33 posts • joined Thursday 26th July 2012 13:14 GMT
They keep some data for far longer, they claim it to all be gone after 2 weeks but that's not what an investigation turned up.
I dumped Facebook after they started keeping all messages server-side near-permanently.
For those who want to dump it: Search 'How do I close my account?' (sans-quotes) on Facebook help.
Takes 2 weeks and they claim all data is gone, I've still yet to file a DPA request but when I have spare cash I will to make sure everything is permanently gone. Been a while, more than a year (I think) and perv-power lost its charm on me so haven't even glanced at it since.
Re: What about a fixed version of 8?
Note: I don't recommend Windows 8 in production, but it does have benefits in business:
* Support for encrypted SMB shares from Server 2012
* Better proactive exploit mitigations
* Free anti-virus/anti-malware
* Free in-kernel whitelist/blacklist of signatures (and checksums of unsigned apps)
* Cheaper access to corporate BitLocker functionality
* Access to better application sandboxing through an additional Integrity Level
Re: On the subject of ATMs
They do. In the shithole City of Peterborough they have different height ones everywhere...
Re: Does anyone know
Microsoft did this with MSN and later filtered malicious sites detected this way, their legal team know it's safe to do.
Re: Can't wait!
Posting this two hours after restoring a system image twice within a week due to CRITICAL_PROCESS_DIED on boot, with no working offline System Restore from recovery options and no working Safe Mode....
Fuck Windows 8 and Windows 8.1 will suck just as much.
By the way, binding RPC and associated vulnerable crapware to 127.0.0.1 breaks TIFKAM apps :p
Schools prevent students from exploring, government limits free speech
As the title suggests, schools fsck the chances of kids who are naturally good with this sort of thing. Seriously, teachers soil their pants at the idea of a kid that can do things they can't. As a now 22 year old who left the school system early (and is now taking a degree very late...), schools consist of ego tripping muppets that couldn't make anything of themselves who wish to impose their limitations upon innocent children who would otherwise enjoy learning.
Also, Britain is pretty much the only country where security best practice documents are not publicly available for scrutiny. I double dare you to find me a legit public download link for the complete versions of all of the Good Practice Guides by CESG for example.
If I want to however, I can go to the US NSA and get guides on how to secure IT infrastructure without even having to fill a form in. Yeah, I just said it.. The US are more open and transparent than the country that raised me...
ESX is not part of vSphere (ESX != ESXi)
Just one problem, ESX is not part of vSphere. ESXi is the core of vSphere. ESX is legacy technology which is AFAIK due to go unmaintained.
ESXi 5.x - the latest maintained version: https://secunia.com/advisories/product/39098/?task=advisories
For the record, Hyper-V vulnerabilities are Windows vulnerabilities, therefore you need to check Windows advisories. To show a serious local DoS problem Hyper-V used to have from host-side: http://secunia.com/advisories/44908/
Re: Pay for my own device, and have them lock it down???
That's how it works at my workplace, but then again, I'm a lone IT sysadmin... ;-)
Re: Pay for my own device, and have them lock it down?? - Quite agree
Given your network provider often has the same level of access as corporate IT has, I'd recommend you assume everything on your phone is non-private anyway.
Re: Just upgraded on my work laptop OpenSUSE 12.2
No but Microsoft not being able to produce compliant ODF files is.
Re: Am I the only one who likes the Ribbon interface?
Anyone who can't use the keyboard shortcuts to operate MS office doesn't deserve to be called competent in using any version of office, period.
Re: Being driven in droves to LibreOffice??
Hardware hash eh? That's why I used up all my online activations of Office 2010 on multi-boot? It checks for what OS you're running too. Upgrade OS and it requires reactivation, so no, it's not just a hardware hash.
P.S. Use Linux and you can take your install with you wherever you go, as the DRM will see all machines as identical if you stick to one WINE version ;-)
Re: Slowly closing the gap with Microsoft Office?
I'd consider GIMP to be better for retouching of photos than Photoshop. Even scripting GIMP is better than Photoshop. But that's just my personal experience.
Did you know GIMP was used to retouch frames in the first Harry Potter and Stuart Little?
Re: Big business starting to demand users use LibreOffice
Sorry dude, but MS Office is far better than LibreOffice on so many levels. OneNote, Visio and Project aren't replaceable in even an academic environment let alone in a professional environment. If you can find a FLOSS app that implements even half of what OneNote can do, I'll be surprised.
MS Office is one of the few apps I run in CrossOver that isn't a game.
Re: expect FUDD from Microsoft dupes
ReFS is a Server 2012 feature. It can't be used on a desktop or as a boot filesystem and is seriously crippled in functionality compared to straight NTFS.
All examples? I think not
Re: Uhh, well then...
Nope, it's the case that the buggy BIOSes are tested with Windows and made to "work" just enough to pass QA at the time. Bad coding is bad. Windows 8 does not handle buggy BIOSes better, in fact, buggy BIOSes are often so bad that OEMs release BIOS updates.
You'll often find once a workaround is created, Linux handles known bugs better.
Re: Depends on the game
Sonic 2006 or Sonic Generations
IE does have similar functionality. It's called ActiveX Filtering. You filter all plugins and then only on sites where you need a plugin, you whitelist the site. Combine this with decent Tracking Protection Lists and you have a browser that surfs without ads or crap without needing extensions ^_^
Firefox is yet again last to the ballpark here though. For some history:
Opera first to filter plugins with click-to-run (in a poor way that breaks websites as you had to click on the applet itself, which some sites had no visible applets), then Chrome (when it got invented) instituted it much later, in a non-breaking way and IE has had plugin^WActiveX filtering since IE 9.
In a residential location, you usually cannot an SLA or a dedicated line, yet broadband companies happily sell "business" packages which have the same 50:1 ratio or worse and provide no SLA.
It's a legitimate argument. The best people can do is buy a second form of connection, like having both fibre optic and an ADSL line, but sods law says both will go at once when infrastructure is damaged.
Re: I am so glad ..
Except with Windows, most service compromises cause an entire OS compromise, regardless of how well you configure it. Impersonation lets even Network Service and Local Service accounts escalate to SYSTEM.
On Linux, services can be isolated to the point where a compromise leads to absolute nothing (especially if you syscall-filter and deploy AA/SELinux).
Re: I am so glad ..
Of course, unlike SQL Server, MySQL/MariaDB doesn't let you exploit impersonation to compromise the OS. Just like IIS had fewer vulns than Apache but a compromised IIS usually leads to a compromised system due to impersonation privileges, while Apache on Fedora/RHEL with SELinux leads to a frustrated attacker.
I suppose if you wanted the best of both worlds you could run IIS and SQL Server on Linux... oh... wait..
Re: Microsoft's vision -locked down computing
The day they do that, everyone jumps ship to Apple. Why? Because Apple do walled-garden far better than MS. Or, alternatively, the public revolts and sticks with their old freedom-loving hardware and tells the vendor to go shove it.
For those who don't get my point here. Basically all I'm saying is GNU/Linux fanboys are speaking out of their arse when comparing many OS features in their favourite distro with that of the newer Windows NT variants (NT 6.x and above).
To illustrate this point: Linux has a ton of different filesystems and the one closest to being feature-complete is XFS, the rest lack what I would consider to be core features. Heck, lacking online defrag makes a filesystem less feature complete in some areas than FAT32 (just think about that for a second). Windows has only 3 major filesystems in production use (FATxx, exFAT and NTFS) and all three are maintained in such a way that, where appropriate, they maintain feature parity. With FAT/exFAT for portable devices and NTFS for system disks and large data disks.
This situation applies not just to filesystems. GNU/Linux does a lot right, but the evangelists who say it's completely technologically superior are just having a laugh. One can fairly say the architecture of NT is broken with regards to processes (just look up what svchost.exe is actually for, as an example) and one can fairly say that requiring a GUI on a server is laughable - heck the 4GB max RAM licensing terror of an otherwise perfect 32-bit platform for client versions of the OS is utter stupidity from Microsoft. GNU/Linux has its major flaws too.
Basically, ignore the fanboys and evaluate for yourself.
[As a curious thought: If Windows was declared Free Software tomorrow (with zero patent gaming), what would happen to the marketshare of its rivals? After all, that is the biggest negative of using Microsoft's OS]
"Blocks and sectors are hardware level..."
Linux has badblocks support on many of its filesystems for the very reason that hardware does go bad. But many of them don't have support, like NILFS2 and JFS. From what I can tell, XFS badblocks support isn't as robust as that found in ext*, HFS+ and NTFS.
">Transparent Compression (2000);
Found in EXT3"
Do show where that's in mainline? It's not part of Linux and it's unmaintained. Try using that in a production environment.
">Online defragmentation (2000);
Yawn. Not required on a file system that is *actually* journaled"
That's why XFS has this as a core feature and ext4 has this as a work-in-progress? It's required, unless you want to take your machine down when maintaining the filesystem. ZFS also has online defragmentation because it's very important for larger filesystems.
>Online "self-healing" (2008);
What does this even mean? Can you please not use the marketing speak, and instead describe real events and scenarios?"
Snapshotting is what btrfs, ZFS and NILFS2 do - it's also what Volume Shadow Copy provides with NTFS. You can also use LVM as a layer to do it, but it's terribly slow. ZFS on Solaris has good snapshotting with deep OS integration too. Snapshots let you see many revisions of files and let you rollback or maintain multiple changesets - think of it like a revision control system but at the filesystem level. It works through maintaining differentials of files as they change (Copy On Write).
Online "self-healing" is the best-known description for online volume repairs without interrupting other uses of the filesystem at the time of detecting an error. Basically, there are errors that standard journals don't always fix. NTFS can automatically fix these problems without offline chkdsk, With ext* if the journal replay doesn't fix all the inconsistencies, then a full fsck has to be done offline (holding up the boot process). ZFS can also self-heal.
">Online resizing (2008);
EXT, LVM, Cluster FS..."
Only with additional layers can EXT* filesystems support this, XFS does it natively on Linux and so does NTFS on Server 2008 and above. This is an important distinction because prior to Server 2008, resizing required a layer like LVM called Dynamic Disks. Both LVM and DD have performance hits which are unnecessary if you just want to be able to partition on-the-fly with zero downtime.
">Delayed allocation (2012);
Again, what feature are you actually saying this is?"
It's a feature supported in ext4 (it also works if you mount ext2/3 using ext4 module), XFS, ZFS and the newer NTFS driver on Server 2012. It reduces filesystem fragmentation and improves I/O performance by delaying physical allocation until the data is due to be flushed to disk.
SDFS - Works in Linux and Windows..."
Again, is this mainline? If not, it's not part of Linux and it's most certainly not a native part of Windows.
"Any linux system is as backward compatible as you want to make it. It's a question of installing the right libraries."
Try running the original Doom binaries on a Linux distribution which isn't EOL without using any additional code which is unmaintained (apart from Doom itself), then come back and tell me it's backwards-compatible. I can still run the original Doom binaries on Windows to this day without using EOL libraries or components and it was written for DOS. By the time Doom stops working on a maintained Windows OS, I can virtualise the thing and it'll still be running as nicely as before. I have software which was ported for Linux from the 90s which no longer works fully without terrible hacks, where the Windows binaries still work identically, unaltered (Unreal Tournament GOTY and Quake 3 Arena official binaries anyone?).
The truth is, either until all software is Free Software or until the FOSS movement gets more people on-board who are willing to go through the drudgery of analyzing compatibility and keeping projects in line with maintaining backwards compatibility, GNU/Linux distribution will always be inferior in this area to Windows - with one exception, hardware support (because people are willing to go through the drudgery there!).
[For those who don't glance at LKML from time to time: The only reason a.out binaries are really still supported by mainline Linux is Alan Cox's stubbornness. Otherwise, the kernel wouldn't maintain backwards compatibility for Doom, even though the userland doesn't on a modern system :p]
The ksplice tools and technology are a free Linux feature, completely open source. The ksplice uptrack service, which has pre-made patches delivered to popular distributions, is licensed through Oracle.
To give a more fitting analogy: RHEL is free software but the distribution support service which provides pre-compiled updates to you, requires a paid license/contract.
Re: @Fred (was: On the off-chance any of you missed it ...)
Support isn't discontinued. XP is supported until April 2014. If you want a year longer, go Server 2003 and you're sorted till 2015. Windows 7 and Server 2008 are supported till 2020 and Windows 8 and 2012 are until 2023.
I dumped GNU/Linux for Windows (I started with Fedora Core 3 and ended with Ubuntu 12.10) because it's regressed so much. The problem isn't so much the GNU/Linux part per-se, it's the everything else on top that sucks. Like Xorg being an insecure pile of vomit without any indication of Wayland having security improvements for protecting against the shatter attacks that Xorg is extremely vulnerable to. The fact that GNOME 3 sucked, KDE 4 is still bloated and Unity, XFCE, LXDE and the others don't even handle notifications consistently means you never have a "fully working" desktop. Not to mention the lack of QA, the only decent distro from my experience QA-wise is RHEL (or CentOS) and it lacks forwards compatibility - don't expect proprietary apps not certified for it to work very well if they're compiled on a newer toolchain.
If Mac OS X had the API and ABI stability of Win32 (all my stuff still working decades later to the point where no video game or crucial app will fail before it's safely VMable), a 10 year support period with guaranteed 5 years worth of backporting for forwards-compatibility with newer OS iterations (so new stuff works, even without having new features) and protection against shatter attacks, I'd sell my soul to Apple in an instant. Apple don't have formal EOL policies and don't maintain full API/ABI compatibility between 10.x releases either. I wish they'd fix these issues so I could finally switch to an OS that's fun again - even if it is gradually going the way of the walled garden these days.
All you whiny folks who are slagging off PowerShell have forgotten one thing. You can use bash and such just fine on Windows Server, it's not hard to install the UNIX Subsystem with complete SDK and utilities, which is deprecated but still exists in 2012. It supports compiling all the GNU utilities just fine and also supports running Windows style commands from the shell.
Here are some facts for @Eadon about Windows vs. Linux, from a technical perspective. Keep in mind, my experience of GNU/Linux only started with Fedora Core 3 and although I am still current with technical developments today - I know not of the terrors of anything prior to kernel 2.4.
In terms of filesystems, Linux has many, but they aren't as complete as NTFS considering NTFS has support for...
Bad blocks, sector remapping (2000);
Transparent Compression (2000);
Transparent Encryption (2000);
Online defragmentation (2000);
Online "self-healing" (2008);
Online resizing (2008);
Delayed allocation (2012);
The closest competition is XFS in Linux, if you combine it with a set of other technologies like LVM and ecryptfs - but this still lacks online "self-healing" and deduplication features. You could choose to use 3rd-party ZFS support, but FreeBSD and Solaris both work better with ZFS - the only filesystem which totally beats out NTFS in featureset.
On backwards compatibility, Windows Server 2012 offers vastly superior backwards compatibility. Old, quirky VB6-based services which are necessary for some small businesses (and sometimes enterprises) who wasted money on "bespoke" solutions can still have working services without needing an EOL OS to run them.
On RHEL, only a subset of components/libraries are backwards-compatible and only for two releases; while Windows still has backwards compatibility with stupidly-written apps from the Windows 95/98 era (and usually without needing elevated privileges, if one understands how filesystem/registry permissions work). On quality control, RHEL and Windows Server are roughly equal, though the community testing of Fedora may make RHEL releases better in terms of preliminary testing prior to launch than Windows.
There are blatant downsides to Server 2012 (compared to GNU/Linux) though:
When it comes to security, Windows Server Core can't compete with a command-line GNU/Linux install with correctly-customised SELinux policy and system call filtering. (Note: The opposite is true with GNU/Linux on the desktop, so don't use Xorg, ever!).
Windows is still bloated, if you have a single-purpose web server, Windows can often suck up 300MB RAM in kernel memory alone - ignoring DCOM, SMB etc. which is unnecessarily enabled even if you just want to run a web server. Likewise if you want to run a dedicated server for a game like Counter Strike or Unreal Tournament, Windows is not the best way to go. Also, unlike Linux, you can't patch the Windows kernel without a reboot. ksplice means most security vulnerabilities in the Linux kernel don't need reboots to be patched.
Common Sense: Keep a local copy and share using shared hosting!
Make a good use of the "unlimited" storage on shared hosts. Provided you are running a personal blog which has a section for all of your personal pictures, you can use almost all of the inode/file/folder quota for sharing your memories with the world. It's both within the ToS of most reputable hosting providers and within the same level of privacy/security requirements as that of Facebook. Add a nice .htaccess file and your pics are more private than on Facebook, since people would have to download the pic and share it rather than pass a public link around.
It's not rocket-science to pay a bit of money for what you want! With regards to backups, the local copy acts as a master backup for the shared hosting, which is the primary storage space for all your stuff. If you lose your master backup, just FTP all your pics back off the shared host anyway. Oh and since most reputable shared hosts cluster the servers and snapshot the state of data periodically for their clients, the whole "living medium" requirement is already fulfilled. You just have to maintain your own master backups in the name of common sense, since shared hosts are not intended to be highly secure and could lose data any time.
This is exactly what I do with my blog (warofthenerd.net) which is currently hosted by GoDaddy on their Deluxe plan with 150GB of storage.
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- BBC suspends CTO after it wastes £100m on doomed IT system
- Peak Facebook: British users lose their Liking for Zuck's ad empire