Ha ha I'm pretty sure my code helps balance out the better coders who don't have as many errors;) Plus I code in Java mostly so that paticular problem is not much I worry about. Your post proves how lame this article was becouse what you say in your post is logical,makes sense and makes me want to read the book. (Ok we can't achieve 100% security of a system. What do we do WHEN the system is breached.)
Here are a couple more annoying statements. Buffer overflows are unavoidable? All programs are riddled with this type of bug and no programmer can stop it? Ok first off there are many solutions. Java offers protection against this. Also hasn't BSD basically solved most of its version of Buffer overflows. Buffer overflows are a bug in the structure of C++ that is caused by SLOPPY programming. Next time a customer or boss finds a buffer overflow error in my code I'll point to this article and say -> Look it can't be helped. Every 1000 lines of code I have to randomly place a few of these bugs. Computer security is a farce anyway so I shouldn't have to make effort to solve this paticular problem. If this guy was in charge of security at a bank he would state since a 100% chance of the bank being robbed can not be guranteed we should leave all the money in a big pile outside. Actually I think the article just misqoutes him to be saying that.
I don't know but this article was just annoying. Its first premise , books about hacking and security are boring, is just untrue for me. My favorite books are those two subjects. It then promises this book will be devoid of boring facts. Of course when you strip away those boring facts your left with vague Jon Katz like statements. It then goes into full my GOD we are all going to DIE and there is NOTHING we can do about it. Was the auther really so depressed over the state of computer security that he was thinking about taking his own life? What the heck is up with that. Yes 100% security is not possible. Yes Windows 98 (An operating system never designed to be secure) is not overly secure. Just becouse of that should we give up even attempting to have security?
The problem seems to be with trying to pre-censor the connection. What if instead the workstations were to warn that all internet traffic is monitored and then have accountability for each workstation by login id. Then have the firewall track all the requested URLS. Then if someone is found to be using the connection to look up porn (using the I know it when I see it logic) they can be banned or warned or whatever. If the expected behavior is clearly outlined and the fact that what you use the internet for could be reported back to the parents that should cut down on a lot of the problems.
IMHO Shadow run was now where near the best or first role-playing game to explore those themes. Why didn't Jon Katz talk about William Gibson or other Cyberpunk authors who created the cyberpunk mythos instead of a Role-playing game thats biggest contrabution was adding elves and orcs? I think Shadow Run was popular becouse it had a pretty simple system ( compared to cyberpunk which was so mathematical is was unplayable) but it did not create or add to any of the themes it dealt with. It was more of a 'You like Cyber stuff? You like Dragons? Well now you can have both in one easy to use package!
Slashdot Mirror
about the eye thing you should have a link to Aldous Huxley's book about his exp with it. Something like Learning to See
Ha ha I'm pretty sure my code helps balance out the better coders who don't have as many errors ;) Plus I code in Java mostly so that paticular problem is not much I worry about. Your post proves how lame this article was becouse what you say in your post is logical,makes sense and makes me want to read the book. (Ok we can't achieve 100% security of a system. What do we do WHEN the system is breached.)
Here are a couple more annoying statements. Buffer overflows are unavoidable? All programs are riddled with this type of bug and no programmer can stop it? Ok first off there are many solutions. Java offers protection against this. Also hasn't BSD basically solved most of its version of Buffer overflows. Buffer overflows are a bug in the structure of C++ that is caused by SLOPPY programming. Next time a customer or boss finds a buffer overflow error in my code I'll point to this article and say -> Look it can't be helped. Every 1000 lines of code I have to randomly place a few of these bugs. Computer security is a farce anyway so I shouldn't have to make effort to solve this paticular problem. If this guy was in charge of security at a bank he would state since a 100% chance of the bank being robbed can not be guranteed we should leave all the money in a big pile outside. Actually I think the article just misqoutes him to be saying that.
I don't know but this article was just annoying. Its first premise , books about hacking and security are boring, is just untrue for me. My favorite books are those two subjects. It then promises this book will be devoid of boring facts. Of course when you strip away those boring facts your left with vague Jon Katz like statements. It then goes into full my GOD we are all going to DIE and there is NOTHING we can do about it. Was the auther really so depressed over the state of computer security that he was thinking about taking his own life? What the heck is up with that. Yes 100% security is not possible. Yes Windows 98 (An operating system never designed to be secure) is not overly secure. Just becouse of that should we give up even attempting to have security?
The problem seems to be with trying to pre-censor the connection. What if instead the workstations were to warn that all internet traffic is monitored and then have accountability for each workstation by login id. Then have the firewall track all the requested URLS. Then if someone is found to be using the connection to look up porn (using the I know it when I see it logic) they can be banned or warned or whatever. If the expected behavior is clearly outlined and the fact that what you use the internet for could be reported back to the parents that should cut down on a lot of the problems.
Or to paraphrase brunching "The storm troopers prove for the rest of the movie they couldn't hit the sidewalk with a can of paint."
IMHO Shadow run was now where near the best or first role-playing game to explore those themes. Why didn't Jon Katz talk about William Gibson or other Cyberpunk authors who created the cyberpunk mythos instead of a Role-playing game thats biggest contrabution was adding elves and orcs? I think Shadow Run was popular becouse it had a pretty simple system ( compared to cyberpunk which was so mathematical is was unplayable) but it did not create or add to any of the themes it dealt with. It was more of a 'You like Cyber stuff? You like Dragons? Well now you can have both in one easy to use package!