I am one of those people who will walk down to the local walgreens and rent a movie from redbox after seeing it show up on Amazon for $5 rental. Why the crap should I rent for almost 3x the price?
If Redbox could somehow make it so that it could be as convenient as Amazon... well that would be a no brainer, but I don't see how that could possibly pull that off and make a profit since it is the content rights holders who set the price.
Man... I would have to imagine that they are in different zip codes, otherwise that is essentially 2 identical addresses as far as mailing systems are concerned.
Yeah, I hated those types of addresses when I delivered for UPS (long before GPS). It always struck me how haphazard city planners could be.
Another fun one is the N/S or E/W street that is segmented into many non-contiguous streets. You would have to guess at where the number breaks were based on the perpendicular roads. If you missed it, you would have to drive back out and all the way around to find where the next segment of the same street picked up again... real PITA.
It doesn't auto play for 3-5 seconds or so after you select the title and if you move the selector at all it won't auto play.
This is a Roku specific implementation though, it has nothing to do with Netflix. I use Netflix on a lot of different platforms and only the Roku does the auto play thing.
Hulu now has a commercial free service for a few bucks more a month.
However, there are still some shows that don't qualify for the ad free service. With those you still get 1 commercial before the show, but it is otherwise not interrupted.
A couple of years ago Netflix was indispensable. Now I am considering cutting it. I have Hulu commercial free plan and Amazon Prime which gives me most of the stuff I want to watch with the ability to pay à la carte for TV shows I really want to see right away.
Netflix is increasingly the go-to for falling asleep viewing like STTNG or old X-Files. I also like Dardevil and Jessica Jones and I REALLY loved "The Killing". But their other shows are not that great.
If they raise their prices again, that will be the signal to bail for sure.
Pfft, you are projecting your own ideals here or something. I am 100% positive that Trump has never said to himself (or anyone else) "Hmm, looks like I have enough money now, no need for any more...."
Money is clearly his reason for living.
Not saying it a good or bad trait, I am just saying that just because he doesn't "need" money (in your estimation), doesn't mean that money isn't a motivating factor for him.
I saw people extracting password-protected zip files to execute malware in the 90s. They've been doing it ever since. Sure, it might help a little, but still.
We actually block password-protected zip files as well.
6. Do not allow anything to execute from local user writable locations (appdata, usb drives, optical drives, etc) 7. Run all workstations as standard users
For kiosks, or shared machines, sure, but otherwise that's a significant imposition on users for very little gain, as a rootkit just bypasses all of that, and there's always a new privilege escalation exploit making the rounds.
We whitelist exes based on meta data in the file's certificate, usually publisher name. If an executable is not signed, it has no chance of running. Turns out that this is mostly a problem for me and not users.
We use Avecto DefendPoint (formerly Privilege Guard) to set executables which are automatically elevated. We use this to allow users to install software from an approved list. This also has the benefit of allowing privilege escalation without user switching.
9. Stay on top of all updates every month (Flash, Java, Windows, etc)
See, now that solves real problems without getting in everyone's way.
Yeah, you'd be surprised (or maybe not). "Updates again?! I just updated!"
Train users
Hahaha, good one!
Yeah, it can seem hopeless but I do see improvement
sign off from management to discipline users who fail the test
Hahaha, man, you should do stand-up.
I'm here all night!
15. Scan logs and reports daily
What, manually? On how many servers? Log scanning is a job for software (which does it continuously, and can page you).
No, not 100% manually. I have scripts set up to do some of the work for me. But ours is a small network of around 20 servers and about 150 users. So this is not as tedious as it sounds.
One type of attack that I witnessed over the winter holidays last year involved a malicious user harvesting e-mail signatures via auto-replies.
Then using publicly available org information to target the accounting dept.
The spear phishing e-mail looked pretty damn legit. The e-mail contained, what appeared to be, a back-and-forth exchange between the owner and the CFO with a request to transfer money.
It actually came way too close to succeeding and was only foiled by the fact that it was such a highly irregular request. I would like to think that our regular phishing audits had something to do with it, but sadly, I think that if wire transfers were something we regularly do, it would have been a successful attack. Scary stuff.
These are the threats that keep me up at night as a sysadmin.
It just takes one user clicking something they shouldn't
To try to combat this I do the following:
1. Use L7 firewall rules to block executables 2. Use IPS on both the firewall and the local computers 3. Use content filtering at the firewall level 4. Use locked down local (PC) firewall rules 5. Use a segmented network model with locked down firewall rules in between them 6. Do not allow anything to execute from local user writable locations (appdata, usb drives, optical drives, etc) 7. Run all workstations as standard users 8. Lock down network shares with least privilege access 9. Stay on top of all updates every month (Flash, Java, Windows, etc) 10. Control by group membership who is allowed to run Java and uninstall it programmatically for anyone not in that group 11. Use OpenDNS 12. Train users how to identify malicious e-mails and set up a process by which users can submit suspicious e-mail for review 13. Run regular phishing audit tests with a sign off from management to discipline users who fail the test 14. Keep regular backups (daily differential, weekly, monthly and bi-yearly full) with offsite rotation and monthly random restore tests 15. Scan logs and reports daily
I am currently pushing to implement SSL proxying so we can benefit from the firewall DPI when users are browsing secured sites.
Even with all of that, I still feel like I am not doing enough. We have already had a few scares where Angler has been detected by IPS while browsing normal web sites.
This is a long standing issue with MS in particular but is not exclusive to them in any way.
Developers find undocumented features or have some inside track to learn about them but, since they are undocumented, they are subject to change without notice.
So, if you are relying on undocumented features for your software to work... you are living precariously.
Slashdot Mirror
Yeah, and since when is military government spending similar in any way to local municipal transit spending?
Look around you, the world already burns
As I sip my latte the only burning I see is in partisan rhetoric.
You do realize that under the previous Clinton the country actually had a budget surplus right?
We started running a deficit again under Bush.
I know... do they really expect the system to last forever? Surely they had a plan replace/upgrade after 20 years or so?
Seems like the sensible thing to do is replace the tracks/cars with new. In the mean time replace trains with buses until the project is complete.
I love how your friend singles out the *language* as the offensive bit...
I am one of those people who will walk down to the local walgreens and rent a movie from redbox after seeing it show up on Amazon for $5 rental. Why the crap should I rent for almost 3x the price?
If Redbox could somehow make it so that it could be as convenient as Amazon... well that would be a no brainer, but I don't see how that could possibly pull that off and make a profit since it is the content rights holders who set the price.
It seems so silly to add someone to a watch list because of a bumper sticker.
It's the people who are quiet and evasive that they should be interested in, not the blowhards who are probably all bark and no bite.
I mean, if you are a terrorist, are you going to advertise your intentions to the world with a bumper sticker?
I break for jihad...
How about you make getting an ID free then?
It certainly seems to be increasingly required for just about everything these days....
Man... I would have to imagine that they are in different zip codes, otherwise that is essentially 2 identical addresses as far as mailing systems are concerned.
Yeah, I hated those types of addresses when I delivered for UPS (long before GPS). It always struck me how haphazard city planners could be.
Another fun one is the N/S or E/W street that is segmented into many non-contiguous streets. You would have to guess at where the number breaks were based on the perpendicular roads. If you missed it, you would have to drive back out and all the way around to find where the next segment of the same street picked up again... real PITA.
I actually kind of like the feature you describe.
It doesn't auto play for 3-5 seconds or so after you select the title and if you move the selector at all it won't auto play.
This is a Roku specific implementation though, it has nothing to do with Netflix. I use Netflix on a lot of different platforms and only the Roku does the auto play thing.
Yeah I get that. But the way Netflix pricing tiers are set up, the number of screens is linked to the streaming quality as well.
So the 4 screen plan also allows 4k content streaming.
IIRC the 2 screen plan is HD content and the 1 screen plan is SD content
Hulu now has a commercial free service for a few bucks more a month.
However, there are still some shows that don't qualify for the ad free service. With those you still get 1 commercial before the show, but it is otherwise not interrupted.
I am starting to agree with you.
A couple of years ago Netflix was indispensable. Now I am considering cutting it. I have Hulu commercial free plan and Amazon Prime which gives me most of the stuff I want to watch with the ability to pay à la carte for TV shows I really want to see right away.
Netflix is increasingly the go-to for falling asleep viewing like STTNG or old X-Files. I also like Dardevil and Jessica Jones and I REALLY loved "The Killing". But their other shows are not that great.
If they raise their prices again, that will be the signal to bail for sure.
Does anyone else have access to your account? Kids perhaps?
I know that when they changed their pricing model we were dropped in to the equivalent tier in the new model.
But, afaik, the 4 screen tier didn't come alone until 4k content was available.
Perhaps you have a 4k TV and wanted to try some 4K content and so upgraded without fully understanding the different tiers?
Also, you say it is "not even worth figuring out how to get the single screen plan" which implies that you are not familiar with the pricing tiers.
All you have to do is go to your account and select the single screen streaming plan... but that only gives you SD quality streaming.
He doesn't need money
Pfft, you are projecting your own ideals here or something. I am 100% positive that Trump has never said to himself (or anyone else) "Hmm, looks like I have enough money now, no need for any more...."
Money is clearly his reason for living.
Not saying it a good or bad trait, I am just saying that just because he doesn't "need" money (in your estimation), doesn't mean that money isn't a motivating factor for him.
I am generally the same way. Although with me, it is metal that makes me rash up.
It is also very irritating to have something strapped to my wrist. I feel like a cat does when your try to put booties on their paws.
Looks like none of your precautions would have stopped this particular M$ macro scripting ransom-ware
Well, except that macros in office docs are disabled by default and would need to be expressly enabled.
Oh, and stop using M$ OS's & Office products
Not really an option. We are an Autodesk shop and so we are pretty much locked in to a monoculture.
1. Use L7 firewall rules to block executables
I saw people extracting password-protected zip files to execute malware in the 90s. They've been doing it ever since. Sure, it might help a little, but still.
We actually block password-protected zip files as well.
6. Do not allow anything to execute from local user writable locations (appdata, usb drives, optical drives, etc)
7. Run all workstations as standard users
For kiosks, or shared machines, sure, but otherwise that's a significant imposition on users for very little gain, as a rootkit just bypasses all of that, and there's always a new privilege escalation exploit making the rounds.
We whitelist exes based on meta data in the file's certificate, usually publisher name. If an executable is not signed, it has no chance of running. Turns out that this is mostly a problem for me and not users.
We use Avecto DefendPoint (formerly Privilege Guard) to set executables which are automatically elevated. We use this to allow users to install software from an approved list. This also has the benefit of allowing privilege escalation without user switching.
9. Stay on top of all updates every month (Flash, Java, Windows, etc)
See, now that solves real problems without getting in everyone's way.
Yeah, you'd be surprised (or maybe not). "Updates again?! I just updated!"
Train users
Hahaha, good one!
Yeah, it can seem hopeless but I do see improvement
sign off from management to discipline users who fail the test
Hahaha, man, you should do stand-up.
I'm here all night!
15. Scan logs and reports daily
What, manually? On how many servers? Log scanning is a job for software (which does it continuously, and can page you).
No, not 100% manually. I have scripts set up to do some of the work for me. But ours is a small network of around 20 servers and about 150 users. So this is not as tedious as it sounds.
One type of attack that I witnessed over the winter holidays last year involved a malicious user harvesting e-mail signatures via auto-replies.
Then using publicly available org information to target the accounting dept.
The spear phishing e-mail looked pretty damn legit. The e-mail contained, what appeared to be, a back-and-forth exchange between the owner and the CFO with a request to transfer money.
It actually came way too close to succeeding and was only foiled by the fact that it was such a highly irregular request. I would like to think that our regular phishing audits had something to do with it, but sadly, I think that if wire transfers were something we regularly do, it would have been a successful attack. Scary stuff.
These are the threats that keep me up at night as a sysadmin.
It just takes one user clicking something they shouldn't
To try to combat this I do the following:
1. Use L7 firewall rules to block executables
2. Use IPS on both the firewall and the local computers
3. Use content filtering at the firewall level
4. Use locked down local (PC) firewall rules
5. Use a segmented network model with locked down firewall rules in between them
6. Do not allow anything to execute from local user writable locations (appdata, usb drives, optical drives, etc)
7. Run all workstations as standard users
8. Lock down network shares with least privilege access
9. Stay on top of all updates every month (Flash, Java, Windows, etc)
10. Control by group membership who is allowed to run Java and uninstall it programmatically for anyone not in that group
11. Use OpenDNS
12. Train users how to identify malicious e-mails and set up a process by which users can submit suspicious e-mail for review
13. Run regular phishing audit tests with a sign off from management to discipline users who fail the test
14. Keep regular backups (daily differential, weekly, monthly and bi-yearly full) with offsite rotation and monthly random restore tests
15. Scan logs and reports daily
I am currently pushing to implement SSL proxying so we can benefit from the firewall DPI when users are browsing secured sites.
Even with all of that, I still feel like I am not doing enough. We have already had a few scares where Angler has been detected by IPS while browsing normal web sites.
MS has already backtracked once and released an out-of-cycle patch for IE on XP.
If this is severe enough, they may do it again.
This is a long standing issue with MS in particular but is not exclusive to them in any way.
Developers find undocumented features or have some inside track to learn about them but, since they are undocumented, they are subject to change without notice.
So, if you are relying on undocumented features for your software to work... you are living precariously.
The little man in the canoe...
To Hit Armor Class 0?