You're exactly right - I was not advocating doing nothing. I was saying do whatever you could to increase the security posture. And the documentation part is also excellent advice.
The job market isn't all that good out in the real world right now -- especially if you have been fired for cause.
Why add another hurdle to finding a job?
And that kind of attitude is what I see in some of my coworkers. Smartass people who think they know it all and just don't care about consequences. And coincidentally, those are the same ones in management's crosshairs. Pretty much without exception.
It's easy to criticize when you aren't the one in the hotseat. Sometimes, working from the inside to make things better, in spite of what management wants, can be the better approach. If the poster is being confronted with big security issues, and management that thinks they can skate (or are betting they can skate), and really confidential data is at risk that would harm people if it were compromised, working from the inside to change attitudes is sometimes the best way.
Maybe signing up for SANS Newsbites and sending management a few blurbs about what has happened to other companies and people who get held responsible for breaches might wake management up a bit.
These days breaches and compromises get pretty good press and there can definitely be some big monetary (or worse) consequences for those responsible when they do. When people see how things can really go bad, they tend to get a conscience.
Actually this is probably better advice than most realize. I don't know if it was tongue in cheek or not, but it is damned good advice.
Where I work, security is a really big issue and I have to deal with people all the time that don't realize that security is something they should consider with every decision they make during the day. Needless to say, many don't feel the same way. They are about to get raked over the coals by management.
Unfortunately for some, they are in the crosshairs for their lax stance on security. I don't know what management is going to do with them, but management knows who they are and they stand a good chance of at least repremands and loss of pay increases, and at the worst for them, pink slips.
Anyone in IT who thinks data security isn't their job is fooling themselves and setting themselves up for a new career. If you read the SANS Newsbites, you see breach after breach and people getting sacked or worse.
People need to tighten up their systems, audit their systems, run configuration management, and even penetration test their systems. If you can show you are at least trying to cover your ass, you stand a better chance of being seen as proactive and trying to protect the company even if it does get breached.
But if something happens and it comes time to pick up the pieces, and all you can say is well, we shoulda done that but we didn't, you might want to have a plan B in terms of a career because you will probably need it.
Not exactly. What the "super" in supercapacitors means is that they have extremely high capacitance and can store a large amount of charge.
The rub is that they cannot handle much in the way of voltage. Typically in the 2 to 4 volts range depending on the type. So if you want to store a lot of voltage, you need to put them in series and that lowers the capacitance back down.
Supercaps are not suitable for high voltage. The reason you don't see them powering electric cars instead of batteries is the voltage issue. Manufacturers and researchers are working on that but for now, the voltage a supercap can stand is very low.
Very high voltage capacitors could possibly be used. With the laser technique, I would bet they could control how much energy they pulled out to some extent. Maybe not though - it is lightning.
But if you dropped a bolt into a big, high-voltage capacitor, you could then drain it off into something else for longer storage or use. Maybe.
I would think you could use a grounded turning mirror and/or a grounded aperture to shoot through.
You could also use a beam expander and condenser over a distance to lower the power density such that you didn't make a conducting channel that would provide an electrical disconnect.
I also agree that demoting managers who screw up is a good idea. It encourages them to learn to be better managers and make better decisions. When there are no consequences for people's actions, organizations go to hell. I've seen it too many times.
But all consequences need to be managed properly. A demotion really needs to be well deserved. Incidents need to be documented, and people met with to discuss problems before issuing a demotion. But where it is warranted, do it. Where a firing is warranted, do it. The impacts on morale, when such issues are handled properly and fairly, are positive.
But then again, this is why Dilbert can be such an accurate and funny comic strip.
I think it is time people started standing up and asserting their own needs/wants/desires in government instead of letting governments treat us all like cattle.
As long as people are content to sit on the sidelines and bleat like sheep, they will be slaughtered and sheared like sheep.
Like the meme of dropping a frog in hot water and it jumps right back out, but put a frog in cold water and gradually heat it up and the frog just puts up with it until it dies. People in the USA and Britain both are sitting in their hot pots.
Personally, I think all of the remaining candidates are losers. Hillary is an insider and will be just another Clinton. Obama is too radical and disruptive. And McCain will continue in the Bush warmongering tradition.
I don't hold out much hope for this country if these three are the best we can do.
Possibly more than at any other time, this election is about choosing the lesser evil rather than the most capable candidate.
The gold actually will change conductivity. It has a slightly lower conductivity than copper. As another poster points out, the reason gold is used is because it doesn't generate a high-resistivity oxide on its surface and ultimately degrade the electrical connection.
For those commenting about silver, it definitely does increase conductivity and is frequently plated on radio frequency conductors because at high frequencies, most of the current flows on and near the surface of the conductors. A silver plating really helps lower impedance.
However, on connectors, silver also reacts with air to form silver sulfides that can degrade the connection.
For most purposes, plain old copper is a fine connector material. For high-reliability connections, or especially in corrosive environments, look to gold plating.
Actually they can and do. Four 1 TB drives do store 4 TB of data in a RAID array. And they can also rebuild a lost drive.
The data is just duplicated.
And this is also qualified in that four 1 TB drives that store 4 TB of unique data total cannot rebuild a lost drive. It's not really a RAID array anyway unless the data is striped for speed by accessing the drives basically in parallel.
But four 1 TB drives that are raided otherwise can carry 4 TB of data, but it is duplicated in some way so that a lost drive can be rebuilt.
Not just a scope but a way to inject noise and spikes into either side of the filter to see how it does at filtering what's coming in as well as what's leaking out.
With a multimeter, I think about all you can say is that input is connected to output by measuring continuity. Regular needle movements have a fair amount of damping just by inertia of the needle and digital meters have damping by the nature of how they do the measurements.
I've also seen far too many head to head reviews that show most house brand (i.e. cheap) cables are just as good at getting the signal from A to B as Monster Cables to bother with ever buying them. I hope anyone interested searches for the reviews themselves.
It unfortunately seems that all Monster does is sell to the people who think that paying their premium negates having to make any kind of judgement call or do any research when buying A/V cables - or the people who can't wait to brag about how much money they spent (i.e. threw away) on their home theater system.
Those two groups alone, especially at the profit margins Monster must have, probably keep the execs in clover, on boats in the Bahamas, drinking old, old scotch, and lighting their cigars with $100 dollar bills.
I think that holders of copyrights and trademarks are obligated to protect them or else risk losing the copyright or trademark.
On the other hand, Lucas could make a sweetheart deal to license the trademarks and copyrights and not be at risk of losing the rights while also doing what sounds like the right thing by the person that contributed a huge amount to the Lucas "empire".
The rub is that people really are genetically different. While understanding differences is important to understanding how and why people respond differently to different medications, etc., it's just a little bitty hop to start deciding one person is "better" than another based on genetics.
Genetics is truly a double-edged sword. Just deciding that some gene needs to be "fixed" brings a value judgement with it. And that same little hop to deciding one person is better than another.
Hopefully it only gets as extreme as wanting to help fix other people's genes instead of exterminate them.
You know, though, the interesting thing about the users of energy -- in a whole lot of cases, the density isn't there either.
Sure, a wind farm gets spread of a big area while a power plant is just a big building. But that big building is generally located far from where the energy is actually used for safety, aesthetic, land cost, fuel transport, or other reasons. That distance leads to inefficiency with resistive losses over the power lines. The greater the distance, the bigger the loss. And the more current you try to push over those lines, the loss goes up by the square of the current.
But wind and solar can be located much closer to the point of use and basically get a free 10-15% benefit in terms of energy not wasted as heat during transport to the end users. Solar cell arrays can be mounted on rooftops of the buildings that will use the energy.
And when you are talking about the energy use of a single building, that low density you get from the sun pretty much works out to cover most, if not all, of the building's needs. Obviously we're not talking about skyscrapers and such. But for houses and other single/two story buildings, the roof area can substitute for a lot of energy derived from coal, oil, nuclear, or other means.
It was to have been announced at the party congress next week. I did not know the fools would make it operational until then.
GENERAL TURGEDSON:
Well, what the hell is a Doomsday Machine?
AMBASSADOR DE SADE:
Well, it has been explained to me that, if you add a thick Cobalt-Thorium-G jacket to a nuclear device, the radioactivity resulting from such a nuclear explosion will retain its lethal power for a hundred years.
Our scientists calculated that the detonation of fifty of our biggest nuclear devices, jacketed in Cobalt-Thorium-G would enshroud the earth in a hundred years of lethal radioactivity from which no human life could escape. In ten months the Earth would be as dead as the Moon.
Actually, there would be so many problems that it is hard to say which one would be the biggest. These days, with the US economy so delicately balanced that the best Bush could do after 9/11 was to tell everyone to go out and spend, if we lost even a single major city to a nuclear explosion, this country could easily topple. As the economy collapsed, we would then have roving gangs and individuals out looking to steal food or anything else they needed to survive. Stores would be cleaned out, transportation of any commodities would most likely be hijacked, and order would be turned upside down. People would behave like animals and the only ones safe would be the ones with nothing anyone else considered of value.
An ISP is essentially a system administrator. As such, one of the basic tenets of being a system administrator is to respect users (i.e. customers) privacy.
And regarding Gothmolly's reply, I know one of two guys that started their own ISP and also an internet cafe. They eventually broke up the relationship because the guy that I didn't know (but was told about) had a habit of reading his customer's e-mail and also piggybacking on their browsing to watch what they were looking up. It didn't take long for him to find a few people that gave him lots of voyeuristic enjoyment. The guy I knew thought it was immoral and pulled out of the company. As far as I know, this other guy is still doing it.
But I'd still rather have some sick maladjusted fuck reading my e-mail and watching what I do than have companies and governments doing it. Sure, in a perfect world you wouldn't have to worry about any of it, but I guess this is just our reality now.
Slashdot Mirror
You're exactly right - I was not advocating doing nothing. I was saying do whatever you could to increase the security posture. And the documentation part is also excellent advice.
The job market isn't all that good out in the real world right now -- especially if you have been fired for cause.
Why add another hurdle to finding a job?
And that kind of attitude is what I see in some of my coworkers. Smartass people who think they know it all and just don't care about consequences. And coincidentally, those are the same ones in management's crosshairs. Pretty much without exception.
It's easy to criticize when you aren't the one in the hotseat. Sometimes, working from the inside to make things better, in spite of what management wants, can be the better approach. If the poster is being confronted with big security issues, and management that thinks they can skate (or are betting they can skate), and really confidential data is at risk that would harm people if it were compromised, working from the inside to change attitudes is sometimes the best way.
Maybe signing up for SANS Newsbites and sending management a few blurbs about what has happened to other companies and people who get held responsible for breaches might wake management up a bit.
These days breaches and compromises get pretty good press and there can definitely be some big monetary (or worse) consequences for those responsible when they do. When people see how things can really go bad, they tend to get a conscience.
Check out NIST: http://csrc.nist.gov/
They not only have standards to follow but also scripts that can check security configurations to tell you if you meet standards or not.
I know DHS gets mocked a lot but they are working with NIST to help harden computer systems. It's worth checking out.
I've also been threatened. It's a very bizarre world out there.
Actually this is probably better advice than most realize. I don't know if it was tongue in cheek or not, but it is damned good advice.
Where I work, security is a really big issue and I have to deal with people all the time that don't realize that security is something they should consider with every decision they make during the day. Needless to say, many don't feel the same way. They are about to get raked over the coals by management.
Unfortunately for some, they are in the crosshairs for their lax stance on security. I don't know what management is going to do with them, but management knows who they are and they stand a good chance of at least repremands and loss of pay increases, and at the worst for them, pink slips.
Anyone in IT who thinks data security isn't their job is fooling themselves and setting themselves up for a new career. If you read the SANS Newsbites, you see breach after breach and people getting sacked or worse.
People need to tighten up their systems, audit their systems, run configuration management, and even penetration test their systems. If you can show you are at least trying to cover your ass, you stand a better chance of being seen as proactive and trying to protect the company even if it does get breached.
But if something happens and it comes time to pick up the pieces, and all you can say is well, we shoulda done that but we didn't, you might want to have a plan B in terms of a career because you will probably need it.
For one thing, it might be straight bolts instead of zig-zag. How cool is that? Lightning that looks like a big bright fluorescent tube.
Not exactly. What the "super" in supercapacitors means is that they have extremely high capacitance and can store a large amount of charge.
The rub is that they cannot handle much in the way of voltage. Typically in the 2 to 4 volts range depending on the type. So if you want to store a lot of voltage, you need to put them in series and that lowers the capacitance back down.
Supercaps are not suitable for high voltage. The reason you don't see them powering electric cars instead of batteries is the voltage issue. Manufacturers and researchers are working on that but for now, the voltage a supercap can stand is very low.
Very high voltage capacitors could possibly be used. With the laser technique, I would bet they could control how much energy they pulled out to some extent. Maybe not though - it is lightning.
But if you dropped a bolt into a big, high-voltage capacitor, you could then drain it off into something else for longer storage or use. Maybe.
I would think you could use a grounded turning mirror and/or a grounded aperture to shoot through.
You could also use a beam expander and condenser over a distance to lower the power density such that you didn't make a conducting channel that would provide an electrical disconnect.
Still, this is very cool stuff!
I also agree that demoting managers who screw up is a good idea. It encourages them to learn to be better managers and make better decisions. When there are no consequences for people's actions, organizations go to hell. I've seen it too many times.
But all consequences need to be managed properly. A demotion really needs to be well deserved. Incidents need to be documented, and people met with to discuss problems before issuing a demotion. But where it is warranted, do it. Where a firing is warranted, do it. The impacts on morale, when such issues are handled properly and fairly, are positive.
But then again, this is why Dilbert can be such an accurate and funny comic strip.
I think it is time people started standing up and asserting their own needs/wants/desires in government instead of letting governments treat us all like cattle.
As long as people are content to sit on the sidelines and bleat like sheep, they will be slaughtered and sheared like sheep.
Like the meme of dropping a frog in hot water and it jumps right back out, but put a frog in cold water and gradually heat it up and the frog just puts up with it until it dies. People in the USA and Britain both are sitting in their hot pots.
You have to do something about it or die.
Personally, I think all of the remaining candidates are losers. Hillary is an insider and will be just another Clinton. Obama is too radical and disruptive. And McCain will continue in the Bush warmongering tradition.
I don't hold out much hope for this country if these three are the best we can do.
Possibly more than at any other time, this election is about choosing the lesser evil rather than the most capable candidate.
The gold actually will change conductivity. It has a slightly lower conductivity than copper. As another poster points out, the reason gold is used is because it doesn't generate a high-resistivity oxide on its surface and ultimately degrade the electrical connection.
For those commenting about silver, it definitely does increase conductivity and is frequently plated on radio frequency conductors because at high frequencies, most of the current flows on and near the surface of the conductors. A silver plating really helps lower impedance.
However, on connectors, silver also reacts with air to form silver sulfides that can degrade the connection.
For most purposes, plain old copper is a fine connector material. For high-reliability connections, or especially in corrosive environments, look to gold plating.
Agreed. I'd mod this up if I had points. Our over the top obsession with having things and things and things is going to be our downfall.
Actually they can and do. Four 1 TB drives do store 4 TB of data in a RAID array. And they can also rebuild a lost drive.
The data is just duplicated.
And this is also qualified in that four 1 TB drives that store 4 TB of unique data total cannot rebuild a lost drive. It's not really a RAID array anyway unless the data is striped for speed by accessing the drives basically in parallel.
But four 1 TB drives that are raided otherwise can carry 4 TB of data, but it is duplicated in some way so that a lost drive can be rebuilt.
Not just a scope but a way to inject noise and spikes into either side of the filter to see how it does at filtering what's coming in as well as what's leaking out.
With a multimeter, I think about all you can say is that input is connected to output by measuring continuity. Regular needle movements have a fair amount of damping just by inertia of the needle and digital meters have damping by the nature of how they do the measurements.
I've also seen far too many head to head reviews that show most house brand (i.e. cheap) cables are just as good at getting the signal from A to B as Monster Cables to bother with ever buying them. I hope anyone interested searches for the reviews themselves.
It unfortunately seems that all Monster does is sell to the people who think that paying their premium negates having to make any kind of judgement call or do any research when buying A/V cables - or the people who can't wait to brag about how much money they spent (i.e. threw away) on their home theater system.
Those two groups alone, especially at the profit margins Monster must have, probably keep the execs in clover, on boats in the Bahamas, drinking old, old scotch, and lighting their cigars with $100 dollar bills.
I don't choose to participate.
I think that holders of copyrights and trademarks are obligated to protect them or else risk losing the copyright or trademark.
On the other hand, Lucas could make a sweetheart deal to license the trademarks and copyrights and not be at risk of losing the rights while also doing what sounds like the right thing by the person that contributed a huge amount to the Lucas "empire".
The rub is that people really are genetically different. While understanding differences is important to understanding how and why people respond differently to different medications, etc., it's just a little bitty hop to start deciding one person is "better" than another based on genetics.
Genetics is truly a double-edged sword. Just deciding that some gene needs to be "fixed" brings a value judgement with it. And that same little hop to deciding one person is better than another.
Hopefully it only gets as extreme as wanting to help fix other people's genes instead of exterminate them.
You know, though, the interesting thing about the users of energy -- in a whole lot of cases, the density isn't there either.
Sure, a wind farm gets spread of a big area while a power plant is just a big building. But that big building is generally located far from where the energy is actually used for safety, aesthetic, land cost, fuel transport, or other reasons. That distance leads to inefficiency with resistive losses over the power lines. The greater the distance, the bigger the loss. And the more current you try to push over those lines, the loss goes up by the square of the current.
But wind and solar can be located much closer to the point of use and basically get a free 10-15% benefit in terms of energy not wasted as heat during transport to the end users. Solar cell arrays can be mounted on rooftops of the buildings that will use the energy.
And when you are talking about the energy use of a single building, that low density you get from the sun pretty much works out to cover most, if not all, of the building's needs. Obviously we're not talking about skyscrapers and such. But for houses and other single/two story buildings, the roof area can substitute for a lot of energy derived from coal, oil, nuclear, or other means.
AMBASSADOR DE SADE:
It was to have been announced at the party congress next week. I did not know the fools would make it operational until then.
GENERAL TURGEDSON:
Well, what the hell is a Doomsday Machine?
AMBASSADOR DE SADE:
Well, it has been explained to me that, if you add a thick Cobalt-Thorium-G jacket to a nuclear device, the radioactivity resulting from such a nuclear explosion will retain its lethal power for a hundred years.
Our scientists calculated that the detonation of fifty of our biggest nuclear devices, jacketed in Cobalt-Thorium-G would enshroud the earth in a hundred years of lethal radioactivity from which no human life could escape. In ten months the Earth would be as dead as the Moon.
Actually, there would be so many problems that it is hard to say which one would be the biggest. These days, with the US economy so delicately balanced that the best Bush could do after 9/11 was to tell everyone to go out and spend, if we lost even a single major city to a nuclear explosion, this country could easily topple. As the economy collapsed, we would then have roving gangs and individuals out looking to steal food or anything else they needed to survive. Stores would be cleaned out, transportation of any commodities would most likely be hijacked, and order would be turned upside down. People would behave like animals and the only ones safe would be the ones with nothing anyone else considered of value.
An ISP is essentially a system administrator. As such, one of the basic tenets of being a system administrator is to respect users (i.e. customers) privacy.
And regarding Gothmolly's reply, I know one of two guys that started their own ISP and also an internet cafe. They eventually broke up the relationship because the guy that I didn't know (but was told about) had a habit of reading his customer's e-mail and also piggybacking on their browsing to watch what they were looking up. It didn't take long for him to find a few people that gave him lots of voyeuristic enjoyment. The guy I knew thought it was immoral and pulled out of the company. As far as I know, this other guy is still doing it.
But I'd still rather have some sick maladjusted fuck reading my e-mail and watching what I do than have companies and governments doing it. Sure, in a perfect world you wouldn't have to worry about any of it, but I guess this is just our reality now.
A big part of blocking recommendations created by third parties like doubleclick and such is a good hosts file.
A good hosts file can also keep your computer out of trouble when websites get booby-trapped to send you to another site that installs malware.
Here is a good how-to and a pretty good hosts file:
http://www.mvps.org/winhelp2002/hosts.htm
And it is already well known that various governments and government entities operate tor nodes to monitor the traffic through them.