Slashback: Dell, 800, Disclosure 164
Spinning so had they can feel it in Ft. Worth. L-Wave writes: "This Story is running on linux.com. Apparently Dell has written an open letter toLinux users. 'Dell has published an open letter to its Linux customers "clarifying" its position as regards the insurgent OS. Actually, the letter is headed "Clarifying Dell and Linux," but either of these would be a massive task, and we think we know what they meant to say.'"
Please note that all Dell is saying here is that they will load customer-specified software at the factory -- it's probably convenient for some customers, but nothing new for Dell. In the case of software with expensive licenses, it means some simplified paperwork. With Free software, it just means convenience. The letter is therefore rather lukewarm, but at least a lot better than refusing to install software that doesn't include a licensing markup.
Brush up on your polite conversation skills. doublem writes: "This site lists the toll-free numbers of known Spammers, so they can be called, harassed and otherwise vented against for their crimes. Something tells me the ./ crowd will like this sort of thing as evidenced by this recent article. I'd like to add 1-888-288-9043 as the number for the well-known VORTEX SUPPLIES, a collection of jerks who refuse to take me off their mailing lists." I started doing the same a few months ago, but this guy has me beat by miles, even if he doesn't list Miss Cleo's number thanks to Psychic spam that knew I'd react with a call.
Yessir, our team goes into action right after the first fortnight. jeffy124 writes "Microsoft has admitted knowledge of an IE bug a full week before a security firm announced it. Turns out sec firm Online Solutions privately informed MS of the bug Nov. 1, but MS initially said they first heard of it Nov. 9 after Online made the find public the same day. MS claims standard procedure of allowing themselves two weeks in order to make sure someone's not cryin wolf and write a patch. They also claimed that no breaches occured during that wait. MS says that Online acted responsibly in their actions, and "'apologizes for innacurate statements.'"
You mean the lawsuits didn't kill it? Far from certain conpiracy theories advanced after Bleem published their own epitaph ShadeEagle writes: "Here we find out that Sony didn't know about Bleem's death until they were asked about it. Gamespot has more relevant information as to the possible (or impossible) future of Bleem." And another gaming note: mickeyreznor writes "According to this article on CNet, Sega appears to be in good financial shape despite the trouble they've had with the dreamcast. In addition, 60 games are being planned for X-box and PS2 over the next year. Sega's future looks bright, and that can only be a good thing for gamers."
Dell and Linux kinda a big deal (Score:5, Insightful)
The importance is not that they load the OS, it's that they are treating Linux the same as Microsoft. PHB's like to feel secure, and knowing that Dell, a major player in the OEM server / PC market, is offering Linux as a platform they stand behind just like Netware and NT/2000 - makes them feel secure. It all comes down to big management catch words like "Enterprise" "Scalable" and maybe even a little "TCO."
The fight for Linux is not a fight of technical profecciency, that is already achieved, it is a fight of making managers at 35,000 feet feel comfotable with it. (IMO)
Re:why anti-MS? (Score:5, Insightful)
respond instantly--we have to sieve the wheat from the chaff to determine how reliable the vulnerability warning is," said Neil Laver, Windows product marketing manager for Microsoft. "Until we can investigate the issue, we are not going to issue a bulletin, as that would create a crying wolf situation."
can anyone argue with this?
I can. It doesn't take a week to recreate an exploit like this and say, "OH shit!"
br>Microsoft is a large enough company to have someone on the job whose exclusive responsibility is to read incoming exploit reports and IMMEDIATELY test the described method. Immediately after that (ten minutes after the report arrived, if they have a bunch of configured machines immediately available - again, MS is big enough to afford this) they can say, "Report verified. Issue a bulletin and get the engineers on the job fixing that bug."
In the case of a major (or any) exploit, there is no excuse for a large outfit like MS to require more than an hour or two to verify that a problem exists. Actually fixing it will probably take longer, but the fact that the expolit exists should be immediately published so those running the affected software can decide if they want to take their servers off-line or take some kind of self-protective action.
These phone numbers are helping spammers. (Score:5, Insightful)
Re:These phone numbers are helping spammers. (Score:4, Insightful)
Yeah...ok...but I believe that tthe point is that they're 800 numbers, so these companies will *pay* for that call whether or not you talk to a real person.
Re:why anti-MS? (Score:2, Insightful)
But THIS is security! To take a real-world example, if you break into a bank at night and start carrying out the cash, the security guards don't have to stop and ask their supervisor to wait for the next board meeting (in three weeks) to obtain permission to apprehend the criminals.
There's no room for bureaucratic bullshit in matters of security. You set a policy that affords the maximum protection to your customers, and follow that. No ad-hoc decision-making required. If there's a possible exploit, test it NOW and report NOW and release an advisory RIGHT NOW. Period. Just like apprehending the criminals on the way out of the bank. "Halt! You're under arrest!"
Re:XBox, bah (Score:3, Insightful)
Re:Disloyal Dell (Score:2, Insightful)
Yes, all the other companies jumped on the same bandwagon as you say. -- However the rest are following through with their words. -- Dell is not, and Dell made a bigger fanfare than any of the other big computer makers and never did one single thing except put a page on their site that rarely worked.
And don't worry, this "naive person" stopped buying, recommending, and supporting Dell a year ago. The "bottom line" for me is not just to stop buying their products, I also have the right to tell others why they should stop being Dell zealots and get a clue as to what this company is really all about --> making Michael Dell rich.
Modem dialing... (Score:2, Insightful)
Of course, I'll have to modify the init string so that it doesn't try to negotiate a modem connection, otherwise it will fail too many times and the numbers will become BLACKLISTED.
Oh - and I need to move to the US since it won't be free otherwise
Re:Stop bashing the X-Box! (Score:5, Insightful)
Second, the Dreamcast is Windows CE compatible. The OS is actually on the CD (shades of AppleDOS!) and its up to the developer which OS to use. I have three DC games (D2, Seaman, Shenmue), and only the D2 uses Windows. Sega's in-house developers seem not to like it -- can't imagine why.
Re:A couple of notes (Score:3, Insightful)
Re:why anti-MS? (Score:5, Insightful)
Wow! you really have no idea how software development and engineering departments work. With an engineering department that can switch gears and start projects as fast as the one you described we would be able to get a new version of windows ever 2 months.
I will explain to you how most large bug reporting/engineering systems work. First a secretary or intern will be assigned to read the bug mail and sort out the legitimate problems from the lunatics writing in that your product just SUCKS.
If it is a legitimate bug report and it includes all the information necessary to reproduce it then it gets entered in the bug tracking/administration system. An email or memo will be sent to the manager of the division that handles testing.
The manager will assign the bug to a tester who will try to reproduce it. That is after he has worked on all the other items in his queue that have a higher priority. Once he has reproduced it he identifys what component causes the problem (or guesses). And add adds the item as a reproduced bug to the bug tracking system.
The manager in charge of the division that handles that system or component will get the notice and eventually get around (depending on priority) to assigning the bug to an engineer.
The engineer will then start working on the bug, but only after he has already completed what he was working on at the time, and cleared any higher priority items out of his queue as well.
It would take at least a day to go through any one of these steps. And even more time depending on how busy people are and what priority rating the bug gets. Plus in larger companies these things actually go through more steps such as priority assignment meetings and impact analysis.
In short your expenctations are insane. When you are dealing with a company of any size about 30 employees you have to use a system to kepp all of them working, or you are loosing money. That means you need to manage tasks and verify bugs before assigning them to engineers. And you don't have 30 engineers just sitting in the back room waiting to work on whatever you give them. They are probably already working on fixing another terrible exploit. The resources have to be allocated as you go based on what you see the threat as.
Anyway i hope this gives you a little more respect for the engineers who actually do this.
Regards,
Re:Stop bashing the X-Box! (Score:1, Insightful)
Re:why anti-MS? (Score:1, Insightful)
Re:Dell and Linux kinda a big deal (Score:2, Insightful)
*of course, chances are, an already-subverted manager means that you woulnd't have been hired.
If you really want to get rid of MS stuff, you have to buy a few shares in the company, then go to the shareholder meetings, and vociferously question their IT overspend relative to a linux or bsd solution.