I used to amuse myself by figuring out the finer points of a software configuration (or lack thereof, or whether there's a bug) by autodidactic reasoning. But these days, I just don't have the time to spend, aka waste, by screwing around. So I really appreciate well-organized docs, especially with good examples that get right to the point.
Getting a project into operation may take a bunch of standard activities, as well as - lets say, 100 non-obvious actions. If well-organized docs provide a 2-minute solution per topic, the project could be online and ready for testing with a full day of work. Versus screwing around for a week of trails-and-errors, with the partially helpful Google Librarian at your service - how fun it is to find your same question posted several times over the years but still no useful answer.
And even more so for software intended for an audience besides software specialists. I bet you also read Ikea furniture assembly instructions so you get the order right in the first place, without having to redo it several times - which probably fails anyway, because their wooden screw-holes can only take a few insertions before the cheap threading is wrecked.
Too many assumptions here. Presumably the honeypot is full of false data delivering nonsense alerts to nowhere, and the owner is aware when it's compromised. That's what it's for. Of course, if you assume that hackers take over your entire data center at all 7 OSI layers, it really doesn't matter what defenses you have in place.
Good point about health as priority and concern about chemical emissions into our environment. This is not to say that CO2 emissions should be ignored, but definitely they are not the only issue and perhaps not even the most imminent threat.
Recently I've read articles on the purported health benefits of chocolate, especially dark chocolate -- ie, without the usual additives of sugar and milk. But not including weight loss, you're supposed to do that in the usual ways. Yet this article slams "choc is good" claims with a wide brush, as do most of the Slashdot comments above. So I'm unsure about the whole thing, and wish people could stick to the topic and clarify their contexts upfront.
...
Hey, UN-F*CK BETA! I'd glady pay for a moderated discussion, without never-ending comments from the peanut gallery. Sorry peanuts, I just don't have time,.
Suppose a smaller company does care, and wants to implement measures? These tools sound good, but like an auto parts store when you want a whole car, the integration is non-trivial. I guess the current solution is to hire a specialist, if you can find one appropriate. Maybe the industry has to evolve a bit more.
I investigated having this surgery a few years ago, in my late forties, with a thorough check at the Kellogg eye center at the University of Michigan. Their conclusion was that my eyes are too dry to be good candidates for this operation. It would cause irritation and even more dryness, and the side effects of halos would be worse with my eyes. Sadder and wiser, I skipped the procedure. I used to wear contact lenses but gave that up after a while for the same reasons. My latest glasses are very lightweight and not much of a bother to wear.
Not so near. See recent articles about Google Glass, and of course there are good old fashioned hidden cameras watching the typists. I suppose it more effort is required though.
Impressive how these dogs can detect "storage with child porn", as opposed to storage with business data. It would be interesting to try some stenography tests, to see if the dogs can sniff through that as well. Maybe the stored data has some karmatic "bits of intent" floating around that the dogs can detect, just like they can implicitly growl at burglars but not ordinary visitors.
Lot's of suggestions here for singleton work, but maybe you should get into something new by learning in a team. This could be "extreme programming" if you're already working in a paid corporate job, or by taking a real course someplace where you can interact with similar mindsets. (The course itself may be less useful than the peer interaction, so still worth the cost.) And sometimes software conferences have workshops or "interaction sessions". Community colleges are another possibility for special topics.
Yes, that's sounds like the real vulnerability. Whether sudo or fancy role-based access controls or ACLs, these still have to be managed into a useful scenario.
Not buying these exaggerations. Most security vulnerabilities are in the applications themselves, eg buffer overflows, or on the client side. Let's see some evidence where weakness in concern-separation from VMware instances or sudo glitches is a major contributor to malware mishaps these days. I suppose the main vulnerability is a bit less control against insider malfeasance, and those are mostly due to configuration errors or corrupt admins.
There are architectural reasons to separate, and economic & practical reasons to consolidate - or not. I'd say you're off the curve of reasonable expectations if you're asking for mainframe-style "trusted" isolation on a setup of only a few (or just one) PC-grade servers in which you have all applications and services running together along with a variety of login access from different categories of users who may be potential attackers. Not that there's anything wrong with the BSD's etc, but in the scenarios you imply, you might be placing your support resources in areas of lower risk priority. Or maybe you yourself are the single supporter?
I say "PC-grade" because your scenario sounds economically uninteresting -- important enough to protect as you want (with excessive apps & users), but not important enough that there's budget to do hardware separation. Just because you're broke doesn't mean that Unix is broken. I agree that BSD Capsicums (etc) may be a good fit for these outlier use-cases, or special situations, but mostly if your establishment is willing to make a heavy technology investment in going that route.
I'm interested to hear about breaking out of one VMware instance and into another, in easy and readily exploitable ways. Not to say it can't happen in some edge cases - but suggesting that it's often trivial is a bit much.
I used to hear this a lot from VMS guys besmirching Unix, though such guys are harder to find these days.
There's more to life than an abstract security model. Virtual machines are cheap these days, don't let untrusted users (or processes) onto your important server in the first place. If you insist on OS timesharing and full security, well, you're fooling yourself IMHO. Of course VMS could do it, but try to find one now. Not cost effective for the real purpose of getting stuff done, ie, running applications.
Offshore is people too. They also work hard to take care and make use of it, what's so bad about that? Or is it that only American people are entitled to such benefits?
Maybe the IRS should make it less onerous to re-pat the cash if they want it badly enough, instead of the hunting mentality as is perceived. Eg, anonymous fixed rate conversions independent of any other factors such as owner's income.
where the gravitational pull is so strong that nothing can escape.
I always wondered about this. Isn't it just a basic calculation showing the point where escape velocity exceeds the speed of light? Meaning that ballistically nothing can escape on it's own, but if you had a "space elevator" (with super-strong cables not defined here) you could raise and lower things into a black hole (or planet Earth) at whatever speed you wanted. So why not lower in a camera and take a look? And if the super-strong cable also does Ethernet, you wouldn't even have to raise it back, unless gravitational escape velocity also applies to electricity.
Physics being what it is, the rebuttal could something like proof that such a super-strong cable couldn't exist, even if the thought-experiment is valid. To keep it from getting infinitely crushed, maybe you have to build it out of some sort of antidote physical-contradiction like magnetic monopoles
People who commit crimes should be kept under an appropriate amount of supervision until they've been rehabilitated to the point where they're not likely to commit future crimes.
But you assume crime and illegality are the same thing. What about drug-usage offenses? There's probably no finite in-jail punishment time to prevent future toking upon release.
Slashdot Mirror
That's crap.
I used to amuse myself by figuring out the finer points of a software configuration (or lack thereof, or whether there's a bug) by autodidactic reasoning. But these days, I just don't have the time to spend, aka waste, by screwing around. So I really appreciate well-organized docs, especially with good examples that get right to the point.
Getting a project into operation may take a bunch of standard activities, as well as - lets say, 100 non-obvious actions. If well-organized docs provide a 2-minute solution per topic, the project could be online and ready for testing with a full day of work. Versus screwing around for a week of trails-and-errors, with the partially helpful Google Librarian at your service - how fun it is to find your same question posted several times over the years but still no useful answer.
And even more so for software intended for an audience besides software specialists. I bet you also read Ikea furniture assembly instructions so you get the order right in the first place, without having to redo it several times - which probably fails anyway, because their wooden screw-holes can only take a few insertions before the cheap threading is wrecked.
Am past my prime, and maybe getting Old Timers disease...
So can someone remind me, what's the difference between Gene Amdahl and Seymour Cray?
Did they ever meet and have cocktails?
Too many assumptions here. Presumably the honeypot is full of false data delivering nonsense alerts to nowhere, and the owner is aware when it's compromised. That's what it's for. Of course, if you assume that hackers take over your entire data center at all 7 OSI layers, it really doesn't matter what defenses you have in place.
Just like Darwinian Evolution. "Some How It (just) Happened."
Good point about health as priority and concern about chemical emissions into our environment. This is not to say that CO2 emissions should be ignored, but definitely they are not the only issue and perhaps not even the most imminent threat.
Hey, UN-F*CK BETA! I'd glady pay for a moderated discussion, without never-ending comments from the peanut gallery. Sorry peanuts, I just don't have time,.
Or SETI@home. Now we can find out how much it costs to find each Little Green Man.
Suppose a smaller company does care, and wants to implement measures? These tools sound good, but like an auto parts store when you want a whole car, the integration is non-trivial. I guess the current solution is to hire a specialist, if you can find one appropriate. Maybe the industry has to evolve a bit more.
Too bad Radio Shack is filing for bankruptcy. This could have been their killer app.
Cite some examples?
I investigated having this surgery a few years ago, in my late forties, with a thorough check at the Kellogg eye center at the University of Michigan. Their conclusion was that my eyes are too dry to be good candidates for this operation. It would cause irritation and even more dryness, and the side effects of halos would be worse with my eyes. Sadder and wiser, I skipped the procedure. I used to wear contact lenses but gave that up after a while for the same reasons. My latest glasses are very lightweight and not much of a bother to wear.
What's the problem with letting someone else pay the bill?
Not so near. See recent articles about Google Glass, and of course there are good old fashioned hidden cameras watching the typists. I suppose it more effort is required though.
Impressive how these dogs can detect "storage with child porn", as opposed to storage with business data. It would be interesting to try some stenography tests, to see if the dogs can sniff through that as well. Maybe the stored data has some karmatic "bits of intent" floating around that the dogs can detect, just like they can implicitly growl at burglars but not ordinary visitors.
Nice idea - a license agreement which bans military applications. More products should do this.
Lot's of suggestions here for singleton work, but maybe you should get into something new by learning in a team. This could be "extreme programming" if you're already working in a paid corporate job, or by taking a real course someplace where you can interact with similar mindsets. (The course itself may be less useful than the peer interaction, so still worth the cost.) And sometimes software conferences have workshops or "interaction sessions". Community colleges are another possibility for special topics.
And this relates to dark matter how?
Yes, that's sounds like the real vulnerability. Whether sudo or fancy role-based access controls or ACLs, these still have to be managed into a useful scenario.
Not buying these exaggerations. Most security vulnerabilities are in the applications themselves, eg buffer overflows, or on the client side. Let's see some evidence where weakness in concern-separation from VMware instances or sudo glitches is a major contributor to malware mishaps these days. I suppose the main vulnerability is a bit less control against insider malfeasance, and those are mostly due to configuration errors or corrupt admins.
There are architectural reasons to separate, and economic & practical reasons to consolidate - or not. I'd say you're off the curve of reasonable expectations if you're asking for mainframe-style "trusted" isolation on a setup of only a few (or just one) PC-grade servers in which you have all applications and services running together along with a variety of login access from different categories of users who may be potential attackers. Not that there's anything wrong with the BSD's etc, but in the scenarios you imply, you might be placing your support resources in areas of lower risk priority. Or maybe you yourself are the single supporter?
I say "PC-grade" because your scenario sounds economically uninteresting -- important enough to protect as you want (with excessive apps & users), but not important enough that there's budget to do hardware separation. Just because you're broke doesn't mean that Unix is broken. I agree that BSD Capsicums (etc) may be a good fit for these outlier use-cases, or special situations, but mostly if your establishment is willing to make a heavy technology investment in going that route.
I'm interested to hear about breaking out of one VMware instance and into another, in easy and readily exploitable ways. Not to say it can't happen in some edge cases - but suggesting that it's often trivial is a bit much.
I used to hear this a lot from VMS guys besmirching Unix, though such guys are harder to find these days.
There's more to life than an abstract security model. Virtual machines are cheap these days, don't let untrusted users (or processes) onto your important server in the first place. If you insist on OS timesharing and full security, well, you're fooling yourself IMHO. Of course VMS could do it, but try to find one now. Not cost effective for the real purpose of getting stuff done, ie, running applications.
Offshore is people too. They also work hard to take care and make use of it, what's so bad about that? Or is it that only American people are entitled to such benefits?
Maybe the IRS should make it less onerous to re-pat the cash if they want it badly enough, instead of the hunting mentality as is perceived. Eg, anonymous fixed rate conversions independent of any other factors such as owner's income.
where the gravitational pull is so strong that nothing can escape.
I always wondered about this. Isn't it just a basic calculation showing the point where escape velocity exceeds the speed of light? Meaning that ballistically nothing can escape on it's own, but if you had a "space elevator" (with super-strong cables not defined here) you could raise and lower things into a black hole (or planet Earth) at whatever speed you wanted. So why not lower in a camera and take a look? And if the super-strong cable also does Ethernet, you wouldn't even have to raise it back, unless gravitational escape velocity also applies to electricity.
Physics being what it is, the rebuttal could something like proof that such a super-strong cable couldn't exist, even if the thought-experiment is valid. To keep it from getting infinitely crushed, maybe you have to build it out of some sort of antidote physical-contradiction like magnetic monopoles
movie plot threats are not worth worrying about.
As opposed to, "movie theater threats" like Batmans and ex-cops. Who needs terrorists when USA is already well-supplied with local wackos?
People who commit crimes should be kept under an appropriate amount of supervision until they've been rehabilitated to the point where they're not likely to commit future crimes.
But you assume crime and illegality are the same thing. What about drug-usage offenses? There's probably no finite in-jail punishment time to prevent future toking upon release.