Comment Re:How to fix the app-store (Score 1) 258
Don't see what the hell #4 is supposed to do, to be honest.
But the rest is easier solved with "don't allow in-app purchases".
Don't see what the hell #4 is supposed to do, to be honest.
But the rest is easier solved with "don't allow in-app purchases".
And so the article, and the quote in the summary, are just plain lying:
"The Silent Power PC is claimed to be the first high-end PC able to ditch noisy electric fans in favor of fully passive cooling."
Bought a no-moving-parts power supply back in... oh, I don't know, 2003 or something. Sold as "cooled by heatpipes", pretty much the same principle - silent, no moving parts, passively cooled, no fans, huge surface areas.
They also did kits for the processor itself but I've also bought P2-era motherboards that were designed to be passively cooled too (same thing, huge heatsink, no fan).
So this is certainly not "the first" in the PC world (unless we're talking about "the first" to use some particular technology that just about replicates what I bought over 10 years ago). Not even close. In fact, it's over a decade out. And going outside the PC world, passively cooled chips are pretty common - you have a tablet or smartphone without a huge stonking fan, no?
The PSU is still working 10 years on if you'd like me to dig it out. I'm sure it wouldn't take much to butcher it to do the same job to the processor, especially if you can safely have it clock itself down to prevent heat being generated in the first place.
Yeah, but does it do windows?
</ducks>
My point is there are not enough searchers working on our behalf, primarily because there is not enough incentive. (The NSA and Chinese may have found the bug years ago, for all we know, but they have a strong incentive to find vulnerabilities. Not enough people are paying White Hats to find these bugs and get them fixed.) Linus' Observation uses the clause "given enough eyeballs", which implies to the reader that someone is actually providing the appropriate number of eyeballs required. That implied assumption is made every time someone says "Open Source software is more secure than proprietary software, because of Linus' Law." But it simply hasn't proven to be a realistic assessment, or a very effective guarantor of security.
There's an unwritten corollary at play here: "given enough code, you won't have enough eyeballs." And that's something else keeping Linus' Observation from becoming a valid hypothesis. It even applies to this story, as well. "Given enough Wikipedia articles, there aren't enough fact checkers."
It doesn't matter if it's a rational argument backed up by facts or not, or if he's done a risk assessment, or if it's a free, cheap, or expensive firewall. The Payment Card Industry's Data Security Standard (PCI DSS) has as their very first requirement 1: "Install and maintain a firewall configuration to protect cardholder data." It's not an optional requirement, and you can't justify not having one.
If you're going to handle credit cards on the system, it has to be protected with a firewall.
If your POS vendor isn't requiring a firewall, either they are not selling a system that takes credit cards, or they are selling shoddy, insecure systems that are in violation of PCI DSS. Fixing these problems will cost you dearly; worst case, they are setting you up for a breach.
Don't be a muppet. Limit the spread of malware on your network as much as possible by only opening things that need to be open, to places they need to be open to. There is ZERO reason, for example (plucked at random to illustrate a point), for your end user PC network being able to directly connect to SMB on your SQL server, for example.
Yes, in theory they need credentials to do that. But why leave it open to anyone who obtains credentials when you can be more pro-active about defending the box?
'Heartbleed'.
It took 4 years before it was discovered, and even then, it was only found because it was a security-related bug. Shallow bugs don't cause the Internet to break.
"Linus's Law" is a failed hypothesis; it is not a theory, and certainly not a law. The distinction is important. At best, it could be rewritten as "Linus's Oft-Repeated Wish."
So you think that money is the root of all evil. Have you ever asked what is the root of money? -- Ayn Rand