Mathematically, a passphrase using four random dictionary words totalling 44 characters would be unbreakable through the heat death of the universe. On the other hand, a string of 10 random ASCII characters would take about... 6 hours to break on a Pentium 90?
You see those "games" that leave you with "your dragon ninja name" or other such bullshit, after first collecting the first three digits of your ATM PIN then the name of your first pet then the last digit of your PIN? That's what I'm talking about.
The number of people that scam catches and they don't even realise it, makes me weep.
someone please mod #51803685 up, he makes a good point. Although, in this country when a doctor walks from a hospital he doesn't get to take his patients with him, those who are left get to take up the slack. That will soon no longer be the case as the NHS is sold piecemeal to the private sector.
they are probably glad I haven't because I would be the bitch sysadmin from Hell. When it comes to information security I. Do. Not. Compromise. Period. The High Court in London learned that the hard way when some dink of a paper pusher demanded my client file and I told her to get fucked.
...except in the case of IT infrastructure, where a broken PC keeps a sysadmin in work.
I disagree with this, however.
Systems made essential by feature-request-creep from the hospital administrators should have ZERO downtime. Or close as dammit. Preventative measures are therefore essential. Strict user policy, coupled with strict sanction and for fuck's sake, live failback to paper and pencil! Yes, I've been in situations where failure is NOT an option. Measures should be enforced to PREVENT failures whether internal or externalised. So, here it is:
Hospital data network should have per-user access policy on the internal network only. Otherwise it should be airgapped. NO external access should be possible. If that means ensuring that not a single wireless connection exists on the network, then so be it. I have seen one such example where this policy isn't followed to this day and I've told them again and again that their network is vulnerable: Nottingham City NHS Trust has OPEN Wi-Fi through their aministration network! Find the right network share and you have access to the ENTIRE NHS database.
OK. Mobile version is here (and I apologise in advance for the sound quality, you probably need some noise-cancelling headphones to hear it properly), I'll get the SD (which has better sound quality) up on a torrent because I don't have the space on my GDrive for a 14GB upload.
2013: lost a case against Rackspace involving 28 separate claims 2009: the $388m jury verdict against Microsoft is overturned, settled out of court in 2013
If the Microsoft verdict had stood, then we'd have seen the end of subsidised OEM installations and computers would still cost three thousand Dollars.
I've never come across a lawyer with specific learning disabilities. The nature of the work actually precludes the possibility of such a person even getting a toe in the door.
it depends on how you use them. Used once then discarded, a burn phone is practically anonymous. Use it for a month? It ain't a burner phone. It's a fucking ankle tag.
I pay cash at the local PayPoint, receive a slip of paper with a 16-digit code on it, type that into the phone, and I have minutes.
My SIM is unregistered (had it nine years now). I've never registered a handset. The only reason to give over your name and address (not needing ID) is for the extended warranty on the handset at time of purchase. Statutory protections on hardware like cellphones in the UK is twelve months. All you need is the receipt.
Slashdot Mirror
Mathematically, a passphrase using four random dictionary words totalling 44 characters would be unbreakable through the heat death of the universe. On the other hand, a string of 10 random ASCII characters would take about... 6 hours to break on a Pentium 90?
Password policies have been doing it WRONG.
You see those "games" that leave you with "your dragon ninja name" or other such bullshit, after first collecting the first three digits of your ATM PIN then the name of your first pet then the last digit of your PIN? That's what I'm talking about.
The number of people that scam catches and they don't even realise it, makes me weep.
someone please mod #51803685 up, he makes a good point. Although, in this country when a doctor walks from a hospital he doesn't get to take his patients with him, those who are left get to take up the slack. That will soon no longer be the case as the NHS is sold piecemeal to the private sector.
they are probably glad I haven't because I would be the bitch sysadmin from Hell. When it comes to information security I. Do. Not. Compromise. Period. The High Court in London learned that the hard way when some dink of a paper pusher demanded my client file and I told her to get fucked.
...except in the case of IT infrastructure, where a broken PC keeps a sysadmin in work.
I disagree with this, however.
Systems made essential by feature-request-creep from the hospital administrators should have ZERO downtime. Or close as dammit. Preventative measures are therefore essential. Strict user policy, coupled with strict sanction and for fuck's sake, live failback to paper and pencil! Yes, I've been in situations where failure is NOT an option. Measures should be enforced to PREVENT failures whether internal or externalised. So, here it is:
Hospital data network should have per-user access policy on the internal network only. Otherwise it should be airgapped. NO external access should be possible. If that means ensuring that not a single wireless connection exists on the network, then so be it. I have seen one such example where this policy isn't followed to this day and I've told them again and again that their network is vulnerable: Nottingham City NHS Trust has OPEN Wi-Fi through their aministration network! Find the right network share and you have access to the ENTIRE NHS database.
some handsets (like the ZTE F930) don't even need a SIM for Bluetooth to work.
of course, we all know how secure Bluetooth is...
addendum: soon's the torrent's done I'll drop it into the SD folder on the previous link.
(and my wife says netbooks with flat batteries are useless... they're great for chucking up torrent boxes)
OK. Mobile version is here (and I apologise in advance for the sound quality, you probably need some noise-cancelling headphones to hear it properly), I'll get the SD (which has better sound quality) up on a torrent because I don't have the space on my GDrive for a 14GB upload.
I thought they still measured processing time in P90-hours?
that's the combination to my luggage! How did they know??
Death by impact of three pounds of mylar?
Never saw that one coming.
yeah, I kinda noticed that too.
Oh, found the archived videos, they're on a stack in a server I'm actually rebuilding. Should be up again in the next week.
Criminals take idiots for what they can get.
2013: lost a case against Rackspace involving 28 separate claims
2009: the $388m jury verdict against Microsoft is overturned, settled out of court in 2013
If the Microsoft verdict had stood, then we'd have seen the end of subsidised OEM installations and computers would still cost three thousand Dollars.
I've never come across a lawyer with specific learning disabilities. The nature of the work actually precludes the possibility of such a person even getting a toe in the door.
oh, and: William Palmer. Poisoned no less than 3 adults and 4 infants during the mid-1800s. Strychnine all.
I have the freedom to own an anonymous phone. YOU tell ME why that freedom should be taken away.
that would be (G)ungan.
it depends on how you use them. Used once then discarded, a burn phone is practically anonymous. Use it for a month? It ain't a burner phone. It's a fucking ankle tag.
I can walk into Carphone Warehouse, 3 Store, or EE and buy a prepaid phone with preactivated SIM for next to nothing and NOT GET ASKED FOR ID.
there is one at the end of my road. Less than 100 yards away.
I pay cash at the local PayPoint, receive a slip of paper with a 16-digit code on it, type that into the phone, and I have minutes.
My SIM is unregistered (had it nine years now).
I've never registered a handset.
The only reason to give over your name and address (not needing ID) is for the extended warranty on the handset at time of purchase. Statutory protections on hardware like cellphones in the UK is twelve months. All you need is the receipt.
There is over two hundred years of proof that strychnine is used in homicide. I've never had to show ID to buy rat poison.
Let's go there.
because some of us still value our privacy.