I'm sure you'll get issues. I'm just saying it is possible to mitigate them if you understand what is causing the problem.
I don't have a problem with an email server having a fairly permissive internet connection. I"m more inclined to restrict the connections of workstations.
That said... obviously the email server needs a heuristic firewall. And I've seen many email servers that are only permitted to connect to specific machines. As in... you cannot send addresses on that server unless you're on a whitelist or in a VPNed intranet. It does make sending emails to that server harder but then the only people sending or receiving emails in that system don't especially care since security is more important... and the first thing they do whenever they use their laptops to do work is login to the VPN. So they wouldn't care anyway.
1. Coding CAN be math but it can also NOT be math.
Thus coding cannot in general to be said to be "math".
However, coding is always logical... possibly incompetently written but if it works then it is logical because the compiler was able to accurately interpret it.
To say all coding is math is to say that all logic is math.
The problem with that is that once all logic is math by virtue of being able to translate it into symbolic logic... we then run into the problem of how many things can be represented logically and really there are very few things including religions or whatever that can be represented this way and yet... I wouldn't call the bible "math" even if I could represent it that way.
2. As to the whole thing about formal languages versus informal languages... I actually responded to that point very clearly: "" My point, sir... is that there is a distinction between MATH as a scholastic subject taught in a university and LOGIC as a philosophical pursuit as taught in university or simply practiced in the school of hard knocks of life. "" You ironically claim I didn't read or understand what someone was saying but you're so fixated on your own argument that you didn't bother to understand mine.
This renders your position indifferent to the issue because we're not talking about the same thing.
It is as if I am saying 1+1=2 And you keep responding "But bananas are yellow"
It doesn't matter. Your point does not touch on my point. So say whatever you want on YOUR issue but it isn't MY point. You're not arguing against me with THAT argument. You're arguing against what you want ME to argue against and I won't because that isn't my argument.
That you claim I strawmanned someone when your entire argument is an unintentional strawman against me is really pretty funny. I don't think you did it on purpose. But you don't understand I'm saying and so you are arguing against something I didn't say. Here you'll likely feel like you can quote me to prove I was saying something. The problem is that you already did that and you took me out of context when you did it and ignored supporting arguments that would have corrected your misunderstanding. It is my belief that rather than correct your position you're going to keep doing that.... effectively doubling down on the strawman. And that's not productive.
So here's what we're going to do.
You're going to state your opinion indifferent to anything I've said. Just state YOUR opinion. Fresh. And then lets see if I disagree with your opinion. If I do, then we can engage on that basis. But my guess is that we won't disagree thus revolving the dispute.
Do you accept?:-)
I'm not a bad guy. I'm not an idiot. And I'm not ignorant. If you start with that premise then you're going to have problems.
3. No, I was claiming that it was not formatted in an academically accepted way. The point was that if you accept an arbitrary format that you start to expand the definition of math so radically that it becomes very hard to say anything isn't math. That was my point.
4. We can't have this discussion if you just comb through my posts to take comments out of context. Even in this quote you missed a very important qualifier that was "should". That was not "must". It was "should". Not the same thing. But more to the point, I addressed this relationship repeatedly when I said that: "Not everything that is Logical IS Math, but everything that is Math is Logical." I used that statement to justify math as a subset of logic. And in fact, wikipedia if that matters to you observes the same hierarchy of disciplines.
Beyond this we know the historic roots of these intellectual pursuits in a chicken and egg fashion... we know which came first. Riddle me this... which came first... logic as expressed in casual common language of formal logic as expressed in ridged formal mathematics? Obviously logic came first. Which means math was developed as a sub discipline of logic. That's
cite it please. I have never had a problem buying unlocked bootloader phones in california. Of "iphones"... that's a walled garden platform so if you're complaining about that cry me a fucking river.
But on the android and windows phones it isn't so much a problem. Honestly, in so far as I am concerned there is only one phone OS at this point. Its android or nothing. The others are a waste of time.
Look... the average person isn't going to know the difference between a poisoned mushroom and an edible one.
Does that mean we can't eat mushrooms?
No.
It means first the public needs to suffer a certain amount to care about the problem... aka eat the poison mushroom and die.
And THEN they might ask someone "hey which of these mushrooms are toxic?"... and if that's too much work they can acquire their mushrooms from a reputable dealer that will perforce know the difference.
Everyone runs on this fucking idiotic notion of "well that's how things worked last year so they'll have to work that way in the future!"
First, the whole buying a cell phone through the cellphone company thing is going to go away.
I bought my cellphone from the manufacterer and then I bought a sim card from the cellphone company... and then I set it up using the company's internet chat service to get the phone registered.
Doing something like that is already quite common in Europe and Asia. Its not rocket science.
And the more it works that way the more the industry is going to make that more and more simple. I had to copy and key a lot of numbers from my phone into the carrier's website. That's dumb. I shouldn't have to do that. The simcard should contain all relevant authentications. It shouldn't care what my cellphone is or what its id numbers are... that shouldn't matter.
Except Poland is building coal plants like crazy to sell power to the Germans and are currently working on a big nuclear reactor to do more of the same.
So no.
I'll let you have the last word here. You have no information I'm not already aware of and I've formed my opinion based on this information. Unless you can provide new relevant information that I am not already aware of... I am not going to change my opinion on this matter. I have seen how this works and I understand the technology well enough to understand there is no getting around certain problems without other technologies being in place.
So you can either solve the power storage problem or whenever I hear "wind/solar" in reference to the grid, I will know that you're going to need to add a coal/natural gas back up and that that has to be added to the cost equations.
I am perfectly happy with wind and solar. I just think they should be installed on roofs and not in the desert or in the ocean or whatever. The point of renewables should be to lower the amount of power that any user takes from the grid. Not to provide power to the grid itself.
I do not include geothermal, hydro, or another other power source that can reliably work day in and day out with a consistent load. If your power source can do that, then fine. If it can't then you either need to bake storage into the system or it shouldn't be on the grid at all.
This is pocket watch and wrist watch versus just pocket watch.
You'd prefer to carry around a pocket watch AND a wrist watch... I would rather just carry around one and since he wrist versions all need the pocket version... I'll just keep the pocket version.
On the issue of DNS, so long as the exchange server doesn't use Open DNS but the rest of the network does, I think in your scenario things would have been fine, no?
1 dollar of subsidies =/= 1000 dollars of subsidies.
The proof in the pudding is china and india.
If the subsidies for coal were not irrelevant to the point that coal is cheaper it would not be the default energy source in the third world.
You'd have indians and chinese people shifting to wind because THAT's cheaper? But they don't because it isn't. You're wrong.
As to statements about how we wouldn't need coal and natural gas back ups... it is actually denied often by renewable advocates. I was just talking to a bunch of germans that were saying they didn't need coal to back up their wind program. Never mind that the coal is all in eastern europe and the eastern europeans are building coal plants like crazy to service the energy needs of western europe.
When I find someone has made an error, I tell them not only that they made the error but the nature of the error and help educate them so they learn from the experience.
lets say I'm wrong as a given here... what did I learn or did you teach me simply by saying I was wrong? I don't understand the error you're suggesting I made here. You've given me not only no opportunity to validate your opinion as to whether YOU are right but you've also given me no opportunity to correct my own opinion.
Can you explain my error in some detail please so I can validate its accuracy and if it is accurate correct my own thinking.
What i tend to find in these security discussions where someone says "you're wrong karma" is that they assume one LAYER of security is ALL the security. I'm just guessing you're going to say "this thing you said wouldn't stop X"... okay but what about the security walls before that one thing and after that thing and so on? Eh?
I do a lot of BRUTE FORCE things to secure my networks. Start with what I feel are good initial premises.
1. I don't assume that I've thought of everything. 2. I don't assume that my code is perfect. 3. I don't assume that I'm smarter than my attacker. 4. I don't assume that they're simply not going to make the effort.
That's just some basic thoughts in my head as I deal with this situation.
I don't try to make some perfect egg shell defense. My network is more like a motte and bailey castle. Layers.
That's not what I said... and even if I did... and I didn't... there are quite a few wind advocates that have said that it doesn't matter that the wind is variable. Which is really their way of saying that they simply don't care if it is... and if the concept creates problems that are not being appropriately calculated on the cost sheets.
And are you taking into consideration the increased efficiency of local consumption, lower transmission costs, better utilization of realestate as roofs are used for generation versus some random place in the wilderness? Etc?
What does better mean here?
I have no doubt you can get more megawatts per dollar invested. I just question how many of those megawatts actually get to the home, what additional costs are involved in the transmission network, the often not disclosed cost of the backup natural gas/coal plant which backstops the wind/solar... etc.
As to me being a martyr... Morally judge me for my opinion on energy policy and I'm going to wax dramatic. The issue is charged by demagogues that like to label anyone that goes against them enemies of humanity if not the planet itself. I merely was making it clear that such idiocy washes over me like water off a duck. You get that or you don't. I was quite clear.
As to personal generation being a fake oil well... Nonsense. I'm not even going to touch that it was so silly.
so yeah... I'd say "your move" here but apparently that's childish... so I'm a bit nonplused.
Its nice to find someone else here that agrees that the solution to all this sneaky security shit is to brute force block it.
Its always some new buffer overflow this or memory exploit that. Who can be bothered to keep up with it all. It wasn't a problem in the pre internet age and it is a problem now. So the problem is the access and the need to limit it to what it needs to be rather than anything any person anywhere could possibly want ever. Which is generally how people run their networks.
As to email servers and filtered DNS. You don't need to only have one DNS server.:D
Tell the work stations to use DNS server 1 which is locked down. Tell Server group A to use DNS server 2. etc.
I am playing around with some open source firewalls. Its currently making me want to hurt small animals because the damned thing accepts the command, shows the command was accepted, and then ignores it.:-D
That is the face of insanity.
As an aside, with the nonsense with ICANN, I feel an increasing need to internalize DNS within the organization. DNS is just an internet phonebook really. Nothing says I have to list or not list what ICANN wants in the list.
I'm watching the EU slowly move to suggest certain sites be stripped of their domains. Its mostly criminal sites but any authoritarian measure starts with "lets do it for the children" type arguments.
Something that should be kickstartered or something... I'd do it if I had the balls. Would be push the cheap appliance DNS servers that are so simple any idiot could plug them in. As a political statement on top of anything else. Just make it clear to the politicians etc that actually the internet is an entirely arbitrary framework there are no choke points for them to exploit to enforce their various whims.
Sorry... I'm a crazy American... I burn with a certain zeal for such things. I can't help it.
Some people need a van with candy cruising around town to have a reason not to send pictures of their penis to people. https://www.youtube.com/watch?...
This man is doing a public service...
Not really... but I'm attracted to perverse arguments...:D
It was said when these things went in that their claims of being able to be self supporting would not pan out. That they would need extensive subsidies forever and that they would need COAL or NATURAL GAS back ups to cover their load whenever they didn't provide the power.
All comments of this nature were treated like a naughty boy throwing spiders at the girls.
A sign of immaturity, anti social behavior, and really a good reason to have their fathers give them a stern talking to...
Because... when someone points out logical flaws in a power grid design, the best response is to address them like you're a kindergarten teacher and their attempts at rational dialogue are merely an expression of immaturity. Because after all... real adults... real mature and well adjusted people... they just immediately buy into whatever whomever the politician is that tells them what to believe. And anyone that doesn't some flavor of village idiot or deviant... probably a pedophile. Nothing screams pedophilia like questioning dodgy power and financial estimates of a wind farm.
Am I against wind? Not at all. I think its great. I am against large amounts of public money going to build big wind farms in clusters. I'd prefer that the projects either be privately funded so it isn't just a scam to get grant money and then run when they project dries up. Or I'd like the money to instead be pushed to encourage home owners and building owners to install renewable power on their roofs and in their property thus negating the possibility that given companies are colluding or bribing the government to get contracts because the home owners will be under no obligation to buy from a given company.
As to electricity, I'm talking about a Pi to do it which would gobble 5 watts of juice.
Oh well, I don't know what you do professionally but if you came up with an appliance application of your software that could be integrated into a network... It would be worth yacht money.
As to OpenDNS... I've had some problems with their DNS lists.
But again, the concept here that would be GOLDEN would be a recursive white/black list that associated Domain and IP address firewall rules in a manner that if you blocked a Domain, the system would do DNS query for that domain, capture all the IP addresses associated with it and then blocked both the Domain AND the associated IP addresses.
And likewise, blocking an IP address should do a DNS query to find domains associated with that IP address... and at least give the option to block the listed domain associated with the IP address as well as all other associated IP addresses linked to the domain.
There are some programs that work with hardcoded IP addresses that they link to. Obviously knocking the DNS out makes it MUCH harder for malware to operate on your system. BUT, we have to keep in mind that we're in an arms race here and the opposition will of course resort to IP addresses if they feel that DNS is a fatal liability for their attacks. And as such obviously any proper firewall has to filter IP addresses.
The problem I have with that is that managing all those IP addresses is a pain in the ass. Google has a zillion IP addresses. So how do I enable all the addresses for google. Sure, they have an IP range which you can enable or disable. But they're not all contiguous which means they still need to be cited separately and they do get added to occasionally which is annoying.
A smarter firewall rules management system with a fixation on hostname resolution to IP or IP to hostname would be interesting. Again... it would be worth yacht money.
... sure you could nest a million different things in there that will serially defeat everything but I don't see it working in one shot like that.
My experience with these things is that they contain one or two things in them to break through and then the presumption is that they'll be home free.
If the security is layered and pervasive and customized and contains lots of brute force defenses like write locked files or protocol shifts or nasty firewalls.
I've never even heard of a malware that worked like that.
Even the whole stuxnet thing which was a state sponsored malware attack wasn't as sophisticated as what you're suggesting.
And while... sure it could work, I think you'd need to have detailed insider knowledge of how my systems are set up to actually design such a thing properly. You can't just guess.
I don't believe in being standard. Standards can be studied and war gamed against, and defeated prior to battle even being joined. If you're non-standard then no preconceived attack can reliably work without insider knowledge of the structure.
The F35 cost 1 trillion dollars. I hope it isn't a disaster.
I am concerned that the stealth doesn't actually work. Fellows like Sprey are saying that it doesn't work at all. And that is concerning to me.
But more damning is that in the dogfight test it appears to have utterly failed.
Can you show me something where a foreign government stake holder in the project is pleased with the performance?
Beyond all of this I question the manner in which air superiority and deep strikes should be carried out in the first place. Possibly this is something better addressed with the drone? A high speed stealth drone perhaps... but a drone.
A concept I'd like to see tried is a cruise missile like design that drops a laser guided bomb and then returns to "base" for recovery... whether that base is a ship or something like a modified B52 keeping station. The concept of aerial recovery does not sound unreasonable to me given that we have aerial refueling. This would allow a B52 to be a deep strike drone carrier that would loiter outside enemy airspace dropping and recovering drones.
I'm hoping we can make war cheaper and more effective.
This offends the peaceniks... I don't want to kill people. I do want my civilization to be strong and that requires it to be able to credibly project force when challenged. I don't like burning myself out dropping million dollar missiles on illiterate idiots with AKs. I don't mind killing the illiterate idiots if they're enemies. I do mind spending a million dollars doing it.
Slashdot Mirror
I'm sure you'll get issues. I'm just saying it is possible to mitigate them if you understand what is causing the problem.
I don't have a problem with an email server having a fairly permissive internet connection. I"m more inclined to restrict the connections of workstations.
That said... obviously the email server needs a heuristic firewall. And I've seen many email servers that are only permitted to connect to specific machines. As in... you cannot send addresses on that server unless you're on a whitelist or in a VPNed intranet. It does make sending emails to that server harder but then the only people sending or receiving emails in that system don't especially care since security is more important... and the first thing they do whenever they use their laptops to do work is login to the VPN. So they wouldn't care anyway.
Says the stalker troll, Bingo?
*yawn*
Why not? Why not send the Russians billions of dollars?
Lets try "because".
The international space station is dead. The point of it was cooperation between the US and Russia.
That's over.
We are paying the Russians. We don't want to do that.
1. Coding CAN be math but it can also NOT be math.
Thus coding cannot in general to be said to be "math".
However, coding is always logical... possibly incompetently written but if it works then it is logical because the compiler was able to accurately interpret it.
To say all coding is math is to say that all logic is math.
The problem with that is that once all logic is math by virtue of being able to translate it into symbolic logic... we then run into the problem of how many things can be represented logically and really there are very few things including religions or whatever that can be represented this way and yet... I wouldn't call the bible "math" even if I could represent it that way.
2. As to the whole thing about formal languages versus informal languages... I actually responded to that point very clearly:
""
My point, sir... is that there is a distinction between MATH as a scholastic subject taught in a university and LOGIC as a philosophical pursuit as taught in university or simply practiced in the school of hard knocks of life.
""
You ironically claim I didn't read or understand what someone was saying but you're so fixated on your own argument that you didn't bother to understand mine.
This renders your position indifferent to the issue because we're not talking about the same thing.
It is as if I am saying 1+1=2
And you keep responding "But bananas are yellow"
It doesn't matter. Your point does not touch on my point. So say whatever you want on YOUR issue but it isn't MY point. You're not arguing against me with THAT argument. You're arguing against what you want ME to argue against and I won't because that isn't my argument.
That you claim I strawmanned someone when your entire argument is an unintentional strawman against me is really pretty funny. I don't think you did it on purpose. But you don't understand I'm saying and so you are arguing against something I didn't say. Here you'll likely feel like you can quote me to prove I was saying something. The problem is that you already did that and you took me out of context when you did it and ignored supporting arguments that would have corrected your misunderstanding. It is my belief that rather than correct your position you're going to keep doing that.... effectively doubling down on the strawman. And that's not productive.
So here's what we're going to do.
You're going to state your opinion indifferent to anything I've said. Just state YOUR opinion. Fresh. And then lets see if I disagree with your opinion. If I do, then we can engage on that basis. But my guess is that we won't disagree thus revolving the dispute.
Do you accept? :-)
I'm not a bad guy. I'm not an idiot. And I'm not ignorant. If you start with that premise then you're going to have problems.
3. No, I was claiming that it was not formatted in an academically accepted way. The point was that if you accept an arbitrary format that you start to expand the definition of math so radically that it becomes very hard to say anything isn't math. That was my point.
4. We can't have this discussion if you just comb through my posts to take comments out of context. Even in this quote you missed a very important qualifier that was "should". That was not "must". It was "should". Not the same thing. But more to the point, I addressed this relationship repeatedly when I said that:
"Not everything that is Logical IS Math, but everything that is Math is Logical." I used that statement to justify math as a subset of logic. And in fact, wikipedia if that matters to you observes the same hierarchy of disciplines.
Beyond this we know the historic roots of these intellectual pursuits in a chicken and egg fashion... we know which came first. Riddle me this... which came first... logic as expressed in casual common language of formal logic as expressed in ridged formal mathematics? Obviously logic came first. Which means math was developed as a sub discipline of logic. That's
cite it please. I have never had a problem buying unlocked bootloader phones in california. Of "iphones"... that's a walled garden platform so if you're complaining about that cry me a fucking river.
But on the android and windows phones it isn't so much a problem. Honestly, in so far as I am concerned there is only one phone OS at this point. Its android or nothing. The others are a waste of time.
And I care because?
Look... the average person isn't going to know the difference between a poisoned mushroom and an edible one.
Does that mean we can't eat mushrooms?
No.
It means first the public needs to suffer a certain amount to care about the problem... aka eat the poison mushroom and die.
And THEN they might ask someone "hey which of these mushrooms are toxic?"... and if that's too much work they can acquire their mushrooms from a reputable dealer that will perforce know the difference.
Everyone runs on this fucking idiotic notion of "well that's how things worked last year so they'll have to work that way in the future!"
First, the whole buying a cell phone through the cellphone company thing is going to go away.
I bought my cellphone from the manufacterer and then I bought a sim card from the cellphone company... and then I set it up using the company's internet chat service to get the phone registered.
Doing something like that is already quite common in Europe and Asia. Its not rocket science.
And the more it works that way the more the industry is going to make that more and more simple. I had to copy and key a lot of numbers from my phone into the carrier's website. That's dumb. I shouldn't have to do that. The simcard should contain all relevant authentications. It shouldn't care what my cellphone is or what its id numbers are... that shouldn't matter.
Except Poland is building coal plants like crazy to sell power to the Germans and are currently working on a big nuclear reactor to do more of the same.
So no.
I'll let you have the last word here. You have no information I'm not already aware of and I've formed my opinion based on this information. Unless you can provide new relevant information that I am not already aware of... I am not going to change my opinion on this matter. I have seen how this works and I understand the technology well enough to understand there is no getting around certain problems without other technologies being in place.
So you can either solve the power storage problem or whenever I hear "wind/solar" in reference to the grid, I will know that you're going to need to add a coal/natural gas back up and that that has to be added to the cost equations.
I am perfectly happy with wind and solar. I just think they should be installed on roofs and not in the desert or in the ocean or whatever. The point of renewables should be to lower the amount of power that any user takes from the grid. Not to provide power to the grid itself.
I do not include geothermal, hydro, or another other power source that can reliably work day in and day out with a consistent load. If your power source can do that, then fine. If it can't then you either need to bake storage into the system or it shouldn't be on the grid at all.
That is my position.
You will have the last word.
and then who cares...
This is pocket watch and wrist watch versus just pocket watch.
You'd prefer to carry around a pocket watch AND a wrist watch... I would rather just carry around one and since he wrist versions all need the pocket version... I'll just keep the pocket version.
On the issue of DNS, so long as the exchange server doesn't use Open DNS but the rest of the network does, I think in your scenario things would have been fine, no?
As to subsidies,
1 dollar of subsidies =/= 1000 dollars of subsidies.
The proof in the pudding is china and india.
If the subsidies for coal were not irrelevant to the point that coal is cheaper it would not be the default energy source in the third world.
You'd have indians and chinese people shifting to wind because THAT's cheaper? But they don't because it isn't. You're wrong.
As to statements about how we wouldn't need coal and natural gas back ups... it is actually denied often by renewable advocates. I was just talking to a bunch of germans that were saying they didn't need coal to back up their wind program. Never mind that the coal is all in eastern europe and the eastern europeans are building coal plants like crazy to service the energy needs of western europe.
...Cheap implies poorly made or inferior to the job.
The fact is the technology has gotten so good that people can get a smart phone that does everything they want for 100 dollars.
Now does that mean the 500 dollar smartphone doesn't do more... it does do more. But how much of that "more" is something most people care about?
So yeah. This is what is going on with PCs. People are buying 300 dollar PCs Why? They work just fine for purpose.
When I find someone has made an error, I tell them not only that they made the error but the nature of the error and help educate them so they learn from the experience.
lets say I'm wrong as a given here... what did I learn or did you teach me simply by saying I was wrong? I don't understand the error you're suggesting I made here. You've given me not only no opportunity to validate your opinion as to whether YOU are right but you've also given me no opportunity to correct my own opinion.
Can you explain my error in some detail please so I can validate its accuracy and if it is accurate correct my own thinking.
What i tend to find in these security discussions where someone says "you're wrong karma" is that they assume one LAYER of security is ALL the security. I'm just guessing you're going to say "this thing you said wouldn't stop X"... okay but what about the security walls before that one thing and after that thing and so on? Eh?
I do a lot of BRUTE FORCE things to secure my networks. Start with what I feel are good initial premises.
1. I don't assume that I've thought of everything.
2. I don't assume that my code is perfect.
3. I don't assume that I'm smarter than my attacker.
4. I don't assume that they're simply not going to make the effort.
That's just some basic thoughts in my head as I deal with this situation.
I don't try to make some perfect egg shell defense. My network is more like a motte and bailey castle. Layers.
and thar she blows!
Off yarn port bow is the spout of the very beastie I was telling tales o'.
*harpoons creature*
https://www.youtube.com/watch?...
That's not what I said... and even if I did... and I didn't... there are quite a few wind advocates that have said that it doesn't matter that the wind is variable. Which is really their way of saying that they simply don't care if it is... and if the concept creates problems that are not being appropriately calculated on the cost sheets.
on the issue of wood, I've been intrigued by this thing for awhile:
http://www.allpowerlabs.com/pr...
Bigger is better by what ratio?
And are you taking into consideration the increased efficiency of local consumption, lower transmission costs, better utilization of realestate as roofs are used for generation versus some random place in the wilderness? Etc?
What does better mean here?
I have no doubt you can get more megawatts per dollar invested. I just question how many of those megawatts actually get to the home, what additional costs are involved in the transmission network, the often not disclosed cost of the backup natural gas/coal plant which backstops the wind/solar... etc.
As to me being a martyr... Morally judge me for my opinion on energy policy and I'm going to wax dramatic. The issue is charged by demagogues that like to label anyone that goes against them enemies of humanity if not the planet itself. I merely was making it clear that such idiocy washes over me like water off a duck. You get that or you don't. I was quite clear.
As to personal generation being a fake oil well... Nonsense. I'm not even going to touch that it was so silly.
so yeah... I'd say "your move" here but apparently that's childish... so I'm a bit nonplused.
Sounds like you've earned your rest.
Its nice to find someone else here that agrees that the solution to all this sneaky security shit is to brute force block it.
Its always some new buffer overflow this or memory exploit that. Who can be bothered to keep up with it all. It wasn't a problem in the pre internet age and it is a problem now. So the problem is the access and the need to limit it to what it needs to be rather than anything any person anywhere could possibly want ever. Which is generally how people run their networks.
As to email servers and filtered DNS. You don't need to only have one DNS server. :D
Tell the work stations to use DNS server 1 which is locked down. Tell Server group A to use DNS server 2. etc.
I am playing around with some open source firewalls. Its currently making me want to hurt small animals because the damned thing accepts the command, shows the command was accepted, and then ignores it. :-D
That is the face of insanity.
As an aside, with the nonsense with ICANN, I feel an increasing need to internalize DNS within the organization. DNS is just an internet phonebook really. Nothing says I have to list or not list what ICANN wants in the list.
I'm watching the EU slowly move to suggest certain sites be stripped of their domains. Its mostly criminal sites but any authoritarian measure starts with "lets do it for the children" type arguments.
Something that should be kickstartered or something... I'd do it if I had the balls. Would be push the cheap appliance DNS servers that are so simple any idiot could plug them in. As a political statement on top of anything else. Just make it clear to the politicians etc that actually the internet is an entirely arbitrary framework there are no choke points for them to exploit to enforce their various whims.
Sorry... I'm a crazy American... I burn with a certain zeal for such things. I can't help it.
Some people need a van with candy cruising around town to have a reason not to send pictures of their penis to people.
https://www.youtube.com/watch?...
This man is doing a public service...
Not really... but I'm attracted to perverse arguments... :D
It was said when these things went in that their claims of being able to be self supporting would not pan out. That they would need extensive subsidies forever and that they would need COAL or NATURAL GAS back ups to cover their load whenever they didn't provide the power.
All comments of this nature were treated like a naughty boy throwing spiders at the girls.
A sign of immaturity, anti social behavior, and really a good reason to have their fathers give them a stern talking to...
Because... when someone points out logical flaws in a power grid design, the best response is to address them like you're a kindergarten teacher and their attempts at rational dialogue are merely an expression of immaturity. Because after all... real adults... real mature and well adjusted people... they just immediately buy into whatever whomever the politician is that tells them what to believe. And anyone that doesn't some flavor of village idiot or deviant... probably a pedophile. Nothing screams pedophilia like questioning dodgy power and financial estimates of a wind farm.
So where is this going? Same place it went last time:
https://www.youtube.com/watch?...
Am I against wind? Not at all. I think its great. I am against large amounts of public money going to build big wind farms in clusters. I'd prefer that the projects either be privately funded so it isn't just a scam to get grant money and then run when they project dries up. Or I'd like the money to instead be pushed to encourage home owners and building owners to install renewable power on their roofs and in their property thus negating the possibility that given companies are colluding or bribing the government to get contracts because the home owners will be under no obligation to buy from a given company.
As to electricity, I'm talking about a Pi to do it which would gobble 5 watts of juice.
Oh well, I don't know what you do professionally but if you came up with an appliance application of your software that could be integrated into a network... It would be worth yacht money.
As to OpenDNS... I've had some problems with their DNS lists.
But again, the concept here that would be GOLDEN would be a recursive white/black list that associated Domain and IP address firewall rules in a manner that if you blocked a Domain, the system would do DNS query for that domain, capture all the IP addresses associated with it and then blocked both the Domain AND the associated IP addresses.
And likewise, blocking an IP address should do a DNS query to find domains associated with that IP address... and at least give the option to block the listed domain associated with the IP address as well as all other associated IP addresses linked to the domain.
There are some programs that work with hardcoded IP addresses that they link to. Obviously knocking the DNS out makes it MUCH harder for malware to operate on your system. BUT, we have to keep in mind that we're in an arms race here and the opposition will of course resort to IP addresses if they feel that DNS is a fatal liability for their attacks. And as such obviously any proper firewall has to filter IP addresses.
The problem I have with that is that managing all those IP addresses is a pain in the ass. Google has a zillion IP addresses. So how do I enable all the addresses for google. Sure, they have an IP range which you can enable or disable. But they're not all contiguous which means they still need to be cited separately and they do get added to occasionally which is annoying.
A smarter firewall rules management system with a fixation on hostname resolution to IP or IP to hostname would be interesting. Again... it would be worth yacht money.
... sure you could nest a million different things in there that will serially defeat everything but I don't see it working in one shot like that.
My experience with these things is that they contain one or two things in them to break through and then the presumption is that they'll be home free.
If the security is layered and pervasive and customized and contains lots of brute force defenses like write locked files or protocol shifts or nasty firewalls.
I've never even heard of a malware that worked like that.
Even the whole stuxnet thing which was a state sponsored malware attack wasn't as sophisticated as what you're suggesting.
And while... sure it could work, I think you'd need to have detailed insider knowledge of how my systems are set up to actually design such a thing properly. You can't just guess.
I don't believe in being standard. Standards can be studied and war gamed against, and defeated prior to battle even being joined. If you're non-standard then no preconceived attack can reliably work without insider knowledge of the structure.
... you just admitted to not knowing what a subset is.
https://www.youtube.com/watch?...
English motherfucker! Do you speak it?
The F35 cost 1 trillion dollars. I hope it isn't a disaster.
I am concerned that the stealth doesn't actually work. Fellows like Sprey are saying that it doesn't work at all. And that is concerning to me.
But more damning is that in the dogfight test it appears to have utterly failed.
Can you show me something where a foreign government stake holder in the project is pleased with the performance?
Beyond all of this I question the manner in which air superiority and deep strikes should be carried out in the first place. Possibly this is something better addressed with the drone? A high speed stealth drone perhaps... but a drone.
A concept I'd like to see tried is a cruise missile like design that drops a laser guided bomb and then returns to "base" for recovery... whether that base is a ship or something like a modified B52 keeping station. The concept of aerial recovery does not sound unreasonable to me given that we have aerial refueling. This would allow a B52 to be a deep strike drone carrier that would loiter outside enemy airspace dropping and recovering drones.
I'm hoping we can make war cheaper and more effective.
This offends the peaceniks... I don't want to kill people. I do want my civilization to be strong and that requires it to be able to credibly project force when challenged. I don't like burning myself out dropping million dollar missiles on illiterate idiots with AKs. I don't mind killing the illiterate idiots if they're enemies. I do mind spending a million dollars doing it.