It's all-in-one and you can certainly run any emulator you want on it to get your nostalgia fix. On top of that, it has wireless HDMI and wifi built in.
Are QA Engineers scientists, too? These people design and run tests based on scientific principles every day. But they never publish in scientific journals and their titles use the word "engineer" not "scientist."
Your bias against things "unnatural" is both fallacious and backward. "Naturally" we live short, painful lives; then we die. It is only by rejecting the "natural" that man advances. Embrace the unnatural. Study it, test it, then live it. It's the only way forward.
Just as most car drivers don't know how to design safe airbag systems, most people running public-facing websites don't know how to build proper security. They just download some free CMS and go with it.
I bought a $450 netbook. I bought it for the portability. The ultra-cheap netbooks are less portable (weak battery, limiting disks) and more infuriating (crappy keyboards, glitchyness).
There was and still is a market for both ends of the spectrum. But who would buy such a thing at Staples? There is better selection and lower pricing online... without sales tax, too.
There are more netbooks out there than iPads. Neither is a "fad." And to say either is "dead" is absurd.
Making sure everyone has fast, reliable access available is great; but the FCC also has to worry about internet caps! Now that AT&T is cutting people off after a certain amount of bandwidth use, someone with the power to stop this monopolistic abuse needs to flex some muscle. What is the FCC doing about internet caps?
This isn't just a CA problem. Failure to use proper authentication is everywhere. Here's the rule of thumb you need to know regarding authentication:
If the system or data is at all important, it should be virtually impossible to access it without real two-factor authentication. A CA is important. Financial systems are important. The Administrative interfaces to your company's core systems are important.
Comodo should have required this of its customers, but more importantly, YOUR company should be requiring it of itself. Is it?
So some of slashdot's code is available. The same is true of McAfee's marketing website. Minor.
You call XSS in a marketing site 'critical.' I would love to know what you don't think is critical. I would bet real money that such a problem is nowhere near the high end of the spectrum of most companies' security threat profiles.
Yes. Slashdot's source code is "disclosed." Do you call that a threat?
Is XSS minor? Yes, this particular variety is the minor end of the spectrum. There are far more serious problems which are very common with web apps (injection, authentication, etc.).
So do I. And because I work in a place larger than a popsicle stand, I know that minor security issues like this are par for the course in marketing material. I also know that security analysis is expensive. And to top it off, I know that organizations, even security organizations, don't do well if they waste money on minor issues that could go to fixing more important ones.
But you go ahead and enjoy bankrupting your popsicle stand by applying inappropriate levels of security control to everything...
These are all minor security problems... some of which are so minor one could debate whether they should even be classified as security problems at all. Really, this is much ado about little. Any big website will have things like this. Even security experts make mistakes, and most of the staff at McAfee, as with all other big companies, aren't security experts.
Right. Focusing on read and write speed is misleading. The reason for this is that the perceived speed of SSDs comes from seek times, not R/W speed.
Think of it like this: ever play a game on a server in Korea with a one-second ping? Even if your connection is 100Mb/s, that feels horrible. This is analogous to a mechanical hard drive. Compare it to the LAN game where the server is 10ms away - even on a 10Mb/s pipe it's far better. That's what an SSD feels like.
If there are any irrational beliefs in this thread, you take the lead.
People believed that Asset Backed Paper Commodities made sense
Are you joking? Asset-backed securities are traded all the time. Every day. And they make sense. Trading a physical boat full of oil, for example, is a lot harder on the back than trading a contract for the delivery of a boat full of oil.
You seem to have very strong opinions about a subject you know very little about.
Put things in perspective: if golf is your primary leisure activity, you will easily spend $500 on equipment--maybe even on a single club. If you're into winter sports, you'll spend that much on a season lift pass. Have a passion for fine wine? $500 is a few bottles of good stuff. Like to travel? That's only half a plane ticket.
Now consider someone for whom gaming is the primary leisure activity. Spending $500 every couple years (call it $200/year after selling the old card) is downright cheap compared to other forms of entertainment. Buying top-of-the-line graphics cards is actually a frugal use of your entertainment dollars.
[Facepalm] Clearly, you're just a troll with a silly statement like that. Of course, this should be obvious to anyone reading by now, but your responses are really just pedantic, pointless puffery. Broadly speaking, DoS flaws are low severity. And since this is a broad forum, "broadly speaking" is all we can reasonably hope for. We in the security world know that individual circumstances vary. That is so obvious that it goes without saying. So don't expect to get a gold star for pointing out the obvious.
Yes, I posted twice. But only because slashdot had an outage during which comments were not showing up. Apparently slashdot was queuing up posts but not displaying them until later for a while earlier today. Don't blame me for slashdot's bug.
"High" and "Low" are relative. A high severity DNS flaw would be one that allows attackers to redirect all banking websites to a site they control, as an example. A low severity DNS flaw would be one that makes things not work for a little bit. Any botnet operator could take a DNS server offline anyway, with or without a flow. Low severity.
High severity threats are those that either disclose sensitive information or allow unauthorized control of a service or system. Denial of service vulnerabilities are almost universally considered low severity. This is just one more in a long list of known ways to DoS a system.
This sounds like a denial-of-service flaw. Such flaws are considered "low severity" in all but the rarest cases. A high-severity flaw would be one which either gives a hacker control of a service or access to sensitive information.
This is just one more in a long list of well-known ways anyone could knock a server offline.
Slashdot Mirror
Are you talking about the Asus Eee Keyboard?
It's all-in-one and you can certainly run any emulator you want on it to get your nostalgia fix. On top of that, it has wireless HDMI and wifi built in.
http://en.wikipedia.org/wiki/ASUS_Eee_Keyboard
Continue to have? CONTINUE TO HAVE? We haven't had decent anti-monopoly regulation since Teddy Roosevelt was president.
Are QA Engineers scientists, too? These people design and run tests based on scientific principles every day. But they never publish in scientific journals and their titles use the word "engineer" not "scientist."
I suffer from a similar disability known as "hypnogonadism."
Your bias against things "unnatural" is both fallacious and backward. "Naturally" we live short, painful lives; then we die. It is only by rejecting the "natural" that man advances. Embrace the unnatural. Study it, test it, then live it. It's the only way forward.
Just as most car drivers don't know how to design safe airbag systems, most people running public-facing websites don't know how to build proper security. They just download some free CMS and go with it.
They review BMWs, which are perfectly affordable by people with IT salaries.
I bought a $450 netbook. I bought it for the portability. The ultra-cheap netbooks are less portable (weak battery, limiting disks) and more infuriating (crappy keyboards, glitchyness).
There was and still is a market for both ends of the spectrum. But who would buy such a thing at Staples? There is better selection and lower pricing online... without sales tax, too.
There are more netbooks out there than iPads. Neither is a "fad." And to say either is "dead" is absurd.
Making sure everyone has fast, reliable access available is great; but the FCC also has to worry about internet caps! Now that AT&T is cutting people off after a certain amount of bandwidth use, someone with the power to stop this monopolistic abuse needs to flex some muscle. What is the FCC doing about internet caps?
This isn't just a CA problem. Failure to use proper authentication is everywhere. Here's the rule of thumb you need to know regarding authentication:
If the system or data is at all important, it should be virtually impossible to access it without real two-factor authentication. A CA is important. Financial systems are important. The Administrative interfaces to your company's core systems are important.
Comodo should have required this of its customers, but more importantly, YOUR company should be requiring it of itself. Is it?
So some of slashdot's code is available. The same is true of McAfee's marketing website. Minor.
You call XSS in a marketing site 'critical.' I would love to know what you don't think is critical. I would bet real money that such a problem is nowhere near the high end of the spectrum of most companies' security threat profiles.
Yes. Slashdot's source code is "disclosed." Do you call that a threat?
Is XSS minor? Yes, this particular variety is the minor end of the spectrum. There are far more serious problems which are very common with web apps (injection, authentication, etc.).
A scan? Are you kidding? Scanning can prove the existence of security problems; it can never prove that none exist. This is like IT 101, kid.
That is a lie.
Citation needed. Can't back up your lies?
So do I. And because I work in a place larger than a popsicle stand, I know that minor security issues like this are par for the course in marketing material. I also know that security analysis is expensive. And to top it off, I know that organizations, even security organizations, don't do well if they waste money on minor issues that could go to fixing more important ones.
But you go ahead and enjoy bankrupting your popsicle stand by applying inappropriate levels of security control to everything...
Show me where the people who manage McAfee's marketing web site are referred to as "security experts." I'll wait.
These are all minor security problems... some of which are so minor one could debate whether they should even be classified as security problems at all. Really, this is much ado about little. Any big website will have things like this. Even security experts make mistakes, and most of the staff at McAfee, as with all other big companies, aren't security experts.
Right. Focusing on read and write speed is misleading. The reason for this is that the perceived speed of SSDs comes from seek times, not R/W speed.
Think of it like this: ever play a game on a server in Korea with a one-second ping? Even if your connection is 100Mb/s, that feels horrible. This is analogous to a mechanical hard drive. Compare it to the LAN game where the server is 10ms away - even on a 10Mb/s pipe it's far better. That's what an SSD feels like.
And? The trading of asset-backed contracts does and continues to make sense overall. The people who thought that was a good idea were right.
If there are any irrational beliefs in this thread, you take the lead.
Are you joking? Asset-backed securities are traded all the time. Every day. And they make sense. Trading a physical boat full of oil, for example, is a lot harder on the back than trading a contract for the delivery of a boat full of oil.
You seem to have very strong opinions about a subject you know very little about.
Put things in perspective: if golf is your primary leisure activity, you will easily spend $500 on equipment--maybe even on a single club. If you're into winter sports, you'll spend that much on a season lift pass. Have a passion for fine wine? $500 is a few bottles of good stuff. Like to travel? That's only half a plane ticket.
Now consider someone for whom gaming is the primary leisure activity. Spending $500 every couple years (call it $200/year after selling the old card) is downright cheap compared to other forms of entertainment. Buying top-of-the-line graphics cards is actually a frugal use of your entertainment dollars.
[Facepalm] Clearly, you're just a troll with a silly statement like that. Of course, this should be obvious to anyone reading by now, but your responses are really just pedantic, pointless puffery. Broadly speaking, DoS flaws are low severity. And since this is a broad forum, "broadly speaking" is all we can reasonably hope for. We in the security world know that individual circumstances vary. That is so obvious that it goes without saying. So don't expect to get a gold star for pointing out the obvious.
Yes, I posted twice. But only because slashdot had an outage during which comments were not showing up. Apparently slashdot was queuing up posts but not displaying them until later for a while earlier today. Don't blame me for slashdot's bug.
"High" and "Low" are relative. A high severity DNS flaw would be one that allows attackers to redirect all banking websites to a site they control, as an example. A low severity DNS flaw would be one that makes things not work for a little bit. Any botnet operator could take a DNS server offline anyway, with or without a flow. Low severity.
High severity threats are those that either disclose sensitive information or allow unauthorized control of a service or system. Denial of service vulnerabilities are almost universally considered low severity. This is just one more in a long list of known ways to DoS a system.
This sounds like a denial-of-service flaw. Such flaws are considered "low severity" in all but the rarest cases. A high-severity flaw would be one which either gives a hacker control of a service or access to sensitive information.
This is just one more in a long list of well-known ways anyone could knock a server offline.