who knows. While I dont really like them, or at least dont really like their software at all, I do freely admit that without them we would probably not be as far as we are now.
For good or ill, Microsoft is what made PCs household items. Well, MS and falling hardware prices, but still, MS made it easy for Joe Average to use computers in the home, and the falling hardware prices made purchasing one or more for the home attractive.
Also, Linux, as it is today would probably not exist without MS. Without the feverent hatred of all things MS that the OSS zealots have, AND most linux geeks at least have some disdain for MS, development would not have proceeded as quickly, IMO, simply because there would have been no real common enemy.
Because of MS, the common enemy, developers, especially developers who dont particularly care for MS, worked harder than they otherwise may have on the kernel and other projects.
Flame if you wish, but its honest. No good thing arrises without struggle and strife and an opponent. Thanks to MS being the way that it is, we all have a common enemy, and have focus. I dare say that without that, we would not have that focus, and Linux would still be a hobbyist project OS, instead of the incredibly stable, world class enterprise OS that it is today.
Ummm... I had the same problem at an ISP I worked as the SA. (RE: cgi and php scripts). We had a very easy solution to that problem that was inplemented after the second time we ended up on AOL's blacklist due to a spammer getting ahold of an open formail.cgi script.
A simple cron job to parse all user website directories for formail.cgi and formail.php scripts which then rm -f'd the offending script, and logged which web site contained the script.
We would then send an email to all the customers caught by the script, tell them that we had removed formail.cgi (or the php scrip), pointed them to the TOS, and to the policy page that very clearly stated that we will allow cgi's and scripts on customer sites, BUT formail and related scripts are strictly forbidden and will be immediately deleted on discovery.
That all came about because I got tired of tracking down rogue scripts and removing them. At first we caught about 20 a month, and eventually it got down to about 1 or 2 a month once people realized they could not do that.
If customers really needed some way to send mail directly from their site, they were pointed to our web developer who would help them in putting up a secure mail script that would not be easily taken over by a spammer scanning for formail.cgi.
Thank God... I was beginning to have severe withdrawl symptoms without my regular dose of SCO silliness. I can now breathe easy and stop gouging long furrows in my arms.
Not exactly. When broadcast radio first came into being, it was hella expensive. The arguement WAS put forth that listeners getting it for free would not buy records, BUT there is one glaring difference.
If I listened to radio in the 20's I would really have had no way to record the broadcast unless I was hella rich, and very technically astute (very few people had the ability to actually make recordings back then).
But now, I can take that mp3 and hand it off to millions of other people.
The only way that could be done back then, woudl be for you to take your radio (which was usually NOT a trivial thing as most radios were as big as the average television today (heavy and in a big wooden cabinet) and play said radio for a large group of people.
In other words, the arguement back then was that if people could hear it on the radio for free, they wouldnt buy records (that was proven wrong.) The arguement today is that if people can download a digital copy of a song of album they not only wont buy records, but their friends wont either because the digital copy can be passed along ad infinitum.
Please note that I do NOT believe in either of these arguements. CD sales are down because A: most new music that people hear about is crap, B: it is damn hard in some cases to find the good artists, and C: we all KNOW how much a blank CD costs. AND we all know how much a burner costs. So why in the hell would we pay 15-22 dollars for a CD, when we could make one of our own for as little as 2.50 (figuring in cost of burner and media and bandwidth).
If the record companies would pull their heads out of their asses, drop the prices in CDs to a more realistic level instead of the massive markup they sell them at, and start innovating again (i.e. NEW music, not same music by new artists) they may well see actual sales growth, not growth triggered by the economy.
Simply stated, the best CDs I have ever bought came from indy lables and the artists themselves (Selling their own CDs at shows, on the net, etc).
I cant even remember the last time I bought a CD from a major lable.
We had that once. It was called linuxconf. And it really really sucked. In fact, when I was providing linux end user support, one of the first questions I asked users was: "Have you used linuxconf?" and if so, the first suggestion was always rpm -e linuxconf.
YaST is a LOT better than linuxconf was or ever will be, BUT it still has some issues to work out. However this can only be a good thing, because now, there should be a LOT more people looking at YaST and working on fixes and features.
The problem I see is this: There are no real standards. Red Hat starts services one way. SuSE another. Debian yet another, and so on and so on.
They sometimes put things in different locations (/lib v/usr/lib) and sometimes do things completely different.
I realize that each distro HAS to provide some difference, or some sort of value-add to survive. Traditionally, its been support for peripherals, better filesystems, support for more processors/ram and package management. Debian has.deb, Red Hat has rpm, and so on.
Those are fine, but until all the major distros focus on standardization, at least at the base kernel and filesystem level, Linux will not succeed like it most definitely could. That is why you can go to rpmfind and find the same program compiled for 4 different distros... more in some cases. There are kernel differences, compiler differences, and more that all conspire to keep each distro at the "just different enough" level to prevend such things from functioning.
Personally, I would like to see all the major distros (the smaller ones would probably follow suit on thier own pace) settle on ONE kernel version per release. ONE GCC version, ONE library version; you get the drift.
After that, everything else is a value add, and can be what makes one distro more appropriate than another for a given use. But at least at that point, you will be able to use binaries from one distro on another without having to worry if 2.4.21 in Red Hat is really 2.4.21, or is it 2.4.18-lots_of_patches_and_Red_Hat_tweaks.
Such reactions could include: -Getting the infringing code removed and hope it hasn't spread everywhere; and/or
Not likely to happen once code is leaked... see NT4 and Win2K code leaks, DeCSS code on the net, and many other examples. it IS theoretically possible to contain a code leak, IMO, but not very likely to happen, especially with OSS. Too many people passing it around to adequately contain it.
Trying to do so, would be like the end of Jay and Silent Bob Strike Back, where the duo burn up all their movie royalties flying all over the world trying to track down the people who said bad things about them on an internet chat board. -Suing the project, the employee, any user for damages; and/or
You said that this would attract the ire of the/. crowd. I disagree. Personally, while I think there are some nimrods who read and reply to/. articles, the vast majority are intelligent, thoughtful, and not as bad as you would make them seem.
This example is all situational. If the company were a closed source company (like MS for instance) and an employee who happened to also be an OSS coder used company IP in one of his/her OSS projects, or submitted it to a different project, then I would A: completely expect the company to fire the employee and even sue him/her for damages and B: expect them to go after the project itself for IP violations, but I would also at least HOPE that the two parties, or court would work it out so that the offending IP were removed from previous and subsequent versions of the software.
Now, were this company to start giving its code away (a la SCO/Caldera and Caldera Linux), and then about face and begin suing the same people that they were previously giving software to under the GPL, I would at least hope that the courts would realize that the company has no leg to stand on. Example... if I were a chef, and I published my prized cookie recipe in the New York Times for all the world, I would be laughed out of court if my cookie turned up in someone elses restaurant...Unless, of course, I stipulated in the NYT article that the use of said recipe was for personal, in-home use only, and NOT to be used in any commercial setting unless authorized by myself. -Taking it and moving on
probably the best move, but they do at least need to go after the person who leaked the code. Otherwise, the company would be simply saying "Steal my code, I wont do anything about it"... same priciple, in abstract at least, that is behind trademark enforcement.
Hey now... dont you DARE insult the beloved Information Minister like that! There are some things even HE would not support.
I was actually more reminded, after reading Darl's paranoid blatherings, of the character William Shatner played in the Twilight Zone episode about the gremlin that was tearing his plane apart.
You see... they're all... out to get... me... I must carry... a gun... and hire goons... to protect me... Those Open... Source... people... they're everywhere!... They are... listening in on my... phone conversations... and slash... dotting... my company's... website!
Does anyone have transcripts of the conference call up yet? or at least highlights and a review? I cant call in from work, unfortunately, but am very interested in what was said, especially in the Q/A portion.
I used to work for Autozone, and I can tell you that they used to run UNIX for all of their parts lookup terminals, and they switched to LINUX. And I can almost guarantee you that code that they wrote in-house (under UNIX, that probably used some of SCO's code) was copied over to the LINUX operating system.
Because you follow up with this: And I'm torn, because I hate SCO for this lawsuit stuff, but being a former (and still disgruntled, after 5 years) employee of AutoZone, I'm not sure who I want to lose.
Now, if you ceased to be an employee of AutoZone 5 years ago, and the Linux migration didnt START until only 4 years ago (Accroding to Red Hat) How exactly can you almost guarantee anything?
Just a sticking point, I know, but we have already seen commnentary from the guy who STARTED the Migration at AutoZone and from the guy who came in as he was leaving and helped complete the Migration at Autozone (admittedly it was posted anonymously) and neither account confirms what you are saying here...
so I am left to infer that you are A: as you said, a disgruntled ex-employee who just cant let it go, or B: someone with legit information but no proof other than "I said vs He Said", or C: someone with a story that has as many holes in it as SCOs entire fullisade of lawsuits.
Its a shame to see someone kneel before Zod... errr... Darl... but in all honesty can you blame them?
Yes it DOES look a little shady. Yes, they are listed as one of the top Windows 2003 hosting companies on Netcraft. Yes they do provide dedicated hosting on RHEL and FreeBSD boxen...
Whether or not SCO has a legal leg to stand on is besides the point. So far NO ONE has managed to get a court to set aside litigation pending the outcome of Red Hat v SCO and SCO v IBM. If I were running a company with a clamed 20,000+ (soon to be over 30,000) servers, I would also look to see what I could to do minimize litigation.
On the one hand, yes, they could just tell SCO to piss off, and spend the next few years in expensive litigation. On the other hand, they could pay a bit now, and get a written guarantee from SCO to not sue. From a business stand point, I would take the easier route every time (which is why most companies choose to settle out of court without going through long and protracted legal battles).
Keep in mind, this is all IMHO, as I host through someone else entirely and have no direct experience with EV1/RackShack as a company. Just my opinion which could be made to fit any company that may buy one of SCO's protection racket schemes.
Then again, here is yet another Linux based, not terribly expensive, and decent webhost: www.webgnostics.com
What made the WTC destruction a threat to Liberty was that it scared the shit out of people in a way that they couldn't be soothed to ignore. Something that could reawaken their normal instinct to stock up on canned food, stay home this vacation and maybe put off buying that 42-inch TV for a while, because You Never Know.
Actually, the difference is that in the examples you mentioned, there is a level of choice. Choice == liberty and freedom to make that choice == liberty, and $OTHER_THINGS==liberty.
The people who died in the WTC and Pentagon didnt choose to have fully fueled aircraft flown into their buildings.
People who smoke (and I do smoke) made a choice to smoke. If we die because of smoking related illness, it was because we CHOSE to smoke.
If I get fat and die of a heart attack from all the artery hardening goodness of a fast food burger, it was my CHOICE to eat at McD's or BK instead of having something more healthy to eat.
No one forced me to eat the burger and fries, adn no one forced me to smoke.
Same with the alcohol. The only correlation you can make with alcohol consumption is that there ARE innocent victims in alcohol related accidents. BUT, conversely, the people who are responsible for the wrecks do pay the price (admittedly, thanks to lawyers being a dime a dozen, most DUIs get off with little more than a slap on the wrist).
Liberty means easy access to lots of shiny new stuff, and gracious companies willing to let you get in debt to them for the rest of your life, so you can't afford to quit your job.
Actually, this says different: liberty ( P ) Pronunciation Key (lbr-t) n. pl. liberties
1.
A. The condition of being free from restriction or control.
B. The right and power to act, believe, or express oneself in a manner of one's own choosing.
C. The condition of being physically and legally free from confinement, servitude, or forced labor. See Synonyms at freedom. 2. Freedom from unjust or undue governmental control. 3. A right or immunity to engage in certain actions without control or interference: the liberties protected by the Bill of Rights.
That all really depends on the frequency, atmospheric conditions, radio and antenna setup, and the mode of transmission.
For example, on a small kitbashed rig I built, I get a measured output of about 190mW (milliwatts). With that radio and using CW (morse code) I can communicate from North Carolina into Europe and South America.
Using FM Voice, my 75 watt radio on the 2 meter band can barely get better than 150 miles on a good day. Some days I have trouble getting a good signal out farther than 80 miles.
My QRP (low power) HF rig puts out a max of 4.5 watts measured. setting it to 2.5 watts, I can, using Single Side Band voice, talk to South America, Central America, most of the US and Canada, but only using a particular antenna. Switching to a simple random wire antenna and tuner drastically reduces the distance I can be heard.
My dipole gets a bit farther out at 2.5 watts, but my portable HF antenna with the various loading coils has had a maximum range so far of about 1600 miles or so...
heh...to get back on topic, my favorite is searching for names. I searched for my name and found that I was either an Oracle guy, a sexologist, or a musician.
Okay, so you say you are valuable during emergency situations, but if the power was out, then there would be no interference with your signals. So you could still be used during emergencies.
This has been covered at nauseum and good examples were pointed out. Fact of the matter is, HAMs, since you mentioned them, are all voluntary. If I cant use my new HF radio when I want to, I certainly am NOT going to shell out several hundred bucks for it, which means I wont be able to call the (insert emergency agency here) to come save your ass when (insert disaster here) happens. Next is that we currently are implementing push-to-talk over GSM and CDMA that would easily remove the need for the emergency bands already used. Same applies as above, when the power it down, your radios will work again.
Really? I was under the impression that those require such things as an infrastructure. so, what good is your PTT going to do when the towers come down due to tornadoes or a major hurricaine?
What if the power is down for several weeks? those towers that pass the messages along dont power themselves...
GSM and such are nice tech, but not 100% reliable. I, however, can take a small simple tranciever, powered by a single 9v battery, and talk across the country for a month. (well, maybe only about 2-3 weeks before a battery change).
There are environmental advantages to this in that we can have less cables stretched all over the US saving in wire costs and insulation materials.
And far more environmental advantage in replacing the existing cable/telephone system with fiber. Then you can get all the phone/broadband/televisions you want, all delivered over a single line.
Lets just accept that we are going to have to step on toes to make this happen.
Sure... but why step on the wrong toes? There are far better ways to bring broadband to rural areas than PLC/BPL. Hell, with the pervasiveness of cell phones now, you could cover a LOT just by placing WAPs on existing cell towers.
How much are you valuing your ability to use a radio over the ability of a rural community to have Internet access for their children, education, and entertainment?
Well, oddly enough, it is EXACTLY those rural communities, that often do NOT have much in the way of emergency equipment/supplies, do not have much in the way of trained emergency response personnel, and do not have much in the way of any sort of emergency communications system that NEED things like HF communications. There were very large portions of NC in 2002 that relied SOLELY on HAM operators for all their communications. In fact, in many cases, HAMs were the police/fire/ems comms, plus comms to emergency shelters, supply depots, and liason between civilian and military units.
Oh well, there are more important things to worry about, I guess... because everyone deserves streaming pr0n.
Not necessarily. phone line != DSL availability. DSL is only useful/available if you are within something like 15000 feet of the CO. beyond that, the signal is weak and unstable, and even so the bandwidth that far out is not worth the effort.
Where I live, there is no such thing as DSL, nor Cable broadband. Hell, I cant even get an ISDN line because the equipment where I am is not set up to support it. (at least thats what the phone company has told me after repeated attempts to get one installed)
Now, on the one hand BPL could theoretically bring that to my house, or as one way goes, at least close enough to my house that a WAP can get the bandwidth the rest of the way to my LAN. BUT on the other hand, in the US at least, it is still in the bare testing stages, AND is NOT a licensed device.
As an amateur radio operator, I have been following this closely. The FCC rules do NOT make any part 15 changes, and in fact order BPL providers to provide a quickly searchable index of all equipment, AND provide ways to shut segments down remotely, AND to immediately cut the BPL signal off should someone on a licensed frequency complain.
So, lets say this rolls out, and I as an FCC licensed radio operator attempt to contact someone on a freq below 30MHz, but instead get nothing but RFI from the currently operating BPL system in my area. In that case, according to the FCC proposed rules, the BPL provider would have to ceace any and all BPL transmissions upon my notifying them of interference, until such time as they can fix the issue and eliminate the RFI. And that doesnt have to come from an Amateur Radio op either.
The local police use VHF here, but they also share HF freqs for paging and local comms with the Fire/EMS depts. not to mention the HF freqs licensed to FEMA and other emergency agencies.
Honestly, where I am, the only viable broadband would be satellite, but the latency on a bidirectional satellite connection would prevent me from playing games...;) and besides, its too expensive.
Ya need to keep in mind that the majority of people MAY live in or around major cities, but BPL is not meant for that use... it was meant as a cheap means of getting broadband out to RURAL areas where the popluation is not as concentrated. The tests are in major cities because of convenience, and in part because the power companies are hoping that by running it on underground cables, they can make a case that there is no real RFI issue.
But in any case, the FCC has made a proposal for rulemaking, it is still open to discussion/review/input from the public (or will be soon) and there is still a lot of discussion before anything becomes concrete.
Ahhh... thanks for the info... that makes it a whole lot clearer actually. I had the image in my mind of a data warehouse full of racks of 1Us churning away;) Anyway, that fills in a lot of the gaps for me. I dont really follow script kiddies that much... got too many other things to do, and besides there are far better security people out there than I whose jobs are to monitor things like that and pass the important info along to lazy admins like me who just want to hurry the damn update up and get back to UT...;) (For those who take/. posts too seriously... that last bit was a joke)
Perhaps someone can clarify this for me... the article/letter seems to point to the FBI seizing CIT's entire data center... Now, as big as they seem, I am sure they have more than just one hosting customer, and more than one IRC server... so did the feds just take the IRC servers, or the hosting servers too?
The reason I question this is the legality of seizing an entire data center like this. For example... lets say CIT had 10 web servers and one IRC server. On those 10 web servers there are 5000 web hosting customers. Now, the feds want to track ONE user out of 5000 hosting customers, and God knows how many IRC users on the one IRC server, but instead take all 11 machines. So they have, in effect, seized the IP of 5000 innocent people to get the effects of only one.
This to me, seems akin to having the FBI sieze property from every house in a subdivision to get evidence on only one resident.
Given the state of IP law in the US, and how thanks to things like the DMCA and other legislation, IP is being treated like a tangible, wouldnt the FBI have to A: justify seizing the IP of all those customers, and B: be answerable to legal or civil suits regarding lost revenues? What about lost data?
Like so many of you out in the world of IS/IT, I too started in the 2nd layer of hell, Technical Support.
The problem, in my experience, and highlighted in this article, is the corporate love of outsourcing. Using my own experience as example, I started some years ago working for a particular linux based company doing tech support. At the time I started, the in-house support people handled phone support for corporate customers, and web-based support for non-corporate customers (i.e. those who didnt pay for a specific contract). The phone support was handled by an outsource "Partner" who had call centers on both coasts.
When I first started, the level of customer satisfaction for support was abyssmal. Being the "in house experts" we were drafted to monitor calls and offer critique to the outsource company. In the end, nothing we could do worked, and their treatment of our customers was so bad, we finally dropped them like a bad habit, and brought all support in-house.
Now, flash forward a year later, and the dirty word is mentioned again. So, in a nutshell, after the team I was on turned support completely around, from a low 30% satisfaction rate to nearly 95%, they turn around and ship our jobs off to another oursource company in a different country, and we were mostly out of jobs.
And same thing happened. Customer satisfaction fell through the floor.
So, the moral of this story is: outsourcing something that is customer facing like Support is a Bad Thing[tm]. Like the article stated, oursource techs dont really care one way or another (or those that do care are quickly replaced with ones who dont) and the company is just out for low call times and high volume. Techs who are actually employed by the company they represent are much better workers, and provide much better support to customers. Why? because for the most part, outsource techs are just hired guns who could care less about the company whose calls they are taking, while in-house techs have a certain pride in their work, knowing that when they look good, the company looks good, stays in business, gives chance for promotion, etc etc...
And again, thats just from my personal experience on both sides of the fence.
No... do you? But think about it this way. Even if the UN ambassadors are not as well paid (and their salaries do come from their respective countries) as the "average politician" in their countries, you can rest assured that they ARE paid much much more than the "average citizen" that they claim to represent. Such is the same with any politician. Pols are ALWAYS paid more than they are worth, and always make far more than the people they represent.
Being flown around by MS is a big perk for these people. And I bet the MS PR folk really know how to perk up a lowley UN grunts ego to boot...
I doubt it. UN officials (or at least the ones that sit on committees like this) dont fly business class. And first class tickets cost the same no matter who is paying for it.
NOW, if MS was flying them around on their own fleet of private Jets, that is something else entirely. And besides, the lowley UN grunt doesnt sit in committee in the UN building collecting checks from multinationals... the lowley UN grunt is on the ground in Kenya, or Bosnia, or Iraq, or somewhere like that, handing out rice, giving innoculations to children and other such things. Often for months at a time, in some of the worst imaginable conditions.
The ones who sit in committee would never even set foot in most countries they claim to be looking out for, unless it was for a chauffered ride to the presidential mansion, or palace of whatever country it is...
And even the ones who are high up the food chain, who DO happen to get their hands dirty every so often do so under far more security and protection than even common diplomats get.
I imagine that they are getting far more than a couple plane rides and a hotel room...
Subsequent investigation has shown this was not the result of any breach of Microsoft's corporate network or internal security, nor is it related to Microsoft's Shared Source Initiative or its Government Security Program, which enable our customers and partners, as well as governments, to legally access Microsoft source code.
Now, I may be reading this wrong, but if it wasnt due to any sort of breach of Microsoft's corporate network, and no one walked out of Redmond with a cd (internal security breach) and did not come from any Shared Source members, and didnt come from any Government Security Program members (which includes MS customers, partners and governments) then where exactly did it come from?
I could be mistaken, but I was under the impression that the Windows source code was not available to anyone outside of a few select groups... I mean, it had to come from SOMEWHERE, and this statement looks like they are saying tha it came from some mysterious source...
Maybe someone copied it via video camera a la Antitrust.
You know, there was, at one time, a long running joke about Microsoft tech support. The answer to any problem, according to MS support (and I heard this directly from them on more than a few occasions) was "We suggest you reboot to fix this problem" OR, Shut up and re-install.
And now, here is the "Chief Security Strategist" for MS saying (regarding the monoculture analogy) "Another difference: computers can be unplugged from the network and rebooted; organisms cannot."
So, is he really implying (God I hope not) that most exploits can be solved by unplugging the computer from the network and rebooting???
I hope not, and maybe its just the way the AP story was written, but it sure sounds like a dismissal of most of the Windows security flaws.
I have seen some pretty funny comments on this story, and some pretty interesting ones as well. Reading this story made me really wonder about some things.
If this problem is as pervasive as it seems, exactly WHAT components are effected? I mean, think about this, how many of these plastics have found their way into things like Ventilators, internal defibrillators, external defibrillators like the LifePak series that is so prevalant on ambulances and in hospitals world wide?
What about the machines that control your money in the bank (if you use such a thing as quaint as a bank;) )
Vehicle computers? or even... ACK, my PS2 and GameCube?!?!?!?
Anyway, beyond hard disk controllers, I got the idea that there were a lot of different ICs effected here, which could explain a lot of problems, and could cause some pretty bad problems as well.
Like so many others, I too replied to the BBC article that has riled us "internet zealots" up. I wont post that letter here... too many others have so far, and mine would simply be a rehash of things that we have all thought or written at this point...
What I DO want to point out tho, is that that one point I made in my letter was the irony of Evans' story calling the OSS community a bunch of "run-of-the-mill geeks" and "internet zealouts" out for vengeance while that same story is hosted on servers running almost exclusively Linux and Apache.
Slashdot Mirror
who knows. While I dont really like them, or at least dont really like their software at all, I do freely admit that without them we would probably not be as far as we are now.
For good or ill, Microsoft is what made PCs household items. Well, MS and falling hardware prices, but still, MS made it easy for Joe Average to use computers in the home, and the falling hardware prices made purchasing one or more for the home attractive.
Also, Linux, as it is today would probably not exist without MS. Without the feverent hatred of all things MS that the OSS zealots have, AND most linux geeks at least have some disdain for MS, development would not have proceeded as quickly, IMO, simply because there would have been no real common enemy.
Because of MS, the common enemy, developers, especially developers who dont particularly care for MS, worked harder than they otherwise may have on the kernel and other projects.
Flame if you wish, but its honest. No good thing arrises without struggle and strife and an opponent. Thanks to MS being the way that it is, we all have a common enemy, and have focus. I dare say that without that, we would not have that focus, and Linux would still be a hobbyist project OS, instead of the incredibly stable, world class enterprise OS that it is today.
wtf? i think everyone knows that he dies in the end.
WTF? He DIES? Thanks a lot you insensitive clod! Now you have ruined the whole movie for me!
Ummm... I had the same problem at an ISP I worked as the SA. (RE: cgi and php scripts). We had a very easy solution to that problem that was inplemented after the second time we ended up on AOL's blacklist due to a spammer getting ahold of an open formail.cgi script.
A simple cron job to parse all user website directories for formail.cgi and formail.php scripts which then rm -f'd the offending script, and logged which web site contained the script.
We would then send an email to all the customers caught by the script, tell them that we had removed formail.cgi (or the php scrip), pointed them to the TOS, and to the policy page that very clearly stated that we will allow cgi's and scripts on customer sites, BUT formail and related scripts are strictly forbidden and will be immediately deleted on discovery.
That all came about because I got tired of tracking down rogue scripts and removing them. At first we caught about 20 a month, and eventually it got down to about 1 or 2 a month once people realized they could not do that.
If customers really needed some way to send mail directly from their site, they were pointed to our web developer who would help them in putting up a secure mail script that would not be easily taken over by a spammer scanning for formail.cgi.
Thank God... I was beginning to have severe withdrawl symptoms without my regular dose of SCO silliness. I can now breathe easy and stop gouging long furrows in my arms.
Ok... how long before this is embraced and extended by the makers of find interactive pr0n?
Not exactly. When broadcast radio first came into being, it was hella expensive. The arguement WAS put forth that listeners getting it for free would not buy records, BUT there is one glaring difference.
If I listened to radio in the 20's I would really have had no way to record the broadcast unless I was hella rich, and very technically astute (very few people had the ability to actually make recordings back then).
But now, I can take that mp3 and hand it off to millions of other people.
The only way that could be done back then, woudl be for you to take your radio (which was usually NOT a trivial thing as most radios were as big as the average television today (heavy and in a big wooden cabinet) and play said radio for a large group of people.
In other words, the arguement back then was that if people could hear it on the radio for free, they wouldnt buy records (that was proven wrong.)
The arguement today is that if people can download a digital copy of a song of album they not only wont buy records, but their friends wont either because the digital copy can be passed along ad infinitum.
Please note that I do NOT believe in either of these arguements. CD sales are down because A: most new music that people hear about is crap, B: it is damn hard in some cases to find the good artists, and C: we all KNOW how much a blank CD costs. AND we all know how much a burner costs. So why in the hell would we pay 15-22 dollars for a CD, when we could make one of our own for as little as 2.50 (figuring in cost of burner and media and bandwidth).
If the record companies would pull their heads out of their asses, drop the prices in CDs to a more realistic level instead of the massive markup they sell them at, and start innovating again (i.e. NEW music, not same music by new artists) they may well see actual sales growth, not growth triggered by the economy.
Simply stated, the best CDs I have ever bought came from indy lables and the artists themselves (Selling their own CDs at shows, on the net, etc).
I cant even remember the last time I bought a CD from a major lable.
We had that once. It was called linuxconf. And it really really sucked. In fact, when I was providing linux end user support, one of the first questions I asked users was: "Have you used linuxconf?" and if so, the first suggestion was always rpm -e linuxconf.
/usr/lib) and sometimes do things completely different.
.deb, Red Hat has rpm, and so on.
YaST is a LOT better than linuxconf was or ever will be, BUT it still has some issues to work out. However this can only be a good thing, because now, there should be a LOT more people looking at YaST and working on fixes and features.
The problem I see is this: There are no real standards. Red Hat starts services one way. SuSE another. Debian yet another, and so on and so on.
They sometimes put things in different locations (/lib v
I realize that each distro HAS to provide some difference, or some sort of value-add to survive. Traditionally, its been support for peripherals, better filesystems, support for more processors/ram and package management. Debian has
Those are fine, but until all the major distros focus on standardization, at least at the base kernel and filesystem level, Linux will not succeed like it most definitely could. That is why you can go to rpmfind and find the same program compiled for 4 different distros... more in some cases. There are kernel differences, compiler differences, and more that all conspire to keep each distro at the "just different enough" level to prevend such things from functioning.
Personally, I would like to see all the major distros (the smaller ones would probably follow suit on thier own pace) settle on ONE kernel version per release. ONE GCC version, ONE library version; you get the drift.
After that, everything else is a value add, and can be what makes one distro more appropriate than another for a given use. But at least at that point, you will be able to use binaries from one distro on another without having to worry if 2.4.21 in Red Hat is really 2.4.21, or is it 2.4.18-lots_of_patches_and_Red_Hat_tweaks.
Such reactions could include:
-Getting the infringing code removed and hope it hasn't spread everywhere; and/or
Not likely to happen once code is leaked... see NT4 and Win2K code leaks, DeCSS code on the net, and many other examples. it IS theoretically possible to contain a code leak, IMO, but not very likely to happen, especially with OSS. Too many people passing it around to adequately contain it.
Trying to do so, would be like the end of Jay and Silent Bob Strike Back, where the duo burn up all their movie royalties flying all over the world trying to track down the people who said bad things about them on an internet chat board.
-Suing the project, the employee, any user for damages; and/or
You said that this would attract the ire of the
This example is all situational. If the company were a closed source company (like MS for instance) and an employee who happened to also be an OSS coder used company IP in one of his/her OSS projects, or submitted it to a different project, then I would A: completely expect the company to fire the employee and even sue him/her for damages and B: expect them to go after the project itself for IP violations, but I would also at least HOPE that the two parties, or court would work it out so that the offending IP were removed from previous and subsequent versions of the software.
Now, were this company to start giving its code away (a la SCO/Caldera and Caldera Linux), and then about face and begin suing the same people that they were previously giving software to under the GPL, I would at least hope that the courts would realize that the company has no leg to stand on. Example... if I were a chef, and I published my prized cookie recipe in the New York Times for all the world, I would be laughed out of court if my cookie turned up in someone elses restaurant...Unless, of course, I stipulated in the NYT article that the use of said recipe was for personal, in-home use only, and NOT to be used in any commercial setting unless authorized by myself.
-Taking it and moving on
probably the best move, but they do at least need to go after the person who leaked the code. Otherwise, the company would be simply saying "Steal my code, I wont do anything about it"... same priciple, in abstract at least, that is behind trademark enforcement.
Hey now... dont you DARE insult the beloved Information Minister like that! There are some things even HE would not support.
... they're all ... out to get ... me ... I must carry ... a gun ... and hire goons ... to protect me ... Those Open ... Source ... people ... they're everywhere! ... They are ... listening in on my ... phone conversations ... and slash ... dotting ... my company's ... website!
I was actually more reminded, after reading Darl's paranoid blatherings, of the character William Shatner played in the Twilight Zone episode about the gremlin that was tearing his plane apart.
You see
You will notice the guy's intelligent use of 'there' instead of 'their' in both those posts.
;)
You just described a lot of slashdot posters...
there grasp of english is teh suck this i say.
Does anyone have transcripts of the conference call up yet? or at least highlights and a review? I cant call in from work, unfortunately, but am very interested in what was said, especially in the Q/A portion.
I am just a little curious about your statement:
I used to work for Autozone, and I can tell you that they used to run UNIX for all of their parts lookup terminals, and they switched to LINUX. And I can almost guarantee you that code that they wrote in-house (under UNIX, that probably used some of SCO's code) was copied over to the LINUX operating system.
Because you follow up with this:
And I'm torn, because I hate SCO for this lawsuit stuff, but being a former (and still disgruntled, after 5 years) employee of AutoZone, I'm not sure who I want to lose.
Now, if you ceased to be an employee of AutoZone 5 years ago, and the Linux migration didnt START until only 4 years ago (Accroding to Red Hat) How exactly can you almost guarantee anything?
Just a sticking point, I know, but we have already seen commnentary from the guy who STARTED the Migration at AutoZone and from the guy who came in as he was leaving and helped complete the Migration at Autozone (admittedly it was posted anonymously) and neither account confirms what you are saying here...
so I am left to infer that you are A: as you said, a disgruntled ex-employee who just cant let it go, or B: someone with legit information but no proof other than "I said vs He Said", or C: someone with a story that has as many holes in it as SCOs entire fullisade of lawsuits.
Its a shame to see someone kneel before Zod... errr... Darl... but in all honesty can you blame them?
Yes it DOES look a little shady. Yes, they are listed as one of the top Windows 2003 hosting companies on Netcraft. Yes they do provide dedicated hosting on RHEL and FreeBSD boxen...
Whether or not SCO has a legal leg to stand on is besides the point. So far NO ONE has managed to get a court to set aside litigation pending the outcome of Red Hat v SCO and SCO v IBM. If I were running a company with a clamed 20,000+ (soon to be over 30,000) servers, I would also look to see what I could to do minimize litigation.
On the one hand, yes, they could just tell SCO to piss off, and spend the next few years in expensive litigation. On the other hand, they could pay a bit now, and get a written guarantee from SCO to not sue. From a business stand point, I would take the easier route every time (which is why most companies choose to settle out of court without going through long and protracted legal battles).
Keep in mind, this is all IMHO, as I host through someone else entirely and have no direct experience with EV1/RackShack as a company. Just my opinion which could be made to fit any company that may buy one of SCO's protection racket schemes.
Then again, here is yet another Linux based, not terribly expensive, and decent webhost:
www.webgnostics.com
Cheers
Jeff
What made the WTC destruction a threat to Liberty was that it scared the shit out of people in a way that they couldn't be soothed to ignore. Something that could reawaken their normal instinct to stock up on canned food, stay home this vacation and maybe put off buying that 42-inch TV for a while, because You Never Know.
Actually, the difference is that in the examples you mentioned, there is a level of choice. Choice == liberty and freedom to make that choice == liberty, and $OTHER_THINGS==liberty.
The people who died in the WTC and Pentagon didnt choose to have fully fueled aircraft flown into their buildings.
People who smoke (and I do smoke) made a choice to smoke. If we die because of smoking related illness, it was because we CHOSE to smoke.
If I get fat and die of a heart attack from all the artery hardening goodness of a fast food burger, it was my CHOICE to eat at McD's or BK instead of having something more healthy to eat.
No one forced me to eat the burger and fries, adn no one forced me to smoke.
Same with the alcohol. The only correlation you can make with alcohol consumption is that there ARE innocent victims in alcohol related accidents. BUT, conversely, the people who are responsible for the wrecks do pay the price (admittedly, thanks to lawyers being a dime a dozen, most DUIs get off with little more than a slap on the wrist).
Liberty means easy access to lots of shiny new stuff, and gracious companies willing to let you get in debt to them for the rest of your life, so you can't afford to quit your job.
Actually, this says different:
liberty ( P ) Pronunciation Key (lbr-t)
n. pl. liberties
1.
A. The condition of being free from restriction or control.
B. The right and power to act, believe, or express oneself in a manner of one's own choosing.
C. The condition of being physically and legally free from confinement, servitude, or forced labor. See Synonyms at freedom.
2. Freedom from unjust or undue governmental control.
3. A right or immunity to engage in certain actions without control or interference: the liberties protected by the Bill of Rights.
That all really depends on the frequency, atmospheric conditions, radio and antenna setup, and the mode of transmission.
For example, on a small kitbashed rig I built, I get a measured output of about 190mW (milliwatts). With that radio and using CW (morse code) I can communicate from North Carolina into Europe and South America.
Using FM Voice, my 75 watt radio on the 2 meter band can barely get better than 150 miles on a good day. Some days I have trouble getting a good signal out farther than 80 miles.
My QRP (low power) HF rig puts out a max of 4.5 watts measured. setting it to 2.5 watts, I can, using Single Side Band voice, talk to South America, Central America, most of the US and Canada, but only using a particular antenna. Switching to a simple random wire antenna and tuner drastically reduces the distance I can be heard.
My dipole gets a bit farther out at 2.5 watts, but my portable HF antenna with the various loading coils has had a maximum range so far of about 1600 miles or so...
heh...to get back on topic, my favorite is searching for names. I searched for my name and found that I was either an Oracle guy, a sexologist, or a musician.
Okay, so you say you are valuable during emergency situations, but if the power was out, then there would be no interference with your signals. So you could still be used during emergencies.
This has been covered at nauseum and good examples were pointed out. Fact of the matter is, HAMs, since you mentioned them, are all voluntary. If I cant use my new HF radio when I want to, I certainly am NOT going to shell out several hundred bucks for it, which means I wont be able to call the (insert emergency agency here) to come save your ass when (insert disaster here) happens.
Next is that we currently are implementing push-to-talk over GSM and CDMA that would easily remove the need for the emergency bands already used. Same applies as above, when the power it down, your radios will work again.
Really? I was under the impression that those require such things as an infrastructure. so, what good is your PTT going to do when the towers come down due to tornadoes or a major hurricaine?
What if the power is down for several weeks? those towers that pass the messages along dont power themselves...
GSM and such are nice tech, but not 100% reliable. I, however, can take a small simple tranciever, powered by a single 9v battery, and talk across the country for a month. (well, maybe only about 2-3 weeks before a battery change).
There are environmental advantages to this in that we can have less cables stretched all over the US saving in wire costs and insulation materials.
And far more environmental advantage in replacing the existing cable/telephone system with fiber. Then you can get all the phone/broadband/televisions you want, all delivered over a single line.
Lets just accept that we are going to have to step on toes to make this happen.
Sure... but why step on the wrong toes? There are far better ways to bring broadband to rural areas than PLC/BPL. Hell, with the pervasiveness of cell phones now, you could cover a LOT just by placing WAPs on existing cell towers.
How much are you valuing your ability to use a radio over the ability of a rural community to have Internet access for their children, education, and entertainment?
Well, oddly enough, it is EXACTLY those rural communities, that often do NOT have much in the way of emergency equipment/supplies, do not have much in the way of trained emergency response personnel, and do not have much in the way of any sort of emergency communications system that NEED things like HF communications. There were very large portions of NC in 2002 that relied SOLELY on HAM operators for all their communications. In fact, in many cases, HAMs were the police/fire/ems comms, plus comms to emergency shelters, supply depots, and liason between civilian and military units.
Oh well, there are more important things to worry about, I guess... because everyone deserves streaming pr0n.
Not necessarily. phone line != DSL availability. DSL is only useful/available if you are within something like 15000 feet of the CO. beyond that, the signal is weak and unstable, and even so the bandwidth that far out is not worth the effort.
;) and besides, its too expensive.
Where I live, there is no such thing as DSL, nor Cable broadband. Hell, I cant even get an ISDN line because the equipment where I am is not set up to support it. (at least thats what the phone company has told me after repeated attempts to get one installed)
Now, on the one hand BPL could theoretically bring that to my house, or as one way goes, at least close enough to my house that a WAP can get the bandwidth the rest of the way to my LAN. BUT on the other hand, in the US at least, it is still in the bare testing stages, AND is NOT a licensed device.
As an amateur radio operator, I have been following this closely. The FCC rules do NOT make any part 15 changes, and in fact order BPL providers to provide a quickly searchable index of all equipment, AND provide ways to shut segments down remotely, AND to immediately cut the BPL signal off should someone on a licensed frequency complain.
So, lets say this rolls out, and I as an FCC licensed radio operator attempt to contact someone on a freq below 30MHz, but instead get nothing but RFI from the currently operating BPL system in my area. In that case, according to the FCC proposed rules, the BPL provider would have to ceace any and all BPL transmissions upon my notifying them of interference, until such time as they can fix the issue and eliminate the RFI. And that doesnt have to come from an Amateur Radio op either.
The local police use VHF here, but they also share HF freqs for paging and local comms with the Fire/EMS depts. not to mention the HF freqs licensed to FEMA and other emergency agencies.
Honestly, where I am, the only viable broadband would be satellite, but the latency on a bidirectional satellite connection would prevent me from playing games...
Ya need to keep in mind that the majority of people MAY live in or around major cities, but BPL is not meant for that use... it was meant as a cheap means of getting broadband out to RURAL areas where the popluation is not as concentrated. The tests are in major cities because of convenience, and in part because the power companies are hoping that by running it on underground cables, they can make a case that there is no real RFI issue.
But in any case, the FCC has made a proposal for rulemaking, it is still open to discussion/review/input from the public (or will be soon) and there is still a lot of discussion before anything becomes concrete.
Ahhh... thanks for the info... that makes it a whole lot clearer actually. I had the image in my mind of a data warehouse full of racks of 1Us churning away ;) ;) /. posts too seriously... that last bit was a joke)
Anyway, that fills in a lot of the gaps for me. I dont really follow script kiddies that much... got too many other things to do, and besides there are far better security people out there than I whose jobs are to monitor things like that and pass the important info along to lazy admins like me who just want to hurry the damn update up and get back to UT...
(For those who take
Perhaps someone can clarify this for me... the article/letter seems to point to the FBI seizing CIT's entire data center... Now, as big as they seem, I am sure they have more than just one hosting customer, and more than one IRC server... so did the feds just take the IRC servers, or the hosting servers too?
The reason I question this is the legality of seizing an entire data center like this. For example... lets say CIT had 10 web servers and one IRC server. On those 10 web servers there are 5000 web hosting customers.
Now, the feds want to track ONE user out of 5000 hosting customers, and God knows how many IRC users on the one IRC server, but instead take all 11 machines. So they have, in effect, seized the IP of 5000 innocent people to get the effects of only one.
This to me, seems akin to having the FBI sieze property from every house in a subdivision to get evidence on only one resident.
Given the state of IP law in the US, and how thanks to things like the DMCA and other legislation, IP is being treated like a tangible, wouldnt the FBI have to A: justify seizing the IP of all those customers, and B: be answerable to legal or civil suits regarding lost revenues? What about lost data?
Like so many of you out in the world of IS/IT, I too started in the 2nd layer of hell, Technical Support.
The problem, in my experience, and highlighted in this article, is the corporate love of outsourcing. Using my own experience as example, I started some years ago working for a particular linux based company doing tech support. At the time I started, the in-house support people handled phone support for corporate customers, and web-based support for non-corporate customers (i.e. those who didnt pay for a specific contract). The phone support was handled by an outsource "Partner" who had call centers on both coasts.
When I first started, the level of customer satisfaction for support was abyssmal. Being the "in house experts" we were drafted to monitor calls and offer critique to the outsource company. In the end, nothing we could do worked, and their treatment of our customers was so bad, we finally dropped them like a bad habit, and brought all support in-house.
Now, flash forward a year later, and the dirty word is mentioned again. So, in a nutshell, after the team I was on turned support completely around, from a low 30% satisfaction rate to nearly 95%, they turn around and ship our jobs off to another oursource company in a different country, and we were mostly out of jobs.
And same thing happened. Customer satisfaction fell through the floor.
So, the moral of this story is: outsourcing something that is customer facing like Support is a Bad Thing[tm]. Like the article stated, oursource techs dont really care one way or another (or those that do care are quickly replaced with ones who dont) and the company is just out for low call times and high volume. Techs who are actually employed by the company they represent are much better workers, and provide much better support to customers. Why? because for the most part, outsource techs are just hired guns who could care less about the company whose calls they are taking, while in-house techs have a certain pride in their work, knowing that when they look good, the company looks good, stays in business, gives chance for promotion, etc etc...
And again, thats just from my personal experience on both sides of the fence.
Do you know how much these people earn?
No... do you? But think about it this way. Even if the UN ambassadors are not as well paid (and their salaries do come from their respective countries) as the "average politician" in their countries, you can rest assured that they ARE paid much much more than the "average citizen" that they claim to represent. Such is the same with any politician. Pols are ALWAYS paid more than they are worth, and always make far more than the people they represent.
Being flown around by MS is a big perk for these people. And I bet the MS PR folk really know how to perk up a lowley UN grunts ego to boot...
I doubt it. UN officials (or at least the ones that sit on committees like this) dont fly business class. And first class tickets cost the same no matter who is paying for it.
NOW, if MS was flying them around on their own fleet of private Jets, that is something else entirely. And besides, the lowley UN grunt doesnt sit in committee in the UN building collecting checks from multinationals... the lowley UN grunt is on the ground in Kenya, or Bosnia, or Iraq, or somewhere like that, handing out rice, giving innoculations to children and other such things. Often for months at a time, in some of the worst imaginable conditions.
The ones who sit in committee would never even set foot in most countries they claim to be looking out for, unless it was for a chauffered ride to the presidential mansion, or palace of whatever country it is...
And even the ones who are high up the food chain, who DO happen to get their hands dirty every so often do so under far more security and protection than even common diplomats get.
I imagine that they are getting far more than a couple plane rides and a hotel room...
From the statement at Microsoft's Web Site:
Subsequent investigation has shown this was not the result of any breach of Microsoft's corporate network or internal security, nor is it related to Microsoft's Shared Source Initiative or its Government Security Program, which enable our customers and partners, as well as governments, to legally access Microsoft source code.
Now, I may be reading this wrong, but if it wasnt due to any sort of breach of Microsoft's corporate network, and no one walked out of Redmond with a cd (internal security breach) and did not come from any Shared Source members, and didnt come from any Government Security Program members (which includes MS customers, partners and governments) then where exactly did it come from?
I could be mistaken, but I was under the impression that the Windows source code was not available to anyone outside of a few select groups... I mean, it had to come from SOMEWHERE, and this statement looks like they are saying tha it came from some mysterious source...
Maybe someone copied it via video camera a la Antitrust.
You know, there was, at one time, a long running joke about Microsoft tech support. The answer to any problem, according to MS support (and I heard this directly from them on more than a few occasions) was "We suggest you reboot to fix this problem" OR, Shut up and re-install.
And now, here is the "Chief Security Strategist" for MS saying (regarding the monoculture analogy) "Another difference: computers can be unplugged from the network and rebooted; organisms cannot."
So, is he really implying (God I hope not) that most exploits can be solved by unplugging the computer from the network and rebooting???
I hope not, and maybe its just the way the AP story was written, but it sure sounds like a dismissal of most of the Windows security flaws.
I have seen some pretty funny comments on this story, and some pretty interesting ones as well. Reading this story made me really wonder about some things.
;) )
If this problem is as pervasive as it seems, exactly WHAT components are effected? I mean, think about this, how many of these plastics have found their way into things like Ventilators, internal defibrillators, external defibrillators like the LifePak series that is so prevalant on ambulances and in hospitals world wide?
What about the machines that control your money in the bank (if you use such a thing as quaint as a bank
Vehicle computers? or even... ACK, my PS2 and GameCube?!?!?!?
Anyway, beyond hard disk controllers, I got the idea that there were a lot of different ICs effected here, which could explain a lot of problems, and could cause some pretty bad problems as well.
Like so many others, I too replied to the BBC article that has riled us "internet zealots" up. I wont post that letter here... too many others have so far, and mine would simply be a rehash of things that we have all thought or written at this point...
c .co.uk
What I DO want to point out tho, is that that one point I made in my letter was the irony of Evans' story calling the OSS community a bunch of "run-of-the-mill geeks" and "internet zealouts" out for vengeance while that same story is hosted on servers running almost exclusively Linux and Apache.
Heres the netcraft report on news.bbc.co.uk:
http://uptime.netcraft.com/up/graph/?host=news.bb