I think it it's "if you can't beat 'em directly on the field of battle or if you can't buy them out, see if you can choke off their logistical support". People will run from hosted Moodle because Blackboard now runs it (and starves it of good support/innovation). Then some genius administrator who holds purse strings will say "Hey, how about we host with Blackboard!?!?!"... Not that I've ever seen any thing similar to that happen.
People throw around the term 'secure' all the time... what does that mean in this instance?
Does the OS keep apps away from data they shouldn't have access to? Does its browser have the best track-record on drive-by's etc.? Does it mean it has/hasn't been exploited in the wild or not (e.g. Safari is riddled with security problems, but how often is it pwned in the wild?)? Do you want to be able to click links wildly and not get infected (and unicorns and rainbows)? Good security policies and enforcement of them? Criteria for/review of apps in the mobile stores/markets?
So... what does secure mean for you? Define that and then try ask slashdot again later.
I know this is/. and everything typically has to be boolean/polar, but how about some more processing before rendering a knee-jerk yes|no and running to the high ground of your position...
Ask the interviewer "Can you tell me what reason you need to see a personal account of mine such as Facebook?" If you're on track to a high-profile position, support of one or one where security is paramount, they may have a reason. I mean... I know no politicians or folks in the public sector have done inappropriate things such as maintained inappropriate relationships or done shady business using just such accounts, but hey... it just might happen someday, right!?!?!? So... they may have a good reason to ask from their side. Some jobs do require background checks. This could be filed under that. That doesn't mean you have to give it to them. It just means that they have a [potentially valid] justification for it. If it's a wal-mart greeter position, I go report them to corporate and/or file a lawsuit. If it's part of the foreign service officer application process with the state department.
Ask/point out that you are uncomfortable with exposing friends/families information (as well as your own). Again, a security/background check may trump that anyway (if it's a condition of the job). While it's a policy, the human in front of you may actually consider that point.
Ask "How do I know what I show you will be kept confidential?"... "Is any of this recorded digitally?"... "May I ask how this factors into your selection process?"... maybe even without being argumentative.
Maybe even ask them... "Don't you wish you could forget all the inane* conversations/posts/etc. that you've seen doing this?"
Then... if you don't get the job, ask "Can you tell me why I didn't get the position". If you feel it was related to one of your (or your friends') inane posts on facebook and/or it's discriminatory (e.g. they didn't hire you because they saw photos of you with blond hair on your facebook timeline and they don't like people who dye their hair)... go for your lawyer... or move on to a different job interview.
*Because yes, there is a whole heck of a lot of inane stuff on Facebook.
... on it's security-hole-riddled history, javascript in the browser (XSS) is also a favorite attack vector. But at least it is a little less black-boxish.
For security sake, maybe we should just go back to punch cards!?!?!?
>> However, even if the hackers got the algorithms for how that works it still wouldn't help them because the algorithm again uses a set of private data (keys) for each installation. The hackers would have to get that data along with the algorithm they presumably have now.
True enough... but people do dumb/lazy/forgetful things with key files all the time. They have to traverse it from one server to another etc. and leave a copy on a desktop, file share or the like (they intended to delete it when they were done, but some other thing came up and got their attention). Maybe they use a copy of production in a lower-security environment (test/dev). Happens all the time.
1) If you are a security researcher, do you want to win/pwn the MacBook Air or some random brand Winders notebook? To me, the Mac is the bigger/more fun target in an event like this.
2) From TFA: *He said the creation of a reliable exploit was “much more difficult” than finding the vulnerability.'* Yes, Macs are not safe, but the crack was also not trivial. Something tells me they didn't come up with it on the spot.
3) From TFA: *Bekrar said VUPEN plans to hit Internet Explorer 8 on 64-bit Windows 7 (SP1) later in the contest.* Well, we can see where they focused first.
4) 'Mac goes down first' is a much cooler headline than 'Sec. team puts all their effort into cracking Mac first, Will try Windows next'
Yes, there are such stories in the Bible. What level of detail do they rise to? I haven't read the stories referred to in TFA (and don't want to), but my guess is they are a little more detailed than the instances referred to in the Bible... and yes, that does make a difference for many people. Also, what light those acts are painted in is relevant.
Keep in mind that the Bible *recounts what happened* and what happened to those people subsequently... with the intent that we learn correct behavior for ourselves as a result. It is a history and not fiction. For someone to write fiction about such acts, they have to dwell on them a bit in their mind and dream it all up to be able to write it down... is that a pleasant/ good thing? Not IMHO.
Granted, some will posit that the Bible is fictional... not my conviction.
Censorship seems to have become a bad word. Censorship can be good or bad. We use Netflix parental controls to 'censor' what our children might be exposed to... intentionally or inadvertently. I (amongst others), see that as sound parenting practice, others may not. You could argue whether or not amazon removing a product is even 'censorship'. To some it is good, to some it is bad. If your tax money were running Amazon, then you might have a real complaint. As it is, vote with your feet and/or your money.
If you really have the need for books about incest and pedophilia, go buy them from whomever sells them. If you want Amazon ( or Borders or your library or whomever) to carry them, request it from them. I don't, so I'm fine with this [apparently evil] form of censorship.
Maybe their method for review/censor is over-simplistic or just plain inconsistent. But their choice of what they sell is just that... their choice. As is your choice yours on where and what to buy.
>> Doesn't sound any more privacy invading than what On-star advertises that they will do with your Cadillac if you report it stolen.
Good point. And while it could be argued either way I'm sure... it's also good indicator of prior art, no?
Good point. The teacher and support tech may still have no clue how to support them when something goes awry, but it's school... so it's a learning opportunity then, right? Which could also be said for using a new OS, right? But nobody's complaining about about learning opportunities here, they're complaining about that fact that Mac's prices are a little higher.
Right... there should be a choice. The parent post said *Windows* (OS), not x86 or x86_64 (which Apple is anyway). The point is that when choice was taken away with Windows as OS (has been done both ways plenty of times), nobody's making a stink. Same argument... different product. Reality is that it's either the folks supporting or making the deal/controlling the money that are making the call and it happens both ways (but a stink usually gets raised when it's Apple... fact, not rant).
And.. "using a cross-platform system (opensource, web-based, etc)" also induces support costs, learning curve, complication factors in/out of the classroom. Do you want to support or be the teacher where you have 30 students... - 15 with malware-infected Windows using a mix of MSWorks, Open Office and MS Office - 8 with relatively clean Windows systems. same mix of apps - 4 with Macs running another variety of Apps - 3 with Ubuntu (or other linux variant) using an even more potentially obscure (to you as teacher) variety of apps
One could argue that that's how this 'real world' of which people seem to speak is. In the 'real world' people also make decisions such as which kind of computer you are going to use at your [school]work. Personally, I always thought school was part of this 'real world' thing.
Save your vitriol, but put it in the fridge, not freezer. Remember, that suits like this are encouraged by the fact that others have won or at least settled on other absurd claims.
Correction on the department categorization: *america-amazes-me-sometimes* dept should be *because-americans-have-become-a-bunch-of-litigious-ninnies* dept
But yet a malformed article (title and content), one which inappropriately attributes a windows backdoor (targeting iPad owners) attack as being aimed at the iPad itself, *did* get approved/promoted as if it were an Apple iPad Security Vulnerability. The said Apple-Fanboy-Slashdotters must be asleep or have also been back-doored or abducted, eh?
Slashdot Mirror
*... Could Destabilize the Internet*
This starts off on a flawed assumption, that the internet is stable.
REALLY?!?!?! ... REALLY!!!??!?!?!
Two words: Leopard ... spots
I think it it's "if you can't beat 'em directly on the field of battle or if you can't buy them out, see if you can choke off their logistical support". People will run from hosted Moodle because Blackboard now runs it (and starves it of good support/innovation). Then some genius administrator who holds purse strings will say "Hey, how about we host with Blackboard!?!?!" ... Not that I've ever seen any thing similar to that happen.
People throw around the term 'secure' all the time ... what does that mean in this instance?
Does the OS keep apps away from data they shouldn't have access to? Does its browser have the best track-record on drive-by's etc.? Does it mean it has/hasn't been exploited in the wild or not (e.g. Safari is riddled with security problems, but how often is it pwned in the wild?)? Do you want to be able to click links wildly and not get infected (and unicorns and rainbows)? Good security policies and enforcement of them? Criteria for/review of apps in the mobile stores/markets?
So ... what does secure mean for you? Define that and then try ask slashdot again later.
The specific case from the article wasn't asking them for their password, but that's another good question angle.
This line of logic assumes that showing FB pages contain a bunch of embarrassing and undignified content/activities ...
Cant really come up with an argument there ... Great point! ;-)
I know this is /. and everything typically has to be boolean/polar, but how about some more processing before rendering a knee-jerk yes|no and running to the high ground of your position ...
Ask the interviewer "Can you tell me what reason you need to see a personal account of mine such as Facebook?" If you're on track to a high-profile position, support of one or one where security is paramount, they may have a reason. I mean ... I know no politicians or folks in the public sector have done inappropriate things such as maintained inappropriate relationships or done shady business using just such accounts, but hey ... it just might happen someday, right!?!?!? So ... they may have a good reason to ask from their side. Some jobs do require background checks. This could be filed under that. That doesn't mean you have to give it to them. It just means that they have a [potentially valid] justification for it. If it's a wal-mart greeter position, I go report them to corporate and/or file a lawsuit. If it's part of the foreign service officer application process with the state department.
Ask/point out that you are uncomfortable with exposing friends/families information (as well as your own). Again, a security/background check may trump that anyway (if it's a condition of the job). While it's a policy, the human in front of you may actually consider that point.
Ask "How do I know what I show you will be kept confidential?" ... "Is any of this recorded digitally?" ... "May I ask how this factors into your selection process?" ... maybe even without being argumentative.
Maybe even ask them ... "Don't you wish you could forget all the inane* conversations/posts/etc. that you've seen doing this?"
Then ... if you don't get the job, ask "Can you tell me why I didn't get the position". If you feel it was related to one of your (or your friends') inane posts on facebook and/or it's discriminatory (e.g. they didn't hire you because they saw photos of you with blond hair on your facebook timeline and they don't like people who dye their hair) ... go for your lawyer ... or move on to a different job interview.
*Because yes, there is a whole heck of a lot of inane stuff on Facebook.
That might work for 3 weeks or so until FB automatically resets permissions to default-world-viewable and you have to manually fix them again.
We see how that worked out for Sauron, right!?!?!
... on it's security-hole-riddled history, javascript in the browser (XSS) is also a favorite attack vector. But at least it is a little less black-boxish.
For security sake, maybe we should just go back to punch cards!?!?!?
>> Once you pass a certain point, people become far more vulnerable than technology, so improving the technology won't help security.
BINGO!!
>> However, even if the hackers got the algorithms for how that works it still wouldn't help them because the algorithm again uses a set of private data (keys) for each installation. The hackers would have to get that data along with the algorithm they presumably have now.
True enough ... but people do dumb/lazy/forgetful things with key files all the time. They have to traverse it from one server to another etc. and leave a copy on a desktop, file share or the like (they intended to delete it when they were done, but some other thing came up and got their attention). Maybe they use a copy of production in a lower-security environment (test/dev). Happens all the time.
**You misinformed, willfully ignorant and delusional Fanboi's are the reason people on / . hate Macs**
Now I remember why I love to read /. ... the kind, well-spoken base of users that provide for such stimulating conversation.
PS - I run Ubuntu at home.
1) If you are a security researcher, do you want to win/pwn the MacBook Air or some random brand Winders notebook? To me, the Mac is the bigger/more fun target in an event like this.
2) From TFA: *He said the creation of a reliable exploit was “much more difficult” than finding the vulnerability.'*
Yes, Macs are not safe, but the crack was also not trivial. Something tells me they didn't come up with it on the spot.
3) From TFA: *Bekrar said VUPEN plans to hit Internet Explorer 8 on 64-bit Windows 7 (SP1) later in the contest.*
Well, we can see where they focused first.
4) 'Mac goes down first' is a much cooler headline than 'Sec. team puts all their effort into cracking Mac first, Will try Windows next'
Yes, there are such stories in the Bible. What level of detail do they rise to? I haven't read the stories referred to in TFA (and don't want to), but my guess is they are a little more detailed than the instances referred to in the Bible ... and yes, that does make a difference for many people. Also, what light those acts are painted in is relevant.
... is that a pleasant/ good thing? Not IMHO.
... not my conviction.
Keep in mind that the Bible *recounts what happened* and what happened to those people subsequently... with the intent that we learn correct behavior for ourselves as a result. It is a history and not fiction. For someone to write fiction about such acts, they have to dwell on them a bit in their mind and dream it all up to be able to write it down
Granted, some will posit that the Bible is fictional
Censorship seems to have become a bad word. Censorship can be good or bad. We use Netflix parental controls to 'censor' what our children might be exposed to ... intentionally or inadvertently. I (amongst others), see that as sound parenting practice, others may not. You could argue whether or not amazon removing a product is even 'censorship'. To some it is good, to some it is bad. If your tax money were running Amazon, then you might have a real complaint. As it is, vote with your feet and/or your money.
If you really have the need for books about incest and pedophilia, go buy them from whomever sells them. If you want Amazon ( or Borders or your library or whomever) to carry them, request it from them. I don't, so I'm fine with this [apparently evil] form of censorship.
Maybe their method for review/censor is over-simplistic or just plain inconsistent. But their choice of what they sell is just that ... their choice. As is your choice yours on where and what to buy.
It Leared from the internet folks ... of course it *leared*.
... in a split decision, vi wins. Oh wait ... wrong holy war!
>> Doesn't sound any more privacy invading than what On-star advertises that they will do with your Cadillac if you report it stolen. ... it's also good indicator of prior art, no?
Good point. And while it could be argued either way I'm sure
... Or you could just anonymously hand it over to wikileaks ... They'll be sure to redact the names of your variables so they don't get hurt. ;-)
Good point. The teacher and support tech may still have no clue how to support them when something goes awry, but it's school ... so it's a learning opportunity then, right? Which could also be said for using a new OS, right? But nobody's complaining about about learning opportunities here, they're complaining about that fact that Mac's prices are a little higher.
Right ... there should be a choice. The parent post said *Windows* (OS), not x86 or x86_64 (which Apple is anyway). The point is that when choice was taken away with Windows as OS (has been done both ways plenty of times), nobody's making a stink. Same argument ... different product. Reality is that it's either the folks supporting or making the deal/controlling the money that are making the call and it happens both ways (but a stink usually gets raised when it's Apple ... fact, not rant).
And .. "using a cross-platform system (opensource, web-based, etc)" also induces support costs, learning curve, complication factors in/out of the classroom. Do you want to support or be the teacher where you have 30 students...
- 15 with malware-infected Windows using a mix of MSWorks, Open Office and MS Office
- 8 with relatively clean Windows systems. same mix of apps
- 4 with Macs running another variety of Apps
- 3 with Ubuntu (or other linux variant) using an even more potentially obscure (to you as teacher) variety of apps
One could argue that that's how this 'real world' of which people seem to speak is. In the 'real world' people also make decisions such as which kind of computer you are going to use at your [school]work. Personally, I always thought school was part of this 'real world' thing.
Here's your "choice" ...
Pay me now | Pay me later
(And no, there is no sarcasm being used at all.)
.... could have been quite a bit of it loaded in there.
Shows great restraint or highlights just how settled we are with mediocrity
Save your vitriol, but put it in the fridge, not freezer. Remember, that suits like this are encouraged by the fact that others have won or at least settled on other absurd claims.
Correction on the department categorization: *america-amazes-me-sometimes* dept should be *because-americans-have-become-a-bunch-of-litigious-ninnies* dept
But yet a malformed article (title and content), one which inappropriately attributes a windows backdoor (targeting iPad owners) attack as being aimed at the iPad itself, *did* get approved/promoted as if it were an Apple iPad Security Vulnerability. The said Apple-Fanboy-Slashdotters must be asleep or have also been back-doored or abducted, eh?