A year or so ago, I was able to see all of the downloaded flash videos in/tmp, and it was so convenient! Then flashplayer was updated and I can't find them anymore. Do you know how to get them into/tmp again? I'm running Firefox 13 and Debian Squeeze (if that info is useful).
When my dad was young, he build radios and other electronic devices from kits (including ones made by HeathKit). When I was in high school, I build a few computers, installed Ubuntu on them, and learned the basics of programming. Programming when my dad was in high school was inaccessible except to those at universities. Debugging was extremely hard, and programmers of that day did not have all of the useful libraries of code to choose from. Now, hardware and software have switched places in terms of accessibility. The components of modern hardware require specialized equipment to service, i.e. everything's too small for you to solder. On the other hand, anyone with interest can download an IDE and compilers for free and make use of the vast resources on the internet to teach themselves to program. All they need is a PC, which one can build/buy for just a few hundred dollars.
The other day, I was pondering using a universal system of public-key authentication for all financial transactions. Our current system is basically sharing a "secret" in order to authorize a transaction, whether it be a credit card number, a bank account number (in the case of checks or wire transfers), or a social security number (in the case of loans). Using a public key system (where the private key is difficult to compromise) to sign transactions would greatly limit the number of transactions that an identity thief could make, since the holder of the private key would have to be aware of the transactions. I'm not saying keeping the private key private is easy, but I think it is possible to find a solution that works well enough. (To give credit, I read about this idea somewhere; it's not mine.)
Back on topic, the government would probably be the entity to implement such a solution. While it would be great to reduce identity theft, there is also much potential for abuse. It could be required for access to the internet, for example. Even if a law was created saying that this system could only be used for financial transactions, we know how well that worked with Social Security numbers being only for Social Security. Any thoughts on this?
Starting August 15, 2011, viewers of content from Fox and related networks will have to authenticate whether they subscribe to a paid cable or satellite service wherever Fox streams episodes, including Hulu, to be able to watch them the morning after the first airing. Non-subscribers will see those episodes delayed a week before they are viewable.
The wikipedia article cites the following NY Times article. The source is more credible, and there's a big difference between "Hulu to Require Viewers To Have a Cable Subscription" and "Fox to Limit Next-Day Streaming on Hulu to Paying Cable Customers."
I'd consider technet.microsof.com to be untrusted. Hackers love to take advantage of URL typos to post fake sites. This is just one more thing that users need to be aware of. Some DNS servers will auto-correct a mis-typed URL (by redirecting to the correct one), but until this practice is standardized, this will be a problem.
You mentioned that backtrack is "a distro specifically build for security and penetration testing." I agree that it's built for penetration testing, but it is a bunch of security tools. It is not a hardened operating system. When writing non-trivial software, especially operating systems, there will always be security bugs, and you will always wonder what has been missed. That's why testing is important, and the advantage of open source makes it easier to fix the bugs when they're found.
Reading the TFA (this is./ I know;) the vulnerability was in WICD, a daemon used to connect to wifi. I've seen WICD in other linux distros (as a matter of fact you can install it if you don't like network-manager), so those distros are vulnerable as well if they run the affected version. IMHO, I think that the bigger issue is that the other distros are vulnerable, as people running those distros on servers don't want people to get root access, whereas that isn't such a big deal with backtrack (although it's beyond me why anyone would want wifi on a server!).
A fair number of the tools on backtrack have to be run as root. If you use the LiveCD or boot it from a flash drive (which is what I usually do), it instructs you to log in as root (with the default password of toor). Unless you were running Backtrack on a server with unpriviledged users, I don't see what the issue is. Just don't open any ports and you'll be fine (and if you're pentesting, why would you - you don't want to be detected).
I don't give FB enough information to try to infer people I might like to know.
I'd be curious how you did that. A couple years ago, my girlfriend talked me into getting a Facebook account . I entered in only the basic, required information and nothing else. Immediately upon initial login, without entering in any additional information, it suggested a list of about 10 people who could potentially be my friends. Six of those people I actually knew. One had previously sent me an invite to FB; I have no idea how FB came up with the others! I ended up never using the account and subsequently "deleted" it.
Why another smartphone OS? It seems like so many companies just copy what is doing well in the market, and the resulting product flops within a few years. Mostly Apple products are being copied (look at Mircosoft, the Gnome project, and now Mozilla). I would rather like to see some original innovation.
Not an Apple fan, just my $0.02
While I do agree that there should be more than two (very similar) parties in this country, I doubt it has gotten to be as bad as outright rigged elections.
I found that lastpass works well for me. I use the same method you mentioned, memorizing a strong master password and then using the built-in password generator. It encrypts everything with your master password before uploading it to lastpass's servers. All encryption/decryption happens on your local machine, so lastpass.com cannot decrypt your passwords. The benefit to using lastpass is that you can use it on just about any browser on just about any operating system. It automatically syncs your passwords (in their encrypted form), so you can add a password on one computer and have it show up on another when you log into lastpass. I find this extremely useful, especially since my university requires me to change my password every 90 days!:( If you decide to switch, lastpass supports importing your passwords from a variety of other password managers, including 1Password.
You can get all of the functionality you just listed on a Nokia N900 running Maemo. I regularly use the terminal and ssh. I can run bash scripts and python v2.5.4 is installed. I have a GUI for OpenVPN which integrates nicely with the built-in wifi manager (although you can use the terminal and config files if you want). The problem is that the N900 is a dated platform. The GUI isn't as nice as what I've seen on Android and can be buggy at times. The device can be slow. I really wish that they could update the whole thing: hardware, operating system, and user interface while keeping the Linux base (and keeping the hardware keyboard!).
The cameras did not deter the criminals who murdered the man because they either did not see the cameras or did not care that they were there. If the cameras do not deter criminals, than what are they really for? I doubt I'll like the answer to that question.
I don't use adblock, but I NEVER click on ads (at least the ones that get past noscript). I would not buy a product by clicking on an ad, and there is always a security risk when you click an ad. So the question is, in the eyes of an advertiser, what's the difference between me and someone who uses adblock? It was my understanding that they got paid by the click, not the view.
Foxconn doesn't give half a shit about keeping their employees from committing suicide. The reason they are forcing their workers to sign a no-suicide pact is to keep family members from suing for more than the minimum compensation. Disgusting.
A virus scanner is a good idea as well, since it can help catch things if you slip up (and we all slip up).
I work at a help desk, and people bring in infected machines all the time, mainly with fake antivirus scam malware. I've found that the anti-virus software has either been circumvented by the malware, or it hasn't detected the virus. The best way to solve the problem of casual, drive-by malware is user education.
Specifically, users should be informed of:
1. Always run your machine behind a firewall.
2. Never run or click on something that gives you even the slightest suspicion.
3. Be able to tell the difference between what's running in your browser, and what's running in your operating system. Many of the fake antivirus scams pretend to show a Windows XP version of My Computer in a browser window in an infected state.
4. Poor english in an email or application is a sure sign of a scam.
I would propose TV commercials as a medium to teach items 1, 2, and 4. These methods could be communicated in a short but informative way (i.e. showing someone plugging an ethernet cable into a router with a visual representation of what the router's built-in firewall does for item 1). Item 3 could be communicated through a tutorial shipped with new computers.
The conservative base is about all we have protecting the freedom of corporations at this point.
Fixed. History has shown that when there is no government regulation, companies will do whatever they want, trampling anyone who ever gets in the way. Ever heard of the Gilded Era? Would you rather have the government be in control (which is at least supposed to keep the interests of the people in mind) or large corporations who care about only one thing: making the most money at any cost.
Slashdot Mirror
A year or so ago, I was able to see all of the downloaded flash videos in /tmp, and it was so convenient! Then flashplayer was updated and I can't find them anymore. Do you know how to get them into /tmp again? I'm running Firefox 13 and Debian Squeeze (if that info is useful).
When my dad was young, he build radios and other electronic devices from kits (including ones made by HeathKit). When I was in high school, I build a few computers, installed Ubuntu on them, and learned the basics of programming. Programming when my dad was in high school was inaccessible except to those at universities. Debugging was extremely hard, and programmers of that day did not have all of the useful libraries of code to choose from. Now, hardware and software have switched places in terms of accessibility. The components of modern hardware require specialized equipment to service, i.e. everything's too small for you to solder. On the other hand, anyone with interest can download an IDE and compilers for free and make use of the vast resources on the internet to teach themselves to program. All they need is a PC, which one can build/buy for just a few hundred dollars.
The other day, I was pondering using a universal system of public-key authentication for all financial transactions. Our current system is basically sharing a "secret" in order to authorize a transaction, whether it be a credit card number, a bank account number (in the case of checks or wire transfers), or a social security number (in the case of loans). Using a public key system (where the private key is difficult to compromise) to sign transactions would greatly limit the number of transactions that an identity thief could make, since the holder of the private key would have to be aware of the transactions. I'm not saying keeping the private key private is easy, but I think it is possible to find a solution that works well enough. (To give credit, I read about this idea somewhere; it's not mine.)
Back on topic, the government would probably be the entity to implement such a solution. While it would be great to reduce identity theft, there is also much potential for abuse. It could be required for access to the internet, for example. Even if a law was created saying that this system could only be used for financial transactions, we know how well that worked with Social Security numbers being only for Social Security. Any thoughts on this?
Starting August 15, 2011, viewers of content from Fox and related networks will have to authenticate whether they subscribe to a paid cable or satellite service wherever Fox streams episodes, including Hulu, to be able to watch them the morning after the first airing. Non-subscribers will see those episodes delayed a week before they are viewable.
The wikipedia article cites the following NY Times article. The source is more credible, and there's a big difference between "Hulu to Require Viewers To Have a Cable Subscription" and "Fox to Limit Next-Day Streaming on Hulu to Paying Cable Customers."
I'd consider technet.microsof.com to be untrusted. Hackers love to take advantage of URL typos to post fake sites. This is just one more thing that users need to be aware of. Some DNS servers will auto-correct a mis-typed URL (by redirecting to the correct one), but until this practice is standardized, this will be a problem.
You mentioned that backtrack is "a distro specifically build for security and penetration testing." I agree that it's built for penetration testing, but it is a bunch of security tools. It is not a hardened operating system. When writing non-trivial software, especially operating systems, there will always be security bugs, and you will always wonder what has been missed. That's why testing is important, and the advantage of open source makes it easier to fix the bugs when they're found.
./ I know ;) the vulnerability was in WICD, a daemon used to connect to wifi. I've seen WICD in other linux distros (as a matter of fact you can install it if you don't like network-manager), so those distros are vulnerable as well if they run the affected version. IMHO, I think that the bigger issue is that the other distros are vulnerable, as people running those distros on servers don't want people to get root access, whereas that isn't such a big deal with backtrack (although it's beyond me why anyone would want wifi on a server!).
Reading the TFA (this is
A fair number of the tools on backtrack have to be run as root. If you use the LiveCD or boot it from a flash drive (which is what I usually do), it instructs you to log in as root (with the default password of toor). Unless you were running Backtrack on a server with unpriviledged users, I don't see what the issue is. Just don't open any ports and you'll be fine (and if you're pentesting, why would you - you don't want to be detected).
I don't give FB enough information to try to infer people I might like to know.
I'd be curious how you did that. A couple years ago, my girlfriend talked me into getting a Facebook account . I entered in only the basic, required information and nothing else. Immediately upon initial login, without entering in any additional information, it suggested a list of about 10 people who could potentially be my friends. Six of those people I actually knew. One had previously sent me an invite to FB; I have no idea how FB came up with the others! I ended up never using the account and subsequently "deleted" it.
Prepare to fight the zombies! ;)
Why another smartphone OS? It seems like so many companies just copy what is doing well in the market, and the resulting product flops within a few years. Mostly Apple products are being copied (look at Mircosoft, the Gnome project, and now Mozilla). I would rather like to see some original innovation. Not an Apple fan, just my $0.02
While I do agree that there should be more than two (very similar) parties in this country, I doubt it has gotten to be as bad as outright rigged elections.
I found that lastpass works well for me. I use the same method you mentioned, memorizing a strong master password and then using the built-in password generator. It encrypts everything with your master password before uploading it to lastpass's servers. All encryption/decryption happens on your local machine, so lastpass.com cannot decrypt your passwords. The benefit to using lastpass is that you can use it on just about any browser on just about any operating system. It automatically syncs your passwords (in their encrypted form), so you can add a password on one computer and have it show up on another when you log into lastpass. I find this extremely useful, especially since my university requires me to change my password every 90 days! :( If you decide to switch, lastpass supports importing your passwords from a variety of other password managers, including 1Password.
You can get all of the functionality you just listed on a Nokia N900 running Maemo. I regularly use the terminal and ssh. I can run bash scripts and python v2.5.4 is installed. I have a GUI for OpenVPN which integrates nicely with the built-in wifi manager (although you can use the terminal and config files if you want). The problem is that the N900 is a dated platform. The GUI isn't as nice as what I've seen on Android and can be buggy at times. The device can be slow. I really wish that they could update the whole thing: hardware, operating system, and user interface while keeping the Linux base (and keeping the hardware keyboard!).
The cameras did not deter the criminals who murdered the man because they either did not see the cameras or did not care that they were there. If the cameras do not deter criminals, than what are they really for? I doubt I'll like the answer to that question.
I don't use adblock, but I NEVER click on ads (at least the ones that get past noscript). I would not buy a product by clicking on an ad, and there is always a security risk when you click an ad. So the question is, in the eyes of an advertiser, what's the difference between me and someone who uses adblock? It was my understanding that they got paid by the click, not the view.
... called NoScript. I would really like to see a NoScript for Chrome. Why hasn't one been created?
I was just walking along with a crowbar in my hand...
in case a headcrab jumped out at me from under some barrels in an alley of course. ;)
I would be more inclined to take your post seriously if you provided some sources to back up your claims.
Would you mind to share your shell script? I also have a N900, and I'm curious to see how it works. ;)
Foxconn doesn't give half a shit about keeping their employees from committing suicide. The reason they are forcing their workers to sign a no-suicide pact is to keep family members from suing for more than the minimum compensation. Disgusting.
A virus scanner is a good idea as well, since it can help catch things if you slip up (and we all slip up).
I work at a help desk, and people bring in infected machines all the time, mainly with fake antivirus scam malware. I've found that the anti-virus software has either been circumvented by the malware, or it hasn't detected the virus. The best way to solve the problem of casual, drive-by malware is user education.
Specifically, users should be informed of:
1. Always run your machine behind a firewall.
2. Never run or click on something that gives you even the slightest suspicion.
3. Be able to tell the difference between what's running in your browser, and what's running in your operating system. Many of the fake antivirus scams pretend to show a Windows XP version of My Computer in a browser window in an infected state.
4. Poor english in an email or application is a sure sign of a scam.
I would propose TV commercials as a medium to teach items 1, 2, and 4. These methods could be communicated in a short but informative way (i.e. showing someone plugging an ethernet cable into a router with a visual representation of what the router's built-in firewall does for item 1). Item 3 could be communicated through a tutorial shipped with new computers.
Embedding Win9X does not sound like a good idea security-wise if the device is going to go anywhere near the internet.
But are 9mm rounds typically used for hunting?
If you want to encrypt stuff that you store on S3, try JungleDisk: https://www.jungledisk.com/
The conservative base is about all we have protecting the freedom of corporations at this point.
Fixed. History has shown that when there is no government regulation, companies will do whatever they want, trampling anyone who ever gets in the way. Ever heard of the Gilded Era? Would you rather have the government be in control (which is at least supposed to keep the interests of the people in mind) or large corporations who care about only one thing: making the most money at any cost.