Interestingly enough, I know which company you work for and I used to work for them at what used to be the residential headquarters. In truth, you're going to find that, at least from my past experience, they've already made up their minds and anything you bring to the table isn't going to have any attention paid to it until long after something catastrophic fails and leaves you without a backup.
What I had wanted to do, and what local staff had always wanted to do, was bring everything back in house on the local data centers so that production never stopped when the outside links went down; we were ignored.
I do wish you the best of luck in this endeavor though, i mainly only commented because I know what you're going through first hand.
Ever stop and wonder if your mobile phone might interfere with a car's electronics causing the breaks to lock at an inopportune moment? Can you guarantee with absolute certainty that this can't happen?
Yes, yes i can.
All of my vehicles were built before the government mandated nanny system explosion, so my brakes are tied directly to driver input, not some resistor and relay switch.
my 'real' enterprise uses LEAP based authentication with a hidden SSID, the leap login is based on your AD username and password, and it ties directly into the local network without VPN.
so, clearly, while this is an exceptionally shitty method of doing things, 'real' enterprises do stupid shit, though in one instance we have here at least, there isn't a better way, or, not much of a better way.
I'd go WPA, but it's not my call, and not my network, i just fix it when it breaks.
You think all the switch ports are on? You think they will talk to just any mac address? You think the IDS will not notice your ARP poisoning?
Sure wired networks are a risk and there are ways around what I mentioned, but you are clearly talking about the follys of Windows Operators. Please do not call those folks System administrators.
Windows/AD based networks are just as legitimate as any other, the System administrators are just as legitimate as any other, and as soon as you put aside your arrogance, you'll realize that most businesses run windows on their office machines, and AD to manage logins.
That said, my place of employment is an international corporation, so, we qualify as Real Enterprise, and the switches have no down-ports, so the 'walk in, plug in, profit' method would work just fine.
i'm not in charge of the network, so it's not my problem, but i still recognize the potential flaws in the system.
This.
I had a demo once, expired after one hour, but i spend most of that hour looking at settings to get it to work correctly, and never had an actual chance to PLAY the demo.
so i deleted it, re installed it.
It was still expired, hidden reg key that i never did find.
It had been said that some day the servers might go offline and strand everybody who purchased the games legally.
Little did i know it would be less than a month.
...well that would certainly take away it's price advantage from using an SD / usb sick.
Nevertheless, as the posts piled up, the tech does seem a bit more valid if all you want to do is encrypt data before long-term storage. However, in any other circumstance, I'd choose a different solution.
oh absolutely, the 2d scanners we use are about 400 dollars a pop.
I'd argue a USB version is MORE secure as the attacker would have to know what they are looking for. Any key logger would pickup the output of a bar-code reader; and that sort of output would obvious when reviewing your catch.
you're assuming all barcode scanners use a wedge method and output the data as keystrokes instead of raw data on a com port.
protip: usually, and especially in this case, you'd have it as raw data on a com port, thus, not capturable with "any keylogger"
The pixels of the 2D code are 2mm by 2mm (0.08 inch x 0.08 inch) and there is about two-fold redundancy in the encoding. Reconstructing should be possible even when there are destructive creases.
This.
Where i work he have several dozen 2D barcode scanners and even more Zebra Z4 and Z6 type printers.
on a ZM400 we had a bad head, and a good deal of the barcode was completely absent from the word go, however operators were still able to correctly scan the mangled codes with 100% accuracy.
That's all well and good you see, but it was the competition with the US that drove them to do those things, it was called the "space race" for a reason.
this is bullshit logic, tractor pull trucks have engines bigger than anything you could stop with the kind of brakes you could fit behind those wheels.
we're talking production cars here, by law, street legal cars must have brakes strong enough to overpower the engine, that is to say, you must be able to push the brake pedal down, floor the gas pedal, and not move the car.
Slashdot Mirror
well if you really wanted to, you could just park your car in their living room.
it also fires shells that cost more than a car.
They'd actually retracted this policy before this post even went live, likely a ploy for publicity.
Interestingly enough, I know which company you work for and I used to work for them at what used to be the residential headquarters. In truth, you're going to find that, at least from my past experience, they've already made up their minds and anything you bring to the table isn't going to have any attention paid to it until long after something catastrophic fails and leaves you without a backup. What I had wanted to do, and what local staff had always wanted to do, was bring everything back in house on the local data centers so that production never stopped when the outside links went down; we were ignored. I do wish you the best of luck in this endeavor though, i mainly only commented because I know what you're going through first hand.
but what do i know, i only know the guy.
He had inside knowledge. He put it out there that thousands might have discovered this to cover his source of inside knowledge.
Or he reverse engineered the locks for a project and learned this as part of that process.
Ever stop and wonder if your mobile phone might interfere with a car's electronics causing the breaks to lock at an inopportune moment? Can you guarantee with absolute certainty that this can't happen?
Yes, yes i can. All of my vehicles were built before the government mandated nanny system explosion, so my brakes are tied directly to driver input, not some resistor and relay switch.
my 'real' enterprise uses LEAP based authentication with a hidden SSID, the leap login is based on your AD username and password, and it ties directly into the local network without VPN. so, clearly, while this is an exceptionally shitty method of doing things, 'real' enterprises do stupid shit, though in one instance we have here at least, there isn't a better way, or, not much of a better way. I'd go WPA, but it's not my call, and not my network, i just fix it when it breaks.
You think all the switch ports are on? You think they will talk to just any mac address? You think the IDS will not notice your ARP poisoning?
Sure wired networks are a risk and there are ways around what I mentioned, but you are clearly talking about the follys of Windows Operators. Please do not call those folks System administrators.
Windows/AD based networks are just as legitimate as any other, the System administrators are just as legitimate as any other, and as soon as you put aside your arrogance, you'll realize that most businesses run windows on their office machines, and AD to manage logins. That said, my place of employment is an international corporation, so, we qualify as Real Enterprise, and the switches have no down-ports, so the 'walk in, plug in, profit' method would work just fine. i'm not in charge of the network, so it's not my problem, but i still recognize the potential flaws in the system.
my mother was a potato cannon you insensitive clod!
Sorry, my bad A-12.
That wasn't an SR-71, it's a YF-12. Yes, there *is* a difference.
i don't know about you, but my car didn't come with a contract.
This. I had a demo once, expired after one hour, but i spend most of that hour looking at settings to get it to work correctly, and never had an actual chance to PLAY the demo. so i deleted it, re installed it. It was still expired, hidden reg key that i never did find.
Well, since this is an educational institution, wouldn't it be the eMargin?
It had been said that some day the servers might go offline and strand everybody who purchased the games legally. Little did i know it would be less than a month.
...well that would certainly take away it's price advantage from using an SD / usb sick. Nevertheless, as the posts piled up, the tech does seem a bit more valid if all you want to do is encrypt data before long-term storage. However, in any other circumstance, I'd choose a different solution.
oh absolutely, the 2d scanners we use are about 400 dollars a pop.
I'd argue a USB version is MORE secure as the attacker would have to know what they are looking for. Any key logger would pickup the output of a bar-code reader; and that sort of output would obvious when reviewing your catch.
you're assuming all barcode scanners use a wedge method and output the data as keystrokes instead of raw data on a com port. protip: usually, and especially in this case, you'd have it as raw data on a com port, thus, not capturable with "any keylogger"
theft by deception
The pixels of the 2D code are 2mm by 2mm (0.08 inch x 0.08 inch) and there is about two-fold redundancy in the encoding. Reconstructing should be possible even when there are destructive creases.
This. Where i work he have several dozen 2D barcode scanners and even more Zebra Z4 and Z6 type printers. on a ZM400 we had a bad head, and a good deal of the barcode was completely absent from the word go, however operators were still able to correctly scan the mangled codes with 100% accuracy.
That's all well and good you see, but it was the competition with the US that drove them to do those things, it was called the "space race" for a reason.
you might want to check for vaccuum leaks or the like, i've got an 86 ford that does the same thing sometimes and it's got a cable throttle.
i have never seen a car that shuts off the engine if you press both pedals.
this is bullshit logic, tractor pull trucks have engines bigger than anything you could stop with the kind of brakes you could fit behind those wheels. we're talking production cars here, by law, street legal cars must have brakes strong enough to overpower the engine, that is to say, you must be able to push the brake pedal down, floor the gas pedal, and not move the car.
hell, i've got an 86 Bronco II that occasionally tries to surge and ram the guy in front of me at a light, this isn't really a new problem.