×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Generic PCs For Corporate Use?

ers81239 Hardware As A Service (HAAS) (606 comments)

DoD Acquisitions has a focus on 'performance oriented' contracting. They suggest you buy things the way you buy managed servers at a server farm like rackspace.com. So, you could try to let a contract for the use of 1000PCs for 2 years and specify downtime, replacement, and repair measures. Offer the contractor rewards for exceeding the minimum requirements and penalties for not.

I think the idea applies pretty well here. I wonder how it would work. I'd call it HAAS - Hardware as a Service.

more than 3 years ago
top

Are Code Reviews Worth It?

ers81239 Re:Yes! (345 comments)

I just want to highlight your second point. I believe that THE most important thing gained from code reviews is the spreading knowledge and gaining understanding. New development is always great, but most programming is maintaining/fixing/improving existing projects. A code review is a great way to really learn about code readability. You actually get to see other people read your code and you get to read other people's code. All of this code is fresh in someone's mind so it can be explained, and how to make it more readable can be discussed. I learned a ton about writing maintainable code at my first job where we did regular code reviews.

On the more technical side, often once the code is discussed much simpler ways to solve the problem is discovered. It isn't about the individual bug fixes/improvements that can come from a code review. Its really a way to improve your programmers.

more than 4 years ago
top

Internal Instant Messaging Client / Server Combo?

ers81239 mIRC (360 comments)

I have seen mIRC used in situations even more secure than the one you describe.

about 5 years ago
top

Researchers Demo BIOS Attack That Survives Disk Wipes

ers81239 Of course. (396 comments)

Last I checked, the BIOS lives in a chip, not the HDD. Thus the magic diskless booting. How is this news?

more than 5 years ago
top

Why Your Clock Radio Is All Abuzz About iPhones

ers81239 Military Aircraft Better (MAB) (397 comments)

This must be one of the things that make military gear so expensive. I've flown military aircraft with multiple cell phone calls going on onboard and there isn't any interference at all.

more than 5 years ago

Submissions

top

Keeping up with security requirements in Linux.

ers81239 ers81239 writes  |  more than 4 years ago

ers81239 (94163) writes "I've recently become a Linux administrator within the Department of Defense. I am surprised to find out that the DoD actually publishes extensive guidance on minimum software versions. I guess that isn't so surprising, but the version numbers are. Kernel 2.6.30, ntp 4.2.4p7-RC2, openssl 9.8k and the openssh to match, etc. The surprising part is that these are very fresh versions which are not included in many distributions. We use SUSE Enterprise quite a bit, but even openSUSE factory (their word for unstable) doesn't have these packages. Tarballing on this many systems is nightmare and even then some things just don't seem to work. I don't have time to track down every possible lib/etc/opt/local/share path that different packages try to use by default. I think that this really highlights the tradeoffs of stability and security.

I have called Novell to ask about it. When vulnerabilities are found in software, they backport the patches into whatever version of the software they are currently supporting. The problem here is that doesn't give me a guarantee that the backport fixes the problem for which this upgrade is required (My requirements say to install version x or higher). There is also the question of how quickly they are providing the backports.

I'm hoping that there are 100's of DoD Linux administrators reading this who can bombard me with solutions. How do you balance security with stability?"

Journals

ers81239 has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...