I'm talking about reality, not your model. At no point did I or the grandfather's post define limits or a 'probability space' (I think you mean possibility frontier).
Either way, you are arguing outside my *defined* 'argument space'.
Wrong. Read the article s/he linked, it's pretty interesting. You and the quarter might be nuked before it hits the ground. Ridiculously small probabilites still subtract from the probability you stated of 1.
'era of the gui' - false premise, too. You can have both, as it should be. It would be great, however, if all GUI apps were designed with a client shell component and the gui just manipulated the command line part for you.
The article says the shooters caused the fire, and then unsuccessfully tried to put it out. I could say "two angry mormons started a fire" and spin the story a different way, too - although I'm sure we can all agree being mormon has nothing to do with causing a fire.
My point is, at no point to they say in the article how the fire was actually caused. I want proof that somehow the action of using their firearms caused a fire.
There is absolutely no way some guy firing rounds into any kind of grass caused a fire. I want proof. I've fired of a ridiculous amount of ammunition, of all types, into all kinds of things since I was a little kid. The only time I've ever seen a fire cause by any kind of round is incendiary rounds or a metric crapton of tracers pounded into a target in short order by a minigun.
Tinsnips. No, it's not a sexy purpose-built anit-clamshell device, but it might as well be. Seriously. $6 for a pair at Walmart, they will last a lifetime of clam shell cutting.
There does not appear to be an effect of any kind on the difficulty of the material in an article, i.e. how much of the Slashdot audience is likely to understand it, versus the rate and amount of comments.
I draw the conclusion that the bullshit level must rise, given everything else remains constant.
Is it overpriced - most definitely. But this is Slashdot, and you have a company trying to make a commercially successful PC with Linux on it. Why is this a problem? The original article had an obvious hard slant against it - let's try and think for ourselves a little here.
DISCLAIMER: I type this on a Windows box, but I have a vt420 connected to an Arch VM sitting next to me:)
But I'm more comfortable with real numbers. I mean, _clearly_ they would save at least $3000 because they would reduce the manufacturing cost that can be had for usually $4000.
Compare the $1000 savings... much better than paying just $1200 for the dealer option. I mean, that's more than 20% off.
Lets take your argument to its logical conclusion - somewhere inside of Google's secret evil HQ in the base of a volcano, Sergei and Larry are laughing maniacally, "Now we can login as everyone because we will know their passwords! MWAHAHAHA!" as they stroke their evil kittens with eyepatches.
Or realistically, that google would login as people and impersonate their accounts.
You can have my tinfoil hat, you need it more than me.
If I sold you a bicycle, but then told you how you were allowed to drive it, how fast would you tell me to fly a kite? What if I then told you I wasn't kidding, and came back later and removed the back wheel and welded on a block of concrete in it's place?
Tough, the eula is in the panier in the back and you agreed to it with you got on. Nah nahnah nahnah nah!
1,) Ubuntu is completely free, and it's open source is available, and they contribute in spades upstream. That's really cool. 2.) Unlike Windows or OSX, Ubuntu always has and always will be a choice, not forced upon you. It's not democratic, but you can take the pieces you like and nix the rest. 3.) Ubuntu, like it or not, has made the biggest contribution to mainstream usage. I know all kinds of non-technical people that run Ubuntu. They don't run Arch, or Fedora, Debian - they run Ubuntu.
In short, I see a whole lot of unjustifiable bitching going on. You don't have to use Ubuntu, but to be honest you need to step back before you start throwing them to the wolves in spite of the past 6 years of enormous FLOSS contribution. Grow the hell up, Slashdot.
Oh for sure - you have to have something. I have a a log server on the inside that gets an audio trail from all my servers, and is not accessible beyond that (and that it can send email too). We use a ticket based auth system as well, LDAP+MIT Kerberos. We do, however, have a file server that has no credentials on the inside, for commonly used files and templates. We do not secure our printers. Our VPN is based on 1-year expiring certs, so they cannot forget their password as they don't have one, and on the off chance they lose their laptop, we can just revoke and grant a new one.
My problem, and where I take issue, is where everything is locked down with unuseably long passwords and there is 3 layers of neutered admins to get anything done because they have discovered POLP. It happens all over the place. Oooohh - we can enable SSL on the inside! Of course, if they have an attacker on the inside they can either get to the webserver, or just setup a mitm and the users will click right past the cert warning. If you have a true internal break in, the only thing that can help is backups, good logs, and a quick notification system. Everything else is an elaborate, time consuming house of cards.
tl;dr - I essentially agree with you, I just want to define "hard inner core", and I think a reasonable measure of security is a good thing.
I wonder if all your negative responders have ever managed a network. By the way, I get what you are saying. Even thinking you can lock down everything on a network and believing it will still be useful is naive. You can create an internal certificate structure for all your employees, IPSec everything end-to-end, full disk encryption, etc... you will still have break in's from social engineering. Beyond Joomla/wordpress/insert spaghetti code php script here, it's becoming far far and few in between where some black hat sitting in bumfuckistan remote exploits his way in without talking to a single person. The best and highest profile hacks of all time were through humans, not by defeating your naive everything-is-encrypted-hard-inner-core circle jerk.
Yeah, I'm working hard for a flamebait tag, but I see this all the time, it's annoying as hell.
Ok, so what you are talking about it where part or all of the key itself is lost. My response was based on what you wrote, i.e. "if you create an image of an encrypted volume you change its hash value", which is not true.
I would imagine in that case the forensics team would recover the key itself from the hardware. I have been there, but I didn't think to grab a tshirt. - you'd be surprised what you can do with shallow angle UV to make the chip divulge its secrets, or just simply querying it with SPI/2wire/what have you, as in the case of any Dell I have ever seen, and all Thinkpads I know of.
Slashdot Mirror
I'm talking about reality, not your model. At no point did I or the grandfather's post define limits or a 'probability space' (I think you mean possibility frontier).
Either way, you are arguing outside my *defined* 'argument space'.
You forgot the calculation of the lunar wayneshaft when subleading the uncertainty. Day one shit, bro.
Wrong. Read the article s/he linked, it's pretty interesting.
You and the quarter might be nuked before it hits the ground. Ridiculously small probabilites still subtract from the probability you stated of 1.
'era of the gui' - false premise, too. You can have both, as it should be.
It would be great, however, if all GUI apps were designed with a client shell component and the gui just manipulated the command line part for you.
The article says the shooters caused the fire, and then unsuccessfully tried to put it out. I could say "two angry mormons started a fire" and spin the story a different way, too - although I'm sure we can all agree being mormon has nothing to do with causing a fire.
My point is, at no point to they say in the article how the fire was actually caused. I want proof that somehow the action of using their firearms caused a fire.
There is absolutely no way some guy firing rounds into any kind of grass caused a fire. I want proof. I've fired of a ridiculous amount of ammunition, of all types, into all kinds of things since I was a little kid. The only time I've ever seen a fire cause by any kind of round is incendiary rounds or a metric crapton of tracers pounded into a target in short order by a minigun.
Prove it.
Ah yes - the hash is the same. That's the part that matters!
Question - how do you get passwords back from one-way hashes, given that each hash can be generated from an infininate number of original values?
What are you going to do with millions of password hashes, even without usernames none the less?
Tinsnips. No, it's not a sexy purpose-built anit-clamshell device, but it might as well be.
Seriously. $6 for a pair at Walmart, they will last a lifetime of clam shell cutting.
My thoughts exactly. When I notice things like this, I tend to take every other assertion by the author with a grain of salt.
There does not appear to be an effect of any kind on the difficulty of the material in an article, i.e. how much of the Slashdot audience is likely to understand it, versus the rate and amount of comments.
I draw the conclusion that the bullshit level must rise, given everything else remains constant.
Profiteering at the expense of customer experience = short term gains, long term losses.
US DOD - "Fixing our economy one giant military expenditure at a time."
Is it overpriced - most definitely. But this is Slashdot, and you have a company trying to make a commercially successful PC with Linux on it. Why is this a problem?
The original article had an obvious hard slant against it - let's try and think for ourselves a little here.
DISCLAIMER: I type this on a Windows box, but I have a vt420 connected to an Arch VM sitting next to me :)
But I'm more comfortable with real numbers.
I mean, _clearly_ they would save at least $3000 because they would reduce the manufacturing cost that can be had for usually $4000.
Compare the $1000 savings... much better than paying just $1200 for the dealer option. I mean, that's more than 20% off.
And who doesn't want more than 20% off?
You don't know something is disruptive before it comes out. It's disruptive when it comes out and actually disrupts.
Lets take your argument to its logical conclusion - somewhere inside of Google's secret evil HQ in the base of a volcano, Sergei and Larry are laughing maniacally, "Now we can login as everyone because we will know their passwords! MWAHAHAHA!" as they stroke their evil kittens with eyepatches.
Or realistically, that google would login as people and impersonate their accounts.
You can have my tinfoil hat, you need it more than me.
If I sold you a bicycle, but then told you how you were allowed to drive it, how fast would you tell me to fly a kite? What if I then told you I wasn't kidding, and came back later and removed the back wheel and welded on a block of concrete in it's place?
Tough, the eula is in the panier in the back and you agreed to it with you got on. Nah nahnah nahnah nah!
I lol'd, but in a sad way.
1,) Ubuntu is completely free, and it's open source is available, and they contribute in spades upstream. That's really cool.
2.) Unlike Windows or OSX, Ubuntu always has and always will be a choice, not forced upon you. It's not democratic, but you can take the pieces you like and nix the rest.
3.) Ubuntu, like it or not, has made the biggest contribution to mainstream usage. I know all kinds of non-technical people that run Ubuntu. They don't run Arch, or Fedora, Debian - they run Ubuntu.
In short, I see a whole lot of unjustifiable bitching going on. You don't have to use Ubuntu, but to be honest you need to step back before you start throwing them to the wolves in spite of the past 6 years of enormous FLOSS contribution. Grow the hell up, Slashdot.
Oh for sure - you have to have something. I have a a log server on the inside that gets an audio trail from all my servers, and is not accessible beyond that (and that it can send email too). We use a ticket based auth system as well, LDAP+MIT Kerberos. We do, however, have a file server that has no credentials on the inside, for commonly used files and templates. We do not secure our printers. Our VPN is based on 1-year expiring certs, so they cannot forget their password as they don't have one, and on the off chance they lose their laptop, we can just revoke and grant a new one.
My problem, and where I take issue, is where everything is locked down with unuseably long passwords and there is 3 layers of neutered admins to get anything done because they have discovered POLP. It happens all over the place. Oooohh - we can enable SSL on the inside! Of course, if they have an attacker on the inside they can either get to the webserver, or just setup a mitm and the users will click right past the cert warning. If you have a true internal break in, the only thing that can help is backups, good logs, and a quick notification system. Everything else is an elaborate, time consuming house of cards.
tl;dr - I essentially agree with you, I just want to define "hard inner core", and I think a reasonable measure of security is a good thing.
I wonder if all your negative responders have ever managed a network.
By the way, I get what you are saying. Even thinking you can lock down everything on a network and believing it will still be useful is naive.
You can create an internal certificate structure for all your employees, IPSec everything end-to-end, full disk encryption, etc... you will still have break in's from social engineering. Beyond Joomla/wordpress/insert spaghetti code php script here, it's becoming far far and few in between where some black hat sitting in bumfuckistan remote exploits his way in without talking to a single person. The best and highest profile hacks of all time were through humans, not by defeating your naive everything-is-encrypted-hard-inner-core circle jerk.
Yeah, I'm working hard for a flamebait tag, but I see this all the time, it's annoying as hell.
Ok, so what you are talking about it where part or all of the key itself is lost. My response was based on what you wrote, i.e. "if you create an image of an encrypted volume you change its hash value", which is not true.
I would imagine in that case the forensics team would recover the key itself from the hardware. I have been there, but I didn't think to grab a tshirt. - you'd be surprised what you can do with shallow angle UV to make the chip divulge its secrets, or just simply querying it with SPI/2wire/what have you, as in the case of any Dell I have ever seen, and all Thinkpads I know of.
off the front page? This kind of pollution is really nasty for those of use with an RSS feed, too.