As discussed on the Raspberry forum, there is some integrated memory, but no USB or Ethernet are present. Liz from the RPI foundation writes that "there’s much more IO, so you can add your own . The idea here is that it’s the barest minimum, so folks working on industrial applications can add the ports and extra connectivity they need."
Don't fool yourself, this (temporary) rejection was only possible because some of the left wing party sneaked at the last minute to vote AGAINST the proposal. There were not enough right wing (government) politicians in the assembly to vote for it and the text was rejected.
This, however, changes NOTHING in the long run: despite being a stupid, non-applicable, lobbied-by-the-SACEM*-to-maintain-the-outdated-cash-machine, this law *will* be accepted in the end, since the government has enough of its own members of the Assemblee Nationale to vote for it, regardless of what the other "deputes" do.
When this stupid law is effective everybody loses, except maybe for recoding companies which will be able to seat for 20 more years on their obsolete business plan.
I do not think anyone can recommend the "best" company as the criteria for "best" depend on your business needs. That being said, I would recommend sending a request for proposal (or call for tender, I never know the correct name for this) to 5 companies with local offices so you can meet the ethical hackers if needed. This is good to avoid relying on a bunch of "not so white hackers" with little knowledge of collateral damages and potential impact of the pentest on the information system.
Make sure the intruders do not rely on automated tools. I have seen Eeye/ISS reports labelled as actual pentests reports, sold at pentest prices. A good pentest on a 3/3 application requires at least 8-10 days from my experience. These figures should be adapted to the complexity of the infrastructure of course.
I would also ask for information regarding - system tests vs application tests. The latter cannot be automated to be effective, but both are necessary for a pentest to be meaningful - the pentest methodology (do they have anything set or do they do it "as they feel" for each project), - audit trails gathering (all traffic between the pentest lab and your information system should be archived) - alert processes (what should they do if a critical vulnerability is discovered) and so on
Many companies with little knowledge of professional penetration testing sell intrusion services, from my point of view it is your job to select the best one, nobody on Slashdot can do that for you.
I fail to understand how a technical compatibility list (which is what the "Vista capable" logo is all about) can be modified by management. Did Microsoft execs magically increased the processing power of all the Intel 915 chipsets on earth?
(...) > laptops routinely contain vast amounts of the most > personal information about people's lives â" not to > mention privileged legal communications, > reporters' notes from confidential sources, trade > secrets, and other privileged information
> I believe traffic shaping is ok > when it's transparent and disclosed.
How do you adverstise such a thing when less than 10% of your customer base understand the concept behind it? Why would you advertise limited Internet access? I can see the ads
"Try out the new crippled broadband"
"Switch to web 0.5 right now"
"Cheap unlimited* access** to Internet***" Better filter things silently and handle the few complaints from the geeks. These guys cost more than they pay anyway.
> With a testbed of only 25-35, it is possible to pick a group of malware that can put any AV on top.
While your remark is true, I guess both tests are useful, depending which aspect of an antivirus is significant to you. Untangle tested 17 viruses (+ Eicar.com) captured "in the wild" from some mailbox, while av-test.org uses 600,000+ viruses for its tests. I prefer my antivirus to detect 100% of the 500 (?) viruses which are actually found all around the Internet rather than detect 565,865 viruses, 99% of which will never hit the mailservers of my company.
I hope that, if they make profit using these free softwares, they give some money back to the developers. I know that Renaud Deraison, one of the Nessus core developers, is tired of seing derivatives of his product sold by many companies which *never* give anything (bug reports, patches, plugins, money) back.
Hell, free software needs financial *and* technical support from those who use it. Or you won't be able to use it very long.
/. advertising Hackerz V0ice. Great
on
Hacker U.
·
· Score: 2, Insightful
This is just great. Anyone who has read Hackerz V0ice once knows they are just a bunch of lamerz who think they are the master of the Internet just because they know how to use Back Orrifice.
Hackerz V0ice (the magazine) is a piece of crap explaining how to use 3 years old "exploits" (hear : "windows trojans") in s0M Scr1Pt K1dY l4n64g3 50 FuL of M15T4kz I have to re-read sentences twice to understand what they mean.
The best part is that they think the represent the french "kackerz" (as if these guys were hackers) and advise anyone to rally their "movment". They want to be the french CCC, but they are just another group of computer illeterates who are trying to make money out of the Lin00X/Int3rn3T/conspir4Cy/"Micr0S0ft Sux" trend.
To bad only french sites talk about this magazine, you'll have to use babelfish, but *please* have a look at :
- http://www.kitetoa.com/_disc1/showthread.php3?thre adid=22
- news:fr.comp.securite
Either its loaded itself after Windows and then it's ll be erased if the FAT/NTFS partition is deleted, or it installs in the MBR, and then it's deleted if LILO or whatever erase the bootloader.
Anyway, since it's a *software* protection it is very likely to be circumvented (IMHO), by reinstalling Windows or installing Linux.
Slashdot Mirror
As discussed on the Raspberry forum, there is some integrated memory, but no USB or Ethernet are present.
Liz from the RPI foundation writes that "there’s much more IO, so you can add your own . The idea here is that it’s the barest minimum, so folks working on industrial applications can add the ports and extra connectivity they need."
Don't fool yourself, this (temporary) rejection was only possible because some of the left wing party sneaked at the last minute to vote AGAINST the proposal. There were not enough right wing (government) politicians in the assembly to vote for it and the text was rejected.
This, however, changes NOTHING in the long run: despite being a stupid, non-applicable, lobbied-by-the-SACEM*-to-maintain-the-outdated-cash-machine, this law *will* be accepted in the end, since the government has enough of its own members of the Assemblee Nationale to vote for it, regardless of what the other "deputes" do.
When this stupid law is effective everybody loses, except maybe for recoding companies which will be able to seat for 20 more years on their obsolete business plan.
I do not think anyone can recommend the "best" company as the criteria for "best" depend on your business needs.
That being said, I would recommend sending a request for proposal (or call for tender, I never know the correct name for this) to 5 companies with local offices so you can meet the ethical hackers if needed. This is good to avoid relying on a bunch of "not so white hackers" with little knowledge of collateral damages and potential impact of the pentest on the information system.
Make sure the intruders do not rely on automated tools. I have seen Eeye/ISS reports labelled as actual pentests reports, sold at pentest prices. A good pentest on a 3/3 application requires at least 8-10 days from my experience. These figures should be adapted to the complexity of the infrastructure of course.
I would also ask for information regarding
- system tests vs application tests. The latter cannot be automated to be effective, but both are necessary for a pentest to be meaningful
- the pentest methodology (do they have anything set or do they do it "as they feel" for each project),
- audit trails gathering (all traffic between the pentest lab and your information system should be archived)
- alert processes (what should they do if a critical vulnerability is discovered) and so on
Many companies with little knowledge of professional penetration testing sell intrusion services, from my point of view it is your job to select the best one, nobody on Slashdot can do that for you.
I fail to understand how a technical compatibility list (which is what the "Vista capable" logo is all about) can be modified by management.
Did Microsoft execs magically increased the processing power of all the Intel 915 chipsets on earth?
A fool and his money are soon parted
(...)
> laptops routinely contain vast amounts of the most
> personal information about people's lives â" not to
> mention privileged legal communications,
> reporters' notes from confidential sources, trade
> secrets, and other privileged information
and porn
> I believe traffic shaping is ok
> when it's transparent and disclosed.
How do you adverstise such a thing when less than 10% of your customer base understand the concept behind it?
Why would you advertise limited Internet access?
I can see the ads
"Try out the new crippled broadband"
"Switch to web 0.5 right now"
"Cheap unlimited* access** to Internet***"
Better filter things silently and handle the few complaints from the geeks. These guys cost more than they pay anyway.
> With a testbed of only 25-35, it is possible to pick a group of malware that can put any AV on top.
While your remark is true, I guess both tests are useful, depending which aspect of an antivirus is significant to you.
Untangle tested 17 viruses (+ Eicar.com) captured "in the wild" from some mailbox, while av-test.org uses 600,000+ viruses for its tests.
I prefer my antivirus to detect 100% of the 500 (?) viruses which are actually found all around the Internet rather than detect 565,865 viruses, 99% of which will never hit the mailservers of my company.
Wanna see Darth's head spinning _really_ fast ?
Post your IP address here !
"SPIM" ca be fun, especially when pr0n spammers use bots :-)
Too bad no screenshots are available. It is possible to easily take a screenshot of the Mandrake installation by pressing the "F2" key...
I hope that, if they make profit using these free softwares, they give some money back to the developers. I know that Renaud Deraison, one of the Nessus core developers, is tired of seing derivatives of his product sold by many companies which *never* give anything (bug reports, patches, plugins, money) back.
Hell, free software needs financial *and* technical support from those who use it. Or you won't be able to use it very long.
This is just great. Anyone who has read Hackerz V0ice once knows they are just a bunch of lamerz who think they are the master of the Internet just because they know how to use Back Orrifice.
e adid=22
Hackerz V0ice (the magazine) is a piece of crap explaining how to use 3 years old "exploits" (hear : "windows trojans") in s0M Scr1Pt K1dY l4n64g3 50 FuL of M15T4kz I have to re-read sentences twice to understand what they mean.
The best part is that they think the represent the french "kackerz" (as if these guys were hackers) and advise anyone to rally their "movment". They want to be the french CCC, but they are just another group of computer illeterates who are trying to make money out of the Lin00X/Int3rn3T/conspir4Cy/"Micr0S0ft Sux" trend.
To bad only french sites talk about this magazine, you'll have to use babelfish, but *please* have a look at :
- http://www.kitetoa.com/_disc1/showthread.php3?thr
- news:fr.comp.securite
Ztrace seems to be an exe.
Either its loaded itself after Windows and then it's ll be erased if the FAT/NTFS partition is deleted, or it installs in the MBR, and then it's deleted if LILO or whatever erase the bootloader.
Anyway, since it's a *software* protection it is very likely to be circumvented (IMHO), by reinstalling Windows or installing Linux.
> Try using Program Files in a command line path
Try using "progra~1"