I had a uncle who worked at GM from the 50 to the 70s as a troubleshooter for production issues. (Got his engineering degree first, then later his MBA – back when such things mattered.). I also know some ex Ford line workers from the same era. So, yeah, it's anecdotal – but it is coming from two different sources. And no, it would be rare for a person to be able to pick the day the car was made.
Why? The date of manufacture is on the federal identification sticker in the door.
Does this shit even make sense to you? Do you really mean to suggest that there is some way to prevent the majority from oppressing the minority in a popular vote? If so, you are really going to need to explain how, because math is really not on your side.
As an individual, would you rather have some say or no say?
Should the sheep feel better that there was a 2 to 1 vote, to murder him? Some rights are more fundamental than the whim of a crowd, and to protect those rights a democracy is garbage. No matter how much classist garbage you spew, the ethical problem of a pure democracy still stands.
Also, lol at the Milton Friedman bit... did your phd adviser tell you that or something?
The stupid thing about NAC to protect from trusted internal users, is that their machines have to authenticate, and therefore have the keys to authenticate. Extracting them becomes a relatively simple process. All that it really provides is some notion of who is connected... but even then, a key can be stolen from a coworker.
Major Citation Needed on how this is somehow "elitist". Again, the sole purpose of the Constitution is to limit power.
PopeRatzo's mind is still spinning from all of the post-doctoral enlightenment that he got in college, there is not any factual (or, in spirit, even truthful) point in there to speak of.
Your vauge, broad strokes, ad hominem attacks on libertarians could easily apply to nearly any political persuasion followed by college students
That's what I said..."libertarian". The political philosophy of undergrads.
There you go again with your bullshit. I don't like anarco-communists, so they are the only assholes I see on campus, but at least I am grown up enough to acknowledge that the libertarians are spoiled college assholes too.
In summary... argument, trite; shut up, or grow up.
The vast majority of that paper essentially says if you configure the switch to blindly trust everyone, someone might
abuse that trust. The rest is warnings about some less than sensible things some switches might do if you allow defaults.
I read, "VLANs used to be insecure because of these myriad vulnerabilities, but Cisco switches defend against them mostly by default/design, so it is not really that bad."
I also read, VLAN switches need to be treated the same as security critical router/firewalls, because they are now serving essentially the same role. Also, please keep paying for your proprietary switch's very expensive support contract, and plan to throw it away in 5 years when we build a new one.
At least in the US, you're way out of date. Lifetime limits became illegal in 2010, under the Affordable Care Act. Annual limits may currently be no less than $2 million, and will be outlawed entirely as of 2014.
I knew about the supposed, "Affordable Care Act", changes, but lets just say that I will believe that when I see it actually happen and continue to happen.
That's not true at all. Yes there exists a VLAN hopping exploit, but it is easily prevented by modern switches. While VLANs weren't intended for security in the beginning, that has become one of their new purposes. Otherwise, layer 3 switches would probably never be used in any environment where security was major a concern, but that's simply not the case.
Another extension of the VLAN concept is PVLANs, whose purpose is for nothing else other than security, primarily used in hotels to prevent hacking, but has other uses as well, nearly all of them security related.
Some further research indicates that my initial reaction to VLAN and security is somewhat dated, and VLAN tech has improved drastically since. Still, there does seem to be a few places where poor configuration could lead to a spectacular breach, simply because any exploit of the switch allows an attacker to access any VLAN segment.
VLANs are not for security! Any two things plugged into the same switch, whether virtual or real, can talk to each other if sufficiently motivated.
This is simply not true. You're probably referring to 802.1q tag hopping attacks, which are not particularly difficult to prevent.
Do you really think tag hopping is the only attack on VLAN? Perhaps you should read what Cisco says about the matter, if your job depends on it: http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml . They point out that with an adequately secure switch, and good configuration practices, that the security is adequate. Without all of the correct practices, VLANs provide a very dangerous false sense of security.
You can NAT the network off and and don't do port forwarding to the out side also have a quick kill where you just need to pull a cable to cut the VM's off from the rest of the network.
If you were joking, I got a pretty solid LOL out of it.
I don't think you need to worry about OS security, since that is the point of using VMs. However, the "key" to this question is the definition of "segmented." There are host of nefarious and simple mistakes you can make to completely trash the network of the of the VMs. I would recommend disabling multicast.
Banning the use of fork() can't hurt either.
Yes, banning fork() can hurt, because how else are you supposed to learn about it. Also, running a forkbomb in a VM would have no effect at all on the VM host.
No matter what you use, unless it's hard to install and configure the slack-jawed neckbeards of Slashdot won't bless it with their magic wand.
Just get some flavor of VMware and move on with your life.
Yep, I love ESXi, it is fast and easy to install. It is also free. Just, if you plug it in to the school network, make sure to have it connected as its own zone to the firewall machine.
This is not an example of a human rights problem, it is an example of a bureaucracy wantonly inflicting some punishment upon someone, justified by a tenuous reading of an inapplicable regulation. The whole situation is an epitome of bureaucratic abuse, of which many more can be found all over the world. If calling specific people on the phone is illegal from the summit of Mt Everest, a new regulation should be written for future visitors, because calling one guy, with a consumer smart phone, a broadcast television crew, is pretty much bullshit, and you know it.
Anyways, this seems more like a PR nightmare for Nepal, somewhere on the level of suing your customers, or filing slander lawsuits against reviewers.
Also, kindly shut the fuck up about libertarian. Your vauge, broad strokes, ad hominem attacks on libertarians could easily apply to nearly any political persuasion followed by college students (look around a campus, and you will find some outspoken, spoiled person that you don't like). Frankly, it is trite. If you really feel the urge for public discourse, at least talk about something meaningful or relevant. This might include doing some actual research or reading, and generally commenting from a position of knowledge, instead of blurting out the first thing you remember from some rant you heard once, somewhere.
My point was that, if we suddenly had cheap and, for all practical purposes, unlimited energy, it would no longer be a scarce resource until such time as we came up with some new practical purposes.
Wow, your point turned into my point... I guess we agree now.
But it's hard to come up with new uses for it that would count as actual _needs_.
Alright, Karl Marx. I seem to recall that in the late 80s and early 90s, nobody really needed a cell phone. We certainly do not need refrigerators, ice boxes worked just fine. Automobiles, are totally frivolous when you can use a horse that runs on nice carbon neutral grass. See? Talking about what you need is a waste of time, because needs apply to a specific style of life. Personally, I would rather have a style of life closer to Star Trek than early 2013.
It would take some other technological great leap forward: teleporters, matter replicators, personal space travel, etc.
Business service is almost the same price anyways.
Get off the crack, dude.
I have had the opportunity to buy business grade cable (I use it at home, it is $15/month more than regular cable), and business grade DSL, which costs about the same unless you want a static IP. If your experience differs, I suggest you search for a different provider (or start smoking crack).
Slashdot Mirror
Most T1s now are brought into the building as DSL on two copper pairs...
I had a uncle who worked at GM from the 50 to the 70s as a troubleshooter for production issues. (Got his engineering degree first, then later his MBA – back when such things mattered.). I also know some ex Ford line workers from the same era. So, yeah, it's anecdotal – but it is coming from two different sources. And no, it would be rare for a person to be able to pick the day the car was made.
Why? The date of manufacture is on the federal identification sticker in the door.
As an individual, would you rather have some say or no say?
Should the sheep feel better that there was a 2 to 1 vote, to murder him? Some rights are more fundamental than the whim of a crowd, and to protect those rights a democracy is garbage. No matter how much classist garbage you spew, the ethical problem of a pure democracy still stands.
Also, lol at the Milton Friedman bit... did your phd adviser tell you that or something?
I'm sure there's billions to be made from people rubbing bits of you on bits of them.
That's only legal in Nevada.
Everywhere else your pimp has to pay local law enforcement off.
I've written some myself, disguised as a 'Facebook hack tool',
Technically, it was not disguised... only, it was nonspecific about who was being hacked.
Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise.
Privilege escalation is a very real threat, even in Linux, and particularly when an attacker has user-level computer access already.
The stupid thing about NAC to protect from trusted internal users, is that their machines have to authenticate, and therefore have the keys to authenticate. Extracting them becomes a relatively simple process. All that it really provides is some notion of who is connected... but even then, a key can be stolen from a coworker.
Major Citation Needed on how this is somehow "elitist". Again, the sole purpose of the Constitution is to limit power.
PopeRatzo's mind is still spinning from all of the post-doctoral enlightenment that he got in college, there is not any factual (or, in spirit, even truthful) point in there to speak of.
It was an exercise in anti-democracy.
Democracy is a two wolves and a sheep voting on what to have for dinner. Remember that the smallest, and most oppressed minority, is the individual.
That's what I said..."libertarian". The political philosophy of undergrads.
There you go again with your bullshit. I don't like anarco-communists, so they are the only assholes I see on campus, but at least I am grown up enough to acknowledge that the libertarians are spoiled college assholes too.
In summary... argument, trite; shut up, or grow up.
The vast majority of that paper essentially says if you configure the switch to blindly trust everyone, someone might abuse that trust. The rest is warnings about some less than sensible things some switches might do if you allow defaults.
I read, "VLANs used to be insecure because of these myriad vulnerabilities, but Cisco switches defend against them mostly by default/design, so it is not really that bad."
I also read, VLAN switches need to be treated the same as security critical router/firewalls, because they are now serving essentially the same role. Also, please keep paying for your proprietary switch's very expensive support contract, and plan to throw it away in 5 years when we build a new one.
At least in the US, you're way out of date. Lifetime limits became illegal in 2010, under the Affordable Care Act. Annual limits may currently be no less than $2 million, and will be outlawed entirely as of 2014.
I knew about the supposed, "Affordable Care Act", changes, but lets just say that I will believe that when I see it actually happen and continue to happen.
That's not true at all. Yes there exists a VLAN hopping exploit, but it is easily prevented by modern switches. While VLANs weren't intended for security in the beginning, that has become one of their new purposes. Otherwise, layer 3 switches would probably never be used in any environment where security was major a concern, but that's simply not the case.
Another extension of the VLAN concept is PVLANs, whose purpose is for nothing else other than security, primarily used in hotels to prevent hacking, but has other uses as well, nearly all of them security related.
Some further research indicates that my initial reaction to VLAN and security is somewhat dated, and VLAN tech has improved drastically since. Still, there does seem to be a few places where poor configuration could lead to a spectacular breach, simply because any exploit of the switch allows an attacker to access any VLAN segment.
VLANs are not for security! Any two things plugged into the same switch, whether virtual or real, can talk to each other if sufficiently motivated.
This is simply not true. You're probably referring to 802.1q tag hopping attacks, which are not particularly difficult to prevent.
Do you really think tag hopping is the only attack on VLAN? Perhaps you should read what Cisco says about the matter, if your job depends on it: http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml . They point out that with an adequately secure switch, and good configuration practices, that the security is adequate. Without all of the correct practices, VLANs provide a very dangerous false sense of security.
So - have a lesson on forkbombs prepared for when that happens.
How about a lesson about how being little shitheads means doing something less fun/interesting in class.
You can NAT the network off and and don't do port forwarding to the out side also have a quick kill where you just need to pull a cable to cut the VM's off from the rest of the network.
If you were joking, I got a pretty solid LOL out of it.
VirtualBox is a slow turd.
I don't think you need to worry about OS security, since that is the point of using VMs. However, the "key" to this question is the definition of "segmented." There are host of nefarious and simple mistakes you can make to completely trash the network of the of the VMs. I would recommend disabling multicast.
Banning the use of fork() can't hurt either.
Yes, banning fork() can hurt, because how else are you supposed to learn about it. Also, running a forkbomb in a VM would have no effect at all on the VM host.
No matter what you use, unless it's hard to install and configure the slack-jawed neckbeards of Slashdot won't bless it with their magic wand.
Just get some flavor of VMware and move on with your life.
Yep, I love ESXi, it is fast and easy to install. It is also free. Just, if you plug it in to the school network, make sure to have it connected as its own zone to the firewall machine.
for each of the students and don't allow any interface between them...and certainly no main network/internet access.
VLANs are not for security! Any two things plugged into the same switch, whether virtual or real, can talk to each other if sufficiently motivated.
This is not an example of a human rights problem, it is an example of a bureaucracy wantonly inflicting some punishment upon someone, justified by a tenuous reading of an inapplicable regulation. The whole situation is an epitome of bureaucratic abuse, of which many more can be found all over the world. If calling specific people on the phone is illegal from the summit of Mt Everest, a new regulation should be written for future visitors, because calling one guy, with a consumer smart phone, a broadcast television crew, is pretty much bullshit, and you know it.
Anyways, this seems more like a PR nightmare for Nepal, somewhere on the level of suing your customers, or filing slander lawsuits against reviewers.
Also, kindly shut the fuck up about libertarian. Your vauge, broad strokes, ad hominem attacks on libertarians could easily apply to nearly any political persuasion followed by college students (look around a campus, and you will find some outspoken, spoiled person that you don't like). Frankly, it is trite. If you really feel the urge for public discourse, at least talk about something meaningful or relevant. This might include doing some actual research or reading, and generally commenting from a position of knowledge, instead of blurting out the first thing you remember from some rant you heard once, somewhere.
My point was that, if we suddenly had cheap and, for all practical purposes, unlimited energy, it would no longer be a scarce resource until such time as we came up with some new practical purposes.
Wow, your point turned into my point... I guess we agree now.
But it's hard to come up with new uses for it that would count as actual _needs_.
Alright, Karl Marx. I seem to recall that in the late 80s and early 90s, nobody really needed a cell phone. We certainly do not need refrigerators, ice boxes worked just fine. Automobiles, are totally frivolous when you can use a horse that runs on nice carbon neutral grass. See? Talking about what you need is a waste of time, because needs apply to a specific style of life. Personally, I would rather have a style of life closer to Star Trek than early 2013.
It would take some other technological great leap forward: teleporters, matter replicators, personal space travel, etc.
Now you are using your mind.
If their intent was to block anything that could technically be considered a server, they would merely drop all incoming syn packets...
We both know what they are talking about, no matter how dumb one or the other of us plays.
Business service is almost the same price anyways.
Get off the crack, dude.
I have had the opportunity to buy business grade cable (I use it at home, it is $15/month more than regular cable), and business grade DSL, which costs about the same unless you want a static IP. If your experience differs, I suggest you search for a different provider (or start smoking crack).
A few servers scattered around the house and in the attic is OK but once you start putting them in racks you're looking for trouble?
No, a provision forbidding any server is in the TOS of all residential broadband service. Business service is almost the same price anyways.