Given what I've seen of wearable computing so far, and with other technologies, such as the embedded chips that can be used by a "smart" building to tell where you are and whether you are authorized to enter certain rooms, I would guess that useful, wearable computing would really hit its stride in another two to three years. Maybe five at the outside.
Of course, this begs the Faustian question, just because you *can* wear a computer, should you? or would you want to? I think my cell phone is a big enough "leash" already, would I want to wear a computer to fix problems even when I'm not at work? No...
One of the problems I've noted with the article as I've read it so far is the fact that, throughout much of the article, it talks in terms of "CBRN/cyber" as a single form of attack/device. But the article DOES make a differentiation in "External Hurdles", where the author finally states that "there is a clear distiction between CBRN weapons and cyber devices." Unfortunately, the author continues on the analysis about CBRN weapons, but never explains what that distinction is.
All in all, it seems to me that the idea of "cyber" devices for terrorism was added to the article as an afterthought, and that the analyst was either not knowledgeable or not skilled in incorporating the links between the two types of terrorism.
A more detailed response pending as I do some more reading, and have re-read the article a couple of times.
In the meantime, the article also uses "Thus" waaay too much. Thus this and thus that, and thus, the article sounds way too "rough" to be ready for publication.
Really? And how are you going to get that control? Maybe more script kids read BUGTRAQ than sysadmins. But that's the fault of the sysadmins. Qualified sysadmins SHOULD read BUGTRAQ. If they're so unknowledgeable about security listservs like CERT, BUGTRAQ and the like, then they should look for a line of work for which they have more skills. And let's say BUGTRAQ never publishes a vulnerability anymore. Do you think that will solve the problem? Do you honestly think the bad guys aren't going to know how to break into systems anymore? Get real...
And what stops the crackers who create the exploit scripts and documentation on those same holes from publishing their stuff on the Web or even BBSs? *We* don't need licensing...system and network administrators need better education on security to understand how to keep up with the exploits, and we need to make it clear to operating system vendors that they have a responsibility to security as well. Many of the recent exploits of NT were fixed in other OSs years ago - there's no excuse for Microsoft to have made the same mistakes. "If you outlaw guns, only outlaws will have guns." or something like that...
And yes, who on earth would be responsible for licensing us? Who decides who gets one and who doesn't?
One would think there would be. But intrusion detection seems to be a relative newcomer to the whole security picture of network and system administration. Although I've often maintained that good system administration involves a balance of preventing attacks (using firewalls, restricting services, keeping up with patches) and detecting attacks, it seems to be a novel new concept. Only recently has it become a strong topic at SANS and USENIX as the second part to the whole. I've never felt that any system administrator should spend the time to try to prevent all break ins. You will never be as good as the best hacker out there. So it's not a question of "IF" they will break in, but when, and when that happens, how do you know? Hopefully, we will see more books like this in the future.
I agree with rjh...thank you for including the excellent, yet still fairly succinct version of PKI. I will also back his challenge with an additional $ 500 bucks if they can crack the message in a week. Project Bovine ( http://www.distributed.net) has been trying to crack RC-5-64 for 624 days now, and their odds are still only 1 in 2,529 of cracking it in 24 hours.
Being gay myself, I have to say that I don't talk even remotely like Jar Jar (you could at least spell it right, twit)...now, I'll agree with you on C3PO tho...him and R2 are a funny, fabulous gay couple.
no, no, no...they got it all wrong, the best part of the very end of the credits was the 3D cube logo and "Computers provided by Silicon Graphics Computer Systems":)
Yes, but the restrictions on databases in this sense are based on privacy issues, such as the Datenschutzgesetz in Germany, and are not issues of copyright, per se. For the U.S. phone book listings are considered public domain, and phone books cannot have copyright. How the issue will resolve with the 'net remains to be seen... As for Network Solutions, I personally don't see their copyright of whois info holding up, in that a large portion of the database was created by other companies as well, back when AT&T and other companies "shared" the burden of InterNIC duties...back before NSF contracted it out.
Slashdot Mirror
Given what I've seen of wearable computing so far, and with other technologies, such as the embedded chips that can be used by a "smart" building to tell where you are and whether you are authorized to enter certain rooms, I would guess that useful, wearable computing would really hit its stride in another two to three years. Maybe five at the outside.
Of course, this begs the Faustian question, just because you *can* wear a computer, should you? or would you want to? I think my cell phone is a big enough "leash" already, would I want to wear a computer to fix problems even when I'm not at work? No...
Besides, I'd much rather just have the Aura workstation desk...
One of the problems I've noted with the article as I've read it so far is the fact that, throughout much of the article, it talks in terms of "CBRN/cyber" as a single form of attack/device. But the article DOES make a differentiation in "External Hurdles", where the author finally states that "there is a clear distiction between CBRN weapons and cyber devices." Unfortunately, the author continues on the analysis about CBRN weapons, but never explains what that distinction is.
All in all, it seems to me that the idea of "cyber" devices for terrorism was added to the article as an afterthought, and that the analyst was either not knowledgeable or not skilled in incorporating the links between the two types of terrorism.
A more detailed response pending as I do some more reading, and have re-read the article a couple of times.
In the meantime, the article also uses "Thus" waaay too much. Thus this and thus that, and thus, the article sounds way too "rough" to be ready for publication.
Really? And how are you going to get that control? Maybe more script kids read BUGTRAQ than sysadmins. But that's the fault of the sysadmins. Qualified sysadmins SHOULD read BUGTRAQ. If they're so unknowledgeable about security listservs like CERT, BUGTRAQ and the like, then they should look for a line of work for which they have more skills. And let's say BUGTRAQ never publishes a vulnerability anymore. Do you think that will solve the problem? Do you honestly think the bad guys aren't going to know how to break into systems anymore? Get real...
"If you outlaw guns, only outlaws will have guns." or something like that...
And yes, who on earth would be responsible for licensing us? Who decides who gets one and who doesn't?
One would think there would be. But intrusion detection seems to be a relative newcomer to the whole security picture of network and system administration. Although I've often maintained that good system administration involves a balance of preventing attacks (using firewalls, restricting services, keeping up with patches) and detecting attacks, it seems to be a novel new concept. Only recently has it become a strong topic at SANS and USENIX as the second part to the whole. I've never felt that any system administrator should spend the time to try to prevent all break ins. You will never be as good as the best hacker out there. So it's not a question of "IF" they will break in, but when, and when that happens, how do you know? Hopefully, we will see more books like this in the future.
I agree with rjh...thank you for including the excellent, yet still fairly succinct version of PKI. I will also back his challenge with an additional $ 500 bucks if they can crack the message in a week. Project Bovine ( http://www.distributed.net) has been trying to crack RC-5-64 for 624 days now, and their odds are still only 1 in 2,529 of cracking it in 24 hours.
For only $ 5,500 for the single monitor unit, you can get Poetic Technologies' Aura chair instead. It's way cooler than this thing, and costs less.
"Luke, I am your father."
"NO! You can't be! That's implausible!"
"Search your script, Luke, you know it's true."
Being gay myself, I have to say that I don't talk even remotely like Jar Jar (you could at least spell it right, twit)...now, I'll agree with you on C3PO tho...him and R2 are a funny, fabulous gay couple.
no, no, no...they got it all wrong, the best part of the very end of the credits was the 3D cube logo and "Computers provided by Silicon Graphics Computer Systems" :)
Yes, but the restrictions on databases in this sense are based on privacy issues, such as the Datenschutzgesetz in Germany, and are not issues of copyright, per se. For the U.S. phone book listings are considered public domain, and phone books cannot have copyright. How the issue will resolve with the 'net remains to be seen... As for Network Solutions, I personally don't see their copyright of whois info holding up, in that a large portion of the database was created by other companies as well, back when AT&T and other companies "shared" the burden of InterNIC duties...back before NSF contracted it out.