And another thought I just had... you could scrap your monitoring software! What better than to have the actual Slashdot viewers let you know when something is going wrong! And you'd get such excellent, qualified advice on how to fix any problems that came up.
Just a small way that we can help in giving back to Slashdot and all it's done for us.
I'm assuming that most of us are somewhat technically literate. Personally, I architect HA, FT, geographically distributed Oracle systems. I'm always interested in how a system is architected, and how well it is performing.
What are the chances that you could include a little "SlashStatus" information in either a SlashBox or the header or something. It'd be neat to see some basic performance metrics of the different components of your site... bandwidth usage, cpu%, mem usage, etc. It wouldn't have to be real time or anything, but a 5-15 minute update would be quite interesting.
I agree... he did what he was supposed to do. For that matter, I'm surprised that the media was so worried about reporting his exact whereabouts like they did.
Terrorist to hijacker: "quick! according to CNN he's just landed in Portland! Redirect and look for the motorcade!"
Some people just don't get the fact that some information HAS to be kept private until such a time that it can be discussed without endangering the lives of people in the field. And some of those people doing the asking are senior news anchors and reporters just trying to sensationalize the events to keep people tuned in.
I wish they'd just stop whining about having to know EVERY little detail as it happens.
As my Grandaddy said, "common sense just ain't so common no more... was a time when not havin' it meant you got dead".
Re:encourage people to conserve bandwith
on
More On Tragedy
·
· Score: 1
But how many people have a TV or radio in their cube?
Am I going to be scared of being hijacked? No. They've just tought me that you can't just sit back and let people make you a victim and hope that it works out in the end.
When I get on my flight to LA next week, I'll be hoping that some asshole TRIES to hijack the plane so that he can proceed to get the shit kicked out of him. Even if he puts me down, the guy behind me will get him.
I have a very close cousin (more like a brother) in NY who was out on a stag last night. As a result he slept through his alarm clock this morning, woke up late, was rushing to work, and was about 5 blocks away when the first plane hit.
He worked in the Tower.
By all accounts it looked like the first jet went right through his office window.
He was in shock for a while (go figure), and when he finally made it back home, he was pretty screwed up. He was a mess, and quite honestly, hugely overcome with guilt about having survived.
Our family had to make sure that someone was with him, because he sounded quite suicidal. (We live in Vancouver, BC, Canada, so it's not possible for us even to plan to see him any time soon). Our phone has been in almost constant use talking to him and other members of our family.
My main concern is now what happens to him? His office mates are gone. His job is gone. He has come (quite understandibly) a little unglued, to put it politely. Personally, I hope he gets through it OK, regardless of how long it takes.
For that matter, as selfish as it may sound, I hope I make it through this. As much as I feel for the people that are missing or worse, my main concern, and the closest point of contact I have to the whole situation is my cousin, and right now he is the only one that I can think of.
Sometimes life really sucks.
PS: To reitterate what a number of others have said, be sure that Canada's thoughts are with everyone affected by this. Vancouver was pretty much shut down today because everyone was walking around in a state of disbelief.
yeah... it won't be long now until flying anywhere is like living through a bad scene from Con Air with everyone shackled and armed guards cruising up and down the isles.
All cynicism aside, I think that it would be prudent to have a couple/4 undercover security people on board that maybe could deal with situations like this.
I agree... blaming technology is just stupid...
on
Our New Pearl Harbor
·
· Score: 1
That's right... it turns out that (according to CNN report just now) that the original flight was hijacked using knives; butter or otherwise, I don't know. And they've been around for a LONG time.
I could see how divulging how the keylogger works could be a national security issue... once it's been released how it works, people could start looking for the tell-tales, and then once word gets out about how many people are actually being logged, all hell breaks loose... both in and outside the US.
Hmmm... don't let the Canadian astonomers know about it, the record may not be recognized because the precedent has been set for moons to be unappreciated and even punnished.
;)
Re:Isnt this a redundant concept but ?
on
Data Mining?
·
· Score: 3, Interesting
There is a secure need for co-lo facilites etc but why not just build a mirrored system with 4-5 sites carrying the data - a sort of broadband raid, this would cut down the need for these facilites
How about cost, performance, and design restrictions?
I think you're assuming that such a site would be serving basic, somewhat static html, in which case that may be an option. But I don't think that it would work out for a more complex application.
I design/develop/administrate a lot of Oracle-specific system architectures, specifically for sites with large numbers of financial transactions *cough - gambling - cough*, and let me tell you that such physically distributed systems can be EXPENSIVE, both in cash (eg: network/storage infrastructure is almost duplicated) and performance (latency involved in a physically distributed 2-phase commit will kill performance on the client side). Lets not even talk about the logistics involved in running/managing/designing a large physically distributed Oracle cluster!
Sometimes it is WAY cheaper to put all of your eggs into one cushy, bomb-proof basket.
He found a new place for his stash?
He's going to turn it into a big bong?
Somebody ELSE left their stash behind and he just found it?
He now knows what he's going to do with the neighbour's cat that's been pissing in his garden?
Yeah, he was in a group interview/session to commemorate the anniversary along with Bill Gates, among others. David Bradley said that while he chose the keys, Bill is the guy who made them famous.
It was pretty funny... especially the look on Bill's face.:)
There's been talk on places like CNN and CNet about software makers being held liable for serious defects in much the same way Ford and Firestone are for their recent tire troubles.
I think that would cause a bigger problem than it would solve. As soon as you start making the software developers liable for the problems with the software, then they will start restricting the use of that software in order to cover their asses.
"What? You used that software for business purposes, on a machine with an Internet connection? Sorry, that breaks our terms of use... you're on your own."
Also, I think comparing it to something like vehicle manufacturing is a little extreme. Let's face it, for the most part, I would venture that it is far easier to test a vehicle for defects than it is to test a piece of complex software. There are just way too many possible system configurations/setups/situations that could potentially cause problems in order to test them all. And when was the last time you had a fatal head-on collision because Code Red "blew up" your server?
I think that the blame should be set square on the shoulders of the corpoorate decision makers and implementors who (a) choose to buy and use shitty software and (b) the implementors and administrators who don't know what the hell they are doing. Let's not even start talking about (for the most part, the lack of) proper Risk Management analysis in most corporations that use this software.
Now, people are going to complain about the non-commercial, Individual users. Well, let them get hacked. Somebody somewhere will end up deleting everything off of their machine or reading their back statements. If anything, that'll teach them a valuable lesson. "But they're flooding the Internet!" So what? They bought bandwidth from their provider, and they're using it (albeit not knowingly!). When their usage hits their limits, then it should be up to the ISP to make them pay more money, or take some action. "But they're attacking my site!" Are you yourself getting infected with the worm? Silly you. I've been getting around 5,000 - 10,000 hits a day to my server because of Code Red. Big deal. All they really represent are lines in my Apache log files.
...strongly encourages everybody to install the patch, yet they themselves don't.
Somehow, when I picture a server farm, I see this clean, organized room with nice neat racks.
I remember hearing somewhere that the Redmond server farm consists of THOUSANDS of boxes. This equates to a huge warehouse of racks.
Now, I know what it takes for us in a small (50 person) company to patch our desktop and server machines, so it seems to me that this patching undertaking would take a LOT of people a LOT of time. Who knows, maybe they HAVE been patching their servers, it's just taking them months to do it!
While they probably have some sort of automated or remote patching facility, I like to envision a bunch of interns with crash carts (monitors/keyboards) and freshly burned CD's walking from rack to rack installing the patch.
I wonder if you could claim something like self-defense for something like this?
I'm being actively attacked, multiple times, by someone elses hacked machine. That is an "unauthorized intrusion" attempt into my machine. If I go and perform an "unauthorized intrusion" on their machine in order to shut them down so as to protect my own services, why would I get in trouble for that?
Sure, it's not like the guy tried to shoot me and I had to shoot back to protect myself, but it seems like a proportionate response to me.
...is still one of the best, as far as I'm concerned.
Lode Runner, on my Dad's Apple ][e... as a matter of fact, I used to play it so much (monochrome green screen and all) that I used to have nightmares about being burried alive in stone.
Never mind it was played on a computer that didn't have a hard drive.:)
Is it technically possible for the copied CD to have this damaging content when the original doesn't? When making a copy, wouldn't it be possible to make a bit-for-bit copy of the CD instead of an "interpreted" version?
And is it even possible for content on the CD to physically damage the electronic gear that plays it?
Slashdot Mirror
And another thought I just had... you could scrap your monitoring software! What better than to have the actual Slashdot viewers let you know when something is going wrong! And you'd get such excellent, qualified advice on how to fix any problems that came up.
Just a small way that we can help in giving back to Slashdot and all it's done for us.
;)
Just a quick question/request...
I'm assuming that most of us are somewhat technically literate. Personally, I architect HA, FT, geographically distributed Oracle systems. I'm always interested in how a system is architected, and how well it is performing.
What are the chances that you could include a little "SlashStatus" information in either a SlashBox or the header or something. It'd be neat to see some basic performance metrics of the different components of your site... bandwidth usage, cpu%, mem usage, etc. It wouldn't have to be real time or anything, but a 5-15 minute update would be quite interesting.
Just a thought.
I agree... he did what he was supposed to do. For that matter, I'm surprised that the media was so worried about reporting his exact whereabouts like they did.
Terrorist to hijacker: "quick! according to CNN he's just landed in Portland! Redirect and look for the motorcade!"
Some people just don't get the fact that some information HAS to be kept private until such a time that it can be discussed without endangering the lives of people in the field. And some of those people doing the asking are senior news anchors and reporters just trying to sensationalize the events to keep people tuned in.
I wish they'd just stop whining about having to know EVERY little detail as it happens.
As my Grandaddy said, "common sense just ain't so common no more... was a time when not havin' it meant you got dead".
But how many people have a TV or radio in their cube?
Am I going to be scared of being hijacked? No. They've just tought me that you can't just sit back and let people make you a victim and hope that it works out in the end.
When I get on my flight to LA next week, I'll be hoping that some asshole TRIES to hijack the plane so that he can proceed to get the shit kicked out of him. Even if he puts me down, the guy behind me will get him.
There is an excellent white paper from Pioneer here. It's in pdf format.
I have a very close cousin (more like a brother) in NY who was out on a stag last night. As a result he slept through his alarm clock this morning, woke up late, was rushing to work, and was about 5 blocks away when the first plane hit.
He worked in the Tower.
By all accounts it looked like the first jet went right through his office window.
He was in shock for a while (go figure), and when he finally made it back home, he was pretty screwed up. He was a mess, and quite honestly, hugely overcome with guilt about having survived.
Our family had to make sure that someone was with him, because he sounded quite suicidal. (We live in Vancouver, BC, Canada, so it's not possible for us even to plan to see him any time soon). Our phone has been in almost constant use talking to him and other members of our family.
My main concern is now what happens to him? His office mates are gone. His job is gone. He has come (quite understandibly) a little unglued, to put it politely. Personally, I hope he gets through it OK, regardless of how long it takes.
For that matter, as selfish as it may sound, I hope I make it through this. As much as I feel for the people that are missing or worse, my main concern, and the closest point of contact I have to the whole situation is my cousin, and right now he is the only one that I can think of.
Sometimes life really sucks.
PS: To reitterate what a number of others have said, be sure that Canada's thoughts are with everyone affected by this. Vancouver was pretty much shut down today because everyone was walking around in a state of disbelief.
yeah... it won't be long now until flying anywhere is like living through a bad scene from Con Air with everyone shackled and armed guards cruising up and down the isles.
All cynicism aside, I think that it would be prudent to have a couple/4 undercover security people on board that maybe could deal with situations like this.
That's right... it turns out that (according to CNN report just now) that the original flight was hijacked using knives; butter or otherwise, I don't know. And they've been around for a LONG time.
I could see how divulging how the keylogger works could be a national security issue... once it's been released how it works, people could start looking for the tell-tales, and then once word gets out about how many people are actually being logged, all hell breaks loose... both in and outside the US.
Where are the Lone Gunmen when you really need them?
Yeah, just be sure to wash that finger when you're done!
Hmmm... don't let the Canadian astonomers know about it, the record may not be recognized because the precedent has been set for moons to be unappreciated and even punnished.
;)
How about cost, performance, and design restrictions?
I think you're assuming that such a site would be serving basic, somewhat static html, in which case that may be an option. But I don't think that it would work out for a more complex application.
I design/develop/administrate a lot of Oracle-specific system architectures, specifically for sites with large numbers of financial transactions *cough - gambling - cough*, and let me tell you that such physically distributed systems can be EXPENSIVE, both in cash (eg: network/storage infrastructure is almost duplicated) and performance (latency involved in a physically distributed 2-phase commit will kill performance on the client side). Lets not even talk about the logistics involved in running/managing/designing a large physically distributed Oracle cluster!
Sometimes it is WAY cheaper to put all of your eggs into one cushy, bomb-proof basket.
Well, if the chickens were $2 a piece, and the oxen were $25,000 per, and I only had $5,000 to my name, I'd have to say the chickens.
You'd think they could at least send it out to Maaco to get it detailed and painted first!
But really, the question I have to ask is "why is that guy so happy standing on the thing?"
He found a new place for his stash?
He's going to turn it into a big bong?
Somebody ELSE left their stash behind and he just found it?
He now knows what he's going to do with the neighbour's cat that's been pissing in his garden?
Yeah, he was in a group interview/session to commemorate the anniversary along with Bill Gates, among others. David Bradley said that while he chose the keys, Bill is the guy who made them famous.
:)
It was pretty funny... especially the look on Bill's face.
I think that would cause a bigger problem than it would solve. As soon as you start making the software developers liable for the problems with the software, then they will start restricting the use of that software in order to cover their asses.
"What? You used that software for business purposes, on a machine with an Internet connection? Sorry, that breaks our terms of use... you're on your own."
Also, I think comparing it to something like vehicle manufacturing is a little extreme. Let's face it, for the most part, I would venture that it is far easier to test a vehicle for defects than it is to test a piece of complex software. There are just way too many possible system configurations/setups/situations that could potentially cause problems in order to test them all. And when was the last time you had a fatal head-on collision because Code Red "blew up" your server?
I think that the blame should be set square on the shoulders of the corpoorate decision makers and implementors who (a) choose to buy and use shitty software and (b) the implementors and administrators who don't know what the hell they are doing. Let's not even start talking about (for the most part, the lack of) proper Risk Management analysis in most corporations that use this software.
Now, people are going to complain about the non-commercial, Individual users. Well, let them get hacked. Somebody somewhere will end up deleting everything off of their machine or reading their back statements. If anything, that'll teach them a valuable lesson. "But they're flooding the Internet!" So what? They bought bandwidth from their provider, and they're using it (albeit not knowingly!). When their usage hits their limits, then it should be up to the ISP to make them pay more money, or take some action. "But they're attacking my site!" Are you yourself getting infected with the worm? Silly you. I've been getting around 5,000 - 10,000 hits a day to my server because of Code Red. Big deal. All they really represent are lines in my Apache log files.
I remember hearing somewhere that the Redmond server farm consists of THOUSANDS of boxes. This equates to a huge warehouse of racks.
Now, I know what it takes for us in a small (50 person) company to patch our desktop and server machines, so it seems to me that this patching undertaking would take a LOT of people a LOT of time. Who knows, maybe they HAVE been patching their servers, it's just taking them months to do it!
While they probably have some sort of automated or remote patching facility, I like to envision a bunch of interns with crash carts (monitors/keyboards) and freshly burned CD's walking from rack to rack installing the patch.
Sucks to be them.
I've got one at home, I just love it, and, well, lets just say I've never had a problem with it wearing out MY pants.
...and as a result are not buying the latest and greatest. Just ask Intel today. :)
I wonder if you could claim something like self-defense for something like this?
I'm being actively attacked, multiple times, by someone elses hacked machine. That is an "unauthorized intrusion" attempt into my machine. If I go and perform an "unauthorized intrusion" on their machine in order to shut them down so as to protect my own services, why would I get in trouble for that?
Sure, it's not like the guy tried to shoot me and I had to shoot back to protect myself, but it seems like a proportionate response to me.
At least, that's MY way of thinking.
...is still one of the best, as far as I'm concerned.
... as a matter of fact, I used to play it so much (monochrome green screen and all) that I used to have nightmares about being burried alive in stone.
:)
Lode Runner, on my Dad's Apple ][e
Never mind it was played on a computer that didn't have a hard drive.
125 year old food? I betcha a Twinkie will outlast that Mac SE!
Is it technically possible for the copied CD to have this damaging content when the original doesn't? When making a copy, wouldn't it be possible to make a bit-for-bit copy of the CD instead of an "interpreted" version?
And is it even possible for content on the CD to physically damage the electronic gear that plays it?
I can't see how that could work.