"Malicious code, such as viruses, worms and Trojans, remains the number one most concern of most IT security professionals"
I'm an IT security professional, and this really scares me. There are gaping holes in most organisations internal security that far outweigh the threats from external sources. Examples include
Paranoid mobile-office/home access to the corporate network with virus scanners and what-have-you, while username/password for the mainframe travels in the clear on the corporate LAN.
Application (especially web) security with more holes than swiss cheese.
Internal users who have full access to everything, and not even decent routines for potentially devastating tasks. Last summer here in Norway most banks stood still because a techie formatted the wrong SAN box in a vital datacentre!
We're very(?) good at protecting from untrusted users & systems, but not against trusted users & systems. Learning the difference between trusted and trustworthy is extremely educating (
ref )!
Intent isn't interesting. Bush knew that he would kill people by going to "war". (It isn't a war - the prisoners havn't been afforded POW status by the US, one of many hypocrisies).
The point is that killing people is illegal in most countries, and is also a breach of human rights(!). For every innocent civilian that they kill the US makes more enemies, and loses more sympathisers. Whole-scale bombing of Afghanistan is not a solution - it is a problem. Or can you imagine the British government bombing Ireland because of IRA terrorist attacks? Or even better - bombing New York because the IRA is mainly US-funded? The exact same logic applies as in bombing Afghanistan.
Sadly, Teknogeek focused on one minor issue in my first post. My main, most important point is that to avoid future attacks the US must rethink their foreign policy. Attacking Iraq, or not, is one important milestone as to whether they can succeed in that. Attacking Afghanistan was the first test, which they failed miserably.
I quote from the article: "It is now a year since the World Trade Center was destroyed. Legislators, the law-enforcement community, and the Bush Administration are embroiled in an essential debate over the measures necessary to prevent future attacks. "
The article goes on about technological measures of deterring terrorists.
I am disturbed by the US' lack of insight. It seems as if no-one has asked "why are there so many people out there who hate the US?". "What can the US do to prevent people from hating us so much that they're willing to fly a plane into a building?". The US (and the UK) are the main reasons the state of Israel exists today - the Israeli occupation of Palestinian territory is as atrocious as it is illegal. Many people blame the US. The US has killed over 800 innocent afghani civilians in their "war on terror". In my book thats just as bad as killing 800 american citizens. Or are all humans equal but american citizens are more equal than others?
In short: "homeland security" has focused on preventing the symptoms, and not the disease. As long as people hate the US enough to be willing to die to harm it, they will find ways to do so. And no amount of crypto or technology will prevent them! Wake up fools!
Before you mod me down: I wish no harm to the US but I _do_ understand that others do, and in part I sympathise with them in their plight.
The future of Alpha is dubious at best. For linux to win in the enterprise software support is a must. That means open AND closed source software. And surprise surprise - it will run on linux on intel first and foremost. No in-it-for-the-money ISV will port something that runs on linux/intel to linux/insert-esoteric-hardware-here unless there's a sound business case for it. It's hard enough getting them to support linux/intel - forget the other stuff (for now at least)!
This argument also applies to linux on mainframes (yes I've tried it, yes I hung it som the VM had to be restarted, yes I love linux, yes I hate mainframes).
OK. Since linux is an excellent server OS, it's also an excellent platform to run worms on (it doesn't even crash as much as windows under high load).
So lets forbid linux.
s/linux/your favourite stable OS/g
D'uh.
Back on topic: Couldn't routing protocols be changed to only cache routes for significant traffic flows - especially if the worms typically send small amounts of traffic to large network segments? Or better still to ignore worm-like activity (scans) at least for route caching purposes?
Javadoc is great for code comments - but kinda lacks "external" documentation.
Especially stuff like "How to set up the development and production environments".
Do consider using a similar directory tree for documentation as for code.
Slashdot Mirror
I'm an IT security professional, and this really scares me. There are gaping holes in most organisations internal security that far outweigh the threats from external sources. Examples include
- Paranoid mobile-office/home access to the corporate network with virus scanners and what-have-you, while username/password for the mainframe travels in the clear on the corporate LAN.
- Application (especially web) security with more holes than swiss cheese.
- Internal users who have full access to everything, and not even decent routines for potentially devastating tasks. Last summer here in Norway most banks stood still because a techie formatted the wrong SAN box in a vital datacentre!
We're very(?) good at protecting from untrusted users & systems, but not against trusted users & systems. Learning the difference between trusted and trustworthy is extremely educating ( ref )!The point is that killing people is illegal in most countries, and is also a breach of human rights(!). For every innocent civilian that they kill the US makes more enemies, and loses more sympathisers. Whole-scale bombing of Afghanistan is not a solution - it is a problem. Or can you imagine the British government bombing Ireland because of IRA terrorist attacks? Or even better - bombing New York because the IRA is mainly US-funded? The exact same logic applies as in bombing Afghanistan.
Sadly, Teknogeek focused on one minor issue in my first post. My main, most important point is that to avoid future attacks the US must rethink their foreign policy. Attacking Iraq, or not, is one important milestone as to whether they can succeed in that. Attacking Afghanistan was the first test, which they failed miserably.
The article goes on about technological measures of deterring terrorists.
I am disturbed by the US' lack of insight. It seems as if no-one has asked "why are there so many people out there who hate the US?". "What can the US do to prevent people from hating us so much that they're willing to fly a plane into a building?". The US (and the UK) are the main reasons the state of Israel exists today - the Israeli occupation of Palestinian territory is as atrocious as it is illegal. Many people blame the US. The US has killed over 800 innocent afghani civilians in their "war on terror". In my book thats just as bad as killing 800 american citizens. Or are all humans equal but american citizens are more equal than others?
In short: "homeland security" has focused on preventing the symptoms, and not the disease. As long as people hate the US enough to be willing to die to harm it, they will find ways to do so. And no amount of crypto or technology will prevent them! Wake up fools!
Before you mod me down: I wish no harm to the US but I _do_ understand that others do, and in part I sympathise with them in their plight.
But does this new approach mean that he supports ineroperability of PGP and S/MIME, or will they be forever two standards apart?
lol! Which is about as useful as not communicating at all, the other totally secure solution to all your communications problems ;-)
That would definitely give new meaning to "stinking rich"!
This argument also applies to linux on mainframes (yes I've tried it, yes I hung it som the VM had to be restarted, yes I love linux, yes I hate mainframes).
The rest was natural.
So with the phone in your pocket you choose testicular cancer rather than black helicopters - at least cancer is slower :-(
There's a reason they call it HPSUX.
So lets forbid linux.
s/linux/your favourite stable OS/g
D'uh.
Back on topic: Couldn't routing protocols be changed to only cache routes for significant traffic flows - especially if the worms typically send small amounts of traffic to large network segments? Or better still to ignore worm-like activity (scans) at least for route caching purposes?
t00t TooT