Here in the state of Texas there exists State Law that prohibits unauthorized access to computer systems unless given permission from the system's owner. As some people in the Security consulting business have found out you should obtain written authorization from the system's owner before doing anything to that system. By granting access through a firewall these 'researchers' will have given you all the permission to hack their system that you need, I think. Anyway, don't hack anyone without written authorization from the system's owner.
According to Stephen Northcutt; SANS NewsBites Editor; in the latest isssue said: "However, there is usually a reason for monoculture; it is hard to imagine trying to do real business using open office on whatever version of Red Hat Linux is out this week." Therefore any attempt to convert to whatever flavour of GNU/ Linux can't be done. The great success in Hollywood and elseware using GNU/Linux must not be real.
I just happened to be on Dell's web sight looking for a low end Mircosoft 2000 Power Edge to use as a print server and noted that an OS option was "Red Hat Linux 9.0"
Why I dislike Wal-Mart, a lot. They are the number two employer of people in the world because thay hire most of the workers as part-timers. This lets them get away without paying the extra helth, insurance, vacation benfites that a full-time employee woud get. They are also very anti-union. When one Wal-mart Supercenter butchers group successfully unionized Wal-Mart's responce was to completely elimate the need for butchers by changing their policy and started buying prepackaged meats only.
I normally have that 'breakfast special" in the morning. One day last week instead of the normal toast I asked for a bagel. "Extra $0.55" the waitress said. "No problem" I said. When I got the bill there was a $0.35 fee for warming up the bagel. Another place charged $0.25 for extra lemons for my iced tea. Everybody is out to get extra fees.
I don't use Microsoft Windows at home. I'm useing the Slackware 8.1 distro right now. At work I'm forced to use Windows because of the Public folders / group calendar of Exchange. Also Crystal Repoets, MAX, Dynamics, etc... all the applications that we can't live without.
What happens when certified software fails? Who has the liability? As someone else pointed out one hidden problem with 3rd party certifications is that it's not their security problem when it fails, it's yours. It may be their reputation on the line but you should be certifing your own security.
About 6 years ago new management came into Zenith Electronics, LG Electronics aka: Goldstar. The new VP of Parts Sales reviewed the jobs at his new division and decided to cut my position saying that "we can't afford him" I was a local Novell administrator, CC:Mail administrator, my little network of PCs replaced dumb terminals to our old mainframe, provided connectivity to our new HP AIX minicomputer systems to the local production sites. I fetched data off both systems and ran reports attempting to reconcile the differences. Zenith lasted only about 1 yrear ater the let me go - proof that they did need me after all.
The only way I see me getting a Palladium DRM CPU is if I was the master key controller of the device. Anything less seems to me to give up my control over my hardware to whoever does have the master key control and I won't stand for it. I'll dust of any older CPU and keep useing what I have total control over. Besides, is'nt there a law thay says unautohrized modifications to a computer system is illegal? I expressly revoke everybody; eg Microsoft and Intel; to make any changes to systems that I own.
A vaguely remenbered cartoon. 'Sally Forth', I think. It shows her folder clothes at work and her boss is asking what she's doing? Her reply - "Remenber last week when we were backed us here at the office and I took work home with me? Well now I'm backed up at home." As some say 'turnabout is fair play.
I consider these to be just field tests to get all the bugs worked out. When Aschroft,et al are satified it 'works' I forcast the time when it will become mandatory for everybody.
The way I see this issue is that I have an ethical responsibility to other users of a product to inform them of any security flaws I find. The EULA of most propriety software contain disclaimers as to fitness of use and the end users have no legal recourse for any damages incurred. In other words they put out crappy, bug ridden, security flawed software and they expect use to shut up and just use it. To not publish any security problem is to leave every user unaware of the problem and therefore open to potential damage. I say full public disclosure up front of all bugs and security problems with just enough technical detail to verify the problem. No need to provide the script kiddies with automatic tools that they can use. Perhaps the propriety software companies will start to put out a better quality product if they know that any security problem or bug will be quickly published. The end users decision might be to start using some open source software that can be fixed a lot quicker than the insecure propriety software.
Forget MS as an operating system. One thing that stops us here at work from adapting a GNU/Linux solution is the fact the MS Exchange server won't play nice with any Linux 'outlook like' display.
Do you think that GNU/Linux will ever be finished? I mean, that baring minor tweeks to support new hardware devices, will everything be completly finished. Nothing left to improve on, no more bells to ring, no more whistles to blow. And if not then what is 'good enough'?
>One way or the other one of the programs is not going to be on that machine at the end of the day. I can be the biggest biggot you have ever seen, and still I am allowed to demand that my application not be installed on a machine with a particular application.
I must disagree with you. This is MY computer and I say what programs I want on MY system. If you are going to uninstall any program I want on my system I can assure you that your software won't be on my system.
>Isn't that contrary to the terms of the GPL? As >long as the source is provided, and the >resultant code is released under the GPL, isn't >modification and resale legal? Just something >that caught my eye in the article.
Would one be obtuse? They are talking about useing the DAKOTA software to aid in the design of VCWs (very complex widgets) and selling the VCWs. At least this is how I see it.
At first I thought 'another win for open source' and this is a very important issue. When I followed some links I found that the analysis of a questionaire that had been conducted mentioned Microsoft Excel functions, mean and std. dev. being used. Sigh, I guess they aren't all that 'open source' users as one would think.
Just this weekend I've finished reading The Engeneer' series of books by James Doohan - aka Scottie of Star Trek (co-auther S.M. Sterling).
They use antihydrogen as the fuel for their star ships. In fact they are fighting a war over control of the antihydrigen fields and the fuel run their entire society.
Because I'm the 'end user hardware support' person at work I've had several people ask me lately what software I use at home. When I tell them I use 'SuSe Linux' they act supprised. They don't know that Windows is not the only OS out there. I then give them the lecture about how GNU/Linux is better than any Windows OS. I rant and rave about how bad Windows is and how wounderful this Linux stuff is. You kow - all the Linux zelotry I can muster at the time.
BW - Management here did not approve the use of Linux for some network things (like DNS) because they 'don't want different OS's on the network'. We have several Mita 3010 copy machines that also serve as networked printers. Running their IP-P2P software on our NT 4 servers did not print graphic files correctly. I set up a Linux print server for the Mita 3010 printers and it works with any problems at all. It was several month later during an EOY audit that Management found out I slipped in Linux.
Yesterday's item about tiny apps was checked out. One of the items downloaded and tested is the OffByOne web browser which I am useing to post this comment. I just checked and www.nsn.com web site just refused to display for me. It just pointed to various download options of IE? If I can't use the web browserof MY choice I won't be going to your site.
It seems to me that a proper long term solution is in the education of the lawmakers. I don't mean too sugest that we take an old fossil like - name any long term legislator - and attempt to educate them. It's too late for that. Consider - most lawmakers are lawyers or at least collage graduates. Let's start the process early and require much more CS work as undergraduates in Poly Sci or whatever degree that goes into goverment(pre-law?) and in Law Schools. Good idea or will this process take too long?
I know of only two ways to stop terrorists. One is to totally surrender to all of their demands. In the case of bin Laden and his kind this is the same as suicide. The other way is to kill every terrorist that exists in the world. All you terrorists in the world please identify yourselves so we may kill you.
Neither extream is a viable option, therefore what will happen will fall someware in between. Should it? Orson Scott Card has created the concept of the Hierarchy of Foreignness (_Xenocid_) that might apply. Utlannings - strangers from our own world. Ramen - strangers of another species, but capable of communicating with us, capable of co-existance with humanity. Varelse - an alien life form that's capable of destroying all of humanity. The debate should be first if bin Laden and his kind can be negotiated with to satify their percieved justifacation of their actions. If he won't negoiate then, by their actions, we have no choice but to judge them Varelse and set about the task of identification and total destruction of them. There can be no middle ground or terrorism will never end.
Slashdot Mirror
Here in the state of Texas there exists State Law that prohibits unauthorized access to computer systems unless given permission from the system's owner. As some people in the Security consulting business have found out you should obtain written authorization from the system's owner before doing anything to that system. By granting access through a firewall these 'researchers' will have given you all the permission to hack their system that you need, I think. Anyway, don't hack anyone without written authorization from the system's owner.
According to Stephen Northcutt; SANS NewsBites Editor; in the latest isssue said: "However, there is usually a reason for monoculture; it is hard to
imagine trying to do real business using open office on whatever version of Red Hat Linux is out this week." Therefore any attempt to convert to whatever flavour of GNU/ Linux can't be done. The great success in Hollywood and elseware using GNU/Linux must not be real.
I just happened to be on Dell's web sight looking for a low end Mircosoft 2000 Power Edge to use as a print server and noted that an OS option was "Red Hat Linux 9.0"
In my case since I have a PO BOX thr +4 is my box number. I'd say that IDs mew faily well.
When I read the phrase 'Evolution in Action" I think of suicide. From the book _Oath of Feality_ by Jerry Pournelly(sp).
Why I dislike Wal-Mart, a lot. They are the number two employer of people in the world because thay hire most of the workers as part-timers. This lets them get away without paying the extra helth, insurance, vacation benfites that a full-time employee woud get. They are also very anti-union. When one Wal-mart Supercenter butchers group successfully unionized Wal-Mart's responce was to completely elimate the need for butchers by changing their policy and started buying prepackaged meats only.
I normally have that 'breakfast special" in the morning. One day last week instead of the normal toast I asked for a bagel. "Extra $0.55" the waitress said. "No problem" I said. When I got the bill there was a $0.35 fee for warming up the bagel. Another place charged $0.25 for extra lemons for my iced tea. Everybody is out to get extra fees.
I don't use Microsoft Windows at home. I'm useing the Slackware 8.1 distro right now. At work I'm forced to use Windows because of the Public folders / group calendar of Exchange. Also Crystal Repoets, MAX, Dynamics, etc... all the applications that we can't live without.
What happens when certified software fails? Who has the liability? As someone else pointed out one hidden problem with 3rd party certifications is that it's not their security problem when it fails, it's yours. It may be their reputation on the line but you should be certifing your own security.
About 6 years ago new management came into Zenith Electronics, LG Electronics aka: Goldstar. The new VP of Parts Sales reviewed the jobs at his new division and decided to cut my position saying that "we can't afford him" I was a local Novell administrator, CC:Mail administrator, my little network of PCs replaced dumb terminals to our old mainframe, provided connectivity to our new HP AIX minicomputer systems to the local production sites. I fetched data off both systems and ran reports attempting to reconcile the differences. Zenith lasted only about 1 yrear ater the let me go - proof that they did need me after all.
The only way I see me getting a Palladium DRM CPU is if I was the master key controller of the device. Anything less seems to me to give up my control over my hardware to whoever does have the master key control and I won't stand for it. I'll dust of any older CPU and keep useing what I have total control over. Besides, is'nt there a law thay says unautohrized modifications to a computer system is illegal? I expressly revoke everybody; eg Microsoft and Intel; to make any changes to systems that I own.
A vaguely remenbered cartoon. 'Sally Forth', I think. It shows her folder clothes at work and her boss is asking what she's doing? Her reply - "Remenber last week when we were backed us here at the office and I took work home with me? Well now I'm backed up at home." As some say 'turnabout is fair play.
I consider these to be just field tests to get all the bugs worked out. When Aschroft,et al are satified it 'works' I forcast the time when it will become mandatory for everybody.
Let us not forget the Microsoft stopped Dr. DOS with Win 3.11 by a deliberate incompatiabliity.
The way I see this issue is that I have an ethical responsibility to other users of a product to inform them of any security flaws I find. The EULA of most propriety software contain disclaimers as to fitness of use and the end users have no legal recourse for any damages incurred. In other words they put out crappy, bug ridden, security flawed software and they expect use to shut up and just use it. To not publish any security problem is to leave every user unaware of the problem and therefore open to potential damage. I say full public disclosure up front of all bugs and security problems with just enough technical detail to verify the problem. No need to provide the script kiddies with automatic tools that they can use. Perhaps the propriety software companies will start to put out a better quality product if they know that any security problem or bug will be quickly published. The end users decision might be to start using some open source software that can be fixed a lot quicker than the insecure propriety software.
Forget MS as an operating system. One thing that stops us here at work from adapting a GNU/Linux solution is the fact the MS Exchange server won't play nice with any Linux 'outlook like' display.
Do you think that GNU/Linux will ever be finished? I mean, that baring minor tweeks to support new hardware devices, will everything be completly finished. Nothing left to improve on, no more bells to ring, no more whistles to blow. And if not then what is 'good enough'?
>One way or the other one of the programs is not going to be on that machine at the end of the day. I can be the biggest biggot you have ever seen, and still I am allowed to demand that my application not be installed on a machine with a particular application.
I must disagree with you. This is MY computer and I say what programs I want on MY system. If you are going to uninstall any program I want on my system I can assure you that your software won't be on my system.
>Isn't that contrary to the terms of the GPL? As >long as the source is provided, and the >resultant code is released under the GPL, isn't >modification and resale legal? Just something >that caught my eye in the article.
Would one be obtuse? They are talking about useing the DAKOTA software to aid in the design of VCWs (very complex widgets) and selling the VCWs. At least this is how I see it.
At first I thought 'another win for open source' and this is a very important issue. When I followed some links I found that the analysis of a questionaire that had been conducted mentioned Microsoft Excel functions, mean and std. dev. being used. Sigh, I guess they aren't all that 'open source' users as one would think.
Just this weekend I've finished reading The Engeneer' series of books by James Doohan - aka Scottie of Star Trek (co-auther S.M. Sterling).
They use antihydrogen as the fuel for their star ships. In fact they are fighting a war over control of the antihydrigen fields and the fuel run their entire society.
Because I'm the 'end user hardware support' person at work I've had several people ask me lately what software I use at home. When I tell them I use 'SuSe Linux' they act supprised. They don't know that Windows is not the only OS out there. I then give them the lecture about how GNU/Linux is better than any Windows OS. I rant and rave about how bad Windows is and how wounderful this Linux stuff is. You kow - all the Linux zelotry I can muster at the time.
BW - Management here did not approve the use of Linux for some network things (like DNS) because they 'don't want different OS's on the network'. We have several Mita 3010 copy machines that also serve as networked printers. Running their IP-P2P software on our NT 4 servers did not print graphic files correctly. I set up a Linux print server for the Mita 3010 printers and it works with any problems at all. It was several month later during an EOY audit that Management found out I slipped in Linux.
Yesterday's item about tiny apps was checked out. One of the items downloaded and tested is the OffByOne web browser which I am useing to post this comment. I just checked and www.nsn.com web site just refused to display for me. It just pointed to various download options of IE? If I can't use the web browserof MY choice I won't be going to your site.
It seems to me that a proper long term solution is in the education of the lawmakers. I don't mean too sugest that we take an old fossil like - name any long term legislator - and attempt to educate them. It's too late for that. Consider - most lawmakers are lawyers or at least collage graduates. Let's start the process early and require much more CS work as undergraduates in Poly Sci or whatever degree that goes into goverment(pre-law?) and in Law Schools. Good idea or will this process take too long?
I know of only two ways to stop terrorists. One is to totally surrender to all of their demands. In the case of bin Laden and his kind this is the same as suicide. The other way is to kill every terrorist that exists in the world. All you terrorists in the world please identify yourselves so we may kill you.
Neither extream is a viable option, therefore what will happen will fall someware in between. Should it? Orson Scott Card has created the concept of the Hierarchy of Foreignness (_Xenocid_) that might apply. Utlannings - strangers from our own world. Ramen - strangers of another species, but capable of communicating with us, capable of co-existance with humanity. Varelse - an alien life form that's capable of destroying all of humanity. The debate should be first if bin Laden and his kind can be negotiated with to satify their percieved justifacation of their actions. If he won't negoiate then, by their actions, we have no choice but to judge them Varelse and set about the task of identification and total destruction of them. There can be no middle ground or terrorism will never end.