That has nothing to do with Sonicwall and everything to do with the people who set it up.
Actually it has everything to do with SonicWall.
The issue wasn't the device's ability to block ports (inbound, or outbound), but the device's ability to ensure that only the licensed number of nodes were allowed outbound access through the device.
SonicWall makes money selling licenses, SonicWall is the party responsible for ensuring their devices only support the number of clients their licensed for. Their device was following through with this policy, but it was only limiting devices' outbound port 80 connections. There is no user setting to change the license policy, that's SonicWall's business model
The only SonicWall device I've ever had to work with had a limit of 10 nodes that could "connect to the internet". The limit was really 10 nodes that could NAT to port 80. Every other port was open. I always figured that if sonic wall didn't care about protecting their licenses why would they care about protecting their networks?
While it would be nice to do so, it will hardly be possible. Instead it is high time to send those making bad IT security decisions to prison for it. While this will also hit a few engineers, most will be managers going cheap, ignoring warnings and generally being incompetent.
I don't see this being hardly possible at all, thirty years ago we got along fine without having our critical infrastructure's information systems not plugged into a global network. I'm speaking more of nuclear reactors, hydroelectric dams, shipping locks, railway switches etc.
On the subject of stock exchanges, I seriously doubt much good has come from plugging stock exchanges into the global information network. Even as recently as fifteen years ago people were physically trading stocks on the floor of some of the world's major exchanges. Nowadays computers perform thousands upon thousands of trades in a fraction of the time their former human counter parts could. Is this really a good thing though? There's an absurd arms race going on between investment firms to install increasingly faster computers as close to exchanges as possible to get the 'jump' on trades. There's even a new trans-Atlantic trunk line going in, that shaves off a few milliseconds of latency, all in the name of automatically trading stocks, and 'making' millions of dollars. What purpose are these systems really serving though? Why is it a good idea to put such an insane amount of speculation into our financial markets? The day to day price of stock had little enough relationship to the actual value of a company prior to computers dominating the trading scene, now this representation is becoming more diluted.
As for sending people to prison for making bad IT security decisions, it's a lovely idea, but how do you determine who's to blame? The second something goes wrong, everyone starts pointing the finger at everyone else. Is the CFO to blame for not budgeting enough IT dollars? Is the head of IT to blame because she was following orders without questioning them? Should all the employees just be locked up to be safe? What about the programmer who didn't terminate a string properly, who works for an entirely different company that sold the software to the firm that was breached??
Then there's the people problem. Even if we could somehow make the billions of lines of code that drive computers perfect, we'd still have people opening up alleged 'job interviews', which are really just malicious excel files, or what have you. In this case at least there's a forensic trail and a 'smoking' gun to link the ignoramuses to their negligence.
I think there are a lot of cases where it would be a lot cheaper to hire security cleared specialists to manually handle the transfer of data between secure isolated networks, and the global internet. Sure it would seem more expensive, but these breaches can cost hundreds of millions of dollars. Specialists can be bought for less than a hundred thousand a year each, and they can be held directly accountable.
Simply analyzing the probabilities involved in computer intrusion should be enough to convince anyone that can understand high-school mathematics that we NEED to unplug critical infrastructure from global networks. Unfortunately the powers that be seem woefully ignorant of how technology works. The anti-piracy campaigns that involve breaking DNS highlight this ignorance.
There is something about this concept that I find very threatening. Service Orientated Architecture is no doubt a good thing and Software as a Service can save costs. However with something as simple as a compiler being outsourced to the platform vendor, this returns control over software creation that can be produced squarely with the vendor.
Imagine a vendor that could suppress the compilation of software that it deems unfavourable. A company would never refuse to provide a compiling contract to a business that makes products that compete with the vendor, would they? They would not create a terms of service that deems what software is appropriate to be compiled?
Have you ever heard of Apple's App Store? It's this crazy store which is the only place you can get applications for your phone or tablet, and Apple controls every piece of software published on it. Apple also imposes arbitrary bans on applications whenever Apple sees fit. Apple is also trying to push this model to their laptops and personal computers. Furthermore if you want to make your own applications run on your iDevice you have to pay apple $100, or violate the TOS to unlock your phone. That's right, imagine that, you outright own a device, but you don't have the right to administer it.
The only people who are saying "default for the first time in history" are Democrats who are fear mongering to scare little girls like you; and it has happened before. The reality is that the United States would not default; the government would use the money it brings in to service the debt and there would be a partial government shutdown.
The spectator goes on to point out that at the time the dollar was backed by gold. Presently the US dollar is backed by the US dollar, which makes a potential default impossible as the Fed can just print more money.... unless the rest of the world stops using the US dollar as its reserve currency. I'm not an economist or an accountant, but it seems to me that the resulting inflation would make it impossible for the government to service the debt. Again, this hinges on the rest of the world changing reserve currencies, but really what incentive to non-US nations have to stick with the US dollar?
I am currently dowloading hte battlefield heroes userdata to see if I am on it. I have to take time out of my life to do shit like this cos they released user data. If they had just withheld the usernames and passwords and threatned the source with releasing them if they didnt up their security I would have been much much happier... and supportive.
Well if you're smart you use unique passwords for your online services, so log in and change your password. Give Visa/Mastercard/Amex or whomever a quick call, tell them what happened. Problem solved.
Imagine for a second hackers more malicious than the LulzBoat stole your data (especially financial data), they probably wouldn't publicly post it, they'd sell it, or use it in other ways that are far more aggravating than spending five minutes changing a password, and/or a telephone call to your credit card company.... Granted this still doesn't make the Lulz crew's actions 'right', but there are SERIOUS online crimes going down every second...
the worst part about the Lulz debacle isn't the possible net regulation the future holds... that's speculation. the worst part is the REAL criminals are still flying under the radar hacking the RSA, Lockheed Martin, etc...
As much as I'm for protests and such, these kids were just out to cause harm because they could. They need to get a legitimate cause, and stop pissing on ( innocent ) people randomly, or be gone.
They give the rest of us a bad name.
Aside from doxing Arizona law enforcement, what harm did they really cause? They've really just managed to point out a lot of trivial security flaws... I suppose one could argue that they cost Sony billions of dollars, but fighting Sony was a legitimate cause...
You don't have a problem with continuing a process that allows a whole sub-culture of people to be treated like slaves, paid almost nothing, worked in unsafe environments, and have no representation because you don't want to pay a buck fifty more for you produce?...what a disgusting position.
So you're not writing this on a computer then, manufactured in an overseas factory, produced by cheap labour and unsafe environments? I assume also that all the garments you wear were all fabricated by people paid living wages.... I'm well aware of the problem.
I think you'd have been more in comfortable in the 1800's in the south.
No I wouldn't, I never said I supported illegal-migrant work, I just said that the US is dependent upon it, I never said I condoned it, I have a hard time condoning some Western working conditions present day.
Slashdot Mirror
That has nothing to do with Sonicwall and everything to do with the people who set it up.
Actually it has everything to do with SonicWall.
The issue wasn't the device's ability to block ports (inbound, or outbound), but the device's ability to ensure that only the licensed number of nodes were allowed outbound access through the device.
SonicWall makes money selling licenses, SonicWall is the party responsible for ensuring their devices only support the number of clients their licensed for. Their device was following through with this policy, but it was only limiting devices' outbound port 80 connections. There is no user setting to change the license policy, that's SonicWall's business model
The only SonicWall device I've ever had to work with had a limit of 10 nodes that could "connect to the internet". The limit was really 10 nodes that could NAT to port 80. Every other port was open. I always figured that if sonic wall didn't care about protecting their licenses why would they care about protecting their networks?
While it would be nice to do so, it will hardly be possible. Instead it is high time to send those making bad IT security decisions to prison for it. While this will also hit a few engineers, most will be managers going cheap, ignoring warnings and generally being incompetent.
I don't see this being hardly possible at all, thirty years ago we got along fine without having our critical infrastructure's information systems not plugged into a global network. I'm speaking more of nuclear reactors, hydroelectric dams, shipping locks, railway switches etc.
On the subject of stock exchanges, I seriously doubt much good has come from plugging stock exchanges into the global information network. Even as recently as fifteen years ago people were physically trading stocks on the floor of some of the world's major exchanges. Nowadays computers perform thousands upon thousands of trades in a fraction of the time their former human counter parts could. Is this really a good thing though? There's an absurd arms race going on between investment firms to install increasingly faster computers as close to exchanges as possible to get the 'jump' on trades. There's even a new trans-Atlantic trunk line going in, that shaves off a few milliseconds of latency, all in the name of automatically trading stocks, and 'making' millions of dollars. What purpose are these systems really serving though? Why is it a good idea to put such an insane amount of speculation into our financial markets? The day to day price of stock had little enough relationship to the actual value of a company prior to computers dominating the trading scene, now this representation is becoming more diluted.
As for sending people to prison for making bad IT security decisions, it's a lovely idea, but how do you determine who's to blame? The second something goes wrong, everyone starts pointing the finger at everyone else. Is the CFO to blame for not budgeting enough IT dollars? Is the head of IT to blame because she was following orders without questioning them? Should all the employees just be locked up to be safe? What about the programmer who didn't terminate a string properly, who works for an entirely different company that sold the software to the firm that was breached??
Then there's the people problem. Even if we could somehow make the billions of lines of code that drive computers perfect, we'd still have people opening up alleged 'job interviews', which are really just malicious excel files, or what have you. In this case at least there's a forensic trail and a 'smoking' gun to link the ignoramuses to their negligence.
I think there are a lot of cases where it would be a lot cheaper to hire security cleared specialists to manually handle the transfer of data between secure isolated networks, and the global internet. Sure it would seem more expensive, but these breaches can cost hundreds of millions of dollars. Specialists can be bought for less than a hundred thousand a year each, and they can be held directly accountable.
Simply analyzing the probabilities involved in computer intrusion should be enough to convince anyone that can understand high-school mathematics that we NEED to unplug critical infrastructure from global networks. Unfortunately the powers that be seem woefully ignorant of how technology works. The anti-piracy campaigns that involve breaking DNS highlight this ignorance.
The 1800s are the 19th century, how did this not get edited?
There is something about this concept that I find very threatening. Service Orientated Architecture is no doubt a good thing and Software as a Service can save costs. However with something as simple as a compiler being outsourced to the platform vendor, this returns control over software creation that can be produced squarely with the vendor.
Imagine a vendor that could suppress the compilation of software that it deems unfavourable. A company would never refuse to provide a compiling contract to a business that makes products that compete with the vendor, would they? They would not create a terms of service that deems what software is appropriate to be compiled?
Have you ever heard of Apple's App Store? It's this crazy store which is the only place you can get applications for your phone or tablet, and Apple controls every piece of software published on it. Apple also imposes arbitrary bans on applications whenever Apple sees fit. Apple is also trying to push this model to their laptops and personal computers. Furthermore if you want to make your own applications run on your iDevice you have to pay apple $100, or violate the TOS to unlock your phone. That's right, imagine that, you outright own a device, but you don't have the right to administer it.
strange that manifestos and data dumps from pastebin have become normal news http://pastebin.com/r21cExeP
The only people who are saying "default for the first time in history" are Democrats who are fear mongering to scare little girls like you; and it has happened before. The reality is that the United States would not default; the government would use the money it brings in to service the debt and there would be a partial government shutdown.
The spectator goes on to point out that at the time the dollar was backed by gold. Presently the US dollar is backed by the US dollar, which makes a potential default impossible as the Fed can just print more money.... unless the rest of the world stops using the US dollar as its reserve currency. I'm not an economist or an accountant, but it seems to me that the resulting inflation would make it impossible for the government to service the debt. Again, this hinges on the rest of the world changing reserve currencies, but really what incentive to non-US nations have to stick with the US dollar?
I am currently dowloading hte battlefield heroes userdata to see if I am on it. I have to take time out of my life to do shit like this cos they released user data. If they had just withheld the usernames and passwords and threatned the source with releasing them if they didnt up their security I would have been much much happier... and supportive.
Well if you're smart you use unique passwords for your online services, so log in and change your password. Give Visa/Mastercard/Amex or whomever a quick call, tell them what happened. Problem solved.
Imagine for a second hackers more malicious than the LulzBoat stole your data (especially financial data), they probably wouldn't publicly post it, they'd sell it, or use it in other ways that are far more aggravating than spending five minutes changing a password, and/or a telephone call to your credit card company.... Granted this still doesn't make the Lulz crew's actions 'right', but there are SERIOUS online crimes going down every second...
the worst part about the Lulz debacle isn't the possible net regulation the future holds... that's speculation. the worst part is the REAL criminals are still flying under the radar hacking the RSA, Lockheed Martin, etc...
As much as I'm for protests and such, these kids were just out to cause harm because they could. They need to get a legitimate cause, and stop pissing on ( innocent ) people randomly, or be gone.
They give the rest of us a bad name.
Aside from doxing Arizona law enforcement, what harm did they really cause? They've really just managed to point out a lot of trivial security flaws... I suppose one could argue that they cost Sony billions of dollars, but fighting Sony was a legitimate cause...
it's true, Apple doesn't make mistakes, they take other's mistakes and make the future...
You don't have a problem with continuing a process that allows a whole sub-culture of people to be treated like slaves, paid almost nothing, worked in unsafe environments, and have no representation because you don't want to pay a buck fifty more for you produce?...what a disgusting position.
So you're not writing this on a computer then, manufactured in an overseas factory, produced by cheap labour and unsafe environments? I assume also that all the garments you wear were all fabricated by people paid living wages.... I'm well aware of the problem.
I think you'd have been more in comfortable in the 1800's in the south.
No I wouldn't, I never said I supported illegal-migrant work, I just said that the US is dependent upon it, I never said I condoned it, I have a hard time condoning some Western working conditions present day.
Anti-illegal immigrant indeed and I have no problems with that.
you do realize the US is dependent upon illegal immigration to fill low paying jobs like picking fruit, landscaping, and general cheap day labour?
Morality is just as subjective as 'freedom fighter'. The power of these words comes from the context of the zeitgeist.