Slashdot Mirror


User: Enderandrew

Enderandrew's activity in the archive.

Stories
0
Comments
5,075
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,075

  1. Re:It's called speculation... on House Dems Turn Out the Lights On the GOP · · Score: 1

    I work for a newspaper, so I'm quoting what I read off the front of our Money section about 3 days ago, but apparently gasoline usage in the US has dropped 14 weeks running, and was expected to drop for a 15th straight week.

    Locally here in Omaha, NE, in that stretch gas prices has dropped from about $4.09 a gallon to $3.57 a gallon today in relation to demand dropping.

  2. Re:It's called speculation... on House Dems Turn Out the Lights On the GOP · · Score: 1

    Except Exxon is reporting record profits quarter after quarter while crying to the press that they have no choice but to hike prices.

    Yes, oil prices are going up, yet some businesses opt to only inflate at the same rate as their costs go up, or even sometimes sustain some of that loss themselves.

    Exxon is raising their prices even faster than the prices of crude oil are going up, which is a double-whammy, then they try to play some sympathy card.

    As a consumer, my response is to buy from other companies.

  3. Re:Penetration Testing Tools on Creating a Security Test Environment? · · Score: 1

    All good tips, thanks!

  4. Re:May I suggest you read up on security practices on Creating a Security Test Environment? · · Score: 2, Informative

    MBSA is far from perfect, but it is what IS demands of us. See, us lowly SysAdmins know nothing about security. But IS tells us that Microsoft is secure and Linux isn't because (direct quote) "is is programmed by teenage turds in their basement that don't know anything."

    I'm glad we have those specialized security experts (spoonfed by Microsoft) to keep me in line.

  5. Re:Nessus on Creating a Security Test Environment? · · Score: 1

    Nessus looks great. Thanks for the link!

  6. Re:Security at what level? on Creating a Security Test Environment? · · Score: 1

    Just because you haven't discovered a vulnerability yet doesn't mean it doesn't exist. I can't really prove that software is secure. Really, I'm testing more for software that I can discover to be a liability.

    Again, nothing is perfect here. I just need to come up with the best solution within my means.

  7. Re:Thoroughly tested on Creating a Security Test Environment? · · Score: 2, Insightful

    Well, I'm asking what is the best way to set up a test environment for testing. I make my best effort while explaining to my bosses that it is near impossible to declare anything void of vulnerabilities.

    All I can do is make my best effort.

  8. Re:I still think $10 would be possible. on India's "$10 Laptop" To Cost $100 After All · · Score: 2, Informative

    If you rented it, they'd ask for the phone back and you could just leave. However you purchase the item. No one else claims to own it. You however must carry a service contract.

    You ask if those "scams" still exist, and I point to the entire cell phone industry.

  9. Re:Give it a day... on India's "$10 Laptop" To Cost $100 After All · · Score: 2, Funny

    Actually it was the Pentium Pro line from 60 to 100 MHz. I don't feel bad. You didn't remember correctly either.

    http://en.wikipedia.org/wiki/Pentium_FDIV_bug

    I did remember it being the 66 MHz FSB P6 core, which I mistakenly remembered as being early P2's. They were actually Pentium Pro's.

  10. Re:I still think $10 would be possible. on India's "$10 Laptop" To Cost $100 After All · · Score: 1

    You're confused. You gave me an informative link, and I'm all out of pithy comments.

    However, I just tried putting this in my signature, but it was sadly truncated.

    -------
    In Soviet Russia, our new naked Natalie Portman and grits-powered Linux overlords welcome you, for one. To which CmdrTaco replied, "you must be new here." I didn't RTFA, but I heard that CmdrTaco is just a Twitter sock-puppet. ??? Profit!

  11. Re:I still think $10 would be possible. on India's "$10 Laptop" To Cost $100 After All · · Score: 1

    Wired's "Free" issue a while back was talking how laptop's could easily be free, in the way that a $200 cell phone is free by tying it to a contract.

    In the US a few years back, Microsoft gave you $400 if you signed up for a three-year MSN contract.

    $400 can buy a cheap laptop.

    So a free laptop is just one marketing promotion away.

  12. Re:Common sense on India's "$10 Laptop" To Cost $100 After All · · Score: 1

    Duh.

    Willy Wonka math.

  13. Re:Give it a day... on India's "$10 Laptop" To Cost $100 After All · · Score: 3, Funny

    Did they calculate their costs with a Pentium II?

  14. Re:Remember folks on KDE 4.1 Released, Reviewed · · Score: 1

    One guy, Troy made that comment and later recanted. Several KDE devs with blogs on the Planet disagreed with him and said users are quite valuable. So it isn't fair to say the two design philosophies are the same, since the KDE devs don't seem to have that philosophy.

  15. Windows is not dead on Windows Is Dead – Long Live Midori? · · Score: 1

    Microsoft would be foolish to completely ignore the potential of a "web OS" or desktop cloud computing.

    However, Microsoft isn't going to ignore their enterprise customers, many of which don't want all their desktop users to have internet access, nor do they want to necessarily have to pay for extra bandwidth just to have a less secure system.

  16. Re:Remember folks on KDE 4.1 Released, Reviewed · · Score: 1

    I'm not all that crazy about the KDE 4.x desktop experience either. I'm all about KDE 3 personally.

  17. Re:Remember folks on KDE 4.1 Released, Reviewed · · Score: 1

    The Pidgin philosophy is to take working features and just remove them for the sake of removing them, even if users scream they want to keep those features.

    The KDE philosophy right now is to rewrite from the ground up. During the rewrite process, many original features aren't fully replicated, but there are also tons of new features. And they strive to eventually provide feature parity with the old version, and then some.

    So, that doesn't seem like a remotely fair comparison.

  18. Re:Firefox 3? on KDE 4.1 Released, Reviewed · · Score: 1

    I'm not a fan of KDE 4, but Firefox looks the same on KDE for me. I never had an issue with the scrollbars. However, I also like to install gtk-qt-engine which allows gtk apps to use the qt widgets. And there are two Oxygen themes to help integrate Firefox 3 with the KDE 4 look.

  19. Re:But ... does it run linux? on KDE 4.1 Released, Reviewed · · Score: 2, Interesting

    I've actually seen some screenshots of plasma widgets and panels on Windows. Aaron Segio said he didn't personally plan to port plasma to Windows, but someone else was doing it.

  20. Re:Leaked trailers on Leaked Wolverine Origin Trailer Makes the Rounds · · Score: 1

    Tsotsi is a very good film, and that is why he got this job.

    And I believe that is The Blob, not Juggernaut. I could be wrong.

  21. Re:Leaked trailers on Leaked Wolverine Origin Trailer Makes the Rounds · · Score: 4, Insightful

    I remember in the web's infancy that if you had a fan page, you got a cease and desist, even though you clearly weren't breaking any laws. Companies attacked their fans, rather than rewarding them for adding to the hype machine and giving them free PR.

    Oh, and the trailer (what I could make out of it) looks pretty damned good.

  22. Re:For everyone who thinks Childs was right on San Francisco DA Discloses City's Passwords · · Score: 1

    The last shop I worked for was a major Fortune 500 company, and they were BIG. They had issues with the IT staff constantly spying on people with VNC hiding the systray icon) and such.

    When we have grounds, we would investigate users. If someone was accused of something, we'd check their email and such.

    Even worse, we had IT users who would change people's passwords and log into users' accounts.

    Some people will abuse the system. Not everyone, but some people will. This is just ONE reason why SysAdmins should never see user's passwords.

    The second big one, is that you should always train your users to never give out their password to anyone, ever, for any reason. People tell me all the time, "you're in IT, I can give you my password" and then you wonder why people fall for phishing scams.

    They are trained to believe that certain people have a right to their password, and it is safe to give it out.

    Kevin Mitnik will be the first to tell you, that is your largest security hole right there. Compromising employees to gain access is the easiest and most dangerous means of compromising a system.

    SysAdmins should encourage good security practices in their users. That means we have to follow those practices ourselves.

  23. Re:For everyone who thinks Childs was right on San Francisco DA Discloses City's Passwords · · Score: 1

    If I don't post our 49-page computer use policy, then I'm full of shit? Let me say, I can care less what AC trolls think.

    I'm only responding to point out that you can't seem to follow a conversation.

    1 - You insist that often the usernames and passwords are the same. I respond directly by saying we don't allow any variation of your name in the password, and then you act confused in regards to password rules. If you can't keep up, I'm not going to explain things to you over and over again.

    2 - You insist any real admin cracks their users passwords. Checking for vulnerabilities does not mean seeing users passwords, nor keeping a list of them. You seriously need to read up on security policies and procedures.

    3 - You seem to think that being an admin means you have free reigns to try and hack your own system. You obviously have never worked as an admin for any sizable company.

    4 - You suggest any real admin keeps vital company data on his home computer. Again, this is ridiculous. For one, only company hardware touches our network, including VPN access. We don't even allow you to check company email from personal computers. All business related computer use must be performed on company owned hardware. Secondly, sending sensitive company data outside the network is grounds for termination. Keeping a list of passwords on your home computer is a double whammy given that an admin should NEVER see users passwords.

    I can say that in my career, I have never once had my employer lose data on any system I oversaw. When I interviewed for my current employer, I was asking them the questions, such as their backup strategies, data retention policies, security policies, disaster recovery policies, etc.

    They weren't up to snuff in my book, and they still aren't. Some improvements have been made, but we've also got to continue to make improvements.

    Most suits have little to no understanding when it comes to these sorts of things. They are normally only assuaged by security theater that often does more harm than good, but don't want to deal with necessary policies to provide actual security.

    At the end of the day, I know I'm good at my job. I've never lost data, and I don't ever plan to. I don't need to post AC or hide, because I can backup my statements.

  24. Naming rights on NOAA Requires License For Photos of the Earth · · Score: 4, Funny

    That's the Budweiser Moon© now, they paid for the naming rights.

  25. Re:For everyone who thinks Childs was right on San Francisco DA Discloses City's Passwords · · Score: 1

    We make people sign a pretty lengthy computer usage policy that specifically stipulates taking company data outside the company is theft.

    Then we have a pop-up reminding people of these policies regarding computer usage at the login screen.

    We have billing information that is sensitive. We have payroll information that is sensitive. We have personal records that are sensitive. Our client list is sensitive. And our advertisers send us their fliers about two weeks before it gets put into a paper, and often these include sensitive data. Our advertisers go nuts when that data is leaked early.

    Stealing company data is theft, and there is plenty of precedence for judges upholding that.

    Again, feel free to test the waters of data theft and see where it gets you. We'll see which one of us is the idiot.