The police officer's actions are unlawful, and he should be prosecuted.
The 5th amendment is very clear: it is unlawful to take anyone's property without due process of law.
Seizing by physical force and smashing is just as unlawful.
I think the cloud is safer, actually. In a case like this it doesn't matter, but if you're recording police misconduct occurring at your own home, they're likely to destroy and/or confiscate all your electronic equipment.
Don't let them know you are recording it. The first they will hear about it is when you file a formal complaint about the officers.
If you can't trust the police, how can you trust the cloud? Back it up to your own computer, which should ideally create a torrent automatically...
Back it up to multiple cloud-based systems that automatically distribute it to other read-only systems that are distributed worldwide and from which it cannot be withdrawn.
flash memory is rather small and can be durable. what are the chances that even smashing it that they didn't do much other than break the screen? i didn't read the article, but the video could possibly still be recoverable.
The phone is a nice crash shell for the flash memory. There is a good chance, the data could be recovered off the phone, but specialized expertise might be required --- electronics the flash memory is attached to may be damaged.
If you want to make sure you destroy any memory on the phone, you need to use something like a Blender to you know, blend the phone. Noone's going to re-assemble a totally shattered flash memory card, even though many of the individual cells may be intact, you effectively then cannot read them, at least not inexpensively
Unfortunately, the bridge called Galloping Gertie (Tacoma Narrows Bridge) totally collapsed on November 7th 1940.
Four months after the bridge had opened.
I'm all for harnessing air turbulence to generate electricity (as long as this does not adversely effect climate or weather)
But realistically... we should not build bridges that gallop.
I am not in favor of designing more bridges to be like Galloping Gertie, for the sake of generating a little juice.
That's just plain dangerous -- the engineering involved is complicated enough, and the danger great enough, when the structure is designed to be stationary.
Even if a galloping structure can be made safe, I imagine it would not remain safe after a number of years wear and tear.
If you want to generate electricity using the wind --- it's worth building a dedicated structure for that purpose,
or sticking to remote areas, rather than adding non-safety/reliability/stability/longevity goals to the design of major transit infrastructure.
That way, public safety implications will be more limited.
You have to understand that $3400 in China is a lot closer to a year's salary than you might think.
Really? What does an iPad2 cost in China? The article seemed to suggest the boy could have saved
the money, but choose not to. If annual salaries in his area were $3400, the boy would have little/no chance of saving
a few $k.
Could it be that not everyone in China has the same salary? Perhaps you should revisit that.
China has a massive population, and I am sure not everyone has the same salary.
Not everyone in China can be a farmer, farm worker, and sweat shop worker.
There are actually businesses that exist in China, you know....
I would expect anyone who has enough media access to know about, understand, and want an iPad2,
is not in the substinence farming crowd.
Clearly the boy/his family have discretionary income; otherwise, he might be selling his kidney for food,
water, or shelter.
There is no current "overpopulation" problem. Almost every human produces more than they consume.
You're in denial. Just because there is not a space exhaustion problem, or people produce more items than they consume, does not mean there is no resource exhaustion problem.
You see, the resources people produce are less useful than resources that have to be consumed for them to continue to survive, there is an increase in entropy, and there is a reduction in total available energy that humans can harness.
For example, the earth has a net loss in available fossil fuels required for transportation of resources, fertilizing, growing crops, manufacturing everyday household materials, and special purpose materials used for medicine, etc.
When fossil fuels are exhausted, there may be a mass die-off event within the human species, due to the massive reduction in possible food production and transportation.
If you don't need a high end mac server, having one is a liability in various ways; aside from the fact spare parts are expensive, and what will have to happen if it breaks after warranty. You could also consider making the server dual-use.... E.g. have it double as the Boss' workstation.
"I'm the 'IT guy' for an office of about a dozen people. And when I say IT guy, I mean I'm the only one here who can use google well enough to figure out how to make things work. We have a 500GB Mac server with a Drobo with 6TB of storage attached So far all this server does is back up data,
A 6TB drobo is plenty of backup storage. Sell the overpriced Mac server (assuming it's relatively new and sells for a lot) and buy an inexpensive Dell server, as you don't need a MacOS server for backups. You're working backwards --- you don't just buy expensive servers and look for things they can do; your department gets asked to meet technology needs of the business, you determine how to meet those needs, and some might involve providing services that require a server -- there are also some system administration functions (such as single signon, central user management, endpoint policy management) that may require a server.
Your organization should be planning what it wants the IT infrastructure to do, and budgeting and acquiring servers appropriately as required to solve problems and satisfy the needs facing the organization.
If you find you actually got equipment not being utilized, then someone screwed up.
I've seen people fired for blowing their IT budget on a Mac server, when there was no real justification for why the server absolutely had to be that uber-expensive type, and cheap Linux/Windows servers on the market would serve the file sharing/backup function just as well.
Many small businesses don't need any servers at all, anymore, now that certain NASes can commonly fill the role of file servers.
Perhaps a NAS device (or other solution) for backups. Another reason small businesses might have a server is for DHCP, DNS, active directory,
and shared applications. Databases used by SMB apps are usually peer-to-peer or something like an access DB hosted on a CIFS file share.
and I want to make it a little more useful. We also have a Filemaker server on it, which I have yet to learn how to use at all, let alone efficiently.
Just because you have a filemaker instance, doesn't mean that using it would be a good choice.
That's a "when you have a hammer handy, everything looks like a nail" thing.
Seeing as you don't know how to use filemaker, and have no long term planning for type of use/
ongoing maintenance, and you probably have limited administration knowledge of filemaker -
that's yet more reasons to avoid deciding to put that piece of software into production at this point ---
you should understand it, be trained on it, understand how it works in detail before you consider creating
anything with filemaker and championing it as something the business should rely on.
Why not CC0? Why do they care to prevent that? Or is "public domain" already an option?
CC-BY-NC-SA should also be an option.
Frankly... I should be able to license my videos however I want, and tell Google whether I wish to allow other people to mix my videos.
The burden of compliance with the CC-BY-NC would then be with the end user. The last thing I want is someone taking my content, putting it in a commercial video, and selling it to viewers to a fee, however.
This tech is useless without a monetization plan. It will simply be more juice to move people to competitors' products when they learn their Apple camera is no longer that useful. It needs to be a combined effort that all smart device manufacturers simultaneously turn on, and they all need a standard monetization framework, so they all profit.... otherwise it will just be competitive pressure, that will hurt them all, or not let the restrictions be adopted.
Instead of designing a technology to involve merely blocking.... Apple should have provided a system where the camera would be loaded with details about the 'registered owner' of the event / thing being photographed.
So they could charge the Apple customer $1.99 a photo with a small commission paid to the museum/theatre/venue/event owner.
And apply DRM of 'event owner' 's choice.
Also, instead of using IR as a control plane, they could use the 3G network to provide data about 'restricted photo' locations near the user's location, with possibly checksums. And use GPS as the primary data channel for loading restrictions, with IR as a backup way of providing location services data to the device.
That is the IR sensors can transmit packets that identify location of the sensor (GPS coordinates), and a copy of Apple's digitally authenticated "restriction zones" table and 'direction restricted'/compass data for a 100 mile radius. GPS and cell tower location data are harder to avoid/spoof because they are more integral to the device operation. You cannot simply put a piece of foil over your phone's antenna or jam GPS and expect everything to still work. IR sensors are easily tampered with or fooled.
There's also a possibility of using the network to load more details about restrictions, such as orientation, maybe some simple litmus tests, so the phone can perform image processing to determine if the thing being photographed is the restrictive object, or a more restricted object that requires a higher price to be paid for the user to take a DRM-shielded photo only viewable on their device and authorized computers for their Apple ID.
(1) Celebrities, to protect their image, help prevent members of the public/paparazzi from snapping their dealings on film
(2) Streakers/Nudists
(3) Museums, any place where professional photography occurs, to force you to buy the pictures instead of taking your own.
(4) Festivals, Sporting events, other occasions of public gathering; to ensure rights protection for the official photographers.
(5) Women to carry around who are concerned about stalkers/upskirters
(6) TSA/Police/Private security firms, concerned about event visitors taking pictures of something that might reveal sensitive information -- like where the exit is located, or what the inside of a building looks like, who is getting the enhanced pat down
(7) Burglars/thieves/muggers/etc, all the smartphones/webcam/ATM/CCTVs jammed, so they can do the act with impunity without their face being seen, and without risk of winding up on Youtube....
(8) Cheating spouses who don't want to be caught
(9) Any public entertainment venue - Concert halls, Auditoriums, Play Houses, Sports Amphitheaters, Stadiums, Movie Theaters, Opera Houses, Dance Studios. To protect publicity rights of the venue.
(10) Criminals/Terrorists/etc, to keep as many details of their acts a secret as long as possible
Indeed... I can see a very large market for the IR blocking device.
Just put an IR filter in front of the lens, or a tape on the detector..
This is detectable. When you are in a room that is lit, there is always some infrared light.
If you place an IR filter on the lens, there will be no IR light.
The camera can also, when no signal is detected, emit a modulated IR signal which will be reflected off the subject back to the camera.
If the amount of IR received is 0, or the camera can't see its own IR reflection, then it acts as if the no picture signal is received.
It's horrible he made so great a sacrifice, so lightly. $3000 is a paltry amount for such a thing..
Man, either donate it, or get actually a decent amount for it such as $100k or so.
On the bright side... someone actually needs that kidney, and good will probably come out of this.
Maybe that's what the boy was thinking anyways... donate and help someone... get a little reward.
Trading body parts meant to last your entire life for toys that will last a few years and then be outdated, doesn't seem like a good plan.
What's next... his left hand? Big toe? How 'bout some bones.
If he has kidney problems later than life, he will regret this. He might find himself on the buying side, then, I suppose, assuming he can hold out long enough.
Switching SQL implementation will be easier to manage if you only have to port the SQL procedures instead of having to search all the SQL queries in your application for the DB specific quirks.
That only really works if your application requires a fairly small number of queries.
You're better off using one SQL implementation for development, and a different SQL implementation for testing and production;
e.g. MySQL for development, Oracle and Postgres for testing (test against both DBs); production DB TBD after successful testing.
Then your devs can't cheat.
Any "DB specific quirks" should be detected during testing and cause the code to be sent back for correction of the defects.
It's generally considered (at least among ISP salesmen) that it's colocation if you're sharing your virtual server with someone else's virtual server on a common piece of hardware.
That's not colocation. What you're referring to... a dedicated virtual server on a common piece of hardware with other people's servers is called "Virtual Private Server" or IaaS.
In any case, colocation means you locate (host) physical hardware with your provider... hence the term co-location. With a VPS you are just issued a server, it's not yours, you're not locating anything at the hosting provider.
A VPS/Virtually shared server is not as secure as a dedicated or colocated server, because there is a possibility of side channel attacks against your VPS from other VPSes, and a possibility of vulnerabilities in the shared OS code (you're not in control of the kernel version in say a Virtuozzo/VZ/Vserver/chroot container), or isolation breakdown vulnerabilities/root domain code execution vulnerabilities in the hypervisor in the case of Xen, VMware, or Hyper-V; not to mention the possibility the VM host you don't control might be attacked over the network or by an insider -- your VPS could in theory be copied with you being none the wiser; in container implementations its possible staff of the hosting company will enter your VPS from the root domain using admin privs, without having to compromise any security barriers or know any passwords (e.g. VZ: vzctl enter your-vid).
Homschooling is becoming an option for more and more... But ultimately, we need a change like giving the funds directly to parents instead of the schools so the free market can supply the educational services
Hm... how about this.... (1) Create a social-security like program for schooling. When an individual births a child, an additional 'child tax' will be due from their pay, as an offset for the cost to society of services that will be utilized by the additional child before they are an adult, based on their number of children, a "cost to the public" is assessed which may be amortized over the child's lifetime, or any number of years the parent chooses to pay the tax over (with interest).
Basically.. the idea is people who have 6 children should not pay the same school taxes, as the couple who marries and chooses to have only one (or no) children. Given the overpopulation issues, it is most fair to distribute the cost burden to those who create the most cost.
(2) Issue parents a "voucher" that can be used at any accredited school, to pay for schooling. Vouchers are paid from the child taxes, and no other taxes are allowed to be used to fund these. Also, no other funding is allowed to be made to education. Research and availability of certain services from public universities is another matter [and still merits taxes from the general public]. (3) At the end of every school year, issue parents a financial reward / "rebate" on taxes based on their minor child's performance in primary and secondary school, and with any improvement -- the better the child's performance, the better the reward - if the performance is poor, a large improvement nets an improvement award in addition to a paltry performance reward. Any disciplinary issues, serious misbehavior, whether cause is medical, or otherwise, incur a penalty.
In this manner, there is a financial incentive for parents to encourage good performance; and a disincentive to allow bad behavior.
(4) If the child is accused by staff of cheating, committing a felony, assaulting another student, or any similar act, and determined verified guilty by the school administration, or a recurring problem occurs, the reward is cancelled, at the school's discretion, the following year's voucher will be restricted to a "punishment" / "prison" school that specializes in dealing with problem children, with mandatory transfer, attendance, and will work like a prison.
(5) For children that meet the reward criteria -- a percentage of the award goes to the parents to encourage them to support their child in school, and the rest is held by the government and redeemable by the child with interest upon entering college or reaching age 25.
For children that don't meet reward criteria, the reward they would have had is forfeit, and shared among those meeting the top performance criteria. Any penalties are added to the parent's child tax, used to help compensate the school for any damage, and to fund prison school accomadations.
Not sufficient.. not just any hash will be resistant to brute force attempts....
Use something like a 4096 iteration PBKDF2 key that is, and effecting a brute force attempt will be difficult
for the forseeable future.:)
There's no damn hosting provider that will take care for you programs' security. You know why? Because they are *hosting* providers, not service providers. The service is up to you, and if you are not up to the service I really better prefer you just not trying./em>
Not really true... many good hosting providers are also service providers and can help with anything (for the right price),
and that's a good thing -- because most web developers are not good system administrators, you the author of this website should probably not be the system admin, DBA, etc, all at once; hosting providers employ experts, and you should utilize available expertise, or host a dedicated option and get consultants to set everything up.
The security of your software implementation is your own business. The hosting provider's system administrators should work with you to ensure security of the platform the hosting provider is offering you that your software runs on, or offer you options that will ensure security.
They might recommend things like VPS on shared server, dedicated server, or colocated hosting, to mitigate multitenancy risks; most hosting providers have many options, for the security concerned. Or they may explain what measures they have taken to ensure the software is secure and kept up to date.
In any case, they should be able to provide more than some silly seal.
It's always ultimately going to be up to the person hosting a site to decide how much security is needed, how sensitive the data stored by the application is, and what their own compliance requirements may be.
The option of colocation is only really sane for personal stuff that doesn't matter, or for large companies that rent out entire racks with 24x7 access, and have dedicated staff near the colo.
P.S. And even with colocation, usually the provider has the right to gain entry to your server by force, if they feel they need to. And the possibility remains an unauthorized person could steal your server or use physical access to root it.
The security risk is hardly any different from hosting a dedicated server; and just comes down to you owning the piece of metal vs a provider owning the piece of metal.
What can be done with that piece of metal under either arrangement is spelled out in a contract.
And if the contract is adequate, including things like giving you a right to buy your server or allowing you in to copy the data off the server and then format the server, in case of account termination, you're equally protected, security-wise even if a provider owns the metal.
No matter who owns the metal, you having a server in someone else's location creates an external dependency risk that should be managed.
I don't know what you're talking about keys for. There aren't any colocation providers I know of that will let you colocate a few U or a half rack, lock it, and take the keys off site.
Usually such a customer doesn't even have the keys to the rack.
If they have any access to the rack other than escorted-by-security during business hours only (8x5) and watched-like-a-hawk while they pull their server out/put their server in, they're paying through the nose for it.
Things like on-site hands from the facility or remote KVM are as-available, and very expensive.
Much more expensive than hosting for a small operation of just one web server and one db server.
The next step up is to lease space in a colocation rack from the ISP. That is your hardware in a locked rack in their server room.
You mean that's your hardware hosted in a rack in their server room.
Whether that rack is in a cage and locked or not will depend. In any case, they have the keys, not you.
And if you have a Layer 1 (physical) issue, you are in for a lot more downtime than a professionally hosted dedicated server.
With the hosted option, there will probably be spares on site. With a colocation option, you will be driving in, and waiting for an escort to let you in to try and troubleshoot your server, and then take it out with you, to hunt around your place (or some store) to buy replacement components.
The option of colocation is only really sane for personal stuff that doesn't matter, or for large companies that rent out entire racks with 24x7 access, and have dedicated staff near the colo.
Ask them what their security plan is? How often do they conduct internal and external security scans? Do they conform to any security standards, like NIST, SANS, or even PCI?
All eCommerce sites that deal with primary account numbers such as CC numbers (and don't use PayPal for everything) are supposed to be following PCI anyways. It's not as if the PCI requirements are optional rules vendors are allowed to ignore and still process payments --- if you have a payment processor, PCI is going to be included in the contract you signed somewhere.
So that one... should be easy to leverage to your advantage... If you are hosting your site on a shared hosting provider, ask if they comply with the PCI requirements for shared hosting providers.
Specifically, ask if they meet the requirements including not running different users CGI/PHP scripts as the same UID as other users or as the webserver UID.
These are foregone conclusions, but they do not secure against the most common attacks.
It is rare that the SQL server is attacked directly, even if it is listening on the right report -- this is MySQL he's talking about, not MSSQL.
Even if you do open mysql port to the world, the footprint is not that large, and common practice is not to create users that can connect remotely.
Use parameters (and stored procedures) exclusively if at all possible
Using parameterized queries exclusively, will avoid most SQL injection attacks; you still have possibility XSS/CSRF issues to be concerned about;
those follow right after injection, and of course..... the issue of simply failing to properly authorize queries submitted, the class of vulnerabilities called 'trusting the client'.. e.g. not preventing a user from changing a &customer_id= in the POST form and submitting that order to someone else's account, changing random form variables to enable the user to do something they aren't supposed to do that the Web UI doesn't expose, or changing an &item_id= and ordering an item that is supposed to be hidden/not listed for sale, best yet... changing a &price= or &shipping= in the post form, and revising their terms of sale when hitting the 'finalize order' button.
Stored procedures and other extension-fu are generally a bad idea... not portable when you need to switch SQL implementations.
The police officer's actions are unlawful, and he should be prosecuted.
The 5th amendment is very clear: it is unlawful to take anyone's property without due process of law. Seizing by physical force and smashing is just as unlawful.
I think the cloud is safer, actually. In a case like this it doesn't matter, but if you're recording police misconduct occurring at your own home, they're likely to destroy and/or confiscate all your electronic equipment.
Don't let them know you are recording it. The first they will hear about it is when you file a formal complaint about the officers.
If you can't trust the police, how can you trust the cloud? Back it up to your own computer, which should ideally create a torrent automatically...
Back it up to multiple cloud-based systems that automatically distribute it to other read-only systems that are distributed worldwide and from which it cannot be withdrawn.
flash memory is rather small and can be durable. what are the chances that even smashing it that they didn't do much other than break the screen? i didn't read the article, but the video could possibly still be recoverable.
The phone is a nice crash shell for the flash memory. There is a good chance, the data could be recovered off the phone, but specialized expertise might be required --- electronics the flash memory is attached to may be damaged.
If you want to make sure you destroy any memory on the phone, you need to use something like a Blender to you know, blend the phone. Noone's going to re-assemble a totally shattered flash memory card, even though many of the individual cells may be intact, you effectively then cannot read them, at least not inexpensively
Unfortunately, the bridge called Galloping Gertie (Tacoma Narrows Bridge) totally collapsed on November 7th 1940. Four months after the bridge had opened.
I'm all for harnessing air turbulence to generate electricity (as long as this does not adversely effect climate or weather)
But realistically... we should not build bridges that gallop. I am not in favor of designing more bridges to be like Galloping Gertie, for the sake of generating a little juice.
That's just plain dangerous -- the engineering involved is complicated enough, and the danger great enough, when the structure is designed to be stationary.
Even if a galloping structure can be made safe, I imagine it would not remain safe after a number of years wear and tear.
If you want to generate electricity using the wind --- it's worth building a dedicated structure for that purpose, or sticking to remote areas, rather than adding non-safety/reliability/stability/longevity goals to the design of major transit infrastructure. That way, public safety implications will be more limited.
You have to understand that $3400 in China is a lot closer to a year's salary than you might think.
Really? What does an iPad2 cost in China? The article seemed to suggest the boy could have saved the money, but choose not to. If annual salaries in his area were $3400, the boy would have little/no chance of saving a few $k.
Could it be that not everyone in China has the same salary? Perhaps you should revisit that.
China has a massive population, and I am sure not everyone has the same salary.
Not everyone in China can be a farmer, farm worker, and sweat shop worker. There are actually businesses that exist in China, you know.... I would expect anyone who has enough media access to know about, understand, and want an iPad2, is not in the substinence farming crowd. Clearly the boy/his family have discretionary income; otherwise, he might be selling his kidney for food, water, or shelter.
There is no current "overpopulation" problem. Almost every human produces more than they consume.
You're in denial. Just because there is not a space exhaustion problem, or people produce more items than they consume, does not mean there is no resource exhaustion problem.
You see, the resources people produce are less useful than resources that have to be consumed for them to continue to survive, there is an increase in entropy, and there is a reduction in total available energy that humans can harness.
For example, the earth has a net loss in available fossil fuels required for transportation of resources, fertilizing, growing crops, manufacturing everyday household materials, and special purpose materials used for medicine, etc.
When fossil fuels are exhausted, there may be a mass die-off event within the human species, due to the massive reduction in possible food production and transportation.
I believe you are thinking of a UV filter.
Another name for "UV Filter" is clear piece of plastic/polycarbonate.
Because common plastic lens materials filter high-energy UV light and pass lower energy EM.
Anyways... the UV filtering for lens protection is just a harmless side effect, that can also be useful in some outdoors shooting conditions.
If you don't need a high end mac server, having one is a liability in various ways; aside from the fact spare parts are expensive, and what will have to happen if it breaks after warranty. You could also consider making the server dual-use.... E.g. have it double as the Boss' workstation.
"I'm the 'IT guy' for an office of about a dozen people. And when I say IT guy, I mean I'm the only one here who can use google well enough to figure out how to make things work. We have a 500GB Mac server with a Drobo with 6TB of storage attached So far all this server does is back up data,
A 6TB drobo is plenty of backup storage. Sell the overpriced Mac server (assuming it's relatively new and sells for a lot) and buy an inexpensive Dell server, as you don't need a MacOS server for backups. You're working backwards --- you don't just buy expensive servers and look for things they can do; your department gets asked to meet technology needs of the business, you determine how to meet those needs, and some might involve providing services that require a server -- there are also some system administration functions (such as single signon, central user management, endpoint policy management) that may require a server.
Your organization should be planning what it wants the IT infrastructure to do, and budgeting and acquiring servers appropriately as required to solve problems and satisfy the needs facing the organization. If you find you actually got equipment not being utilized, then someone screwed up. I've seen people fired for blowing their IT budget on a Mac server, when there was no real justification for why the server absolutely had to be that uber-expensive type, and cheap Linux/Windows servers on the market would serve the file sharing/backup function just as well.
Many small businesses don't need any servers at all, anymore, now that certain NASes can commonly fill the role of file servers. Perhaps a NAS device (or other solution) for backups. Another reason small businesses might have a server is for DHCP, DNS, active directory, and shared applications. Databases used by SMB apps are usually peer-to-peer or something like an access DB hosted on a CIFS file share.
and I want to make it a little more useful. We also have a Filemaker server on it, which I have yet to learn how to use at all, let alone efficiently.
Just because you have a filemaker instance, doesn't mean that using it would be a good choice.
That's a "when you have a hammer handy, everything looks like a nail" thing. Seeing as you don't know how to use filemaker, and have no long term planning for type of use/ ongoing maintenance, and you probably have limited administration knowledge of filemaker - that's yet more reasons to avoid deciding to put that piece of software into production at this point --- you should understand it, be trained on it, understand how it works in detail before you consider creating anything with filemaker and championing it as something the business should rely on.
And how will this mix with fair use?
They should equip the video editor with a tool to let you mark start/end which time indexes on the video are "Fair use" and not CC licensed
Why not CC0? Why do they care to prevent that? Or is "public domain" already an option?
CC-BY-NC-SA should also be an option.
Frankly... I should be able to license my videos however I want, and tell Google whether I wish to allow other people to mix my videos.
The burden of compliance with the CC-BY-NC would then be with the end user. The last thing I want is someone taking my content, putting it in a commercial video, and selling it to viewers to a fee, however.
This tech is useless without a monetization plan. It will simply be more juice to move people to competitors' products when they learn their Apple camera is no longer that useful. It needs to be a combined effort that all smart device manufacturers simultaneously turn on, and they all need a standard monetization framework, so they all profit.... otherwise it will just be competitive pressure, that will hurt them all, or not let the restrictions be adopted.
Instead of designing a technology to involve merely blocking.... Apple should have provided a system where the camera would be loaded with details about the 'registered owner' of the event / thing being photographed. So they could charge the Apple customer $1.99 a photo with a small commission paid to the museum/theatre/venue/event owner.
And apply DRM of 'event owner' 's choice.
Also, instead of using IR as a control plane, they could use the 3G network to provide data about 'restricted photo' locations near the user's location, with possibly checksums. And use GPS as the primary data channel for loading restrictions, with IR as a backup way of providing location services data to the device.
That is the IR sensors can transmit packets that identify location of the sensor (GPS coordinates), and a copy of Apple's digitally authenticated "restriction zones" table and 'direction restricted'/compass data for a 100 mile radius. GPS and cell tower location data are harder to avoid/spoof because they are more integral to the device operation. You cannot simply put a piece of foil over your phone's antenna or jam GPS and expect everything to still work. IR sensors are easily tampered with or fooled.
There's also a possibility of using the network to load more details about restrictions, such as orientation, maybe some simple litmus tests, so the phone can perform image processing to determine if the thing being photographed is the restrictive object, or a more restricted object that requires a higher price to be paid for the user to take a DRM-shielded photo only viewable on their device and authorized computers for their Apple ID.
IR camera jammers... useful for:
(1) Celebrities, to protect their image, help prevent members of the public/paparazzi from snapping their dealings on film
(2) Streakers/Nudists
(3) Museums, any place where professional photography occurs, to force you to buy the pictures instead of taking your own.
(4) Festivals, Sporting events, other occasions of public gathering; to ensure rights protection for the official photographers.
(5) Women to carry around who are concerned about stalkers/upskirters
(6) TSA/Police/Private security firms, concerned about event visitors taking pictures of something that might reveal sensitive information -- like where the exit is located, or what the inside of a building looks like, who is getting the enhanced pat down
(7) Burglars/thieves/muggers/etc, all the smartphones/webcam/ATM/CCTVs jammed, so they can do the act with impunity without their face being seen, and without risk of winding up on Youtube....
(8) Cheating spouses who don't want to be caught
(9) Any public entertainment venue - Concert halls, Auditoriums, Play Houses, Sports Amphitheaters, Stadiums, Movie Theaters, Opera Houses, Dance Studios. To protect publicity rights of the venue.
(10) Criminals/Terrorists/etc, to keep as many details of their acts a secret as long as possible
Indeed... I can see a very large market for the IR blocking device.
Just put an IR filter in front of the lens, or a tape on the detector..
This is detectable. When you are in a room that is lit, there is always some infrared light. If you place an IR filter on the lens, there will be no IR light.
The camera can also, when no signal is detected, emit a modulated IR signal which will be reflected off the subject back to the camera. If the amount of IR received is 0, or the camera can't see its own IR reflection, then it acts as if the no picture signal is received.
It's horrible he made so great a sacrifice, so lightly. $3000 is a paltry amount for such a thing.. Man, either donate it, or get actually a decent amount for it such as $100k or so.
On the bright side... someone actually needs that kidney, and good will probably come out of this.
Maybe that's what the boy was thinking anyways... donate and help someone... get a little reward.
Trading body parts meant to last your entire life for toys that will last a few years and then be outdated, doesn't seem like a good plan. What's next... his left hand? Big toe? How 'bout some bones.
If he has kidney problems later than life, he will regret this. He might find himself on the buying side, then, I suppose, assuming he can hold out long enough.
Switching SQL implementation will be easier to manage if you only have to port the SQL procedures instead of having to search all the SQL queries in your application for the DB specific quirks.
That only really works if your application requires a fairly small number of queries. You're better off using one SQL implementation for development, and a different SQL implementation for testing and production; e.g. MySQL for development, Oracle and Postgres for testing (test against both DBs); production DB TBD after successful testing. Then your devs can't cheat.
Any "DB specific quirks" should be detected during testing and cause the code to be sent back for correction of the defects.
It's generally considered (at least among ISP salesmen) that it's colocation if you're sharing your virtual server with someone else's virtual server on a common piece of hardware.
That's not colocation. What you're referring to... a dedicated virtual server on a common piece of hardware with other people's servers is called "Virtual Private Server" or IaaS.
In any case, colocation means you locate (host) physical hardware with your provider... hence the term co-location. With a VPS you are just issued a server, it's not yours, you're not locating anything at the hosting provider.
A VPS/Virtually shared server is not as secure as a dedicated or colocated server, because there is a possibility of side channel attacks against your VPS from other VPSes, and a possibility of vulnerabilities in the shared OS code (you're not in control of the kernel version in say a Virtuozzo/VZ/Vserver/chroot container), or isolation breakdown vulnerabilities/root domain code execution vulnerabilities in the hypervisor in the case of Xen, VMware, or Hyper-V; not to mention the possibility the VM host you don't control might be attacked over the network or by an insider -- your VPS could in theory be copied with you being none the wiser; in container implementations its possible staff of the hosting company will enter your VPS from the root domain using admin privs, without having to compromise any security barriers or know any passwords (e.g. VZ: vzctl enter your-vid).
Homschooling is becoming an option for more and more... But ultimately, we need a change like giving the funds directly to parents instead of the schools so the free market can supply the educational services
Hm... how about this.... (1) Create a social-security like program for schooling. When an individual births a child, an additional 'child tax' will be due from their pay, as an offset for the cost to society of services that will be utilized by the additional child before they are an adult, based on their number of children, a "cost to the public" is assessed which may be amortized over the child's lifetime, or any number of years the parent chooses to pay the tax over (with interest).
Basically.. the idea is people who have 6 children should not pay the same school taxes, as the couple who marries and chooses to have only one (or no) children. Given the overpopulation issues, it is most fair to distribute the cost burden to those who create the most cost.
(2) Issue parents a "voucher" that can be used at any accredited school, to pay for schooling. Vouchers are paid from the child taxes, and no other taxes are allowed to be used to fund these. Also, no other funding is allowed to be made to education. Research and availability of certain services from public universities is another matter [and still merits taxes from the general public].
(3) At the end of every school year, issue parents a financial reward / "rebate" on taxes based on their minor child's performance in primary and secondary school, and with any improvement -- the better the child's performance, the better the reward - if the performance is poor, a large improvement nets an improvement award in addition to a paltry performance reward. Any disciplinary issues, serious misbehavior, whether cause is medical, or otherwise, incur a penalty.
In this manner, there is a financial incentive for parents to encourage good performance; and a disincentive to allow bad behavior.
(4) If the child is accused by staff of cheating, committing a felony, assaulting another student, or any similar act, and determined verified guilty by the school administration, or a recurring problem occurs, the reward is cancelled, at the school's discretion, the following year's voucher will be restricted to a "punishment" / "prison" school that specializes in dealing with problem children, with mandatory transfer, attendance, and will work like a prison.
(5) For children that meet the reward criteria -- a percentage of the award goes to the parents to encourage them to support their child in school, and the rest is held by the government and redeemable by the child with interest upon entering college or reaching age 25.
For children that don't meet reward criteria, the reward they would have had is forfeit, and shared among those meeting the top performance criteria. Any penalties are added to the parent's child tax, used to help compensate the school for any damage, and to fund prison school accomadations.
Store salted hashes of passwords.
Not sufficient.. not just any hash will be resistant to brute force attempts.... Use something like a 4096 iteration PBKDF2 key that is, and effecting a brute force attempt will be difficult for the forseeable future. :)
There's no damn hosting provider that will take care for you programs' security. You know why? Because they are *hosting* providers, not service providers. The service is up to you, and if you are not up to the service I really better prefer you just not trying./em>
Not really true... many good hosting providers are also service providers and can help with anything (for the right price), and that's a good thing -- because most web developers are not good system administrators, you the author of this website should probably not be the system admin, DBA, etc, all at once; hosting providers employ experts, and you should utilize available expertise, or host a dedicated option and get consultants to set everything up.
The security of your software implementation is your own business. The hosting provider's system administrators should work with you to ensure security of the platform the hosting provider is offering you that your software runs on, or offer you options that will ensure security.
They might recommend things like VPS on shared server, dedicated server, or colocated hosting, to mitigate multitenancy risks; most hosting providers have many options, for the security concerned. Or they may explain what measures they have taken to ensure the software is secure and kept up to date. In any case, they should be able to provide more than some silly seal.
It's always ultimately going to be up to the person hosting a site to decide how much security is needed, how sensitive the data stored by the application is, and what their own compliance requirements may be.
The option of colocation is only really sane for personal stuff that doesn't matter, or for large companies that rent out entire racks with 24x7 access, and have dedicated staff near the colo.
P.S. And even with colocation, usually the provider has the right to gain entry to your server by force, if they feel they need to. And the possibility remains an unauthorized person could steal your server or use physical access to root it.
The security risk is hardly any different from hosting a dedicated server; and just comes down to you owning the piece of metal vs a provider owning the piece of metal. What can be done with that piece of metal under either arrangement is spelled out in a contract.
And if the contract is adequate, including things like giving you a right to buy your server or allowing you in to copy the data off the server and then format the server, in case of account termination, you're equally protected, security-wise even if a provider owns the metal.
No matter who owns the metal, you having a server in someone else's location creates an external dependency risk that should be managed.
I don't know what you're talking about keys for. There aren't any colocation providers I know of that will let you colocate a few U or a half rack, lock it, and take the keys off site.
Usually such a customer doesn't even have the keys to the rack. If they have any access to the rack other than escorted-by-security during business hours only (8x5) and watched-like-a-hawk while they pull their server out/put their server in, they're paying through the nose for it.
Things like on-site hands from the facility or remote KVM are as-available, and very expensive. Much more expensive than hosting for a small operation of just one web server and one db server.
The next step up is to lease space in a colocation rack from the ISP. That is your hardware in a locked rack in their server room.
You mean that's your hardware hosted in a rack in their server room.
Whether that rack is in a cage and locked or not will depend. In any case, they have the keys, not you.
And if you have a Layer 1 (physical) issue, you are in for a lot more downtime than a professionally hosted dedicated server. With the hosted option, there will probably be spares on site. With a colocation option, you will be driving in, and waiting for an escort to let you in to try and troubleshoot your server, and then take it out with you, to hunt around your place (or some store) to buy replacement components.
The option of colocation is only really sane for personal stuff that doesn't matter, or for large companies that rent out entire racks with 24x7 access, and have dedicated staff near the colo.
Ask them what their security plan is? How often do they conduct internal and external security scans? Do they conform to any security standards, like NIST, SANS, or even PCI?
All eCommerce sites that deal with primary account numbers such as CC numbers (and don't use PayPal for everything) are supposed to be following PCI anyways. It's not as if the PCI requirements are optional rules vendors are allowed to ignore and still process payments --- if you have a payment processor, PCI is going to be included in the contract you signed somewhere.
So that one... should be easy to leverage to your advantage... If you are hosting your site on a shared hosting provider, ask if they comply with the PCI requirements for shared hosting providers.
Specifically, ask if they meet the requirements including not running different users CGI/PHP scripts as the same UID as other users or as the webserver UID.
These are foregone conclusions, but they do not secure against the most common attacks. It is rare that the SQL server is attacked directly, even if it is listening on the right report -- this is MySQL he's talking about, not MSSQL. Even if you do open mysql port to the world, the footprint is not that large, and common practice is not to create users that can connect remotely.
Use parameters (and stored procedures) exclusively if at all possible
Using parameterized queries exclusively, will avoid most SQL injection attacks; you still have possibility XSS/CSRF issues to be concerned about; those follow right after injection, and of course..... the issue of simply failing to properly authorize queries submitted, the class of vulnerabilities called 'trusting the client'.. e.g. not preventing a user from changing a &customer_id= in the POST form and submitting that order to someone else's account, changing random form variables to enable the user to do something they aren't supposed to do that the Web UI doesn't expose, or changing an &item_id= and ordering an item that is supposed to be hidden/not listed for sale, best yet... changing a &price= or &shipping= in the post form, and revising their terms of sale when hitting the 'finalize order' button.
Stored procedures and other extension-fu are generally a bad idea... not portable when you need to switch SQL implementations.