Slashdot Mirror
What Examples of Security Theater Have You Encountered?
swillden writes "Everyone who pays any attention at all to security, both computer security and 'meatspace' security, has heard the phrase Security Theater. For years I've paid close attention to security setups that I come in contact with, and tried to evaluate their real effectiveness vs their theatrical aspects. In the process I've found many examples of pure theater, but even more cases where the security was really a cover for another motive." swillden would like to know what you've encountered along these lines; read on for the rest of his question below.
swillden continues: "Recently, a neighbor uncovered a good example. He and his wife attended a local semi-pro baseball game where security guards were checking all bags for weapons. Since his wife carries a small pistol in her purse, they were concerned that there would be a problem. They decided to try anyway, and see if her concealed weapon permit satisfied the policy. The guard looked at her gun, said nothing and passed them in, then stopped the man behind them because he had beer and snacks in his bag. Park rules prohibit outside food. It's clear what the 'security' check was really about: improving park food vending revenues.
So, what examples of pure security theater have you noticed? Even more interesting, what examples of security-as-excuse have you seen?"
So, what examples of pure security theater have you noticed? Even more interesting, what examples of security-as-excuse have you seen?"
Airports... Need I say more?
More Twoson than Cupertino
No trolling intended, but the war in Iraq now is the biggest piece of security theater on the planet. It does not make the US safer ( indeed it probably does the reverse ) but it does give certain people benefits. Chaney and friends make millions on no-bid contracts, and neocons get to implement policies that in more normal conditions would not be tolerated by the public.
While creating an intranet for the company I was doing some outside work for I ran into a problem authenticating through their antiquated AD system. Rather than updating everything or heaven forbid give management an actual password to remember my instructions were to "make it as scary as possible but don't actually put a password on it." I had a four tiered authentication system which would allow you to move forward regardless of what was put in the text boxes. They loved it, and a little piece of me died when I cashed the check.
"Never let your sense of morals prevent you from doing what is right" - Salvor Hardin
If public CA's are supposed to be trusted authorities of identity on the Internet, why do we have to have "extended validation" of an entity before they get a certificate? If we can't trust the CA to validate entities before issuing certificates in the first place, how can we trust them to issue Extended Validation Certificates in the second?
Oh, I forgot, they are in collusion with Microsoft and other CA's to inflate the cost of digital certificates they already issue.
In 2001 I was living in an apartment complex in a North Dallas suburb. If you got a package that wouldn't fit in those teeny-tiny mailboxes then the mail man would drop off the package at the apartment complex office and you could pick it up in normal office hours.
After September 11th, the apartment management sent out a memo to all residents that because of the heightened state of terrorism awareness the office would no longer allow packages to be held there for the residents.
Of course my first thought was they were just tired of dealing with the packages and saw this as a convenient excuse to stop holding packages for people.
No todo lo que es oro brilla
Oh, and "inspections" of laptops at the border.
Yeah, that will help (actually, it does. It helps because it drastically reduces the number of willing visitors to the US)..
My adviser back at University, Rich Maddox, used to tell a story from his youth, when he was dating a girl who (apparently for religious reasons? I don't remember exactly) always carried a large knife in her purse. So anyway, they were going to Disneyland with a couple of friends, and as they went through the entry turnstile they stopped Rich and asked to check his backpack for weapons and so forth. And they found a pocket knife there, and told him he couldn't bring it into the park because it was dangerous. That's when Rich called over to his girlfriend who was already inside, and said "Honey, do you still have that knife with you?" And she pulled it out of her purse and said "Yeah, why do you ask?"
(rot13) rpbzbab@tznvy.pbz
Every time I'm held up by the "No Fly List" because I have an insanely common name, I feel like a victim of security theater. How many would be terrorists have been caught by the no fly list?
In my opinion almost all forms of random searches are security theater.
People putting loaded handguns in their homes in the case of a wood-be assailant or robber breaking in. This is not only security theater, it increases the risk you are putting yourself and your family in. Not to mention that in most instances of murder the victim knew the assailant. You're more likely to die of suicide than a robber killing you.
I don't know if these are examples where the security theater is a cover for another reason--unlikely. But there's clearly examples where it just makes your life worse more often than better.
My work here is dung.
I cannot verify this story, anyone else?
Back in ArpaNet days, MIT had machines running an OS called ITS. It was a friendly and happy world and there were user accounts but no passwords. But networking means that strangers can connect and so Arpa insisted that passwords be added. So the ITS developers added a password prompt that ignored the password, and this made the Arpa people happy for a while until they figured it out and made them actually check the password.
In a similar vein, Microsoft file server passwords were originally checked only on the client, a fact which went undiscovered until Samba came along.
I had a boss that named the wireless network "Virus". On asking him about this, he explained "it's to scare off hackers - they won't connect if they think they'll get a virus". Ah, ok.
It's probably worth pointing out he wasn't aware you could "secure" a wireless point with a basic WPA key at least - it was completely open, anyone could walk right in, assuming they beat the fear of the "virus" that was.
throw new NoSignatureException();
The libraries let you sign your own books out. You place your book and card under a scanner, and then it demagnetizes the book so the alarms won't go off when you leave. The scanner only reads a barcode though, so you can stick five books on it, sign out one, and demagnetize them all. Presto, four free books.
Of course, when the security alarms do go off at the library anyway, they just let the people walk out.
...while I was temping for a company in Chicago, I was asked to deliver a box of candy to a client in the Sears Tower. While entering, I went though the giant, heightened security setup - x-rays and all - and got held up because I had a box cutter in my backback.
They held it up triumphantly and shouted at me, "Just what do you expect to do with this?!"
I wanted to ask them them the same question back. Just what did they expect I'd do with that? In a building that had security guards with guns? Was I going to hijack the building and crash it into a plane?
On my bank's web site, when I used the browser's back button, things started to get out of sync. You had to click their own custom back button somewhere in the pages so that everything would continues to work.
When I called to report it, I was explained that I had to click their own back button, not mine. When I said "Yes, I know, I just wanted to let you know so that you can fix the bug sometime", the final answer was something like "It's by design. It's for security reasons". At that point I was expected to say "ok. thank you" or whatever, and to understand that a "bug" was totally unthinkable on their super-reliable ultra-secure blah blah bank site.
Nevertheless, a few months later, the bug was gone. I didn't call back to say I'm now worried about the security...
The article fails to talk about security as a deterrent.
The RFID bracelets on an infant can give comfort to the parents but its more of a deterrent then anything. Sure the hospital can tell the parents that their child is protected. But the hospital is not protecting the child as much as its protecting itself. For example:
A guard that is in the bank is not there to stop a bank from being robbed. He deters people from committing the crime itself. In a robbery situation the guard himself is useless because the individual or individuals robbing a bank would take him out first. But in most bank robberies, the criminals are going to go after a bank without a guard anyway.
A mall guard doesn't stop people from stealing, he creates the presence of being watched, therefor deterring people from stealing.
Same goes with cameras in stores. Most of the time no one is monitoring the cameras and if anything their used to watch employees over customers. But their deterring employees from doing anything unethical or illegal and they deter people from stealing.
In my opinion the idea of security theater and feeling safe is crap. You might as well spend the time and effort to know your safe then make it seem like you feel like your safe.
...but what the hell is up with these users starting their replies with something like: "I'll probably get modded down for trolling, but..." Are you saying you know your answer will not be appreciated, but you're just the kind of crazy, out-there, don't-give-a-damn, cool guy that says it anyway? Just say what you have to say and stand by it. Stop showing off your insecurity, and/or lack of knowledge on the subject.
What's left to say? It's pretty clear that drugs are more dangerous when they're only available in the unregulated black market than in a regulated legal market. Criminalizing the use of drugs only hurts drug users more, yet it's done in the name of safety.
What's worst is that we've been fighting this war for decades, no end is in sight, we've spent more money and lost more freedoms fighting it than we have in Iraq. And still, no one in power has the balls to speak out against this.
We live in a sick, sad world. People who would meet the non-violent act of drug use with the violent acts of arrest and imprisonment are themselves violent criminals. Yet in this society they are deemed good citizens.
Give me Classic Slashdot or give me death!
rj
The DOD replaced reasonable passwords with Common Access Cards. The difference? Instead of having to find out someone's 8+ character alphanumeric password that changes every month, you need to have physical access to their card and need to know their 6 digit number that never changes. Meanwhile, everyone is forgetting their card in the reader when they go to lunch, so they can't get back on base -- but feel free to use it yourself in the meantime.
Whale
I was working with a particular system where the vendor added a strict password security policy. They require a mixture of uppercase and lowercase letters as well as at least one digit or special character. Later on, I discovered, by accident, that the password is not case sensitive when you actually go to login. It turns out that the routine for setting the password enforces stronger passwords than the underlying system can actually support. The vendor, of course, claimed that they would be upgrading their underlying password encryption algorithm very soon.
OK, solution. Ask for TWO cans of soda. Drink the first one and then tear the second one in half. Try to pour as much of the flowing liquid into the now empty first can.......no wait.. Ask for THREE cans......crap....
I was living in Salt Lake City during these games. Remember that the Olympics were only a few months after 9/11. There were huge security concerns. We saw low flying helicopters over the city we were told were searching for nuclear material. We saw various 'special forces' teams deployed in the mountains around venues looking for 'snipers.' The security downtown was surreal. People were checking every car coming in and out for bombs. Everyone had to go through metal detectors (in some cases, you actually had to pass two layers of metal detectors). The amount of government agents per city block was astounding. Many were armed with sub-machine guns. For such a quiet city like Salt Lake, seeing troops walk around in full combat gear was quite theatrical.
My favorite security theatric was an ATF agent standing on a street corner, machine gun in hand and in full combat gear. He was waving and smiling at people driving buy to be sure they all saw him and his gun. I stopped and watched him for about 20 minutes before he started using his radio while giving me the 'killer' eyes. Despite the smiling and waving, he was not friendly, not at all. I decided to vacate my vantage point. Those guys were so bored they were looking for targets to harass.
Patriot Act
I had some stock options through my job that I tried to cash through the etrade account that had been set up for me. The stock price was rather high, and our trading window was about to close, so I tried selling at literally the last minute. The sell order failed, and no reason was given. A few days later, I received a letter in the mail from etrade telling me that my account was locked. Several years before, while living in a different state, I had an etrade account. Because the SSN was the same on both accounts, but the addresses were totally different, some part of the Patriot Act made them lock my account until I could prove my identity by sending them a notarized copy of my social security card.
Another example, which isn't really security theater, just shitty work by the TSA happened to me a few years before that.
My wife had to fly out of state for a funeral, and she took our 6 month old daughter with her. I took them to the ticket counter. Since she was traveling with a baby, a car seat, and her carry on bag, the ticket agent offered to print me a pass that would allow me to accompany her to the gate and help her carry her things.
As I was getting up to the xray machines, I remembered that I had a small pocket knife in my pocket. I hadn't removed it since I wasn't expecting to go through security. As I got to the xray machine, I told the operator what had happened, and told her that I'd just go back through the line and put the knife out in our car.
She seemed ok with that, and told me that I could just go ahead and go through the xray machine, and out the exit that was just a few feet from the xray machine, so I didn't have to go back and work my way through the line.
As soon as I went through, several TSA agents came up and detained me for attempting to bring a weapon through the security checkpoint. I wound up being searched, my 6 month old daughter that I was holding was searched, and I was questioned for about an hour as to why I had tried to take a knife through security. Not once did they go talk to the lady running the xray machine less than 50 feet away, who had told me to go through.
In the end, my knife was confiscated (It was about a $50 knife), and I was threatened that I could be under arrest for attempting to smuggle a weapon through the airport, and I could be facing a several thousand dollar fine for it. They filled out a report, and made me immediately leave the terminal.
About a month later, I received a letter from the TSA saying that they had chosen not to fine me this time, but if I ever came up in their system again I would face the maximum penalties.
That was the day that I lost all faith in our government.
In a past life, I worked for a major aerospace company. Security appeared pretty tight, what with armed guards checking IDs at entry points. They also had manned checkpoints to check vehicle passes at the road entrances. These were usually issued to upper management, enabling them to park inside the fence, close to the buildings. The peons had to park outside and walk in.
Because of my job in various R&D labs, I was always hauling equipment around in my personal vehicle. There were provisions to issue employees in my position a temporary vehicle pass and a 'parcel pass', allowing us to transport company equipment through the gates.
Throughout my career, I was never ever challenged when exiting a facility with a hatchback, obviously loaded with expensive equipment. The vehicle pass system existed only to ensure that some scumbag grunt didn't park in a manager's space. Security guards were nothing more than glorified parking enforcement.
At some of the production facilities, gate guards were instructed to examine lunch boxes of the workers exiting to ensure that they were not swiping tools. Briefcases were exempt from such checks, as they were typically carried by trusted engineers and management. As most of the engineers working within production facilities were indistinguishable from mechanics by dress or any badge markings, I suppose it never occurred to security that a worker intent on swiping tools could obtain a briefcase.
Have gnu, will travel.
I was trying to transfer some funds out of a joint bank account. I used the phone based system (and answered the usual security questions). Then the person told me that for the transfer to be allowed, both people on the joint account needed to sign-off on the transfer.
The other person wasn't available... so I just said "Ok, hold on I'll get him." Then waited a few seconds and said "Hi. Yes, I'm he. Yes I confirm the transfer."
They transferred the money. No authentication, no double-checks. Just some voice on a phone (I didn't even bother faking a different-sounding voice) saying that it was ok.
A local school here recently went to a closed campus. They paid a lot of money to fence between all perimeter buildings (really old school), and to put up large gates.
During school hours, the only way onto the campus is through the front office (or any door that someone opens from the inside). You can exit the campus from any perimeter door. For good measure, they mounted a security camera to watch the door into the front office.
They placed it so that it records the back of people as they enter the office. At least it would, if they hadn't mounted it directly behind the four inch steel post they installed to mount the gate that closed the campus.
Now, the camera takes a nice video of a shiny new fence post all day.
Everyone knows the camera is useless in its present position. Nobody cares. All the expense of the fences, the gates, and the cameras was never about security.
I have a friend who works for *organization*. They work in a
single-story building, in a suburb of a second-tier city. The building
sits on its own plot of land, on a hill, in an industrial-office-park
kind of area. The building is a lab, but it's mostly monitoring
equipment. It's not weapons, or explosives, or significant quantities
of chemicals.
This is probably not what anyone would consider a high-value target.
There's never been any kind of attack or threat against the building
or its personnel. But after 9-11, management started obsessing about
security.
The first thing they did was get armed guards for the building. Armed
guards did not make my friend feel secure. My friend wondered about
their training and worried about getting shot.
Guard duty is tough. It's hot in the summer and cold in the winter,
and the guards aren't in good condition to begin with, since they just
stand there all day and never get any exercise. In practice, the
guards spend most of their time sitting in their cars in front of the
building, with the engine running for heat or AC.
Management decided that this didn't look good, so they built a guard
shack along the right-hand side of the driveway. Now the guard sits in
the shack and watches the cars go by.
But that didn't seem very secure either--a bad guy could just drive
right by without stopping
(http://en.wikipedia.org/wiki/1983_Beirut_barracks_bombing).
So they added a gate, and spikes, and a card reader. To pass, an
employee stops at the gate, rolls down their window and swipes their
card. The gate goes up, the spikes retract, and they drive through.
My friend doesn't trust this system a bit, and makes a point of
watching to see that the spikes have retracted before driving over
them. There was speculation among the staff as to who would be the
first to blow out their tires on the spikes. As it happenes, it was
the mailman, followed some time later by two visitors who either
didn't see or didn't understand the signs warning against following
another vehicle through the gate.
I suggested that they stencil silhouettes of all the vehicles they've
caught on the guard shack, the way fighter pilots (used to?) record
kills on the nose of their airplanes.
My friend points out that even with a gate and spikes, the system only
protects against attackers who
- care about their tires, and
- don't have trucks
because any vehicle can blow through the gate and make it the short
distance to the building on four flat tires, and any truck can drive
over the curb and avoid the whole thing.
Management decided that blowing out their visitors' tires was
unfriendly, so they instituted a new procedure for passing the gate.
Now, drivers stop at the gate and roll down their window. The guard
walks from the shack (on the right), in front of the car, to the card
reader (on the left), takes the driver's card, swipes it, and returns
it to the driver. Then the driver can pass.
The staff considered that the guards were now at risk of being run
over--and it happened. An employee reached down in his car to get his
card, his foot came off the brake, and the car rolled forward into the
guard. The guard was taken to hospital--I don't think the injuries
were too serious. The driver has to appear in court and pay fines--I
don't know if it is criminal or civil.
This is beyond security theater. This is real damage.
It also helps politicians pander to ignorant members of the right.
"Not an actor, but he plays one on TV."
Every year, my lady and I go up to Canada for the 4th of July weekend to escape the annual (and mostly illegal, under local city codes) fireworks war-zone that infests our neighborhood. We've been doing this for several years, and in fact we both just got our NEXUS cards.
To help put this in context: I'm a ham radio operator, as well as a volunteer first-responder. I've had formal training, through our city's fire department, in disaster relief, emergency medical procedures, basic search-and-rescue, the whole bit.
Because of the above, our minivan is well-equipped for emergencies. I've installed multiple communication radios, a navigation computer, and I carry a medical trauma kit and various safety gear such as flares and a reflective vest. Besides the small antenna farm on the roof, I also have a light bar mounted on the back end (amber, red, clear... same as many tow trucks).
Every bit of it is legal under the road laws of every state except New York (I know, because I spent a couple of long nights going through said laws to make bloody sure!). Couple all that with the fact that I work for our state's police agency (non-commissioned, civil service).
Now, with all the above in mind -- Last year, we're coming back through on Sunday afternoon. I normally have the radios and navigation system on while driving, and this has never, in times past, been an issue.
Not this year. The border guard we drew seemed to be short on both sleep and temper, and rudely ordered me to turn EVERYthing off before he would even talk to us. One of the questions he asked, after that point, was who I worked for. When I told him, he said (snappily) that, for that reason alone, I should understand why he'd told me to turn everything off.
He let us move on at that point, but before I took off I told him, flat out, "No, I don't understand."
And it was the honest truth! If someone's going to try and set off something that goes bang via radio, or other wireless means, it strikes me that they're going to go to considerable effort to keep such activities hidden. They certainly would not do so in a hugely-long border-crossing line, where there was absolutely no way to move anywhere but through the guard posts, in a minivan that stands out like a solar flare and has ham radio callsign plates to boot!
I have no clear idea why this guard was so nasty, or what bizarre purpose his attitude served. I will say that it did indeed strike me as pure theater.
The only thing I can think of is that, perhaps, his sergeant or lieutenant was observing him at the time, and we didn't notice...?
Keep the peace(es).
Bruce Lane, KC7GR,
Blue Feather Technologies
in 2002 I bought a ford focus zx3, complete with a blinking red light on the dash, which the dealer refered to as an "anti-theft device."
The consulting algorithm:
1) Find out what they want. (They will ask for bells and whistles and not tell you core process basics.)
2) Figure out what they actually need. (Research their actual process and design improvements.)
3) Try to convince them to want what they actually need and change the spec go with that.
4) After step 3), give them what they now want, whether it's what they need or not. (Provided it's legal and ethical.)
And of course:
5) Profit!
They are the bosses / customers. They decide what to spend money on. You are the hireling. You agree to do what they want in trade for the fee they pay. After step 3) your moral and ethical obligations are discharged - and if your suggestions are good you've proved your worth. If they're smart they go with what you suggested - or know something about their business that you didn't and reject your suggestion on that basis. But if they decide to do something you think is stupid once they've been informed, it's their business, so it's their call.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
It's rather hard to believe that authorizing everyone to carry firearms can in any way make the society safer... Here, in Europe, if I met a girl who carries a pistol in her purse, I would immediately freak out and run away!
The office had a second door with a peep hole into the laundry. To give the camera an air of legitimacy, she sat in the office one night and made a note of everyone who came into the laundry. When they came in to pay their rent the next week, she mentioned that she saw them doing their laundry on the "tape" and asked about a fictitious mess that was left.
She managed to do this to a couple of the complex gossips, and never had a problem in there again.
I was an intelligence analyst in the NJ Army National Guard until my contract ended in 2006.
We were deployed twice to protect Port Authority facilities around NY and NJ. On both deployment we had our weapons M16A2s or pistols. On our second deployment we were not given ammunition. Yes, we were walking around in uniforms holding empty rifles.
The best we could do is radio the Port Authority Police or possible club someone trying to steal our weapons. Our combat effectiveness was slightly above that of Nerf.
Welcome to the land of the free...pay toll ahead...no photography...please open your bag...
In a similar vein, Microsoft file server passwords were originally checked only on the client, a fact which went undiscovered until Samba came along.
It wasn't just Microsoft. NFS at one point in my life was synonymous with "no fucking security". It trusted the UserID that you transmitted with it. UserID 0 was a handy value to use...
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
These things have bugged me for a long time. I mean, have they ever really been tested in court? The last time I checked, I couldn't find anything apart from "experts" recommending their use.
If I put a confidentiality notice on a postcard, is there a reasonable expectation of privacy?
No one could ever have something like a four hour drive to the nearest major league stadium which with one wrong turn could include a trip through the seedier part of the city?
That'd never happen because everyone lives in perfect happy little suburban utopias where everything is a five minute walk away.
Sad thing is I predict you'll get insightful and this will get flamebait.
Not having flown a commercial airliner recently, I'd completely forgotten about the liquid/aerosol rule and decided to carry my luggage onboard. After standing in line for awhile, I noticed the signs and remembered. Crap! I had my mouthwash, an aerosol can of deodorant, and my aerosol shaving cream with me. Given the length the line had grown to, I decided to just forgo those items than risk being late.
A bit about those three items. Both the shaving cream and deodorant were in aerosol cans, both larger than the size allowed, but obviously retail items. The mouthwash was too large as well, and was a generic amber bottle, about 14 or so ounces, with a prescription sticker (I have gingivitis).
I pull all three items out, and just tell the TSA guy that I know I need to toss them. He glances at all three and tells me I have to ditch the deodorant and the shaving cream, but I can keep the mouthwash.
Because it's prescription.
So, the two retail aerosol cans that are nearly impossible to inject anything into are verboten, but the amber bottle with the mystery liquid in it, that's okay, because it has a sticker with a Walgreens logo on it. Fan-fucking-tastic.
Coincidentally, http://thedailywtf.com/Articles/Overdue-Retirement.aspx.
Media that can be recorded and distributed can be recorded and distributed.
-kfg
Security systems that will let you in with nothing more than a fingerprint scan. Gee, what's more difficult: guessing the correct password within 3 attampts, or lifting a fingerprint and making a gelatin mold? (hint: see Mythbusters to see how difficult it isn't to create a gelatin mold)
Of course there are the obvious TSA stories, but I think the more common stuff may actually be worse.
Working as a contractor for a giant Electronics retailer that shall remain nameless, I saw a memo regarding their policy of searching people's bags as they left, and sometimes entered, the stores.
The public reason given for searching those who left the store was, of course, loss of merchandise. The public reason given for searching those entering was safety...
However the REAL reason for both of these, was to (paraphrasing from memory) 'Establish [company name] as the authority figure in the sales transaction and subsequent customer service encounters...'
Yikes! 'We're in charge here, we've got big scary minimum-wage thugs, You'd better Buy as we say!'
Now if that's not 'Security Theatre' at it's worst, I don't know what is....
=R
Are you *sure* it wasn't the sunblock that made him pale?
Patriot Act, DHS, color coded security threat levels, etc.
For the longest time, I was on the "do not fly" list. I never knew why, but my name is very common. Turns out somebody used an alias the same as my name in the Bahamas to commit international wire fraud - I found this out when it took 6 hours to open a $100 bank account. It wasn't identity theft - just coincidence.
So here I am, not only taking my shoes off, but also being escorted to the back room for the "enhanced" security check every time I fly on an airliner. The only problem is that I'm an FAA-licensed pilot, and have all the clearance to enter just about any area of the airport! (once I get past the extended searchdown, that is)
What a joke...
I have no problem with your religion until you decide it's reason to deprive others of the truth.
I've read a lot of replies that said that TSA security checks were theatre, and they're right, but nobody has mentioned the requirement to present identification. To me, this is the most glaring bit of airline security theatre, because it has almost no security value at all, but a huge ulterior motive for the airlines.
All computers scattered all over a county are hand configured; there is no DHCP. Reason given: security.
All computers are required to have only Internet Explorer 6. Reason given: security.
All computers have their CD-Rom drive disabled. Reason given: security.
All computers allow USB flash drives. Reason given: security.
At the point the Snack^WSecurity Guard is searching the bag, he has the gun, and the owner of the bag doesn't.
-- Alastair
BTW, what do you mean "at one point"? I thought NFS still accepted UID for filesystem permisson purposes, unless you have the "secure" option set, which then it requires one to "keylogin".
I believe the word you're looking for is "snackurity."
I dunno, man. There's a whole lot of amazing confidence in these broad statements:
/. and all, but perhaps there's something to be said for following the same standards of knowing what the f*** you're talking about before you open your mouth that folks here demand of others when they, for example, opine or legislate on tech issues. Otherwise the general perception of this crowd as pointy-headed geeks who are immature children outside their area of professional expertise is...well, justified.
The reason that America hasn't been subsequently attacked had nothing to do with punishing the silly, stupid Taleban in Afghanistan, or fomenting a war in Iraq.
No subsequent acts have occurred for any number of reasons, almost none of which have to do with the wars, as the wars were about pride and oil.
And you know this because....? Because you're tight with the top thinkers inside al Qaeda? You've got good contacts in the backcountry of Pakistan? You speak all the relevant languages and have access to intelligence intercepts of the phone conversations? You've spent two decades studying the history of terrorism from original sources, interviewing suspects and counter-terrorism agents?
Or is it just that these conclusions seems reasonable to you, based on your average-Joe reading of the news and your common sense (supplemented of course by your ideology)?
I'm not saying you're wrong, because I don't have access to all the information necessary to make a judgment one way or the other, and I know that.
But I daresay if some politician made some equally sweeping general statement about why Microsoft is despised by Linux groupies, or whether or not the GNU license model made sense or not, based on a similar combination of what's in the nightly TV news plus his own "gut instinct," you'd jump all over him for being an arrogant ass and speaking far more assuredly than he should about stuff that is for the most part completely outside of his experience.
I realize this is
I had a contract at a high security government site. At one location an MP actually had a M16 pointed at me while I worked but that's a different story. At this location the computer room was raised and had a ramp leading to a secure door. Not having the proper card to get in I always needed an escort for access. The problem was no one was ever around when I needed in.
One day after waiting 45 minutes for my escort I had an idea. I lifted one of the tiles in front of the door, slipped under and came up the other side of the raised floor. Another 45 minutes and my escort finely arrived beside himself I was already in the room. He lectured me about Top Secret this and Top Secret that, the ramifications and had to know how I got in... So I told him. They installed a barrier under the floor.
The next time it happened I looked up and saw a tile ceiling. The lecture worked because I didn't go over but I was tempted.
-[d]-
Nah. A Fremen.
Shop as usual. And avoid panic buying.
If the card specifically says "please ask to see id" I doubt that very many clerks would accept the "it's my husband's card". Generally speaking, most stores will not take a card unless they believe that it belongs to the person presenting it. If they can show ID with matching last names, then maybe, if you're lucky they'll take it. Generally, people who share credit card accounts get separate cards with their own names on them. They don't use other people's cards.
Using the card at an ATM requires a PIN number. They aren't going to know your PIN number. There are special credit-to-cash machines in some casinos which process a credit card charge and then give you 95% of the money, but those are not very common outside of casinos, so for those of us who don't live near a casino, it imposes an additional delay.
Using it over the internet usually (although not always) requires the billing address associated with the card. The reason they require this is because it is something that the cardholder knows that someone who stole the card or found a lost card probably doesn't know.
Admittedly, writing "Please Ask to see ID" doesn't offer any improvement over signing the card in the later two scenarios, but just because a security measure doesn't help in all possible situations doesn't mean that it isn't an improvement, especially when those situations are less common anyway.
In the end, what it comes down to is:
1) Signatures are easier to fake than IDs are, especially when you have an example of the signature to work with. Most store clerks, even if they check, are not knowledgeable enough to recognize the difference between someone's real signature and a copy. Making it worse is the fact that the signature field on a credit card is only about half the height of most people's normal signatures, so the signature in the field often doesn't really resemble the person's signature.
2) Even people who don't check the signatures sometimes notice the "Please Ask to See ID" written in the signature line. Several times I've seen clerks not check signatures for people in front of me, but then, when I hand them my card to swipe, they notice what's been written in the field and ask to see my ID.
3) In most states, the driver's licenses have the signature on them, so they can still check the signature even if the card doesn't have one on it.
So, sorry, but this legitimately does make it tougher to use a stolen credit card, whether or not it's inconvenient to you.
He might live in California, where the second amendment is a distant memory, something about arming bears (there's a bear on the flag, right?).
Socialism: a lie told by totalitarians and believed by fools.
I think the scenario is that some burglar breaks in to steal your goodies, you try to be Rambo and it turns out he's a better shot. Another possibility is the lover's quarrel that escalates to murder in the heat of the moment. Or if you have a concealed weapon in our purse and it gets snatched, you just armed the thief. Come on, I'm sure you can think a few ways that having a gun could backfire, so to speak.
Simply pointing to the correlation between gun ownership and suicide or the likelihood of being murdered as arguments against gun ownership are rather weak and generally an intellectually dishonest tactic to imply conclusions that don't actually fit the data.Who said I was against gun ownership? I was amused by the call for a citation that didn't include one, so I Googled a couple. I should have said "some studies show," although I did try to make my lack of expertise clear. I don't really care if people own guns, and as a matter of fact I support the 2nd amendment given the current reality. But I think it is just as dishonest to assume that guns are an equally good idea for all households. If you live in a low crime area, have children, etc. it's is perfectly possible that you are safer not to have a loaded gun lying around. And if it's not loaded and easily accessible it loses a lot of the home protection value.
You are right about correlation and causation, but when making decisions you've got to start somewhere.
Some privacy policy Slashdot.
Hehe. One of the incidents that prompted me to ask this question was my own experience at Disney World two weeks ago.
The friendly security guard carefully looked through my backpack, even making me pull the cover off my camera to check that it wasn't dangerous, and then passed us on in. So the only thing the guard was keeping out was weapons in bags. Weapons carried on the body sail right in.
As someone who frequently (and legally) carries a gun hidden on my body, the situation just made me shake my head.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Have any of you heard what happens if you get caught with a box cutter in an airport? Well, I'll tell you. I accidentally left some tools in the side-pockets of my backpack after a camping trip. One of them was a honest-to-God Sears box cutter. Not any of that dayglo plastic crap--this thing could bludgeon as well as it could cut.
So, I'm at the airport, ready to board an international flight with that same backpack. To their credit, the security checkpoint found the thing, but what do you think they did? Nothing! No taking down names and numbers, no "Why don't you have a seat over there?"--nothing. They just threw it in a big red bucket with, among other things, at least two other bright orange box cutters.
Now, seeing as how I was just trying to get to Frankfurt in one piece and that it was an honest mistake, they did the right thing. But what other than "security theater" can you call it if you've set up the infrastructure to catch box cutter-wielding hijackers (whether that's a threat or not), and you just let folks on after anonymously checking their cutlery.
It was well documented and everyone knew about it. There's no theater if there's no deception.
That's not a case of security theater, that is just a case of someone using the wrong tool for the job.
If you want authentication on top of sharing files over a network, there are other options for that, none of which is NFS alone.
Granted today NFS tries to take authentication into the picture as well, but originally that was not its intent.
There are now addons to it (such as keylogin) which can be used, and of course one can run NFS over a VPN which handles the authentication and possibly even encryption if you wish.
Thank you. There seem to be so many people who have bought the propaganda to the point that they no longer understand what some words mean, or perhaps they never knew so the definitions have been defined by propaganda.
Insurgents rebel against legal authority, they are individuals within a group that rebel against the group. People from one country who attack another are generally invaders, aggressors or terrorists depending on the scale, government involvement and nature of the attacks.
The US has not experienced an insurgency in Iraq. The Iraqi government has, but that government is of dubious standing in Iraq given that it has been installed by an illegal invader. Hypothetically reverse the conflict and ask yourself if someone invaded the US and installed the government they wanted, would you fight against it or simply accept it? If you would answer the former, you could well be labelled a "terrorist insurgent", or "resistance fighter" depending on the political standpoint of the labeler.
Not many monitors or practitioners of international law consider the invasion of Iraq legal, close to zero. There was no UN mandate to support it, there were mandates supporting the use of force but they were irrelevant to the situation at the time. The only people who argue that it was legal are American neo-cons, hardly known for their understanding or respect of international law, their cronies and idiots who buy the propaganda.
Please re-read the dictionary because while the definition of terrorist has changed recently, the definition of insurgent has not yet been corrupted in the good book.
I don't therefore I'm not.
(Quotes are paraphrases)
(Yes, I have emails to back this up and CTV and Global has on-line articles to corroborate the facts below)
A while back at the University of Winnipeg some delinquent wrote that (s)he would "shoot this place up" on a specific date at a specific time. After that, the University's President Lloyd Axworthy said that "Universities are under attack." Which is rather an embarrassing statement. There is a profound difference between bad things happening AT Universities and bad thing happening TO Universities. Universities are certainly NOT under attack.
They at least planned the typical impotent measures. Namely, more CCTV, bag checks, etc. Nothing that would actually improve security. Worse yet, I personally emailed them not only telling them of this, but I provided recent real world examples of these measures not working. Point of fact, the answer that I got from Lesely Thomson (Senior Executive Officer & Advisor to the President) was that (exact quote) "we will now have a new "normal" and we are in the process of establishing that." You know, mandatory bag checks at entrances that create bottlenecks enough to create proverbial fish in barrel. Nice work.
But, here's a kicker. The same things were happening at Brandon University (and I believe that the University of Manitoba as well). All of this and the President of the Student Unions at both BU and the UofW were quoted as happy with the reaction and found it completely appropriate. I was also still subscribed to the UWMSSA mailing list and its President encouraged co-operation of these nonsensical measures. I'd expect better from a Math person given the high level of critical thought required in that discipline. I also cc'd both UofW student reps and got zero replies from them (at least that I saw).
The entire episode was a ridiculous over reaction with profoundly negative impacts for our future. One of the pillars of society, our educational institutions, had fallen that day. When the world of education and critical thought can't use what it apparently teaches... such things are so very disturbing.
Some 3 weeks after 9/11, I was flying from PHX to SJO and had my toenail clipper confiscated by airport security.
As I walked to the gate and sat in the waiting area, I spied a very-cute young blonde. I sat next to her and noticed that she was knitting.
I asked what she was making, and in the process of telling me, she explained that the needles she was using were 16" long and made of stainless steel.
I was so struck with the absurdity of the situation that I became flustered, and unable to secure her phone number.
Actually+, I think all sentences should be punctuated so as to indicate tone` We could reform the world^ /Everyone knows how beautiful% perl scripts are---why hasn't this spread to the rest of printed# text? It could@ do &wonders for ==human.computer interaction!_ ))Just think: with{everything so clear,$we,could,see+world+`peace]`within&&our$lifetime! \|Misundersta%%ndings %{in*^written)()communi+[cation,"would@become^things&of the past@@
--TheOrangeSquid Is it any wonder things seem so awry? We swim in a sea of confusion and don't have to think to survive
Please note that it is VERY difficult to conceal a 4-foot long rifle in the front pocket of a hooded sweatshirt. And walking around on the street with one is likely to get you very odd looks, if not phone calls to and visits from the police.
SRSLY.
Here is Southern Ontario, we have two problems: tigers and elephants. The former eat our pets and can be dangerous to children in backyards. The latter wreaks havoc on our lawns.
...
...
I sprinkle pepper on the lawn and have some special rocks that I put in front of the house.
Both these procedures keep tigers and elephants away, and so far, they have been 100% effective
Yes, security theatre does work
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
Scenario 2: My wife puts camera in one coat pocket, Ipod in second, cell in third along with the collapsed purse, and walks right through security.
Makes. Me. Crazy.
At the local High School, here in rural south Georgia where just about everybody has a pickup that could scale Mt. Everest without so much as breaking a sweat, the parking lot is in the middle of a field whose elevation change can be measured in microns. Just an island of asphalt with a sea of grass lapping at its black beaches. There one two-lane asphalt road leading up to the parking lot, similarly drenched in fields.
There is no seawall, no fence, no border of any sort. Except where the road meets the lot, however. Here there is a small aluminum swinging gate which is faithfully unlocked and opened half an hour before school starts and ends, and locked back half an hour before school starts and after school ends.
It is there, of course, to keep students from skipping class by driving off campus...
One thing you don't realize when you see it on television is just how big the garden is, and how far away the fence is.
But that's by the by. As I was walking around the boundary fence, I noticed a security guard, armed with what appeared to be a shotgun, hiding behind a bush. What was even stranger, he was attempting to, but failing, to hide from me, armed with what was obviously a digital camera and nothing else.
I continued walking around a bit, looking at him. He continued to edge around the particular shrub; again, trying, and failing, to keep out of my view.
It was so patently absurd that I felt like taking a photo of the scene, but given that the guy was carrying a shotgun and this was the White House, I thought it might be prudent to ask first.
So, I called out to the guy "excuse me, but do you mind if I take a photo"?
The reply comes back "no, don't take one". And he tries even harder, and fails, to hide himself.
This is despite the fact that anybody with a pair of binoculars, or a long lens camera, would have easily spotted the bloke from several hundred yards away. The Secret Service must, of course, know this, and probably had two other armed guards I hadn't spotted watching me.
For the life of me, I still don't understand what this guy was trying to achieve hiding behind the shrubbery. Look, everybody expects there to be guards in the White House gardens, some of whom you'll see, some of whom you won't unless you try something insanely stupid. But this whole hide-and-seek routine made absolutely no sense at all.
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
Applying for a work visa in the USA requires male applicants between 16 and 40 to fill out a supplemental form that asks for details of prior military experience (either as a combatant or a civilian), and any nuclear, biological or chemical weapons experience. There are too many problems with this retarded fucking system to count, here are a couple to get you started:
1. This is the 21st fucking century. What, are women incapable of understanding all that nucular stuff? Females aren't a threat?
2. Anyone over 40 is not even worth questioning?
3. Even if you are part of the tiny demographic that are even questioned, does Immigration think undesirables are going to tell the fucking truth on the application form?
sustainable living
When a support admin threatened to permanently kick him off of the system, he replied "That's OK. I won't be alive tomorrow."
Hmm... Elevated threat level, warnings of possible suicide attacks in the next day or so, and a fundamentalist muslim kid warning that he intends to die roughly in that time frame.... Sounds like something worth investigating (if only because we've got a kid that seems to be threatening to kill himeslf ... terrorism or no).
Being a Canadian, I call the Canadian 1-800 terrorism tip line (remember ... less than 6 months since 9/11) and find that it's been disconnected.
I then turn to US sources, and try to leave information in various places. Then I turn to the local US Consulate and leave an urgent message. After about 24 hours of trying various routes (both Canadian and US), I finally get a callback from a completely disinterested consular official who pretty much has the attitude of "explain to me why I shouldn't hang up on you".
Less than 6 months after 9/11, an orange threat level, and a suicidal fanatic on my site, and I'm fighting to explain why a US official should even take a report from me. "call us with any tips you might have" ... Yea, right!
That was the last time I took post 9/11 security fanaticism seriously. (other than as a threat to my civil rights).
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Please note that it is VERY difficult to conceal a 4-foot long rifle in the front pocket of a hooded sweatshirt. And walking around on the street with one is likely to get you very odd looks, if not phone calls to and visits from the police.
Or you could just come to England, where simply wearing the hooded sweatshirt is likely to get the same reaction.
Yeah, but the US has higher rates of death by people killed by knives than most other countries. We have higher rates of assault (often with cars) than other countries. We are unfortunately, a pretty violent country, with or without guns.
If you look at the situation holistically, it's not clear that guns are a primary cause of the violence. Gun ownership rates are highest in the rural areas, while gun violence rates are highest in the urban areas. This book, has some very interesting, and fairly rigorous statistical analysis.
Many students of the situation note that the gun violence didn't rise in the US, until the war on drugs ramped up. A large amount of gun violence is directly related to drug commerce.
I was taught to respect my elders. The trouble is, it's getting harder and harder to find some.