Unless you're also planning to move across the country, chances are that somebody at $new_job will know somebody at $old_job and will informally call up during the interview/hiring process and ask "hey, what happend to Joe?".
Now, you'll never hear about that happening, you'll just get a form-letter "we found a more qualified candidate" from HR.
There's nothing on a corporate laptop that I can't emulate on my own.
When you get the phone call to pick up your already boxed personal effects from the guard at the gate, you'll re-evaluate the confidence in that statement.
Modern computers have a host of ways to verify a physical asset in ways that can't be copied (I'm not talking about spoofing a MAC address, I'm talking about device keys that are stored on the TPM chip).
As an IT professional you are supposed to work WITH me, not AGAINST me.
As an employee, you are expected to follow the policy as written, including the ones you disagree with.
A company that distributes "secure" laptops but fails to lock the BIOS and boot order (and make use of the on-board TPM to secure the physical hard disk) either doesn't care or isn't trying.
Okay.. we can play that game. But you have to get lucky *every time*.. I only have to catch you doing it once.
The corporate policy is there for a reason.. if you don't like it, go work somewhere else.
We are not "lucky" to have an employee like you.
RSA 2012 is basically a big sales presentation. To suggest sneaking in is a big achievement is like saying you got into BestBuy a few minutes early one day to shop for TVs.
I am security@ a large public.edu.. and I can say that their approach is quite *uncommon* among my peers in the industry.
Education is typically a very open environment, and IT will happily provide (within reason) anything that doesn't interfere with something else.
For example, we have several "hacking labs" on campus, where students are free to do basically whatever they want, regardless of how malicious. Granted, those networks are firewalled off from the rest of campus (and the Internet). We also have PlanetLab, TOR (which I run myself), and a few other projects.
As for Internet access, we don't have "wide open" like your home DSL (email, for example, must go through our servers for obvious reasons).. and we block common things like tcp/6666 and tcp/445 outbound.. but other than that, we reguarly field calls from folks that just got $shiny_new_game for their $toy and want to know if we can figure out why voice chat (or whatever) doesn't work.
Last year we actually had students bring their PS3/Xbox units into a conference room in the IT department, hooked up to our projectors, and had then all plug into a switch where we were running a sniffer.. we had the network engineers, security team, etc. all assembled and basically told the students "go for it" and made several ongoing tweaks to things to ensure they got the best experience (gaming is a latency-sensitive application, we just needed to figure out how to prioritize it with QoS and the packeteer).
In short.. tl/dr.. sounds like your Uni has a sucky policy. Take it up with the provost.. you are paying to be there, and Internet access is part of your campus experience. If it's not up to par, they need to make changes.
If it's your daily driver then you can just cover the antenna with copper foil (the kind used for roof flashing) before you drive off in the morning.. no need for an active jammer. In commercial vehicles the antenna isn't typically hidden at all.
If you just want to disable your OnStar then all you need to is remove the appropriate fuse.
Yeah, and you can do the same basic thing if you've got an off-grid cabin with 2 60w bulbs wired inbetwen your genset and the utility.. just tinker with the engine speed until the lights stay off and throw the switch.
A synchroscope is seriously outdated tech.. nowdays it's all done by computer.
The data was in a colo.. in my (professional) dealings with the authorities, provided you are cooperative (and by this, I don't mean coughing up things voluntarily, I mean they have a proper warrant that legal has reviewed, etc.).. they are sensitive to disrupting your business and in many cases enlist the help of the on-site technicians to identify the evidence they seek (which often times isn't so simple as "that machine over there").
I doubt we'll get the tell-all from the colo folks, but likely they just went in with the warrant and asked for images.. they don't truck out the entire datacenter unless it's the business itself that's under investigation.
Carry an infant.. you get waved past the nude-o-scope and you can cart a cooler full of liquids/gels as well. This is completely logical, considering terrorists never use children.
This "less radiation that flying" claim has been disputed because the energy level of cosmic rays is substantially higher than those used in backscatter xray (which is deposited in the outer few millimeters of the epidermis). The TSA (et.al.) would like you to believe it's an apples-to-apples comparison of whole-body dose when it isn't.
Okay, so the FBI want's to drop major coin on what's really just expensive news aggregation.
Don't immediately assume that because the government is doing it, that it's bad.. as much as I hate Twitter, fast happening or highly localized events often are posted there tens of minutes before they make any sort of major media.
There's millions of people running around with smartphones that constantly yap.. this is basically like surveillance cameras, but with automatic (and free) interpretation.
And before anyone complains about the privacy "implications".. don't put private shit on the Internet. Period.
I don't see how this is any different than the agreements most of you signed at work.. basically if you produced it on the company's dime (or using the company's resources).. it's their product.
If you and your clever friends are so inclined, go talk to a venture capitalist, get some startup funding, build and patent some drones.. and then SELL them to the DoD.
Part of the advantage of doing it as part of this project is the DoD will bend all sorts of rules for you that would make it all but impossible for a 15yr old to do in the backyard. See how fast the ATF/FAA come past when you figure out how to drop flaming bags of poo from a model airplane.
Forgot to mention.. we also sealed the back with wax and an imprint.. in Victorian style. I DO NOT recommend doing this as it majorly pissed off the post office and every outer envelope ended up with a red stripe on it since many went to the same destination, and as they flew through the high speed sorting equipment, the wax imprint functioned like a crayon.
Also, since I didn't say it before, I'll repeat what several others have said and mention that it's fairytale come true for your wife. Put down the soldering iron and make it a formal affair.
My wife and I couldn't find any invitations we liked.. so we designed our own (working together, on a lot of company time/resources) and laid the whole thing out in Illustrator so the invite, RSVP, table number cards, etc. would fit on 8.5x14 paper. Worked with the printer to see what he needed, and did the color separations and saved them as individual postscript files.. looked at a Pantone book to get the right colors.
The printer was a local union shop right across the street and was able to do thermography (raised lettering basically). We also custom printed (work, color laser) all the envelopes.
We both work in IT, so when our guests asked where we got the invites and we told them how they came to be, they were sufficiently impressed.
They also didn't weird out grandma. Total cost was $260 including envelopes for ~130 of them, btw.
No, they asked the NZ authorities to do it on their behalf. That is a big difference. In the Mega[upload|video] case, they subjected themselves to US jurisdiction by using a colo in Virginia. Had he used.. say.. PRQ (who I picked as an example because of their general "pfft with your stupid laws" attitude) he'd probably have a lot better case (which isn't to say the US wouldn't have tried anyway, but they pretty clearly have jurisdiction.
Ironically, we're involved in the same debate, but in reverse.
We are involved in an 'outsourced email' discussion, and some companies (ie: G-something) say, quite literally, "we can't tell you what countries your data will be in, only which ones it won't be in". When pressed on how they come up with that, they say "well, it's not in the ones where we don't have datacenters".
Other companies (ie: M-something) have ITAR certified solutions that assure you it's US datacenters and US citizens.
I can understand Canada not warning their citizens about other countries' laws, but as a US entity involved in R&D we have the same concerns. Hey, at least they're OUR laws and OUR courts we can challenge them in.
Actually, the cars will probably do far better than humans in that situation. For a good example, think of how many people still pump their antilock brakes.
Technology has existed for a long time that efficiently moves an entire line of vehicles in close succession from one town to the next, in some cases.. mostly autonomously and on dedicated "roads".
Slashdot Mirror
filetype:torrent "tiny violins"
Unless you're also planning to move across the country, chances are that somebody at $new_job will know somebody at $old_job and will informally call up during the interview/hiring process and ask "hey, what happend to Joe?".
Now, you'll never hear about that happening, you'll just get a form-letter "we found a more qualified candidate" from HR.
Don't burn bridges, even in they deserve it.
There's nothing on a corporate laptop that I can't emulate on my own.
When you get the phone call to pick up your already boxed personal effects from the guard at the gate, you'll re-evaluate the confidence in that statement.
Modern computers have a host of ways to verify a physical asset in ways that can't be copied (I'm not talking about spoofing a MAC address, I'm talking about device keys that are stored on the TPM chip).
As an IT professional you are supposed to work WITH me, not AGAINST me.
As an employee, you are expected to follow the policy as written, including the ones you disagree with.
It wasn't "lost" nor was it "taken" .. you traded it for better prizes (free search, free storage, whatever).
A company that distributes "secure" laptops but fails to lock the BIOS and boot order (and make use of the on-board TPM to secure the physical hard disk) either doesn't care or isn't trying.
Okay .. we can play that game. But you have to get lucky *every time* .. I only have to catch you doing it once.
.. if you don't like it, go work somewhere else.
The corporate policy is there for a reason
We are not "lucky" to have an employee like you.
--IT Security Director
why don't they just mandate a cow catcher on the back, would that be more to-the-point?
RSA 2012 is basically a big sales presentation.
To suggest sneaking in is a big achievement is like saying you got into BestBuy a few minutes early one day to shop for TVs.
I am security@ a large public .edu .. and I can say that their approach is quite *uncommon* among my peers in the industry.
.. and we block common things like tcp/6666 and tcp/445 outbound .. but other than that, we reguarly field calls from folks that just got $shiny_new_game for their $toy and want to know if we can figure out why voice chat (or whatever) doesn't work.
.. we had the network engineers, security team, etc. all assembled and basically told the students "go for it" and made several ongoing tweaks to things to ensure they got the best experience (gaming is a latency-sensitive application, we just needed to figure out how to prioritize it with QoS and the packeteer).
.. tl/dr .. sounds like your Uni has a sucky policy. Take it up with the provost .. you are paying to be there, and Internet access is part of your campus experience. If it's not up to par, they need to make changes.
Education is typically a very open environment, and IT will happily provide (within reason) anything that doesn't interfere with something else.
For example, we have several "hacking labs" on campus, where students are free to do basically whatever they want, regardless of how malicious. Granted, those networks are firewalled off from the rest of campus (and the Internet). We also have PlanetLab, TOR (which I run myself), and a few other projects.
As for Internet access, we don't have "wide open" like your home DSL (email, for example, must go through our servers for obvious reasons)
Last year we actually had students bring their PS3/Xbox units into a conference room in the IT department, hooked up to our projectors, and had then all plug into a switch where we were running a sniffer
In short
If it's your daily driver then you can just cover the antenna with copper foil (the kind used for roof flashing) before you drive off in the morning .. no need for an active jammer. In commercial vehicles the antenna isn't typically hidden at all.
If you just want to disable your OnStar then all you need to is remove the appropriate fuse.
Yeah, and you can do the same basic thing if you've got an off-grid cabin with 2 60w bulbs wired inbetwen your genset and the utility .. just tinker with the engine speed until the lights stay off and throw the switch.
.. nowdays it's all done by computer.
A synchroscope is seriously outdated tech
The data was in a colo .. in my (professional) dealings with the authorities, provided you are cooperative (and by this, I don't mean coughing up things voluntarily, I mean they have a proper warrant that legal has reviewed, etc.) .. they are sensitive to disrupting your business and in many cases enlist the help of the on-site technicians to identify the evidence they seek (which often times isn't so simple as "that machine over there").
.. they don't truck out the entire datacenter unless it's the business itself that's under investigation.
I doubt we'll get the tell-all from the colo folks, but likely they just went in with the warrant and asked for images
Carry an infant .. you get waved past the nude-o-scope and you can cart a cooler full of liquids/gels as well.
This is completely logical, considering terrorists never use children.
This "less radiation that flying" claim has been disputed because the energy level of cosmic rays is substantially higher than those used in backscatter xray (which is deposited in the outer few millimeters of the epidermis). The TSA (et.al.) would like you to believe it's an apples-to-apples comparison of whole-body dose when it isn't.
Okay, so the FBI want's to drop major coin on what's really just expensive news aggregation.
.. as much as I hate Twitter, fast happening or highly localized events often are posted there tens of minutes before they make any sort of major media.
.. this is basically like surveillance cameras, but with automatic (and free) interpretation.
.. don't put private shit on the Internet. Period.
Don't immediately assume that because the government is doing it, that it's bad
There's millions of people running around with smartphones that constantly yap
And before anyone complains about the privacy "implications"
I don't see how this is any different than the agreements most of you signed at work .. basically if you produced it on the company's dime (or using the company's resources) .. it's their product.
.. and then SELL them to the DoD.
If you and your clever friends are so inclined, go talk to a venture capitalist, get some startup funding, build and patent some drones
Part of the advantage of doing it as part of this project is the DoD will bend all sorts of rules for you that would make it all but impossible for a 15yr old to do in the backyard. See how fast the ATF/FAA come past when you figure out how to drop flaming bags of poo from a model airplane.
Forgot to mention .. we also sealed the back with wax and an imprint .. in Victorian style. I DO NOT recommend doing this as it majorly pissed off the post office and every outer envelope ended up with a red stripe on it since many went to the same destination, and as they flew through the high speed sorting equipment, the wax imprint functioned like a crayon.
Also, since I didn't say it before, I'll repeat what several others have said and mention that it's fairytale come true for your wife. Put down the soldering iron and make it a formal affair.
My wife and I couldn't find any invitations we liked .. so we designed our own (working together, on a lot of company time/resources) and laid the whole thing out in Illustrator so the invite, RSVP, table number cards, etc. would fit on 8.5x14 paper. Worked with the printer to see what he needed, and did the color separations and saved them as individual postscript files .. looked at a Pantone book to get the right colors.
The printer was a local union shop right across the street and was able to do thermography (raised lettering basically). We also custom printed (work, color laser) all the envelopes.
We both work in IT, so when our guests asked where we got the invites and we told them how they came to be, they were sufficiently impressed.
They also didn't weird out grandma. Total cost was $260 including envelopes for ~130 of them, btw.
Unfortunately .. all of Dr. Pauls good ideas require approval of congress.
Many of his bad/kooky ideas he can do all on his own (as president).
No, they asked the NZ authorities to do it on their behalf. That is a big difference. In the Mega[upload|video] case, they subjected themselves to US jurisdiction by using a colo in Virginia. Had he used .. say .. PRQ (who I picked as an example because of their general "pfft with your stupid laws" attitude) he'd probably have a lot better case (which isn't to say the US wouldn't have tried anyway, but they pretty clearly have jurisdiction.
Ironically, we're involved in the same debate, but in reverse.
We are involved in an 'outsourced email' discussion, and some companies (ie: G-something) say, quite literally, "we can't tell you what countries your data will be in, only which ones it won't be in". When pressed on how they come up with that, they say "well, it's not in the ones where we don't have datacenters".
Other companies (ie: M-something) have ITAR certified solutions that assure you it's US datacenters and US citizens.
I can understand Canada not warning their citizens about other countries' laws, but as a US entity involved in R&D we have the same concerns. Hey, at least they're OUR laws and OUR courts we can challenge them in.
Actually, the cars will probably do far better than humans in that situation.
For a good example, think of how many people still pump their antilock brakes.
Technology has existed for a long time that efficiently moves an entire line of vehicles in close succession from one town to the next, in some cases .. mostly autonomously and on dedicated "roads".
They're called trains.
So who's drugs were they, when nobody's in the car except a blow-up doll?