They do. Any vulnerability in Linux-based distributions and/or Fruits gets a lot more spotlight than Windows ones. However, the fact that you can see a lot more holes in Microsoft products is not accidental.
Also, don't forget that in Linux world, you will get security fixes for a bug that allows one user to mangle a shared scoreboard for a game on a multi-user box. On Windows, you don't get any bugs announced unless they are of the remote access kind. According to Microsoft, they don't consider ways to crack a local system to be bugs.
Alright you primitive screwheads listen up. This is my BOOMSTICK! Its a twelve gauge double barrel remington. S-Mart's top of the line. You'll find this in the sporting goods department. Thats right, this sweet baby was made in Grand Rapids Michigan. It retails for about 109.95. It's got a walnut stock, cobalt blue steel and a hair trigger. Thats right, shop smart. Shop S-Mart. You got that!?
Right, it's not really usable on the internet by large. But, in this case, the cable company controls the software and the routers. There is no reason they can't have their network handle these streams and put no more than 75 channels on any given piece of pipe. It can be less than 75, if a given channel is not viewed by anyone in a given neighbourhood, but never more than 75.
Well, duh. It's a full-fledged IPTV service for dads who can't wrestle the remote control from their kids, of course.
More seriously, why would we pay for another big display when every member of the family already has a computer? Instead of a separate TV set you can add this money to the cash you have put aside for your monitor and buy a huge display that will help your eyes in your daily work.
(this comes from someone who hasn't watched TV in several years. Heck, I even downloaded that overhyped Retaliation of Excrements (or some such) two hours after it was released, but didn't get to watch it (or any other movie) yet...)
for, say 25 or 50 years, or perhaps, the number of years copyright runs Uh oh. This, for all means except the spirit and letter of law, is equivalent to "forever minus one day".
We have exactly the same problem in Poland. The social security "insurance" (read: tax) (ZUS) can be paid only through a Windows program, named Platnik.
The company who wrote Platnik (Prokom Software) has a set of agreement with Microsoft, and any legal attempts are met with a campaign of delaying any action or dismissing it, usually for procedural reasons. You can read the details (in Polish) on the pages of Janosik, an attempt to reverse engineer Platnik and create an alternative.
There is a difference between a web/SQL server setup -- where some machines are visible to the world, and some are not, and a wild network. In the first case, it's better to do things at the routing (preferably _physical_) than to add a firewall. In the second one, a firewall is of course needed.
What I'm advocating, is not letting your server farm wide open. I just really prefer vacuum wall over a fire one.
Re:Firewalls offload the servers and save big bux.
on
Tear Down the Firewall
·
· Score: 1
So, are the services provided by those servers available to the general public?
If they are, then things are already accessible from the network, and your firewall is a no-op (unless you're running additional things that shouldn't be there in the first place).
And if the public can't access those servers, then why would they be even routeable from the outside world? Make them able to talk to your internal network only.
Firewalling things only gives you a false sense of security in these cases. Having the network be physically disconnected is something that's a lot harder to break. And a firewalled service is a lot easier to break than a service that isn't running at all.
For unprotected communication: of course, in many cases the cost of encrypting everything is huge. That's why I said "if", not including any chastising. scp can clog a 300Mhz box on a 100Mbit connection, in many cases you can't afford to encrypt that -- and this is exactly what firewalls are for.
For enforcing a policy: If you control all the hosts, why would you care about people scanning you? An unsuccessful scan is an uninteresting thing due to the very fact of being scanned, and a successful one is one that will get you down anyway. And if you have boxes running services you don't need -- then you don't control those boxes, do you?
[A sibling post]: For having a box accessible only to the inner network: Why does that box have a route to the outside world in the first place? A SQL server ought to have just ssh and SQL, accessible _only_ from the hosts that are supposed to be able to connect anyway.
Firewalls are needed only for leaky systems
on
Tear Down the Firewall
·
· Score: 2, Insightful
In general, firewalls can be compared to a tarpaulin stretched on four sticks above a house. It has an effect only if:
the roof is leaky
you want to make your yard free of rain
you own a number of houses, and want to ensure they will be free of rain even if the houses' caretakers are idiots
In other words, firewalls are of any use only if:
you're defending a grossly insecure system (Windows?)
you have unprotected communication on a network
you want to enforce a policy
The tarp does nothing for a sturdy roof. There is no way to attack bare kernel (ok, ping of death), and firewalls do nothing to protect services which are already visible to the network. And if you want to use the firewall to block off unneeded services, why in the hell are you running them in the first place?
Well, how many thieves will have the knowledge necessary to block and wipe the related software? Not too many.
While no half-competent crook will let himself be caught this way, all that counts is whether (price_of_Computrace)/(probability_of_laptop_being _stolen)<$1000.
Wrong. This is not a dupe. The previous set of (duplicated) articles said that a veteran Morser beat a semi-"veteran" SMSer.
On the other hand, this article suggests a way to draw conclusions from that experiment and provide Morse as an input method for the cell phones, to have the best of those two world. It's a research -vs- application difference.
Their actions are just like if the KKK sued a bus company because they "let niggers aboard". Who cares that you hate Blacks? It's not up to the bus driver to decide who can enter and who can not -- in many jurisdiction, the driver is even not allowed to deny service to a customer if that customer isn't disruptive. And in this case, the web sites who used these ISPs didn't even commit any crime themselves -- they merely provided an index for illegal activities.
Following this logic, they may start persecuting bus operators because they don't strip search every passenger. You know, that old lady may be a hidden courier for a dope ring...
Too bad, it has no networking code. And this is what we would really want. It would be possible using a hidden IFRAME. The latency would suck, though.
I happened to be reading the JS/UIX page right as the slashdotting came in. I want a JavaScript viewer for my termrec tool. My version is in very early stages, but at least it's in color:p
The only issue is: if you don't read the freaking release notes, you will have problems. The apt in Woody is broken. The release notes say that you need to update it first, to let it handle circular dependencies. The only fault of Debian is not putting this in a bold enough font.
Also, this breakage gives us a yet another reason to bash C++ as a poor excuse for a language:p
Debian charges $0 -- that $0.5 must be the price from a reseller.
But even for that $0.5, you get 14 CDs packed with software. With Windows, you get just a bare-bones OS with a media player, a web browser and a mail client.
Apple is not an evil company. Sure, they don't have a "do no evil" policy and they have occasional lapses, but they recognize the fact that good will is valued by customers, and customers' respect produces money.
If you want a company that's inherently evil, you know where to find it.
They do. Any vulnerability in Linux-based distributions and/or Fruits gets a lot more spotlight than Windows ones.
However, the fact that you can see a lot more holes in Microsoft products is not accidental.
Also, don't forget that in Linux world, you will get security fixes for a bug that allows one user to mangle a shared scoreboard for a game on a multi-user box. On Windows, you don't get any bugs announced unless they are of the remote access kind.
According to Microsoft, they don't consider ways to crack a local system to be bugs.
Good advice.
I'll go and scrap ssh, vnc and X then.
Alright you primitive screwheads listen up. This is my BOOMSTICK! Its a twelve gauge double barrel remington. S-Mart's top of the line. You'll find this in the sporting goods department. Thats right, this sweet baby was made in Grand Rapids Michigan. It retails for about 109.95. It's got a walnut stock, cobalt blue steel and a hair trigger. Thats right, shop smart. Shop S-Mart. You got that!?
Multicast.
Right, it's not really usable on the internet by large. But, in this case, the cable company controls the software and the routers. There is no reason they can't have their network handle these streams and put no more than 75 channels on any given piece of pipe. It can be less than 75, if a given channel is not viewed by anyone in a given neighbourhood, but never more than 75.
Well, duh. It's a full-fledged IPTV service for dads who can't wrestle the remote control from their kids, of course.
More seriously, why would we pay for another big display when every member of the family already has a computer? Instead of a separate TV set you can add this money to the cash you have put aside for your monitor and buy a huge display that will help your eyes in your daily work.
(this comes from someone who hasn't watched TV in several years. Heck, I even downloaded that overhyped Retaliation of Excrements (or some such) two hours after it was released, but didn't get to watch it (or any other movie) yet...)
for, say 25 or 50 years, or perhaps, the number of years copyright runs
Uh oh. This, for all means except the spirit and letter of law, is equivalent to "forever minus one day".
Yeah, except for the fact that in this case single appartments costs as much as four full-blown houses.
We have exactly the same problem in Poland. The social security "insurance" (read: tax) (ZUS) can be paid only through a Windows program, named Platnik.
The company who wrote Platnik (Prokom Software) has a set of agreement with Microsoft, and any legal attempts are met with a campaign of delaying any action or dismissing it, usually for procedural reasons.
You can read the details (in Polish) on the pages of Janosik, an attempt to reverse engineer Platnik and create an alternative.
There is a difference between a web/SQL server setup -- where some machines are visible to the world, and some are not, and a wild network.
In the first case, it's better to do things at the routing (preferably _physical_) than to add a firewall. In the second one, a firewall is of course needed.
What I'm advocating, is not letting your server farm wide open. I just really prefer vacuum wall over a fire one.
So, are the services provided by those servers available to the general public?
If they are, then things are already accessible from the network, and your firewall is a no-op (unless you're running additional things that shouldn't be there in the first place).
And if the public can't access those servers, then why would they be even routeable from the outside world? Make them able to talk to your internal network only.
Firewalling things only gives you a false sense of security in these cases. Having the network be physically disconnected is something that's a lot harder to break. And a firewalled service is a lot easier to break than a service that isn't running at all.
For unprotected communication: of course, in many cases the cost of encrypting everything is huge. That's why I said "if", not including any chastising. scp can clog a 300Mhz box on a 100Mbit connection, in many cases you can't afford to encrypt that -- and this is exactly what firewalls are for.
For enforcing a policy: If you control all the hosts, why would you care about people scanning you? An unsuccessful scan is an uninteresting thing due to the very fact of being scanned, and a successful one is one that will get you down anyway. And if you have boxes running services you don't need -- then you don't control those boxes, do you?
[A sibling post]: For having a box accessible only to the inner network: Why does that box have a route to the outside world in the first place? A SQL server ought to have just ssh and SQL, accessible _only_ from the hosts that are supposed to be able to connect anyway.
- the roof is leaky
- you want to make your yard free of rain
- you own a number of houses, and want to ensure they will be free of rain even if the houses' caretakers are idiots
In other words, firewalls are of any use only if:- you're defending a grossly insecure system (Windows?)
- you have unprotected communication on a network
- you want to enforce a policy
The tarp does nothing for a sturdy roof. There is no way to attack bare kernel (ok, ping of death), and firewalls do nothing to protect services which are already visible to the network. And if you want to use the firewall to block off unneeded services, why in the hell are you running them in the first place?Right, the spelling you included is exactly the one they would use.
VMware? qemu?
Well, how many thieves will have the knowledge necessary to block and wipe the related software? Not too many.
g _stolen)<$1000.
While no half-competent crook will let himself be caught this way, all that counts is whether (price_of_Computrace)/(probability_of_laptop_bein
For example:
A boomining voice from the sky saying "yes, I created the world" would work just fine.
On a more serious note, it would be enough to present a _single_ species without a possible ancestor.
It is easily provable that it is impossible to falsify creation. Heck, even I wrote such a proof myself.
Without falsifialibity, it's not science.
Wrong. This is not a dupe.
The previous set of (duplicated) articles said that a veteran Morser beat a semi-"veteran" SMSer.
On the other hand, this article suggests a way to draw conclusions from that experiment and provide Morse as an input method for the cell phones, to have the best of those two world. It's a research -vs- application difference.
Well, what the hell...
Their actions are just like if the KKK sued a bus company because they "let niggers aboard". Who cares that you hate Blacks? It's not up to the bus driver to decide who can enter and who can not -- in many jurisdiction, the driver is even not allowed to deny service to a customer if that customer isn't disruptive. And in this case, the web sites who used these ISPs didn't even commit any crime themselves -- they merely provided an index for illegal activities.
Following this logic, they may start persecuting bus operators because they don't strip search every passenger. You know, that old lady may be a hidden courier for a dope ring...
Too bad, it has no networking code. And this is what we would really want. It would be possible using a hidden IFRAME. The latency would suck, though.
:p
I happened to be reading the JS/UIX page right as the slashdotting came in. I want a JavaScript viewer for my termrec tool. My version is in very early stages, but at least it's in color
Also, try putting DRM on a VHS tape...
The only issue is: if you don't read the freaking release notes, you will have problems. The apt in Woody is broken. The release notes say that you need to update it first, to let it handle circular dependencies.
:p
The only fault of Debian is not putting this in a bold enough font.
Also, this breakage gives us a yet another reason to bash C++ as a poor excuse for a language
Debian charges $0 -- that $0.5 must be the price from a reseller.
But even for that $0.5, you get 14 CDs packed with software. With Windows, you get just a bare-bones OS with a media player, a web browser and a mail client.
From TFA: "Nine months ago, we started hearing from partners like Dell that spyware was a major issue."
Hmm, let's see. (5 years-9 months) times the speed of sound... this means that Dell's headquarters are 46 million kilometers from Redmond.
No, this is not that strange.
Apple is not an evil company. Sure, they don't have a "do no evil" policy and they have occasional lapses, but they recognize the fact that good will is valued by customers, and customers' respect produces money.
If you want a company that's inherently evil, you know where to find it.