I have been extremely tempted to buy Check Point's latest all in one security appliance... they no longer use SofaWare as their embedded OS on their smaller appliances, it's a scaled down GAIA (the next evolution of Check Point's SPLAT for those who do Check Point stuff). It's pretty nuts all the things they pack into one little box... 10 1 gig ports, and 802.11 b/g/n
"All 600 Appliances come standard with 10 x 1Gbps Ethernet ports. For added flexibility and convenience, the wireless version of the 600 Appliance includes a WiFi access point (802.11b/g/n) that supports WEP, WPA and WPA2 authentication as well as secured guest access capabilities. The optional integrated ADSL modem eliminates the need for a separate external ADSL modem. Additionally, the included USB and PCI Express card slots allow an administrator to plug in a compatible third party 3G modem, providing an additional WAN connectivity for a redundant Internet link for maximum reliability."
Looks like they're about $400 on a random site I googled. Really tempting... I've been thinking about doing the same thing (plus REAL web filtering built-in, for my daughter).
How is Mario ever "wearing fur"? Are they referring to Racoon Mario? When he touches the Leaf, he becomes a fucking racoon. He's not "wearing a racoon suit, cosplay style," he physically transforms into a fucking racoon
I mean damn PETA come on, this is why people start thinking you're just a bunch of nutjobs....
I keep avoiding reading Isaacson's book because of all the negative criticism I've read about it... I'm familiar with Jobs' Macintosh (from Andy Hertzfeld's book) Pixar (from another book, "The Pixar Touch") and NeXT days from the various sources online and various videos and homages online to NeXT, so I think I'll skip Isaacson's book. Just out of curiousity and because I was too young to ever have owned a NeXT, I was able to get an OPENSTEP 4.2 VM running in VirtualBox the other day... what an amazing OS for its day
If I wanted to read more specifically about the Macintosh era of Apple I suppose I'd just pick up "The Little Kingdom."
More intellect than he knows what to do with, and he chooses to leave MS and start a patent troll company... ugh.
"Myhrvold was born in Seattle, Washington. He attended Mirman School,[4] and began college at age 14.[5] He studied mathematics, geophysics, and space physics at UCLA (BSc, Masters). He was awarded a Hertz Foundation Fellowship for graduate study and he chose to study at Princeton University, where he earned a master's degree in mathematical economics and completed a PhD in theoretical and mathematical physics by age 23."
The DoD employs something called "HBSS" - Host Based Security System - which is in reality McAfee's "e Policy Orchestrator" (ePO) plus a bunch of modules that plug in to ePO. One of the ePO modules is a data loss prevention agent that was pushed out to the client endpoint that prevented anything other than USB HID devices from functioning
I was replying more to the grandparent post than your post, but both of your posts are misleading. USB keyboards and mice are perfectly acceptable in DoD...
The whole point of my post was simply to point out that there seems to be a lot of misinformation out there about what's acceptable and what's not.
Comments like the parent and the grandparent irk me... Information Assurance is not the personification of "Mordak, the preventer of information services." Sometimes IA policies really do make sense.
I have worked in the world of DoD information assurance (really, I have, see http://www.linkedin.com/in/ericgearhart), and I completely disagree with what you're saying. Your example is built on the premise that the guys on this ship will be connecting to DoD information systems... that's simply not what the original poster is asking.
Think about what you're saying... you wanted to set up a "private wifi" in order to allow instructors to to monitor simulations. Don't you think that's sensitive data? If someone brute forced or rainbow tabled that WiFi access point's WPA2 key (you're using WPA2 pre-shared keys, right?) and got onto that private wifi network, wouldn't the data they could siphon off be valuable?
Setting up a completely separate WiFI network *that does not have any DoD sensitive data flowing over it* and is only connected to via personal information systems (laptops, desktops, tablets, phones, whatever) is perfectly acceptable.
Even your original premise, that "wifi is the devil according to IA" is untrue - there are wireless STIGs (Security Technical Implemenation Guides - basically they define how information systems are to be implemented on DoD networks) that cover a variety of wireless situations... nevermind USB devices, there's even one that covers the use of wireless mice and keyboards!
I know you're joking, but winning a seat in Congress is like winning free tickets to an insider trading buffet. Also all the wonderful laws we have in the US thay prohibit insoder trading don't applt to those in Congress...
Google the book " Throw Them All Out" for more depressing details
Thank you for this writeup... I wasn't aware of the 'Known Space' works by Niven and wow they look interesting.
I'm heading over to Amazon now to grab a Kindle copy of 'Ringworld' (I think that's the first novel one should read in the series in order to avoid spoilers to the prequels/sequels - right?)
Right. For the database schema update after you upgrade FOG, when you use the web interface you don't get redirected to the 'schema update' page. Minor bug, that would require an admin to run mysql and pipe in the database schema update script. Not really that big of a deal...
From a completely different source, I heard that the original description of the compromise, namely "One of the so-called 'admins', who really ought to have known better, set up a tunnel from a personal VPS to an internal machine which had no internet-accessible address -- just the tunnel" - did in fact happen as described. Duplicated, shared SSH keys led to this massive compromise (here's a hint: don't do that. build individual keys for individual servers, or at least build separate "groups" of keys for groups of servers, so that one compromise doesn't lead to hundreds of VPSs getting compromised).
I would say that either you're being misinformed, or you're spreading misinformation.
"Congress bumped up against the deadline mainly because of the stubborn resistance from a single senator, Republican freshman Rand Paul of Kentucky, who saw the terrorist-hunting powers as an abuse of privacy rights. Paul held up the final vote for several days while he demanded a chance to change the bill to diminish the government's ability to monitor individual actions. The bill passed the Senate 72-23."
You need safe mode with networking, not just plain old "Safe Mode" guys!
Re:it's really not that kind of test
on
2010 Geek IQ Test
·
· Score: 1
Well... get a 'geekier' circle of friends...
I've actually pointed out the brown bottle thing, to two different 'circles' of friends. One group called me a nerd and gave me shit about it, the other group nodded and found it interesting, then the conversation shifted to brewing techniques.
Guess which group was my wife's circle of friends and which group was my circle:)
Slashdot Mirror
I have been extremely tempted to buy Check Point's latest all in one security appliance... they no longer use SofaWare as their embedded OS on their smaller appliances, it's a scaled down GAIA (the next evolution of Check Point's SPLAT for those who do Check Point stuff). It's pretty nuts all the things they pack into one little box... 10 1 gig ports, and 802.11 b/g/n
"All 600 Appliances come standard with 10 x 1Gbps Ethernet ports. For added flexibility and convenience, the wireless version of the 600 Appliance includes a WiFi access point (802.11b/g/n) that supports WEP, WPA and WPA2 authentication as well as secured guest access capabilities. The optional integrated ADSL modem eliminates the need for a separate external ADSL modem. Additionally, the included USB and PCI Express card slots allow an administrator to plug in a compatible third party 3G modem, providing an additional WAN connectivity for a redundant Internet link for maximum reliability."
http://www.checkpoint.com/products/600-appliances/index.html
Looks like they're about $400 on a random site I googled. Really tempting... I've been thinking about doing the same thing (plus REAL web filtering built-in, for my daughter).
whooooooosh
(that wasn't a cloud that just whooshed by....)
How is Mario ever "wearing fur"? Are they referring to Racoon Mario? When he touches the Leaf, he becomes a fucking racoon. He's not "wearing a racoon suit, cosplay style," he physically transforms into a fucking racoon
I mean damn PETA come on, this is why people start thinking you're just a bunch of nutjobs....
OK, well said. In the video he's bashing the new "fad term," but Oracle's not above embracing it. Fair enough.
Anybody remember this?
http://www.youtube.com/watch?v=UOEFXaWHppE
Guess he's changed his tune...
I keep avoiding reading Isaacson's book because of all the negative criticism I've read about it... I'm familiar with Jobs' Macintosh (from Andy Hertzfeld's book) Pixar (from another book, "The Pixar Touch") and NeXT days from the various sources online and various videos and homages online to NeXT, so I think I'll skip Isaacson's book. Just out of curiousity and because I was too young to ever have owned a NeXT, I was able to get an OPENSTEP 4.2 VM running in VirtualBox the other day... what an amazing OS for its day
If I wanted to read more specifically about the Macintosh era of Apple I suppose I'd just pick up "The Little Kingdom."
I like how you slipped that nice little '1984' reference in there (the two minutes hate)... classy
More intellect than he knows what to do with, and he chooses to leave MS and start a patent troll company... ugh.
"Myhrvold was born in Seattle, Washington. He attended Mirman School,[4] and began college at age 14.[5] He studied mathematics, geophysics, and space physics at UCLA (BSc, Masters). He was awarded a Hertz Foundation Fellowship for graduate study and he chose to study at Princeton University, where he earned a master's degree in mathematical economics and completed a PhD in theoretical and mathematical physics by age 23."
The DoD employs something called "HBSS" - Host Based Security System - which is in reality McAfee's "e Policy Orchestrator" (ePO) plus a bunch of modules that plug in to ePO. One of the ePO modules is a data loss prevention agent that was pushed out to the client endpoint that prevented anything other than USB HID devices from functioning
https://kc.mcafee.com/corporate/index?page=content&id=KB60861 looks like an accurate description of what was done with HBSS policies.
Just for the sake of completeness, see http://slashdot.org/comments.pl?sid=2949213&cid=40510411 for a response to this entire thread...
I'm going to quietly bail out of this argument now... I'm already starting to feel like this XKCD: http://xkcd.com/386/
I was replying more to the grandparent post than your post, but both of your posts are misleading. USB keyboards and mice are perfectly acceptable in DoD...
The whole point of my post was simply to point out that there seems to be a lot of misinformation out there about what's acceptable and what's not.
Comments like the parent and the grandparent irk me... Information Assurance is not the personification of "Mordak, the preventer of information services." Sometimes IA policies really do make sense.
I have worked in the world of DoD information assurance (really, I have, see http://www.linkedin.com/in/ericgearhart), and I completely disagree with what you're saying. Your example is built on the premise that the guys on this ship will be connecting to DoD information systems... that's simply not what the original poster is asking.
Think about what you're saying... you wanted to set up a "private wifi" in order to allow instructors to to monitor simulations. Don't you think that's sensitive data? If someone brute forced or rainbow tabled that WiFi access point's WPA2 key (you're using WPA2 pre-shared keys, right?) and got onto that private wifi network, wouldn't the data they could siphon off be valuable?
Setting up a completely separate WiFI network *that does not have any DoD sensitive data flowing over it* and is only connected to via personal information systems (laptops, desktops, tablets, phones, whatever) is perfectly acceptable.
Even your original premise, that "wifi is the devil according to IA" is untrue - there are wireless STIGs (Security Technical Implemenation Guides - basically they define how information systems are to be implemented on DoD networks) that cover a variety of wireless situations... nevermind USB devices, there's even one that covers the use of wireless mice and keyboards!
http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html
http://iase.disa.mil/stigs/net_perimeter/wireless/wireless_net.html
I know you're joking, but winning a seat in Congress is like winning free tickets to an insider trading buffet. Also all the wonderful laws we have in the US thay prohibit insoder trading don't applt to those in Congress...
Google the book " Throw Them All Out" for more depressing details
You should come on over to Hacker News if you're looking for what Slashdot used to be circa 1998... http://news.ycombinator.com/
I agree with you... the comments were the big draw, and mostly it's "herd mentality" on /. any more.
OK, point taken, and I'm taking a look at Niven's shortstory collections on Amazon now, and 'Crashlander' as well.
Thanks for the help!
Thank you for this writeup... I wasn't aware of the 'Known Space' works by Niven and wow they look interesting.
I'm heading over to Amazon now to grab a Kindle copy of 'Ringworld' (I think that's the first novel one should read in the series in order to avoid spoilers to the prequels/sequels - right?)
Right. For the database schema update after you upgrade FOG, when you use the web interface you don't get redirected to the 'schema update' page. Minor bug, that would require an admin to run mysql and pipe in the database schema update script. Not really that big of a deal...
What's your point exactly?
From a completely different source, I heard that the original description of the compromise, namely "One of the so-called 'admins', who really ought to have known better, set up a tunnel from a personal VPS to an internal machine which had no internet-accessible address -- just the tunnel" - did in fact happen as described. Duplicated, shared SSH keys led to this massive compromise (here's a hint: don't do that. build individual keys for individual servers, or at least build separate "groups" of keys for groups of servers, so that one compromise doesn't lead to hundreds of VPSs getting compromised).
I would say that either you're being misinformed, or you're spreading misinformation.
Windows 2000 - from the guys who brought us edlin
Also your signature is incorrect... edlin is loosely based on Unix ed: http://en.wikipedia.org/wiki/Ed_(text_editor)#Features
A more accurate statement would be "Windows 2000 - from the guys who brought us VMS" (see http://en.wikipedia.org/wiki/Dave_Cutler#VMS )
"Congress bumped up against the deadline mainly because of the stubborn resistance from a single senator, Republican freshman Rand Paul of Kentucky, who saw the terrorist-hunting powers as an abuse of privacy rights. Paul held up the final vote for several days while he demanded a chance to change the bill to diminish the government's ability to monitor individual actions. The bill passed the Senate 72-23."
- from http://www.cbsnews.com/stories/2011/05/26/politics/main20066686.shtml
Here's to that... I've been reading more and more about Scientific Linux as a replacement for CentOS.
You need safe mode with networking, not just plain old "Safe Mode" guys!
Well... get a 'geekier' circle of friends...
I've actually pointed out the brown bottle thing, to two different 'circles' of friends. One group called me a nerd and gave me shit about it, the other group nodded and found it interesting, then the conversation shifted to brewing techniques.
Guess which group was my wife's circle of friends and which group was my circle :)
I'm not /really/ old school, but I get it ( I didn't cheat by Googling either) :)
From what I remember when I read about this, back in the day lpd used to report that a printer was on fire if it was reporting a bad status
I've been waiting on iotop for a while too... see this comment I made: https://bugzilla.redhat.com/show_bug.cgi?id=239654#c2 back in September of last year.
Argh.