"For one thing, in two of its three modes of operation BitLocker requires a cryptographic hardware chip called a Trusted Platform Module and a compatible BIOS. These chips are yet to become widely available much less deployed."
Most boards made by intel in last year have TPMs, and they are enabled by default. Last I knew Intel was Dell's motherboard supplier of choice (that may have changed, I haven't kept track), but it seems there's a fairly reasonable chance that almost any dell (and possibly hp/compaq too) with a Core Solo or better has a TPM and has it enabled.
It sounds like what you want is OpenVPN. I am assuming you do not want one of those crappy web based solutions that ruined the "SSL VPN" for a while in late 90s/early 2000s. OpenVPN is very solid, fairly easy to configure, and the windows client is very good.
If you have a little scripting skill, you can even make deploying it a total breeze assuming you have a secure https site that your employees can access.
1) Setup OpenVPN server (works on windows, but I recommend OpenBSD for security reasons). 2) Create a secure website where the employees can log in. 3) Create (or find, someone else has probably made one) a cgi to dynamically create SSL certs based off their username, and ask them for a password (not the same as their LDAP password). 4) SSL cert is added to the openvpn install bundle and a link to the bundle is presented to the user for download 5) They follow simple install procedure, (probably reboot), and then they should be good to go.
Not something you can do in five minutes, but once you get it done it should be easy street.
My $400 Xbox 360 came with a nice set of component cables. Have fun with your $15 cable. I'm sure the quality is just stellar.
A $15 HDMI cable (digital signal) looks better or at least as good as your "nice set" of component cables (analog signal), but way to put him in his place.
The PS3 also comes with a "nice set" of component cables, btw.
"So we're supposed to believe that two guys who made a video (ie. it wasn't a live demo)"
Right, they didn't do it live, because it's a wireless exploit, and they are in a room full of people with wireless sniffers... are you there yet?
"using a 3rd party driver/wireless card but refuse to disclose how it was done."
Right, that's part of the delayed disclosure thing, that's how it works (also see above).
"Ok, so they told Apple they were going to demo this? Even if they did (or apple found out somehow) what can apple do? Nothing, so what's the point of the 3rd party driver and card?"
Nothing? Have you missed the flurry of lawsuits against people who disclose vulnerabilities? Have you missed that apple is very litigious, even over small things (see suing bloggers).
"So all those flaws vs. the fact that it took apple a while to deny it?"
You haven't found a flaw yet.
"Maybe apple took a second look through their code to make sure there wasn't a flaw."
Spoken like someone who isn't a coder. "Ya, I just looked at the code and made sure it was flawless, no matter the input, it is perfect in every way." They've said they don't know how the exploit works, which means they wouldn't know how to check for a relevant flaw, which means what you're saying makes no sense. The best they can do is say "we don't think there is a flaw," until they know more about it, that's the best they can do (which is closer to what they actually said than what you implied).
Again, I don't know if this exploit is real, it may not be, we'll just have to wait and see.
They added it to the website because people are dumb. If you don't believe people are dumb please look at the various posts are the internet regarding this exploit. Bear in mind that this is a layer-2 driver level exploit, then look at all the comments saying
"So did they get root/admin, I mean they never said did they?"
"This wouldn't work against my firewall!"
"That's why I use anti-virus!"
Stupid statement after stupid statement - by people who think they know what they're talking about, and who then tell people who know even less. These geniuses, combined with the (always stupid) tech reporting of the media, led to confusion on the issue.
Like I said, they were abundantly clear about the 3rd party wifi. But, sometimes these things get lost in the retelling (by the stupid to the stupider), that's hardly their fault.
It certainly could be, but that's directly counter to what they said, so you'd expect them to make some sort of annoucement to that effect rather than just say nothing, right? It could also be that apple is proving to be dicks about releasing the information, perhaps threatening legal action. We have no information either way on this, so assuming either would be silly.
You keep using this word (fact), I do not think it means what you think it means.
"The fact is, the two guys that showed off this exploit didn't actually exploit Apple hardware but claimed they did." - I was actually at the conference, were you? They made it EXPLICITY clear that they were using a 3rd party wireless card, I mean, they said it like four times (as if it wasn't obvious from the video anyway). So if you're saying that they claimed the video showed them exploit Apple's hardware, you're plain out wrong, they never claimed that. If you're saying they claimed to be able to exploit the built-in hardware, you're right they did, and none of us can disprove that claim right now. So either way they can't be shown to be lying right now, although if this doesn't prompt them to release the code pretty quickly then things will start to look bad for them.
Apple says they don't know how the exploit works, but that they aren't affected by it, this seems an odd statement to make (imo). The most damning part of Apple's statement is actually them saying they have been provided no details nor code on the exploit, as that was ostensibly the reason for the delay of releasing the code to the public. That part does make me think something is up, but the rest of Apple's statement means absolutely nothnig.
So, the company that was reported to be vulnerable, who admits that they have no idea how the exploit works, says they're untouchable. Well then, they must be right!
I'm not saying they are vulnerable mind you (I simply don't know), but if you're going to be so skeptical about the claim then you might want to apply that skepticism to both sides of the fence.
If you had read the above blurb at all, you'd have seen that apple isn't claiming the video is fake, so your discussion about how easy it would be to fake the video is completely irrelevant. They always stated that in the video they were using a third party device, they truly couldn't have been clearer about it.
That said, they also stated at DEFCON (where they gave the same talk) that the built-in apple wifi was also vulnerable. So you ask why we believed that, because the people who found the vulnerability said so. Frankly I am still inclined to believe it considering it's taken weeks for apple to deny it, but we'll see I suppose.
He did a bit, it was funny, that was the end of it. The ramifications on wikipedia regarding a user who is probably not stephen colbert anyway (probably a staffer) mean nothing. The point was to get laughs - Mission Accomplished!
"Do all hippies think that we don't need a military?"
Try again, I'm far from a hippy. While you're retrying things, try reading my post again. How does the idea "we don't need this ridiculously expensive and not terribly useful plane" become "we don't need a military."
I'll start by saying that you may very well be right, lead and market penetration means alot especially in this industry.
But, that said, satellite radio sucks. The music/programming choices are great, but the sound quality is terrible, it is so ridiculously compressed I just couldn't handle it. Not to mention that I couldn't get any reception at work or home, it only worked in the car.
If HD radio gives you decent reception and actual high quality audio I might consider it.
Or they could have put her in pretty but comfy looking pajamas, like actresses on TV wear when their charactors go to bed. That would have actually implied sleep, as opposed to lingerie, which implies sex.
This isn't a sitcom, it's an ad, get over it. If an execution-style bullet hole between the eyes still implies sex or a crime of passion then nothing I say is going to convince you.
Yeah, I always wear sexy lingerie to sleep it. It's just so comfortable. Not.
Of course you don't do it, it's not real, it's an ad. Girls don't dive out of windows into dresses to avoid anti-perspirant marks either, but it's not real, it's sensationalized. It wouldn't have been as visually interesting a picture if she was 40 lbs overweight, in granny panties, a ratty old bra, and had buckteeth and zit cream on her face. A large percentage of people sleep naked, but if they did that even more people would be yelling rape, even though that would realistically be pointing even more towards sleep.
It's an ad, pretty sells better than ugly, this is not new.
It wasn't sexualized to me. A woman has been shot in her sleep, that's what I saw. At no point did I think about rape either before or after the killing. I don't even see it now that people say it; her clothes appear undisturbed and by all appearances there hasn't been a hand on her or the bed.
Quite frankly, the people who are seeing that in this picture are the ones who worry me.
you simply force the ISPs who provide.xxx to agree to a licence which allows them to inspect sites they provide to see they meet the standards
OK, so they inspect the site, and it shows "you have correctly installed Apache." Passes the test then right? What about when it changes the next day. What about when it changes every day, or every hour, or every 10 minutes? How often are they going to inspect the site? How are they supposed to verify what is legal and what isn't? They've already tried this before, if you'll remember the ill-fated bill that made ISPs responsible for the content hosted on their sites, and it was a dismal failure.
It is impossible for them to effectively monitor their sites: there are far too many of them, they change far too frequently, it is not readily automatable, and it in most cases it is very time-consuming to actually verify violations.
porn sites garenteed to be safe and malware free? I'm sure most male (and probably most female too) would love the prospect of the ability to get porn *legally* without the risk of infecting their PC.
Not really feasible. They can't enforce that for.coms now can they? Besides, even if it is free of adware/malware, it may still not be legal, who knows if they actually have the distribution rights to whatever random piece of porn they are distributing.
Vetting the domains could stop underage people both visiting and appearing in.xxx sites too.
Appearing? How would this have any effect on that? But I digress, visiting. OK, so how do we verify the age? Most places now want a credit card number, and call me paranoid, but there's no way in hell I'm giving out my CC or even my name to some random porn site. How about a central site that is trusted and verifies who I am, then verifies with the site without giving out who I am. Great on the surface, except it still means that you have no anonymity in your surfing, its just one agency that knows everything instead of many singular sites that just know about them. I understand wanting to verify the age, but if you can't do that without stepping on anonymity then forget it.
Of course no politition wants to actively promote porn so they'll stamp on it to promote 'christian values'
Actually just the opposite. The politicans want this, if they can force all the porn into one TLD then it becomes trivial to block it. Your "christian values" will be pure and unbesmirched as long as you block ".xxx". That is in fact the point of this entire discussion, and why it keeps being proposed.
The real problem here is what should be forced into this domain. Hardcore gang bang site, sure. How about an education site about how to have a better sex life with your wife? hmm. How about a photographer who usually does landscape/architecture pictures but also a few artistic nudes, or maybe just topless? How about an artist who sketches nudes? How about a blog which usually has nothing to do with sex, but occassionaly mentions some encounter? Now what if the blogger is homosexual, same standard? It all comes back to the age old art/porn discussion which is unenforcable, especially in a global forum where the standards on this vary so much.
Slashdot Mirror
The only benefits of OS X are software, the hardware is the same as any other Intel PC these days, just has a different shiny wrapper on it.
It is however so slow that you can't do much with it.
"For one thing, in two of its three modes of operation BitLocker requires a cryptographic hardware chip called a Trusted Platform Module and a compatible BIOS. These chips are yet to become widely available much less deployed."
Most boards made by intel in last year have TPMs, and they are enabled by default. Last I knew Intel was Dell's motherboard supplier of choice (that may have changed, I haven't kept track), but it seems there's a fairly reasonable chance that almost any dell (and possibly hp/compaq too) with a Core Solo or better has a TPM and has it enabled.
It sounds like what you want is OpenVPN. I am assuming you do not want one of those crappy web based solutions that ruined the "SSL VPN" for a while in late 90s/early 2000s. OpenVPN is very solid, fairly easy to configure, and the windows client is very good.
If you have a little scripting skill, you can even make deploying it a total breeze assuming you have a secure https site that your employees can access.
1) Setup OpenVPN server (works on windows, but I recommend OpenBSD for security reasons).
2) Create a secure website where the employees can log in.
3) Create (or find, someone else has probably made one) a cgi to dynamically create SSL certs based off their username, and ask them for a password (not the same as their LDAP password).
4) SSL cert is added to the openvpn install bundle and a link to the bundle is presented to the user for download
5) They follow simple install procedure, (probably reboot), and then they should be good to go.
Not something you can do in five minutes, but once you get it done it should be easy street.
My $400 Xbox 360 came with a nice set of component cables. Have fun with your $15 cable. I'm sure the quality is just stellar.
A $15 HDMI cable (digital signal) looks better or at least as good as your "nice set" of component cables (analog signal), but way to put him in his place.
The PS3 also comes with a "nice set" of component cables, btw.
"So we're supposed to believe that two guys who made a video (ie. it wasn't a live demo)"
... are you there yet?
Right, they didn't do it live, because it's a wireless exploit, and they are in a room full of people with wireless sniffers
"using a 3rd party driver/wireless card but refuse to disclose how it was done."
Right, that's part of the delayed disclosure thing, that's how it works (also see above).
"Ok, so they told Apple they were going to demo this? Even if they did (or apple found out somehow) what can apple do? Nothing, so what's the point of the 3rd party driver and card?"
Nothing? Have you missed the flurry of lawsuits against people who disclose vulnerabilities? Have you missed that apple is very litigious, even over small things (see suing bloggers).
"So all those flaws vs. the fact that it took apple a while to deny it?"
You haven't found a flaw yet.
"Maybe apple took a second look through their code to make sure there wasn't a flaw."
Spoken like someone who isn't a coder. "Ya, I just looked at the code and made sure it was flawless, no matter the input, it is perfect in every way." They've said they don't know how the exploit works, which means they wouldn't know how to check for a relevant flaw, which means what you're saying makes no sense. The best they can do is say "we don't think there is a flaw," until they know more about it, that's the best they can do (which is closer to what they actually said than what you implied).
Again, I don't know if this exploit is real, it may not be, we'll just have to wait and see.
They added it to the website because people are dumb. If you don't believe people are dumb please look at the various posts are the internet regarding this exploit. Bear in mind that this is a layer-2 driver level exploit, then look at all the comments saying
"So did they get root/admin, I mean they never said did they?"
"This wouldn't work against my firewall!"
"That's why I use anti-virus!"
Stupid statement after stupid statement - by people who think they know what they're talking about, and who then tell people who know even less. These geniuses, combined with the (always stupid) tech reporting of the media, led to confusion on the issue.
Like I said, they were abundantly clear about the 3rd party wifi. But, sometimes these things get lost in the retelling (by the stupid to the stupider), that's hardly their fault.
It certainly could be, but that's directly counter to what they said, so you'd expect them to make some sort of annoucement to that effect rather than just say nothing, right? It could also be that apple is proving to be dicks about releasing the information, perhaps threatening legal action. We have no information either way on this, so assuming either would be silly.
You keep using this word (fact), I do not think it means what you think it means.
"The fact is, the two guys that showed off this exploit didn't actually exploit Apple hardware but claimed they did." - I was actually at the conference, were you? They made it EXPLICITY clear that they were using a 3rd party wireless card, I mean, they said it like four times (as if it wasn't obvious from the video anyway). So if you're saying that they claimed the video showed them exploit Apple's hardware, you're plain out wrong, they never claimed that. If you're saying they claimed to be able to exploit the built-in hardware, you're right they did, and none of us can disprove that claim right now. So either way they can't be shown to be lying right now, although if this doesn't prompt them to release the code pretty quickly then things will start to look bad for them.
Apple says they don't know how the exploit works, but that they aren't affected by it, this seems an odd statement to make (imo). The most damning part of Apple's statement is actually them saying they have been provided no details nor code on the exploit, as that was ostensibly the reason for the delay of releasing the code to the public. That part does make me think something is up, but the rest of Apple's statement means absolutely nothnig.
So, the company that was reported to be vulnerable, who admits that they have no idea how the exploit works, says they're untouchable. Well then, they must be right!
I'm not saying they are vulnerable mind you (I simply don't know), but if you're going to be so skeptical about the claim then you might want to apply that skepticism to both sides of the fence.
If you had read the above blurb at all, you'd have seen that apple isn't claiming the video is fake, so your discussion about how easy it would be to fake the video is completely irrelevant. They always stated that in the video they were using a third party device, they truly couldn't have been clearer about it.
That said, they also stated at DEFCON (where they gave the same talk) that the built-in apple wifi was also vulnerable. So you ask why we believed that, because the people who found the vulnerability said so. Frankly I am still inclined to believe it considering it's taken weeks for apple to deny it, but we'll see I suppose.
He did a bit, it was funny, that was the end of it. The ramifications on wikipedia regarding a user who is probably not stephen colbert anyway (probably a staffer) mean nothing. The point was to get laughs - Mission Accomplished!
... couple of wavy lines.
Some literacy statistics from http://www.caliteracy.org/resourcesreferrals/liter acystatistics/index.html
49th - The rank of the United States among the 156 United Nation member countries in its rate of literacy. (United Nations)
24% of adults in California are at the lowest literacy level. (National Adult Literacy Survey)
"Do all hippies think that we don't need a military?"
Try again, I'm far from a hippy. While you're retrying things, try reading my post again. How does the idea "we don't need this ridiculously expensive and not terribly useful plane" become "we don't need a military."
Straw-man much? Sure you do.
Practical and affordable too I bet. Who cares how many kids can't read?
I would be just fine if they ditched Farnsworth's clone and Hermes kid, they were by far the least entertaining characters.
The "loser pays rule" does not apply to every case, only ridiculously frivolous ones like this.
I'll start by saying that you may very well be right, lead and market penetration means alot especially in this industry.
But, that said, satellite radio sucks. The music/programming choices are great, but the sound quality is terrible, it is so ridiculously compressed I just couldn't handle it. Not to mention that I couldn't get any reception at work or home, it only worked in the car.
If HD radio gives you decent reception and actual high quality audio I might consider it.
Sorry but that means nothings. I've seen at least 4 other surveys that say the opposite, and even those don't carry much weight in my opinion.
And a telephone survey? We really still do those?
Or they could have put her in pretty but comfy looking pajamas, like actresses on TV wear when their charactors go to bed. That would have actually implied sleep, as opposed to lingerie, which implies sex.
This isn't a sitcom, it's an ad, get over it. If an execution-style bullet hole between the eyes still implies sex or a crime of passion then nothing I say is going to convince you.
Yeah, I always wear sexy lingerie to sleep it. It's just so comfortable. Not.
Of course you don't do it, it's not real, it's an ad. Girls don't dive out of windows into dresses to avoid anti-perspirant marks either, but it's not real, it's sensationalized. It wouldn't have been as visually interesting a picture if she was 40 lbs overweight, in granny panties, a ratty old bra, and had buckteeth and zit cream on her face. A large percentage of people sleep naked, but if they did that even more people would be yelling rape, even though that would realistically be pointing even more towards sleep.
It's an ad, pretty sells better than ugly, this is not new.
It wasn't sexualized to me. A woman has been shot in her sleep, that's what I saw. At no point did I think about rape either before or after the killing. I don't even see it now that people say it; her clothes appear undisturbed and by all appearances there hasn't been a hand on her or the bed.
Quite frankly, the people who are seeing that in this picture are the ones who worry me.
you simply force the ISPs who provide .xxx to agree to a licence which allows them to inspect sites they provide to see they meet the standards
OK, so they inspect the site, and it shows "you have correctly installed Apache." Passes the test then right? What about when it changes the next day. What about when it changes every day, or every hour, or every 10 minutes? How often are they going to inspect the site? How are they supposed to verify what is legal and what isn't? They've already tried this before, if you'll remember the ill-fated bill that made ISPs responsible for the content hosted on their sites, and it was a dismal failure.
It is impossible for them to effectively monitor their sites: there are far too many of them, they change far too frequently, it is not readily automatable, and it in most cases it is very time-consuming to actually verify violations.
OK, I'll tell you the downside then.
.coms now can they? Besides, even if it is free of adware/malware, it may still not be legal, who knows if they actually have the distribution rights to whatever random piece of porn they are distributing.
.xxx sites too.
porn sites garenteed to be safe and malware free? I'm sure most male (and probably most female too) would love the prospect of the ability to get porn *legally* without the risk of infecting their PC.
Not really feasible. They can't enforce that for
Vetting the domains could stop underage people both visiting and appearing in
Appearing? How would this have any effect on that? But I digress, visiting. OK, so how do we verify the age? Most places now want a credit card number, and call me paranoid, but there's no way in hell I'm giving out my CC or even my name to some random porn site. How about a central site that is trusted and verifies who I am, then verifies with the site without giving out who I am. Great on the surface, except it still means that you have no anonymity in your surfing, its just one agency that knows everything instead of many singular sites that just know about them. I understand wanting to verify the age, but if you can't do that without stepping on anonymity then forget it.
Of course no politition wants to actively promote porn so they'll stamp on it to promote 'christian values'
Actually just the opposite. The politicans want this, if they can force all the porn into one TLD then it becomes trivial to block it. Your "christian values" will be pure and unbesmirched as long as you block ".xxx". That is in fact the point of this entire discussion, and why it keeps being proposed.
The real problem here is what should be forced into this domain. Hardcore gang bang site, sure. How about an education site about how to have a better sex life with your wife? hmm. How about a photographer who usually does landscape/architecture pictures but also a few artistic nudes, or maybe just topless? How about an artist who sketches nudes? How about a blog which usually has nothing to do with sex, but occassionaly mentions some encounter? Now what if the blogger is homosexual, same standard? It all comes back to the age old art/porn discussion which is unenforcable, especially in a global forum where the standards on this vary so much.