Until we realize that building secure systems is actually really hard, and we can't just glob on security. There is more to security then making sure systems are updated regularly, audits are performed, and absurd password requirements are met.
The GAO report on the SEC's systems (https://www.gao.gov/assets/690/686192.pdf) had these 2 recommendations: (1) Maintain up-to-date network diagrams and asset inventories in the system security plans for GSS and a key financial system to accurately and completely reflect the current operating environment. (2) Perform continuous monitoring using automated configuration and vulnerability scanning on the operating systems, databases, and network devices
Stop rushing software and services to market, understand your software threat / overall architecture. Companies need to understand their applications, dependencies, attack space, how to actually implement security, and what having a secure system means.
TLS and SSL doesn't mean anything if I can compromise an endpoint and now I (as an attacker) have access to your keys and can feed whatever I want into the pipe. Can you MITM your data access / caching layer? Where all can attacks come from and what is the impact at each level? What components are you using in the architecture?
There is not a silver bullet to security. Sure, firewalls, IDS, password requirements, logging, encryption, etc. all help. They don't do anything if they aren't configured correctly, or they are bypassed, or some aspect of the system is wide open.
Was he (the passenger, and vehicle owner) keeping his hands to himself or were there also other distractions contributing to an already dangerous situation?
Doesn't "insane" mode on the Tesla have to be specifically enabled? Was it enabled? Can they pull the black box and even find out if insane mode had engaged during the fatal trip?
The Internet itself is fully redundant. The Internet backbone can survive several major failures. E.g. take 9/11 for example, much of the regional fiber for NYC and the surrounding areas, ran in near vicinity to the WTC, of course this is going to cause small regional outages, however down in DC or over in Chicago, the backbone was fine and handling it's daily activities. The problem with redundancy and availability is diversity. Most content providers do not have regional data centers that advertise a single BGP route over multiple providers to their content, in most cases a provider of content will have a single data center and a single or possibly two distinct feeds to the Internet. This is obviously going to cause some problems. The Internet is only as redundant as the content providers make it.
As far as the Bandwidth Crisis? it doesn't exist. This is hype. Sure, some of the dark fiber may not be getting used, but for the most part there is still plenty of fiber to go around, and the conduit is laid for the expansion of more fiber, glass just has to be pulled through the conduit and lit. It's expensive though to pull new fiber, terminate it, light it and connect it to a backbone router. The backbone routers such as say the Juniper T640 are not cheap! The problem is who pays for the routers and cross connects? What do we do do when every home has gigE fiber to the front door? Right now the Internet backbone runs at roughly 10gbps, although providers will generally trunk multiple OC-192s together to create large virtual pipes. It is currently cheaper to run trunked OC-192s instead of increasing the pipe "size". There is no money in the innovation (physics/electronics/etc) of networking in order to drive speeds faster.
The only shortage we have is money and who is going to fund massive fiber rollouts, router upgrades, and innovation.
As money flows into the universities, we will get faster pipes as folks devise ways to pack more light and encode more bits into a single strand of fiber.
Want to eliminate the shortage? Fund the universities and innovation, or stop greed (but that just seems impossible)
Use screen, have it "raise" windows on events... useful once you have mastered things like expect...
Now since you have less xterms open, more room for Quake III areana:-d
I have a sturdy, bifold leather wallet. It has been good to me. It has stood the tests of time, and being a 20 smethin kid. It has been to at least 3 foam parties, through the washer a few times, through the drier, and ran over by a car.
On the left hand side, you have 2 grocery dicount cards, a AAA card, and a block buster card (so I can rent asci porn, and pick teh lock to my room). Oh the right side, we have a visa card, my check card, my student id, and a drivers license so I can buy booze. It has 2 divided pockets in the back, presumably for money, but being a poor college student those pockets often sit empty. The second pocket contains a portable insurance card, and the combination to some old safes. Then behind thecredit cards, is a small colelction of random business cards, mostly from people who wanted me to work for them, or exs. I also keep my "spare" campus id card in taht slot. The slot behind the discount cards contains the emergency contact list for my old job, and more random business cards.
I think the trick is a bifold wallet, that fits in a suit pocket, hold all of my cards, cash and check book.
From my experiences as a Unix admin, you must have experience in the field. Unix administration is not like NT administration where you can go get your MCSE certification and find a job anywhere.
In the field of Unix Administration, it is a must that you know what you are talking about. You must know your stuff. There is a reason Unix Administrators make more. Tehre is a reason Unix Servers have longer uptimes.
I would sugegst maybe doing some consulting, or maybe search fro a school that had a unix box and needs a part time administrator.
Experience is the key.
Slashdot Mirror
Until we realize that building secure systems is actually really hard, and we can't just glob on security. There is more to security then making sure systems are updated regularly, audits are performed, and absurd password requirements are met. The GAO report on the SEC's systems (https://www.gao.gov/assets/690/686192.pdf) had these 2 recommendations: (1) Maintain up-to-date network diagrams and asset inventories in the system security plans for GSS and a key financial system to accurately and completely reflect the current operating environment. (2) Perform continuous monitoring using automated configuration and vulnerability scanning on the operating systems, databases, and network devices Stop rushing software and services to market, understand your software threat / overall architecture. Companies need to understand their applications, dependencies, attack space, how to actually implement security, and what having a secure system means. TLS and SSL doesn't mean anything if I can compromise an endpoint and now I (as an attacker) have access to your keys and can feed whatever I want into the pipe. Can you MITM your data access / caching layer? Where all can attacks come from and what is the impact at each level? What components are you using in the architecture? There is not a silver bullet to security. Sure, firewalls, IDS, password requirements, logging, encryption, etc. all help. They don't do anything if they aren't configured correctly, or they are bypassed, or some aspect of the system is wide open.
Was he (the passenger, and vehicle owner) keeping his hands to himself or were there also other distractions contributing to an already dangerous situation? Doesn't "insane" mode on the Tesla have to be specifically enabled? Was it enabled? Can they pull the black box and even find out if insane mode had engaged during the fatal trip?
The Internet itself is fully redundant. The Internet backbone can survive several major failures. E.g. take 9/11 for example, much of the regional fiber for NYC and the surrounding areas, ran in near vicinity to the WTC, of course this is going to cause small regional outages, however down in DC or over in Chicago, the backbone was fine and handling it's daily activities. The problem with redundancy and availability is diversity. Most content providers do not have regional data centers that advertise a single BGP route over multiple providers to their content, in most cases a provider of content will have a single data center and a single or possibly two distinct feeds to the Internet. This is obviously going to cause some problems. The Internet is only as redundant as the content providers make it. As far as the Bandwidth Crisis? it doesn't exist. This is hype. Sure, some of the dark fiber may not be getting used, but for the most part there is still plenty of fiber to go around, and the conduit is laid for the expansion of more fiber, glass just has to be pulled through the conduit and lit. It's expensive though to pull new fiber, terminate it, light it and connect it to a backbone router. The backbone routers such as say the Juniper T640 are not cheap! The problem is who pays for the routers and cross connects? What do we do do when every home has gigE fiber to the front door? Right now the Internet backbone runs at roughly 10gbps, although providers will generally trunk multiple OC-192s together to create large virtual pipes. It is currently cheaper to run trunked OC-192s instead of increasing the pipe "size". There is no money in the innovation (physics/electronics/etc) of networking in order to drive speeds faster. The only shortage we have is money and who is going to fund massive fiber rollouts, router upgrades, and innovation. As money flows into the universities, we will get faster pipes as folks devise ways to pack more light and encode more bits into a single strand of fiber. Want to eliminate the shortage? Fund the universities and innovation, or stop greed (but that just seems impossible)
I'll wait for someone to bolt one of Apple's 30-inch Cinema HD Displays to a "laptop".
Use screen, have it "raise" windows on events... useful once you have mastered things like expect... Now since you have less xterms open, more room for Quake III areana :-d
Come on! Jacobs ladders and tesla coils.. What more do you need? All awe inspiring and fun as hell.
I have a sturdy, bifold leather wallet. It has been good to me. It has stood the tests of time, and being a 20 smethin kid. It has been to at least 3 foam parties, through the washer a few times, through the drier, and ran over by a car. On the left hand side, you have 2 grocery dicount cards, a AAA card, and a block buster card (so I can rent asci porn, and pick teh lock to my room). Oh the right side, we have a visa card, my check card, my student id, and a drivers license so I can buy booze. It has 2 divided pockets in the back, presumably for money, but being a poor college student those pockets often sit empty. The second pocket contains a portable insurance card, and the combination to some old safes. Then behind thecredit cards, is a small colelction of random business cards, mostly from people who wanted me to work for them, or exs. I also keep my "spare" campus id card in taht slot. The slot behind the discount cards contains the emergency contact list for my old job, and more random business cards. I think the trick is a bifold wallet, that fits in a suit pocket, hold all of my cards, cash and check book.
From my experiences as a Unix admin, you must have experience in the field. Unix administration is not like NT administration where you can go get your MCSE certification and find a job anywhere. In the field of Unix Administration, it is a must that you know what you are talking about. You must know your stuff. There is a reason Unix Administrators make more. Tehre is a reason Unix Servers have longer uptimes. I would sugegst maybe doing some consulting, or maybe search fro a school that had a unix box and needs a part time administrator. Experience is the key.