Okay this is definitely off-topic (and flamebait), but I gotta get something off my chest --
All this "social aggregation" stuff with Slashdot and Digg and Fark and whatever else - it's a giant blogspam circle jerk. I am bored with it. Somebody invent Web 3.0 already.
Indeed, it's been demonstrated that even the suggestion of surveillance is effective to control our actions to some degree. Consider then what effects actual surveillance has.
The IT people who are always going to be in demand are those who make sh*t work - whether those are managers pulling projects together under time/budget, or coders/networking/systems people who fix broken stuff and build the right new environments.
Yes, you'd damn well better have the needs of the business in mind in any position. But if Company A decides they're going to have manager types who don't have IT skills doing skilled IT work, they're going to find out real quick that sh*t don't work and there's no one around who can fix it.
My point was really this: the Slashdot article claims that eEye notified McAfee of a flaw, then McAfee fixed the flaw inside an update only labeled "feature update." According to the c|net article, McAfee released the feature update in January, eEye found the flaw in July, and it turns out that the way the January feature update changed data handling also eliminated the flaw, serendipitously.
So, McAfee did not release the feature update after the notification from eEye, as suggested here. Now that everyone knows the January feature update also serves to eliminate the flaw, McAfee can retest it, and relabel it as such. That's why there's no foul on anyone's part.
McAfee was notified of the flaw by eEye Digital Security on July 5, but at the time had already fixed the flaw in an update to its software that was released in January, Viega said. That update was meant to fine-tune the system, not fix security flaws, he said. The current version of ePO is 3.6, according to McAfee.
"We did not realize that we had fixed a security vulnerability until eEye alerted us to the problem last week," Viega said. "We were optimizing the system, not looking for security vulnerabilities." The optimization included changing from storing data in files to storing it in memory, which removed the flaw, he said.
So what that means is that McAfee issued a feature update in January. eEye alerted them to a flaw in July - said flaw exists in systems that do not have the January feature update applied.
If the above is correct, and it would seem to be, McAfee did nothing wrong at all.
Also note that there is no DSClient for WinME, officially, though "you may be able to install Active Directory Client Extension on a Windows Me computer for testing purposes."
Sure, preventing search engines from indexing blogspam posts is great. Maybe that's the first step, but it's not going for the root cause - the botnets that run the apps that post/email in the first place, and the compromised webservers hosting order sites.
Okay, fair enough, but I think you may have just made my point in another way as well. Considering that the existing press and communications media did a good enough job of alerting the public to the threatening events of the day - so much so, in fact, that use of the emergency alert system was not warranted - what do we even have an emergency alert system for (at least on the national level, where DHS is intending to expand the system)?
"In essence they were created to provide compatibility with HFS, or the old Macintosh Hierarchical File System. The way that the Macintosh's file system works is that they will use both data and resource forks to store their contents. The data fork is for the contents of the document while the resource fork is to identify file type and other pertinent details."
Eh, I don't buy that. I was at a tire shop that morning, watching TV in the waiting room. Plane #1 had already hit, I heard about that on the radio. Nobody really knew what was going on. I watched plane #2 come in. At that very instant, I knew that the events unfolding were not accidental. If I knew it was a real and focused attack, I'm certain that the president knew.
Only the President can issue the alert and the current President didn't on 9/11 or any other time since.
I know that hindsight is 20/20, but perhaps the President should have issued the alert on 9/11, what with our nation under attack by the enemy and being drawn into an endless and scopeless war on terror.
Okay, maybe that was a little bitter. Still, I think that 9/11 probably warranted use of the emergency alert system, at least until all the air traffic was officially grounded. So, if the existing alert system wasn't used then, what would have to happen in order for an expanded alert system to be used? (Well, unless you consider implementation as being 'use,' the result of which is FUD and promotion of DHS and the administration.)
Now, we do have many many more mediums of communication, and I think that updating of such a system could be valuable, if that system was going to be used for anything. History tells us it will not. Hell, most towns still have weekly air raid siren tests - I know those are used for tornado warnings in the midwest, but what does everyone else use em for?
The systems to generate FUD are costly, and remain long after the FUD they were intended to create has passed.
Hey, that's not offtopic! That's how spark plugs work; there needs to be a sharp edge on the electrode and the ground for there to be a strong clean spark. Same way this is being used, really, as an electron gun.
Slashdot Mirror
Okay this is definitely off-topic (and flamebait), but I gotta get something off my chest --
All this "social aggregation" stuff with Slashdot and Digg and Fark and whatever else - it's a giant blogspam circle jerk. I am bored with it. Somebody invent Web 3.0 already.
How about the source article instead of a blog about it?
o nes.html
http://www.nytimes.com/2006/08/02/washington/02ph
http://www.bugmenot.com/view/www.nytimes.com
Can you run Linux on it?
You're telling me that the US and UK have Trident missiles on TIMESHARE?? I wonder how many weekends in St. Maartens that would get you.
Where!? Pics!
(Please appreciate my sarcasm.)
Indeed, it's been demonstrated that even the suggestion of surveillance is effective to control our actions to some degree. Consider then what effects actual surveillance has.
... that my brain is made up of a series of tubes!
I thought we already had that movie. Oh no wait, that was just the title.
"We have always been at war with Eastasia."
It would trap a particular kind of sea bird, or a not very smart person. Or maybe it's something else entirely.
The IT people who are always going to be in demand are those who make sh*t work - whether those are managers pulling projects together under time/budget, or coders/networking/systems people who fix broken stuff and build the right new environments.
Yes, you'd damn well better have the needs of the business in mind in any position. But if Company A decides they're going to have manager types who don't have IT skills doing skilled IT work, they're going to find out real quick that sh*t don't work and there's no one around who can fix it.
My point was really this: the Slashdot article claims that eEye notified McAfee of a flaw, then McAfee fixed the flaw inside an update only labeled "feature update." According to the c|net article, McAfee released the feature update in January, eEye found the flaw in July, and it turns out that the way the January feature update changed data handling also eliminated the flaw, serendipitously.
So, McAfee did not release the feature update after the notification from eEye, as suggested here. Now that everyone knows the January feature update also serves to eliminate the flaw, McAfee can retest it, and relabel it as such. That's why there's no foul on anyone's part.
So what that means is that McAfee issued a feature update in January. eEye alerted them to a flaw in July - said flaw exists in systems that do not have the January feature update applied.
If the above is correct, and it would seem to be, McAfee did nothing wrong at all.
Note that there's also an NT4 version of DSClient:
http://support.microsoft.com/kb/288358/
Also note that there is no DSClient for WinME, officially, though "you may be able to install Active Directory Client Extension on a Windows Me computer for testing purposes."
http://support.microsoft.com/kb/276472/
I see that someone modded the parent "Funny."
That's not funny.
Sure, preventing search engines from indexing blogspam posts is great. Maybe that's the first step, but it's not going for the root cause - the botnets that run the apps that post/email in the first place, and the compromised webservers hosting order sites.
Okay, fair enough, but I think you may have just made my point in another way as well. Considering that the existing press and communications media did a good enough job of alerting the public to the threatening events of the day - so much so, in fact, that use of the emergency alert system was not warranted - what do we even have an emergency alert system for (at least on the national level, where DHS is intending to expand the system)?
"In essence they were created to provide compatibility with HFS, or the old Macintosh Hierarchical File System. The way that the Macintosh's file system works is that they will use both data and resource forks to store their contents. The data fork is for the contents of the document while the resource fork is to identify file type and other pertinent details."
http://www.securityfocus.com/infocus/1822
Eh, I don't buy that. I was at a tire shop that morning, watching TV in the waiting room. Plane #1 had already hit, I heard about that on the radio. Nobody really knew what was going on. I watched plane #2 come in. At that very instant, I knew that the events unfolding were not accidental. If I knew it was a real and focused attack, I'm certain that the president knew.
Only the President can issue the alert and the current President didn't on 9/11 or any other time since.
I know that hindsight is 20/20, but perhaps the President should have issued the alert on 9/11, what with our nation under attack by the enemy and being drawn into an endless and scopeless war on terror.
Okay, maybe that was a little bitter. Still, I think that 9/11 probably warranted use of the emergency alert system, at least until all the air traffic was officially grounded. So, if the existing alert system wasn't used then, what would have to happen in order for an expanded alert system to be used? (Well, unless you consider implementation as being 'use,' the result of which is FUD and promotion of DHS and the administration.)
Now, we do have many many more mediums of communication, and I think that updating of such a system could be valuable, if that system was going to be used for anything. History tells us it will not. Hell, most towns still have weekly air raid siren tests - I know those are used for tornado warnings in the midwest, but what does everyone else use em for?
The systems to generate FUD are costly, and remain long after the FUD they were intended to create has passed.
Hey, that's not offtopic! That's how spark plugs work; there needs to be a sharp edge on the electrode and the ground for there to be a strong clean spark. Same way this is being used, really, as an electron gun.
Scientists Question Laws of Nature
Isn't "questioning laws of nature" by definition what scientists do? Question, hypothesis, experiment, theory, law, lather, rinse, repeat - right?
And I bet those would make some super awesome hi-performance spark plugs.
I have a strange urge to possess a gadget that can measure the level of this "gadget disease" in people.
Why do I think such a gadget would be very similar to the E-Meter?
A simple robots.txt line will remove your site from the wayback machine.
Your site on your server, sure, but what about the site run by someone else (which is where most people are posting things anyway)?