Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Re:And it's gonna rain (Score 2) 76

by MachineShedFred (#49546781) Attached to: Amazon's Profits Are Floating On a Cloud (Computing)

In addition to EC2, there are lots of other services that are encompassed under AWS that compliment EC2 nicely - RDS is their service for standing up easy database instances that take care of most of the configuration headache associated with the big relational databases out there (pgsql, mysql, mssql, oracle). Route53 is a scriptable DNS service. CloudFormation gives you tools to automate standing up entire application stacks including DNS records, load balancers, application servers spread across availability zones for redundancy, etc. OpsWorks gives you a Chef-esque service for managing software deployments. IAM roles allow you to grant servers access to other AWS services without having to deal with certificates / passwords / keys in an atomic fashion. There are numerous other services that I'm not even using right now, but exist as replacements for things we've already wired up in EC2 previously to Amazon announcing them.

It's a hell of a package that makes things like Microsoft Azure look like a joke in comparison, and is cost competitive with building out your own datacenter as long as you use it properly, and think about what you're doing a little - make sure you back your shit up out of AWS so that you always have an "off-site" copy, for example. And if you use something like Chef / OpsWorks, you can recover from a disaster practically anywhere if you have your cookbooks, source code, and data backed up.

Comment: Re:TURNS 25!?!?! (Score 2) 43

by MachineShedFred (#49544943) Attached to: Hubble Turns 25

Who gives a shit?

How about "Civilization." It's hard to think of other modern projects that have advanced the knowledge base of humankind as far as the Hubble Space Telescope. Not bad for being a "multi-billion dollar flop" when launched.

Of all the things NASA has accomplished, this is one of the big ones.

Comment: Re:Good enough to criticize the mechanisms (Score 1) 126

Following your "logic", Best Buy is responsible for the millions of computers that get infected with shit from running copies of Windows that were purchased at Best Buy and not patched / maintained? Because Best Buy just "pays for the brains of these app developers and then they resell it" ?


Comment: Re:Good enough to criticize the mechanisms (Score 1) 126

In no way does what the guy is describing magically allow code to take control of the full OS. If an application is executing, and then executes a maliciously crafted dylib, that dylib is still running as the user who executed the parent application - a.k.a. not root unless you've bent over backwards to re-enable the root user and log in as root because you completely hate security and best practices. If it wants to do something outside the permissions envelope of that user, it will still have to ask permission just like anything else on the OS; even if you are running as admin - all that gets you is the ability to put in your password to allow it, rather than have to click cancel. The only way around that is to also combine a privilege elevation exploit - and now we're getting into the incredibly improbable that you could find a signed app that would do both without a user seeing anything odd.

At the end of the day, GateKeeper wasn't designed to prevent that anyway, and this guy is presenting a massive straw man. GateKeeper was designed to give you a decision point between clicking on the random thing that appeared in your downloads folder, and getting owned. That's it.

Comment: Re:Dell, HP, Panasonic (Score 1) 400

by MachineShedFred (#49542961) Attached to: We'll Be the Last PC Company Standing, Acer CEO Says

1. If you are using OS X Profile Manager (or any MDM provider you probably already have to deal with iOS and Android), you don't need to maintain an "enterprise image" because you can just enroll a Mac and have it automatically become the enterprise image far quicker than you can reimage it, or pay Dell to image it by defining OS X profiles and assigning them to machine groups a la AD Group Policy.

2. You don't buy direct from Apple - even in enterprise sales they do the legwork and hand you off to a value-added reseller with the bid price in hand, and any VAR worth doing business with can give you the serial numbers and MAC addresses. Or, use the built-in Apple Remote Desktop agent to query the serial number and MAC addresses en masse from the machines when you do #1.

Macs can play nice in the enterprise, as long as you spend half an hour learning how.

Comment: Re:It is also a supervolcano. (Score 2) 151

by MachineShedFred (#49542869) Attached to: Yellowstone Supervolcano Even Bigger Than We Realized

Enough lead time and you can prep for anything nature throws at you other than universe-scale problems like the heat death of the universe. Maybe even that can be managed successfully though I'm not feeling up to it.

Yeah, so we know that the sun will burn out in ~5 billion years. Get cracking.

Comment: Re:Hi I'm Patrick (Score 1) 126

I still don't see how this is any different from just exploiting an app vulnerability, regardless of the presence of GateKeeper. What you describe is no different than the hundreds of arbitrary code execution vulnerabilities found in Flash, Java, etc. since the dawn of these frameworks.

GateKeeper was never meant to keep all malicious code from executing, ever. It was meant to give you an "are you really sure you want to run this thing that appeared in your downloads folder" chance to not screw yourself over because some git with a website thought it would be cool to force-download some garbage to your computer.

"It's when they say 2 + 2 = 5 that I begin to argue." -- Eric Pepke