Virtually impossible? Had a sales call to demonstrate PDA security using a signature. The sales guy signed the screen and it unlocked. I had been studying how fast he did it, so when he passed it to me, I used roughly the same timings. And it unlocked. End of demo.
It's actually easier to observe signature timings than it is to shoulder-surf typing a password.
The simple problem is that with many biometric technologies, if you turn the false negative level so it rarely stops *you* logging in correctly, it's not too difficult for an attacker to also log in, without taking too many goes.
Try pointing them at GetSafeOnline.org which is intended for a broader audience than security professionals.
Failing that, once they get trashed, stick a Knoppix CD in the drive and boot off that for ever more.
So does the ruling mean that pop-up blockers and adblock are illegally violating US Copyright law by "irreparable injury to the creative artistic expression" in those web pages?
There's a very simple way to get much better compression - simply store the SHA-256 hash of every file instead. My average file size is about 126 Kbyte, so that's a 4000:1 compression.
OK, OK, you still have to store a full version of each file (or a traditionally compressed version). So for a single PC it doesn't make sense. But for an enterprise there are thousands of copies of those Windows OS files, tens or hundreds of those Powerpoint presentations, scatter-gun emails, etc - so why not just store them just once, and replace with the SHA-256 hash for every other version?
Since at best they check if the requestor looks like a valid company, not a trustworthy company.
Check out the Firefox Petname extension for a solution. This lets you mark the sites you trust, then checks that their cert fingerprint hasn't changed. So it also traps MITM and DNS poisoning threats.
So rather than depend on an external service to black-list all fraudsters, and do it accurately and promptly, this lets you white-list the small number of sites that matter to you.
It took me even less to install Windows Server 2003 on a brand new HP/Compaq box. Then a lot longer trying to find the network device drivers that had not been automatically installed. Then burning a CD to hold the 35 MB (yes, really!) of the HP drivers - since I couldn't download without the network.
I did consider rebooting into Knoppix (< 2 mins and it has the network drivers) but went the CD route as I knew I'd have to reinstall soon....
Cisco has determined that Cisco.com password protection has been compromised.
As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
If you do not receive your new password within five minutes, please contact the Technical Support Center.
This incident does not appear to be due to a weakness in Cisco products or technologies.
Check out the Jericho Forum - a group of major companies who also recognise that the role of the network perimeter firewall is becoming less relevant and an obstacle to business demands:
The Jericho Forum is an international forum of IT customer and vendor organisations who recognize that over the next few years, as technology and business continue to align closer to an open, Internet-driven world, the current security mechanisms that protect business information will not match the increasing demands for protection of business transactions and data in the future. Existing perimeters are full of holes. The 'walls' are crumbling. Managing the problems using today's security solutions is increasingly expensive and time-consuming.
A new approach is needed, to move from the traditional network perimeter down to the individual networked servers and devices - and ultimately to the level of the data being sent over the networks. The Jericho Forum aims to drive and influence development of security solutions, based on open standards, that will meet future business needs for secure interoperation of information systems to support collaboration and commerce over open networks, within and between organisations, based on a security architecture and design approach which the Forum calls de-perimeterisation.
Next major meeting is in Sydney on September 8th - join in the debate!
See the story The Wall Around the World written in 1953 by Theodore R. Cogswell. And look out for the Dark Man! (The Wall separated the technologists from the magicians.)
If your child wants to learn how to program, check out Java Programming for Kids, Parents and Grandparents. Java is a bit more complex than BASIC, but at least you don't have to unlearn so much if you want to do professional programming later.
If your child wants to learn more about what computers can do (as programming isn't for everyone), partition the disk and get them to install Linux - I'll be getting my son to do this with Ubuntu and Agnula soon. Then get them to reinstall the other partition with Windows XP. They'll learn a lot.
NoMachine NX provides many free clients (Linux, Windows, Solaris, Mac, Playstation 2, iPAQ) and commercial servers. A completely free FreeNX server is also available, based on the NoMachine sources.
These also support RDP and VNC protocols by converting to the compressed X protocol, which also gives bandwidth gains over the raw RDP/VNC. Check out this description of the technology.
Recent versions of Knoppix live-CD include the NoMachine client and FreeNX server, making it easy to test it out.
As well as being able to boot into Ubuntu linux desktop, the Ubuntu linux live CD also includes Windows versions of OpenOffice.org, Firefox, Thunderbird, Abiword, Gimp, PDFCreator and Audacity. These use the installer from The OpenCD.
Slashdot Mirror
Virtually impossible? Had a sales call to demonstrate PDA security using a signature. The sales guy signed the screen and it unlocked. I had been studying how fast he did it, so when he passed it to me, I used roughly the same timings. And it unlocked. End of demo.
It's actually easier to observe signature timings than it is to shoulder-surf typing a password.
The simple problem is that with many biometric technologies, if you turn the false negative level so it rarely stops *you* logging in correctly, it's not too difficult for an attacker to also log in, without taking too many goes.
Try pointing them at GetSafeOnline.org which is intended for a broader audience than security professionals. Failing that, once they get trashed, stick a Knoppix CD in the drive and boot off that for ever more.
So does the ruling mean that pop-up blockers and adblock are illegally violating US Copyright law by "irreparable injury to the creative artistic expression" in those web pages?
Becta are favourable to Open Source and open standards too. See their Technical Specifications document which, for example, requires text documents to be held as .txt, .rtf or .odt but NOT .doc.
See also Open Source Software in Schools: A case study report, Open Source Software in Schools: A study of the spectrum of use and related ICT infrastructure costs, Open Source Software in Schools: Information sheet.
There's a very simple way to get much better compression - simply store the SHA-256 hash of every file instead. My average file size is about 126 Kbyte, so that's a 4000:1 compression.
OK, OK, you still have to store a full version of each file (or a traditionally compressed version). So for a single PC it doesn't make sense. But for an enterprise there are thousands of copies of those Windows OS files, tens or hundreds of those Powerpoint presentations, scatter-gun emails, etc - so why not just store them just once, and replace with the SHA-256 hash for every other version?
But you do get Space Invaders in OO.o.
Check out the Firefox Petname extension for a solution. This lets you mark the sites you trust, then checks that their cert fingerprint hasn't changed. So it also traps MITM and DNS poisoning threats.
So rather than depend on an external service to black-list all fraudsters, and do it accurately and promptly, this lets you white-list the small number of sites that matter to you.
It took me even less to install Windows Server 2003 on a brand new HP/Compaq box. Then a lot longer trying to find the network device drivers that had not been automatically installed. Then burning a CD to hold the 35 MB (yes, really!) of the HP drivers - since I couldn't download without the network. I did consider rebooting into Knoppix (< 2 mins and it has the network drivers) but went the CD route as I knew I'd have to reinstall soon....
The Christian theologer Origen castrated himself and so became a eunuch.
And I'm sure Microsoft know the jokes comparing UNIX and enuchs.
We already have the whitelist technology. And have had it for years - the "x" execute permission bit in the file system.
Only one minor flaw, what happens to the revenue stream from perpetual updates?
"In the future"? You mean "in the past". The old disk drives used to have a hardware write-protect. Heck, even floppy disks still do.
The devices run Linux, not Microsoft Pocket PC. The BBC corrected the article very rapidly.
You need to W...A...I...T an awfully long time for the rest of the page to display.
Let the authentication fail and read the following:
IMPORTANT NOTICE:
Check out the Jericho Forum - a group of major companies who also recognise that the role of the network perimeter firewall is becoming less relevant and an obstacle to business demands:
The Jericho Forum is an international forum of IT customer and vendor organisations who recognize that over the next few years, as technology and business continue to align closer to an open, Internet-driven world, the current security mechanisms that protect business information will not match the increasing demands for protection of business transactions and data in the future. Existing perimeters are full of holes. The 'walls' are crumbling. Managing the problems using today's security solutions is increasingly expensive and time-consuming.
A new approach is needed, to move from the traditional network perimeter down to the individual networked servers and devices - and ultimately to the level of the data being sent over the networks. The Jericho Forum aims to drive and influence development of security solutions, based on open standards, that will meet future business needs for secure interoperation of information systems to support collaboration and commerce over open networks, within and between organisations, based on a security architecture and design approach which the Forum calls de-perimeterisation.
Next major meeting is in Sydney on September 8th - join in the debate!
See http://www.lulu.com/Lulu for an economical approach - you can choose to take royalties if you like.
Just 12 hours after I downloaded the RC version, out this comes! That's life.
Look into a typical mind.
Personally I find Firefox faster than IE on many pages, simply because it doesn't download the adverts blocked by Adblock.
The Vulnwatch alert shows how a Firewire port can directly access system memory, without needing a soldering iron or undoing the case.
See the story The Wall Around the World written in 1953 by Theodore R. Cogswell. And look out for the Dark Man!
(The Wall separated the technologists from the magicians.)
If your child wants to learn more about what computers can do (as programming isn't for everyone), partition the disk and get them to install Linux - I'll be getting my son to do this with Ubuntu and Agnula soon. Then get them to reinstall the other partition with Windows XP. They'll learn a lot.
These also support RDP and VNC protocols by converting to the compressed X protocol, which also gives bandwidth gains over the raw RDP/VNC. Check out this description of the technology.
Recent versions of Knoppix live-CD include the NoMachine client and FreeNX server, making it easy to test it out.
As well as being able to boot into Ubuntu linux desktop, the Ubuntu linux live CD also includes Windows versions of OpenOffice.org, Firefox, Thunderbird, Abiword, Gimp, PDFCreator and Audacity. These use the installer from The OpenCD.
Bill Gates certainly does:
"Although about 3 million computers get sold every year in China, but people don't pay for the software," he said. "Someday they will, though. As long as they are going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade."