Accellerate the thin foil skinned ship up to some useful speed and every particle of dust becomes destructive. In space, its not the size of the stuff that gets you, its the speed and distance.
you don't gotta go nuculer on us 'mericans now. After all, we have really really big er...bombs....and we're really really good at....er....breaking stuff.
You're totally right of course. A hunk of plastic that says John is 14 doesn't mean anything unless you can be sure that its John's key, and that John is in front of you.
That adds huge complexity to the system because now you need some other path to check it. Does a picture of John come up on a screen? Who checks that? Who stores the pictures? Does John provide a DNA sample with his key? A little hair clipping, drop of blood or perhaps...well never mind.
Personally, I hate the idea of fingerprint based or any other biometric system without supervised used. A person needs to be there to ensure that the thumb placed on the scanner is in fact still attached to a living person.
I would very much rather not have my thumb carry any inherent value to anyone else but me, thank you very much.
is to adults. You can't prove you are an adult and thus entitled to something more by NOT having one of these.
The goal to Verisign is obvious -- once they are widespread, you try to get first libraries and then other places to require the use of the "KEY" to use the system to prove your age. As an adult, you'd "need" one, and thus have to pay for it.
Also, its a good first step toward a "universal" (as if) public key. Ideally, imagine something like the Post Office being able to assign a public/private key to you. That's what everyone wanted with these keychain java keyring things talked about in the 90's.
Personally, I hate seeing verisign being given this contract, but I'm not sure someone shouldn't have it.
I'd like to see a U.N. sponsored standard, with countries and or businesses able to register as registrars. The SSL key distribution system we have now works pretty well (if overly expensive).
At a minimum, that same system applied to people as apposed to web server names would go a long way.
Yes, I know all the usual issues apply -- how do you prove its YOU with the key, etc. Lots of discussion on that (which is off topic) and other things. Privacy? What about additional private certificate keys? Well, why not all those things.
Personal ID should have a data component for public key.
AT&T has their supposedly 3G version out now here in the states.
Reality: You get an "effective speed" that feels just like dialup from a hotel room.
Itself, it isn't bad when you need the link in the middle of nowhere.
In town, its usually much faster to pop up Net Stumbler and drive into the first suburban neighborhood you see. It generally takes less than 5 minutes to find an ssid called "LINKSYS".
If you are lucky enough to have half a brain, I think its great you use it to detect political spin. So many likely voters out there in TV Land don't seem to be as lucky. Whatever portion of a brain they have still seems insufficient to do the job.;-)
If spin can be measured in a meaningful way, the entire future of politics is suddenly up for grabs. Imagine a "spin detector" built into the home television!
Wow. "You spin me right round, baby right round, like a record baby, right round, round round...."
1. Its all fodder for the massive publicity machine. We're talking about, that will sell the box set. Lucasfilms is very aware that the/. community types will buy this no matter what (with of course some die hard exceptions out of protest). In the mean time, all this talk means everyone else will be more and more aware of the release and its 'improvements' -- and many will buy it.
Say anything you want about me, just spell my name right -- classic marketing.
2) ITS JUST A MOVIE. Its a good movie. Its a great story. Its a (somewhat) well realized SF world. That's it.
LOL -- I was rapidly moving toward the 250 pound goal; but then joined my local volunteer/on-call fire department. THat has resolved issue, as you can well imagine.;-)
If your job is to have people read what you write, you'll want to stick your neck out and say things people react to.
Its not like someone is going to call him on it two years from now, and point out that vendors found it easy to support both the standard and non standard methods.
The block, is that you won't be able to upload into a usb device from windows -- nothing says the usb device has to enforce the block the other way.
I'm not interested at all in an OS. I want to run my mail & web servers on SOMETHING. I'd rather run it on linux because it runs faster on Linux than it does on the same box with Windows.
The downside right now, is that I have a serious hassle picking a disti, keeping it up to date (or allowing not a single port to touch the net) and worrying about compatibility.
I'm going to check out the list of distributors right now. I'm way way more likely to pick a conforming distribution.
I'd even be willing to pay the person who put it together for me for their effort. Jokes about LSD aside, I'd pay my fifty bucks for a pure standard disti with a good installer and a good automatic update process to keep it running right. I'd pay it in a heart beat.
If your company "hires creative people" in the other country who do not work directly for your company but for a firm based there who allocates them as needed to your company, clearly that's outsourcing. I say its not likely to be very successfull for the reasons I've given.
If your company hires a company to provide a creative solution in another country, that's no different from hiring a similar company here - simply harder to manage. I don't call that outsourcing in the same sense, no.
What you CAN'T do well with outsourcing, is pay a remote firm who has people hired as "body count" to perform an essentially creative task. It will fail.
Ultimately, jobs which can be exactly and specifically tied to a process / response tree (a flowchart of actions) are easy to outsource.
Programmers who are handed a function spec and expected to return with a function can be outsourced.
Creativity cannot be outsourced effectively. It lives where it lives. There may be creativity in the other country, but that's not outsourcing.
Most outsourced IT fails not due to the failure of the outsource employees, but due to the failure of the inside company project managers. As any consultant can tell you, the vast majority of people who think they know how to manage a project clearly do not. As a result, what gets sent overseas are poorly thought out specifications that don't properly describe the process the project manager intended, which itself never matached the user's need.
When I sit in a meeting with a project manager and an end-user constituency representative, 90% of the time I spend is reconcilliation of the ideas from both -- when they are quite sure they'd already done this "in the spec"
As long as there are bad specs and bad managers to watch over them, there will be jobs for local people with the chops to turn those into functional code.
There's a huge oversupply of hot air right now which should keep prices low.
In fact, I think there is a huge storage facility currently for excess hot air in New York at Madison Square Gardin.
--;-) --
Thanks for posting. I could will look for it...
on
Hardening Apache
·
· Score: 1
I do most of my work on a Domino server (say what you will, but its very secure and stable and I build customer apps really inexpensively) but Apache based servers (and they are myriad) keep intruding into my happy little world.
A year ago I wanted to put one public but found information on hardening it extremely limited -- or perhaps extremely disconnected.
...fight that's brewing. This may be the linux entry.
IBM is pushing toward a new (centrally managed and provisioned) eclipse based rich client (aka browser on roids) to talk mostly to its workplace portal (aka websphere with portlets)
Microsoft is pushing the other way with a more complex workstation model and an enhanced "user controlled" sharing place via sharepoint portal,
Linux desktops have, generally, been trying to mimick Microsoft stuff but with secure, stable applications....(e.g. open office)
Now, a KDE may become a player in the rich but centrally managed client space.
Interesting.
Clearly there is a place for centrally managed rich client -- think live of business stuff that at one time was managed through the 3270 terminal. The browser has proven it sucks for that kind of thing, but this trend toward a semi-open or open rich client replacement is going to be the thing to watch.
Line workers are going to use this stuff (IBM's or something like it -- this KDE version could be it too). The big battle will be for how corporations manage knowledge worker desktops. Will it be a Centrally controlled rich client, or a traditional powerful workstation with sharing tacked on.
It seems like Linux based machines are likely to have a horse in both races.
1. You don't write test code to be hard to remove.
2. Once reported, you don't leave it in for a year.
3. Once public, you don't claim months of work to remove it.
It may have started as test code, but someone went to a lot of trouble to bury it. A company like this doesn't have a few guys each working from home sending finished code libraries up to the boss. Code goes through review processes, it sees auditors, and it gets stored.
this isn't the result of someone leaving in a line like:
So let me understand. Entirely by accident, if you enter a specific code at the machine, a transparent and highly successful process takes the existing collected data and makes a duplicate of that data which can be altered and fed into the combining and counting process.
Someone must have REALLY misspelled an important constant, no? I mean, what are the odds? When I screw up, the code usually just fails to compile or takes out the vm. Someone needs to find the guy who "accidentally" did that and get him to buy lottery tickets for all of us.
Slashdot Mirror
Accellerate the thin foil skinned ship up to some useful speed and every particle of dust becomes destructive. In space, its not the size of the stuff that gets you, its the speed and distance.
you don't gotta go nuculer on us 'mericans now. After all, we have really really big er...bombs....and we're really really good at ....er....breaking stuff.
'unit of measure'
...it wasn't built on top of Websphere.
No, your ass makes you look fat.
--- Sorry, no idea if this is true but its the perfect response and I just couldn't keep it in.
adjusted to be just way too hypersensitive to potential dangers, it could be called ....
my wife.
between the keyboard and the seat.
You're totally right of course. A hunk of plastic that says John is 14 doesn't mean anything unless you can be sure that its John's key, and that John is in front of you.
That adds huge complexity to the system because now you need some other path to check it. Does a picture of John come up on a screen? Who checks that? Who stores the pictures? Does John provide a DNA sample with his key? A little hair clipping, drop of blood or perhaps...well never mind.
Personally, I hate the idea of fingerprint based or any other biometric system without supervised used. A person needs to be there to ensure that the thumb placed on the scanner is in fact still attached to a living person.
I would very much rather not have my thumb carry any inherent value to anyone else but me, thank you very much.
is to adults. You can't prove you are an adult and thus entitled to something more by NOT having one of these.
The goal to Verisign is obvious -- once they are widespread, you try to get first libraries and then other places to require the use of the "KEY" to use the system to prove your age. As an adult, you'd "need" one, and thus have to pay for it.
Also, its a good first step toward a "universal" (as if) public key. Ideally, imagine something like the Post Office being able to assign a public/private key to you. That's what everyone wanted with these keychain java keyring things talked about in the 90's.
Personally, I hate seeing verisign being given this contract, but I'm not sure someone shouldn't have it.
I'd like to see a U.N. sponsored standard, with countries and or businesses able to register as registrars. The SSL key distribution system we have now works pretty well (if overly expensive).
At a minimum, that same system applied to people as apposed to web server names would go a long way.
Yes, I know all the usual issues apply -- how do you prove its YOU with the key, etc. Lots of discussion on that (which is off topic) and other things. Privacy? What about additional private certificate keys? Well, why not all those things.
Personal ID should have a data component for public key.
AT&T has their supposedly 3G version out now here in the states.
Reality: You get an "effective speed" that feels just like dialup from a hotel room.
Itself, it isn't bad when you need the link in the middle of nowhere.
In town, its usually much faster to pop up Net Stumbler and drive into the first suburban neighborhood you see. It generally takes less than 5 minutes to find an ssid called "LINKSYS".
If you are lucky enough to have half a brain, I think its great you use it to detect political spin. So many likely voters out there in TV Land don't seem to be as lucky. Whatever portion of a brain they have still seems insufficient to do the job. ;-)
you have to pick it up in your personal anti-gravity hovercraft. Mine is on pre-order from Amazon.com. They keep slipping the ship decade though....
If spin can be measured in a meaningful way, the entire future of politics is suddenly up for grabs. Imagine a "spin detector" built into the home television!
Wow. "You spin me right round, baby right round, like a record baby, right round, round round...."
Lets all keep in mind two things.
/. community types will buy this no matter what (with of course some die hard exceptions out of protest). In the mean time, all this talk means everyone else will be more and more aware of the release and its 'improvements' -- and many will buy it.
1. Its all fodder for the massive publicity machine. We're talking about, that will sell the box set. Lucasfilms is very aware that the
Say anything you want about me, just spell my name right -- classic marketing.
2) ITS JUST A MOVIE. Its a good movie. Its a great story. Its a (somewhat) well realized SF world. That's it.
LOL -- I was rapidly moving toward the 250 pound goal; but then joined my local volunteer/on-call fire department. THat has resolved issue, as you can well imagine. ;-)
Personally, this assumes employees are a commodity item. I personally will not work in that environment.
I am not 200 pounds of programmer meat.
If your job is to have people read what you write, you'll want to stick your neck out and say things people react to.
Its not like someone is going to call him on it two years from now, and point out that vendors found it easy to support both the standard and non standard methods.
The block, is that you won't be able to upload into a usb device from windows -- nothing says the usb device has to enforce the block the other way.
to my customers.
I'm not interested at all in an OS. I want to run my mail & web servers on SOMETHING. I'd rather run it on linux because it runs faster on Linux than it does on the same box with Windows.
The downside right now, is that I have a serious hassle picking a disti, keeping it up to date (or allowing not a single port to touch the net) and worrying about compatibility.
I'm going to check out the list of distributors right now. I'm way way more likely to pick a conforming distribution.
I'd even be willing to pay the person who put it together for me for their effort. Jokes about LSD aside, I'd pay my fifty bucks for a pure standard disti with a good installer and a good automatic update process to keep it running right. I'd pay it in a heart beat.
Forgive me if I didn't make this clear.
If your company "hires creative people" in the other country who do not work directly for your company but for a firm based there who allocates them as needed to your company, clearly that's outsourcing. I say its not likely to be very successfull for the reasons I've given.
If your company hires a company to provide a creative solution in another country, that's no different from hiring a similar company here - simply harder to manage. I don't call that outsourcing in the same sense, no.
What you CAN'T do well with outsourcing, is pay a remote firm who has people hired as "body count" to perform an essentially creative task. It will fail.
Ultimately, jobs which can be exactly and specifically tied to a process / response tree (a flowchart of actions) are easy to outsource.
Programmers who are handed a function spec and expected to return with a function can be outsourced.
Creativity cannot be outsourced effectively. It lives where it lives. There may be creativity in the other country, but that's not outsourcing.
Most outsourced IT fails not due to the failure of the outsource employees, but due to the failure of the inside company project managers. As any consultant can tell you, the vast majority of people who think they know how to manage a project clearly do not. As a result, what gets sent overseas are poorly thought out specifications that don't properly describe the process the project manager intended, which itself never matached the user's need.
When I sit in a meeting with a project manager and an end-user constituency representative, 90% of the time I spend is reconcilliation of the ideas from both -- when they are quite sure they'd already done this "in the spec"
As long as there are bad specs and bad managers to watch over them, there will be jobs for local people with the chops to turn those into functional code.
-AP
There's a huge oversupply of hot air right now which should keep prices low.
;-) --
In fact, I think there is a huge storage facility currently for excess hot air in New York at Madison Square Gardin.
--
I do most of my work on a Domino server (say what you will, but its very secure and stable and I build customer apps really inexpensively) but Apache based servers (and they are myriad) keep intruding into my happy little world.
A year ago I wanted to put one public but found information on hardening it extremely limited -- or perhaps extremely disconnected.
If the book is indeed concise, it will be useful.
...fight that's brewing. This may be the linux entry.
IBM is pushing toward a new (centrally managed and provisioned) eclipse based rich client (aka browser on roids) to talk mostly to its workplace portal (aka websphere with portlets)
Microsoft is pushing the other way with a more complex workstation model and an enhanced "user controlled" sharing place via sharepoint portal,
Linux desktops have, generally, been trying to mimick Microsoft stuff but with secure, stable applications....(e.g. open office)
Now, a KDE may become a player in the rich but centrally managed client space.
Interesting.
Clearly there is a place for centrally managed rich client -- think live of business stuff that at one time was managed through the 3270 terminal. The browser has proven it sucks for that kind of thing, but this trend toward a semi-open or open rich client replacement is going to be the thing to watch.
Line workers are going to use this stuff (IBM's or something like it -- this KDE version could be it too). The big battle will be for how corporations manage knowledge worker desktops. Will it be a Centrally controlled rich client, or a traditional powerful workstation with sharing tacked on.
It seems like Linux based machines are likely to have a horse in both races.
1. You don't write test code to be hard to remove.
2. Once reported, you don't leave it in for a year.
3. Once public, you don't claim months of work to remove it.
It may have started as test code, but someone went to a lot of trouble to bury it. A company like this doesn't have a few guys each working from home sending finished code libraries up to the boss. Code goes through review processes, it sees auditors, and it gets stored.
this isn't the result of someone leaving in a line like:
if(keySequence == "rigthevote") voteCount.replaceWithHackable
-- just my opinion here, but commenting something like that out wouldn't be a multi-year issue.
So let me understand. Entirely by accident, if you enter a specific code at the machine, a transparent and highly successful process takes the existing collected data and makes a duplicate of that data which can be altered and fed into the combining and counting process.
Someone must have REALLY misspelled an important constant, no? I mean, what are the odds? When I screw up, the code usually just fails to compile or takes out the vm. Someone needs to find the guy who "accidentally" did that and get him to buy lottery tickets for all of us.
wow.