From the article: But the research suggests those with the money, the 45 and overs, are buying more CDs after file-sharing. Now that's a statistic we never hear quoted.
That, and there's me. I hardly every buy music without listening first. I don't like top-40 pabulum, so that leaves downloading.
in a 128 bit address space, my system won't be found by anybody's random scans.
Only if the addresses are distributed at random, and the scans are really simple-minded.
Consider a scanner that would go through a dozen or so consecutive addresses; if it doesn't manage to infect anyone, check only every second address, then every fourth, eighth, and so on. As soon as it finds a vulnerable system, it drops back to trying every address.
This way, it could rapidly traverse large blocks of address space that contain no vulnerable systems, but still have a pretty good chance of finding many of the vulnerable ones. Of course, you would have a slight amount of protection if your computer was vulnerable to a different set of exploits than all its "neighbours" in the address space...
I like your idea for really sneaky, damaging payloads...
Here's an idea I read a little while ago - how about a payload that finds any number followed by a dollar sign in outgoing emails, and doubles it; in incoming emails, it divides it by two. Anyone that got the virus would suddenly lose all kinds of business, as their customers would see them submitting huge estimates. And, communications between two infected computers would seem normal, so it could be really slow to detect if everyone in a company got it. Just imagine the chaos...
Lots of similar ideas
Payload introduces random spelling and grammar mistakes into outgoing emails, subtly making the victim look ignorant.
Payload randomly drops one recipient from a third of all emails with more than three recipients, or adds a bcc recipient, drawn at random from the address book. ("meeting re: coming layoffs" - alright, who leaked that one?)
Payload checks Word docs for revision tracking, and rolls them back by one version before emailing, printing, or converting to pdf.
Payload alters spreadsheet programs, CAD programs, or similar, and introduces calculation errors directly into the code.
Payload periodically (say, once an hour) checks how many application windows are currently open. If it exceeds a certain number, causes a BSOD with 10% probability. Nothing too conspicuous, but enough to cause regular losses of work, which would just happen to be when the user has the most on the go. If it notices the user restricting the number of apps they use, it could gradually sneak the threshold down.
You could also create a virus that would have an immediately beneficial impact on the economy - it would just delete any copies of MS powerpoint it finds. Just think, managers would have to start doing work!
Try to buy a PowerMac online without going through the "customization" page. Start at the Apple store, click on the G5 powermac, pick a model, you can't even buy it without going past that page.
Nowhere on the page does it say "Warning: changing any of these drop-down lists from the default configuration constitutes ordering a custom-built computer, which you won't be able to return"
Seriously, the German national post office is also one of the largest banks in Germany. Makes sense on a certain level - every little town already has a post office, so why not just add bank services to the existing office.
But, here's the problem: not only do they offer banking and postal services at the same wickets, they also don't seem to have discovered the marvelous North American method of having one line up for multiple tellers. You don't really appreciate having the first available clerk can always help whoever has been in line longest, until you live out the alternative.
So, you go to the post office with your single envelope, correctly addressed, just needs to be weighed and have postage slapped on it... You have to carefully scan the lines, and suss out the people waiting. That fellow with the big fat envelope - is he mailing something in bubble wrap, or is it full of unsorted petty cash and small cheques that need to be deposited into three different accounts? That lady with the shopping bag - is she checking her PO box, or remortgaging her house?
In most cases of powerpoint presentations I've seen, the powerpoint stuff was put in reflexively, because "powerpoint is how you do presentations", not because the material lent itself to powerpoint.
Actually, the best alternative is often a mostly oral presentation (no slides), with the occasional point being drawn out on the blackboard (by hand in chalk or marker!) at the same pace as the explanation of the subject. It's much better to hear "and then we have generic widgets in here. In practice we use about two dozen types of widgets" as the presenter is drawing the "generic widget" part of the diagram, than to see him wave a laser pointer all over 2/3 of a complicated diagram, while his audience thinks of where they'd like to stuff the laser pointer.
Interesting you should say that, my experience contradicts your almost totally. I have seen slides/projections used in more talks and presentations than I can count, and in perhaps 80% of them, the projections were an impediment to communication, not an aid.
However, if we break it down between powerpoint/everything else, then powerpoint has been an aid to communication in precisely one talk I ever saw; an impediment in the other 100% - 1. In the everything else category, it's an aid in about 75%. I think perhaps the thing is, people use powerpoint as a reflex these days, whether they need any projections or not. If they use anything else, it's because they're thought about it.
Transparencies can be good - they're versatile.
You can point to parts of a diagram easily. Laser pointers are terrible - everyone's hands shake a little, and little red dots jumping all over the place make the audience hate you. You can point to multiple parts at once, by leaving a couple of pencils on the transparency, or circling things as you mention them.
Biggest point - if someone doesn't understand what you're explaining, you can do the calculations over in a different way, or add a more detailed explanation of something complete with diagrams, just grab an extra blank transparency. Any system of ready-made slides doesn't let you do that (of course there's always chalk, but some people are just no good with it).
As for pictures, the best case for that was some art history courses I took. Powerpoint would have been terrible for this - projectors were pretty much all 800x600 at the time (are they 1024x768 these days? How much does that cost?) and the color is lame. The only way to go was a real slide projector, with the clickety-click cart and the acetate slides where one always ends up being upside down.
One of the best uses of projection though was a course where the notes were on a website, simple html, no powerpoint. So, he put that up on the projector, and we knew exactly what notes we had to take and what we didn't need to write, since we all know the URL for what's on screen now. Because it's a web page, he could have a useful amount of text, i.e. that doesn't fit on one screen, diagrams that you need to scroll about to see in full.
I agree with you about reading slides though. It's a slide show, not the 3x5 cards with your notes. But, in presentations where people did that, the slides were usually completely unnecessary. A better slide show would have been better, but the no slide show at all would have been best.
I don't like top 40 radio music. If I'm going to spring for the album, I want to listen first, and EZ-93 Craptastic Hits FM is not an option for me. So I download mp3s, then I buy the album if I like them.
Seriously, if I can't listen to at least some of an album, I don't buy it. And the stuff I buy, I have to special order, generally from out of the country (now that the one record store near me that sells psy-trance moved to the far end of town, it's easier to get it from Hong Kong than my home city. Crazy world, eh?)
So, it seems at least reasonable - NZ music doesn't have the mega-publicity budgets to buy radio airplay that US and EU mass-produced music does. So, mp3 distribution could be working more like free radio airplay than like 'theft'. The thing is, this is something that should be considered (it's true in my case, and in the case of a number of people I know who spend rather a lot of money on music), and the person the article quotes can't even conceive of it.
Beside the point, I think that most people (myself inculded) have a hard time correlating PHYSICAL goods, which cost money to produce each and every one, and DIGITAL goods, of which an infinte number of copies can be made with no direct cost.
That's kind of the point, isn't it - digital goods can be infinitely 'stolen', and do no damage to the producer, as long as the theft doesn't decrease sales. If a thousand 'thefts' have the net effect of producing one additional sale, then those thefts actually benefit the producer.
So, maybe a hundred people download the song. Of those, five would normally have sprung for the CD - two decide not to buy it now they have the mp3 (-2 sales), three go ahead and buy it (+/-0). What of the other 95? If twenty of them would normally not have heard of the artist or album, and three of them decide to buy it now (+3), then this 'theft' is really more like free radio play. No need to bribe radio stations to get exposure.
I fall into the last category - no mp3, no sale to me. I'm not about to special-order vinyl from HongKong without knowing if it will be worth it or not (seriously, that's like 90% of my music purchases). Besides, I hate the sound quality of mp3s. If I like music, it's more of an annoyance than a pleasure to hear it all thin and reedy and mp3-like. I'd as soon listen to a monaural AM radio at the bottom of the yard as an mp3. I do download a lot of mp3s though - it's the only way I can test-listen music I might consider buying, that's not mass-produced top-40 radio pabulum.
c.f. the article - all of a sudden, there's an un-explained upsurge in the sales of locally produced New Zealand music. Which is also being 'stolen' in unprecedented amounts...
The thing is, IMO, many record company execs can't differentiate between the two digital/physical 'thefts'. One theory of mine, is that record execs don't really like music (look at the crap they turn out), so they can't appreciate the difference in sound quality between mp3 and CD/vinyl. Therefore, they can't imagine that some people really do appreciate the difference, and consider mp3s to be more like listening to an AM station on a tinny mono radio set at the bottom of the garden, than like having a form of music you can really enjoy.
Another possibility is that the spread of mp3s promotes concert attendance, since people save the cash on CDs to go to bars/music halls/stadiums. So, the money is going directly to the artist, and cutting the execs out of the loop, and they fear that. Also, their radio station bribing system allows them to choose what we hear, aggressively promoting disposable bands. This way, they don't have to rely on talented musicians that can't be quickly replaced - they might get uppity, and demand a fair recording contract.
So, to apply Walmart to the thing, it's more like if WalMart realized people were spray-painting WalMart logos on stuff as the latest graffiti - nobody is actually stealing physical stuff, they're just reproducing stuff they don't technically have the right to. So, if the graffiti have a negative association and reduce sales, WalMart would be smart to go after the taggers. If they just work as free billboards, and increase sales, then WalMart should turn a blind eye, or even produce stencils (note: unlicensed public display prohibited) of their logo.
Actually, the problem is that (by default at least) the OS doesn't specify a DHCP server - it trusts any DHCP reply it gets. So, if the attacker controls one host on your network, and that host sends poisoned DHCP replies, then roughly 50% of hosts on the network will receive the poisoned replies first, and trust them. So, any host on the network will do.
If you also have wireless access and either don't encrypt it, or your attacker takes the time to crack your WEP key (not, I gather, all that hard for a determined attacker), then he could potentially inject a laptop into your network from the parking lot. The wireless delay would be enough that nearly all hosts would still get the legit DHCP server's responses first, but (a) he could still compromise all the laptops that use DHCP - probably not uncommon if you're switching between access points a lot, and (b) only one wired host would need to trust the wrong response, and he could compromise it, turn it into the owned DHCP server, and he's set. That could include a laptop that was compromised by wireless, and later plugged in to the wired network.
On one hand, it's you say - if the attacker has got himself onto your local net, you're already dealing with some big problems. On the other hand, by the principle of defense in depth, you should both prevent the attacker getting on your network, and also have an internal network set up so an attacker would have a hard time doing damage from the inside. This vulnerability means that one of the layers of your supposed 'defence in depth' is weak.
He's sure gloating about this vulnerability. Not that it's trivial, but it certainly looks a whole lot less grave than any one of this month's collection of Windows vulnerabilities. Or last month's...
An attacker who has already managed to either insert a malicious host into your local network (granted, if you have an unsecured wireless network, that could be fairly easy), or compromise one of the hosts on your network, can then wait for users to reboot their computers (assuming the original compromise hasn't been noticed yet), and then get them to trust the compromised host.
So, steps are
Compromise a computer by undetermined means.
Wait for other computers on the same network as the compromised box to reboot, and send out DHCP responses. They would be coming from a computer other than the normal DHCP server.
Assuming that no IDS catches either behaviour, you could, over time, compromise further boxes on the same network.
Now, if you've got one host (that doesn't get shut down at night) in a lab where everyone else turns off their computers at night, you could take over the whole lab in a day or two. But then, in that situation, you've probably just taken over the domain controller (or Apple equivalent) anyway, so who needs a DHCP vulnerability?
Definitely a big problem, but it's hardly MSBlaster, is it?
So stick the fake thumb in your pocket for five minutes to warm it up to body temperature first. Probably that's what you'd do anyway - it would look pretty weird if you walked up to a bank machine with a rubber thumb in your hand or the brim of your hat...
I worked tech support for ATT Wireless. I totally believe they are having computer problems - their computer system was a complete and utter mess.
Like, we sat at P4 workstations with about 256MB of RAM, that ran only one program - Citrix client. The servers were on the East coast somewhere. On those (already slow) servers we ran apps that felt like X11 over a phone modem, which were in turn a front end to some pre-RDBMS database program running on MVS/ESA servers scattered about the US. Oh, and the Citrix client stations had their video cards locked at 60Hz. We didn't have permissions to change the refresh rate...
Common misunderstanding of Darwinism
on
Real Security?
·
· Score: 1
Darwinism doesn't mean that the survivor is necessarily the critter that is toughest, or lives longest. It's just the one that gets the most offspring surviving to the age of reproduction.
So, to stretch the Darwinism metaphor past any reasonable application: in the world of security, that means that the security practice that survives isn't necessarily the one that produces the most realy security. It's the one that produces the greatest sense of security in the people who make the decisions. I.e. managers, often without much understanding of the topic, and Infosec types, who often forget that the reason they are willing to make an effort to protect infosec is it's their job - and if their job were payroll accounting then that's where they would make the effort, and infosec would be a nuisance.
Consider ID checks at airports and the like - they're not going to catch intended suicide bombers. If an attacker plans to die in the attack, he's not going to care if you can identify him to arrest him later. But they make passengers feel safer, because someone in a blue polyester uniform is looking at everyone's ID, which is a security sort of thing to do. And his badge even says "security".
This is great, except wait: Was this the site that disallows non-alphanumeric characters, or was it the one that requires all lowercase, or the one with a minimum password length of 10 characters?
Those who prove to be unproductive when they have to share space with others risk getting fired.
And if you actually follow the link and read the Mercury News article:
The noise of shared work spaces bothers many people, while others regard offices as status symbols. Some can't get any work done without a regular place to sit.
Encore Technical Staffing, a headhunting firm, closed its Redwood City office about three years ago to avoid a rent increase and asked its 40-or-so employees to be mobile. But some proved unproductive and were fired.
So, there you go - companies decide to save on rent, even though it means their productive employees become unproductive and need to be fired, and new employees need to be screened, hired, trained, and brought up to speed.
Makes you think someone didn't think this 'saving' through real well...
That's a different matter than just not being able to work in a room full of noisy people. The question is - if someone is able to communicate easily and clearly in meetings/lunches/etc., gets on well with co-workers, keeps everyone informed of their progress that needs to be, but needs some peace and quiet to get their work done, is it OK to fire them because you've decided to subject everyone to working in a giant gymnasium?
Incidentally, I rather suspect most people who think they are really good at 'multi-tasking', and doing brain-work in a distracting environment, are kidding themselves. They're the ones who are fully convinced that they can talk on cellphones and drive safely, only because they don't even notice all the accidents they nearly get in, and all the tight maneuvers they force other drivers to make.
If they can't communicate effectively or deal with other people, they have no place in most workforces.
That's a very different thing from being able to do productive work in a room with 100 conversations going on on all sides.
I think I'm pretty good at communicating with people, but that's what meetings and lunches are for. When I'm done communicating and dealing with people, and it's time to do some intense thinking, I don't need four different meetings, half a dozen tech support calls, and twenty tinnily-audible sets of headphone music going on in the same room.
the data is written to the journal area of the disk.
once that has completed successfully, it's written to the regular data area of the disk.
Also, if I get it correctly, the first write couldn't be stuck in a write cache, but has to complete immediately, while the second could be cached and completed later.
So, if the power dies during the first write, you fall back to the original data. If it dies during the second write, fsck runs on reboot and uses the journal as a source of authoritative data.
Net effect then would be that any write() call would take roughly twice the time (likely more, since one of the seek/writes can't be cached), while reading would take exactly the same amount of time.
I'm not very knowledgeable on Unix FS's, but surely, short of some type of UPS between the case power supply and the HDs, there's no way you can stop things from being corrupted by hard power-downs. If you hit the power switch while the drive is midway through a write operation, it will toast whatever is being written.
The one cure I can see is the approach Mac OS has taken since at least the first G3s - there is no hard power switch on the front of the case. Hit the power button on the case, and it will send an interrupt to the OS, which will pop up a "do you want to power down now?" dialog. The only way to shut down without the OS knowing is to reach behind the case and pull the plug (or cause a kernel panic, of course, but that's gotten fairly hard to do with OS X).
Cause all those companies that made Walkmans (of the non-TM generic sort) are really hurting right now... Sales slowed down gradually, and sales of new, improved products took over.
That would probably be better, but voting machines are meant to decrease costs, not increase accuracy. (I suspect that's part of why Diebold keeps winning contracts in spite of their poor record)
That said, if they count a randomly selected 10% of polling stations by hand to check for accuracy, this makes it a lot harder for the software to fool things up. Only if these samples show any more than a certain defined level of inaccuracy (ideally zero), only then do you need the expense of manually counting votes.
And, properly, it ought to be in the contract that the voting machine's supplier will cover at least a large fraction of the cost of any manual recounts, should they become necessary...
Then you'd get the google.com page, that would insantly redirect you to the google.ca page, that would resolve to the google.com page, that would redirect you to the google.ca page....
Slashdot Mirror
That, and there's me. I hardly every buy music without listening first. I don't like top-40 pabulum, so that leaves downloading.
Only if the addresses are distributed at random, and the scans are really simple-minded.
Consider a scanner that would go through a dozen or so consecutive addresses; if it doesn't manage to infect anyone, check only every second address, then every fourth, eighth, and so on. As soon as it finds a vulnerable system, it drops back to trying every address.
This way, it could rapidly traverse large blocks of address space that contain no vulnerable systems, but still have a pretty good chance of finding many of the vulnerable ones. Of course, you would have a slight amount of protection if your computer was vulnerable to a different set of exploits than all its "neighbours" in the address space...
Here's an idea I read a little while ago - how about a payload that finds any number followed by a dollar sign in outgoing emails, and doubles it; in incoming emails, it divides it by two. Anyone that got the virus would suddenly lose all kinds of business, as their customers would see them submitting huge estimates. And, communications between two infected computers would seem normal, so it could be really slow to detect if everyone in a company got it. Just imagine the chaos...
Lots of similar ideas
You could also create a virus that would have an immediately beneficial impact on the economy - it would just delete any copies of MS powerpoint it finds. Just think, managers would have to start doing work!
Nowhere on the page does it say "Warning: changing any of these drop-down lists from the default configuration constitutes ordering a custom-built computer, which you won't be able to return"
But, here's the problem: not only do they offer banking and postal services at the same wickets, they also don't seem to have discovered the marvelous North American method of having one line up for multiple tellers. You don't really appreciate having the first available clerk can always help whoever has been in line longest, until you live out the alternative.
So, you go to the post office with your single envelope, correctly addressed, just needs to be weighed and have postage slapped on it... You have to carefully scan the lines, and suss out the people waiting. That fellow with the big fat envelope - is he mailing something in bubble wrap, or is it full of unsorted petty cash and small cheques that need to be deposited into three different accounts? That lady with the shopping bag - is she checking her PO box, or remortgaging her house?
Actually, the best alternative is often a mostly oral presentation (no slides), with the occasional point being drawn out on the blackboard (by hand in chalk or marker!) at the same pace as the explanation of the subject. It's much better to hear "and then we have generic widgets in here. In practice we use about two dozen types of widgets" as the presenter is drawing the "generic widget" part of the diagram, than to see him wave a laser pointer all over 2/3 of a complicated diagram, while his audience thinks of where they'd like to stuff the laser pointer.
However, if we break it down between powerpoint/everything else, then powerpoint has been an aid to communication in precisely one talk I ever saw; an impediment in the other 100% - 1. In the everything else category, it's an aid in about 75%. I think perhaps the thing is, people use powerpoint as a reflex these days, whether they need any projections or not. If they use anything else, it's because they're thought about it.
Transparencies can be good - they're versatile.
As for pictures, the best case for that was some art history courses I took. Powerpoint would have been terrible for this - projectors were pretty much all 800x600 at the time (are they 1024x768 these days? How much does that cost?) and the color is lame. The only way to go was a real slide projector, with the clickety-click cart and the acetate slides where one always ends up being upside down.
One of the best uses of projection though was a course where the notes were on a website, simple html, no powerpoint. So, he put that up on the projector, and we knew exactly what notes we had to take and what we didn't need to write, since we all know the URL for what's on screen now. Because it's a web page, he could have a useful amount of text, i.e. that doesn't fit on one screen, diagrams that you need to scroll about to see in full.
I agree with you about reading slides though. It's a slide show, not the 3x5 cards with your notes. But, in presentations where people did that, the slides were usually completely unnecessary. A better slide show would have been better, but the no slide show at all would have been best.
Seriously, if I can't listen to at least some of an album, I don't buy it. And the stuff I buy, I have to special order, generally from out of the country (now that the one record store near me that sells psy-trance moved to the far end of town, it's easier to get it from Hong Kong than my home city. Crazy world, eh?)
So, it seems at least reasonable - NZ music doesn't have the mega-publicity budgets to buy radio airplay that US and EU mass-produced music does. So, mp3 distribution could be working more like free radio airplay than like 'theft'. The thing is, this is something that should be considered (it's true in my case, and in the case of a number of people I know who spend rather a lot of money on music), and the person the article quotes can't even conceive of it.
That's kind of the point, isn't it - digital goods can be infinitely 'stolen', and do no damage to the producer, as long as the theft doesn't decrease sales. If a thousand 'thefts' have the net effect of producing one additional sale, then those thefts actually benefit the producer.
So, maybe a hundred people download the song. Of those, five would normally have sprung for the CD - two decide not to buy it now they have the mp3 (-2 sales), three go ahead and buy it (+/-0). What of the other 95? If twenty of them would normally not have heard of the artist or album, and three of them decide to buy it now (+3), then this 'theft' is really more like free radio play. No need to bribe radio stations to get exposure.
I fall into the last category - no mp3, no sale to me. I'm not about to special-order vinyl from HongKong without knowing if it will be worth it or not (seriously, that's like 90% of my music purchases). Besides, I hate the sound quality of mp3s. If I like music, it's more of an annoyance than a pleasure to hear it all thin and reedy and mp3-like. I'd as soon listen to a monaural AM radio at the bottom of the yard as an mp3. I do download a lot of mp3s though - it's the only way I can test-listen music I might consider buying, that's not mass-produced top-40 radio pabulum.
c.f. the article - all of a sudden, there's an un-explained upsurge in the sales of locally produced New Zealand music. Which is also being 'stolen' in unprecedented amounts...
The thing is, IMO, many record company execs can't differentiate between the two digital/physical 'thefts'. One theory of mine, is that record execs don't really like music (look at the crap they turn out), so they can't appreciate the difference in sound quality between mp3 and CD/vinyl. Therefore, they can't imagine that some people really do appreciate the difference, and consider mp3s to be more like listening to an AM station on a tinny mono radio set at the bottom of the garden, than like having a form of music you can really enjoy.
Another possibility is that the spread of mp3s promotes concert attendance, since people save the cash on CDs to go to bars/music halls/stadiums. So, the money is going directly to the artist, and cutting the execs out of the loop, and they fear that. Also, their radio station bribing system allows them to choose what we hear, aggressively promoting disposable bands. This way, they don't have to rely on talented musicians that can't be quickly replaced - they might get uppity, and demand a fair recording contract.
So, to apply Walmart to the thing, it's more like if WalMart realized people were spray-painting WalMart logos on stuff as the latest graffiti - nobody is actually stealing physical stuff, they're just reproducing stuff they don't technically have the right to. So, if the graffiti have a negative association and reduce sales, WalMart would be smart to go after the taggers. If they just work as free billboards, and increase sales, then WalMart should turn a blind eye, or even produce stencils (note: unlicensed public display prohibited) of their logo.
If you also have wireless access and either don't encrypt it, or your attacker takes the time to crack your WEP key (not, I gather, all that hard for a determined attacker), then he could potentially inject a laptop into your network from the parking lot. The wireless delay would be enough that nearly all hosts would still get the legit DHCP server's responses first, but (a) he could still compromise all the laptops that use DHCP - probably not uncommon if you're switching between access points a lot, and (b) only one wired host would need to trust the wrong response, and he could compromise it, turn it into the owned DHCP server, and he's set. That could include a laptop that was compromised by wireless, and later plugged in to the wired network.
On one hand, it's you say - if the attacker has got himself onto your local net, you're already dealing with some big problems. On the other hand, by the principle of defense in depth, you should both prevent the attacker getting on your network, and also have an internal network set up so an attacker would have a hard time doing damage from the inside. This vulnerability means that one of the layers of your supposed 'defence in depth' is weak.
An attacker who has already managed to either insert a malicious host into your local network (granted, if you have an unsecured wireless network, that could be fairly easy), or compromise one of the hosts on your network, can then wait for users to reboot their computers (assuming the original compromise hasn't been noticed yet), and then get them to trust the compromised host.
So, steps are
Now, if you've got one host (that doesn't get shut down at night) in a lab where everyone else turns off their computers at night, you could take over the whole lab in a day or two. But then, in that situation, you've probably just taken over the domain controller (or Apple equivalent) anyway, so who needs a DHCP vulnerability?
Definitely a big problem, but it's hardly MSBlaster, is it?
So stick the fake thumb in your pocket for five minutes to warm it up to body temperature first. Probably that's what you'd do anyway - it would look pretty weird if you walked up to a bank machine with a rubber thumb in your hand or the brim of your hat...
Like, we sat at P4 workstations with about 256MB of RAM, that ran only one program - Citrix client. The servers were on the East coast somewhere. On those (already slow) servers we ran apps that felt like X11 over a phone modem, which were in turn a front end to some pre-RDBMS database program running on MVS/ESA servers scattered about the US. Oh, and the Citrix client stations had their video cards locked at 60Hz. We didn't have permissions to change the refresh rate...
So, to stretch the Darwinism metaphor past any reasonable application: in the world of security, that means that the security practice that survives isn't necessarily the one that produces the most realy security. It's the one that produces the greatest sense of security in the people who make the decisions. I.e. managers, often without much understanding of the topic, and Infosec types, who often forget that the reason they are willing to make an effort to protect infosec is it's their job - and if their job were payroll accounting then that's where they would make the effort, and infosec would be a nuisance.
Consider ID checks at airports and the like - they're not going to catch intended suicide bombers. If an attacker plans to die in the attack, he's not going to care if you can identify him to arrest him later. But they make passengers feel safer, because someone in a blue polyester uniform is looking at everyone's ID, which is a security sort of thing to do. And his badge even says "security".
This is great, except wait: Was this the site that disallows non-alphanumeric characters, or was it the one that requires all lowercase, or the one with a minimum password length of 10 characters?
Those who prove to be unproductive when they have to share space with others risk getting fired.
And if you actually follow the link and read the Mercury News article:
The noise of shared work spaces bothers many people, while others regard offices as status symbols. Some can't get any work done without a regular place to sit.
Encore Technical Staffing, a headhunting firm, closed its Redwood City office about three years ago to avoid a rent increase and asked its 40-or-so employees to be mobile. But some proved unproductive and were fired.
So, there you go - companies decide to save on rent, even though it means their productive employees become unproductive and need to be fired, and new employees need to be screened, hired, trained, and brought up to speed.
Makes you think someone didn't think this 'saving' through real well...
Incidentally, I rather suspect most people who think they are really good at 'multi-tasking', and doing brain-work in a distracting environment, are kidding themselves. They're the ones who are fully convinced that they can talk on cellphones and drive safely, only because they don't even notice all the accidents they nearly get in, and all the tight maneuvers they force other drivers to make.
That's a very different thing from being able to do productive work in a room with 100 conversations going on on all sides.
I think I'm pretty good at communicating with people, but that's what meetings and lunches are for. When I'm done communicating and dealing with people, and it's time to do some intense thinking, I don't need four different meetings, half a dozen tech support calls, and twenty tinnily-audible sets of headphone music going on in the same room.
On any write() call,
- the data is written to the journal area of the disk.
- once that has completed successfully, it's written to the regular data area of the disk.
Also, if I get it correctly, the first write couldn't be stuck in a write cache, but has to complete immediately, while the second could be cached and completed later.So, if the power dies during the first write, you fall back to the original data. If it dies during the second write, fsck runs on reboot and uses the journal as a source of authoritative data.
Net effect then would be that any write() call would take roughly twice the time (likely more, since one of the seek/writes can't be cached), while reading would take exactly the same amount of time.
The one cure I can see is the approach Mac OS has taken since at least the first G3s - there is no hard power switch on the front of the case. Hit the power button on the case, and it will send an interrupt to the OS, which will pop up a "do you want to power down now?" dialog. The only way to shut down without the OS knowing is to reach behind the case and pull the plug (or cause a kernel panic, of course, but that's gotten fairly hard to do with OS X).
So buy from independent labels. iTMS carries a good selection, apparently (I'm in Canada, so I have no grea motivation to look into this)
Cause all those companies that made Walkmans (of the non-TM generic sort) are really hurting right now... Sales slowed down gradually, and sales of new, improved products took over.
That said, if they count a randomly selected 10% of polling stations by hand to check for accuracy, this makes it a lot harder for the software to fool things up. Only if these samples show any more than a certain defined level of inaccuracy (ideally zero), only then do you need the expense of manually counting votes.
And, properly, it ought to be in the contract that the voting machine's supplier will cover at least a large fraction of the cost of any manual recounts, should they become necessary...
Then you'd get the google.com page, that would insantly redirect you to the google.ca page, that would resolve to the google.com page, that would redirect you to the google.ca page....
Notice the last word in his posting was "eh"