What public speaking is all about is about gaining and maintaining the audiences genuine interest and attention. If you don't have at least some of these things, they will slowly fade into oblivion. I learned this quickly in the Corps, where I learned how to start off (first impressions are very important) with a loud booming voice introduction, followed up by some sort of attention grabber (Usually a random video). If the audience doesn't want to engage, engage them. Ask them questions. Randomly pick out a person to pick on (with the right amount of humor for the audience, for Marines a thorough degradation sufficed =). Do not become like the officers always do, which is addicted to fancy powerpoints. When he says stick to content that is the truth. Yes it can be boring to go over the correct way to clear a multi-story building with civilians in it. But something as simple as having a handful of guys standup and demonstrate an action etc makes the engagment contagious. If you make it fun, people will respond, if you don't, they will go comatose (and remember whose fault that is).
"Cry some more baby!" "Next time, pick on someone your own tiny-baby size!" "Is not fair to use gun on such a tiny man." "The burning you feel? It is shame." " !" (There, fixed that for you)
I can confirm that GApps paid support has not come through for me. It is horrendous, partly in quality of response, but mostly in response time. I had a client with a GApps issue and it took literally 3 days to get an email that said "We are looking into the problem and will inform you when we reach a solution" 1 day later I had figured it out, and they sent a completely non-applicable fix.
What it all boils down to is marketshare. I deal with malware from all ends of the spectrum, and the entire purpose of modern malware is usually one thing. To make money. Whether that be by using that machine in a botnet, stealing banking or other logon info, or by trying to get someone to pay for fake security software, malware has turned into (within the last decade) a major business. Due to lack of enforcement, these things mainly stem from countries with little oversight (African countries, Russia, tiny islands etc) And are hard to take down. The reason Linux has not been mass targeted is that it normally represents the higher end of the user spectrum, whereas windows is the low hanging fruit. Take international pickpockets or muggers. The offenders will find the most vulnerable target who is unaware of their surroundings and unable to defend themselves. Windows is a 60 year old lady in a foreign market with her passport and wallet around her neck wearing bright pink taking pictures and not paying attention. Linux is more like an aware person who has made themselves a hard target just by knowing what not to do. Mac's seem to be the exception for the moment, and this is where I actually happen to see a huge potential for this to change though. More and more instead of the family tech having to support a family windows box, it is simply easier to just tell a novice to get a mac. Once this reaches a certain apex, that is when malware will target it. Just about any system can be compromised, but back to my original point is it worth it (money?)
This is why PMC's are drooling of the Niger Delta situation. One that I know has jumped through the legal hoops at two ports on either end of a main route for their weapons. They then escort ships through the dangerous parts and leave them at the international waters zone once at their destination country. Merchant ship stays the same, but with a separate armed ship escort.
How does any even semi rational and logical mind make the jump from "Return fire when fired upon" to "Mass Murder Genocide Retribution"? You sir, get the troll/flambait/ Idiot of the day award!
I have some experience in this area.. what we had were the double mounted Ma Duece's, Mark 19's, and 25mm AntiAir. Regardless, people are right when they say the issue is that countries all over are strict about weapons at port. I did an escort up the Suez once and when we got to Greece someone didn't do the right paperwork, so we had to send two of the crew with all the weapons and ammo to spain!
Wikileaks is simply an outlet for sensitive information. So what you're implying is that their privacy wasn't infringed by whichever entity collected the information, but by Wikileaks? That doesn't make any sense. I do see your point, but I think the potential benefits by far outweigh the cons of such a release. Now that the data is out there, nothing can be done to get it back. On top of this, Wikileaks has some serious credibility when it comes to their methods and what and when they decide to release, I'm sure their lawyers have thought out the consequences and variations thoroughly. Their statement as to the source is “While we are obligated... to protect our sources, it is clear that the information comes from an organization which has been intercepting and archiving national US telecommunications since prior to 9/11.” If anything, THIS is what people SHOULD be mad about, that a (potentially governmental) organization has been collecting this data without their consent in the first place.
This seems to be a really good move on the part of Wikileaks. Its one of those things, where in the digital age, that information lasts for a long time, but I think the significance here is that this data was collected within a day of the attacks. What this does is give us a clearer picture of lots of things, including emergency response methods and efficiency, the way people react to catastrophic events, and information that may have previously been unknown, and things like that. There has been a lot of controversy surrounding Sep 11. and simple data being released to the public is always a good thing. Yes, there will be both ends of the extremist section, both conspiracy theorists and their counterparts, who may try to find specific data to backup their preconceived theories, but its still a good thing. Just browsing over to the TFA and their shortened excerpt, I found one very interesting message.."WTC HAS BEEN HIT BY AN AIRPLANE AND A BOMB." This does nothing as far as credibility and in situations like that people are known to panic and see and hear things that aren't there, but regardless, it will be interesting to see where this leads. Data by itself sometimes can be useless, but in context can have implications you don't expect. My personal opinions are far to complex to list here, but people should learn how to use logic and think for themselves.
I would like to point out that I have very dry skin as well, but what I figured out is that it is a factor of actual hydration, as I am normally very active, I need to drink lots of fluids (I say fluids because I'm a gatorade in my camelback nut) but more important is that showers really really REALLY hurt your skin, especially when you like em long and hot. I forced myself to learn to love cold showers, and now my skin is much better. Also, since I'm active and am frequently outdoors, its not a problem for me, but exposure to sunlight everyday is very important as well.
I like Experts Exchange a lot better than the crapshoot of malware ridden generic "PC Tech forums" I find. They actually have good answers about half the time. Just my two cents, but yeah, FOX - News can go drown themselves. I try to be open minded, but as soon as someone tells me they only watch FOX I don't even engage in conversation with them anymore, and that comes from a formerly traditional republican!
So can you tell me more about this? http://www.heise.de/tp/r4/artikel/5/5263/1.html I actually remember back in the day there was (in either 98 or NT) a straight up registry key that said NSA. I never did see anything suspicious, but ever since then I've sorta half thought it was true half thought it was just a conspiracy theory that there was a backdoor of some sorts in every system. I do know that while holding same level TSSI clearance, some SIGINT guys kept most quite about their work, even when I needed info for ops, they'd just say, "give us a MAC address" And never even asked for IP... Wouldn't tell me what software they were using or what their capabilities were.
I tested both Joomla and Drupal side by side, and for all its issues, drupal beat joomla for one very major reason. Simplicity. Joomla has more documentation, and seems to be technically more capable, but when it comes to added functionality, Joomla is horrendous at ease of use. Drupal was pretty simple to add modules and get going with some non-standard settings. So for Opem CMS, Drupal get the award of lesser of two evils.
I am currently talking about personal computing, business computing is a bit different. So until the browser vendors do get their shit together, it is up to the user, no matter how practical, to secure themselves. Much like one of the reason when I'm in the CONUS I have my CCW (Concealed Carry License) and do carry, because the police and other factors are reactionary, in this world, you have to be prepared to protect yourself, physically and electronically, unless you trust the entities that are supposed to do it for you. It's not paranoia if they're really after you.
The TOR nodes I'm routing through are privately encrypted by IronKey and are not public. I am doing work related stuff (I am both a Computer Contractor and Personal Security Contractor).
It really isn't that simple. You could be running *nix or a mac. You might go to the same 3 sites everyday, but never browse new things. Due to the nature of the ways browsers are installed by default (which you imply you are using) you could get infected by even legitimate websites (who resell adspace to unscrupulous buyers) and not even realize it. With no tools, how do you propose to prevent cross-site scripting attacks, Java-script attacks, etc? I actually don't run a/v on personal systems. But I do run daily scans (while I'm at work) with multiple tools. I used to use no software firewall, relying on my strict PIX access-lists to protect me, but now I am using windows 7 and the firewall is so granular it is a good extra step. You are actually a malicious wet dream, someone who thinks they have everything so secure, that as long as you hide the bot/trojan etc well enough, they will never know they are a zombie machine. Just because you haven't been infected in over 20 years doesn't mean you can't get infected tomorrow. So, either you customize your browser intricately (JS, active-x settings, etc) or your just playing Russian roulette. Read this for tips on where you might be lacking. http://www.cert.org/tech_tips/securing_browser/
Like I said, I only use the TOR on my ironkey when I'm say at class on an open wifi signal. The cookie thing is annoying as hell at first, but, as well as with noscript, once you have gone to the majority of the sites you frequent, its not an issue anymore.
In the browser wars, people tend to forget sometimes that marketshare is an inherent part of how much your browser will come under attack. Issue's like these, while it's good they're being patched, should have been taken care of a long time ago in anticipation of things to come. Firefox is still my preffered method of browsing, but thats because I am a halfway knowledgeable user that uses adblock, noscript, betterprivacy, use privately encrypted TOR when about (Iron Key) and only allow certain cookies. I used to recommend it to people, but now it seems just as bad (GASP) as IE with a standard install. I agree with jkrise (First Post!), there needs to be something like sub-builds that focus on security. I still like firefox better, as I occasionally evaluate the other browsers, and find them all lacking more than firefox in some areas. Just my two cents of subjective opinion though. Carpe Out.
I decided that unlike Vista, I would beta Windows 7 and be ahead of the curve by the time it came out. I've been running it for roughly a year now (midnight snacktime is not condusive to memory) . Overall I am actually quite impressed (gasp! shoot me now). One thing I really like is the granular firewall abilities, which has clearly defined and seperate inbound/outbound rules. I currently have both set to a PIX style ACL type deny all except ports I explicitly state. Now this can be a pain to evaluate a new program to figure out which ports it needs open for proper function, but is definitely something that should be done ona group policy level at the domain, just because you have a supertight internet facing firewall, you still need to prevent LAN and VPN security issues as well.
The original and much more informative article, written by someone that at least has basic understandings of technology at wired One of the keys to why this is so big can be found in the following... "The hack involved reverse-engineering PINs for payroll debit card accounts" and "Tsurikov conducted reconnaissance of the RBS network after Covelin provided him with information about vulnerabilities in the system. Pleshchuk and Covelin then worked on exploiting the vulnerabilities to obtain access on November 4. Pleschuk allegedly developed the method for reverse-engineering the encrypted PINs." So what it boils down to is that usually something happens to a bank, and it is some stupid CIO or consultant that leaves unencrypted info on a laptop or something similarly stupid, while this seems to be a "legitimate" hack/crack. This involves all the steps of classic vulnerability assesment a pro security consultant would do, but with blackhat intent, including passive recon, 0 days, etc. It should be noted that in the Credit Card fraud underworld, the biggest problem is not getting cards info, including PIN's. The problem is called "cashing out". Often internet currencies (e-gold, etc) and offshore gambling sites are used to launder money, but this is why the "cashiers" usually charge 50 points. They got caught because of how they got the money, and the real special thing here is that they targeted only a few high level payroll accounts. Making their indicment only on 16 counts. I highly doubt they would be expected to pay back every bit of it, and if they are smart they had a contigency plan, hide a million or two in a hole in the ground, and will only serve a handful of years in jail, but my entire last statement is pure speculation as I know very little about how the justice system works in regard to this stuff, barring to say that I have a friend who spent 5 years in prison for non-malicious haking of government computers, while the local young girl murderer gets 3 years....ahh i need to drink less, or maybe more, before posting to/.!
That email is inherently insecure. Email is normally plain text, unless you use some form of email encryption or third party secure document service, you should automatically assume anything you put in an email could potentially be known to anyone and everyone. This is a big reason underground channels use encrypted, unlisted IRC channels as a form of comm(among other methods). This does not make the 4th Amendment issues any less, but if you have something worth looking into, be smarter about what you put in your emails in the first place.
Slashdot Mirror
What public speaking is all about is about gaining and maintaining the audiences genuine interest and attention. If you don't have at least some of these things, they will slowly fade into oblivion. I learned this quickly in the Corps, where I learned how to start off (first impressions are very important) with a loud booming voice introduction, followed up by some sort of attention grabber (Usually a random video). If the audience doesn't want to engage, engage them. Ask them questions. Randomly pick out a person to pick on (with the right amount of humor for the audience, for Marines a thorough degradation sufficed =). Do not become like the officers always do, which is addicted to fancy powerpoints. When he says stick to content that is the truth. Yes it can be boring to go over the correct way to clear a multi-story building with civilians in it. But something as simple as having a handful of guys standup and demonstrate an action etc makes the engagment contagious. If you make it fun, people will respond, if you don't, they will go comatose (and remember whose fault that is).
Never attribute to malice that which can be adequately explained by stupidity. The issue with Hanlon's razor is that I find stupidity IS malicious...
I know that if I lived in Chicago, I'd kill myself. (It's like the festering puss wound of America)
Don;t be so smug, we're taking the rest of you with us...
"Cry some more baby!" "Next time, pick on someone your own tiny-baby size!" "Is not fair to use gun on such a tiny man." "The burning you feel? It is shame." " !" (There, fixed that for you)
I can confirm that GApps paid support has not come through for me. It is horrendous, partly in quality of response, but mostly in response time. I had a client with a GApps issue and it took literally 3 days to get an email that said "We are looking into the problem and will inform you when we reach a solution" 1 day later I had figured it out, and they sent a completely non-applicable fix.
What it all boils down to is marketshare. I deal with malware from all ends of the spectrum, and the entire purpose of modern malware is usually one thing. To make money. Whether that be by using that machine in a botnet, stealing banking or other logon info, or by trying to get someone to pay for fake security software, malware has turned into (within the last decade) a major business. Due to lack of enforcement, these things mainly stem from countries with little oversight (African countries, Russia, tiny islands etc) And are hard to take down. The reason Linux has not been mass targeted is that it normally represents the higher end of the user spectrum, whereas windows is the low hanging fruit. Take international pickpockets or muggers. The offenders will find the most vulnerable target who is unaware of their surroundings and unable to defend themselves. Windows is a 60 year old lady in a foreign market with her passport and wallet around her neck wearing bright pink taking pictures and not paying attention. Linux is more like an aware person who has made themselves a hard target just by knowing what not to do. Mac's seem to be the exception for the moment, and this is where I actually happen to see a huge potential for this to change though. More and more instead of the family tech having to support a family windows box, it is simply easier to just tell a novice to get a mac. Once this reaches a certain apex, that is when malware will target it. Just about any system can be compromised, but back to my original point is it worth it (money?)
This is why PMC's are drooling of the Niger Delta situation. One that I know has jumped through the legal hoops at two ports on either end of a main route for their weapons. They then escort ships through the dangerous parts and leave them at the international waters zone once at their destination country. Merchant ship stays the same, but with a separate armed ship escort.
How does any even semi rational and logical mind make the jump from "Return fire when fired upon" to "Mass Murder Genocide Retribution"? You sir, get the troll/flambait/ Idiot of the day award!
I have some experience in this area.. what we had were the double mounted Ma Duece's, Mark 19's, and 25mm AntiAir. Regardless, people are right when they say the issue is that countries all over are strict about weapons at port. I did an escort up the Suez once and when we got to Greece someone didn't do the right paperwork, so we had to send two of the crew with all the weapons and ammo to spain!
Wikileaks is simply an outlet for sensitive information. So what you're implying is that their privacy wasn't infringed by whichever entity collected the information, but by Wikileaks? That doesn't make any sense. I do see your point, but I think the potential benefits by far outweigh the cons of such a release. Now that the data is out there, nothing can be done to get it back. On top of this, Wikileaks has some serious credibility when it comes to their methods and what and when they decide to release, I'm sure their lawyers have thought out the consequences and variations thoroughly. Their statement as to the source is “While we are obligated ... to protect our sources, it is clear that the information comes from an organization which has been intercepting and archiving national US telecommunications since prior to 9/11.” If anything, THIS is what people SHOULD be mad about, that a (potentially governmental) organization has been collecting this data without their consent in the first place.
This seems to be a really good move on the part of Wikileaks. Its one of those things, where in the digital age, that information lasts for a long time, but I think the significance here is that this data was collected within a day of the attacks. What this does is give us a clearer picture of lots of things, including emergency response methods and efficiency, the way people react to catastrophic events, and information that may have previously been unknown, and things like that. There has been a lot of controversy surrounding Sep 11. and simple data being released to the public is always a good thing. Yes, there will be both ends of the extremist section, both conspiracy theorists and their counterparts, who may try to find specific data to backup their preconceived theories, but its still a good thing. Just browsing over to the TFA and their shortened excerpt, I found one very interesting message.."WTC HAS BEEN HIT BY AN AIRPLANE AND A BOMB." This does nothing as far as credibility and in situations like that people are known to panic and see and hear things that aren't there, but regardless, it will be interesting to see where this leads. Data by itself sometimes can be useless, but in context can have implications you don't expect. My personal opinions are far to complex to list here, but people should learn how to use logic and think for themselves.
I would like to point out that I have very dry skin as well, but what I figured out is that it is a factor of actual hydration, as I am normally very active, I need to drink lots of fluids (I say fluids because I'm a gatorade in my camelback nut) but more important is that showers really really REALLY hurt your skin, especially when you like em long and hot. I forced myself to learn to love cold showers, and now my skin is much better. Also, since I'm active and am frequently outdoors, its not a problem for me, but exposure to sunlight everyday is very important as well.
I like Experts Exchange a lot better than the crapshoot of malware ridden generic "PC Tech forums" I find. They actually have good answers about half the time. Just my two cents, but yeah, FOX - News can go drown themselves. I try to be open minded, but as soon as someone tells me they only watch FOX I don't even engage in conversation with them anymore, and that comes from a formerly traditional republican!
So can you tell me more about this? http://www.heise.de/tp/r4/artikel/5/5263/1.html I actually remember back in the day there was (in either 98 or NT) a straight up registry key that said NSA. I never did see anything suspicious, but ever since then I've sorta half thought it was true half thought it was just a conspiracy theory that there was a backdoor of some sorts in every system. I do know that while holding same level TSSI clearance, some SIGINT guys kept most quite about their work, even when I needed info for ops, they'd just say, "give us a MAC address" And never even asked for IP... Wouldn't tell me what software they were using or what their capabilities were.
I tested both Joomla and Drupal side by side, and for all its issues, drupal beat joomla for one very major reason. Simplicity. Joomla has more documentation, and seems to be technically more capable, but when it comes to added functionality, Joomla is horrendous at ease of use. Drupal was pretty simple to add modules and get going with some non-standard settings. So for Opem CMS, Drupal get the award of lesser of two evils.
I am currently talking about personal computing, business computing is a bit different. So until the browser vendors do get their shit together, it is up to the user, no matter how practical, to secure themselves. Much like one of the reason when I'm in the CONUS I have my CCW (Concealed Carry License) and do carry, because the police and other factors are reactionary, in this world, you have to be prepared to protect yourself, physically and electronically, unless you trust the entities that are supposed to do it for you. It's not paranoia if they're really after you.
The TOR nodes I'm routing through are privately encrypted by IronKey and are not public. I am doing work related stuff (I am both a Computer Contractor and Personal Security Contractor).
It really isn't that simple. You could be running *nix or a mac. You might go to the same 3 sites everyday, but never browse new things. Due to the nature of the ways browsers are installed by default (which you imply you are using) you could get infected by even legitimate websites (who resell adspace to unscrupulous buyers) and not even realize it. With no tools, how do you propose to prevent cross-site scripting attacks, Java-script attacks, etc? I actually don't run a/v on personal systems. But I do run daily scans (while I'm at work) with multiple tools. I used to use no software firewall, relying on my strict PIX access-lists to protect me, but now I am using windows 7 and the firewall is so granular it is a good extra step. You are actually a malicious wet dream, someone who thinks they have everything so secure, that as long as you hide the bot/trojan etc well enough, they will never know they are a zombie machine. Just because you haven't been infected in over 20 years doesn't mean you can't get infected tomorrow. So, either you customize your browser intricately (JS, active-x settings, etc) or your just playing Russian roulette. Read this for tips on where you might be lacking. http://www.cert.org/tech_tips/securing_browser/
Like I said, I only use the TOR on my ironkey when I'm say at class on an open wifi signal. The cookie thing is annoying as hell at first, but, as well as with noscript, once you have gone to the majority of the sites you frequent, its not an issue anymore.
In the browser wars, people tend to forget sometimes that marketshare is an inherent part of how much your browser will come under attack. Issue's like these, while it's good they're being patched, should have been taken care of a long time ago in anticipation of things to come. Firefox is still my preffered method of browsing, but thats because I am a halfway knowledgeable user that uses adblock, noscript, betterprivacy, use privately encrypted TOR when about (Iron Key) and only allow certain cookies. I used to recommend it to people, but now it seems just as bad (GASP) as IE with a standard install. I agree with jkrise (First Post!), there needs to be something like sub-builds that focus on security. I still like firefox better, as I occasionally evaluate the other browsers, and find them all lacking more than firefox in some areas. Just my two cents of subjective opinion though. Carpe Out.
I decided that unlike Vista, I would beta Windows 7 and be ahead of the curve by the time it came out. I've been running it for roughly a year now (midnight snacktime is not condusive to memory) . Overall I am actually quite impressed (gasp! shoot me now). One thing I really like is the granular firewall abilities, which has clearly defined and seperate inbound/outbound rules. I currently have both set to a PIX style ACL type deny all except ports I explicitly state. Now this can be a pain to evaluate a new program to figure out which ports it needs open for proper function, but is definitely something that should be done ona group policy level at the domain, just because you have a supertight internet facing firewall, you still need to prevent LAN and VPN security issues as well.
http://www.wired.com/threatlevel/2009/11/rbs-worldpay/
The original and much more informative article, written by someone that at least has basic understandings of technology at wired One of the keys to why this is so big can be found in the following... "The hack involved reverse-engineering PINs for payroll debit card accounts" and "Tsurikov conducted reconnaissance of the RBS network after Covelin provided him with information about vulnerabilities in the system. Pleshchuk and Covelin then worked on exploiting the vulnerabilities to obtain access on November 4. Pleschuk allegedly developed the method for reverse-engineering the encrypted PINs." So what it boils down to is that usually something happens to a bank, and it is some stupid CIO or consultant that leaves unencrypted info on a laptop or something similarly stupid, while this seems to be a "legitimate" hack/crack. This involves all the steps of classic vulnerability assesment a pro security consultant would do, but with blackhat intent, including passive recon, 0 days, etc. It should be noted that in the Credit Card fraud underworld, the biggest problem is not getting cards info, including PIN's. The problem is called "cashing out". Often internet currencies (e-gold, etc) and offshore gambling sites are used to launder money, but this is why the "cashiers" usually charge 50 points. They got caught because of how they got the money, and the real special thing here is that they targeted only a few high level payroll accounts. Making their indicment only on 16 counts. I highly doubt they would be expected to pay back every bit of it, and if they are smart they had a contigency plan, hide a million or two in a hole in the ground, and will only serve a handful of years in jail, but my entire last statement is pure speculation as I know very little about how the justice system works in regard to this stuff, barring to say that I have a friend who spent 5 years in prison for non-malicious haking of government computers, while the local young girl murderer gets 3 years....ahh i need to drink less, or maybe more, before posting to /.!
That email is inherently insecure. Email is normally plain text, unless you use some form of email encryption or third party secure document service, you should automatically assume anything you put in an email could potentially be known to anyone and everyone. This is a big reason underground channels use encrypted, unlisted IRC channels as a form of comm(among other methods). This does not make the 4th Amendment issues any less, but if you have something worth looking into, be smarter about what you put in your emails in the first place.