I was going to patent this "concept", but I've decided to publish the idea here so that future generations can point back to prior-concept in case there are related patent disputes (perhaps this isn't enough for a patent, but maybe others will fill this out for the public domain).
I'm sure the industry I am about to describe will become a multi-million (might not reach the billion-dollar mark unless permanent body modification beyond just cosmetic skin-coloring becomes popular and accepted). I plan to make my profit from infomercials and the surgical centers employing the "open source" methods I fund (after the company I work for IPOs at $10 per share, hah!) and the science gets a bit further along. I have the talent and charisma it will take to make such centers popular -- the pie is big enough for all!
So what is the great idea? Implanting self-generating teeth in places other than the mouth for body-enhancement. Such enhancements may be for "cosmetic" or utilitarian purposes.
Wouldn't a row of teeth sticking out of your skull above your left eyebrow look great?
Wouldn't your fighting skills improve with a few teeth sticking out of your knuckles or elbows?
The possibilities are endless!
More details to arrive some day at http://www.gg411.com under the "wacky ideas" section.
How do you know what gets through the cracks?
on
Security Warrior
·
· Score: 3, Interesting
If you really think you're not going
to seal all the cracks, or that you create
new ones as you rebuild your electronic
foundation, you need to track what goes on
inside the house at all times.
The best way to do this is to log all
significant events in your infrastructure:
network connections
web server hits
DB queries
app server events
machine syslogs
...
Without knowledge of your history
you can't see new trends or look back
and see how often in the past newly
discovered exploits by external attackers
and internal were used. The company I work
for (Addamark) discusses the
log-everything
approach to security. It's a tough problem
because of the scale of info required. Sorry
for the shameless plug but this is the problem
we address, and do so rather well at several
real-world companies.
Should be "affected", not "effected"
on
The Future of NASA
·
· Score: 3, Informative
If true, how badly will NASA's scientific mission be effected (wrong! should be "affected") if it becomes a conduit for giving research and development money to defense contractors?
This usage note for the reference manual for the word affect indicates the "effect" and "affect" have different meanings:
Usage Note: "Affect" and "effect" have no senses in common. As a verb "affect" is most commonly used in the sense of "to influence" (how smoking affects health). "Effect" means "to bring about or execute": layoffs designed to effect savings. Thus the sentence These measures may affect savings could imply that the measures may reduce savings that have already been realized, whereas These measures may effect savings implies that the measures will cause new savings to come about.
the complete objective record of all that has/will happen(ed) in space/time (and whatever other dimensions) -- there is only one reality, you don't get to choose what it is other than through your meager influences on the next successive moments, in competition with others, the created universe, and god
whatever possible additional set of distilling general statements an objective observer could make from that objective record (perhaps such as: early use of marijuana by an early-teen youth in USA in early decade 2000 only slightly increases the individual's odds of using harder drugs later on in life) -- there are more statistically sound ways of qualifying these but that was too long ago in my college days
A fact is a statement of an event (or set of events) from the objective record, or of one of the distilled truths.
We don't have our own individual truths, there is only one truth. Some of us have a better grasp on various facts within truth. Our goal can be to:
recognize our shortcomings and humbly look for the truth, if that be worthy; OR...
... ignore truth and pursue our every whim; OR...
... engage in the McSpirituality of this age where religion has gone through the slaughterhouse of the media and economic interests, ground up, reformulated, artificially scented to cover the resulting blandness, and served up in low-cost packages to suit every taste. Want fries with that?
waits 4 weeks while you service department opens the device, replaces the chip, does a burn-in test
gets fed up waiting, buys your competitor's product next time round
with software once you identify the problem and fix it, the customer might be out of commission a half hour while the download, install, and possibly reboot the machine.
We all bandy about this term zealot without looking at its origin. The zealots were anti-Roman Jewish "activists" in Jesus' time. Being a smaller force than the powerful Romans they engaged in asymmetrical warfare, whose tactics usually include terrorism.
A certain Steve Wright has an interesting article about the Jewish religious scene at around Jesus' time. He says: The Zealots, who conducted an insurrectionary war against Roman occupation forces, had objectives that were religious and political: the attainment of a Jewish theocracy, the rule of the Messiah, and the annihilation of the heathen. I don't know how appropriate the use of zealot is for Linux enthusiasts, but certainly many of them do want "annihilation of the heathen".
Simon (renamed Peter) was a zealot who became a follower of Jesus and part of his inner circle of twelve disciples. He was brash, outspoken, tended to take matters into his own hands. When the Roman authorities and certain Jewish religious leaders came to arrest Jesus before his crucifixion, Peter slashed off someone's ear. Jesus had to reattach it. Look at the section "The Whole Truth: An Example" of this article. It's also an interesting look at how different biblical writers wrote their own eyewitness or second-hand accounts and emphasized different kinds of information.
Mr. Schneier contrasts problems of physical security with IT security throughout his article and emphasizes that in both domains criminals and terrorists will, at times, hit their mark. (He also implies losses to crime are greater than losses to terror, and that society emphasizes the terror while neglecting sensible countermeasures to crime -- but that's beside the point I want to make here).
In the physical world criminals always leaves tracks. Fingerprints, footprints, bodily fluids, DNA, personal effects, the air they breathe, traces from tools of their trade, etc. Sometimes the criminal is smart and leaves so few of these clues, or they're so undetectable or indistinguishable from the background (e.g., the air they breathe) that they get away. But at least in the physical world forensic experts can resort to physical evidence to track down the perps and extract justice or revenge.
Mr. Schneier complains that the physical security types take ineffective measures to prevent damage in the physical world and could learn a thing or two about mitigating risk from the IT community. (Confiscating those nail clippers from grandma isn't going to prevent a hijacking!) But I think Mr. Schneier is short-sighted too, and the IT security people haven't learned yet that gathering evidence in the electronic world is key! You need to lay down the dust to track electronic footprints through the network. Your electronic gated community isn't going to keep out everyone, and logs are the dust in which cybercriminals leave their footprints! If you don't collect and analyze your logs, you're just left with 500,000 stolen credit card/social security numbers and the air they breathed.
Cringely put out an article (Changing the Game: How to Save the World by Taking Back Control of Our Data) a week or so back emphasizing security through recording all activity in any given IT infrastructure. Cryptographic techniques may be great, but social engineering, cracked buffer overflows, and short-sighted or stupid actions can always leave some crucial data exposed.
Rather than throwing your hands up when you've found you've left data exposed, or you've discovered some insider has been poking around documents they shouldn't be looking at, you should be able to track down all access to all information at all layers of your infrastructure. You hopefully can uncover traces of specific incidents, find any other similar unnoticed events that are now part of history, and find the culprits.
So logging and log analysis are key to securing any site. You need to log:
web servers
DB access
app server use
custom applications
machine login sessions
network events
key card access to buildings
maybe even disk I/O info
... and many others...
... and you need to do it in a way where you can correlate information from all these disparate sources to uncover patterns of abuse. Cringely mentions that Addamark (he calls them the next "Oracle") is the first company with a viable solution for storing and analyzing the massive logs involved. I've looked at their site, does anybody know anything about this product? Sounds very useful.
I was at the keynote where Mr. Schwartz demonstrated the Looking Glass desktop. The major points:
the desktop was actually a view into a 3-D environment, in this case a look at the sky through a tree branch and leaves
as you moved the mouse around the desktop the background shifted ever so slightly to make it look like your viewpoint was tracking in 3D also
instead of having minimized 2D icons on the toolbar, you had 2D versions of the window contents in the same general area icons would be, set at a weird angle
windows on the desktop were sort of translucent, you could see the background/other windows beyond them (opacity probably configurable)
instead of minimizing windows you could anchor them to the left/right sides of the screen, where the would shrink a bit and pivot around the left/right edge away from the user to take up less real estate on the desktop
you could of course unanchor these screens and bring them into the "foreground"
you could also rotate the set of "foreground" windows and look at them from any angle
That pretty much was the revolution of Looking Glass. There were gasps of wonderment and plenty of glee in the audience. Reminds me of when people were going to walk around in 3D chat environments and talk to each other in real virtual rooms. As for improving productivity or ease of desktop use, there's no hope here, it's just a bunch of useless eye candy.
If the keyboard and mouse are still the main input devices for a computer, you're much better off with switching virtual desktops and Alt+Tab and Alt+Shift+Tab. If you're shooting for Minority Report style stuff, I still think a layered/switchable mainly 2D with lots of semanticky associations will do better than a 3D environment.
Logging public wireless networks at a level of detail required to catch infractors would be a huge undertaking. Most products that could do it would cost a lot and would add a huge burden to those administering those networks.
I've heard good things about Addamark, they claim to have a log capture/query tool at a good price/performance point. Does anyone have experience with large log data volumes and this tool?
I have a SprintPCS (Samsung N400) cell phone and a data cable for my laptop. I can get laptop TCP/IP connectivity in any coverage location and unlimited data access. The connection is high latency but has decent throughput, enough to check e-mail, use the web, use 'ssh', etc. Works with Linux too. It's made a big difference in my working lifestyle. The web browsing experience direct via the phone is still a limiting experience, but I think that will improve as more web-apps are deployed by various companies.
I have 2000 anytime minutes shared between my phone and my girlfriend's phone (she talks a lot), unlimited calls to other SprintPCS phones, and unlimited data access for about what I started paying two years ago for my old single-non-graphics-cell-phone WAP-enabled device. The price and data rates will only get better over the next few years.
Without technology, specialization of labor, and automation we'd all be taking a dump in the compost heap to fertilize next year's potato crop. There's no way the world could maintain the number of people alive today, and the current standard of living without those trends.
Outsourcing happens in any industry where the product can be commoditized and packaged and the constraints of face-to-face communication and geography are removed. It's happened in farming (grapes from Chile), in manufacturing (Nike's from Burma), with call centers (telecom is cheap enough and the English language skills in India are good enough), and with software (supposedly better software methods, specifications, etc. -- I've usually seen it not work).
The general trend of outsourcing becomes:
disruption in the lives of those whose jobs have been exported
some adjust and find newer work with lower wages
a few are liberated and discover other work that pays them much more than their old jobs
down the road others
enjoy the much cheaper cost
of goods resulting from this outsourcing
get more interesting jobs under better
conditions and better pay than the jobs
they used to have or their parents had
before outsourcing took place
everybody benefits, the "local"
workers and the "foreign" workers that
now have the outsourced jobs
outsourcing generally improves everyone's
standard of living (but with possible costs to
the environment)
if there's a problem now, it's that the
newer "local" jobs that become available in
greater quantity after outsourcing require
too much education, and the trend will continue,
perhaps even to the point where being
smart in itself doesn't matter -- there
are plenty of PhDs in History with low
paying jobs (we have a BA in History as
president, I think) -- it may become more a
matter of who you know, or the resources/capital
at your disposal
in other days you could escape the trap
of few assets and few connections
through education and hard work, but perhaps
that's less likely now
even if education is still a means to improved standard of living, Americans don't seem interested in trying all that hard but instead give in to the mindless entertainment culture
Jeremy Rifkin wrote "The End of Work" (haven't read it yet, but have looked at reviews) -- he believes we're reaching a point where full employment will no longer make sense and society will need to find a permanent way to pay people even though they do not work ever in their lives -- The End of Work
"In order for an IDS to be effective, or in some high-bandwidth cases, even usable, detailed network and business context must be applied to the IDS.
Snort and the other intrusion detection systems perform to varying degrees at monitoring corporate resources resources and alerting personnel when something is amiss, according to the rulesets they've been given. The article assumes the rulesets are known in advance: your work is to take those rulesets and implement them in Snort or your favorite IDS.
The real world isn't so simple. IT personnel can only guess at all the possible security problems with the network equipment, hardware, server software, clients, external network connections, malicious hackers and information thiefs out there -- as well those rare dishonest insiders. A more effective security implementation includes plenty of logging, and subsequent log analysis.
Logs are easy to generate for all varieties of hardware and software. Collecting and centralizing log data lets you:
track the history of all aspects of IT infrastructure
analyze patterns of past resource use as personnel understand more about potential threats (have such exploits occurred in the past? what additions to current real-time IDS rulesets will address such exploits?)
analyze past resource use to see whether newly discovered, real exploits have been used in the past (the organization can take appropriate measures to uncover abuse two months ago, a year ago; what data was compromised then?)
Having the history lets an organization more effectively implement the "detailed network and business context" within the real-time IDS solutions.
Of course, the real problem is the $2 million for the Oracle DB to manage all that log data. And querying all that history is a bear. And the DBAs, the software developers, etc. to manage that log history. I've heard that addamark's log management system (LMS) is a good alternative. Someone told me their product replaced a DB2 cluster at one organization after a two-hour DB2 query took three minutes on an Addamark cluster. The cost savings, storage capacity, and log compression were phenomenal too.
Are there other log centralizing solutions out there you've heard of? Addamark seems to work because it's not a full-fledged traditional DB, but optimized for this log management problem -- can a traditional DB keep pace?
I think that people who would subject themselves to this have psychological problems. Seriously. If you want to view porn then view porn. If you don't want to, then don't. You have a problem if you feel that you can't control your own actions and must have someone watch over you. I hope that they eventually see how unhealthy such actions and attitudes are and seek counseling. Healthy adults take responsibility for their own actions and act accordingly.
A fundamental idea in Christianity is that no one lives consistently according to their own moral standards, all violate their own conscience.
Sometimes, that conscience has been conditioned through bad upbringing, bad experiences, etc. to count as sinful what actually is enjoyable, or no big deal. At other times, a person is so conditioned to accepted what is sinful as normal -- they've lost the ability to recognize sin.
To quote some bible, here's a passage from Romans chapter 7, discussing struggles with sin:
I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do.... For I have the desire to do what is good, but I cannot carry it out. 19 For what I do is not the good I want to do; no, the evil I do not want to do--this I keep on doing.
This particular passage turns into a repetetive, whining piece of text I never really liked. Sort of how I feel when I struggle with the evil I would not do. I'll admit my conflicted nature gladly.
Firewalls are great when you can trust all your insiders. That's rarely the case. Real-time intrusion detection systems also help out, but fail when:
attacks are diffuse, slow and patient, and seemingly random -- there's no way a real-time detection system will connect the activity
insiders do the job -- they're not "intruding"
To really address security of corporate data you need to:
log all activity on all servers and hardware surrounding your vital data
store that log data in a centralized location
periodically analyze that data for abnormal patterns of activity within or across logged systems
some analysis will be boilerplate, other analysis will be highly customized to a specific site's data architecture
This log analysis approach complements the others, and will catch more insidious, long term, and more damaging violations of critical data. Most corporations have the firewall angle covered well, but can't address social engineering or misbehaving insiders.
Of course, the big problem here is storing all that log data. Security analysis companies have been around but either can't perform analysis at the detail required, or charge too much (that log data is huge and Oracle isn't cheap).
Addamark Technologies has a security event logging and analysis tool that seems to address this problem though. They sell a product that uses a cluster of cheap Linux PCs to store all that data, and a SQL/Perl query interface (for those that want to query data directly without web-UI tools), some good web-UI tools. Data loading performance and query performance is out of this world. They've got a great customer list, too.
Completing the task set for Adam in Genesis 2:19
on
Finding Every Species
·
· Score: 1
Life for Adam in the Garden of Eden was not an idle pursuit of berries and time with Eve. Adam was told to work the garden and care for it. The first task (see verse 19) though was to name the animals. Interestingly, modern-day scientists are now completing an extension of humankind's first job.
Slashdot Mirror
Check out the latest edition of "The Economist", Feb 28th 2004 edition. Article "Regenerative dentistry: Tooth fairies", page 77.
I was going to patent this "concept", but I've decided to publish the idea here so that future generations can point back to prior-concept in case there are related patent disputes (perhaps this isn't enough for a patent, but maybe others will fill this out for the public domain).
I'm sure the industry I am about to describe will become a multi-million (might not reach the billion-dollar mark unless permanent body modification beyond just cosmetic skin-coloring becomes popular and accepted). I plan to make my profit from infomercials and the surgical centers employing the "open source" methods I fund (after the company I work for IPOs at $10 per share, hah!) and the science gets a bit further along. I have the talent and charisma it will take to make such centers popular -- the pie is big enough for all!
So what is the great idea? Implanting self-generating teeth in places other than the mouth for body-enhancement. Such enhancements may be for "cosmetic" or utilitarian purposes.
More details to arrive some day at http://www.gg411.com under the "wacky ideas" section.
If you really think you're not going to seal all the cracks, or that you create new ones as you rebuild your electronic foundation, you need to track what goes on inside the house at all times.
The best way to do this is to log all significant events in your infrastructure:
Without knowledge of your history you can't see new trends or look back and see how often in the past newly discovered exploits by external attackers and internal were used. The company I work for (Addamark) discusses the log-everything approach to security. It's a tough problem because of the scale of info required. Sorry for the shameless plug but this is the problem we address, and do so rather well at several real-world companies.
If true, how badly will NASA's scientific mission be effected (wrong! should be "affected") if it becomes a conduit for giving research and development money to defense contractors?
This usage note for the reference manual for the word affect indicates the "effect" and "affect" have different meanings:
Usage Note: "Affect" and "effect" have no senses in common. As a verb "affect" is most commonly used in the sense of "to influence" (how smoking affects health). "Effect" means "to bring about or execute": layoffs designed to effect savings. Thus the sentence These measures may affect savings could imply that the measures may reduce savings that have already been realized, whereas These measures may effect savings implies that the measures will cause new savings to come about.
for best results the dwarf should be stoned. (not a very sensitive comment, sorry)
You're mixed up, dude. Truth is:
A fact is a statement of an event (or set of events) from the objective record, or of one of the distilled truths.
We don't have our own individual truths, there is only one truth. Some of us have a better grasp on various facts within truth. Our goal can be to:
You can't easily patch hardware. The consumer:
with software once you identify the problem and fix it, the customer might be out of commission a half hour while the download, install, and possibly reboot the machine.
We all bandy about this term zealot without looking at its origin. The zealots were anti-Roman Jewish "activists" in Jesus' time. Being a smaller force than the powerful Romans they engaged in asymmetrical warfare, whose tactics usually include terrorism.
A certain Steve Wright has an interesting article about the Jewish religious scene at around Jesus' time. He says: The Zealots, who conducted an insurrectionary war against Roman occupation forces, had objectives that were religious and political: the attainment of a Jewish theocracy, the rule of the Messiah, and the annihilation of the heathen. I don't know how appropriate the use of zealot is for Linux enthusiasts, but certainly many of them do want "annihilation of the heathen".
Simon (renamed Peter) was a zealot who became a follower of Jesus and part of his inner circle of twelve disciples. He was brash, outspoken, tended to take matters into his own hands. When the Roman authorities and certain Jewish religious leaders came to arrest Jesus before his crucifixion, Peter slashed off someone's ear. Jesus had to reattach it. Look at the section "The Whole Truth: An Example" of this article. It's also an interesting look at how different biblical writers wrote their own eyewitness or second-hand accounts and emphasized different kinds of information.
Mr. Schneier contrasts problems of physical security with IT security throughout his article and emphasizes that in both domains criminals and terrorists will, at times, hit their mark. (He also implies losses to crime are greater than losses to terror, and that society emphasizes the terror while neglecting sensible countermeasures to crime -- but that's beside the point I want to make here).
In the physical world criminals always leaves tracks. Fingerprints, footprints, bodily fluids, DNA, personal effects, the air they breathe, traces from tools of their trade, etc. Sometimes the criminal is smart and leaves so few of these clues, or they're so undetectable or indistinguishable from the background (e.g., the air they breathe) that they get away. But at least in the physical world forensic experts can resort to physical evidence to track down the perps and extract justice or revenge.
Mr. Schneier complains that the physical security types take ineffective measures to prevent damage in the physical world and could learn a thing or two about mitigating risk from the IT community. (Confiscating those nail clippers from grandma isn't going to prevent a hijacking!) But I think Mr. Schneier is short-sighted too, and the IT security people haven't learned yet that gathering evidence in the electronic world is key! You need to lay down the dust to track electronic footprints through the network. Your electronic gated community isn't going to keep out everyone, and logs are the dust in which cybercriminals leave their footprints! If you don't collect and analyze your logs, you're just left with 500,000 stolen credit card/social security numbers and the air they breathed.
Cringely put out an article (Changing the Game: How to Save the World by Taking Back Control of Our Data) a week or so back emphasizing security through recording all activity in any given IT infrastructure. Cryptographic techniques may be great, but social engineering, cracked buffer overflows, and short-sighted or stupid actions can always leave some crucial data exposed.
Rather than throwing your hands up when you've found you've left data exposed, or you've discovered some insider has been poking around documents they shouldn't be looking at, you should be able to track down all access to all information at all layers of your infrastructure. You hopefully can uncover traces of specific incidents, find any other similar unnoticed events that are now part of history, and find the culprits.
So logging and log analysis are key to securing any site. You need to log:
... and you need to do it in a way where you can correlate information from all these disparate sources to uncover patterns of abuse. Cringely mentions that Addamark (he calls them the next "Oracle") is the first company with a viable solution for storing and analyzing the massive logs involved. I've looked at their site, does anybody know anything about this product? Sounds very useful.
Sending humans to space is, for now, a waste of life, time, and money. Payloads are of more strategic importance.
A morte do representante das Nacoes Unidas no Iraqe ... e agora isto. Uma semana triste na nossa historia.
I'd be more worried about what happens after the millenium.
I was at the keynote where Mr. Schwartz demonstrated the Looking Glass desktop. The major points:
That pretty much was the revolution of Looking Glass. There were gasps of wonderment and plenty of glee in the audience. Reminds me of when people were going to walk around in 3D chat environments and talk to each other in real virtual rooms. As for improving productivity or ease of desktop use, there's no hope here, it's just a bunch of useless eye candy.
If the keyboard and mouse are still the main input devices for a computer, you're much better off with switching virtual desktops and Alt+Tab and Alt+Shift+Tab. If you're shooting for Minority Report style stuff, I still think a layered/switchable mainly 2D with lots of semanticky associations will do better than a 3D environment.
Logging public wireless networks at a level of detail required to catch infractors would be a huge undertaking. Most products that could do it would cost a lot and would add a huge burden to those administering those networks.
I've heard good things about Addamark, they claim to have a log capture/query tool at a good price/performance point. Does anyone have experience with large log data volumes and this tool?
Well, let's your lawyer, you, and me, and all the other Slashdot crowd join together in a class action lawsuit over false advertising.
I have a SprintPCS (Samsung N400) cell phone and a data cable for my laptop. I can get laptop TCP/IP connectivity in any coverage location and unlimited data access. The connection is high latency but has decent throughput, enough to check e-mail, use the web, use 'ssh', etc. Works with Linux too. It's made a big difference in my working lifestyle. The web browsing experience direct via the phone is still a limiting experience, but I think that will improve as more web-apps are deployed by various companies.
I have 2000 anytime minutes shared between my phone and my girlfriend's phone (she talks a lot), unlimited calls to other SprintPCS phones, and unlimited data access for about what I started paying two years ago for my old single-non-graphics-cell-phone WAP-enabled device. The price and data rates will only get better over the next few years.
Vocà falou certo.
Without technology, specialization of labor, and automation we'd all be taking a dump in the compost heap to fertilize next year's potato crop. There's no way the world could maintain the number of people alive today, and the current standard of living without those trends.
Outsourcing happens in any industry where the product can be commoditized and packaged and the constraints of face-to-face communication and geography are removed. It's happened in farming (grapes from Chile), in manufacturing (Nike's from Burma), with call centers (telecom is cheap enough and the English language skills in India are good enough), and with software (supposedly better software methods, specifications, etc. -- I've usually seen it not work).
The general trend of outsourcing becomes:
outsourcing generally improves everyone's standard of living (but with possible costs to the environment)
if there's a problem now, it's that the newer "local" jobs that become available in greater quantity after outsourcing require too much education, and the trend will continue, perhaps even to the point where being smart in itself doesn't matter -- there are plenty of PhDs in History with low paying jobs (we have a BA in History as president, I think) -- it may become more a matter of who you know, or the resources/capital at your disposal
in other days you could escape the trap of few assets and few connections through education and hard work, but perhaps that's less likely now
even if education is still a means to improved standard of living, Americans don't seem interested in trying all that hard but instead give in to the mindless entertainment culture
Jeremy Rifkin wrote "The End of Work" (haven't read it yet, but have looked at reviews) -- he believes we're reaching a point where full employment will no longer make sense and society will need to find a permanent way to pay people even though they do not work ever in their lives -- The End of Work
The password isn't up yet!
Snort and the other intrusion detection systems perform to varying degrees at monitoring corporate resources resources and alerting personnel when something is amiss, according to the rulesets they've been given. The article assumes the rulesets are known in advance: your work is to take those rulesets and implement them in Snort or your favorite IDS.
The real world isn't so simple. IT personnel can only guess at all the possible security problems with the network equipment, hardware, server software, clients, external network connections, malicious hackers and information thiefs out there -- as well those rare dishonest insiders. A more effective security implementation includes plenty of logging, and subsequent log analysis.
Logs are easy to generate for all varieties of hardware and software. Collecting and centralizing log data lets you:
Having the history lets an organization more effectively implement the "detailed network and business context" within the real-time IDS solutions.
Of course, the real problem is the $2 million for the Oracle DB to manage all that log data. And querying all that history is a bear. And the DBAs, the software developers, etc. to manage that log history. I've heard that addamark's log management system (LMS) is a good alternative. Someone told me their product replaced a DB2 cluster at one organization after a two-hour DB2 query took three minutes on an Addamark cluster. The cost savings, storage capacity, and log compression were phenomenal too.
Are there other log centralizing solutions out there you've heard of? Addamark seems to work because it's not a full-fledged traditional DB, but optimized for this log management problem -- can a traditional DB keep pace?
A fundamental idea in Christianity is that no one lives consistently according to their own moral standards, all violate their own conscience.
Sometimes, that conscience has been conditioned through bad upbringing, bad experiences, etc. to count as sinful what actually is enjoyable, or no big deal. At other times, a person is so conditioned to accepted what is sinful as normal -- they've lost the ability to recognize sin.
To quote some bible, here's a passage from Romans chapter 7, discussing struggles with sin:
This particular passage turns into a repetetive, whining piece of text I never really liked. Sort of how I feel when I struggle with the evil I would not do. I'll admit my conflicted nature gladly.
Firewalls are great when you can trust all your insiders. That's rarely the case. Real-time intrusion detection systems also help out, but fail when:
To really address security of corporate data you need to:
This log analysis approach complements the others, and will catch more insidious, long term, and more damaging violations of critical data. Most corporations have the firewall angle covered well, but can't address social engineering or misbehaving insiders.
Of course, the big problem here is storing all that log data. Security analysis companies have been around but either can't perform analysis at the detail required, or charge too much (that log data is huge and Oracle isn't cheap).
Addamark Technologies has a security event logging and analysis tool that seems to address this problem though. They sell a product that uses a cluster of cheap Linux PCs to store all that data, and a SQL/Perl query interface (for those that want to query data directly without web-UI tools), some good web-UI tools. Data loading performance and query performance is out of this world. They've got a great customer list, too.
Life for Adam in the Garden of Eden was not an idle pursuit of berries and time with Eve. Adam was told to work the garden and care for it. The first task (see verse 19) though was to name the animals. Interestingly, modern-day scientists are now completing an extension of humankind's first job.
Genesis 2 (see verse 19).Why? Did they put some ass stem cells in your lips?