We keep a separate list of applications that are not to be installed on ALL pc's, and during re-installation these programs are automatically installed. We don't use images. Images are inflexible and hard to maintain. Each PC is build up using unattended installation procedures of the OS and all applications that are required on it.
In a well-managed environment, users are not *allowed* to have local data. Things like wallpapers are in the user profile, which should be synchronized with the server at every login/logout.
Where I work, PC's are just throwaway installs. In fact, I can re-install a PC with a network boot and a couple of keypresses. The user won't notice. Users have no write permission anywhere on the C disk except in their profile ('Documents and Settings')
The 'no local data' is even a requirement, as users don't have fixed working positions and thus login at different systems every day.
But that is the standard, isn't it? At least for any reasonable OS. It seems that Windows only uses this method after an optional "secure" profile is applied, but still.
Viruswriters have a different goal than destroying the computer. Their intention is to make the computer accessible to their writer, so that it can be used to perform other tasks like hacking, spamming, capturing account data, etc.
When more of these tasks cause real damage to the owner of the computer (like stealing his or her money, or legal consequences because a computer owner would be held responsible for for relaying spam), there would be more research and anti-measures.
Right now they seem to be at the edge of what is accepted: the spam problem is terrible but the governments do not yet want to really do something about it, and the fraud problem exists but is still covered by credit card companies etc.
True, destroying computers would probably be noticed, but it would be counter-productive to their current goal. (viruses that destroyed computers have existed in the past)
Re:Ceefax is cool but dated....
on
Ceefax Turns 30
·
· Score: 1
This is not true, DVB offers a fully compatible mode of transferring teletext pages. Unfortunately the BBC (unlike all other broadcasters on the European continent) fails to see this and does not broadcast their teletext service over DVB. That is a problem of the BBC, not of digital transmissions.
Re:Teletext never really popular in the USA....
on
Ceefax Turns 30
·
· Score: 1
If you think that is true, why is RADIO popular in the USA? You could setup a flatrate call to the station instead of listening to AM radio, couldn't you?
Similarly, there is a difference between broadcast teletext and flatrate Internet. I still read my news on teletext, not on Internet.
Re:Poland has something like this too
on
Ceefax Turns 30
·
· Score: 1
The generic name is "Teletext", and I'm sure this is what you have seen in Poland. Almost every European PAL TV has it embedded, and most countries have this service. Each under their own brandname. Ceefax is just one of them.
Arghh, a JAVA applet... try this instead: http://teletekst.nos.nl/
Besides, it looks like CNN does some automatic processing of news texts into text pages. When I occasionally look at the service (on TV) I often notice text gets chopped off on the small pages, or is divided in two pages where the second has only one or two words. NOS teletekst (see above) still has dedicated editors that compose well-looking pages within the limitations of the system.
This is very true. Over here we had a comparable system, called Viditel. Equipment was either a high-end TV that supported both Teletext and Viditel, or an expensive dedicated terminal. It looked exactly like Teletext but Viditel was transferred over a phoneline using a modem at 1200 baud download (the upload was 75 baud).
Because of these high prices, it was a complete flop.
Fortunately many banks have now finally moved to Internet banking. Many broadband users left their modem installed "because it is required to use telebanking". When a modem is an utterly useless piece of equipment, it should be easier to persuade the user to disconnect or remove it.
So, in parallel with informing the users, it should help to recommend businesses to discontinue all modem dialin services that can be (or have been) moved to Internet.
Authors of viruses and worms start with a known vulnerability, like a buffer overflow, then spend lots of time (or maybe little time when they are very good at it) to find a piece of code that can be put in the buffer without being damaged by the possibly non-transparent transfer, and the proper stack overwrite data that causes their transferred code to be run. That is the quality of the worm author.
I fail to see how that quality can be put to any use in a normal job. In security and testing of security it would be enough to find a potential security problem and then find and implement a solution for it. There is no need for the security problem to be completely exploited by code that self-propagates.
Don't forget there are worse problems: some systems return AAAA records referring to IPv6 addresses that are not active. So, when you prefer IPv6 connections over IPv4 those will fail, and you will have to fallback after the TCP connection setup timeout instead of a DNS lookup.
Doubleclick.net is a famous example. Of course you can simply filter out all doubleclick domains, they mainly serve crap anyway, but the problem exists and means that early adopters of IPv6 have a problem that disappears when they disable it. This, in general, is not a good thing when you want to push a new technology.
You approach things from the technical side. That is fine, but it is not the way 99% of the users see the Internet. When you try to introduce a "new" technology to the current Internet users the way you do above, it is certainly going to fail.
Nobody is interested in how efficient their video stream is, or how secure their traffic. They want to "surf the Internet" and as long as that works in IPv4 and not in IPv6, IPv4 it will be.
You will need to talk to the people that provide the software to the user's desktop. When they put IPv6 in an optional addon package instead of using it by default until the user selects IPv4 instead, it is never going to make any dent. Look at the situation with webbrowsers.
Tunneling is only a way to transport packets between two IPv6 endpoints over an IPv4 network. With tunneling you still need IPv6 support at both ends of the connection. With a gateway/proxy you don't.
I saw an example of such an MPAA letter to the ISP and it actually has a paragraph stating the MPAA will cover any costs for the ISP when the subscriber takes action against the ISP for taking the action the MPAA requires.
So what you could try is sue the ISP for taking down your site, win that case, and the MPAA will have to pay.
The letter also states that the material is infringing their copyright "to the best of their knowledge", which qualifies their knowledge as being very little indeed...
The problem: they will most likely send a letter to your ISP, and normally the ISP will cut you off or remove your site and leave it up to you to resolve the matter. So when you just ignore them and patiently wait until they bring the matter to court, you will lose your connectivity or your site in the meantime.
Maybe when your ISP is reasonable or likes to end these questionable practices (they of course get dozens of letters like that and have to administratively process them, all for nothing) they will accept your explanation for the file content and keep them online without sending formal legal replies?
For such high resolutions, you need really good handling in the GUI. The GUI should understand that the display has a high number of dots per inch, and thus use more dots to display an object of the same size. This is not limited to fonts, but should also include other GUI elements.
Unfortunately, many sizes have historically been specified in "pixels". This means trouble when you get a high resolution screen, use "large fonts", and then view HTML pages...
I have to admit that I have not tried it with *this* version, but I have tried several times in the past and every time it came up with "needs update" for the language file and switchback to English. There was not even a choice to accept partial translation or somesuch, it fell back completely.
Good to hear that something has (apparently) changed. The localization projects deserve more attention than they get. On the startpage there is a link to "other systems and languages" but one has to scroll down several releases to find another link to "localized builds and languagepacks" to get to the page with the languagepacks. And that page is not automatically updated: the Dutch language lists 1.7 as the most recent version but when going to the localization website (which as far as I understand is part of the mozilla website) the newest version is 1.7.2.
This is not meant as criticism of the localization teams. I think they are doing a very good job. But when it is decided to have a nifty webpage like the localization page instead of a plain FTP site with directory structure, I think it should be built in such a way that it is automatically uptodate (e.g. rebuilt from the filelists on the server), and so that new users can find the languagepack compatible with the version they downloaded without knowledge of the version numbering internals. In fact, I have heard from several new Mozilla users that they have been able to find, download and install the program, but have not been able to locate the language packs and/or do not even know that translated versions are available!
Actually there is a nasty problem in Mozilla and Firefox: the language files must be of the same version as the program. And the version number of the program is updated even for security fixes.
Result: when you or your users do not use the default English-US language, you cannot update to fixed versions as they are announced, but are forced to wait until the translation volunteer finds time to update the language package.
The Dutch language for 1.7.2 was released on September 10th, 5 weeks after that security fix had been released. And just a week later, another fix appears. This way, users of the Dutch language will never be able to run recently fixed versions.
Hopefully something will be done about this. It should be possible to run a security-fixed release with the original language pack, or at least the language packs should be automatically updated and released whenever a security related fix appears.
Add four 15k-rpm 36-gbyte drives internally for data
This system is old. I think it was originally purchased in 1996. It has 4 1GB and 2 2GB disks in RAID-1... so 4GB of space.
getting an updated application from your vendor
The vendor is out of business. When we had the sources we would recompile it on Linux. Lesson: use open-source when possible!
emulate aix on linux, that unfortunately doesn't sound likely to be reliable
Reliability is not really a concern. It just needs to work, for a single user, infrequently. In fact the current state is: we have backups, should the system die we will have to do something like you describe and load the backups. But it would be convenient when we could just run it on one of the many Intel servers when required, without having to go through the procedure of configuring a new system, making sure it can run our old stuff before buying, etc. We are also considering buying one or two used 4GB drives (these are available for like $200) and transfer the data to these, considering that the drives currently seem the limiting factor for the lifetime of the existing box. An alternative is to print as many reports as we can think of to textfiles, and save these.
We have an old RS-6000 server, model E30. It is running AIX 4.1.5. There is a vertical market application on it, that we have replaced by SAP in 1999, but the system still needs to be running because data stored in the application sometimes needs to be retrieved.
Now, the system is dying. Disks are failing (not yet fatal because of the mirroring). The maintenance contract has been stopped, as earlier it was believed that it would be redundant by now. All our systems are now Intel-based and run Windows or Linux, we have no interest to buy new PowerPC hardware.
Is there some sulution to run this entire environment emulated under Linux? A PowerPC emulator running on Intel, that can run AIX? I have read about "PearPC" but it looks like it is targeted towards running Apple operating systems. Any chance it would run AIX?
Slashdot Mirror
We keep a separate list of applications that are not to be installed on ALL pc's, and during re-installation these programs are automatically installed.
We don't use images. Images are inflexible and hard to maintain. Each PC is build up using unattended installation procedures of the OS and all applications that are required on it.
In a well-managed environment, users are not *allowed* to have local data.
Things like wallpapers are in the user profile, which should be synchronized with the server at every login/logout.
Where I work, PC's are just throwaway installs. In fact, I can re-install a PC with a network boot and a couple of keypresses. The user won't notice.
Users have no write permission anywhere on the C disk except in their profile ('Documents and Settings')
The 'no local data' is even a requirement, as users don't have fixed working positions and thus login at different systems every day.
> How about we add IP addresses to the do not call list. That seems to work pretty well.
How well has that worked with blocking SPAM?
Not very well, at least not for long.
But that is the standard, isn't it?
At least for any reasonable OS. It seems that Windows only uses this method after an optional "secure" profile is applied, but still.
Like "how many clients can relay information to a central server without overloading that server and the network around it".
Viruswriters have a different goal than destroying the computer. Their intention is to make the computer accessible to their writer, so that it can be used to perform other tasks like hacking, spamming, capturing account data, etc.
When more of these tasks cause real damage to the owner of the computer (like stealing his or her money, or legal consequences because a computer owner would be held responsible for for relaying spam), there would be more research and anti-measures.
Right now they seem to be at the edge of what is accepted: the spam problem is terrible but the governments do not yet want to really do something about it, and the fraud problem exists but is still covered by credit card companies etc.
True, destroying computers would probably be noticed, but it would be counter-productive to their current goal.
(viruses that destroyed computers have existed in the past)
This is not true, DVB offers a fully compatible mode of transferring teletext pages.
Unfortunately the BBC (unlike all other broadcasters on the European continent) fails to see this and does not broadcast their teletext service over DVB.
That is a problem of the BBC, not of digital transmissions.
If you think that is true, why is RADIO popular in the USA? You could setup a flatrate call to the station instead of listening to AM radio, couldn't you?
Similarly, there is a difference between broadcast teletext and flatrate Internet.
I still read my news on teletext, not on Internet.
The generic name is "Teletext", and I'm sure this is what you have seen in Poland. Almost every European PAL TV has it embedded, and most countries have this service. Each under their own brandname. Ceefax is just one of them.
Arghh, a JAVA applet... try this instead: http://teletekst.nos.nl/
Besides, it looks like CNN does some automatic processing of news texts into text pages. When I occasionally look at the service (on TV) I often notice text gets chopped off on the small pages, or is divided in two pages where the second has only one or two words.
NOS teletekst (see above) still has dedicated editors that compose well-looking pages within the limitations of the system.
This is very true.
Over here we had a comparable system, called Viditel. Equipment was either a high-end TV that supported both Teletext and Viditel, or an expensive dedicated terminal.
It looked exactly like Teletext but Viditel was transferred over a phoneline using a modem at 1200 baud download (the upload was 75 baud).
Because of these high prices, it was a complete flop.
Faxes? Do they still exist?
Fortunately many banks have now finally moved to Internet banking. Many broadband users left their modem installed "because it is required to use telebanking". When a modem is an utterly useless piece of equipment, it should be easier to persuade the user to disconnect or remove it.
So, in parallel with informing the users, it should help to recommend businesses to discontinue all modem dialin services that can be (or have been) moved to Internet.
Authors of viruses and worms start with a known vulnerability, like a buffer overflow, then spend lots of time (or maybe little time when they are very good at it) to find a piece of code that can be put in the buffer without being damaged by the possibly non-transparent transfer, and the proper stack overwrite data that causes their transferred code to be run.
That is the quality of the worm author.
I fail to see how that quality can be put to any use in a normal job. In security and testing of security it would be enough to find a potential security problem and then find and implement a solution for it.
There is no need for the security problem to be completely exploited by code that self-propagates.
Don't forget there are worse problems: some systems return AAAA records referring to IPv6 addresses that are not active.
So, when you prefer IPv6 connections over IPv4 those will fail, and you will have to fallback after the TCP connection setup timeout instead of a DNS lookup.
Doubleclick.net is a famous example. Of course you can simply filter out all doubleclick domains, they mainly serve crap anyway, but the problem exists and means that early adopters of IPv6 have a problem that disappears when they disable it.
This, in general, is not a good thing when you want to push a new technology.
You approach things from the technical side.
That is fine, but it is not the way 99% of the users see the Internet.
When you try to introduce a "new" technology to the current Internet users the way you do above, it is certainly going to fail.
Nobody is interested in how efficient their video stream is, or how secure their traffic. They want to "surf the Internet" and as long as that works in IPv4 and not in IPv6, IPv4 it will be.
You will need to talk to the people that provide the software to the user's desktop.
When they put IPv6 in an optional addon package instead of using it by default until the user selects IPv4 instead, it is never going to make any dent. Look at the situation with webbrowsers.
Tunneling is only a way to transport packets between two IPv6 endpoints over an IPv4 network.
With tunneling you still need IPv6 support at both ends of the connection.
With a gateway/proxy you don't.
I saw an example of such an MPAA letter to the ISP and it actually has a paragraph stating the MPAA will cover any costs for the ISP when the subscriber takes action against the ISP for taking the action the MPAA requires.
So what you could try is sue the ISP for taking down your site, win that case, and the MPAA will have to pay.
The letter also states that the material is infringing their copyright "to the best of their knowledge", which qualifies their knowledge as being very little indeed...
The problem: they will most likely send a letter to your ISP, and normally the ISP will cut you off or remove your site and leave it up to you to resolve the matter.
So when you just ignore them and patiently wait until they bring the matter to court, you will lose your connectivity or your site in the meantime.
Maybe when your ISP is reasonable or likes to end these questionable practices (they of course get dozens of letters like that and have to administratively process them, all for nothing) they will accept your explanation for the file content and keep them online without sending formal legal replies?
For such high resolutions, you need really good handling in the GUI.
The GUI should understand that the display has a high number of dots per inch, and thus use more dots to display an object of the same size.
This is not limited to fonts, but should also include other GUI elements.
Unfortunately, many sizes have historically been specified in "pixels". This means trouble when you get a high resolution screen, use "large fonts", and then view HTML pages...
I have to admit that I have not tried it with *this* version, but I have tried several times in the past and every time it came up with "needs update" for the language file and switchback to English. There was not even a choice to accept partial translation or somesuch, it fell back completely.
Good to hear that something has (apparently) changed.
The localization projects deserve more attention than they get. On the startpage there is a link to "other systems and languages" but one has to scroll down several releases to find another link to "localized builds and languagepacks" to get to the page with the languagepacks. And that page is not automatically updated: the Dutch language lists 1.7 as the most recent version but when going to the localization website (which as far as I understand is part of the mozilla website) the newest version is 1.7.2.
This is not meant as criticism of the localization teams. I think they are doing a very good job. But when it is decided to have a nifty webpage like the localization page instead of a plain FTP site with directory structure, I think it should be built in such a way that it is automatically uptodate (e.g. rebuilt from the filelists on the server), and so that new users can find the languagepack compatible with the version they downloaded without knowledge of the version numbering internals.
In fact, I have heard from several new Mozilla users that they have been able to find, download and install the program, but have not been able to locate the language packs and/or do not even know that translated versions are available!
Actually there is a nasty problem in Mozilla and Firefox: the language files must be of the same version as the program. And the version number of the program is updated even for security fixes.
Result: when you or your users do not use the default English-US language, you cannot update to fixed versions as they are announced, but are forced to wait until the translation volunteer finds time to update the language package.
The Dutch language for 1.7.2 was released on September 10th, 5 weeks after that security fix had been released. And just a week later, another fix appears.
This way, users of the Dutch language will never be able to run recently fixed versions.
Hopefully something will be done about this. It should be possible to run a security-fixed release with the original language pack, or at least the language packs should be automatically updated and released whenever a security related fix appears.
Fortunately Mozilla can be silent-installed quite easily.
Indeed, when using a loginscript it poses no problems.
There are many apps that are much harder to silently install.
Add four 15k-rpm 36-gbyte drives internally for data
This system is old. I think it was originally purchased in 1996. It has 4 1GB and 2 2GB disks in RAID-1... so 4GB of space.
getting an updated application from your vendor
The vendor is out of business. When we had the sources we would recompile it on Linux.
Lesson: use open-source when possible!
emulate aix on linux, that unfortunately doesn't sound likely to be reliable
Reliability is not really a concern. It just needs to work, for a single user, infrequently.
In fact the current state is: we have backups, should the system die we will have to do something like you describe and load the backups.
But it would be convenient when we could just run it on one of the many Intel servers when required, without having to go through the procedure of configuring a new system, making sure it can run our old stuff before buying, etc.
We are also considering buying one or two used 4GB drives (these are available for like $200) and transfer the data to these, considering that the drives currently seem the limiting factor for the lifetime of the existing box.
An alternative is to print as many reports as we can think of to textfiles, and save these.
Thanks for your comments.
We have an old RS-6000 server, model E30.
It is running AIX 4.1.5.
There is a vertical market application on it, that we have replaced by SAP in 1999, but the system still needs to be running because data stored in the application sometimes needs to be retrieved.
Now, the system is dying. Disks are failing (not yet fatal because of the mirroring). The maintenance contract has been stopped, as earlier it was believed that it would be redundant by now.
All our systems are now Intel-based and run Windows or Linux, we have no interest to buy new PowerPC hardware.
Is there some sulution to run this entire environment emulated under Linux?
A PowerPC emulator running on Intel, that can run AIX?
I have read about "PearPC" but it looks like it is targeted towards running Apple operating systems.
Any chance it would run AIX?