That's how I feel, too. I really loved Avatar, simplistic moral message or not. Sometimes you just have to shut up and enjoy a movie, ya know? If you could ignore the fact that it's a simple story arc that's been told before, it was fantastic.
Anyway, I was really looking forward to the sequel(s), but it's been almost a decade and I really don't care that Cameron is announcing (again) that he has sequels planned. Call me when it hits theaters and I'll probably go see it, but I don't care until then.
Anyone with a basic level of programming skill and a half hour could wire up an application that combines the plaintext and key and spits out unbreakably encrypted text.
Really? You should try it. You're wrong, unless by "unbreakably encrypted" you're referring to a one time pad, which is not generally what is meant by symmetric encryption with a shared secret key. That's a special case that IS easy to implement, but comes with a number of other problems.
Why would it make sense for them to require a cybersecurity course? That's an implementation detail.
And this, in a nutshell, is why security is still a mess after all these years. It's always unimportant, an afterthought, or someone else's job.
Most of the security industry exists because software developers did a bad job. In fairness, it's not necessarily their fault. Commercial operating systems are insecure because people want features and a low price, not security, for example.
Historically, universities were about perpetuating knowledge and the advancement of knowledge.
I've heard this often, but people need to accept that this is no longer the case. We're not talking about the sons of the aristocracy anymore. John and Jane Q. Public don't go to university to advance knowledge, they go to get a job. At it's most ridiculous, some people go to University to play sports without any actual use for the degree they'll get (and sometimes earn) at all.
Nobody knows Hillary's home server hasn't been hacked. All that we know is that whatever logging they were doing didn't show evidence of hacking. All that tells you is that if it was hacked, it wasn't done by a complete incompetent.
I've always been pretty pro-college, but as my kids get to that age and college is stupidly expensive, I've changed my tune a little. People should consider what they want to do and see if college is a cost-effective way to do it. Sometimes they answer is yes, or college is the ONLY way to do it, but they days of going to college to figure out what you want to do may be over. It's just too expensive for that.
If memory serves, this is one of the places that advertised heavily about what a great industry to get into IT was during and after the dotcom boom busted. That really told me all I needed to know about them.
Ransomware has been around for quite a long time. The solution (backups, training, patching, etc) have, too. So am I upset that DHS hasn't already issued a warning about a threat that's been around longer than DHS? No. Anybody responsible for medical IT security already knows. Now, whether they're actually allowed to do anything about it may be a different story entirely.
It can, actually, because money doesn't actually get consumed when it's used. If I get $100 and take the family out to dinner, that $100 isn't used up. The restaurant has it now, and they'll spend it on other things. Wages, food, etc.
Money isn't a raw material like coal or lumber. Once you burn a lump of coal, it's gone forever. Once you spend money, though, it's just in someone else's hands.
As someone with kids entering the workforce, I agree. I mean, it's all well and good to say that we're going to eradicate this pool of low-skill jobs over here and create a smaller pool of high-skill jobs over there, but if we want today's kids to become tomorrow's productive members of society, we probably don't want to tear down the path from here to there.
Not government, it's the false belief that security is sufficiently handled by following a process. It's not enough to check the boxes if the boxes are wrong.
Problem is, if you're a hospital you have thousands of people who can screw up. Any time you have thousands of people who can screw up, it's just a matter of time before someone does.
I also read in another article that they just said "No." and restored from backups.
How does anyone go from data to prognostication in an objective manner?
By not starting with a preconception. That's the disappointing part of this debate. I see too many people who have no actual reason to believe one way or the other, but they're damn sure that they do.
Yeah, maybe given the reaction I should clarify. I'm not skeptical that human generation of CO2 is causing global warming. There seems to be a solid consensus on that. I think ALL scientific papers should be read with a critical eye, not blind acceptance. Is Hansen right? I don't know, but it sure seems important to figure out. Doing so without preconceptions (and vitriol) would be good.
It's only effectively impossible for laypeople to study it objectively. Ideally, people who don't know anything about the subject would just remain silent.
This is further compounded by the fact that our modern science system is not based on the pursuit of truth, but the pursuit of funding.
No, it's both. I worked in cancer research for a long time. Yes, we wrote grants because we wanted to have a job next year. We also saw the patients in the clinic and were also motivated by hopefully keeping some people alive, or at least alive longer. Some of the people I worked with got into the field because cancer killed a family member. They weren't doing it for the just for the money.
We once got a grant from a corporation to see if $SUBSTANCE had a particular effect that would be useful in treating tumors. This was a while back, but the result was basically no. Nobody fudged the data. We just reported the results back. I don't think that particular study got published, not because there's a disincentive, but because journals aren't interested. The vast majority of substances at the vast majority of doses don't have any therapeutic effect on cancer. It's just not interesting or novel to announce that you've found substance #3,647,927,671 that also doesn't work.
Some people have made a good argument that negative studies should be made available, and I agree with that, but if they're not published, it's not because the researchers don't want them published. Most researchers want anything and everything publishable to be published, and they're disappointed when a study ends without a "publishable result".
Really? Where have I ever said they're making it up? I challenge you to find it, and good luck to you. I'm pretty sure you'll never find it since I don't believe they're making it up.
Yeah, I can't disagree with that. From the paper: "It is not difficult to imagine that conflicts arising from forced migrations and economic collapse might make the planet ungovernable, threatening the fabric of civilization."
I'm quite interested in whether the science is correct, but he's doing himself a disservice in veering into social and political effects. If he's right, then this would be a landmark paper without the alarmism. It's a difficult position to be in. If he's right, the alarmism would be justified.
I tend to be a skeptic myself, so my reaction is far from panic, but this seems like something we should be studying very objectively. It's a shame so few people are capable of doing it.
The guy who said he was going to break in via social engineering when the only people who know the passcode are dead was lying? Wow. Never saw that coming.
I disagree. It's a pretty concrete example that he has no idea what he's talking about. It's handy to know when someone has their incompetence bit set so we can skip the rest of their argument.
The one time my car got towed, it was parked in the lot behind the establishment I was visiting. I didn't see the sign indicating that lot actually didn't belong to the establishment in question, partly because of the bush in front of the sign. I'm sure it was pure accident nobody ever pruned that bush.
I can't speak to the internals of the iPhone in particular, but there absolutely exists cheap, tamper resistant hardware that allows you to import a key, but not export it. The hardware simply doesn't have offer a function to do it.
Slashdot Mirror
That's how I feel, too. I really loved Avatar, simplistic moral message or not. Sometimes you just have to shut up and enjoy a movie, ya know? If you could ignore the fact that it's a simple story arc that's been told before, it was fantastic.
Anyway, I was really looking forward to the sequel(s), but it's been almost a decade and I really don't care that Cameron is announcing (again) that he has sequels planned. Call me when it hits theaters and I'll probably go see it, but I don't care until then.
Really? You should try it. You're wrong, unless by "unbreakably encrypted" you're referring to a one time pad, which is not generally what is meant by symmetric encryption with a shared secret key. That's a special case that IS easy to implement, but comes with a number of other problems.
False. I got my first email account in 1990. I'd telnet in (yes, telnet!) and read my email in pine. It all stayed on the server.
The whole "abandoned" theory is just a legal fiction.
And this, in a nutshell, is why security is still a mess after all these years. It's always unimportant, an afterthought, or someone else's job.
Most of the security industry exists because software developers did a bad job. In fairness, it's not necessarily their fault. Commercial operating systems are insecure because people want features and a low price, not security, for example.
I've heard this often, but people need to accept that this is no longer the case. We're not talking about the sons of the aristocracy anymore. John and Jane Q. Public don't go to university to advance knowledge, they go to get a job. At it's most ridiculous, some people go to University to play sports without any actual use for the degree they'll get (and sometimes earn) at all.
Nobody knows Hillary's home server hasn't been hacked. All that we know is that whatever logging they were doing didn't show evidence of hacking. All that tells you is that if it was hacked, it wasn't done by a complete incompetent.
I've always been pretty pro-college, but as my kids get to that age and college is stupidly expensive, I've changed my tune a little. People should consider what they want to do and see if college is a cost-effective way to do it. Sometimes they answer is yes, or college is the ONLY way to do it, but they days of going to college to figure out what you want to do may be over. It's just too expensive for that.
If memory serves, this is one of the places that advertised heavily about what a great industry to get into IT was during and after the dotcom boom busted. That really told me all I needed to know about them.
Ransomware has been around for quite a long time. The solution (backups, training, patching, etc) have, too. So am I upset that DHS hasn't already issued a warning about a threat that's been around longer than DHS? No. Anybody responsible for medical IT security already knows. Now, whether they're actually allowed to do anything about it may be a different story entirely.
It can, actually, because money doesn't actually get consumed when it's used. If I get $100 and take the family out to dinner, that $100 isn't used up. The restaurant has it now, and they'll spend it on other things. Wages, food, etc.
Money isn't a raw material like coal or lumber. Once you burn a lump of coal, it's gone forever. Once you spend money, though, it's just in someone else's hands.
As someone with kids entering the workforce, I agree. I mean, it's all well and good to say that we're going to eradicate this pool of low-skill jobs over here and create a smaller pool of high-skill jobs over there, but if we want today's kids to become tomorrow's productive members of society, we probably don't want to tear down the path from here to there.
Not government, it's the false belief that security is sufficiently handled by following a process. It's not enough to check the boxes if the boxes are wrong.
Problem is, if you're a hospital you have thousands of people who can screw up. Any time you have thousands of people who can screw up, it's just a matter of time before someone does.
I also read in another article that they just said "No." and restored from backups.
That ended decades ago.
I'd say DARPA, if there had to be one such place. As for NASA, if it's not aeronautics or space related, it's not what they're supposed to be doing.
By not starting with a preconception. That's the disappointing part of this debate. I see too many people who have no actual reason to believe one way or the other, but they're damn sure that they do.
Yeah, maybe given the reaction I should clarify. I'm not skeptical that human generation of CO2 is causing global warming. There seems to be a solid consensus on that. I think ALL scientific papers should be read with a critical eye, not blind acceptance. Is Hansen right? I don't know, but it sure seems important to figure out. Doing so without preconceptions (and vitriol) would be good.
It's only effectively impossible for laypeople to study it objectively. Ideally, people who don't know anything about the subject would just remain silent.
No, it's both. I worked in cancer research for a long time. Yes, we wrote grants because we wanted to have a job next year. We also saw the patients in the clinic and were also motivated by hopefully keeping some people alive, or at least alive longer. Some of the people I worked with got into the field because cancer killed a family member. They weren't doing it for the just for the money.
We once got a grant from a corporation to see if $SUBSTANCE had a particular effect that would be useful in treating tumors. This was a while back, but the result was basically no. Nobody fudged the data. We just reported the results back. I don't think that particular study got published, not because there's a disincentive, but because journals aren't interested. The vast majority of substances at the vast majority of doses don't have any therapeutic effect on cancer. It's just not interesting or novel to announce that you've found substance #3,647,927,671 that also doesn't work.
Some people have made a good argument that negative studies should be made available, and I agree with that, but if they're not published, it's not because the researchers don't want them published. Most researchers want anything and everything publishable to be published, and they're disappointed when a study ends without a "publishable result".
Really? Where have I ever said they're making it up? I challenge you to find it, and good luck to you. I'm pretty sure you'll never find it since I don't believe they're making it up.
Yeah, I can't disagree with that. From the paper: "It is not difficult to imagine that conflicts arising from forced migrations and economic collapse might make the planet ungovernable, threatening the fabric of civilization."
I'm quite interested in whether the science is correct, but he's doing himself a disservice in veering into social and political effects. If he's right, then this would be a landmark paper without the alarmism. It's a difficult position to be in. If he's right, the alarmism would be justified.
I tend to be a skeptic myself, so my reaction is far from panic, but this seems like something we should be studying very objectively. It's a shame so few people are capable of doing it.
The guy who said he was going to break in via social engineering when the only people who know the passcode are dead was lying? Wow. Never saw that coming.
I disagree. It's a pretty concrete example that he has no idea what he's talking about. It's handy to know when someone has their incompetence bit set so we can skip the rest of their argument.
The one time my car got towed, it was parked in the lot behind the establishment I was visiting. I didn't see the sign indicating that lot actually didn't belong to the establishment in question, partly because of the bush in front of the sign. I'm sure it was pure accident nobody ever pruned that bush.
You're right, though. They did take credit cards.
False. FAR is for executive agencies. This order came from the judiciary, which is not a executive agency at all.
I can't speak to the internals of the iPhone in particular, but there absolutely exists cheap, tamper resistant hardware that allows you to import a key, but not export it. The hardware simply doesn't have offer a function to do it.