See why wireless can never be secured more than wired can be?
I'm not an idiot, so you don't need to try to explain your point as if I am an idiot. I never make the argument that we should all use wireless. All I said that is people often take the time to secure wireless networks while completely neglecting their wired security, assuming that their physical security is adequate.
This is a naïve approach to security as most people's physical security sucks. It just so happens to leave them in a position where sure, their wireless network is authenticated and encrypted, but their wired network (which can be accessed by a visitor or the cleaning person who works nights) is wide open.
Where do you get the data that validates your statement that people are more likely to properly secure wireless networks than wired networks?
It's admittedly a combination of anecdotal knowledge as well as information from the large networking vendors about what they typically see their clients doing. I'd love there to be a proper study on it, but it's unlikely people are going to admit that their networks are insecure and they know it.
If a company's security is that bad on the wired network, what makes you think they'll magically wise up and properly implement their wireless? I'm guessing "Linksys" and no encryption is just as likely there.
From what I've seen, most companies are scared about the security of wireless so they put more effort into properly securing it, all the while blatantly ignoring the security holes associated with wired networks. I'm not saying this is a good thing, it just seems to be par for the course.
A default SSID and no encryption is a whole different issue and not one I'm speaking about.
So, let me get this straight: People should switch to wireless because they don't securely implement their wired connections, and properly configured wireless connections are more secure than improperly configured wired connections.
That's great except I never said anything about switching to wireless. In my opinion, wired connections are far more useful. I don't know why all the comments to my post are putting words in my mouth. You use words like "proper" and "improper" which is great, but ignores the reality that most companies just leave wired access completely open. It's silly to talk about the insecurity of wireless when wired networks are rarely locked down like they should be.
If you have to make a comparison between two things, but you give one of them a handicap (well secure vs average), and then say the other one is better, that's a poor comparison.
It's not a poor comparison, it's a real world comparison. People are more likely to properly secure wireless networks than wired networks. That's my main point.
Really what you're saying is "Wireless is more secure because it's so insecure at physical layer that we had to implement proper network security"
That's pretty much exactly what I'm saying. People zero in on wireless being insecure, but you can walk in to many, many companies, sit down at an open desk, plug in a laptop and have access to plenty of stuff you shouldn't.
client side certificates do jack BTW. They are easily faked.
You clearly have no idea what you're talking about and you've completely discredited yourself with this statement. How, pray tell, can you fake a client certificate? If you could, the whole premise of secure e-commerce goes out the window. You would have to possess the private key for the root or issuing CA to do this.
as for client side certs there is nothing preventing wired from having this, and in fact a lot of secure installations do. Just because Wireless has some fancy WPA stuff that most people should enable doesn't make it more secure, if anything it's a nice warm blanket for people to have.
Please re-read my original statement. I said "well implemented wireless networks are more secure than the average wired network." I am not arguing that the same security can be applied to wired networks. My point is that it's more likely to be found on wireless networks.
A Hardened Wireless connection will always be less secure then a Hardened Wired connection.
Sure, if you know nothing about security. Why does everyone think wired is so secure? I would say well implemented wireless networks are more secure than the average wired network. This is because well implemented wireless networks have strong authentication (e.g. client side certificates) and encryption whereas most wired networks do not have these things.
i.e. Encrypted information will stand out as structured data.
So you really believe that if I take a non-random stream and encrypt it with AES in CBC with a random key and random IV (both of which I can easily obtain as I can generate 2 * 128 bits of true random data with 256 flips of a fair coin) that you will be able to distinguish the resulting ciphertext from true random data?
I find that, and this company's claims, *highly* unlikely.
Thank you for the correction. It's a bit overkill to say I "don't have the slightest clue" what I'm talking about. Airspace over New York City and Washington DC was restricted by Operation Liberty Shield. The restriction put in place then is still in effect for Washington, but apparently the restriction around New York city was rescinded. Sorry I wasn't accurate as to the current status, as I'm not a pilot.
Isn't New York *full* of big buildings? Where exactly are you going to evacuate to?
Except that I wasn't in New York City, I was in Jersey City (which is where the planes were closest to) and though there are far fewer buildings, I happened to be in the biggest (and easiest) target.
They crushed them and then they went bankrupt (or soon will - it's hardly over) and in one fell swoop lost (or will soon lose) more money than the sum of their accumulated gains in prior decades.
D.E. Shaw had a hard hit because of LTCM years ago (and who didn't), but they've been doing very well ever since. I'm sure their risk management has improved significantly since LTCM (and they're substantially more capitalized) so it's unlikely they're going anywhere anytime soon.
I can only imagine one single way for you to evacuate a building in seconds. And I don't think you would survive it.
The further into the core of the building you get and the further down you manage to get increases your chances of surviving such an event if it were to happen. You don't just sit there and go "well, I'm dead either way."
The fact is that the plane made multiple passes. The third happened to be its last. Since it was unknown what was going on, if something were to happen, maybe it would take another pass or two. No one knew. Better to move as quickly as you can than sit still.
There are low flying planes all the time. It's not a reason to panic, and no reasonable person would believe they were likely to die there.
Easy to say when you weren't looking the plane dead in the eye coming straight at your building. While low flying planes may be "normal," this plane was in restricted airspace, was flying extremely irregularly, and was tailed by a fighter jet. That's anything but "normal." You have seconds to react to something like this. I'm rather happy I evacuated, anything else would have been foolish.
Plug any Cat5 in any Gigabit switch and you'll get a 100M connexion. Cat5e will get you 500M upstream and 500M downstream. Cat6 will get you true Gigabit
This is the most confidently incorrect comment I've ever read on here. You can quite usually get GigE on Cat 5 depending on distance and quality of the cable. Cat 5e will most certainly give you GigE if it's in-spec (distance and bend radii etc.). Cat 6 won't give you "true Gigabit" (whatever that means) if there's a crimp in it or some other imperfection, but quite naturally it will if it's in-spec.
The point is that you have no idea what you're talking about, and your blanket assertions are just plain wrong.
One serious problem with this. Your performance level is something like: constant/hours_to_deadline. Assuming you work to the deadline (logical), you will perform an infinite amount of work as the integral(1/x) on the interval 0 to t diverges.
Nehalem family CPUs have AES encryption commands in assembler (supported by Linux).
Except that AES isn't processor intensive to begin with; it's a bunch of XORs and table lookups for GF(8) exponentiation. The processor intensive part of SSL is the public key work.
Done and done... $50k and equivalent performance of the high end BIGIP stuff
Zeus is not a valid competitor for a lot of markets until they add Route Health Injection. It's a glaring feature-set hole for site-to-site failover (via routing) that both Citrix NetScaler and F5 BIGIP support as a bread-and-butter function.
Otherwise, their features like TrafficScript aren't half bad.
Here's a good definition of "engineer" from Wiktionary: "A person who, given a problem and a specific set of goals and constraints, finds a technical solution to the problem that satisfies those goals within those constraints. The goals and constraints may be technical, social, or business related."
Given that definition, there absolutely are software engineers. My degree in Engineering is not in "Network Engineering," but I call myself a "Network Engineer" because that's what I do.
The problems which that link discusses are general problems, not Intel's. Even in the worst case, the Intel drive is still better than all the other MLC drives. Anand did a very thorough analysis here and it's probably one of the best mainstream pieces of technical writing I've ever seen.
He basically justifies the whole existence of Anandtech with that one article.
1. Henry Paulson, former treasury secretary and key architect of the bailout plan, is a former CEO of Goldman Sachs.
And he sold all of his Goldman stock before accepting the position. So, he had zero legal tie to the firm at that point.
2. Goldman Sachs has receieved 10 billion in TARP money.
Change "has received" to "was forced to take." It was money they did not want, and are going to pay back ASAP.
3. Goldman Sachs has received 12-20 billion in additional monies via the AIG bailout.
Oh, you must be talking about the money that AIG legitimately owed Goldman. You can argue day and night about the AIG bailout, but to whom was the money going to go to if not the companies owed money by AIG?
Take your FUD elsewhere, please. You have zero understanding of the current economic problems and shouldn't speak about them out of turn.
lots of AIG's government money is going straight to them
Shock of all shocks. AIG owed Goldman money. A LOT of money. The whole reason for AIG to be bailed out was so that the companies that AIG was obligated to pay money to would be minimally affected. Goldman happened to be the biggest one of those.
All of Goldman's positions were either hedged or collateralized (mind you most of AIG's trading partners did not ask for collateral from AIG, Goldman did). If Goldman had to cash in on its hedges of exposure to AIG (if AIG had not been bailed out), the AIG collapse would have cascaded its way through the financial system far worse than it did.
Slashdot Mirror
See why wireless can never be secured more than wired can be?
I'm not an idiot, so you don't need to try to explain your point as if I am an idiot. I never make the argument that we should all use wireless. All I said that is people often take the time to secure wireless networks while completely neglecting their wired security, assuming that their physical security is adequate.
This is a naïve approach to security as most people's physical security sucks. It just so happens to leave them in a position where sure, their wireless network is authenticated and encrypted, but their wired network (which can be accessed by a visitor or the cleaning person who works nights) is wide open.
Where do you get the data that validates your statement that people are more likely to properly secure wireless networks than wired networks?
It's admittedly a combination of anecdotal knowledge as well as information from the large networking vendors about what they typically see their clients doing. I'd love there to be a proper study on it, but it's unlikely people are going to admit that their networks are insecure and they know it.
If a company's security is that bad on the wired network, what makes you think they'll magically wise up and properly implement their wireless? I'm guessing "Linksys" and no encryption is just as likely there.
From what I've seen, most companies are scared about the security of wireless so they put more effort into properly securing it, all the while blatantly ignoring the security holes associated with wired networks. I'm not saying this is a good thing, it just seems to be par for the course.
A default SSID and no encryption is a whole different issue and not one I'm speaking about.
So, let me get this straight: People should switch to wireless because they don't securely implement their wired connections, and properly configured wireless connections are more secure than improperly configured wired connections.
That's great except I never said anything about switching to wireless. In my opinion, wired connections are far more useful. I don't know why all the comments to my post are putting words in my mouth. You use words like "proper" and "improper" which is great, but ignores the reality that most companies just leave wired access completely open. It's silly to talk about the insecurity of wireless when wired networks are rarely locked down like they should be.
If you have to make a comparison between two things, but you give one of them a handicap (well secure vs average), and then say the other one is better, that's a poor comparison.
It's not a poor comparison, it's a real world comparison. People are more likely to properly secure wireless networks than wired networks. That's my main point.
Really what you're saying is "Wireless is more secure because it's so insecure at physical layer that we had to implement proper network security"
That's pretty much exactly what I'm saying. People zero in on wireless being insecure, but you can walk in to many, many companies, sit down at an open desk, plug in a laptop and have access to plenty of stuff you shouldn't.
client side certificates do jack BTW. They are easily faked.
You clearly have no idea what you're talking about and you've completely discredited yourself with this statement. How, pray tell, can you fake a client certificate? If you could, the whole premise of secure e-commerce goes out the window. You would have to possess the private key for the root or issuing CA to do this.
as for client side certs there is nothing preventing wired from having this, and in fact a lot of secure installations do. Just because Wireless has some fancy WPA stuff that most people should enable doesn't make it more secure, if anything it's a nice warm blanket for people to have.
Please re-read my original statement. I said "well implemented wireless networks are more secure than the average wired network." I am not arguing that the same security can be applied to wired networks. My point is that it's more likely to be found on wireless networks.
A Hardened Wireless connection will always be less secure then a Hardened Wired connection.
And I never claimed otherwise.
Sure, if you know nothing about security. Why does everyone think wired is so secure? I would say well implemented wireless networks are more secure than the average wired network. This is because well implemented wireless networks have strong authentication (e.g. client side certificates) and encryption whereas most wired networks do not have these things.
i.e. Encrypted information will stand out as structured data.
So you really believe that if I take a non-random stream and encrypt it with AES in CBC with a random key and random IV (both of which I can easily obtain as I can generate 2 * 128 bits of true random data with 256 flips of a fair coin) that you will be able to distinguish the resulting ciphertext from true random data?
I find that, and this company's claims, *highly* unlikely.
Thank you for the correction. It's a bit overkill to say I "don't have the slightest clue" what I'm talking about. Airspace over New York City and Washington DC was restricted by Operation Liberty Shield. The restriction put in place then is still in effect for Washington, but apparently the restriction around New York city was rescinded. Sorry I wasn't accurate as to the current status, as I'm not a pilot.
Isn't New York *full* of big buildings? Where exactly are you going to evacuate to?
Except that I wasn't in New York City, I was in Jersey City (which is where the planes were closest to) and though there are far fewer buildings, I happened to be in the biggest (and easiest) target.
They crushed them and then they went bankrupt (or soon will - it's hardly over) and in one fell swoop lost (or will soon lose) more money than the sum of their accumulated gains in prior decades.
D.E. Shaw had a hard hit because of LTCM years ago (and who didn't), but they've been doing very well ever since. I'm sure their risk management has improved significantly since LTCM (and they're substantially more capitalized) so it's unlikely they're going anywhere anytime soon.
I can only imagine one single way for you to evacuate a building in seconds. And I don't think you would survive it.
The further into the core of the building you get and the further down you manage to get increases your chances of surviving such an event if it were to happen. You don't just sit there and go "well, I'm dead either way."
The fact is that the plane made multiple passes. The third happened to be its last. Since it was unknown what was going on, if something were to happen, maybe it would take another pass or two. No one knew. Better to move as quickly as you can than sit still.
It's certainly close enough to be concerning.
Very concerning. That was the third pass. The other two were closer.
There are low flying planes all the time. It's not a reason to panic, and no reasonable person would believe they were likely to die there.
Easy to say when you weren't looking the plane dead in the eye coming straight at your building. While low flying planes may be "normal," this plane was in restricted airspace, was flying extremely irregularly, and was tailed by a fighter jet. That's anything but "normal." You have seconds to react to something like this. I'm rather happy I evacuated, anything else would have been foolish.
Plug any Cat5 in any Gigabit switch and you'll get a 100M connexion. Cat5e will get you 500M upstream and 500M downstream. Cat6 will get you true Gigabit
This is the most confidently incorrect comment I've ever read on here. You can quite usually get GigE on Cat 5 depending on distance and quality of the cable. Cat 5e will most certainly give you GigE if it's in-spec (distance and bend radii etc.). Cat 6 won't give you "true Gigabit" (whatever that means) if there's a crimp in it or some other imperfection, but quite naturally it will if it's in-spec.
The point is that you have no idea what you're talking about, and your blanket assertions are just plain wrong.
And yes, the inverted division is on purpose.
One serious problem with this. Your performance level is something like: constant/hours_to_deadline. Assuming you work to the deadline (logical), you will perform an infinite amount of work as the integral(1/x) on the interval 0 to t diverges.
If you can sell your boss on this, though, bravo.
Nehalem family CPUs have AES encryption commands in assembler (supported by Linux).
Except that AES isn't processor intensive to begin with; it's a bunch of XORs and table lookups for GF(8) exponentiation. The processor intensive part of SSL is the public key work.
The only comparable device is a module from Cisco that currently slips my mind.
The Cisco product is pretty sucky. The only comparable product is really Citrix NetScaler.
Done and done... $50k and equivalent performance of the high end BIGIP stuff
Zeus is not a valid competitor for a lot of markets until they add Route Health Injection. It's a glaring feature-set hole for site-to-site failover (via routing) that both Citrix NetScaler and F5 BIGIP support as a bread-and-butter function.
Otherwise, their features like TrafficScript aren't half bad.
Here's a good definition of "engineer" from Wiktionary: "A person who, given a problem and a specific set of goals and constraints, finds a technical solution to the problem that satisfies those goals within those constraints. The goals and constraints may be technical, social, or business related."
Given that definition, there absolutely are software engineers. My degree in Engineering is not in "Network Engineering," but I call myself a "Network Engineer" because that's what I do.
The problems which that link discusses are general problems, not Intel's. Even in the worst case, the Intel drive is still better than all the other MLC drives. Anand did a very thorough analysis here and it's probably one of the best mainstream pieces of technical writing I've ever seen.
He basically justifies the whole existence of Anandtech with that one article.
1. Henry Paulson, former treasury secretary and key architect of the bailout plan, is a former CEO of Goldman Sachs.
And he sold all of his Goldman stock before accepting the position. So, he had zero legal tie to the firm at that point.
2. Goldman Sachs has receieved 10 billion in TARP money.
Change "has received" to "was forced to take." It was money they did not want, and are going to pay back ASAP.
3. Goldman Sachs has received 12-20 billion in additional monies via the AIG bailout.
Oh, you must be talking about the money that AIG legitimately owed Goldman. You can argue day and night about the AIG bailout, but to whom was the money going to go to if not the companies owed money by AIG?
Take your FUD elsewhere, please. You have zero understanding of the current economic problems and shouldn't speak about them out of turn.
lots of AIG's government money is going straight to them
Shock of all shocks. AIG owed Goldman money. A LOT of money. The whole reason for AIG to be bailed out was so that the companies that AIG was obligated to pay money to would be minimally affected. Goldman happened to be the biggest one of those.
All of Goldman's positions were either hedged or collateralized (mind you most of AIG's trading partners did not ask for collateral from AIG, Goldman did). If Goldman had to cash in on its hedges of exposure to AIG (if AIG had not been bailed out), the AIG collapse would have cascaded its way through the financial system far worse than it did.