Yes, I have this exact same problem. However, I do not keep other people's e-mail.
I have been able to track down the correct people to whom the e-mails belong. In two cases, the people are lawyers and the e-mails contained either personal or confidential information. Another case is a general contractor, and I've received quotes from subcontractors, blueprints and general correspondence. In one case it was a confirmation of tickets for a theme park. (I debated showing up as soon as the park opened and claiming the tickets, but ethics got the better of me.)
These people now reside in my address book. I forward the e-mail in question over to them, and CC a copy to the sender.
One guy kept signing up for things using MY e-mail address instead of his. (name@isp.com vs name@gmail.com) He finally got the hint when *I* got the login information for his match.com account. (Ethics was still distracted by the theme park tickets case and lost.) Considering he was a single lawyer in San Francisco, I think my updates indicating he was gay, submissive, into BDSM and wealthy might've paid off. He seems to be extra careful in which e-mail address he uses now.
Haliburton already started. Why do you think Mary Cheney dropped out of the Wyoming Senate race? She knows that by the time the elections happen there won't BE a Wyoming. Dick would rather blow it up that let it go Democrat!
Copying and providing proxy access are process controls. You discipline people for that.
You're demanding something perfect and rejecting anything that doesn't measure up. The real world doesn't work that way. Security layers are added depending on the specific needs for confidentiality, integrity and availability.
Something like the formula for Coke or the KFC Original Recipe get more protection than the cafeteria's lunch menu.
...because we're all system administrators of our own machines, when it comes down to brass tacks.
No, you're not. If you allow that it is Discretionary Access Control. There has to be a master policy that is enforced, limiting DAC to only where appropriate.
For example, if Alice allows access to Bob and Charlie, she should have the ability to restrict resharing. That is, unless Alice allows it, neither Bob nor Charlie could grant access to Dan. Therefore neither Bob nor Charlie is a true admin of their machine.
The Art of War (Sun Tzu) Brave New World (Aldous Huxley) The Demon-Haunted World: Science as a Candle in the Dark (Carl Sagan) Think and Grow Rich (Napoleon Hill)
The History of the Decline and Fall of the Roman Empire (Edward Gibbon) The Rise and Fall of the Third Reich (William Shirer)
Oh look, a tourist, an easy mark, and a rich one as well.
And a streamed video of the thief automatically uploaded and sent to the police with GPS coordinates. Add GPS monitoring and tracking to that app just for fun, and remote disable to make the resale value worthless.
The current prototypes are $1,500. They'll get cheaper and cheaper pretty quick. In a couple of years I can see these easily being $150.
I can also see them used in typical corporate settings. Having the power of Google search, plus access to all company data everywhere will be a "must have".
A 3D TV has pretty much one use. I can envision dozens of niche apps for Google Glass without even trying that could make real differences in some areas.
How about Glass for an auto mechanic. Look under the hood of a car and it overlays the wiring diagram, exhaust diagram, part you're looking at with price and local availability, etc. Switch layers on and off with a glance or voice command.
Add a bluetooth ODB2 synced to Glass and you can see real-time engine stats as you are working under the hood. No more having to have a stack of manuals or tweak something and look up at the portable computer to see what change it made. You see the changes as it happens.
Add auto recognition of the make and model, so you don't have to look up which manuals.
Ditto airplane mechanics.
I can also easily imagine augmented reality applications for surgeons, dentists, dermatologists and just about every category of health professional.
How about an app for foreign tourists. Auto translate whatever written material you look at. Read street signs, menus, directions, brochures, etc. Probably an audio version of that as well -- automatically translating what you hear. Maybe subtitles.
I assume an attacker with physical access to the drive thru a Live session or physical drive removal. I also keep drives encrypted to protect data at rest.
Multiple layers of security are a good thing.
My risk analysis is just that, *MY* risk analysis. I want the OPTION to not use system WLAN accounts and have to activate the wireless network after login.
One for 2.4 GHz b/g/n devices that can't really be upgraded. Older phones, Chromebooks, tablets and my bathroom scale.
The other is for 2.4 GHz/5 GHz 802.11ac devices that HAVE been upgraded and use the extra bandwidth, like for streaming HD video or transferring large files to a server.
On the supplying machine, you usually do not have a choice but allow access to the plain-text password, how else would it be supplied?
By an agent, like KNetworkManager, PGP-agent or GnuPG-agent.
Hence, while you can store it encrypted, that encryption must either be automatically reversible (making it pointless) or protected by an additional password the user enters each time (making the storing pointless).
No. An additional password isn't pointless. It is the purpose behind the operation of gpg-agent, KNetworkManager, Firefox's master password, LastPass and several other programs.
Otherwise they would have understood that Wi-Fi does not do a challenge response authentication with a shared secret, but a plain, one-way password submission. For these, the password does need to be available in plain or things cannot work.
To be pedantic, that is exactly how WPA2-Enterprise works. But almost no one uses that in a home network. You still shouldn't ignore it.
And the password does not need to be STORED in plaintext, which is the point. Like a PGP key, it exists unencrypted only in RAM and is encrypted when stored.
In KDE the Wallet acts as a central keyring for all your passwords. You only have to enter the password for the Wallet the first time something needs access and it'll handle it from there.
The first time a program tries to access the Wallet you'll get a "allow / disallow" prompt, but that is it.
If you're bitching about having to enter a password ONCE after logging in then you don't even belong in the discussion.
How can I store passphrases associated with encrypted wireless networks? The first time KNetworkManager is used, it will try to set up the KDE Wallet (encrypted password storage) to save wireless network passphrases and other passwords. If you choose not to use KWallet, KNetworkManager will store passwords in its configuration files, only readable by the logged in user.
Let us set the wayback machine to 1929. "Gentlemen do not read each others' mail." - Henry Stimson, U.S. Secretary of State.
Which brings us to another useful quote by George Santayana back in 1905 -- "Those who cannot remember the past, are condemned to repeat it."
The NSA needs to give up the concept of domestic, drag-net style data gathering. Pick a target, don't just gather everything and sift for potential targets.
They probably disable iptables because they don't use system-level firewalls on servers, regardless of the OS.
And they disable SELinux because they probably don't have anyone who understands how to use it, much less use it well. MAC is great for security, but requires a depth of knowledge of your systems that most places just don't have.
I've seen both actions at several government agencies for those exact reasons.
Slashdot doubles as a Turing Test for AI blog bots. Crowd reaction is used as a measure for passing. The problem is, what happens when most of the crowd at Slashdot is comprised of AI blog bots?
Yes, I do. I have two. I wiped off Chrome for Chrubuntu, but eventually put it back. Chrome is faster to boot, runs smoother and works better. Google did a lot to find tune it.
Slashdot Mirror
FFS, I've gotten old.
FTFY
Yes, I have this exact same problem. However, I do not keep other people's e-mail.
I have been able to track down the correct people to whom the e-mails belong. In two cases, the people are lawyers and the e-mails contained either personal or confidential information. Another case is a general contractor, and I've received quotes from subcontractors, blueprints and general correspondence. In one case it was a confirmation of tickets for a theme park. (I debated showing up as soon as the park opened and claiming the tickets, but ethics got the better of me.)
These people now reside in my address book. I forward the e-mail in question over to them, and CC a copy to the sender.
One guy kept signing up for things using MY e-mail address instead of his. (name@isp.com vs name@gmail.com) He finally got the hint when *I* got the login information for his match.com account. (Ethics was still distracted by the theme park tickets case and lost.) Considering he was a single lawyer in San Francisco, I think my updates indicating he was gay, submissive, into BDSM and wealthy might've paid off. He seems to be extra careful in which e-mail address he uses now.
Whereas the majority of other peoples' are between 5% and 50% ethanol.
-1, you forgot "Burma Shave!"
or were you going for haiku format? Too many syllables in that one for a haiku.
Haliburton already started. Why do you think Mary Cheney dropped out of the Wyoming Senate race? She knows that by the time the elections happen there won't BE a Wyoming. Dick would rather blow it up that let it go Democrat!
Copying and providing proxy access are process controls. You discipline people for that.
You're demanding something perfect and rejecting anything that doesn't measure up. The real world doesn't work that way. Security layers are added depending on the specific needs for confidentiality, integrity and availability.
Something like the formula for Coke or the KFC Original Recipe get more protection than the cafeteria's lunch menu.
SELinux (and SEAndroid)
...because we're all system administrators of our own machines, when it comes down to brass tacks.
No, you're not. If you allow that it is Discretionary Access Control. There has to be a master policy that is enforced, limiting DAC to only where appropriate.
For example, if Alice allows access to Bob and Charlie, she should have the ability to restrict resharing. That is, unless Alice allows it, neither Bob nor Charlie could grant access to Dan. Therefore neither Bob nor Charlie is a true admin of their machine.
The Art of War (Sun Tzu)
Brave New World (Aldous Huxley)
The Demon-Haunted World: Science as a Candle in the Dark (Carl Sagan)
Think and Grow Rich (Napoleon Hill)
The History of the Decline and Fall of the Roman Empire (Edward Gibbon)
The Rise and Fall of the Third Reich (William Shirer)
Thanks for giving me literally the best laugh I've had all year.
Considering it is January 1st, I'm not sure this has the impact you think it does.
Yes, thanks. I'm thinking future revision combined with something like this: http://www.healthcareglobal.com/healthcare_technology/new-device-makes-blood-tests-less-painful-and-traumatic
Oh look, a tourist, an easy mark, and a rich one as well.
And a streamed video of the thief automatically uploaded and sent to the police with GPS coordinates. Add GPS monitoring and tracking to that app just for fun, and remote disable to make the resale value worthless.
The current prototypes are $1,500. They'll get cheaper and cheaper pretty quick. In a couple of years I can see these easily being $150.
I can also see them used in typical corporate settings. Having the power of Google search, plus access to all company data everywhere will be a "must have".
You'll like this, then: http://www.youtube.com/watch?v=lK_cdkpazjI
It is called "Sight".
And you forgot "last medical checkup". :-)
I was thinking more of a coffee shop, train or anywhere else I use (lose) my laptop.
A 3D TV has pretty much one use. I can envision dozens of niche apps for Google Glass without even trying that could make real differences in some areas.
How about Glass for an auto mechanic. Look under the hood of a car and it overlays the wiring diagram, exhaust diagram, part you're looking at with price and local availability, etc. Switch layers on and off with a glance or voice command.
Add a bluetooth ODB2 synced to Glass and you can see real-time engine stats as you are working under the hood. No more having to have a stack of manuals or tweak something and look up at the portable computer to see what change it made. You see the changes as it happens.
Add auto recognition of the make and model, so you don't have to look up which manuals.
Ditto airplane mechanics.
I can also easily imagine augmented reality applications for surgeons, dentists, dermatologists and just about every category of health professional.
How about an app for foreign tourists. Auto translate whatever written material you look at. Read street signs, menus, directions, brochures, etc. Probably an audio version of that as well -- automatically translating what you hear. Maybe subtitles.
I assume an attacker with physical access to the drive thru a Live session or physical drive removal. I also keep drives encrypted to protect data at rest.
Multiple layers of security are a good thing.
My risk analysis is just that, *MY* risk analysis. I want the OPTION to not use system WLAN accounts and have to activate the wireless network after login.
Because of an 8-year ivory-tower esoteric debate on the subject.
https://bugs.kde.org/show_bug.cgi?id=92845
A possible fix, using PAM. Not sure how specific to OpenSUSE this is.
http://linux.eregion.de/2013/10/26/kwallet-single-sign-on-at-last/
NetworkManager was originally developed by Red Hat and now is hosted by the GNOME project.
I have two APs.
One for 2.4 GHz b/g/n devices that can't really be upgraded. Older phones, Chromebooks, tablets and my bathroom scale.
The other is for 2.4 GHz/5 GHz 802.11ac devices that HAVE been upgraded and use the extra bandwidth, like for streaming HD video or transferring large files to a server.
I keep them on separate channels.
On the supplying machine, you usually do not have a choice but allow access to the plain-text password, how else would it be supplied?
By an agent, like KNetworkManager, PGP-agent or GnuPG-agent.
Hence, while you can store it encrypted, that encryption must either be automatically reversible (making it pointless) or protected by an additional password the user enters each time (making the storing pointless).
No. An additional password isn't pointless. It is the purpose behind the operation of gpg-agent, KNetworkManager, Firefox's master password, LastPass and several other programs.
Otherwise they would have understood that Wi-Fi does not do a challenge response authentication with a shared secret, but a plain, one-way password submission. For these, the password does need to be available in plain or things cannot work.
To be pedantic, that is exactly how WPA2-Enterprise works. But almost no one uses that in a home network. You still shouldn't ignore it.
And the password does not need to be STORED in plaintext, which is the point. Like a PGP key, it exists unencrypted only in RAM and is encrypted when stored.
In KDE the Wallet acts as a central keyring for all your passwords. You only have to enter the password for the Wallet the first time something needs access and it'll handle it from there.
The first time a program tries to access the Wallet you'll get a "allow / disallow" prompt, but that is it.
If you're bitching about having to enter a password ONCE after logging in then you don't even belong in the discussion.
Simple. Stop using Gnome shit.
How can I store passphrases associated with encrypted wireless networks?
The first time KNetworkManager is used, it will try to set up the KDE Wallet (encrypted password storage) to save wireless network passphrases and other passwords. If you choose not to use KWallet, KNetworkManager will store passwords in its configuration files, only readable by the logged in user.
http://old-en.opensuse.org/Projects/KNetworkManager#Wireless_LAN
Let us set the wayback machine to 1929.
"Gentlemen do not read each others' mail." - Henry Stimson, U.S. Secretary of State.
Which brings us to another useful quote by George Santayana back in 1905 -- "Those who cannot remember the past, are condemned to repeat it."
The NSA needs to give up the concept of domestic, drag-net style data gathering. Pick a target, don't just gather everything and sift for potential targets.
They probably disable iptables because they don't use system-level firewalls on servers, regardless of the OS.
And they disable SELinux because they probably don't have anyone who understands how to use it, much less use it well. MAC is great for security, but requires a depth of knowledge of your systems that most places just don't have.
I've seen both actions at several government agencies for those exact reasons.
Slashdot doubles as a Turing Test for AI blog bots. Crowd reaction is used as a measure for passing. The problem is, what happens when most of the crowd at Slashdot is comprised of AI blog bots?
Yes, I do. I have two. I wiped off Chrome for Chrubuntu, but eventually put it back. Chrome is faster to boot, runs smoother and works better. Google did a lot to find tune it.
http://slashdot.org/journal/598315/six-months-with-a-chromebook