And I think that the summary kind of misses the point of what "air-gapped" means. It does NOT mean that your system is invulnerable. No system is invulnerable.
It DOES mean that it can ONLY be attacked by someone with physical access to it. Or someone with control of the hardware manufacturing / transportation channels prior to the computer being installed in the secure location. So you're removing potential channels of attack AND reducing the number of potential attackers.
Now you need metal detectors at the entrances. And "no lone zones" where EVERYONE is accompanied by someone else. Depending upon the level of security that you want.
No. The best solution, as I have stated, is to have the books needed to pass the standardized tests.
Look, Apple is offering to donate iPads. They are NOT offering to donate chemistry textbooks.
And that is the problem. By donating the iPads, Apple gets a tax write-off and the schools end up with broken/stolen tech that ate up resources.
a. Apple could pay their taxes and the government could use that money to buy those books.
b. Apple could donate those books INSTEAD of the iPads.
c. Apple could donate a portion of the proceeds of selling those iPads.
Why isn't Apple working on getting the books that would cost a lot LESS than those iPads? Because Apple is looking out for Apple. And using those kids as PR.
To say that "nothing" is better, because the iPads will just get stolen anyway, is just a cynical rationalization by people that want to feel smug and superior, criticizing these donors, while doing absolutely nothing themselves.
I've just given you three scenarios that would be better.
You are the one claiming that Apple's only option is to donate iPads.
An iPad probably has a bit higher black-market value than a textbook on High School chemistry.
And cannot take the same amount of accidental water damage.
Or accidental falling damage.
And requires more infrastructure and support to maintain it.
Meanwhile, the poorest schools cannot afford the books that are written for the standardized tests that those students have to pass. https://www.google.com/#q=underprivileged+schools+textbooks+standardized+testing Choose the "Why Poor Schools Can't Win at Standardized Testing" link. They're blocking links from/. for some reason.
First off, I'm amazed that none of them have stolen. I'd have expected at least a few thefts before the criminals realized that they could not be used/re-sold.
Secondly, that's more infrastructure that needs to be maintained and secured. With associated training as the staff changes jobs.
"Underprivileged" schools really need basics like text books, notebooks, and pencils for the kids.
And teachers.
If you really have to deploy technology then make it something like a Raspberry Pi. Low theft risk. Easy replacement. And $750 million will buy a lot of them AND books, paper, pencils, teachers, etc.
Wasn't there a recent story about how some schools could not afford the text books with the answers that went with the standardized tests?
Yes, they can legally promise that (it is not illegal to say that they promise that).
No, their service is not legally bound by that promise forever. There are many instances and eventualities that could change it. And probably will if they get sufficient market share.
... "a sophisticated entity that used commercial, nonattributable spyware thatâ(TM)s proprietary to a government agency: either the CIA, FBI, the Defense Intelligence Agency or the National Security Agency."
So the software is "commercial" but also "proprietary to a government agency" that cannot be identified.
I think that she does not understand the meaning of the words she is using.
But I also think that our government probably was spying on her. And lots of other people. Just not in the way she describes it.
... if I am to compare the two I would say that the USA is becoming more and more socialistic (turning more and more pinko) while China has turned blue, deeeeep blue
You might want to compare the limits of freedom for individuals in both countries.
And then look at "Totalitarianism" and "Authoritarianism" in addition to "Socialism" and "Capitalism".
European Democracies tend toward Socialism without the "pinko" label.
Or, to put it another way, who ran against China's current President in the last election and how many votes did s/he get from the public?
If the mission requires having a "cyber warrior" join a team that will infiltrate some facility then they certainly should be able to meet the physical qualifications, use a gun, etc.
The problem (IMO) is with the military officers trying to bulk up their careers by being associated with a new division or whatever. No matter how bad the idea is or how much it hurts morale.
Not only that but if they change the physical requirements it's going to have a lot of repercussions.
First off, Basic Training. Is there going to be a "cyber warrior only" camp for that?
Secondly, promotions. Will the promotion points for Physical Training be altered for "cyber warriors"?
Also, you have to pass Physical Training tests every year to stay in. Will the guy who cooks the food the "cyber warrior" eats be held to a higher physical standard than the "cyber warrior" is?
I'm thinking that Lt. Col. Sharlene Pigg does not understand anything about morale or esprit de corps.
Way too many people don't realize that our current economic and political system would not survive if critical thinking skills became commonplace.
Possibly. Although the same can be said of every other economic and political system as well. Which is a bit of a problem. People are messy. And each person has his/her own priorities and beliefs and weirdness.
We are destroying our own planet in the name of making 0.01% wealthy, and most of us, most of the time, are perfectly content to participate in the process in any way that pays decently and offers "interesting" work.
Just because someone exercises critical thinking does not mean that that person will come to the same conclusions that you have. They probably aren't starting with the same objectives as you.
Which is why companies DO NOT WANT real critical thinking skills.
They want people who think like they do and who come to the same conclusions that they do based upon the same information that they have.
You do not INTENTIONALLY break equipment that you do not own. You do not do that. No matter how you feel about that equipment. Particularly when the person who now owns said equipment has no idea that there is a problem.
And I'd be wary of any company that could not understand that.
Non-lethal weapons would allow protestors to protest without getting killed.
Protestors should be able to protest WITHOUT the police using either lethal or non-lethal weapons against them.
The important thing here is to take away the governments ability to kill.
Except that you are not doing that.
You are providing the police with pain-compliance (aka "torture") devices.
And as can be seen in many news reports, once the police/government has them, they will use them. And that use will not be INSTEAD of more lethal options. They will be used when the victims do not IMMEDIATELY follow the orders of the police. Even if those orders are illegal to begin with.
Those weapons will be treated as a "force multiplier". Not as a preferred option over lethal force.
That makes sense on one level, but using telnet is a bad habit one shouldn't get into.
I agree. A better habit is setting up and using SSH.
Not only that but "defense in depth". Do NOT rely upon your perimeter defenses to stop all attacks. It only takes one person with a compromised laptop and you're cracked.
1) these were default passwords that everyone on the team knew
SSH can be set up the same.
2) the development VLAN is secured from outsiders
Until it is compromised.
Remember, in defense you have to be right on everything all the time. An attacker can just stumble into something you missed. Like someone's laptop that was brought in when it should not have been.
Nor are they "isolated". All of the blades connect to the same backplane.
And moving VM's between individual blades is a hassle unless you use some form of shared storage. Which makes them even less "isolated" but more redundant.
This reads more like he just wanted to show off that he calls blade servers "dense isolation".
So is it better to have a bunch of isolated servers which reduces the VM domino effect in exchange for increased hardware maintenance? Or just a few massive servers and be ready for the 4 am call to replace a CPU at any given moment?
VM is not magic. Also look into "fail over".
If you have to be called in to replace a CPU at 4 am then you have not planned correctly.
One hope is that the patents look good to the prospective employer on a resume, but I don't want them to take the existing IP for granted as part of the deal.
If it is not part of the deal then leave it off your resume.
My question is, how should I treat licensing of the patent as a topic with respect to the topic of my employment?
I think you are confusing two different situations in an interview situation.
1. You working for a company.
2. A company licensing your patents.
Leave the patents out of the process at this point.
The summary also seems to have left off the critically important TIMELINE.
The "weapons" that were "found" were manufactured and abandoned in the FIRST Gulf War. Back when Bush SENIOR was the President of the USofA.
So the troops in the SECOND Gulf War (Bush Junior) were being exposed to hazardous chemicals that were 10+ years old. THAT is what is/was being covered up. Our troops were working in/around hazardous waste disposal sites WITHOUT proper equipment or training or supervision or follow-up.
There are not any "WMD" being "found" in Iraq now. It's hazardous WASTE.
ISIS (stupid name) does not have "chemical weapons" from that. They have chemical waste that is a health hazard. No GA, GB, GD, VX, or anything like that.
You cannot boycott them while they still control the last mile (the connection to your house).
In order to take that control from them, people have to be willing to vote to have their local government install/maintain/tax a local network as part of the infrastructure.
Then the local government can lease connectivity to whomever wants to offer Internet service. If Comcast is charging extra for a service you want then you can go with a different option.
The core problem is that security has many different approaches.
A password manager is great... as long as it is available to you on all the devices that you use to login from. Which makes it vulnerable to being cracked when one of those devices is cracked.
And that isn't even addressing things like the recent rash of credit card cracks being reported. Even if you keep YOUR password secured the attackers can still attack the system when you use the secure information.
Instead, the focus should be on the knowledge that you will, eventually, be cracked. At least partially. So be prepared to mitigate the damage done at that point.
Too many people have too much access to your information without the personal incentive to keep it secure. Or the knowledge of how to secure it. Password managers are an improvement in many scenarios. But so is writing your passwords in a book that you keep at home.
In a pinch, yes a troll will go after your default WASP male. I once saw a troll reduced to attacking someone for being Canadian. (!)
Or Jewish. Or gay. Or black. Or of a different political party. Or with a different opinion on a subject.
"Trolls" (they aren't trolls, they're ass-holes) will attack anyone for anything that the ass-holes do not approve of.
Anything.
The ass-holes are not attacking women because the ass-holes are misogynists. The ass-holes are attacking because that is what ass-holes do. Their attacks are phrased in misogynistic terms because the target is a woman.
Slashdot Mirror
That would work.
And I think that the summary kind of misses the point of what "air-gapped" means. It does NOT mean that your system is invulnerable. No system is invulnerable.
It DOES mean that it can ONLY be attacked by someone with physical access to it. Or someone with control of the hardware manufacturing / transportation channels prior to the computer being installed in the secure location. So you're removing potential channels of attack AND reducing the number of potential attackers.
Now you need metal detectors at the entrances. And "no lone zones" where EVERYONE is accompanied by someone else. Depending upon the level of security that you want.
Installing via the command line is nice. But it isn't what I want.
I want a package system that locks the files down so that package X owns abc.dll and will not allow package Y to overwrite it.
And searchable. What package installed abc.dll? What packages depend upon that package?
No. The best solution, as I have stated, is to have the books needed to pass the standardized tests.
And that is the problem. By donating the iPads, Apple gets a tax write-off and the schools end up with broken/stolen tech that ate up resources.
a. Apple could pay their taxes and the government could use that money to buy those books.
b. Apple could donate those books INSTEAD of the iPads.
c. Apple could donate a portion of the proceeds of selling those iPads.
Why isn't Apple working on getting the books that would cost a lot LESS than those iPads? Because Apple is looking out for Apple. And using those kids as PR.
I've just given you three scenarios that would be better.
You are the one claiming that Apple's only option is to donate iPads.
An iPad probably has a bit higher black-market value than a textbook on High School chemistry.
And cannot take the same amount of accidental water damage.
Or accidental falling damage.
And requires more infrastructure and support to maintain it.
Meanwhile, the poorest schools cannot afford the books that are written for the standardized tests that those students have to pass. /. for some reason.
https://www.google.com/#q=underprivileged+schools+textbooks+standardized+testing
Choose the "Why Poor Schools Can't Win at Standardized Testing" link. They're blocking links from
First off, I'm amazed that none of them have stolen. I'd have expected at least a few thefts before the criminals realized that they could not be used/re-sold.
Secondly, that's more infrastructure that needs to be maintained and secured. With associated training as the staff changes jobs.
It isn't just the tech. It's the day-to-day support and the annual contracts and such. It's happened before and it looks like it will happen again.
http://slashdot.org/story/07/06/24/1316249/schools-out-forever-at-sv-high-tech-high
And teachers.
If you really have to deploy technology then make it something like a Raspberry Pi. Low theft risk. Easy replacement. And $750 million will buy a lot of them AND books, paper, pencils, teachers, etc.
Wasn't there a recent story about how some schools could not afford the text books with the answers that went with the standardized tests?
This will just make them attractive targets for theft.
Not to mention the replacement/repair costs as they get damaged over the school year.
Yes, they can legally promise that (it is not illegal to say that they promise that).
No, their service is not legally bound by that promise forever. There are many instances and eventualities that could change it. And probably will if they get sufficient market share.
So the software is "commercial" but also "proprietary to a government agency" that cannot be identified.
I think that she does not understand the meaning of the words she is using.
But I also think that our government probably was spying on her. And lots of other people. Just not in the way she describes it.
You might want to compare the limits of freedom for individuals in both countries.
And then look at "Totalitarianism" and "Authoritarianism" in addition to "Socialism" and "Capitalism".
European Democracies tend toward Socialism without the "pinko" label.
Or, to put it another way, who ran against China's current President in the last election and how many votes did s/he get from the public?
I think I'm agreeing with you.
Yup! But that "Facebook warrior" would probably have a different MOS.
https://en.wikipedia.org/wiki/United_States_military_occupation_code
But the "Facebook warrior" who will never be deployed and will never see actual combat would be a GS-something.
https://en.wikipedia.org/wiki/General_Schedule_(US_civil_service_pay_scale)
The problem (IMO) is with the military officers trying to bulk up their careers by being associated with a new division or whatever. No matter how bad the idea is or how much it hurts morale.
I got out in 1990 after serving for 7 years.
So that the other people in your unit know that they can depend upon you to perform the physical requirements of being in a war zone.
And I agree with that. 100%. Dr. Hawking wouldn't be physically able to serve (even if he wanted to). But you would want him working on your side.
I prefer to substitute "Facebook" for "cyber" in these articles. It puts them in perspective.
But that isn't the question. The question is whether these "Facebook warriors" will ever be deployed to a war zone.
If yes, then they need to meet the physical requirements the same as every other soldier.
If no, then hire them as civilians. Skip Basic and AIT and everything else. Classify them along with all the other GS-whatevers.
Not only that but if they change the physical requirements it's going to have a lot of repercussions.
First off, Basic Training. Is there going to be a "cyber warrior only" camp for that?
Secondly, promotions. Will the promotion points for Physical Training be altered for "cyber warriors"?
Also, you have to pass Physical Training tests every year to stay in. Will the guy who cooks the food the "cyber warrior" eats be held to a higher physical standard than the "cyber warrior" is?
I'm thinking that Lt. Col. Sharlene Pigg does not understand anything about morale or esprit de corps.
Good luck with your Midichlorian count.
Or is he Orthodox Jedi? I think they reject the prequels as heresy.
Or is that Reformed Jedi?
The important part is that we are NOT seeing such rapid changes amongst the PREDATOR population. So this is not unusual at all.
The lizards that are not sticky enough to climb out of reach of the predators are the lizards that get eaten by the predators.
Possibly. Although the same can be said of every other economic and political system as well. Which is a bit of a problem. People are messy. And each person has his/her own priorities and beliefs and weirdness.
Just because someone exercises critical thinking does not mean that that person will come to the same conclusions that you have. They probably aren't starting with the same objectives as you.
Which is why companies DO NOT WANT real critical thinking skills.
They want people who think like they do and who come to the same conclusions that they do based upon the same information that they have.
And even without the law it seems fairly simple.
You do not INTENTIONALLY break equipment that you do not own. You do not do that. No matter how you feel about that equipment. Particularly when the person who now owns said equipment has no idea that there is a problem.
And I'd be wary of any company that could not understand that.
Protestors should be able to protest WITHOUT the police using either lethal or non-lethal weapons against them.
Except that you are not doing that.
You are providing the police with pain-compliance (aka "torture") devices.
And as can be seen in many news reports, once the police/government has them, they will use them. And that use will not be INSTEAD of more lethal options. They will be used when the victims do not IMMEDIATELY follow the orders of the police. Even if those orders are illegal to begin with.
Those weapons will be treated as a "force multiplier". Not as a preferred option over lethal force.
I agree. A better habit is setting up and using SSH.
Not only that but "defense in depth". Do NOT rely upon your perimeter defenses to stop all attacks. It only takes one person with a compromised laptop and you're cracked.
SSH can be set up the same.
Until it is compromised.
Remember, in defense you have to be right on everything all the time. An attacker can just stumble into something you missed. Like someone's laptop that was brought in when it should not have been.
Nor are they "isolated". All of the blades connect to the same backplane.
And moving VM's between individual blades is a hassle unless you use some form of shared storage. Which makes them even less "isolated" but more redundant.
This reads more like he just wanted to show off that he calls blade servers "dense isolation".
VM is not magic. Also look into "fail over".
If you have to be called in to replace a CPU at 4 am then you have not planned correctly.
If it is not part of the deal then leave it off your resume.
I think you are confusing two different situations in an interview situation.
1. You working for a company.
2. A company licensing your patents.
Leave the patents out of the process at this point.
The summary also seems to have left off the critically important TIMELINE.
The "weapons" that were "found" were manufactured and abandoned in the FIRST Gulf War. Back when Bush SENIOR was the President of the USofA.
So the troops in the SECOND Gulf War (Bush Junior) were being exposed to hazardous chemicals that were 10+ years old. THAT is what is/was being covered up. Our troops were working in/around hazardous waste disposal sites WITHOUT proper equipment or training or supervision or follow-up.
There are not any "WMD" being "found" in Iraq now. It's hazardous WASTE.
ISIS (stupid name) does not have "chemical weapons" from that. They have chemical waste that is a health hazard. No GA, GB, GD, VX, or anything like that.
You cannot boycott them while they still control the last mile (the connection to your house).
In order to take that control from them, people have to be willing to vote to have their local government install/maintain/tax a local network as part of the infrastructure.
Then the local government can lease connectivity to whomever wants to offer Internet service. If Comcast is charging extra for a service you want then you can go with a different option.
The core problem is that security has many different approaches.
A password manager is great ... as long as it is available to you on all the devices that you use to login from. Which makes it vulnerable to being cracked when one of those devices is cracked.
And that isn't even addressing things like the recent rash of credit card cracks being reported. Even if you keep YOUR password secured the attackers can still attack the system when you use the secure information.
Instead, the focus should be on the knowledge that you will, eventually, be cracked. At least partially. So be prepared to mitigate the damage done at that point.
Too many people have too much access to your information without the personal incentive to keep it secure. Or the knowledge of how to secure it. Password managers are an improvement in many scenarios. But so is writing your passwords in a book that you keep at home.
Or Jewish. Or gay. Or black. Or of a different political party. Or with a different opinion on a subject.
"Trolls" (they aren't trolls, they're ass-holes) will attack anyone for anything that the ass-holes do not approve of.
Anything.
The ass-holes are not attacking women because the ass-holes are misogynists. The ass-holes are attacking because that is what ass-holes do. Their attacks are phrased in misogynistic terms because the target is a woman.