I agree that user data should be kept separate from OS. Unfortunately, windows and its registry and other technologies make this very hard to do. The OS itself isn't even portable between computers usually.
Being from a mac environment, I try to go this way whenever possible. My OS will boot any new mac I encounter (intel). My home folder has an Applications folder of its own where all my installed apps go. So my/Applications folder is strictly what comes with the OS. So I am fairly well self contained within my home folder. (I DO have to keep a list of apps to install when completely replacing my OS, because there are things that it installs in system folders like/Library) For that, Mac OS X comes with filevault.
But this is probably beyond the scope/issue of truecrypt.
Bug with OS X btw, your home folder's volume MUST be mounted before you login. At the login screen, other (non boot) volumes are not mounted, and you will not be able to login if your home folder is not accessible at login. I tried to put my home folder on another volume but ran into that problem as of 10.4. Clearly there's a little hack going on internally for network home folders.
Sheep will still be sheep even as you walk them up the ramp.
As much as I'd like to agree with you, I'd wager it's only slightly more difficult now against a standard crew and pasengers. Until death is certain, it stays very hard for people to volunteer to risk their lives. And even then you still won't get many volunteers.
All it really takes now is an "air marshall" on each flight, someone that looks like a business traveller, with a gun loaded with reasonably airplane-safe slugs, (or a tazer etc) to step up and deal with a boxcutter wielder. Really they should have had this before. It's just asking for problems to have an isolated environment like a jetliner without anyone to hold the criminals (/terrorists) in check. We used to have this problem with train robberies way back when too.
Even a properly equipped standard cop with a nightstick could have probably dealt with the situation on 9-11.
Re:Only works if it's default install
on
TrueCrypt 6.0 Released
·
· Score: 3, Interesting
Stop being an idiot and read up on it. You can *not* tell.
Don't offer advice you're unwilling to take.
Circumstances may make this very possible to identify. Allow me to provide an example and suggest some alternatives:
Lets say you have a 100gb hard drive, and have decided to break away 15gb of that for an alternate volume. Since the OS has to be on it, it can't be very small (300mb for example) as you could do normally with an obvious encrypted disk image document. TrueCrypt choses a place somewhere within the 100gb drive to place it. Lets say it's at the 60-75gb region.
The most plausible deniability for this would be to use the "trojan" 85gb of space for your everyday use, and only reboot into the hidden volume when you had "sensitive work" to do. This would provide many examples of consistent access to the trojan, lending it credibility as being used. If you (almost) always booted into the hidden volume, it would be an easy giveaway since files rarely got modified on the trojan, so this behavior is required.
Unfortunately, over time data is spread around on your hard drive. All current OS's move the next available block pointer forward on the drive as it's used. (space is not used on a "closest to start of volume first" basis beause that can be extremely inefficient and lead to severe fragmentation) So eventually disk usage will run into the hidden partition.
If you've provided your 2nd password, truecrypt will "hop" over the hidden partition to avoid damaging it. But that's the problem. If you continue to use your trojan partition, a simple look at used disk space will see a fairly even coverage mix of free and used blocks, except for one conspicuous, contiguous 15gb chunk of unused space, smack in the middle of the "only volume" on the disk. It could be very difficult to explain to someone analyzing your drive.
ya, right. Now lets have the SECOND password please. (points gun)
There are many ways to fix this problem which have not (as of yet) been implemented by truecrypt:
1) instead of mounting an entire new bootable volume, simply mount a small hidden disk image. That could be 300mb or so, enough for quite a few sensitive documents. A 300mb continuous hole in the free space could be a single AVI file that got deleted a month ago. Totally inconspicuous.
2) instead of reserving a contiguous block of 15gb, it could be cut up into many smaller random length parts. (as in, thousands of pieces of 20-200mb in size) In fact, BOTH the trojan and hidden volumes could occupy almost the exact same space except for their directory start. With both passwords provided, whether you booted into the trojan or hidden, it would consider the union of used blocks on both hidden and trojan partitions when looking for free space to allocate. This has many benefits, including breaking up suspicious free areas into small innocent pieces, and removing the restriction of the hidden partition's size. Without this, if you set aside 15gb and find you need a little more space, you'd have to reformat and it'd be a huge mess. Since both partitions "share" the free space until it's all used, by this technique you could slowly use up all 100gb of your hard drive in any combination of trojan/hidden volume you wanted to, making it much more convenient and future-proof.
Both (1) and (2) are still vulnerable to backup analysis, although (1) would be much more difficult and certain. If you can compare the free blocks between two distant states, say a year apart, you could determine with some certainly that there are more blocks that have remained marked unused over time than should be, so "something's preventing writing to these blocks", placing suspicion on the drive.
If you insist on continuing to use truecrypt, you'd be advised to make sure the hidden partition is near the end of the disk, and that you defragment used AND free space often, so that the scattering of newly allocated files never gets very close to your hidden partition. While inconv
from the article, "It just doesn't seem right to me that that can happen in America," Dunn said. "I thought the jury had the last say."
Juries are for deciding guilt, not sentencing. So for the decision of guilt, the jury did have the last say. He just bargained for a reduced sentence. And he may not even get that. He reduced "25 to life" to "15 to life". At the high end of both scales is "life". But before the deal, the minimum the judge could give him was 25 yrs. Now it's 15. Maybe he's hoping for a minimum sentence?
Great. Your whole post can be summarized as "DON'T DOO THATS!" without offering any counter solution.
Just because I don't have a better way to stop you from receiving junk mail, doesn't mean I'm going to stop telling you to quit shooting the mailman.
If you have a better way, speak it, or shut up!
If you can't find a good answer to your problem, and no one just hands you one, that doesn't justify proceeding with a known bad idea. And it's not the world's responsibility to provide you with all the good answers.
Each person consumes a minimum amount of energy to live
You cannot "consume" energy, you can only apply it to work, store it, or change its form. (following E=MC^2 all the while) If you're cold, it's much more convenient to light up a log than run in circles awhile. That's just withdrawing some of the stored energy. It moved to your body, and will eventually be radiated/conducted out to somewhere else, but it will never be consumed. Even if we set off an atomic bomb in the middle of the ocean, that energy was not "lost", it merely changed. It changed atomic bonds to form new structures, it released heat and radiation, it moved a lot of air and water. None of that energy was lost, it just changed form and became a lot harder for us to get our hands on and put to work.
People do use energy though, so I see where the renewable energy comment is going. The problem is people want to use readily-available energy to do their work, while investing the least amount of their own personal stored energy. That's why oil is so popular, because it's power-dense and convenient. (good margin of return) Same for burning wood.
Renewable energy doesn't necessarily fill the void. When you can expend say, 1 unit of energy to make available 10, (by say, refining oil) the return is a lot greater. If you can spent 1 unit of your energy (and resources etc) and get back 2, it still looks good on paper but nobody wants it because that means expending more of their energy to eventually get things done, and people are lazy by nature. Unfortunately, there is no renewable energy that is going to catch up with the rate of that being withdrawn from the "easy to get at" energy stored in the earth.
All that energy is being used very inefficiently. Only around 10% of the energy in many of our stored resources is actually applied to the work we want done. The rest is wasted doing things we don't need (or don't want) done. Take a brick of coal. Burn it to produce electricity. Use that electricity to run your air conditioner. All you've done is moved (heat) energy from one place to another, so you haven't done any work. What you have done is heated up the area outside your house a little from the compressor getting hot. So again the energy was not lost nor consumed, it just went somewhere you didn't need it to go, and can't make use of anymore. When you drive to the store and don't find what you want and return home, you and your car are back where they started, no net work was done, and all you've done is distribute some energy from your gas tank to other places.
So one way or another that energy the sun sends us stays here on earth. Some is radiated out into space of course, but a lot less than what lands here via sunlight. So we will never "run out of energy", in fact we will always have more than we did yesterday. The problem is we WILL run out of readily available stored energy. The farther we go down that road the harder our lives will become.
In awhile, we'll reach a point where renewable energy has a better yield than use of stored energy. We're like the bum kid living in our parents' basement. At some point we will have to move out and get a job and make a living on our own instead of relying on a free lunch. It won't be as cushy but it has to be done.
But then at some point after that we'll have what Back To The Future called a "Mr Fusion", that can extract energy from mater. (or more likely and practical, extract energy from very low margin sources, like your garbage can) Once we can do that, renewable energy will be an afterthought because it won't be useful - we will be able to make use of all the energy that we've simply stored in a different form and been thus far unable to utilize because of its relatively low margin. It'll be a different world then. Oil fields will be replaced with old landfills. I don't know if I'll live to see it, but it WILL HAPPEN. So even renewable energy isn't "the answer", it's just a good before-dinner snack that we aren't hungry enough to eat just yet.
Our machines were named based on themes, and that's the WORST idea on the planet. If you are going to give things names, things that need to be immediately recognized for what they are. If you have too many to give them logical names, then name them as radically different as possible so you can tell them apart in a heartbeat. The whole point of naming them is to avoid confusion, or we'd just number them wouldn't we?
Name them Orange, Peanut, Chrysler, Diamond, and Dolphin. Pick names that are not easily confused. Stay away from names that identify people or places, to avoid other communications issues. "Tom has that" should not leave you wondering if Tom is a server you don't usually work with, or is someone named Tom. Same for "Where's that database? Detroit?"
I have to deal with one group of servers that are all named by Star Trek (TNG) ship names. And at another location they are all weather phenomena. BAD IDEA. I don't deal with the trek machines much and they just can't understand why I can't remember the difference between Enterprise and Intrepid. Sure if you deal with them daily you'll get the hang of it, but picking similar names is a nightmare for anyone unfamiliar with the system. If we only had one space ship for a server I could associate that uniqueness with its purpose. But no, I'm thinking "OK the firewall runs on the spaceship... oh ya that's right we have SEVEN of those... was it DS9 because it's a station? Maybe Defiant because it's defying the hackers? OK where'd that list go?"
NO THEMES
And if you're tempted to use a different theme for each location, just DON'T. What's more important to you, being able to tell what a machine does, or knowing where it's at? If you do theme by location, all you're going to clarify is where it's at.
Nixon was in no hurry to get us out of the war though, that's the difference. He was taking advantage of the situation, prolonging it for his own benefit.
The best response in this aspect seems to be a little of what is so irritating in windows, the barrage of popups. This is probably one of the most sensible bitter pills in windows. OK if the software manufacturers are going to be completely retarded or write malware, we are going to harass the user continually as long as the software is running. Since we cannot make them change, and only the consumer's dollar is going to help.
Sucks to be us, but that's what it takes to make developers clean up their act. Give them the choice to do it right or turn their software into something totally obnoxious.
Lets say windows had a way to detect the root kit. Code it in. Make a popup come up every 5 minutes that the rootkit was detected. Cannot be disabled. (period) First thing the developers would do is mod it to hide better. A small war starts. Microsoft being the OS author, WILL win that war eventually. And the enraged customers will force them to remove the rootkit. (all the while the devs are blaming MS of course) Such is life. I wish they'd do that. It'd be messy, but effective.
There are other fun responses to someone rootkitting your os. Make intelligent, targeted updates, that do something like wreck the registration scheme of the rootkitter. Do something that forces the customer to call the vendor for help. Make it such a sever PITA to the developer that they stop doing it.
Or simply target the error message. Imagine this popup once an hour: "Windows has detected the installation of ROOTKIT_SUPERSHOOTER3v4. This software has damaged your Windows installation and compromised the security of your computer and your personal information. Please contact the software vendor SuperCoders (link/phone number) for assistance in repairing your Windows installation, or perform an erase and install to repair the damage." That would rock.
This made it very difficult from a purely technical standpoint to distinguish them."
Sounds like a difference between what they do and how they do it.
I prefer to limit both, rather than one or the other. If all you limit is what they do, you wind up with invasive root kits in games. If you limit how they do it, then you end up with malware that simply finds another way to do more evil.
He has lived up to his role (nigh duty) and provided the checks and balances that keep the government as a whole in check.
But at the same time works nonstop to modify/enhance/cripple the laws to grow his authority? This is how the system of checks and balances becomes broken, when one branch has excessive influence on another branch that is supposed to hold it in check. When the executive branch works to grant immunity and enact 'special circumstances' circumvention of laws, it becomes a laughable form of "limitation of powers".
Lets face it, the Executive Branch has made a puppet out of the Judicial Branch lately.
Reminds me of Nixon, "I am not a crook!", yes I broke the law but the laws don't apply to The President.
The Bush Administration argues that Congress's vote to authorize military force against Al Qaeda and the president's inherent war time powers were exceptions to the exclusivity provision.
So maybe this is why the "war" keeps dragging on and on? As long as we have a war going, he thinks he can do anything he wants? (and is often the case)
We had a "war" going on with Nixon in the house too. I see a pattern developing.
"cluttered" was exactly what I was thinking when I saw that picture. They're packed in there like sardines. Stuff's everywhere. Looks like it's hard to turn around and walk 2 feet without running into something or someone. It must take a lot of planning trying to move anything around in there, imagine someone trying to get a ladder to the middle of that room!
There's making good use of space and then there's overusing space. That room has long since crossed the line. Don't get me wrong, I wish them luck, but unless they have some genius coordination and organization skills from everyone that works there, that's gotta cause problems.
I'd hope it gets better when they have it more completed, since basically it's all torn apart right now so it's bound to take up more space. So here's hoping this the low point, as bad as it gets.
A lot of what you're looking for is in there but you do have to turn it on. That's for government level security.
I used to have a copy of the official steps taken to harden a mac for government use (over 200 page PDF!) but I'm having problems finding it. It wasn't something I found by looking, it was something I stumbled on, so I'm not so sure they are making it easy to find.
"Security Configuration Guide" is the magic passphrase. And a breathtaking 240 pages at that for Leopard. So if you're serious about hardening, there you go, have at it. I'd bet after reading even a quarter of that, your home folder encryption is going to be really low on your list of things to do. But that guide covers it ALL.
I have yet to encounter a more thorough or comprehensive guide on system hardening for any of the "general public" operating systems.
speaking of judges, it's a bit surprising we haven't seen any group take a politician to court over their sudden reversal of vote after receiving a large contribution. (bribe)
That it was returned, and not simply disposed of, indicates the thieves felt they were as good as caught. Otherwise why risk returning it which would seal the case. Voluntarily returning something you've stolen is an act of desperation.
talk to the police chief in the town, talk with the local sheriff. If you can't get satisfaction, talk with the local newspaper. Also try the county judge, they may give you some insight on how to motivate the law on that area.
Be sure to keep meticulous records on IP addresses, dates, times, etc. Find out what ISP they are using and contact them. They will very likely tell you they cannot give YOU information, but they probably will give this information to the police/sheriff. Make sure that happens before their records are rotated and wiped. It may be necessary for them to fax the ISP a request or get it in writing, again make sure this process moves forward, keep tabs on progress and that it doesn't be come a "we didn't have time to bother".
There are other creative ideas you could employ. Put a script on the laptop that emails the county judge once an hour saying "hello from stolen laptop located in your district. Just a reminder for you that your law enforcement has yet to recover this identified stolen property after having been notified of its location." Be sure it CCs the local sheriff/police chief. If you know the mayor or governor's email address, that makes a good CC also.
If they ask you to stop the emails, refuse. Sorry that laptop's been stolen. Maybe you should go get it for me and I'll turn off the script?
how they will visually identify the stolen property, call it in, and then leave and expect it to just stay there until they get back with more badges.
I've read about this scenario repeatedly, though this is the first time I've heard of it being voluntarily returned later. Being that stupid about it they didn't deserve to get it back.
Putting on the "wild speculation" hat, I'd say that since they were obviously tipped off, that it was likely whoever was sent out to identify the item was told to leave by his commanding officer, who then tipped them off "we're coming back in 30 minutes and it better not be there when we return". Gotta love how things like that work in rural towns. Any competent law enforcement would have left the stolen property under observation until the badges showed up.
Us geeks know how to set up the router and machines so we don't (usually) get hacked, but grandmas who are only interested in email are unlikely to have this expertise
While the "geeks" are configuring their firewalls, grandma laughs and buys a mac and watches you try to avoid getting pwned.
Slashdot Mirror
I agree that user data should be kept separate from OS. Unfortunately, windows and its registry and other technologies make this very hard to do. The OS itself isn't even portable between computers usually.
Being from a mac environment, I try to go this way whenever possible. My OS will boot any new mac I encounter (intel). My home folder has an Applications folder of its own where all my installed apps go. So my /Applications folder is strictly what comes with the OS. So I am fairly well self contained within my home folder. (I DO have to keep a list of apps to install when completely replacing my OS, because there are things that it installs in system folders like /Library) For that, Mac OS X comes with filevault.
But this is probably beyond the scope/issue of truecrypt.
Bug with OS X btw, your home folder's volume MUST be mounted before you login. At the login screen, other (non boot) volumes are not mounted, and you will not be able to login if your home folder is not accessible at login. I tried to put my home folder on another volume but ran into that problem as of 10.4. Clearly there's a little hack going on internally for network home folders.
Sheep will still be sheep even as you walk them up the ramp.
As much as I'd like to agree with you, I'd wager it's only slightly more difficult now against a standard crew and pasengers. Until death is certain, it stays very hard for people to volunteer to risk their lives. And even then you still won't get many volunteers.
All it really takes now is an "air marshall" on each flight, someone that looks like a business traveller, with a gun loaded with reasonably airplane-safe slugs, (or a tazer etc) to step up and deal with a boxcutter wielder. Really they should have had this before. It's just asking for problems to have an isolated environment like a jetliner without anyone to hold the criminals (/terrorists) in check. We used to have this problem with train robberies way back when too.
Even a properly equipped standard cop with a nightstick could have probably dealt with the situation on 9-11.
Stop being an idiot and read up on it. You can *not* tell.
Don't offer advice you're unwilling to take.
Circumstances may make this very possible to identify. Allow me to provide an example and suggest some alternatives:
Lets say you have a 100gb hard drive, and have decided to break away 15gb of that for an alternate volume. Since the OS has to be on it, it can't be very small (300mb for example) as you could do normally with an obvious encrypted disk image document. TrueCrypt choses a place somewhere within the 100gb drive to place it. Lets say it's at the 60-75gb region.
The most plausible deniability for this would be to use the "trojan" 85gb of space for your everyday use, and only reboot into the hidden volume when you had "sensitive work" to do. This would provide many examples of consistent access to the trojan, lending it credibility as being used. If you (almost) always booted into the hidden volume, it would be an easy giveaway since files rarely got modified on the trojan, so this behavior is required.
Unfortunately, over time data is spread around on your hard drive. All current OS's move the next available block pointer forward on the drive as it's used. (space is not used on a "closest to start of volume first" basis beause that can be extremely inefficient and lead to severe fragmentation) So eventually disk usage will run into the hidden partition.
If you've provided your 2nd password, truecrypt will "hop" over the hidden partition to avoid damaging it. But that's the problem. If you continue to use your trojan partition, a simple look at used disk space will see a fairly even coverage mix of free and used blocks, except for one conspicuous, contiguous 15gb chunk of unused space, smack in the middle of the "only volume" on the disk. It could be very difficult to explain to someone analyzing your drive.
ya, right. Now lets have the SECOND password please. (points gun)
There are many ways to fix this problem which have not (as of yet) been implemented by truecrypt:
1) instead of mounting an entire new bootable volume, simply mount a small hidden disk image. That could be 300mb or so, enough for quite a few sensitive documents. A 300mb continuous hole in the free space could be a single AVI file that got deleted a month ago. Totally inconspicuous.
2) instead of reserving a contiguous block of 15gb, it could be cut up into many smaller random length parts. (as in, thousands of pieces of 20-200mb in size) In fact, BOTH the trojan and hidden volumes could occupy almost the exact same space except for their directory start. With both passwords provided, whether you booted into the trojan or hidden, it would consider the union of used blocks on both hidden and trojan partitions when looking for free space to allocate. This has many benefits, including breaking up suspicious free areas into small innocent pieces, and removing the restriction of the hidden partition's size. Without this, if you set aside 15gb and find you need a little more space, you'd have to reformat and it'd be a huge mess. Since both partitions "share" the free space until it's all used, by this technique you could slowly use up all 100gb of your hard drive in any combination of trojan/hidden volume you wanted to, making it much more convenient and future-proof.
Both (1) and (2) are still vulnerable to backup analysis, although (1) would be much more difficult and certain. If you can compare the free blocks between two distant states, say a year apart, you could determine with some certainly that there are more blocks that have remained marked unused over time than should be, so "something's preventing writing to these blocks", placing suspicion on the drive.
If you insist on continuing to use truecrypt, you'd be advised to make sure the hidden partition is near the end of the disk, and that you defragment used AND free space often, so that the scattering of newly allocated files never gets very close to your hidden partition. While inconv
from the article, "It just doesn't seem right to me that that can happen in America," Dunn said. "I thought the jury had the last say."
Juries are for deciding guilt, not sentencing. So for the decision of guilt, the jury did have the last say. He just bargained for a reduced sentence. And he may not even get that. He reduced "25 to life" to "15 to life". At the high end of both scales is "life". But before the deal, the minimum the judge could give him was 25 yrs. Now it's 15. Maybe he's hoping for a minimum sentence?
Great. Your whole post can be summarized as "DON'T DOO THATS!" without offering any counter solution.
Just because I don't have a better way to stop you from receiving junk mail, doesn't mean I'm going to stop telling you to quit shooting the mailman.
If you have a better way, speak it, or shut up!
If you can't find a good answer to your problem, and no one just hands you one, that doesn't justify proceeding with a known bad idea. And it's not the world's responsibility to provide you with all the good answers.
Each person consumes a minimum amount of energy to live
You cannot "consume" energy, you can only apply it to work, store it, or change its form. (following E=MC^2 all the while) If you're cold, it's much more convenient to light up a log than run in circles awhile. That's just withdrawing some of the stored energy. It moved to your body, and will eventually be radiated/conducted out to somewhere else, but it will never be consumed. Even if we set off an atomic bomb in the middle of the ocean, that energy was not "lost", it merely changed. It changed atomic bonds to form new structures, it released heat and radiation, it moved a lot of air and water. None of that energy was lost, it just changed form and became a lot harder for us to get our hands on and put to work.
People do use energy though, so I see where the renewable energy comment is going. The problem is people want to use readily-available energy to do their work, while investing the least amount of their own personal stored energy. That's why oil is so popular, because it's power-dense and convenient. (good margin of return) Same for burning wood.
Renewable energy doesn't necessarily fill the void. When you can expend say, 1 unit of energy to make available 10, (by say, refining oil) the return is a lot greater. If you can spent 1 unit of your energy (and resources etc) and get back 2, it still looks good on paper but nobody wants it because that means expending more of their energy to eventually get things done, and people are lazy by nature. Unfortunately, there is no renewable energy that is going to catch up with the rate of that being withdrawn from the "easy to get at" energy stored in the earth.
All that energy is being used very inefficiently. Only around 10% of the energy in many of our stored resources is actually applied to the work we want done. The rest is wasted doing things we don't need (or don't want) done. Take a brick of coal. Burn it to produce electricity. Use that electricity to run your air conditioner. All you've done is moved (heat) energy from one place to another, so you haven't done any work. What you have done is heated up the area outside your house a little from the compressor getting hot. So again the energy was not lost nor consumed, it just went somewhere you didn't need it to go, and can't make use of anymore. When you drive to the store and don't find what you want and return home, you and your car are back where they started, no net work was done, and all you've done is distribute some energy from your gas tank to other places.
So one way or another that energy the sun sends us stays here on earth. Some is radiated out into space of course, but a lot less than what lands here via sunlight. So we will never "run out of energy", in fact we will always have more than we did yesterday. The problem is we WILL run out of readily available stored energy. The farther we go down that road the harder our lives will become.
In awhile, we'll reach a point where renewable energy has a better yield than use of stored energy. We're like the bum kid living in our parents' basement. At some point we will have to move out and get a job and make a living on our own instead of relying on a free lunch. It won't be as cushy but it has to be done.
But then at some point after that we'll have what Back To The Future called a "Mr Fusion", that can extract energy from mater. (or more likely and practical, extract energy from very low margin sources, like your garbage can) Once we can do that, renewable energy will be an afterthought because it won't be useful - we will be able to make use of all the energy that we've simply stored in a different form and been thus far unable to utilize because of its relatively low margin. It'll be a different world then. Oil fields will be replaced with old landfills. I don't know if I'll live to see it, but it WILL HAPPEN. So even renewable energy isn't "the answer", it's just a good before-dinner snack that we aren't hungry enough to eat just yet.
I think I'd prefer of 7 of 9 as more of a HID.
We used to use theme-based naming schemes
oh god please no.
Our machines were named based on themes, and that's the WORST idea on the planet. If you are going to give things names, things that need to be immediately recognized for what they are. If you have too many to give them logical names, then name them as radically different as possible so you can tell them apart in a heartbeat. The whole point of naming them is to avoid confusion, or we'd just number them wouldn't we?
Name them Orange, Peanut, Chrysler, Diamond, and Dolphin. Pick names that are not easily confused. Stay away from names that identify people or places, to avoid other communications issues. "Tom has that" should not leave you wondering if Tom is a server you don't usually work with, or is someone named Tom. Same for "Where's that database? Detroit?"
I have to deal with one group of servers that are all named by Star Trek (TNG) ship names. And at another location they are all weather phenomena. BAD IDEA. I don't deal with the trek machines much and they just can't understand why I can't remember the difference between Enterprise and Intrepid. Sure if you deal with them daily you'll get the hang of it, but picking similar names is a nightmare for anyone unfamiliar with the system. If we only had one space ship for a server I could associate that uniqueness with its purpose. But no, I'm thinking "OK the firewall runs on the spaceship... oh ya that's right we have SEVEN of those... was it DS9 because it's a station? Maybe Defiant because it's defying the hackers? OK where'd that list go?"
NO THEMES
And if you're tempted to use a different theme for each location, just DON'T. What's more important to you, being able to tell what a machine does, or knowing where it's at? If you do theme by location, all you're going to clarify is where it's at.
Nixon was in no hurry to get us out of the war though, that's the difference. He was taking advantage of the situation, prolonging it for his own benefit.
The best response in this aspect seems to be a little of what is so irritating in windows, the barrage of popups. This is probably one of the most sensible bitter pills in windows. OK if the software manufacturers are going to be completely retarded or write malware, we are going to harass the user continually as long as the software is running. Since we cannot make them change, and only the consumer's dollar is going to help.
Sucks to be us, but that's what it takes to make developers clean up their act. Give them the choice to do it right or turn their software into something totally obnoxious.
Lets say windows had a way to detect the root kit. Code it in. Make a popup come up every 5 minutes that the rootkit was detected. Cannot be disabled. (period) First thing the developers would do is mod it to hide better. A small war starts. Microsoft being the OS author, WILL win that war eventually. And the enraged customers will force them to remove the rootkit. (all the while the devs are blaming MS of course) Such is life. I wish they'd do that. It'd be messy, but effective.
There are other fun responses to someone rootkitting your os. Make intelligent, targeted updates, that do something like wreck the registration scheme of the rootkitter. Do something that forces the customer to call the vendor for help. Make it such a sever PITA to the developer that they stop doing it.
Or simply target the error message. Imagine this popup once an hour: "Windows has detected the installation of ROOTKIT_SUPERSHOOTER3v4. This software has damaged your Windows installation and compromised the security of your computer and your personal information. Please contact the software vendor SuperCoders (link/phone number) for assistance in repairing your Windows installation, or perform an erase and install to repair the damage." That would rock.
This made it very difficult from a purely technical standpoint to distinguish them."
Sounds like a difference between what they do and how they do it.
I prefer to limit both, rather than one or the other. If all you limit is what they do, you wind up with invasive root kits in games. If you limit how they do it, then you end up with malware that simply finds another way to do more evil.
Just one or the other is pointless.
He has lived up to his role (nigh duty) and provided the checks and balances that keep the government as a whole in check.
But at the same time works nonstop to modify/enhance/cripple the laws to grow his authority? This is how the system of checks and balances becomes broken, when one branch has excessive influence on another branch that is supposed to hold it in check. When the executive branch works to grant immunity and enact 'special circumstances' circumvention of laws, it becomes a laughable form of "limitation of powers".
Lets face it, the Executive Branch has made a puppet out of the Judicial Branch lately.
Reminds me of Nixon, "I am not a crook!", yes I broke the law but the laws don't apply to The President.
The Bush Administration argues that Congress's vote to authorize military force against Al Qaeda and the president's inherent war time powers were exceptions to the exclusivity provision.
So maybe this is why the "war" keeps dragging on and on? As long as we have a war going, he thinks he can do anything he wants? (and is often the case)
We had a "war" going on with Nixon in the house too. I see a pattern developing.
"cluttered" was exactly what I was thinking when I saw that picture. They're packed in there like sardines. Stuff's everywhere. Looks like it's hard to turn around and walk 2 feet without running into something or someone. It must take a lot of planning trying to move anything around in there, imagine someone trying to get a ladder to the middle of that room!
There's making good use of space and then there's overusing space. That room has long since crossed the line. Don't get me wrong, I wish them luck, but unless they have some genius coordination and organization skills from everyone that works there, that's gotta cause problems.
I'd hope it gets better when they have it more completed, since basically it's all torn apart right now so it's bound to take up more space. So here's hoping this the low point, as bad as it gets.
A lot of what you're looking for is in there but you do have to turn it on. That's for government level security.
I used to have a copy of the official steps taken to harden a mac for government use (over 200 page PDF!) but I'm having problems finding it. It wasn't something I found by looking, it was something I stumbled on, so I'm not so sure they are making it easy to find.
"Security Configuration Guide" is the magic passphrase. And a breathtaking 240 pages at that for Leopard. So if you're serious about hardening, there you go, have at it. I'd bet after reading even a quarter of that, your home folder encryption is going to be really low on your list of things to do. But that guide covers it ALL.
I have yet to encounter a more thorough or comprehensive guide on system hardening for any of the "general public" operating systems.
speaking of judges, it's a bit surprising we haven't seen any group take a politician to court over their sudden reversal of vote after receiving a large contribution. (bribe)
oh so you want me to read that thing before I sign it? Isn't that a little extreme?
That it was returned, and not simply disposed of, indicates the thieves felt they were as good as caught. Otherwise why risk returning it which would seal the case. Voluntarily returning something you've stolen is an act of desperation.
talk to the police chief in the town, talk with the local sheriff. If you can't get satisfaction, talk with the local newspaper. Also try the county judge, they may give you some insight on how to motivate the law on that area.
Be sure to keep meticulous records on IP addresses, dates, times, etc. Find out what ISP they are using and contact them. They will very likely tell you they cannot give YOU information, but they probably will give this information to the police/sheriff. Make sure that happens before their records are rotated and wiped. It may be necessary for them to fax the ISP a request or get it in writing, again make sure this process moves forward, keep tabs on progress and that it doesn't be come a "we didn't have time to bother".
There are other creative ideas you could employ. Put a script on the laptop that emails the county judge once an hour saying "hello from stolen laptop located in your district. Just a reminder for you that your law enforcement has yet to recover this identified stolen property after having been notified of its location." Be sure it CCs the local sheriff/police chief. If you know the mayor or governor's email address, that makes a good CC also.
If they ask you to stop the emails, refuse. Sorry that laptop's been stolen. Maybe you should go get it for me and I'll turn off the script?
how they will visually identify the stolen property, call it in, and then leave and expect it to just stay there until they get back with more badges.
I've read about this scenario repeatedly, though this is the first time I've heard of it being voluntarily returned later. Being that stupid about it they didn't deserve to get it back.
Putting on the "wild speculation" hat, I'd say that since they were obviously tipped off, that it was likely whoever was sent out to identify the item was told to leave by his commanding officer, who then tipped them off "we're coming back in 30 minutes and it better not be there when we return". Gotta love how things like that work in rural towns. Any competent law enforcement would have left the stolen property under observation until the badges showed up.
if you pick a seat next to an emergency exit, the seat in front of you will not recline.
what is the mechanics that cause gravity to produce wobble?
I can't imagine anyone checking a laptop. Carry on definitely the way to go. Watch a movie while you're at it.
and filevault is free, bundled, and only a button click away.
Us geeks know how to set up the router and machines so we don't (usually) get hacked, but grandmas who are only interested in email are unlikely to have this expertise
While the "geeks" are configuring their firewalls, grandma laughs and buys a mac and watches you try to avoid getting pwned.