I'm curious if booting from BIOS/MBR would do the trick. Higher end BIOSes still have the ability to not use UEFI and just do things the old fashioned way. IIRC, this doesn't expose the UEFI variables at all, providing some brick-resistance. Of course, you lose Secure UEFI functionality, making MBR attacks possible, but it is taking the lesser evil.
Sadly, with LSOs, various browser fingerprinting mechanisms, and many other items, the only thing that might might equate to a "private mode" would be to turn on automatic rolling back of a VM when it shuts down, or perhaps having a VM which uses a provisioning script to auto-install the browser and generate a new machine ID every so often, fetching and reloading one's bookmarks and other essential add-ons from a provisioning server. At least with Vagrant, cracking off a new VM configured how you like it for browsing isn't too bad.
My worry is that they are tossing the baby out with the bathwater. From today's news, the entire VMWare Workstation and VMWare Fusion teams were axed. As someone who uses VMWare on a daily basis... and pays for the upgrades every year, this is very concerning, because VMWare is often the difference between dropping back to an AutoProtect snapshot if a web browsing VM gets infected versus a lot more time spent rebuilding actual hardware.
Yes, there are other solutions out there... but the real world pretty much runs on vSphere, ESXi, and that stack, so having the ability to make VMs that can easily be moved from a local desktop to clusters is a very important feature. Plus, VMWare Workstation is excellent at using memory tricks to shoehorn a number of VMs into a test workstation.
Hopefully VMWare as a tier 2 hypervisor product won't go away. It is a very useful tool, although for most purposes, free tools like VirtualBox are almost as good.
There might be a market for a one ton truck that is all electric, even with limited range. Just because the truck can have a built in heavy inverter put in, so a farm/work crew can go out and do some welding, pull out some sawhorses and cut some planks down to repair a fence, run an air compressor that isn't PTO based, or many other activities.
AFP isn't so bad. For a small setup (Synology NAS), it works well enough.
However, that is one thing I can agree on. HFS+ just needs to go. Apple has enough cash to pay Oracle for a clean license for ZFS, Microsoft for Storage Spaces + ReFS, or IBM for AIX's JFS2. The ideal would be ZFS just because it is so resilient... and Apple has dabbled in that arena before with various OS X seeds. Plus, it would solve the RAID issue without additional moving parts needed.
OS X is still gaining marketshare, but it would be nice if Apple could add some more enterprise-friendly features, just so that it is an acceptable alternative to Windows.
As for enterprise hardware, this wouldn't have to be Apple. They could spin off an enterprise company that licenses Apple IP, so Apple itself would not lose focus. Then make more enterprise-friendly desktops that have the option to be sans cameras or microphones.
Devil's advocate: What's wrong with playing by the rules?
Radio bandwidth isn't unlimited, and it doesn't take much for one person to make entire frequencies unusable for everyone else in a large area. The government, in this case, keeps the tragedy of the commons from happening, because without regulation, some company, somewhere, will take a band just so their devices would work, and ensure nobody else's would.
Wonder how they can send me this info. On my Web browser, I use the usual adblocking tools due to security (malvertising is a primary infection vector.) E-mail tends to be routed via rules in Thunderbird to an internal IMAP server [1] My cell phone number will drop the robocallers (thanks to Mr. Number.) Physical junk mail winds up being shredded, mixed with water, pressed with a custom made press into logs, and left to dry for a while (months) so I have high-BTU "firewood".
The only real access is via my iOS devices where I see the AdChoices banner quite often, and there is no real blocking there barring a jailbreak.
[1]: I took recommendations from here, bought a Synology NAS that had RAID, installed the mail packages (basically dovecot and roundcube), and have Thunderbird toss all non-critical mail and all archived mail to that device.
Chip and PIN isn't perfect... but nothing is. It is better than what we have now (i.e. nothing, or chip and signature.) It does a great job at protecting against someone scanning a photo of my card and doing a CNP transaction. Even if other people saw my PIN entered, and know my CC#... big whoop. Without the chip being used, they can't do a charge transaction, which is another nice thing.
Now, if CNP transactions can be addressed it would plug that hole. Visa has a protection module, but from what I've seen, only Daybreak/SOE actually uses it.
It is a tough decision. On one hand, too loose, and you get the issue with TFA. Too tight, and you will get people locked out, and walking off to other sources because they can't log in.
Some sites think they are smart, and use some oddball info from Lexis-Nexus where they give you vague multiple choice questions with "none of the above". Miss one, you get royally locked out.
My personal take is that I like how Network Solutions did things. They asked for a fax or photo of one's license to verify an account if all else fails, which allowed recovery fairly reliabily, as they could cross-check the license with other info.
Long term, what I would love to have (and yes, I'm mentioning IoT here... so please put down the torches and pitchforks for a brief moment...) would be a ZTIC-like device that worked over 3G, used a USB port just for power, and whose sole job would be to recover accounts.
The user would pull out the device, go to the website that they are locked out of, plug the device into a USB port, receive a confirmation on the device's e-Ink [1] screen, hit "yes", and they would get a recovery passcode. The device is made to be brain-dead simple. No battery, just plug in to any USB port, confirm on the device that the user of the device wants to have a recovery made, then the device shows a recovery code. Since the communication is via 3G and various security stacks, it is as secure as any other way, and someone making bogus recovery requests can't go far because the user has to interact with the device before a password is generated for recovery.
Of course, if the device is lost, that is an issue... but there are always means to get a new device. Perhaps as mentioned above, fax/E-mail a copy of a license to get another device, and have it properly coded as a recovery tool.
This isn't a perfect scheme, but it would save a lot of hassle, and the end user just has to ensure that ZTIC-like device is stashed somewhere securely.
You nailed it on the head. Even if the US decides to bother with and go back to the Gilded Age, it takes a lot of troops, training, housing to keep all the "enforcers" happy and usable. Plus, as history has been made aware, a hostile power occupying a city gets hit hard by attrition, which means more money for troops to replace them. Maintaining a standing army against a hostile populace is expensive, even if the troops can be obtained from overseas. Even mercs, if they find that they are not being paid handsomely for a gig, will go elsewhere for greener pastures.
A guaranteed income is -far- cheaper, all things considered, especially these days, where foreign aid can come in to any revolutionary group at any time. Plus, it addresses a major threat, and allows the government to focus on other things.
Bingo. Something as common as a water pump or an air filter can have thousands of different styles for all the makes/models out there. It would be nice to have some standards, even if it just one model of car. The closest to this is probably a Jeep, here in the US.
It would be interesting to have one standards-compliant model. It may not look as good as the others or have the latest bells/whistles... but like a LTS release of software, it will still be kicking 10-20 years from now.
Universities used to be useful, and the knowledge handed over was more than just was needed to be OK in one field. For example, people scoffed at Latin as "pointless"... but it has been useful as a gateway to basic French, Spanish, and other languages. Similar with chemistry and math for someone going into languages.
However, over the years, passing on an education has mutated into jumping through hoops for a piece of paper... and then the price of admission to jump through the hoops goes up on an insane basis.
Degrees also have changed value over time. In the 1970s/1980s, it was very common to have a major, wind up in a job that had nothing related to said major. After 2000, one had to have a major in the same field as they worked in to be considered for a job. Post-2008, college is there as a filter (some companies won't let people advance unless they have a degree), but oftentimes, it is more important to wave stuff like a MCSE, CCIE, RHCE, or a CISSP in front of a recruiter's nose, as well as showing what one did with the latest trendy program or language (like recruiters asking for seven years of Apple Swift2). So, even with a degree, it is no guarentee of a job.
The only real exception to this is what I have seen mentioned here on Slashdot. Supposedly when people talk about degrees, the adage is always bandied around, "there is no such thing as an unemployed lawyer". Are J. D.s (+ passing the bar) actually up to the hype, guaranteeing a meal ticket from when it is granted until retirement?
With all the uncertainty with the economy, I wonder what it will be like after the next crunch. In years past, one could go back for a M. S., or a Ph. D., and come out ahead in the job market. However, I see a lot of people with even postdocs fighting for the same jobs as the people who don't even have anything but a high school diploma (if that.)
I would think they would be more worried about Kessler Syndrome than global warming. The more stuff in space, the greater a chance some of it will smack other stuff, causing pieces to fly off and smack other stuff... rendering entire orbits unusable for centuries.
The problem is that the companies that drop the ball when it comes to devices and security have no incentive to change their ways. Even if their device pops up a terminal server prompt and allows any intruder full access, would there be consequences. Even if there were, the EULA effectively shields the company from harm, no matter how catastrophic the damage is.
It won't be the IoT vendors who will be troubling themselves about security. It either has to be their customers who vote with their wallets, or the government... The ideal would be an organization like UL, but instead of testing to see if a product is safe to plug in a wall socket, checks basic security attributes via white-box and black-box testing. For example, on an Internet facing pipe, there needs to be a very good design reason for just a password to allow authentication, as opposed to IP restrictions, OTP mechanisms, or other 2FA restrictions.
Maybe one of the rules should be least privilege. Why should a device have an always-on 3G connection, when instead, it could use a hardened hub and communicate with it via Bluetooth? Maybe IoT devices should be on their own subnet, with a hardened hub acting as a gateway/firewall, and no direct Internet connection possible.
Basic security 101, but seems forgotten. Until security (not security theater) is as part of the design as the form and advertising, I'm steering well clear. With some things, they are truly "done", and anything added is just stuff that is irrelevant or gimmicky.
Sounds like how Mercedes Sprinters are "made" in the US to get around the "chicken tax". The vans are built in Germany, mirrors are taken off, shipped to the US, "assembled" by the mirrors tacked on again, and voila! Made in the USA.
I wouldn't be surprised to see this not get fixed on most Android devices. I'd say, other than Nexus devices, the best way to ensure one gets patches is to move to CyanogenMod.
It isn't just a password on a Post-It note. It could be anything in the picture. Reflections come to mind, showing what is behind the camera. Or, more esoteric things like the placement of air ducts. Even the type of lock on the door can give the enemy some actionable intel.
A good example of this was a company I interviewed at, which is no longer in business. The interviewer repeatedly bragged how they were "one hundred percent secure" with their electronic, biometric locks. Well, the doors were using a very inexpensive key (non-Smartkey Kwikset)... not even a BEST brand lock, BEST locks are the standard for businesses because of their removable cores, dual shear lines, and 6-7 pins, all which make them surprisingly pick resistant. I mentioned that the average bumping tool could have the lock open in seconds, and even with security running to the offices, an intruder could have a good amount of time in their facility, then exit out the emergency door (the data center had a door exiting to the outside) and be off in no time flat.
One can say this is security through obscurity... but it is just prudent to have as few details as possible in a sensitive environment.
At the absolute minimum, make the password the serial number. For example, one embedded device I used had its default PW exactly this. Or, like HP devices with the iLO password on a pull-out card, have the password on that. This way, one would need physical access to the server to glean the password.
Of course, the ideal would be an e-Ink display on the front of a device that has the password on it (either displayed, or displayable with a button push). When the device is hard reset and reloaded, said password gets erased and re-generated. This way, the default password is always available, but there is no way, barring an OS level hack or physical access, for a remote intruder to guess that item.
There are ways to have quality journalism... but it starts with having people that are trusted to actually do fair and accurate reporting as opposed to the usual stuff we encounter.
This isn't going to be solved by a business. Want good news, we will have to move to a decentralized structure, similar to PGP's reputation, and in some ways, similar to Slashdot's moderation system.
First, articles would be signed by their maker. This can be a nym or real name, poster's choice. Second, there would be people who sign that the person's content is up to par, and this would be a positive or negative value, rating the person (not the article.) Third, someone reading it can place their trust in the second set of parties. As said in a previous Slashdot posting, the trust level would be a floating point value from 0 to 1, where 0 means the trust is ignored, a 1 means it is heeded.
This way, anyone can post, but in general, it would allow people to have a set of trusted article reviewers, and filter out the signal from the noise fairly easily. Since there is no single point of failure, it would be resistant from various attack methods.
As for a method of moving articles, why not just go back to a NNTP-like protocol, store, forward, and expire when disk space allocated hits a high water mark. Any modifications to the articles posted would be immediately detected by a broken signature. For signatures and reputation, OpenPGP packets can easily handle this.
tl;dr, decentralize things, have multiple parties vet news article writers in a secure fashion.
There are other ways to do things as well. What ever happened to having two computers, one on each network, and them connected via a serial cable with one of the wires snipped (Rx or Tx depending on point of view), so the receiving computer can only pull data from the serial device, stuff it in a log? This is a basic data diode, but I trust two 486 machines doing this far more than I trust some high-zoot vendor's offering, although EAL7+ is a pretty tough rating to get.
Say one needs to log data and export it to people outside a site. Assuming the data isn't of that much volume, a humble serial or parallel connection can work. If the data is more than that, then (although it isn't anywhere near as secure), two boxes sharing a clustered volume via FC and zoned together. This way, data can move out when needed, but one can't island hop to the inner network.
Of course, this isn't 100% secure, as Stuxnet showed us this... but it reduces the problem to "just" physical access control, and physical access control is quite a well-solved problem.
That seems to be BTC's biggest weakness. Want to make sure you are not going to be a victim of double-spending? The entire BTC blockchain must be downloaded, and as of earlier this month, that is 40.8 gigs. Taking shortcuts here, or trusting a third party to just vet a subset, might just cause another Mt. Gox.
Even if it is an older one (assuming it isn't ATA-2/EIDE), a SSD will help, if only for the fact that multiple processes won't be having to wait for the drive head array.
IMHO, I really don't want to tie everything to my real name and such on FB. I have used burner phones for Craigslist, and have been glad I did so when a would-be buyer demanded he pay in gift cards for an old generator I was selling, wouldn't meet me at a "safe deal zone" that a local PD set up, then became extremely threatening when I told him that I wouldn't sell to him unless he paid in cash.
Facebook thrives by destroying anonymity. They want to mine everything someone does, anywhere, anytime, tie it to the person (if they have an account or no), and sell that info off in a nice package to any comer who has the cash to pay for it. Their whole business is -your- business.
Then, there is authentication. I'll keep my phone number, because if I lose my phone, I can use SMS messages to get into my Gmail,.mac, and other accounts. SMS is common ground, and works regardless of what phone is holding the SIM card to my number. What would replace it? I don't trust Facebook as an authentication mechanism, as they have not been vetted by any independent lab for security (although FB hasn't had any serious breaches.)
FB can wind up abandoned as quickly as it gained steam. We saw that with Geocities, Hotmail, and MySpace. I can trust AT&T to be around a long time. A dot.com that, just like the many others that live from the ad revenue bubble, I wouldn't want to place my bets on. Even one as well-heeled as FB.
Slashdot Mirror
I'm curious if booting from BIOS/MBR would do the trick. Higher end BIOSes still have the ability to not use UEFI and just do things the old fashioned way. IIRC, this doesn't expose the UEFI variables at all, providing some brick-resistance. Of course, you lose Secure UEFI functionality, making MBR attacks possible, but it is taking the lesser evil.
Sadly, with LSOs, various browser fingerprinting mechanisms, and many other items, the only thing that might might equate to a "private mode" would be to turn on automatic rolling back of a VM when it shuts down, or perhaps having a VM which uses a provisioning script to auto-install the browser and generate a new machine ID every so often, fetching and reloading one's bookmarks and other essential add-ons from a provisioning server. At least with Vagrant, cracking off a new VM configured how you like it for browsing isn't too bad.
My worry is that they are tossing the baby out with the bathwater. From today's news, the entire VMWare Workstation and VMWare Fusion teams were axed. As someone who uses VMWare on a daily basis... and pays for the upgrades every year, this is very concerning, because VMWare is often the difference between dropping back to an AutoProtect snapshot if a web browsing VM gets infected versus a lot more time spent rebuilding actual hardware.
Yes, there are other solutions out there... but the real world pretty much runs on vSphere, ESXi, and that stack, so having the ability to make VMs that can easily be moved from a local desktop to clusters is a very important feature. Plus, VMWare Workstation is excellent at using memory tricks to shoehorn a number of VMs into a test workstation.
Hopefully VMWare as a tier 2 hypervisor product won't go away. It is a very useful tool, although for most purposes, free tools like VirtualBox are almost as good.
There might be a market for a one ton truck that is all electric, even with limited range. Just because the truck can have a built in heavy inverter put in, so a farm/work crew can go out and do some welding, pull out some sawhorses and cut some planks down to repair a fence, run an air compressor that isn't PTO based, or many other activities.
AFP isn't so bad. For a small setup (Synology NAS), it works well enough.
However, that is one thing I can agree on. HFS+ just needs to go. Apple has enough cash to pay Oracle for a clean license for ZFS, Microsoft for Storage Spaces + ReFS, or IBM for AIX's JFS2. The ideal would be ZFS just because it is so resilient... and Apple has dabbled in that arena before with various OS X seeds. Plus, it would solve the RAID issue without additional moving parts needed.
OS X is still gaining marketshare, but it would be nice if Apple could add some more enterprise-friendly features, just so that it is an acceptable alternative to Windows.
As for enterprise hardware, this wouldn't have to be Apple. They could spin off an enterprise company that licenses Apple IP, so Apple itself would not lose focus. Then make more enterprise-friendly desktops that have the option to be sans cameras or microphones.
Devil's advocate: What's wrong with playing by the rules?
Radio bandwidth isn't unlimited, and it doesn't take much for one person to make entire frequencies unusable for everyone else in a large area. The government, in this case, keeps the tragedy of the commons from happening, because without regulation, some company, somewhere, will take a band just so their devices would work, and ensure nobody else's would.
Wonder how they can send me this info. On my Web browser, I use the usual adblocking tools due to security (malvertising is a primary infection vector.) E-mail tends to be routed via rules in Thunderbird to an internal IMAP server [1] My cell phone number will drop the robocallers (thanks to Mr. Number.) Physical junk mail winds up being shredded, mixed with water, pressed with a custom made press into logs, and left to dry for a while (months) so I have high-BTU "firewood".
The only real access is via my iOS devices where I see the AdChoices banner quite often, and there is no real blocking there barring a jailbreak.
[1]: I took recommendations from here, bought a Synology NAS that had RAID, installed the mail packages (basically dovecot and roundcube), and have Thunderbird toss all non-critical mail and all archived mail to that device.
Chip and PIN isn't perfect... but nothing is. It is better than what we have now (i.e. nothing, or chip and signature.) It does a great job at protecting against someone scanning a photo of my card and doing a CNP transaction. Even if other people saw my PIN entered, and know my CC#... big whoop. Without the chip being used, they can't do a charge transaction, which is another nice thing.
Now, if CNP transactions can be addressed it would plug that hole. Visa has a protection module, but from what I've seen, only Daybreak/SOE actually uses it.
It is a tough decision. On one hand, too loose, and you get the issue with TFA. Too tight, and you will get people locked out, and walking off to other sources because they can't log in.
Some sites think they are smart, and use some oddball info from Lexis-Nexus where they give you vague multiple choice questions with "none of the above". Miss one, you get royally locked out.
My personal take is that I like how Network Solutions did things. They asked for a fax or photo of one's license to verify an account if all else fails, which allowed recovery fairly reliabily, as they could cross-check the license with other info.
Long term, what I would love to have (and yes, I'm mentioning IoT here... so please put down the torches and pitchforks for a brief moment...) would be a ZTIC-like device that worked over 3G, used a USB port just for power, and whose sole job would be to recover accounts.
The user would pull out the device, go to the website that they are locked out of, plug the device into a USB port, receive a confirmation on the device's e-Ink [1] screen, hit "yes", and they would get a recovery passcode. The device is made to be brain-dead simple. No battery, just plug in to any USB port, confirm on the device that the user of the device wants to have a recovery made, then the device shows a recovery code. Since the communication is via 3G and various security stacks, it is as secure as any other way, and someone making bogus recovery requests can't go far because the user has to interact with the device before a password is generated for recovery.
Of course, if the device is lost, that is an issue... but there are always means to get a new device. Perhaps as mentioned above, fax/E-mail a copy of a license to get another device, and have it properly coded as a recovery tool.
This isn't a perfect scheme, but it would save a lot of hassle, and the end user just has to ensure that ZTIC-like device is stashed somewhere securely.
[1]: To save power, e-Ink is the best thing here.
You nailed it on the head. Even if the US decides to bother with and go back to the Gilded Age, it takes a lot of troops, training, housing to keep all the "enforcers" happy and usable. Plus, as history has been made aware, a hostile power occupying a city gets hit hard by attrition, which means more money for troops to replace them. Maintaining a standing army against a hostile populace is expensive, even if the troops can be obtained from overseas. Even mercs, if they find that they are not being paid handsomely for a gig, will go elsewhere for greener pastures.
A guaranteed income is -far- cheaper, all things considered, especially these days, where foreign aid can come in to any revolutionary group at any time. Plus, it addresses a major threat, and allows the government to focus on other things.
Bingo. Something as common as a water pump or an air filter can have thousands of different styles for all the makes/models out there. It would be nice to have some standards, even if it just one model of car. The closest to this is probably a Jeep, here in the US.
It would be interesting to have one standards-compliant model. It may not look as good as the others or have the latest bells/whistles... but like a LTS release of software, it will still be kicking 10-20 years from now.
Universities used to be useful, and the knowledge handed over was more than just was needed to be OK in one field. For example, people scoffed at Latin as "pointless"... but it has been useful as a gateway to basic French, Spanish, and other languages. Similar with chemistry and math for someone going into languages.
However, over the years, passing on an education has mutated into jumping through hoops for a piece of paper... and then the price of admission to jump through the hoops goes up on an insane basis.
Degrees also have changed value over time. In the 1970s/1980s, it was very common to have a major, wind up in a job that had nothing related to said major. After 2000, one had to have a major in the same field as they worked in to be considered for a job. Post-2008, college is there as a filter (some companies won't let people advance unless they have a degree), but oftentimes, it is more important to wave stuff like a MCSE, CCIE, RHCE, or a CISSP in front of a recruiter's nose, as well as showing what one did with the latest trendy program or language (like recruiters asking for seven years of Apple Swift2). So, even with a degree, it is no guarentee of a job.
The only real exception to this is what I have seen mentioned here on Slashdot. Supposedly when people talk about degrees, the adage is always bandied around, "there is no such thing as an unemployed lawyer". Are J. D.s (+ passing the bar) actually up to the hype, guaranteeing a meal ticket from when it is granted until retirement?
With all the uncertainty with the economy, I wonder what it will be like after the next crunch. In years past, one could go back for a M. S., or a Ph. D., and come out ahead in the job market. However, I see a lot of people with even postdocs fighting for the same jobs as the people who don't even have anything but a high school diploma (if that.)
I would think they would be more worried about Kessler Syndrome than global warming. The more stuff in space, the greater a chance some of it will smack other stuff, causing pieces to fly off and smack other stuff... rendering entire orbits unusable for centuries.
The problem is that the companies that drop the ball when it comes to devices and security have no incentive to change their ways. Even if their device pops up a terminal server prompt and allows any intruder full access, would there be consequences. Even if there were, the EULA effectively shields the company from harm, no matter how catastrophic the damage is.
It won't be the IoT vendors who will be troubling themselves about security. It either has to be their customers who vote with their wallets, or the government... The ideal would be an organization like UL, but instead of testing to see if a product is safe to plug in a wall socket, checks basic security attributes via white-box and black-box testing. For example, on an Internet facing pipe, there needs to be a very good design reason for just a password to allow authentication, as opposed to IP restrictions, OTP mechanisms, or other 2FA restrictions.
Maybe one of the rules should be least privilege. Why should a device have an always-on 3G connection, when instead, it could use a hardened hub and communicate with it via Bluetooth? Maybe IoT devices should be on their own subnet, with a hardened hub acting as a gateway/firewall, and no direct Internet connection possible.
Basic security 101, but seems forgotten. Until security (not security theater) is as part of the design as the form and advertising, I'm steering well clear. With some things, they are truly "done", and anything added is just stuff that is irrelevant or gimmicky.
Sounds like how Mercedes Sprinters are "made" in the US to get around the "chicken tax". The vans are built in Germany, mirrors are taken off, shipped to the US, "assembled" by the mirrors tacked on again, and voila! Made in the USA.
I wouldn't be surprised to see this not get fixed on most Android devices. I'd say, other than Nexus devices, the best way to ensure one gets patches is to move to CyanogenMod.
One of the biggest things, is ensuring the data isn't swapped to disk in an unencrypted format.
It isn't just a password on a Post-It note. It could be anything in the picture. Reflections come to mind, showing what is behind the camera. Or, more esoteric things like the placement of air ducts. Even the type of lock on the door can give the enemy some actionable intel.
A good example of this was a company I interviewed at, which is no longer in business. The interviewer repeatedly bragged how they were "one hundred percent secure" with their electronic, biometric locks. Well, the doors were using a very inexpensive key (non-Smartkey Kwikset)... not even a BEST brand lock, BEST locks are the standard for businesses because of their removable cores, dual shear lines, and 6-7 pins, all which make them surprisingly pick resistant. I mentioned that the average bumping tool could have the lock open in seconds, and even with security running to the offices, an intruder could have a good amount of time in their facility, then exit out the emergency door (the data center had a door exiting to the outside) and be off in no time flat.
One can say this is security through obscurity... but it is just prudent to have as few details as possible in a sensitive environment.
At the absolute minimum, make the password the serial number. For example, one embedded device I used had its default PW exactly this. Or, like HP devices with the iLO password on a pull-out card, have the password on that. This way, one would need physical access to the server to glean the password.
Of course, the ideal would be an e-Ink display on the front of a device that has the password on it (either displayed, or displayable with a button push). When the device is hard reset and reloaded, said password gets erased and re-generated. This way, the default password is always available, but there is no way, barring an OS level hack or physical access, for a remote intruder to guess that item.
There are ways to have quality journalism... but it starts with having people that are trusted to actually do fair and accurate reporting as opposed to the usual stuff we encounter.
This isn't going to be solved by a business. Want good news, we will have to move to a decentralized structure, similar to PGP's reputation, and in some ways, similar to Slashdot's moderation system.
First, articles would be signed by their maker. This can be a nym or real name, poster's choice.
Second, there would be people who sign that the person's content is up to par, and this would be a positive or negative value, rating the person (not the article.)
Third, someone reading it can place their trust in the second set of parties. As said in a previous Slashdot posting, the trust level would be a floating point value from 0 to 1, where 0 means the trust is ignored, a 1 means it is heeded.
This way, anyone can post, but in general, it would allow people to have a set of trusted article reviewers, and filter out the signal from the noise fairly easily. Since there is no single point of failure, it would be resistant from various attack methods.
As for a method of moving articles, why not just go back to a NNTP-like protocol, store, forward, and expire when disk space allocated hits a high water mark. Any modifications to the articles posted would be immediately detected by a broken signature. For signatures and reputation, OpenPGP packets can easily handle this.
tl;dr, decentralize things, have multiple parties vet news article writers in a secure fashion.
There are other ways to do things as well. What ever happened to having two computers, one on each network, and them connected via a serial cable with one of the wires snipped (Rx or Tx depending on point of view), so the receiving computer can only pull data from the serial device, stuff it in a log? This is a basic data diode, but I trust two 486 machines doing this far more than I trust some high-zoot vendor's offering, although EAL7+ is a pretty tough rating to get.
Say one needs to log data and export it to people outside a site. Assuming the data isn't of that much volume, a humble serial or parallel connection can work. If the data is more than that, then (although it isn't anywhere near as secure), two boxes sharing a clustered volume via FC and zoned together. This way, data can move out when needed, but one can't island hop to the inner network.
Of course, this isn't 100% secure, as Stuxnet showed us this... but it reduces the problem to "just" physical access control, and physical access control is quite a well-solved problem.
That seems to be BTC's biggest weakness. Want to make sure you are not going to be a victim of double-spending? The entire BTC blockchain must be downloaded, and as of earlier this month, that is 40.8 gigs. Taking shortcuts here, or trusting a third party to just vet a subset, might just cause another Mt. Gox.
My HP-48SX with the function card still works. Plays Minesweeper now as well as it did back in 1991.
Even if it is an older one (assuming it isn't ATA-2/EIDE), a SSD will help, if only for the fact that multiple processes won't be having to wait for the drive head array.
IMHO, I really don't want to tie everything to my real name and such on FB. I have used burner phones for Craigslist, and have been glad I did so when a would-be buyer demanded he pay in gift cards for an old generator I was selling, wouldn't meet me at a "safe deal zone" that a local PD set up, then became extremely threatening when I told him that I wouldn't sell to him unless he paid in cash.
Facebook thrives by destroying anonymity. They want to mine everything someone does, anywhere, anytime, tie it to the person (if they have an account or no), and sell that info off in a nice package to any comer who has the cash to pay for it. Their whole business is -your- business.
Then, there is authentication. I'll keep my phone number, because if I lose my phone, I can use SMS messages to get into my Gmail, .mac, and other accounts. SMS is common ground, and works regardless of what phone is holding the SIM card to my number. What would replace it? I don't trust Facebook as an authentication mechanism, as they have not been vetted by any independent lab for security (although FB hasn't had any serious breaches.)
FB can wind up abandoned as quickly as it gained steam. We saw that with Geocities, Hotmail, and MySpace. I can trust AT&T to be around a long time. A dot.com that, just like the many others that live from the ad revenue bubble, I wouldn't want to place my bets on. Even one as well-heeled as FB.