That's my experience. I've used several assistants, and they all fail to understand my requests. They'll skip words, lose context for follow-up requests, and do a lot of really stupid web searches. Want a reminder for the next time you're at Home Depot? You'll get that reminder next time you're home. Want to call your wife? "I'm sorry, I don't know who your wife is." Next query - "My wife is Anonymous Coward" and it'll ignore your address book entry (that has the relationship) and perform a web search.
I have to assume the chart placement for Nirvana's Nevermind had to take off, since every assistant I've tried thinks I want to interrupt my weather query, calling my mom, or whatever other task I'm trying to perform with a web search for a twenty year old album.
As bad as these things are on my phone, laptop and TV, I can't see giving them their own hardware that always listens. I estimate they save time in less than a quarter of attempts. Another quarter result in harmful errors, like meeting reminders using the wrong metric or date. The rest are plain old failures and useless web searches for things that sound a little like the topic of my query ("call Richard" "according to wikipedia, Richard Hammond is a presenter on the Amazon series The Grand Tour").
~$150 USD will buy a Windows 10 laptop that would, in most measures other than pure storage capacity, outperform a wide swath of machines shipped with XP. ~$60 USD will get you a cheap Windows 10 tablet.
Still, we can't get people off of Windows XP.
I've owned an EV. They're great. I just don't think there's any chance that people will swap out equipment on the sort of time scale described here.
...that connecting sites, and allowing one site to post to another, increases your attack surface. It also shows that a failure to police these connections can increase risk as older services become "stale."
Twitter, Facebook, et al should introduce security tools to help remind users. "Hey, you haven't used "Cartoon your face" in two years. Would you like to disable access to your account? You can always change it back later."
The assumption here is that an attacker choosing the easiest way has no other route. It would be safer to say that the route used by the worm would have been unavailable if basic preventative steps had been taken.
It's like the old joke. "Ever wonder why whatever you're looking for is always in the last place you look?" "Well, sure, once you've found it, why keep looking?"
Microsoft seems to think the authors would have stopped looking without finding an exploit route. Instead, they found one, and stopped looking.
Eh, I kinda agree with him. I hate it when my phone is a computer too.
I do appreciate that Apple has spent some time making things snappy. I understand this isn't always the case (iOS 4 on iPhone 3G for example).
It sounds like he's complaining about being told that he has to update this, scan that, defrag something, and turn on his firewall for crissakes. My netbook is far more interested in telling me that whatever programs I run at boot have a new version out than just opening whatever program I need to use badly enough to have turned the thing on.
And that's the deal here - firing up a desktop operating system in the first place requires a certain amount of work and carries with it a certain cost that makes using a desktop operating system for short periods inefficient.
If you want to, for example, check the weather, for many, it's going to take five minutes of computer stuff to support a minute of the actual task.
Now, someone is going to come in and tell me that Ubintows 7X Meerkat boots faster than an iPad on a triskadecacore i8 with SSD, but I say that's not everyone's experience.
Further, the iPad doesn't expose the finer points of computer configuration, use, and management. The Slashdot crowd has a lot of people whose work exists in that stuff. I'm one, and time with an iPad or CR-48 makes me feel like I can't get work done, but that's often because my work is "computery." For people whose work is word processing, it doesn't matter so much.
So, Slashdot, if your work is working on the tool, it's easy to see a tool that doesn't need your kind of work as a tool that prevents you from doing work.
How would an equidistant supercharger (thus, one that is 200 miles from each of two points, themselves 400 miles apart) fail to help drivers with cars that have a 230 mile range?
Agreed on DansGuardian. You'd want all ports closed for all users in the organization, including 80 and 443, then you'd want to create an exception for the Dansguardian box.
Also, even if it's on older hardware, consider setting up a second box to serve as backup. Look into proxy autoconfiguration files. You can return two proxy addresses in an autoconfig file, and if your main proxy is down, your clients will silently fail over to the other box. The config files also allow your internal traffic to skip the proxy for things like your intranet site.
Also, consider putting/var/log on it's own partition, if you aren't already. You don't want to let forgetting about your logging directory free space to be able to kick your whole organization off the web.
On squid (DansGuardian is often used with squid) look at your http_safe_ports (I might have that variable a little munged, as I'm not in the config right now) to make sure it's right for your org, and that it matches what your firewall is allowing out.
You, my friend, have clearly never played that game.
BASIC Gorilla tactics 101
The tactics are to look at the wind-speed meter, consider elevation, and then try an angle and velocity that will strike the opponent with your explodo-banana. Refine your velocity and angle per the rules of "playing the odds" guess too much one way, and too little the other, then extrapolate the correct angle and velocity by interpolation.
A quick search turns up this website that has a flash implementation of the game (covered with a skippable ad) that you may use to refine your "BASIC Gorilla" skills.
Okay, the Ponemon Institute claims the average data breach cost per record in 2010 was $214. Sony exposed 77,000,000 records in the PSN breach. Ponemon has a corporate shill
From TFA:
Sony is expecting costs related to its online security woes of 14 billion yen ($173 million), covering customer support, freebie packages, legal costs, lower sales and measures to beef up security.
calc.exe tells me:
173000000/77000000=2.2467532467532467532467532467532
So, how is it that this is costing Sony a little over 1% of Ponemon's estimate?
I have a ClarionMiND. It's one of the few Intel-based MIDs that made it to the US, and with firesale pricing, the $130 for an atom-based handheld looks quite a bit better than the $699 price at launch.
It runs Firefox 3 and includes flash, but flash is of only limited utility. The on-screen keyboard can't detect when it's needed inside of flash. Mouseover doesn't exist.
On the other hand, many sites use mouseover in their (x)html. Facebook, for example, allows one to delete a post or comment. The delete link is hidden until you mouse over the link. For me at least, it's surprisingly intuitive to use with a mouse, but I'm completely lost with a touch-only device.
I find that I spend an excessive amount of time trying to figure my way around the car crash that is the merging of a mouse-centric internet with a device interface that doesn't do enough to cover for the internet's lack of accomodation for the devices interface.
We wrestled with using GPG/PGP/X.509 and things like AES encrypted zip files for a while. No matter what, we couldn't trust:
That local users would create decent passwords
That remote users would be able to understand how to decrypt/open the documents
That users wouldn't send the password in the same email as the encrypted file
The found marginal success with Office document encryption, but ultimately, things were nearly impossible to audit when people were doing their own encryption. We put a PGP Universal server with web messenger between our internal mailserver and our SMTP gateway, and set policies on what does and doesn't get secured. Aside from the occasional external user who is baffled by the concept of creating a passphrase, the server has been trouble-free. If you have to deal with arbitrary external mail recipients with unknown levels of clue, I highly recommend picking either PGP Universal or Tumbleweed.
I have an older monochrome Handspring Visor. The screen on these is quite large, (though admittedly smaller than the ebook readers) there are scroll buttons, it syncs via USB, and is well supported on PC, Mac and Linux. The monochrome display means you can get many, many hours of use out of a set of batteries. There's a ton of e-book software available. No DRM, so you can easily beam your books from one reader to the next. It's pocketable, and includes a hard plastic cover. I bought mine from a giant clearance display (someone probably found a pile languishing in a back corner of the stockroom) of a Wal-Mart in 2003 for $29.99, and it still looks more or less new.
I haven't even started on what you can do with Springboard modules.
Kindle looks nice, but I think it's a book-sack that only holds books from one store. $400 is too much for that, when I can get ten really nice Jansport bags (like the cool kids at my school had) for the same money, and hold any kind of book I want in them. Sure, Kindle has some advantages, but I'm not generally a spontaneous book buyer, so maybe the Kindle isn't for me. There is one thing that would get me into (a $100 version of) Kindle: I understand that Kindle can support updates to books from publishers. If they always tell me when updates happen, and I can expect non-fiction books to update with the technology they support, I'd buy it. Right now, for example, I have some certification training books that apply only to a previous version of the certification test. I should throw them out. Kindle would be good for me here.
You can copy them to your PMP all you want, you just can't provide the means to do so to someone else (which means no one can provide them to you either, thus meaning that you have to do it yourself).
So only people who have the talent and insight to rip a DVD entirely in a vacuum may put their copy of Cool as Ice on their Sony Mylo.
Many would identify me as a bit of a nerd. I have a moderately low UID, I work in IT, and I have too many features on my cell phone.
Part of the nerd world tends to be life on the "bleeding edge" of technology. While a nerd may not always own the latest and greatest, he or she will tend to at least follow the news and allow that to influence their purchases. They probably got involved in the internet, BBSing, mobile internet, and any number of other technologies before their non-nerd friends.
But today, we have DRM. I've bought DRM, and I've skipped purchases because of DRM. DRM really annoys me, because it interferes with my interest in the latest techology. While the Kindle might not have been a "must-buy" item for me at its current price, if it were to be subsidized below $100, it would have entered my consumer radar, had it not been afflicted with the restrictions Amazon has placed. While I currently subscribe to a music service, (Rhapsody, if it matters) I tend to buy music that I wish to keep on old-fashioned CD. I'll rent DVDs, but I'll seldom buy them because I don't want to violate the DMCA to get them on my PMP.
Blu-Ray? HD-DVD? I have no idea; who's farting on my pizza less?
When I go out to eat, I don't have someone screwing up my food on purpose, and when I'm getting a haircut, they don't reserve the right to shave areas I'm not supposed to be able to see - why is it then that all of these great technologies have to come with a little "oh by the way..." restriction?
How do they know the mouse isn't scared? Maybe it's just going: "Oh shit! It's a cat! What do I do? What do I do? Okay, calm down Jerry. You're a smart mouse. That's it - just pretend you didn't see it. Ignore the cat."
Or maybe the mouse's ability to identify animals is screwed up? "Aww, look at the baby mouse. It's so cute. A little tall though. 'Look at you; you're such a cute baby!'"
Or maybe the mouse thinks the cat is a toaster, or a beer can koozy, or something of the sort.
I'm afraid the other poster is right. You need a license for each user. And it's so because the EULA says so. Have a look at it sometime. Also, the requisite Windows Server licenses, CALs, Citrix licenses, and terminal server hardware aren't cheap. A Citrix server costs money. Spend that money for the administrative benefits, not for the software license cost savings, because only the former actually exists.
Slashdot Mirror
That's my experience. I've used several assistants, and they all fail to understand my requests. They'll skip words, lose context for follow-up requests, and do a lot of really stupid web searches. Want a reminder for the next time you're at Home Depot? You'll get that reminder next time you're home. Want to call your wife? "I'm sorry, I don't know who your wife is." Next query - "My wife is Anonymous Coward" and it'll ignore your address book entry (that has the relationship) and perform a web search.
I have to assume the chart placement for Nirvana's Nevermind had to take off, since every assistant I've tried thinks I want to interrupt my weather query, calling my mom, or whatever other task I'm trying to perform with a web search for a twenty year old album.
As bad as these things are on my phone, laptop and TV, I can't see giving them their own hardware that always listens. I estimate they save time in less than a quarter of attempts. Another quarter result in harmful errors, like meeting reminders using the wrong metric or date. The rest are plain old failures and useless web searches for things that sound a little like the topic of my query ("call Richard" "according to wikipedia, Richard Hammond is a presenter on the Amazon series The Grand Tour").
~$150 USD will buy a Windows 10 laptop that would, in most measures other than pure storage capacity, outperform a wide swath of machines shipped with XP. ~$60 USD will get you a cheap Windows 10 tablet.
Still, we can't get people off of Windows XP.
I've owned an EV. They're great. I just don't think there's any chance that people will swap out equipment on the sort of time scale described here.
Huh?
20 characters would probably be a strong password.
20 bits of entropy almost certainly would be a very poor password.
I'm not sure what twenty characters of entropy would be. I guess it would depend on your encoding.
Yeah, actually.
Yahoo’s Very Bad Idea to Release Email Addresses | WIRED
...that connecting sites, and allowing one site to post to another, increases your attack surface. It also shows that a failure to police these connections can increase risk as older services become "stale."
Twitter, Facebook, et al should introduce security tools to help remind users. "Hey, you haven't used "Cartoon your face" in two years. Would you like to disable access to your account? You can always change it back later."
The assumption here is that an attacker choosing the easiest way has no other route. It would be safer to say that the route used by the worm would have been unavailable if basic preventative steps had been taken.
It's like the old joke. "Ever wonder why whatever you're looking for is always in the last place you look?" "Well, sure, once you've found it, why keep looking?"
Microsoft seems to think the authors would have stopped looking without finding an exploit route. Instead, they found one, and stopped looking.
I am shocked that the number of nmap users who are also download.com users would be significant.
Eh, I kinda agree with him. I hate it when my phone is a computer too.
I do appreciate that Apple has spent some time making things snappy. I understand this isn't always the case (iOS 4 on iPhone 3G for example).
It sounds like he's complaining about being told that he has to update this, scan that, defrag something, and turn on his firewall for crissakes. My netbook is far more interested in telling me that whatever programs I run at boot have a new version out than just opening whatever program I need to use badly enough to have turned the thing on.
And that's the deal here - firing up a desktop operating system in the first place requires a certain amount of work and carries with it a certain cost that makes using a desktop operating system for short periods inefficient.
If you want to, for example, check the weather, for many, it's going to take five minutes of computer stuff to support a minute of the actual task.
Now, someone is going to come in and tell me that Ubintows 7X Meerkat boots faster than an iPad on a triskadecacore i8 with SSD, but I say that's not everyone's experience.
Further, the iPad doesn't expose the finer points of computer configuration, use, and management. The Slashdot crowd has a lot of people whose work exists in that stuff. I'm one, and time with an iPad or CR-48 makes me feel like I can't get work done, but that's often because my work is "computery." For people whose work is word processing, it doesn't matter so much.
So, Slashdot, if your work is working on the tool, it's easy to see a tool that doesn't need your kind of work as a tool that prevents you from doing work.
How would an equidistant supercharger (thus, one that is 200 miles from each of two points, themselves 400 miles apart) fail to help drivers with cars that have a 230 mile range?
Agreed on DansGuardian. You'd want all ports closed for all users in the organization, including 80 and 443, then you'd want to create an exception for the Dansguardian box.
Also, even if it's on older hardware, consider setting up a second box to serve as backup. Look into proxy autoconfiguration files. You can return two proxy addresses in an autoconfig file, and if your main proxy is down, your clients will silently fail over to the other box. The config files also allow your internal traffic to skip the proxy for things like your intranet site.
Also, consider putting /var/log on it's own partition, if you aren't already. You don't want to let forgetting about your logging directory free space to be able to kick your whole organization off the web.
On squid (DansGuardian is often used with squid) look at your http_safe_ports (I might have that variable a little munged, as I'm not in the config right now) to make sure it's right for your org, and that it matches what your firewall is allowing out.
They're obviously trolling the patent sale.
You, my friend, have clearly never played that game.
BASIC Gorilla tactics 101
The tactics are to look at the wind-speed meter, consider elevation, and then try an angle and velocity that will strike the opponent with your explodo-banana. Refine your velocity and angle per the rules of "playing the odds" guess too much one way, and too little the other, then extrapolate the correct angle and velocity by interpolation.
A quick search turns up this website that has a flash implementation of the game (covered with a skippable ad) that you may use to refine your "BASIC Gorilla" skills.
No, that's QBASIC Gorilla tactics 101.
After all, Obama has a Zune. Who in the US government is subject to more obsequious underlings?
I guess I should have used the preview button.
calc.exe tells me: 173000000/77000000=2.2467532467532467532467532467532 So, how is it that this is costing Sony a little over 1% of Ponemon's estimate?
Is anyone making their mortgage payments in Las Vegas?
I have a ClarionMiND. It's one of the few Intel-based MIDs that made it to the US, and with firesale pricing, the $130 for an atom-based handheld looks quite a bit better than the $699 price at launch. It runs Firefox 3 and includes flash, but flash is of only limited utility. The on-screen keyboard can't detect when it's needed inside of flash. Mouseover doesn't exist. On the other hand, many sites use mouseover in their (x)html. Facebook, for example, allows one to delete a post or comment. The delete link is hidden until you mouse over the link. For me at least, it's surprisingly intuitive to use with a mouse, but I'm completely lost with a touch-only device. I find that I spend an excessive amount of time trying to figure my way around the car crash that is the merging of a mouse-centric internet with a device interface that doesn't do enough to cover for the internet's lack of accomodation for the devices interface.
This made me laugh.
- That local users would create decent passwords
- That remote users would be able to understand how to decrypt/open the documents
- That users wouldn't send the password in the same email as the encrypted file
The found marginal success with Office document encryption, but ultimately, things were nearly impossible to audit when people were doing their own encryption.We put a PGP Universal server with web messenger between our internal mailserver and our SMTP gateway, and set policies on what does and doesn't get secured. Aside from the occasional external user who is baffled by the concept of creating a passphrase, the server has been trouble-free. If you have to deal with arbitrary external mail recipients with unknown levels of clue, I highly recommend picking either PGP Universal or Tumbleweed.
I have an older monochrome Handspring Visor. The screen on these is quite large, (though admittedly smaller than the ebook readers) there are scroll buttons, it syncs via USB, and is well supported on PC, Mac and Linux. The monochrome display means you can get many, many hours of use out of a set of batteries. There's a ton of e-book software available. No DRM, so you can easily beam your books from one reader to the next. It's pocketable, and includes a hard plastic cover. I bought mine from a giant clearance display (someone probably found a pile languishing in a back corner of the stockroom) of a Wal-Mart in 2003 for $29.99, and it still looks more or less new.
I haven't even started on what you can do with Springboard modules.
Kindle looks nice, but I think it's a book-sack that only holds books from one store. $400 is too much for that, when I can get ten really nice Jansport bags (like the cool kids at my school had) for the same money, and hold any kind of book I want in them. Sure, Kindle has some advantages, but I'm not generally a spontaneous book buyer, so maybe the Kindle isn't for me. There is one thing that would get me into (a $100 version of) Kindle: I understand that Kindle can support updates to books from publishers. If they always tell me when updates happen, and I can expect non-fiction books to update with the technology they support, I'd buy it. Right now, for example, I have some certification training books that apply only to a previous version of the certification test. I should throw them out. Kindle would be good for me here.
So only people who have the talent and insight to rip a DVD entirely in a vacuum may put their copy of Cool as Ice on their Sony Mylo.
Many would identify me as a bit of a nerd. I have a moderately low UID, I work in IT, and I have too many features on my cell phone.
Part of the nerd world tends to be life on the "bleeding edge" of technology. While a nerd may not always own the latest and greatest, he or she will tend to at least follow the news and allow that to influence their purchases. They probably got involved in the internet, BBSing, mobile internet, and any number of other technologies before their non-nerd friends.
But today, we have DRM. I've bought DRM, and I've skipped purchases because of DRM. DRM really annoys me, because it interferes with my interest in the latest techology. While the Kindle might not have been a "must-buy" item for me at its current price, if it were to be subsidized below $100, it would have entered my consumer radar, had it not been afflicted with the restrictions Amazon has placed. While I currently subscribe to a music service, (Rhapsody, if it matters) I tend to buy music that I wish to keep on old-fashioned CD. I'll rent DVDs, but I'll seldom buy them because I don't want to violate the DMCA to get them on my PMP.
Blu-Ray? HD-DVD? I have no idea; who's farting on my pizza less?
When I go out to eat, I don't have someone screwing up my food on purpose, and when I'm getting a haircut, they don't reserve the right to shave areas I'm not supposed to be able to see - why is it then that all of these great technologies have to come with a little "oh by the way..." restriction?
How do they know the mouse isn't scared?
Maybe it's just going:
"Oh shit! It's a cat! What do I do? What do I do? Okay, calm down Jerry. You're a smart mouse. That's it - just pretend you didn't see it. Ignore the cat."
Or maybe the mouse's ability to identify animals is screwed up?
"Aww, look at the baby mouse. It's so cute. A little tall though. 'Look at you; you're such a cute baby!'"
Or maybe the mouse thinks the cat is a toaster, or a beer can koozy, or something of the sort.
Just wait until they start sending notices based on their ownership of com.com.
I'm afraid the other poster is right. You need a license for each user. And it's so because the EULA says so. Have a look at it sometime. Also, the requisite Windows Server licenses, CALs, Citrix licenses, and terminal server hardware aren't cheap. A Citrix server costs money. Spend that money for the administrative benefits, not for the software license cost savings, because only the former actually exists.