Re:Why I don't use gmail
on
Gmail vs Pine
·
· Score: 1
You can use indexing if you want: Configure -> Misc -> Enable full text indexing (this in KMail 1.9.1) and the search bar will do indexed content searches by default.
FTA: ""[Microsoft] lawyers mentioned the success of the settlement with the Department of Justice at least 15 times during their presentations today." Well, which success are they speaking about?
Why, of course it was a success. They managed to escape Judge Jackson's decision to have the company split and have it replaced by a joke. Then managed to also get rejected the objections Mass. raised to said joke. Overall, I'd say it was a huge success... for MSFT.
Heh, this quote of Jackson's from wikipedia puts it clearly enough:
Microsoft executives had "proved, time and time again, to be inaccurate, misleading, evasive, and transparently false.... Microsoft is a company with an institutional disdain for both the truth and for rules of law that lesser entities must respect. It is also a company whose senior management is not averse to offering specious testimony to support spurious defenses to claims of its wrongdoing."
Yet the DoJ rolled over and played dead. How's that for success?
Now, of course, they'd like the EU trial to be just as... erm... successful. So far, the above quote accurately describes MSFT's behavior in this case as well.
If, however, you also include factors like product quality and innovation then things look somewhat different. The Ohhhs and Ahhhs coming from the computer press every time Microsoft releases a new iteration of Windows are usually quite modest compared to the headlines you get when Apple does the same.
Which is utterly irrelevant - unless you're in the habit of judging a product by the size of its hype cloud. By your measuring stick, for instance, OpenBSD has zero quality and innovation, since there are no 'Ohhhs and Ahhhs coming from the computer press' when a new iteration is launched.
Still, if you meant Apple has blown away the computer market PR then your argument makes perfect sense.
I know these are "stupid" questions, on many levels (especially in this venue), but does MSFT even make 200-million Euros a day in sales to the EU? No.
Here's another 'no' - as in 'stupid article typo' no. The fine seems to be in fact up to €2.4M/day (see here for instance) I mean, this has been going on for quite a while now and the fine had been brought up even on/. several times. €200M/day should have looked suspicious to anyone vaguely tracking the thing.
You are not going to change the frog, the scorpion or the human. And they are all beautiful.
Up to this point I thought you were trying to say something meaningful without much success. This suggests the 'meaningful' should be discarded. Still, just in case, here's a fortune cookie for you: if you don't think about what you read, how can your answer make any sense?
For the first part: on one side, there was nothing about changing the scorpion; on another, very little, if anything, in this Universe is changeless in absolute terms - it's only that some things are very hard to change (and impossible by human standards at a given time). But I'm not going to argue that with you, as that would be lengthy and largely academic (hence pointless). Besides, you're free to believe whatever you believe as long as you don't try to shove it down my throat on faith. Which brings me to the non sequitur in the next part. They are not all beautiful. Oh, you're again free to think they are. But as they say, beauty is in the eye of the beholder - it's not an intrinsic quatity of that which is beheld. Trying to make it intrinsic 'just because' will only paint you as a fool.
As for the last part, again this wasn't about changing the scorpion (or capitalism) - it was about seeing them for what they are and acting accordingly (that is, not like the frog who knew the scorpion's nature but let itself talked into ignoring that) But it's not a requirement, just a guideline, you're still free to think what you want of it.
Just a guess, but if your PHBs are dead set on MS SQL/Win, then a F/OSS proposition will typically be a no/no. In such a case, all you can do is point to a different commercial one (and it'd better be a big enough one) since that's the language they'll understand.
Of course, in large corps this will have a lot to do with ass covering, too - MS is the 'safe bet' in such a case. Speaking of which, I wonder if the GP might have any success trying to push for DB2 and the old 'nobody got fired for buying IBM' line;-)
Re:How To Become Root on OS X
on
Sudo vs. Root
·
· Score: 4, Interesting
The root account is disabled by having the shadow password set to * - thus you can't enter a valid password for root.
Why people keep on confusing this?
Password login to the root account is disabled by having the shadow password set to * - thus you can't enter a valid password for root. Just because password logins are disabled does not mean the account is disabled — try ps -U root -u root u sometime. Besides, 'root' is just one name for uid=0, change your user's uid to 0 and bam! you're it, whatever name you have (but then if you can change your uid you're it already, this was just an academic example)
Also, if your login relies on other methods than pam_unix then the star in/etc/shadow is meaningless. So in fact it should be further qualified as password login to root relying on/etc/shadow is disabled... The point being that 'root account is disabled' is hugely misleading.
i'll be dead before using a gamer chipset for serious usage
what you don't realise is that it's not your regular NForce4 gamer's chipset. nVidia has a separate professional line, see here to which this one (nForce pro 2200) belongs.
*sigh* are you guys hopeless? The point of the original test was not to hack the machine from outside, but from inside. All the noise about Windows getting hacked 4 minutes after it was connected to the net was due to lack of firewalling and vulnerable services - turn on firewalling and the vulnerable services are no longer accessible. What does that prove? nothing - they didn't magically become secure. OSX probably has fewer vulnerable services (active or not) but that was not the point.
The point is even with proper design of user separation, local security is hard to get right. Every OS has this problem, to various degrees. And if you want a sample of what this type of problems mean, here is one: malware will not be required to ask you for a password to elevate privileges - see? all those 'this is not a virus, it asks for your password and that should set your alarm bells going' argument goes puff! in smoke. This is the same type of issue that plagued non-administrator users in Windows for a long time now. So let me put it this way:
Local privilege escalation is bad - and hard to prevent (see all the attempts done by other OSes - NX, canaries against stack smashing, grsecurity, PAX, load address randomization and so on)
Local privilege escalation to root is really bad. There are precious few places where one should have to look for things that run as root. Most of them are in the default install. And the worst that can happen is a kernel-level exploit, as that would be likely to affect OSX Server as well, which is far more likely to be used in a multiuser setup.
So, to come back - your test is utterly irrelevant for the type of people that would be interested in the original one. What you are trying to test is the security of the OpenSSH and Apache installs + your setup (yeah, and password strength - expect to be hit by automated dictionary attacks from scripts that couldn't care less about your test). If I had an XServe machine with several users having ssh access I would really want to know whether any of those users really can get root on the machine or not (if they can, XServe has no place in such enviroment). And I would be really worried. As it stands, I still have worries, but at least I know that I have a certain amount of protections in place against such problems (this not being OSX though - no OS names since I'm not interested in 'my OS is more secure than your OS' flames) But this is a real security concern and yet you turn around and say 'but these other things are secure.' Yeah, the article could have sounded misleading for anyone not willing to check the site and see the conditions (but few people would do that anyway) but how are you any better? All this is countering journalistic sensationalism with more of the same, since your box is neither set up as a home user's nor your setting is pertinent to the original multiuser problem.
To toss in my 2c of an analogy - the original test was to check whether a bank's employees (with access to the bank building) can empty the main safe to which they do not have the combination[*] while yours is to check whether a customer can; all this on a Sunday when the bank is closed.
And now mods feel free to mod me down - although a more rational answer would be welcome.
[*] to all those saying 'by dfault root is not even enabled in OSX': bah! 'enabled' pertains to login and privilege escalation couldn't care less about login restrictions; the account is still there. And in fact, the thing that 'get root' means is 'get uid=0 access'
yeah, I know. what is somehow frustrating is the 'OSX is more secure than Windows' hype - the blanket statements, like 'switch and all your security problems will go away.' Or see all the 'hack mine then' posts here, for instance - as if a properly firewalled machine running apache+php would be magically hackable for certain OS-es and not so for others (given working root exploits for all and the same php vulnerability everywhere)
In fact, I'd say go even further - set the lab machines to PXE boot every time and reload a minimal setup for the OS, then have all the relevant apps run from a network mounted partition. Perhaps with scheduled reboots so that your machines don't remain in a botnet if they happen to have joined one.
Yes and no. If your admin locks the machines down tight, then it's quite possible that the Mac servers are more secure than the Windows servers.
But this is not necessarily a server issue. Typical scenario, oft played out in the Windows world:
find local root exploit
find vulnerability in a client application or library that allow local code execution
create payload for said application vulnerability that will use the root exploit to elevate privilegesa and take control/propagate
launch countdown
Surely you've been around long enough to realize that a local root exploit is a bad thing no matter how you put it.
Besides, by default a server should not run services with root privileges anyway unless really needed (such as sshd) and then they should be especially audited for security and should drop root like a hot potato once it's no longer needed. So the only ways to gain root would be:
a hole in such service needing root
a hole in one of the suid binaries - or inapropriate suid permissions here [*duh* perl-suid]
a kernel-level exploit
Anything else that is exploitable should not give you root - i.e. a PHP exploit should drop you to the apache user's level and so on.
On the other hand, if you have a graphical server that runs as root, the bets are mostly off.
The problem wasn't even that he had SSH running. It was that he was giving out accounts! I don't know what this guy was trying to prove, but his blind faith in Apple got him burned.
Well, I do have shell access to the macs in my University's computer labs. Are you telling me that they're no better than Windows when it comes to privilege separation and preventing a low-privilege user account from taking control over the system? Seeing how many Macs are in multiuser University labs, this might strain the RDF a bit if exploits start circulating.
All these companies backing OpenDocument all have compaitble business models that are diametrically opposed to microsoft's. i.e. They're all predominently hardware vendors, and see software as just a feature of the hardware. (ie Flat earth thinking)
I'm sorry, but what kind of crack are you smoking? "Hardware vendors"? Oracle, Novell, RedHat, Opera, Corel, 2 Massachussets Councils, IIT, Technical University of Denmark? (and so on) I know, many on the list are small fish and not really with much sway - but please point me to whatever hardware products the first 5 I listed do sell. And as to IBM and Sun - I don't see StarOffice restricted to running on Sun Solaris machines, nor Workplace to Power workstations. Would you explain how exactly is this going to promote their hardware sales, if you care to back up your statements instead of simply trolling?
I have yet to see any argument that makes sense on moving from MS Office to OpenDocument other than from some childish good vs evil anti-microsoft crap
How about a format with guaranteed backward-compatibility, that does not force software upgrades on you since it is not tied to a single software solution, with no submarine patents attached, no single vendor control (this part you seem to be missing as well)... I could go on, but a simple google would have shown all the comparisons you needed were you actually interested in the answer instead of raising a rhetorical question. btw, here's a small list of technical differences: Comparison of OpenDocument with Microsoft XML formats. And a list of licensing issues for MS XML formats. Enjoy.
What I'm saying is that we need to stop making such a huge freaking deal out of it when theres a new item, and that they can do whatever the crap they want to.
yes, but why? You don't do random stupid stupid things just because you can when you're a big corporation. Downtime is bad, unless it has reason to be good. The reason is hype - you don't bring a site down even for hardware maintenance - you switch to the redundant servers and keep going. Things that do bring a site down should be really big - or are regarded as such by the vendor. It's a subtle psychological hook and, as you can see empyrically, it works. Couple that with a huge pic of the boombox's speakers on the main page when things are back and you've got a marketing strategy going full steam.
sure, they closed down the apple store during the "unveiling," but that's just something that they have to do to prepare for the new items.
Do you really believe Apple has to close down the store every time they add a new item? When no other e-commerce site does? Here's a clue: it's part of the 'unveiling' procedure - it makes you notice it and gives the illusion of 'THE really important thing that caused us to bring it all offline and prepare for the barbarian^Hcustomer invasion.' Try this for comparison: Amazon had to temporarily shut down its site to add a new iPod pouch to its inventory.
so prehaps it was a really old computer - you know, like 'from a time when casual users never heard of Linux or *BSD and Macs were freakishly expensive for my modest needs' and the owner never bothered/had the skills to update to a decent OS? There are too many such users with old machines around simply because they work well enough at browsing/mail/ocasional Office97 use.
More water means more water vapor, which means less heating from the sun. The Earth's environment is a buffer, where one effect is often offset by a resulting opposite effect.
Wow, this is so misguided it's sad.
More water means more water vapor [...] Ummm... no. Typical example of common sense gone wrong. Provided that there's enough liquid to ensure phase equilibrium (which there is in this case already, since we do have oceans) the vapour concentration depends on pressure, temperature and chemical potential (take it as the amount of work for a molecule to be transfered from a phase to the other) Now the last one depends on a few other factors, like the total contact surface (a 1m change in sealevel is going to yield a very minor change in the ocean surface; but losing the ice sheet that covers the Arctic Ocean would be quite a bit more important) and surface salinity (which, again, will change very little) Think for instance of water in a tall cylindrical glass - the evaporation rate on the water surface will not depend on whether the glass is full or 3/4 empty, all other things being equal. On the other hand, lack of ice at poles will mean less reflected solar radiation, hence a temperature increase and thus more vapour - but for a different reason. btw, you've been lectured already that water vapour is a big player in the greenhouse effect game.
which means less heating from the sun ok, let's assume you meant less heat absorbed from the Sun. That only works for clouds - regular vapour is not particularly reflective (quite the contrary) What makes clouds better is ice bits and small water droplets that can play total internal reflection tricks. The problem with clouds is that they work both ways - meaning they interfere with the Earth radiating heat away as well. And the water vapour below the cloud cover would trap heat happily - see Venus for an example of greenhouse effect running wild in spite of the thick cloud cover. (well, it's not that simple - but blindly saying 'clouds are good' is misguided)
The Earth's environment is a buffer[...] Sure, everything in Nature works through balancing effects. You might want to wonder though about where exactly the equilibrium point is and how is the system fluctuating about it. It's the same idea as saying 'hey, the changes in the average temperature of the atmosphere are minuscule, why should we worry?' while disregarding the fact that the extreme points of the fluctuations are growing apart and the transitions are more brutal, with interesting effects like massive draughts, floods, increased strength and frequency of storms and so on. So yeah, the planet can take it - it survived for several billion years by now; the ones living on it, however, are more delicate.
Still, this is misrepresented anyway. What if all the ice melts and the ocean level does rise by a meter? no big deal, eh? a few places going underwater... I'm gonna buy meself a yacht and organize diving trips, it'll be a rage. Well, wrong idea. Perhaps you don't realize it, but there are HUGE pieces of Earth's environment that currently depend on cold poles. Take that away and there will be some...ummm... interesting changes going on. Heck, even the melting process that dumps increased amounts of cold water in the system is already producing changes.
what about CNN then? (sorry, the direct link was probably moved, this is the Google cache link) it has numbers for Q4 on Sony - and in no way the gaming division is supporting things like Sony-Ericsson, Sony BMG, Sony Pictures Entertainment and so on. Heck, even Sony's LCD business looks to be booming.
So yeah, while they've been hit by bad PR lately, Sony is far from living off PS2.
And how long until you can buy HD H.264 videos from iTMS? I think this is the biggest threat to Sony.
You're forgetting that in order to get a distribution license Apple will really have to guarantee a 'trusted path, NO hacks' for the movie decoding chain - which still requires HDCP which no current hardware supports. And guess who will have to be comfortable with such an online retail model? well, Sony Pictures Entertainment among few others (go check the holdings list in that link and see how many mainstream movies Apple will have to choose from if SPE won't play ball)
And I'm not entirely sure the current net infrastructure will allow h.264 full-length movie downloads in a convenient enough manner that the buissness model will work. See the interesting new ideas the telcos currently have about taxing the sites for 'guaranteed speed' - how much time would you wait for your movie to come down the pipe anyway? Not to mention the server-side part - whoever will be selling this will have to use a p2p model, as the server-side infrastructure and bandwidth use would be positively massive otherwise.
All of the sudden Apple has bypassed Microsoft and Sony into the living room. It supports optical out, and HDMI[...]
Not for copy-protected HD movies, it does not. For that, HDMI requires HDCP (aka High-bandwidth Digital Content Protection) which is not implemented by any video card currently available. Nevermind the fact that the Mini comes with a DVD only - so no Hi-Def disks for you anyway. But yeah, you can use a HDTV as a glorified monitor, but that's a rather expensive one (why go with the Mini then?)
Remember the whole white elephant issue of video cards with GPUs that can do hardware HD processing, but won't do HDMI because there's no encryption chip on them? 'Trusted path' rings any bells? The Mini is no different. Expect a new launch once Apple decides which of BluRay and HD-DVD is more hip.
MS missed the boat on that one with the XBox 360 as well - ironically enough, only Sony will have something like a true HD-ready box to hook up to that HDTV if PS3 lives up to this minor claim. Not that it makes me particularly happy, either, but that's the line-up so far.
Re:Do we have evidence that Intel coerced...
on
AMD Subpoenas Skype
·
· Score: 1
hmm... apparently this was a product anouncement - so various attendees might have understood it differently. See for instance here a claim that
Intel Corp yesterday announced that its Core Duo and Pentium D processors had been designed so that users of the latest version of Skype's 2.0 VoIP application can have as many as 10 users on a conference call.
All I could find on Intel's site with some simplistic googling (it's rather late now) was this page where they claim that 10-way Skype conferences take advantage of... get ready for it... "Intel's revolutionary new dual-core technology." No kidding. Seeing that AMD's dual cores thrash Pentium D dual cores pretty much across the board, this does not exactly fly. On the other hand, there's this study commissioned by Intel that shows how a dual core Pentium D 840 is better at VoIP than an old 2GH Pentium 4 whilw multitasking (I must say, I'm shocked!) and this article (pdf) explaining Intel's VoIP approach - which, strangely enough, talks about chipset/lan/wireless/Bluetooth drivers with VoIP optimizations.
Indeed, it looks like Skype is working with Intel on some VoIP tech and is using Intel's CPUs to showcase it. I guess we might get more detail if this subpoena goes through.
Re:Do we have evidence that Intel coerced...
on
AMD Subpoenas Skype
·
· Score: 1
see here (yeah, I know, news.com.com.com.com sucks, but still, it's a source):
But there are no specific instructions in Intel's current Pentium D or Core Duo chips that enhance the performance of VoIP applications, an Intel representative said. Skype is using an operation called "Get CPU ID" to identify the type of processor running on the PC. The Skype software has been preset to only accept Intel's chips as having the performance necessary to host conference calls of more than five people, the representative said.
All the benchmarks around the net call bullshit on the last part. How is a CoreDuo machine better than, say, a 2x265 (4 cores) Opteron one? I mean, CoreDuo is a decent CPU and all, but saying AMD's CPUs can't match Pentium D is total bullshit. Note that it's not a "check config, compare with a standard scale, enable if above threshold" - no, it's "check CPUID, enable if recent Intel only"
Anyway, 10-way conferences with audio only would not be CPU-bound and full audio-video will be constrained more often than not by the available bandwidth before they choke the CPU.
Slashdot Mirror
You can use indexing if you want: Configure -> Misc -> Enable full text indexing (this in KMail 1.9.1) and the search bar will do indexed content searches by default.
Well, which success are they speaking about?
Why, of course it was a success. They managed to escape Judge Jackson's decision to have the company split and have it replaced by a joke. Then managed to also get rejected the objections Mass. raised to said joke. Overall, I'd say it was a huge success
Heh, this quote of Jackson's from wikipedia puts it clearly enough:Yet the DoJ rolled over and played dead. How's that for success?
Now, of course, they'd like the EU trial to be just as
If, however, you also include factors like product quality and innovation then things look somewhat different. The Ohhhs and Ahhhs coming from the computer press every time Microsoft releases a new iteration of Windows are usually quite modest compared to the headlines you get when Apple does the same.
Which is utterly irrelevant - unless you're in the habit of judging a product by the size of its hype cloud. By your measuring stick, for instance, OpenBSD has zero quality and innovation, since there are no 'Ohhhs and Ahhhs coming from the computer press' when a new iteration is launched.
Still, if you meant Apple has blown away the computer market PR then your argument makes perfect sense.
I know these are "stupid" questions, on many levels (especially in this venue), but does MSFT even make 200-million Euros a day in sales to the EU? No.
/. several times. €200M/day should have looked suspicious to anyone vaguely tracking the thing.
Here's another 'no' - as in 'stupid article typo' no. The fine seems to be in fact up to €2.4M/day (see here for instance) I mean, this has been going on for quite a while now and the fine had been brought up even on
thrown, n
[S. Ballmer] metaphor for a chair ('get the thrown back here')
You are not going to change the frog, the scorpion or the human. And they are all beautiful.
Up to this point I thought you were trying to say something meaningful without much success. This suggests the 'meaningful' should be discarded. Still, just in case, here's a fortune cookie for you: if you don't think about what you read, how can your answer make any sense?
For the first part: on one side, there was nothing about changing the scorpion; on another, very little, if anything, in this Universe is changeless in absolute terms - it's only that some things are very hard to change (and impossible by human standards at a given time). But I'm not going to argue that with you, as that would be lengthy and largely academic (hence pointless). Besides, you're free to believe whatever you believe as long as you don't try to shove it down my throat on faith. Which brings me to the non sequitur in the next part. They are not all beautiful. Oh, you're again free to think they are. But as they say, beauty is in the eye of the beholder - it's not an intrinsic quatity of that which is beheld. Trying to make it intrinsic 'just because' will only paint you as a fool.
As for the last part, again this wasn't about changing the scorpion (or capitalism) - it was about seeing them for what they are and acting accordingly (that is, not like the frog who knew the scorpion's nature but let itself talked into ignoring that) But it's not a requirement, just a guideline, you're still free to think what you want of it.
Just a guess, but if your PHBs are dead set on MS SQL/Win, then a F/OSS proposition will typically be a no/no. In such a case, all you can do is point to a different commercial one (and it'd better be a big enough one) since that's the language they'll understand.
;-)
Of course, in large corps this will have a lot to do with ass covering, too - MS is the 'safe bet' in such a case. Speaking of which, I wonder if the GP might have any success trying to push for DB2 and the old 'nobody got fired for buying IBM' line
The root account is disabled by having the shadow password set to * - thus you can't enter a valid password for root.
/etc/shadow is meaningless. So in fact it should be further qualified as password login to root relying on /etc/shadow is disabled... The point being that 'root account is disabled' is hugely misleading.
Why people keep on confusing this?
Password login to the root account is disabled by having the shadow password set to * - thus you can't enter a valid password for root. Just because password logins are disabled does not mean the account is disabled — try ps -U root -u root u sometime. Besides, 'root' is just one name for uid=0, change your user's uid to 0 and bam! you're it, whatever name you have (but then if you can change your uid you're it already, this was just an academic example)
Also, if your login relies on other methods than pam_unix then the star in
i'll be dead before using a gamer chipset for serious usage
what you don't realise is that it's not your regular NForce4 gamer's chipset. nVidia has a separate professional line, see here to which this one (nForce pro 2200) belongs.
I will attribute him to blind luck on the part of the researcher.
Indeed, I always thought Brain to be the price paid for creating Pinky.
The point is even with proper design of user separation, local security is hard to get right. Every OS has this problem, to various degrees. And if you want a sample of what this type of problems mean, here is one: malware will not be required to ask you for a password to elevate privileges - see? all those 'this is not a virus, it asks for your password and that should set your alarm bells going' argument goes puff! in smoke. This is the same type of issue that plagued non-administrator users in Windows for a long time now. So let me put it this way:
So, to come back - your test is utterly irrelevant for the type of people that would be interested in the original one. What you are trying to test is the security of the OpenSSH and Apache installs + your setup (yeah, and password strength - expect to be hit by automated dictionary attacks from scripts that couldn't care less about your test). If I had an XServe machine with several users having ssh access I would really want to know whether any of those users really can get root on the machine or not (if they can, XServe has no place in such enviroment). And I would be really worried. As it stands, I still have worries, but at least I know that I have a certain amount of protections in place against such problems (this not being OSX though - no OS names since I'm not interested in 'my OS is more secure than your OS' flames) But this is a real security concern and yet you turn around and say 'but these other things are secure.' Yeah, the article could have sounded misleading for anyone not willing to check the site and see the conditions (but few people would do that anyway) but how are you any better? All this is countering journalistic sensationalism with more of the same, since your box is neither set up as a home user's nor your setting is pertinent to the original multiuser problem.
To toss in my 2c of an analogy - the original test was to check whether a bank's employees (with access to the bank building) can empty the main safe to which they do not have the combination[*] while yours is to check whether a customer can; all this on a Sunday when the bank is closed.
And now mods feel free to mod me down - although a more rational answer would be welcome.
[*] to all those saying 'by dfault root is not even enabled in OSX': bah! 'enabled' pertains to login and privilege escalation couldn't care less about login restrictions; the account is still there. And in fact, the thing that 'get root' means is 'get uid=0 access'
yeah, I know. what is somehow frustrating is the 'OSX is more secure than Windows' hype - the blanket statements, like 'switch and all your security problems will go away.' Or see all the 'hack mine then' posts here, for instance - as if a properly firewalled machine running apache+php would be magically hackable for certain OS-es and not so for others (given working root exploits for all and the same php vulnerability everywhere)
In fact, I'd say go even further - set the lab machines to PXE boot every time and reload a minimal setup for the OS, then have all the relevant apps run from a network mounted partition. Perhaps with scheduled reboots so that your machines don't remain in a botnet if they happen to have joined one.
But this is not necessarily a server issue. Typical scenario, oft played out in the Windows world:
- find local root exploit
- find vulnerability in a client application or library that allow local code execution
- create payload for said application vulnerability that will use the root exploit to elevate privilegesa and take control/propagate
- launch countdown
Surely you've been around long enough to realize that a local root exploit is a bad thing no matter how you put it.Besides, by default a server should not run services with root privileges anyway unless really needed (such as sshd) and then they should be especially audited for security and should drop root like a hot potato once it's no longer needed. So the only ways to gain root would be:
- a hole in such service needing root
- a hole in one of the suid binaries - or inapropriate suid permissions here [*duh* perl-suid]
- a kernel-level exploit
Anything else that is exploitable should not give you root - i.e. a PHP exploit should drop you to the apache user's level and so on.On the other hand, if you have a graphical server that runs as root, the bets are mostly off.
The problem wasn't even that he had SSH running. It was that he was giving out accounts! I don't know what this guy was trying to prove, but his blind faith in Apple got him burned.
Well, I do have shell access to the macs in my University's computer labs. Are you telling me that they're no better than Windows when it comes to privilege separation and preventing a low-privilege user account from taking control over the system? Seeing how many Macs are in multiuser University labs, this might strain the RDF a bit if exploits start circulating.
All these companies backing OpenDocument all have compaitble business models that are diametrically opposed to microsoft's. i.e. They're all predominently hardware vendors, and see software as just a feature of the hardware. (ie Flat earth thinking)
... I could go on, but a simple google would have shown all the comparisons you needed were you actually interested in the answer instead of raising a rhetorical question. btw, here's a small list of technical differences: Comparison of OpenDocument with Microsoft XML formats. And a list of licensing issues for MS XML formats. Enjoy.
I'm sorry, but what kind of crack are you smoking? "Hardware vendors"? Oracle, Novell, RedHat, Opera, Corel, 2 Massachussets Councils, IIT, Technical University of Denmark? (and so on) I know, many on the list are small fish and not really with much sway - but please point me to whatever hardware products the first 5 I listed do sell. And as to IBM and Sun - I don't see StarOffice restricted to running on Sun Solaris machines, nor Workplace to Power workstations. Would you explain how exactly is this going to promote their hardware sales, if you care to back up your statements instead of simply trolling?
I have yet to see any argument that makes sense on moving from MS Office to OpenDocument other than from some childish good vs evil anti-microsoft crap
How about a format with guaranteed backward-compatibility, that does not force software upgrades on you since it is not tied to a single software solution, with no submarine patents attached, no single vendor control (this part you seem to be missing as well)
yes, but why? You don't do random stupid stupid things just because you can when you're a big corporation. Downtime is bad, unless it has reason to be good. The reason is hype - you don't bring a site down even for hardware maintenance - you switch to the redundant servers and keep going. Things that do bring a site down should be really big - or are regarded as such by the vendor. It's a subtle psychological hook and, as you can see empyrically, it works. Couple that with a huge pic of the boombox's speakers on the main page when things are back and you've got a marketing strategy going full steam.
sure, they closed down the apple store during the "unveiling," but that's just something that they have to do to prepare for the new items.
Do you really believe Apple has to close down the store every time they add a new item? When no other e-commerce site does? Here's a clue: it's part of the 'unveiling' procedure - it makes you notice it and gives the illusion of 'THE really important thing that caused us to bring it all offline and prepare for the barbarian^Hcustomer invasion.' Try this for comparison: Amazon had to temporarily shut down its site to add a new iPod pouch to its inventory.
More water means more water vapor, which means less heating from the sun. The Earth's environment is a buffer, where one effect is often offset by a resulting opposite effect.
... no. Typical example of common sense gone wrong. Provided that there's enough liquid to ensure phase equilibrium (which there is in this case already, since we do have oceans) the vapour concentration depends on pressure, temperature and chemical potential (take it as the amount of work for a molecule to be transfered from a phase to the other) Now the last one depends on a few other factors, like the total contact surface (a 1m change in sealevel is going to yield a very minor change in the ocean surface; but losing the ice sheet that covers the Arctic Ocean would be quite a bit more important) and surface salinity (which, again, will change very little) Think for instance of water in a tall cylindrical glass - the evaporation rate on the water surface will not depend on whether the glass is full or 3/4 empty, all other things being equal. On the other hand, lack of ice at poles will mean less reflected solar radiation, hence a temperature increase and thus more vapour - but for a different reason. btw, you've been lectured already that water vapour is a big player in the greenhouse effect game.
... I'm gonna buy meself a yacht and organize diving trips, it'll be a rage. Well, wrong idea. Perhaps you don't realize it, but there are HUGE pieces of Earth's environment that currently depend on cold poles. Take that away and there will be some ...ummm ... interesting changes going on. Heck, even the melting process that dumps increased amounts of cold water in the system is already producing changes.
Wow, this is so misguided it's sad.
More water means more water vapor [...] Ummm
which means less heating from the sun ok, let's assume you meant less heat absorbed from the Sun. That only works for clouds - regular vapour is not particularly reflective (quite the contrary) What makes clouds better is ice bits and small water droplets that can play total internal reflection tricks. The problem with clouds is that they work both ways - meaning they interfere with the Earth radiating heat away as well. And the water vapour below the cloud cover would trap heat happily - see Venus for an example of greenhouse effect running wild in spite of the thick cloud cover. (well, it's not that simple - but blindly saying 'clouds are good' is misguided)
The Earth's environment is a buffer[...] Sure, everything in Nature works through balancing effects. You might want to wonder though about where exactly the equilibrium point is and how is the system fluctuating about it. It's the same idea as saying 'hey, the changes in the average temperature of the atmosphere are minuscule, why should we worry?' while disregarding the fact that the extreme points of the fluctuations are growing apart and the transitions are more brutal, with interesting effects like massive draughts, floods, increased strength and frequency of storms and so on. So yeah, the planet can take it - it survived for several billion years by now; the ones living on it, however, are more delicate.
Still, this is misrepresented anyway. What if all the ice melts and the ocean level does rise by a meter? no big deal, eh? a few places going underwater
Hah! you can pry my bottle of Bass from my cold dead fingers. Uh, make that dead-drunk.
*double take*
*triple take*
ya reckon Bass might have somethin' to do with why RIAA is acting like an intoxicated bully lately?
what about CNN then? (sorry, the direct link was probably moved, this is the Google cache link) it has numbers for Q4 on Sony - and in no way the gaming division is supporting things like Sony-Ericsson, Sony BMG, Sony Pictures Entertainment and so on. Heck, even Sony's LCD business looks to be booming.
So yeah, while they've been hit by bad PR lately, Sony is far from living off PS2.
And how long until you can buy HD H.264 videos from iTMS? I think this is the biggest threat to Sony.
You're forgetting that in order to get a distribution license Apple will really have to guarantee a 'trusted path, NO hacks' for the movie decoding chain - which still requires HDCP which no current hardware supports. And guess who will have to be comfortable with such an online retail model? well, Sony Pictures Entertainment among few others (go check the holdings list in that link and see how many mainstream movies Apple will have to choose from if SPE won't play ball)
And I'm not entirely sure the current net infrastructure will allow h.264 full-length movie downloads in a convenient enough manner that the buissness model will work. See the interesting new ideas the telcos currently have about taxing the sites for 'guaranteed speed' - how much time would you wait for your movie to come down the pipe anyway? Not to mention the server-side part - whoever will be selling this will have to use a p2p model, as the server-side infrastructure and bandwidth use would be positively massive otherwise.
All of the sudden Apple has bypassed Microsoft and Sony into the living room. It supports optical out, and HDMI[...]
Not for copy-protected HD movies, it does not. For that, HDMI requires HDCP (aka High-bandwidth Digital Content Protection) which is not implemented by any video card currently available. Nevermind the fact that the Mini comes with a DVD only - so no Hi-Def disks for you anyway. But yeah, you can use a HDTV as a glorified monitor, but that's a rather expensive one (why go with the Mini then?)
Remember the whole white elephant issue of video cards with GPUs that can do hardware HD processing, but won't do HDMI because there's no encryption chip on them? 'Trusted path' rings any bells? The Mini is no different. Expect a new launch once Apple decides which of BluRay and HD-DVD is more hip.
MS missed the boat on that one with the XBox 360 as well - ironically enough, only Sony will have something like a true HD-ready box to hook up to that HDTV if PS3 lives up to this minor claim. Not that it makes me particularly happy, either, but that's the line-up so far.
All I could find on Intel's site with some simplistic googling (it's rather late now) was this page where they claim that 10-way Skype conferences take advantage of
Indeed, it looks like Skype is working with Intel on some VoIP tech and is using Intel's CPUs to showcase it. I guess we might get more detail if this subpoena goes through.
All the benchmarks around the net call bullshit on the last part. How is a CoreDuo machine better than, say, a 2x265 (4 cores) Opteron one? I mean, CoreDuo is a decent CPU and all, but saying AMD's CPUs can't match Pentium D is total bullshit. Note that it's not a "check config, compare with a standard scale, enable if above threshold" - no, it's "check CPUID, enable if recent Intel only"
Anyway, 10-way conferences with audio only would not be CPU-bound and full audio-video will be constrained more often than not by the available bandwidth before they choke the CPU.