Somehow, I believe that in the schools that are so eager to teach "intelligent" design, evolution won't get a logical analysis or an open and objective discussion.
Just watch. People who think killing themselves and others makes them martyrs and guarantees some place in heaven. People who fund Israel to attack Palestinians because they believe it will bring "judgment day" and the return of Jesus that much faster. People who refuse to do anything about the pollution and climate change they are producing because it's "God's will". Etc.
I have to wonder if the religious persecutions of old weren't at least partly right.
The cost of a superstitious society, that refuses to do anything about the current predicament of the nation and world and puts the outcome "in God's hands", will unfortunately be huge.
Tim: However, market research has also shown that there are some home theater aficionados that actually love to hear multiple, noisy, loud, clicking and whirring fans. We've decided to just use a low-quality chipset and codec to meet those people's expectations...
Why do Apple's Safari vulnerabilities on both Windows and Mac make all *nix stuff look bad? I think this is one case where fanboy mods or no, the point fails.
All vulnerabilities in Safari do is make Apple look bad. Apple controls their OS and their applications. Linux doesn't come with Safari and yet it is a *nix flavor. Most Apple users probably don't even realize that OSX is Apple's GUI over BSD.
Personally, I'll take Linux over OSX or Windows any day.
SFTP is also used. I guess it has been co-opted from simple file transfer protocol which I don't think is used much any more because of its security weaknesses.
There are a lot of good posts in this topic. Especially the ones about the legal issues.
These days a big issue is CYA when it comes to people's personal data. As others have noted, be sure to investigate any laws that might define how the data must be treated if it has to go off site. Be sure that your management signs off on the procedure and be sure you can document it.
The days of just letting people download data are long gone. And don't use FTP if you do. Use the secure version (sftp) and encrypt the data before it transfers. That way it's an encrypted tunnel carrying encrypted data. But I wouldn't recommend this method. I'd get a signed chain of custody with media physically delivered and assurances that all copies of the data is completely and securely destroyed and the original media returned when the job is finished.
Best way is not to let the data out in the first place.
I agree completely with Orange Crush. You let that data out and it is now subject to this other entity's security policy.
If you are going to let it off-site, is there a contractual agreement regarding how the data will be protected? Are their security policies audited by a third party? Worst case, does your company's insurance cover financial losses due to a third party mishandling your data?
I'd provide them with dummy data in the proper format to simulate your company's data and do like Orange Crush suggests and put data and application together only on your own premises.
But if you can't/won't do that, I'd say encrypt the hell out of it and burn it to CD, and send it by registered courier where someone has to sign for it to acknowledge chain of custody. Send the key by an alternate method.
Do you know this company's security policies? Are there any kind of investigations/background checks performed on its employees? If it is a small shop, what kind of firewall protection do they use? Is some programmer's kid using his laptop to play games on the Internet and download "free" screen savers or ring tones?
I assume that your data is in there too. How would you want it handled and what would you consider doing legally to your company if the data was in any way mishandled and your information to find its way into some identity thief's possession or posted on the web? What if your identity were to be stolen and your accounts raided or your credit ruined?
I know this probably sounds fairly paranoid and I'm sure a lot of people might suggest easier and less secure approaches, but the reality is that this kind of data is a target and far too many people do not properly protect their business computer systems because they just don't realize how pervasive intrusions and spyware are.
Slashdot Mirror
Fsecure has details on a trojan that does this and also has a screenshot of what the desktop looks like.
If you have the same thing, your people's computers ARE infected.
http://www.f-secure.com/v-descs/trojan_w32_pakes_csg.shtml
From the summary:
Trojan:W32/Pakes.CSG attempts to get "rogueware" installed on the victim's computer by claiming the computer is infected by spyware.
It also makes changes to the system registry and posts information about the computer to a remote server.
Maybe if you write "redrum" next to it?
You really don't need two. The one will boost gain in the aimed direction regardless of what the other antenna is doing.
Or a nice pony...
Dude, if Microsoft open sources anything, it will probably be "Bob".
Shut up, Melinda.
Working on Linux?
I was actually looking for swampland. Might you have some nice swampland for sale? Something with a great view?
They could be preaching scientology in the schools and filling the little tykes' minds with thoughts of Xenu, thetans, spaceships, and volcanos.
Yep. We seem to have our own little Taliban. The only good thing about them is they aren't out blowing themselves up and killing others.
Oh wait, I guess some are. Eric Rudolph and a number of others take this crap to the extreme and do that.
And we have a president that claims he talked to God about the invasion of Iraq and was told we would have no casualties.
What do you mean *getting* more embarrassing?
Somehow, I believe that in the schools that are so eager to teach "intelligent" design, evolution won't get a logical analysis or an open and objective discussion.
Just watch. People who think killing themselves and others makes them martyrs and guarantees some place in heaven. People who fund Israel to attack Palestinians because they believe it will bring "judgment day" and the return of Jesus that much faster. People who refuse to do anything about the pollution and climate change they are producing because it's "God's will". Etc.
I have to wonder if the religious persecutions of old weren't at least partly right.
The cost of a superstitious society, that refuses to do anything about the current predicament of the nation and world and puts the outcome "in God's hands", will unfortunately be huge.
Moth balls sublimate too. Napthalene.
;-)
OK, cue the moth balls jokes...
And Step 6: Profit!
Hmmm, does Brazil have these same problems?
Locked away in prison for the rest of their lives.
Or better yet - handed off to all of the various countries who would love to bring charges against them.
Tim: However, market research has also shown that there are some home theater aficionados that actually love to hear multiple, noisy, loud, clicking and whirring fans. We've decided to just use a low-quality chipset and codec to meet those people's expectations...
Why do Apple's Safari vulnerabilities on both Windows and Mac make all *nix stuff look bad? I think this is one case where fanboy mods or no, the point fails.
All vulnerabilities in Safari do is make Apple look bad. Apple controls their OS and their applications. Linux doesn't come with Safari and yet it is a *nix flavor. Most Apple users probably don't even realize that OSX is Apple's GUI over BSD.
Personally, I'll take Linux over OSX or Windows any day.
Surely you jest...
Is Safari open source? I didn't think it was. If it isn't, then there is no way to fork it, is there?
SFTP is also used. I guess it has been co-opted from simple file transfer protocol which I don't think is used much any more because of its security weaknesses.
http://en.wikipedia.org/wiki/SSH_file_transfer_protocol
There are a lot of good posts in this topic. Especially the ones about the legal issues.
These days a big issue is CYA when it comes to people's personal data. As others have noted, be sure to investigate any laws that might define how the data must be treated if it has to go off site. Be sure that your management signs off on the procedure and be sure you can document it.
The days of just letting people download data are long gone. And don't use FTP if you do. Use the secure version (sftp) and encrypt the data before it transfers. That way it's an encrypted tunnel carrying encrypted data. But I wouldn't recommend this method. I'd get a signed chain of custody with media physically delivered and assurances that all copies of the data is completely and securely destroyed and the original media returned when the job is finished.
Best way is not to let the data out in the first place.
I agree completely with Orange Crush. You let that data out and it is now subject to this other entity's security policy.
If you are going to let it off-site, is there a contractual agreement regarding how the data will be protected? Are their security policies audited by a third party? Worst case, does your company's insurance cover financial losses due to a third party mishandling your data?
I'd provide them with dummy data in the proper format to simulate your company's data and do like Orange Crush suggests and put data and application together only on your own premises.
But if you can't/won't do that, I'd say encrypt the hell out of it and burn it to CD, and send it by registered courier where someone has to sign for it to acknowledge chain of custody. Send the key by an alternate method.
Do you know this company's security policies? Are there any kind of investigations/background checks performed on its employees? If it is a small shop, what kind of firewall protection do they use? Is some programmer's kid using his laptop to play games on the Internet and download "free" screen savers or ring tones?
I assume that your data is in there too. How would you want it handled and what would you consider doing legally to your company if the data was in any way mishandled and your information to find its way into some identity thief's possession or posted on the web? What if your identity were to be stolen and your accounts raided or your credit ruined?
I know this probably sounds fairly paranoid and I'm sure a lot of people might suggest easier and less secure approaches, but the reality is that this kind of data is a target and far too many people do not properly protect their business computer systems because they just don't realize how pervasive intrusions and spyware are.
How would you want your data handled?
Bush and Cheney's "free speech zones" are going to have big black boxes around the edges.
Be sure to listen for the clicking noise as the limousines drive past.
Hmmm, maybe they could sing?...