And the problems Greece is in is totally just related to him, and not decades upon decades of nepotism, corruption and mismanagement mainly perpetrated by the Greek versions of the Republicrats, who managed to get themselves voted out of power when the shit started to hit the fan.. You'd better be a good puppet now, and do better next time to blame the ones left with the mess and who refused to accept strangulation as a cure to brain hemorrhage.
There is no Greek version of republicans. The most conservative party in that country are communists. If Hillary Clinton moved there she'd be running on getting the government out of your pocket book and church into schools.
My guess of they they'll turn in desperation to Putin, thinking he's going to help them (as he's going to promise). And he's going to screw them in ways they can't even imagine.
There seems to be this common misconception that the Russia of today is in any way equivalent to the USSR of old... and Putin exploits this relentlessly. But it's simply not true, economically, politically, or militarily.
The USA is far ahead of any other part of the world by every every measure: http://www.tradingeconomics.co... And to think of Russia as some kind of equal power to the US like they were back in the 60's is totally misleading. Despite its size, its ruthless lack of environmental and labor laws, and clear ambivalence to financial regulation, it's economy is 11th, on par with Canada. This is mostly due to rampant corruption that leads to Oligarchs bleeding the economy so dry it can't grow.
Russia can't afford to help Greece. Greeces debt was $317 billion last I checked. That's 17% of Russia's entire GDP. Further, Greeces problems have nothing to do with the EU. Every year they fail to collect 90% of taxes. Let me say that again, 90% of taxes in Greece are never collected. THAT is their main problem. And that's before we get into the rampant government overspending on social programs, borrowing and so-on.
Greece is doomed, the best thing for them was to follow the troika's advice, barring that? The need to find out what real 3rd world poverty feels like, so they can teach their children to never let this sort of thing happen again. Unfortunately that seems to be exactly what's going to happen. I feel a lot of empathy for the children of the people that voted for the governments they've had for the past 20yrs. Those children will suffer the most.
You talk a lot about Greece here... what about the EU? Why would they take a loss on this debt?
Lets talk about it on a personal level.... Lets say I was your neighbor and lost my job. I came to you and said "I lost my job, my mortgage is due, I need to borrow $2000!" You might think "Well, I don't want the house next door to me to foreclose on me, it would affect my houses value" so you loan me the money and say "Ok, but get yourself a job" So the next month rolls around and I still don't have a job and not only can I not pay you back for the last loan payment, I want to borrow another $2000. Are you going to loan me money again? Not only are you questioning your original decision, but now I turn around and accuse you of extortion for expecting me to get a job. You mention that I have a very nice car, why not sell it? And so I canvas the neighborhood telling all our neighbors what a jerk you are... telling me to sell my car... it's not my fault I was laid off.
The fact of the matter is, restructuring the loan... what you're talking about... wont matter. Greece still doesn't have a job. They do not have enough GDP to sustain their spending, period. Their government is one of the largest, most expensive in the world. Huge swaths of the public live on government pensions. Most people don't pay taxes, especially the wealthy. The EU could forgive all of their debt today, and Greece would still go bankrupt in a few years. Nothing in this situation is the EU's fault, other than the fact that they shouldn't have given Greece the loans in the first place.
Actually, they clearly understand that simple austerity isn't going to correct the situation. The last 5 years of austerity have made the Greek debt burden even more impossible to shoulder rather than less. Greek debt needs to be restructured into something that is actually sustainable in addition to structural reform of the Greek economy. That's the deal that the EU should have on the table.
Best quote I've heard from a Greek on this: "My son is so ashamed when he has to come to me to borrow 5 EU for a simple cup of coffee because he hasn't had a job in months!" It sums the entire problem up in one line. Why is your son buying Starbucks when he doesn't have a job? And wait... that's the extent of your financial misery?!? Greece has no idea the world of pain that's about to descend on them. They keep saying "It can't get any worse!" Yes, it can... a LOT worse. When the government can't afford to pay the police so they stop coming to work? The fire department? Schools? It saddens me that an entire generation of Greeks will have to endure real misery to learn what real poverty looks like. The average western homeless person has more net worth than most employed people in the rest of the world due to all the social safety nets that surround them. THAT is what's about to evaporate in Greece. THAT is what the EU was trying to save.
Greece did this to themselves. It's sad that children who have never even voted for the politicians their parents elected have to suffer the results. But the alternative is for French and German children to suffer that pain.
Encryption or not, if I had access to the internal network how long until I had the DB system account credentials? Then I can bypass all the data access rules, or even create database clones and start stripping the logs. The possibilities are numerous. Then feed the data out a bit at a time.
More than likely it's not that nefarious or complicated. Someone did a bit a social engineering and got lucky or planned to get a very close set of credentials. Then physically walked in and grabbed the data. You don't even need the whole database. It's possibly a couple HR or project tables.
tl;dr Encryption wouldn't have stopped this when the crackers had internal access.
But what they are saying is "Encryption wouldn't have helped" which is a lie. It would have helped, it would have made this a lot more difficult. It would still have been possible, just a lot harder. Stop furthering the myth that hackers have magic powers. This stuff is preventable.
Encryption or not, if I had access to the internal network how long until I had the DB system account credentials? Then I can bypass all the data access rules, or even create database clones and start stripping the logs. The possibilities are numerous. Then feed the data out a bit at a time.
More than likely it's not that nefarious or complicated. Someone did a bit a social engineering and got lucky or planned to get a very close set of credentials. Then physically walked in and grabbed the data. You don't even need the whole database. It's possibly a couple HR or project tables.
tl;dr Encryption wouldn't have stopped this when the crackers had internal access.
But what they are saying is "Encryption wouldn't have helped" which is a lie. It would have helped, it would have made this a lot more difficult. It would still have been possible, just a lot harder.
Right, encryption would have prevented: Select * from employee records;
Forcing the attacker to go through a service that decrypted the data first, would have forced them to have to send every row through that service before getting the data. THAT activity would be truly trivial to detect. "Hey, Fred just ran a lookup on every spy we have in Russia... Fred? Hey, Freds on vacation!"
Even more trivial would have be designing the service to only allow 1 request per user per second. This would have almost no affect on a real user, but would severely handicapped a scripted attack. They'd only get 86k records a day. And if you had any sort of monitoring in place, at all, you'd hope to catch them within 12hrs.
When I worked at AT&T about 15yrs ago, our department was required to have our passwords printed (For easier reading) and hung up in our cubes. People were regularly written up when they changed their passwords and forgot to hang up a new one. The ticketing system they were using didn't allow one employee to see another employees work load so if you were out sick, the only way they could check your stuff was log in as you.
The password I hung up was intentionally wrong. I never called in sick, ever... if I had to I'd come in for an hour, take care of my stuff, then leave... When I went on vacation, I'd change the password before I left and hang it up, then change it back before I did anything else so I could encapsulate any activity that took place that wasn't my own. Some of us do care, most don't.
Defamation = speech. Limiting it, is limiting free speech. I'm not sure I like it, but trying to control defamation leads to all sorts of far less palatable scenarios. I had a stalker a long time ago... it was very irritating... but I still don't support the sorts of legislation that would have stopped her. Because that sort of legislation would be used for all sorts of evil things that had nothing to do with preventing me from being annoyed by a crazy lady.
The oldest and easiest employment problem there ever was. If your people are leaving, and you can't others to replace them, the answer is simple: You're not paying them enough.
Your sarcasm aside, from TFA it looks like the town in question borrowed ~$1900 per person (NOT per household) to put in the system. They'll get that back with taxes eventually, but it's not clear whether the taxes will be on the locals or Statewide. Assuming a five year note, average household size of four, and the costs paid entirely by the locals, that should about double the $65/month that is the nominal cost of the system.
It says it's a town of 1900 people at the top, 800 premises so an average of 2.4 per household. They're borrowing $3.6 million which works out to $4500/household, but five years is generally too short. Most estimate that a buried fiber will last 30-40 years, if we say 20 years then it's an extra $20/month in taxes. Seems like a fair price, near my cabin they're building out to ~1200 premises for $5.2 million with a mix of government funding and extra sign-up fee, though the most part is covered by the fiber company who'll profit for decades to come. Still, if all goes according to plan I can get gigabit there at the end of the year and "only" 100 Mbit at home...
I work for an ISP. You're wrong on almost every point.
Most infrastructure repair costs are for what we jokingly call the "Backhoe disconnect" We're talking upwards of 90% of our repair costs are construction related. And before you say it, no, they don't pay us back for it. It's almost always the city that cuts the cable, they can't afford to pay us, and if we tried to make them they'd issue a press release the next day stating "We're laying off 1 police officer and 2 kindergarten teachers to pay off your Nazi ISP, sorry" and we'd be driven out of town with pitchforks.
Further, Fiber does have a lot of longevity, you are correct there. But what doesn't have a lot of longevity is wired internet service as a whole. By 2025 we'll start seeing the first 5g cellular plans they'll offer 1gig+ service for a lower price and using less spectrum than 4g. When that comes along, the residential side of my industry will die. The financial people have to plan for that, and would be idiots if they approved infrastructure projects to invest in that part of the buisness. We'll still have a lot of business services, and we are, of course, the trunks between those cellular towers. But the industry as a whole has been exiting the residential market lately. It's becoming less and less profitable. Even televisions services are a losing proposition. The tiered television services ensure that TV is VERY expensive and the only people getting those profits are the channel executives. This is why all the cable companies are trying to merge now... they want to be big enough to fight those big content providers like Viacom.
Long story short, focus your ire on the cellular industry. They will be your ISP in 10 to 20 years and you'll have forgotten all about us.
I know. That's just a disaster waiting to happen. "We got hacked." "You don't say..."
For the first and last time:
ANYTHING on the internet is NOT secure
Use a local password manager.
Well, now that we have the word of someone that has absolutely no clue how infosec works I guess it's case closed right?
As far as how secure this service is... well... meh? Who the hell knows. Would I keep the launch codes there? No. My password for that Cartoon network? Sure. The point is, you seem to be claiming that your local hard drive is safer than a websevice literally dedicated to security. That's laughable to say the least. IF this site really is what it claims to be, then it's definitely more secure than your local hard drive, but certainly not as secure as simply memorizing the password.
The concern I would have immediately would be that you have to trust that vendor. Are they located in the US (or whichever country you live in so you can sue them) and subject to the jurisdiction of US courts should they turn out to be bad actors? And almost more importantly, do they keep all of their data on US servers? Being headquartered in the US but outsourcing your database to China would kind of defeat the purpose right?
When you get down to it, when you get into big-time security in major corporations, it's not really that you're jumping through lots of hoops to make sure the data is secure. You will ALWAYS fail at that. You just can't stay that on top of things. What you're really doing is trying to ensure that if there is a breach, you can recover from it and that you have someone to sue/blame to pay for the recovery. So you make sure you pick a service that's in the US, and is well insured. Then you leave it up to them and their insurance company to duke out the difference between higher premiums or more security people.
But if you're just Joe-schmo at home, and you want to store credentials to your netflix accounts and such? And it's a huge well know company like lastpass? Yes, they are more secure than your windows harddrive. A lot more secure. Maybe keep your bank login on a post-it note in the back of your sock drawer just to be safe though.
IMO yes, it was worth it. Having secret programs authorised by secret laws and secret alliances to reduce or remove the privacy of the population as a whole for some geopolitical goal is not something that should happen in democratic countries.
Actually there is a much more important 3rd question. Was it necessary to do a mass dump of NSA files that went far beyond mass domestic surveillance in order to bring that mass surveillance to the attention of the people?
The answer is a definitive NO. Snowden overshared. He may have inadvertently harmed legitimate intelligence programs and agents. He should have pruned his dump and kept it on topic.
That's the problem, there were no files (as far as we know) that contain the kind of information you describe.
First (as stated in the summary): "Have the actions of Snowden, and, apparently, the use of weak encryption, made the world less safe?"
Second (not asked, but as important as the first): Was it worth it? Did the revelations made the world a better after the revelations?
IMO yes, it was worth it. Having secret programs authorised by secret laws and secret alliances to reduce or remove the privacy of the population as a whole for some geopolitical goal is not something that should happen in democratic countries.
You're asking the wrong questions. The first question is: "Did this even happen" and the answer is no. This is FUD spread by the UK government just before an important vote on new security laws.
I received a $30 credit from Uber when I installed the app. That's free money. However, Uber only lets me spend it on my first Uber ride. So I can't just put that $30 into my bank account. In my case, it was raining one day, and I didn't have an umbrella, so I called an uber and got a short ride home. It came to $8, which used up my $30 credit. I didn't cleverly hatch a scheme with the driver.
If I were in China, I could say, hey, dude, bill me $30, it's coming off my new user credit anyways. Then give me $10. The driver makes $20 instead of $8, and I make $10 instead of $0. The loser would be Uber. Now, if I were to make a criminal enterprise out of it, I could say, hey, why even get a $8 ride? Let's have NO rides, and just keep billing $30 to get that juicy new user credit! We'll get keyboard farms to keep creating new uber accounts and riding and get that sweet $30 snatch!
Now, in the U.S., Uber stops me from creating new accounts on my own to take that $30 repeatedly because it requires a credit card. Now, if I were savvy, I'd use a new credit card with a cousin's billing address on a wiped phone and create a new uber account. If I have 12 credit cards and 12 cousins, I could register 12 new accounts. The only overlap would be my name, but Uber has zero way of telling if two John Smiths with different credit card numbers and different billing addresses could possibly be the same person. They rely on the fact that no one cares so much about $30 to bother with wiping their phone, swapping in a new sim card, using a new card and a cousin's address. And, they're right, in the U.S. In China, people will go through a lot more hardship for less. Clickfarms in China pay something like 10 cents per hour.
Yea, and then the most hilarious part is:
Uber's spokeswoman told the Quartz writer that the company has an on-the-ground team who investigate into these various type of fraud, then uses "deep analytics, and new tools developed by our Chinese engineers in our dedicated fraud team to combat against such fraud." The Uber spokeswoman declined to elaborate on the nature of these tools.
So they are bragging about how smart they are for thwarting the scammers with "Deep analytics" whatever the hell that means. If you were smart enough to do "Deep analytics" should you also have been smart enough to design a system that wasn't so easily scammed? I dunno... like you don't get your payout for 3 months or something? or your payout's in the form of an Amazon Gift card that you can only use from your Uber account? There's about 100 different trivial ways to completely subvert the scam from the start, it's mind boggling that they allow it to continue.
About 10yrs ago I decided to do some volunteer work. By the time I was done, I decided not to volunteer anymore. It's just too depressing that most, if not all, of the charities are run so poorly. But the red cross was one of the worst. I told them I was a programmer and a DBA so they made me the "host" meaning I handed out cookies and made people frozen pizzas while they donated blood. For this I had to go through a background check, speak with a councilor. They told me that if I couldn't pass the background check, that was ok, I could drive the trucks if I had a record. You know, the trucks with the blood in them. Really.
Then they needed help with this Access database, I was a DBA right? No, get back to the cookies! they say. They hired this consulting firm to help them with Access, who charged them $20k and sent it a kid strait out of community college.
They'd run adds on TV "We're running low on blood! We desperately need you to donate this weekend!" but that came out of marketing, who didn't tell the doctors or nurses, so they'd get slammed when they weren't staffed to handle it.
The red cross is completely mismanaged, disorganized, and clueless. But then again, so was every other charity I found so...
There are no entry level jobs. Not for Americans at least.
Elitist and racist comments that trigger the like reflexes pretty much everyone on slashdot right? Buy American! Be American! lol
I see "Entry level" programers float in from the local community college every other day. They usually can't figure out how to use our vending machine, much less write a line of code. The people from India/Pakistan show up and just get shit done. They also bring awesome stuff to our pot lucks.
The problem isn't H1B visas. The problem is the rub stamp educational standards colleges have in this country and completely destroyed employers faith in what a US degree means.
So, I think that the word we need to get out to the uninformed public is that hackers do not have magic powers that are impossible to defend against. Governments and Corporations responsible for these breaches keep trying to portray the hackers as if they were mad-men flying planes into buildings. How can you stop a fully loaded 747 flying at 800mph right?!?!
But that's not the case. Every single one of these breaches has been the result of mistakes made my the organization that was attacked as trivial as leaving keys in the lock of your safe with a big sign that says "Money inside!" These agencies and companies could easily, and with little monetary investment, make breaches like this nearly impossible.
In most cases the mistakes aren't even technological, they're institutional. Usually those attacked had well qualified security folks on staff who were doing their best to prevent the attack. But when the "VP of operations" (or whatever) comes in and says "The project is late, everyone's telling me it's because you're department is insisting on two factor authentication. I'm going to sign off on that and we're going to move forward" there's not much they can do.
Look at the Sony attack. You had executives of the company sitting there with the entire companies financial records down to the penny sitting on their windows desktop... WHILE their security department was telling them the entire network had an active virus infection running rampant. Basically nothing happened to any of the people responsible.
First: What the fuck is a "Technologist?" Personally, I reffer to myself as a Pornomancer, but what that means outside of my secret closet in the basement, I'm not sure. Secondly: Since when did having a 4 line wikipedia entry mean you were a notable person? This guy has a bigger article: http://en.wikipedia.org/wiki/J...
Personally, I don't understand why people have browser history turned on at all. I build a lot of computers for people (by happenstance it's a hobby) I build a dozen or so per year. The FIRST thing I do after the first boot is install Firefox (my preference), permanently turn off browsing history, install AdBlock+, install HTTPS Anywhere, then launch Windows update and go watch a movie.
I've never seen history help anyone. But I've seen it cause all sorts of embarrassing accidents, fights with spouses, legal trouble, etc... Is there actually a use for it?
Basically the definition of every word in your statement is ambiguous so I find that hard to answer. What is a "Friend" What do you mean by "Point" and "Social media"?!?! Does anyone know what that means?
It's on the internet, there's text, he clicks buttons, it makes him smile. More power to him.
The trouble with the 'backup' claim is that a Google cloud service may suffer a permanent failure upon a behind-closed-doors business decision, with potentially little warning. If Seagate, say, could instruct your usb hdd to brick itself, would you use it for backup? The Cloud is convenient in the short term, but business reality means it must be thought of as 'may fail for no reason'.
wtf are you talking about? Name any other backup scheme that wouldn't suffer the exact same potential disaster? Even if you set it up yourself in your own house on your own network that could happen. The difference is Googles far less likely to have that sort of problem than the NAS you bought off Newegg did.
If you REALLY wanted to protect your data, you'd back it up to both your house and google.
Backup...using a Google service? I prefer my backups to be reliable and private, thank you. Although hard drives do occasionally tell me "Hey, you've got a week to get your shit off me, ner ner!", at least they can't help it.
But it IS reliable and private. It's only NOT private when you take the "Free" options. I've been using Google Photos for backing up my entire families photos (80gig and climbing) for years. It costs me a $1 and is as complicated as checking a box on each of our phones.
If you want something else... ok write it and stop bitching.
Interestingly, the Soviet Union routinely underestimated US military capabilities on the assumption that if the US had the capability, the US would have used it. The US hadn't used it, so obviously they didn't have it.
Source: Operation Solo, John Barron.
I doubt that. I think the US often overestimates themselves. Pretty much every war we've fought since WW2 has been against 3rd world countries with a few key assets provided by China/Russia. A war against China or Russia proper I suspect would be an eye opener for a lot of people. Aircraft Carriers are really big targets and Stealth aircraft are only really stealthy to pre-1980s anti-air systems.
Slashdot Mirror
And the problems Greece is in is totally just related to him, and not decades upon decades of nepotism, corruption and mismanagement mainly perpetrated by the Greek versions of the Republicrats, who managed to get themselves voted out of power when the shit started to hit the fan.. You'd better be a good puppet now, and do better next time to blame the ones left with the mess and who refused to accept strangulation as a cure to brain hemorrhage.
There is no Greek version of republicans. The most conservative party in that country are communists. If Hillary Clinton moved there she'd be running on getting the government out of your pocket book and church into schools.
My guess of they they'll turn in desperation to Putin, thinking he's going to help them (as he's going to promise). And he's going to screw them in ways they can't even imagine.
There seems to be this common misconception that the Russia of today is in any way equivalent to the USSR of old... and Putin exploits this relentlessly. But it's simply not true, economically, politically, or militarily.
The USA is far ahead of any other part of the world by every every measure: http://www.tradingeconomics.co...
And to think of Russia as some kind of equal power to the US like they were back in the 60's is totally misleading.
Despite its size, its ruthless lack of environmental and labor laws, and clear ambivalence to financial regulation, it's economy is 11th, on par with Canada. This is mostly due to rampant corruption that leads to Oligarchs bleeding the economy so dry it can't grow.
Russia can't afford to help Greece. Greeces debt was $317 billion last I checked. That's 17% of Russia's entire GDP. Further, Greeces problems have nothing to do with the EU. Every year they fail to collect 90% of taxes. Let me say that again, 90% of taxes in Greece are never collected. THAT is their main problem. And that's before we get into the rampant government overspending on social programs, borrowing and so-on.
Greece is doomed, the best thing for them was to follow the troika's advice, barring that? The need to find out what real 3rd world poverty feels like, so they can teach their children to never let this sort of thing happen again. Unfortunately that seems to be exactly what's going to happen. I feel a lot of empathy for the children of the people that voted for the governments they've had for the past 20yrs. Those children will suffer the most.
You talk a lot about Greece here... what about the EU? Why would they take a loss on this debt?
Lets talk about it on a personal level....
Lets say I was your neighbor and lost my job. I came to you and said "I lost my job, my mortgage is due, I need to borrow $2000!"
You might think "Well, I don't want the house next door to me to foreclose on me, it would affect my houses value" so you loan me the money and say "Ok, but get yourself a job"
So the next month rolls around and I still don't have a job and not only can I not pay you back for the last loan payment, I want to borrow another $2000. Are you going to loan me money again? Not only are you questioning your original decision, but now I turn around and accuse you of extortion for expecting me to get a job. You mention that I have a very nice car, why not sell it? And so I canvas the neighborhood telling all our neighbors what a jerk you are... telling me to sell my car... it's not my fault I was laid off.
The fact of the matter is, restructuring the loan... what you're talking about... wont matter. Greece still doesn't have a job. They do not have enough GDP to sustain their spending, period. Their government is one of the largest, most expensive in the world. Huge swaths of the public live on government pensions. Most people don't pay taxes, especially the wealthy. The EU could forgive all of their debt today, and Greece would still go bankrupt in a few years. Nothing in this situation is the EU's fault, other than the fact that they shouldn't have given Greece the loans in the first place.
Actually, they clearly understand that simple austerity isn't going to correct the situation. The last 5 years of austerity have made the Greek debt burden even more impossible to shoulder rather than less. Greek debt needs to be restructured into something that is actually sustainable in addition to structural reform of the Greek economy. That's the deal that the EU should have on the table.
Best quote I've heard from a Greek on this: "My son is so ashamed when he has to come to me to borrow 5 EU for a simple cup of coffee because he hasn't had a job in months!"
It sums the entire problem up in one line. Why is your son buying Starbucks when he doesn't have a job? And wait... that's the extent of your financial misery?!? Greece has no idea the world of pain that's about to descend on them. They keep saying "It can't get any worse!" Yes, it can... a LOT worse. When the government can't afford to pay the police so they stop coming to work? The fire department? Schools? It saddens me that an entire generation of Greeks will have to endure real misery to learn what real poverty looks like. The average western homeless person has more net worth than most employed people in the rest of the world due to all the social safety nets that surround them. THAT is what's about to evaporate in Greece. THAT is what the EU was trying to save.
Greece did this to themselves. It's sad that children who have never even voted for the politicians their parents elected have to suffer the results. But the alternative is for French and German children to suffer that pain.
Encryption or not, if I had access to the internal network how long until I had the DB system account credentials? Then I can bypass all the data access rules, or even create database clones and start stripping the logs. The possibilities are numerous. Then feed the data out a bit at a time.
More than likely it's not that nefarious or complicated. Someone did a bit a social engineering and got lucky or planned to get a very close set of credentials. Then physically walked in and grabbed the data. You don't even need the whole database. It's possibly a couple HR or project tables.
tl;dr Encryption wouldn't have stopped this when the crackers had internal access.
But what they are saying is "Encryption wouldn't have helped" which is a lie. It would have helped, it would have made this a lot more difficult. It would still have been possible, just a lot harder. Stop furthering the myth that hackers have magic powers. This stuff is preventable.
Encryption or not, if I had access to the internal network how long until I had the DB system account credentials? Then I can bypass all the data access rules, or even create database clones and start stripping the logs. The possibilities are numerous. Then feed the data out a bit at a time.
More than likely it's not that nefarious or complicated. Someone did a bit a social engineering and got lucky or planned to get a very close set of credentials. Then physically walked in and grabbed the data. You don't even need the whole database. It's possibly a couple HR or project tables.
tl;dr Encryption wouldn't have stopped this when the crackers had internal access.
But what they are saying is "Encryption wouldn't have helped" which is a lie. It would have helped, it would have made this a lot more difficult. It would still have been possible, just a lot harder.
Right, encryption would have prevented:
Select * from employee records;
Forcing the attacker to go through a service that decrypted the data first, would have forced them to have to send every row through that service before getting the data. THAT activity would be truly trivial to detect. "Hey, Fred just ran a lookup on every spy we have in Russia... Fred? Hey, Freds on vacation!"
Even more trivial would have be designing the service to only allow 1 request per user per second. This would have almost no affect on a real user, but would severely handicapped a scripted attack. They'd only get 86k records a day. And if you had any sort of monitoring in place, at all, you'd hope to catch them within 12hrs.
When I worked at AT&T about 15yrs ago, our department was required to have our passwords printed (For easier reading) and hung up in our cubes. People were regularly written up when they changed their passwords and forgot to hang up a new one. The ticketing system they were using didn't allow one employee to see another employees work load so if you were out sick, the only way they could check your stuff was log in as you.
The password I hung up was intentionally wrong. I never called in sick, ever... if I had to I'd come in for an hour, take care of my stuff, then leave... When I went on vacation, I'd change the password before I left and hang it up, then change it back before I did anything else so I could encapsulate any activity that took place that wasn't my own. Some of us do care, most don't.
Defamation = speech. Limiting it, is limiting free speech. I'm not sure I like it, but trying to control defamation leads to all sorts of far less palatable scenarios. I had a stalker a long time ago... it was very irritating... but I still don't support the sorts of legislation that would have stopped her. Because that sort of legislation would be used for all sorts of evil things that had nothing to do with preventing me from being annoyed by a crazy lady.
The oldest and easiest employment problem there ever was. If your people are leaving, and you can't others to replace them, the answer is simple: You're not paying them enough.
Your sarcasm aside, from TFA it looks like the town in question borrowed ~$1900 per person (NOT per household) to put in the system. They'll get that back with taxes eventually, but it's not clear whether the taxes will be on the locals or Statewide. Assuming a five year note, average household size of four, and the costs paid entirely by the locals, that should about double the $65/month that is the nominal cost of the system.
It says it's a town of 1900 people at the top, 800 premises so an average of 2.4 per household. They're borrowing $3.6 million which works out to $4500/household, but five years is generally too short. Most estimate that a buried fiber will last 30-40 years, if we say 20 years then it's an extra $20/month in taxes. Seems like a fair price, near my cabin they're building out to ~1200 premises for $5.2 million with a mix of government funding and extra sign-up fee, though the most part is covered by the fiber company who'll profit for decades to come. Still, if all goes according to plan I can get gigabit there at the end of the year and "only" 100 Mbit at home...
I work for an ISP. You're wrong on almost every point.
Most infrastructure repair costs are for what we jokingly call the "Backhoe disconnect"
We're talking upwards of 90% of our repair costs are construction related. And before you say it, no, they don't pay us back for it. It's almost always the city that cuts the cable, they can't afford to pay us, and if we tried to make them they'd issue a press release the next day stating "We're laying off 1 police officer and 2 kindergarten teachers to pay off your Nazi ISP, sorry" and we'd be driven out of town with pitchforks.
Further, Fiber does have a lot of longevity, you are correct there. But what doesn't have a lot of longevity is wired internet service as a whole. By 2025 we'll start seeing the first 5g cellular plans they'll offer 1gig+ service for a lower price and using less spectrum than 4g. When that comes along, the residential side of my industry will die. The financial people have to plan for that, and would be idiots if they approved infrastructure projects to invest in that part of the buisness. We'll still have a lot of business services, and we are, of course, the trunks between those cellular towers. But the industry as a whole has been exiting the residential market lately. It's becoming less and less profitable. Even televisions services are a losing proposition. The tiered television services ensure that TV is VERY expensive and the only people getting those profits are the channel executives. This is why all the cable companies are trying to merge now... they want to be big enough to fight those big content providers like Viacom.
Long story short, focus your ire on the cellular industry. They will be your ISP in 10 to 20 years and you'll have forgotten all about us.
I know. That's just a disaster waiting to happen. "We got hacked." "You don't say ..."
For the first and last time:
ANYTHING on the internet is NOT secure
Use a local password manager.
Well, now that we have the word of someone that has absolutely no clue how infosec works I guess it's case closed right?
As far as how secure this service is... well... meh? Who the hell knows. Would I keep the launch codes there? No. My password for that Cartoon network? Sure. The point is, you seem to be claiming that your local hard drive is safer than a websevice literally dedicated to security. That's laughable to say the least. IF this site really is what it claims to be, then it's definitely more secure than your local hard drive, but certainly not as secure as simply memorizing the password.
The concern I would have immediately would be that you have to trust that vendor. Are they located in the US (or whichever country you live in so you can sue them) and subject to the jurisdiction of US courts should they turn out to be bad actors? And almost more importantly, do they keep all of their data on US servers? Being headquartered in the US but outsourcing your database to China would kind of defeat the purpose right?
When you get down to it, when you get into big-time security in major corporations, it's not really that you're jumping through lots of hoops to make sure the data is secure. You will ALWAYS fail at that. You just can't stay that on top of things. What you're really doing is trying to ensure that if there is a breach, you can recover from it and that you have someone to sue/blame to pay for the recovery. So you make sure you pick a service that's in the US, and is well insured. Then you leave it up to them and their insurance company to duke out the difference between higher premiums or more security people.
But if you're just Joe-schmo at home, and you want to store credentials to your netflix accounts and such? And it's a huge well know company like lastpass? Yes, they are more secure than your windows harddrive. A lot more secure. Maybe keep your bank login on a post-it note in the back of your sock drawer just to be safe though.
IMO yes, it was worth it. Having secret programs authorised by secret laws and secret alliances to reduce or remove the privacy of the population as a whole for some geopolitical goal is not something that should happen in democratic countries.
Actually there is a much more important 3rd question. Was it necessary to do a mass dump of NSA files that went far beyond mass domestic surveillance in order to bring that mass surveillance to the attention of the people?
The answer is a definitive NO. Snowden overshared. He may have inadvertently harmed legitimate intelligence programs and agents. He should have pruned his dump and kept it on topic.
That's the problem, there were no files (as far as we know) that contain the kind of information you describe.
First (as stated in the summary): "Have the actions of Snowden, and, apparently, the use of weak encryption, made the world less safe?"
Second (not asked, but as important as the first): Was it worth it? Did the revelations made the world a better after the revelations?
IMO yes, it was worth it. Having secret programs authorised by secret laws and secret alliances to reduce or remove the privacy of the population as a whole for some geopolitical goal is not something that should happen in democratic countries.
You're asking the wrong questions. The first question is: "Did this even happen" and the answer is no. This is FUD spread by the UK government just before an important vote on new security laws.
I received a $30 credit from Uber when I installed the app. That's free money. However, Uber only lets me spend it on my first Uber ride. So I can't just put that $30 into my bank account. In my case, it was raining one day, and I didn't have an umbrella, so I called an uber and got a short ride home. It came to $8, which used up my $30 credit. I didn't cleverly hatch a scheme with the driver.
If I were in China, I could say, hey, dude, bill me $30, it's coming off my new user credit anyways. Then give me $10. The driver makes $20 instead of $8, and I make $10 instead of $0. The loser would be Uber. Now, if I were to make a criminal enterprise out of it, I could say, hey, why even get a $8 ride? Let's have NO rides, and just keep billing $30 to get that juicy new user credit! We'll get keyboard farms to keep creating new uber accounts and riding and get that sweet $30 snatch!
Now, in the U.S., Uber stops me from creating new accounts on my own to take that $30 repeatedly because it requires a credit card. Now, if I were savvy, I'd use a new credit card with a cousin's billing address on a wiped phone and create a new uber account. If I have 12 credit cards and 12 cousins, I could register 12 new accounts. The only overlap would be my name, but Uber has zero way of telling if two John Smiths with different credit card numbers and different billing addresses could possibly be the same person. They rely on the fact that no one cares so much about $30 to bother with wiping their phone, swapping in a new sim card, using a new card and a cousin's address. And, they're right, in the U.S. In China, people will go through a lot more hardship for less. Clickfarms in China pay something like 10 cents per hour.
Yea, and then the most hilarious part is:
Uber's spokeswoman told the Quartz writer that the company has an on-the-ground team who investigate into these various type of fraud, then uses "deep analytics, and new tools developed by our Chinese engineers in our dedicated fraud team to combat against such fraud." The Uber spokeswoman declined to elaborate on the nature of these tools.
So they are bragging about how smart they are for thwarting the scammers with "Deep analytics" whatever the hell that means. If you were smart enough to do "Deep analytics" should you also have been smart enough to design a system that wasn't so easily scammed? I dunno... like you don't get your payout for 3 months or something? or your payout's in the form of an Amazon Gift card that you can only use from your Uber account? There's about 100 different trivial ways to completely subvert the scam from the start, it's mind boggling that they allow it to continue.
About 10yrs ago I decided to do some volunteer work. By the time I was done, I decided not to volunteer anymore. It's just too depressing that most, if not all, of the charities are run so poorly. But the red cross was one of the worst. I told them I was a programmer and a DBA so they made me the "host" meaning I handed out cookies and made people frozen pizzas while they donated blood. For this I had to go through a background check, speak with a councilor. They told me that if I couldn't pass the background check, that was ok, I could drive the trucks if I had a record. You know, the trucks with the blood in them. Really.
Then they needed help with this Access database, I was a DBA right? No, get back to the cookies! they say. They hired this consulting firm to help them with Access, who charged them $20k and sent it a kid strait out of community college.
They'd run adds on TV "We're running low on blood! We desperately need you to donate this weekend!" but that came out of marketing, who didn't tell the doctors or nurses, so they'd get slammed when they weren't staffed to handle it.
The red cross is completely mismanaged, disorganized, and clueless. But then again, so was every other charity I found so...
There are no entry level jobs. Not for Americans at least.
Elitist and racist comments that trigger the like reflexes pretty much everyone on slashdot right?
Buy American! Be American! lol
I see "Entry level" programers float in from the local community college every other day. They usually can't figure out how to use our vending machine, much less write a line of code. The people from India/Pakistan show up and just get shit done. They also bring awesome stuff to our pot lucks.
The problem isn't H1B visas. The problem is the rub stamp educational standards colleges have in this country and completely destroyed employers faith in what a US degree means.
So, I think that the word we need to get out to the uninformed public is that hackers do not have magic powers that are impossible to defend against. Governments and Corporations responsible for these breaches keep trying to portray the hackers as if they were mad-men flying planes into buildings. How can you stop a fully loaded 747 flying at 800mph right?!?!
But that's not the case. Every single one of these breaches has been the result of mistakes made my the organization that was attacked as trivial as leaving keys in the lock of your safe with a big sign that says "Money inside!" These agencies and companies could easily, and with little monetary investment, make breaches like this nearly impossible.
In most cases the mistakes aren't even technological, they're institutional. Usually those attacked had well qualified security folks on staff who were doing their best to prevent the attack. But when the "VP of operations" (or whatever) comes in and says "The project is late, everyone's telling me it's because you're department is insisting on two factor authentication. I'm going to sign off on that and we're going to move forward" there's not much they can do.
Look at the Sony attack. You had executives of the company sitting there with the entire companies financial records down to the penny sitting on their windows desktop... WHILE their security department was telling them the entire network had an active virus infection running rampant. Basically nothing happened to any of the people responsible.
Here's a concept...
Why don't you google "some person" and find out if they are credible.
I know, having to do this kind of work oneself can be distasteful, so let me help you out here.
Lauren Weinstein
First: What the fuck is a "Technologist?" Personally, I reffer to myself as a Pornomancer, but what that means outside of my secret closet in the basement, I'm not sure.
Secondly: Since when did having a 4 line wikipedia entry mean you were a notable person? This guy has a bigger article: http://en.wikipedia.org/wiki/J...
Personally, I don't understand why people have browser history turned on at all. I build a lot of computers for people (by happenstance it's a hobby) I build a dozen or so per year. The FIRST thing I do after the first boot is install Firefox (my preference), permanently turn off browsing history, install AdBlock+, install HTTPS Anywhere, then launch Windows update and go watch a movie.
I've never seen history help anyone. But I've seen it cause all sorts of embarrassing accidents, fights with spouses, legal trouble, etc... Is there actually a use for it?
So is this the "Change we can believe in"?
And no, I'm not making fun on democrats. I'm making fun of anyone that thinks their party cares about them or their country at all.
"G+ is awesome. No friends use it..."
Aren't friends the whole point of social media?
Basically the definition of every word in your statement is ambiguous so I find that hard to answer.
What is a "Friend"
What do you mean by "Point"
and "Social media"?!?! Does anyone know what that means?
It's on the internet, there's text, he clicks buttons, it makes him smile. More power to him.
The trouble with the 'backup' claim is that a Google cloud service may suffer a permanent failure upon a behind-closed-doors business decision, with potentially little warning. If Seagate, say, could instruct your usb hdd to brick itself, would you use it for backup? The Cloud is convenient in the short term, but business reality means it must be thought of as 'may fail for no reason'.
wtf are you talking about? Name any other backup scheme that wouldn't suffer the exact same potential disaster? Even if you set it up yourself in your own house on your own network that could happen. The difference is Googles far less likely to have that sort of problem than the NAS you bought off Newegg did.
If you REALLY wanted to protect your data, you'd back it up to both your house and google.
Backup...using a Google service? I prefer my backups to be reliable and private, thank you. Although hard drives do occasionally tell me "Hey, you've got a week to get your shit off me, ner ner!", at least they can't help it.
But it IS reliable and private. It's only NOT private when you take the "Free" options. I've been using Google Photos for backing up my entire families photos (80gig and climbing) for years. It costs me a $1 and is as complicated as checking a box on each of our phones.
If you want something else... ok write it and stop bitching.
Interestingly, the Soviet Union routinely underestimated US military capabilities on the assumption that if the US had the capability, the US would have used it. The US hadn't used it, so obviously they didn't have it.
Source: Operation Solo, John Barron.
I doubt that. I think the US often overestimates themselves. Pretty much every war we've fought since WW2 has been against 3rd world countries with a few key assets provided by China/Russia. A war against China or Russia proper I suspect would be an eye opener for a lot of people. Aircraft Carriers are really big targets and Stealth aircraft are only really stealthy to pre-1980s anti-air systems.