Any netadmin that allows VPN connected networks full access to their internal nets are idiots who need to get fired VERY soon.
Your assertion seems obvious on the face of it, but it fails to consider the effects of bureaucracy and complexity, which are real and profound. Many systems administrators are restrained from improving the security posture of networks and systems in "obvious" ways because the business has "requirements" which prevent it. Many of these requirements are derived, in turn, from the tangled complexity of interlocking capability and limitations of various network, systems, and software. Suppose your VPN was established to allow 5000 employees scattered around the country access to hundreds of servers scattered around, too. You might say the architecture is flawed, and it might well be, but if you're the admin and you didn't get to make those decisions then you probably also don't get to just decide to shut down VPN access to Windows port 139, 445 and so forth.
It's weird. You try to help people and do your job, and they hate you for it. I think I've been doing this for just too damn long.
Ha! It's time for you to become a consultant. You still do your job, people still hate you for it, but you get to switch to a new group of people now and then.
Although the DHS warning is about the remote worm exploitable hole, not the office holes, I meant to explicitly suggest that the reason the DHS have their undies in a bunch is because of their heightened sensitivity right now. In turn, I suspect their sensitivity is due to the recent exploitation of the Office holes, not a terrorist plot as such. There have been a couple remote rootable exploits that MS has patched in the past six months which didn't elicit such a response from DHS. What has changed probably isn't the occasional discovery of worm exploitable defects, nor a terrorist threat against The Internet (which threats are omnipresent, eh?) but rather the DHS sensitivity, due to these other recent problems.
Rather than secret knowledge about a plot, most likely (and most simply) DHS are worried about the recent use of the various Microsoft Office defects (including defects in Word, Excel, and Power Point, see for example: US CERT SA06-139A). More than one such have been discovered in the last few months. The defects have for the most part been discovered by accident by people investigating actual exploits, rather than by white hat's looking for defects to report. At least one of the attacks appeared to be directed against a specific agency.
It probably (finally) occurred to someone that perhaps the discovered attack for each of these wasn't the *first* attack.
This attack provided interesting and somewhat rare evidence that exploits are sometimes discovered by the black hat's and used for unknown (long) periods of time, quietly, before they are discovered by white hat's or by script kiddies (who invariably exploit them less than discretely such that the defects are discovered quickly).
These recent events should prompt a fair number of security consultants to have somewhat more polite versions of "I told you so" conversations with their unruly clients, who typically don't believe this really happens "in the real world". Yes, it really happens. It really happens in the real world. Let's get real.
I was specifically referring to the Mac market and to expensive official market research paid for by somebody else, not to anecdotal evidence. If you have a real need something better than anecdotal information (like a published report or something) you might be able to find something with Google, but unfortunately I can't help. The market research results were not provided to me under NDA, but were also not published (so far as I know) so I can't drop a URL on you. Sorry.
"... it's pretty weird to say that these sorts of API translation technologies will be "the way" to bring games to the Mac when Intel-based Macs are a tiny minority of the total Macintosh user base."
I've been told by those who do market research into such things that the overwhelming majority of game sales are transacted with people who have purchased a new system within the last 12 months. Assuming this is true (and it seems to be) then the relevant segment of the market for Mac OS X hosted game software will be almost entirely on the Intel based Macintosh models by February.
Software defects also appear to be a cause of defective spam. I've noticed trends which appear to be someone debugging their spam system by sending message to everyone over and over until they get the message content right. Sigh. They could test by sending to themselves, first, and at least spare us the test/debug cycle for broken spam.
Why the hell do you fucking spammers think that anyone will ever buy from you?
There is money in SPAM. Obviously somebody is buying stuff like viagra from shady online pharmacies and popping the unregulated black market or grey market pills containing who knows what into their bodies.
*shudder*
I can't even imagine what sort of lasting damage one could do to one's, uh, member.
Eureka! That's how to stop spam. Educate people with a campaign reminiscent of the Speed Kills campaign, so that people understand they could permanently damage their penis by taking unregulated pharmaceuticals from shady online stores hosted on 0wn3d pcs.
The article includes the claim that spam received by people fell by 17% from 2003 to 2005. That doesn't really fit with my experience, the experience of other people I talk with, and other data that indicates that an higher percentage of overall email traffic is spam.
I wonder what view into the various statistics that Jupiter Research employed to make this claim. Perhaps spam filters have improved, and the spam that people actually see in their inbox has fallen. Google's spam filter seems to work better than others, but I don't think Google could account for a 17% drop overall, and I don't see much evidence of major improvements in spam filtering technology overall.
PC: I can search every file on your hard drive instantly. Mac: I've been doing that for two years now!
Whatever. The Windows PC has been able to remote search hard drives over remote IRC connections for several years now. The Macintosh still can't do that!;-)
The NeXT Version of Windows(TM) has been announced at WWDC several times in history. Most recently, Longhorn was announced at WWDC 2005. The result in that instance was a name change and schedule slip.
Loepoard has had the longest development cycle of any Mac OS X release since 1.0. I'd guess there will be some interesting new capabilities coming, along with API so that developers can use them, too. Past examples of new API announced at WWDC and slotted into previously blank sessions include CoreData, CoreImage, CoreVideo, and WebKit. I see there are only two scheduled sessions and one Feedback Forum regarding WebObjects. Perhaps some of the unannounced sessions will bring good news for this product.
heh... When reading other places I might be able to draw such conclusions from headlines and articles summaries, but this is Slashdot. As others have noted, the Indian ICBM test received little publicity and was overshadowed. Of course, I have no excuse for failing to read the article thoroughly.
"By law, we're supposed to protect anything that is personal info. At least in the DoD. I guess I figured wrong in thinking that other agencies would follow similar rules."
Yes. The problem is that other agencies were all left to their own discretion as to how to protect what. They do a remarkably non-uniform and rather spotty job of it, which is why the OMB is stepping in with more detailed guidance.
"Even though this stuff is supposed to apply government-wide to Freedom of Information Act-related materials: in other words, the general public is not supposed to ever see your SSN, clearance, job title, duty phone, and so on. "
I was referring to the broader implications for transparency in the sense used in political science -- the mechanisms of government in a democracy must not be secret and must in fact be transparent, e.g. open to public inspection, discourse, debate, and change. This notion is the mechanism by which a society remains "free" in certain important senses not much, or not directly, related to beer. Disclosure of personal details isn't "transparency" at all, which is why those details are redacted from documents released under FOIA.
Although this may help prevent massive loss of data as seen recently, it might also reduce transparency in government. This would be a classic security vs. convenience trade-off. but one with potentially larger implications which should be considered.
Like the endless serious of paper-studies and cancelled test flight vehicles that NASA have done since building the Space Shuttle, this is likely to fail.
Private industry can't solve NASA's transportation gap with a trickle of funding which dries up in 2014 because NASA will be back to doing their own thing.
Although the article was sparse on details, it's already clear that the economic incentives in the proposal are almost certainly unrealistic. Like everything else they have done, this is likely to fail. This time, however, a couple lucky winners are likely to suck a bunch of venture capital into the unrealistic programs and go down in a dot-com style flame with no vehicle and no customers, probably torpedoing investment in this industry for a decade to follow.
That's why there are so many accounts and so few posters. And that's how Slashdot has been able to remain readable.
Only just readable at that. The signal to noise ratio could stand some improvement. I'd like to be able to mod entire posts "lame," as well as be able to filter out people below a certain karma threshold. If I could send voltage to the user keyboard that would be even better. I'd love to be able to meta-mod "Fair mod, but lame ass comment."
Slashdot Mirror
Drat... I forgot to mention an important bit...
Although the DHS warning is about the remote worm exploitable hole, not the office holes, I meant to explicitly suggest that the reason the DHS have their undies in a bunch is because of their heightened sensitivity right now. In turn, I suspect their sensitivity is due to the recent exploitation of the Office holes, not a terrorist plot as such. There have been a couple remote rootable exploits that MS has patched in the past six months which didn't elicit such a response from DHS. What has changed probably isn't the occasional discovery of worm exploitable defects, nor a terrorist threat against The Internet (which threats are omnipresent, eh?) but rather the DHS sensitivity, due to these other recent problems.
It probably (finally) occurred to someone that perhaps the discovered attack for each of these wasn't the *first* attack.
This attack provided interesting and somewhat rare evidence that exploits are sometimes discovered by the black hat's and used for unknown (long) periods of time, quietly, before they are discovered by white hat's or by script kiddies (who invariably exploit them less than discretely such that the defects are discovered quickly).
These recent events should prompt a fair number of security consultants to have somewhat more polite versions of "I told you so" conversations with their unruly clients, who typically don't believe this really happens "in the real world". Yes, it really happens. It really happens in the real world. Let's get real.
I agree 67.314159% with everything the OP said!
I was specifically referring to the Mac market and to expensive official market research paid for by somebody else, not to anecdotal evidence. If you have a real need something better than anecdotal information (like a published report or something) you might be able to find something with Google, but unfortunately I can't help. The market research results were not provided to me under NDA, but were also not published (so far as I know) so I can't drop a URL on you. Sorry.
Software defects also appear to be a cause of defective spam. I've noticed trends which appear to be someone debugging their spam system by sending message to everyone over and over until they get the message content right. Sigh. They could test by sending to themselves, first, and at least spare us the test/debug cycle for broken spam.
*shudder*
I can't even imagine what sort of lasting damage one could do to one's, uh, member.
Eureka! That's how to stop spam. Educate people with a campaign reminiscent of the Speed Kills campaign, so that people understand they could permanently damage their penis by taking unregulated pharmaceuticals from shady online stores hosted on 0wn3d pcs.
The article includes the claim that spam received by people fell by 17% from 2003 to 2005. That doesn't really fit with my experience, the experience of other people I talk with, and other data that indicates that an higher percentage of overall email traffic is spam.
I wonder what view into the various statistics that Jupiter Research employed to make this claim. Perhaps spam filters have improved, and the spam that people actually see in their inbox has fallen. Google's spam filter seems to work better than others, but I don't think Google could account for a 17% drop overall, and I don't see much evidence of major improvements in spam filtering technology overall.
The Macintosh still can't do that!
The NeXT Version of Windows(TM) has been announced at WWDC several times in history. Most recently, Longhorn was announced at WWDC 2005. The result in that instance was a name change and schedule slip.
Loepoard has had the longest development cycle of any Mac OS X release since 1.0. I'd guess there will be some interesting new capabilities coming, along with API so that developers can use them, too. Past examples of new API announced at WWDC and slotted into previously blank sessions include CoreData, CoreImage, CoreVideo, and WebKit. I see there are only two scheduled sessions and one Feedback Forum regarding WebObjects. Perhaps some of the unannounced sessions will bring good news for this product.
You meant "infer", I'm sure.
Did I get that right? An anonymous submitter implies that the failure of North Korea to test an ICBM is a disappointment?
Doesn't anybody screen these calls?
What the heck does this mean?
I don't even know what the heck this means.
Hating SCO isn't really hating UNIX, it's really more like hating multi-user DOS.
I was referring to the broader implications for transparency in the sense used in political science -- the mechanisms of government in a democracy must not be secret and must in fact be transparent, e.g. open to public inspection, discourse, debate, and change. This notion is the mechanism by which a society remains "free" in certain important senses not much, or not directly, related to beer. Disclosure of personal details isn't "transparency" at all, which is why those details are redacted from documents released under FOIA.
I pondered this issue a little more, here: OBM laptop security guidelines: implications for transparency in government?
Although this may help prevent massive loss of data as seen recently, it might also reduce transparency in government. This would be a classic security vs. convenience trade-off. but one with potentially larger implications which should be considered.
Ooops... a cut and past error. I *meant* to say:
Like the endless serious of paper-studies and cancelled test flight vehicles that NASA have done since building the Space Shuttle, this is likely to fail.
Private industry can't solve NASA's transportation gap with a trickle of funding which dries up in 2014 because NASA will be back to doing their own thing.
Although the article was sparse on details, it's already clear that the economic incentives in the proposal are almost certainly unrealistic. Like everything else they have done, this is likely to fail. This time, however, a couple lucky winners are likely to suck a bunch of venture capital into the unrealistic programs and go down in a dot-com style flame with no vehicle and no customers, probably torpedoing investment in this industry for a decade to follow.
Does that make me a bad person?
Undoubtedly you meant,
"It sounds as though you have been too near the bogon flux"
or perhaps
"you sound like a Vogon".
Are they at least an Eeeevil "!" and "@" ?
Uh, I don't think so.
*checks*
At least mine doesn't have a flap.