Computers & Technology 2

Message boards : Politics : Computers & Technology 2
Message board moderation

To post messages, you must log in.

Previous · 1 . . . 17 · 18 · 19 · 20 · 21 · 22 · 23 . . . 24 · Next

AuthorMessage
Sirius B Project Donor
Volunteer tester
Avatar

Send message
Joined: 26 Dec 00
Posts: 24877
Credit: 3,081,182
RAC: 7
Ireland
Message 1658783 - Posted: 29 Mar 2015, 14:33:42 UTC - in response to Message 1655663.  

Makes one wonder why all the fuss over this then...

Encryption dilemma
ID: 1658783 · Report as offensive
Profile janneseti
Avatar

Send message
Joined: 14 Oct 09
Posts: 14106
Credit: 655,366
RAC: 0
Sweden
Message 1658785 - Posted: 29 Mar 2015, 14:39:01 UTC - in response to Message 1658783.  
Last modified: 29 Mar 2015, 14:40:37 UTC

Makes one wonder why all the fuss over this then...

Encryption dilemma

Sigh... :)))
A European police chief says the sophisticated online communications are the biggest problem for security agencies tackling terrorism.
Hidden areas of the internet and encrypted communications make it harder to monitor terror suspects, warns Europol's Rob Wainwright.
Tech firms should consider the impact sophisticated encryption software has on law enforcement, he said.

Europol's Rob Wainwright is stupid........

The "problem" started before Jesus was born!
ID: 1658785 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20147
Credit: 7,508,002
RAC: 20
United Kingdom
Message 1666339 - Posted: 17 Apr 2015, 13:48:09 UTC

The comments to this article thread are something to behold!...


Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers

Patch Tuesday bug reverse engineered by Thursday...

... The security bug (CVE-2015-1635) allows attackers to knock web servers offline by sending a simple HTTP request...

... Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 systems running Microsoft's IIS web server are affected. The component at fault is HTTP.sys, a kernel-level driver...

... "Due to the ease with which this vulnerability can be exploited, we recommend that you expedite patching this vulnerability," SANS notes in an advisory...

... Microsoft has warned the security bug can be used to execute code remotely on the server, but so far,...

... Most of the time, the server just crashes.



There are number of aspects that make that rather painful for how the bug came to be in the first place and how the fix is likely not what should be done either...


Hence why the comments are so rabid due to something rather worrying and sensitive having been painfully hit?...

All combined with other current painful exposures:

Unpatched 18-year-old Windows man-in-the-middle diddle revived

It's 2015 and a RICH TEXT FILE or a HTTP request can own your Windows machine


The "must patch NOW" warning in that last article for this week is rather apt...

All very much NOT the way that IT should be...


And IT is what we make it...
Martin
See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 1666339 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666404 - Posted: 17 Apr 2015, 17:21:14 UTC - in response to Message 1666339.  

All very much NOT the way that IT should be...


I do hope this applies to the recent catastrophic OSS flaws found recently as well.
ID: 1666404 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 1666436 - Posted: 17 Apr 2015, 18:45:11 UTC - in response to Message 1666404.  

All very much NOT the way that IT should be...


I do hope this applies to the recent catastrophic OSS flaws found recently as well.

Heretic! OSS is perfect. It has millions of eyeballs! ;-)
ID: 1666436 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20147
Credit: 7,508,002
RAC: 20
United Kingdom
Message 1666474 - Posted: 17 Apr 2015, 19:53:49 UTC - in response to Message 1666404.  
Last modified: 17 Apr 2015, 19:54:54 UTC

All very much NOT the way that IT should be...


I do hope this applies to the recent catastrophic OSS flaws found recently as well.

So... Let's see...

You are comparing:

The problem of all Windows systems getting pawned by simply being sent a single data packet from anywhere in the internet, or from simply displaying some document or email or website TEXT!

To...

Some critical cryptography that the entire web uses across all types of systems (Heartbleed and Freak).


For that comparison, looks like Windows is still at nursery school for security :-P


Note that the sort of vulnerability for the Windows examples go completely against what is taught for designing a good system architecture. Is that why there is such extreme rhetoric spewing forth in some areas for what the latest patch set means?

Including that you pretty much have to risk updating immediately. Regardless of what corporate services you might be running with Windows. That is a big ouch.

And I've got some very high stressed Americans who literally scream about any downtime or any interruption to their working... They are never happy at the best of times :-(

There are lots of grey hairs being generated for that patch set.


All of no concern if all your hair is already grey?...

IT is what we allow it to be...
Martin
See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 1666474 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666531 - Posted: 17 Apr 2015, 22:17:52 UTC - in response to Message 1666474.  

All very much NOT the way that IT should be...


I do hope this applies to the recent catastrophic OSS flaws found recently as well.

So... Let's see...

You are comparing:

To...


No, I foolishly thought you might actually see that computer security is an ongoing, never-ending issue for all platforms, and that perhaps you could see beyond your own biased disdain for all things Microsoft and/or Windows and perhaps be fair and mature in your criticisms.

My bad.
ID: 1666531 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20147
Credit: 7,508,002
RAC: 20
United Kingdom
Message 1666595 - Posted: 18 Apr 2015, 0:02:14 UTC - in response to Message 1666531.  
Last modified: 18 Apr 2015, 0:03:48 UTC

All very much NOT the way that IT should be...


I do hope this applies to the recent catastrophic OSS flaws found recently as well.

So... Let's see...

You are comparing:

To...


No, I foolishly thought you might actually see that computer security is an ongoing, never-ending issue for all platforms, and that perhaps you could see beyond your own biased disdain for all things Microsoft and/or Windows and perhaps be fair and mature in your criticisms.

My bad.

And you're trying to distract for something that is trivially foolish that high-school graders would get a FAIL mark for being so foolish as opposed to major infrastructure that the Big Boys are now paying millions of dollars to safe-guard after having been caught out freeloading for years.


VAST difference of scale and stupidity...


Really, STILL, how on earth should your entire computer be pawned by merely displaying a TEXT file? Incredible! Ask Microsoft?


IT is what we allow it to be!
Martin
See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 1666595 · Report as offensive
Profile janneseti
Avatar

Send message
Joined: 14 Oct 09
Posts: 14106
Credit: 655,366
RAC: 0
Sweden
Message 1666606 - Posted: 18 Apr 2015, 0:22:07 UTC - in response to Message 1666595.  
Last modified: 18 Apr 2015, 0:23:48 UTC

Incredible! Ask Microsoft?
IT is what we allow it to be!

Ask Microsoft? I tried ONCE. Never more.
I bought a new computer with windows 8.1 preinstalled.
My work computer has Windows 7 installed.
So I wanted to move MANY files from that old machine.
But what happens? On my new computer I see all my computer but not the Windows 7 on the netlist!
After a couple of hours I get in touch with Microsoft.
They said that Windows 8.1 is not compatible with Windows 7.
I said what do you mean´?
The answer was "You can Use USB sticks or CDROMS to copy your files!"
Do you want more information it will cost you $100 per hour!
I hang up.
ID: 1666606 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666639 - Posted: 18 Apr 2015, 1:46:41 UTC - in response to Message 1666595.  
Last modified: 18 Apr 2015, 2:00:05 UTC

And you're trying to distract for something that is trivially foolish that high-school graders would get a FAIL mark for being so foolish as opposed to major infrastructure that the Big Boys are now paying millions of dollars to safe-guard after having been caught out freeloading for years.


Not at all. But clearly you don't work as a SysAdmin. Why would you ever directly expose your server, whether it runs Windows or not, to the web rather than using a firewall and a load balancer like an F5 first?

But of course, your personal bias shows no bounds. Stupid flaws found in Microsoft's code will be stupid. More will be found in the future. As will flaws in OSS. Meh.

Really, STILL, how on earth should your entire computer be pawned by merely displaying a TEXT file? Incredible! Ask Microsoft?


Sidenote - why are you calling it pawned? Are you trying to use the hacker term 'pwned' which has leaked into the common vernacular?
ID: 1666639 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666642 - Posted: 18 Apr 2015, 1:51:04 UTC - in response to Message 1666606.  

Incredible! Ask Microsoft?
IT is what we allow it to be!

Ask Microsoft? I tried ONCE. Never more.
I bought a new computer with windows 8.1 preinstalled.
My work computer has Windows 7 installed.
So I wanted to move MANY files from that old machine.
But what happens? On my new computer I see all my computer but not the Windows 7 on the netlist!
After a couple of hours I get in touch with Microsoft.
They said that Windows 8.1 is not compatible with Windows 7.
I said what do you mean´?
The answer was "You can Use USB sticks or CDROMS to copy your files!"
Do you want more information it will cost you $100 per hour!
I hang up.


most phone techs will give up if they think the person on the other end of the line is too thick or too argumentative to listen. In fairness, many of them are lazy too, but this isn't unique to Microsoft.

BTW - My Windows 8 and 8.1 machines see the Windows 7, Vista, XP, 2000, and 98 machines without a problem. Either the tech didn't know this (unlikely) or they didn't think spending the time to help you would help them meet their phone metrics. Yay corporate America!
ID: 1666642 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 1666688 - Posted: 18 Apr 2015, 4:35:21 UTC - in response to Message 1666642.  

Incredible! Ask Microsoft?
IT is what we allow it to be!

Ask Microsoft? I tried ONCE. Never more.
I bought a new computer with windows 8.1 preinstalled.
My work computer has Windows 7 installed.
So I wanted to move MANY files from that old machine.
But what happens? On my new computer I see all my computer but not the Windows 7 on the netlist!
After a couple of hours I get in touch with Microsoft.
They said that Windows 8.1 is not compatible with Windows 7.
I said what do you mean´?
The answer was "You can Use USB sticks or CDROMS to copy your files!"
Do you want more information it will cost you $100 per hour!
I hang up.


most phone techs will give up if they think the person on the other end of the line is too thick or too argumentative to listen. In fairness, many of them are lazy too, but this isn't unique to Microsoft.

BTW - My Windows 8 and 8.1 machines see the Windows 7, Vista, XP, 2000, and 98 machines without a problem. Either the tech didn't know this (unlikely) or they didn't think spending the time to help you would help them meet their phone metrics. Yay corporate America!

Or the tech asked a question or two and thought the reason might be firewall settings and didn't want to go down that path.
ID: 1666688 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 1666689 - Posted: 18 Apr 2015, 4:45:06 UTC - in response to Message 1666639.  

But of course, your personal bias shows no bounds. Stupid flaws found in Microsoft's code will be stupid. More will be found in the future. As will flaws in OSS. Meh.

But of course. The OSS community would never have a bug and require a patch. It has never happened and never will. :)

Ozz, Martin's bitching has more to do with the fact that to apply a patch the machine has to be rebooted than any other factor.

If we were to worry about a text file, that isn't the real issue. The real issue is the OSS specification for html that requires a server to configure itself differently depending on the request. Once the malevolent internet can affect how your computer is configured -- its code execution, it is game, set, match; but OSS standards are perfect.
ID: 1666689 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666703 - Posted: 18 Apr 2015, 5:47:00 UTC - in response to Message 1666689.  

Funny thing about those reboots... there's some pretty fun technologies in the world of virtualization that allows you to mirror VMs in a replicated fashion, thus you can patch one, reboot it while allowing all the traffic to go to the other, then do the same to the second one, all without any interruption of service or perception of downtime.

The added bonus here is that you don't have to leave a system running that may have poorly coded custom application stacks with slow memory leaks degrading performance over long periods of time. This kind of issue affects even our Linux servers.
ID: 1666703 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20147
Credit: 7,508,002
RAC: 20
United Kingdom
Message 1666791 - Posted: 18 Apr 2015, 12:54:15 UTC - in response to Message 1666703.  
Last modified: 18 Apr 2015, 12:57:59 UTC

Not at all. But clearly you don't work as a SysAdmin. Why would you ever directly expose your server, whether it runs Windows or not, to the web rather than using a firewall and a load balancer like an F5 first?


And:

Funny thing about those reboots... there's some pretty fun technologies in the world of virtualization that allows you to mirror VMs in a replicated fashion, thus you can patch one, reboot it while allowing all the traffic to go to the other, then do the same to the second one, all without any interruption of service or perception of downtime.

The added bonus here is that you don't have to leave a system running that may have poorly coded custom application stacks with slow memory leaks degrading performance over long periods of time. This kind of issue affects even our Linux servers.


Absolutely fantastic response there thanks.

Spookily, that also follows some of the incredible "up-selling" that is wasting our time recently...


The world of Microsoft really is a Religion, and all wrapped up in Marketing techno-foolery that really do have "MSCE" trained people completely lost in the world of Microsoft ways and totally unemployable outside of the Microsoft world.

So...

Supposedly we must buy a fleet of Rolls-Royce supercars, so that we always have some spare on-hand for when we need to fill up the gas tank, all for the sake of a puncture repair kit for the paper lad to finish his newspaper round where a bicycle is still overkill for the job?

Yes... From what I am presently seeing first hand of the Microsoft world and their technical support, it really is that stupid.


Meanwhile, we have two of our Linux servers on the inside that have been running with zero downtime for example:

up 534 days
up 639 days

and three others at around the one year mark.

All in constant use for critical functions. No downtime needed until hardware failure stops the electrons...


In comparison, I've hit against the Microsoft world of Marketing jargon again for utter trivia that makes for a hideously expensive cost for even the most simple of system changes... All an incredible self-made industry!

Why call a $1 spanner a spanner when you can charge $10000 for a data transmission anchor point securement tool and technician to bolt a 3G aerial to an external bracket that is already in place!...?


There are a lot of wasteful reboots needed in parts of the world... And that needn't be the case...

IT is what we allow it to be...
Martin


ps: Not wishing to scare you but I'm sure you've heard of VMware and Qemu... They are Linux. Or for you is it maximized surface area of attack all the way with Hyper-V on Windows? Text files permitting?...

(More incredible is the shrugging off of what the latest exploits mean/indicate for Microsoft systems as much as the elementary vulnerability itself...)
See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 1666791 · Report as offensive
Profile janneseti
Avatar

Send message
Joined: 14 Oct 09
Posts: 14106
Credit: 655,366
RAC: 0
Sweden
Message 1666795 - Posted: 18 Apr 2015, 13:09:18 UTC - in response to Message 1666642.  
Last modified: 18 Apr 2015, 13:14:45 UTC

BTW - My Windows 8 and 8.1 machines see the Windows 7, Vista, XP, 2000, and 98 machines without a problem. Either the tech didn't know this (unlikely) or they didn't think spending the time to help you would help them meet their phone metrics. Yay corporate America!

The solution is to connect the two computers with an Ethernet Cable instead of using your local network.
When I phoned Microsoft I had completely forgot that...

Strange that this very bad support are done by mostly IT, Phone and Energy companies...
ID: 1666795 · Report as offensive
Profile janneseti
Avatar

Send message
Joined: 14 Oct 09
Posts: 14106
Credit: 655,366
RAC: 0
Sweden
Message 1666796 - Posted: 18 Apr 2015, 13:21:54 UTC - in response to Message 1666791.  

The world of Microsoft really is a Religion, and all wrapped up in Marketing techno-foolery that really do have "MSCE" trained people completely lost in the world of Microsoft ways and totally unemployable outside of the Microsoft world.
Yes... From what I am presently seeing first hand of the Microsoft world and their technical support, it really is that stupid.
Meanwhile, we have two of our Linux servers on the inside that have been running with zero downtime for example:
up 534 days
up 639 days
and three others at around the one year mark.
All in constant use for critical functions. No downtime needed until hardware failure stops the electrons...
Why call a $1 spanner a spanner when you can charge $10000 for a data transmission anchor point securement tool and technician to bolt a 3G aerial to an external bracket that is already in place!...?
There are a lot of wasteful reboots needed in parts of the world... And that needn't be the case...
ps: Not wishing to scare you but I'm sure you've heard of VMware and Qemu... They are Linux. Or for you is it maximized surface area of attack all the way with Hyper-V on Windows? Text files permitting?...
(More incredible is the shrugging off of what the latest exploits mean/indicate for Microsoft systems as much as the elementary vulnerability itself...)

Yes reboot are only needed when changing hardware or perhaps some driver changes.
Otherwise you use Services for your application that can be turned on or off.
Very simple really:)
Only the application are down NOT the OS.
ID: 1666796 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666840 - Posted: 18 Apr 2015, 16:02:12 UTC - in response to Message 1666791.  

Absolutely fantastic response there thanks.


You're welcome!

Spookily, that also follows some of the incredible "up-selling" that is wasting our time recently...


The world of Microsoft really is a Religion, and all wrapped up in Marketing techno-foolery that really do have "MSCE" trained people completely lost in the world of Microsoft ways and totally unemployable outside of the Microsoft world.


Yes, because we have so many Microsoft people on this forum pushing the religion of Windows, and telling everyone to switch from Linux or Mac... oh wait, that's only you in every Windows thread. Especially those about viruses.

Supposedly we must buy a fleet of Rolls-Royce supercars, so that we always have some spare on-hand for when we need to fill up the gas tank, all for the sake of a puncture repair kit for the paper lad to finish his newspaper round where a bicycle is still overkill for the job?


There are so many flaws with this metaphor that I'm not even going to bother getting dragged down into it with you as in the past. I'll take the high road, thanks.

Yes... From what I am presently seeing first hand of the Microsoft world and their technical support, it really is that stupid.


I wouldn't know. I don't need their tech support.

Meanwhile, we have two of our Linux servers on the inside that have been running with zero downtime for example:

up 534 days
up 639 days

and three others at around the one year mark.

All in constant use for critical functions. No downtime needed until hardware failure stops the electrons...


Ah yes. Just as Gary stated. It's all about the uptime, baby! Meh. We have a Windows server up for 649 days. Generally not a good idea for any server, but it can be done.

In comparison, I've hit against the Microsoft world of Marketing jargon again for utter trivia that makes for a hideously expensive cost for even the most simple of system changes... All an incredible self-made industry!

Why call a $1 spanner a spanner when you can charge $10000 for a data transmission anchor point securement tool and technician to bolt a 3G aerial to an external bracket that is already in place!...?


Man, I must have really pissed you off. You're so easy Martin. :-D


There are a lot of wasteful reboots needed in parts of the world... And that needn't be the case...


Yes... "wasteful reboots" that take all of 5 seconds in a VM these days.

ps: Not wishing to scare you but I'm sure you've heard of VMware and Qemu... They are Linux. Or for you is it maximized surface area of attack all the way with Hyper-V on Windows? Text files permitting?...


Heh. Yes, I've heard of VMWare. We use them exclusively at our company for all VM related functions. Yes, I'm aware they're Linux. No, that wasn't part of our decision in using their product. The only reasoning in using VMWare was simply "nobody ever got fired for using IBM" (yes, I know VMWare isn't made by IBM. Hopefully you're familiar with the phrasing though and know what I'm trying to say.)

(More incredible is the shrugging off of what the latest exploits mean/indicate for Microsoft systems as much as the elementary vulnerability itself...)


Because we've had to shrug off plenty of OSS vulnerabilities as well. What does it matter if it is a text file flaw or an SSL flaw? In the end, we still have to apply a patch and reboot the system.
ID: 1666840 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666841 - Posted: 18 Apr 2015, 16:05:36 UTC - in response to Message 1666795.  

BTW - My Windows 8 and 8.1 machines see the Windows 7, Vista, XP, 2000, and 98 machines without a problem. Either the tech didn't know this (unlikely) or they didn't think spending the time to help you would help them meet their phone metrics. Yay corporate America!

The solution is to connect the two computers with an Ethernet Cable instead of using your local network.


Umm.. an Ethernet cable is what most local networks are made of. That's what mine is made of, and as you quoted me here, my machines are able to see each other just fine.

If directly connecting an Ethernet cable between two computers actually worked for you, then that suggests Gary was right that it was a firewall issue on one of the machines.

Strange that this very bad support are done by mostly IT, Phone and Energy companies...


Indeed. I'm so glad I don't need to use tech support.
ID: 1666841 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 1666844 - Posted: 18 Apr 2015, 16:12:13 UTC - in response to Message 1666796.  

Yes reboot are only needed when changing hardware or perhaps some driver changes.
Otherwise you use Services for your application that can be turned on or off.
Very simple really:)
Only the application are down NOT the OS.


If you're application is down, then the system may as well be down. From an end-user perspective that's all that matters.
ID: 1666844 · Report as offensive
Previous · 1 . . . 17 · 18 · 19 · 20 · 21 · 22 · 23 . . . 24 · Next

Message boards : Politics : Computers & Technology 2


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.