You see what I mean? If the BBC hadn't run the story too, how many people would have thought it was pulling our legs?
Reference:Aesops Fable - The boy who cried wolf.
You know, I'm not going to believe one darned word posted today on Slashdot.
If anybody has any news they want people to believe, post it tomorrow.
Imagine what would happen if the BBC or CNN sprinkled six or seven fake stories into their broadcasts like Slashdot do every year....
Norton Internet Security does exactly this, and has done for many years.
Switch off all the "intelligence" of the package, like auto-program recognition, and set the firewall to "paranoid plus" (only specific ports to specificcally permittied programs) and then set the defaults to non-script/activex/java, etc.
Works for all browsers, since it installs an invisible proxy (not as bad as it sounds - none of my *really* weird software conflicts with it, and software doesn't need to be proxy aware), and all traffic is rerouted through that, so it appears like a secure TCP-IP stack. Damn bulletproof, in my opinion.
Winds up the GF, who has to ask me to relax the security on a new site occasionally (twenty seconds click-work), but that's a small price to pay knowing that only sites that prove trustworthiness to me get to use flash/java/script/activex/cookies/popups.
I'm *not* affiliated with Symantec, and the only downside with NIS is their new fetish with key-based software activation, which means I'm looking for a similarly-accomplished alternative firewall package for this reason only. But I've not found it yet.
OK, you are correct and we agree - it just wasn't clear from your earlier post, particularly where you mention, "With AC operation, the evaporated tungsten redeposits as quickly as it evaporates" - it implied that no tungsten ion migration takes place during DC operation, which, as we both know, does take place and is essential for halogen medium operation.
In summary:- "core of a cooling white dwarf star 50 light-years from Earth is composed almost entirely of crystalline carbon", and "has a diameter of 2,500 miles and weighs 5 million trillion trillion pounds, or 10 billion trillion trillion carats"
True - again, balance the cost and difficulty of operating in an industrially friendly microgravity environment against the cost of exporting those processed materials out.
>>However where is the problem with no USB on a server?
On a server - sure, there's less need, but then, servers are in secure rooms, so physical security should be high enough not to *need* it disabled.
Pick the happy medium - does the danger by having it enabled outweigh the hassle of disabling it?
My servers have the USB left on - it's handy to copy patches and configs between machines that don't have a direct connection, or a heavily firewalled one. I use a fob, or occasionally a lead a-la-laplink, if I don't want to go through the Ethernet.
If you rephrase your question as "what is the problem with no floppy drive on a server", I think you'll be able to see the pro's and con's easier.
>>You talk as if disabling support means finding the cables to the sockets, of course it doesn't, disable it in the BIOS.
I know this.
>>In some corporate environments the dangers of USB devices running away with proprietary information far outweigh letting the secretary plug her digital camera in and send run pictures of her last beach holiday.
In some, I daresay. Your bank, for instance, warrants this.
However, for an estate agent, who is constantly using that digital camera to take snaps of houses, no.
For the plethora of devices past present and future which don't store data and which use USB purely for connectivity, such as mobile phone sync'ing contact data, no.
I don't want to get into a war as to what is valid or not, my post counselled caution in not throwing the proverbial baby out with the bathwater. That was the point I was trying to make, supported by example.
Otherwise there is no point in innovating - quick disable the serial and parallel ports, in case someone brings in Laplink. While we're there, disable the monitor, so nobody can take pictures of the company data straight off the display!
More likely outsourced to the asteroid belt, where there are plenty of usable minerals without a gravity well to fight.
Maybe even mine the moon for water (for deuterium), package, and send over by railgun to defeat the much smaller pull.
Don't think we'll see anything other than essentials being pulled up from Earth, if and when we can help it.
Interestingly, Harry Harrison uses this as a reason to consider war as being unlikely in space itself, since it would cost too much to lift the ordnance - battles presumably fought purely on surfaces with weapons made from local materials.
BIOS password protected: Mandatory. USB Support killed: Doubtful.
I guess you armchair sysadmins don't actually know what happens when you kill a useful facility like USB? I'm getting tired of seeing this line of reasoning coming up, and not enough being done to have it shot down.
You throw out support for USB fobs (which have taken over from floppies, mercifully, and must have at least halved support calls planetwide!), cameras, audio recorders (not *just* MP3 players), mobile phone synching - all kinds of stuff which can be used as much in evil as in good.
Use the sensible approach - approach the task in greater detail. Monitor what is being done with USB, educate what is acceptable, highlight what may be exploited, ban what is only globally unacceptable.
And encypt the HDD partition if you're really that paranoid about seeing it when booting USB - otherwise it's useful to carry recovery software on a USB removable drive.
Between USB and the proposed universal drive bay of Intel's (although I can't see many users needing that activeated as much), it's too inflexible to ban at that high a level.
We don't ban road usage because criminals might drive on them. That's akin to what you're proposing.
Slashdot Mirror
You see what I mean? If the BBC hadn't run the story too, how many people would have thought it was pulling our legs? Reference:Aesops Fable - The boy who cried wolf.
But does it come off your belt while you sleep? ;o)
You know, I'm not going to believe one darned word posted today on Slashdot. If anybody has any news they want people to believe, post it tomorrow. Imagine what would happen if the BBC or CNN sprinkled six or seven fake stories into their broadcasts like Slashdot do every year....
Mod parent up - this is a damn good idea! How about it, Google?
Always charged, yet always on your belt?
;o)
Do you recharge in a Borg alcove at night, or something?
Norton Internet Security does exactly this, and has done for many years.
Switch off all the "intelligence" of the package, like auto-program recognition, and set the firewall to "paranoid plus" (only specific ports to specificcally permittied programs) and then set the defaults to non-script/activex/java, etc.
Works for all browsers, since it installs an invisible proxy (not as bad as it sounds - none of my *really* weird software conflicts with it, and software doesn't need to be proxy aware), and all traffic is rerouted through that, so it appears like a secure TCP-IP stack. Damn bulletproof, in my opinion.
Winds up the GF, who has to ask me to relax the security on a new site occasionally (twenty seconds click-work), but that's a small price to pay knowing that only sites that prove trustworthiness to me get to use flash/java/script/activex/cookies/popups.
I'm *not* affiliated with Symantec, and the only downside with NIS is their new fetish with key-based software activation, which means I'm looking for a similarly-accomplished alternative firewall package for this reason only. But I've not found it yet.
OK, you are correct and we agree - it just wasn't clear from your earlier post, particularly where you mention, "With AC operation, the evaporated tungsten redeposits as quickly as it evaporates" - it implied that no tungsten ion migration takes place during DC operation, which, as we both know, does take place and is essential for halogen medium operation.
How do you make them eat the sub? By threatening them with another sub? Or am I taking recursion a bit too far?
Explain how this phenomenon works well on my tungsten car headlights, then, which use 12V DC. I don't see an inverter behind my bulbs.
The same process of tungsten migration works regardless.
Sorry, I'm new to posting on Slashdot, and broke the URL. Just knock off the double "http://" at the start, and it'll work. It's corrected below:-
n t_id=41174
http://www.indianexpress.com/full_story.php?conte
In summary:- "core of a cooling white dwarf star 50 light-years from Earth is composed almost entirely of crystalline carbon", and "has a diameter of 2,500 miles and weighs 5 million trillion trillion pounds, or 10 billion trillion trillion carats"
True - again, balance the cost and difficulty of operating in an industrially friendly microgravity environment against the cost of exporting those processed materials out.
>>However where is the problem with no USB on a server?
;o)
On a server - sure, there's less need, but then, servers are in secure rooms, so physical security should be high enough not to *need* it disabled.
Pick the happy medium - does the danger by having it enabled outweigh the hassle of disabling it?
My servers have the USB left on - it's handy to copy patches and configs between machines that don't have a direct connection, or a heavily firewalled one. I use a fob, or occasionally a lead a-la-laplink, if I don't want to go through the Ethernet.
If you rephrase your question as "what is the problem with no floppy drive on a server", I think you'll be able to see the pro's and con's easier.
>>You talk as if disabling support means finding the cables to the sockets, of course it doesn't, disable it in the BIOS.
I know this.
>>In some corporate environments the dangers of USB devices running away with proprietary information far outweigh letting the secretary plug her digital camera in and send run pictures of her last beach holiday.
In some, I daresay. Your bank, for instance, warrants this.
However, for an estate agent, who is constantly using that digital camera to take snaps of houses, no.
For the plethora of devices past present and future which don't store data and which use USB purely for connectivity, such as mobile phone sync'ing contact data, no.
I don't want to get into a war as to what is valid or not, my post counselled caution in not throwing the proverbial baby out with the bathwater. That was the point I was trying to make, supported by example.
Otherwise there is no point in innovating - quick disable the serial and parallel ports, in case someone brings in Laplink. While we're there, disable the monitor, so nobody can take pictures of the company data straight off the display!
Oh - wait...!
Value me this little beauty, then...!
? content_id=41174
http://http//www.indianexpress.com/full_story.php
More likely outsourced to the asteroid belt, where there are plenty of usable minerals without a gravity well to fight.
Maybe even mine the moon for water (for deuterium), package, and send over by railgun to defeat the much smaller pull.
Don't think we'll see anything other than essentials being pulled up from Earth, if and when we can help it.
Interestingly, Harry Harrison uses this as a reason to consider war as being unlikely in space itself, since it would cost too much to lift the ordnance - battles presumably fought purely on surfaces with weapons made from local materials.
BIOS password protected: Mandatory.
USB Support killed: Doubtful.
I guess you armchair sysadmins don't actually know what happens when you kill a useful facility like USB? I'm getting tired of seeing this line of reasoning coming up, and not enough being done to have it shot down.
You throw out support for USB fobs (which have taken over from floppies, mercifully, and must have at least halved support calls planetwide!), cameras, audio recorders (not *just* MP3 players), mobile phone synching - all kinds of stuff which can be used as much in evil as in good.
Use the sensible approach - approach the task in greater detail. Monitor what is being done with USB, educate what is acceptable, highlight what may be exploited, ban what is only globally unacceptable.
And encypt the HDD partition if you're really that paranoid about seeing it when booting USB - otherwise it's useful to carry recovery software on a USB removable drive.
Between USB and the proposed universal drive bay of Intel's (although I can't see many users needing that activeated as much), it's too inflexible to ban at that high a level.
We don't ban road usage because criminals might drive on them. That's akin to what you're proposing.