I was going to post a similar observation -- up until a week ago, every person laid off (around 10% of the department) in my office was a white male. These were "downsizing" layoffs, not for cause, but somehow only guys with european last names got the boot.
poot_rootbeer writes:
If your middle managers don't realize that a minority employee is underperforming, they wouldn't notice when a lily-white employee was underperforming either. Bad management transcends skin color.
He said management doesn't react, not that management doesn't notice.
The manager thinks to himself "Rick Przyanolowski isn't holding up his share of the workload, and hasn't shaped up since his last bad review, so out he goes". After all, if Rick doesn't like getting the boot, it's not like he can sue or anything...
Check out how universities recruit and promote tenure track professors. You can be the most qualified and experienced chemist in the world, but no matter how many doctorates you have, if you are a white male good luck finding a position as an Associate Professor anywhere in the USA. Usually the second paragraph of every posting will read "Minorities and women are encouraged to apply.".
sdedeo replied:
I am a postdoc in physics, and know a great deal about minorities in science. I know perhaps a hundred or more professors; only one of them is black. You are now officially making up facts.
And how recently were those tenured professors hired?
Sure, older tenured professors are white males and will keep their job until they retire. But when the university goes to replace or add professors, then the discrimination kicks in.
When I was in college, I had a friend who was an assistant professor of chemistry, experienced and well-liked. A professorship opened up, and he applied, but was never offered the position. Instead, the university kept the position open for nearly two years, interviewing several dozen applicants, none of whom were white males. My friend, like many recently graduated chemistry doctorates, never did find a position teaching chemistry.
This is a common situation in American universities -- the old-school tenured professors are all aging white males, so when a position opens up, the school feels that they must fill the job with a minority or female.
If you hired only people you knew in a personal manner, you would automatically be guilty of promoting and continuing racism in workplace hiring.
Cronyism is not automatically racist.
sdedeo quoted me out of context as saying:
There was a guy who I worked with who was fired, when I talked to him later he ranted on and on about the only reason he lost his job was because he was of mixed race, because his grandmother was Haitian.
and then sdedoe added:
It is strange to use the firing of a mixed race worker as evidence that racism does not exist.
Except nobody at the office had any idea he was anything but Swedish.
At best it is strange to quote me out of context to imply that I was saying racism does not exist. My statement was in the context that, somebody who thinks of all their experiences in terms of race, may see everything as being racist.
I am not saying that -- on rare occasion -- a qualified white applicant loses to a qualified minority applicant.
I am saying that, on many occasions, employers specifically set out to hire a minority, refusing to consider any white applicants at all.
When I was looking for jobs in the early 1990's, I saw a number of posted positions which explicitly stated that only minority applicants would be considered; no white males need apply.
Looking for discrimination against white men?
Check out how universities recruit and promote tenure track professors. You can be the most qualified and experienced chemist in the world, but no matter how many doctorates you have, if you are a white male good luck finding a position as an Associate Professor anywhere in the USA. Usually the second paragraph of every posting will read "Minorities and women are encouraged to apply.".
Meanwhile, I'm sure you would not recognize the hiring of a white applicant over a black one as racism, even when it was. You would explain it as the white guy having connections, being a friend of the boss, having an in with the interviewer because they grew up in the same town or went to the same college. You are incorrect to do so.
When I ran my own business, I hired people I could trust -- friends of the boss, people I went to college with, people with connections -- of whatever color or gender.
So tell me again why I am incorrect to explain my own actions?
Yeah, I know it's tense to talk about race, but the next time you're with a black friend having a beer, ask him what he thinks about the level of racism in American society, and the level he personally experiences as a white collar worker.
And some people see racism where there isn't any.
There was a guy who I worked with who was fired, when I talked to him later he ranted on and on about the only reason he lost his job was because he was of mixed race, because his grandmother was Haitian.
The truth was everybody from the CEO on down thought this dude was a full-blooded Swede, the company fired him because he came to work stoned (when he bothered showing up at all).
If you thought Tor was slow now, just wait until the slashdotters start playing around with this!
Good point.
Kaos' next project can be a non-interactive bootable live CD which joins a machine to the Tor network, all the while displaying a clone of the default Windows XP screensaver
Maybe comparing hashes of the binaries to the offical OpenBSD versions would be a good start, but there are various reasons why this will only get you half way to validating that the build is kosher
Care to elaborate?
There's actually been more than a little effort in the OpenBSD project to move from MD5 and SHA1 to RMD160, along with tweaks to ensure that two binaries built on two fundamentally identical systems from identical source trees at different times of the day are bit-for-bit identical, e.g. removing timestamps embedded in the compiled binary, etc.
OTOH, since it's a live CD and doesn't touch the hard drive, even if there are backdoors, you are still effectively anonymous.
Taking it to Starbucks, (at least where I live) means using Wifi. It really isn't possible they've implemented usable Wifi support in their LiveCD is it? Usually getting wireless to work on linux means finding windows drivers, utilizing NDISWrapper, etc.
Being OpenBSD, this is a beastie of a different color, and yes they have implemented usable WiFi support in their LiveCD.
For chipsets supported by OpenBSD, associating and obtaining a DHCP address is easily scripted. Not every variant of every laptop vendors embedded WiFi will be detected. OTOH, supported 802.11BG dongles are cheap and plentiful.
Is this something that is reliant entirely on the manufacturers providing drivers or is there some other solution? I>
An interesting thing about how OpenBSD approached WiFi... the project put massive effort about a year ago into writing BSD-licensed drivers for the cards which manufacturers would provide specs, and generally will not ship with mfgr-supplied binary drivers.
Since all the WiFi code is BSD licensed, Linux can borrow at will.
but the less techy people such as the Grandmother mentioned in the posting are not going to be able to sort their way through ndiswrapper and iwconfig, much less figure out newer encryption methods.
Not a requirement to get up and running at Starbucks (all the more reason to have applicaton-side strong crypto).
Recently (apart from the PE1850 snafu where you cannot physically insert proper network cabling) they've cleaned up their act considerably - no more hacking to get things working properly under RHEL or OpenBSD.
So that explains why the 1850's I ordered this fall each came with a handful of four-inch-long RJ45 extensions.
Dell still does a few things imperfectly, like how the rails from the 2650 series don't quite fit a 2850, and the new RapidRails for the 2850 no longer fit in my older generic cabinets, because they reduced the range of depth adjustment...
Recently I ordered a whole media box for a customer worth around $2000 from tigerdirect and I needed it fast fast fast. It came on time, but my heart attack came when I checked my bank. They charged twice, docking my account almost $4000 (they were nice enough not to include shippping in one). After going through many zombies I finally got a rep that could tell me what the hell was going on. Apparently it is a hefty sum and they decided to 'freeze' the sum of my purchase and then proceeded to charge for the same sum + shipping. I had to mess with this for a week before I could pay my damn bills.
Moral of the story: This is the reason you have an American Express card.
Or failing that, some form of revolving credit line charge card.
I second the recommendation of Dell, their support and parts replacement (for large corporate customers) is superb.
In the past I've had misgivings about using Dell hardware, partly because of their habit of changing the chipset in a product line and keeping the model number exactly the same. We also used to (18 months or so back) have trouble with shipments getting delayed in order approval or at Fedex.
They've gotten out of this habit, and even moved to slightly more open-source-friendly chipsets for servers -- Intel instead of Broadcom, AMI instead of Adaptec, etc. And in my experience over the past six months or so, Dell has significantly cleaned up their order processing and shipping, no more mystery delays.
For a personal desktop for a techie or hardcore gamer, Dell may not be the best choice, but for a corporate purchase, buying from Dell has it's advantages.
Therefore, any anti-Semitic comments are illegal.
Of course, I may be mistaken about this.
IANAL
Yes, you are mistaken.
Last time I looked only certain hate speech is actually prosecuted. You can march down the street with a swastika banner shouting "Kill the Jews!" all day long and nobody will stop you. On the other hand, "Kill all the Fags!" will likely get you arrested.
Fortunately, most of the time the police have a lot better things to do than enforce hate-speech laws. Maybe that does fall onto the school then - if you aren't educated what hate speech is, who's fault is it?
Keeping in mind that there are no Federal or State "hate speech" laws, just "hate crime" laws which apply to actions beyond general rhetoric against a class of individuals.
Many colleges and schools have their own "hate speech code", but these do not have the force of law.
Please, please tell me PassGo is not using the same broken ANSI x9.9 authentication as the old Axent Defender products (e.g. SNK-004).
The Defender Hand-Held Token looks exactly like the old (physically unreliable) Axent Defender tokens, which used the (withdrawn in 1999) x9.9 Asynchronous authentication algorithm which was later proven to be extremely weak crytographically.
Many existing token products, including Vasco, Safeword, and ActivCard include support for x9.9 for backwards compatibility, as do a number of software applications.
It's a long time since there was anything in bsd.slashdot.org. Strange that they would not accept any reasonable article.
I have to wonder, who is doing all of this rejecting?
Long ago, I ran a moderated mailing list. Members were concerned about the potential for moderator abuse, so we implemented a system where if any one moderator approved a post, it would be published, but a submission would only be rejected if every single moderator chose to reject it.
We ended up getting buried in duplicate posts and junk approved by lazy moderators who just chose "accept" for every single submission...
I saw Serenity the week it had come out, and if SciFi hadn't just a few weeks back shown the first two episodes of the series again, I don't think I would have understood what happened in the movie.
The movie depends quite a bit on the overall backstory from the one season of the television show. If you haven't seen the show, it doesn't make a heck of a lot of sense.
Luckily "Firefly - The Complete Series" is available on DVD.
Take advice number one: "don't work in a cubicle". You'll be looking a long time for a job that comes with its own office. Most corporations, especially, make sure that offices only go to managers above a certain rank. That's just how it is.
I'd suggest that this would better be be prhased as "Dont work in a cubicle farm".
Grouping a team of 3-6 cow-orkers who have shared job responsibilities together in a open plan group of cubicles can enhance productivity.
Building a huge cattle pen to house 10-30 employees with mostly unrelated duties, especially if any of them have jobs that require a lot of time on the phone, is counter-productive.
All it takes is one loud-voiced joker with an exaggerated sense of his own funniness to crash the productivity of everybody else.
eericson wrote
To quote directly from the handler:
Speculating: The fact that CNN, ABC and the NYTimes got it may be as simple as reporters from these organizations visiting the same event and connecting to an infected network. While a firewall may have protected their office network up to now, these infected laptops where able to take out the network from the inside once they connected back to it."
Funny, ISC has since edited the diary to remove this text?
This is a good point -- looking at network traffic right now, the Zotob variants all target primarily (only?) hosts in the same/8 or/16 network as the infected workstation.
This means that once somebody brings an infected laptop into a mid-to-large sized organization that is built on just one or two highly-populated network ranges, the worm will swiftly infect all available targets in that network.
I could almost speculate that the target generation code is written intentionally to make this a slow-spreading low-impact worm on the Internet overall, but much more effective once it gets inside a target-rich corner of the network (private or public). Almost.
Well have you ever seen their idiot tech reported, Daniel Sieburg (or whatever).
Daniel Sieberg, their "technology correspondent", has no formal technology training. (Since Dan claims to read Slashdot, maybe he can prove me wrong here)
If their tech department is anything like HIM they are lucky they can even get their computer turned on in the morning! No one in their tech reporting deparment has ever heard of a computer other than a PC running windows.
And surely CNN's technical infrastructure staff cringe every time these reporters open their mouths on the air.
Odds are that the "real" techies aren't photogenic enough to put them on the air, or capable of writing plain enough english that CNN could at least give them a pass at their scripts before giving the script to Daniel to read.
If I had to hazard a guess, I'd say the support staff pushed to deploy at least the critical patches to all of CNN shortly after the patches and public exploit code were released (Tuesday and Thursday of last week), but got pushback on any sort of "hasty" deployment of patches to systems "critical to broadcast operations".
CNN is a 24-hour product, so if they couldn't schedule downtime in the past couple of years to migrate off Windows 2000, why expect that they would be able to take an outage in the past week to install patches?
The end of easy returns is the end of retail
on
Retail Fraud on the Rise
·
· Score: 2, Insightful
poot_rootbeer writes:
If it doesn't fit your needs, you probably should have done more research before you bought it.
If I'm sure a product will meet my needs after doing what research I can, I'll purchase online, either from a reputable vendor or the best deal from froogle.
If after doing what research I can online, I'm still not 100% sure that it will work out (for example, a new camera that doesn't have online reviews, or a new subrevision of a card that previously was supported under OpenBSD, but might not work if they changed the chipset), then I'll buy from a retail store with a good return policy.
There are four ways a business (be it a "brick and mortar" store, online, etc) can get my business:
Supply the products I need now, something I can't wait for shipping (replacement parts, etc).
Carry products not easily found elsewhere.
Better prices (Total cost of purchase, taking into account sales tax, shipping, the hassle of the transaction.)
Outstanding customer service, including return policy.
#1 can be fulfilled in a couple of unobvious ways, from the "pick up at at your local Border's" deal Amazon has, to driving twenty miles out of my way to pick up computer hardware at the warehouse of a national mail-order giant.
The latest version of pf, spamd, and spamdb offered with OpenBSD 3.7 work well to address the problem of high-volume dictionary attacks, through a combination of bandwidth shaping, tarpitting, greylisting, and spamtrap addresses.
Basically, you configure spamdb to greylist unknown senders, and provide it with a huge list of "spamtrap" addresses, which are invalid email addresses not actually used in your domain.
GREYTRAPPING
Any source which tries to email to a spamtrap address is temporarily blacklisted, just like how SpamCop's SCBL reacts to a message to a spamtrap.
Recent enhancements to 'pf' provide for rate-limiting connections based on the source IP, in addition to the regular bandwidth shaping features. With minimal effort you can configure an OpenBSD mail gateway or router to ensure that you waste as much of the spammers time as possible, while expending the least amount of your own effort and bandwidth.
You'd be amazed if you saw the ancient modems that the "AP Newswire" actually physically connects to.
What, AP hasn't switched you over to their NNTP feed yet?
Considering how behind the time they are, I was half expecting them to ask to set up a UUCP peer. (I'd have done it, too).
It is not an industry with an appreciation for technological innovations. I mean, if it was, we wouldn't even call it the "newspaper" industry anymore.
OTOH, there's something to be said for doing anonymity the old school way, with pay phones and postal mail and the occasional meeting in a dark corner of a parking garage...
I have had some jobs, where I did nothing more than veg out at 9am, waiting for the coffee to kick in. It was a waste of time. The company paid me for those hours of morning work, and got very little back in return.
But just after lunch, I would have much more energy. The brain would start working. I was very productive. And what sucked about it was, by the time 4:30pm came, quitting time, I was deep in thought and work, and I did not want to leave.
When I came back to my current job, I accepted the position on the condition that I could shift my schedule several hours forward from the usual "9-5".
This not only makes me more productive when I am in the office, but let's me shave a couple of hours off my commute because I avoid rush hour. Win-Win for everybody.
I was pumping out great results. If I was working on a database, it would be around this time that everything was comming together in my head, that I was able to play with lots of ideas at one time, to visualize what I was doing. Those hours from noon to 4:30pm flew by too fast!
I know the feeling. Have you thought about getting a no-brainer job that you can work in the morning, so you can use your most productive hours for something that either benefits you personally, or benefits the community (Open Source community, or your local neighborhood, or whatever)?
My suggestion was that if you finds yourself slacking with regards to security procedures, you've effectively eliminated the inner wall. If the outer wall is breached, so is the inner one, by virtue of the fact that you're slacking. If the benefits of slacking (with respect to productivity, convenience, etc.) are sufficient, you should just harden the firewall and ditch the internal security processes. If maintaining security is a serious issue, you should do your damn job and implement the security processes. The fact that you have a firewall is no excuse for being sloppy, and sloppiness will bite you in the ass when the firewall fails.
That sounds great, but doesn't reflect the reality in large corporations.
One team runs the big honking edge firewalls, and takes their job seriously. They regularly strengthen the walls, and comission tiger-team testing to verify the belief that the perimeter walls are as secure as they can be for the budget available.
Another team (or six teams, or sixteen teams) run the various internal networks and servers and desktops. These are the ones who will start slacking off because "we have a firewall", and getting sloppy in locking down the internal devices.
Sure, the perimeter team can rant and rave about how while their firewall is great, it is not a panacea and the internal groups need to take up their share of the load, but this is little more than a CLM.
Slashdot Mirror
poot_rootbeer writes:
He said management doesn't react, not that management doesn't notice.
The manager thinks to himself "Rick Przyanolowski isn't holding up his share of the workload, and hasn't shaped up since his last bad review, so out he goes". After all, if Rick doesn't like getting the boot, it's not like he can sue or anything...
sdedeo replied:
And how recently were those tenured professors hired?Sure, older tenured professors are white males and will keep their job until they retire. But when the university goes to replace or add professors, then the discrimination kicks in.
When I was in college, I had a friend who was an assistant professor of chemistry, experienced and well-liked. A professorship opened up, and he applied, but was never offered the position. Instead, the university kept the position open for nearly two years, interviewing several dozen applicants, none of whom were white males. My friend, like many recently graduated chemistry doctorates, never did find a position teaching chemistry.
This is a common situation in American universities -- the old-school tenured professors are all aging white males, so when a position opens up, the school feels that they must fill the job with a minority or female.
Cronyism is not automatically racist.sdedeo quoted me out of context as saying:
and then sdedoe added:
Except nobody at the office had any idea he was anything but Swedish.At best it is strange to quote me out of context to imply that I was saying racism does not exist. My statement was in the context that, somebody who thinks of all their experiences in terms of race, may see everything as being racist.
Looking for discrimination against white men?
When I ran my own business, I hired people I could trust -- friends of the boss, people I went to college with, people with connections -- of whatever color or gender. So tell me again why I am incorrect to explain my own actions? And some people see racism where there isn't any.Check out how universities recruit and promote tenure track professors. You can be the most qualified and experienced chemist in the world, but no matter how many doctorates you have, if you are a white male good luck finding a position as an Associate Professor anywhere in the USA. Usually the second paragraph of every posting will read "Minorities and women are encouraged to apply.".
There was a guy who I worked with who was fired, when I talked to him later he ranted on and on about the only reason he lost his job was because he was of mixed race, because his grandmother was Haitian.
The truth was everybody from the CEO on down thought this dude was a full-blooded Swede, the company fired him because he came to work stoned (when he bothered showing up at all).
Kaos' next project can be a non-interactive bootable live CD which joins a machine to the Tor network, all the while displaying a clone of the default Windows XP screensaver
There's actually been more than a little effort in the OpenBSD project to move from MD5 and SHA1 to RMD160, along with tweaks to ensure that two binaries built on two fundamentally identical systems from identical source trees at different times of the day are bit-for-bit identical, e.g. removing timestamps embedded in the compiled binary, etc.
OTOH, since it's a live CD and doesn't touch the hard drive, even if there are backdoors, you are still effectively anonymous.
And then there is "Marshall's Axiom": :
Which I think is an even better explanation for how the WMF vulnerability came about.
Dell still does a few things imperfectly, like how the rails from the 2650 series don't quite fit a 2850, and the new RapidRails for the 2850 no longer fit in my older generic cabinets, because they reduced the range of depth adjustment...
Or failing that, some form of revolving credit line charge card.
In the past I've had misgivings about using Dell hardware, partly because of their habit of changing the chipset in a product line and keeping the model number exactly the same. We also used to (18 months or so back) have trouble with shipments getting delayed in order approval or at Fedex.
They've gotten out of this habit, and even moved to slightly more open-source-friendly chipsets for servers -- Intel instead of Broadcom, AMI instead of Adaptec, etc. And in my experience over the past six months or so, Dell has significantly cleaned up their order processing and shipping, no more mystery delays.
For a personal desktop for a techie or hardcore gamer, Dell may not be the best choice, but for a corporate purchase, buying from Dell has it's advantages.
Yes, you are mistaken.
If a person delivers a hate speech denigrating all Jews, or African-Americans, or gays, then this would not be considered a hate crime anywhere in the United States, because no criminal act has occurred. Hate speech is protected under the First Amendment. Specifically, Federal and most state "hate crime" laws apply strictly to "incitement to violence". So you can say "Kill the Jews!", but not "Kill Kyle Broflowski, because Kyle is a Jew". Keeping in mind that there are no Federal or State "hate speech" laws, just "hate crime" laws which apply to actions beyond general rhetoric against a class of individuals.Many colleges and schools have their own "hate speech code", but these do not have the force of law.
The Defender Hand-Held Token looks exactly like the old (physically unreliable) Axent Defender tokens, which used the (withdrawn in 1999) x9.9 Asynchronous authentication algorithm which was later proven to be extremely weak crytographically.
Many existing token products, including Vasco, Safeword, and ActivCard include support for x9.9 for backwards compatibility, as do a number of software applications.
Long ago, I ran a moderated mailing list. Members were concerned about the potential for moderator abuse, so we implemented a system where if any one moderator approved a post, it would be published, but a submission would only be rejected if every single moderator chose to reject it.
We ended up getting buried in duplicate posts and junk approved by lazy moderators who just chose "accept" for every single submission...
I submitted "OpenBSD 3.8 for pre-order" on the 14th, also rejected.
Which immediately leads me to thinking that somebody doesn't know the meaning of "non-repudiation".
The movie depends quite a bit on the overall backstory from the one season of the television show. If you haven't seen the show, it doesn't make a heck of a lot of sense.
Luckily "Firefly - The Complete Series" is available on DVD.
Grouping a team of 3-6 cow-orkers who have shared job responsibilities together in a open plan group of cubicles can enhance productivity.
Building a huge cattle pen to house 10-30 employees with mostly unrelated duties, especially if any of them have jobs that require a lot of time on the phone, is counter-productive.
All it takes is one loud-voiced joker with an exaggerated sense of his own funniness to crash the productivity of everybody else.
netdude built a 1.6TB (usable) TiVo unit, but doesn't say what it cost.
To quote directly from the handler: Funny, ISC has since edited the diary to remove this text?
This is a good point -- looking at network traffic right now, the Zotob variants all target primarily (only?) hosts in the same /8 or /16 network as the infected workstation.
This means that once somebody brings an infected laptop into a mid-to-large sized organization that is built on just one or two highly-populated network ranges, the worm will swiftly infect all available targets in that network.
I could almost speculate that the target generation code is written intentionally to make this a slow-spreading low-impact worm on the Internet overall, but much more effective once it gets inside a target-rich corner of the network (private or public). Almost.
Odds are that the "real" techies aren't photogenic enough to put them on the air, or capable of writing plain enough english that CNN could at least give them a pass at their scripts before giving the script to Daniel to read.
If I had to hazard a guess, I'd say the support staff pushed to deploy at least the critical patches to all of CNN shortly after the patches and public exploit code were released (Tuesday and Thursday of last week), but got pushback on any sort of "hasty" deployment of patches to systems "critical to broadcast operations".
CNN is a 24-hour product, so if they couldn't schedule downtime in the past couple of years to migrate off Windows 2000, why expect that they would be able to take an outage in the past week to install patches?
If after doing what research I can online, I'm still not 100% sure that it will work out (for example, a new camera that doesn't have online reviews, or a new subrevision of a card that previously was supported under OpenBSD, but might not work if they changed the chipset), then I'll buy from a retail store with a good return policy.
There are four ways a business (be it a "brick and mortar" store, online, etc) can get my business:
- Supply the products I need now, something I can't wait for shipping (replacement parts, etc).
- Carry products not easily found elsewhere.
- Better prices (Total cost of purchase, taking into account sales tax, shipping, the hassle of the transaction.)
- Outstanding customer service, including return policy.
#1 can be fulfilled in a couple of unobvious ways, from the "pick up at at your local Border's" deal Amazon has, to driving twenty miles out of my way to pick up computer hardware at the warehouse of a national mail-order giant.Basically, you configure spamdb to greylist unknown senders, and provide it with a huge list of "spamtrap" addresses, which are invalid email addresses not actually used in your domain.
GREYTRAPPING
Any source which tries to email to a spamtrap address is temporarily blacklisted, just like how SpamCop's SCBL reacts to a message to a spamtrap.
Recent enhancements to 'pf' provide for rate-limiting connections based on the source IP, in addition to the regular bandwidth shaping features. With minimal effort you can configure an OpenBSD mail gateway or router to ensure that you waste as much of the spammers time as possible, while expending the least amount of your own effort and bandwidth.
One team runs the big honking edge firewalls, and takes their job seriously. They regularly strengthen the walls, and comission tiger-team testing to verify the belief that the perimeter walls are as secure as they can be for the budget available.
Another team (or six teams, or sixteen teams) run the various internal networks and servers and desktops. These are the ones who will start slacking off because "we have a firewall", and getting sloppy in locking down the internal devices.
Sure, the perimeter team can rant and rave about how while their firewall is great, it is not a panacea and the internal groups need to take up their share of the load, but this is little more than a CLM.