Designing your own operating system isn't exactly a small feat.. Linux already has very good penetration into the server market, and offers the security that most organizations should have. Linux is what Windows should be. There's a LOT you can do with that kernel.
Obviously complexity makes security difficult, but there's nothing wrong with making something complex if you're actually capable of managing it. Is setting up a rock solid firewall difficult for the average person in IT? Should we just get rid of anything in security that is relatively complex? I'd much rather have more options (not necessarily obfuscation) than be pigeon holed into something just because it's simple. Security is not simple, and it never will be.
oh.. you know.. there's been a few exploits, but flash isn't all that vulnerable. I wouldn't worry too much about patching flash or any other adobe products if I was you. They do a pretty good job with security.
Google probably knows more than NSA when it comes to things like search, but when it comes to breaking into a computer that doesn't belong to you, you're not going to find anyone much more knowledgeable than the NSA.
Leadership is the single most important thing when an organization is attempting to complete a task. It doesn't matter how much money, regulation, or attention you give something; if the people in charge don't know what they're doing and aren't building a good team, things are going to head down hill.
Having similar interests is kind of like sex; it isn't what makes a relationship(um.. right?). It only really facilitates it, IMO. Just because I meet someone who likes nerdy computer crap, plays the same games as me, and likes the same TV shows and music as I do doesn't mean I'm going to like them. That might be someone I could be friends with, but even that's still a might.
Having core personality characteristics that match up is what matters. If the person is a complete asshat, I'm not going to want to have anything to do with them, even if they do have big boobs and play Call of Duty.
What about my pneumatic tube filled with (carefully stacked) 32gb microsd cards? I didn't bother counting how many I put in, but I betcha' I got better bandwidth than you!
We have much more of an ability to make change through the democratic process than we do by trying to scream at/boycott a corporation until we get what we want.
Not that most people know enough about what is going on in the world to change their vote based on something technology related like this, but that'll probably change as more old people die. We have a much better chance of getting people to go out and vote than we do with getting enough people to boycott a corporation.
While it may not happen quite as quickly as people trying to get you to read their article or sell you new hardware want you to think, I don't see how we'll be able to put this off forever. Eventually, everything will get swallowed up by the internet. Your phone, your tv, your radio, you dog, and you house will ALL have their own IP addresses eventually.
Think of the adorable puppies!! How will the people of the future have adorable puppies if we don't migrate to IPv6?!!!?
b-b-b-but with encryption, how will we keep the internet secure?? If I can't monitor every single packet moving through a node, how will I know if someone's attacking/?!!?!?
Executives just don't seem to understand the least remote concepts of encryption...
Lets say I give hacker bob 12 laptops with 5 million credit card numbers on each of them. They're fully encrypted, don't run as root, and he doesn't have any passwords/keys. Laptops limit non-root users from removing any data, but there's still an ethernet port and a usb drive. What should I expect to happen here?
Verizon publishes a really interesting (downloads pdf) study on breaches every so often. While things are probably much different when it comes to actual banks, it mentions that 80% or so of the 'data' lost in breaches is actually coming from outsiders now a days.
Insiders still have the largest breaches, but the sheer number of outside breaches are dominating the current trends.
Wow, I didn't realize Hathaway had resigned.. but I guess that's why she didn't get the job, eh? I don't think this is the last resignation we'll see in the cyber security area.
Hathaway seemed like she was really the best pick for the job, especially considering the 60 day cyberspace policy review thing she did. Not that I read through the entire thing, but she made some pretty interesting suggestions. For instance, she talked about how cyber security is not something that can just be centrally managed on a national level and then applied across different agencies. Each agency has to be forced to create a good information security culture for themselves (this is already happening, to an extent).
The National Cyber Security Division within Homeland Security has been trying to do this. They have neither the resources, nor the authority to do this, however.. even though it's part of what their mission is. As a result, they've had some extreme issue when it comes to leadership, with almost no one lasting more than a year or so there without resigning.
I wouldn't be surprised if I saw Mr. Schmidt resigning at some point, but hopefully having an experienced advisor with the Presidents ear will move cyber security up enough in the list of priorities so that people aren't scared just to take the job in first place.
I'm studying cool l33t computer security stuff at college at the moment, and what you seem to be suggesting implies that some day computer security will mature, and there won't be as big of a reason to employee peoples like me.. Um, I don't like the way that sounds. You should stop talking..
This is really more of a question about leadership than about management. The two cross over a lot, but leadership pretty much == how you influence others, while management == how you utilize your resources.
I don't see any reason for a supervisor/manager not to want to stay up late when their developers are getting asked to do the same thing. A developer is not going to be as motivated to push themselves and do good work if they see that a higher up is acting like a douche. There ARE times when it is appropriate to micro manage. Proper team building and leadership, however, should lead one away from having to do this. The main thing the manager should be doing when people start having to stay up late is make sure the team is moving overall in the right direction (macro management), and provide support to keep everyone motivated.
I'm assuming the reason the drug czar has not been able to stop drugs is simply because we haven't been paying said czars enough to be able to retain talent, right? So, if we don't pay the cybersecurity czar enough money, he'll be bound to do an incredible job! I love this logic! I wonder what other problems in society we can solve this way?
I've been using the alpha version of chrome and it's been working really well for me. Just installed google chrome beta and it's working very well.
My system crashed a little bit after my first install, but I did a couple restarts, reinstalled, and things seem to be working quite peachy. It also installs flash by itself (can't remember if windows version did this... can't really remember the last time I used windowz). It's a lot nicer having it install flash by itself(or does it just come with flash packaged in?) rather than having to do a bunch of crazy stuff that n00bs like me aren't good at doing.
Oh, and I didn't click the 'send usage statistics to google' thing when I installed, so I'm not really worried. Even if I did click that, it wouldn't really matter to me. Ya'll privacy peeps need to calm down and drink some google kool aid. Stuff tastes great.
More likely that the FBI is knocking on google's door. It's their job to look into what goes on inside America, and the NSA already got their hands slapped.. so they probably passed on most of the snooping to other agencies.
Slashdot Mirror
Sorry, sometime I get the way space and time relate to each other mixed up! Thanks for the correction, though ;)
Designing your own operating system isn't exactly a small feat.. Linux already has very good penetration into the server market, and offers the security that most organizations should have. Linux is what Windows should be. There's a LOT you can do with that kernel.
Obviously complexity makes security difficult, but there's nothing wrong with making something complex if you're actually capable of managing it. Is setting up a rock solid firewall difficult for the average person in IT? Should we just get rid of anything in security that is relatively complex? I'd much rather have more options (not necessarily obfuscation) than be pigeon holed into something just because it's simple. Security is not simple, and it never will be.
oh.. you know.. there's been a few exploits, but flash isn't all that vulnerable. I wouldn't worry too much about patching flash or any other adobe products if I was you. They do a pretty good job with security.
Seriously.. there's always going to be dumb users. There are dumb car drivers, there are stupid firearm users.
I all for flash dieing a painful death, but Apple needs to stop being a jerk corporation and let people choose how to run the stuff they buy.
Google probably knows more than NSA when it comes to things like search, but when it comes to breaking into a computer that doesn't belong to you, you're not going to find anyone much more knowledgeable than the NSA.
If a company has to move a bit faster because they haven't had the brains to move away from IE6, then that's their problem, not Google's.
Leadership is the single most important thing when an organization is attempting to complete a task. It doesn't matter how much money, regulation, or attention you give something; if the people in charge don't know what they're doing and aren't building a good team, things are going to head down hill.
Having similar interests is kind of like sex; it isn't what makes a relationship(um.. right?). It only really facilitates it, IMO. Just because I meet someone who likes nerdy computer crap, plays the same games as me, and likes the same TV shows and music as I do doesn't mean I'm going to like them. That might be someone I could be friends with, but even that's still a might.
Having core personality characteristics that match up is what matters. If the person is a complete asshat, I'm not going to want to have anything to do with them, even if they do have big boobs and play Call of Duty.
okay, where's the tag?
Yeah, whatevs dude. I can still fit more copies of star wars in HD in my tubes than you can.
'nuff said
What about my pneumatic tube filled with (carefully stacked) 32gb microsd cards? I didn't bother counting how many I put in, but I betcha' I got better bandwidth than you!
We have much more of an ability to make change through the democratic process than we do by trying to scream at/boycott a corporation until we get what we want.
Not that most people know enough about what is going on in the world to change their vote based on something technology related like this, but that'll probably change as more old people die. We have a much better chance of getting people to go out and vote than we do with getting enough people to boycott a corporation.
I agree. I've played a few MMO's before, and in every single one of those, you'd never hear the end of the shit storm something like this would spawn.
Well, it'd be a lot more fun giving my doggy it's own ip address than just putting it behind a NAT..
While it may not happen quite as quickly as people trying to get you to read their article or sell you new hardware want you to think, I don't see how we'll be able to put this off forever. Eventually, everything will get swallowed up by the internet. Your phone, your tv, your radio, you dog, and you house will ALL have their own IP addresses eventually.
Think of the adorable puppies!! How will the people of the future have adorable puppies if we don't migrate to IPv6?!!!?
b-b-b-but with encryption, how will we keep the internet secure?? If I can't monitor every single packet moving through a node, how will I know if someone's attacking/?!!?!?
I didn't STEAL them. I just um, found them, y'know? There's like, so many free laptops sitting around airports these days, you don't even know dude.
Executives just don't seem to understand the least remote concepts of encryption...
Lets say I give hacker bob 12 laptops with 5 million credit card numbers on each of them. They're fully encrypted, don't run as root, and he doesn't have any passwords/keys. Laptops limit non-root users from removing any data, but there's still an ethernet port and a usb drive. What should I expect to happen here?
Verizon publishes a really interesting (downloads pdf) study on breaches every so often. While things are probably much different when it comes to actual banks, it mentions that 80% or so of the 'data' lost in breaches is actually coming from outsiders now a days.
Insiders still have the largest breaches, but the sheer number of outside breaches are dominating the current trends.
Wow, I didn't realize Hathaway had resigned.. but I guess that's why she didn't get the job, eh? I don't think this is the last resignation we'll see in the cyber security area.
Hathaway seemed like she was really the best pick for the job, especially considering the 60 day cyberspace policy review thing she did. Not that I read through the entire thing, but she made some pretty interesting suggestions. For instance, she talked about how cyber security is not something that can just be centrally managed on a national level and then applied across different agencies. Each agency has to be forced to create a good information security culture for themselves (this is already happening, to an extent).
The National Cyber Security Division within Homeland Security has been trying to do this. They have neither the resources, nor the authority to do this, however.. even though it's part of what their mission is. As a result, they've had some extreme issue when it comes to leadership, with almost no one lasting more than a year or so there without resigning.
I wouldn't be surprised if I saw Mr. Schmidt resigning at some point, but hopefully having an experienced advisor with the Presidents ear will move cyber security up enough in the list of priorities so that people aren't scared just to take the job in first place.
Hey, I don't really like this...
I'm studying cool l33t computer security stuff at college at the moment, and what you seem to be suggesting implies that some day computer security will mature, and there won't be as big of a reason to employee peoples like me.. Um, I don't like the way that sounds. You should stop talking..
mod parent down, plz
k thx
This is really more of a question about leadership than about management. The two cross over a lot, but leadership pretty much == how you influence others, while management == how you utilize your resources.
I don't see any reason for a supervisor/manager not to want to stay up late when their developers are getting asked to do the same thing. A developer is not going to be as motivated to push themselves and do good work if they see that a higher up is acting like a douche. There ARE times when it is appropriate to micro manage. Proper team building and leadership, however, should lead one away from having to do this. The main thing the manager should be doing when people start having to stay up late is make sure the team is moving overall in the right direction (macro management), and provide support to keep everyone motivated.
I'm assuming the reason the drug czar has not been able to stop drugs is simply because we haven't been paying said czars enough to be able to retain talent, right? So, if we don't pay the cybersecurity czar enough money, he'll be bound to do an incredible job! I love this logic! I wonder what other problems in society we can solve this way?
I've been using the alpha version of chrome and it's been working really well for me. Just installed google chrome beta and it's working very well.
My system crashed a little bit after my first install, but I did a couple restarts, reinstalled, and things seem to be working quite peachy. It also installs flash by itself (can't remember if windows version did this... can't really remember the last time I used windowz). It's a lot nicer having it install flash by itself(or does it just come with flash packaged in?) rather than having to do a bunch of crazy stuff that n00bs like me aren't good at doing.
Oh, and I didn't click the 'send usage statistics to google' thing when I installed, so I'm not really worried. Even if I did click that, it wouldn't really matter to me. Ya'll privacy peeps need to calm down and drink some google kool aid. Stuff tastes great.
More likely that the FBI is knocking on google's door. It's their job to look into what goes on inside America, and the NSA already got their hands slapped.. so they probably passed on most of the snooping to other agencies.