I don't think that's realistic. If you are a city and you want to manage your traffic lights the desire to use the existing internet infrastructure is going to be irresistable. As I said in my post I would certainly prefer these systems not be hooked up to the internet either but cities aren't going to build out a second communications infrastructure. And even if they went to that effort you know that the computer sitting in the city managers office that controls this secondary network is going to have an internet connection because the guy managing the traffic lights needs email, HR websites, etc. For example a list of lights that needs replaced has to be sent to the city maintenance department. No one is going to air-gap that.
I think we have to face the fact that we're moving beyond an era where we can secure systems and instead need to move towards mitigating the damage.
Let's think about our unupgradeable internet enabled toaster that counts our calories and orders fresh bread when it detects we've used up what we have. If that toaster gets hacked there are a few possible results:
1) It might set your house on fire. This should be mitigated by all toasters having appropriate physical sensors that are not software controlled to prevent a fire. A simple thermal fuse would cost only a cent or two. A manufacturer who builds a toaster that can be set on fire over the internet under any circumstances should face significant liability.
2) Your toaster might be turned into a spam machine or bitcoin miner or something similar. If this renders your toaster non-functional then you will throw it out because its broken and its no longer a problem.
3) Your toaster might be more carefully owned and remain functional. This is obviously the worst case. But the way to handle this is with improved perimiter defenses Routers should be enhanced to monitor for suspicious activity. You could get a virus alert or similar that notifies you your toaster is behaving oddly.
The level of protection needed depends on the device. Something with a camera or microphone needs more thoughtful security than a toaster. (Until our toasters include facial recognition to tune the desired level of toastiness).
Another related thought. One big issue we have is embedded systems are often networked together. Traffic lights for instance. My first choice would be that such devices not be on the internet, but if they must I think we could create some isolation or sandboxing. Imaging if each embedded traffic light had a mini-router chip that had some sort of unalterable channel code. Make sure that a traffic light can only talk to other traffic lights or control hardware with the same channel code. Beyond that, I think you are going to again have to rely on perimiter defenses built into routers to detect and interdict command/control from hackers and detect abuse of the traffic lights. Networked but safety critical systems such as traffic lights should have a fallback unnetworked mode (old fashioned timing in the case of traffic lights).
The point is there isn't any one size fits all solution but if we focus on risk reduction, periphery detection and, where critical, ways to disable networked behavior we can protect our infrastructure significantly better than it is now.
1) Some of these algorithms depend on receiving quality random number systems from the underlying operating system. It's possible some of those random number generators have been manipulated and its going to be pretty hard to check on Windows or OSX random number generators.
2) The backdoor's do not look like (if strncmp(pass,"NSA",3) == 0) { return plaintext }. The backdoors are sophisticated mathematical weaknesses in the algorithms. A code inspection is not sufficient to detect these kids of backdoors it takes dedicated analysis by experts. Just look at some of the discussions going on right now, some algorithms are suspect and you will hear real experts going back and forth on even if a weakness exists. AES have been around since 2001, approved by NIST based on a proposal by Belgian cryptographers. Does it have a back door? Let's hope to hell not.
DES was a good algorithm in its day but it's known (sorry I can't find the citation, I think it had something to do with how the S-boxes were chosen) that very slight changes to the algorithm dramatically weakens its effectiveness. Now in DES's case that didn't happen, good values were chosen, but it would have been easy to put in a nearly invisible weakness into the algorithm.
I was privileged to program on the Cray-2 back in the day. It was an awesome machine if you had the right kinds of problems for it to solve. My hat is off to the company who let me use the fastest computer in the world for my vi sessions:). That said it;s hardly surprising that the march of Moore's law has resulted in an iPad today beating a computer 13 or so years its senior.
Some perspective, anyone much older than the poster who is working in IT since they were 22 has had to deal with a VAST array of technology changes. Most people in the business are as eager as you are to stay on top of the latest technologies but you will find as you have a family and other life commitments that you won't have quite as much time to learn *everything*.
Sure some workplaces can be bad, I agree with other posters that if you don't fit in move along and find someplace you like better. But overall, I would guess you are not assessing your situation very clearly at the moment. Give it and your coworkers a little more time, I bet they know more than you think.
In 2001 you would have been able to pay virtually any bill online, and with CheckFree as a matter of fact. Checkfree mails a paper check to accounts that would not (at that time) accept electronic payment. I remmeber one time I made a mistake in entering the billers info and they mailed my payment to ME.
If this is the best spammers can do against Google I think we should be more impressed than concerned. Apparently most of these sites were up only a few days before being removed. And although they did manage to get on page 1 did anyone else notice how bad the site summaries looked? You'ld have to be a total idiot to click on any of those results even if they were page one.
The F-15 has not been retired, but the F-22 will be slowly replacing it over the next decade or two. And you are correct, no F-15 has ever been lost to enemy action in its entire 30+ year service life.
There actually was a game based on "The Prisoner" for the Apple ][ around 1980 or so. It used ascii graphics and had very unusual gameplay. It was very open ended for the time and quite interesting. I had trouble finishing it but it was written in basic so you could actually look at the source code to get hints on what to do.
If you can spin something at 1,000,000 RPM why not spin a copper coil inside a magnetic field and make electricity instead? Quite useful stuff I've heard.
Do you know how many useless DVDs and CDs I have due to scratches. I'd say as many as 30% are unplayable within six months. VHS works, its reliable, kids can't break them (usually). Sure VHS tapes wear out over 10 years or so, but DVDs wear out way faster.
Plus, what's not to like being able to fast forward WHEN YOU WANT. What a concept.
You want to sell me a PSP, then sell me a UMD-RW drive for my PC first. You would crush the competition in a variety of markets if I had the UMD's capacity with my own MP3s and videos on them.
1) Why aren't Visa/Mastercard/AMEX/Etc... also liable in cases like this? It seems like we could put a huge brake on Spam if the credit card companies had some responsibility? Also why would the bank cards tolerate this anyway, the chargeback rate must have been enourmous.
2) How did he hook into the internet with 5 high speed lines that did nothing but send email all day? Surely this traffic could be detected and blocked at the source.
3) How come spam doesn't burn out like a pyramid scheme? Surely the number of gullible people are finite. All of these spammers use the same lists. There has to be a point where every single person spammable has been reached. And surely by the gigantic volume we all get we must be close to that point.
I'm sure this has been posted before but I want to add my vote. If the site attracts speakers of a particular language, who cares. More power to them. Surely the english speakers will find plenty of sites open to them, way more sites than for people speaking other languages. Sounds to me like if you want to stay with Orkut and speak english you should invite a few more of your english speaking friends. I hear its a pretty common language so shouldn't be much trouble.
Not to denegrate Goldstine's contributions, they were important but he was really more of a project manager and made sure the defense department kept the money flowing. Presper Eckert and Dr. John Mauchly were the principle designers of the machine.
Note taking is not a very good use for the device unless maybe you buy a keyboard, but no I wouldn't recommend it for that. However it does easily import text files which I use all the time. For example at work I have a variety of backup/emergency procedures that I sometimes need to perform and with my Palm I can access those with two clicks.
Another thing it is very good at is pre-built lists... for instance grocery shopping. There are several apps that let you prebuild a list of things you buy and then just use check boxes to keep track of what you need to purchase right now.
Here's another great thing I do with my palm. I have a variety of things I need to back up, MP3s, email, quicken records... but I need to back up Quicken more often than my MP3s. So in my Palm I have a list of all the things I need to back up and when they were last backed up. In about a second I can look over my backups and see if there are any I need to get moving on. I do the same thing for routine maintenance on the house like cleaning gutters.
Specifically for to-do lists I will admit it is very slighly slower to write down say a one sentence to-do item then it is to do the equivalent on paper but it is balanced by the ease of finding the to-do later and being reminded of a time sensitive to-do
If they know what they are doing the pictures will be encrypted. If not you are probably right in which case they are gonna run out of cameras pretty fast. I'd love to have a $10 2 mega-pixel camera even if it doesn't have an LCD. Heck I'd give each of my kids one.
Have you actually tried it and listened to the results? It actually works fairly well. If you have $10,000 speakers at home then what are you doing listening to any form of compressed music? But for most of us it sounds just fine.
Slashdot Mirror
I don't think that's realistic. If you are a city and you want to manage your traffic lights the desire to use the existing internet infrastructure is going to be irresistable. As I said in my post I would certainly prefer these systems not be hooked up to the internet either but cities aren't going to build out a second communications infrastructure. And even if they went to that effort you know that the computer sitting in the city managers office that controls this secondary network is going to have an internet connection because the guy managing the traffic lights needs email, HR websites, etc. For example a list of lights that needs replaced has to be sent to the city maintenance department. No one is going to air-gap that.
I think we have to face the fact that we're moving beyond an era where we can secure systems and instead need to move towards mitigating the damage.
Let's think about our unupgradeable internet enabled toaster that counts our calories and orders fresh bread when it detects we've used up what we have. If that toaster gets hacked there are a few possible results:
1) It might set your house on fire. This should be mitigated by all toasters having appropriate physical sensors that are not software controlled to prevent a fire. A simple thermal fuse would cost only a cent or two. A manufacturer who builds a toaster that can be set on fire over the internet under any circumstances should face significant liability.
2) Your toaster might be turned into a spam machine or bitcoin miner or something similar. If this renders your toaster non-functional then you will throw it out because its broken and its no longer a problem.
3) Your toaster might be more carefully owned and remain functional. This is obviously the worst case. But the way to handle this is with improved perimiter defenses Routers should be enhanced to monitor for suspicious activity. You could get a virus alert or similar that notifies you your toaster is behaving oddly.
The level of protection needed depends on the device. Something with a camera or microphone needs more thoughtful security than a toaster. (Until our toasters include facial recognition to tune the desired level of toastiness).
Another related thought. One big issue we have is embedded systems are often networked together. Traffic lights for instance. My first choice would be that such devices not be on the internet, but if they must I think we could create some isolation or sandboxing. Imaging if each embedded traffic light had a mini-router chip that had some sort of unalterable channel code. Make sure that a traffic light can only talk to other traffic lights or control hardware with the same channel code. Beyond that, I think you are going to again have to rely on perimiter defenses built into routers to detect and interdict command/control from hackers and detect abuse of the traffic lights. Networked but safety critical systems such as traffic lights should have a fallback unnetworked mode (old fashioned timing in the case of traffic lights).
The point is there isn't any one size fits all solution but if we focus on risk reduction, periphery detection and, where critical, ways to disable networked behavior we can protect our infrastructure significantly better than it is now.
There are two issues with this.
1) Some of these algorithms depend on receiving quality random number systems from the underlying operating system. It's possible some of those random number generators have been manipulated and its going to be pretty hard to check on Windows or OSX random number generators.
2) The backdoor's do not look like (if strncmp(pass,"NSA",3) == 0) { return plaintext }. The backdoors are sophisticated mathematical weaknesses in the algorithms. A code inspection is not sufficient to detect these kids of backdoors it takes dedicated analysis by experts. Just look at some of the discussions going on right now, some algorithms are suspect and you will hear real experts going back and forth on even if a weakness exists. AES have been around since 2001, approved by NIST based on a proposal by Belgian cryptographers. Does it have a back door? Let's hope to hell not.
DES was a good algorithm in its day but it's known (sorry I can't find the citation, I think it had something to do with how the S-boxes were chosen) that very slight changes to the algorithm dramatically weakens its effectiveness. Now in DES's case that didn't happen, good values were chosen, but it would have been easy to put in a nearly invisible weakness into the algorithm.
Nice try NSA
Oops, yes I seem to have lost a decade somewhere, guess my slow clock speed is showing.
The Cray-2 had a variant of Unix called UniCos (Unix Cray operating system). I'm sure slashdot could port Linux to it :).
I was privileged to program on the Cray-2 back in the day. It was an awesome machine if you had the right kinds of problems for it to solve. My hat is off to the company who let me use the fastest computer in the world for my vi sessions :). That said it;s hardly surprising that the march of Moore's law has resulted in an iPad today beating a computer 13 or so years its senior.
Some perspective, anyone much older than the poster who is working in IT since they were 22 has had to deal with a VAST array of technology changes. Most people in the business are as eager as you are to stay on top of the latest technologies but you will find as you have a family and other life commitments that you won't have quite as much time to learn *everything*.
Sure some workplaces can be bad, I agree with other posters that if you don't fit in move along and find someplace you like better. But overall, I would guess you are not assessing your situation very clearly at the moment. Give it and your coworkers a little more time, I bet they know more than you think.
Another important point, they used lower than typical voltage, this also contributed to extending the lifetime of the tubes.
In 2001 you would have been able to pay virtually any bill online, and with CheckFree as a matter of fact. Checkfree mails a paper check to accounts that would not (at that time) accept electronic payment. I remmeber one time I made a mistake in entering the billers info and they mailed my payment to ME.
If this is the best spammers can do against Google I think we should be more impressed than concerned. Apparently most of these sites were up only a few days before being removed. And although they did manage to get on page 1 did anyone else notice how bad the site summaries looked? You'ld have to be a total idiot to click on any of those results even if they were page one.
The F-15 has not been retired, but the F-22 will be slowly replacing it over the next decade or two. And you are correct, no F-15 has ever been lost to enemy action in its entire 30+ year service life.
There actually was a game based on "The Prisoner" for the Apple ][ around 1980 or so. It used ascii graphics and had very unusual gameplay. It was very open ended for the time and quite interesting. I had trouble finishing it but it was written in basic so you could actually look at the source code to get hints on what to do.
If you can spin something at 1,000,000 RPM why not spin a copper coil inside a magnetic field and make electricity instead? Quite useful stuff I've heard.
Do you know how many useless DVDs and CDs I have due to scratches. I'd say as many as 30% are unplayable within six months. VHS works, its reliable, kids can't break them (usually). Sure VHS tapes wear out over 10 years or so, but DVDs wear out way faster.
Plus, what's not to like being able to fast forward WHEN YOU WANT. What a concept.
You want to sell me a PSP, then sell me a UMD-RW drive for my PC first. You would crush the competition in a variety of markets if I had the UMD's capacity with my own MP3s and videos on them.
1) Why aren't Visa/Mastercard/AMEX/Etc... also liable in cases like this? It seems like we could put a huge brake on Spam if the credit card companies had some responsibility? Also why would the bank cards tolerate this anyway, the chargeback rate must have been enourmous.
2) How did he hook into the internet with 5 high speed lines that did nothing but send email all day? Surely this traffic could be detected and blocked at the source.
3) How come spam doesn't burn out like a pyramid scheme? Surely the number of gullible people are finite. All of these spammers use the same lists. There has to be a point where every single person spammable has been reached. And surely by the gigantic volume we all get we must be close to that point.
Can someone please tell me which MMORPG did NOT have a sub-optimal launch?
I'm sure this has been posted before but I want to add my vote. If the site attracts speakers of a particular language, who cares. More power to them. Surely the english speakers will find plenty of sites open to them, way more sites than for people speaking other languages. Sounds to me like if you want to stay with Orkut and speak english you should invite a few more of your english speaking friends. I hear its a pretty common language so shouldn't be much trouble.
Not to denegrate Goldstine's contributions, they were important but he was really more of a project manager and made sure the defense department kept the money flowing. Presper Eckert and Dr. John Mauchly were the principle designers of the machine.
Note taking is not a very good use for the device unless maybe you buy a keyboard, but no I wouldn't recommend it for that. However it does easily import text files which I use all the time. For example at work I have a variety of backup/emergency procedures that I sometimes need to perform and with my Palm I can access those with two clicks.
Another thing it is very good at is pre-built lists... for instance grocery shopping. There are several apps that let you prebuild a list of things you buy and then just use check boxes to keep track of what you need to purchase right now.
Here's another great thing I do with my palm. I have a variety of things I need to back up, MP3s, email, quicken records... but I need to back up Quicken more often than my MP3s. So in my Palm I have a list of all the things I need to back up and when they were last backed up. In about a second I can look over my backups and see if there are any I need to get moving on. I do the same thing for routine maintenance on the house like cleaning gutters.
Specifically for to-do lists I will admit it is very slighly slower to write down say a one sentence to-do item then it is to do the equivalent on paper but it is balanced by the ease of finding the to-do later and being reminded of a time sensitive to-do
Actually the book has been out for several months now. I'm not defending it necessarily, but it wasn't rushed out for Christmas.
If they know what they are doing the pictures will be encrypted. If not you are probably right in which case they are gonna run out of cameras pretty fast. I'd love to have a $10 2 mega-pixel camera even if it doesn't have an LCD. Heck I'd give each of my kids one.
Have you actually tried it and listened to the results? It actually works fairly well. If you have $10,000 speakers at home then what are you doing listening to any form of compressed music? But for most of us it sounds just fine.
So what's the big deal, get the players permission. If they don't get it their picture shouldn't be in the game.