Sounds like I have been doing shit wrong and could have gotten things done quicker and slacked off. I do start with the lists of bestpractices and regulations. Then I go and check their layout, settings, firewall rules, configuration, physical security, etc. seeing how they are running things. After that I go and do a proper vulnerability scan and system scan (outside looking in and inside looking out) to see if what they say their system is setup as is what is actually is. If the customer allows it I do some pen testing on links coming in, physical penetration testing with a little bit of social engineering, or pen testing from machine to machine in their environment. Finally after all that I spend a whole pile of time going over the collected results and create a nice report where I organize the threats and risks into actual threat levels and provide mitigation or remediation steps. Typically I spend 2 weeks on site gathering data, and then about another month going over it. I have never been a big fan of checkbox security as it leads to lots of stupid crap but there is something to be said for going through them because I have found a lot of low hanging fruit that was simply overlooked by others.
I have read much the same but a break is a break and the breaks don't get worse over time. Personally I just want to poke the bear as I am getting sick of these attempts to weaken or backdoor encryption and would like to put it beyond their ability to ever have any hope of cracking it unless they get out the jumper cables and car battery. It has been a real concerted effort for almost the last year or so to make it so that people view encryption poorly and let the FBI and CIA have their backdoors and weakened ciphers available for all so they can spy on us.
While I will write my idiot Senators and defective Congressman I doubt it will do any good. I write them a lot and nothing ever comes of it but it doesn't stop me from writing them anyway. It isn't like they went after the CIA when they hacked the Senate Intelligence Committee and spied on them so why would they go after them for this minor infraction.
Even those who are US citizens tend to like to poke people like Director Brennan in the eye with a stick. I mean it isn't like Schneier is out there preaching the virtues of the CIA, but instead has basically told them and the FBI to go piss up a rope.
All true and and effort of ~2^100 is huge requiring massive amounts of energy even on an ideal computer, I believe a significant percentage of the total worldwide energy production for an entire year. My point was that AES 256 is turning out to not be as strong as believed and for this type of attack is weaker than AES 192. There are otheroptions out there but are not as fast but were considered to have a high security margin instead of just a moderateone during the AES competition.
It may be time to have a new competition to get a new set of algorithms but this time go for some that should hold until the heat death of the universe which would mean a key length in the 540 to 600 bit range (they need to be unbreakable on quantum computers otherwise we could get buy with key lengths in the 270 to 300 bit range). I use these number because even on an ideal computer the universe runs out of energy before the key space can be searched but I forget the exact value as it was a while since I did that calculation and both of those number sound about right.
As much as I would like to see people like him sent off to federal PMITA prison it isn't going to happen. These guys are part of the protected class and they really need to screw over congress. Even spying and hacking into the Senate Intelligence Committee servers didn't' get them into trouble, so I doubt anything will ever come of this. I just wonder what they have on the congress critters.
Statements like that aren't for the people who work for him, or even the/. crowd. They are for the consumption of the assorted idiots and defectives in congress as well as to placate the general populous that has know knowledge of how encryption works. He knows exactly what he is after and is positioning things so that he gets them even if he is lying through his teeth. Before the Paris attacks there were statements out of the FBI or CIA (I forget which) where one of their people said it would take a terror attack where the terrorists used encryption before they could seek to get rid of strong crypto available to the general public. Then a few weeks later the Paris attacks happen and there was tons of news coverage about the terrorists using encryption. Also lets not forget the whole San Bernardino attack and that fucking iPhone. This is just the next step in their long game. Sadly no tin foil is needed.
I do like the idea of all sources of income being treated the same, and I do like the idea of there being an adjustment of cost basis for inflation for investments so long as it is the same adjustment that is used elsewhere in the government. So this number is the same one used on the inflation adjusted government bonds, social security, adjusting the regular tax brackets, etc. otherwise there will be all sorts of games played like there currently is.
And yet the last time I did more the 200 miles in a day was last weekend. Different people have different usage patterns. My wife rarely drives more then 10 miles in a day, while just my round trip commute to and from work is 64. I will also tow a trailer up to my lake property with my car regularly for the weekend which is about 140 miles each way and there isn't an electrical connection. So while my wife could get by easily with an electric I couldn't
I hated when instructors did that but I had very few class that were that shitty and the ones that were were all liberal arts classes. Thankfully the literature class I took was "Intro to Shakespeare" which was just reading 1 play a week for the semester. So I got off easy with the project Gutenberg texts of them granted that was back in the 90s before things got silly expensive but even then gollege wasn't cheap. Even my compilers course used the standard dragon book but the instructor had the remarkable idea of also requiring the practical book O'reilly's lex & yacc since it would actually help with the project.
Well I would be all for that, just be sure to tag appropriately and incorrectly. Facebook's facial recognition for a while was really good a finding faces in mariposa lilies so I took to tagging myself in them and got my friends to do the same. I also tag my self when it finds a "face" in a random ordering of leaves, grass, pebbles, or other seemingly faceless images.
Scientists schooled in the scientific method with math/stats backgrounds making a conscious effort to not fall into correlation/causation or selective bias errors often fail at producing good data.
In discussion like this I am always reminded of a little tidbit I picked up in one of my AI courses in college:
People who buy diapers in a grocery store on Thursday nights also tend to buy beer at the same time
I am the very model of a modern Cyber General
I've information secretive and knowledge technological
I know my way around the tubes and quote the cryptological
From Adi, Bruce and Len to Ron in order alphabetical!
You just need to use some shibboleths to ensure they don't understand it. Maybe even include some grass mud horses or rolling mud horses from time to time.
Then might I suggest voting Johnson or Stein. And they encourage other people to vote for one of them. If you are left leaning chances you will probably align better with Stein if you are right leaning then Johnson if you claim you are an independent then pick one of them but either way they would be better than Trump or Clinton.
As someone who does have a carry permit you seem to be on the right track with your thinking. While I do have a permit to carry in my state I rarely carry one and the only place that I do is when I am up at my property in the north woods of Minnesota. One can't be out walking down roads with a loaded firearm legally unless they have a carry permit so to stay legal I got the permit. I got the handgun as I have had a few too many close encounters with large predators up there, like bear, wolves, cougar (not cute), lynx (cute as hell) then add in the stupid coyotes that are getting out of control and it is just reasonable to carry a sidearm. My handgun also isn't one that would be a good conceal weapon as I chose it for it being effective against some like a bear, not something I could easily hide in a coat pocket or shoulder holster.
Jewish people are violent like this too: they throw rocks at women who are "immodest" in Israel, and probably wouldn't treat homosexuals any better.
To be fair it is only some Jewish people, and it isn't just women who are dressed immodest that get rocks thrown at them. The thing is that most of the Israelis I have met can't stand those Jew as they just piss everyone else off in general. One of the guys I know really well over there has this to say about how religious he is:
I could eat a whole fucking pig covered in cheese.
One weekend he took me and one of my coworkers out fishing with one of his friends who has a boat out on the sea of Galilee because what the hell else were we going to do on a Saturday in Israel.
This is the key. When ever I have to do text processing, configuration file generation, configuration management type stuff Perl is my go to language as it great for processing text. For me it is just another tool in the box, like C/C++, various other scripting languages, etc. it has its place but unlike so many other people I don't just have a hammer so every problem is a nail.
Slashdot Mirror
Sounds like I have been doing shit wrong and could have gotten things done quicker and slacked off. I do start with the lists of best practices and regulations. Then I go and check their layout, settings, firewall rules, configuration, physical security, etc. seeing how they are running things. After that I go and do a proper vulnerability scan and system scan (outside looking in and inside looking out) to see if what they say their system is setup as is what is actually is. If the customer allows it I do some pen testing on links coming in, physical penetration testing with a little bit of social engineering, or pen testing from machine to machine in their environment. Finally after all that I spend a whole pile of time going over the collected results and create a nice report where I organize the threats and risks into actual threat levels and provide mitigation or remediation steps. Typically I spend 2 weeks on site gathering data, and then about another month going over it. I have never been a big fan of checkbox security as it leads to lots of stupid crap but there is something to be said for going through them because I have found a lot of low hanging fruit that was simply overlooked by others.
I was thinking atomic operations as they would also avoid the wait.
I have read much the same but a break is a break and the breaks don't get worse over time. Personally I just want to poke the bear as I am getting sick of these attempts to weaken or backdoor encryption and would like to put it beyond their ability to ever have any hope of cracking it unless they get out the jumper cables and car battery. It has been a real concerted effort for almost the last year or so to make it so that people view encryption poorly and let the FBI and CIA have their backdoors and weakened ciphers available for all so they can spy on us.
While I will write my idiot Senators and defective Congressman I doubt it will do any good. I write them a lot and nothing ever comes of it but it doesn't stop me from writing them anyway. It isn't like they went after the CIA when they hacked the Senate Intelligence Committee and spied on them so why would they go after them for this minor infraction.
Even those who are US citizens tend to like to poke people like Director Brennan in the eye with a stick. I mean it isn't like Schneier is out there preaching the virtues of the CIA, but instead has basically told them and the FBI to go piss up a rope.
All true and and effort of ~2^100 is huge requiring massive amounts of energy even on an ideal computer, I believe a significant percentage of the total worldwide energy production for an entire year. My point was that AES 256 is turning out to not be as strong as believed and for this type of attack is weaker than AES 192. There are other options out there but are not as fast but were considered to have a high security margin instead of just a moderate one during the AES competition.
It may be time to have a new competition to get a new set of algorithms but this time go for some that should hold until the heat death of the universe which would mean a key length in the 540 to 600 bit range (they need to be unbreakable on quantum computers otherwise we could get buy with key lengths in the 270 to 300 bit range). I use these number because even on an ideal computer the universe runs out of energy before the key space can be searched but I forget the exact value as it was a while since I did that calculation and both of those number sound about right.
Seriously why?
I find that the Brits generally do a better job covering the US than the US news does.
Good luck.
As much as I would like to see people like him sent off to federal PMITA prison it isn't going to happen. These guys are part of the protected class and they really need to screw over congress. Even spying and hacking into the Senate Intelligence Committee servers didn't' get them into trouble, so I doubt anything will ever come of this. I just wonder what they have on the congress critters.
Statements like that aren't for the people who work for him, or even the /. crowd. They are for the consumption of the assorted idiots and defectives in congress as well as to placate the general populous that has know knowledge of how encryption works. He knows exactly what he is after and is positioning things so that he gets them even if he is lying through his teeth. Before the Paris attacks there were statements out of the FBI or CIA (I forget which) where one of their people said it would take a terror attack where the terrorists used encryption before they could seek to get rid of strong crypto available to the general public. Then a few weeks later the Paris attacks happen and there was tons of news coverage about the terrorists using encryption. Also lets not forget the whole San Bernardino attack and that fucking iPhone. This is just the next step in their long game. Sadly no tin foil is needed.
Shut your filthy Commie Islam loving pie hole. /sarcasm
Although it does look like AES 256 has some problems with related key attacks.
I do like the idea of all sources of income being treated the same, and I do like the idea of there being an adjustment of cost basis for inflation for investments so long as it is the same adjustment that is used elsewhere in the government. So this number is the same one used on the inflation adjusted government bonds, social security, adjusting the regular tax brackets, etc. otherwise there will be all sorts of games played like there currently is.
Put that amount of power in something like a MG Midget with a modern suspension and 4 wheel disk and it will go like a bat of out hell.
And yet the last time I did more the 200 miles in a day was last weekend. Different people have different usage patterns. My wife rarely drives more then 10 miles in a day, while just my round trip commute to and from work is 64. I will also tow a trailer up to my lake property with my car regularly for the weekend which is about 140 miles each way and there isn't an electrical connection. So while my wife could get by easily with an electric I couldn't
I hated when instructors did that but I had very few class that were that shitty and the ones that were were all liberal arts classes. Thankfully the literature class I took was "Intro to Shakespeare" which was just reading 1 play a week for the semester. So I got off easy with the project Gutenberg texts of them granted that was back in the 90s before things got silly expensive but even then gollege wasn't cheap. Even my compilers course used the standard dragon book but the instructor had the remarkable idea of also requiring the practical book O'reilly's lex & yacc since it would actually help with the project.
Well I would be all for that, just be sure to tag appropriately and incorrectly. Facebook's facial recognition for a while was really good a finding faces in mariposa lilies so I took to tagging myself in them and got my friends to do the same. I also tag my self when it finds a "face" in a random ordering of leaves, grass, pebbles, or other seemingly faceless images.
Scientists schooled in the scientific method with math/stats backgrounds making a conscious effort to not fall into correlation/causation or selective bias errors often fail at producing good data.
In discussion like this I am always reminded of a little tidbit I picked up in one of my AI courses in college:
People who buy diapers in a grocery store on Thursday nights also tend to buy beer at the same time
Then there is this little gem about Target from a while back.
I think I still have one in my basement. It probably still works given how damn near indestructible those things were.
I am the very model of a modern Cyber General
I've information secretive and knowledge technological
I know my way around the tubes and quote the cryptological
From Adi, Bruce and Len to Ron in order alphabetical!
While I wish I could have claimed it as my original that belongs to Arancaytar with this post.
I now feel the need to snap some.
You just need to use some shibboleths to ensure they don't understand it. Maybe even include some grass mud horses or rolling mud horses from time to time.
Only if it is this one. While not quite Sweet Meteor of Death for 2016 it would be an acceptable solution.
Then might I suggest voting Johnson or Stein. And they encourage other people to vote for one of them. If you are left leaning chances you will probably align better with Stein if you are right leaning then Johnson if you claim you are an independent then pick one of them but either way they would be better than Trump or Clinton.
As someone who does have a carry permit you seem to be on the right track with your thinking. While I do have a permit to carry in my state I rarely carry one and the only place that I do is when I am up at my property in the north woods of Minnesota. One can't be out walking down roads with a loaded firearm legally unless they have a carry permit so to stay legal I got the permit. I got the handgun as I have had a few too many close encounters with large predators up there, like bear, wolves, cougar (not cute), lynx (cute as hell) then add in the stupid coyotes that are getting out of control and it is just reasonable to carry a sidearm. My handgun also isn't one that would be a good conceal weapon as I chose it for it being effective against some like a bear, not something I could easily hide in a coat pocket or shoulder holster.
Jewish people are violent like this too: they throw rocks at women who are "immodest" in Israel, and probably wouldn't treat homosexuals any better.
To be fair it is only some Jewish people, and it isn't just women who are dressed immodest that get rocks thrown at them. The thing is that most of the Israelis I have met can't stand those Jew as they just piss everyone else off in general. One of the guys I know really well over there has this to say about how religious he is:
I could eat a whole fucking pig covered in cheese.
One weekend he took me and one of my coworkers out fishing with one of his friends who has a boat out on the sea of Galilee because what the hell else were we going to do on a Saturday in Israel.
Perl was designed for processing text.
This is the key. When ever I have to do text processing, configuration file generation, configuration management type stuff Perl is my go to language as it great for processing text. For me it is just another tool in the box, like C/C++, various other scripting languages, etc. it has its place but unlike so many other people I don't just have a hammer so every problem is a nail.