The mom and dad surfing email users are already better served by an ipad or a chromebook, and stick with windows just because they don't know that the alternatives would suit them better. Microsoft wants to get people even more locked in before the chance to do so slips away, without a locked in user base they are entirely unable to compete, just look at their attempts in mobile.
Two buttons on trackpad and press = right click. If you have the recent apple mouse, although it hasnt got an obvious right button, pressing on the right side of it is a right click. OSX fully supports USB and bluetooth - connect any mouse you want.
There's other savings to be had from the roof structure... Reduced sunlight falling on the roads will result in decreased a/c use (or open windows) in those cars on hot days, and the shelter provided by the roof will also reduce the amount of rain and snow on the road, both of which decrease traction so it could decrease the risk of crashes.
I end up with peoples fingerprints all over my non touchscreen anyway. I don't get why some people can't point without touching it. They also get offended when i keep pointing out that it's NOT a touchscreen and therefore you're not meant to touch it and cover it with greasy fingerprints.
This is a very common problem... I quite often get people online giving me their phone number without a country code, or their address without a country and in 99% of cases they are in the US when they do this. Often the last part of the address is a two letter code for their state (e.g. CA) which could easily be misinterpreted as a country code.
The Internet is a global network, when sending emails or posting data online you should absolutely declare the country if you're giving out a physical address or phone number. Not doing so is akin to giving your website or email address without the TLD.
If the contractors are already familiar with writing such algorithms, then chances are they worked for your competitors. And if they retain memory of competitors algorithms, they will retain memory from yours too.
This is another reason why being paranoid about sourcecode leaving the building is pointless...
There is no such thing as a remote environment that doesn't allow data to flow to the client machine... All you can do is close off some of the obvious routes, but there are plenty of other routes such as screen dump and ocr, and ofcourse the contractors will retain memory of the system whatever you do. And even if you have people onsite, you have to go to extreme lengths if you want to ensure there's no way for them to smuggle data in or out.
There really is no substitute for an NDA, plus hiring people you can actually trust to follow it.
Indeed if they are that paranoid, then the onsite staff could easily copy the code if they wanted to, forcing people to work onsite provides zero additional assurance unless you take extreme measures such as cutting off all outside access and searching people as they enter/exit etc.
The only protection you have is the NDA and other contracts between contractors/employees and the company, even the NSA couldn't physically stop someone from getting data out of the organisation.
NAT isn't used for security, in fact it's a major inconvenience and things work better on routable addresses... People only use NAT because they don't have enough addresses to do things properly.
If it can run linux then it can almost certainly run mysql too, i've run mysql on all kinds of exotic architectures (although sometimes had to compile it myself).
A service like shodan only increases public awareness, anyone who actually has malicious intent will have their own method of discovering insecure devices and no intention of publicising their activity. Publicity does not benefit those with malicious intent, as the publicity will cause at least some people to improve the configuration of their devices.
If you keep this information out of the public eye, it gets forgotten and overlooked and then the number of vulnerable devices only increases to the benefit of the actually malicious people who want to take advantage of them.
And yes often the device manufacturer is at fault, some devices cannot be reasonably secured and for others the manufacturer provides weak defaults and doesnt do enough to force users to change them. Some devices these days come with a random password printed on the device, that's perfectly reasonable and prevents casual attackers using blank or default passwords.
iMessage is aimed more as a replacement for SMS, which worked in the same way - you had to trust your telco and that of the recipient. For casual chat both systems are more than adequate.
Backwards compatibility is what's keeping them in business, if you're going to break backwards compatibility you are better off just going straight to linux.
Cheap outsourcing gets you your bonus and increases the share price. When the outsourcer fails to deliver you've already taken your bonus and moved on, and the shareholders have sold on their shares for a profit. The resulting downsides are now someone else's problem.
That's the whole problem with todays economy, it's geared up to encourage short term thinking.
When people are knowingly committing a crime they get spooked easily, a notice about a drive failure could cause someone to suspect the truth and start covering their tracks. The only evidence would be the fact they accessed the site very briefly, which a good lawyer could claim was accidental or otherwise performed without the intent of accessing child porn.
It's not uncommon for users to briefly access site they didn't intend to, sites can get hacked and filled with bogus links, search engine results are often filled with spam results and spam links are often received via email or social media postings etc. Simply accessing a website does not prove that the user was intending to access the content that's on the site. Someone who accesses the site unintentionally is going to leave as soon as they learn of the true content, but someone who is looking for such content is going to behave in exactly the same way as soon as they learn that the content they want is unavailable.
I thought officers regularly did such things and would plant trackers in cash or drugs etc in order to try and catch offenders... Police also often commit felonies like murder in the performance of their duties. We don't jail any cop who shoots a suspect, we investigate to determine if they were justified in doing so.
Killing or injuring someone is usually a crime, but in certain circumstances it's not such as self defence or in the performance of law enforcement / military duties.
Well in this particular instance i'm assuming the FBI wasn't creating any new child porn, so there were no new victims... Rather they were watching pedophiles acquiring existing material from the site in order to catch them in the act and gain evidence against them. Had they simply shut down the site immediately, then word would soon have spread and their ability to gain any evidence for further prosecutions from the site would have been gone, and the pedophiles would quickly move to other sites and probably try to delete any evidence linking them to the previous one.
It's unlikely that shutting down the site immediately would have prevented any crimes from being committed, as the pedophiles would go elsewhere therefore actually catching some is probably a positive result overall.
Slashdot Mirror
Only if you're using IE, you can still access such sites using Firefox which has its own SSL libraries.
The mom and dad surfing email users are already better served by an ipad or a chromebook, and stick with windows just because they don't know that the alternatives would suit them better.
Microsoft wants to get people even more locked in before the chance to do so slips away, without a locked in user base they are entirely unable to compete, just look at their attempts in mobile.
Two buttons on trackpad and press = right click.
If you have the recent apple mouse, although it hasnt got an obvious right button, pressing on the right side of it is a right click.
OSX fully supports USB and bluetooth - connect any mouse you want.
There's other savings to be had from the roof structure...
Reduced sunlight falling on the roads will result in decreased a/c use (or open windows) in those cars on hot days, and the shelter provided by the roof will also reduce the amount of rain and snow on the road, both of which decrease traction so it could decrease the risk of crashes.
So you're familiar with the postal code system in every country in the world?
I end up with peoples fingerprints all over my non touchscreen anyway. I don't get why some people can't point without touching it. They also get offended when i keep pointing out that it's NOT a touchscreen and therefore you're not meant to touch it and cover it with greasy fingerprints.
This is a very common problem... I quite often get people online giving me their phone number without a country code, or their address without a country and in 99% of cases they are in the US when they do this. Often the last part of the address is a two letter code for their state (e.g. CA) which could easily be misinterpreted as a country code.
The Internet is a global network, when sending emails or posting data online you should absolutely declare the country if you're giving out a physical address or phone number. Not doing so is akin to giving your website or email address without the TLD.
If the contractors are already familiar with writing such algorithms, then chances are they worked for your competitors. And if they retain memory of competitors algorithms, they will retain memory from yours too.
This is another reason why being paranoid about sourcecode leaving the building is pointless...
There is no such thing as a remote environment that doesn't allow data to flow to the client machine...
All you can do is close off some of the obvious routes, but there are plenty of other routes such as screen dump and ocr, and ofcourse the contractors will retain memory of the system whatever you do.
And even if you have people onsite, you have to go to extreme lengths if you want to ensure there's no way for them to smuggle data in or out.
There really is no substitute for an NDA, plus hiring people you can actually trust to follow it.
Indeed if they are that paranoid, then the onsite staff could easily copy the code if they wanted to, forcing people to work onsite provides zero additional assurance unless you take extreme measures such as cutting off all outside access and searching people as they enter/exit etc.
The only protection you have is the NDA and other contracts between contractors/employees and the company, even the NSA couldn't physically stop someone from getting data out of the organisation.
It wouldn't DoS anything, if the number of submissions goes up they will expand to cope with the increased demand.
NAT isn't used for security, in fact it's a major inconvenience and things work better on routable addresses...
People only use NAT because they don't have enough addresses to do things properly.
Whatever term you use to describe it or the reasons it was done, police officers often make a conscious decision to kill someone.
If it can run linux then it can almost certainly run mysql too, i've run mysql on all kinds of exotic architectures (although sometimes had to compile it myself).
A service like shodan only increases public awareness, anyone who actually has malicious intent will have their own method of discovering insecure devices and no intention of publicising their activity. Publicity does not benefit those with malicious intent, as the publicity will cause at least some people to improve the configuration of their devices.
If you keep this information out of the public eye, it gets forgotten and overlooked and then the number of vulnerable devices only increases to the benefit of the actually malicious people who want to take advantage of them.
And yes often the device manufacturer is at fault, some devices cannot be reasonably secured and for others the manufacturer provides weak defaults and doesnt do enough to force users to change them.
Some devices these days come with a random password printed on the device, that's perfectly reasonable and prevents casual attackers using blank or default passwords.
iMessage is aimed more as a replacement for SMS, which worked in the same way - you had to trust your telco and that of the recipient. For casual chat both systems are more than adequate.
Also not their problem, they should simply hand over all the evidence to law enforcement.
Backwards compatibility is what's keeping them in business, if you're going to break backwards compatibility you are better off just going straight to linux.
Unfortunately many people who have lived all their lives in english speaking countries also make frequent english errors...
Cheap outsourcing gets you your bonus and increases the share price.
When the outsourcer fails to deliver you've already taken your bonus and moved on, and the shareholders have sold on their shares for a profit. The resulting downsides are now someone else's problem.
That's the whole problem with todays economy, it's geared up to encourage short term thinking.
When people are knowingly committing a crime they get spooked easily, a notice about a drive failure could cause someone to suspect the truth and start covering their tracks. The only evidence would be the fact they accessed the site very briefly, which a good lawyer could claim was accidental or otherwise performed without the intent of accessing child porn.
It's not uncommon for users to briefly access site they didn't intend to, sites can get hacked and filled with bogus links, search engine results are often filled with spam results and spam links are often received via email or social media postings etc. Simply accessing a website does not prove that the user was intending to access the content that's on the site. Someone who accesses the site unintentionally is going to leave as soon as they learn of the true content, but someone who is looking for such content is going to behave in exactly the same way as soon as they learn that the content they want is unavailable.
I thought officers regularly did such things and would plant trackers in cash or drugs etc in order to try and catch offenders...
Police also often commit felonies like murder in the performance of their duties. We don't jail any cop who shoots a suspect, we investigate to determine if they were justified in doing so.
Killing or injuring someone is usually a crime, but in certain circumstances it's not such as self defence or in the performance of law enforcement / military duties.
The difference is that drug taking *can* be a victimless crime, whereas terrorism and childporn always causes harm to an innocent victim.
Well in this particular instance i'm assuming the FBI wasn't creating any new child porn, so there were no new victims... Rather they were watching pedophiles acquiring existing material from the site in order to catch them in the act and gain evidence against them.
Had they simply shut down the site immediately, then word would soon have spread and their ability to gain any evidence for further prosecutions from the site would have been gone, and the pedophiles would quickly move to other sites and probably try to delete any evidence linking them to the previous one.
It's unlikely that shutting down the site immediately would have prevented any crimes from being committed, as the pedophiles would go elsewhere therefore actually catching some is probably a positive result overall.