bandwidth so that frames aren't dropped. The issue is CPU load. In most cases, the USB controller on the computer side doesn't have much brains to it. It relies on the system processor and a device driver to do most of the work. It may also use PIO to transfer the data from the FIFO's to system memory. This will result in high processor utilization. It doesn't have to be this way. The USB controller could contain a very basic processor that runs firmware to implement it's tasks rather than doing them in software on the system processor. Think of it as the difference between a hardware or software modem.
So if both were solid, established technologies (which USB 2.0 isn't yet), why use firewire? Wouldn't you like your nice camcorder to be able to print stills on a color printer? How about it copying that video clip to a hard/tape drive? You could even have it control lighting over firewire. There are many uses for having the additional intelligence in the camcorder, rather than just having it be a dumb device. That's the reason to use firewire.
Performance won't be sufficient with USB 2.0.
Why? That completely depends on the application. USB 2.0 has the bandwidth to handle what most single drivers can deliver. It's true that it's not a peer-to-peer technology, but talking to a hard drive isn't a peer-to-peer task.
USB 2.0 was designed to be a way to get mouses and keyboards plugged into computers.
USB 2.0 was designed to allow higher bandwidth devices to be attached to computers. Few people need more than 1 keyboard and 1 mouse. A lot of people can use a portable backup device such as a CD-RW or tape drive. USB 1.X really wasn't fast enough for these tasks. Even printers and scanners are pushing the 12 Mbit limit.
USB still requires that a computer be part of the device chain; with FireWire, a FireWire camcorder and VCR can talk to each other without a computer. There is much more to this than just making both standards faster.
Of course there's more to this than making the standards faster. There are a lot of things Firewire can do that USB 2.0 can't. Firewire is especially good for multimedia, where you want devices to be able to control other devices, or be controlled, for lack of better, simple explaination. However, if all you need is external, portable storage, then USB 2.0 may become a more cost effective solution.
Notice I said it may become a more cost effective solution. That depends on if it becomes widely accepted. Firewire is a mature, established technology. That means that the cost of developing devices has come down, and they have become reasonably affordable. From a quick search, I still think that external firwire drives are priced too high compared to internal devices. If USB 2.0 becomes commonly used, the simplicity of the controller on the devices should make USB 2.0 devices cheaper that a firewire device that performs the same task. USB can't do everything that Firewire can. But for tasks that both can perform, USB should be cheaper. There are other costs, USB is likely to use more processor power on the host machine, but if that doesn't effect your application, and you want to save money, USB 2.0 may be right for you once it becomes established.
FireWire is not just here NOW, it was here YESTERDAY. There is no place-your-bets atmosphere on FireWire, just incredibly happy and productive users doing things they used to only dream about.
Sounds like Firewire weets your needs very well, that doesn't mean that USB 2.0 doesn't have a place of it's own where it excels as well. Firewire could probably meet those needs as well. You could easilly have a firewire mouse and keyboard, but it just wouldn't be cost effective. Use the right technology for the job. I work with Fibre Channel. It's very fast. It's peer-to-peer (and can do one to many in a limited fasion), and you can use multiple protocols over it such as FCP (SCSI) and IP. You can also use many devices over long distances. Using optical, longwave tranceivers you can have cable lengths up to 10 km. But it's not for every task. Use the right technologh for the job.
Right now the MS consultants are making a lot off money off on these worms. But if enough corporate sites go to Apache on Linux you'll likely see a lot more worms/viruses/trojans writen for Linux and Apache. Sure these systems are more secure, but there are plenty of skilled crackers that will find a way to screw up these systems if there get to be enough systems out there. An let's face it. If the people who currently run unpatched IIS servers switch to Apache, there will be a lot of unpatched Apache servers. Right now Microsoft is the Apache advocate's best friend, because they attract the largest number of lazy admins. If this changes, you'll likly see a lot more attacks going after Apache.
Why wouldn't you want a firewire external harddrive?
Price. Firewire is a better high end technology, but it cost more to implement. If USB 2.0 becomes common, then external USB 2.0 drives should cost less than firewire ones. If the performance is suficient with USB 2.0, why pay for firewire.
The only effective way I can see of getting rid of them is infiltrating their organizations, gathering as much intelligence about them as possible, then assasinating them one by one.
You have a valid point, but this is only part of the job. You can chase after terrorists forever, and more will crawl out from under the rocks of religeous fanatism. The point in going after Afganistan, is to stom them and other countries from providing these terrorists with a safe place to train and finacial resources. If govenments are supporting these terrorist activities, then they need to be stopped.
The problem is that even as we take out one terrorist cell, another will pop up. This could easily end up as unending as the "war on drugs". The real question is why do these people hate the US so much. One reason I've heard a lot lately is that the freedoms that the US stands for fly in the face of their strict religeous beliefs. They see the freedom and democracy that the US preaches as a horrible affront to their morality. They're attacking us because our way of life, and the fact that we are prosperous while living that way, is disolving the strict religeous fanatism of their countries. They see Western influence as being a horrible corruption that they must stamp out before it destroys what they believe in.
I don't see the US changin it's ways. I see us continueing to stick up for individual freedoms. I see us continuing to condem the atrocities like what the Taliban has done to the women of their own country in the name of Islam. This leads us to an impass. They are willing to kill to defend their beliefs, they've proven that. We are being force to kill to protect ours. It's important to note that it's not the religeon of Islam itself. It is the interpretation of it by some fanatics that is incompatible with our way of life. I don't see a peaceful solution when two groups are so diametrically opposed.
After the russian were done with Afganistan, there wasn't much left, and the Russians still couldn't conquer them. Bombing poor civilians while they huddle in their homes isn't a war. We need to find a way to get at Osama Bin Laden, his followers, and the Taliban.
After they are gone, it would probably be in our best interest to help rebuild this already devistated country.
You have viable feedback, you're consumers. Radio stations make money from advertising. If you don't like what a radio station is playing, listen to a different station.
I suppose if you decide you don't want to play country music on your car stereo, that's censorship too?
No one is telling the radio stations they can't paly that music. The radio stations are choosing not to play that music. THis is likely not even a long term plan. They just don't feel that the music is appripriate at this time.
It's their radio station, it's their choice, it's their right to make that decision.
They aren't keeping you from listening to this kind of music, got buy the album, or even better, you might be able to rent it from your local library.
So, basicly, you're saying that a billion dollars is worth a kid's life? What a nice world we life in.
I mean, I don't; I life in a country where a kid _is_ considered a human being.
I didn't say to put him to death. I said he should be locked up for longer than 8 months. Our juvinile justice system does have a responsibility to keep him safe from his fellow inmates, and to make it possibly for him to continue his education, but he needs to pay a price for commiting a crime. No one else made him commit the crime. He did it on his own, and is responsible for the results. Many thousands of people were effected by his crime. He cost a lot of real people real money. All that money could have also gone into the pockets of hard working people who are now laid off. Instead it was just wasted because some kid felt like playing around and seeing if he could screw up the computer systems of some big compaines. Big companies are made up of people. In the end if you cost big companies a lot of money, either people pay higher prices, or get less for their money.
This is not other people ruining his life, this is him paying the price for the actions he chose to take. In my opinion, the price he's paying isn't high enough.
Since a divide by zero in one of my applications has never crashed NT, I think probably mischaracterizing the problem. What does that app do with the zero that's set? Does it pass it to a buggy device driver that doesn't check the validity of the data sent to it? If you divide by zero in the kernel, you'll likely crash your os, even if it is Linux. If the application was properly designed it would handle this error. If the application is badly designed, then the OS will do what it's told to do. If the application puts a real time priority thread into an endless loop, your system isn't going to be real responsive, but you should be able to recover without rebooting it it's a user thread. With an embedded system, it's likely there's a number of device drivers involved. If you screw up in device drivers, you can easily crash the system. This is true on Linux, NT, Solaris, and just about every other OS I've worked on. If a divide by zero error in an application is really what brought this ship down, then there's a serious problem. I still have to question that the code wasn't more strictly reviewed before allowing it to go into a mission critical system, but it's still a serious problem that needs to be resolved.
I'm also a little skeptical because the military has been building mission critical systems using VxWorks for years. VxWorks doesn't seperate user and kernel space. It's a very simple, and powerful 32 bit, multithreaded OS. A development seat also costs almost as much as a small car. If the navy can design complex, reliable systems based on that, then they can build a system based on NT. The contractor screwed up, the people overseeing the contract screwed up, and none of them should be let off the hook by blaming NT.
How does a Monopoly case regarding a consumer OS relate to NT's use in mission critical situations? You can't get much more off topic that this post.
I'm not familiar with the problems with the Yourtown, but I suspect the problem lies with a system that is poorly designed and poorly implemented. The OS is only one small part of this systemand though it's possible that's the OS is part of the problem, and it may very well not be the best platform to handle a less than robutly designed system, I doubt it's a significant part of problem. I've seen NT used in many critical systems, including medical systems. Take a look at the computer they're using when you get LASIK done on your eyes, it's running Windows (this made me very nervous when my wife had the sugery). Those systems have to go through rigorous FDA approval, and they work.
The fact that a Navy ship would need to be towed to port because of a fatal systems failure should be a least a significant embarassment to the Navy. That system should have never been deployed without sufficient redundancy and suficient testing. To blame this on Windows is FUD. Others have built stable mission critical systems based on windows, the Navy and it's contractors faild to do so.
Sure, the hardware is cheap, but the labor and downtime for replacing the cabling, and replacing network cards is extremetly expensive. If their systems meets their needs, why should they change. The problem here isn't Token Ring, it's the buggy device driver for Linux, or possibly Linux has a bug that's causing the problem, there wasn't enough information in the article to tell.
Linux users have often prided themselves on the fact that their OS had support for old hardware, forced hardware upgrades were an aspect of Windows, not Linux.
Of course, this is off topic for the original post. I sympathize with the original poster - it always sucks when your favorite OS doesn't interoperate well and gets a bad rap. But hey, Apple is still around, so it's not a fatal problem...
Apple was banned in many corporate offices. This guys boss my never approve another another person to use Linux on the corporate network again. In this case it may very well be a fatal problem. It's always a bad thing when your unique system doesn't work right, and you can't get your job done. When you bring down the network, no one can get their job done, and they have to debug the network to isolate your system. That's pretty much a fatal problem. It's real hard to justify Linux as cost effective when they just wasted thousands of dollars because they let the first person hook up a Linux box.
I think the appropriate military action would be to establish a multicountry anti-terrorist military group. It is acceptable if it is initially heavily Western or NATO-based, with Russia and China thrown in for credibility.
I don't think it would be acceptable to most countries to allow a multinational anti-terrorist group free reign within it's borders. Do you think Great Britian would want that group going after the IRA? What if some US citizens reacted to this tradegy by setting off a bomb in a civilian area in Afganistan? Wouldn't that be terrorism? Would we want some some anti-terrorist military group commming in and attacking millitant american citizens on US soil? I think it would be against our Constitution to allow that to happen. Even those people would have a right to a trial, and even our military isn't supposed to operate domesticly. We have police and the FBI for that. I know you were just throwing out the idea, and that tentions are running high right now everywhere, but I don't think it could work.
I think the best solution would be to have the govenment of those countries stomp out terrorism as best they can. The British are trying to work through their problems with terrorists there. It's a difficult task, but they are making an effort. I know it's overly optimistic to hope that many of the countries in the Middle East will work to rid their own countries of terrorists. In those cases the rest of the world need to act together to force them to do so. State supported terrorism should not be tolerated.
The US has an important role in this as well. We have supplied arms and support for a large number of governments and militant groups in the middle east over the years. We need to make sure that those arms are not used for terrorist activities, or to suppress innocent people. I think we even have laws on the books in the US that are supposed to require our government to do so. Unfortunately, I'm never sure how much of the news we get here is filtered. It's hard to know who are truely the good guys and who are the bad guys in many of these conflicts. In the end it seems like a lot of bad things happen, a lot of finger pointing occurs, and more bad things happen.
We need to strike back against the terrorists, and those who have harbored them. But if at all possible, we need to aviod killing indiscriminantly killing the people of those nations. The goal shouldn't be revenge. The goal should be peace and freedom from such attacks. We must act so that these people cannot do this kind of thing again, and to discourage those who would attempt it in the future. But the goal has to be resolve what issues we can, and move forward toward peace.
Maybe these juvinile detention centers need better adult supervision so inmates can't be ablused by other inmates. That's a real and serious issue. But his illegal actions resulted in possibly a billion dollars in damages. The billion dollar figure is probably exaggerated, but he commited a serious crime, and should be facing a serious penalty. I don't think losing 8 months of his freedom is that serious of a penalty considering the crime he committed.
GWB's statement and others voiced in this forum about blaming an entire country for one (or a few) individuals' acts are crazy and send the wrong signals to the rest of the world.
If the government of that country is harboring and supporting these terrorists, then that government must be held accountable. Unfortunately, citizens often pay the price for the actions of their government. If the govenment isn't acting in their best interests, then they need to put in place a new govenment that will better represent them. If there is a way to directly get at the people who are responsible for these acts, including those who harbor and support them, then that is the best solution. If however, we can't do that then the people of that nation will likely suffer through economic sanctions and possibly even war. If the facts lead us to Afganistan supporting these terrorist acts, then we will likely be imposing sanction and possibly supporting the rebels that are carying on a revolutionary war there. I don't know much about those rebels, and it is possible that we really don't want them in power either. In any case, the United States needs to take action to prevent this from happening again. We must send a message to those nations who make public announcement that they don't support such actions, but still harbor these people and let them operate and even train terrorists within their borders.
attacking civilians puts you on the same level as the terrorists, think carefully about that
These people don't seem to recognize the difference between combatants and non-combatants. If we have to go to war against this kind of people it will be very hard to determine who is a civilian and who isn't. The war may be necessary, but it's not something we are going to be able to look back on with pride when it's all over. Wars are never something that people should be proud of, but they are sometimes a necessary evil. If we go to war over this, it will likely be a very evil necessity.
Have you ever considered that today's attack was a counterstrike - against America?
This isn't a counter attack simply because this act is unjustifiable. An attack on a US militay post would be a counter attack. The only military target in this attack was the Pentagon. There is no justification for hijacking civillian aircraft full of civillians and crashing them into civillian targets.
The people who are responsible for this need to be prevented from ever commiting this kind of act again. Anyone, or any nation, who harbors those individuals must also be brought to justice. Not only the US, but the entire world should not only speak out against such cowardly acts of terror, but act to prevent such acts from occuring in the future. I understand that it isn't fair for a nation to suffer for the actions of a few of it's citizens, but if those nations are harboring those terrorists, then they share the blame for this crime.
I play Asheron's Call, and there's already a free market in the game. One town in particular, Qbar is basically an open air market where people come to trade. The values of different items change as new items are intorduced, and as the Devs make changes to the game. I think that this free market is a very important part of the game, but it should remain the trade of virtual items for other virtual items, or virtual cash. When real money gets involved, things tend to get ugly. There's more to gain, so there ends up being more corruption and more cheating. In Asheron's Call the developers have limited this problem by putting timers on how often a character can do a quest. In some cases this can be 3 months before you can do a quest again after you've done it. This keeps players from camping the quests so that others can go on them. It also allows the Devs to limit the numbers of items that are supposed to be rare. With one quest, the timer was an hour. You could camp at the end of the quest and pick up an Quiddity Orb fragment every hour. The quest was always crowded, and the mraket became flooded with the things. They changed the timer to 1 week. It's a lot less crowded, and the in game value of the items will rise back up over time. I don't like people selling game items on Ebay, but as long as it doesn't harm the game, it's really none of my business. If I were playing Everquest I'd be a lot more upset about it.
Another issue is that a lot of people get these items by being in a Monarchy that runs quests. It's really frustrating to go to the trouble of setting up and running quests just to see the items in an Auction on acvault the next day. If I saw my vassals selling the stuff I helped them get on ebay I'd release them. I play for the fun of it, if you want to take advantage of my generocity, then you arent really my friends, and I don't need you ruining the fun for me.
People selling stuff on Ebay definately makes balancing the game and the game's economy more of a challenge for the developers. You can't prevent people from doing it, so I think that designing the game so it plays a very limited part is important. The developers of AC have done this well, and it's one of the reasons I play that game rather than another on-line game.
If you want to play to make real world cash, go play another game, we're both happier that way.
I agree that saying that the Bush administration directed the DOJ to do this is misleading. The DOJ decided to do this. I will agree that the DOJ is part of the executive branch, and that Bush appointed it's head and that a great deal of the responsibility for this decision rests on his shoulders. The wording used in posting the article doesn't lead you to believe that Michael's impartial on this issue. Of course I never really though that anyway.