Currently I work for startup and my job is to secure our web based protect, which includes enforcing login authentication, encryption standards, database usage and more.
The method we use to employ was a tri-factor authentication system, password, TOTP and SMS / Email based tokenization, but we've officially taken the SMS authenticator away because just as this post points out, you have to guarantee who has the phone and somehow confirm the phone which received the SMS is the phone which was meant to.
Think of this concept as having an IP Address, you can send a message to IP 1.1.1.1 and you have to assume that where it ends up is the right destination, because you have to assume the person saying they're 1.1.1.1 is who was assigned that IP Address and not someone who basically stole it and is using it in an unauthorized fashion.
The better way to handle this kind of access security is to use AES_CCM based tokens that have TOTP built into them and force a login through use of a mutli-hop path that gets created and is active only for X Minutes after the user tries to login with their password. How this is works is that after you get the password, you generate a path descriptor which can talk with your Secure DNS. You encrypt this information with some form of AES (or any other standard). You put this information into a secured database system such as MongoDB with the FIPS compliance module active, and then send an email to person X with a link that activates the SDNS module, to read the string from the database, unencrypt it, develop a dynamic path to the end point and request the users TOTP from something they have. Once the user is logged in, you scramble all this information, then securely wipe it from both the program, memory and database and start all over.
If creationism wants equal footing in schools it should be held to a few standards:
1). Needs to have testable, provable and repeatable experiments. 2) It needs to be defended from multiple sources, as in you can't use the bible to defend it. 3) It needs to be taught with no religious overtone.
Creationism is a view held by the uneducated and the demented, when your entire theory is: "God did it", you've failed at all costs to provide anyone with a theory or even rational thought, and this is why it doesn't belong in schools.
It's almost as if you can hire people to test your software to make sure MAJOR problems like this don't sneak through. This is not an obscure memory leak, which lead to a date error causing a segfault, this is a MAJOR requirement being mis-implemented, which I'm sure is just as much on the requirements level as it is on the coding level.
In college I found i was unable to keep a standard notebook because I never found myself opening it to actually write anything. I looked online for a solution but there was nothing that really fulfilled the logging need. I ended up writing one that was a multiple platform system, which every X amount time, configurable in a web interface, a windows written in C with GTK would open on the desktop or phone, requiring you to enter a message so it could log it back to the server. the system used multi stage encryption and had a web portal where you could view, but not edit, all the messages. It had user accounts and pretty much everything you'd need to keep a rocking lab book.
Standardized tests would work if anyone could standardize to a curriculum or qualification for a teacher. the problem is that you have teacher X with skills Y and teaching ability Z, going up against a teacher T with skills Y and teaching ability U. When the standardized test comes, it's really up to the student to see how well they've managed to absorb the information from the teacher and convert it to a style that will work for the test. The entire system is designed to fail and no one seems to care.
To make this work you'd have to hard line that a teacher must teach to a standard A, they must know material to a standard B and they much have skills C, D and E. Then you'd have to release a curriculum that was designed to hand hold the teacher to teach it as F and allow the students to absorb the information in form G. It will never work and the no one can seem to understand this. It will never work as long as you can't enforce an absolute standard.
It's time to grow up as a collective society. Anyone still immature, irrational, childish, illogical and just down right moronic enough to believe that a God created everything and everyone and then told about it in poorly written, massively contradictory books, deserves to be mocked, and followed.
Islam is the story of God as told by an epileptic, illiterate, schizophrenic, paranoid, delusional, diapered, cave man. Who married a child, raped that child, wanted humanity to enslave women, kill people who didn't believe his bat shit crazy view and then (according to Islam), flew to heaven on a magical horse. Now when that your belief system, how much respect do you really want?
Islam is matched with Christianity and Jewish for all the time dumbest, most insane concepts on earth.
Religion is studied and believed by those who are so childish and immature, they need to hold the blanket of irrationality, pray to a sky daddy, who has no evidence, all to make themselves feel like they matter.
If I were the courts, I would said the answer is to grow up, stop acting like children, which is who religion is for, now lets grow up, you can start by taking the diaper off your head.
I love when the technology goes does, you see how little people actually know or care about there job. I'd be very surprised if any of the airport employees were working at even 20% of an acceptable speed. The technology is only an aid, not a replacement, you have to be ready to jump when it fails and kick into full blown action.
You bought a car which needs to be plugged in, you knew there was a shortage of available public charge spots and now you're mad that you can't find one?
If you knew of the problem before you bought the car, and you still bought the car, then you're an idiot.
We were using Preforce, that was the problem. Now each of those companies use GIT, which works, it's not the greatest thing since sliced bread, but it's works the best out of all of them.
In one company we had Preforce storing about 20 TB's of information. In a course of three months we had about 100 MB of that data get corrupted to the point the entire repo locked up. We then tried to delete the data but thanks to the corruption, which was caused by Preforce, we couldn't. We ended up on a call with Preforce and it took them weeks to figure out how to solve this problem.
About a year later I started at Blackberry, who were using Preforce. I updated development code into the main repo and BANG! Preforce corrupted the data, except that it didn't know it did, then Maven took the code and moved it out to development test beds which all crashed, costing Blackberry a couple MILLION DOLLARS!!!!
Unrelated to that, I then took another job at an engineering company. They didn't use any SCM or Version Control System, so I grabbed Preforce to see if they fixed the massive issues. I uploaded a copy of the code to the repo and guess what! BANG corrupted.
Preforce is NOT a safe environment, I've seen it corrupt data, cause damage, cause a loss of money, corrupt repo's, crash and just screw up servers. If it were a one off issue, that would be fine, but I've had many, many big issues with it.
Just go with GIT. The trust is no version control or SCM software is very good, they all suck in a lot of ways and have very limited strengths. One to totally stay from is Preforce, it's unstable, unsafe and you run a serious chance of loosing your code into a corrupted mess of memory errors.
Don't blame the managers, directors, marketers, or anyone else. Blame the people who have the least control over what they do, software development has become an industry of everyone else telling us how and what to do and we just get stuck with the work.
Which is why I tell all my bosses that I control the code and that's all there is to it.
I can't count the number of times I've been handed deadlines or requirements by managers / directors who have absolutely no clue about software development. The first thing you always do is to read the requirements, this in 99.999% of all cases cause them to be thrown back across the table because they're lacking anything actual requirements, the second thing you do is to throw out the deadline and set your own.
My rule is that the software will take how ever long it will take and that's it. It's the same way in the IT world, when I do IT consulting, I don't set deadlines and I don't set budgets, the project will take however long it takes at how much I charge, which I factor in at the end.
Non technical managers have to understand that it's the developers and administrators who set the deadline and not the other way around, I'm not going to work in a compressed time frame with bad requirements because some guy in a suit decided to sell my project one month early.
Well I'm currently waiting on Toronto City Council, John Tory and Wynne to get back to me on why it's an insane bilaw, so until then, you better give me room.
Most of the posted speed Limits are that - upper bounds on speed. It's rare to see a minimum speed posted. So I'm afraid you're just showing your ignorance.
Climate Change you have two: 1) The Republican Alternative - I'm ignorant and slightly inbred / retarded so I just say no. 2) There is no other answer.
Evolution 1) The Religious Argument ( Christian Version ) - God invented humanity to punish, murder, kill, rape and enslave it and when it came time to forgive humanity, he sent himself as his son to earth, to be abused, tortured and killed, to forgive himself, from himself, because of himself in the greatest act of sadomasochistic grandstanding ever. 2) The ID Argument - The Designer NOT God designed everything and left no proof ( except that it's rebadged creationism!) 3) There is no other argument!
So I'm glad schools are teaching fact, I guess it's about time:S
Slashdot Mirror
Actually I'm looking for a good secure / encryption strong tool that works on Linux and Windows, even better if it can do Android. Any Suggestions?
Currently I work for startup and my job is to secure our web based protect, which includes enforcing login authentication, encryption standards, database usage and more.
The method we use to employ was a tri-factor authentication system, password, TOTP and SMS / Email based tokenization, but we've officially taken the SMS authenticator away because just as this post points out, you have to guarantee who has the phone and somehow confirm the phone which received the SMS is the phone which was meant to.
Think of this concept as having an IP Address, you can send a message to IP 1.1.1.1 and you have to assume that where it ends up is the right destination, because you have to assume the person saying they're 1.1.1.1 is who was assigned that IP Address and not someone who basically stole it and is using it in an unauthorized fashion.
The better way to handle this kind of access security is to use AES_CCM based tokens that have TOTP built into them and force a login through use of a mutli-hop path that gets created and is active only for X Minutes after the user tries to login with their password. How this is works is that after you get the password, you generate a path descriptor which can talk with your Secure DNS. You encrypt this information with some form of AES (or any other standard). You put this information into a secured database system such as MongoDB with the FIPS compliance module active, and then send an email to person X with a link that activates the SDNS module, to read the string from the database, unencrypt it, develop a dynamic path to the end point and request the users TOTP from something they have. Once the user is logged in, you scramble all this information, then securely wipe it from both the program, memory and database and start all over.
If creationism wants equal footing in schools it should be held to a few standards:
1). Needs to have testable, provable and repeatable experiments.
2) It needs to be defended from multiple sources, as in you can't use the bible to defend it.
3) It needs to be taught with no religious overtone.
Creationism is a view held by the uneducated and the demented, when your entire theory is: "God did it", you've failed at all costs to provide anyone with a theory or even rational thought, and this is why it doesn't belong in schools.
It's almost as if you can hire people to test your software to make sure MAJOR problems like this don't sneak through. This is not an obscure memory leak, which lead to a date error causing a segfault, this is a MAJOR requirement being mis-implemented, which I'm sure is just as much on the requirements level as it is on the coding level.
In college I found i was unable to keep a standard notebook because I never found myself opening it to actually write anything. I looked online for a solution but there was nothing that really fulfilled the logging need. I ended up writing one that was a multiple platform system, which every X amount time, configurable in a web interface, a windows written in C with GTK would open on the desktop or phone, requiring you to enter a message so it could log it back to the server. the system used multi stage encryption and had a web portal where you could view, but not edit, all the messages. It had user accounts and pretty much everything you'd need to keep a rocking lab book.
Standardized tests would work if anyone could standardize to a curriculum or qualification for a teacher. the problem is that you have teacher X with skills Y and teaching ability Z, going up against a teacher T with skills Y and teaching ability U. When the standardized test comes, it's really up to the student to see how well they've managed to absorb the information from the teacher and convert it to a style that will work for the test. The entire system is designed to fail and no one seems to care.
To make this work you'd have to hard line that a teacher must teach to a standard A, they must know material to a standard B and they much have skills C, D and E. Then you'd have to release a curriculum that was designed to hand hold the teacher to teach it as F and allow the students to absorb the information in form G. It will never work and the no one can seem to understand this. It will never work as long as you can't enforce an absolute standard.
DNA scanning doesn't always work and at best can only give you a probability of what's wrong.
It's time to grow up as a collective society. Anyone still immature, irrational, childish, illogical and just down right moronic enough to believe that a God created everything and everyone and then told about it in poorly written, massively contradictory books, deserves to be mocked, and followed.
Islam is the story of God as told by an epileptic, illiterate, schizophrenic, paranoid, delusional, diapered, cave man. Who married a child, raped that child, wanted humanity to enslave women, kill people who didn't believe his bat shit crazy view and then (according to Islam), flew to heaven on a magical horse. Now when that your belief system, how much respect do you really want?
Islam is matched with Christianity and Jewish for all the time dumbest, most insane concepts on earth.
Religion is studied and believed by those who are so childish and immature, they need to hold the blanket of irrationality, pray to a sky daddy, who has no evidence, all to make themselves feel like they matter.
If I were the courts, I would said the answer is to grow up, stop acting like children, which is who religion is for, now lets grow up, you can start by taking the diaper off your head.
I love when the technology goes does, you see how little people actually know or care about there job. I'd be very surprised if any of the airport employees were working at even 20% of an acceptable speed. The technology is only an aid, not a replacement, you have to be ready to jump when it fails and kick into full blown action.
You bought a car which needs to be plugged in, you knew there was a shortage of available public charge spots and now you're mad that you can't find one?
If you knew of the problem before you bought the car, and you still bought the car, then you're an idiot.
We were using Preforce, that was the problem. Now each of those companies use GIT, which works, it's not the greatest thing since sliced bread, but it's works the best out of all of them.
In one company we had Preforce storing about 20 TB's of information. In a course of three months we had about 100 MB of that data get corrupted to the point the entire repo locked up. We then tried to delete the data but thanks to the corruption, which was caused by Preforce, we couldn't. We ended up on a call with Preforce and it took them weeks to figure out how to solve this problem.
About a year later I started at Blackberry, who were using Preforce. I updated development code into the main repo and BANG! Preforce corrupted the data, except that it didn't know it did, then Maven took the code and moved it out to development test beds which all crashed, costing Blackberry a couple MILLION DOLLARS!!!!
Unrelated to that, I then took another job at an engineering company. They didn't use any SCM or Version Control System, so I grabbed Preforce to see if they fixed the massive issues. I uploaded a copy of the code to the repo and guess what! BANG corrupted.
Preforce is NOT a safe environment, I've seen it corrupt data, cause damage, cause a loss of money, corrupt repo's, crash and just screw up servers. If it were a one off issue, that would be fine, but I've had many, many big issues with it.
Just go with GIT. The trust is no version control or SCM software is very good, they all suck in a lot of ways and have very limited strengths. One to totally stay from is Preforce, it's unstable, unsafe and you run a serious chance of loosing your code into a corrupted mess of memory errors.
Don't blame the managers, directors, marketers, or anyone else. Blame the people who have the least control over what they do, software development has become an industry of everyone else telling us how and what to do and we just get stuck with the work.
Which is why I tell all my bosses that I control the code and that's all there is to it.
I can't count the number of times I've been handed deadlines or requirements by managers / directors who have absolutely no clue about software development. The first thing you always do is to read the requirements, this in 99.999% of all cases cause them to be thrown back across the table because they're lacking anything actual requirements, the second thing you do is to throw out the deadline and set your own.
My rule is that the software will take how ever long it will take and that's it. It's the same way in the IT world, when I do IT consulting, I don't set deadlines and I don't set budgets, the project will take however long it takes at how much I charge, which I factor in at the end.
Non technical managers have to understand that it's the developers and administrators who set the deadline and not the other way around, I'm not going to work in a compressed time frame with bad requirements because some guy in a suit decided to sell my project one month early.
It's the teachers job to make science fun, not the schools.
Well I'm currently waiting on Toronto City Council, John Tory and Wynne to get back to me on why it's an insane bilaw, so until then, you better give me room.
The only reason everyone thought it was a bomb first was because of his name. It's sad in 2015 we still can't be adult and mature.
Most of the posted speed Limits are that - upper bounds on speed. It's rare to see a minimum speed posted. So I'm afraid you're just showing your ignorance.
That's not true in Ontario.
That's was pretty clear, logical and exclusive.
Haha! High Five!
What other realistic options are there?
:S
Climate Change you have two:
1) The Republican Alternative - I'm ignorant and slightly inbred / retarded so I just say no.
2) There is no other answer.
Evolution
1) The Religious Argument ( Christian Version ) - God invented humanity to punish, murder, kill, rape and enslave it and when it came time to forgive humanity, he sent himself as his son to earth, to be abused, tortured and killed, to forgive himself, from himself, because of himself in the greatest act of sadomasochistic grandstanding ever.
2) The ID Argument - The Designer NOT God designed everything and left no proof ( except that it's rebadged creationism!)
3) There is no other argument!
So I'm glad schools are teaching fact, I guess it's about time
That's not true in Ontario, you can get a charge for impeding traffic, by going to far under the speed limit.
Yes because as a cyclist, you're not keeping with the speed limit, so almost every cyclist is breaking that law.
Actually the posted speed limit is the law, if you go slower then it, you're impeding traffic, yet how many cyclists ever get a ticket for that.
In Toronto, out of 10 cyclists, 10 of them break laws. If you had a 100 cyclists you might have 1 who actually follows the law.