Oh, I'm sorry. That's what I get for skimming/. during a meeting.:) Should have known from the context of the conversation of greater than 100% thrust.
You're right about their desire to set up their own schools, with the government picking up as much of the expense as they get get
Not in my experience. I attended 13 years of a fundamentalist Baptist school, and they were adamant about not taking government funding -- in ANY form. Still are (even though they're hurting financially). That is, in my experience, the norm and not the exception. Stated reason is to minimize the potential for government interference in school curriculum and other operations.
On topic, I had a bit of animosity toward the school for failing to properly teach me evidence-based science. I had animosity toward them for failing to explain that the young-earth seven day creationism I was taught was a matter of faith and not a matter of fact. I've gotten over it, though. They meant well. I believe they're very mistaken (even still as a fundamentalist Christian) in their teaching methods. I've actually even considered having a chat with my HS science teacher (who is still a friend that I see from time to time when I go to my old church) and air out some of my thoughts, but I'm not certain it will do much good.
As we move forward, we stand on the shoulders of these astronauts and the thousands of people who supported them on the ground - as well as those who cheered their triumphs and mourned their tragedies.
This final shuttle flight marks the end of an era, but today, we recommit ourselves to continuing human spaceflight and taking the necessary-and difficult-steps to ensure America's leadership in human spaceflight for years to come.
(snip)
Children who dream of being astronauts today may not fly on the space shuttle . . . but, one day, they may walk on Mars. The future belongs to us. And just like those who came before us, we have an obligation to set an ambitious course and take an inspired nation along for the journey.
Yes, they're just words. But to quote Jim Kirk's son in ST II:
I'm surprised how many of them came true. But the thing that really strikes me? The few predictions that *didn't* come true weren't actual TECHNICAL failures. They're marketing and demand failures. The technology to do most of the "of the future!" videos (flying cars being the obvious exception) actually exists. It's just that people really weren't willing to pay for it.
If they actually cared about providing security to their customers instead of covering their own asses they'd have kept their customers fully informed, but they didn't.
Have you read their statement? They *still haven't* kept us informed. All they've said is that they'll replace the tokens, and that "the information taken from RSA in March has been used as an element of an attempted broader attack on Lockheed Martin".
Nowhere have they said that the seeds are compromised, nowhere have they told us exactly what information was leaked, only that the leaked information played a role in the LM attack.
Why haven't these people been arrested and tried for treason?
Because passing unconstitutional laws isn't illegal. (that's why we have a supreme court) They're just doing what the people have demanded they do. The people, on the other hand, are stupid. *shrug*
Sony hardware is just as good quality-wise as the rest; only their prices are quite a bit above.
These days. Back in the days of the green power button, you could count on Sony to produce a pretty darn good product that was at least as good as any other competitor.
It is running a calendar application not storing sensitive patient information.
I've seen plenty of sensitive things in a calendars. For example, all the freaking time there are teleconference passcodes in meeting invites I get. For (ostensibly) sensitive teleconferences. You can't know what's going to be stored there. What keeps a physician from using it for more than just "on call" calendaring? "12:25 AM: Visit Mr. Smith and give him a referral for AIDS counseling".
1.) You're storing organizational data on a non-organizationally owned IT device. For that reason alone, they should say "no". (What guarantee do they have that you won't take your machine with you when you quit/get fired, and the data with it?) 2.) Your machine is on their network. They are responsible for what happens on that machine. Your machine could potentially be used to escalate placement of an attacker to the rest of their network. 3.) Even if you leave your machine after you quit/get fired, do you really believe that someone left behind will know how to maintain a BSD machine running OpenLDAP? Or that they NEED to maintain the machine?
Be GLAD they aren't asking for the root password. It's their network, it's their neck, and it's fair for them to have access to check up on you every now and then.
(I'd concede some of the above points if your job role was explicitly systems administration, but it doesn't seem to be the case in your description.)
Funny, for someone who just got his facts wrong about how passive mode works. There are still two TCP connections in passive mode. Essentially, it's just flipping the listener on the data connection from the client to the server.
The question is really whether or not GSA can do that (Certify and accredit for the entire US govt)
Ultimately, it boils down to whether or not an Agency authorizing official will sign an authorization to operate (ATO) for their agency to use the system. Google isn't asking Agencies to just use it willy nilly; while GSA has provided an ATO, the ATO is limited in scope, and only covers specific controls (albeit most of them). There are, however, still specific controls that an agency must implement (like HSPD-12 compliant authentication for its users). Thus there is a unique specific implementation for each agency, and each agency issues an ATO for the combined mess. It's the concept of "accountability cannot be outsourced." The value in the GSA ATO is that those controls can largely be assumed operational, as they've already been assessed and are being monitored by GSA. Thus, it makes the agency's assessment, ATO, and continuous monitoring much simpler.
If you aren't familiar, you might find this interesting:
The danger levels of the color-coded terror alert level will never go down to low. We are supposed to be always be afraid. But here is the flaw in the logic: The danger wasn't zero before 9/11. So can we have a "no elevated danger" level when the danger is at that background level and specific alerts otherwise.
Yes. The Homeland Security Advisory System (the pretty rainbow) is in the active process of being replaced with exactly such a system. See: http://www.dhs.gov/files/programs/ntas.shtm
Slashdot Mirror
Oh, I'm sorry. That's what I get for skimming /. during a meeting. :) Should have known from the context of the conversation of greater than 100% thrust.
They generally remove them as soon as the orbiter gets into the OPF,
Silly me, I assumed they were removed from the orbiter on ascent. :)
You're right about their desire to set up their own schools, with the government picking up as much of the expense as they get get
Not in my experience. I attended 13 years of a fundamentalist Baptist school, and they were adamant about not taking government funding -- in ANY form. Still are (even though they're hurting financially). That is, in my experience, the norm and not the exception. Stated reason is to minimize the potential for government interference in school curriculum and other operations.
On topic, I had a bit of animosity toward the school for failing to properly teach me evidence-based science. I had animosity toward them for failing to explain that the young-earth seven day creationism I was taught was a matter of faith and not a matter of fact. I've gotten over it, though. They meant well. I believe they're very mistaken (even still as a fundamentalist Christian) in their teaching methods. I've actually even considered having a chat with my HS science teacher (who is still a friend that I see from time to time when I go to my old church) and air out some of my thoughts, but I'm not certain it will do much good.
A good quote from Bolden sent to NASA employees:
Yes, they're just words. But to quote Jim Kirk's son in ST II:
"But good words. That’s where ideas begin."
All I can say is that I hope he's right.
I keep going back to these: http://www.youtube.com/watch?v=5MnQ8EkwXJ0
I'm surprised how many of them came true. But the thing that really strikes me? The few predictions that *didn't* come true weren't actual TECHNICAL failures. They're marketing and demand failures. The technology to do most of the "of the future!" videos (flying cars being the obvious exception) actually exists. It's just that people really weren't willing to pay for it.
This sort of thing happens fairly often, actually.
There's a video on Youtube of a helmet cam getting knocked off at the door:
http://www.youtube.com/watch?v=mKN-pNQW-Pk
The guy picking it up was priceless funny to me.
It's a big parking lot in a small state. So it looks even bigger.
I carpool in a parking lot next to a county library that just opened up last year. I think I'll stop in and see what their DVD collection looks like.
Why can't hackers just send their leaks to wikileaks?
Well, I-- I'll tell you why... Uh, because... hackers are not good at dealing with customers!
Because the FBI is under the DHS
No, the FBI is the Department of Justice.
If they actually cared about providing security to their customers instead of covering their own asses they'd have kept their customers fully informed, but they didn't.
Have you read their statement? They *still haven't* kept us informed. All they've said is that they'll replace the tokens, and that "the information taken from RSA in March has been used as an element of an attempted broader attack on Lockheed Martin".
Nowhere have they said that the seeds are compromised, nowhere have they told us exactly what information was leaked, only that the leaked information played a role in the LM attack.
The mind boggles.
Why haven't these people been arrested and tried for treason?
Because passing unconstitutional laws isn't illegal. (that's why we have a supreme court) They're just doing what the people have demanded they do. The people, on the other hand, are stupid. *shrug*
Well, to be fair, it doesn't look like that dam was constructed for hydroelectric power purposes.
Don't forget about http://en.wikipedia.org/wiki/Vajont_Dam , or even the safety issues of necessary-for-renewables pumped storage plants: http://en.wikipedia.org/wiki/Taum_Sauk_Hydroelectric_Power_Station (which was fortunately limited to a few injuries and no fatalities).
Generating electricity is dangerous, and will be for the foreseeable future.
Actually, NASA's Twitter feed is one of the timeliest ways to get these updates, short of watching the various news conferences on NASA TV.
If you're trying to see a shuttle launch, the Twitter feed is indispensable. It kept me from getting on a plane at one of STS-133's many delays.
Sony hardware is just as good quality-wise as the rest; only their prices are quite a bit above.
These days. Back in the days of the green power button, you could count on Sony to produce a pretty darn good product that was at least as good as any other competitor.
It is also one of cleanest nuclear weapons ever detonated.
As a function of its yield, not as an absolute number.
It is running a calendar application not storing sensitive patient information.
I've seen plenty of sensitive things in a calendars. For example, all the freaking time there are teleconference passcodes in meeting invites I get. For (ostensibly) sensitive teleconferences. You can't know what's going to be stored there. What keeps a physician from using it for more than just "on call" calendaring? "12:25 AM: Visit Mr. Smith and give him a referral for AIDS counseling".
Several issues here.
1.) You're storing organizational data on a non-organizationally owned IT device. For that reason alone, they should say "no". (What guarantee do they have that you won't take your machine with you when you quit/get fired, and the data with it?)
2.) Your machine is on their network. They are responsible for what happens on that machine. Your machine could potentially be used to escalate placement of an attacker to the rest of their network.
3.) Even if you leave your machine after you quit/get fired, do you really believe that someone left behind will know how to maintain a BSD machine running OpenLDAP? Or that they NEED to maintain the machine?
Be GLAD they aren't asking for the root password. It's their network, it's their neck, and it's fair for them to have access to check up on you every now and then.
(I'd concede some of the above points if your job role was explicitly systems administration, but it doesn't seem to be the case in your description.)
Next time, please check your facts.
Funny, for someone who just got his facts wrong about how passive mode works. There are still two TCP connections in passive mode. Essentially, it's just flipping the listener on the data connection from the client to the server.
Yes, many things can be left unencrypted; your password is not one of them. Using FTP for anything other anonymous FTP is irresponsible and stupid.
Eh, there are ways to do it that are reasonable in terms of risk. For example, one-time passwords.
I wouldn't recommend it, but to dismiss it outright for that reason isn't correct.
(Disclaimer: As a former firewall administrator in a scientific computing facility, I hate FTP.)
This is not new or exciting.
Yeah, I would have expected the editor to have said something like: "Near-space photography via balloon isn't quite new any more"
The point was how cheap this one was done: That the price point is now down to 60 bucks.
The question is really whether or not GSA can do that (Certify and accredit for the entire US govt)
Ultimately, it boils down to whether or not an Agency authorizing official will sign an authorization to operate (ATO) for their agency to use the system. Google isn't asking Agencies to just use it willy nilly; while GSA has provided an ATO, the ATO is limited in scope, and only covers specific controls (albeit most of them). There are, however, still specific controls that an agency must implement (like HSPD-12 compliant authentication for its users). Thus there is a unique specific implementation for each agency, and each agency issues an ATO for the combined mess. It's the concept of "accountability cannot be outsourced." The value in the GSA ATO is that those controls can largely be assumed operational, as they've already been assessed and are being monitored by GSA. Thus, it makes the agency's assessment, ATO, and continuous monitoring much simpler.
If you aren't familiar, you might find this interesting:
http://www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP
Of course, this is the present, that is the past.
The danger levels of the color-coded terror alert level will never go down to low. We are supposed to be always be afraid. But here is the flaw in the logic: The danger wasn't zero before 9/11. So can we have a "no elevated danger" level when the danger is at that background level and specific alerts otherwise.
Yes. The Homeland Security Advisory System (the pretty rainbow) is in the active process of being replaced with exactly such a system. See: http://www.dhs.gov/files/programs/ntas.shtm
Except that you can not reference anything on wikipedia that is not on the web
No guideline that I'm aware of exists that says that. I see books cited quite often on Wikipedia.