Pair this with the Sniper finder robot and the automated attack tower we have seen in the last couple days though and I wouldn't want to mess w/ something that returns fire automatically and w/o deviating from it's primary mission.
This is what? The 3rd ICBM convered to a SLV (Space Launch Vehicle) to die? There was the solar sail one. I think there was another. And now this one. I can't believe anyone will use them these days. Also hopefully people realize that missiles that leave the atmosphere are not something that just happens. Reguardless of how big and advanced your country is, it's still very hard.
Well, considering they are launching on Russian ICBMs to get rid of them, building new ones doesn't seem to make a whole lot of sense. Anyway, the design and testing of a new ICBM or SLV (Space Launch Vehicle) isn't worth the trouble to save the weight.
on the other hand of this, feel free to promise anything verbally to anyone that isn't above you. If you need to promise someone something to get things done, do it verbally. Then later come up with whatever excuse why you can't do it.
We have a contractor who when you ask "Is the grass green?" Replies "The sky's blue". And blue is generious. Many times it's purple, orange, neon or one of the infinite set of colors you know it is not. But the answer never has to do with the original question.
Go find the engineering department and get a grad student or a good undergrad EE and one in ME to design and build a clicker for you. Should be fairly cheap. Now the receiver is what is going to be interesting. It has to receive probably hundreds of signals in a very short time. Overall this would make a great senior project. Realistically solvable but still rather complex.
The simple fact is this is not an apple product. It's a Motorola product that Motorola is paying Apple to put their name on. That would explain why it's ugly, poorly integrated, and crippled. My guess is Apple gets money for opening iTunes and for putting their name on it, but not much else.
Thea easy answer is:
A response to a RFP looks good if the people attached to it have certs.
Therefore, you are more sellable in a proposal and therefore more hirable if you have certs.
Additionally, some companies/government departments require certain certs for people doing certain jobs.
In reality we all know they meant the person went to a week-long class and passed the test at the end, but even this is sometimes impressive as it means 1: the person is willing to go get training, or to someone evaluating a contract 2: the company is willing to train people.
Did the worms that were detected without signature updates rerly at all on payload detection? Is payload detection a reasonable method for characterizing malicious attacks? Search for both the exploit and the payload? Are payloads more static than attacks or are payloads likely to be constantly modified and/or encoded in such a way that they will not consistantly be identifiable?
(I assume that a signature for an encoded payload could be used but that hopefully anyone who encoded their payload in their executable would also take the time to include a table to xor against unique for each exploit in which the payload was used so that the same payload could be used undetected with different exploits.)
With respect to the computer specifically, really it's a lot simpler than you think. What you need is to get it certified for classified processing. What this means is finding the person who will be doing the certification and ask them what they are going to check for. Then impliment that. As a contractor facility it should be DSS who does this. A good place to start is getting your hands on a copy of the DISA Gold Disk and a copy of the Minimal Security Activity Checklists (MSACs). I also recommend patching the computer as completely as possible. Also read up on the DoD 8500 series and DIACAP.
Is it really required that hash functions used for passwords have collisions? Why hasn't anyone developed a hashing algorithm designed to have zero collisions when hashing something less than the length of the hash. If a hash is 256 values long in the same character-space as the password, theoretically you could have a 1-1 correlation. Is this technically possible in application?
(Oh, and does anyone have a good site to find word lists and rule lists for john the ripper? I always have trouble finding a really good rule list.)
Tivo could easily start buying up cheap movies and old series for cheap and start offering them. By doing that and buying discontinued tv series they could start to build an on-demand catalogue that would justify non-cable people shelling out for a cheap tivo. I think once they had a sustainable group doing that they could start getting more current content.
if it's important, encrypt it. Reguardless of if this is FUD or not, we're all going to have to realize that man-in-the-middle attacks are becoming more practical.
While there is obviously an issue in that drivers, (particularly automatically loadeded ones such as Firewire and USB), have not undergone the security scrutiny that network software has, this is most certainly a PR article. There isn't a link to a technical description of the problem anyway, but the second half of the article is dedicated to vendor solutions. This article was instigated by a PR firm, not by normal media services.
I wish I was going to blackhad though. After SANS I could only get work to pay for DEFCON. Especially since they know what CISSP training will cost.
1. MMoRPGs are extremely expensive to run. I'd guess their bandwidth alone is 10% of their gross. Then they need dedicated support in game/server 24/7. They need dedicated phone support. They need dedicated email support. They need an operations team. They need a web team including support. They need a team working on free content separate from the operations team. And they probably have a content team working on expansion content separate from the free content team. That many bodies is EXPENSIVE. wages + benefits + office space + in-house support. It adds up quick. MMoRPGs bring in a lot of money but it flows out extremely fast too.
And the fact that 2 large raid zones, DM and BWL, have been added since the games inseption shows that they are working on content. Almost nothing in EQ1 was ever released free content wise. I'm supprised you are begging to have to pay more for content that, so far, blizzard has added for free.
You saying people see the shotgun bullets coming? There are lots of crowd control weapons. They are just working on a more effective, less lethal one. No-one's rights are getting trampled.
The problem is that professional exploiters use expendable accounts. They move the gold fast enough it doesn't get removed when the account does. And they are back the next day w/ a new account, ip address, and charge number. And the gold is still in the economy.
However, gold in WoW is designed to be consumed. Repairs, tradeskills, travel, mounts, etc. The game is designed to consume gold at a reasonable rate where Everquest initially was not. (Personally designing one of these games I would make it monitor the spent gold on the server and create a function that controlled the gold input based on server population and gold spent.)
It is not the way it works in Everquest however where they regularly removed duped items using their unique id's. Its also why people didn't buy items they thought might be duped. They weren't getting their money back for them.
A roll back is absolutely terrible. Even everquest never had a rollback, (minus a few server crashes). (The test server had all items wiped though from my understanding it was a political thing.) To actually willfully roll back that much work is terrible Customer Service. And it's what I expect. WoW has no customer service. Period. The way they treat their customers is the main reason I'll jump ship to Sigil's Valhalla:Saga of Heros when it comes out.
And why can't WoW do things like they did in Everquest? Every item in everquest was uniquely marked. That way when they wanted to find dupes they simply looked in the item tables for items with the same unique identifier. In Everquest they also monitored the transfer of larger amounts of gold. I don't see why these preventative steps couldn't be taken in WoW. Though I assume that it is because they didn't have the foresight to deal with something that wouldn't directly increase their capital. Vivaldi ruined blizzard. No question about it.
This is really a test of the Russian courts. I know many large foreign (to Russia) companies do not want to work in Russia as they fear frivilous lawsuits losing them money as Russian courts hand it to the locals simply because they enjoy profiting.
Should this case not receive the honest critic of its validity that it should get, I can see Russian courts becoming basically ignored on the world scale. Why bother defending yourself if you can't win? You might as well lose and just let them try to collect.
Slashdot Mirror
Pair this with the Sniper finder robot and the automated attack tower we have seen in the last couple days though and I wouldn't want to mess w/ something that returns fire automatically and w/o deviating from it's primary mission.
This is what? The 3rd ICBM convered to a SLV (Space Launch Vehicle) to die? There was the solar sail one. I think there was another. And now this one. I can't believe anyone will use them these days. Also hopefully people realize that missiles that leave the atmosphere are not something that just happens. Reguardless of how big and advanced your country is, it's still very hard.
I'd take all their money, send someone else, and fake the results.
Well, considering they are launching on Russian ICBMs to get rid of them, building new ones doesn't seem to make a whole lot of sense. Anyway, the design and testing of a new ICBM or SLV (Space Launch Vehicle) isn't worth the trouble to save the weight.
on the other hand of this, feel free to promise anything verbally to anyone that isn't above you. If you need to promise someone something to get things done, do it verbally. Then later come up with whatever excuse why you can't do it.
We have a contractor who when you ask "Is the grass green?" Replies "The sky's blue". And blue is generious. Many times it's purple, orange, neon or one of the infinite set of colors you know it is not. But the answer never has to do with the original question.
Go find the engineering department and get a grad student or a good undergrad EE and one in ME to design and build a clicker for you. Should be fairly cheap. Now the receiver is what is going to be interesting. It has to receive probably hundreds of signals in a very short time. Overall this would make a great senior project. Realistically solvable but still rather complex.
The quote is
The simple fact is this is not an apple product. It's a Motorola product that Motorola is paying Apple to put their name on. That would explain why it's ugly, poorly integrated, and crippled. My guess is Apple gets money for opening iTunes and for putting their name on it, but not much else.
A response to a RFP looks good if the people attached to it have certs.
Therefore, you are more sellable in a proposal and therefore more hirable if you have certs.
Additionally, some companies/government departments require certain certs for people doing certain jobs.
In reality we all know they meant the person went to a week-long class and passed the test at the end, but even this is sometimes impressive as it means 1: the person is willing to go get training, or to someone evaluating a contract 2: the company is willing to train people.
(I assume that a signature for an encoded payload could be used but that hopefully anyone who encoded their payload in their executable would also take the time to include a table to xor against unique for each exploit in which the payload was used so that the same payload could be used undetected with different exploits.)
With respect to the computer specifically, really it's a lot simpler than you think. What you need is to get it certified for classified processing. What this means is finding the person who will be doing the certification and ask them what they are going to check for. Then impliment that. As a contractor facility it should be DSS who does this. A good place to start is getting your hands on a copy of the DISA Gold Disk and a copy of the Minimal Security Activity Checklists (MSACs). I also recommend patching the computer as completely as possible. Also read up on the DoD 8500 series and DIACAP.
(Oh, and does anyone have a good site to find word lists and rule lists for john the ripper? I always have trouble finding a really good rule list.)
Tivo could easily start buying up cheap movies and old series for cheap and start offering them. By doing that and buying discontinued tv series they could start to build an on-demand catalogue that would justify non-cable people shelling out for a cheap tivo. I think once they had a sustainable group doing that they could start getting more current content.
if it's important, encrypt it. Reguardless of if this is FUD or not, we're all going to have to realize that man-in-the-middle attacks are becoming more practical.
Also, you can get the original lynn slides at http://cryptome.org/lynn-cisco.zip.
While there is obviously an issue in that drivers, (particularly automatically loadeded ones such as Firewire and USB), have not undergone the security scrutiny that network software has, this is most certainly a PR article. There isn't a link to a technical description of the problem anyway, but the second half of the article is dedicated to vendor solutions. This article was instigated by a PR firm, not by normal media services. I wish I was going to blackhad though. After SANS I could only get work to pay for DEFCON. Especially since they know what CISSP training will cost.
Isn't this the book that Blade Runner is based on?
And the fact that 2 large raid zones, DM and BWL, have been added since the games inseption shows that they are working on content. Almost nothing in EQ1 was ever released free content wise. I'm supprised you are begging to have to pay more for content that, so far, blizzard has added for free.
You saying people see the shotgun bullets coming? There are lots of crowd control weapons. They are just working on a more effective, less lethal one. No-one's rights are getting trampled.
However, gold in WoW is designed to be consumed. Repairs, tradeskills, travel, mounts, etc. The game is designed to consume gold at a reasonable rate where Everquest initially was not. (Personally designing one of these games I would make it monitor the spent gold on the server and create a function that controlled the gold input based on server population and gold spent.)
It is not the way it works in Everquest however where they regularly removed duped items using their unique id's. Its also why people didn't buy items they thought might be duped. They weren't getting their money back for them.
Vanguard: Saga of Heros. Sorry.
And why can't WoW do things like they did in Everquest? Every item in everquest was uniquely marked. That way when they wanted to find dupes they simply looked in the item tables for items with the same unique identifier. In Everquest they also monitored the transfer of larger amounts of gold. I don't see why these preventative steps couldn't be taken in WoW. Though I assume that it is because they didn't have the foresight to deal with something that wouldn't directly increase their capital. Vivaldi ruined blizzard. No question about it.
Should this case not receive the honest critic of its validity that it should get, I can see Russian courts becoming basically ignored on the world scale. Why bother defending yourself if you can't win? You might as well lose and just let them try to collect.