Leavenworth is a federal prison. If you have bothered to watch the news there have been more than a few murder/rapist types that have been going there. I don't know where you get the idea that Federal prison is soft or how you managed to get modded informative for that patently false nonsense.
I can only assume that you are confused by Alcatraz being a recreational area now. Alcatraz was not a pleasant place when it was a federal prison. Back then the tour of the place lasted a bit longer than an afternoon.
Wow...so...uhm...color me surprised. I rarely get someone with any economic understanding responding to posts where I bring this stuff up. I did oversimplify a bit, but in general it still stands and a firms goal is to perform that maximization and the price will be set accordingly to do so even with the other economic machinations at work.
I think this behavior though is more related to the firm engaging in price discrimination rather than undersupplying the market. Their position in making it difficult to switch to a competing platform certainly has an effect on this though. They are meeting more localized supply/demand curves rather than overall market supply/demand curves. The revenue maximization using the form of active control you mention doesn't really account for the differing prices, though it certainly accounts for the overall high prices. Arguably most of the competing products to keep the prices where they are in US markets can also compete in those other markets. I'm sure that isn't the case in every specific product, but overall it should be.
So? Sounds like a pretty workable business model really. Avoid all of the initial costs and R&D and then use your IP rights to absorb rather than crush. This is better for everyone involved. It allows the copyright holder to enforce their copyright and allows the infringing work to become noninfringing work and allow the creators of the infringing work to legally profit rather than being crushed. In fact, that very message you are worried about sending could easily cause more developers to bang on company doors with working implementations. You don't exactly have to worry about the unsuccessful ones, and absorbing the successful ones rather than crushing them saves you a ton of investment. It also has the added bonus of making you look good by stamping your brand onto the successful ones and thus keeping the fans happy rather than looking like an ass attacking the ones that your fans like.
Really. Well at the risk of invoking Godwin's law. What do you think about the companies charged with war crimes for assisting Nazi Germany with eradicating the jews? Or maybe the companies that were involved in the rather inhumane expieriments and drug testing? IBM, Bayer, etc... No...the immunity thing stinks like hell. "Well, the government asked us really nicely so we figured it would be ok to violate the law and let them do what they wanted". Aside from that, I don't think the whole point was to punish them. Immunty blocks the lawsuits which blocks discovery. So now we can't find out what the administration was really up to in the first place and they get to continue to claim states secrets on everything they fuck up.
FYI...Even the military trains their people to not follow illegal orders. Military members can and are prosecuted for following illegal orders.
Actually...pricing your product based on what people will pay IS the Supply Demand & Blah Blah piece. I am terribly amused when people come out crying about these price differences. The fact is...an item will be priced to maximize revenue. Very simple economics. You have consumers * price = revenue. You increase the price and consumer goes down, you lower the price and consumers goes up, this ultimately is a very simple mathmatical problem of maximization and it blows my mind that so many "geeks" are so stupid to this and moan like it is some evil agenda.
To be fair...the thing that does piss me off is that companies will have this price difference and then when "damages" gets mentioned they inflate the number. So MS is selling Windows in China for $3 a copy, but I seriously doubt they consider every pirated copy of Windows in China a $3 loss, they probably figure it even higher than the US retail cost.
Not exactly...our society only has an adversion to getting our hands dirty. Waving a gun while robbing a convenience store really shows nothing about the robbers regard for human life (unless he kills someone). However, I have yet to see a convenience store robbery destroy as many lives as things like the Colorado stocks and bonds incident, or Enron, or Worldcom? How many people lost their life savings? How many people killed themselves in desparation after losing everything? How many rich white collar criminals did a stint in a dormitory style prison to come back out and gather up the frequently large piles of money after the government took their fines?
No...in the grand scheme of things those ebmezzling brazillions of dollars guys are FAR worse than your average street thug. They have a far larger negative impact on society as a whole as well as number of people per crime. To me they are no different because it is the same deranged part of their brain that makes it ok to prey on their own kind...except the white collar folks are too much of cowards to look their victims in the eye. They should all rot in the same places.
And....? Seems to me throwing a spammer in a place full of violent people is a perfectly good solution.
In seriousness, given that most of what he made was through fraud how does the government taking most of that money make things any better? Really, that would just encourage the government to do that sort of thing to more people, hell, they don't need to raise taxes, they just declare everyone criminals and take 80% of their earnings.
Punishing criminals should cost society or it will become a very popular thing. Its one of the reasons I don't like that whole forced labor thing in prison (at least productive labor) becaues it encourages the government to toss people in prison to build a cheap workforce. Now, on the other hand, if it is painful, difficult, and ineffecient labor I am all for it. Making violent criminals turn big rocks into small rocks using rubber mallots for 16hrs a day seems pretty safe in the realm of inefficiency.
I wonder if they will start taking this more seriously and treating these people like criminals. I mean really...guy steals some property and can get years in a place a little more harsh than this dorm style prison. This guy stole bandwidth, and while it is an intangible thing, ultimately the total cost of his crap cost people FAR more than the value of the crap you could carry out of a pawn shop. I vote send his ass to a real prison.
From the comments from the article (because I know most of you won't read it, and I'm not going to take credit for it). "One can only hope his punishment will be unsolicited male."
I prefer the "got hit by a bus" standard. I try to do a few things. First and foremost is bring the strange nonstandard pieces of configuration to a bare minimum. I absolutely despise kludging up something for a few users to function in a specific fashion. I actively resist that type of solution wherever possible, just because you CAN do something doesn't mean you SHOULD do it. Maintenance gets out of hand the more specific tweaks you have to make across your systems. The second main thing is trying to document damned near everything so that in the case of catestrophic failure (equipment or operator) things can be restored. I have even gone so far to document things like how SMTP and DNS flows through the network and all of the DHCP scopes and their options.
The point of documentation really isn't to remind you where things are. Its to allow someone else to step in with no knowledge and figure out how things work. The funny problem I have with people using that kind of nonsense for job security is that it is a two edged sword. Sure, it makes you hard to replace, but that also means it is hard to be promoted.
So...I certainly don't know if this guy is crazy or not, but there are a few things that I am surprised the/. crowd really hasn't bothered with.
1. The problems between IT and Management are so bad across the board that there is a famous cartoon relating these problems. This famous cartoon spawned the "PHB" reference. So...to listen to an IT guy complain of incompetent management shouldn't be a surprise at all. Please everyone, raise your hand if you have been handed complete and utter bullshit requirements or policies that some "PHB" without a technical clue has demanded that you implement. Now...raise your hand if you were stupid enough to EVER give them administrative rights over ANYTHING.
2. The media has a fucking field day with "evil hackers". This is so bad that the world "hacker" now means criminal and hordes of geeks wimpering and moaning about how the media stole the word. So...the media reporting on yet another "evil hacker holding city hostage" should be taken with a grain of salt. Sensationalist crap reported by people that have less than 0 IT understanding to the masses who also have less than 0 IT understanding. Million to one odds says that if they actually reported the more technical facts of this case the ratings would be near 0 and this story would have never gotten to be so high profile.
3. He did give the password to the person at the top of the chain of responsibility for this. Which to me sounds like the most appropriate thing to do. If you are so concerned that everyone is an incompetent fool then your only option is to go straight to the top. Imagine how much trouble this guy would be in if he gave out these passwords to a bunch of corrupt and incompetent folks who did bring the city down? At least this way everything continued functioning.
Finally...and most concerning to me is a quote from the article. But without access to either Childs' passwords or the backup configuration files, administrators would have to essentially re-configure their entire network, an error-prone and time-consuming possibility, Chase said. "It's basically like playing 3D chess," he said. "In that situation, you're stuck interviewing everybody at every site getting anecdotal stories of who's connected to what. And then you're guaranteed to miss something."
Really...so basically these people didn't document ANYTHING. Because config files or not, rebulding your network if you bothered to document things isn't all that hard, it's just time consuming. But straight from their man there they would be stuck interviewing people for anecdotal stories becaues they were too incompetent to bother documenting the network. Nevermind that they seem to have cut their IT staff from 350 to 100 over the last few years. So it sounds like their IT staff was just the favored bucket to take money from, which is hardly new thinking these days. It amuses me to no end when companies/governments treat their IT staff like overpaid housekeeping, largely unneccessary drains on budgets, and an unimportant support function and then scream bloody murder when the shit hits the fan.
I really wanted my Hotmail account to be compromised when my Google/Myspace/Facebook/Amazon/Ebay/Paypal accounts are all compromised by the single sign on. Now they will have to get my OpenID AND my Passport logons.
Seriously...with the internet being such a dangerous place for the average user. How in the freaking hell is a single sign on going to make it better? I mean really now this seems monumentally stupid. And worse the summary tries to blast MS for not supporting it. For all the many things to bitch about MS..."They won't sign on and support one of the dumbest security ideas on the internet" seems pretty counter to the normal complaints that they do stupid things when it comes to security.
With any luck some banks and credit cards will adopt this. So now you can have everything stolen from you with a single username/password combination that was probably lifted from you through a fake website or one of the dozens of account stealing malware bits that you installed to get "OMG Ponies Wallpaper & Pointers!". For bonus points, being able to pull a drive by install of malware to steal this account from a MySpace banner and then using that to steal all of their money, email addresses, and social webpages would be great. Bonus points if you manage to auction off all of their personal possesions through their ebay account and then keep the money through their paypal account.
Yes...what a terrible military state we will have. Run by that out of control Air Force making comfort capsules instead of using those counter-terrorism funds for weapons or spying like they were meant to be used.
Not that I advocate for a military state by any stretch, but lets be real here. It wasn't the military that fucked this up to such an amazing degree from day 1. It was our wonderful Executive and a bunch of Congress Critters. All of which are non military. So...the illegal extradition stuff...CIA...not military. The wiretapping...also not military. The "papers please" mentality at our airports...also not military. Eminent domain where the government seizes your land for other use...nope...still not military. I mean really now...please...feel free to show me how our domestic situation has gotten worse due to direct military action not specifically ordered by civilian leadership. To be honest, I don't think the military has had much of anything to do with our failing domestic situation. Shit...even the military is pissed that these defense contractors are getting so money and free reign. You are likely to have a hard time finding many military folks that care for those blackwater clowns.
Congratulations. You managed to get a post defending the military +5 on slashdot. It is hard enough to do that when it is defending an action that IS important, let alone the comfort capsule.
I imagine your assessment is at least mostly correct. I suspect that there was extra funds dumped into the luxury part that shouldn't have been. And then also that whole being told no you can't use that money for it.
I actually talked to a retired general's aide that said the general would frequently decide that he wanted to drive and would tell his aid to go get in the back and enjoy getting driven around by a general. This only ever caused problems when they went through the gate because the guards were understandably concerned why the general was driving with the aide in the back. (Think potential hostage).
Ironic isn't it, that the senior leadership most deserving of a little comfort and pampering from time to time is the least likely to pursue or accept it. Yet at the same time it inspires the people who work for them to try to offer it more.
Wait wait wait. This is the Air Force. There is a wonderful joke about which branch has the smartest enlisted related to this as well. The gist is after the call for war the Army, Marines, Navy are all greeted by the ranking officer and he tells them "Give em hell men". The Air Force members are greeted by the ranking officers and they all jump to attention and salute and say "Give em hell sir!" (Air Force pilots are all officers).
In all likelyhood someone is going to get their balls in a vice over this one. Someone once told me "The military needs a war every so often to remove all of the cowards and bureaucrats out of the services". The problem is during extended times of peace it is the political weasels that do shit like this that rise through the ranks. When rubber hits the road and shit gets hairy those people typically quit or get fired and people with real leadership qualities step in and start making things right. This process also leaves us with military leaders that understand the horror of war. Eisenhower has some pretty powerful words about the horror of war, the stupidity of a "preemtive" war, and so on. He didn't learn that shit reading text books. The problem is that this process is slowed considerably given that this administration rewards the political weasels.
Thank you:) This whole thing seems more like a "look how much better justice work now when criminals and assholes broadcast their exploits" than some kind of draconian privacy invasion. It isn't like these guys were hacking the gibson to get these pictures, they were posted online. There is a tremendous difference between pictures of people just getting drunk at a party and the types of pictures that have been getting people in trouble lately. For example...bunch of people getting drunk at a bar, dancing, karioke and whatnot. No big deal. Contrasted with a guy who nearly killed someone going out partying in a convcit suit or maybe that beauty pagent girl getting in trouble for half stripping and getting pretty lewd with other half naked girls. (Disclaimer: I agree with her getting in trouble with the pageant thing over the pictures/behavior. Image and rolemodel stuff and all. However, they were pretty nice pictures and she deserves a different kind of reward.)
Of course, I would pay a pretty hefty amount of cash to see someone take a youtube video of someone singing horribly at a bar and use it as evidence in a lawsuit for hearing loss.
So other attendees of the party should be signing NDAs when they walk in? Why would there be some expectation of privacy from other guests? I mean really...you are making a pretty dangerous leap here saying that noone should be allowed to talk about or show pictures of events that they attended. I mean really, anywhere you go do anything and other people see you do it, your expectation of privacy should be approximately 0. I mean, if these pictures were of him in his own home, alone, drinking on the couch...then yes...maybe I can see an invasion of privacy. But what they were of was him going out and acting like an unremorseful prick in front of a bunch of people and evidence of him doing that was broadcast. He should not have had any kind of expectation of privacy, and I doubt he did. In fact, I think dressing up like a convict and going out to party after nearly killing someone is about as unprivate and attention whore as you get. Hell, if he was being private, staying home, contemplating the tragedy he caused then he probably wouldn't have gotten into further trouble.
Explain to me how being a callous moron in public relates to privacy? So what someone else took a picture and posted it and identified him. That still has nothing to do with privacy. Unless you make the argument that Lipton was indoors on private property and the guy taking the picture broke in to take the picture. I think MySpace does tagging too, but I don't know. Either way, in no way shape or form is this about privacy. The pictures were of PUBLIC things. The fact that someone else posted a record of a public event that he attended without his knowledge is irrelevant. The fact that the prosecution got the pictures of a public event from a public place without his knowledge is irrelevant.
The notion that right to privacy has anything to do with protecting you from your own stupidity in public is unnerving. In fact it only serves to fuel the government/business desire to destroy real privacy. When people hold up stupid crap like this as an example of privacy violations the government gets to hold it up and say "See how bad these privacy advocate people are, don't listen to them". I am horrified what our government has done to our privacy lately. I am even more horrified what our populace has done to throw their privacy away (handing out personal information to every marketer and social website they can find for free handouts). Yet, the most frightening thing is how people seem to be rushing to idiots like this to defend them by redefining privacy with "You got caught being a total douche in public, that is a violation of your privacy!"
And he didn't kill anyone either...he almost did. There is a large piece here to be said about posing for the camera while doing something stupid. I mean really now, its not like he was trying to hide from the camera. ANYONE at that party could have walked into the court room and said "Oh, by the way, this guy is a prick". The photo thing here really has about squat to do with privacy. It has to do with acting like a moron in public and being surprised someone kept a record of it and it came back to bite you. This isn't about privacy and I don't know why everyone keeps making it about privacy. When you go out in public and act like a moron you have NO expectation of privacy.
And no, it does not SEEM like Josh was an idiot. He was an idiot and deserves worse punishment. I have absolutely 0 respect for drunk driving. 0, zip, nada, zilch, it is 100% preventable and fucking moronic to do. The fact that he didn't kill anyone (only put them in the hospital for weeks while he continued to party) doesn't make a damned bit of difference. To be honest I think we would see drunk driving drop off significantly if we treated EVERY incident as attempted murder. It pisses me off that more people have their lives ruined by drunk drivers than the number of drunk drivers who have their lives ruined over their own stupidity.
Don't get me wrong, I have no kind of problem with drinking. I have been really drunk before and it has NEVER EVER EVER occurred to me "Gee, I should get in a car and go drive home" due to that reduced inhibitions crap. Fuck them.
Well my opinion of the matter is that if you are remorseful and ashamed you wouldn't advertise that kind of picture all over after an event like that. Ultimately in this day and age MySpace/Facebook pages testifying for/against their owner is some of the best character witness stuff you can get. Of course their friends and family are going to come in and talk about how much of a great person they are. If they tell the real story on their myspace page then I see no reason not to use their own "description" of themselves.
I don't think you have to worry about same name issue. I mean...you ARE in court right? When they hold up a picture that looks nothing like you and say "See, this is you isn't it" they won't get very far.
You are right about the verification part though I think. I imagine this will make it much more important to verify dates and whatnot in photos. However, as noted in these cases, it seems reasonable to allow people stupid enough to worry about this to post accurate descriptions of the photo on their websites and get the upload/added/etc date from there. In fact, I think that would be more damning than any forensic dating. Say for DUI, the party happened months before dumbass killed someone, but he posts them after. The Myspace page shows "woo me like drinky fun" and the posting date AFTER the wreck. I imagine the prosecution would actually FIGHT revealing the actual date of the pictures and focus that they were added after he murdered someone. Some facts are more important than other facts.
I don't understand the problem here either. This is two "OMG Privacy" stories that have come up in the last few days. This isn't "OMG Privacy". This is quit being a fucking moron and advertising your private life to 3rd parties or the world. In each of the three cases I am fucking glad they found those pictures. Those pieces of shit deserve to be rotting in prison instead of out partying after that crap. In case you skip the article it talkes about 3 cases of DUI, in 2 of which people died and the third almost died. Then these pieces of human filth went out partying and posted pictures showing exactly how seriously they took the fact that they went out driving drunk and murdered someone. I am personally very happy these fuckwits posted these pictures and the prosecution found them. In at least two of the cases mentioned here the bastard was probably going to get probation.
So...let me put it this way. If you are a worthless dumbass criminal making life worse for other people PLEASE PLEASE PLEASE post pictures of yourself doing illegal things online. Record yourself talking about the crime and make it an mp3. Take videos of you beating hobos or other nonsense and put them on youtube. I would much rather a society where the criminals effectively go to the authority and say "Hi, I'm a fucking moron criminal asshole, please arrest me!" than the world where the cops have to wiretap, and search, and investigate. So, please, in the interest of keeping our society free, go post your stupidity online, make it easy to find, that way the authority can leave the rest of us the fuck alone since we aren't doing anything wrong.
It seems to me that moving your AD outside the firewall would be monumentally stupid. Moving your AD outside the firewall would imply putting a domain controller outside the firewall, which pretty much defeats the whole point of the firewall being there. Sidewinder firewalls do something called split DNS. It has a DNS server running on the inside interface and on the outside interface. The DNS server on the inside interface forwards all requests to the DNS server on the outside interface. You configure your AD to forward to the inside interface DNS server. The inside interface slaves to the AD DNS and the outside can really be master/slave to your external DNS. (Of course, this type of setup requires that you don't do something stupid like making your entire internal DNS structure externally resolvable). So the only DNS server talking to anything on the outside is the outside interface DNS server on the sidewinder. Patch that one, and don't expose your AD structure to the world. This also has the added benefit of stopping any of that DNS tunneling stupidity that results from allowing your internal computers to directly query any external nameserver. You shouldn't be allowing DNS traffic through your firewall like that.
So no, putting your AD outside the firewall is incredibly bad advice. Engineering your DNS in a secure manner is good advice.
Slashdot Mirror
Leavenworth is a federal prison. If you have bothered to watch the news there have been more than a few murder/rapist types that have been going there. I don't know where you get the idea that Federal prison is soft or how you managed to get modded informative for that patently false nonsense.
I can only assume that you are confused by Alcatraz being a recreational area now. Alcatraz was not a pleasant place when it was a federal prison. Back then the tour of the place lasted a bit longer than an afternoon.
Wow...so...uhm...color me surprised. I rarely get someone with any economic understanding responding to posts where I bring this stuff up. I did oversimplify a bit, but in general it still stands and a firms goal is to perform that maximization and the price will be set accordingly to do so even with the other economic machinations at work.
I think this behavior though is more related to the firm engaging in price discrimination rather than undersupplying the market. Their position in making it difficult to switch to a competing platform certainly has an effect on this though. They are meeting more localized supply/demand curves rather than overall market supply/demand curves. The revenue maximization using the form of active control you mention doesn't really account for the differing prices, though it certainly accounts for the overall high prices. Arguably most of the competing products to keep the prices where they are in US markets can also compete in those other markets. I'm sure that isn't the case in every specific product, but overall it should be.
So? Sounds like a pretty workable business model really. Avoid all of the initial costs and R&D and then use your IP rights to absorb rather than crush. This is better for everyone involved. It allows the copyright holder to enforce their copyright and allows the infringing work to become noninfringing work and allow the creators of the infringing work to legally profit rather than being crushed. In fact, that very message you are worried about sending could easily cause more developers to bang on company doors with working implementations. You don't exactly have to worry about the unsuccessful ones, and absorbing the successful ones rather than crushing them saves you a ton of investment. It also has the added bonus of making you look good by stamping your brand onto the successful ones and thus keeping the fans happy rather than looking like an ass attacking the ones that your fans like.
Really. Well at the risk of invoking Godwin's law. What do you think about the companies charged with war crimes for assisting Nazi Germany with eradicating the jews? Or maybe the companies that were involved in the rather inhumane expieriments and drug testing? IBM, Bayer, etc... No...the immunity thing stinks like hell. "Well, the government asked us really nicely so we figured it would be ok to violate the law and let them do what they wanted". Aside from that, I don't think the whole point was to punish them. Immunty blocks the lawsuits which blocks discovery. So now we can't find out what the administration was really up to in the first place and they get to continue to claim states secrets on everything they fuck up.
FYI...Even the military trains their people to not follow illegal orders. Military members can and are prosecuted for following illegal orders.
Actually...pricing your product based on what people will pay IS the Supply Demand & Blah Blah piece. I am terribly amused when people come out crying about these price differences. The fact is...an item will be priced to maximize revenue. Very simple economics. You have consumers * price = revenue. You increase the price and consumer goes down, you lower the price and consumers goes up, this ultimately is a very simple mathmatical problem of maximization and it blows my mind that so many "geeks" are so stupid to this and moan like it is some evil agenda.
To be fair...the thing that does piss me off is that companies will have this price difference and then when "damages" gets mentioned they inflate the number. So MS is selling Windows in China for $3 a copy, but I seriously doubt they consider every pirated copy of Windows in China a $3 loss, they probably figure it even higher than the US retail cost.
Not exactly...our society only has an adversion to getting our hands dirty. Waving a gun while robbing a convenience store really shows nothing about the robbers regard for human life (unless he kills someone). However, I have yet to see a convenience store robbery destroy as many lives as things like the Colorado stocks and bonds incident, or Enron, or Worldcom? How many people lost their life savings? How many people killed themselves in desparation after losing everything? How many rich white collar criminals did a stint in a dormitory style prison to come back out and gather up the frequently large piles of money after the government took their fines?
No...in the grand scheme of things those ebmezzling brazillions of dollars guys are FAR worse than your average street thug. They have a far larger negative impact on society as a whole as well as number of people per crime. To me they are no different because it is the same deranged part of their brain that makes it ok to prey on their own kind...except the white collar folks are too much of cowards to look their victims in the eye. They should all rot in the same places.
And....? Seems to me throwing a spammer in a place full of violent people is a perfectly good solution.
In seriousness, given that most of what he made was through fraud how does the government taking most of that money make things any better? Really, that would just encourage the government to do that sort of thing to more people, hell, they don't need to raise taxes, they just declare everyone criminals and take 80% of their earnings.
Punishing criminals should cost society or it will become a very popular thing. Its one of the reasons I don't like that whole forced labor thing in prison (at least productive labor) becaues it encourages the government to toss people in prison to build a cheap workforce. Now, on the other hand, if it is painful, difficult, and ineffecient labor I am all for it. Making violent criminals turn big rocks into small rocks using rubber mallots for 16hrs a day seems pretty safe in the realm of inefficiency.
I wonder if they will start taking this more seriously and treating these people like criminals. I mean really...guy steals some property and can get years in a place a little more harsh than this dorm style prison. This guy stole bandwidth, and while it is an intangible thing, ultimately the total cost of his crap cost people FAR more than the value of the crap you could carry out of a pawn shop. I vote send his ass to a real prison.
From the comments from the article (because I know most of you won't read it, and I'm not going to take credit for it). "One can only hope his punishment will be unsolicited male."
I prefer the "got hit by a bus" standard. I try to do a few things. First and foremost is bring the strange nonstandard pieces of configuration to a bare minimum. I absolutely despise kludging up something for a few users to function in a specific fashion. I actively resist that type of solution wherever possible, just because you CAN do something doesn't mean you SHOULD do it. Maintenance gets out of hand the more specific tweaks you have to make across your systems. The second main thing is trying to document damned near everything so that in the case of catestrophic failure (equipment or operator) things can be restored. I have even gone so far to document things like how SMTP and DNS flows through the network and all of the DHCP scopes and their options.
The point of documentation really isn't to remind you where things are. Its to allow someone else to step in with no knowledge and figure out how things work. The funny problem I have with people using that kind of nonsense for job security is that it is a two edged sword. Sure, it makes you hard to replace, but that also means it is hard to be promoted.
So...I certainly don't know if this guy is crazy or not, but there are a few things that I am surprised the /. crowd really hasn't bothered with.
1. The problems between IT and Management are so bad across the board that there is a famous cartoon relating these problems. This famous cartoon spawned the "PHB" reference. So...to listen to an IT guy complain of incompetent management shouldn't be a surprise at all. Please everyone, raise your hand if you have been handed complete and utter bullshit requirements or policies that some "PHB" without a technical clue has demanded that you implement. Now...raise your hand if you were stupid enough to EVER give them administrative rights over ANYTHING.
2. The media has a fucking field day with "evil hackers". This is so bad that the world "hacker" now means criminal and hordes of geeks wimpering and moaning about how the media stole the word. So...the media reporting on yet another "evil hacker holding city hostage" should be taken with a grain of salt. Sensationalist crap reported by people that have less than 0 IT understanding to the masses who also have less than 0 IT understanding. Million to one odds says that if they actually reported the more technical facts of this case the ratings would be near 0 and this story would have never gotten to be so high profile.
3. He did give the password to the person at the top of the chain of responsibility for this. Which to me sounds like the most appropriate thing to do. If you are so concerned that everyone is an incompetent fool then your only option is to go straight to the top. Imagine how much trouble this guy would be in if he gave out these passwords to a bunch of corrupt and incompetent folks who did bring the city down? At least this way everything continued functioning.
Finally...and most concerning to me is a quote from the article.
But without access to either Childs' passwords or the backup configuration files, administrators would have to essentially re-configure their entire network, an error-prone and time-consuming possibility, Chase said. "It's basically like playing 3D chess," he said. "In that situation, you're stuck interviewing everybody at every site getting anecdotal stories of who's connected to what. And then you're guaranteed to miss something."
Really...so basically these people didn't document ANYTHING. Because config files or not, rebulding your network if you bothered to document things isn't all that hard, it's just time consuming. But straight from their man there they would be stuck interviewing people for anecdotal stories becaues they were too incompetent to bother documenting the network. Nevermind that they seem to have cut their IT staff from 350 to 100 over the last few years. So it sounds like their IT staff was just the favored bucket to take money from, which is hardly new thinking these days. It amuses me to no end when companies/governments treat their IT staff like overpaid housekeeping, largely unneccessary drains on budgets, and an unimportant support function and then scream bloody murder when the shit hits the fan.
I really wanted my Hotmail account to be compromised when my Google/Myspace/Facebook/Amazon/Ebay/Paypal accounts are all compromised by the single sign on. Now they will have to get my OpenID AND my Passport logons.
Seriously...with the internet being such a dangerous place for the average user. How in the freaking hell is a single sign on going to make it better? I mean really now this seems monumentally stupid. And worse the summary tries to blast MS for not supporting it. For all the many things to bitch about MS..."They won't sign on and support one of the dumbest security ideas on the internet" seems pretty counter to the normal complaints that they do stupid things when it comes to security.
With any luck some banks and credit cards will adopt this. So now you can have everything stolen from you with a single username/password combination that was probably lifted from you through a fake website or one of the dozens of account stealing malware bits that you installed to get "OMG Ponies Wallpaper & Pointers!". For bonus points, being able to pull a drive by install of malware to steal this account from a MySpace banner and then using that to steal all of their money, email addresses, and social webpages would be great. Bonus points if you manage to auction off all of their personal possesions through their ebay account and then keep the money through their paypal account.
I would like to point out that science has shown that algea is not only more intelligent, but is higher up the evolutionary path.
Of course they aren't. They had to redesign their network for the wiretaps.
Yes...what a terrible military state we will have. Run by that out of control Air Force making comfort capsules instead of using those counter-terrorism funds for weapons or spying like they were meant to be used.
Not that I advocate for a military state by any stretch, but lets be real here. It wasn't the military that fucked this up to such an amazing degree from day 1. It was our wonderful Executive and a bunch of Congress Critters. All of which are non military. So...the illegal extradition stuff...CIA...not military. The wiretapping...also not military. The "papers please" mentality at our airports...also not military. Eminent domain where the government seizes your land for other use...nope...still not military. I mean really now...please...feel free to show me how our domestic situation has gotten worse due to direct military action not specifically ordered by civilian leadership. To be honest, I don't think the military has had much of anything to do with our failing domestic situation. Shit...even the military is pissed that these defense contractors are getting so money and free reign. You are likely to have a hard time finding many military folks that care for those blackwater clowns.
Congratulations. You managed to get a post defending the military +5 on slashdot. It is hard enough to do that when it is defending an action that IS important, let alone the comfort capsule.
I imagine your assessment is at least mostly correct. I suspect that there was extra funds dumped into the luxury part that shouldn't have been. And then also that whole being told no you can't use that money for it.
I actually talked to a retired general's aide that said the general would frequently decide that he wanted to drive and would tell his aid to go get in the back and enjoy getting driven around by a general. This only ever caused problems when they went through the gate because the guards were understandably concerned why the general was driving with the aide in the back. (Think potential hostage).
Ironic isn't it, that the senior leadership most deserving of a little comfort and pampering from time to time is the least likely to pursue or accept it. Yet at the same time it inspires the people who work for them to try to offer it more.
Wait wait wait. This is the Air Force. There is a wonderful joke about which branch has the smartest enlisted related to this as well. The gist is after the call for war the Army, Marines, Navy are all greeted by the ranking officer and he tells them "Give em hell men". The Air Force members are greeted by the ranking officers and they all jump to attention and salute and say "Give em hell sir!" (Air Force pilots are all officers).
In all likelyhood someone is going to get their balls in a vice over this one. Someone once told me "The military needs a war every so often to remove all of the cowards and bureaucrats out of the services". The problem is during extended times of peace it is the political weasels that do shit like this that rise through the ranks. When rubber hits the road and shit gets hairy those people typically quit or get fired and people with real leadership qualities step in and start making things right. This process also leaves us with military leaders that understand the horror of war. Eisenhower has some pretty powerful words about the horror of war, the stupidity of a "preemtive" war, and so on. He didn't learn that shit reading text books. The problem is that this process is slowed considerably given that this administration rewards the political weasels.
Thank you :) This whole thing seems more like a "look how much better justice work now when criminals and assholes broadcast their exploits" than some kind of draconian privacy invasion. It isn't like these guys were hacking the gibson to get these pictures, they were posted online. There is a tremendous difference between pictures of people just getting drunk at a party and the types of pictures that have been getting people in trouble lately. For example...bunch of people getting drunk at a bar, dancing, karioke and whatnot. No big deal. Contrasted with a guy who nearly killed someone going out partying in a convcit suit or maybe that beauty pagent girl getting in trouble for half stripping and getting pretty lewd with other half naked girls. (Disclaimer: I agree with her getting in trouble with the pageant thing over the pictures/behavior. Image and rolemodel stuff and all. However, they were pretty nice pictures and she deserves a different kind of reward.)
Of course, I would pay a pretty hefty amount of cash to see someone take a youtube video of someone singing horribly at a bar and use it as evidence in a lawsuit for hearing loss.
So other attendees of the party should be signing NDAs when they walk in? Why would there be some expectation of privacy from other guests? I mean really...you are making a pretty dangerous leap here saying that noone should be allowed to talk about or show pictures of events that they attended. I mean really, anywhere you go do anything and other people see you do it, your expectation of privacy should be approximately 0. I mean, if these pictures were of him in his own home, alone, drinking on the couch...then yes...maybe I can see an invasion of privacy. But what they were of was him going out and acting like an unremorseful prick in front of a bunch of people and evidence of him doing that was broadcast. He should not have had any kind of expectation of privacy, and I doubt he did. In fact, I think dressing up like a convict and going out to party after nearly killing someone is about as unprivate and attention whore as you get. Hell, if he was being private, staying home, contemplating the tragedy he caused then he probably wouldn't have gotten into further trouble.
Explain to me how being a callous moron in public relates to privacy? So what someone else took a picture and posted it and identified him. That still has nothing to do with privacy. Unless you make the argument that Lipton was indoors on private property and the guy taking the picture broke in to take the picture. I think MySpace does tagging too, but I don't know. Either way, in no way shape or form is this about privacy. The pictures were of PUBLIC things. The fact that someone else posted a record of a public event that he attended without his knowledge is irrelevant. The fact that the prosecution got the pictures of a public event from a public place without his knowledge is irrelevant.
The notion that right to privacy has anything to do with protecting you from your own stupidity in public is unnerving. In fact it only serves to fuel the government/business desire to destroy real privacy. When people hold up stupid crap like this as an example of privacy violations the government gets to hold it up and say "See how bad these privacy advocate people are, don't listen to them". I am horrified what our government has done to our privacy lately. I am even more horrified what our populace has done to throw their privacy away (handing out personal information to every marketer and social website they can find for free handouts). Yet, the most frightening thing is how people seem to be rushing to idiots like this to defend them by redefining privacy with "You got caught being a total douche in public, that is a violation of your privacy!"
And he didn't kill anyone either...he almost did. There is a large piece here to be said about posing for the camera while doing something stupid. I mean really now, its not like he was trying to hide from the camera. ANYONE at that party could have walked into the court room and said "Oh, by the way, this guy is a prick". The photo thing here really has about squat to do with privacy. It has to do with acting like a moron in public and being surprised someone kept a record of it and it came back to bite you. This isn't about privacy and I don't know why everyone keeps making it about privacy. When you go out in public and act like a moron you have NO expectation of privacy.
And no, it does not SEEM like Josh was an idiot. He was an idiot and deserves worse punishment. I have absolutely 0 respect for drunk driving. 0, zip, nada, zilch, it is 100% preventable and fucking moronic to do. The fact that he didn't kill anyone (only put them in the hospital for weeks while he continued to party) doesn't make a damned bit of difference. To be honest I think we would see drunk driving drop off significantly if we treated EVERY incident as attempted murder. It pisses me off that more people have their lives ruined by drunk drivers than the number of drunk drivers who have their lives ruined over their own stupidity.
Don't get me wrong, I have no kind of problem with drinking. I have been really drunk before and it has NEVER EVER EVER occurred to me "Gee, I should get in a car and go drive home" due to that reduced inhibitions crap. Fuck them.
Well my opinion of the matter is that if you are remorseful and ashamed you wouldn't advertise that kind of picture all over after an event like that. Ultimately in this day and age MySpace/Facebook pages testifying for/against their owner is some of the best character witness stuff you can get. Of course their friends and family are going to come in and talk about how much of a great person they are. If they tell the real story on their myspace page then I see no reason not to use their own "description" of themselves.
I don't think you have to worry about same name issue. I mean...you ARE in court right? When they hold up a picture that looks nothing like you and say "See, this is you isn't it" they won't get very far.
You are right about the verification part though I think. I imagine this will make it much more important to verify dates and whatnot in photos. However, as noted in these cases, it seems reasonable to allow people stupid enough to worry about this to post accurate descriptions of the photo on their websites and get the upload/added/etc date from there. In fact, I think that would be more damning than any forensic dating. Say for DUI, the party happened months before dumbass killed someone, but he posts them after. The Myspace page shows "woo me like drinky fun" and the posting date AFTER the wreck. I imagine the prosecution would actually FIGHT revealing the actual date of the pictures and focus that they were added after he murdered someone. Some facts are more important than other facts.
I don't understand the problem here either. This is two "OMG Privacy" stories that have come up in the last few days. This isn't "OMG Privacy". This is quit being a fucking moron and advertising your private life to 3rd parties or the world. In each of the three cases I am fucking glad they found those pictures. Those pieces of shit deserve to be rotting in prison instead of out partying after that crap. In case you skip the article it talkes about 3 cases of DUI, in 2 of which people died and the third almost died. Then these pieces of human filth went out partying and posted pictures showing exactly how seriously they took the fact that they went out driving drunk and murdered someone. I am personally very happy these fuckwits posted these pictures and the prosecution found them. In at least two of the cases mentioned here the bastard was probably going to get probation.
So...let me put it this way. If you are a worthless dumbass criminal making life worse for other people PLEASE PLEASE PLEASE post pictures of yourself doing illegal things online. Record yourself talking about the crime and make it an mp3. Take videos of you beating hobos or other nonsense and put them on youtube. I would much rather a society where the criminals effectively go to the authority and say "Hi, I'm a fucking moron criminal asshole, please arrest me!" than the world where the cops have to wiretap, and search, and investigate. So, please, in the interest of keeping our society free, go post your stupidity online, make it easy to find, that way the authority can leave the rest of us the fuck alone since we aren't doing anything wrong.
It seems to me that moving your AD outside the firewall would be monumentally stupid. Moving your AD outside the firewall would imply putting a domain controller outside the firewall, which pretty much defeats the whole point of the firewall being there. Sidewinder firewalls do something called split DNS. It has a DNS server running on the inside interface and on the outside interface. The DNS server on the inside interface forwards all requests to the DNS server on the outside interface. You configure your AD to forward to the inside interface DNS server. The inside interface slaves to the AD DNS and the outside can really be master/slave to your external DNS. (Of course, this type of setup requires that you don't do something stupid like making your entire internal DNS structure externally resolvable). So the only DNS server talking to anything on the outside is the outside interface DNS server on the sidewinder. Patch that one, and don't expose your AD structure to the world. This also has the added benefit of stopping any of that DNS tunneling stupidity that results from allowing your internal computers to directly query any external nameserver. You shouldn't be allowing DNS traffic through your firewall like that.
So no, putting your AD outside the firewall is incredibly bad advice. Engineering your DNS in a secure manner is good advice.