All I can do it laugh...
least I start to cry.
My government wants to stare at my privates without me knowing and your government wants to prevent perfectly good privates from being stared at.
217 posts • joined 10 Feb 2012
least I start to cry.
My government wants to stare at my privates without me knowing and your government wants to prevent perfectly good privates from being stared at.
Yes, why did we spend the last two decades trying to get out of vendor lock in, when we should just be locking ourselves in.
I think you'll find that companies aren't building their own data centers. Their renting space (either physical or virtual) in data centers operated by third parties. Their quality can vary but I guarantee if you're in a sector where this matters, there are plenty of options.
I don't see why I'd move an entire infrastructure from one data center to another, especially if I am a large enough customer to get lucrative deals with the third party.
I love how you think that innovation has somehow been impeded, The standards, protocols, and technology for doing this has been around FOREVER, in fact a form of this is being done, at large corporations everywhere. The real question is will the use a service like MS/Google (cause what your really getting at is SSO) or "likely the case" will there still be a mix of services just your AD instance may or may not be in the cloud.
This is dumb. News companies (and any sane website) are likely saving tons of money by designed SEO websites to take advantage of Google Indexing and not spending it on advertising their website articles 24/7.
Won't the more sensible thing be to limit the summary piece? If I can get all the content I want from readying a summary than your content is shit. Taxing Google (or any other company on similar grounds) is a waste. Taxation on Ad revenue is one thing (probably already happens). but if google wanted to play that game, they could just as easily make any taxing up in charging more for Analytics, selling data to Ad companies, etc. with it all being pushed back on the site owner regardless.
30sec? Damn, them some high quality luggage locks. It seems like two or three scrapes and I can get them to pop.
We seem to spend a lot of time playing a chess game of responsibility in infosec. This is definitely an executive level fight, and if I get there I'll have no issue fighting it, but since I can merely point it out, I play the cover my ass so I can play the "I told you so" card.
That's a little disingenuous. The kid had the smarts to build a C&C infrastructure for mobile malware so it's not like they hired a slouch to come in and do security. If your thought was, "
they should have hired a full time more experienced person", I'd say you are severely overestimating the talents of the general Information Security populace.
In my experience, IS teams are mostly made up of Book Smarts, people who understand the theory, the terminology, and the concepts (they are intelligent people), but few actually have the ability to adapt to persistent threats, and adapt their companies to it.
Shit, 50% of them I've met think they can put down programming skills on their resume because they can write"SELECT * FROM users;" I think it why IS is in such "demand" right now.
This is a completely base less comment, but it feels like an MS Exec's manifestation of frustration, because MS had a hard time competing the in the Ad business and pushing views to their avert platform and some snobbish exec said "If we can't get them to our websites, we'll force them to pay to get them to our competitors".
I will in all likeliness never use this (Linux User) but if MS can make pay-by-minute internet more easy to use, than good luck. If I am using Windows and work is willing to pay for the time, than I might not care, but than again, they are more likely to provide hotspot access on my mobile (which I can use with the Linux Laptop).
I think is good, but ....
I'm not really impressed when you say, look at how many lines of code we didn't write, and add the caveat, but we didn't added all the requirements.
It's a slimmed down version of libssl, so not really a true full featured TLS library, but a "good enough for most cases" TLS library.
It will probably be good enough for the work I do though.
Is a protocol analyzer, and not strictly a security tool. I don't know why this frustrates me, but it seems that even based admins think of wire shark as some free tool designed to break into networks. It's like saying water is a drowning tool for murders.
Anyway, carry on, have a beer on me ...
I think cloud pushers (and I'm not really against it) don't really explain the nuances enough. When I was doing primarily Sysadmin work, Cloud was trying to sold to me as basically migrating my virtual environment to the datacenter (which depending on budget vs risk might actually be a better thing). Since I have switched to Development more, the big thing that I noticed is that Cloud is marketed as something you build for (think Websphere, Weblogic, JBoss). I don't want to call it a new software pattern but in a way it seems like it.
I think to many people think of the cloud as putting up an Apache web server on a virtual box in a third third party datacenter somewhere.
Don't you dare threaten the current state of the internet with facts!
WE NEED A NEW WIKI CAMPAIGN, RIGHT MEOW!
I'd say it''s less to do with the vetting of drivers and more to do with the licensed taxi drivers attacking Uber drivers, and no doubt the arrests played a part, but right now in my eyes France and there taxi mob look like they're in bed and slow f**king everyone that would cab in the ass. I guess I've had better experiences with Uber than with a cab driver, but I have a feeling, I'd just be a pitiful American, who doesn't know anything.
Have been of Fedora 20 for a while, mostly because my last company ran RHEL, but I do believe it's time to move to a more enjoyable distro experience and this just might be it.
If you were dealing with free markets, yes, but we don't, we aren't, and never will. There is going to be a barriers placed somewhere, either in the Cartel nature of this business, or through, ironically, the regulation of government.
That being said, I am not fully sure what is going on in this case. It sounds like a service company want direct access to TWC interchanges for the service they are providing, but I don't even then Google/FB/Netfilx/etc operate that way.
Why is this never considered for small business? I understand some legacy applications, LOB applications may require windows, but I am of a firm mind set that if you're a Sysadmin that works in the SMB (at any level really) space and your knowledge is not (at least some what) agnostics for OS platforms, your holding your company back.
Hell if you going to be losing MS "Support" and you just don't want to upgrade do to costs, your FS/FTP/Web Server could all be running on a modern 'nix box (for free if you didn't want the support).
A court case where the driver gets off because they "couldn't possibility be drunk behind the wheel, my car allowed me to drive."
I've still not actually seen any valid claim for needing a GUI yet (Especially since MS goals seems to be to get you to remotely manager servers, and ironically it can be done through a single Management Console).
First any SMB less than 25 people that are will to fork over $800 + CALS for MS Server and can't figure out how to google (add GUI to Server) is really asking for it. (For that matter, if they paid a consultant to to suggest that, they were probably robbed).
Second, maybe it's time for consultants to not have (1) dimension. It just might be time for some education, for both you and your customers. I presume MS will be sticking there fingers in the Technical Colleges soon to tell all the mold-able minds that this the "way of the future" and young IT pros will be be learning this anyway.
Lastly, I think this is hilarious that "Sysadmins" and "Consultants" are having issues with this. If you are a consultant or call yourself a Sysadmin and you've con'd a SMB into purchasing the latest MS server because you can't exercise other options and can't provide the CMD line for your client you deserve to be tackled and urinated on
(Let me help, it will probably be Add-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra, I think they also have a CMD GUI).
It should never be considered unethical for a company to say "Your a damn bright <Insert Career Field>. We want to pay you more to work for us."
Competition in the work place is good and if your talented enough to have companies reach out for your skills, it should be incumbent on your employer to understand and compensate for it.
Clearly, there is only one way to have sex:
1) It must be Missionary (No Adventures)
2) It must be pleasure-less.
3) It's only for making more of us.
Porn isn't going around trying to get 6-14 year olds clicking all over. They usually are catering to a category or multiple categories, based on your particular fetish. I would suggest most parental filters are going to do their job and pickup most porn sites and block them.
Outside of that if your child is looking for porn, I am going to going to venture that have an interest in sex and sexuality. This about the time you need to be a parent and talk to them about sex. You don't need to admonish your child because naked bodies peaked an interest,
I'm not a particular fan of PayPal, and I would guess if the FBI asked they'd help in this case, but the root cause is not PayPal. Why encumber a legal service because of a few problem people, when the root cause is else where.That's like asking an Ice cream shop to implement background checks on customers because one of them, might be a child molester.
What we should be considering is out web technologies, and how we develop for them (IE Why are we still fucking around with Adobe).
They're just "Method Acting". In order to think like an extremist you must "become" one..
I am in the same boat and the only thing I can think of it is that the GUI will ask you to install than restart after you update, but since I just use yum to update, I've never had to restart (minus Kernel) so I don't know.
I can't remember if the GUI asked me prior or not. My laptop is is at Fedora 20 currently.
Say I'm a techie, looking for a new computer (Which I am), and I'm looking for something that's going to meet all my entertainment and production needs (which it needs to do), why should I get/build a PC with Win 10, when I can build a PC cheaper with Linux, or be happy with an Apple?
This isn't even a price thing (Hence the Apple consideration). I still have not read anything from MS that's mind blowing, I want that "feature".
-- Faster boot times? Big deal, I rarely shut down my machine, and I'm a Sys Admin, which means I have the patients for that extra 30 sec.
-- Look and Feel? Apples got it, and I can customize my Linux to have too.
-- Games? All the ones I play have Mac run times, or I have been able to use WINE.
-- Killer App? I don't see the next killer app being MS exclusive without being heavily "persuaded" by MS.
I happen to feel the same way. Based on what I am reading, the commission doesn't have anything actually showing anti-competitive tactics, it's just an assumption because they both offer product and services. In fact based on the other articles, it would appear Google is ready to plaster these groups with statistics showing exactly that Google Services are more relevant that some of these other complaints.
In the interest of disclosure, I am unholy American, and so my presumption is that this commission is more politics than presence, and they are going to have have a legal case to move this forward. Or can these guys just go "I think your wrong, PAY US!"
"I don't like this app, because is allows people to rideshare, and thats just not right" - said the "professionals"
Modules ... and that "You need to be on this product, by this time, in this dimension, by this date ..." licensing/ support model.
For instance, I was planning on writing a PS script to setup Win2K servers. All the basic stuff, Computer Name, Setting Updates, Remote access, etc. I prefer to write them on my Laptop (Win 7 Pro) (and sadly on my own time). Ignoring the long naming conventions (not that bad considering I like understanding whats going on), I wanted to get/set IP Address.
Set-NetIPAddress seems reasonable right?
Minus its a module that is not supported in Win 7. Why I don't know, but i can get it if upgrade to Win8 (Can I give a bigger middle finger?) or I can do this strictly on Win2K Server, but that kinda of defeats the purpose of writing it on one system and testing it on the other.
To be fair, I can still write this out on the Win 7 box, but it just needs to be executed from the proper environment, BUT WHY? I never run into this shit with Python and I can cross platform that shit. I don't get all the pretty toys, but I love tools to make my life easier, I JUST WANT THE TOOL KIT INCLUDED.
My guess its the other way around, sort of like a, We're not gaining anything on our tablets, Apple doesn't give any fuck about us, and Android is the current wave, if we pay you money, can you force MS on people for us because everyone uses word still right?
I don't know if this is in Sammys best interest but we'll see. As a Sysadmin, the idea of a container product for enterprise applications is smart. The idea that ONE companies software (with a track record of fucking things up) is going to be preinstalled in those containers, is another thing,
I am still not enthused about 365 and in general its been nothing but problems for me, so I am back on Libre and Thunderbird and Google Apps.
Why would the Anit-MS brigade need to say anything? They may criticize the fact that there are privacy implication in the MS product if this happens, but there not the ones using it (per say). The XBOX debacle was MS fault over "Always On" and the added FUD after it. MS did not by any means use logic.
Your most likely voices are going to be from sys admins, security professionals, and general consumers because you know, their interests actually lay within the confines of protecting privacy, IP, and other such things.
No one is really being an apologist. I stated it before, Microsoft have control over there patching schedule, Google over their Zero day release schedule. These two are Major competitors, so they don't have any need to support one another.
If this is such a big deal, why was MS releasing Patch notes a WEEK in advances for upcoming security updates? I'm sure half the people blaming Google for this release, were in the last article discussing how MS took away notification systems for non-paying users, and how that made them vulnerable.
Yes, by proxy, Google got in a Jab, MS are trying to make it out to be Google fault, but in the end this is why we have competition in the market place. Security is no exception.
Are are you all suggesting it's OK for MS to demand that Google extend their Zero day policy by two days for the sake of keeping MS's patch Tuesday in line, when "supposedly" Microsoft HAS A FIX, and can't just release it? At least they have control over that process right?
Look, this is nothing new in the security community, some people want to disclose everything and some nothing, but guess what, we still are paid by companies trying to make money and quite frankly, a little forced competition is good.
This wasn't really a Google PR stunt, not by a long shot. This is actually MS taking a well defined policy of there competitor and trying to make themselves look like saints.
We know two things:
1) MS managed to complete a patch for this in 90 days (so you can't say the time frame is unreasonable)
2) MS patching policy didn't line up with Google's release policy.
MS can control it's release schedule if it wants, Google can control is Zero Day policy if it wants, stop blaming each other when they both have a plenty of control for there users.
Firstly, to temper any dev who takes this the wrong way, blacklisting pastebin is sad state of affairs, HOWEVER, even the dev communities understand piss poor coding is a problem and that not enough diligence has been done for secure coding.
So looking at this from a InfoSec perspective, the question I would put to an organization is, Are you confident in the quality of your apps to prevent this type of attack, and if not, this is a risk, and it can be mitigated by blocking pastebin.
We all have ideas of how things should be, from context of addressing this problem now, if you're susceptible to attack from pastebin codes, I'd say reducing that risk immediately by block pastebin is not a bad idea.
And what, prey tell, does checking that a laptop turns on and boot to the OS achieve? If you're using this example as a means to show how the French are excelling at technological policy, I'm left wanting.
While I tend to agree with the board case made by researcher, the reason we are actually fueling this fire is due to the security firm Norse Security, which hasn't actually proven it was an inside hack,just that it has a strong correlation between 6 people, one whom presumably had high level access to Sony systems, and that it was talking with the FBI, etc about it.
I mean the whole blast of media appearances Norse top brass did, with out verification, wasn't to promote the company, but to provide another story right?
I have no trust of my country's three letter organizations as much as the rest of the world, but I've dug a little on the the whole Insider attack thing, and its still pretty vague, even if it's released clues lead to a logical argument for it not being NK. I'd like some more info on it.
I say there biggest problem is that Apache is understood and works fine, plus it tends to be a defacto standard in many distros. I've played NGINX and in general the way I see it, it's not spectacular enough for me to uninstall Apache and replace it withe NGINX, The "Speed" things is rarely a pain point for most of our applications.
Granted if RHEL or what not, had NGINX installed by default I'd probably say the same thing about Apache.
Its not that they are two conflicting forces. Security and Accessibility are opposing forces, not ease of use. As we increase security, we need to give up a certain level of accessibility to gain that security, but there is absolutely no reason, that setting up that security can't be easier.
Here's the real crux, security is not sexy to the general populace, it's a matter of need, but it's implementation is largely done by people with knowledge. Look at something as common as TLS and the now defunct SSL. To a general user, this just "works", but have you actually ever setup a CA and pushed that out to more than 1 or systems? It's an effort.
You can't ask a person (even a "Power User") to just setup security, but there is no reason that we couldn't give a user a package that sets up a certain level of security and accessibility that was point an click. It's a matter of time, cost, price, and marketability for the general populace.
If VPN's were cool to use, like running your iPhone or Android, things would be different.
Krebs on Security has a good write up and who some of these people possibly are:
If anyone is interested.
I read through the letter mentioned in the story that the ISP quote, but all I get out of it was:
"We did some studies on ourselves and we think will "slow" down investment because fuck you."
If this was really the case wouldn't the uncertainty of it's status already cause a "slow down" in infrastructure roll out? I guess the feel they have enough claws in congress to at least avoid Title II.
"I think user interface designers collectively went insane about 5 years ago and it's just getting worse."
I think its because at some point a bunch of managers thought the Graphics Designer and the GUI designer should be the same person, and what we get is hit or miss.
Yes, marketing has a nice catch phrase, but from a general corporate standpoint (for how much power Google really does have) Google's not doing too bad. They have there hand in everything and it's easy to point problems and say "That thing I don't like invalidates everything you try to do." I don't see companies like Apple and Microsoft challenging the status quo of things (back to cars, fiber, etc) they are focused on what they've done in the past. I don't doubt we will see some good tech in the future from MS or Apple, but I doubt I'll see Apple or MS trying to challenge ISP's even if its just to sell me more ads.
I felt Uber was a good benefit to MN. My friends and I started using them (even though they had cost more), because of the cleaner / safer driving. We're likely to get a cab to our favorite pub and than get one back. It didn't take long for the other companies to clean up there act. I'd say with the shift more and more of us look around for best fair/ times since word spreads quickly if a cab company (even if its just a few driver) are shit.
It would be naive to if it weren't for those middlemen...If we had different middlemen we may have had a better, more sane content delivery system all those years. There angry now because they built a closed system based on brick and mortar and physical content and hate losing that control.
Remember Windows doesn't like to give users any control so make sure its done properly:
#> rm -f Windows.exe
Be careful on this. MS likes to fuck with you.
XP Pro for Embedded System (Which is what these devices are using, we have to deal with this also) is only supported through April 8 2014, with its distribution being longer. Windows Embedded Toolkits and Runtimes are all supported through 2016.
The ironic thing about this is that PCI has all over thier web abuot XP ending, but in none of the docs do the say you lose compliance.
I would also suggest that companies rely to heavily on the consultant and demand less knowlege from thier IT staff regarding the ability to analyize and spec servers/equipment. (This is more from a SME standpoint where I see this a lot). Many IT admin are constanly updating, maintaining, or drowning fires.
Besides all the wants / needs of a project, I still run into many issues (mostly due to lack of time allowed) to properly specify server specs, and I often work with consultants or third parties to do this work and recommend specs. I've had issues with this other than I probably could have shaved a good chunck of costs by diggin deeper into stats. I don't disparage consultants, on the contrary, (Unless I hire for soultions and all you want to sell is product A), but I know personally, if I had time on my side, I could save time and money doing that work.
I've not met a PM for a network project that actually can really talk to the wants and needs without deffering to the opinions of there more technical teammates and I tend to be anal when it comes to IT details.
I now have blackmail for any need of my unpaid IT services for friends...
"Oh, you have malware...I know what you were thinking but no I don't have naked videos of myself. "
Quite a few of us, and your right to point, its not going to replace FB and twitter, but I've never met a marketing team that doesn't want "social" interaction at work. I think this is to justify calling it collboration, instead of pointless.
It's not really colboration, its part of the new office change where everyone is everyone's best friend, and makes for excellent smoke screen about workplace happiness. After all, if it "feels" like a social network we must all collborate.
It really isn't productivity at all. Company chat, Email, Calanarding, filesharing, etc are collaboration, but really if it intended use was to keep people abreast of anything, you could just add an RSS feed.
Personally, I think its just a data mining thing for Office 365. I just wonder how long before MS starts selling your corporate data to the highest bidder, or when the TOS change to include Ad's based on your socal history in Office 365.
@bpfh I thought this was universal sysadmin behavior? At first its a test, than its just considered on-going training.