On call 24x7, pager, company cell, laptop always available and required to respond. So no 'vacations' without cell service. Job description carefully written so that we were exempt from overtime laws and standby/oncall compensation. Figured out that just based on the number of hours physically at the NOC I was earning the same as a entry-level clerk at a nearby supermarket, and if I figured in the number of hours responding to issues outside the office I was making less than minimum wage.
Now I have no mandatory OT requirement, no mandatory on-call, 40 hour work week, 30+ days off per year (counting federal holidays), comp time, and a 401(k), and they pay, either in part or in whole, for a lot of my certifications and training.
Which is also why I support unionizing IT workers (and my current IT department is part of a union).
Actually it isn't. I work for a publicly owned electric and telecom utility. At a cost that can run upwards of a million (yes, $1,000,000) per *mile* to replace move aerial to underground, the rate payers don't generally want to pay for it. Almost all new construction is buried.
And while it seems like most of the causes for outages would be removed by going underground, you only exchange one set of causes for another. Cars get replaced by gophers. Trees on the line get replace by ice when conduit riser fills with water and freezes. Aerial teardowns due to heavy equipment become backhoes that dig on the wrong place and tear up a line.
You also have confined space issues. Now instead of everyone being certified for climbing, bucket trucks, and cranes, they also have to add confined space training and equipment (including continuing education), confined space rescue teams, interlocal or interagency agreements for CSRTs. All of these things add hidden (but not cheap) costs.
In addition fault locating and repair on an underground is much more manpower and technology intensive than aerial. All of these things drive the cost.
Another problem that factors in is environmental regulations. It is much easier (and cheaper by hundreds of thousands of dollars) to get permission to do an aerial build than underground. Every underground build had to deal with permitting for aquifer contamination, native artifacts, wetlands remediation, and so on and so forth. Permitting can add 10% to 100% to a segment of utility infrastructure.
It all boils down to costs. If you can go to your local utility board, commission, or shareholder meeting and convince them that raising rates by 50% to 500% won't get them burned out of their homes, I'll bet they would jump at it. Every utility I know would love to move most of their aging infrastructure underground.
I grudgingly reactivated my FB account a few months ago to stay in touch with family, but the minute I see the first video ad I am actually deleting my account. I HATE those. If I land on a page with a video ad, I immediately close the tab and find my content elsewhere. The exception I make to this is youtube because I'm THERE for video content.
I have similar problem with OCD/ADHD tendancies. I can fixate on conversations, music, beeps, noises, etc. I have several pairs of Panasonic RP-HC55-S noise cancelling in-ear buds (~$50), and I use either ambient music or white/pink noise tracks I have on my mp3 player. They don't cut out high frequencies as well, but the white noise masks a lot of that.
Ethernet over 9600 baud RS232 via a T1 TDM microwave channel. If you follow this entire path end-to-end you would traverse CWDM fiber and a DS3 SONET ring, all the way down to a hand-built addressable serial bridge. Also running 2400 baud serial over ethernet (yes the reverse) using a cell phone at the remote location as the modem.
Games: Civ III,IV
Galactic Civilizations II, Fallen Enchantress (Pretty please Brad?)
Mechwarrior Online
Skyrim
Star Citizen (forthcoming)
Other Apps:
Office. Seriously. This also keeps me tied to Windows and I hate it. Yes, I know about OpenOffice, but there are certain things that just don't work the way I need them too and I can't spend hours fixing every powerpoint presentation and revision I receive just so that I can use it under OO.
I agree. This list is probably opsec from DHS side. Disinformation. If it was me, I would have technically a 'keyword list' matching system specifically for release in FOIA situations like this. The actual searching/identification/tagging is algorithmic and context based and has very little to do with this list.
Not necessarily. The keyword list published probably is only the trigger key links. If you also started talking about 'social media' in the context of 'covert channel' you can bet that social media would raise a red flag.
Many of the algorithms used (especially some implementations of Bayesian filters) for this type of scoring are more than capable of correctly (or almost always correctly) identifying and excluding 'trolling'. You look for patterns of recurring words or linked words or synonymic links (aka if 'anthrax' is in my list, also look for '((bacterial OR viral)+agent)'. You look for deltas in the frequency of occurrence with persistence. Couple that with dynamic weighting based on local/national/global new events. So if you suddenly start using the words 'anthrax', 'cities', and 'target' when there isn't anything like that going on, and your conversation persists, that will get a high score. If every 17 days you post a tweet that contains a city name, a time, and a "random" dictionary word (aka a one-time crypto pad), that will probably score much higher than your talking about anthrax right after someone sends a bunch of letters with white powder around the country. IThe sophistication of the language context analysis software that is in existence is way past anything that most people realize.
Actually there is a fiscal reason that doesn't have anything to do with profit directly, but the cost of regulatory compliance. I work for a small electric utility that takes online credit card payments and payments via phone. If people understood how much it costs us in time and equipment to maintain regulatory compliance for PCI/DSS alone they might stop asking some of these questions. We spend hundreds of person hours a year to maintain our ability to provide this service to our customers. We have to perform regular internal audits. We have to perform vulnerability assessments and mitigation specifically related to PCI compliance that we would not otherwise have to mitigate. We have to pay for external audits. We have to maintain, audit, track, systems that are there specifically so that we are PCI compliant. Systems that duplicate other perfectly acceptable and functional systems but those systems don't meet certain criteria that make them 'compliant'. Failure to maintain the correct paperwork, audits, assessments, equipment, and documentation for all of the above (yes we have a paper trail to document our paperwork) can result in fines or loss of our ability to accept payments via online or phone. We only have about 40,000 customers but we dedicate close to $100,000 year in hours, and this doesn't include additional firewalls and network infrastructure capital and maintenance costs.
These regulatory burdens apply to ANY entity that accepts credit cards or e-check via phone or online. So whether you see the figure as a line item or not, you are paying for it.
I have to concur with this. In 91 or 92 (I don't remember for sure) I was one of the early group of individuals who downloaded the original PGP that Phil Zimmerman wrote from an online bulletin board. I hung onto that file until several years after the USG decided to drop the whole mess.
I've advocated for global adoption of email signing (would substantially reduce the spam problem), and I've been a strong proponent of the general use of encryption and key exchange for email. Over the last couple decades I've implemented email encryption (primarily for signing) off and on, always abandoning it after a while because the percentage of people utilizing it just gets smaller each year.
When I do have need to transmit encrypted files (which I do several times a year), I encrypt the files out of band (i.e. not in email) using GnuPG or OpenPGP (PGPi), and I perform the key exchange (if I don't have it) via another method. Then I email the encrypted file as an attachment, or in some cases use SFTP/SCP over ToR to transfer the encrypted data file.
If you understand the concepts for logic, iterative problem solving and analysis, and the fundamentals of how modular, linear, and OOP programming work, and when to apply which type of design, you can learn the intricacy's of any language. I'd rather work with a someone who is generally familiar with a dozen 'languages' but understands and can apply the above fundamentals, than someone who can whip out an entire application + GUI in C# or Mono but can't break a problem down into it's component parts and if confronted with a PERL application gets a blank stare and says "What's this?" instead of "Give me enough time and I can figure this out!".
If you have the skillset to build and maintain such a box as you've described, frankly I'm slightly surprised that you are asking this question. Use SSH (Cygwin+SSH or Putty if you run windows on the far side) for your remote connections and tunnel your VNC connection through your SSH. Use screen to maintain your CLI/term windows.
Problem solved. I would expect that with minimal reading you should be able to become comfortable with this in less than a day.
You may not be able to justify completely excluding them. However, if you have any data that could in any way be linked to specific individuals, you may be able to achieve your goals by putting onerous liability requirements. Require them to sign a 'transfer of risk or liability' contract or form in which they assume liability and responsibility for any financial or criminal data breach, leakage, etc. Also can you require signed confidentiality or legal contract form each employee who will be accessing the data. Tell them you will happily give access but each individual will have their own unique username and password for auditing and issue tracking purposes, and write in the contract that sharing these passwords will result in revocation of priviliges. Possibly modify your contract or financial relationship to include billing for additional issues resulting from 'I tried this query and now the database isn't responding for anytone'. If you turn the issue around in such a way that their managers or company has to carry the financial impact, you will at least be able to minimize the number of people who have access to the data.
This is not at all uncommon. Having worked as a network engineer for an ISP for 7 years just prior to my current job, I can tell you that this is common practice, especially if they are using any ATM. One of the reasons is that most session based transactions (web pages, email downloads, etc) are over in a few seconds. It actually provides better throughput and congestion control for the entire network to allow the initial transaction to burst at a higher speed, since a huge portion of those transactions are over very quickly.
Think of the connection as a large pipe (your cable connection) with a small outflow valve (your modem), connected to a larger, higher pressure pipe (your ISP). Until your local pipe is full, you can put water into it as fast as you desire. But once it is full, the volume slows down because you can only put in as much as you are taking out (your cable modem connection/outflow valve). So what speakeasy and various other speed testing sites see is the effect of filling up your local pipe (your connection to your ISP).
What a large file download shows you is the actual throughput.
BTW, this is also a quick, very simplified explanation of bandwidth (how much data you can pack into the pipe) vs. throughput (how fast you can actually pull data through the pipe).:)
We roast our own coffee, purchasing green coffee beans for ~30%-50% less than roasted (and stale) beans purchased in a store or coffee house. Roasted beans begin losing their flavour within the first week after roasting even if kept in stainless steel or glass air tight containers (NEVER plastic or paper. The acid picks up the flavour of the paper or plastic). By the end of the second week the oils in the beans has begun to turn rancid. This accounts for the strong harsh stale flavour many people associate with coffee. Oils in ground coffee will begin to turn rancid overnight and be stale within 36 hours.
Also, we use unbleached coffee filters in a standard drip coffee maker, with distilled water. Bleached coffee filters with treated water can both leave an aftertaste, as well as raise the level of chemicals in the brewed coffee.
For our roaster we use a simple hot air popcorn popper. It takes me about 30 minutes once a week to roast a weeks worth of coffee.
We just finished evaluation of a number of products as we also require full disk encryption. We are purchasing BestCrypt from Jetico. It also handles encryption of pagefile, swap files, swap partitions, and hibernation files.
We use ASSP at work (a government entity) and it is effective enough that when we DO have a spam slip through, users usally call to complain about it. It happens rarely enough that they forget to forward it to spam@.
I also use it at home and have nearly the same effectiveness.
As far as various technologies, I don't believe any solution which relies sole upon one or two technologies will be that effective. ASSP seems to be the best so far at combining SPF/Greylisting/bayesian/various others. I implemented several versions of anti-spam systems for filtering an average 300k+ messages per day at an ISP and NOC peaking around 500-650k during holidays, so I do have SOME prior experience with this issue.:) We looked at SpamAssassin, DSPAM, plain bayesian filtering (libmilter), ip blacklisting, RBL, forced validation schemes,.... ad nauseum. Unfortunately I hadn't gotten around to testing ASSP yet.
I personally know somone who has been targeted by the RIAA with a very similar phone call. Pay us $3750 (what is it about that number?) or else see us in court where we will get $175,000 US plus legal costs. No, it doesn't matter that it was your son's friend. It was your computer so you are responsible for the illegal downloading. Also there are a number of well documented court cases that have been covered by various online and meatspace news media. Apparently you work for the RIAA and are trying to downplay the issue, or you don't follow ANY kind of other news, OR you are simply a moron, or all of the above. The answers to your questions are all pretty easy to locate. They issue 'John Doe' subpoenas to ISP demanding connection logs showing who was using specific IPs at certain times. IP's they obtain from connecting to the p2p networks and browsing. They get those records and hand them to their goons. If the victim resists, the call the lawyers. Go do at least a minimal amount of reading and research next time.
You're the kind of jerk who gets what he expects to get from IT. When I run into someone like you it doesn't take to long to figure out what you think of someone in IT and you get treated exactly like you treat IT staff. I have a sneaking suspicion that you were one of the ones beating down the geeky kids and now you don't have the power and control you used to and you can't stand it.
Most IT staff I have known when I wasn't IT, and most that I work with now that I am in IT are decent people just like everybody else and if you treat them with the normal human respect you get normal human respect.
Sedennial's Corollary to the Golden Rule: On average you will likely have done to you what you project to others that you expect them to do to you. AKA: You often will get exactly what you ask for.
Did you miss the fact that blocking.wmf files/extensions means nothing for XP users? Because XP took a page from the 'magic bytes' of Unix and recognizes.wmf files from the image header, it can (and will) in some circumstances render them regardless of the extension. So naming it.bbb will bypass your perimeter filters completely.
Yes, but if you read the article you would find that this only affect customers who are single homed behing Cogent OR L3 for that very reason. If you are singlehomed and your ISP shuts down all their peering and no longer accounts route announcements containing L3 AS (or vice-versa) you are fundamentally screwed.
This is a classic example of why all businesses who are internet dependent (most busineses nowadays) should either have high-speed DSL as a backup at the least, or some other provider ready to go. A number of ISP's will provide 'standby' connectivity for a nominal fee where everything is ready to go and you only pay a maintainence fee unless you need to actually turn up the connection.
You get a cheap(er) router for your small business, get private BGP (announce private AS) between two isps and yourself, and only use the second one if you have a situation like this.
We have a number of customers we work with that we have helped them set up exactly this scenario. Business cable, DSL, and fiber customers who have a 2nd ISP (usually 3-5 Mb DSL) they only use for fail over. Usually costs under $75/mon to have the backup service ready to go.
I have a Tor onion router/proxy available at 64.95.182.163:8118 which will let you get to the site. Feel free to use it. The Tor network is still somewhat slow, but it works.
So now instead of, "gimme the watch and the wallet man and nobody gets hurt!", it'll be..."ok, this is gonna hurt you a whole lot more than it'll hurt me....*YANK*".
And could you get L&I insurance or disability insurance claim for a torn fingernails now? =)
And a whole new movie plot method of hiding the secret informtaion....encode it on the parrot's toenail!!!!!
Slashdot Mirror
On call 24x7, pager, company cell, laptop always available and required to respond. So no 'vacations' without cell service. Job description carefully written so that we were exempt from overtime laws and standby/oncall compensation. Figured out that just based on the number of hours physically at the NOC I was earning the same as a entry-level clerk at a nearby supermarket, and if I figured in the number of hours responding to issues outside the office I was making less than minimum wage.
Now I have no mandatory OT requirement, no mandatory on-call, 40 hour work week, 30+ days off per year (counting federal holidays), comp time, and a 401(k), and they pay, either in part or in whole, for a lot of my certifications and training.
Which is also why I support unionizing IT workers (and my current IT department is part of a union).
Actually it isn't. I work for a publicly owned electric and telecom utility. At a cost that can run upwards of a million (yes, $1,000,000) per *mile* to replace move aerial to underground, the rate payers don't generally want to pay for it. Almost all new construction is buried.
And while it seems like most of the causes for outages would be removed by going underground, you only exchange one set of causes for another. Cars get replaced by gophers. Trees on the line get replace by ice when conduit riser fills with water and freezes. Aerial teardowns due to heavy equipment become backhoes that dig on the wrong place and tear up a line.
You also have confined space issues. Now instead of everyone being certified for climbing, bucket trucks, and cranes, they also have to add confined space training and equipment (including continuing education), confined space rescue teams, interlocal or interagency agreements for CSRTs. All of these things add hidden (but not cheap) costs.
In addition fault locating and repair on an underground is much more manpower and technology intensive than aerial. All of these things drive the cost.
Another problem that factors in is environmental regulations. It is much easier (and cheaper by hundreds of thousands of dollars) to get permission to do an aerial build than underground. Every underground build had to deal with permitting for aquifer contamination, native artifacts, wetlands remediation, and so on and so forth. Permitting can add 10% to 100% to a segment of utility infrastructure.
It all boils down to costs. If you can go to your local utility board, commission, or shareholder meeting and convince them that raising rates by 50% to 500% won't get them burned out of their homes, I'll bet they would jump at it. Every utility I know would love to move most of their aging infrastructure underground.
I grudgingly reactivated my FB account a few months ago to stay in touch with family, but the minute I see the first video ad I am actually deleting my account. I HATE those. If I land on a page with a video ad, I immediately close the tab and find my content elsewhere. The exception I make to this is youtube because I'm THERE for video content.
I have similar problem with OCD/ADHD tendancies. I can fixate on conversations, music, beeps, noises, etc. I have several pairs of Panasonic RP-HC55-S noise cancelling in-ear buds (~$50), and I use either ambient music or white/pink noise tracks I have on my mp3 player. They don't cut out high frequencies as well, but the white noise masks a lot of that.
Ethernet over 9600 baud RS232 via a T1 TDM microwave channel. If you follow this entire path end-to-end you would traverse CWDM fiber and a DS3 SONET ring, all the way down to a hand-built addressable serial bridge. Also running 2400 baud serial over ethernet (yes the reverse) using a cell phone at the remote location as the modem.
Games: Civ III,IV
Galactic Civilizations II, Fallen Enchantress (Pretty please Brad?)
Mechwarrior Online
Skyrim
Star Citizen (forthcoming)
Other Apps:
Office. Seriously. This also keeps me tied to Windows and I hate it. Yes, I know about OpenOffice, but there are certain things that just don't work the way I need them too and I can't spend hours fixing every powerpoint presentation and revision I receive just so that I can use it under OO.
I agree. This list is probably opsec from DHS side. Disinformation. If it was me, I would have technically a 'keyword list' matching system specifically for release in FOIA situations like this. The actual searching/identification/tagging is algorithmic and context based and has very little to do with this list.
Not necessarily. The keyword list published probably is only the trigger key links. If you also started talking about 'social media' in the context of 'covert channel' you can bet that social media would raise a red flag.
Many of the algorithms used (especially some implementations of Bayesian filters) for this type of scoring are more than capable of correctly (or almost always correctly) identifying and excluding 'trolling'. You look for patterns of recurring words or linked words or synonymic links (aka if 'anthrax' is in my list, also look for '((bacterial OR viral)+agent)'. You look for deltas in the frequency of occurrence with persistence. Couple that with dynamic weighting based on local/national/global new events. So if you suddenly start using the words 'anthrax', 'cities', and 'target' when there isn't anything like that going on, and your conversation persists, that will get a high score. If every 17 days you post a tweet that contains a city name, a time, and a "random" dictionary word (aka a one-time crypto pad), that will probably score much higher than your talking about anthrax right after someone sends a bunch of letters with white powder around the country. IThe sophistication of the language context analysis software that is in existence is way past anything that most people realize.
Actually there is a fiscal reason that doesn't have anything to do with profit directly, but the cost of regulatory compliance. I work for a small electric utility that takes online credit card payments and payments via phone. If people understood how much it costs us in time and equipment to maintain regulatory compliance for PCI/DSS alone they might stop asking some of these questions. We spend hundreds of person hours a year to maintain our ability to provide this service to our customers. We have to perform regular internal audits. We have to perform vulnerability assessments and mitigation specifically related to PCI compliance that we would not otherwise have to mitigate. We have to pay for external audits. We have to maintain, audit, track, systems that are there specifically so that we are PCI compliant. Systems that duplicate other perfectly acceptable and functional systems but those systems don't meet certain criteria that make them 'compliant'. Failure to maintain the correct paperwork, audits, assessments, equipment, and documentation for all of the above (yes we have a paper trail to document our paperwork) can result in fines or loss of our ability to accept payments via online or phone. We only have about 40,000 customers but we dedicate close to $100,000 year in hours, and this doesn't include additional firewalls and network infrastructure capital and maintenance costs.
These regulatory burdens apply to ANY entity that accepts credit cards or e-check via phone or online. So whether you see the figure as a line item or not, you are paying for it.
I have to concur with this. In 91 or 92 (I don't remember for sure) I was one of the early group of individuals who downloaded the original PGP that Phil Zimmerman wrote from an online bulletin board. I hung onto that file until several years after the USG decided to drop the whole mess. I've advocated for global adoption of email signing (would substantially reduce the spam problem), and I've been a strong proponent of the general use of encryption and key exchange for email. Over the last couple decades I've implemented email encryption (primarily for signing) off and on, always abandoning it after a while because the percentage of people utilizing it just gets smaller each year. When I do have need to transmit encrypted files (which I do several times a year), I encrypt the files out of band (i.e. not in email) using GnuPG or OpenPGP (PGPi), and I perform the key exchange (if I don't have it) via another method. Then I email the encrypted file as an attachment, or in some cases use SFTP/SCP over ToR to transfer the encrypted data file.
ISC(2) CISSP if you are on a Management or InfoSec track, SANS GSEC, GCIH, GCFA, GAWN would be my top choices for more technical/practical track.
If you understand the concepts for logic, iterative problem solving and analysis, and the fundamentals of how modular, linear, and OOP programming work, and when to apply which type of design, you can learn the intricacy's of any language. I'd rather work with a someone who is generally familiar with a dozen 'languages' but understands and can apply the above fundamentals, than someone who can whip out an entire application + GUI in C# or Mono but can't break a problem down into it's component parts and if confronted with a PERL application gets a blank stare and says "What's this?" instead of "Give me enough time and I can figure this out!".
If you have the skillset to build and maintain such a box as you've described, frankly I'm slightly surprised that you are asking this question. Use SSH (Cygwin+SSH or Putty if you run windows on the far side) for your remote connections and tunnel your VNC connection through your SSH. Use screen to maintain your CLI/term windows.
Problem solved. I would expect that with minimal reading you should be able to become comfortable with this in less than a day.
You may not be able to justify completely excluding them. However, if you have any data that could in any way be linked to specific individuals, you may be able to achieve your goals by putting onerous liability requirements. Require them to sign a 'transfer of risk or liability' contract or form in which they assume liability and responsibility for any financial or criminal data breach, leakage, etc. Also can you require signed confidentiality or legal contract form each employee who will be accessing the data. Tell them you will happily give access but each individual will have their own unique username and password for auditing and issue tracking purposes, and write in the contract that sharing these passwords will result in revocation of priviliges. Possibly modify your contract or financial relationship to include billing for additional issues resulting from 'I tried this query and now the database isn't responding for anytone'. If you turn the issue around in such a way that their managers or company has to carry the financial impact, you will at least be able to minimize the number of people who have access to the data.
This is not at all uncommon. Having worked as a network engineer for an ISP for 7 years just prior to my current job, I can tell you that this is common practice, especially if they are using any ATM. One of the reasons is that most session based transactions (web pages, email downloads, etc) are over in a few seconds. It actually provides better throughput and congestion control for the entire network to allow the initial transaction to burst at a higher speed, since a huge portion of those transactions are over very quickly.
:)
Think of the connection as a large pipe (your cable connection) with a small outflow valve (your modem), connected to a larger, higher pressure pipe (your ISP). Until your local pipe is full, you can put water into it as fast as you desire. But once it is full, the volume slows down because you can only put in as much as you are taking out (your cable modem connection/outflow valve). So what speakeasy and various other speed testing sites see is the effect of filling up your local pipe (your connection to your ISP).
What a large file download shows you is the actual throughput.
BTW, this is also a quick, very simplified explanation of bandwidth (how much data you can pack into the pipe) vs. throughput (how fast you can actually pull data through the pipe).
We roast our own coffee, purchasing green coffee beans for ~30%-50% less than roasted (and stale) beans purchased in a store or coffee house. Roasted beans begin losing their flavour within the first week after roasting even if kept in stainless steel or glass air tight containers (NEVER plastic or paper. The acid picks up the flavour of the paper or plastic). By the end of the second week the oils in the beans has begun to turn rancid. This accounts for the strong harsh stale flavour many people associate with coffee. Oils in ground coffee will begin to turn rancid overnight and be stale within 36 hours.
Also, we use unbleached coffee filters in a standard drip coffee maker, with distilled water. Bleached coffee filters with treated water can both leave an aftertaste, as well as raise the level of chemicals in the brewed coffee.
For our roaster we use a simple hot air popcorn popper. It takes me about 30 minutes once a week to roast a weeks worth of coffee.
We just finished evaluation of a number of products as we also require full disk encryption. We are purchasing BestCrypt from Jetico. It also handles encryption of pagefile, swap files, swap partitions, and hibernation files.
We use ASSP at work (a government entity) and it is effective enough that when we DO have a spam slip through, users usally call to complain about it. It happens rarely enough that they forget to forward it to spam@.
:) We looked at SpamAssassin, DSPAM, plain bayesian filtering (libmilter), ip blacklisting, RBL, forced validation schemes, .... ad nauseum. Unfortunately I hadn't gotten around to testing ASSP yet.
I also use it at home and have nearly the same effectiveness.
As far as various technologies, I don't believe any solution which relies sole upon one or two technologies will be that effective. ASSP seems to be the best so far at combining SPF/Greylisting/bayesian/various others. I implemented several versions of anti-spam systems for filtering an average 300k+ messages per day at an ISP and NOC peaking around 500-650k during holidays, so I do have SOME prior experience with this issue.
I personally know somone who has been targeted by the RIAA with a very similar phone call. Pay us $3750 (what is it about that number?) or else see us in court where we will get $175,000 US plus legal costs. No, it doesn't matter that it was your son's friend. It was your computer so you are responsible for the illegal downloading. Also there are a number of well documented court cases that have been covered by various online and meatspace news media. Apparently you work for the RIAA and are trying to downplay the issue, or you don't follow ANY kind of other news, OR you are simply a moron, or all of the above. The answers to your questions are all pretty easy to locate. They issue 'John Doe' subpoenas to ISP demanding connection logs showing who was using specific IPs at certain times. IP's they obtain from connecting to the p2p networks and browsing. They get those records and hand them to their goons. If the victim resists, the call the lawyers. Go do at least a minimal amount of reading and research next time.
You're the kind of jerk who gets what he expects to get from IT. When I run into someone like you it doesn't take to long to figure out what you think of someone in IT and you get treated exactly like you treat IT staff. I have a sneaking suspicion that you were one of the ones beating down the geeky kids and now you don't have the power and control you used to and you can't stand it.
Most IT staff I have known when I wasn't IT, and most that I work with now that I am in IT are decent people just like everybody else and if you treat them with the normal human respect you get normal human respect.
Sedennial's Corollary to the Golden Rule: On average you will likely have done to you what you project to others that you expect them to do to you. AKA: You often will get exactly what you ask for.
Did you miss the fact that blocking .wmf files/extensions means nothing for XP users? Because XP took a page from the 'magic bytes' of Unix and recognizes .wmf files from the image header, it can (and will) in some circumstances render them regardless of the extension. So naming it .bbb will bypass your perimeter filters completely.
Yes, but if you read the article you would find that this only affect customers who are single homed behing Cogent OR L3 for that very reason. If you are singlehomed and your ISP shuts down all their peering and no longer accounts route announcements containing L3 AS (or vice-versa) you are fundamentally screwed.
This is a classic example of why all businesses who are internet dependent (most busineses nowadays) should either have high-speed DSL as a backup at the least, or some other provider ready to go. A number of ISP's will provide 'standby' connectivity for a nominal fee where everything is ready to go and you only pay a maintainence fee unless you need to actually turn up the connection.
You get a cheap(er) router for your small business, get private BGP (announce private AS) between two isps and yourself, and only use the second one if you have a situation like this.
We have a number of customers we work with that we have helped them set up exactly this scenario. Business cable, DSL, and fiber customers who have a 2nd ISP (usually 3-5 Mb DSL) they only use for fail over. Usually costs under $75/mon to have the backup service ready to go.
I have a Tor onion router/proxy available at 64.95.182.163:8118 which will let you get to the site. Feel free to use it. The Tor network is still somewhat slow, but it works.
So now instead of, "gimme the watch and the wallet man and nobody gets hurt!", it'll be..."ok, this is gonna hurt you a whole lot more than it'll hurt me....*YANK*".
And could you get L&I insurance or disability insurance claim for a torn fingernails now? =)
And a whole new movie plot method of hiding the secret informtaion....encode it on the parrot's toenail!!!!!
http://ftp.techline.com/corwin/castleinfinity/C8Se tup.exe
A mirror of the setup file is here