" In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database."
"We knew about the vulnerability, and didn't do anything about it for months. Hopefully looking like we're doing all this to protect you means you won't sue us and find out."
Titanium Backup with Root access, zip, and put in SpiderOak storage. To recover, you install Titanium Backup and Spider Oak client on your new device / download backup to your PC and decrypt / unzip and transfer to device, and recover.
A little cumbersome, but secure. The encryption key never leaves my device (encryption occurs before data transfer to online storage).
vote straight third-party to send a message of dissatisfaction.
NO NO NO NO NO NO NO NO NO NO NO NO NO.
Vote for the party because they are the party you want to be in power! Have all of your friends pay attention to third party candidates, help them understand differences in economic and foreign policy etc, keep them informed in the way Fox News wishes you couldn't, but don't get all Power-To-The-People anarchistic and vote to "stick it to The Man." You'll always remain a fringe group, because you can't vote against a party, only for one.
That's not really how it works. Barack Obama has never heard of Citizen A or Citizen B
You all, however, have heard (and engaged in assembly, on this site) with me. So now, my brother's electrician's babysitter is linked to your aunt's hairdresser.
It's quite a short-sighted view, though. Once everyone's a criminal who faces prison for doing nothing but it being their turn to be made an example of, the rule of law becomes meaningless. There are only two results; Martial law, as in Egypt / Syria right now, or anarchy / tribalism as in the Congo. Neither is a stable state.
Holy fucking balls, you're such a moron! That's SYSTEMS! You know, the guys that make sure that the monkeys who think knowing PowerShell makes you some kind of IT god? NOTHING. They are FILTH.
We're talking about Networks. Systems can do NOTHING without my massaging of the thinwire, caressing of the switch configuration. Systems are USELESS, DUMB without us. Systems is the heart of the network? Well, Networks is the vascular system. What is the heart without the blood vessels? Just another lump of useless meat.
Excuse me for a moment. Latency just jumped three orders of magnitude on the fiber trunk to another building. I can hear the packets screaming already...
No Antivirus, no configuration, no breaking of stuff, no installing updates, no nothing. Just turn it on and tell them to double-click "Firefox". Take the money you would have spent on AV licenses (It's a company, so you don't qualify for "free for home use" ones like Avast, AVG etc) and buy a stack of 1GB DDR1 memory for your systems and put it in instead of / as well as the memory already installed.
You can't be modded higher, so here's me burning karma telling you that this is the absolute crux of the matter. If they don't like it, they can leave.
The problem is that they have collectively invested thousands upon thousands of man hours into the project (16m lines of code) for our benefit; Quitting may not be something they can do lightly. It doesn't mean that Torvalds should get a free pass; He's probably not the reason for them staying.
It is possible to tell someone they're wrong without calling them a "fucking moron". How do you think Linux would fare if the entire mailing list went "Fine. If you can do it better, have at it. Unsubscribe." I don't think Linus has enough hours in the day to do all of the work himself. It's almost 16m lines of code, FFS.
All she's asking is for him to reign in the profanity and abuse. If he can't, he's likely to end up ruler of a kingdom of one.
Dude. Correlation != Causation. Did you not get the memo?
Maybe all of the kernel devs are fucking double-plus good at what they do, and just ignore him when he goes off on a rant. "Whatever, douchenozzle. I'm carrying on with my work. You go scream at the wall."
In my scenario, things still get done, Linux still rules, and Linus is not the wind in everyone's sails; Making Linux great is. Linus is just blowing hot air; Granted, some of it may push the boat forwards, but most of it just causes everyone to sweat a little harder.
What I'd like from Yahoo is a browser addon to enable transparent use of PGP for their webmail client. A centralised database of public keys with automatic handling of key requests for new recipients within the Yahoo domain, automatic publishing of your own public key to their database through the addon, and a pretty, wizard-like front end for key generation outside of the browser.
I'm no coder, but that doesn't sound hard to me. We can already input into forms from addons, it should be trivial to link it with public key encryption. They've done it with the OpenPGP addon for Thunderbird, after all.
Am I the only one who thinks it's in fact you that's the problem? You didn't like the S3, saying it's too thin, has a bad battery, and poor button placement, then go on to slate the next iteration of that handset? Dude, take your experience and learn from it; Don't look at buying a Samsung Sx next time. There are hundreds of Android phones available. Hell, the Nexus 4 is half the price, just as capable, and not bound to a network contract.
Point me to a secure and easy to use for the regular user system, and I'm all for implementing it.
Currently, what we have is PGP. This is great for people who know what the terms X.509, 2048bit RSA, and certificate revocation list mean and why these things are important. However, it doesn't help Bob in Accounting get his TPS report to Simon in Management very quickly. It's awkward and it's cumbersome for anyone who doesn't have quite an in-depth knowledge of the technologies involved.
Of course it can be subcontracted. I know of several companies which handle data destruction, and all of them offer verification of data destruction on working drives. Yes, it is chargeable, but that's understandable and should have been paid for by the authority. The NHS gets the paperwork, if the data shows up on eBay they go "This is the audit log the contractor provided us. They have obviously provided incorrect of falsified records. We have fulfilled our obligations; Have at 'em." Now the contractor faces £0.5m in fines and 6 months in jail, and not the NHS.
I partly agree, but this doesn't solve the problem experienced in the article. What the NHS bod should have done is ask for an audit log of each machine to ensure that the drives were in fact wiped. I've yet to find a contractor who wouldn't offer the service, though it is chargeable because obviously software-wiping a drive and verifying the contents takes a lot longer than throwing it in an industrial shredder. I'd like to know how you'd handle such a situation, as DBAN doesn't offer auditing.
Saying all this, I have an old server with stacks of drive bays a DBAN liveCD in the drive for just these situations. I slot in all of the drives I need to wipe, and I set DBAN up overnight on a single zero-pass. it's typically done by morning, regardless of capacity. I then send the drives off for recycling. I'm sure the NHS IT dept can afford to not throw out a 2004 Opteron server and use it for just this situation. You could wipe a hundred drives a week easily with this solution, far more than any one authority should get through.
Slashdot Mirror
I'm likening these guys to Andrews and Arnold in the UK. The service they offer is second-to-none.
two vectors
through the Apple breach
through email harvesters
through past business contacts
Please tell me you write accounting software.
" In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database."
"We knew about the vulnerability, and didn't do anything about it for months. Hopefully looking like we're doing all this to protect you means you won't sue us and find out."
Titanium Backup with Root access, zip, and put in SpiderOak storage. To recover, you install Titanium Backup and Spider Oak client on your new device / download backup to your PC and decrypt / unzip and transfer to device, and recover.
A little cumbersome, but secure. The encryption key never leaves my device (encryption occurs before data transfer to online storage).
I think Slashdot absolutely counts. We are of like mind, associate freely, and discuss topics of similar interest in the open.
I wouldn't be surprised if there's an NSA spider trawling for keywords on every post.
vote straight third-party to send a message of dissatisfaction.
NO NO NO NO NO NO NO NO NO NO NO NO NO.
Vote for the party because they are the party you want to be in power! Have all of your friends pay attention to third party candidates, help them understand differences in economic and foreign policy etc, keep them informed in the way Fox News wishes you couldn't, but don't get all Power-To-The-People anarchistic and vote to "stick it to The Man." You'll always remain a fringe group, because you can't vote against a party, only for one.
That's not really how it works. Barack Obama has never heard of Citizen A or Citizen B
You all, however, have heard (and engaged in assembly, on this site) with me. So now, my brother's electrician's babysitter is linked to your aunt's hairdresser.
It's quite a short-sighted view, though. Once everyone's a criminal who faces prison for doing nothing but it being their turn to be made an example of, the rule of law becomes meaningless. There are only two results; Martial law, as in Egypt / Syria right now, or anarchy / tribalism as in the Congo. Neither is a stable state.
Holy fucking balls, you're such a moron! That's SYSTEMS! You know, the guys that make sure that the monkeys who think knowing PowerShell makes you some kind of IT god? NOTHING. They are FILTH.
We're talking about Networks. Systems can do NOTHING without my massaging of the thinwire, caressing of the switch configuration. Systems are USELESS, DUMB without us. Systems is the heart of the network? Well, Networks is the vascular system. What is the heart without the blood vessels? Just another lump of useless meat.
Excuse me for a moment. Latency just jumped three orders of magnitude on the fiber trunk to another building. I can hear the packets screaming already...
I'll save you. I'll save you all.
Well, here's one way
Ask me that same question when a the driver of a school bus is tired from lack of sleep, runs a red light and is t-boned by a 14-wheeler.
Same situation, but you're the bus driver. How important was that alert now?
Anything heavier than carbon was created in a supernova.
Science is awesome.
Everyone knows you use potatoes. Nobody wants to root around in a container full of mouldy potatoes.
Lord of War
Linux LiveCD.
No Antivirus, no configuration, no breaking of stuff, no installing updates, no nothing. Just turn it on and tell them to double-click "Firefox". Take the money you would have spent on AV licenses (It's a company, so you don't qualify for "free for home use" ones like Avast, AVG etc) and buy a stack of 1GB DDR1 memory for your systems and put it in instead of / as well as the memory already installed.
This sounds like the ideal place for a LiveCD that boots straight to, and only to, a browser window.
No risk of viruses, breaking something, no running gedit by mistake. Just turn it on, and the internet is there.
You can't be modded higher, so here's me burning karma telling you that this is the absolute crux of the matter. If they don't like it, they can leave.
The problem is that they have collectively invested thousands upon thousands of man hours into the project (16m lines of code) for our benefit; Quitting may not be something they can do lightly. It doesn't mean that Torvalds should get a free pass; He's probably not the reason for them staying.
It is possible to tell someone they're wrong without calling them a "fucking moron". How do you think Linux would fare if the entire mailing list went "Fine. If you can do it better, have at it. Unsubscribe." I don't think Linus has enough hours in the day to do all of the work himself. It's almost 16m lines of code, FFS.
All she's asking is for him to reign in the profanity and abuse. If he can't, he's likely to end up ruler of a kingdom of one.
Dude. Correlation != Causation. Did you not get the memo?
Maybe all of the kernel devs are fucking double-plus good at what they do, and just ignore him when he goes off on a rant. "Whatever, douchenozzle. I'm carrying on with my work. You go scream at the wall."
In my scenario, things still get done, Linux still rules, and Linus is not the wind in everyone's sails; Making Linux great is. Linus is just blowing hot air; Granted, some of it may push the boat forwards, but most of it just causes everyone to sweat a little harder.
In response to my own comment, this already (kind of) exists.
Mailvelope addon for Firefox and Chrome
What I'd like from Yahoo is a browser addon to enable transparent use of PGP for their webmail client. A centralised database of public keys with automatic handling of key requests for new recipients within the Yahoo domain, automatic publishing of your own public key to their database through the addon, and a pretty, wizard-like front end for key generation outside of the browser.
I'm no coder, but that doesn't sound hard to me. We can already input into forms from addons, it should be trivial to link it with public key encryption. They've done it with the OpenPGP addon for Thunderbird, after all.
Am I the only one who thinks it's in fact you that's the problem? You didn't like the S3, saying it's too thin, has a bad battery, and poor button placement, then go on to slate the next iteration of that handset? Dude, take your experience and learn from it; Don't look at buying a Samsung Sx next time. There are hundreds of Android phones available. Hell, the Nexus 4 is half the price, just as capable, and not bound to a network contract.
You use this style of device with a Bluetooth headset. Nobody expects you to lift this to your face. Maybe even a smart watch, too.
Point me to a secure and easy to use for the regular user system, and I'm all for implementing it.
Currently, what we have is PGP. This is great for people who know what the terms X.509, 2048bit RSA, and certificate revocation list mean and why these things are important. However, it doesn't help Bob in Accounting get his TPS report to Simon in Management very quickly. It's awkward and it's cumbersome for anyone who doesn't have quite an in-depth knowledge of the technologies involved.
Of course it can be subcontracted. I know of several companies which handle data destruction, and all of them offer verification of data destruction on working drives. Yes, it is chargeable, but that's understandable and should have been paid for by the authority. The NHS gets the paperwork, if the data shows up on eBay they go "This is the audit log the contractor provided us. They have obviously provided incorrect of falsified records. We have fulfilled our obligations; Have at 'em." Now the contractor faces £0.5m in fines and 6 months in jail, and not the NHS.
I partly agree, but this doesn't solve the problem experienced in the article. What the NHS bod should have done is ask for an audit log of each machine to ensure that the drives were in fact wiped. I've yet to find a contractor who wouldn't offer the service, though it is chargeable because obviously software-wiping a drive and verifying the contents takes a lot longer than throwing it in an industrial shredder. I'd like to know how you'd handle such a situation, as DBAN doesn't offer auditing.
Saying all this, I have an old server with stacks of drive bays a DBAN liveCD in the drive for just these situations. I slot in all of the drives I need to wipe, and I set DBAN up overnight on a single zero-pass. it's typically done by morning, regardless of capacity. I then send the drives off for recycling. I'm sure the NHS IT dept can afford to not throw out a 2004 Opteron server and use it for just this situation. You could wipe a hundred drives a week easily with this solution, far more than any one authority should get through.