This is not at all correct. DigiNotar has its own root certificate and it was removed from the browsers this week, but this is not related to the Dutch government. The Dutch state has its own trusted root certificate (a bad thing in its own right!) under which there are a couple of subordinate certifcates, under which there is an intermediate certificate issued to DigiNotar, and that certificate is used to sign the server certificates for the governmental sites. Only that last level was managed by DigiNotar, and the certificate used by them could be revoked and all server certificates would become invalid. However, that was not done. The warning about security messages is only given because some browser vendors may ship updates that deem everything signed by DigiNotar untrusted, independent of the certificate tree above it.
But still in further statements they continue to claim that the trust in other certificates managed by the same company (under a different root) is not affected by all this. First, that indicates that they have no clue what trust means, but also it is not at all unlikely that they have to announce next week that a fraudulent certificate was still issued, only their broken auditing system had not been able to trace it.
I also find it quite disgusting how they mainly focus on the damages potentially being done to their own company and the profits it might or might not generate, instead of considering the damages done to others, in this case even to individuals that may pay for this incident with their lives.
I had a Linux desktop system in 1992 (ok, I installed it in december of that year) and it actually was quite impressive what you could already do back then.
It had a working X11 system with many interesting applications. Even the networking already worked. I took it to work and connected it to the ethernet, and I could use it as an X client and server with the DEC VAX and X terminals we had there. Except that I had color and those X terminals were b/w:-) Everyone was really impressed...
Remember that Windows 95 did not appear until 3 years later!
This is quite common today. Many social media websites offer no way to contact their support department for people who do not have an account themselves. When I want to contact linkedin, facebook, twitter, hyves or whatever to ask them to stop sending mail to some address, to remove a customer who has deceased, or whatever, the first thing they ask for is my username and password. But I don't have and don't want accounts on sites like that. I only want to report events in a role as a system administrator. No way to do it. They don't publish mail addresses, and the ones you may guess yourself or derive from whois are just black holes or return autoreplies that you have to use the form on their website. Which you can only access after logging in.
Whenever you type your password on the login form, it is available to them in plain text. (of course it is transmitted encrypted over the internet, but then it is decrypted by their server) If you are lucky they don't store your password in their database in plaintext, but each time you log in they have the opportunity to lookup your password in their insecure password list before encrypting it again to compare it with their database entry.
What I find disturbing with features like this, is how the service (be it hotmail, linkedin, facebook, whatever) always assumes that when you receive crap from one of their users and want to report it so something is done about it, you also have an account yourself. I want to be able to report that I receive spam from one of their users WITHOUT having to create an account on their system. So the "my friend has been hacked" report should not be only in their mail user interface, but also in some publicly accessible webpage or even better in the handling of mail sent to abuse@.
Furthermore, having monitored events of "hacked hotmail accounts" for some time, I believe quite a number of them is not hacked by bruteforcing the password, but by phishing or luring the user into "when you fill in this questionnaire we will send you a free led lamp" etc, where one of the questions in the questionnaire actually asks the user to provide their mail address and password. Many naive users give all info you ask them for when promised a free gift.
I agree. I have 15m (50ft) of cable running from the livingroom to the bedroom and it carries 1080i component video with hardly any visible degradation. (the only thing that can be noticed when you know where to look for it is a tiny bit of reflection that is probably caused by sloppy termination in the TV or the settopbox) Running HDMI cable is difficult because it runs through several small holes where HDMI connectors won't fit through, and I know of no viable way to manually fit a HDMI connector to an end of a cable. (which is easy with component video RCA connectors)
It is very simple to differentiate between problems in your HDMI cable and problems in your antenna or its cabling, because the latter only affect picture content while the former also affects locally generated video like menus, EPG etc.
The question is if you should be allowed to run an executable that you have downloaded and stored yourself. It is easy to setup Windows in such a way that this is not possible, especially in a company environment (Active Directory with Group Policy). Then users without special privileges cannot run any software that hasn't been installed by the system administrators. This includes any software found in (links from) mail.
It is easy to setup Windows like that. Just make sure the user is not an administrator, and create a policy to forbid executables in directories that are writable (like %USERPROFILE%).
Actually it is sad that so few admins actually do this.
I can assure you that Oracle cannot even get summer time change right! This spring, the Oracle Hyperion software had a major issue in its job scheduler at the summer time change. Apparently the folks at Oracle Hyperion have little or no idea about how to implement things like a scheduler, in the face of timezones and summertime.
Probably the next proposal will be to stop using DST to accomodate the proficiency level at Oracle.
Actually "Hanny's Voorwerp" is not correct Dutch at all. The 's in Dutch is used for plural form of certain words, not for the possessive form. It should be written as "Hannies Voorwerp" if it were proper Dutch. (the s is directly affixed without apostrophe, and as in this case the word ends in y the y is changed to ie)
Interestingly enough, even companies that test every software update before rolling it out on their network often pass virusscanner database updates untested. This means they are at constant risk of disabling their entire computer network due to a mistake of the virusscanner maker.
But who will have interest in "a few entire C nets"? Even an entire A net represents only 0.5% of the address space. If you could reclaim one of those A nets that were handed out in the early days, you could add 0.5% to the address space. But that does not buy you much more time at the rate those addresses are handed out.
A Unix utility would remain silent when everything went OK, would have a -v flag to be verbose even when everything is OK, would write output to stdout and errors to stderr, etc. Kind of like "cp -a" does. And of course Unix has utilities like "rsync", which is more like what "robocopy" should have been. Unfortunately the Windows utilities do not include something like "rsync". The generalization that Unix utilities are better-written than Windows ones really holds up in this case and in many others too. Note I am writing about utilities, not applications. There certainly exist many Windows applications that are better than Unix ones. But at the level of basic operating system utilities, the situation is reversed.
The reason not to use the tools you have (robocopy) but muck with rsync, in this case, are that rsync provides the functionality you need. It was written exactly for the environment described above. Robocopy is fine over a LAN or fast WAN, but when you really want to copy large files over slow links with high RTT, rsync is way better than robocopy.
That is not how it was specified. It may be how your FTP client works, but they probably implemented that logic because they got so many problem reports from users. The default in the FTP protocol is ASCII. That should have been BINARY.
What I don't like is that you cannot ask it to print NOTHING when operation is successfull. The least I got it to print (with several command line options) was a newline. Why do Windows tools have to be so verbose, and why is there no/QUIET flag that makes them shut up when there is nothing to report?
Slashdot Mirror
This is not at all correct.
DigiNotar has its own root certificate and it was removed from the browsers this week, but this is not related to the Dutch government.
The Dutch state has its own trusted root certificate (a bad thing in its own right!) under which there are a couple of subordinate certifcates, under which there is an intermediate certificate issued to DigiNotar, and that certificate is used to sign the server certificates for the governmental sites.
Only that last level was managed by DigiNotar, and the certificate used by them could be revoked and all server certificates would become invalid.
However, that was not done. The warning about security messages is only given because some browser vendors may ship updates that deem everything signed by DigiNotar untrusted, independent of the certificate tree above it.
But still in further statements they continue to claim that the trust in other certificates managed by the same company (under a different root) is not affected by all this.
First, that indicates that they have no clue what trust means, but also it is not at all unlikely that they have to announce next week that a fraudulent certificate was still issued, only their broken auditing system had not been able to trace it.
I also find it quite disgusting how they mainly focus on the damages potentially being done to their own company and the profits it might or might not generate, instead of considering the damages done to others, in this case even to individuals that may pay for this incident with their lives.
I had a Linux desktop system in 1992 (ok, I installed it in december of that year) and it actually was quite impressive what you could already do back then.
It had a working X11 system with many interesting applications. :-)
Even the networking already worked. I took it to work and connected it to the ethernet, and I could use it as an X client and server with the DEC VAX and X terminals we had there. Except that I had color and those X terminals were b/w
Everyone was really impressed...
Remember that Windows 95 did not appear until 3 years later!
This is quite common today. Many social media websites offer no way to contact their support department for people who do not have an account themselves.
When I want to contact linkedin, facebook, twitter, hyves or whatever to ask them to stop sending mail to some address, to remove a customer who has deceased, or whatever, the first thing they ask for is my username and password.
But I don't have and don't want accounts on sites like that. I only want to report events in a role as a system administrator.
No way to do it. They don't publish mail addresses, and the ones you may guess yourself or derive from whois are just black holes or return autoreplies that you have to use the form on their website. Which you can only access after logging in.
Clueless idiots.
Whenever you type your password on the login form, it is available to them in plain text.
(of course it is transmitted encrypted over the internet, but then it is decrypted by their server)
If you are lucky they don't store your password in their database in plaintext, but each time you log in they have the opportunity to lookup your password in their insecure password list before encrypting it again to compare it with their database entry.
What I find disturbing with features like this, is how the service (be it hotmail, linkedin, facebook, whatever) always assumes that when you receive crap from one of their users and want to report it so something is done about it, you also have an account yourself.
I want to be able to report that I receive spam from one of their users WITHOUT having to create an account on their system.
So the "my friend has been hacked" report should not be only in their mail user interface, but also in some publicly accessible webpage or even better in the handling of mail sent to abuse@.
Furthermore, having monitored events of "hacked hotmail accounts" for some time, I believe quite a number of them is not hacked by bruteforcing the password, but by phishing or luring the user into "when you fill in this questionnaire we will send you a free led lamp" etc, where one of the questions in the questionnaire actually asks the user to provide their mail address and password.
Many naive users give all info you ask them for when promised a free gift.
I agree. I have 15m (50ft) of cable running from the livingroom to the bedroom and it carries 1080i component video with hardly any visible degradation.
(the only thing that can be noticed when you know where to look for it is a tiny bit of reflection that is probably caused by sloppy termination in the TV or the settopbox)
Running HDMI cable is difficult because it runs through several small holes where HDMI connectors won't fit through, and I know of no viable way to manually fit a HDMI connector to an end of a cable. (which is easy with component video RCA connectors)
It is very simple to differentiate between problems in your HDMI cable and problems in your antenna or its cabling, because the latter only affect picture content while the former also affects locally generated video like menus, EPG etc.
The question is if you should be allowed to run an executable that you have downloaded and stored yourself.
It is easy to setup Windows in such a way that this is not possible, especially in a company environment (Active Directory with Group Policy).
Then users without special privileges cannot run any software that hasn't been installed by the system administrators. This includes any software found in (links from) mail.
It is easy to setup Windows like that.
Just make sure the user is not an administrator, and create a policy to forbid executables in directories that are writable (like %USERPROFILE%).
Actually it is sad that so few admins actually do this.
I can assure you that Oracle cannot even get summer time change right!
This spring, the Oracle Hyperion software had a major issue in its job scheduler at the summer time change.
Apparently the folks at Oracle Hyperion have little or no idea about how to implement things like a scheduler, in the face of timezones and summertime.
Probably the next proposal will be to stop using DST to accomodate the proficiency level at Oracle.
Actually "Hanny's Voorwerp" is not correct Dutch at all. The 's in Dutch is used for plural form of certain words, not for the possessive form.
It should be written as "Hannies Voorwerp" if it were proper Dutch.
(the s is directly affixed without apostrophe, and as in this case the word ends in y the y is changed to ie)
The problem is that it logs this silly message for every minor version update, so people have become accustomed to it and learned to ignore it.
COFF is not a filesystem, it is an object file format.
Interestingly enough, even companies that test every software update before rolling it out on their network often pass virusscanner database updates untested.
This means they are at constant risk of disabling their entire computer network due to a mistake of the virusscanner maker.
But who will have interest in "a few entire C nets"?
Even an entire A net represents only 0.5% of the address space.
If you could reclaim one of those A nets that were handed out in the early days, you could add 0.5% to the address space.
But that does not buy you much more time at the rate those addresses are handed out.
A Unix utility would remain silent when everything went OK, would have a -v flag to be verbose even when everything is OK, would write output to stdout and errors to stderr, etc. Kind of like "cp -a" does.
And of course Unix has utilities like "rsync", which is more like what "robocopy" should have been.
Unfortunately the Windows utilities do not include something like "rsync".
The generalization that Unix utilities are better-written than Windows ones really holds up in this case and in many others too.
Note I am writing about utilities, not applications. There certainly exist many Windows applications that are better than Unix ones. But at the level of basic operating system utilities, the situation is reversed.
Robocopy writes all output, including errors, to stdout.
Windows utilities are not as well-written as Unix utilities, you know...
You need to read. I said "when operation is successful". Your "solution" simply throws away all output, that is a different thing.
The reason not to use the tools you have (robocopy) but muck with rsync, in this case, are that rsync provides the functionality you need. It was written exactly for the environment described above. Robocopy is fine over a LAN or fast WAN, but when you really want to copy large files over slow links with high RTT, rsync is way better than robocopy.
It isn't default for non ascii files
That is not how it was specified. It may be how your FTP client works, but they probably implemented that logic because they got so many problem reports from users.
The default in the FTP protocol is ASCII. That should have been BINARY.
One thing I would have liked: copy of Windows security attributes.
If you would only know about rsync.... you would throw robocopy in the nearest trashcan immediately!
rsync is so much more useful for what you are doing there...
What I don't like is that you cannot ask it to print NOTHING when operation is successfull. /QUIET flag that makes them shut up when there is nothing to report?
The least I got it to print (with several command line options) was a newline.
Why do Windows tools have to be so verbose, and why is there no