Second best - sit them down and ask them to demonstrate the problem by breaking into your system NOW. Make sure it's a linux or bsd box, at a console, not a graphical login, and don't give them a user name or password. Most of these weenies are only comfortable with Windows.
If the security holes are on Windows systems and found by security professionals that deal mainly or exclusively with Windows, I fail to see how using an alternate os as a strawman to cast doubt on their technical ability helps anyone.
These are all good questions to be sure, lets answer them one at a time:
1. What kind of training do I need to learn how to keep my data safe?
For most, you need nothing more than the initiative to learn. There are plenty of well-written books out there on security, encryption, and the like. Although some look down on them as script kiddie manuals, I like the "Hacking (windows/linux/whatever) Exposed" series of books. They can walk you through the mechanics and means of prevention of common exploits, both from over your network and the "social engineer" trying to con his or her way in. For more information on the latter, Kevin Mitnick's "Art of Deception" is excellent.
2. What do I do if I find an intrusion?
This is a great reason why good backups are worth their weight in gold. If a machine is compromised, there is no trusting if it has a rootkit or trojan on it, so its best to restore the machine from a known good backup. Many IDS (Intrusion Detection Systems) will take hashes of critical system files or binaries to warn you of any of them have been replaced with a rootkit version.
3. What if I detect intrusion attempts? Should I report them?
Attempts are a hard nut to crack. If you watch your firewall logs, you can see a metric ton of ping requests, portscans, etc. Although legally gray in some areas, its generally not worth being concerned about as long as the firewall is keeping them out. Script kiddies who do these things will generally use (if they're smart) a proxy server or a compromised machine to mask their origins, so reporting these things is usually an exercise in futility.
4. Should I use FreeBSD, which has a better security history than Linux?
Can't help you with that one. Maybe some of our fellow Slashdotters could offer some ideas to that end...
It'll really shorten the list when ISPs decide its better to get with the program than fend off the avalanche of legal papers about every little alleged copyright infringement case rather than the streamlined system for avoiding and handling offenses that the "code of conduct" provides.
Before third party telecom providers/resellers are cited as a solution, consider that they have to purchase the bandwidth from the same large players that would be a party to this agreement. I'm sure they would hold them to the same standard as not cause competition in this area.
Offensive humor only works because it breaks rules. Thus, Stern is only successful because people get shocked at what he does. They'll comment such as, "Can you believe what Stern got away with this morning?!"
If the radical conservatives (doesn't sound like an oxymoron these days) have their way, satellite radio as well as cable tv could find themselves fighting the same battle as their free-to-air counterparts with regard to indecency rules.
Do you think that your average American moviegoing audience would have appreciated the extremely wry and dry Brit humor of the Hitchhikers guide?
Thats the reason that britcoms are usually marginalized to public television stations here alongside Masterpiece Theater and the exciting History of Plywood.
TFA's writer admits that Adams was a dialogue writer and the book reflects that. Trying to bring it to the movies while appeasing the loyal readers/geeks and attracting enough normals to buy tickets to break even on it seems this side of impossible.
More to the point, I hope that passenger side airbag is disabled. Nothing disrupts the flow of your day like that laptop in the cradle propelled through your forehead at roughly the force of an exploding handgrenade in case of a collision.
I'm surprised that the market isn't ripe now for an internet appliance of the likes of the IOpener. Easy to use, boots fast, and is idiot proof. Sounds just like what many people need.
If I go and register Slashdot.org the second it comes up to be re-registered and turn it into "OMG IT SUCKS TACO IS A GIMP AND COWBOYNEAL IS A FAG!" then I deserve to have the URL taken off me for false advertising in the URL.
Getting modded on April First is like getting laid, it feels pretty cool that you don't have to be an actual geek to get it done, but later on you're embarrased about just how low you had to drop your standards to accomplish that task.
No, actually, they won't. In a case like this they'll send you a subpoena asking for the infromation they want. If you fail to respond, the court will issue an order for your arrest, and a warrant allowing them to sieze the comptuers that should have the logs.
It seems inevitable that the computers would be seized. I don't think the investigators would take it at face value that the logs didn't exist without checking for themselves.
This morning I woke up refreshed, opened the window to a beautiful day, took in some fresh air, and thought what a great opportunity today was to die of an infection.
Considering Moore's law, wouldn't it be reasonable to assume that off-the-shelf hardware of the future could make short work of most DRM schemes today?
The bankruptcy court will dispose of his assets and decide who gets what portions
Good. The "Spammer Profile" type stories I've seen linked to Slashdot in the mainstream press don't do much to discourage spamming as a career choice. The articles usually focus on the fancy cars, big houses, jewelry, and such that these slimes buy with their gains.
Slashdot Mirror
Its full of lighter-than-air gas, has turbofans on it, but its not a blimp!
I've never seen an aerospace venture with such a case of denial.
Second best - sit them down and ask them to demonstrate the problem by breaking into your system NOW. Make sure it's a linux or bsd box, at a console, not a graphical login, and don't give them a user name or password. Most of these weenies are only comfortable with Windows.
If the security holes are on Windows systems and found by security professionals that deal mainly or exclusively with Windows, I fail to see how using an alternate os as a strawman to cast doubt on their technical ability helps anyone.
Can you tell us if the ground will be friends with the whale in the film?
These are all good questions to be sure, lets answer them one at a time:
1. What kind of training do I need to learn how to keep my data safe?
For most, you need nothing more than the initiative to learn. There are plenty of well-written books out there on security, encryption, and the like. Although some look down on them as script kiddie manuals, I like the "Hacking (windows/linux/whatever) Exposed" series of books. They can walk you through the mechanics and means of prevention of common exploits, both from over your network and the "social engineer" trying to con his or her way in. For more information on the latter, Kevin Mitnick's "Art of Deception" is excellent.
2. What do I do if I find an intrusion?
This is a great reason why good backups are worth their weight in gold. If a machine is compromised, there is no trusting if it has a rootkit or trojan on it, so its best to restore the machine from a known good backup. Many IDS (Intrusion Detection Systems) will take hashes of critical system files or binaries to warn you of any of them have been replaced with a rootkit version.
3. What if I detect intrusion attempts? Should I report them?
Attempts are a hard nut to crack. If you watch your firewall logs, you can see a metric ton of ping requests, portscans, etc. Although legally gray in some areas, its generally not worth being concerned about as long as the firewall is keeping them out. Script kiddies who do these things will generally use (if they're smart) a proxy server or a compromised machine to mask their origins, so reporting these things is usually an exercise in futility.
4. Should I use FreeBSD, which has a better security history than Linux?
Can't help you with that one. Maybe some of our fellow Slashdotters could offer some ideas to that end...
It really shortens the list.
It'll really shorten the list when ISPs decide its better to get with the program than fend off the avalanche of legal papers about every little alleged copyright infringement case rather than the streamlined system for avoiding and handling offenses that the "code of conduct" provides.
Before third party telecom providers/resellers are cited as a solution, consider that they have to purchase the bandwidth from the same large players that would be a party to this agreement. I'm sure they would hold them to the same standard as not cause competition in this area.
In the past ten years since the ADHD league took over MTV programming, will this unveiling go as expected?
Bill Gates:
Welcome to the next level of home video game enter
ANNOYING POPUP!-HI THIS IS MEGAN FROM CRAPSMELL, NJ AND I LOVE JAY-Z, WOOOOO!
its processing power will make its extensive library of
RANDOM SNIPPET OF VIDEO!
the Xbox2 will retail for
HEY ITS CARSON DALEY, LOOK AT HIS HAIRLESS CHEST Aieeee!
Offensive humor only works because it breaks rules. Thus, Stern is only successful because people get shocked at what he does. They'll comment such as, "Can you believe what Stern got away with this morning?!"
If the radical conservatives (doesn't sound like an oxymoron these days) have their way, satellite radio as well as cable tv could find themselves fighting the same battle as their free-to-air counterparts with regard to indecency rules.
So we've got a movie. A piece of shit movie.That Douglas Adams lost his life over.
I know he died a few years back, but I didn't know that was his cause of death.
If bad movies could kill, then the premier of Phantom Menace would have looked like Jonestown, post-Kool Aid.
Do you think that your average American moviegoing audience would have appreciated the extremely wry and dry Brit humor of the Hitchhikers guide?
Thats the reason that britcoms are usually marginalized to public television stations here alongside Masterpiece Theater and the exciting History of Plywood.
TFA's writer admits that Adams was a dialogue writer and the book reflects that. Trying to bring it to the movies while appeasing the loyal readers/geeks and attracting enough normals to buy tickets to break even on it seems this side of impossible.
More to the point, I hope that passenger side airbag is disabled. Nothing disrupts the flow of your day like that laptop in the cradle propelled through your forehead at roughly the force of an exploding handgrenade in case of a collision.
Don't forget the breathtaking scene where BenAflecktron puts an animal cracker down LivTylerbots pants.
I'm surprised that the market isn't ripe now for an internet appliance of the likes of the IOpener. Easy to use, boots fast, and is idiot proof. Sounds just like what many people need.
Man, I wish I had an explanation that good when I'd try to hide my late-night Cinemax viewing from my parents as a kid.
Speaking of call...
(323)462-9609
This is the number to the payphone outside of Grauman's Chinese Theater.
Enjoy.
Yes that was Blackwolf the Dragon Master, NYC's unofficial wizard. As if the offical wizard of NYC will turn him into a newt for his presumptiousness.
Best part? He got SAG credit for that appearance.
If I go and register Slashdot.org the second it comes up to be re-registered and turn it into "OMG IT SUCKS TACO IS A GIMP AND COWBOYNEAL IS A FAG!" then I deserve to have the URL taken off me for false advertising in the URL.
Sounds like an improvement.
Getting modded on April First is like getting laid, it feels pretty cool that you don't have to be an actual geek to get it done, but later on you're embarrased about just how low you had to drop your standards to accomplish that task.
Standards? Hoo boy, are you in the wrong place.
Better than that, the Paris Hilton edition of Debian will make getting your favorite STD as simple as:
apt-get install herpes
I always do. You can get sick from tainted posts well past their date.
When I was a baby, my bathtub toys were a radio and a toaster.
Not a good idea. Many states have stiff mandatory minimum sentences if a pun is used in the commission of a crime.
No, actually, they won't. In a case like this they'll send you a subpoena asking for the infromation they want. If you fail to respond, the court will issue an order for your arrest, and a warrant allowing them to sieze the comptuers that should have the logs.
It seems inevitable that the computers would be seized. I don't think the investigators would take it at face value that the logs didn't exist without checking for themselves.
This morning I woke up refreshed, opened the window to a beautiful day, took in some fresh air, and thought what a great opportunity today was to die of an infection.
It's good to see another like-minded optimist.
Considering Moore's law, wouldn't it be reasonable to assume that off-the-shelf hardware of the future could make short work of most DRM schemes today?
The bankruptcy court will dispose of his assets and decide who gets what portions
Good. The "Spammer Profile" type stories I've seen linked to Slashdot in the mainstream press don't do much to discourage spamming as a career choice. The articles usually focus on the fancy cars, big houses, jewelry, and such that these slimes buy with their gains.
Finally, they're being hit where it hurts.