This is my preferred solution. A machine that sits outside the main firewall that just runs browsers for remote connections.
The internal machines stay clean and the external machine(s) get wiped/reloaded on a regular schedule.
Also, everyone logged in gets a daily/weekly report of what sites they've been visiting and when. And a list of people who can request a copy of that list (their boss, their boss' boss, HR, etc). Judge for yourself whether you'd be able to explain your habits to HR should the question ever arise.
Meet Billy. Billy wants to be a programmer. Billy has a high school diploma. Billy has no college degree. Billy has no certifications. Billy has no professional experience.
What advice would you give Billy to get him his first programming job?
However to filter out on the fact they don't have a certificate (or degree) means to lose out on some of the better programmers.
Any time you use a filter you run the risk of missing a better candidate.
Certificates are an easy filter because any qualified candidate can get them with minimal time/expense.
Are you going to refuse to send in a resume for your dream job just because they require a certain certification to be considered? Or are you going to go to the testing facility and get that certification?
At one level, a diploma is no more than a very expensive certification.
My advice has been to get the cheapest and fastest degree you can (from a correctly accredited school). It doesn't matter what the degree is in. Once you've cleared that hurdle you can look at advanced degrees in subjects that may be more work-focused for you.
You can spend $15K on a degree. You can spend $150K on a degree. Your pedigree will only matter in certain firms or with certain people.
When i refer to states rights, I mean the PEOPLE of the state deciding what is a deemed "a right".
Nope. Still wrong. If something is a "right" then how can a state government (or a city government) declare that it is NOT a right?
Even if the majority in that state/city says so?
Your Rights are not subject to majority approval.
As I have been trying to say though, in my first post, marriage was never a right (until SCOTUS declared it to be) it was always a PRIVILEGE granted to by the states (the status constituents who are represented by their local representatives).
Again, marriage existed BEFORE any of the states here existed. There is no "PRIVILEGE granted".
If the government cannot grant a citizen a right then how come they JUST DID??????
The Supreme Court dis NOT just grant "a right" to anyone.
And Yes, i do believe the state (and moreso the states constituents) should be allowed, at their discretion to make any type of marriage illegal.
You might want to read some history.
The states have a poor record on the subject of minority rights. Such as slavery. And segregation. And so forth.
If a person of faith speaks out against gay marriage and the government reprimands that person - then that is the government interfering.. and if you are so naive to think that scenario isn't coming - then I have a nice little bridge to sell you.
You need to read about Westboro Baptist Church. They've already proven the you are wrong. And they did it at the Supreme Court.
What I am saying is is that marriage was never a fundamental right to begin with. For anyone.
I hate to break it to you but people have been getting married (by various definitions) for thousands of years.
Maybe it your personal definition of "fundamental right" that is flawed.
Read the 10th Amendment.
You might learn that our Constitution was written to LIMIT the powers of our GOVERNMENT. It was NOT written as a list of the "fundamental rights" of the citizens.
You have it BACKWARDS. The citizens grant the government certain rights. NOT the government granting the citizens certain rights (such as who can marry whom).
Building more towers is not always possible and when it is, it is frequently not feasible.
You left off "at that profit level".
If Sprint refuses to build out their infrastructure then that is their issue. In other words, they are attempting to artificially limit a resource in order to maintain their choke point in order to maximize profits.
I guarantee that if a competitor started moving into their market and offering services for less, Sprint would suddenly find it very "feasible" to build out their infrastructure.
And that would be accurate if we were actually talking about a limited resource for free.
But we aren't.
You left out the part where the profit margin is flexible. The consumer costs will only rise because Sprint wants to keep the profit as high as it was. Bandwidth is NOT a limited resource in this case.
It's not about the tool specifically, of course you need to skill yourself in whatever applications your field is going to use.
My take on that is that people expect the schools to teach them what they need to get a job AND THEN STOP LEARNING ANYTHING ELSE.
But schools should really be teaching you how to LEARN NEW THINGS.
Then you choose what to learn and you learn it.
If the answer is no, you don't know how to code javascript, you know how to use libraries.
And starting that way is okay. Ending that way is not okay.
Unless you are in one of the highly competitive schools, you'll probably only "learn" the basics of one tool. Maybe two. The classes are designed for the average person/student. YOU have to put in the effort beyond school.
Which is what really annoys me with the recent spate of "how much X should you know" crap articles here.
Know how to learn more AND learn more. Both in a wider variety of tools and a deeper understanding of how those tools work.
School will, at best, teach you to be minimally competent. It's up to you to do better.
Think those IoT providers will pay more than lip service to ensuring their devices are not easy prey? Won't happen.
Won't happen because it cannot happen. There will be some manufacturers who go out of business. Where's the updates then?
Not to mention the manufacturers dropping support for older models EVEN IF THEY STILL WORK. Gotta buy a new fridge because the old one isn't updated any more.
Even if they do put the minimal effort in being better than "easy prey", how many times have we seen secret backdoors suddenly becoming public knowledge?
So anyone working there with any common sense at all should be interviewing NOW!.
If you aren't interviewing then you should be updating your certifications and such.
This isn't some kind of "oops we made a mistake" error. Upper management wants to replace you with cheaper options. Get out on your terms instead of their terms.
"Security is not a property of a technical system," she noted in her talk at the Hack in the Box conference in Amsterdam. "Security is the set of activities that reduce the likelihood of a set of adversaries successfully frustrating the goals of a set of users."
No. "Security" does not exist. You can be MORE secure than X or you can be LESS secure than X but you cannot achieve "security".
For me, being MORE secure means that fewer people can successfully attack you (or that the attack requires more of them to work together).
Saitta realized that a lot of what we know in the security world can't be effectively used if someone in the real world is targeted by a determined adversary.
No. That is getting back to the MORE secure or LESS secure. If the attacker has to drop armed forces onto your office building then you are MORE secure than if they exploited a 0-day on your web site.
We shouldn't work on assumptions or go by intuition - we should set aside our egos, and consult with the end users - learn about their goals and adversaries.
I'd say that 99.9+% of them have no idea who their adversaries are. Other than "that asshole Bob" or "the Chinese".
In the case of high-risk users, usable security is a must.
Is there ever a case where unusable security is a must?
As she vividly put it: if you're on a rooftop, trying to get a connection and successfully send out an encrypted message because your life or freedom - or that of others - depends on it, and you know that there are snipers waiting to take a shot at you - there is simply zero room for using a tool as complex as PGP.
Choose the right tool for the job AND LEARN HOW TO USE IT PRIOR TO THE EMERGENCY.
And if her example is, literally, snipers on the rooftops then whomever did the computer security did a fucking great job. This is an example of a win, not a failure.
By default, generate a set of addresses from the same (randomized) interface identifier, one address for each prefix for which a global address has been generated via stateless address autoconfiguration.
Parsing that shouldn't be a problem for anyone with a CCNA or equivalent experience. But there are going to be problems when the average user is trying to set up his home router.
Fat fingers....and I don't think we should design the internet with the most basic web surfing home user in mind.
But that is where the most problems will be.
IPv6 will support everyones needs. IPv4 supports only the most trivial.
It is not whether it will support X or not. It is how much expertise it takes to get such support configured AND maintain the same level of security available with IPv4.
With a current home router and IPv4 + "NAT" the average home user can handle everything they know about today. Without having to learn anything new.
Slashdot Mirror
Could be. But what it is NOT is hypocrisy since both the initial claim to support/oppose X and the vote to oppose/support X are in the public eye.
Hypocrisy is when a PUBLIC virtue is claimed while practising the associated vice in PRIVATE.
This could be horse trading (regular politics). This could be corruption. This could be a two-faced lying politician.
But it would not be hypocrisy.
Why hasn't this been mod'ed up?
This is my preferred solution. A machine that sits outside the main firewall that just runs browsers for remote connections.
The internal machines stay clean and the external machine(s) get wiped/reloaded on a regular schedule.
Also, everyone logged in gets a daily/weekly report of what sites they've been visiting and when. And a list of people who can request a copy of that list (their boss, their boss' boss, HR, etc). Judge for yourself whether you'd be able to explain your habits to HR should the question ever arise.
Well the question would then be why-is-the-firewall-there-in-the-first-place.
Is it because it was seen as the cost effective solution to workstations being infected by malicious sites/ads/whatever?
Was there a different reason?
Web blockers usually require a subscription fee. Why pay the fee and then let users bypass it?
Wouldn't you want to be notified if a work-related site suddenly got blocked?
Nicely phrased.
How about a different scenario?
Meet Billy. Billy wants to be a programmer. Billy has a high school diploma. Billy has no college degree. Billy has no certifications. Billy has no professional experience.
What advice would you give Billy to get him his first programming job?
Any time you use a filter you run the risk of missing a better candidate.
Certificates are an easy filter because any qualified candidate can get them with minimal time/expense.
Are you going to refuse to send in a resume for your dream job just because they require a certain certification to be considered? Or are you going to go to the testing facility and get that certification?
That doesn't sound like it scales very well.
The last time I had to deal with resumes I had hundreds. And that was from people in Seattle/Tacoma.
Calling each of them would have taken weeks. Or months if there were any complications at work.
My advice has been to get the cheapest and fastest degree you can (from a correctly accredited school). It doesn't matter what the degree is in. Once you've cleared that hurdle you can look at advanced degrees in subjects that may be more work-focused for you.
You can spend $15K on a degree. You can spend $150K on a degree. Your pedigree will only matter in certain firms or with certain people.
The problem is how to judge expertise on a resume.
So certifications get you past the HR filter.
Only then do you get to talk to someone who (in theory) knows programming/whatever enough to evaluate your actual expertise.
So, what is it worth to get past that first hurdle?
So I sold my slave to my buddy in the 6th year.
And he sold me his slave.
You say "loophole" while I say "cheap labour".
My argument would be inheritance. A family could bypass all the legalities of inheritance simply by "marrying" each other.
Which was a problem whether you allowed Mom to marry her sons or whether you allow Dad to marry his sons.
And then divorce them and splitting the assets 50/50.
Lather, rinse, repeat.
Nope. Still wrong. If something is a "right" then how can a state government (or a city government) declare that it is NOT a right?
Even if the majority in that state/city says so?
Your Rights are not subject to majority approval.
Again, marriage existed BEFORE any of the states here existed. There is no "PRIVILEGE granted".
The Supreme Court dis NOT just grant "a right" to anyone.
They just made it ILLEGAL to DENY that right.
You might want to read some history.
The states have a poor record on the subject of minority rights. Such as slavery. And segregation. And so forth.
You need to read about Westboro Baptist Church. They've already proven the you are wrong. And they did it at the Supreme Court.
I hate to break it to you but people have been getting married (by various definitions) for thousands of years.
Maybe it your personal definition of "fundamental right" that is flawed.
Read the 10th Amendment.
You might learn that our Constitution was written to LIMIT the powers of our GOVERNMENT. It was NOT written as a list of the "fundamental rights" of the citizens.
You have it BACKWARDS. The citizens grant the government certain rights. NOT the government granting the citizens certain rights (such as who can marry whom).
Don't be too harsh on him. As The Onion says, he realizes that one day he will be portrayed as the villain in an Oscar-winning movie.
http://www.theonion.com/article/scalia-thomas-roberts-alito-suddenly-realize-they--32972
You left off "at that profit level".
If Sprint refuses to build out their infrastructure then that is their issue. In other words, they are attempting to artificially limit a resource in order to maintain their choke point in order to maximize profits.
I guarantee that if a competitor started moving into their market and offering services for less, Sprint would suddenly find it very "feasible" to build out their infrastructure.
And that would be accurate if we were actually talking about a limited resource for free.
But we aren't.
You left out the part where the profit margin is flexible. The consumer costs will only rise because Sprint wants to keep the profit as high as it was. Bandwidth is NOT a limited resource in this case.
My problem with tying it to sales and marketing is that now I will be inundated with sales calls and emails.
And then they will sell my contact info to anyone who will pay for it.
So I have to go through the effort of registering ANOTHER fake email address with GMail prior to filling out the form.
Fuck, just look at how stupid Dice is making /. now. That always happens when sales and marketing interfere with technology.
My take on that is that people expect the schools to teach them what they need to get a job AND THEN STOP LEARNING ANYTHING ELSE.
But schools should really be teaching you how to LEARN NEW THINGS.
Then you choose what to learn and you learn it.
And starting that way is okay. Ending that way is not okay.
Unless you are in one of the highly competitive schools, you'll probably only "learn" the basics of one tool. Maybe two. The classes are designed for the average person/student. YOU have to put in the effort beyond school.
Which is what really annoys me with the recent spate of "how much X should you know" crap articles here.
Know how to learn more AND learn more. Both in a wider variety of tools and a deeper understanding of how those tools work.
School will, at best, teach you to be minimally competent. It's up to you to do better.
Well that's great.
As long as your local library exists.
And is accessible when you need it.
And close enough for you to get to.
And has a working computer available for you in the time frame you have.
No. That's not so great. That sucks.
Won't happen because it cannot happen. There will be some manufacturers who go out of business. Where's the updates then?
Not to mention the manufacturers dropping support for older models EVEN IF THEY STILL WORK. Gotta buy a new fridge because the old one isn't updated any more.
Even if they do put the minimal effort in being better than "easy prey", how many times have we seen secret backdoors suddenly becoming public knowledge?
So anyone working there with any common sense at all should be interviewing NOW!.
If you aren't interviewing then you should be updating your certifications and such.
This isn't some kind of "oops we made a mistake" error. Upper management wants to replace you with cheaper options. Get out on your terms instead of their terms.
On the other hand, this should also provide you with a list of the sites where you should be changing your password.
Hopefully everyone will manage to do that before any of the hashes are cracked (if the crackers managed to get both the algorithm and salt).
I have different concerns with that article.
No. "Security" does not exist. You can be MORE secure than X or you can be LESS secure than X but you cannot achieve "security".
For me, being MORE secure means that fewer people can successfully attack you (or that the attack requires more of them to work together).
No. That is getting back to the MORE secure or LESS secure. If the attacker has to drop armed forces onto your office building then you are MORE secure than if they exploited a 0-day on your web site.
I'd say that 99.9+% of them have no idea who their adversaries are. Other than "that asshole Bob" or "the Chinese".
Is there ever a case where unusable security is a must?
Choose the right tool for the job AND LEARN HOW TO USE IT PRIOR TO THE EMERGENCY.
And if her example is, literally, snipers on the rooftops then whomever did the computer security did a fucking great job. This is an example of a win, not a failure.
https://en.wikipedia.org/wiki/Valerie_Plame
If there is a political point to be made, yeah, I'd expect them to name every single one of them.
They'd have nothing to lose and everything to gain.
Let me quote part of that RFC for you.
Parsing that shouldn't be a problem for anyone with a CCNA or equivalent experience. But there are going to be problems when the average user is trying to set up his home router.
But that is where the most problems will be.
It is not whether it will support X or not. It is how much expertise it takes to get such support configured AND maintain the same level of security available with IPv4.
With a current home router and IPv4 + "NAT" the average home user can handle everything they know about today. Without having to learn anything new.