Here in the USofA we've had similar issues where the local governments have given tax dollars to private ISP's for the promise of wiring a given area. AND those private ISP's were also given monopolies for those areas.
So now any new, private ISP has to pay more (no tax dollars now) to lay down duplicate infrastructure.
And the ISP's who were given the money in the first place didn't finish the job and now refuse to update their equipment.
That's why I'd be happy to pay more taxes for a government provided infrastructure that ANY private/public ISP can lease space on.
Initially for Internet access. After that, if the media conglomerates want part of it then they can lease space as well.
Technologically, in my opinion, that would be best. Let the media conglomerates figure out the best way to get their media to the governmental site and then they'll have fiber connections to their customers.
I would pay taxes for the local government to lay fiber to each house. And terminate them at a government owned facility.
Then, let the various ISP's compete on price / service / etc for who will get my fees for Internet connectivity.
The government then charges a co-location fee from the ISP's who want to participate. To cover the heating / AC / physical security / etc costs of that facility. With a very slight (5%?) overage to cover updates/upgrades.
I agree with all of your specifications. And I'd like to add some form of networking and a gigabit Ethernet connection to them.
BUT!!!
How about thinking of different scenarios that you'd like supported by this?
1. Sitting in front of a TV (directly attached box) and watching a [DVD / Blu-ray / laser disc / other disc media]. (probably via external device and converter cable or whatever)
2. Sitting in front of a TV (directly attached box) and watching a streaming video from [Netflix / Amazon / Hulu / etc].
3. Sitting in front of a TV (directly attached box) and watching a video from REMOVABLE storage attached to the box.
4. Sitting in front of a TV (directly attached box) and watching a video from a network accessible drive [samba / NFS / etc].
5. Sitting in front of a TV (directly attached box) and watching a video that is being streamed from an [iPhone / iPad / Android phone / etc].
6 - 9. See 1-4 above but the box streams the video so I can watch via [iPhone / iPad / Android phone / etc] in a different room.
10. [PVR / DVR] functionality.
Any other scenarios that people would like? Might as well get EVERYTHING onto the wish list.
Lister: Sometimes, I think it's cruel giving machines a personality. My mate Petersen once bought a pair of shoes with Artificial Intelligence. 'Smart Shoes' they were called. It was a neat idea. No matter how blind drunk you were, they could always get you home. But he got rattled one night in Oslo and woke up the next morning in Burma. You see, his shoes got bored going from his local to his flat. They wanted to see the world, you know. He had a hell of a job getting rid of them. No matter who he sold them to, they'd show up again the next day. He tried to shut them out, but they just kicked the door down. Rimmer: Is this true? Lister: Yeah. The last thing I heard, they sort of... robbed a car and drove it into a canal. They couldn't steer, you see. Rimmer: Really? Lister: Yeah. Petersen was really, really blown away about it. He went to see a priest. The priest told him... he said it was alright and all that, when shoes are happy that they'd get into heaven. You see, it turns out shoes have 'soles'. Rimmer: Ah, what a sad story. Wait a minute. [Thinks for a minute] Rimmer: How did they open the car door?
First off though, who is Ramez Naam and why should I care what his opinion is?
Secondly, "freedom" has never been evenly spread in the USofA. So while some of us are less free now, others have seen a net increase in their freedoms.
Anyway, from the summary:
Naam also explains that the technological advances allowing the bulk collection of personal data also provide us with cheap and easy means to fight government overreach.
He might want to look up Snowden and Manning.
You can "fight" but it is more likely that you will end up in jail than anyone doing the spying on behalf of the government will.
If your passwords are in your wallet, and your wallet is missing, how do you change your passwords?
If they're in your wallet then they're work passwords. So you contact the other admin and have her change your passwords.
And, you still need to have a list of all the accounts which have passwords somewhere, so you know what needs to be changed.
And for work this should be documented already. Along with reset procedures and contact numbers.
For home, having them stolen is less of a risk. But you can always keep a copy (encrypted or not) with someone else in your family or a trusted friend or a safety deposit box. You're probably more at risk of them being destroyed in a fire or something. So treat them the same as any other important document.
And you might also want to keep a few additional passwords on that piece of paper. For those circumstances where you're suddenly required to have a new one (X characters, Y capitals, Z numerals) for a new application or whatever. Always nice to have one ready instead of trying to think one up on the spot.
My first question would be... how are we sure that Iran did this?
The second question would be how did whomever do it? We've heard about how the NSA/CIA/etc are stockpiling zero-day exploits. Stockpiling them instead of helping the vendors fix them. So were our systems cracked by an enemy using an exploit that we knew of?
The point of this is that you don't need to look at it.
Watch the video. You do need to look at it.
Essentially, it is attempting to replace analog controls with virtual controls and it gets them wrong. With analog controls you can have force-feedback to let you know when you've clicked over to a new setting.
With this, you have to look.
Not to mention that their example iPad is larger than all of the entertainment/environmental controls already in my car. I'm not willing to give up that much real estate. And I don't see how it would work on a smaller screen.
For the same reasons you won't find real hackers in the police force, you won't find them anytime soon in the military either.
The first problem is that their recruitment/training policies aren't designed for that.
Stephen Hawking would have difficult time being accepted to any military academy.
I do believe NSA have some serious badboys working for them however, but these are probably semi-skilled hackers who bragged too much, made a few mistakes - and are held captive by their own past.
The NSA does not discriminate on whether you can pass a physical fitness test. Stephen Hawking, were he so inclined, would probably at least get an interview there.
It's not that you cannot have a physically fit hacker. They do exist.
But when the recruitment criteria STARTS with physical capabilities, then you have problems because you're reducing the pool of applicants on the WRONG criteria.
While not mutually exclusive, they are not convergent in training.
So you cannot, usually, take the average military academy cadet and include some programming classes and some network security classes and expect to get an officer who is competent in computer security.
The exceptions being those cadets who were already programming while they were in high school (or earlier).
The problem with those early programmers is that they were immature kids back then so many of them will be excluded from the academies because of broken laws or group associations.
I see it as one of those instances where company X spends millions of dollars for company Y... and 5 years later sells it off for thousands of dollars (or just closes it).
It's a stupid move and I'm betting that someone knows or is related to someone else who will be taking a big chunk of that money.
Commonly, what is meant is a relatively gentle inside joke by veteran users, presenting questions or topics that had been so overdone that only a new user would respond to them earnestly. For example, a veteran of the group might make a post on the common misconception that glass flows over time. Long-time readers would both recognize the poster's name and know that the topic had been discussed a lot, but new subscribers to the group would not realize, and would thus respond.
Or the somewhat related...
Others expanded the term to include the practice of playing a seriously misinformed or deluded user, even in newsgroups where one was not a regular; these were often attempts at humor rather than provocation. In such contexts, the noun troll usually referred to an act of trolling â" or to the resulting discussion â" rather than to the author.
Is it really "trolling" if two (or more) jerkasses keep posting insults at each other?
I think the point was about people who TALK about how much work they do but only put in 40 hours a week (hold on to comments about that "only").
Essentially those people are doing PR for the 60 hour week that the other people are putting in.
So not only do you have to convince management that more workers are needed BUT you also have to convince management that you aren't the problem because Bob says he's working all the time but he's not complaining like you are.
I wonder if this study even bothered to define the term, and if so, if it's a measurable definition.
Not that I have seen in TFA.
Not to mention that the term "troll" now has at least two sub-categories. a. concern troll
b. tone troll
And, generally speaking, what it really means is "someone who says something that I don't like."
I wish I had mod points. That is particularly relevant in social issues.
If you post about your political beliefs (honestly held) in a forum you tend to end up either in an echo chamber (most other people hold the same or similar beliefs) or labelled a "troll" (most other people hold opposing beliefs).
Before anyone misunderstands... yes, it is possible to troll people based upon their political beliefs. But that isn't the point.
Wouldn't some big company like Target have someone on staff who knows how to firewall off a network just for the HVAC? Huh? Huh?
They probably have several people who can do that. It requires some expertise but not a lot.
I can do that. And I still push for a completely separate Internet connection.
Because once it is on the corporate network it becomes very easy to make mistakes. People think they know more than they really do. Or that they understand the situation when they do not. And the processes that can be put in place to catch those mistakes require additional expertise.
ALWAYS design the network so that the next admin will not have to be as smart as you or as experienced as you or as knowledgeable as you.
Two things: 1. It's not that they need access to the CORPORATE network. It's that they need access to the INTERNET so that the machinery can report back to the vendor when something starts to go wrong. That's usually in the service agreement. The sooner detected the sooner fixed without problem.
2. For managers who like to look at stuff. There is usually an internal web server on the HVAC. You go there and it displays things like the temp and the humidity and blah blah blah.
Thus, dumb managers (I've dealt with them) want them on the corporate network. It's easier for everyone.* Including the crackers who are looking for these exact vulnerabilities.
*Security people are not included in this definition of "everyone" in this case.
and then some cost cutting cutting yoho says why does the HVAC need it's own network cabling and or DSL/cable line?
At which point you move to a different job. If they're that concerned about the cost of a local ISP connection then they're going to be making other bad decisions. Consider that to be the "canary in a coalmine" signal.
I know, it sucks. But if you're having to fight for basics such as that then take your skills to someone who will appreciate them.
And when they ask you why you want to leave your old job give them the code phrase "it seems like a good time to pursue future options with your company".
Then they may have a few fixed passwords / login's that they need to give out to all the people in the field it's much easier to have fixed one then giving each field tech own log in's that they may not even need day to day or even working at target all the time.
So they get their own network that does not touch the production network.
Probably just a *DSL/cable from a local ISP.
With a firewall that you control. Heavily locked down. No need for them to hit Facebook from the HVAC, is there? No need for inbound access from 99.9% of the IP addresses out there, is there?
Then paint it and label it and make sure no one else can touch it. Use super-glue on the ports.
Slashdot Mirror
Here in the USofA we've had similar issues where the local governments have given tax dollars to private ISP's for the promise of wiring a given area. AND those private ISP's were also given monopolies for those areas.
So now any new, private ISP has to pay more (no tax dollars now) to lay down duplicate infrastructure.
And the ISP's who were given the money in the first place didn't finish the job and now refuse to update their equipment.
That's why I'd be happy to pay more taxes for a government provided infrastructure that ANY private/public ISP can lease space on.
Initially for Internet access. After that, if the media conglomerates want part of it then they can lease space as well.
Technologically, in my opinion, that would be best. Let the media conglomerates figure out the best way to get their media to the governmental site and then they'll have fiber connections to their customers.
I would pay taxes for the local government to lay fiber to each house. And terminate them at a government owned facility.
Then, let the various ISP's compete on price / service / etc for who will get my fees for Internet connectivity.
The government then charges a co-location fee from the ISP's who want to participate. To cover the heating / AC / physical security / etc costs of that facility. With a very slight (5%?) overage to cover updates/upgrades.
I agree with all of your specifications. And I'd like to add some form of networking and a gigabit Ethernet connection to them.
BUT!!!
How about thinking of different scenarios that you'd like supported by this?
1. Sitting in front of a TV (directly attached box) and watching a [DVD / Blu-ray / laser disc / other disc media]. (probably via external device and converter cable or whatever)
2. Sitting in front of a TV (directly attached box) and watching a streaming video from [Netflix / Amazon / Hulu / etc].
3. Sitting in front of a TV (directly attached box) and watching a video from REMOVABLE storage attached to the box.
4. Sitting in front of a TV (directly attached box) and watching a video from a network accessible drive [samba / NFS / etc].
5. Sitting in front of a TV (directly attached box) and watching a video that is being streamed from an [iPhone / iPad / Android phone / etc].
6 - 9. See 1-4 above but the box streams the video so I can watch via [iPhone / iPad / Android phone / etc] in a different room.
10. [PVR / DVR] functionality.
Any other scenarios that people would like? Might as well get EVERYTHING onto the wish list.
Two reasons.
1. Comcast advertises "up to" X bandwidth. But does not guarantee any specific speed.
2. Comcast can show that you can get "up to" X bandwidth on the local segment. Just not across peering points.
This is another reason that the Time Warner/Comcast merge cannot be allowed to happen.
Lister: Sometimes, I think it's cruel giving machines a personality. My mate Petersen once bought a pair of shoes with Artificial Intelligence. 'Smart Shoes' they were called. It was a neat idea. No matter how blind drunk you were, they could always get you home. But he got rattled one night in Oslo and woke up the next morning in Burma. You see, his shoes got bored going from his local to his flat. They wanted to see the world, you know. He had a hell of a job getting rid of them. No matter who he sold them to, they'd show up again the next day. He tried to shut them out, but they just kicked the door down.
Rimmer: Is this true?
Lister: Yeah. The last thing I heard, they sort of... robbed a car and drove it into a canal. They couldn't steer, you see.
Rimmer: Really?
Lister: Yeah. Petersen was really, really blown away about it. He went to see a priest. The priest told him... he said it was alright and all that, when shoes are happy that they'd get into heaven. You see, it turns out shoes have 'soles'.
Rimmer: Ah, what a sad story. Wait a minute.
[Thinks for a minute]
Rimmer: How did they open the car door?
First off though, who is Ramez Naam and why should I care what his opinion is?
Secondly, "freedom" has never been evenly spread in the USofA. So while some of us are less free now, others have seen a net increase in their freedoms.
Anyway, from the summary:
He might want to look up Snowden and Manning.
You can "fight" but it is more likely that you will end up in jail than anyone doing the spying on behalf of the government will.
If they're in your wallet then they're work passwords. So you contact the other admin and have her change your passwords.
And for work this should be documented already. Along with reset procedures and contact numbers.
For home, having them stolen is less of a risk. But you can always keep a copy (encrypted or not) with someone else in your family or a trusted friend or a safety deposit box. You're probably more at risk of them being destroyed in a fire or something. So treat them the same as any other important document.
Sounds good.
And you might also want to keep a few additional passwords on that piece of paper. For those circumstances where you're suddenly required to have a new one (X characters, Y capitals, Z numerals) for a new application or whatever. Always nice to have one ready instead of trying to think one up on the spot.
For work, write them down on physical paper and keep them in your physical wallet.
You'll notice if your wallet goes missing.
For home, write them down on physical paper and keep that somewhere safe.
The TSA still has not caught a single terrorist trying to get on a plane.
It's all security theatre.
My first question would be ... how are we sure that Iran did this?
The second question would be how did whomever do it? We've heard about how the NSA/CIA/etc are stockpiling zero-day exploits. Stockpiling them instead of helping the vendors fix them. So were our systems cracked by an enemy using an exploit that we knew of?
Watch the video. You do need to look at it.
Essentially, it is attempting to replace analog controls with virtual controls and it gets them wrong. With analog controls you can have force-feedback to let you know when you've clicked over to a new setting.
With this, you have to look.
Not to mention that their example iPad is larger than all of the entertainment/environmental controls already in my car. I'm not willing to give up that much real estate. And I don't see how it would work on a smaller screen.
I have an abacus and a car.
Fear my part-human/part-abacus/part-automobile wrath!
And someone riding a horse is not the same thing as a centaur.
The first problem is that their recruitment/training policies aren't designed for that.
Stephen Hawking would have difficult time being accepted to any military academy.
The NSA does not discriminate on whether you can pass a physical fitness test. Stephen Hawking, were he so inclined, would probably at least get an interview there.
It's not that you cannot have a physically fit hacker. They do exist.
But when the recruitment criteria STARTS with physical capabilities, then you have problems because you're reducing the pool of applicants on the WRONG criteria.
They didn't start "in diapers". They are the ones that have put a couple thousand hours in already.
I think that the easiest counter to that is the Linux kernel and the people who have been working on that for more than a two decades.
There is no way that someone with "a few months" of classes is anywhere near Linus (or the rest) in terms of skill.
There is something to be said for an "expert" being someone who has done something for 10,000 hours.
While not mutually exclusive, they are not convergent in training.
So you cannot, usually, take the average military academy cadet and include some programming classes and some network security classes and expect to get an officer who is competent in computer security.
The exceptions being those cadets who were already programming while they were in high school (or earlier).
The problem with those early programmers is that they were immature kids back then so many of them will be excluded from the academies because of broken laws or group associations.
I see it as one of those instances where company X spends millions of dollars for company Y ... and 5 years later sells it off for thousands of dollars (or just closes it).
It's a stupid move and I'm betting that someone knows or is related to someone else who will be taking a big chunk of that money.
I prefer the usage further down that article.
Or the somewhat related ...
Is it really "trolling" if two (or more) jerkasses keep posting insults at each other?
I think the point was about people who TALK about how much work they do but only put in 40 hours a week (hold on to comments about that "only").
Essentially those people are doing PR for the 60 hour week that the other people are putting in.
So not only do you have to convince management that more workers are needed BUT you also have to convince management that you aren't the problem because Bob says he's working all the time but he's not complaining like you are.
Not that I have seen in TFA.
Not to mention that the term "troll" now has at least two sub-categories.
a. concern troll
b. tone troll
I wish I had mod points. That is particularly relevant in social issues.
If you post about your political beliefs (honestly held) in a forum you tend to end up either in an echo chamber (most other people hold the same or similar beliefs) or labelled a "troll" (most other people hold opposing beliefs).
Before anyone misunderstands ... yes, it is possible to troll people based upon their political beliefs. But that isn't the point.
As is the case with the people who wrote that survey.
They should have included examples of "trolling" to illustrate their points.
a. You post "I like X". Someone follows that with "Only pussies like X." Is that person a "troll"?
b. A new article is posted. The first comment is unrelated to the article and only contains racist/sexist/whatever comments. Is that person a "troll"?
And so forth.
I think that the term "jerkass" applies more than "troll" in those examples.
They probably have several people who can do that. It requires some expertise but not a lot.
I can do that. And I still push for a completely separate Internet connection.
Because once it is on the corporate network it becomes very easy to make mistakes. People think they know more than they really do. Or that they understand the situation when they do not. And the processes that can be put in place to catch those mistakes require additional expertise.
ALWAYS design the network so that the next admin will not have to be as smart as you or as experienced as you or as knowledgeable as you.
*raises hand* ooh! ooh! Pick me! Pick me! Been there! Done that!
Two things:
1. It's not that they need access to the CORPORATE network. It's that they need access to the INTERNET so that the machinery can report back to the vendor when something starts to go wrong. That's usually in the service agreement. The sooner detected the sooner fixed without problem.
2. For managers who like to look at stuff. There is usually an internal web server on the HVAC. You go there and it displays things like the temp and the humidity and blah blah blah.
Thus, dumb managers (I've dealt with them) want them on the corporate network. It's easier for everyone.* Including the crackers who are looking for these exact vulnerabilities.
*Security people are not included in this definition of "everyone" in this case.
At which point you move to a different job. If they're that concerned about the cost of a local ISP connection then they're going to be making other bad decisions. Consider that to be the "canary in a coalmine" signal.
I know, it sucks. But if you're having to fight for basics such as that then take your skills to someone who will appreciate them.
And when they ask you why you want to leave your old job give them the code phrase "it seems like a good time to pursue future options with your company".
They will understand.
So they get their own network that does not touch the production network.
Probably just a *DSL/cable from a local ISP.
With a firewall that you control. Heavily locked down. No need for them to hit Facebook from the HVAC, is there? No need for inbound access from 99.9% of the IP addresses out there, is there?
Then paint it and label it and make sure no one else can touch it. Use super-glue on the ports.