It is not as easy, the iPhone have FIPS 140-2 crypto processor that stores the key, you can not copy that data, and you can not emulate it. Or force attack the secure crytpto processor...
I think the aproach of copy the hard disk is not posible, take a look to Apple documentation.
https://www.apple.com/business...
I am not sure even if is posible to release a new iOs without the retry password and time limits, It shouldn't be possible if the design is well done as it seems.
Does it cost Truecrypt TCO $403 year? for a company with fewer of 50 employees? I know Trucrypt don't have, enterprise functionality, like admin and user password, integration with identity management, but I thik 403$ year only in support and maintenance, using this opensource and free solution.
And It is very difficult to meause the value of the information of a laptop.
From: http://aws.amazon.com/es/ec2/
Availability Zones are distinct locations that are engineered to be insulated from failures in other Availability Zones and provide inexpensive, low latency network connectivity to other Availability Zones in the same Region. By launching instances in separate Availability Zones, you can protect your applications from failure of a single location.
Better than use different region, I think it is better have multiple cloud providers...
What is more scaring for me, is that Amazon tell you that they have multiple availavility zones on each zone, and recomends you to distribute replicated servers, on each of this zones, for example I have a project with the master database in one zone, and the replica on the other zone.
Why both zones fail?? Are not isolated/independent? Amazon charges you for data transfer between zones. As other says fails the servers, anyone must had backups on other place (S3, or Amazon external).
I have deleted all the CA from Comodo. I think it must be the end of his certification authority bussines.
I want more responsible of that:
-Ernest Young give them the WebTrust certification.
Or the auditor or the certification is useless...
To be a CA is a serious thing it requires to have some certifications:
Comodo CA Ltd is a commercial CA based in the UK and serving customers worldwide.
Audit: WebTrust CA, performed by Ernst and Young: Audit Report and Management's Assertions
Audit: WebTrust EV, performed by Ernst and Young: Audit Report and Management's Assertions
If you have a Windows environment with a Active directory you could deploy with GPO (Group Policy) to all the desktops on the domain.
http://www.tcpdump.com/kb/os/windows/certificate-deployment-using-gpo/all-pages.html
If you have Linux desktops may be you colud deploy a package with the certificate. If you set up your own CA, then you must have to deploy the CA certificate once too.
Symbian 3rd edition, hava also limitations to developers, for certain type of capabilities the program must be signed by nokia. And there is a license 10.000$ for developers to sign and sell symbian applications. It is the same like games on consoles. The device is definitively, "not open" for everyone.
https://www.symbiansigned.com/app/page/overview/faq
Unfortunately, Apple is not makeing different things that others in the industry done.
I have broadband at home, but I have to mantain my parents dial-up computer and is very annoying to update their windows software and to update the antivirus software.
It is harder to keep it updated, you have to connect and don't do anything while downloading upgrades. A computer with broadband can update smoothly.
If the administrator is not absolutely dumb, the.php file must be not owned by the same user that runs the webserver. Then teh worm can not patch the file with the vulnerability. I wish to know more details about how the Anti-Santy patch is done. Any URL?
A self-spreading worm it is always dangerous, another aproach, doubthly legal byut more polite is the strike back philosophy. If someone attacks you then strike back and patch them (and install other strike back worm). With this technic the infection could be reduced without increase the bandwith for all the internet.
You have XBOX The Simpsons Hit & run, you can drive trought Springfield, along street entering buildings, etc... Drive from Simpsons's house to moe, etc... Sure it have rights from Fox and then this "version" is semi-official.
Stop Sarge doesn't follow the actual social.
Woody is ilegal it doesn't follow the actual social contract. We must delete woody from the mirrors, and delete woody from the servers, they are dirty, non-free software that have non-free data, documentation.
If we are not "ready" then is better to not use computers.
It si very interesting to listen how one company talks with another in order to achieve the liberation of a technology and asking to release it as opensource. I think it is a revolution, years ago one company made a deal with another under propiertary licenses. Do they arrive to a private deal? Or they arrive to a deal with the benefit of everyone, in opensource-way?
i want to know if the hack was a remote backdoor or "only" a local root compromise. In order to how bad was the hacker that try to do this.
Thanks to the admins and developers that detect that!
Slashdot Mirror
It is not as easy, the iPhone have FIPS 140-2 crypto processor that stores the key, you can not copy that data, and you can not emulate it. Or force attack the secure crytpto processor... I think the aproach of copy the hard disk is not posible, take a look to Apple documentation. https://www.apple.com/business... I am not sure even if is posible to release a new iOs without the retry password and time limits, It shouldn't be possible if the design is well done as it seems.
Sure, and probably the laptop is clean of information because now have a new installation made with the windows partition recovery.
Does it cost Truecrypt TCO $403 year? for a company with fewer of 50 employees? I know Trucrypt don't have, enterprise functionality, like admin and user password, integration with identity management, but I thik 403$ year only in support and maintenance, using this opensource and free solution. And It is very difficult to meause the value of the information of a laptop.
http://tech.slashdot.org/story/11/04/29/1156220/Amazon-EC2-Failure-Post-Mortem
Another episode of the KVM vs XEN battle!!
Post morten Amazon explanation:
http://aws.amazon.com/message/65648/
From: http://aws.amazon.com/es/ec2/
Availability Zones are distinct locations that are engineered to be insulated from failures in other Availability Zones and provide inexpensive, low latency network connectivity to other Availability Zones in the same Region. By launching instances in separate Availability Zones, you can protect your applications from failure of a single location.
Better than use different region, I think it is better have multiple cloud providers...
What is more scaring for me, is that Amazon tell you that they have multiple availavility zones on each zone, and recomends you to distribute replicated servers, on each of this zones, for example I have a project with the master database in one zone, and the replica on the other zone. Why both zones fail?? Are not isolated/independent? Amazon charges you for data transfer between zones. As other says fails the servers, anyone must had backups on other place (S3, or Amazon external).
I have deleted all the CA from Comodo. I think it must be the end of his certification authority bussines. I want more responsible of that: -Ernest Young give them the WebTrust certification. Or the auditor or the certification is useless...
To be a CA is a serious thing it requires to have some certifications: Comodo CA Ltd is a commercial CA based in the UK and serving customers worldwide.
Audit: WebTrust CA, performed by Ernst and Young: Audit Report and Management's Assertions
Audit: WebTrust EV, performed by Ernst and Young: Audit Report and Management's Assertions
http://www.mozilla.org/projects/security/certs/pending/#Comodo
Do I have to trust Comodo?
Do I have to trust WebTrust certifications?
Do I have to trust Ernst and Young?
If you have a Windows environment with a Active directory you could deploy with GPO (Group Policy) to all the desktops on the domain. http://www.tcpdump.com/kb/os/windows/certificate-deployment-using-gpo/all-pages.html If you have Linux desktops may be you colud deploy a package with the certificate. If you set up your own CA, then you must have to deploy the CA certificate once too.
I am the the Carnie Mellon reader, I have discovered with this article that I am robot.
Last generation low budgets Mobiles phones have internet access and could be considered net devices....
Take a look at: http://www.instructables.com/id/The-IKEA-charging-box---no-more-cable-mess!-Very-e/
Symbian 3rd edition, hava also limitations to developers, for certain type of capabilities the program must be signed by nokia. And there is a license 10.000$ for developers to sign and sell symbian applications. It is the same like games on consoles. The device is definitively, "not open" for everyone. https://www.symbiansigned.com/app/page/overview/faq Unfortunately, Apple is not makeing different things that others in the industry done.
Try http://www.mnogosearch.org/ is like a small free google spider.
I have broadband at home, but I have to mantain my parents dial-up computer and is very annoying to update their windows software and to update the antivirus software. It is harder to keep it updated, you have to connect and don't do anything while downloading upgrades. A computer with broadband can update smoothly.
If the administrator is not absolutely dumb, the .php file must be not owned by the same user that runs the webserver. Then teh worm can not patch the file with the vulnerability.
I wish to know more details about how the Anti-Santy patch is done. Any URL?
A self-spreading worm it is always dangerous, another aproach, doubthly legal byut more polite is the strike back philosophy. If someone attacks you then strike back and patch them (and install other strike back worm). With this technic the infection could be reduced without increase the bandwith for all the internet.
where can i get it for free? I want a 15k multi-domain system :-)
You have XBOX The Simpsons Hit & run, you can drive trought Springfield, along street entering buildings, etc... Drive from Simpsons's house to moe, etc...
Sure it have rights from Fox and then this "version" is semi-official.
Look that Windows ison the top of SETIathome http://setiathome.ssl.berkeley.edu/stats/oss.html
Stop Sarge doesn't follow the actual social. Woody is ilegal it doesn't follow the actual social contract. We must delete woody from the mirrors, and delete woody from the servers, they are dirty, non-free software that have non-free data, documentation. If we are not "ready" then is better to not use computers.
It si very interesting to listen how one company talks with another in order to achieve the liberation of a technology and asking to release it as opensource. I think it is a revolution, years ago one company made a deal with another under propiertary licenses.
Do they arrive to a private deal? Or they arrive to a deal with the benefit of everyone, in opensource-way?
don't miss this comic about lice-cd distros.. http://comic.escomposlinux.org/ecol-144-e.png
i want to know if the hack was a remote backdoor or "only" a local root compromise. In order to how bad was the hacker that try to do this.
Thanks to the admins and developers that detect that!