I think it's a bad idea to post vulnerable websites in an unofficial area. This gives the information to the wrong people, again. If there is a list, perhaps the webmaster of each domain can be contacted instead of allowing every script kiddie to have access.
Don't get your pantyhose in a bunch if people think that's a bad idea and that your idea that people will use that data only to avoid these websites is laughable.;-)
So, what happens if you want to use your fancy computer to model two universes?
Simple. Since we've got a computer capable of simulating the entire universe, we'll just use it to simulate a universe which contains a computer which is capable of simulating more than one universe.
Now if only my car radio could have a cool tivo-like feature. I've often been listening to something on NPR or whatever and found myself lost in a thought for am oment only to snap back to reality missing some detail... oh man-o-man. How cool would that be? Although, it would be weird driving and constantly 'boop'ing back to listen to things you missed and I imagine that would only add to the number of bad drivers... or maybe add it to the stearing wheel...
I have an MBA and it's *still* not easy to move into management. I am forever stuck in this dead-end programming job with the only future being me watching an Indian developer get my job.
This is a ludicrous assumption of an obvious ficticious and delusional event. There's *plenty* of unemployed tech folks that understand enough about web services to fix that specific issue that would be more than willing to replace you as sysadmin. or have I been trolled? =/
And H1-B visas are 6 years. So no, they haven't expired. They are still in effect. Sure is easy to make a strong argument when you can fabricate 'facts' in support.
H1B visa's expire in 3 years and can be renewed once. This allows for a *maximum* of 6 years, but not by default.
I personally don't agree with H1B's in this economy and I believe that renewals should be halted at this point.
I've just spent 3 weeks converting all my CD's to MP3. I know, ogg is better, but all of my audio gear can play MP3 -- car stereo, mp3 walkman, a sony mp3 radio my wife has, etc. Anyways, religious debate aside... This is a crappy solution to my needs and I'll never use it, simply because of the lossy quality of the music once I convert the WMA's to MP3. What a shame -- I was hopeful.
As stated in Paradigms Lost, modern science has come to use the media as a place to get their ideas heard and published instead of using the traditional review by peers approach. In other words, until this story is subjected to peer review and is something that peers in that field agree with, then I don't believe it's completely true. It may, however, have some truth in it, just not enough to make headlines.
Your MAC address is easily sniffed and spoofed, but it takes time and determination from the attacker and your NIC needs to be disconnected from the wifi in order for the attacker to gain entry via that MAC. If a neighbor has a completely unsecured open wifi (most likely) chances are very good that they will be targeted first. The attacker would have to *want* to hack your wifi and it takes about an hour or two (depending on your wifi traffic) to get a "weak IV" WEP key. If you're downloading stuff from the net, an attacker can use the packets to construct the WEP, but it does take time. Less traffic takes a lot longer. WEP-plus, however, takes a a prohibitively long time -- WEP-plus is the result of manufacturers removing the presence of "weak IVs" in their algorithms.
Here's a good article that describes how easily "weak IV" WEP can be cracked.
And, yes, the bottom line is, the wire is still a *lot* more secure than wifi. The most secure wifi can be cracked with enough time and the right tools/know-how. Knowing that means you have to decide if the convenience of wifi is worth the risk. I, personally, have nothing of any value on my LAN, so the risk is small.
Basically, make sure you keep backups of your most important files, and don't keep important data (bank accounts, etc) on your wifi accessible LAN and you should be Ok.
yes, I do... but I should have stated "rotating" WEP keys and SSIDs, rather than "changing". I have 4 keys that I rotate through and all 4 keys are in my client machine's profiles so I only need to change my AP, each WEP is associated with one SSID. Granted, it's not gonna stop anyone that wants access, but it will stop the casual snooper. Especially since I have a few neighbors with open APs -- they're the first targets, IMO.
Like I said, tho, I can't imagine anyone wanting access to my stuff that badly, but I also like to believe I'm doing *something* to keep the casual hacker at bay. =)
Of course. Very casual. =) I can't imagine anyone wanting to crack my home network beyond that, myself. It takes too long and I have very little of value on it.;)
Heres a slashdot article and discussion on this issue. If anyone wants to sit outside my house for a few hours to try and snoop my setup with MAC address filtering+128-bit, weekly-changing WEP+non-broadcasted SSID, more power to 'em.
Just because the SSID is default/broadcasted doesn't mean anything special. What's special is that there's no other security enabled on your neighbor's AP's. It also appears you are connecting without any WEP or watnot on your own wifi lan, as well, if you're connecting to your neighbor's APs or you have more than one profile set up. I think you can create a preferred profile.
With MAC adress filtering and 128-bit WEP, the difficulty in hacking that wifi is somewhat prohibitive unless the hacker has unlimited time to do it, ie townhome/apartment/close neighbor, default SSID or not.
Some tips I'm sure a lot of you already know: turn down your signal to the lowest setting you need for your home. Stop broadcasting your SSID. Filter MAC addresses. Add in 128-bit WEP and change your WEP key regularly. If you really want to be a *lot* more secure, use a Cisco 350 AP + client cards (or some similar Radius/LEAP enabled hardware) and set up a Radius server.
WEP is fine, but if you live in an apartment building, you have unlimited time for your hacker neighbors to crack the WEP, even 128-bit. Please use MAC address filtering. Here's a good how-to if you're interested.
yet another X server/manager to try. *sigh* It'd be nice if we could get everyone to focus all their energy on making the current X managers to play nice rather than go off and make more. freedesktop.org is a nice start towards fixing the linux desktop, methinks.
*Yawn* So what? Idiots will always open email attachments from unknown recipients and ultimately execute some sort of hidden code on their machine mainly because they can't figure out how to turn that stuff off or stop clicking on everything they see. I'd love to blame M$ here, but it really is the techno-weenies that do it to themselves by pretending they know how to use a computer, yet no matter how many times they're told "don't open attachments" they do it anyway. I love it when the email software is set up to autoexecute this stuff by default so they don't even know about it. RTFM, people!
Slashdot Mirror
Have been manufactured for a couple years now:h tml
http://www.wired.com/wired/archive/11.09/diamond.
I think it's a bad idea to post vulnerable websites in an unofficial area. This gives the information to the wrong people, again. If there is a list, perhaps the webmaster of each domain can be contacted instead of allowing every script kiddie to have access.
;-)
Don't get your pantyhose in a bunch if people think that's a bad idea and that your idea that people will use that data only to avoid these websites is laughable.
So, what happens if you want to use your fancy computer to model two universes?
Simple. Since we've got a computer capable of simulating the entire universe, we'll just use it to simulate a universe which contains a computer which is capable of simulating more than one universe.
Like putting too much air in a balloon!
Of course, it's so simple!
Now we don't have to worry about having doctor's in the US anymore, also... we can just get on a plane and go to India for medical care.
Add sarcasm tags where appropriate.
;-) Yeah, no kidding, right? I should have written that more clearly.
Now if only my car radio could have a cool tivo-like feature. I've often been listening to something on NPR or whatever and found myself lost in a thought for am oment only to snap back to reality missing some detail... oh man-o-man. How cool would that be? Although, it would be weird driving and constantly 'boop'ing back to listen to things you missed and I imagine that would only add to the number of bad drivers... or maybe add it to the stearing wheel...
Greedo? GREEDO?? Shame, shame, shame.
I have an MBA and it's *still* not easy to move into management. I am forever stuck in this dead-end programming job with the only future being me watching an Indian developer get my job.
-gam
Uranus! They changed the name of that planet a long time ago because of stupid silly jokes like that... what's it called now? Urectum.
a rare humor-ish post with futurama ties.
-gam
Now if only I can convince management that this is good. =/
-gam
This is a ludicrous assumption of an obvious ficticious and delusional event. There's *plenty* of unemployed tech folks that understand enough about web services to fix that specific issue that would be more than willing to replace you as sysadmin. or have I been trolled? =/
-gam
And H1-B visas are 6 years. So no, they haven't expired. They are still in effect. Sure is easy to make a strong argument when you can fabricate 'facts' in support.
H1B visa's expire in 3 years and can be renewed once. This allows for a *maximum* of 6 years, but not by default.
I personally don't agree with H1B's in this economy and I believe that renewals should be halted at this point.
-gam
Which one does what again? It's all so confusing.
-gam
I've just spent 3 weeks converting all my CD's to MP3. I know, ogg is better, but all of my audio gear can play MP3 -- car stereo, mp3 walkman, a sony mp3 radio my wife has, etc. Anyways, religious debate aside... This is a crappy solution to my needs and I'll never use it, simply because of the lossy quality of the music once I convert the WMA's to MP3. What a shame -- I was hopeful.
-gam
As stated in Paradigms Lost, modern science has come to use the media as a place to get their ideas heard and published instead of using the traditional review by peers approach. In other words, until this story is subjected to peer review and is something that peers in that field agree with, then I don't believe it's completely true. It may, however, have some truth in it, just not enough to make headlines.
I hate modern science.
-gam
Your MAC address is easily sniffed and spoofed, but it takes time and determination from the attacker and your NIC needs to be disconnected from the wifi in order for the attacker to gain entry via that MAC. If a neighbor has a completely unsecured open wifi (most likely) chances are very good that they will be targeted first. The attacker would have to *want* to hack your wifi and it takes about an hour or two (depending on your wifi traffic) to get a "weak IV" WEP key. If you're downloading stuff from the net, an attacker can use the packets to construct the WEP, but it does take time. Less traffic takes a lot longer. WEP-plus, however, takes a a prohibitively long time -- WEP-plus is the result of manufacturers removing the presence of "weak IVs" in their algorithms.
Here's a good article that describes how easily "weak IV" WEP can be cracked.
And, yes, the bottom line is, the wire is still a *lot* more secure than wifi. The most secure wifi can be cracked with enough time and the right tools/know-how. Knowing that means you have to decide if the convenience of wifi is worth the risk. I, personally, have nothing of any value on my LAN, so the risk is small.
Basically, make sure you keep backups of your most important files, and don't keep important data (bank accounts, etc) on your wifi accessible LAN and you should be Ok.
yes, I do... but I should have stated "rotating" WEP keys and SSIDs, rather than "changing". I have 4 keys that I rotate through and all 4 keys are in my client machine's profiles so I only need to change my AP, each WEP is associated with one SSID. Granted, it's not gonna stop anyone that wants access, but it will stop the casual snooper. Especially since I have a few neighbors with open APs -- they're the first targets, IMO.
Like I said, tho, I can't imagine anyone wanting access to my stuff that badly, but I also like to believe I'm doing *something* to keep the casual hacker at bay. =)
Of course. Very casual. =) I can't imagine anyone wanting to crack my home network beyond that, myself. It takes too long and I have very little of value on it. ;)
Heres a slashdot article and discussion on this issue. If anyone wants to sit outside my house for a few hours to try and snoop my setup with MAC address filtering+128-bit, weekly-changing WEP+non-broadcasted SSID, more power to 'em.
Just because the SSID is default/broadcasted doesn't mean anything special. What's special is that there's no other security enabled on your neighbor's AP's. It also appears you are connecting without any WEP or watnot on your own wifi lan, as well, if you're connecting to your neighbor's APs or you have more than one profile set up. I think you can create a preferred profile.
With MAC adress filtering and 128-bit WEP, the difficulty in hacking that wifi is somewhat prohibitive unless the hacker has unlimited time to do it, ie townhome/apartment/close neighbor, default SSID or not.
Some tips I'm sure a lot of you already know: turn down your signal to the lowest setting you need for your home. Stop broadcasting your SSID. Filter MAC addresses. Add in 128-bit WEP and change your WEP key regularly. If you really want to be a *lot* more secure, use a Cisco 350 AP + client cards (or some similar Radius/LEAP enabled hardware) and set up a Radius server.
Here's a good how-to.
WEP is fine, but if you live in an apartment building, you have unlimited time for your hacker neighbors to crack the WEP, even 128-bit. Please use MAC address filtering. Here's a
good how-to if you're interested.
And stop broadcasting your SSID! =)
Ah, true dat. I misread the distinction in my pre-coffee haze. ;) Thanks for the correction. This does sound pretty cool, then!
-jp
yet another X server/manager to try. *sigh* It'd be nice if we could get everyone to focus all their energy on making the current X managers to play nice rather than go off and make more. freedesktop.org is a nice start towards fixing the linux desktop, methinks.
-jp
and just before Christmas... gotta love corporations.
-jp
I only care about one wire: the T1 line. All the rest can be wireless. With LEAP authentication or RADIUS, who cares about all the other wires?
oh wait, we all still require land lines for phone access... *sigh* where's my GSM in the building? I don't want any more wires!!
-gam
*Yawn* So what? Idiots will always open email attachments from unknown recipients and ultimately execute some sort of hidden code on their machine mainly because they can't figure out how to turn that stuff off or stop clicking on everything they see. I'd love to blame M$ here, but it really is the techno-weenies that do it to themselves by pretending they know how to use a computer, yet no matter how many times they're told "don't open attachments" they do it anyway. I love it when the email software is set up to autoexecute this stuff by default so they don't even know about it. RTFM, people!
-gam