Please, stop thinking about the media web sites and such. They cause the problem, but the real communications goes on in the background.
Email can be used for communication between those involved in the response and recovery effort - where appropriate. Web surfing is not so we can surf pr0n or the news sites. There are a number of incident management systems that can be used via web browsers as it provides one of the easiest forms of network access. Not to mention sharing GIS data over the network.
Emergency management professionals know a lot more than what the media does. The media works with the EM professionals, and one of the first rules of media relations in emergency management is to keep feeding the media information, but trust me it is still carefully controlled. This was implemented very well during the 11/9 events. Note how the only people you ever saw rescuing were NY personnel? After a 2-3 days, there were many out-of-state Task Forces there, but you never saw them on TV did you?
The issue with Internet traffic is exactly the same as cell sites. If an event happens, it is possible for the cell sites to be reconfigured to only accept authorised traffic, those involved in the response and recovery to an event. Otherwise the cell phone network is overloaded and no-one can use it. Better to kick off the public, and have the service (if it is capable of working) be used towards the common good of the people. The same with the Internet, it is possible that local use of the Internet may constrain emergency management professionals ability to respond and recover.
Then again, I don't think that having a public priority system is the way to go. I think Govnet is an appropriate solution, and access is provided to organisations as required. It could have better support for running in an emergency, and even public companies, such as power and comms, could gain access as they are heavily involved in the response effort.
Additionally, in emergency management you cannot rely on having any form of communications, and work is going into setting up ad hoc communications network, such as the military uses, in areas where there is no power or communication cabling.
Companies are incented to rape their customers for short-term profit
And I think more and more customers are learning to shaft these companies in return. Competition is so great in many industries now that if one company tried to fleece consumers, then customers very quickly up and leave, looking for the next more reasonable company. We've had some great examples of that here in NZ as consumers jump from power company to power company as they hike their prices. One of the original price hikers has no retail customers now. The solution to this is more educated consumers, and NPO's aiding and advising consumers.
What happens when customers move so fast that the flow on effects show up on quarterly earnings? Pissed off shareholders I'll bet...
Look at it this way. Developed countries have a set of systems that can be defined as critical infrastructure. These maintain the operability of a nation on a day-to-day basis. If any of these systems break down, then society will follow down too.
Some examples? Well... water, power, sewerage, welfare, health, emergency services, police and justice, banking, government, communications, and one of the latest additions would have to be IT.
IT must been damn close to being critical infrastructure, if it isn't already. We all know MSFT is very dominant in Operating Systems. Their systems are being used within many of these critical services, which would tend to suggest that MSFT is already inextricably linked to the other critcal infrastructures.
Already countries overseas are opting for alternatives to MSFT because of some of the risks that their products provide. Govt's of Germany, France, and others are looking for more 'trusted' IT products - partly for cost, but also because some of the systems are critical.
MSFT didn't have any choice but to accept security, much as they had to accept the Internet in '95. If they didn't, they would see dwindling market share, and their products being dropped from IT solutions involved in critical infrastructure. So, they have to get on the 'trusted' bandwagon to maintain market share. Govt's do spend a bit of money on IT after all.
Taken on its own, this doesn't mean much. However, I was just reading an article on The Reg - The Microsoft Secure PC: MS patents a lock-down OS and this paragraph puts Microsofts plans much more in place...
"the content provider would have to maintain a registry of each subscriber's DRMOS identity or delegate that function to a trusted third party," and the number of unique DRMOSes, the authors acknowledge, could run into the millions."
This fits in very nicely with passport as you can not only authenticate the user, but the system they are operating as well. Not nice when you consider that MSFT has registered patents that include the removal of unauthorised software from the system...
I've disabled the preview pane, and automatic send and receive. I have also been using Mailwasher which sits between you and your email box. Its been a useful free Win32 tool in dealing with SPAM, and that is its primary benefit, but I have noticed that it acts as a nice quarantine for incoming mail before it gets to Outlook. I have had plenty of opportunities to squelch virii before they even get to Outlook. Of course it won't save you it you get infected, but it certainly helps reduce the chance of infection.
... unless the initial infector is small, and then the main payload is transferred after infection. Would allow it to more quickly spread, and then when it becomes fully operational it could have an even more dramatic effect bogging down systems.
I've just finished doing a project for a Graduate Diploma in Emergency Services Management this year. Developed countries can cope with disasters much better than developing countries, and one aspect of this is because developed countries can throw more IT at the problem in stages of preparation, mitigation, response and recovery. I feel there is a growing need for open source and free software developed by an international community, with a view to providing software services for managing information and resources in a disaster, or aid program. There is SUMA a SUpply MAnagement program that is used for the transfer of aid and supply. There is commercial software available for emergency management, but once again only the rich countries can afford it. Learn GIS and offer your skills to governments and help in the preparation and mitigation stages by planning for natural and manmade disasters. There are plenty of opportunities for those involved in IT that want to help!:)
Cheers Gav
Now I remember why I come to Slashdot...
on
WipOut Contest
·
· Score: 1
He doesn't mention in the article whether any of them use layered security. As you cannot expect humans to be infalliable, shouldn't layers be built up around critical infrastructure, so if they get past reception or the first security door, they still don't have full roam of the business. Extra security should be provided around critcal points such as server rooms, closets etc, and a limited number of people provide access, and know reason of letting the serviceperson have access.
Re:Apply the same arguments to other areas of safe
on
PDF Virus Spotted
·
· Score: 1
I know it is a profoundly unpopular idea (and I'm not terribly thrilled with the notion myself), but perhaps it is time for some basic standards of quality and security to be imposed through some form of regulation. The alternative seems to be more of the same, which is clearly not acceptable.
You know, I would actually have to say I'm starting to agree with this view. I think it is time for consumers to work with governments to form suitable regulation for the greater good of society. The development of open formats and software would go a long way to support this. I can't see it happening in the US any time soon though, MSFT is paying too much tax!
And another thought, if pdf's can now carry executable code (even though it can't execute in Reader), is there the possibility of a buffer overflow exploit in the reader that would allow the executable code to be executed on the machine running the Reader?
Re:PDF Virus a *Proof of Concept*, not a real thre
on
PDF Virus Spotted
·
· Score: 1
Yes, the threat level is low, due to the required combination of software and social engineering....
And basic risk management factors probability and consequences. It only takes a nasty virus trashing a few users and the risk comes back up
If pdf's are supposed to be cross-platform and portable, then wtf are they putting executable code in them?
Isn't the whole idea of using pdf's to avoid using word documents and the associated risks?
And doesn't the article say "including everything from the VBScript programs--used in the LoveLetter virus--to an actual executable program"? Doesn't that mean that it's not a VBS issue, rather the design of Acrobat?
Right, nothing for it but to let adobe know your thoughts. email adobe with product improvement suggestions! - like remove the ability to include executables. If Adobe don't do something about this, then they have lost their competitive advantage as a document format.
Not quite solid, try made of hexagonal mirrors approx 2m across. It would be a huge pain in the ass to make a 100m diameter mirror, not to mention uneconomic. Thats why they plan to have it tiled. But all the tiles do make up the mirror for one large telescope.
Cheers
I believe that the Ministry for Ag and Fish and local councils have used satellite imagery to detect stock movement across roads, and have prosecuted farmers where they haven't gained appropriate resource consents. Just had a quick look for references, but wasn't able to find any.
In NZ once you have been charged with certain offences, then under the Companies Act you are not allowed to become a director of another company. The Govt maintains the list of company directors. Don't know how US law handles it. But I imagine its fairly generic. Everyone starts with the right to own a business, but if you commit personal crimes, or are convicted of crimes in a business then you lose all rights to run a business. Seem pretty fair to me.
Region coding is already illegal elsewhere... I believe that New Zealand is one place.
Not unless somethings changed recently. We're still Zone 4 here as far as I know. We have had a solid chipping industry and most played are set to Zone 4. My player is zone 4.
is when a device similar to this is used by govt to do say a time-and-motion study for the government statistics department.
In New Zealand we have the Statistics Act 1975 which places a legal requirement on any citizen to answer questions that the statistician requires. Whilst this law is here for a good reason, and the statistics can be used for good purpose, like anything there is the potential for abuse. Think of being legally required to wear a modified device such as this in 10 years time, and through GPS and emitters in buildings (since GPS doesn't work too well indoors) - 'This building is ANZ bank, 123 Main St, Christchurch, New Zealand' would be able to do a comprehensive time-and-motion study on citizens.
Would that much detail be useful to politicians? Is there potential for the system to be abused? And naturally there would be big fines for screwing up data collection or destoying the collecting device.
I'm sorry, it sounds cool but it has many problems in my mind.
1. Lack of Transparancy. I don't like the idea of something that runs at a priviledged level or modifies my system without my permission. Do I get a chance to view the source code before it patches to ensure its good intent?
2. MAD. This will start a war of attrition. Worms scanning and invading systems. How long before a worm says 'if I can't have it - neither can you!' and wipes the hard drive.
3. Evolution. This will cause mutation in the malignant worms that will make it harder for patches to be created. Think anti-bacterial resistance.
4. Automation. People say this is great and automated and the admin doesn't have to even wake up. What would happen to the Internet if Windows automatically installed patches without your permission? Just think of all those IIS sites disappearing when the service pack screws up and no-ones there to monitor it! Hang on, perhaps thats not such a bad idea:)
The risks in my mind really outweigh the potential rewards. The only people who see this as cool are those who are too lazy to have some form of management process to maintain their security.
I do like a system similar to the MSFT update whereby my installed software is audited, and I am notified of any patches available, and then given the options to read, and install the patch - if I chose.
Ummm, did anyone consider that perhaps MSFT may cut off direct hardware access thereby not allowing any rippers direct access to the CDROM drive. Perhaps not possible with 9x, but it would be with an NT kernel. After all, why does the end user need raw access to the CDROM?
You would then be forced to go through an API to access a CD. The API itself will do the encoding and then pass on the result. The API would only support those codecs that MSFT allows to be plugged into the architecture. No MP3, no OGG.
This would fit in very nicely with the plans to have end-to-end encryption in all media devices. It would probably be enough to stop the average end user.
Of course it may be possible to hack, but I wouldn't want to be doing that in MSFT's house of cards. I'm sure they could set it up so that your system becomes very unstable if you install a hacked API. Oh wait, perhaps they are already doing that...:)
If you read a bit about Jeff Bezos background, you will know that a driving passion for him is to improve the consumers experience. Perhaps IT is something that is good for consumers, and bad for other industries. Why not use Jeff as an IT champion? He is certainly has a high enough profile and has little problem going against the grain.
Yes, thats right. We are actually a pretty good country to live in. Why do I like it here?
We have relatively lower personal income taxes 15-39%.
A consistent GST across the board of 12.5%
Fantastic country-side, very clean, green and relatively unpoluted. Many many many outdoor activities to choose from.
Cost of living is very cheap.
The government doesn't invade peoples rights as much as some other countries.
We have Privacy legislation that is quite strong.
Pretty good technology infrastructure, probably in the top 5-10 countries for EFTPOS, cellphones and internet usage. I'm writing on a DSL connection.
Large properties and houses.
Very few traffic problems - except Auckland.
Some downsides exist
Importing electronic appliances can be expensive because of our current weakness against the USD (0.45:1)
A current brain-drain to richer currency countries - particularly the UK - for our young students with debt.
It takes a long time to fly away from here:)
An aging population which is going to be harder for youth to support.
All in all it presents a great lifestyle here, sure there aren't as many opportunities as the US, but the lifestyle more than makes up for it.
Australia is a great country too, but they have much stronger unions, and some stupid legislation:) I'd prefer to live in Sydney over Auckland any day though.
Oh, and being in the temperate zone, we don't get the lows your are talking about, perhaps 0 C, and in Christchurch where I live up to 30-35 C in summer. Quite pleasant and not really life-threatening.:)
Cheers RedIguana
PS Yes I've travelled to quite a few countries, and have friends in many of them, including US, Canada and the UK. NZ still offers the best lifestyle.
It now seems that we have two people with knowledge of the content, but the author has only been paid once.
So what?
The very nature of publishing something is to make something public. Sure its going to spread across public knowledge, and you aren't going to be able to charge for every copy.
All that is happening is you are paying a premium for being one of the first to read the book, and possibly gain an advantage over anyone else who hasn't read it yet.
People are not being charged for the books content, they are being charged for timely access to the books content.
Face it, books devalue, and so does the price people pay for them. Its like everything else in life.
And it probably came from the little green men peeing in their corner of the universe.
Didn't you read the article? It said the most interesting planet orbits epsilon Reticulum. According to Mulder, they will be gray because of the iron deficiency in their galaxy:)
Slashdot Mirror
Please, stop thinking about the media web sites and such. They cause the problem, but the real communications goes on in the background.
:)
Email can be used for communication between those involved in the response and recovery effort - where appropriate. Web surfing is not so we can surf pr0n or the news sites. There are a number of incident management systems that can be used via web browsers as it provides one of the easiest forms of network access. Not to mention sharing GIS data over the network.
Emergency management professionals know a lot more than what the media does. The media works with the EM professionals, and one of the first rules of media relations in emergency management is to keep feeding the media information, but trust me it is still carefully controlled. This was implemented very well during the 11/9 events. Note how the only people you ever saw rescuing were NY personnel? After a 2-3 days, there were many out-of-state Task Forces there, but you never saw them on TV did you?
The issue with Internet traffic is exactly the same as cell sites. If an event happens, it is possible for the cell sites to be reconfigured to only accept authorised traffic, those involved in the response and recovery to an event. Otherwise the cell phone network is overloaded and no-one can use it. Better to kick off the public, and have the service (if it is capable of working) be used towards the common good of the people. The same with the Internet, it is possible that local use of the Internet may constrain emergency management professionals ability to respond and recover.
Then again, I don't think that having a public priority system is the way to go. I think Govnet is an appropriate solution, and access is provided to organisations as required. It could have better support for running in an emergency, and even public companies, such as power and comms, could gain access as they are heavily involved in the response effort.
Additionally, in emergency management you cannot rely on having any form of communications, and work is going into setting up ad hoc communications network, such as the military uses, in areas where there is no power or communication cabling.
Here endeth my rant
Companies are incented to rape their customers for short-term profit
And I think more and more customers are learning to shaft these companies in return. Competition is so great in many industries now that if one company tried to fleece consumers, then customers very quickly up and leave, looking for the next more reasonable company. We've had some great examples of that here in NZ as consumers jump from power company to power company as they hike their prices. One of the original price hikers has no retail customers now. The solution to this is more educated consumers, and NPO's aiding and advising consumers.
What happens when customers move so fast that the flow on effects show up on quarterly earnings? Pissed off shareholders I'll bet ...
Look at it this way. Developed countries have a set of systems that can be defined as critical infrastructure. These maintain the operability of a nation on a day-to-day basis. If any of these systems break down, then society will follow down too.
Some examples? Well... water, power, sewerage, welfare, health, emergency services, police and justice, banking, government, communications, and one of the latest additions would have to be IT.
IT must been damn close to being critical infrastructure, if it isn't already. We all know MSFT is very dominant in Operating Systems. Their systems are being used within many of these critical services, which would tend to suggest that MSFT is already inextricably linked to the other critcal infrastructures.
Already countries overseas are opting for alternatives to MSFT because of some of the risks that their products provide. Govt's of Germany, France, and others are looking for more 'trusted' IT products - partly for cost, but also because some of the systems are critical.
MSFT didn't have any choice but to accept security, much as they had to accept the Internet in '95. If they didn't, they would see dwindling market share, and their products being dropped from IT solutions involved in critical infrastructure. So, they have to get on the 'trusted' bandwagon to maintain market share. Govt's do spend a bit of money on IT after all.
Taken on its own, this doesn't mean much. However, I was just reading an article on The Reg - The Microsoft Secure PC: MS patents a lock-down OS and this paragraph puts Microsofts plans much more in place...
"the content provider would have to maintain a registry of each subscriber's DRMOS identity or delegate that function to a trusted third party," and the number of unique DRMOSes, the authors acknowledge, could run into the millions."
This fits in very nicely with passport as you can not only authenticate the user, but the system they are operating as well. Not nice when you consider that MSFT has registered patents that include the removal of unauthorised software from the system...
I've disabled the preview pane, and automatic send and receive. I have also been using Mailwasher which sits between you and your email box. Its been a useful free Win32 tool in dealing with SPAM, and that is its primary benefit, but I have noticed that it acts as a nice quarantine for incoming mail before it gets to Outlook. I have had plenty of opportunities to squelch virii before they even get to Outlook. Of course it won't save you it you get infected, but it certainly helps reduce the chance of infection.
... unless the initial infector is small, and then the main payload is transferred after infection. Would allow it to more quickly spread, and then when it becomes fully operational it could have an even more dramatic effect bogging down systems.
I've just finished doing a project for a Graduate Diploma in Emergency Services Management this year. Developed countries can cope with disasters much better than developing countries, and one aspect of this is because developed countries can throw more IT at the problem in stages of preparation, mitigation, response and recovery. I feel there is a growing need for open source and free software developed by an international community, with a view to providing software services for managing information and resources in a disaster, or aid program. There is SUMA a SUpply MAnagement program that is used for the transfer of aid and supply. There is commercial software available for emergency management, but once again only the rich countries can afford it. Learn GIS and offer your skills to governments and help in the preparation and mitigation stages by planning for natural and manmade disasters. There are plenty of opportunities for those involved in IT that want to help! :)
Cheers Gav
2001-09-05 21:57:19 Copyright Essay Competitions (articles,news) (rejected)
dorks
He doesn't mention in the article whether any of them use layered security. As you cannot expect humans to be infalliable, shouldn't layers be built up around critical infrastructure, so if they get past reception or the first security door, they still don't have full roam of the business. Extra security should be provided around critcal points such as server rooms, closets etc, and a limited number of people provide access, and know reason of letting the serviceperson have access.
I know it is a profoundly unpopular idea (and I'm not terribly thrilled with the notion myself), but perhaps it is time for some basic standards of quality and security to be imposed through some form of regulation. The alternative seems to be more of the same, which is clearly not acceptable.
You know, I would actually have to say I'm starting to agree with this view. I think it is time for consumers to work with governments to form suitable regulation for the greater good of society. The development of open formats and software would go a long way to support this. I can't see it happening in the US any time soon though, MSFT is paying too much tax!
And another thought, if pdf's can now carry executable code (even though it can't execute in Reader), is there the possibility of a buffer overflow exploit in the reader that would allow the executable code to be executed on the machine running the Reader?
Yes, the threat level is low, due to the required combination of software and social engineering. ...
And basic risk management factors probability and consequences. It only takes a nasty virus trashing a few users and the risk comes back up
If pdf's are supposed to be cross-platform and portable, then wtf are they putting executable code in them?
Isn't the whole idea of using pdf's to avoid using word documents and the associated risks?
And doesn't the article say "including everything from the VBScript programs--used in the LoveLetter virus--to an actual executable program"? Doesn't that mean that it's not a VBS issue, rather the design of Acrobat?
Right, nothing for it but to let adobe know your thoughts. email adobe with product improvement suggestions! - like remove the ability to include executables. If Adobe don't do something about this, then they have lost their competitive advantage as a document format.
Not quite solid, try made of hexagonal mirrors approx 2m across. It would be a huge pain in the ass to make a 100m diameter mirror, not to mention uneconomic. Thats why they plan to have it tiled. But all the tiles do make up the mirror for one large telescope. Cheers
I believe that the Ministry for Ag and Fish and local councils have used satellite imagery to detect stock movement across roads, and have prosecuted farmers where they haven't gained appropriate resource consents. Just had a quick look for references, but wasn't able to find any.
In NZ once you have been charged with certain offences, then under the Companies Act you are not allowed to become a director of another company. The Govt maintains the list of company directors. Don't know how US law handles it. But I imagine its fairly generic. Everyone starts with the right to own a business, but if you commit personal crimes, or are convicted of crimes in a business then you lose all rights to run a business. Seem pretty fair to me.
Region coding is already illegal elsewhere... I believe that New Zealand is one place.
Not unless somethings changed recently. We're still Zone 4 here as far as I know. We have had a solid chipping industry and most played are set to Zone 4. My player is zone 4.
Cheers RedIguana
is when a device similar to this is used by govt to do say a time-and-motion study for the government statistics department.
In New Zealand we have the Statistics Act 1975 which places a legal requirement on any citizen to answer questions that the statistician requires. Whilst this law is here for a good reason, and the statistics can be used for good purpose, like anything there is the potential for abuse. Think of being legally required to wear a modified device such as this in 10 years time, and through GPS and emitters in buildings (since GPS doesn't work too well indoors) - 'This building is ANZ bank, 123 Main St, Christchurch, New Zealand' would be able to do a comprehensive time-and-motion study on citizens.
Would that much detail be useful to politicians? Is there potential for the system to be abused? And naturally there would be big fines for screwing up data collection or destoying the collecting device.
Just a few thoughts... RedIguana
I'm sorry, it sounds cool but it has many problems in my mind.
1. Lack of Transparancy. I don't like the idea of something that runs at a priviledged level or modifies my system without my permission. Do I get a chance to view the source code before it patches to ensure its good intent?
2. MAD. This will start a war of attrition. Worms scanning and invading systems. How long before a worm says 'if I can't have it - neither can you!' and wipes the hard drive.
3. Evolution. This will cause mutation in the malignant worms that will make it harder for patches to be created. Think anti-bacterial resistance.
4. Automation. People say this is great and automated and the admin doesn't have to even wake up. What would happen to the Internet if Windows automatically installed patches without your permission? Just think of all those IIS sites disappearing when the service pack screws up and no-ones there to monitor it! Hang on, perhaps thats not such a bad idea :)
The risks in my mind really outweigh the potential rewards. The only people who see this as cool are those who are too lazy to have some form of management process to maintain their security.
I do like a system similar to the MSFT update whereby my installed software is audited, and I am notified of any patches available, and then given the options to read, and install the patch - if I chose.
Cheers RedIguana
Ummm, did anyone consider that perhaps MSFT may cut off direct hardware access thereby not allowing any rippers direct access to the CDROM drive. Perhaps not possible with 9x, but it would be with an NT kernel. After all, why does the end user need raw access to the CDROM?
You would then be forced to go through an API to access a CD. The API itself will do the encoding and then pass on the result. The API would only support those codecs that MSFT allows to be plugged into the architecture. No MP3, no OGG.
This would fit in very nicely with the plans to have end-to-end encryption in all media devices. It would probably be enough to stop the average end user.
Of course it may be possible to hack, but I wouldn't want to be doing that in MSFT's house of cards. I'm sure they could set it up so that your system becomes very unstable if you install a hacked API. Oh wait, perhaps they are already doing that ... :)
... but would it get rid of foot and mouth?
If you read a bit about Jeff Bezos background, you will know that a driving passion for him is to improve the consumers experience. Perhaps IT is something that is good for consumers, and bad for other industries. Why not use Jeff as an IT champion? He is certainly has a high enough profile and has little problem going against the grain.
Yes, thats right. We are actually a pretty good country to live in. Why do I like it here?
Some downsides exist
All in all it presents a great lifestyle here, sure there aren't as many opportunities as the US, but the lifestyle more than makes up for it.
Australia is a great country too, but they have much stronger unions, and some stupid legislation :) I'd prefer to live in Sydney over Auckland any day though.
Oh, and being in the temperate zone, we don't get the lows your are talking about, perhaps 0 C, and in Christchurch where I live up to 30-35 C in summer. Quite pleasant and not really life-threatening. :)
Cheers RedIguana
PS Yes I've travelled to quite a few countries, and have friends in many of them, including US, Canada and the UK. NZ still offers the best lifestyle.
It now seems that we have two people with knowledge of the content, but the author has only been paid once.
So what?
The very nature of publishing something is to make something public. Sure its going to spread across public knowledge, and you aren't going to be able to charge for every copy.
All that is happening is you are paying a premium for being one of the first to read the book, and possibly gain an advantage over anyone else who hasn't read it yet.
People are not being charged for the books content, they are being charged for timely access to the books content.
Face it, books devalue, and so does the price people pay for them. Its like everything else in life.
And it probably came from the little green men peeing in their corner of the universe.
Didn't you read the article? It said the most interesting planet orbits epsilon Reticulum. According to Mulder, they will be gray because of the iron deficiency in their galaxy :)