Take a look at TruSecure. They offer certification of business networks. They have a number of big companies. We use them and it's a great way to look at security. Instead of just looking at what the vulnerabilies are, TruSecure looks at your entire org and network based on their essential practices and then puts you on a process to make your security very good based on layered control. It's a very sane approach to security, since it focus on an continous program and is vendor netural!
The Rational Unified Process also has a similar approach. Organize your development so that there are a number of interations. Each interation ends with and integration phase. As Egeorge said, you will get customer feedback sooner and have more control over the entire process.
This all fits into the old saying:
How do you eat an elephant? One bite at a time.
Same thing with a big development effort. Split the effort up into small ediable bits and then run each of these through the entire process.
It's even easier than that. Microsoft's as well as REal Audio and other DRM (Digital Right Managment) systems allow for exactly this type of functionality.
When a wma file is played, the player looks for
DRM information. This information tells the player if a "license" is needed or not. If so it also tells the player where to get.
The first time a file is played, the player request a license for that file and is given one good for 30 days. If the file is played again after this time, the player requests another license. The license server at PressPlay or Musicnet knows the status of the user that this piece of music was checked out to and can apply any business rules need to grant the license or not.
BTW, these license can be any thing from play indefinitly, to play 3 times.
I'm afraid that given the music and motion picture industry's paranoia regarding piracy, some type of copy protection will become standard. I've seen quotes in recent press stories that the industry expects to loose 5% of it's customer's because of this. The person quote was perfectly happy with that amount.
The reason of course is they believe they are losing much more money to piracy!. While we in the US have some fair use rights, the copyright owners don't have any obligation to make it easy or even possible for consumer to exercise these rights. And with the DMCA they can keep most people from being able to get around copy protections. This means that only the technical elite will be able to enjoy fair use rights in the near future.
If you have concerns about this I suggest that you do 3 things.
1) Write your Congressman and Senator. Yes you hear this all the time. But the be assured that the Music Industry is doing that. That is what the RIAA is... A Lobbying group for the Music Industry.
2) Support the EFF. They are on the front lines of trying to fight this type of limiting of our rights.
3) Support the ACLU. The ACLU are also on the front lines in a wide range of issues.
One more note of clarification, the RIAA is an association of the largest music publishers. While they claim 100's of member, there are really only 5 publishers that matter. I believe these are
Universal
Bertelsmann/BMG
Sony
EMI
Aol/Time Warner
Most of the other labels you hear about are subsidiaries of these companies or very small.
Don't forget that there are a lot of customers out there that can only contact sites on port 80 and 443. I have run into this time and again. You want to use a port other than 80 for admin or security reason, only to find out that your customers security practices don't allow communication to other ports.
This is true for both consumers and business customers.
So while you might want to run a service or application on another port, you might be locked into port 80.
Just something to keep in mind.
Beside, you shouldn't rely on the obscure ports for you security. You should build security into your application from the start. And you should NEVER trust any data that comes from "outside" your applications.
I have a Linksys router installed. You are right that it is a very easy way to protect your network. A friend is using SMC. Both work the same way. HTML interface. Both do port forwarding, NAT, IPsec, DHCP etc...
I run a web server as does my friend. No problem, just port forward 80 to the server running your website. Very easy to setup and run. These are basically plug and play.
Yes you can do the cheap box Running linux. I have on of these too. But I prefer the no fan, low power Linksys box.
There are new and interesting product being developed all the time. Just take a look at http://www.onebigcd.com. This company has software that will let you listen to your digital music collection from you house, with out installing apache or some other webserver.
As for the lawsuits, they have just solidified that there are only two groups (I'm simplifing, I know) that can do anything with music.
First there is the copyright owners. These are general the record lables and the publishers.
The second group are the consumers that have purchased a CD or piece of music. Consumer do have a number of fairuse rights. Thought the copyright owners would love to limit these.
Consumer do have the right to make copies of music for thier own personal use. This includes space and time shifting. This has been up held a number of times by a number of courts.
However, companies can't act as agents for the consumer. That is, a company can't make a copy for a consumer. But that consumer may make a copy for himself. And then listen to that copy whenever, where ever, 0r however they choose.
Like I said a the beginning, check out http://www.onebigcd.com for an example of inovation that allows the consumer to use their digital music collection in a new way, while not violating any copyrights.
Cheers!
Slashdot Mirror
Take a look at TruSecure. They offer certification of business networks. They have a number of big companies. We use them and it's a great way to look at security. Instead of just looking at what the vulnerabilies are, TruSecure looks at your entire org and network based on their essential practices and then puts you on a process to make your security very good based on layered control. It's a very sane approach to security, since it focus on an continous program and is vendor netural!
The Rational Unified Process also has a similar approach. Organize your development so that there are a number of interations. Each interation ends with and integration phase. As Egeorge said, you will get customer feedback sooner and have more control over the entire process.
This all fits into the old saying:
How do you eat an elephant? One bite at a time.
Same thing with a big development effort. Split the effort up into small ediable bits and then run each of these through the entire process.
from the virtual tour it looks like the Hydrogen is stored in canisters. Each one costing around $420.00!
It also indicated that 9 canister would be required for 24 hours of operations.
I hope your realize that MP3.com is now owned by Bertelsmann and is providing the technology behind PressPlay.
It's even easier than that. Microsoft's as well as REal Audio and other DRM (Digital Right Managment) systems allow for exactly this type of functionality.
When a wma file is played, the player looks for
DRM information. This information tells the player if a "license" is needed or not. If so it also tells the player where to get.
The first time a file is played, the player request a license for that file and is given one good for 30 days. If the file is played again after this time, the player requests another license. The license server at PressPlay or Musicnet knows the status of the user that this piece of music was checked out to and can apply any business rules need to grant the license or not.
BTW, these license can be any thing from play indefinitly, to play 3 times.
I'm afraid that given the music and motion picture industry's paranoia regarding piracy, some type of copy protection will become standard. I've seen quotes in recent press stories that the industry expects to loose 5% of it's customer's because of this. The person quote was perfectly happy with that amount.
The reason of course is they believe they are losing much more money to piracy!. While we in the US have some fair use rights, the copyright owners don't have any obligation to make it easy or even possible for consumer to exercise these rights. And with the DMCA they can keep most people from being able to get around copy protections. This means that only the technical elite will be able to enjoy fair use rights in the near future.
If you have concerns about this I suggest that you do 3 things.
1) Write your Congressman and Senator. Yes you hear this all the time. But the be assured that the Music Industry is doing that. That is what the RIAA is... A Lobbying group for the Music Industry.
2) Support the EFF. They are on the front lines of trying to fight this type of limiting of our rights.
3) Support the ACLU. The ACLU are also on the front lines in a wide range of issues.
One more note of clarification, the RIAA is an association of the largest music publishers. While they claim 100's of member, there are really only 5 publishers that matter. I believe these are
Universal
Bertelsmann/BMG
Sony
EMI
Aol/Time Warner
Most of the other labels you hear about are subsidiaries of these companies or very small.
Don't forget that there are a lot of customers out there that can only contact sites on port 80 and 443. I have run into this time and again. You want to use a port other than 80 for admin or security reason, only to find out that your customers security practices don't allow communication to other ports.
This is true for both consumers and business customers.
So while you might want to run a service or application on another port, you might be locked into port 80.
Just something to keep in mind.
Beside, you shouldn't rely on the obscure ports for you security. You should build security into your application from the start. And you should NEVER trust any data that comes from "outside" your applications.
Cheers!
I have a Linksys router installed. You are right that it is a very easy way to protect your network. A friend is using SMC. Both work the same way. HTML interface. Both do port forwarding, NAT, IPsec, DHCP etc...
I run a web server as does my friend. No problem, just port forward 80 to the server running your website. Very easy to setup and run. These are basically plug and play.
Yes you can do the cheap box Running linux. I have on of these too. But I prefer the no fan, low power Linksys box.
Hope this helps.
There are new and interesting product being developed all the time. Just take a look at http://www.onebigcd.com. This company has software that will let you listen to your digital music collection from you house, with out installing apache or some other webserver. As for the lawsuits, they have just solidified that there are only two groups (I'm simplifing, I know) that can do anything with music. First there is the copyright owners. These are general the record lables and the publishers. The second group are the consumers that have purchased a CD or piece of music. Consumer do have a number of fairuse rights. Thought the copyright owners would love to limit these. Consumer do have the right to make copies of music for thier own personal use. This includes space and time shifting. This has been up held a number of times by a number of courts. However, companies can't act as agents for the consumer. That is, a company can't make a copy for a consumer. But that consumer may make a copy for himself. And then listen to that copy whenever, where ever, 0r however they choose. Like I said a the beginning, check out http://www.onebigcd.com for an example of inovation that allows the consumer to use their digital music collection in a new way, while not violating any copyrights. Cheers!