Just think of the dating possibilities!
on
Mid-Air Messaging?
·
· Score: 2, Interesting
Just think of the dating possibilities!
You go into a bar... See an attractive woman, go to strike up conversation, perhaps buy her a drink... Your phone bleeps, displays:
"Don't even think about it creep... My boyfriend's a 270 lb bodybuilder"
... Ah, the pain you've saved yourself!
Besides, there's a lovely lass alone in the corner, with the simple message:
True... If that were what was happening.
My understanding is that none of the recent worms incorporated the source code made public in the exploit announcement. I even seem to remember Bruce Schneier blasting the publicist of said code for one worm, only to apologize in the next issue of his Crypto-gram newsletter that the code of the worm and the code of the sample exploit had no useful similarity.
The blackhats know this stuff, and have the exploit softwate available underground before the exploits hit bugtraq. On the other hand, with the exploit code _I_ can at least test to see if the available patch fixes the problem.
Then there is the issue of urgency... How many security flaws have been discounted as 'theoretical' or impractical until coupled with exploit code (remember lophtcrack, many of the early IIS exploits)? I still think the software developers should be given some lead time before the exploit is published, but without some means of incentive, I fear inaction...
Interesting that congress seems to be working at cross-purposes to itself (but then what else is new...):
On the one hand, it is looking for ways to increase the ability to view the contents of encrypted messages. On the other hand it is trying to decrease our ability to research methods of decryption...
In the present (and near future) climate, I wonder which will win out?
Given the 'new reality' after the WTC, I would think that Congress would be putting whatever efforts they could toward research that increases what they would see as the intelligence community's ability to monitor terrorist communications.
Please, someone remind me of my Physics 2 notes, here...
I seem to remember that a good deal of energy was wasted in electrical transmission. Let's see... a quick search on Google gives us this link with some formulas and a note that:
" Line loss can be quite large over long distances, up to 30% or so. "
Given that we seem to be trying to transmit our power over ever increasing distances (California, anyone:-) -- high-energy laser transmission over holey fiber sounds like an interesting idea. Some questions though:
How much energy would you use in transforming back and forth between laser and electrical?
Could you deploy a system before it was made obsolete by high-temp superconductors?
How bad would it suck if someone pulled the line a little too tight, and fractured the glass just enough to cause a meltdown?:-P
Yah, it's probably a stupid idea... but maybe an interesting stupid idea!
Bravo!
I've been wondering why the media has completely ignored this line of reasoning. Every report I've heard points fingers at everyone except the wholesale producers.
Hmmm... While I agree with the idea that perhaps more people should be checking out the source code of the open source apps they use, I think you missed the point.
The backdoor was introduced in the commercial version of the software. It's only now that it is open source that we could even see the error. The people paying for the 'presumably...high-quality app' you extoll the virtue of were receiving the backdoor-enabled product.
Rather than being a failure of open-source software, I'd say this one was a sucess. I only wonder what other kind of 'crap' exists in all those apps whose sources are closed.
The company I work for has approx 1500 users accessing mail via Exchange. The only outage we had is when we built a new server with 8 Xeon 700's, 2.2GB ram and a half TB of storage.
Hmmm... Hate to say it, but it says a lot when you need this kind of hardware for a mere 1500 users' email/scheduling;-)...
On a less ironic note, we tend not to recommend Exchange unless you really need and plan to use the scheduling/workflow functions built into Outlook/Exchange. Even then, working with the Exchange object database is a pain -- not to mention the multitude of stupid 'gotchas' Microsoft ends up leaving in their systems: For instance, does anyone know if Microsoft has fixed the 32k/user limit on email processing rules on Exchange 2000?
Someone whent somewhere, and all they left me was this stupid sig...
Slashdot Mirror
You could try w3mir
Tho I never told ya...
Besides, there's a lovely lass alone in the corner, with the simple message:
True... If that were what was happening.
My understanding is that none of the recent worms incorporated the source code made public in the exploit announcement. I even seem to remember Bruce Schneier blasting the publicist of said code for one worm, only to apologize in the next issue of his Crypto-gram newsletter that the code of the worm and the code of the sample exploit had no useful similarity.
The blackhats know this stuff, and have the exploit softwate available underground before the exploits hit bugtraq. On the other hand, with the exploit code _I_ can at least test to see if the available patch fixes the problem.
Then there is the issue of urgency... How many security flaws have been discounted as 'theoretical' or impractical until coupled with exploit code (remember lophtcrack, many of the early IIS exploits)? I still think the software developers should be given some lead time before the exploit is published, but without some means of incentive, I fear inaction...
Interesting that congress seems to be working at cross-purposes to itself (but then what else is new...):
On the one hand, it is looking for ways to increase the ability to view the contents of encrypted messages. On the other hand it is trying to decrease our ability to research methods of decryption...
In the present (and near future) climate, I wonder which will win out?
Given the 'new reality' after the WTC, I would think that Congress would be putting whatever efforts they could toward research that increases what they would see as the intelligence community's ability to monitor terrorist communications.
In any case, they can't have it both ways.
I seem to remember that a good deal of energy was wasted in electrical transmission. Let's see... a quick search on Google gives us this link with some formulas and a note that:
Given that we seem to be trying to transmit our power over ever increasing distances (California, anyone:-) -- high-energy laser transmission over holey fiber sounds like an interesting idea. Some questions though:
How much energy would you use in transforming back and forth between laser and electrical? Could you deploy a system before it was made obsolete by high-temp superconductors? How bad would it suck if someone pulled the line a little too tight, and fractured the glass just enough to cause a meltdown? :-P
Yah, it's probably a stupid idea... but maybe an interesting stupid idea!
Someone please moderate bughunter's post up...
The backdoor was introduced in the commercial version of the software. It's only now that it is open source that we could even see the error. The people paying for the 'presumably...high-quality app' you extoll the virtue of were receiving the backdoor-enabled product. Rather than being a failure of open-source software, I'd say this one was a sucess. I only wonder what other kind of 'crap' exists in all those apps whose sources are closed.
Hmmm... Hate to say it, but it says a lot when you need this kind of hardware for a mere 1500 users' email/scheduling ;-)...
On a less ironic note, we tend not to recommend Exchange unless you really need and plan to use the scheduling/workflow functions built into Outlook/Exchange. Even then, working with the Exchange object database is a pain -- not to mention the multitude of stupid 'gotchas' Microsoft ends up leaving in their systems: For instance, does anyone know if Microsoft has fixed the 32k/user limit on email processing rules on Exchange 2000?
Someone whent somewhere, and all they left me was this stupid sig...