Yes these are just 'born' troublemakers: Bohemians and barbarians. It's not like men have fought each other for resources before.

You can't expect them to collaborate with their 'enemy'
The only thing they can do is guerilla warfare or agree to the occupation.
If they didn't have the support from the palestinian public eg: if Israel was actually civil
with these people instead of raiding them en masse and 'interrogating' their children then Hamas
wouldn't exist as it is now anyway. Punishing everybody for the crimes of a few is wrong policy.

Threat the people like people, work your informants
and send special ops to the actual terrorists, that's how you get them.

Just out of curiosity which workloads are better suited to vim than Sublime and vice versa ? When do you decide to switch editors.

No, he was putting public keys (not private) into a home directory. Specifically, the user was root which was only possible because a) /root was exported (via exporting /), b) root squash wasn't enabled. Yes, nfs3 is fundamentally insecure. Any vaguely competent sysadmin knows this and knows to take appropriate precautions.

And what's the appropriate action besides root_squash and proper host access control (/etc/exports,tcp wrappers, firewall, etc ...) ?
It still doesn't do any real authentication.

I think he means you can spoof uid of some known user and get the private keys in his .ssh directory.

I guess it means that the apk's run on Dalvik or Art straight on the machine instead of in the emulator.

All trojans/bots/ransomsware is designed to circumvent antivirus. It is a arms wars between viri and anti-virus. At the moment the viri are winning it :(.

Well it's a reactive business (hopefully) so that's to be expected.

TCP isn't noticably more secure than UDP - the extra fields in TCP are unsigned and can be spoofed too.

But it's a lot harder since you need to have the server believe you've established a connection and can't just dump spoofded data on the wire like with UDP.

Thus, security is implemented on top of the transport layer, where it works just as well for udp as tcp. The advantage of udp then is that you get more payload per encrypted or signed unit, thus higher speed.

What are you talking about: NFSv4 ?, ipsec ? What is this security you speak of.

Also, avoid distros that set up NFS to use tcp instead of the default udp. That's a huge performance killer, and not needed unless you use hubs instead of switches or need to tunnel the traffic.)

I'm not avoiding a distro if it chooses tcp over udp.
Isn't using UDP instead of TCP removing that last bit of pseudo-security NFS has ?
Aren't you now vulnerable to all sort of spoofing mayhem now ?

init doesn't manage services. Services are either managed by inetd or by themselves. init only has to start the services.

That's not completely true: init (re)spawns (a|min)getties on the ttys. So it does some monitoring of its "special" children.
Wether this is feature creep and/or an exception I don't know.

The only problem with Macs is that people hoard them instead of throwing them in the trash where they belong. Else I would have picked up a Mac Mini on the ground, install BootCamp on it and then it would be about good enough as a DHCP server and porn storage unit.

So you want one but can't get one through "dumpster diving". Oh, poor you.

NFS is crap too and in my testing also slower.

Cgroups are used by VPS resellers IIRC.

So the solution is to hand the critical stuff to systemd-logind which I assume has root privileges.
Why didn't the Xorg folks split their root sections from the server themselves ?

Are you insulting the samba project ?