From what you said, lack of interest is what keeps coming up. I'm guessing that this is either lack of interest in the subject matter, or that the quality of education you're getting is insufficient to hold your attention. Either way, I think you're going to be a lot better off if you address either of those first. I'm in your position, and what I'm finding is that the classes I'm taking now (as opposed to then) have real-world applicability, and so I'm a lot more motivated and excited by the material. I can tell what is more likely to be useful to me and what isn't, and I can ask questions based on what I've seen and what I want to do in the future. If this isn't happening for you, perhaps that's the real problem to fix...
Physical security isn't just locks, although the realm of access-control alone is enough for an entire job when it comes to background knowledge. The notion that there is redundancy between physical and computer security specialists is insane. I've worked with a few physical security specialists, and I was utterly in awe of the various things they had to know. There are almost no overlaps, very few synergies, and frankly, I don't really care to know what the latest and greatest in door strikes and CCTV lenses are, so if I were asked to do double-duty, I'd be heading for the door before you could say "emergency exit."
Ah...but is that how it works out? Do the users pay for the inside information, or the giveaways, or provide for the people who come in to speak? Not at any of the various user groups I've been to. Get real...there are more than just Mac and Linux user groups out there. There are Palm, Microsoft (and sub-user groups for each of their products), Miata, Porsche, Ferrarri, etc. user groups. And they are almost always, in my experience, started by or with the direct help/support of the company that makes the product in question. Linux is a fluke because linux isn't made by any company. But Mac user groups are backed by Apple. And again, I haven't seen anyone complain about that here, have I?
I don't remember anyone making a big stink when US Robotics started Palm User Groups. What's the big deal? It's not like people are being snatched off the street and forced to attend these groups as if they were "political re-education camps." Besides...who else would be better suited to start such groups...Red Hat?? No, maybe Oracle...uh, no...AOL?
What are they going to patent? Snort is open-source. That's not just a catchphrase, it's a legally solid concept. And they don't make money off the technology, they make it off the implementation of it, and the support of it. Things like service and support contracts and Snort appliances.
There are a number of commercial entities that provide these services, or at the very least turn-key systems that handle the information. Do you really think that law enforcement organizations can build their own from scratch? (Yeah, that's funny...imagine Sipowitz from NYPD Blue debugging!) The thing that made this newsworthy is that instead of some obscure firm that solely does LEO support and that 99.9% of the population has never heard of, it's a well-known company this time.
Just go onto trains with the proper equipment (if he's so adept in this field, he'd have access to it, right?) and MEASURE the amounts? I'm suspicious of any research that's so purely existent on the back of an envelope, especially when the researcher has eschewed an easy opportunity to test the real world.
Idea...how hard might it be to reverse-engineer the format of the data going to SonicBlue, and salt it with all sorts of stuff? Might it be possible to give them enough false data, perhaps even pertaining to multiple users, to make the data useless to those who are demanding it?
Last I heard, That vacation time was something I was ENTITLED to. Isn't that already built into the cost of employment? What Wharton-school, scientific-management-worshiping monkeyf@#$r would consider a day off negative to the economy? I'd just take it another day, what's the real difference?
Next, someone will start whining about the incredible impact of weekends...
That only the people who paid for space exploration reap any of its benefits, including any of the fantastic materials that are developed as a result of space exploration. I can think of numerous products that came from space programs of years past... -Mylar and other aluminized plastic films (my, aren't these potato chips nice and fresh!)
-Teflon (what would Reagan have done without it?)
-Transdermal drug delivery systems (think Nicoderm EQ, or whatever it's called)
I'm on an incident response team, and I would love to be able to have these on hand. There have been times when I've already been sleep-deprived, only to have to jump on a plane and do 100 hours of high-pressure work over the next 5 days. I typically go through two entire tins of Warp mints during this...I'd really like something that doesn't feel quite so rough!
Er, you don't need to guess sequence numbers when you're the one who initiated the connection. You only need to guess sequence numbers if you're hijacking someone else's connection. And there have been scripts to automate this task for years now...
Still, spoofing isn't easy, and if they are smart, they will come up with ways to filter those who "fink falsely". But if enough of us did it, early on, it would produce enough mischief that it might do the job anyways...
"There's no question that there (are) programs that are more aggressive. With this, there's some measure of permission," said [Gator's] Eagle."
Wow...he's actually doing people the favor of allowing them to decide whether they want the software or not, sorta...quick, someone give him the Nobel Peace Prize! "Some measure of permission"...sign me up for THAT!
What he's talking about is so far behind the definition of "new" or "cutting edge" that it's kind of absurd. He talks about "monitoring the network" and essentially replacing the relatively static firmware with something that can be manipulated by the user. This is not even new technology, and is universally employed by "tuning" enthusiasts (a la "The Fast and The Furious"). Laptops are used to log data about what is taking place in the car and the engine, and a programmable ECU replaces or overrides the stock one. Without this, it would be impossible to do things like add turbochargers to cars that weren't intended to have them in the first place. The examples I have in the links above are from just one store that caters to Miatas only; there are many options from many manufacturers for many cars.
I've participated in conversations where someone is essentially trying to debug their "map," or set of engine configuration options in the software, and where others chime in and offer to help. I've seen disucssions of which software is better, and so on. And again, this is all old news, not even cutting edge.
Imagine [joinaol] the opportunities for [hotsex] abuse? It's just like any other technology [supportmicrosoft], and can be used for good [joinaol] as well as evil [uninstalllinux].
They're talking about box office revenue, which has nothing to do with the kinds of "piracy" discussed here. I think, like most of you, that Jack Valenti is one of the lowest forms of scum to walk the earth, but it won't do us one bit of good to sink to their level of calling apples oranges and oranges apples because we think it may help our side in this whole conflict. Truth is, it won't help, and it only harms our credibility.
I see your point, but at that stage of the game, it's not the technology that is to blame. Any solid technology will be a problem if it is not part of a sound, well-thought out implementation. There are ways around the problem as well, however; for example, Checkpoint VPNs can push a security policy out to the client upon connection, enforcing a firewall policy at the end point and prohibiting network communications between that point and any node besides the VPN gateway. But that's a whole other ball of wax, and returns to the issue of making wise choices when rolling out technology.
The bottom line is, VPNs make it possible to do things in business that aren't cost-effective any other way, and businesses are there to make money, not to be secure. It's a trade-off, and if the return outweighs the risk, it's worth the risk.
Let's just think about this one for a minute. "Houses can be broken into...who should be liable?" "People can still die, despite airbags, seatbelts, crumple zones, side-impact protection, and emergency medical teams...who should be liable?" "Sh!t happens...who should be liable?"
Real life is real life, and the realm of technology is no exception. For some reason, some people got the idea that magically, the world of technology can be free from the influences of bad people and just ordinary entropy. It has long since been figured out that there will be bugs, no matter what.
While some code is safer than others, and some companies are disturbingly sloppy in their coding procedures, ALL code is vulnerable. Making someone liable because they have bugs will punish all, and is contrary to the most fundamental fact of life: you're on your own, watch your own ass, life sucks, wear a helmet.
So, you're saying the main problem with IPSEC is that it's not a magic bullet? Nothing is...get over it. I've heard people say the same about firewalls, saying how firewalls make people think that they're totally secure, so they no longer patch systems or pay attention. That may be true sometimes, but it's still not a valid argument that firewalls are flawed. Security isn't one box or one piece of software, and saying that one has a problem because it doesn't blanket everything is like criticizing deadbolts because thieves can still break a window to get into your home.
I don't know about the rest of the world, but I know that I'm not buying much music these days because I'm so busy duplicating DVDs left and right. Well, that and exporting strong encryption:)
Hmm...where do you draw the line between "Internet" and "other stuff?" Is the cable modem the end of it? The cabling between it and the broadband router? The NIC in my computer? And of course, we couldn't use the Internet without the hard drive, the motherboard, the processor...
Slashdot Mirror
From what you said, lack of interest is what keeps coming up. I'm guessing that this is either lack of interest in the subject matter, or that the quality of education you're getting is insufficient to hold your attention. Either way, I think you're going to be a lot better off if you address either of those first. I'm in your position, and what I'm finding is that the classes I'm taking now (as opposed to then) have real-world applicability, and so I'm a lot more motivated and excited by the material. I can tell what is more likely to be useful to me and what isn't, and I can ask questions based on what I've seen and what I want to do in the future. If this isn't happening for you, perhaps that's the real problem to fix...
Physical security isn't just locks, although the realm of access-control alone is enough for an entire job when it comes to background knowledge. The notion that there is redundancy between physical and computer security specialists is insane. I've worked with a few physical security specialists, and I was utterly in awe of the various things they had to know. There are almost no overlaps, very few synergies, and frankly, I don't really care to know what the latest and greatest in door strikes and CCTV lenses are, so if I were asked to do double-duty, I'd be heading for the door before you could say "emergency exit."
Ah...but is that how it works out? Do the users pay for the inside information, or the giveaways, or provide for the people who come in to speak? Not at any of the various user groups I've been to. Get real...there are more than just Mac and Linux user groups out there. There are Palm, Microsoft (and sub-user groups for each of their products), Miata, Porsche, Ferrarri, etc. user groups. And they are almost always, in my experience, started by or with the direct help/support of the company that makes the product in question. Linux is a fluke because linux isn't made by any company. But Mac user groups are backed by Apple. And again, I haven't seen anyone complain about that here, have I?
I don't remember anyone making a big stink when US Robotics started Palm User Groups. What's the big deal? It's not like people are being snatched off the street and forced to attend these groups as if they were "political re-education camps." Besides...who else would be better suited to start such groups...Red Hat?? No, maybe Oracle...uh, no...AOL?
Detailing why this isn't a potential violation of the DMCA :)
What are they going to patent? Snort is open-source. That's not just a catchphrase, it's a legally solid concept. And they don't make money off the technology, they make it off the implementation of it, and the support of it. Things like service and support contracts and Snort appliances.
You should re-read the posting, dude...they're only doing voice wiretapping. I don't know about you, but I can't speak in IPSEC.
There are a number of commercial entities that provide these services, or at the very least turn-key systems that handle the information. Do you really think that law enforcement organizations can build their own from scratch? (Yeah, that's funny...imagine Sipowitz from NYPD Blue debugging!) The thing that made this newsworthy is that instead of some obscure firm that solely does LEO support and that 99.9% of the population has never heard of, it's a well-known company this time.
For using 10-year old indonesians as legal counsel!
Just go onto trains with the proper equipment (if he's so adept in this field, he'd have access to it, right?) and MEASURE the amounts? I'm suspicious of any research that's so purely existent on the back of an envelope, especially when the researcher has eschewed an easy opportunity to test the real world.
Idea...how hard might it be to reverse-engineer the format of the data going to SonicBlue, and salt it with all sorts of stuff? Might it be possible to give them enough false data, perhaps even pertaining to multiple users, to make the data useless to those who are demanding it?
Last I heard, That vacation time was something I was ENTITLED to. Isn't that already built into the cost of employment? What Wharton-school, scientific-management-worshiping monkeyf@#$r would consider a day off negative to the economy? I'd just take it another day, what's the real difference?
Next, someone will start whining about the incredible impact of weekends...
That only the people who paid for space exploration reap any of its benefits, including any of the fantastic materials that are developed as a result of space exploration.
I can think of numerous products that came from space programs of years past...
-Mylar and other aluminized plastic films (my, aren't these potato chips nice and fresh!)
-Teflon (what would Reagan have done without it?)
-Transdermal drug delivery systems (think Nicoderm EQ, or whatever it's called)
And so on.
I'm on an incident response team, and I would love to be able to have these on hand. There have been times when I've already been sleep-deprived, only to have to jump on a plane and do 100 hours of high-pressure work over the next 5 days. I typically go through two entire tins of Warp mints during this...I'd really like something that doesn't feel quite so rough!
Er, you don't need to guess sequence numbers when you're the one who initiated the connection. You only need to guess sequence numbers if you're hijacking someone else's connection. And there have been scripts to automate this task for years now...
Still, spoofing isn't easy, and if they are smart, they will come up with ways to filter those who "fink falsely". But if enough of us did it, early on, it would produce enough mischief that it might do the job anyways...
"There's no question that there (are) programs that are more aggressive. With this, there's some measure of permission," said [Gator's] Eagle."
Wow...he's actually doing people the favor of allowing them to decide whether they want the software or not, sorta...quick, someone give him the Nobel Peace Prize! "Some measure of permission"...sign me up for THAT!
What he's talking about is so far behind the definition of "new" or "cutting edge" that it's kind of absurd. He talks about "monitoring the network" and essentially replacing the relatively static firmware with something that can be manipulated by the user. This is not even new technology, and is universally employed by "tuning" enthusiasts (a la "The Fast and The Furious"). Laptops are used to log data about what is taking place in the car and the engine, and a programmable ECU replaces or overrides the stock one. Without this, it would be impossible to do things like add turbochargers to cars that weren't intended to have them in the first place. The examples I have in the links above are from just one store that caters to Miatas only; there are many options from many manufacturers for many cars.
I've participated in conversations where someone is essentially trying to debug their "map," or set of engine configuration options in the software, and where others chime in and offer to help. I've seen disucssions of which software is better, and so on. And again, this is all old news, not even cutting edge.
Imagine [joinaol] the opportunities for [hotsex] abuse? It's just like any other technology [supportmicrosoft], and can be used for good [joinaol] as well as evil [uninstalllinux].
They're talking about box office revenue, which has nothing to do with the kinds of "piracy" discussed here. I think, like most of you, that Jack Valenti is one of the lowest forms of scum to walk the earth, but it won't do us one bit of good to sink to their level of calling apples oranges and oranges apples because we think it may help our side in this whole conflict. Truth is, it won't help, and it only harms our credibility.
(That is, unless the ladies take SpeedPass too!)
The bottom line is, VPNs make it possible to do things in business that aren't cost-effective any other way, and businesses are there to make money, not to be secure. It's a trade-off, and if the return outweighs the risk, it's worth the risk.
Real life is real life, and the realm of technology is no exception. For some reason, some people got the idea that magically, the world of technology can be free from the influences of bad people and just ordinary entropy. It has long since been figured out that there will be bugs, no matter what.
While some code is safer than others, and some companies are disturbingly sloppy in their coding procedures, ALL code is vulnerable. Making someone liable because they have bugs will punish all, and is contrary to the most fundamental fact of life: you're on your own, watch your own ass, life sucks, wear a helmet.
So, you're saying the main problem with IPSEC is that it's not a magic bullet? Nothing is...get over it. I've heard people say the same about firewalls, saying how firewalls make people think that they're totally secure, so they no longer patch systems or pay attention. That may be true sometimes, but it's still not a valid argument that firewalls are flawed. Security isn't one box or one piece of software, and saying that one has a problem because it doesn't blanket everything is like criticizing deadbolts because thieves can still break a window to get into your home.
I don't know about the rest of the world, but I know that I'm not buying much music these days because I'm so busy duplicating DVDs left and right. Well, that and exporting strong encryption :)
Hmm...where do you draw the line between "Internet" and "other stuff?" Is the cable modem the end of it? The cabling between it and the broadband router? The NIC in my computer? And of course, we couldn't use the Internet without the hard drive, the motherboard, the processor...