A piece of draft legislation prepared by the UK Government supposedly for Social Security, has in version 1 para 59 and version 2 para 61 unlimited powers for the Secretary of State for Social security to have complete and unlimited access to ALL MEDICAL RECORDS of everyone in the UK without any safeguards. This in effect means that every department of government has access to every medical record whether on paper or digital media. Just imagine how much the pharma' industry would pay for such valuable info and not just the UK pharmasutical industry - to have a whole nations complete medical history and DNA profile would be priceless, especially to the insurance industry! Privacy and the CCTV cameras in public places pales into insignificance.
The tools are available! RSRE Malvern now part of DERA (UK DARPA) released them some years ago as an open standard for static testing which is used world wide to verify critical systems. I assume it is on the Net but I can't find the URL.
Place: England: Time: a few hours after Pearl Harbour.
W. S. Churchill (British Prime Minister) to Japanese Ambassodor: "Mr Ambassodor, please convey to your government that a state of war exists between the United Kingdom and The Empire of Japan. I wish you a safe journey home." (Ambassodor exits, stage right).
U.S. Ambassodor to The Court of St. James (sitting next to Churchill) to Brit PM: "Mr Prime Minister I don't understand, you have just issued a declaration of war to the Ambassodor in the politest terms and wished him a safe journey home?
Churchill to U. S. Ambassador: "Mr Ambassodor, it does no harm to be polite to a man you are about to kill."
What 'kin standards?? Even HTML is not universely standardized - infact a very famous person we've heard of has a personal site/home page that is not standard HTML. If the 'Glitteraty' of the computer world get it wrong, what about your average Joe? This sounds somewhat like "Embrace and Extend". Has M$ taken over the Web while I wasn't looking?
Further clarification: 1. KELVIN does not have a plural, just Kelvin or K. 2. 0(Zero)K = -273.16 degrees Celcius (C)(1742), -459 degrees Fahrenheit (F) (1709), -219.2 degrees Reaumur (R) (1730) and -411 degrees De Lisle (D); I forget the date. For example, Nitrogen is liquid at 77K.
This *news* is nearly a year old. The patent process is ongoing and IP licensing should start this year. Forget about buying into this invention - UK universities are public bodies.
This is an important point but you should be aware that the Security Service of the country concerned would automatically be suspicious of 1k+ keys. 56bit and 128bit keys are not difficult to solve: What are you protecting? and from whom? If your co-workers are concerned about the State organs then I would suggest that it is easier and less time consuming for the State to raid the office/home of your co-workers and recover their PCs/documents - drawing attention to themselves by lengthy encrypted transmissions will be a self defeating object. Sometimes NO security is a better cover than any security at all. If they just need to know emails are from you then the excellent suggestions above will suffice; if on the other hand security of the content of messages is imperative I would recommend that you consider obfuscation or some of the other measures used to send encrypted messages covertly. As a foot note you should be aware that in the former soviet union 'paranoia is in the Levi's', it's how people survived from Stalin's purges onward and it is how the state exerted control; using the principle that if the population are so paranoid that they will not speak to anyone then they cannot plot against the state!
I resemble that remark! I was sent away to school at 8 yrs and 8 to 12 were the most unhappy years of my life. The only advantage was that I did'nt have to try to hide at the back of the class room and I didn't have to get answers to questions wrong just to seem ordinary like everyone else. Admittedly this was in the '50s and the teaching skills used on gifted children were experimental and single sex, no girls! If the masters had to write a major dissertation on children they would have had difficulty in filling the back of a postage stamp. I missed my dog, playing with my toys and my friends and yes the development of my social skills suffered greatly. There was no fun in life anymore. Baiting teachers was the only passtime that lessened the boredom and missery. The answere for me was to fail the two examinations 11 year old children take in england - common entrance (for Public School, private school in the US) and the 11 plus for entrance to Grammar School, (High School as opposed to trade school). From 12 to 14 much of my time was spent with psychiatrists and psychologists. At 14 I went to an ORDINARY boarding school and had the best time of my life. There was no pressure to perform, there was lots of sport which I loved, No ancient greek or latin and many outdoor persuits but most importantly I met the man who changed my life. He understood children "When talking to carpenters, use carpenters metaphors", but most supprising for me was that he understood ME. I still laugh when I think about the first time we met, within a few minutes he had my number as we say. he wasn't going to take any shit and he had a mischievious twinkle in his eyes which said something like "Just make my day boy!" He was the Master of Studies and senior mathematics master, Harry Patterson. For the first time math was fun, not just easy and in a class of 'three' we seemed to do more laughing and joking than math and my love of Euclid grew (not in the Greek sense, you understand) to such heights that every day was a challenge to find alternative proofs. Harry was not only a good math teacher but was a very experienced and able engineer who had retired early. Problems in math often became solutions in life and so life became fun - at last! I graduated at 16 having stayed on a whole year to retake english (twice). That was the only time I graduated on any level and just for Harry's sake. BSc Mech Eng failed to graduate; Marine Eng Dipl, failed to graduate; BSc (two) Math, failed to graduate; MBA, failed to graduate. And my career? 22 years as a Political Science analyist. As Will said in Good Will Hunting, "I don't know why I can do math, I just can". Is there a moral to this story? Yes, don't just do what you can, do what you enjoy and is fun. Childhood is short enough, don't put away the childish things too early because the is no second chance.
representing the 5.5 Billion users worldwide outside the USA. The words 'Tea', 'Boston' and 'No taxasion without representation' paint a picture of almost total hipocracy coming out of a US Government Institution. 'Third World' and for that matter 'First World' countries are asking themselves IF ICANN had a constitution could they be relied upon to have a voting system that was not only workable but also democratic. The fact that as currently constituted ICANN is a self-appointed dictatorship which the vast majority of informed net users outside the US find utterly distateful particularly as many of them are often lectured by the US on matters of democracy. That said, it comes as no supprise that ICANN is totally flawed because it was set up by a system of partisan interest which cannot organise itseld better than the worlds largest democracy (India) yet with less than one third of the population. Unless ICANN gets it's act together and very quickly the Declaration of Net indepandance will have the name of a NewZealand lawer at the top of the list and not John Hancock and DNS will exist no more.
The world (plus dog) is currently being reminded by the US media that the US of A is "the worlds greatest democracy" - vis, the Presidental elections. What chance of a QUANGO (of dubious Constitutional legality) taking note of the will of "We the People" or being organized any better????
Even if PKI were to be a satisfactory solution for the protection of transmitted information, as a concept and less in its implementation, its main value is to instill a falce sence of security amongst sysadmins and users alike. The current vogue for solving public crypto problems seems to reinforce the idea that cryptography is an end in itself. Information in the public domain informs us that EVERY electrical and electronic item radiates energy in the electromagnetic spectrum. This radiated energy can easily be intercepted either directly (in the case of a VDU) with a high gain, directional antenna, a television receiver and $50 spent wisely at Radio Shack or indirectly on any conducting medium. One does not require "every computer on earth processing for 1000 years to break xxx crypto system" when the information one requires access to is to be found on the hdd of computers to be found in the garbage skip of almost any organisation or corporation one could name. In the days when Mainframe and mini computers were the norm, computer scientists, engineers and programmers unfortunately coined the phrase "Computer Security" when they meant data security, in reality 'Data Integrity' this lack of clarity has lead to almost but not complete activity in the real security field and a belief amongst end users that 'secure data processing' is something that it is not. The truth of the matter is that then as now the principal interest of the computing community is in having the first, the fastest. the biggest, the most reliable, the biggest bang for the buck, etc. Any consideration of the security of information is an afterthought usually in the form of a material or software band-aid. I am not just talking about the PC on which you are reading this comment but also the most sophisticated systems at the highest level and in the most secret parts of any government. As an engineer I can understand the concerns of the designers and engineers about crosstalk, signal to noise ratio and many, but nowhere near all of the other factors to be considered in the creation of a computing platform but is information security the fundamental consideration? No, of course it isn't and why? because information security is not a fundamental and the primary consideration of governments and corporations large and small - not even corporations involved in the provision of security to others at great cost to the recipient and profit to stock holders. PKI like any other product which purports to enhance security is nothing more than the computing version of the Band-Aid and like the Band-Aid we place over a wound is no guarantee of protection from infection because the flora and fauna on the skin is already under the Band-Aid.
Re:See what happens when you rely on NT
on
Microsoft Cracked
·
· Score: 1
Not wishing to trade belittling comments I humbly suggest that an AIR GAP is the only EFFECTIVE solution
Re:/. edit box (Was: See what happens when you...)
on
Microsoft Cracked
·
· Score: 1
My text editing with Mozilla is incompatible with/. or CR/LF gets lost somewhere in cyberspace:-((
Contradicts EU law where dissasembly and patching for legitimate purposes is legal. This is intended to protect the EU against US software companies holding them to ransom by not allowing interoperation of different software packages. Get your copy of IDA Pro - www.datarescue.com before it is ruled illegal.
but continually striven for. Espionage operations have been directed at corporations large and small for 100 years or more. To be successful espionage by its very nature must be clandestine - that is not be discovered by the target. In the case under review it should be possible to reconstruct the content of the laptop and make a Risk Assessment of the damage the information would cause the the business if it were in the hands of its main competitors. The recipient of the information will know that the laptop will be missed and that the owner of the information may (if he knows what he is doing - which does not sound very likely) take 'Counter Compromise' action. This action will depend on the type of information held on the laptop. Some corporate information is Time and Price sensitive - e.g. quarterly or annual financial results for which corporations have a responsibility to amongst others the S.E.C. who take a very dim view of 'incorrect disclosure'. In such a circumstance Counter Compromise action is not possible because the information cannot be changed or denied. In this case the SEC would have to be informed and the reletive information be released to the public domain as quickly as possible. Corporate strategy and plans can always be changed but at a price and that price may be in the short term the difference between market leader and nowhere. This takes us back to the first point of stock price sensitivity!
Security as an holistic activity. Encrypting the data on a laptop is not the answer as that data will be stored elsewhere within the enterprise. Having the most sophisticated form of Log-on and authentication to a computer system is useless if the OS is insecure, the computer is connected to the outside world, as 'point to point', WAN, Extranet, etc., the disks or backup tapes are accessible and can be copied. EXAMPLE. In the '60s one of the worlds major airlines devised a software application that would allow any travel agent anywhere in the world to book any flight from any where to anywhere else using a simple ASCII terminal. No other airline was anywhere near a solution and most had not even thought of the idea. Thieves broke into the airline computer centre, connected the computer on-line, dialed into their own computer and dumped the source code. At least one of the thieves was caught and charged with 'Breaking and Entering' (they broke a pane of glass) and the theft of ELECTRICITY. The source code was an intangible not recognized in law and although it was priceless to the airline which developed it, it had no monetary value in law. That was the '60s and the legal situation has changed but what has not changed is THE GREATEST THREAT TO SECURITY. It is not the CIA, the FSB, MI6, BND, NSA or any other combination of letters. The greatest threat to security remains the widely held belief that no threat to security exists. Once the President, Board and CEO are convinced that there is a threat to corporate security and they are willing to allocate 'Land', 'Labour' and 'Capital' (approx 10% of infrastructure projects) and convincingly educate all employees then a security process can be started by asking three questions: 1. What are our valuable assets, (tangible like data centres and intangible like information)? 2. Who wants them? 3. How can they get them? From these thre questions everything else flows. Answers raise more questions and the answeres to those questions raise yet more questions. Security, like any other corporate activity, is dynamic and all the accepted management skills from forcasting to sales apply whether it is securing Personnel, Materiel (buildings, computers, etc) or Information. Security can never be absolute - anything designed by man can be overcome by man given the TIME. Time is what effective security will gain for the defender - time to detect any attack, time to respond to the attack and time to neutralize the attacker. When it works effectively attackers are detered and CFOs invariably say "Why are we spending all this money when there are no attacks" and we have come full circle to the falacy that "There is no threat to security".
Regards Gatekeeper (retired)
PS. Unless things have recently changed radically in corporate America it is extreamly likely that the CIO had the laptop with the most bells and whistles and how many laptops can a guy covert? Some years ago I had a media client that was loosing one top of the range Compaq portable per week for ten months before we were called in to advise. We placed electronic ID tags in all the replacement portables and covertly monitored their movement in and out of the building. Every day a senior executive left the building at lunch time with a portable. Some days he brought it back to the building and sometimes not. One day he left the building with a portable which had been tagged and as his portable did not have a tag, it was not his portable. When he returned he had no portable. When the portable was not returned by the following day the details were passed to the local law enforcement agency who tailed him to his accomplices and arrested them. He had removed over $160,000 of portable computers because the security guards were looking for a stranger or someone who should not have a portable computer.
XML documents could also be regarded as bloatware, but because there is lots of 'free' space in XML documents they lend themselves very well to compression. This is a current topic over at XML.com. Perhaps a great advantage for specialist 'publishers' is the use of DTDs (Document Type Definitions). By publishing this, either with the document or on the web, the publisher can use eXtensions to vanilla XML to create specialist or unique features. As for 'Print Ready Copy' I think the jury is still out!
Having used cmd shell on an asci terminal for most of my life, when DOS came along the command line and the usefulness of batch files was comparatively easy to master. GUIs were a different matter, a totally different paradyme. If the CEO of Compaq says that he finds the PC difficult to use and he would like it to be easy for his parents to master - then, I would suggest, something is fundamentally faulty. One is forced to ask, were Zerox PARC right? If not, then the Zerox board were right not to persue the development to a marketable product. If this is the case then the alegations of lack of foresight were wrong. We can all be right in hindsight. Can there be an argument that the information contained within a pictogramme/ graphic is/less/ easily communicated that the written word? I think not, but there is a price to pay for graphics/bloat/! Recognizing a graphic is a matter of pattern recognition: the better an individual's pattern recognition the more likely the individual is to have monotone memory (think whether or not you dream in colour or black and white?). The brain does a lossy sort of compression, by excluding colour more detail of the pattern is remembered. The next point is the tree structure favoured by GUI designers. Some people, usually males, have good sequential memory: while others, usually females, have good point detail memory (take a drive with husband/wife - boyfriend/girlfriend to see the point). The GUI by these criteria is a compromise. The suggestion that speech recognition is the solution is somewhat off the mark - the old truism 'a picture speaks a thousand word' is as true as it ever was, and anyway who can speak that quickly? There are rumours that ex-apple GUI designers are producing an improved GNOME GUI. Someone else/improved/ on the MAC GUI some years ago and what did we get? I think that we need to go back to first principles and start again not with GUI programers who are so old that they are deified but with new blood - coders under 30, or is that too none 'pc'?
This is the future! Checkout the smaller board size at the 'Infiniband TA' site - www.infinibandta.org and all that is missing is the high speed back plane adaptor and the Host Channel Adaptor (HCA). The Switched Fabric and the supporting companents are due to be available in the first Q of 2001 and this is the first board of comparitive size that has jet surfaced.
The speed quoted would require 40 Infiniband switched fabrics, plus 63 Ultra 160 SCSI striped disks with very fast cache memory, connected to each switched fabric to cope with this speed. For what purpose?
Slashdot Mirror
A piece of draft legislation prepared by the UK Government supposedly for Social Security, has in version 1 para 59 and version 2 para 61 unlimited powers for the Secretary of State for Social security to have complete and unlimited access to ALL MEDICAL RECORDS of everyone in the UK without any safeguards. This in effect means that every department of government has access to every medical record whether on paper or digital media. Just imagine how much the pharma' industry would pay for such valuable info and not just the UK pharmasutical industry - to have a whole nations complete medical history and DNA profile would be priceless, especially to the insurance industry! Privacy and the CCTV cameras in public places pales into insignificance.
The tools are available! RSRE Malvern now part of DERA (UK DARPA) released them some years ago as an open standard for static testing which is used world wide to verify critical systems. I assume it is on the Net but I can't find the URL.
Place: England: Time: a few hours after Pearl Harbour. W. S. Churchill (British Prime Minister) to Japanese Ambassodor: "Mr Ambassodor, please convey to your government that a state of war exists between the United Kingdom and The Empire of Japan. I wish you a safe journey home." (Ambassodor exits, stage right). U.S. Ambassodor to The Court of St. James (sitting next to Churchill) to Brit PM: "Mr Prime Minister I don't understand, you have just issued a declaration of war to the Ambassodor in the politest terms and wished him a safe journey home? Churchill to U. S. Ambassador: "Mr Ambassodor, it does no harm to be polite to a man you are about to kill."
IPv6 over fibre channel - check out infinibandta.org for the next generation open standard bus.
What 'kin standards?? Even HTML is not universely standardized - infact a very famous person we've heard of has a personal site/home page that is not standard HTML. If the 'Glitteraty' of the computer world get it wrong, what about your average Joe? This sounds somewhat like "Embrace and Extend". Has M$ taken over the Web while I wasn't looking?
Further clarification: 1. KELVIN does not have a plural, just Kelvin or K. 2. 0(Zero)K = -273.16 degrees Celcius (C)(1742), -459 degrees Fahrenheit (F) (1709), -219.2 degrees Reaumur (R) (1730) and -411 degrees De Lisle (D); I forget the date. For example, Nitrogen is liquid at 77K.
This *news* is nearly a year old. The patent process is ongoing and IP licensing should start this year. Forget about buying into this invention - UK universities are public bodies.
This is an important point but you should be aware that the Security Service of the country concerned would automatically be suspicious of 1k+ keys. 56bit and 128bit keys are not difficult to solve: What are you protecting? and from whom? If your co-workers are concerned about the State organs then I would suggest that it is easier and less time consuming for the State to raid the office/home of your co-workers and recover their PCs/documents - drawing attention to themselves by lengthy encrypted transmissions will be a self defeating object. Sometimes NO security is a better cover than any security at all. If they just need to know emails are from you then the excellent suggestions above will suffice; if on the other hand security of the content of messages is imperative I would recommend that you consider obfuscation or some of the other measures used to send encrypted messages covertly. As a foot note you should be aware that in the former soviet union 'paranoia is in the Levi's', it's how people survived from Stalin's purges onward and it is how the state exerted control; using the principle that if the population are so paranoid that they will not speak to anyone then they cannot plot against the state!
I resemble that remark! I was sent away to school at 8 yrs and 8 to 12 were the most unhappy years of my life. The only advantage was that I did'nt have to try to hide at the back of the class room and I didn't have to get answers to questions wrong just to seem ordinary like everyone else. Admittedly this was in the '50s and the teaching skills used on gifted children were experimental and single sex, no girls! If the masters had to write a major dissertation on children they would have had difficulty in filling the back of a postage stamp. I missed my dog, playing with my toys and my friends and yes the development of my social skills suffered greatly. There was no fun in life anymore. Baiting teachers was the only passtime that lessened the boredom and missery. The answere for me was to fail the two examinations 11 year old children take in england - common entrance (for Public School, private school in the US) and the 11 plus for entrance to Grammar School, (High School as opposed to trade school). From 12 to 14 much of my time was spent with psychiatrists and psychologists. At 14 I went to an ORDINARY boarding school and had the best time of my life. There was no pressure to perform, there was lots of sport which I loved, No ancient greek or latin and many outdoor persuits but most importantly I met the man who changed my life. He understood children "When talking to carpenters, use carpenters metaphors", but most supprising for me was that he understood ME. I still laugh when I think about the first time we met, within a few minutes he had my number as we say. he wasn't going to take any shit and he had a mischievious twinkle in his eyes which said something like "Just make my day boy!" He was the Master of Studies and senior mathematics master, Harry Patterson. For the first time math was fun, not just easy and in a class of 'three' we seemed to do more laughing and joking than math and my love of Euclid grew (not in the Greek sense, you understand) to such heights that every day was a challenge to find alternative proofs. Harry was not only a good math teacher but was a very experienced and able engineer who had retired early. Problems in math often became solutions in life and so life became fun - at last! I graduated at 16 having stayed on a whole year to retake english (twice). That was the only time I graduated on any level and just for Harry's sake. BSc Mech Eng failed to graduate; Marine Eng Dipl, failed to graduate; BSc (two) Math, failed to graduate; MBA, failed to graduate. And my career? 22 years as a Political Science analyist. As Will said in Good Will Hunting, "I don't know why I can do math, I just can". Is there a moral to this story? Yes, don't just do what you can, do what you enjoy and is fun. Childhood is short enough, don't put away the childish things too early because the is no second chance.
representing the 5.5 Billion users worldwide outside the USA. The words 'Tea', 'Boston' and 'No taxasion without representation' paint a picture of almost total hipocracy coming out of a US Government Institution. 'Third World' and for that matter 'First World' countries are asking themselves IF ICANN had a constitution could they be relied upon to have a voting system that was not only workable but also democratic. The fact that as currently constituted ICANN is a self-appointed dictatorship which the vast majority of informed net users outside the US find utterly distateful particularly as many of them are often lectured by the US on matters of democracy. That said, it comes as no supprise that ICANN is totally flawed because it was set up by a system of partisan interest which cannot organise itseld better than the worlds largest democracy (India) yet with less than one third of the population. Unless ICANN gets it's act together and very quickly the Declaration of Net indepandance will have the name of a NewZealand lawer at the top of the list and not John Hancock and DNS will exist no more.
The film on "Tomorrow's World" showed a boy using a game console with both his natural hand and the prostheses
The world (plus dog) is currently being reminded by the US media that the US of A is "the worlds greatest democracy" - vis, the Presidental elections. What chance of a QUANGO (of dubious Constitutional legality) taking note of the will of "We the People" or being organized any better????
Even if PKI were to be a satisfactory solution for the protection of transmitted information, as a concept and less in its implementation, its main value is to instill a falce sence of security amongst sysadmins and users alike. The current vogue for solving public crypto problems seems to reinforce the idea that cryptography is an end in itself. Information in the public domain informs us that EVERY electrical and electronic item radiates energy in the electromagnetic spectrum. This radiated energy can easily be intercepted either directly (in the case of a VDU) with a high gain, directional antenna, a television receiver and $50 spent wisely at Radio Shack or indirectly on any conducting medium. One does not require "every computer on earth processing for 1000 years to break xxx crypto system" when the information one requires access to is to be found on the hdd of computers to be found in the garbage skip of almost any organisation or corporation one could name. In the days when Mainframe and mini computers were the norm, computer scientists, engineers and programmers unfortunately coined the phrase "Computer Security" when they meant data security, in reality 'Data Integrity' this lack of clarity has lead to almost but not complete activity in the real security field and a belief amongst end users that 'secure data processing' is something that it is not. The truth of the matter is that then as now the principal interest of the computing community is in having the first, the fastest. the biggest, the most reliable, the biggest bang for the buck, etc. Any consideration of the security of information is an afterthought usually in the form of a material or software band-aid. I am not just talking about the PC on which you are reading this comment but also the most sophisticated systems at the highest level and in the most secret parts of any government. As an engineer I can understand the concerns of the designers and engineers about crosstalk, signal to noise ratio and many, but nowhere near all of the other factors to be considered in the creation of a computing platform but is information security the fundamental consideration? No, of course it isn't and why? because information security is not a fundamental and the primary consideration of governments and corporations large and small - not even corporations involved in the provision of security to others at great cost to the recipient and profit to stock holders. PKI like any other product which purports to enhance security is nothing more than the computing version of the Band-Aid and like the Band-Aid we place over a wound is no guarantee of protection from infection because the flora and fauna on the skin is already under the Band-Aid.
Not wishing to trade belittling comments I humbly suggest that an AIR GAP is the only EFFECTIVE solution
My text editing with Mozilla is incompatible with /. or CR/LF gets lost somewhere in cyberspace :-((
Contradicts EU law where dissasembly and patching for legitimate purposes is legal. This is intended to protect the EU against US software companies holding them to ransom by not allowing interoperation of different software packages. Get your copy of IDA Pro - www.datarescue.com before it is ruled illegal.
but continually striven for. Espionage operations have been directed at corporations large and small for 100 years or more. To be successful espionage by its very nature must be clandestine - that is not be discovered by the target. In the case under review it should be possible to reconstruct the content of the laptop and make a Risk Assessment of the damage the information would cause the the business if it were in the hands of its main competitors. The recipient of the information will know that the laptop will be missed and that the owner of the information may (if he knows what he is doing - which does not sound very likely) take 'Counter Compromise' action. This action will depend on the type of information held on the laptop. Some corporate information is Time and Price sensitive - e.g. quarterly or annual financial results for which corporations have a responsibility to amongst others the S.E.C. who take a very dim view of 'incorrect disclosure'. In such a circumstance Counter Compromise action is not possible because the information cannot be changed or denied. In this case the SEC would have to be informed and the reletive information be released to the public domain as quickly as possible. Corporate strategy and plans can always be changed but at a price and that price may be in the short term the difference between market leader and nowhere. This takes us back to the first point of stock price sensitivity! Security as an holistic activity. Encrypting the data on a laptop is not the answer as that data will be stored elsewhere within the enterprise. Having the most sophisticated form of Log-on and authentication to a computer system is useless if the OS is insecure, the computer is connected to the outside world, as 'point to point', WAN, Extranet, etc., the disks or backup tapes are accessible and can be copied. EXAMPLE. In the '60s one of the worlds major airlines devised a software application that would allow any travel agent anywhere in the world to book any flight from any where to anywhere else using a simple ASCII terminal. No other airline was anywhere near a solution and most had not even thought of the idea. Thieves broke into the airline computer centre, connected the computer on-line, dialed into their own computer and dumped the source code. At least one of the thieves was caught and charged with 'Breaking and Entering' (they broke a pane of glass) and the theft of ELECTRICITY. The source code was an intangible not recognized in law and although it was priceless to the airline which developed it, it had no monetary value in law. That was the '60s and the legal situation has changed but what has not changed is THE GREATEST THREAT TO SECURITY. It is not the CIA, the FSB, MI6, BND, NSA or any other combination of letters. The greatest threat to security remains the widely held belief that no threat to security exists. Once the President, Board and CEO are convinced that there is a threat to corporate security and they are willing to allocate 'Land', 'Labour' and 'Capital' (approx 10% of infrastructure projects) and convincingly educate all employees then a security process can be started by asking three questions: 1. What are our valuable assets, (tangible like data centres and intangible like information)? 2. Who wants them? 3. How can they get them? From these thre questions everything else flows. Answers raise more questions and the answeres to those questions raise yet more questions. Security, like any other corporate activity, is dynamic and all the accepted management skills from forcasting to sales apply whether it is securing Personnel, Materiel (buildings, computers, etc) or Information. Security can never be absolute - anything designed by man can be overcome by man given the TIME. Time is what effective security will gain for the defender - time to detect any attack, time to respond to the attack and time to neutralize the attacker. When it works effectively attackers are detered and CFOs invariably say "Why are we spending all this money when there are no attacks" and we have come full circle to the falacy that "There is no threat to security". Regards Gatekeeper (retired) PS. Unless things have recently changed radically in corporate America it is extreamly likely that the CIO had the laptop with the most bells and whistles and how many laptops can a guy covert? Some years ago I had a media client that was loosing one top of the range Compaq portable per week for ten months before we were called in to advise. We placed electronic ID tags in all the replacement portables and covertly monitored their movement in and out of the building. Every day a senior executive left the building at lunch time with a portable. Some days he brought it back to the building and sometimes not. One day he left the building with a portable which had been tagged and as his portable did not have a tag, it was not his portable. When he returned he had no portable. When the portable was not returned by the following day the details were passed to the local law enforcement agency who tailed him to his accomplices and arrested them. He had removed over $160,000 of portable computers because the security guards were looking for a stranger or someone who should not have a portable computer.
XML documents could also be regarded as bloatware, but because there is lots of 'free' space in XML documents they lend themselves very well to compression. This is a current topic over at XML.com. Perhaps a great advantage for specialist 'publishers' is the use of DTDs (Document Type Definitions). By publishing this, either with the document or on the web, the publisher can use eXtensions to vanilla XML to create specialist or unique features. As for 'Print Ready Copy' I think the jury is still out!
Having used cmd shell on an asci terminal for most of my life, when DOS came along the command line and the usefulness of batch files was comparatively easy to master. GUIs were a different matter, a totally different paradyme. If the CEO of Compaq says that he finds the PC difficult to use and he would like it to be easy for his parents to master - then, I would suggest, something is fundamentally faulty. One is forced to ask, were Zerox PARC right? If not, then the Zerox board were right not to persue the development to a marketable product. If this is the case then the alegations of lack of foresight were wrong. We can all be right in hindsight. Can there be an argument that the information contained within a pictogramme/ graphic is /less/ easily communicated that the written word? I think not, but there is a price to pay for graphics /bloat/! Recognizing a graphic is a matter of pattern recognition: the better an individual's pattern recognition the more likely the individual is to have monotone memory (think whether or not you dream in colour or black and white?). The brain does a lossy sort of compression, by excluding colour more detail of the pattern is remembered. The next point is the tree structure favoured by GUI designers. Some people, usually males, have good sequential memory: while others, usually females, have good point detail memory (take a drive with husband/wife - boyfriend/girlfriend to see the point). The GUI by these criteria is a compromise. The suggestion that speech recognition is the solution is somewhat off the mark - the old truism 'a picture speaks a thousand word' is as true as it ever was, and anyway who can speak that quickly? There are rumours that ex-apple GUI designers are producing an improved GNOME GUI. Someone else /improved/ on the MAC GUI some years ago and what did we get? I think that we need to go back to first principles and start again not with GUI programers who are so old that they are deified but with new blood - coders under 30, or is that too none 'pc'?
Why do I get "no file page data.html"?? :-((
This is the future! Checkout the smaller board size at the 'Infiniband TA' site - www.infinibandta.org and all that is missing is the high speed back plane adaptor and the Host Channel Adaptor (HCA). The Switched Fabric and the supporting companents are due to be available in the first Q of 2001 and this is the first board of comparitive size that has jet surfaced.
Not as good as his 'Fermat's Last Theorem'.
So is source code - protected by first amendment - even crypto.
I can't think of any system that is not highly I/O bound, let alone any system that is I/O neutral!
The speed quoted would require 40 Infiniband switched fabrics, plus 63 Ultra 160 SCSI striped disks with very fast cache memory, connected to each switched fabric to cope with this speed. For what purpose?