ssh flips out and warns me of a possible MITMA due to the MAC address of the destination having changed.
No, it doesn't. You can change hardware (and even platforms) all day to your heart's content. What you CAN'T do is change the public key. If you, for example, uninstall ssh, and the uninstall removes the keys, and then you re-install ssh and regenerate the keys, you will get this message.
Although this prevents MITMA, it does not necessarily prevent phishing by default because the phisher could somehow trick me into ssh'ing to the wrong address, by hacking a DNS for example.
No, that wouldn't work. ssh stores a fingerprint for the server's public key. The fingerprint is associated with both the host's DNS name and its IP. If you were to poison DNS and cause me to connect to a different hostile machine with the "same" forged hostname, the public key of that hostile machine would differ. ssh would completely wig out and say that a man in the middle attack may be occurring.
There's plenty of ways around 2-factor authentication within ssh, but this isn't it.
I would think that a sizeable nuclear detonation (at the right time and place) would cause a pressure wave powerful enough to disrupt the dynamo that is the low pressure center of a hurricane, and dissipate it.
I care because it appeared to me that Google was saying that it did one thing, and was actually doing something else. I don't care if they modify their search results, as long as they don't claim otherwise. I still trust Google, and when I see something that jeopardizes that trust, I'd like to clarify it. I'm glad I did. Isn't that the point of slashdot -- discussion?
What's being modified is the index contents, from which the results are automatically generated.
You may be correct, but that's not how it is characterized in the article:
Moreover, bmw.com.de's PageRank, the algorithms that assign every page on the web a sort of popularity ranking, has been reset to zero.
The PageRank has been reset to zero.
That being said, I went over to Matt Cutts' site. I can't tell for sure either way from what he says there. But he links to http://blog.outer-court.com/archive/2006-02-04-n60 .html, which seems to be the basis for the PageRank reset claim in the article.
Either way, I still find it to be somewhat dubious given the general nature of Google's statement.
How do they reconcile this with their FAQ which states:
"The order and contents of Google search results are completely automated. No one hand picks a particular result for a given search query, nor does Google ever insert jokes or send messages by changing the order of results."
I work for NASA, and the IT on our office systems (NOT the production/mission critical stuff, thank God) is the worst thing I've ever seen.
To be fair, this varies substantially from organization to organization within NASA. NASA is a unique combination of university environment, government agency, and industry research, spread out among 15 or so major geographic locations, with substantially differing missions, some of which are life-critical. It's no wonder things are in the state of affairs that they are. And even so, it's not so bad. The agency and center attempts at mandating Bad Ideas have been pretty much swatted down successfully in recent years (with notable exceptions, but I shan't air my dirty laundry here.) The real problem in NASA is, IMO, the lack of a good common framework that every organization can build on for its own IT needs.
You do know that Senate and House reelection rates for incumbents are 90%+ With house pushing 97-99 most years.
Then it sure sounds like the People have spoken, and are getting what they asked for.
Money doesn't win elections, VOTES do. Spending lots of money doesn't ensure an election. Just ask Ross Perot.
There has to be a choice when considering a democratic government: Do we trust the people's ability to choose? If so, then we're doing quite fine as a country, because people still have full freedom of choice for whom they cast their vote.
I, for one, have little interest in the campaign contribution limits and similar measures. Bribes are already illegal. Enforce the laws on the books. The more regulated things become, the more underground the contributions go, and the less informed the voting public can be.
Which brings up the other point -- I support disclosure laws. For some people it is useful to know who is contributing to their elected officials. *I* can make up my mind, though, if I believe that I am being fairly represented by my public official. Who cares if he's accepting campaign contributions from the KKK if his votes aren't influenced by it? If his votes ARE influenced by it, I'll notice, and vote him out.
You're probably in Howard or Baltimore counties - Howard has a permanent collection facility at the Alpha Ridge landfill. (Where I live out among the cows and chickens in Carroll County, they don't know what no 'lectronics is).
Maryland has a state-wide initiative with the dorky name eCycling
I'm a Computer Science major but my concentration is Information Assurance and Security. (blah blah blah) If I have physical access to a computer it is mine, and short of physically stopping me there is nothing you can do to prevent me from having complete access to that computer.
Matter of fact, i'm watching right now... back to Washington Journal.:)
I used to love Washington Journal. Now watching it just makes me cry. Mostly because the unfiltered stupidity of the American People seeps through the phone on that show more than most others, as the moderators allow callers to talk unimpeded for long periods of time.
Brian Lamb is a true visionary -- one of the few people in DC that I respect. Personally I believe he's one of the most powerful people in Washington but relatively few people know his name.
You often hear about people that have had their ATM cards wiped by the magnets used to disable the security tags in stores.
When I was at N+I in Vegas in March(?), MCI was handing out your "conference standard" blinky lapel button thingies that were secured onto you by a powerful magnet. I stuck it in my pocket. When I got back to the hotel, I couldn't figure out why my door wouldn't open...:)
Kirk: "You told me you could have the ship operational in two weeks, I gave you three! What happened?" Scotty: "I think you gave me too much time, Captain."
I still have my DESCHALL t-shirt. As I recall, we spent more time arguing about what the t-shirt should look like AFTER the key was recovered than we spent recovering the key.:) Here were my thoughts on the subject back then.
Slashdot Mirror
No, it doesn't. You can change hardware (and even platforms) all day to your heart's content. What you CAN'T do is change the public key. If you, for example, uninstall ssh, and the uninstall removes the keys, and then you re-install ssh and regenerate the keys, you will get this message.
No, that wouldn't work. ssh stores a fingerprint for the server's public key. The fingerprint is associated with both the host's DNS name and its IP. If you were to poison DNS and cause me to connect to a different hostile machine with the "same" forged hostname, the public key of that hostile machine would differ. ssh would completely wig out and say that a man in the middle attack may be occurring.
There's plenty of ways around 2-factor authentication within ssh, but this isn't it.
No. $16.3 Billion. http://www.whitehouse.gov/omb/budget/fy2007/nasa.
No. See: http://www.aoml.noaa.gov/hrd/tcfaq/C5c.html
Why do you care?
I care because it appeared to me that Google was saying that it did one thing, and was actually doing something else. I don't care if they modify their search results, as long as they don't claim otherwise. I still trust Google, and when I see something that jeopardizes that trust, I'd like to clarify it. I'm glad I did. Isn't that the point of slashdot -- discussion?
Ah, I see now, having read the guidelines. It should be made clearer in the FAQ, IMO, though.
What's being modified is the index contents, from which the results are automatically generated.
0 .html, which seems to be the basis for the PageRank reset claim in the article.
You may be correct, but that's not how it is characterized in the article:
Moreover, bmw.com.de's PageRank, the algorithms that assign every page on the web a sort of popularity ranking, has been reset to zero.
The PageRank has been reset to zero.
That being said, I went over to Matt Cutts' site. I can't tell for sure either way from what he says there. But he links to http://blog.outer-court.com/archive/2006-02-04-n6
Either way, I still find it to be somewhat dubious given the general nature of Google's statement.
How do they reconcile this with their FAQ which states:
"The order and contents of Google search results are completely automated. No one hand picks a particular result for a given search query, nor does Google ever insert jokes or send messages by changing the order of results."
I work for NASA, and the IT on our office systems (NOT the production/mission critical stuff, thank God) is the worst thing I've ever seen.
To be fair, this varies substantially from organization to organization within NASA. NASA is a unique combination of university environment, government agency, and industry research, spread out among 15 or so major geographic locations, with substantially differing missions, some of which are life-critical. It's no wonder things are in the state of affairs that they are. And even so, it's not so bad. The agency and center attempts at mandating Bad Ideas have been pretty much swatted down successfully in recent years (with notable exceptions, but I shan't air my dirty laundry here.) The real problem in NASA is, IMO, the lack of a good common framework that every organization can build on for its own IT needs.
You do know that Senate and House reelection rates for incumbents are 90%+ With house pushing 97-99 most years.
Then it sure sounds like the People have spoken, and are getting what they asked for.
Money doesn't win elections, VOTES do. Spending lots of money doesn't ensure an election. Just ask Ross Perot.
There has to be a choice when considering a democratic government: Do we trust the people's ability to choose? If so, then we're doing quite fine as a country, because people still have full freedom of choice for whom they cast their vote.
I, for one, have little interest in the campaign contribution limits and similar measures. Bribes are already illegal. Enforce the laws on the books. The more regulated things become, the more underground the contributions go, and the less informed the voting public can be.
Which brings up the other point -- I support disclosure laws. For some people it is useful to know who is contributing to their elected officials. *I* can make up my mind, though, if I believe that I am being fairly represented by my public official. Who cares if he's accepting campaign contributions from the KKK if his votes aren't influenced by it? If his votes ARE influenced by it, I'll notice, and vote him out.
And you're still not old enough to legally drink, Clinton. :)
Good idea, Zonk, now you can claim that your XBox 360 is a work-related purchase and deduct it on your taxes! :)
You're probably in Howard or Baltimore counties - Howard has a permanent collection facility at the Alpha Ridge landfill. (Where I live out among the cows and chickens in Carroll County, they don't know what no 'lectronics is).
Maryland has a state-wide initiative with the dorky name eCycling
!seineew era sreenigne epacsteN
Since we're talking about the OpenBSD world, you could fail over to your backup firewall during the reboot. pfsync(4) and carp(4) are your friends!
ClearChannel and Infinity are bitching that they're becoming irrelevant.
Are you aware that ClearChannel has a stake in XM?
There are many loathsome scum that are Christians.
I'm not so sure of that.
I'm a Computer Science major but my concentration is Information Assurance and Security.
(blah blah blah)
If I have physical access to a computer it is mine, and short of physically stopping me there is nothing you can do to prevent me from having complete access to that computer.
I dub thee Captain Obvious.
Try it and you'll be amazed at how close you are to passing right now.
:)
Hmmm, I tried it:
You scored 17 correct answers and 18 incorrect answers from a total of 35.
When do I get amazed?
But apparently I was some sort of female plumber superhero in college because I knew how to fix it.
You're a female, AND you understand plumbing?
Will you marry me?
Matter of fact, i'm watching right now... back to Washington Journal. :)
I used to love Washington Journal. Now watching it just makes me cry. Mostly because the unfiltered stupidity of the American People seeps through the phone on that show more than most others, as the moderators allow callers to talk unimpeded for long periods of time.
Brian Lamb is a true visionary -- one of the few people in DC that I respect. Personally I believe he's one of the most powerful people in Washington but relatively few people know his name.
Whatever happened to the Compute Antivirus Research Organization (CARO)? I thought they were the de facto standard for naming of viruses.
You often hear about people that have had their ATM cards wiped by the magnets used to disable the security tags in stores.
:)
When I was at N+I in Vegas in March(?), MCI was handing out your "conference standard" blinky lapel button thingies that were secured onto you by a powerful magnet. I stuck it in my pocket. When I got back to the hotel, I couldn't figure out why my door wouldn't open...
Kirk: "You told me you could have the ship operational in two weeks, I gave you three! What happened?"
Scotty: "I think you gave me too much time, Captain."
I still have my DESCHALL t-shirt. As I recall, we spent more time arguing about what the t-shirt should look like AFTER the key was recovered than we spent recovering the key. :) Here were my thoughts on the subject back then.
Ummm, for all practical purposes, yes it does.
*eyeroll*
ClamAV is free, and at all good apt repositories - go install
Pointless unless you're scanning mail or are a Windows fileserver.