top Heartbleed Pricetag To Top $500 Million?
That's ridiculous. I download firmware patches, software patches, etc on a daily basis. Patching heartbleed wouldn't even be out of the ordinary for my job as CIO. It basically costs IT nothing.
Yes and no. If you are patching for home use then there is basically no cost, however if you are patching corporate systems then the cost can be considerable since you actually have to involve all the managers that have an interest in all the relevant applications on the systems that need patching.
Just patching a corporate system without testing if the update breaks any applications is almost a sure way of getting fired. Many business have or should have a change management process and the professional IT manager has to follow those procedures. In the case of a serious vulnerability change management can be fast-tracked however the IT manager should consult with their software service provider to see if only the relevant patch can be applied and in some cases a full update may be required. In the worse case there may be a requirement to have a major update (ie. one major release to the next plus updates) which in the case of Linux/Unix should only take a few hours however without the proper testing that upgrade may actually break some applications which may not sit well with some business.
To recap you are correct in saying that just applying the patch would take a few minutes with almost zero IT cost, however when you take enterprise systems into account what would normally be a very quick patch could translate into a considerable amount of hours/days/weeks when all interested parties get involved.
top In a Hole, Golf Courses Experiment With 15-inch Holes
Golf is about getting your balls into the hole in as few strokes as possible. It's as simple as that.
You have got in one (pardon the pun).
One thing I like about golf is the fact that it can be played by people, male or female of all ages and you get a reasonable workout, especially if you play the full 18 holes. Of course the 19th hole is usually the more interesting
(FTA) “A 15-inch hole could help junior golfers, beginning golfers and older golfers score better, play faster and like golf more,”. What rubbish the whole idea of any game is to provide a challenge and this also includes video games as well. Sure there will always be some who are much better in a particular game but unless you play a game professionally then you should be playing for the challenge and the enjoyment. As far as I am concerned if you don't enjoy the game then don't play it after all no one is really going to force you.
Unfortunately with golf as with some other sports the overall costs keep going up and that actually turns many people off the sport.
top Ask Slashdot: System Administrator Vs Change Advisory Board
If all the patches come from Redhat there is no approval its necessary to keep them up to date for security purposes. The same is true for patches pushed out from Microsoft.
Your kidding right! In any company environment you must follow "Change Management" procedures and that usually involves getting written approval from all project managers that are responsible for each project that is installed on the particular machine. On a Production and/or machines it is usually good policy to be at least one month (possibly six) behind Testing.
I am well aware Redhat are very professional however you should never just update without appropriate testing and management approval. As for Microsoft the same concepts apply. The "cowboy" approach may be ok for home use but put yourself in the shoes of someone who has to explain to a really pissed off management why something went wrong when you were not following "Change Management" procedures.
top Ask Slashdot: System Administrator Vs Change Advisory Board
I think go for easy solution. introduce the patches in batches for the board. ("monday updates for week 32")
I won't comment on MS Windows, although I don't think what you have said will work very well, since I have never seen Production MS centric machines updated on a weekly basis.
Providing information for Linux (Redhat example) is very easy if you have the rpm's. All you need to do is run "rpm -qp --changelog " on every package associated with a particular kernel release/update and provide that information to the Change Advisory Board (CAB) which may result in 100's of package information. This is extremely easy to automate and should only take you a few minutes.
If you provide the above type of info to the CAB then I am quite sure they will do one of two things. 1) Throw a "hissy-fit" (grin) and never want to speak to you again, or 2) Thank you for the information and get back to you in a few months. Of course to keep on their good side you could just give them the changelog of the kernel you are going to install then explain that this is your reference and in the case of a Redhat distribution, which the company has to pay for, this should be enough although you may want to list all the packages that will be updated and let CAB decide if they need their changelogs as well.
I do have to state that in a production, QA, development and to a lesser extent a test and/or "crash and burn" environment you should have appropriate software contracts in place whether it be for a Linux, Microsoft or Unix solution or even some other OS. Having an appropriate software contract in place should save yourself allot of problems and you actually look good with management especially if you can give CAB the info they require (not necessarily want) that will get the job done quickly and efficiently.
In the case of Linux it is fairly easy to setup (approx a days works) an "in-house" repo "jump" server keeping in mind your network people need to get involved here since all target machines will need network access to this machine (or multiple machines if you have separate networked environments. On your "repo" server (appox 100GB+ needed) make sure the appropriate distribution are kept current (within a week) then create links to a staging area that the software updater programs (ie. yum or apt-get) on the target machines can see which contains the packages that will be updated against a kernel (changelog provided to CAB) that they will be reference against. It must be noted that emergency (ie. security) patches should always (you need to check) have the kernel that the patch came out with which means you should update all packages associated with that kernel. Google and your software provider is your best friend here.
Obviously in the case of a company you must follow "Change Management" procedures and if they don't have one (yes some companies don't have this) make sure there is one in place since this covers you if things don't actually go as planned, then you would need to fall back to the appropriate part of the companies "Disaster Recovery Plan" (your company does have one that is tested, I hope).
Sounds complicated, well it is and it isn't. Basically no company that is serious should be without "Change Management" procedures and an appropriate tested "Disaster Recovery Plan" should contain a section for backups and recovery processes and the policies covering them. I am aware that some people will disagree with me but put yourself in the the shoes of the System Admin who has to explain to Management why the Production machine crashed and/or data was corrupted or lost because procedures were not followed.
top Microsoft Brings Office Online To Chrome OS; Ars Reviews Windows Phone 8.1
Too right. MS Office is bad. Open Office is worse.
In what way? I have personally found that there is not much difference between the two since they are both Word processors. Of course if you want professional documents you could always go for LaTeX which is surprisingly easy to use since you only need a text editor or you can use a graphical interface as well, however there are commercial type setter software packages as well. It really depends what the user or organisation require (Note: I did not use the word "want", there is a huge difference) to get the job done.
Similarly, Photoshop is bad, and Gimp is worse.
Again how are these products bad? They both can do some quite amazing things with images since they are both image manipulation software.
Why is the open source community incapable of outdoing commercial de-facto standard apps with poor UIs?
I don't think it is a matter of "free open source software" (or FOSS) outdoing commercial software since it would be difficult for FOSS to match a commercial company in features and they also run the risk (especially in the US) of infringing software patents. However if a FOSS product will do everything that the user or organisation requires then why spend money on the commercial software,
As for poor UI's you should elaborate on that. If the UI does the job efficiently then what is the problem? What do you expect a "telepathic" or some other "magical" interface?
Titanfall Dev Claims Xbox One Doesn't Need DX12 To Improve Performance
The reason people don't think 1080p is "next gen" is because PC gaming moved on from it years ago. If you look at most of the hardware review sites they test cards at 4k or 1440p with everything on maximum detail, way beyond the current crop of consoles.
I think people expected 1080p as the absolute minimum, since that's what PC gamers expect. Even low end cards can run most stuff on medium detail in full HD.
Most HDTV's have an aspect ratio of 16:9 and support 720p (1280x720 pixels) and 1080i/p (1920x1080 pixels). Now there are what is commonly called 4k HDTV's and most of these also have an aspect ratio of 16:9 so a little bit of arithmetic will give you 3840x2160 pixels or 2160p. at the moment 4k HDTV's are more expensive than 1080p HDTV's although the price is dropping, however while the difference between Standard Definition and HDTV is very obvious especially when screen sizes can be over 80 inches (16:9 aspect ratio). The difference between 1080p and 2160p content only becomes significantly obvious in very large screen sizes and only if the content is produced in 2180p.
When people buy a HDTV they normally watch content such as movies or other passive entertainment (ie, TV shows) and the rare some even play games. With the exception of BD movies most passive entertainment is still ether Standard Definition or 720p and that does not look like changing for years to come. Some fanatical PC games appear to want ridicules screen resolutions but eventually you reach the limits (we are not far off this) of what human vision and/or the human brain can process and then what?
Titanfall Dev Claims Xbox One Doesn't Need DX12 To Improve Performance
That BS. Microsoft and Sony fanboys mocked the Wii for targeting 720p. According to them they had all the games in glorious 1080p while Wii peasant didn't had real HD.
Correction: The Wii was
480p, not 720p.
Well if you live in the USA and countries that support the NTSC standard then "yes", however there are other countries that support the PAL standard which is 575i/p 768×576) so the Wii can output in higher resolution.
top Ask Slashdot: Are You Apocalypse-Useful?
People can survive quite well without the care of physicians. Going without food is more difficult.
Very true, because without food all living creatures die. However if you have a community of people the most important people are "Waste Management Specialists" such as garbage collectors and people who can put in and maintain water and sewerage systems. Without proper sanitation you would normally have a local or even a worldwide catastrophe unless we all want to go back to our hunter/gatherer roots.
top Ask Slashdot: How To Start With Linux In the Workplace?
Wile the AC made this into a joke it really is the best advice if you do this badly.
Rather than be the person who is going to be perceived as the one who pushes Linux into your workspace I would recommend getting in a consultant from a reputable firm and get written recommendations on "how" or even "why not to". If this is done properly then everyone looks good. A Professional Consultant could come up with relevant recommendations in less then a week (assuming a small organization of say less than 100) contrary to what some would say.
Another thing don't be the person who is going to be stuck supporting a Linux environment unless you really have had experience, one or more support personal and get paid accordingly.
top Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake
Now he'll be relegated to solely open-source work - the lowest of the low.
Troll is strong with this one :)
top Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake
Good luck with that lawsuit, what law was broken? There was no contract and no guarantee, implicit or explicit. OSS is generally "use at your own risk".
I think if you look at propriety software you will also find that it is "use at your own risk" and "best effort" although it may be obscured with more legalese wording. Making any programmer or software house libel for any mistakes unless they can be shown to be malicious would effectively stop software development in the county that IMHO stupidly allowed this to be part of that countries law.
top NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible
Actually if a cracker wanted to get a user's password all they need to do is contact the target in a so called official manner stating that they think that their account has been compromised and they need their password to check. Surprisingly many people would actually fall for this so a cracker would prefer to use social engineering to get a password rather than try the brute force method which would normally raise alarm bells with System Administrators. Of course this assumes that the System Administrators of a targeted machine have some level of competence and integrity.
Actually brute force cracking is the stuff of Hollywood movies since most operating systems have a policy that is set to 3 or 4 strikes and the account is locked. Although I have seen sites were this was not enforced. Of course there are ways of restricting access even further such as one time passwords but the problem of security is still the weakest link in the chain and that is the user.
Maybe this is a great system, but the hyperbole in the summary is ridiculous.
Could not agree more.
top Microsoft: Start Menu Returns, Windows Free For Small Device OEMs, Cortana Beta
If you're looking for a gaming machine, don't buy Compaq/HP or Dell/Alienware. They load so much crap in there it isn't even funny.
I think serious gamers actually build their own machine and somehow "get" a version of MS Windows to install as their OS
If you're looking for a general use laptop, stick with the business lines for anyone save HP/Compaq (who still loads gobs trialware/demoware crap).
True, however business lines are usually much more expensive so the average person will put up with the rubbish or if they have some knowledge remove the crap, which is really not that difficult.
Personally I have never had an issue with HP machines and I have two working laptops that are 5.5 and 3.5 years old respectively that are running perfectly with Fedora 20 although originally I actually removed the pre-installed OS (MS Vista and Win 7 respectively) and installed the particular version of Fedora at the time I purchased each laptop.
top They're Reading Your Mail: Microsoft's ToS, Windows 8 Leak, and Snooping
Much as I hate to defend Microsoft, the summary mischaracterises Microsoft's statement. Microsoft is saying that it already had the right to search the mailbox, so a court would not have issued an order.
This is such a grey area and I would be surprised if there is not some precedent in law that would classify reading someone's mail and private data as a serious offence without the express permission of the owner of that data or a court order requesting such access. Stating that we own the infrastructure therefore we have the right to do what we please is not a valid excuse.
Consider the following. Say a person owns the building that houses a post office, would they have the right to enter that post office and demand to read mail without proper legal permission? Why would private email be any different from private physical correspondence?
When acting as a System Admin on occasion I was approached by management requesting me to read other peoples email which I promptly denied stating that I would need a court order to do this. The reason for requesting a court order is mainly to cover yourself in case there were legal implications. The only thing relating to email which was acceptable was checking if particular email had been sent and where too, which required a check of the logs. Even then I required written permission to do this. Was I being overly cautious? Well yes since it may not be a good excuse in a court of law stating that I was ordered by management to do specific investigations without the proper legal authority.
Was Microsoft breaking the law demanding that the particular System Admin read certain mail for them? Well I would hate to be in that System Admin shoes right now since they effectively did the "break and enter" while management can sit back with a smug look on their face.
top Why Buy Microsoft Milk When the Google Cow Is Free?
Both my private and work machines both have MSOffice on them and I still use Google Docs for the bulk of my writing. It is light weight, easy to use, accessible from anywhere, and easy to share with collaborators. Office 365 is a bit better in some of those regards, but still makes collaborating with external entities more difficult.
I have found Google Docs great however if you are moving around (think consultant) then depending on a product that is on-line only is IMHO stupid because there are may places that block outside internet access. Basically having an installed Office suite such as Microsoft Office or even LibreOffice is a much more reliable way of using an Office suite.
Personally I use LibreOffice under Fedora (it can be also be installed on a MS or Apple OS as well) and I have never found issue with interoffice interoperability. What is even nicer is that LibreOffice is free and is about a 210 MB download and since I use a Linux distribution any updates can be automatically (personally I don't recommend this) or manually updated.
top Sony & Panasonic Next-Gen Optical Discs Moving Forward
300Gb of data per disc means I'd have to swap discs a dozen times to back up my current pile of data data. Not happening.
Why would you use 300GB disks to backup your data? The reason to use CD's, DVD's or BD's and now this proposed media is to archive specific data that you require access at a latter date. As long as the disk has a device that can read it then your archived data can be read unless the disk is damaged so any archived media needs to be preserved (minimum of two copies) and checked periodically.
It must be noted that there is huge difference between a "backup" and an "archive". If you only use HDD's to "backup" your data you are not really doing a "backup" you are effectively mirroring your data disk(s) at a specific moment in time and you would need multiple HDD's to do this if you are seriously considering any backup strategy which for home use can be expensive. As for "archive" you could consider a HDD to do this however HDD's are much more prone to failure than passive media such as tape, CD, DVD and BD.
One important thing to consider when archiving is to decide what data you really need to archive and in nearly all cases it is personal data which you would consider irreplaceable and a video collection while inconvenient does not fall into that category.
about a month and a half ago
top Confirmed: Earth's Oldest Rock In Australia
It's an older rock, and they are saving it so they cab reveal it next year
Now if you had moved your finger about 3 mm to your right of the letter
b the sentence would make more sense. :)
top Internet Shutdown Adds To Venezuela's Woes
Welcome to Communism. Totalitarian leader. Oppressive regime. Total economic collapse. Continuous propaganda internal and external.
Err! were does it state that Venezuela politics is communistic? although the major parities do have those type of leanings but basically the people do have the right to vote with the voting age starting at 18. If you stated that the political party has leanings of Fascist-ism then I may agree with you however the truth is much more complex. If you look at the
http://en.wikipedia.org/wiki/V...> Wiki you will find out that "Venezuela is among the most violent places on Earth. In Venezuela, a person is murdered every 21 minutes." This is mainly due to the high crime rate and rampant corruption.
I will leave this to the citizens of Venezuela to elaborate further.
top Internet Censorship Back On Australian Agenda
Lately there have been so many shitty movies out of hollyweird that I can't find anything worth downloading. It's a massive waste of bandwidth. I finally figured out that is how they are combating piracy now. The films suck so bad that no one wants to watch them even if they're free.
I fully agree, I have not watched a Hollywood movie in years.
Actually from the article Attorney-General George Brandis is the one who has flagged the changes, however he appears to agree and criticize the Copyright Act stating
"I firmly believe the fundamental principles of copyright law, the protection of rights of creators and owners did not change with the advent of the internet and they will not change with the invention of new technologies."
He described the Copyright Act as "overly long, unnecessarily complex, often comically outdated and all too often, in its administration, pointlessly bureaucratic".
In the article there is a statement:
Australians are among the most avid users of pirating websites in the world. For example, Australians accounted for 16 per cent of all illegal downloads of television program Breaking Bad.
Having never watched "Breaking Bad" I did a quick search and found it is a TV series which anyone with a Personal Video Recorder can actually copy if they wish to do so however this show is not a so called Hollywood movie and many people who have missed one or more episodes can actually catch up by going on-line and watch the shows at selected legitimate sites (a quick search will find them).
Of course you can download via torrent (no money changes hands) which I think the government would like to stop but there lies the problem, without snooping programs which can determine if a torrent download infringes copyright you have no way of knowing and ISP's would not be happy running this type of software since it would take up resources all for the sake of possibly catching an "illegal" down-loader. This type of thing would not be a vote winner.
The problem is that many TV shows can be caught up by going on-line and watching them at "legitimate" web sites. Bringing in legislation to block so called illegal torrent downloading will have an enormous voter backlash which no sane government in their right mind would want.
top Why the Internet of Things Is More 1876 Than 1995
Why on Earth would your refrigerator have to be online to keep track of food expiration dates? Can't you use a tablet, phone or PC to keep track of that?
Err! wouldn't it be easier to write on the packages or containers if they don't have expiration date. Or just take a tentative smell on a regular basis and throw-out the foodstuff that has gone off or has mould growing on it
;). Having a policy of cleaning and checking your fridge at least once a month can save an embarrassing trip to the toilet or in severe cases the Doctor and it definitely beats maintaining a database/spreadsheet of your fridge.
donaldm has no journal entries.