That's when you use something like the IBM ZTIC which moves the confirmation of bank transactions to a dedicated device that is hooked up to the PC, but only uses the connection as a method to talk via an encrypted connection to the bank. Because the device and the bank's servers are using their own encrypted channel, the only thing a compromised PC can do is try to jam or block the connection.
I've also seen another third party make a similar authentication device where it doesn't just display an eight digit number on the screen, or act as a smart card, but have an allow or deny button on a standalone LCD screen to confirm things.
I have always checked the PGP/gpg signature on any ISOs I download from anywhere, but once burned, this becomes a lot harder, as one can't just tell immediately if a disk has a copy of the OS that hasn't been touched.
Another round of attack, should some malware be able to get root-level would be to not bother with the ISO and similar to what the parent poster stated, perhaps install a modified BIOS. If an attacker is sophisticated, has a lot of intelligence on the business he or she wants to compromise, then they could write malware targeted just for that model of client PC alone, or perhaps just a device (like a keyboard with a flashable HID controller) to make it log keystrokes and store them in a safe place for easy retrieval later on.
What might be a solution would be to have motherboards with a flash drive of 32 to 64 GB directly on the board. Then someone can install or image an OS to this, and set it read only. This way, no external media readers would be needed, and a PC could pre-image the OS on there, and ship the machine with just the PS/2 keyboard. PS/2 mouse port monitor port, and a NIC (no USB connectors). However, at this stage, this is essentially a thin client with a custom OS.
Of course, a diskless system running Linux would reduce the chance of malware on clients, but perhaps if a company is dependent on Windows, almost as good security (and I state almost) would be obtained from denying admin access and using something like DeepFreeze, Windows SteadyState, or similar?
Combine DeepFreeze with AppLocker, some decent enterprise antivirus utilities, BitLocker, and the usual physical and BIOS protection on a machine, and one can make a decently locked down terminal that can cleanly run Windows apps. Should additional software be needed, no need to install it, just use something like VMWare ThinApp and have it runnable from a central location.
There is nothing wrong with a diskless system and booting from a CD-ROM. However, unless one creates a custom image with reliable enterprise level auditing tools, it becomes difficult to extract data from a group of PCs (and this is important for larger businesses come tax season, or regulatory compliance), and it is definitely an issue to add or update software without a reboot, unless it is a precompiled binary on a central server that people run.
Also, instead of running live CDs, why not consider going to a vendor like Wyse and going with truly thin technology? This way, there is little to no fiddling with the client side. If a thin terminal has a problem, just swap it out for another one, chuck the old one in the RMA box and be done with it. This is arguably a lot easier than the cost for maintaining standard PCs [1].
[1]: I'm primarily intending enterprise level here. For some SMBs, it is a lot cheaper to go with a boot CD and a generic PC, but for larger companies, it may mean more futzing around with stuff for their IT staff, especially on the scale of thousands of endpoints. If I had a startup with a call center of 5 people, PCs are a lot more economical. However, 500 to 1000 people in a non-technical call center, then I'd take a serious look at thin terminals and a beefy internal network fabric.
I think EMC knows what they are doing. To mangle the English quote, "the sun does not set on the EMC empire." As a consumer, I use their products at three levels: VMWare, Retrospect, and Mozy. A business would use them constantly, from the SAN for the critical production databases, to Networker for the backups, to the VMWare infrastructure which makes physical hardware replacement less of an issue, to ThinApp for deploying Word to locked down boxes in finance which need a lot of approvals before any modifications are done to the install images as admin, to yanking out a keyfob made by EMC to log on a box as root.
EMC may not have the best consumer level marketing, but step into the business world, and you will be dealing with their products most of the day, even if it is indirectly.
I think the key here is is the person interested enough in coding that they are willing to keep improving themselves as a programmer versus someone who just programs enough to "do their eight and out the gate", and has little interest in much other than making the deadlines.
It is a tough balance: On one hand, life has far more to offer than just spending time coding work stuff 24/7 and being essentially a one trick pony. On the other hand, one needs to keep some interest in their occupation and perhaps continuing to grow in it, to keep at a professional standard. It is easy to get stagnant in the computer industry, so keeping with the times is important.
This is one reason that nuclear magnetic resonance was renamed magnetic resonance imaging for hospital use. The word "nuclear" was dropped as not to scare patients.
MSDN, Technet, enterprises with an SA agreement, and OEMs were given access to the RTM version of Windows 7 back in August. However, the boxed retail sets are not until October 22.
This shows something, that Windows 7 is good enough that people are running the trial of it en masse. The date that will confirm this trend is when W7 gets released to the street for both upgrades and bundled with new PCs, on October 22.
The Feds need security too. I'm sure, if there is any weaknesses (and this is theory mind you, not anything based in fact), it likely would be the larger organizations having knowledge (or specialized hardware like a TWIRL device which is just theory as of now) of how to factor public keys faster than conventional brute force ways. I'm pretty sure a lot of machines out there (especially ssh v1 boxes) still have 512 bit keys as their host key, and if someone targeted that box specifically, they could obtain the key, then try to insert themselves into the network stream for a MITM attack against people logging on via remote.
The SSH v2 protocol by itself has proven quite strong, and is one of the two bigger protocols for sending encrypted data over the Internet with decent security. Perhaps three, factoring in PPTP.
The only other protocol available at the time that might have even approached SSH would be a SSL based telnet. I'm not sure how rlogin would have been secured (because it is UDP based), but it likely would be nowhere near as elegant as what ssh offers.
To boot, neither telnet or rlogin offered port forwarding (which meant an easy way to use X clients over an insecure network), variable security methods (so you wouldn't need to worry about a password, but could use a private.identity key), multiple encryption algorithms (in v2.)
So overall, even with the hurdle of the ssh/openSSH mess in the early part of the decade and the re-implementation of v1 and v2 of the protocol, ssh is as part of daily life for almost any admin as DHCP is, perhaps more so since a lot of admins use static IPs.
Last time I checked, the Volt's gasoline engine was not part of the powertrain, but used as a generator to keep the batteries going after the charge gets low. It is only directly moving on the electric motor subsystem.
There is no way MS's security software is going to sweep over the market. Even 15 years ago when Microsoft put in MSAV into their release of DOS, it did not dent sales in Norton's product. In fact, it actually helped the industry because Microsoft set the baseline that all other AV programs have to leapfrog.
MSE also doesn't cover all bases that third party vendors do. For example, if I have to deal with someone's PC that is infected and they don't have any media with them, there is a good chance that with both a manual go through via RegEdit and the filesystem, then a subsequent install of some popular AV/anti-malware software, that the system will have a high chance of being clean. (Of course, I rather recommend a backup and complete reinstall under the lines of nuking from orbit, the only way to make sure, but often, people don't have media for their OS.)
All and all, everyone benefits from this software. Users benefit because they have a basic level of protection that is updated constantly and can figure out in some time period what an unknown threat is, and how it is spreading. Other users and companies on the Internet benefit because it means fewer machines that are compromised and sending out spam or being used as bases for subsequent attacks. Microsoft benefits because fewer major breaches gives less mud for detractors to sling at them. Even other AV companies benefit because they will end up having features that users will want and expressly buy their product for. For example, Symantec has as one of the big sales points the enterprise managability that SEP offers on the business end. On the consumer end, they offer backup software and such.
One idea may to be divide the file into archive segments, all with a CRC. Then you know which file parts on damaged DVD "A" are recoverable, and which are on damaged DVD "B". Then combine those, plus recovery info, and there is a high chance of recovering the complete package.
I like multiple backup levels, such as keeping them on a RAID device, tapes, archival DVDs, and in the cloud. This way, should some means of backup fail (cloud provider declares bankruptcy), you have at least 2-3 others.
Don't forget error correction and recovery. Undetected bitrot for long term archiving is not a good thing. Just having CRCs and/or cryptographic signatures will just tell you that something got corrupted, but won't help fix it.
On the DVD front, something like DVDDisaster and a MD5 signature utility should help there. For data files in general, something that does.PAR records, or an archive format (WinRAR, StuffIt Deluxe) that supports built in recovery records. Of course archive formats suffer the issue of making sure the archiving program is still around in the future.
This reminds me of a time way back when 14.4k was common (yes, it was a relative eon ago). A certain ISP I happened to bump into viewed that 9600 bps or higher actually encouraged warez transfers. So, this ISP didn't just just limit modem speed to 2400bps, but threatened to remove the account of any user who asked why it was done, because "normal, law abiding" people checking E-mail or using Netscape using Trumpet Winsock and Eudora never needed any more than that. They even viewed that the artifical limits on bps also discouraged hackers from war-dialing their modem bank.
This stuff is SSDD, except that the technology has moved from dialup to broadband.
I'm probably sure someone who managed to breach a large company and pwn the HR department might offer that as a service where one's resume would "pass" all the keyword searches while others get dequeued.
It would be similar to those services which offer to spy on someone else, by sending them a Trojan with a keylogger via E-mail, or a phishing attack. (There was/. article on something like that.)
It wouldn't be a service a wise person should patronize. First, the breach is likely to get discovered and patched, so after a time, all resumes coming in mysteriously would be flagged and handed over to law enforcement. Second, if someone did get the job, the same blackhats who offered the resume "service" would turn around and demand hush money, else the info about the resume and the breach would be handed to the company and LEOs.
Gateway stores would have been far more successful if you didn't have to special order and wait for a computer. Had they spent the cash and had inventory at their stores, I'm almost sure they would have made a much bigger impact.
There is one thing Apple has that few other consumer level companies give, and that is service. Apple Numbers has glitches? Call Apple or hit a Genius bar, and it doesn't matter if it is the hardware, the app, or the OS, they will at least try to fix it. They may not be perfect, but this is better for the nontechnical home user than the usual "call the hardware/OS/app/software guy, don't bother us" that is common in the PC world. This is also the same reason why IBM, Oracle, Cisco and Sun rake in the big cash. For production, people don't want to try to figure where in their stack the issue is, they want it fixed ASAP regardless if it is an app, RDBMS, OS, or hardware problem.
Had Gateway offered this service where people could come in with their machine, and someone would be able to at least point them in a direction, be it a broken app, software, Windows, or the GW hardware, I am almost certain the stores would still be turning a positive ROI. Of course, this would mean tacking on a price difference to afford this, but perhaps Gateway might have been better off as positioning as a higher end computer place with personal service, similar to Alienware or IBM/Lenovo.
My question is, what can Microsoft do with their stores to make them worth the investment? Some ideas occur to me, but they are not really consumer level. One of them is partnering with HP or another PC vendor, and having preconfigured, turnkey appliances ready to go out the door. SMB needs to go with Exchange? Hit the MS store, buy a rack frame, DC, Exchange edge server for outgoing/incoming mail, Exchange edge server for OWA/POP/IMAP, and two servers for the central hub mailbox storage. Another business needs a large document repository? Sell a preconfigured, ready to go tower with SharePoint installed, and some consultant service time to get it up and integrated.
Consumer level, it is a lot harder. Perhaps preconfigured/preinstalled PCs that have more than just the basic bloatware. For example, laptops that ship with Enterprise or Ultimate Windows 7 editions, Office Professional, a no nonsense corporate edition antivirus utility. Another example would be a PC in a Media Center/HTPC case that is configured with the latest CableCARD stuff, large capacity, low-noise drives and mountings. Finally, another example would be a Windows Home Server box from HP that someone can buy off the shelf and start using as backups. In all the above examples, the key to customer sat would be having some form of support, either by phone or in person.
In any case, part of a company that is middle sized should be a staging/test lab. This is where not just major upgrades are performed, but tests to see if a patch bundle from Windows Update will break anything. This doesn't just apply to just Windows. I've seen 0.01 minor updates on production UNIX clusters completely bring things to a screeching halt.
At least he should ask for budge for a staging environment where he can mirror an image of the production boxes in a lab and see how they take to SQL Server 2008. Assuming that the database containers are sanely laid out, the SAN interface (and other hardware) works with Windows Server 2008 R2, the upgrade shouldn't be too bad.
Other than getting the hardware to work with the latest OS, and the apps to communicate correctly with SQL Server 2008 (which also shouldn't be hard unless something really strange is going on), it would consist of making sure all database data (containers, indexes, logs, archive logs) are all happily sitting on the SAN, power off the old boxes, power up the new machines that have the latest OS and RDBMS rev, import the databases and users and check that the apps connect. Of course, there are always issues (getting the users to match and such), but it shouldn't be too difficult, especially if its run in a test/staging environment 2-3 times, and there is a way to go "oh crap" and re-import the database containers on the old boxes.
This is nothing against Google, but I wish more colleges would "pack their own parachute", and keep a system so critical as to a school's function like E-mail in house.
First that comes to mind is that if their IT staff knows what they are doing, it isn't hard to create an extremely fast, responsive, and secure sitewise E-mail configurations. One could use a high end Solaris or AIX machine that does it all, multiple servers for security and separation of duties (SMTP out go to one box, POP/IMAP/Zimbra another), or Exchange (in whatever configuration [1] works best for the university.)
Second, it allows a university to know how things are backed up. If you have a good drive array and a backup system, a university can not just have solid backups of E-mail, but be able to have a solid archive mechanism so they can pull archived/deleted users out of the system for audit or legal reasons.
Third, if the university loses its internet connection, intranet mail can go through.
Fourth, guarentees like storing all E-mail on encrypted partitions, servers with specific configurations can be implemented.
Fifth, should a university move to a setup using SecurID or smart cards (I think Tulane University moved to Aladdin eTokens for all access which made phishing pretty much a thing of the past), it would be trivial to do, as opposed to a cloud provider that may or may not support the enhanced access.
Call me old fashioned, but some services you can outsource, others such as E-mail, really need to stay as close to home as possible.
[1]: Probably the best setup for a medium size university would be to have a hub/edge server setup, so if the DMZ box got compromised, it wouldn't mean the mailboxes themselves are easily obtained.
The first is that every new feature needs to be tested for software regressions thoroughly. Not to mention unexpected code or content interactions that players can use to gain a disproportionate disadvantage.
For example, there was a bug with one game where if one knew the constants that skills were named, one could try manually type in the skill name and learn it, even if that skill was never a part of that class. So you would have warriors running around who could open a fight with a backstab, keep themselves healed up, and cast offensive spells at the target. Of course, unless someone explicitly looked at the PC database, the only way any devs would find this issue would be someone else ratting it out.
This is compounded by the fact that it is in the player's best interest to not tell anyone if they discover something (say an ability/item combination that is immensely unbalanced) The QA team will only find out if someone explicitly points it out, or if the logs show that someone is doing a disproportionate amount of damage or healing for their level and gear range.
In a way, it goes back to adding new features on MUDs back when people were running those almost everywhere. Instead of outright banning exploiters, you log every single action they take, and figure out what exactly they are doing, then start fixing what they do silently. If they are finding a way to stack a certain buff, then add a numeric limit to how many can be stacked, or divide the effect of each buff by the number stacked, so a person can stack 1500 enhanced belches, and it would have the effect of just one belch buff. You may luck out and get someone entering the item as a/bug, but almost nobody wants to have their secret advantage taken away from them, so in reality, you can't depend on this. Some people, it may bring them a lot of real dollars if they are able to create a dupe bug.
The next biggest weakness is having to trust the client for some actions. Latency is always an issue, so in most MMOs, the client is trusted in keeping charge of where the player is located, and telling the server if the character took environmental damage. Of course, an adept programmer with a disassembler can find where in memory this info is stored, and gain an immediate advantage by having his character warp around terrain or take shortcuts to get places. This is very hard to fix because of latency. One can use a "rubber-banding" algorithm that moves a player back to what the server thinks is a sane spot depending on how much time passes, but that has some problems.
Usually one solution that almost all MMO makers use is something like WoW's Warden, Valve's VAC, StarForce's FL MMOG, or another program that scans processes for known signatures of hack utilities, as well as watches for programs changing RAM entries in the MMO client. This is not a perfect technology since it ends up a constant arms race, but it pretty much gets rid of all but the top cheaters who are not going to share their "trainer" programs with others.
I have done that. At one place I worked where I was running a dictionary guesser, people whose passwords ended up being guessed, I just silently forced a password change. Usually the person will grumble, change their password and that will be the end of that. This is assuming the operating systems or apps have some sort of password strength meter built in, because if they don't, "hunter2" will be replaced by "hunter3".
You couldn't have said it better. All it takes is a tweet about "woo, new products at my work to play with that have 8 GB of RAM per core", for a competitor to find it, go "hmm, maybe we should tell our devs that their kill point for their product refresh will be the amount of RAM independently addressable", and then come product release time, the competitor has 12 GB of RAM per core.
People don't call their friends up and tell them about company secrets. I don't get why they slap it on social networking sites for not just friends, but everyone can see it. And everyone usually includes people you really don't want knowing stuff about you or your workplace. Even seemingly boring stuff like posting a work schedule can get adept thieves to know when to do a burglary.
There is a middle ground for cases though. At the low end, you have cases which will do the job, but the metal is stamped and it will hold what you need (barely), but there are plenty of jagged edges to watch out for. Also, you sometimes have to wiggle lower end cases a bit to get the covers back on. I have one generic case that offered 10 drive bays, but in reality only a fraction of them were usable because of how cables and such were routed. This case at least offered the ability to have multiple fan mounts so I could just use a number of fans set on a low speed.
A good case has finger-saving rolled edges, and is a lot better built with better tolerances. You don't have to wiggle the case to squeeze that last hard disk in the rails. The case has better airflow routing and quieter fans. Finally the switches on the front are made well enough that you don't fear breaking plastic when you reach for the reset button. Of course, accessibility is a factor. I have seen one case offer 10 3.5" drawers for the drives (as well as the usual 5.25" bays). This made adding and removing drives very easy, where one just screwed in the drive on the bottom, slid the drawer in, and plugged in the SATA cabling.
Of course, there is a diminishing returns on spending money, but there is a point where people should consider a case that costs enough so it is easy to work inside without having too many blood sacrifices. Since people reuse cases, it is always good to buy a quality case, as opposed to something that is a pain to work with when it comes time to change out the motherboard.
Google, OpenID, and Wave Systems have very good names to protect. Any type of civilian PKI that mirrors the CAC-based one on the DoD side (assuming it is implemented securely using HSMs to protect root and subroot keys), will bring a lot of security, and lower the attack surface in general.
This doesn't mean things will be completely secure, but it means that the ante will be upped to either compromising endpoints smart cards are used (to get the PIN and silently log on with the card), compromising the PKI, compromising the smart card itself (side channel attacks on the chip), factoring the critical RSA keys (and I REALLY hope they are bigger than the usual 2048 bit max size than most smart cards offer), or compromising the keys in the HSMs (either by buying off someone so they allow a bogus signing, or physically seize and find access for one of the hardware key storages.) This is a lot more secure than just usernames/passwords which can be compromised almost anywhere in the chain.
That's when you use something like the IBM ZTIC which moves the confirmation of bank transactions to a dedicated device that is hooked up to the PC, but only uses the connection as a method to talk via an encrypted connection to the bank. Because the device and the bank's servers are using their own encrypted channel, the only thing a compromised PC can do is try to jam or block the connection.
I've also seen another third party make a similar authentication device where it doesn't just display an eight digit number on the screen, or act as a smart card, but have an allow or deny button on a standalone LCD screen to confirm things.
I have always checked the PGP/gpg signature on any ISOs I download from anywhere, but once burned, this becomes a lot harder, as one can't just tell immediately if a disk has a copy of the OS that hasn't been touched.
Another round of attack, should some malware be able to get root-level would be to not bother with the ISO and similar to what the parent poster stated, perhaps install a modified BIOS. If an attacker is sophisticated, has a lot of intelligence on the business he or she wants to compromise, then they could write malware targeted just for that model of client PC alone, or perhaps just a device (like a keyboard with a flashable HID controller) to make it log keystrokes and store them in a safe place for easy retrieval later on.
What might be a solution would be to have motherboards with a flash drive of 32 to 64 GB directly on the board. Then someone can install or image an OS to this, and set it read only. This way, no external media readers would be needed, and a PC could pre-image the OS on there, and ship the machine with just the PS/2 keyboard. PS/2 mouse port monitor port, and a NIC (no USB connectors). However, at this stage, this is essentially a thin client with a custom OS.
Devil's advocate here:
Of course, a diskless system running Linux would reduce the chance of malware on clients, but perhaps if a company is dependent on Windows, almost as good security (and I state almost) would be obtained from denying admin access and using something like DeepFreeze, Windows SteadyState, or similar?
Combine DeepFreeze with AppLocker, some decent enterprise antivirus utilities, BitLocker, and the usual physical and BIOS protection on a machine, and one can make a decently locked down terminal that can cleanly run Windows apps. Should additional software be needed, no need to install it, just use something like VMWare ThinApp and have it runnable from a central location.
There is nothing wrong with a diskless system and booting from a CD-ROM. However, unless one creates a custom image with reliable enterprise level auditing tools, it becomes difficult to extract data from a group of PCs (and this is important for larger businesses come tax season, or regulatory compliance), and it is definitely an issue to add or update software without a reboot, unless it is a precompiled binary on a central server that people run.
Also, instead of running live CDs, why not consider going to a vendor like Wyse and going with truly thin technology? This way, there is little to no fiddling with the client side. If a thin terminal has a problem, just swap it out for another one, chuck the old one in the RMA box and be done with it. This is arguably a lot easier than the cost for maintaining standard PCs [1].
[1]: I'm primarily intending enterprise level here. For some SMBs, it is a lot cheaper to go with a boot CD and a generic PC, but for larger companies, it may mean more futzing around with stuff for their IT staff, especially on the scale of thousands of endpoints. If I had a startup with a call center of 5 people, PCs are a lot more economical. However, 500 to 1000 people in a non-technical call center, then I'd take a serious look at thin terminals and a beefy internal network fabric.
I think EMC knows what they are doing. To mangle the English quote, "the sun does not set on the EMC empire." As a consumer, I use their products at three levels: VMWare, Retrospect, and Mozy. A business would use them constantly, from the SAN for the critical production databases, to Networker for the backups, to the VMWare infrastructure which makes physical hardware replacement less of an issue, to ThinApp for deploying Word to locked down boxes in finance which need a lot of approvals before any modifications are done to the install images as admin, to yanking out a keyfob made by EMC to log on a box as root.
EMC may not have the best consumer level marketing, but step into the business world, and you will be dealing with their products most of the day, even if it is indirectly.
I think the key here is is the person interested enough in coding that they are willing to keep improving themselves as a programmer versus someone who just programs enough to "do their eight and out the gate", and has little interest in much other than making the deadlines.
It is a tough balance: On one hand, life has far more to offer than just spending time coding work stuff 24/7 and being essentially a one trick pony. On the other hand, one needs to keep some interest in their occupation and perhaps continuing to grow in it, to keep at a professional standard. It is easy to get stagnant in the computer industry, so keeping with the times is important.
This is one reason that nuclear magnetic resonance was renamed magnetic resonance imaging for hospital use. The word "nuclear" was dropped as not to scare patients.
MSDN, Technet, enterprises with an SA agreement, and OEMs were given access to the RTM version of Windows 7 back in August. However, the boxed retail sets are not until October 22.
This shows something, that Windows 7 is good enough that people are running the trial of it en masse. The date that will confirm this trend is when W7 gets released to the street for both upgrades and bundled with new PCs, on October 22.
The Feds need security too. I'm sure, if there is any weaknesses (and this is theory mind you, not anything based in fact), it likely would be the larger organizations having knowledge (or specialized hardware like a TWIRL device which is just theory as of now) of how to factor public keys faster than conventional brute force ways. I'm pretty sure a lot of machines out there (especially ssh v1 boxes) still have 512 bit keys as their host key, and if someone targeted that box specifically, they could obtain the key, then try to insert themselves into the network stream for a MITM attack against people logging on via remote.
The SSH v2 protocol by itself has proven quite strong, and is one of the two bigger protocols for sending encrypted data over the Internet with decent security. Perhaps three, factoring in PPTP.
The only other protocol available at the time that might have even approached SSH would be a SSL based telnet. I'm not sure how rlogin would have been secured (because it is UDP based), but it likely would be nowhere near as elegant as what ssh offers.
To boot, neither telnet or rlogin offered port forwarding (which meant an easy way to use X clients over an insecure network), variable security methods (so you wouldn't need to worry about a password, but could use a private .identity key), multiple encryption algorithms (in v2.)
So overall, even with the hurdle of the ssh/openSSH mess in the early part of the decade and the re-implementation of v1 and v2 of the protocol, ssh is as part of daily life for almost any admin as DHCP is, perhaps more so since a lot of admins use static IPs.
Last time I checked, the Volt's gasoline engine was not part of the powertrain, but used as a generator to keep the batteries going after the charge gets low. It is only directly moving on the electric motor subsystem.
There is no way MS's security software is going to sweep over the market. Even 15 years ago when Microsoft put in MSAV into their release of DOS, it did not dent sales in Norton's product. In fact, it actually helped the industry because Microsoft set the baseline that all other AV programs have to leapfrog.
MSE also doesn't cover all bases that third party vendors do. For example, if I have to deal with someone's PC that is infected and they don't have any media with them, there is a good chance that with both a manual go through via RegEdit and the filesystem, then a subsequent install of some popular AV/anti-malware software, that the system will have a high chance of being clean. (Of course, I rather recommend a backup and complete reinstall under the lines of nuking from orbit, the only way to make sure, but often, people don't have media for their OS.)
All and all, everyone benefits from this software. Users benefit because they have a basic level of protection that is updated constantly and can figure out in some time period what an unknown threat is, and how it is spreading. Other users and companies on the Internet benefit because it means fewer machines that are compromised and sending out spam or being used as bases for subsequent attacks. Microsoft benefits because fewer major breaches gives less mud for detractors to sling at them. Even other AV companies benefit because they will end up having features that users will want and expressly buy their product for. For example, Symantec has as one of the big sales points the enterprise managability that SEP offers on the business end. On the consumer end, they offer backup software and such.
Very good idea, that should be assumed.
One idea may to be divide the file into archive segments, all with a CRC. Then you know which file parts on damaged DVD "A" are recoverable, and which are on damaged DVD "B". Then combine those, plus recovery info, and there is a high chance of recovering the complete package.
I like multiple backup levels, such as keeping them on a RAID device, tapes, archival DVDs, and in the cloud. This way, should some means of backup fail (cloud provider declares bankruptcy), you have at least 2-3 others.
Don't forget error correction and recovery. Undetected bitrot for long term archiving is not a good thing. Just having CRCs and/or cryptographic signatures will just tell you that something got corrupted, but won't help fix it.
On the DVD front, something like DVDDisaster and a MD5 signature utility should help there. For data files in general, something that does .PAR records, or an archive format (WinRAR, StuffIt Deluxe) that supports built in recovery records. Of course archive formats suffer the issue of making sure the archiving program is still around in the future.
This reminds me of a time way back when 14.4k was common (yes, it was a relative eon ago). A certain ISP I happened to bump into viewed that 9600 bps or higher actually encouraged warez transfers. So, this ISP didn't just just limit modem speed to 2400bps, but threatened to remove the account of any user who asked why it was done, because "normal, law abiding" people checking E-mail or using Netscape using Trumpet Winsock and Eudora never needed any more than that. They even viewed that the artifical limits on bps also discouraged hackers from war-dialing their modem bank.
This stuff is SSDD, except that the technology has moved from dialup to broadband.
I'm probably sure someone who managed to breach a large company and pwn the HR department might offer that as a service where one's resume would "pass" all the keyword searches while others get dequeued.
It would be similar to those services which offer to spy on someone else, by sending them a Trojan with a keylogger via E-mail, or a phishing attack. (There was /. article on something like that.)
It wouldn't be a service a wise person should patronize. First, the breach is likely to get discovered and patched, so after a time, all resumes coming in mysteriously would be flagged and handed over to law enforcement. Second, if someone did get the job, the same blackhats who offered the resume "service" would turn around and demand hush money, else the info about the resume and the breach would be handed to the company and LEOs.
Gateway stores would have been far more successful if you didn't have to special order and wait for a computer. Had they spent the cash and had inventory at their stores, I'm almost sure they would have made a much bigger impact.
There is one thing Apple has that few other consumer level companies give, and that is service. Apple Numbers has glitches? Call Apple or hit a Genius bar, and it doesn't matter if it is the hardware, the app, or the OS, they will at least try to fix it. They may not be perfect, but this is better for the nontechnical home user than the usual "call the hardware/OS/app/software guy, don't bother us" that is common in the PC world. This is also the same reason why IBM, Oracle, Cisco and Sun rake in the big cash. For production, people don't want to try to figure where in their stack the issue is, they want it fixed ASAP regardless if it is an app, RDBMS, OS, or hardware problem.
Had Gateway offered this service where people could come in with their machine, and someone would be able to at least point them in a direction, be it a broken app, software, Windows, or the GW hardware, I am almost certain the stores would still be turning a positive ROI. Of course, this would mean tacking on a price difference to afford this, but perhaps Gateway might have been better off as positioning as a higher end computer place with personal service, similar to Alienware or IBM/Lenovo.
My question is, what can Microsoft do with their stores to make them worth the investment? Some ideas occur to me, but they are not really consumer level. One of them is partnering with HP or another PC vendor, and having preconfigured, turnkey appliances ready to go out the door. SMB needs to go with Exchange? Hit the MS store, buy a rack frame, DC, Exchange edge server for outgoing/incoming mail, Exchange edge server for OWA/POP/IMAP, and two servers for the central hub mailbox storage. Another business needs a large document repository? Sell a preconfigured, ready to go tower with SharePoint installed, and some consultant service time to get it up and integrated.
Consumer level, it is a lot harder. Perhaps preconfigured/preinstalled PCs that have more than just the basic bloatware. For example, laptops that ship with Enterprise or Ultimate Windows 7 editions, Office Professional, a no nonsense corporate edition antivirus utility. Another example would be a PC in a Media Center/HTPC case that is configured with the latest CableCARD stuff, large capacity, low-noise drives and mountings. Finally, another example would be a Windows Home Server box from HP that someone can buy off the shelf and start using as backups. In all the above examples, the key to customer sat would be having some form of support, either by phone or in person.
Typo: He should ask for a budget.
In any case, part of a company that is middle sized should be a staging/test lab. This is where not just major upgrades are performed, but tests to see if a patch bundle from Windows Update will break anything. This doesn't just apply to just Windows. I've seen 0.01 minor updates on production UNIX clusters completely bring things to a screeching halt.
At least he should ask for budge for a staging environment where he can mirror an image of the production boxes in a lab and see how they take to SQL Server 2008. Assuming that the database containers are sanely laid out, the SAN interface (and other hardware) works with Windows Server 2008 R2, the upgrade shouldn't be too bad.
Other than getting the hardware to work with the latest OS, and the apps to communicate correctly with SQL Server 2008 (which also shouldn't be hard unless something really strange is going on), it would consist of making sure all database data (containers, indexes, logs, archive logs) are all happily sitting on the SAN, power off the old boxes, power up the new machines that have the latest OS and RDBMS rev, import the databases and users and check that the apps connect. Of course, there are always issues (getting the users to match and such), but it shouldn't be too difficult, especially if its run in a test/staging environment 2-3 times, and there is a way to go "oh crap" and re-import the database containers on the old boxes.
This is nothing against Google, but I wish more colleges would "pack their own parachute", and keep a system so critical as to a school's function like E-mail in house.
First that comes to mind is that if their IT staff knows what they are doing, it isn't hard to create an extremely fast, responsive, and secure sitewise E-mail configurations. One could use a high end Solaris or AIX machine that does it all, multiple servers for security and separation of duties (SMTP out go to one box, POP/IMAP/Zimbra another), or Exchange (in whatever configuration [1] works best for the university.)
Second, it allows a university to know how things are backed up. If you have a good drive array and a backup system, a university can not just have solid backups of E-mail, but be able to have a solid archive mechanism so they can pull archived/deleted users out of the system for audit or legal reasons.
Third, if the university loses its internet connection, intranet mail can go through.
Fourth, guarentees like storing all E-mail on encrypted partitions, servers with specific configurations can be implemented.
Fifth, should a university move to a setup using SecurID or smart cards (I think Tulane University moved to Aladdin eTokens for all access which made phishing pretty much a thing of the past), it would be trivial to do, as opposed to a cloud provider that may or may not support the enhanced access.
Call me old fashioned, but some services you can outsource, others such as E-mail, really need to stay as close to home as possible.
[1]: Probably the best setup for a medium size university would be to have a hub/edge server setup, so if the DMZ box got compromised, it wouldn't mean the mailboxes themselves are easily obtained.
MMOs have one two weaknesses:
The first is that every new feature needs to be tested for software regressions thoroughly. Not to mention unexpected code or content interactions that players can use to gain a disproportionate disadvantage.
For example, there was a bug with one game where if one knew the constants that skills were named, one could try manually type in the skill name and learn it, even if that skill was never a part of that class. So you would have warriors running around who could open a fight with a backstab, keep themselves healed up, and cast offensive spells at the target. Of course, unless someone explicitly looked at the PC database, the only way any devs would find this issue would be someone else ratting it out.
This is compounded by the fact that it is in the player's best interest to not tell anyone if they discover something (say an ability/item combination that is immensely unbalanced) The QA team will only find out if someone explicitly points it out, or if the logs show that someone is doing a disproportionate amount of damage or healing for their level and gear range.
In a way, it goes back to adding new features on MUDs back when people were running those almost everywhere. Instead of outright banning exploiters, you log every single action they take, and figure out what exactly they are doing, then start fixing what they do silently. If they are finding a way to stack a certain buff, then add a numeric limit to how many can be stacked, or divide the effect of each buff by the number stacked, so a person can stack 1500 enhanced belches, and it would have the effect of just one belch buff. You may luck out and get someone entering the item as a /bug, but almost nobody wants to have their secret advantage taken away from them, so in reality, you can't depend on this. Some people, it may bring them a lot of real dollars if they are able to create a dupe bug.
The next biggest weakness is having to trust the client for some actions. Latency is always an issue, so in most MMOs, the client is trusted in keeping charge of where the player is located, and telling the server if the character took environmental damage. Of course, an adept programmer with a disassembler can find where in memory this info is stored, and gain an immediate advantage by having his character warp around terrain or take shortcuts to get places. This is very hard to fix because of latency. One can use a "rubber-banding" algorithm that moves a player back to what the server thinks is a sane spot depending on how much time passes, but that has some problems.
Usually one solution that almost all MMO makers use is something like WoW's Warden, Valve's VAC, StarForce's FL MMOG, or another program that scans processes for known signatures of hack utilities, as well as watches for programs changing RAM entries in the MMO client. This is not a perfect technology since it ends up a constant arms race, but it pretty much gets rid of all but the top cheaters who are not going to share their "trainer" programs with others.
I have done that. At one place I worked where I was running a dictionary guesser, people whose passwords ended up being guessed, I just silently forced a password change. Usually the person will grumble, change their password and that will be the end of that. This is assuming the operating systems or apps have some sort of password strength meter built in, because if they don't, "hunter2" will be replaced by "hunter3".
You couldn't have said it better. All it takes is a tweet about "woo, new products at my work to play with that have 8 GB of RAM per core", for a competitor to find it, go "hmm, maybe we should tell our devs that their kill point for their product refresh will be the amount of RAM independently addressable", and then come product release time, the competitor has 12 GB of RAM per core.
People don't call their friends up and tell them about company secrets. I don't get why they slap it on social networking sites for not just friends, but everyone can see it. And everyone usually includes people you really don't want knowing stuff about you or your workplace. Even seemingly boring stuff like posting a work schedule can get adept thieves to know when to do a burglary.
There is a middle ground for cases though. At the low end, you have cases which will do the job, but the metal is stamped and it will hold what you need (barely), but there are plenty of jagged edges to watch out for. Also, you sometimes have to wiggle lower end cases a bit to get the covers back on. I have one generic case that offered 10 drive bays, but in reality only a fraction of them were usable because of how cables and such were routed. This case at least offered the ability to have multiple fan mounts so I could just use a number of fans set on a low speed.
A good case has finger-saving rolled edges, and is a lot better built with better tolerances. You don't have to wiggle the case to squeeze that last hard disk in the rails. The case has better airflow routing and quieter fans. Finally the switches on the front are made well enough that you don't fear breaking plastic when you reach for the reset button. Of course, accessibility is a factor. I have seen one case offer 10 3.5" drawers for the drives (as well as the usual 5.25" bays). This made adding and removing drives very easy, where one just screwed in the drive on the bottom, slid the drawer in, and plugged in the SATA cabling.
Of course, there is a diminishing returns on spending money, but there is a point where people should consider a case that costs enough so it is easy to work inside without having too many blood sacrifices. Since people reuse cases, it is always good to buy a quality case, as opposed to something that is a pain to work with when it comes time to change out the motherboard.
Google, OpenID, and Wave Systems have very good names to protect. Any type of civilian PKI that mirrors the CAC-based one on the DoD side (assuming it is implemented securely using HSMs to protect root and subroot keys), will bring a lot of security, and lower the attack surface in general.
This doesn't mean things will be completely secure, but it means that the ante will be upped to either compromising endpoints smart cards are used (to get the PIN and silently log on with the card), compromising the PKI, compromising the smart card itself (side channel attacks on the chip), factoring the critical RSA keys (and I REALLY hope they are bigger than the usual 2048 bit max size than most smart cards offer), or compromising the keys in the HSMs (either by buying off someone so they allow a bogus signing, or physically seize and find access for one of the hardware key storages.) This is a lot more secure than just usernames/passwords which can be compromised almost anywhere in the chain.