All it takes is 5 or so cars driving slower than the speed of traffic(ie staying exactly at the speed limit while the morons who forgot to take a piss before they got in the car try to go faster) and a crowd or arseholes who think they know better trying to beat everyone else by weaving in and out of traffic and generally acting like arseholes on the road to to cause a traffic jam for hours.
Where did I say pen testing proves a negative? I said that if you do a full pen test and find very few problems or don't find any then it's provides a decent indicator that there's probably very few holes. It most certainly does not prove that there are no holes but that's impossible whatever approach you take.
It is perfectly good as a metric to indicate how successful the system wide security strategy has been given enough time and a competent pen testing team.
only a few people need to go at a sane speed and it forces those behind them to slow down too. (of course then they try to overtake in stupid situations but until we get them fitted with shock collars idiots will always do idiotic things.)
This does explain the sudden rise in the number of times that bullshit term "cyberwar" has been turning up in headlines.
Oh and those designed-to-fail excercises where they put a few doddering old politicians in a room and had them defend against a fictional cyberattack which they of course couldn't handle.
They've got to pretend there's a real war/threat to get people to hand over power.
being able to sit my laptop on the counter without worrying about tripping over a cable is worth more than the crazy demands of a delusional hypochondriac. Good neighbours put up their own EM shielding when they suffer from imaginary conditions.
Oh I didn't say it was useless. My point is that pen testing doesn't secure your system. It only provides feedback as to how secure your system really is within a reasonable margin of error.
If you test a system and find a hundred holes and hand over a neat list and they diligently go away and fix all the holes you found then their system is only marginally more secure than it was before. The systematic failures that lead to the problems being there in the first place are still there making more problems. The same crappy code is still there with a few patches.
On the other hand if you do a full pen test and find no security holes or only a few minor ones then that's a decent indication that there are very few there at all.
Pen testing is a fine way to test and be able to say "this system probably has very few problems" or "this system is utterly riddled with faults" but pen testing is an awful way to actually secure your system.
At best pen testing can show blinkered managers that they need to pay some attention to security and in that one case may help to actually improve security.
it's because they want to be able to sell data recovery services.
That and it's a genuine concern in business- apparently when they ask "what if I forget my password" the answer "then you try to remember it or your data is gone" isn't acceptable.
well they'll be poor drug companies in a few years when their current patents run out then.
No drug companies target the genes I discovered for treatments. After all, that'd start a race and no drug company can afford to get into a race.
Really? Drug companies aren't interested in potentially lucrative drug patents? By that logic they'd never fund your research to find the genetic cause of some untreatable disease since they'd be in a race with other companies to locate those genes and patent them. Which is complete bullshit.
Drug companies are always in a race, this just moves the starting line a little further along and allows more people take part.
nobody offed themselves in my school either but it's not exactly happening every day in every school. The point was that it didn't get shouted about as much.
Nobody ever brought a gun into my school when I was there either.
church funeral=catholic church, used to be suicide was considered a mortal sin (murdering yourself) and a crime against god hence no church burial.
For reference I was in high-school when columbine happened so the world isn't all that different even if the news tries to convince us that everything is so much more dangerous now.
once the treaty is signed there is pressure to pass laws to bring the countries laws into line with the treaty. Once that's done with if you "decide to present a DVD to my class, or make a photocopy of a book, for educative purposes" then you most certainly can be arrested or fined.
it's not a legal loophole. If I'm a publisher and I only print half of some book and sell it without permission from the copyright holder I'm still fucking with their copyright. Yes yes 1 bit is not infringement but 20 pages certainly is and if I'm getting a book off bittorrent chances are I'll upload a decent portion of the book while I'm downloading it.
It's the same silliness where people claim it isn't infringing if you send someone an encrypted copyrighted work since without the password it's useless. etc etc etc.
even at that I'm wondering if 2 or 3 very competent coder and a handful of competent lawyers/accountants could get that done in a fraction of the time. Projects get tied up in cruft but by that point the guys in charge are afraid to just turn around and say "the code is crap, we made mistakes early on and we're never going to get this done. the only way is to start again and do it right." because that's admitting failure.
I guess I'm far more concerned that people won't get a choice. Some of the other replies above have been interesting- one guy who wouldn't like to be made normal but knows his parents would have jumped at it if they could. Another who suffered from extremely severe ADD all his life and now his son has something similar. His wife would jump at applying any cure to their son while he would not.
I agree denying people a cure for the sake of society is a bad road but at the same time so is forcing cures on people before they can decide themselves.
in any case with the colour blindness it's not much of an issue but merely a harbinger of what may be possible soon.
You make a convincing argument. I guess my main concern is that this could lead to the choices being taken away from people. Not so much that someone chooses but more that others will make the choices for them before they can decide themselves.
Oh I'm not saying we shouldn't cure people of nasty conditions. I'm just making the point that just offering a choice may not give the best outcome and there may develop a tendency to normalize everyone at birth or as children with no choices given.
When you're young almost everyone wants to be "normal". When you're older you sometimes value the things which make you different more.
I think Arthur C Clark touched on this in one of his books.
If you have the ability to "correct" aberrations could there be fallout? If you could "fix" high functioning autistic so that they could be completely normal what kind of effect might that have on scientific fields which attract such people? What happens when you fix the obsessives so that instead of spending their evenings trying to solve theorems they go out and socialize? If you ask a teenager, who struggles to deal with people and is quite unhappy about not being normal, if he wants to be made normal- chances are he'll jump at it. Ask the same person 30 years later when his unusual brain structure or different ways of thinking about things or approaching problems has allowed him to become highly respected or wealthy and you may get a different answer.
Look at the best and the brightest in almost any field and you'll find people who aren't normal. People who by certain measures could be considered to have various things wrong with them. If they had been given the option to be "fixed" the world might be a far poorer place.
Slashdot Mirror
All it takes is 5 or so cars driving slower than the speed of traffic(ie staying exactly at the speed limit while the morons who forgot to take a piss before they got in the car try to go faster) and a crowd or arseholes who think they know better trying to beat everyone else by weaving in and out of traffic and generally acting like arseholes on the road to to cause a traffic jam for hours.
yes?
and?
Where did I say pen testing proves a negative?
I said that if you do a full pen test and find very few problems or don't find any then it's provides a decent indicator that there's probably very few holes.
It most certainly does not prove that there are no holes but that's impossible whatever approach you take.
It is perfectly good as a metric to indicate how successful the system wide security strategy has been given enough time and a competent pen testing team.
http://xkcd.com/705/
but you said you felt it as you walked up the stairs.
Do you feel it when you go up the stairs or only when you have been exposed to it continuously for a long time now?
only a few people need to go at a sane speed and it forces those behind them to slow down too.
(of course then they try to overtake in stupid situations but until we get them fitted with shock collars idiots will always do idiotic things.)
You really think darknets will remain legal much longer?
I cannot think of a single situation where pressing the kill switch is less damaging than not pressing it
if you really can detect EM radiation from the phone base stations then I'd be interested to see you in a controlled trial-
you spend an evening in a room, whenever you feel bad/get a nasty sensation press a button.
At the end of the evening the times when you indicated you felt something and the times when they turned on the EM transmitter can be compared.
very easy to double blind.
This does explain the sudden rise in the number of times that bullshit term "cyberwar" has been turning up in headlines.
Oh and those designed-to-fail excercises where they put a few doddering old politicians in a room and had them defend against a fictional cyberattack which they of course couldn't handle.
They've got to pretend there's a real war/threat to get people to hand over power.
Meet the new boss, same as the old boss.
being able to sit my laptop on the counter without worrying about tripping over a cable is worth more than the crazy demands of a delusional hypochondriac.
Good neighbours put up their own EM shielding when they suffer from imaginary conditions.
no no.
You can cut down your cherry tree.
Oh I didn't say it was useless.
My point is that pen testing doesn't secure your system.
It only provides feedback as to how secure your system really is within a reasonable margin of error.
If you test a system and find a hundred holes and hand over a neat list and they diligently go away and fix all the holes you found then their system is only marginally more secure than it was before.
The systematic failures that lead to the problems being there in the first place are still there making more problems.
The same crappy code is still there with a few patches.
On the other hand if you do a full pen test and find no security holes or only a few minor ones then that's a decent indication that there are very few there at all.
Pen testing is a fine way to test and be able to say "this system probably has very few problems" or "this system is utterly riddled with faults" but pen testing is an awful way to actually secure your system.
At best pen testing can show blinkered managers that they need to pay some attention to security and in that one case may help to actually improve security.
Nah, it still makes for a nice spectacle and PR piece.
In reality the only use for pen testing is as a metric.
it's because they want to be able to sell data recovery services.
That and it's a genuine concern in business- apparently when they ask "what if I forget my password" the answer "then you try to remember it or your data is gone" isn't acceptable.
and no drug company can afford to get into a race
well they'll be poor drug companies in a few years when their current patents run out then.
No drug companies target the genes I discovered for treatments. After all, that'd start a race and no drug company can afford to get into a race.
Really?
Drug companies aren't interested in potentially lucrative drug patents?
By that logic they'd never fund your research to find the genetic cause of some untreatable disease since they'd be in a race with other companies to locate those genes and patent them.
Which is complete bullshit.
Drug companies are always in a race, this just moves the starting line a little further along and allows more people take part.
nobody offed themselves in my school either but it's not exactly happening every day in every school.
The point was that it didn't get shouted about as much.
Nobody ever brought a gun into my school when I was there either.
church funeral=catholic church, used to be suicide was considered a mortal sin (murdering yourself) and a crime against god hence no church burial.
For reference I was in high-school when columbine happened so the world isn't all that different even if the news tries to convince us that everything is so much more dangerous now.
twitter vs the bathroom wall
same difference.
you missed one of the steps.
once the treaty is signed there is pressure to pass laws to bring the countries laws into line with the treaty.
Once that's done with if you "decide to present a DVD to my class, or make a photocopy of a book, for educative purposes" then you most certainly can be arrested or fined.
it's not a legal loophole.
If I'm a publisher and I only print half of some book and sell it without permission from the copyright holder I'm still fucking with their copyright.
Yes yes 1 bit is not infringement but 20 pages certainly is and if I'm getting a book off bittorrent chances are I'll upload a decent portion of the book while I'm downloading it.
It's the same silliness where people claim it isn't infringing if you send someone an encrypted copyrighted work since without the password it's useless. etc etc etc.
even at that I'm wondering if 2 or 3 very competent coder and a handful of competent lawyers/accountants could get that done in a fraction of the time.
Projects get tied up in cruft but by that point the guys in charge are afraid to just turn around and say "the code is crap, we made mistakes early on and we're never going to get this done. the only way is to start again and do it right." because that's admitting failure.
I guess I'm far more concerned that people won't get a choice.
Some of the other replies above have been interesting- one guy who wouldn't like to be made normal but knows his parents would have jumped at it if they could.
Another who suffered from extremely severe ADD all his life and now his son has something similar.
His wife would jump at applying any cure to their son while he would not.
I agree denying people a cure for the sake of society is a bad road but at the same time so is forcing cures on people before they can decide themselves.
in any case with the colour blindness it's not much of an issue but merely a harbinger of what may be possible soon.
You make a convincing argument.
I guess my main concern is that this could lead to the choices being taken away from people.
Not so much that someone chooses but more that others will make the choices for them before they can decide themselves.
Oh I'm not saying we shouldn't cure people of nasty conditions.
I'm just making the point that just offering a choice may not give the best outcome and there may develop a tendency to normalize everyone at birth or as children with no choices given.
When you're young almost everyone wants to be "normal".
When you're older you sometimes value the things which make you different more.
1:Pirates are a tiny tiny part of the potential market.
2:The vast majority of the time DRM is broken extremely fast.
But yes.
Companies do make extra money due to DRM.
It's true!
They make extra money by screwing over people who want to sell their property second hand.
I think Arthur C Clark touched on this in one of his books.
If you have the ability to "correct" aberrations could there be fallout?
If you could "fix" high functioning autistic so that they could be completely normal what kind of effect might that have on scientific fields which attract such people?
What happens when you fix the obsessives so that instead of spending their evenings trying to solve theorems they go out and socialize?
If you ask a teenager, who struggles to deal with people and is quite unhappy about not being normal, if he wants to be made normal- chances are he'll jump at it.
Ask the same person 30 years later when his unusual brain structure or different ways of thinking about things or approaching problems has allowed him to become highly respected or wealthy and you may get a different answer.
Look at the best and the brightest in almost any field and you'll find people who aren't normal.
People who by certain measures could be considered to have various things wrong with them.
If they had been given the option to be "fixed" the world might be a far poorer place.