So to fire off this vulnerability, you have to run an.mdb file you found from "somewhere." Never mind these things could have embedded VB macros and other controls that could wreak havoc.
Why not just start running installs you find from "somewhere?"
Access and mdb are insecure as it is when you start running untrusted files; should we expect all of those to go away at the expence of neutering the key selling point: stupid easy to do anything with?
I rarely take my laptop out in public... (oh the irony) but I'd never let it out of my possession. Would you leave your wallet on a table 10 feet away? Briefcase? Laptops have these spiffy tote bags these days...
Only one of those I can cut slack to is the locked hotel room, maybe the rental car depending where they were and what type of car. (BMW Z3 in Detroit? Toyota Corolla in Mission Viejo?)
Maybe someone needs to invent a car alarm for a laptop with a little gyroscope. If laptop's been moving for 5 minutes without a password punched in, it starts blasting out Spice Girls or Hannah Montana... hmm...
Is it the policy of the IT department to handcuff the laptop to a user? No.
It should be No One Else's responsibility for you to keep track of your company's laptop. It is Your fault it was lost. Period. Is that so difficult a concept?
At this point, the IT department rolls out the email correspondence between their guys and Accounting, where Accounting says it would cost too much to roll out full drive encryption, gps trackers, yadda yadda. By your reckoning, is it now the Accounting department's fault that the data got compromised? Accounting pulls out sheets showing Sales missed their targets by millions, effectively cutting every budget. Is it now Sales' fault? Oh wait, it's because customers didn't buy their shit. It's the customer's fault the data was compromised!
(Snaps wand, Reducto ad absurdum!!)
All bullshit. It's the fault of the person who was in possession of the laptop at the time it was stolen.
Now, if the data was intercepted in, say, a man-in-the-middle attack, while the user was in full possession of said laptop, then we can hang the IT dept out to dry.
OS Distribution of servers: 40% Windows, 20% Linux, 40% Sun Time spent working on servers: 70% Windows, 30% Linux+Sun
70% of their time is spent working on 40% of the systems. Here's another way: For every 1.0 hours spent on a Linux OR Sun box, they have to spend 2.3 hours on a Windows box.
Also, if you bothered to read the post, he said they WOULD support Vista if the customer decided to get it. They just make every effort to dissuade the purchase of Vista. I'm in the same situation. We'll support Vista, but we'll keep pushing XP until licences are no longer available because XP's just better to support.
And it's not your fault the baby seat didn't have a beeper letting you know you put it on top of your car before driving off.
Frankly, it's about time people started being punished for being stupid and careless. This whole "it's not MY fault" reeks of people being unable to take responsibility for their own actions. Let's up the ante and add in accomplice to fraud, as you're enabling the data theives with information...
I remember those numbers being posted before about exceeding XP sales.
If I think back, wasn't that because people were redeeming all their Vista vouchers that they accumulated the past four months from OEM systems? Remember, the whole "Free Vista upgrade!" deal?
I'm gonna stick by what I said, but going to expand on it, somewhat.
I guess my key point was specifically related to upgrading to Vista. It makes no sense, outside of legacy apps, for anyone to still be stuck with anything predating 2000 if you need a Windows OS. Now, on a personal level, I'd say go with XP and 2003. They're a bit easier to support; but if you have a solid 2000 environment and there's no benefits to the new environment, stick with 2000.
I think MS plateaued Windows with XP/2003. Personally, I'd say at this time just focus on perfecting those systems. Apple can siphon off customers with minor releases. I mean, here's a thought. Why not release a $50 minor release every year. It can have a roll up plus added functionality that's been discovered over the past year. If they did that for XP, that's (a) essentially the cost of Vista by now and (b) would have kept businesses happy since they all splurged on that Software Assurance deal which, in retrospect, was a really shitty deal for the companies....and while I'm dreaming, I'd also like a pony.
If there's enough pressure from big companies, it'd be stupid for MS to cut off support. But even then, there's little that one *really* needs MS for if you have a good backup behind ya. Just get a non-paper MCSE and you're gold. (Admittedly, they're probably harder to find than decent Linux admins, but they do exist.)
Actually, the engineering of the pyramids is still surprising us; not only was the construction of the pyramid incredible, but the actual quarrying and shaping of the stones is still unsurpassed. Sheets of paper won't fit through the gaps between blocks, and there's no mortar.
Attempting to build a duplicate pyramid today would still be a massive undertaking that would take years; hardly a trivial task.
Maybe if they did it well, it might pay off. Windows XP is ancient. For a release, it is very old. They missed on the upgrade the OS thing poorly with Vista. Many are moving on to Apple or Linux instead.
Silly question, but why upgrade all the time anyway? If something works, why replace it? What's going to come out that will magically increase productivity?
As lawsuits have shown, actual technical knowledge seems to be disregarded.
Frankly, if they're advertising 1.5M, I should see 1.5M. Not 256, not 512, not 56, and not 1.4. This is false advertising. If they have bandwidth problems, they should Advertize What They Have. This reminds me a lot of the EPA Estimated Mileage fiasco where they had to retune the numbers. Tell people what they get in REALITY. I'd rather have a guarenteed 256K than a 256K masquerading as a 1.5M
Vuze is correct in thinking that protocols and the Internet connections as a whole shouldn't be throttled, in theory, however in practice ISPs are limited in how much available bandwidth they have.
This practice is countered by the ISP's willingness to advertize bandwidth WELL in excess of what they have. Perhaps ISPs should just use real numbers, not mythical ones some marketing genius picked out of a hat.
It's the same with airlines and overbooking. It should just be illegal to sell more than you can reasonably provide.
And all Sony did was install a program on their music CDs that ensured someone had a legit copy of the CD (copyright infringement is a HUGE problem with IP).
Out of curiosity, how would you go about detecting keyloggers and/or bots without reading the registry?
Active processes?
It might be difficult to believe, but you CAN run programs in Windows without having it put stuff in the registry, so even searching the registry could be a dead end anyway.
Clears up a lot. Knew it was a one sided argument, but why they'd use it and what impacts it had I was drawing a complete blank on. Concur on #2...if the recordholders knew they were going to have a lawsuit associated with them in the future they'd keep it otherwise risk getting hit with destroying evidence.
Point #1 sounds like they want the John Does found liable before they're even named. Am I close on that?
great plan kid, try explaining to the tens of thousands working in the music industry how they tell the mortgage provider that "my business plan is not to earn money".
You did tell this to the blue collar assembly line workers of America, who get laid off in droves because of cheaper labor costs outside of the country, right? Closed factories and all that.
Why should white collar workers be coddled?
If corporate America gets to screw over the middle class without any repercussions, it's about time they got a taste of their own medicine! Vive la revolution!
Slashdot Mirror
So to fire off this vulnerability, you have to run an .mdb file you found from "somewhere." Never mind these things could have embedded VB macros and other controls that could wreak havoc.
Why not just start running installs you find from "somewhere?"
Access and mdb are insecure as it is when you start running untrusted files; should we expect all of those to go away at the expence of neutering the key selling point: stupid easy to do anything with?
I rarely take my laptop out in public... (oh the irony) but I'd never let it out of my possession. Would you leave your wallet on a table 10 feet away? Briefcase? Laptops have these spiffy tote bags these days...
Only one of those I can cut slack to is the locked hotel room, maybe the rental car depending where they were and what type of car. (BMW Z3 in Detroit? Toyota Corolla in Mission Viejo?)
Maybe someone needs to invent a car alarm for a laptop with a little gyroscope. If laptop's been moving for 5 minutes without a password punched in, it starts blasting out Spice Girls or Hannah Montana... hmm...
Is it the policy of the IT department to handcuff the laptop to a user? No.
It should be No One Else's responsibility for you to keep track of your company's laptop. It is Your fault it was lost. Period. Is that so difficult a concept?
At this point, the IT department rolls out the email correspondence between their guys and Accounting, where Accounting says it would cost too much to roll out full drive encryption, gps trackers, yadda yadda. By your reckoning, is it now the Accounting department's fault that the data got compromised? Accounting pulls out sheets showing Sales missed their targets by millions, effectively cutting every budget. Is it now Sales' fault? Oh wait, it's because customers didn't buy their shit. It's the customer's fault the data was compromised!
(Snaps wand, Reducto ad absurdum!!)
All bullshit. It's the fault of the person who was in possession of the laptop at the time it was stolen.
Now, if the data was intercepted in, say, a man-in-the-middle attack, while the user was in full possession of said laptop, then we can hang the IT dept out to dry.
English must not be your first language...
OS Distribution of servers: 40% Windows, 20% Linux, 40% Sun
Time spent working on servers: 70% Windows, 30% Linux+Sun
70% of their time is spent working on 40% of the systems.
Here's another way: For every 1.0 hours spent on a Linux OR Sun box, they have to spend 2.3 hours on a Windows box.
Also, if you bothered to read the post, he said they WOULD support Vista if the customer decided to get it. They just make every effort to dissuade the purchase of Vista. I'm in the same situation. We'll support Vista, but we'll keep pushing XP until licences are no longer available because XP's just better to support.
And it's not your fault the baby seat didn't have a beeper letting you know you put it on top of your car before driving off.
Frankly, it's about time people started being punished for being stupid and careless. This whole "it's not MY fault" reeks of people being unable to take responsibility for their own actions. Let's up the ante and add in accomplice to fraud, as you're enabling the data theives with information...
I remember those numbers being posted before about exceeding XP sales.
If I think back, wasn't that because people were redeeming all their Vista vouchers that they accumulated the past four months from OEM systems? Remember, the whole "Free Vista upgrade!" deal?
I'm gonna stick by what I said, but going to expand on it, somewhat.
...and while I'm dreaming, I'd also like a pony.
I guess my key point was specifically related to upgrading to Vista. It makes no sense, outside of legacy apps, for anyone to still be stuck with anything predating 2000 if you need a Windows OS. Now, on a personal level, I'd say go with XP and 2003. They're a bit easier to support; but if you have a solid 2000 environment and there's no benefits to the new environment, stick with 2000.
I think MS plateaued Windows with XP/2003. Personally, I'd say at this time just focus on perfecting those systems. Apple can siphon off customers with minor releases. I mean, here's a thought. Why not release a $50 minor release every year. It can have a roll up plus added functionality that's been discovered over the past year. If they did that for XP, that's (a) essentially the cost of Vista by now and (b) would have kept businesses happy since they all splurged on that Software Assurance deal which, in retrospect, was a really shitty deal for the companies.
If there's enough pressure from big companies, it'd be stupid for MS to cut off support. But even then, there's little that one *really* needs MS for if you have a good backup behind ya. Just get a non-paper MCSE and you're gold. (Admittedly, they're probably harder to find than decent Linux admins, but they do exist.)
I was just going for the short and sweet...the summary alone should've been clue enough it wasn't ComEd.
Actually, the engineering of the pyramids is still surprising us; not only was the construction of the pyramid incredible, but the actual quarrying and shaping of the stones is still unsurpassed. Sheets of paper won't fit through the gaps between blocks, and there's no mortar.
Attempting to build a duplicate pyramid today would still be a massive undertaking that would take years; hardly a trivial task.
Maybe if they did it well, it might pay off. Windows XP is ancient. For a release, it is very old. They missed on the upgrade the OS thing poorly with Vista. Many are moving on to Apple or Linux instead.
Silly question, but why upgrade all the time anyway? If something works, why replace it? What's going to come out that will magically increase productivity?
Based on what I read, there was no warrant involved. At least, not mentioned.
This just looks like a case of "Gimme your email!" and Hushmail bending over covering their ass and going "Here! Here! Don't sodomize me, bro!"
No, it's Con Ed for Consolidated Edison.
Idiot.
First, Verizon would have to offer service comparable to Vonage...
Does this mean Bronfman is going to roll out a huge 'Mission Accomplished' banner over Warner Music HQ?...
As lawsuits have shown, actual technical knowledge seems to be disregarded.
Frankly, if they're advertising 1.5M, I should see 1.5M. Not 256, not 512, not 56, and not 1.4. This is false advertising. If they have bandwidth problems, they should Advertize What They Have. This reminds me a lot of the EPA Estimated Mileage fiasco where they had to retune the numbers. Tell people what they get in REALITY. I'd rather have a guarenteed 256K than a 256K masquerading as a 1.5M
I doubt 3'll happen without 4b happening first...
Vuze is correct in thinking that protocols and the Internet connections as a whole shouldn't be throttled, in theory, however in practice ISPs are limited in how much available bandwidth they have.
This practice is countered by the ISP's willingness to advertize bandwidth WELL in excess of what they have. Perhaps ISPs should just use real numbers, not mythical ones some marketing genius picked out of a hat.
It's the same with airlines and overbooking. It should just be illegal to sell more than you can reasonably provide.
Yes, there'll always be a special place in Blizzard's heart for #9,299,987.
I also hope this isn't foreshadowing another post when they hit 9.4M...
Yea, they call it malware usually. (That or crap.)
And all Sony did was install a program on their music CDs that ensured someone had a legit copy of the CD (copyright infringement is a HUGE problem with IP).
(waves magic wand) Reducto ad absurdum!
Out of curiosity, how would you go about detecting keyloggers and/or bots without reading the registry?
Active processes?
It might be difficult to believe, but you CAN run programs in Windows without having it put stuff in the registry, so even searching the registry could be a dead end anyway.
What about if a CRT uses less power than my new HDTV of similar size?
That'd be one sweet bit of CRT technology.
Clears up a lot. Knew it was a one sided argument, but why they'd use it and what impacts it had I was drawing a complete blank on. Concur on #2...if the recordholders knew they were going to have a lawsuit associated with them in the future they'd keep it otherwise risk getting hit with destroying evidence.
Point #1 sounds like they want the John Does found liable before they're even named. Am I close on that?
great plan kid, try explaining to the tens of thousands working in the music industry how they tell the mortgage provider that "my business plan is not to earn money".
You did tell this to the blue collar assembly line workers of America, who get laid off in droves because of cheaper labor costs outside of the country, right? Closed factories and all that.
Why should white collar workers be coddled?
If corporate America gets to screw over the middle class without any repercussions, it's about time they got a taste of their own medicine! Vive la revolution!