Forget about trying to monitor everything. It's not possible. Just set him up with OpenDNS and have it block 'unsavory' websites for him. Beyond that you're going to need to invent HAL... and we all know how that turned out.
I don't see how these two topics are tied together. The article is full of a few facts and plenty of uninformed opinion. Parts of the scrolls have been displayed in PUBLIC in the past. I've seen them in Milwaukee WI. http://www.mpm.edu/dead-sea-scrolls/
I also personally know scholars who have studied the scrolls. So they finally got around to putting them on the internet. Great. But the author of this article is the paranoid one - we weren't suffering from any type of information paranoia until he showed up.
The digital age hasn't killed the post office. they're just too focused on what they used to do: letters. Inability to change is killing the USPS. They should be focused on what people do now: buy goods online and have it shipped in a box to their home. I almost never see the USPS listed as a shipping option. The post office needs to ask themselves why this isn't so, and then figure out how to fix it.
My senior seminar project as a CS undergrad (2005) was the creation of a motion sensing surveillance system. Part of the demonstration I did during the presentation was to show how my software could monitor cameras from around the world for motion. In many cases I had no idea where the cameras were physically located. Later as part of my Masters thesis (2010), I extended the software to include face recognition... now it can identify "John Doe" and you can have it tell you when it see's specific people in a specific scene (white lists, black lists and reports on who has been seen).
I've always thought that combining the face recognition and motion sensing features with a library of pictures harvested from Facebook and LinkedIn would result in something very interesting from many points of view...
i only have one computer connected to that server via gigabit, and i'm 90% sure that there is a problem with the gigabit chipset on that client computer. It's an older chipset that does't properly support jumbo frames. The harddisks/zfs aren't the bottleneck.
hmmm, well the most obvious feature that ZFS has that Ext4 does not is check summing.
That feature is one reason why ZFS is better (it will tell you if your disk is going bad, and if you have a raid setup, it will go get the good data for you). However, this is also one reason why ZFS is slower... it spends time making sure your data is safe and that it always gives you the correct bits from your disk.
That single feature is why I run FreeBSD (looking forward to kFreeBSD/debian!) on my file server in a mirrored raid configuration. Yes, it is "slower", but I still pull data off that server at over 50MB/sec on my home gigabit lan! The specs on that server aren't great either... 2GB ram, and an old 1.6GHZ single core sempron.
The S in SD means "Secure" which is an acronym for DRM... and how that DRM exactly works is not public... Microsoft is probably using the DRM feature of the cards... where as most other companies to this point have not been that brave...
Re:OSNews? Thom Holwerda? Seriously?
on
OpenBSD 4.8 Released
·
· Score: 2, Insightful
I agree and that's why I use it for internet facing machines I don't want have to worry about! Just look at the 4.7 release. There were 7 patches for the kernel & userland 2 of which were categorized as security. The best someone attacking the system could do is cause a daemon to crash or possibly cause a panic. During the same 6 month time frame linux quite a few more security issues crop up including one that could be used to get root on a box. ouch.
but be sure to write down google's ssl fingerprint... and check it every now and then yourself. You never know when your place of work decides to start intercepting https! Mine did recently until I pointed out issues with HIPAA compliance in conjunction with our limited personal use policy! They (work) installed their own certificate on everyone's computers (but they didn't do Firefox which is why i noticed)... and then they modified the proxy servers to start taking a peek before re-encrypting and sending it along:(
even inbound it's true, but in a different way. My ISP blocks port 80, but not 443:) So I run my webserver on 443 with a self signed cert which is quite hard to spoof;) Luckily they don't block 22... though maybe they should given how much work my DenyHosts is doing for me......
At work, I use a tunnel to bypass the special filtering they do, 443 (cgi-proxy) and 22 (ssh) are my friends...
In the end they haven't prevented anything, just made me go through a couple of extra hops - both at work and at home.
And it took you how long to figure this out? Anyone with real security in mind would create their own certificates and sign them. What's always been missing is a convenient way to verify the identify of the person you're communicating with. CAs only help in certain situations. SSL has always been more about encrypted content than identification no matter what people try to tell you.
No they don't have a better resume, but you can switch from one bad insurance company to another. You still have that choice (some might call it a freedom).
With the government as your provider, you're stuck if you don't like how things are working. You can't just switch to another provider. Allowing many providers and promoting competition is democracy at work. People switch to the ones that are best meeting their needs. You might have to pick between several providers that are not perfect fits for what you need, but at least you have that freedom. This is the whole idea of democracy.
The Pointy Haired Boss Knows Best, People
on
Health Care Reform
·
· Score: 1
I do software.... all software has bugs. Bills are a lot like software that is interpreted by people. I'm a little bit skeptical of something this large being thrown into production all at once with almost no testing to replace an aging program that has worked (albeit with flaws) for decades. This has all the feel of a Dilbert comic, but with a completely new level of pointy haired bossedness (Ph. B.)... we tried this once where I work on a $20millon project, and it ended up costing over $75M to fix!
the problem is actually worse than you think... especially if the library of congress keeps on site backups in the form of hard disks.... that contain the "entire" library of congress...
Slashdot Mirror
I've been using ZFS on linux for years with nightly backup jobs that rely on rsync. I've never had a problem.
don't over think it!
mod parent up!
Forget about trying to monitor everything. It's not possible. Just set him up with OpenDNS and have it block 'unsavory' websites for him. Beyond that you're going to need to invent HAL... and we all know how that turned out.
rsync
I don't see how these two topics are tied together. The article is full of a few facts and plenty of uninformed opinion. Parts of the scrolls have been displayed in PUBLIC in the past. I've seen them in Milwaukee WI. http://www.mpm.edu/dead-sea-scrolls/
I also personally know scholars who have studied the scrolls. So they finally got around to putting them on the internet. Great. But the author of this article is the paranoid one - we weren't suffering from any type of information paranoia until he showed up.
The digital age hasn't killed the post office. they're just too focused on what they used to do: letters. Inability to change is killing the USPS. They should be focused on what people do now: buy goods online and have it shipped in a box to their home. I almost never see the USPS listed as a shipping option. The post office needs to ask themselves why this isn't so, and then figure out how to fix it.
...and then.... tunnel ssh through the unencrypted link! genus!
My senior seminar project as a CS undergrad (2005) was the creation of a motion sensing surveillance system. Part of the demonstration I did during the presentation was to show how my software could monitor cameras from around the world for motion. In many cases I had no idea where the cameras were physically located. Later as part of my Masters thesis (2010), I extended the software to include face recognition... now it can identify "John Doe" and you can have it tell you when it see's specific people in a specific scene (white lists, black lists and reports on who has been seen).
I've always thought that combining the face recognition and motion sensing features with a library of pictures harvested from Facebook and LinkedIn would result in something very interesting from many points of view...
i only have one computer connected to that server via gigabit, and i'm 90% sure that there is a problem with the gigabit chipset on that client computer. It's an older chipset that does't properly support jumbo frames. The harddisks/zfs aren't the bottleneck.
hmmm, well the most obvious feature that ZFS has that Ext4 does not is check summing.
That feature is one reason why ZFS is better (it will tell you if your disk is going bad, and if you have a raid setup, it will go get the good data for you). However, this is also one reason why ZFS is slower... it spends time making sure your data is safe and that it always gives you the correct bits from your disk.
That single feature is why I run FreeBSD (looking forward to kFreeBSD/debian!) on my file server in a mirrored raid configuration. Yes, it is "slower", but I still pull data off that server at over 50MB/sec on my home gigabit lan! The specs on that server aren't great either... 2GB ram, and an old 1.6GHZ single core sempron.
The S in SD means "Secure" which is an acronym for DRM ... and how that DRM exactly works is not public... Microsoft is probably using the DRM feature of the cards... where as most other companies to this point have not been that brave...
I agree and that's why I use it for internet facing machines I don't want have to worry about!
Just look at the 4.7 release. There were 7 patches for the kernel & userland 2 of which were categorized as security. The best someone attacking the system could do is cause a daemon to crash or possibly cause a panic. During the same 6 month time frame linux quite a few more security issues crop up including one that could be used to get root on a box. ouch.
but be sure to write down google's ssl fingerprint... and check it every now and then yourself. You never know when your place of work decides to start intercepting https! Mine did recently until I pointed out issues with HIPAA compliance in conjunction with our limited personal use policy! They (work) installed their own certificate on everyone's computers (but they didn't do Firefox which is why i noticed)... and then they modified the proxy servers to start taking a peek before re-encrypting and sending it along :(
Also, read this: http://samizdat.mines.edu/howto/HowToBeAProgrammer.html
Use notepad or nano and write down everything. This way you won't have to ask more than once for something.
you, sir, have just preached to the choir ;)
but... Linux doesn't have bugs!!
even inbound it's true, but in a different way. My ISP blocks port 80, but not 443 :) So I run my webserver on 443 with a self signed cert which is quite hard to spoof ;) Luckily they don't block 22... though maybe they should given how much work my DenyHosts is doing for me......
At work, I use a tunnel to bypass the special filtering they do, 443 (cgi-proxy) and 22 (ssh) are my friends...
In the end they haven't prevented anything, just made me go through a couple of extra hops - both at work and at home.
And it took you how long to figure this out? Anyone with real security in mind would create their own certificates and sign them. What's always been missing is a convenient way to verify the identify of the person you're communicating with. CAs only help in certain situations. SSL has always been more about encrypted content than identification no matter what people try to tell you.
ad hominem arguments do not help the debate
No they don't have a better resume, but you can switch from one bad insurance company to another. You still have that choice (some might call it a freedom).
With the government as your provider, you're stuck if you don't like how things are working. You can't just switch to another provider. Allowing many providers and promoting competition is democracy at work. People switch to the ones that are best meeting their needs. You might have to pick between several providers that are not perfect fits for what you need, but at least you have that freedom. This is the whole idea of democracy.
I do software.... all software has bugs. Bills are a lot like software that is interpreted by people. I'm a little bit skeptical of something this large being thrown into production all at once with almost no testing to replace an aging program that has worked (albeit with flaws) for decades. This has all the feel of a Dilbert comic, but with a completely new level of pointy haired bossedness (Ph. B.)... we tried this once where I work on a $20millon project, and it ended up costing over $75M to fix!
the problem is actually worse than you think... especially if the library of congress keeps on site backups in the form of hard disks.... that contain the "entire" library of congress...
since when can't lasers pass through walls!? :) Use a BIGGER lazer!