The first is a flaw, not an intentional backdoor. The second requires a person to login as pnadmin and then execute the "expert" command with the expert password. This cannot be done remotely or without logging in as pnadmin. This doesn't look very catastrophic -- someone would have to hack the pnadmin account and if they did that, they wouldn't even need the "expert backdoor" because they would already own the box.
From your link:
"This privileged account is intended to be used only by authorized Cisco development engineers for advanced debugging purposes. No direct remote access to the root account is permitted. In order to access a privileged system shell, users must first successfully login into the CS-MARS system administration command line interface with the pnadmin account. Once authenticated, the root account can be accessed with the undocumented command expert."
I think you're completely missing the point. I know RAID5 is not a backup strategy -- however, it is a PART of the overall backup strategy. There is a subtle but concrete distinction that I am making and I think you are failing to grasp it. Please re-read this thread more carefully.
Yup. Which is why I said it is part of the overall backup strategy. The previous poster was suggesting that people he knew were abandoning RAID5 but I was saying that RAID5 has its place in the overall scheme.
The value of backups decline along with the credibility and availability of the data to be backed up.
Why do you have to settle for one or the other? A proper backup strategy, like any security strategy, should involve more than one technology.
Hotswappable RAID has saved my servers on more than one occasion. Likewise, the servers have also been saved by tape backups. RAID5, tape backups, and data replication all have different pros and cons.
I think it is incorrect to say RAID5 is not acceptable in any backup strategy. The more chances you get at data redundancy, recovery, and failover, the better off your organization.
Re:IPv6 can be your next generation Identity card
on
IPv6 Readiness Report
·
· Score: 1
"And the same way a DNS works, the IP address of the chip implanted in the persons body can be resolved to his name."
International Baby Name Registration
Enter name of baby> John Smith Sorry, that name is taken. Enter name of baby> Johnny Smith Sorry, that name is taken. Enter name of baby> Johnny Porter Smith Sorry, that name is taken. Have you considered Johnny17728 Porter2992 Smith7237?
Money is not a proper motivational tool, it can only be used successfully to keep people neutral about an organization. Giving people more money will not make them more loyal to the organization or motivate them in any way. The reverse, however, is also true. If you do no offer suitable compensation to employees, they will become less happy and less motivated.
Think about everytime you've received a raise -- how long did you stay motivated with your new salary? A month, maybe? It doesn't last very long. Soon, you will get accustomed to your new level and the cycle will start all over again -- you'll want even more money. There is not enough money in the world to support this cycle.
Organizations need to find other ways of motivating their employees while still maintaining fair salary compensation. Instead of offering straight-up raises, perhaps offer bonuses for delivering on time or delivering with high quality. Allow employees flex time for completing projects on time.
The basic formula for this is: Clear description of rewards + Clear description of the conditions necessary to achieve the rewards + implement stated rewards effectively and in a timely fashion = employee more likely to be motivated.
Summary: Money is not a motivator. It just keeps people neutral.
eBay has the responsibility of maintaining a fair and level trading field between buyer and seller. eBay is in a position to implement sanctions if someone is not playing by the rules. By not enforcing its own written policies, eBay removes all feelings of trust from the process of buying and selling.
Re:I don't think its going to change a thing
on
eBay Begins A Change
·
· Score: 1
You do realize all those emails were from phishers and not from eBay, right?
Nice to see some nice, well-balanced journalism. Let's not get into yet another OS flamewar here. This shouldn't be about "why windows sucks" or "how Linux r0x0rs j00 allz."
There needs to be some serious introspection about this entire subject. Why HASN'T Linux taken over if it's so great? Well, that's a loaded question. Linux IS starting to take over -- in the server market. It's displacing Unix, not Windows Servers, however.
The quick answer why Linux has not taken off as a Desktop OS is because it is truly not ready yet. As a server platform? It's awesome! As a desktop solution? A lot more work needs to be done.
I know that the crown jewel of open source Linux and its various distros is so that anyone can have any flavor they want for any given specialized task. That's Great! I don't think that should change. What should change, however, is the implementation of Standards. Make sure all apps will work in all distros without needing to recompile. Standardize locations of config files! Make it easy for developers to write software once and be absolutely certain that it will run in any flavor of Linux.
Is it really that hard to accomplish? No, it's not. People just need to set aside their egos and pet projects and learn to work together. Cooperation and standards is what will truly set the open source movement into the mainstream.
Why hasn't OSX taken over in the desktop arena? All the Mac fanboys rave about it all the time. One reason Macs are not as popular as PCs is because they are seen as too expensive -- luxury items -- and the perception is that only slacker artists use Macs (I know, it's a contradiction... expensive slacker tools, but it doesn't matter, we're talking about PERCEPTION).
The main reason, I believe, that offices and homes are not crawling with Macs is because of closed source hardware! People, especially businesses, don't want to be locked in to a single vendor for anything. Purchasing departments look around the web using Froogle and Bensbargains.net to find the lowest price computer and components. If a Mac costs two times that of a seemingly comparable PC, why would they buy the Mac? Just because some fan boy tells them it's better?
It's ironic because Linux and Macs are on the complete opposite spectrums and yet they're both unsuccessful as desktop OSes. Linux is so open, there are no real cross-distro standards, MacOS is so closed that the standards stifle expansion.
Windows is somewhere in between the two and I think that's really why it has been so successful. (Go ahead, begin your flames.);)
Slashdot Mirror
The first is a flaw, not an intentional backdoor. The second requires a person to login as pnadmin and then execute the "expert" command with the expert password. This cannot be done remotely or without logging in as pnadmin. This doesn't look very catastrophic -- someone would have to hack the pnadmin account and if they did that, they wouldn't even need the "expert backdoor" because they would already own the box.
From your link:
"This privileged account is intended to be used only by authorized Cisco development engineers for advanced debugging purposes. No direct remote access to the root account is permitted. In order to access a privileged system shell, users must first successfully login into the CS-MARS system administration command line interface with the pnadmin account. Once authenticated, the root account can be accessed with the undocumented command expert."
I think you're completely missing the point. I know RAID5 is not a backup strategy -- however, it is a PART of the overall backup strategy. There is a subtle but concrete distinction that I am making and I think you are failing to grasp it. Please re-read this thread more carefully.
Yup. Which is why I said it is part of the overall backup strategy. The previous poster was suggesting that people he knew were abandoning RAID5 but I was saying that RAID5 has its place in the overall scheme.
The value of backups decline along with the credibility and availability of the data to be backed up.
Why do you have to settle for one or the other? A proper backup strategy, like any security strategy, should involve more than one technology.
Hotswappable RAID has saved my servers on more than one occasion. Likewise, the servers have also been saved by tape backups. RAID5, tape backups, and data replication all have different pros and cons.
I think it is incorrect to say RAID5 is not acceptable in any backup strategy. The more chances you get at data redundancy, recovery, and failover, the better off your organization.
"And the same way a DNS works, the IP address of the chip implanted in the persons body can be resolved to his name."
International Baby Name Registration
Enter name of baby> John Smith
Sorry, that name is taken.
Enter name of baby> Johnny Smith
Sorry, that name is taken.
Enter name of baby> Johnny Porter Smith
Sorry, that name is taken. Have you considered Johnny17728 Porter2992 Smith7237?
Yes, I see this idea working out quite nicely.
I realize you were trying to be funny but did you stop and actually think about what you typed before hitting the submit button?
Then all you'll need is a lounge chair and a habachi grill and you've got yourself one kick ass pool party.
Money is not a proper motivational tool, it can only be used successfully to keep people neutral about an organization. Giving people more money will not make them more loyal to the organization or motivate them in any way. The reverse, however, is also true. If you do no offer suitable compensation to employees, they will become less happy and less motivated.
Think about everytime you've received a raise -- how long did you stay motivated with your new salary? A month, maybe? It doesn't last very long. Soon, you will get accustomed to your new level and the cycle will start all over again -- you'll want even more money. There is not enough money in the world to support this cycle.
Organizations need to find other ways of motivating their employees while still maintaining fair salary compensation. Instead of offering straight-up raises, perhaps offer bonuses for delivering on time or delivering with high quality. Allow employees flex time for completing projects on time.
The basic formula for this is:
Clear description of rewards + Clear description of the conditions necessary to achieve the rewards + implement stated rewards effectively and in a timely fashion = employee more likely to be motivated.
Summary: Money is not a motivator. It just keeps people neutral.
I just have a couple of offtopic nitpicks, mods please feel free to label as such.
First, it's Korben Dallas (not Korbin).
Second, it's Leeloo (not Leelu).
And thirdly, just to show how truly geeky my wife and I are, we named our son Korben. :)
That's a good PA comic. ;)
This is just EFF's way of reminding sysadmins to be vigilent about their log files, it's not meant to replace good administration habits.
eBay has the responsibility of maintaining a fair and level trading field between buyer and seller. eBay is in a position to implement sanctions if someone is not playing by the rules. By not enforcing its own written policies, eBay removes all feelings of trust from the process of buying and selling.
You do realize all those emails were from phishers and not from eBay, right?
Nice to see some nice, well-balanced journalism. Let's not get into yet another OS flamewar here. This shouldn't be about "why windows sucks" or "how Linux r0x0rs j00 allz."
;)
There needs to be some serious introspection about this entire subject. Why HASN'T Linux taken over if it's so great? Well, that's a loaded question. Linux IS starting to take over -- in the server market. It's displacing Unix, not Windows Servers, however.
The quick answer why Linux has not taken off as a Desktop OS is because it is truly not ready yet. As a server platform? It's awesome! As a desktop solution? A lot more work needs to be done.
I know that the crown jewel of open source Linux and its various distros is so that anyone can have any flavor they want for any given specialized task. That's Great! I don't think that should change. What should change, however, is the implementation of Standards. Make sure all apps will work in all distros without needing to recompile. Standardize locations of config files! Make it easy for developers to write software once and be absolutely certain that it will run in any flavor of Linux.
Is it really that hard to accomplish? No, it's not. People just need to set aside their egos and pet projects and learn to work together. Cooperation and standards is what will truly set the open source movement into the mainstream.
Why hasn't OSX taken over in the desktop arena? All the Mac fanboys rave about it all the time. One reason Macs are not as popular as PCs is because they are seen as too expensive -- luxury items -- and the perception is that only slacker artists use Macs (I know, it's a contradiction... expensive slacker tools, but it doesn't matter, we're talking about PERCEPTION).
The main reason, I believe, that offices and homes are not crawling with Macs is because of closed source hardware! People, especially businesses, don't want to be locked in to a single vendor for anything. Purchasing departments look around the web using Froogle and Bensbargains.net to find the lowest price computer and components. If a Mac costs two times that of a seemingly comparable PC, why would they buy the Mac? Just because some fan boy tells them it's better?
It's ironic because Linux and Macs are on the complete opposite spectrums and yet they're both unsuccessful as desktop OSes. Linux is so open, there are no real cross-distro standards, MacOS is so closed that the standards stifle expansion.
Windows is somewhere in between the two and I think that's really why it has been so successful. (Go ahead, begin your flames.)