The entire Justice League and Justice Friends are all DC Superman is DC All of the various batman stuff is DC Wonder Woman is DC Green Lantern is DC Flash is DC
Spiderman is marvel X-Men are marvel Fantastic 4 are marvel Hulk is marvel Dare Devil is marvel Captain America is marvel (I Think) I think Iron Man is also marvel
I am from australia and I bought a DVD player which came unlocked out of the box. I recently took it back to get it replaced under warrenty and it seems as though the new one is unlocked too (although it doesnt say so anywhere)
Most aussie DVD players I have seen these days come unlocked or have unlock codes somewhere. (although when you deal with computer DVD players and some wierd ones like car DVD players, portable DVD players and consoles with DVD playing like xbox and PS2, it gets more complex)
If you want a (fictional) example of this, watch Die Hard 2: Die Harder where a reporter on one of the planes is using the airphone to tell the world what is happening.
The question is, why didnt microsoft (who have used zlib in a few places in windows like IE PNG handling and shell zip support) add zlib or the compression algorithim it implements as a dynamic library and make it a core part of the OS (i.e. with a zlib.h in the platform SDK)
But about the story too. Scolastic and Rowling are going to great lengths to make sure that story spoilers are not spread about before the official release date.
Is this something thats peculiar to america, the idea that you would lease a car for long term use? I havent heard of that in australia, only hire cars for short term use (e.g. holiday etc)
All this stuff about keystroke logging, taking screen captures etc is stupid.
The only things that should matter as far as empolyees go are: 1.Is the employee doing things that are illegal or bad (e.g. accessing porn on company time, downloading illegal songs over the company network, running copies of Quake on the company PC etc etc) 2.Is the employee doing things that are bad for the company (e.g. stealing company scerets, using company equipment to moonlight or to work for someone else) 3.Is the employee doing their job (e.g. for programmers, are they writing the code they need to write in the time they have been told they have to write it in) and 4.Is the work satisfactory (e.g. for code, is the code good enough)
As long as they do what they need to in the time they have been given to do it and as long as the work is good enough then the only things employers should be concerned about is things that are illegal or innappropriate and things that violate employee contracts (like stealing company scerets)
Monitoring of internet access and email and group policies to lock machines down so they cant be messed with and good physical security measures (e.g. locked down USB ports, restrictions on taking devices into the office, security cards to keep unwanted visitors out etc) should be able to stop or detect illegal or inappropriate things.
And detecting if they have done their jobs by monitoring things like how much code they contributed and how good it is is far better than trying to monitor via keystroke logs and screen capturing.
Can anyone think of any situation where keystroke logging, screen captures etc would catch something that other methods (i.e. email/internet monitoring, physical security) wouldnt?
Given all the bad things power-line-internet does (problems with ham radios etc), why are we still seeing people pushing for it. Who benifits? Does power-line-internet give the actual users anything that couldnt be accomplished with other technologies that DONT cause so many problems (like Cable, DSL, 802.11x WiFi etc)
An all-in-one package that newbies could run. Call it something like PC-Tune-Up or something. It would include a good anti-virus program. It would also include anti-spyware and other things to clean up peoples systems (i.e. registry cleaner like Norton System Works has, things that ensure that the windows firewall is configured properly and protecting your system, things that make it dead simple to download and install windows security updates and anything else that might help with securty. Also, it should include features like email scanning to check emails for viruses (and remove them before they even get to the inbox). Out of the box it could include 1 year subscription (for spyware and anti-virus defintion updates, new program code etc) Everything it does (including descriptions of anything nasty it finds) would be described in language that even newbies can understand.
Many people understand that taking your car to the mechanic every so often to get the oil replaced, brakes checked and whatever else is essential to keeping your car running the way you want.
So, use that metaphor to market the software. Tell people that running PC-Tune-Up (or whatever it is called) does the same thing for your computer as getting your car serviced does for your car.
Also, market to OEMs to include the software on the PCs they sell (in this form, it could just sit there and do its work with very little user interaction required unless something nasty showed up). By including this, they get less calls to technical support.
ISPs too could market this (since it would potentially reduce the number of machines infected with trojans spewing out spam or being used as part of botnets)
But, above all else, make it so simple even grandma and grampa can use it. Most newbies dont know what a "Trojan" is. But if you told them that a program was running on their computer without their knowledge and that it was making their computer and internet slower, they would probobly understand. The program should be set up to remove viruses automatically. (not necessarily spyware but certainly viruses)
no amount of legislation or action can stop a guy with a backpack or briefcase full of explosives getting onto the tube if they really want to.
You could put metal detectors and x-ray machines (like they have at airports) on all entrances of every underground station and/or on every train but even that wont stop someone determined. Plus, the cost of doing it and delays to commuters that it would cause make it unfesable.
I use Ad-Aware, Spybot AND Microsoft Anti Spyware for spyware detection. The chances of all 3 not detecting (and offering to remove) something are remote at best.
Its simple. Once we catch Bin Laden and his cronies, the "War On Terror" would be effectivly over. Which makes it much harder for the US govermnemt to do things like invading foriegn countries in the name of the "War On Terror"
This leads to problems where even though there is multiple physical lines from A to B (sometimes the backups go via C or D) that still doesnt gaurantee that things will be ok in the advent of a line dropout because the big telcos all over the world are greedy and will not implement the necessary links and setup to enable all these networks to talk to each other and use each other as a backup when needed.
Of course, that is only on a British monopoly board. American boards, Australian boards, Star Wars boards, Star Trek boards, Simpsons boards and others have totally different stuff:)
This scheme wouldnt require any special software (the "calculator" would be a physical device with a number pad, small solar panel for power and small LCD display a bit like a typical 4-function calculator today) and everything else would be browser based.
And it wouldnt be locked to one machine. Basicly, when the bank gives you the random number to feed into the calculator, it associates that number in its database with the IP address of the machine that retrieved the login page. If the IP address it stored doesnt match with the IP address that submits the login form (or if the timeout of 20 minutes has elapsed since the login form was retrieved), it would reject the login.
no they wouldnt, the hash value (and results typed in by the user) would time out and be useless very quickly. Plus (as others have said) you would need to use it again to transfer money to people not on your "approved payee" list (or to add people to that list)
When the phishing site retrieves the random number, that random number would only be useable for the IP address that retrieved it (the phishing site web server) and would only be useable for a limited time period (i.e. 20 minutes).
Plus, as others said, you need to do another hash input when you want to transfer money to someone not on your "approved payees" list (or when you want to add someone to that list)
no you dont. You wouldnt have it that you verify the recipient, just the amount.
So if you want to transfer $100 to someone, you would input 100 and some other number from the "I want to transfer money" page into the calculator and then the results back into the "I want to transfer money" page.
If the bank sends you a letter asking for personal account information, most people would follow up (especially if it contained bank logos and stuff).
And cluless people tend to associate email with letters. So its not unexpected that an email complete with official looking bank logos and graphics (and wording specifically designed to trick unsuspecting people into believing its genuine) would trick people into falling for it.
Here is a scheme that (if implemented) would almost completly stamp out phishing (for the bank that has implemented it anyway):
Each account that is enabled for online banking has a unique number generated for it, stored in the bank secure online banking database alongside the username and password. (call it S)
The customer is given a little device that would probobly look like a little calculator. This device contains an embedded copy of the number generated in step 1 along with simple logic to implement a hash algorthim and a keypad.
When you access the internet banking site, the bank displays the login and password prompt plus a randomly generated number and a box to put the output hash into.
The number is stored by the bank systems in a way that directly links it to the IP address of the machine logging in and also so that it is no longer valid after a very short period of time (e.g. 20 minutes or something). Refershing the login page would get a new different number.
You would input the number from the login page into your "calculator" thing which would combine it with the secret number inside the "calculator".
Then you input your username, password and the resulting hash into the login screen.
Assuming the hash generated by the "calculator" and by the bank (using the stored copy of the secret number) match, you would be allowed into the banking system.
The hash algorthim (call it F) would be chosen so that there is no number X such that F(S,X) = S for any significant number of values for S
If the "calculator" is stolen or lost or whatever, you could request a new one (with the old secret number being removed from the bank database for good)
Even if the fake login page talked to the banks servers and retrieved a real "challenge code" (to enter into the "calculator") it wouldnt defeat the system since it (and the resulting hash) would expire long before the phisher would actually be able to make use of it.
Another option would be one-time-use values that you get from your bank and use once to access online banking. Although this option would be less safe because of this: Philsher makes fake login page Bank customer goes into fake login page and types in username, password and one of their one-time-use values. Bank customer gets message back saying "system is down". Now phisher has one of the one-time-use values (error message can be written so as to convince bank customer that the one-time-use value he just used is now "used up") and can grab contents of bank account.
Myself, if my bank (The National Australia Bank) implemented the "calculator" idea, I would accept it (even if it did mean more bank fees to pay for the "calculator" device)
The entire Justice League and Justice Friends are all DC
Superman is DC
All of the various batman stuff is DC
Wonder Woman is DC
Green Lantern is DC
Flash is DC
Spiderman is marvel
X-Men are marvel
Fantastic 4 are marvel
Hulk is marvel
Dare Devil is marvel
Captain America is marvel (I Think)
I think Iron Man is also marvel
I am from australia and I bought a DVD player which came unlocked out of the box.
I recently took it back to get it replaced under warrenty and it seems as though the new one is unlocked too (although it doesnt say so anywhere)
Most aussie DVD players I have seen these days come unlocked or have unlock codes somewhere. (although when you deal with computer DVD players and some wierd ones like car DVD players, portable DVD players and consoles with DVD playing like xbox and PS2, it gets more complex)
If you want a (fictional) example of this, watch Die Hard 2: Die Harder where a reporter on one of the planes is using the airphone to tell the world what is happening.
The question is, why didnt microsoft (who have used zlib in a few places in windows like IE PNG handling and shell zip support) add zlib or the compression algorithim it implements as a dynamic library and make it a core part of the OS (i.e. with a zlib.h in the platform SDK)
But about the story too.
Scolastic and Rowling are going to great lengths to make sure that story spoilers are not spread about before the official release date.
Is there one anywhere near White Sands or is that something they made up for the movie Space Camp?
Is this something thats peculiar to america, the idea that you would lease a car for long term use?
I havent heard of that in australia, only hire cars for short term use (e.g. holiday etc)
All this stuff about keystroke logging, taking screen captures etc is stupid.
The only things that should matter as far as empolyees go are:
1.Is the employee doing things that are illegal or bad (e.g. accessing porn on company time, downloading illegal songs over the company network, running copies of Quake on the company PC etc etc)
2.Is the employee doing things that are bad for the company (e.g. stealing company scerets, using company equipment to moonlight or to work for someone else)
3.Is the employee doing their job (e.g. for programmers, are they writing the code they need to write in the time they have been told they have to write it in)
and 4.Is the work satisfactory (e.g. for code, is the code good enough)
As long as they do what they need to in the time they have been given to do it and as long as the work is good enough then the only things employers should be concerned about is things that are illegal or innappropriate and things that violate employee contracts (like stealing company scerets)
Monitoring of internet access and email and group policies to lock machines down so they cant be messed with and good physical security measures (e.g. locked down USB ports, restrictions on taking devices into the office, security cards to keep unwanted visitors out etc) should be able to stop or detect illegal or inappropriate things.
And detecting if they have done their jobs by monitoring things like how much code they contributed and how good it is is far better than trying to monitor via keystroke logs and screen capturing.
Can anyone think of any situation where keystroke logging, screen captures etc would catch something that other methods (i.e. email/internet monitoring, physical security) wouldnt?
Given all the bad things power-line-internet does (problems with ham radios etc), why are we still seeing people pushing for it.
Who benifits?
Does power-line-internet give the actual users anything that couldnt be accomplished with other technologies that DONT cause so many problems (like Cable, DSL, 802.11x WiFi etc)
An all-in-one package that newbies could run.
Call it something like PC-Tune-Up or something.
It would include a good anti-virus program.
It would also include anti-spyware and other things to clean up peoples systems (i.e. registry cleaner like Norton System Works has, things that ensure that the windows firewall is configured properly and protecting your system, things that make it dead simple to download and install windows security updates and anything else that might help with securty.
Also, it should include features like email scanning to check emails for viruses (and remove them before they even get to the inbox).
Out of the box it could include 1 year subscription (for spyware and anti-virus defintion updates, new program code etc)
Everything it does (including descriptions of anything nasty it finds) would be described in language that even newbies can understand.
Many people understand that taking your car to the mechanic every so often to get the oil replaced, brakes checked and whatever else is essential to keeping your car running the way you want.
So, use that metaphor to market the software. Tell people that running PC-Tune-Up (or whatever it is called) does the same thing for your computer as getting your car serviced does for your car.
Also, market to OEMs to include the software on the PCs they sell (in this form, it could just sit there and do its work with very little user interaction required unless something nasty showed up). By including this, they get less calls to technical support.
ISPs too could market this (since it would potentially reduce the number of machines infected with trojans spewing out spam or being used as part of botnets)
But, above all else, make it so simple even grandma and grampa can use it. Most newbies dont know what a "Trojan" is.
But if you told them that a program was running on their computer without their knowledge and that it was making their computer and internet slower, they would probobly understand. The program should be set up to remove viruses automatically. (not necessarily spyware but certainly viruses)
no amount of legislation or action can stop a guy with a backpack or briefcase full of explosives getting onto the tube if they really want to.
You could put metal detectors and x-ray machines (like they have at airports) on all entrances of every underground station and/or on every train but even that wont stop someone determined. Plus, the cost of doing it and delays to commuters that it would cause make it unfesable.
Not to mention the bombs on the busses too.
I use Ad-Aware, Spybot AND Microsoft Anti Spyware for spyware detection.
The chances of all 3 not detecting (and offering to remove) something are remote at best.
If I could own anything from the movies, it would be something out of one of the Police Academy movies... :)
If not, thats false and misleading advertising.
Although I dont know if thats illegal in america (I know its illegal here in australia)
Even when its shown late at night (when all the kids are in bed) they still cut this stuff :(
Why?
Its simple.
Once we catch Bin Laden and his cronies, the "War On Terror" would be effectivly over.
Which makes it much harder for the US govermnemt to do things like invading foriegn countries in the name of the "War On Terror"
I wouldnt put it past microsoft to tell hardware and software vendors that if they support linux, there would be repercussions...
This leads to problems where even though there is multiple physical lines from A to B (sometimes the backups go via C or D) that still doesnt gaurantee that things will be ok in the advent of a line dropout because the big telcos all over the world are greedy and will not implement the necessary links and setup to enable all these networks to talk to each other and use each other as a backup when needed.
Of course, that is only on a British monopoly board. :)
American boards, Australian boards, Star Wars boards, Star Trek boards, Simpsons boards and others have totally different stuff
This scheme wouldnt require any special software (the "calculator" would be a physical device with a number pad, small solar panel for power and small LCD display a bit like a typical 4-function calculator today) and everything else would be browser based.
And it wouldnt be locked to one machine. Basicly, when the bank gives you the random number to feed into the calculator, it associates that number in its database with the IP address of the machine that retrieved the login page. If the IP address it stored doesnt match with the IP address that submits the login form (or if the timeout of 20 minutes has elapsed since the login form was retrieved), it would reject the login.
no they wouldnt, the hash value (and results typed in by the user) would time out and be useless very quickly. Plus (as others have said) you would need to use it again to transfer money to people not on your "approved payee" list (or to add people to that list)
When the phishing site retrieves the random number, that random number would only be useable for the IP address that retrieved it (the phishing site web server) and would only be useable for a limited time period (i.e. 20 minutes).
Plus, as others said, you need to do another hash input when you want to transfer money to someone not on your "approved payees" list (or when you want to add someone to that list)
no you dont.
You wouldnt have it that you verify the recipient, just the amount.
So if you want to transfer $100 to someone, you would input 100 and some other number from the "I want to transfer money" page into the calculator and then the results back into the "I want to transfer money" page.
If the bank sends you a letter asking for personal account information, most people would follow up (especially if it contained bank logos and stuff).
And cluless people tend to associate email with letters. So its not unexpected that an email complete with official looking bank logos and graphics (and wording specifically designed to trick unsuspecting people into believing its genuine) would trick people into falling for it.
Here is a scheme that (if implemented) would almost completly stamp out phishing (for the bank that has implemented it anyway):
Each account that is enabled for online banking has a unique number generated for it, stored in the bank secure online banking database alongside the username and password. (call it S)
The customer is given a little device that would probobly look like a little calculator. This device contains an embedded copy of the number generated in step 1 along with simple logic to implement a hash algorthim and a keypad.
When you access the internet banking site, the bank displays the login and password prompt plus a randomly generated number and a box to put the output hash into.
The number is stored by the bank systems in a way that directly links it to the IP address of the machine logging in and also so that it is no longer valid after a very short period of time (e.g. 20 minutes or something). Refershing the login page would get a new different number.
You would input the number from the login page into your "calculator" thing which would combine it with the secret number inside the "calculator".
Then you input your username, password and the resulting hash into the login screen.
Assuming the hash generated by the "calculator" and by the bank (using the stored copy of the secret number) match, you would be allowed into the banking system.
The hash algorthim (call it F) would be chosen so that there is no number X such that F(S,X) = S for any significant number of values for S
If the "calculator" is stolen or lost or whatever, you could request a new one (with the old secret number being removed from the bank database for good)
Even if the fake login page talked to the banks servers and retrieved a real "challenge code" (to enter into the "calculator") it wouldnt defeat the system since it (and the resulting hash) would expire long before the phisher would actually be able to make use of it.
Another option would be one-time-use values that you get from your bank and use once to access online banking. Although this option would be less safe because of this:
Philsher makes fake login page
Bank customer goes into fake login page and types in username, password and one of their one-time-use values.
Bank customer gets message back saying "system is down". Now phisher has one of the one-time-use values (error message can be written so as to convince bank customer that the one-time-use value he just used is now "used up") and can grab contents of bank account.
Myself, if my bank (The National Australia Bank) implemented the "calculator" idea, I would accept it (even if it did mean more bank fees to pay for the "calculator" device)
The US government hasnt really cared about space (or manned space flight specifically) probobly since apollo 17 left the moon.