..or thousands of other American corporations who critically depend on worldwide, cross-border business being possible. Then your job is on the line when protectionism is being set up.
Germany and South Korea actually do quite well in international trade. We don't abuse workers, have excellent healthcare and pay proper wages. Maybe this is a specific problem of America and England not using their brains when it comes to worker education and proper regulation of financial markets ? The southern Euro suckers can be dropped in one bag with UK-USA. Poland, Finland, Denmark are doing quite well with international trade, thank you very much.
All those vocal Anglosaxon Crap Economists will write tons of papers which claim that one dollar of revenue from sandwich-making is as good as one dollar made from a car or measurement instrument.
That is, because their Finance Paymasters see those sandwiches every day when they take a break from their insane money-manipulations. They never see Industrial Robots in Canary Wharf or the NY finance district. So, Sandwiches are KEY FACILITATORS to the WORLD ECONOMY ! Everything would break down without a continuous supply of sandwiches ! Not just collateral-debt-obilgations, BUT THE WHOLE CASINO would stop !!
Never mind you can change German cars cars against Arab oil, but they don't want your sandwiches because they don't taste after being shipped for three weeks. Sandwiches and cars are wholly the same, proven by Anglosaxon idiots, I mean "Economists".
The difference is quite simple, Americans and Britons think it is "all about money". At least they did in the auto industry. In Germany, there is more than money involved in the car business. Boys become engineers because there is a long tradition of craftsmanship, because their fathers show them all sorts of ancient and current locomotives, aircraft and so on.
VW's long-term CEO Ferdinand Piech has an aeronautical engineering degree, which is much harder than mechanical engineering. So he has the best education you can get on earth for making cars (and many other machines). Compare that to the GM CEOs, who are all Master-Beancounters. Their cars are consequentially crap and rational buyers go for German or Japanese cars, even if their purchase cost is higher. TCO will certainly be better, as VW cars normally just don't break (except for regular wear and tear).
I am a software developer (C++) and I don't need any mobile phone. Before I had a dumbphone until it broke. I take the train/bus to work and back. We have a car to move the food to our home and for leisure activities. We could even do without a car, I guess. Taxis might actually be cheaper, if you add up all the costs. I am living and working in Germany.
I worked for a financial data dissemination company and they officially had "business continuity" plans to handle things like "building burns down with some critical computers".
In REALITY, there was very little redundancy and an actual disaster event would have eliminated a lot of services for many customers. It was just "too expensive" and nobody in the management circles attempted to do anything except hand-wringing. "Oh, we should do something, BUT IT IS SOO EXPENSIVE" and "we cannot tell the customers". Just buying redundant x86 servers was too expensive.
But I also know that most real-world customers are dumb fucks (Mr Zuckerberg coined that term) who do not want to hear the truth.
You are American and you call Chinese businesspeople "cleptocrats" ??
Now whatabout the CEO of Lehman Brothers ? He must then be part of the Sicilian Mafia, in your classification of criminals. I have Secret Intelligence for you: Mr Fuld did not even sit for a single day in jail.
Maybe you Americans get your ass out of your head and clean up that shithole called "New York", because this place is killing your economy. It is not China, even if that nicely meshes with your deep-running belligerent instincts.
Free advice from Germany, no Chinese relation whatsoever, except that the cars we build are selling in record numbers in China, because they are high quality, high priced.
They have become cynical people who essentially care about Money first, Money second and Money third. All what facilitates the nice inflow of money is being done. Security - it only costs money and it will never generate revenue. The cost of your corporate secrets being exfiltrated to an asian competitor - who cares. There is no way beancounters can properly account cost for that, so it is assumed to be zero, by means of ignorance. The western world has grown into a morally rotten bunch of muppets, pretty much like it was in the 1920s. Let's see what follows.
makes me think you Ma is 100% rational. People doing sysadmin, database development and other operations roles for a major CC acquirer would run XP. Everybody would be Admin user 100% of time. They had direct access to Oracle databases, could edit Perl scripts, kill processes etc etc. Of course they would surf the web with the same user accounts.
Not in Buttfuckistan, but in a major european economy, an economy so strong all the suckers next to it want a share of it's wealth.
When they come for you... you either need a gun, because they have fully mutated into the KGB, or they just want to intimidate you by spreading nasty lies. You will get accustomed to your neighbours being unfriendly to you. You will know what "free world" really means.
False Flag warmakers and people who toy with "mad nuclear strategies" will be respected persons, while you will be labelled a communist, terrorist or something. But you will get over it. You will say "lalalala" to all the media whores who cooperate with this nasty stuff.
The Linux machine runs the squid proxy and the client machine can't get into the internet except through the proxy. This also means you can monitor all the nasty spy traffic from facebook, google and a bazillion of "trackers". Very interesting.
..and you should deinstall it as soon as possible. All the theoretical security advantags of Java pale in the face of the shoddy VM and infrastructure (Java Webstart and so on implementation. Next to Adove products, Java is the biggest security risk on the average PC.
"military P code is encrypted and the US protects it heavily"
As a crypto-nazi comment, there is only proper crypto and your-sister-cannot-break crypto. "heavily" is a stupid word next to "encrypted".
Also, I recall people stating that only the "precision bits" are encoded, but the "coarse" bits are in the plain. Also, all of it does not seem to be crypto-checksummed. Can someone explain ?
..take some press releases metaphorically. If you can't decipher the metaphorical message, forget it. By default, forget gobbermint propaganda immediately. Helps a lot.
Secondly OO programming is now heavily used and it is a cornerstone of current software engineering. Even parts of the Unix kernel were done in an OO-style (device drivers a similar to virtual function calls). But OO programming is not a Silver Bullet. It solves many problems, but certainly not the worst ones, which are created by intellectual laziness, bad management and tough new problems.
Did Torx Screws fix all the problems of house-building ? No, but they are heavily used for good reasons (unrivalled, reliable torque+electric screw drivers). OO programming is similar.
If a corporation cannot look into encrypted data streams going in and out of their corporate network, they cannot properly discover malware intrusions (such as spearphishing and data exfiltration).
So this is not optional - it is a necessity if a corporation values the data inside their corporate network.
...that it is NOT *.exe attachments. These days are long over. Attackers use PDF or MS Office documents attached to emails. So you are Wally Blacksmith of Killcorp Inc. Your job entails developing novel radar systems. One nice, sunny morning you get a nicely worded email about "Innovations in low-observable Radar" and it writes about a conference in Napes, Italy. The sender appears to be james.smith@britishradar.com. So you can't wait to see that the brits are up to an you click on that PDF. Acrobat Reader opens, displays some more bogus Radar stuff (culled from public sources) and then it also starts a process which will nicely index all the files on your harddrive and all mounted SMB shares. Then it does the same thing for all ODBC connections it can open. As an added bonus, it will look into Wally's internet history for local websites and index them also.
The index will be sent via Gmail to an account controlled by the attacker. Based on the index, the juicy files of Mr Blacksmith (and Killcorp) will be identified and uploaded to Gmail. All nicely SSL encrypted, so that the admins of the Killcorp firewall can't look into it. (don't tell me Killcorp does not allow for that).
Attackers could possibly also use exploits in web browsers and send HTML emails, so that Wally doesn't even have to click an attachment.
Before I am going to elaborate, yes - technology will be only part of the fix. But technology will be a major part of better security !
Here is my list of security technologies:
Sandboxing:Google Chrome's Sandbox is an excellent example of how to limit damage from faulty code. Much more could be done by using this approach in many other file formats and use cases. Other interesting approaches are AppArmor, SE Linux and Linux Security Modules in general.
Formal Proofs:The problem with sandboxes and operating systems is of course their correctness. If the sandbox has exploitable bugs, it is obviously of little use. It would make a lot of sense for governments to pay for formally verified operating systems,VMs, sandboxes and compilers. And of course for research towards cost reductions in formal verification, as it is currently extremely time-consuming, difficult and expensive.
Memory Safe Programming Languages:The best part of all security issues can be directly blamed to the insecure-by-default approach of C/C++. Buffer overruns, uninitialized pointers accessed, freed pointers accessed, pointers doubly freed and similar issues are responsible for the majority of exploits. Just using memory-safe programming languages such as Spark Ada, Perl, C#, Java or Sappeur (created by myself, see http://sourceforge.net/projects/sappeurcompiler/) would immediately reduce the number of exploitable bugs by at least 60%.
In many application fields you cannot use sandboxes. Think of indexing engines that index the web - by definition a hostile place. It is quite inefficient to start a new indexing process for each and every document crawled.
Virtualization:If you have a properly (ie. no exploitable bugs) implemented virtual machine, this could act like a Sandbox on the operating system level. Unfortunately, as the HB Gary hacks have exposed, current virtual machine technology is not safe enough. Governments could possibly finance verification efforts here, too. (Private companies don't really have a strong incentive to do that from a money-point-of-view)
Research:Clearly, extensive research into security technologies and their application in real-world-scenarios is required. Security technologies must be nicely enmeshed into user's business processes. Overly restrictive or overly time-consuming technologies/approaches will be circumvented by users. A lot of work in how to make security tech actually ergonomic has yet to be done.
I think that would be the proper label for "Flame". Some middle east nation choked their opposing nation's weapons procurement official to death in Dubai, recently. They got his travel details from a recce virus in the guys computer. You "betcha" it was Flame or Brethren Of Flame. So the malware did not kill immediately, nut facilitated the killing.
The nation in question also disabled some russian-made airdefence system in a bombing raid on enemy territory (to take out a suspected reactor) and the rumor mill says the radar operators saw nothing. It is entirely plausible that they did this by some means of malware. I have no secret sources, but enough layman's knowledge to think of at least two major ways of doing it (networked or by directly sending a proper pulse sequence into the enemy radar system and telling it to go to sleep for the next few hours, essentially). Don't tell me russian radar software is flawless.
Slashdot Mirror
..or thousands of other American corporations who critically depend on worldwide, cross-border business being possible. Then your job is on the line when protectionism is being set up.
Germany and South Korea actually do quite well in international trade. We don't abuse workers, have excellent healthcare and pay proper wages. Maybe this is a specific problem of America and England not using their brains when it comes to worker education and proper regulation of financial markets ? The southern Euro suckers can be dropped in one bag with UK-USA. Poland, Finland, Denmark are doing quite well with international trade, thank you very much.
A) Driving heavy cars over long distances every day and B) Having shitty housing isolation.
Healthcare costs and tons of regulative papers that prevent an employee to be killed by boredom in the toilet.
All those vocal Anglosaxon Crap Economists will write tons of papers which claim that one dollar of revenue from sandwich-making is as good as one dollar made from a car or measurement instrument.
That is, because their Finance Paymasters see those sandwiches every day when they take a break from their insane money-manipulations. They never see Industrial Robots in Canary Wharf or the NY finance district. So, Sandwiches are KEY FACILITATORS to the WORLD ECONOMY ! Everything would break down without a continuous supply of sandwiches ! Not just collateral-debt-obilgations, BUT THE WHOLE CASINO would stop !!
Never mind you can change German cars cars against Arab oil, but they don't want your sandwiches because they don't taste after being shipped for three weeks. Sandwiches and cars are wholly the same, proven by Anglosaxon idiots, I mean "Economists".
The difference is quite simple, Americans and Britons think it is "all about money". At least they did in the auto industry. In Germany, there is more than money involved in the car business. Boys become engineers because there is a long tradition of craftsmanship, because their fathers show them all sorts of ancient and current locomotives, aircraft and so on. VW's long-term CEO Ferdinand Piech has an aeronautical engineering degree, which is much harder than mechanical engineering. So he has the best education you can get on earth for making cars (and many other machines). Compare that to the GM CEOs, who are all Master-Beancounters. Their cars are consequentially crap and rational buyers go for German or Japanese cars, even if their purchase cost is higher. TCO will certainly be better, as VW cars normally just don't break (except for regular wear and tear).
I am a software developer (C++) and I don't need any mobile phone. Before I had a dumbphone until it broke. I take the train/bus to work and back. We have a car to move the food to our home and for leisure activities. We could even do without a car, I guess. Taxis might actually be cheaper, if you add up all the costs. I am living and working in Germany.
I worked for a financial data dissemination company and they officially had "business continuity" plans to handle things like "building burns down with some critical computers".
In REALITY, there was very little redundancy and an actual disaster event would have eliminated a lot of services for many customers. It was just "too expensive" and nobody in the management circles attempted to do anything except hand-wringing. "Oh, we should do something, BUT IT IS SOO EXPENSIVE" and "we cannot tell the customers". Just buying redundant x86 servers was too expensive.
But I also know that most real-world customers are dumb fucks (Mr Zuckerberg coined that term) who do not want to hear the truth.
You are American and you call Chinese businesspeople "cleptocrats" ?? Now whatabout the CEO of Lehman Brothers ? He must then be part of the Sicilian Mafia, in your classification of criminals. I have Secret Intelligence for you: Mr Fuld did not even sit for a single day in jail. Maybe you Americans get your ass out of your head and clean up that shithole called "New York", because this place is killing your economy. It is not China, even if that nicely meshes with your deep-running belligerent instincts. Free advice from Germany, no Chinese relation whatsoever, except that the cars we build are selling in record numbers in China, because they are high quality, high priced.
All the Java is non-essential for standard tasks. You only need it for Java-based macros.
They have become cynical people who essentially care about Money first, Money second and Money third. All what facilitates the nice inflow of money is being done. Security - it only costs money and it will never generate revenue. The cost of your corporate secrets being exfiltrated to an asian competitor - who cares. There is no way beancounters can properly account cost for that, so it is assumed to be zero, by means of ignorance. The western world has grown into a morally rotten bunch of muppets, pretty much like it was in the 1920s. Let's see what follows.
makes me think you Ma is 100% rational. People doing sysadmin, database development and other operations roles for a major CC acquirer would run XP. Everybody would be Admin user 100% of time. They had direct access to Oracle databases, could edit Perl scripts, kill processes etc etc. Of course they would surf the web with the same user accounts. Not in Buttfuckistan, but in a major european economy, an economy so strong all the suckers next to it want a share of it's wealth.
When they come for you... you either need a gun, because they have fully mutated into the KGB, or they just want to intimidate you by spreading nasty lies. You will get accustomed to your neighbours being unfriendly to you. You will know what "free world" really means. False Flag warmakers and people who toy with "mad nuclear strategies" will be respected persons, while you will be labelled a communist, terrorist or something. But you will get over it. You will say "lalalala" to all the media whores who cooperate with this nasty stuff.
I forgot to mention that you can also block URL patterns with Squid. Whitelisting and blacklisting.
The Linux machine runs the squid proxy and the client machine can't get into the internet except through the proxy. This also means you can monitor all the nasty spy traffic from facebook, google and a bazillion of "trackers". Very interesting.
I am running OpenOffice and I don't have Java. Works excellently.
..and you should deinstall it as soon as possible. All the theoretical security advantags of Java pale in the face of the shoddy VM and infrastructure (Java Webstart and so on implementation. Next to Adove products, Java is the biggest security risk on the average PC.
"military P code is encrypted and the US protects it heavily" As a crypto-nazi comment, there is only proper crypto and your-sister-cannot-break crypto. "heavily" is a stupid word next to "encrypted". Also, I recall people stating that only the "precision bits" are encoded, but the "coarse" bits are in the plain. Also, all of it does not seem to be crypto-checksummed. Can someone explain ?
The "crashed" drone looked quite perfect. How do you explain this, and how do you actually know ? Because you are in the All American Rah Rah Club ?
..take some press releases metaphorically. If you can't decipher the metaphorical message, forget it. By default, forget gobbermint propaganda immediately. Helps a lot.
..all the things the gobbermint tells you. Even if gobbermint talks to you in the name of NASA.
First, Unix came with C as a twin.
Secondly OO programming is now heavily used and it is a cornerstone of current software engineering. Even parts of the Unix kernel were done in an OO-style (device drivers a similar to virtual function calls). But OO programming is not a Silver Bullet. It solves many problems, but certainly not the worst ones, which are created by intellectual laziness, bad management and tough new problems.
Did Torx Screws fix all the problems of house-building ? No, but they are heavily used for good reasons (unrivalled, reliable torque+electric screw drivers). OO programming is similar.
If a corporation cannot look into encrypted data streams going in and out of their corporate network, they cannot properly discover malware intrusions (such as spearphishing and data exfiltration). So this is not optional - it is a necessity if a corporation values the data inside their corporate network.
...that it is NOT *.exe attachments. These days are long over. Attackers use PDF or MS Office documents attached to emails. So you are Wally Blacksmith of Killcorp Inc. Your job entails developing novel radar systems. One nice, sunny morning you get a nicely worded email about "Innovations in low-observable Radar" and it writes about a conference in Napes, Italy. The sender appears to be james.smith@britishradar.com. So you can't wait to see that the brits are up to an you click on that PDF. Acrobat Reader opens, displays some more bogus Radar stuff (culled from public sources) and then it also starts a process which will nicely index all the files on your harddrive and all mounted SMB shares. Then it does the same thing for all ODBC connections it can open. As an added bonus, it will look into Wally's internet history for local websites and index them also.
The index will be sent via Gmail to an account controlled by the attacker. Based on the index, the juicy files of Mr Blacksmith (and Killcorp) will be identified and uploaded to Gmail. All nicely SSL encrypted, so that the admins of the Killcorp firewall can't look into it. (don't tell me Killcorp does not allow for that).
Attackers could possibly also use exploits in web browsers and send HTML emails, so that Wally doesn't even have to click an attachment.
Before I am going to elaborate, yes - technology will be only part of the fix. But technology will be a major part of better security ! Here is my list of security technologies:
Sandboxing:Google Chrome's Sandbox is an excellent example of how to limit damage from faulty code. Much more could be done by using this approach in many other file formats and use cases. Other interesting approaches are AppArmor, SE Linux and Linux Security Modules in general.
Formal Proofs:The problem with sandboxes and operating systems is of course their correctness. If the sandbox has exploitable bugs, it is obviously of little use. It would make a lot of sense for governments to pay for formally verified operating systems,VMs, sandboxes and compilers. And of course for research towards cost reductions in formal verification, as it is currently extremely time-consuming, difficult and expensive.
Memory Safe Programming Languages:The best part of all security issues can be directly blamed to the insecure-by-default approach of C/C++. Buffer overruns, uninitialized pointers accessed, freed pointers accessed, pointers doubly freed and similar issues are responsible for the majority of exploits. Just using memory-safe programming languages such as Spark Ada, Perl, C#, Java or Sappeur (created by myself, see http://sourceforge.net/projects/sappeurcompiler/) would immediately reduce the number of exploitable bugs by at least 60%.
In many application fields you cannot use sandboxes. Think of indexing engines that index the web - by definition a hostile place. It is quite inefficient to start a new indexing process for each and every document crawled.
Virtualization:If you have a properly (ie. no exploitable bugs) implemented virtual machine, this could act like a Sandbox on the operating system level. Unfortunately, as the HB Gary hacks have exposed, current virtual machine technology is not safe enough. Governments could possibly finance verification efforts here, too. (Private companies don't really have a strong incentive to do that from a money-point-of-view)
Research:Clearly, extensive research into security technologies and their application in real-world-scenarios is required. Security technologies must be nicely enmeshed into user's business processes. Overly restrictive or overly time-consuming technologies/approaches will be circumvented by users. A lot of work in how to make security tech actually ergonomic has yet to be done.
I think that would be the proper label for "Flame". Some middle east nation choked their opposing nation's weapons procurement official to death in Dubai, recently. They got his travel details from a recce virus in the guys computer. You "betcha" it was Flame or Brethren Of Flame. So the malware did not kill immediately, nut facilitated the killing.
The nation in question also disabled some russian-made airdefence system in a bombing raid on enemy territory (to take out a suspected reactor) and the rumor mill says the radar operators saw nothing. It is entirely plausible that they did this by some means of malware. I have no secret sources, but enough layman's knowledge to think of at least two major ways of doing it (networked or by directly sending a proper pulse sequence into the enemy radar system and telling it to go to sleep for the next few hours, essentially). Don't tell me russian radar software is flawless.