Technology is not only about things in your house. If you go to look in the Chinese factories you might see a lot of the heavy machinery and conveyer lines have 'Made in USA'. And those have bigger profit margins.
Well if you look at the Chinese attacks they are all based on spear phishing. So what you need to secure is prevent people from running code sent to them via emails. Its really easy to do - simply enforce whitelists - not blacklists, whitelists. For example, the OS should refuse to run unsigned exe files - not simply ask you if you're sure, but actually tell you that you can't, period. And by unsigned I mean anything not signed with the private keys of your organization. Also, make a whitelist of domain names so only approved websites can be visited. That cuts a large swath of infection vectors - now you can't enter into the computer network with the help of gullible employees because even if they want to run your exe or follow that link to your website and enter their password THEY CAN'T.
Like codeproject, codeguru, daniweb, etc. Stackoverflow is language agnostic with its tags system, and so it attracts a disproportionate amount of languages which don't have their own established forums to compete. For example, I use it if I have questions about python, but when I have questions about C++, I go to codeproject sometimes.
So far all their attacks I've heard about were made by sending emails to employees at a company and asking them to run exe files. If that's all it takes then everyone who can speak decent English and has access to off-the-shelf Trojans is a potential Hacker.
It's not that the Chinese jump high, it's just that the bar is so low.
I meant they shouldn't be able to execute files that are not put there by the admin. That's what non-executable partitions are in Linux. Your root partition is executable, but your home partition is not. Your browser, word processor, etc. are in the executable partition so you can execute them. But if someone sent you an executable file you have to put it in your own home partition, and you can't execute it from there. And you can't move it to the root partition, because you don't have write permissions.
Attacks like this make me wonder why should users even be able to execute *.exe files. I've started to see the point of non-executable partitions in Linux.
So all it takes is to send emails to the employees telling them to execute an *.exe file? No wonder the Chinese are able to do it, this thing requires almost no skill, only enough numbers of people churning out emails. I wonder when the Chinese will stop bothering with the malware part, and just ask the employees to upload all the sensitive data.
It was the same with me. I learned Turbo Pascal and knew about pointers, but only when I switched to C I realized that pointers are numbers, like indexes in an array.
There were a lot of things that were easier to understand in C than in Pascal. For example scanf and printf were just library functions, while in Pascal readln and writeln were parts of the language. Also, what "#include " did was perfectly clear - a simple text substitution, i.e. the same as if I had gone the header and copy-pasted its contents in the.c file, while in Pascal when you write "uses crt;" I wasn't sure what actually happens. The fact that text was an array of numbers was not clear to me while I was using pascal, what with all the Chr and Ord function to move from Character to Integer, and strings were part of the language and were like blackboxes.
My Burger-Flipping PhD at Harvard only cost me $500000, but luckily, I'm living on a minimum wage now so I don't need to pay anything back. I'm grateful to the government for providing me with a guaranteed student loan, because without it, surely I wouldn't have been able to land this job. Employers all require PhD's now, ever since 99% of the population started to have them.
I had considered buying a few bitcoins out of interest but the price for them seemed a little too high, so I had decided to wait until the inevitable crash happens. Now I might look into buying, or I might wait a little more until they're worth cents. For me buying something that has just had a tremendous decline in the price is not a problem - after all, I haven't lost money because I never bought them while they were expensive. I'd rather buy cheap than expensive.
People still use Yahoo mostly by inertia. Once the idea of a portal was to try and get as many people as possible to make it their home page, and Yahoo was successful in that way. A lot of people had made it their home page at the time and now they're used to it. And if you're just a casual user, going to Google wouldn't give you any benefits since you're not using the Internet much anyway. So why bother change?
Yahoo will never attract any new users, but its going to be a slow 40-year demographic process until their userbase dwindles to nothing.
I assume they probably log information about me, but the good thing about Google is that they use the information for themselves. I don't care if they improve their search algorithms or target ads at me, so long as it's not up for sale or given to government agencies upon demand. And since I don't live in the US, I assume Google will be less cooperative with my government than my neighbourhood ISP.
You also have no idea if your ISP is collecting information on the sites you visit, either through DNS queries
That's why I'm using Google's DNS at 8.8.8.8 IP. That way my ISP doesn't know about where I go unless they do packet sniffing. And I changed my default search engine in Chrome to https://encrypted.google.com/
I was waiting for someone to point this out. Very true, sir. This has nothing to do with computers specifically. What Facebook is doing is called 'asking around' about you. That would have been the way you found out about someone before computers, or even writing, had existed - you went around and asked people about him.
Like 'Hey, I'm looking for this guy, I hear he's living in this village, could you point me to his house? Is he at his home right now, do you know?' and so on. The fact is, you're not the only one who knows about you. There are people who know about you, and they can give information about you just as good as you can.
The one I like the most is location-based reminders, where the alarm is activated when you go at a specific place, like 'don't forget to buy milk' when you go to the supermarket.
200,000 + people in page, 120 k+ are currently talking about it. its bigger than most politicians' pages.
I remember watching on TV recently a report about a protest that was organised in Facebook. The reporters were wondering why even though there were thousands of likes and comments on the Facebook page of the protest, only 20 people showed up for the actual protest.
I was talking about the physical medium. For example, if I gave you an old 8 inch floppy disk with important data on it which no one had thought to copy at the time, how would you extract the data from it? What machine can read it? What is the filesystem it uses?
Slashdot Mirror
Technology is not only about things in your house. If you go to look in the Chinese factories you might see a lot of the heavy machinery and conveyer lines have 'Made in USA'. And those have bigger profit margins.
Well if you look at the Chinese attacks they are all based on spear phishing. So what you need to secure is prevent people from running code sent to them via emails. Its really easy to do - simply enforce whitelists - not blacklists, whitelists. For example, the OS should refuse to run unsigned exe files - not simply ask you if you're sure, but actually tell you that you can't, period. And by unsigned I mean anything not signed with the private keys of your organization. Also, make a whitelist of domain names so only approved websites can be visited. That cuts a large swath of infection vectors - now you can't enter into the computer network with the help of gullible employees because even if they want to run your exe or follow that link to your website and enter their password THEY CAN'T.
Like codeproject, codeguru, daniweb, etc. Stackoverflow is language agnostic with its tags system, and so it attracts a disproportionate amount of languages which don't have their own established forums to compete. For example, I use it if I have questions about python, but when I have questions about C++, I go to codeproject sometimes.
Microsoft hears you.
That way you can still play the game for free. You don't have to purchase anything in the app if you don't want to.
So far all their attacks I've heard about were made by sending emails to employees at a company and asking them to run exe files. If that's all it takes then everyone who can speak decent English and has access to off-the-shelf Trojans is a potential Hacker.
It's not that the Chinese jump high, it's just that the bar is so low.
Thanks for the link, very enlightening story.
I meant they shouldn't be able to execute files that are not put there by the admin. That's what non-executable partitions are in Linux. Your root partition is executable, but your home partition is not. Your browser, word processor, etc. are in the executable partition so you can execute them. But if someone sent you an executable file you have to put it in your own home partition, and you can't execute it from there. And you can't move it to the root partition, because you don't have write permissions.
Attacks like this make me wonder why should users even be able to execute *.exe files. I've started to see the point of non-executable partitions in Linux.
So all it takes is to send emails to the employees telling them to execute an *.exe file? No wonder the Chinese are able to do it, this thing requires almost no skill, only enough numbers of people churning out emails. I wonder when the Chinese will stop bothering with the malware part, and just ask the employees to upload all the sensitive data.
It was the same with me. I learned Turbo Pascal and knew about pointers, but only when I switched to C I realized that pointers are numbers, like indexes in an array.
There were a lot of things that were easier to understand in C than in Pascal. For example scanf and printf were just library functions, while in Pascal readln and writeln were parts of the language. Also, what "#include " did was perfectly clear - a simple text substitution, i.e. the same as if I had gone the header and copy-pasted its contents in the .c file, while in Pascal when you write "uses crt;" I wasn't sure what actually happens. The fact that text was an array of numbers was not clear to me while I was using pascal, what with all the Chr and Ord function to move from Character to Integer, and strings were part of the language and were like blackboxes.
My Burger-Flipping PhD at Harvard only cost me $500000, but luckily, I'm living on a minimum wage now so I don't need to pay anything back. I'm grateful to the government for providing me with a guaranteed student loan, because without it, surely I wouldn't have been able to land this job. Employers all require PhD's now, ever since 99% of the population started to have them.
I had considered buying a few bitcoins out of interest but the price for them seemed a little too high, so I had decided to wait until the inevitable crash happens. Now I might look into buying, or I might wait a little more until they're worth cents. For me buying something that has just had a tremendous decline in the price is not a problem - after all, I haven't lost money because I never bought them while they were expensive. I'd rather buy cheap than expensive.
People still use Yahoo mostly by inertia. Once the idea of a portal was to try and get as many people as possible to make it their home page, and Yahoo was successful in that way. A lot of people had made it their home page at the time and now they're used to it. And if you're just a casual user, going to Google wouldn't give you any benefits since you're not using the Internet much anyway. So why bother change?
Yahoo will never attract any new users, but its going to be a slow 40-year demographic process until their userbase dwindles to nothing.
Even if they weren't armed, you could always place a pistol in their hands post-factum.
I assume they probably log information about me, but the good thing about Google is that they use the information for themselves. I don't care if they improve their search algorithms or target ads at me, so long as it's not up for sale or given to government agencies upon demand. And since I don't live in the US, I assume Google will be less cooperative with my government than my neighbourhood ISP.
http://en.wikipedia.org/wiki/George_R._R._Martin
You also have no idea if your ISP is collecting information on the sites you visit, either through DNS queries
That's why I'm using Google's DNS at 8.8.8.8 IP. That way my ISP doesn't know about where I go unless they do packet sniffing. And I changed my default search engine in Chrome to https://encrypted.google.com/
Yes, Facebook has found a way for automating the process, unfortunately.
I was waiting for someone to point this out. Very true, sir. This has nothing to do with computers specifically. What Facebook is doing is called 'asking around' about you. That would have been the way you found out about someone before computers, or even writing, had existed - you went around and asked people about him.
Like 'Hey, I'm looking for this guy, I hear he's living in this village, could you point me to his house? Is he at his home right now, do you know?' and so on. The fact is, you're not the only one who knows about you. There are people who know about you, and they can give information about you just as good as you can.
The one I like the most is location-based reminders, where the alarm is activated when you go at a specific place, like 'don't forget to buy milk' when you go to the supermarket.
So if you already are a famous author like George R. R. Martin does that mean you can skip using a publisher?
And at least when it comes to Censorship Chinese quality isn't a bad thing.
200,000 + people in page, 120 k+ are currently talking about it. its bigger than most politicians' pages.
I remember watching on TV recently a report about a protest that was organised in Facebook. The reporters were wondering why even though there were thousands of likes and comments on the Facebook page of the protest, only 20 people showed up for the actual protest.
I was talking about the physical medium. For example, if I gave you an old 8 inch floppy disk with important data on it which no one had thought to copy at the time, how would you extract the data from it? What machine can read it? What is the filesystem it uses?