I've been away for a while. I'll be honest...I left. I needed a break after/. started going down-hill. I picked a heck of a time to come back. This is neither "news for nerds" nor "stuff that matters". This is a pathetic ad placement that is obviously a revenue generator for/.'s parent company. In going back over a great many historical articles, I see nothing better. I'm done. I wish/. provided a means to delete an account so I could disassociate completely.
I'm a complete idiot with this sort of thing, but why did they orbit so far away (9k miles)? It surely can't have that great of a gravitational pull, can it? Why not get as close as is prudent (or is 9k miles the prudence limit)? It seems like the closer the better for studying the thing.
I think there are many good, valid approaches to home security, but let me give you mine. It has worked well. I went through the process about 5 years ago of trying to decide how to secure my home. I had a vested interest in something that really made a difference as I was deploying (military Reservist being sent over seas for a year) and leaving my wife and two kids behind. I looked at all the options including commercial, etc. We had good neighbors (this makes a HUGE difference) who helped look out for the place, as well. I ended up doing two things. First, a dog. A very big, very friendly dog. The kids could have bit his ear off and he'd of just rolled his eyes. Stranger comes to the door and he goes all Jekyll and Hyde. Second, IP cameras. Lots of them. The cameras covered inside and outside. I ran the whole show with EvoCam (from Evological) on a Mac. No, it's not open source, but it is only $25 and it's absolutely awesome software that includes customizable motion sensing (with exclusions), triggers, alerts, uploads, recording, remote view, etc. By doing this, I gave my wife the ability to secure the house while she was home using one template, while using another when she was gone. Her big concern was coming home to an empty house at night. Problem solved. She would receive alerts on her phone (with snapshots) if there was so much as a car that turned around in the driveway (or a the neighborhood fox ran through the yard). She even got to where she used it to figure out how the dog was getting into the pantry. The camera/software setup really took the place of a commercial alarm system and aside from the initial cost (Axis cameras aren't cheap, but they're very high quality) it was a very reasonably priced solution.
For the most part, they (not just China, but most countries that try to control content) go after low hanging fruit. There are indeed a couple of ME countries that employ high-end Narus filters which, if managed and updated near real time, could pretty well block any means of bypass. The reality of implementation however is that it's just not worth the time investment. Typically with a bit of tweakery one can manage to use SSH, OpenVPN, an SSL proxy or some other form of obfuscation to circumvent the filters.
Several options: Setup an SSL proxy on 443. Setup sshd running on a non-standard port. Setup OpenVPN listening on 443. Blah blah blah. I've used all three of these when traveling to countries that heavily filter the 'tubes and met with little issue. I even run VoIP/VTC over them without issue.
"I don't know if they can't make up their mind or what the problem is over there," Ballmer said in an onstage question-and-answer session following his speech at the company's Worldwide Partner Conference in New Orleans. "The last time I checked you don't need two client operating systems." Okay, opinion noted. Now for the whole pot/kettle thing: KinOS, Windows Mobile/Phone 6.5/7, Windows Embedded Handheld...need I say more? Ballmer wants to criticize Google for having Android and Chrome?! Seriously? That's like Google criticizing MS for having a desktop and a mobile/phone operating system. Microsoft will have 3 concurrent phone platforms, a number of 'mobile' device platforms, desktop, server and so on. Variety is the spice of life and all, but if you want developers to build apps for your crap, you may want to keep things streamlined.
then you owe them when you leave (maybe). Since I wouldn't want to work for a company that is as stingy as you describe, I'd be looking to get my cert and use it to find a better job. That being the case, I'd gladly pay for it myself, and thank them for 'forcing' me to better myself/leave.
Not everyone (including me) understands what the benefit to consumers will be when less than 25nm production is possible. Does that mean 1TB flash memory cards for my camera? Same sizes as now but cheaper? What? Just an additional sentence giving a "once possible, this will mean blah blah blah blah blah". Simple as that. Of course, with an 'article' (actually just PC Mag parroting a Thoshiba presser...for pay I'd imagine) as crappy as the one linked to in the headline, I don't know that it really matters.
Working in the industry and hiring new Cyber talent on a weekly basis, I'd say that the author's aren't looking in the right place. We find the best, most talented folks are coming out of the military. These ladies and gentlemen are very disciplined, highly trained and have real (very real) experience not only within the ranks of military cyber operations, but most also have a good deal of experience in the intelligence community. They all have a great deal of experience (and preference) with open source tools, but understand the proper application and integration of COTS products as well. Anyway, my two cents.
From a purely technological point of view, I could see this working IF you had a profile pre-built. That is to say, if you had established a baseline of a particular persons typing habits (tempo, speed, accuracy, common mistakes, pause patterns, etc.) then I think it would be relatively easy to identify/track them in the future. I realize that this isn't really what the OP is talking about, but I think this is the closest to reality as one could get. I've seen authentication tools that combine the password you've entered with the 'way' in which you enter it, doing essentially just that. Anyway, determining a persons proclivities based solely on the way they type is, well, stupid.
I am over Cyber Security for a 36k seat enterprise. We've had no infections...period (and yes, we do have monitoring in place to catch behavioral anomalies that indicate zero-day, etc.). Here are the "must do's":
1. Block social networking sites. Need convincing? Here. http://google.com/safebrowsing/diagnostic?site=facebook.com/ or http://google.com/safebrowsing/diagnostic?site=myspace.com/ or http://google.com/safebrowsing/diagnostic?site=twitter.com/
2. Block porn sites. All of them. Use keywords, IP/FQDN blacklists, adaptive/reputation blocking (Trusted Source type technology)
3. Use a managed AV/AM/HIPS solution such as McAfee ePO/AVE/HIPS/etc. if you can afford it. A good HIPS that does both network and application blocking is essential.
4. Exhaustively scan e-mail for content, attachments and (most of all) embedded URLs.
5. Finally, have a good dashboard. We rolled our own using Cacti, Nagios, Drupal and some simple Java, CSS and PHP. You need to be able to visualize things in as close to real time as is possible. Once you've established 'normal', you can spot 'abnormal' visually long before many automated analysis engines will alert you. This allows you to catch the things that may otherwise slip through the cracks.
This doesn't have to be expensive (well, except for #3, it's expensive). You can scale a Linux based solution with entirely open source tools large enough to cover thousands of concurent users.
I was waiting with baited breath to see what Apple was going to deliver. What a letdown. I typically love what Apple puts out there. I was fully expecting something I could load up with whatever open source software I wanted. Something I could do video iChat on. Etc. After the big release thing I ordered an ASUS Eee PC T91MT. 9" multi-touch screen (yeah, Windows 7, but hey...), 3-5hr. battery life, load whatever software I want, built-in web cam for VTC, not one, but TWO SDHC slots, blah blah blah. Oh, and a real keyboard. I dunno...for my money, the ASUS seems like a much better buy.
No kidding. What a piece of crap. No front facing camera (for iChat). No internal GPS (seriously?!?!). No flash (which means no free TV via Hulu...you gotta buy it from iTunes. No phone (and I'm guessing no VoIP apps for the foreseeable future). More expensive that the highest end of Netbooks (which it is essentially one of sans a useful keyboard). I could so have gone for an Apple tablet done right. Not so in this case. HIGHLY disappointed.
If it's a full blown computer and has iChat (with built in front facing camera for video chat) then I'm in for up to $600. If it comes out of the box hamstrung with iPhone OS Appstore only apps...forget it. It wouldn't pay $300 for it. I'd love a tablet and there are a million uses I can think of for it, but if I can't go to Sourceforge and download my favorite OS X apps to run on it, it's no more useful than an iPod Touch. Regardless of any of this, if the $1,000 unsub price I've seen thrown around is accurate, there's no way on Earth I'll buy it. A tablet is less useful than a notebook (Macbook). I'm certainly not going to pay more for it.
I concur with much of what you've stated. I've been a contractor for the past 15 of my 22 years in IT. I love it! Being an employee, not so much. As a contractor, I get to get out there and build a name for myself. I have a reputation that I am in control of. When you work for a particular company your reputation is only as good as the recommendation they'll give you when you live (which is often none, no matter how happy they were with you). The experience you gain, the improved quality of life, the variety of people you work with and the networking opportunities are priceless. I hope never to leave the contracting world.
What Verizon (Comcast, and others) are going to learn the hard way is the liability that comes along with this. IANAL, but, from experience I understand that if you specifically say something is prohibited, but then do not enforce prohibition of it and someone causes harm to another where it would have been precluded had you enforced the prohibition of said activity, guess who's liable.:)
Nominations for the prize were due 12 days after he took office. What exactly did he do in those 12 days (or prior) to earn this? Make promises? Shoot, I promise to cure cancer, aids and MS. Where's my prize? Don't get me wrong, I'm not anti-Obama, though I certainly think this is a farce.
Seriously?! You're going to give "the Government" a pass on this? Considering "the Government" spent several of the $15 million allocated to S. 2590 on this bloody web-site and gave this money to an outside consultant to build it, it ought to be damn perfect. It's not as though a bunch of noob's from the Obama administration sat down and hammered out this website out of the kindness of their hearts. This cost you and I a great deal of money. Something as out-front and key as this chart should have at least passed a sniff test before being published. Obviously no one gave this thing so much as a serious glance before publishing it to the site.
Slashdot Mirror
I've been away for a while. I'll be honest...I left. I needed a break after /. started going down-hill. I picked a heck of a time to come back. This is neither "news for nerds" nor "stuff that matters". This is a pathetic ad placement that is obviously a revenue generator for /.'s parent company. In going back over a great many historical articles, I see nothing better. I'm done. I wish /. provided a means to delete an account so I could disassociate completely.
I'm a complete idiot with this sort of thing, but why did they orbit so far away (9k miles)? It surely can't have that great of a gravitational pull, can it? Why not get as close as is prudent (or is 9k miles the prudence limit)? It seems like the closer the better for studying the thing.
Pack your bags...you've won an all expense paid trip to re-education camp!
http://www.a3bs.com/sun-runner-stirling-engine-u49325,1_p_83_111_868_0_10765.html
I think there are many good, valid approaches to home security, but let me give you mine. It has worked well. I went through the process about 5 years ago of trying to decide how to secure my home. I had a vested interest in something that really made a difference as I was deploying (military Reservist being sent over seas for a year) and leaving my wife and two kids behind. I looked at all the options including commercial, etc. We had good neighbors (this makes a HUGE difference) who helped look out for the place, as well. I ended up doing two things. First, a dog. A very big, very friendly dog. The kids could have bit his ear off and he'd of just rolled his eyes. Stranger comes to the door and he goes all Jekyll and Hyde. Second, IP cameras. Lots of them. The cameras covered inside and outside. I ran the whole show with EvoCam (from Evological) on a Mac. No, it's not open source, but it is only $25 and it's absolutely awesome software that includes customizable motion sensing (with exclusions), triggers, alerts, uploads, recording, remote view, etc. By doing this, I gave my wife the ability to secure the house while she was home using one template, while using another when she was gone. Her big concern was coming home to an empty house at night. Problem solved. She would receive alerts on her phone (with snapshots) if there was so much as a car that turned around in the driveway (or a the neighborhood fox ran through the yard). She even got to where she used it to figure out how the dog was getting into the pantry. The camera/software setup really took the place of a commercial alarm system and aside from the initial cost (Axis cameras aren't cheap, but they're very high quality) it was a very reasonably priced solution.
For the most part, they (not just China, but most countries that try to control content) go after low hanging fruit. There are indeed a couple of ME countries that employ high-end Narus filters which, if managed and updated near real time, could pretty well block any means of bypass. The reality of implementation however is that it's just not worth the time investment. Typically with a bit of tweakery one can manage to use SSH, OpenVPN, an SSL proxy or some other form of obfuscation to circumvent the filters.
Several options: Setup an SSL proxy on 443. Setup sshd running on a non-standard port. Setup OpenVPN listening on 443. Blah blah blah. I've used all three of these when traveling to countries that heavily filter the 'tubes and met with little issue. I even run VoIP/VTC over them without issue.
"I don't know if they can't make up their mind or what the problem is over there," Ballmer said in an onstage question-and-answer session following his speech at the company's Worldwide Partner Conference in New Orleans. "The last time I checked you don't need two client operating systems." Okay, opinion noted. Now for the whole pot/kettle thing: KinOS, Windows Mobile/Phone 6.5/7, Windows Embedded Handheld...need I say more? Ballmer wants to criticize Google for having Android and Chrome?! Seriously? That's like Google criticizing MS for having a desktop and a mobile/phone operating system. Microsoft will have 3 concurrent phone platforms, a number of 'mobile' device platforms, desktop, server and so on. Variety is the spice of life and all, but if you want developers to build apps for your crap, you may want to keep things streamlined.
I guess that whole "Is your refrigerator running" crank would be sort of un-funny given the circumstances....
then you owe them when you leave (maybe). Since I wouldn't want to work for a company that is as stingy as you describe, I'd be looking to get my cert and use it to find a better job. That being the case, I'd gladly pay for it myself, and thank them for 'forcing' me to better myself/leave.
Not everyone (including me) understands what the benefit to consumers will be when less than 25nm production is possible. Does that mean 1TB flash memory cards for my camera? Same sizes as now but cheaper? What? Just an additional sentence giving a "once possible, this will mean blah blah blah blah blah". Simple as that. Of course, with an 'article' (actually just PC Mag parroting a Thoshiba presser...for pay I'd imagine) as crappy as the one linked to in the headline, I don't know that it really matters.
Working in the industry and hiring new Cyber talent on a weekly basis, I'd say that the author's aren't looking in the right place. We find the best, most talented folks are coming out of the military. These ladies and gentlemen are very disciplined, highly trained and have real (very real) experience not only within the ranks of military cyber operations, but most also have a good deal of experience in the intelligence community. They all have a great deal of experience (and preference) with open source tools, but understand the proper application and integration of COTS products as well. Anyway, my two cents.
From a purely technological point of view, I could see this working IF you had a profile pre-built. That is to say, if you had established a baseline of a particular persons typing habits (tempo, speed, accuracy, common mistakes, pause patterns, etc.) then I think it would be relatively easy to identify/track them in the future. I realize that this isn't really what the OP is talking about, but I think this is the closest to reality as one could get. I've seen authentication tools that combine the password you've entered with the 'way' in which you enter it, doing essentially just that. Anyway, determining a persons proclivities based solely on the way they type is, well, stupid.
No, but you do need to block their syndicated ads, Blogs, etc. Web-mail, too, if you don't have the ability to scan it specifically.
I am over Cyber Security for a 36k seat enterprise. We've had no infections...period (and yes, we do have monitoring in place to catch behavioral anomalies that indicate zero-day, etc.). Here are the "must do's": 1. Block social networking sites. Need convincing? Here. http://google.com/safebrowsing/diagnostic?site=facebook.com/ or http://google.com/safebrowsing/diagnostic?site=myspace.com/ or http://google.com/safebrowsing/diagnostic?site=twitter.com/ 2. Block porn sites. All of them. Use keywords, IP/FQDN blacklists, adaptive/reputation blocking (Trusted Source type technology) 3. Use a managed AV/AM/HIPS solution such as McAfee ePO/AVE/HIPS/etc. if you can afford it. A good HIPS that does both network and application blocking is essential. 4. Exhaustively scan e-mail for content, attachments and (most of all) embedded URLs. 5. Finally, have a good dashboard. We rolled our own using Cacti, Nagios, Drupal and some simple Java, CSS and PHP. You need to be able to visualize things in as close to real time as is possible. Once you've established 'normal', you can spot 'abnormal' visually long before many automated analysis engines will alert you. This allows you to catch the things that may otherwise slip through the cracks. This doesn't have to be expensive (well, except for #3, it's expensive). You can scale a Linux based solution with entirely open source tools large enough to cover thousands of concurent users.
Bottom line: I'll believe the authors just as soon as they get rid of everything and move into a slum. Practice what you preach.
I was waiting with baited breath to see what Apple was going to deliver. What a letdown. I typically love what Apple puts out there. I was fully expecting something I could load up with whatever open source software I wanted. Something I could do video iChat on. Etc. After the big release thing I ordered an ASUS Eee PC T91MT. 9" multi-touch screen (yeah, Windows 7, but hey...), 3-5hr. battery life, load whatever software I want, built-in web cam for VTC, not one, but TWO SDHC slots, blah blah blah. Oh, and a real keyboard. I dunno...for my money, the ASUS seems like a much better buy.
No kidding. What a piece of crap. No front facing camera (for iChat). No internal GPS (seriously?!?!). No flash (which means no free TV via Hulu...you gotta buy it from iTunes. No phone (and I'm guessing no VoIP apps for the foreseeable future). More expensive that the highest end of Netbooks (which it is essentially one of sans a useful keyboard). I could so have gone for an Apple tablet done right. Not so in this case. HIGHLY disappointed.
If it's a full blown computer and has iChat (with built in front facing camera for video chat) then I'm in for up to $600. If it comes out of the box hamstrung with iPhone OS Appstore only apps...forget it. It wouldn't pay $300 for it. I'd love a tablet and there are a million uses I can think of for it, but if I can't go to Sourceforge and download my favorite OS X apps to run on it, it's no more useful than an iPod Touch. Regardless of any of this, if the $1,000 unsub price I've seen thrown around is accurate, there's no way on Earth I'll buy it. A tablet is less useful than a notebook (Macbook). I'm certainly not going to pay more for it.
For anyone who's interested, Raytheon Polar Services is almost always hiring for positions at the US South Pole research facilities.
I concur with much of what you've stated. I've been a contractor for the past 15 of my 22 years in IT. I love it! Being an employee, not so much. As a contractor, I get to get out there and build a name for myself. I have a reputation that I am in control of. When you work for a particular company your reputation is only as good as the recommendation they'll give you when you live (which is often none, no matter how happy they were with you). The experience you gain, the improved quality of life, the variety of people you work with and the networking opportunities are priceless. I hope never to leave the contracting world.
What Verizon (Comcast, and others) are going to learn the hard way is the liability that comes along with this. IANAL, but, from experience I understand that if you specifically say something is prohibited, but then do not enforce prohibition of it and someone causes harm to another where it would have been precluded had you enforced the prohibition of said activity, guess who's liable. :)
The former head of 'cyber' for the communist Soviet KGB doesn't believe in people right to privacy. I for one am shocked.
Nominations for the prize were due 12 days after he took office. What exactly did he do in those 12 days (or prior) to earn this? Make promises? Shoot, I promise to cure cancer, aids and MS. Where's my prize? Don't get me wrong, I'm not anti-Obama, though I certainly think this is a farce.
Seriously?! You're going to give "the Government" a pass on this? Considering "the Government" spent several of the $15 million allocated to S. 2590 on this bloody web-site and gave this money to an outside consultant to build it, it ought to be damn perfect. It's not as though a bunch of noob's from the Obama administration sat down and hammered out this website out of the kindness of their hearts. This cost you and I a great deal of money. Something as out-front and key as this chart should have at least passed a sniff test before being published. Obviously no one gave this thing so much as a serious glance before publishing it to the site.