No single test is going to make or break your career/future. It may mean that you don't get your first choice of college or job, but that probably won't matter 10 years from now.
If there is a company that won't look at you because you have a 3.9 GPA instead of a 4.0, you probably don't want to work there anyway. Far more important are the projects and activities you do outside of class. I know I would rather hire someone with a 3.0 GPA and open source development on their resume, than a 4.0 student who hasn't done anything outside of class.
Now, I'm not saying that you should blow off exams, but it is just a test. You will have many more of them in your future. If you blow this one, you can try a bit harder on the next one.
You might consider throwing in a middle initial if you have one. While it might not help in all cases, it can make a difference if they include the initial in the search. Just make sure all of your "official" pages have the initial.
I know drug companies have more lobbyists than there are people in Congress, but do you really think they'll get precription drugs in an apple? What about kids eating them? Or what about the prescription itself? Where would it be sold?
Last time I checked, the growing trend was for more organic food. Every grocery store in town has added a large organic/health section, and full organic stores like Wild Oats and World Market are popping up all over the place.
In the US, Congress might not allow it, but in many other nations they will. Right now they have modified crops to deliver different vitamins to people who would otherwise have a vitamin deficiency in their diet. They are also working on producing vaccines and other (medical) drugs in crops for two main reasons...
It is way cheaper if you can breed an edible plant that produces the drug for you - very little production costs, just extraction.
It is easier to mass produce the drug. Need 10x as much? Plant 10x the acres in the modified corn/soybean/rice. No need for building a new lab/production facility to handle an outbreak and then figure out what to do with it once the outbreak is over. Depending on the host plant, it may be faster to produce than even "retooling" a current facility.
So, while we may not see prescription drugs in the US, many countries, especially developing countries, would love access to these types of plants.
That's true, but that's why social engineers will target those employees who DO have access. Using thin clients and dumb terminals is great from the "prevent user mistakes" angle, but doesn't help when the admins are the one who are duped. Maybe someone has to act like they are a new sales rep from IBM or Microsoft and have some cool freebies. How about a Das Keyboard that has been modified to include a key logger? Maybe a new firewall for evaluation purposes? It doesn't matter what it is - it just has to be sweet enough for the person to try it.
Your example is not "taking it a step farther". It is the same damn thing. It requires the user to manually discover that there is an executable and then to deliberately run it.
It is taking it a step farther - not from a technical standpoint, but from the social engineering standpoint. It is no longer an anonymous USB drive found in a parking lot, but a "dropped" folder that has many different artifacts reinforcing the point that it really is a graphics demo. The point is, if you are socially engineered, it doesn't matter what OS you run; and nearly everyone can be socially engineered - it just requires more time and effort on the part of the attacker to find a way.
Unfortunately, even if you run ubuntu, you are still vulnerable - that's the beauty of social engineering.
Sure, you might not fall for a renamed executable on a USB drive, but what if it's taken a step farther?
Imagine you are walking into work early, and find an open folder on the floor, with some papers strewn around and a CD or DVD in with it. Imagine the paper is an application to put on a SIGGRAPH demonstration, and on the CD is a WINDOWS directory, a LINUX directory, a BSD directory and a SOLARIS directory and each directory has a file named SIGGRAPH_presentation.exe or there is a SIGGRAPH_presentation.jar, (eliminating the need for multiple OS versions), with a README about how to execute it. You figure, "What the heck - I love cool graphics."
Now, while you are watching a cool graphics demo, it checks if you are logged in as root and, if you are, installs a nasty payload. If not, it could simply start emailing every file it finds in your home directory, or delete them, or encrypt them.
I don't care what OS you are running, if you can be convinced to execute something, there will be some damage done. If you aren't root the damage is limited, but there is still damage. The attack may have to involve more research on a person's interests, or require more "found" hardware to convince someone, but it can be done. Maybe someone has to buy some hardware from ThinkGeek and make a fake installation disk, then leave the box, (with the modified disk), somewhere you will come across it.
Being convinced you are immune to the dangers of social engineering is not a good way to avoid being social engineered. A healthy dose of paranoia can go far - and it's only paranoia if there isn't anyone out to get you.
I'm currently taking (and often teaching more than the teacher ) an AP Computer Science course which, while actualy about the concepts (OO Principles, Algorithims, Data Structures (well they _should_ be included), etc.), is taught in Java.
You seem to be against using Java for these purposes and I am wondering why. For example, Java is arguably better for OO Principles than C++ because it is more strongly typed. In C++ you can get away with non-OO coding, Java is a much stronger OO language. Second, Algorithms are not dependant on a programming language, which is why they are most often expressed in pseudo-code. So the language choice for algorithms really doesn't matter and at your level of study is more dependant on available documentation/previous language knowledge than language design.
As for data structures, when learning data structures I recommend C++ since it doesn't hide the underlying memory management. Once you have an understanding of how memory is managed in C++, switching to Java is easy. Going the other way is not. However, data structures are also independent of the language choice. I think it is a bit harder to understand in some languages, but a doubly-linked list is still a doubly-linked list and a B+ tree is still a B+ tree.
I enjoy gaming and consoles are a really convenient way to do it. However, I don't see why I would want to spend US$800 to play a few new games. Now, I know the base price isn't US$800, but I also have to pay 7% in sales tax when I buy the thing, and then I have to buy a game or two, which may run up to $150 bucks. Now I am at US$800.
While the graphics on newer games are really great, I haven't seen any really innovative games. If I like a specific genre, I can go find dozens of older games that are highly rated, even if their graphics aren't the best. In fact, in a lot of games, the quality of the graphics doesn't even matter. I don't need a photo-realistic Mario or Master Chief, or a photo-realistic pile of rubble. Are they nice to have? Sure. But how often do you get a chance to stop and admire the scenery in a game? If I want nice scenery, I'll go outside and see all sorts of great graphics.
Only Nintendo has me interested in their new console. I don't like the Wii name, but who cares? It's for playing games. I don't care if they named it the Ugly Fuzzbutt, it will still play the same way and I can name it George. What I like is the new way to play games, and the interesting games that seem to be coming that utilize the Wii-mote. I don't want another flagship FPS or racing game. While I like those genres, I can play a hundred different types all the way from Wolfenstein 3-D to Halo, without new hardware and for about $US10 a game (bargain bin rocks!).
So, sorry Sony. I loved the PS2, but I am going to pass on the PS3.
"In theory, there is no difference between theory and practice. But, in practice, there is." - Jan L. A. van de Snepscheut
First, the plane is not a perfect "tin can" - it has all sorts of openings in it, called windows, making it a can with holes in it. Second, modern aircraft are not made of tin, (or copper), or even aluminum. They use aluminum alloys, which have different conductive characteristics, and are probably not as effective in blocking EM radiation.
So imagine a terrorist sitting at the end of a runway jamming the cockpit end of the wireless connection just as it takes off or lands. The jamming EM signal won't be blocked by the cockpit windows, and I doubt it would be slowed down by the nose of the plane either. So, when the plane is at its most vulnerable, (near, but no on, the ground), the pilot can no longer use the controls since his wireless connection went down from a terrorist with $100 of hardware who spent a few hours of their time with a basic electronics book.
So, no the terrorist and equipment don't need to be in the plane and, with a good antenna, could be a long way from the runway.
Also, here is a question: Has anyone used their cell phone or listened to a radio on a plane? (Which would imply the fuselage doesn't block radio singals.) I have done both, but it was a military cargo plane so I assume it is built of different materials than a commercial airliner.
If we can get all of these things available for viewing, then overcoming the login will be the trivial aspect. We have a lot of anonymizing technologies and we have a lot of "convenience" techonologies such as "bugmenot" where you don't actually have to log in as yourself. This can eliminate the paper trail, obfuscate the paper trail, or reduce the trail to "there was some sort of file transfered, but it was encrypted".
In addition, once the content is available at all, it can easily be copied. (For the same reasons real DRM is impossible.) Then we can set up an encrypted p2p network and serve it up anonymously. In the case of pure text, the storage space required is incredibly small, less than 1 MB for an entire book. So I can store about 9,000 books on a single DVD and over 500,000 on a hard drive and share it on an anonymous, encrypted p2p network. The small size also means bandwidth isn't a big issue for text.
Bandwidth may be an issue for movies, but you can fit over 100 movies on a single hard drive, and as long as you don't want to watch the movie right at that moment, bandwidth for movies shouldn't be a problem either. (People download movies all the time over p2p.) With proper p2p, anonymizing and encryption, there is no information that can be gained about the actual information being transferred on the network.
Searching shouldn't be a problem since we could adopt a hierarchical system similar to DNS but based on some library category system. Instead of.com and.org servers we could have psychology or physical sciences or music servers. They could tell you where to find the item in question and could index those works that are in their domain. (search.psychology.lib or maybe google.psychology.lib). A broad query could just hit multiple servers to look for the information. For our p2p model, we can use a central directory or a broadcast model for indexing.
Copyright would be a nightmare since the holder of the copyright is the one that sets rates, and can charge different rates to different people. However, since different countries don't have the same rules regarding copyrights, you could access the material from a country where it wasn't copyrighted or where it has expired. This really isn't a solution, but it is a workaround.
The biggest issue I see is that artists and authors have the rights to their own work and don't want to give it away - they like to get paid for what they have done. In addition, the storage cost for everything would be quite high. Maintaining petabytes of active storage is expensive and being able to serve it at a decent rate is also expensive, so there has to be some revenue model or at least public funding.
This "choking the internet" complaint seems to be a cop-out for the laziness of the ISPs toward getting off their butts and really competing to bring a smooth connection to its subscribers.
Yes, by all means, conduct an ad hominem attack on the ISPs rather than considering that this could possible be a difficult problem. Do you have any concept of how difficult it is to design and engineer a network that can handle all of that data and provide a high level of service to all of the end nodes? Then we have to include the cost of the equipment and maintenance, and factor in the time it takes to actually build the thing.
Consider this scenario... A pair of high-rise apartment buildings go up right next to each other. Each one has 15 apartments per floor and is 15 floors high. This is 225 units per building, and with 2 buildings brings it to 450 units. Now if each unit actually wants 10 Mbps so they can download HD video in a reasonable amount of time, this means that one area needs 2.25 Gbps of bandwidth.
Sure, this is reasonable for a local area network, but this isn't a LAN. Maybe all of the users are hitting the same server, but requesting different files. Since they are different files we can't cache locally, and we need every link (and router and switch), capable of handling that 2.25 Gbps. This is in addition to any other traffic that might be travelling those links or routers. Multiply this by all of the apartment buildings/condos/homes in a small city and you can see the problem.
High-performance networks that can handle all of these things are an active research area because we don't have any good solutions. You can't just magically add another switch to upgrade your service. This is a local solution and doesn't address the entire network, or even the network core. More bandwidth in fiber doesn't solve the problem, it just moves it to the switching/router space. We have a lot of different techniques to help switching, such as optical burst switching, but they are still difficult. For example, in OBS how long do you wait to aggregate the different packets? Too short a time and it isn't efficient enough, too long and the inter-packet delay is too high for real-time audio or video. If you set different time limits based on application type you add the overhead of examining the packets to determine what it is.
So before you accuse the ISPs of being lazy, why don't you come up with a solution that scales globally and doesn't cost a trillion dollars and take 50 years to deploy.
I am a security professional, and I would recommend you do the following:
Create a backup of all your data. (In case installs or removals go badly.)
Turn on automatic updates if you haven't already. Install all updates.
Install Zone Alarm.
Install AVG Free and run a complete scan of your system.
Install Spybot and run a complete scan of your system. Also, look under Tools --> System Startup in the menu to see if there is anything "odd" being run at startup. (Requires advanced view mode.)
Install AdAware Personal. Perform a complete scan of your system.
You may be right about only having 1 spyware infection in 10 years, but the odds are against you. Better to check and know you are clean than assume you are.
I believe it would have been part of a study conducted by Michael Fagan. He studied/conducted over 11,000 code inspections at IBM to find the most effective way to inspect/find bugs in code.
He found that the optimal number of people to have in the inspection process is 4. More people made the effectiveness go down. Each person also has a particular role, and the amount of time to prepare and perform the inspection were set. It took 2.5 hours to prepare and 2 hours to inspect 250 LOC. So 4.5 hours/person, or 18 staff hours, for 250 LOC. It also had to be specific people who took part - one was the author of the code, one was the designer, and one was the "consumer" (the one who was going to use your code). Everything also had to be tracable to some artifact/requirement, so everyone could examine it and decide if you had met the requirement/design.
Now, before anyone declares that it can be done in less time, or with fewer people, or that someone as good as you doesn't have to follow it, let me point something out...
There is solid data behind those numbers, (11,000 data points) and the inspections weren't done with a bunch of people who heard there was money to be made programming at some dot-com startup - they were software engineers at IBM. There is also information available from Motorola that after a group changed to the Fagan process they reduced development time by 50% and got 2x the features in and finished tested months early because most of the test cases were passed the first time. I forget how much money they saved, but it was enough to make Motorola declare it as their official methodology. (Then everyone thought they could "streamline" the process and went to what they thought would be faster, easier and better. IMHO - it wasn't.)
Finally, this process does not fit every coding situation. It would be good if it did, but if you have a customer who changes requirements every week it is impossible to reinspect everything. Of course, this is where I see the difference between programming and software engineering, but I won't ramble on about that today.
Their ship is pretty big, One- fourth the size of the moon, although an object that size in near-Earth orbitmight be expected to cause tidal waves, there are none!
Why do we need some sort of anti-gravity technology? The mass of the ship is much smaller than the moon. First, if it is 1/4 the diameter of the moon, (I assume diameter since they were viewing it as a radar image), this would make it 1/64 the volume of the moon, giving a 1/64 reduction in mass if they had the same density. Second, the ship is far less dense than the moon. Remember all of that empty space when they fly into the ship? With hallways, rooms, fly-ways and everything else, about 90% of the ship would be empty, or at least low density atmosphere for them to breath. This makes it about 1/640 of the mass of the moon. Of course, the ship materials may be more dense than the average moon rock, so we say they are 50% more dense, giving us the ship as 1/427 of the moon's mass.
This mass would require the ship to be be sqrt(427) or ~21 times closer to the Earth to have the same gravitational effect on Earth as the moon does (Gravity increases by the square of the distance). Using an average distance of 240,000 miles, this gives us a distance of 11,500 miles. I'm not sure how far they were from the Earth in the movie, but this is much closer than geosynchronous satellites.
So massive tidal waves are not a guaranteed by-product of the alien ship. The big point is that the density of a ship is not the same as a rock. While someone could construct it that way, this would leave little room for the activities you would want to perform on said ship, or would require construction out of truly dense materials. Gold spaceship anyone?
Finally, I agree that Sneakers rocked and Cryptonimicon would make a horrible movie; might be an OK mini-series though.
Most people train to exhale before aiming and not take another breath until the shot is taken (minimizes movement).
Then those people are training wrong.
I agree. I was a U.S. Marine Designated Marksman, (more urban/hostage rescue oriented than Marine Scout/Sniper), and holding your breath is bad for several reasons. First, you aren't guaranteed to be holding the same amount of air in your lungs each time, which makes acheiving the proper body position difficult. (Too long to explain here...) Second, if you are holding your breath you aren't as relaxed, and muscle tension will throw off your shot. Finally, the longer you hold your breath, the more, and harder, your heart beats. (Darn thing wants to get more oxygen to your cells.) At long ranges your pulse will throw off your shot pretty badly. (I have seen my crosshairs jump entirely off a 3' target at 500 yards due to my pulse.)
The Marines do not use the "exhale as you fire" rule since it requires exact timing to fire at the perfect spot in your breath. Instead, they teach to fire at the "natural respiratory pause" that occurs between each breath. Between each breath there is a second or two before you begin to inhale. (Check it out if you don't believe me...) If you breathe naturally, it is the same each time, so you don't have another aspect of shooting to control. It also gives you more time to apply pressure to the trigger, so you can avoid jerking the trigger and missing low.
If everything is done properly - body position, muscle relaxation, breathing, etc., you can actually pull the trigger with your eyes closed and hit your target.
In regards to the GP, the Marine Corps does a pretty good job of teaching how to shoot the M-16 in boot camp. If you can't hit a target at 500 yards, you aren't going to qualify with with the M-16 and you don't get to graduate from boot camp until you do. They spend 2 entire weeks on marksmanship - the first learning how to get into proper shooting positions, how to aim and spending time snapping-in (dry-firing at targets). The entire second week is spent on the range practicing, and on Friday you shoot the qualification course. Does that mean that every Marine is a dangerous sniper? No, but they are all proficient with it out to 500 yards, and can monitor the environment to determine the required windage. You also receive classes on range estimation, and practice engaging targets at unknown distances to get a feel for it. Finally, the front sight post is a good way to estimate range. Get a feel for how it looks compared to man-sized and shaped targets at known distances. Then extrapolate as needed. It isn't as good as a nice scope with mil-dots, but if you are close enough, you might miss them 2-3" high, (upper chest or neck), or low, (lower chest, solar plexus) but without a good medical team nearby, they are still dead.
I am a Ph.D. student in computer engineering at Iowa State, and our program may be of interest to you. We have several faculty members doing forensics research in areas such as detecting illegal pornography and attack attribution. The department also has a computer forensics lab, and offers a specific course in Computer Forensics that includes projects where drive images are examined using EnCase and FTK in order to locate and recover evidence.
Probably the best advice I can give on selecting any program is checking out the courses that are offered and what the faculty in that department are working on. It may take some time and effort, but can really pay off. An additional benefit with our program at Iowa State is that most of our computer security courses are offered through distance education. So if you are undecided, you can take a course or two and decide if it is something you want to pursue.
On the other hand, during a conflict, a carrier is a pretty juicy target, and one thing humans *are* good at in combat [apart from dying:( ] is being adaptible. It'd be a real shame if the plug fell out of the automated aircraft-landing computer because of a nearby explosion...
I know that Lockheed-Martin engineers their naval systems to take more shock/damage than a human could take and be functional. I saw a video where the equipment was placed on a barge and explosives were detonated underwater only a few feet away. The barge was lifted up several feet, and the plume of water from the blast was over 50 feet high. That close, a human would be temporarily deaf and have a lot of inner-ear problems. The system continued working.
Also, while humans are incredibly adaptable, they can't always replace the equipment. For example, there is no way a person could replace the automated aircraft-landing computer from your example. While a person may be able to work "beyond their limits", there is no way for them to manually commmunicate to a remote plane attempting to land - they need equipment to do it.
Smaller crews are vastly less efficent at damage control and have much smaller margins for casualties before the ship ceases to be combat effective.
Very true. However, considering modern weaponry, weapons that would inflict the amount of damage that would require those extra damage control specialists, would probably render it combat ineffective, and in bad need of a shipyard. My guess is it won't be a torpedo hitting the most heavily armored part of the hull, it will be a missile slamming into the superstructure. Also, in the event that there is major, repairable damage, since it is an aircraft carrier, there should be plenty of escorts nearby that can offer assistance.
Imagine if you have a gastro outbreak onboard and 400 of your crew are down.
You are missing the point that at this scale you don't talk about absolute numbers, but percentages of the total crew. So if an epidemic would sideline 400 of the original 2000 crew (20%), then it would likely only affect 160 of the reduced crew of 800. So you only have to cover 160 watches instead of 400. Why is this? Some percentage won't eat the "bad" meal, some percentage will have a different food, and some percentage will be immune/not affected. You can't assume that it will affect the same overall number if your population size is different.
Plus most of these studies tend to ignore hte fact that less crew means more and longer watches for the duty stations that remain.
I haven't read these studies, (do you have any links), but it seems they would continue with the same watch schedule, and just reduce the number of stations required. The drop in efficiency that is a result of having too much time on duty is well studied, and I doubt that would be ignored. Now, what might be a factor is that it is "easier" to sit in a single location and monitor several things remotely, than to walk rounds and check on each one. This would reduce physical fatigue so longer watches could be maintained.
If VOIP was implemented, then they would consume more bandwidth, and would be charged comparably more.
True, but the cost-per-gigabyte was anything near the cost-per-voice-channel in a regular phone line, their costs would be too high to operate. Consider a voice channel only requires 8 Kbps, which means a 1.5 Mbps broadband connection could handle almost 200 voice channels. At $20 for a regularly price voice line, this would be $4000, far less than what is charged now.
Then how did we get by so far? Are the telcos and cable providers all going bankrupt?
No, they are not going bankrupt, but they also aren't swimming in untold billions of dollars. Look at (the new) AT&T financials. They had sales of US$44 billion, and a profit of US$4.5 billion. Not bad, but not great. What helps keep them afloat? Various tax breaks, government subsidies and things of that nature. See the taxes paid in AT&T's Q4 (-US$500 million).
Or maybe the real truth is that building the infrastructure incurs a tonne of upfront cost, but once that outlay is complete, the maintenance costs are significantly lower, and are easily recouped by providing customers (business and residential) with bandwidth, in addition to valuable services.
Unfortunately, just like most homeowners, they don't $X billion in cash to pay for everything up-front. (Again, SBC pays US$ 400 million a quarter in interest.) They have to borrow the money from somewhere to build the infrastructure and then pay the money back. Then they have to do more than just pay back the money they borrowed because, by the time they get it paid back, the infrastructure will begin to need repairs and upgrades, and they need to have money available for that. Charge too much, and you lose customers. Charge too little and you will get bought out. It is just like with chip fabricating; the chip costs $100 to make, but the R&D was a couple of billion, so they get sold at significantly more than $100.
There is a flaw in your position. Consider this statement:
Because I'd have sworn I paid for a telephone connection. If Google can provide me a telephone connection, why exactly should they be paying the ISP I already paid? Because you need a phone line at each end.
The reason it breaks down is there is overhead at -both- ends. You need to be able to contact Google, and Google needs to be able to receive your transmission and respond. There isn't just your equipment and account, there is Google's so they can be ready to receive requests and return the requested information.
I think the tiered or quality-of-service Internet is coming. Why? If you get broadband over your cable or phone line, the cost of the phone line or cable service is subsidizing the broadband. The broadband by itself doesn't require new lines to be placed. They piggyback on the existing infrastructure. Now, when you have VoIP, people still want the cheaper cost of broadband, but without the additional cost of their regular phone. Guess what - you are losing your subsidy on your broadband; the one that came from your regular phone line. You used to pay it, and now you don't want to. The money has to come from somewhere. That means higher prices.
So what does this have to do with Google? VoIP. If Google provides a free VoIP service, it means that a single broadband connection can support hundreds of regular voice channels. If 100 people stop using the regular phone service, the telecomm has to get that money back from somewhere, (and all the subsidies that help cover the broadband), so suddenly broadband needs to go up, by a lot, for the average consumer. Alternatively, they can make Google pay it all and keep their own customers happy.
I'm not saying this is great, and that the business model doesn't need to change, but if everyone switched to VoIP and dropped their normal phone lines, all the telecomms would go bankrupt, and all of their infrastructure would fail, and the Internet would fragment. It will take time for new models and pricing plans to be developed and implemented. In the immediate future, prices may change, there might be different levels and types of service, but the Internet will continue routing.
On a final note, this idea that we all deserve a lot of inexpensive bandwidth is unreasonable. There is a lot of infrastructure that is required and most of it we don't think about. How much does it cost to keep a service team in the middle of Wyoming in case a cross-country fiber line gets cut? Can stuff be rerouted? Yes, but it can also cause cascading failures as the nearby systems get overloaded. How much does it cost to dig a tunnel under an Interstate, or a river, (or an ocean for that matter), so service can be provided? How much does it cost to repair fiber that got cut by a boat's anchor? Sure, 90% is relatively easy and inexpensive, but that other 10% is incredibly expensive, difficult and time consuming - and just as important.
When I open a file in Kate, I want to be able to open a file remotely or locally. Should be no difference.
Yes and no.
Yes:
A file is just a collection of bytes that needs to be sent/received to/from an application to a storage location. File operations are file operations whether it is on a local file or a remote file.
No: There is a big difference between the two when you examine the bigger picture. First, a remote file gets transmitted over the network and, depending on the method used, may be in the clear. Opening a confidential read-only file on the machine it is stored on may not be a big deal, but transmitting it across the network is. If you have a file at home that you want to FTP while you are at work, you may not want it to be visible to anyone sniffing the network.
Also, there are some details that might cause problems. If you edit a file with Emacs and save it, you create a file with a '~' at the end of the filename. If it is a remote file, where do you create that? Locally, or remotely? If locally, how do you guarantee enforcment of the permissions on the file? The local admin may be a different person. If remotely, what if you don't have permission to write to that directory? This problem might cause applications to crash.
Sure, used properly it is a very convenient way of viewing/accessing files. Unfortunately, everyone makes mistakes. Did you select the wrong tab and accidentaly send something in the clear, or to the wrong location? What if you can't undo your mistake? (Permission to create a file, but not delete it.) This is one of the dangers of integration - if it is handled the same, and looks the same, how do you avoid mistakes?
Personally, I like idea of handling files that way. However, I know I make mistakes, especially when I'm rushed, so I use different applications to do different things and access different locations. I may lose track of different tabs or windows, but I have yet to mix up what application I am using.
There are a lot of fields in the security area, some deal with networks, but many do not. You need to spend some time researching what "specialties" there are in the broader field.
For example, computer forensics is a specialty within the security field, and it can mean a lot of things. It could mean examining network logs to trace the source of a DDoS attack, or to determine the full scope of an attack. Ex. We know we were hacked, but did they get access to accounting or our development systems? Determining what was compromised is important and may require days of detailed analysis and little to no programming. Forensics may also mean using tools such as EnCase or Forensic ToolKit (FTK) to examine a captured hard drive for evidence. You may be looking for illegal pornography, stolen data or hidden records. Some of them may be deleted, obfuscated (such as changing a.xls to a.jpg) or hidden in slack space on a drive. Sometimes this can be fairly straightforward, and sometimes it isn't.
A lot of areas in the security field require entirely different skillsets, so having an idea of what you want to do is vital. Using the forensics example, if you want to examine network logs, you need to have a very strong understanding of networking and protocols. If you want to examine hard drives for evidence, you need a strong understanding of file formats and how OSes and hard drives handle data. In general you need a good understanding of the law, especially evidence collection. This knowledge might be helpful if you want to conduct Sarbanes-Oxley (SOX) audits, but not nearly as much as a solid understanding of business principles, and the ability to understand how the internal information is handled and stored. All of these may be handled by the same forensics team, (or one very overworked individual), requiring a lot of knowledge and skills.
With that in mind, I would recommend taking some classes in the security field. The college I'm at (Iowa State University) has a great program in Information Assurance, and has some great core classes for learning about the field. They are available through our Engineering Distance Education group, and the profs take into account that there are off-campus/non-traditional students taking the courses.
Otherwise, my advice is to talk to people in the field and ask them what they do, what their time is spent on and what skills they need to do their job. Take some time to find out what is available before trying to gather the knowledge or the skills - they might not be that helpful in what you ultimately decide to do.
Very few people actually use windows- you ask them what kind of computer they have, and you'll hear "Dell" or "Packard Bell" or "Gateway" - maybe even an "IBM". These people have no idea what they're using or if anything might do what they want better.
Actually, if you asked me what kind of computer I have, I would reply "Dell". If you asked me what OS I use, I would reply that I dual-boot Windows XP and Fedora Core 4. So make sure you are asking the correct question. Just because you would answer your question with an OS, don't assume that everyone else considers their computer as a Windows or Linux box.
Also, don't assume that "the people" have no idea about their own computer or software. Many do, and the others aren't stupid, they aren't knowledgable, which is an entirely different thing. How many stores can you go to and see Mac or Linux computers being demoed? Very few. So why do you seem to blame them for not knowing their options? Maybe their neighborhood electronics store doesn't carry any, (or very few), Mac applications. The Mac versions may be better, but if you don't like buying online, or don't like waiting for it to be sent, this isn't an incentive to look at alternative OSes.
Finally, remember that most workplaces use Windows so a lot of people are familiar with the OS. Why should they learn how to use a new OS and new applications when what they have works for them? So maybe they have heard of Mac and Linux, but don't care - they are satisfied with their current applications and OS and have no real motivation to change. Not everyone has the background and knowledge so installing and configuring a new OS is something to do in an afternoon.
Well, an AK-47 would run out of ammo in its first magazine, but they are designed to reload. As to the overheating, it depends on how fast you shoot, which is why machine guns come with more than 1 barrel that can quickly be replaced, and I don't mean like a gatling gun.
Some machine guns that are single-barrel, but have spares are the M-60, the M-240 and the SAW (squad automatic weapon). The barrel can be changed in 5 seconds or so, and allows for one to cool down while the other is in operation. I can easily fire 200 rounds through a barrel before I would want to change it. (I could do more, but then it may get too hot for a person to touch even with a protective glove.) The overheating issue is why there is a value called "sustained rate" for automatic weapons. This is how many rounds per minute you can fire it "forever".
Some sustained rates...
SAW: 85 rounds per minute
M240: 100 rounds per minute
M60: 100 rounds per minute
M-16: 15 rounds per minute (the M-16 has no replacement barrel, and isn't as heavy as the other barrels, so it can't be used as much.)
As a final bit of trivia from the US Army Study Guide, I found that the M-60 barrel should be changed every minute when used at the cyclic (max) rate of fire of 550 rounds per minute. I would guess you could get 2 minutes at this rate before overheating became a serious issue. So in an emergency, you could have 1100 rounds in 2 minutes, with each round going through 1-4 people depending on how it hit.
Moral of the story: Machine guns massacre people who are standing in lines (or cavalry) - read up on World War I to see how bloody the transition to modern warfare was.
Slashdot Mirror
No single test is going to make or break your career/future. It may mean that you don't get your first choice of college or job, but that probably won't matter 10 years from now.
If there is a company that won't look at you because you have a 3.9 GPA instead of a 4.0, you probably don't want to work there anyway. Far more important are the projects and activities you do outside of class. I know I would rather hire someone with a 3.0 GPA and open source development on their resume, than a 4.0 student who hasn't done anything outside of class.
Now, I'm not saying that you should blow off exams, but it is just a test. You will have many more of them in your future. If you blow this one, you can try a bit harder on the next one.
You might consider throwing in a middle initial if you have one. While it might not help in all cases, it can make a difference if they include the initial in the search. Just make sure all of your "official" pages have the initial.
In the US, Congress might not allow it, but in many other nations they will. Right now they have modified crops to deliver different vitamins to people who would otherwise have a vitamin deficiency in their diet. They are also working on producing vaccines and other (medical) drugs in crops for two main reasons...
It is way cheaper if you can breed an edible plant that produces the drug for you - very little production costs, just extraction.
It is easier to mass produce the drug. Need 10x as much? Plant 10x the acres in the modified corn/soybean/rice. No need for building a new lab/production facility to handle an outbreak and then figure out what to do with it once the outbreak is over. Depending on the host plant, it may be faster to produce than even "retooling" a current facility.
So, while we may not see prescription drugs in the US, many countries, especially developing countries, would love access to these types of plants.
That's true, but that's why social engineers will target those employees who DO have access. Using thin clients and dumb terminals is great from the "prevent user mistakes" angle, but doesn't help when the admins are the one who are duped. Maybe someone has to act like they are a new sales rep from IBM or Microsoft and have some cool freebies. How about a Das Keyboard that has been modified to include a key logger? Maybe a new firewall for evaluation purposes? It doesn't matter what it is - it just has to be sweet enough for the person to try it.
Your example is not "taking it a step farther". It is the same damn thing. It requires the user to manually discover that there is an executable and then to deliberately run it.
It is taking it a step farther - not from a technical standpoint, but from the social engineering standpoint. It is no longer an anonymous USB drive found in a parking lot, but a "dropped" folder that has many different artifacts reinforcing the point that it really is a graphics demo. The point is, if you are socially engineered, it doesn't matter what OS you run; and nearly everyone can be socially engineered - it just requires more time and effort on the part of the attacker to find a way.
Unfortunately, even if you run ubuntu, you are still vulnerable - that's the beauty of social engineering.
Sure, you might not fall for a renamed executable on a USB drive, but what if it's taken a step farther?
Imagine you are walking into work early, and find an open folder on the floor, with some papers strewn around and a CD or DVD in with it. Imagine the paper is an application to put on a SIGGRAPH demonstration, and on the CD is a WINDOWS directory, a LINUX directory, a BSD directory and a SOLARIS directory and each directory has a file named SIGGRAPH_presentation.exe or there is a SIGGRAPH_presentation.jar, (eliminating the need for multiple OS versions), with a README about how to execute it. You figure, "What the heck - I love cool graphics."
Now, while you are watching a cool graphics demo, it checks if you are logged in as root and, if you are, installs a nasty payload. If not, it could simply start emailing every file it finds in your home directory, or delete them, or encrypt them.
I don't care what OS you are running, if you can be convinced to execute something, there will be some damage done. If you aren't root the damage is limited, but there is still damage. The attack may have to involve more research on a person's interests, or require more "found" hardware to convince someone, but it can be done. Maybe someone has to buy some hardware from ThinkGeek and make a fake installation disk, then leave the box, (with the modified disk), somewhere you will come across it.
Being convinced you are immune to the dangers of social engineering is not a good way to avoid being social engineered. A healthy dose of paranoia can go far - and it's only paranoia if there isn't anyone out to get you.
I'm currently taking (and often teaching more than the teacher ) an AP Computer Science course which, while actualy about the concepts (OO Principles, Algorithims, Data Structures (well they _should_ be included), etc.), is taught in Java.
You seem to be against using Java for these purposes and I am wondering why. For example, Java is arguably better for OO Principles than C++ because it is more strongly typed. In C++ you can get away with non-OO coding, Java is a much stronger OO language. Second, Algorithms are not dependant on a programming language, which is why they are most often expressed in pseudo-code. So the language choice for algorithms really doesn't matter and at your level of study is more dependant on available documentation/previous language knowledge than language design.
As for data structures, when learning data structures I recommend C++ since it doesn't hide the underlying memory management. Once you have an understanding of how memory is managed in C++, switching to Java is easy. Going the other way is not. However, data structures are also independent of the language choice. I think it is a bit harder to understand in some languages, but a doubly-linked list is still a doubly-linked list and a B+ tree is still a B+ tree.
I enjoy gaming and consoles are a really convenient way to do it. However, I don't see why I would want to spend US$800 to play a few new games. Now, I know the base price isn't US$800, but I also have to pay 7% in sales tax when I buy the thing, and then I have to buy a game or two, which may run up to $150 bucks. Now I am at US$800.
While the graphics on newer games are really great, I haven't seen any really innovative games. If I like a specific genre, I can go find dozens of older games that are highly rated, even if their graphics aren't the best. In fact, in a lot of games, the quality of the graphics doesn't even matter. I don't need a photo-realistic Mario or Master Chief, or a photo-realistic pile of rubble. Are they nice to have? Sure. But how often do you get a chance to stop and admire the scenery in a game? If I want nice scenery, I'll go outside and see all sorts of great graphics.
Only Nintendo has me interested in their new console. I don't like the Wii name, but who cares? It's for playing games. I don't care if they named it the Ugly Fuzzbutt, it will still play the same way and I can name it George. What I like is the new way to play games, and the interesting games that seem to be coming that utilize the Wii-mote. I don't want another flagship FPS or racing game. While I like those genres, I can play a hundred different types all the way from Wolfenstein 3-D to Halo, without new hardware and for about $US10 a game (bargain bin rocks!).
So, sorry Sony. I loved the PS2, but I am going to pass on the PS3.
This reminds me of a famous phrase:
"In theory, there is no difference between theory and practice. But, in practice, there is." - Jan L. A. van de Snepscheut
First, the plane is not a perfect "tin can" - it has all sorts of openings in it, called windows, making it a can with holes in it. Second, modern aircraft are not made of tin, (or copper), or even aluminum. They use aluminum alloys, which have different conductive characteristics, and are probably not as effective in blocking EM radiation.
So imagine a terrorist sitting at the end of a runway jamming the cockpit end of the wireless connection just as it takes off or lands. The jamming EM signal won't be blocked by the cockpit windows, and I doubt it would be slowed down by the nose of the plane either. So, when the plane is at its most vulnerable, (near, but no on, the ground), the pilot can no longer use the controls since his wireless connection went down from a terrorist with $100 of hardware who spent a few hours of their time with a basic electronics book.
So, no the terrorist and equipment don't need to be in the plane and, with a good antenna, could be a long way from the runway.
Also, here is a question: Has anyone used their cell phone or listened to a radio on a plane? (Which would imply the fuselage doesn't block radio singals.) I have done both, but it was a military cargo plane so I assume it is built of different materials than a commercial airliner.
If we can get all of these things available for viewing, then overcoming the login will be the trivial aspect. We have a lot of anonymizing technologies and we have a lot of "convenience" techonologies such as "bugmenot" where you don't actually have to log in as yourself. This can eliminate the paper trail, obfuscate the paper trail, or reduce the trail to "there was some sort of file transfered, but it was encrypted".
.com and .org servers we could have psychology or physical sciences or music servers. They could tell you where to find the item in question and could index those works that are in their domain. (search.psychology.lib or maybe google.psychology.lib). A broad query could just hit multiple servers to look for the information. For our p2p model, we can use a central directory or a broadcast model for indexing.
In addition, once the content is available at all, it can easily be copied. (For the same reasons real DRM is impossible.) Then we can set up an encrypted p2p network and serve it up anonymously. In the case of pure text, the storage space required is incredibly small, less than 1 MB for an entire book. So I can store about 9,000 books on a single DVD and over 500,000 on a hard drive and share it on an anonymous, encrypted p2p network. The small size also means bandwidth isn't a big issue for text.
Bandwidth may be an issue for movies, but you can fit over 100 movies on a single hard drive, and as long as you don't want to watch the movie right at that moment, bandwidth for movies shouldn't be a problem either. (People download movies all the time over p2p.) With proper p2p, anonymizing and encryption, there is no information that can be gained about the actual information being transferred on the network.
Searching shouldn't be a problem since we could adopt a hierarchical system similar to DNS but based on some library category system. Instead of
Copyright would be a nightmare since the holder of the copyright is the one that sets rates, and can charge different rates to different people. However, since different countries don't have the same rules regarding copyrights, you could access the material from a country where it wasn't copyrighted or where it has expired. This really isn't a solution, but it is a workaround.
The biggest issue I see is that artists and authors have the rights to their own work and don't want to give it away - they like to get paid for what they have done. In addition, the storage cost for everything would be quite high. Maintaining petabytes of active storage is expensive and being able to serve it at a decent rate is also expensive, so there has to be some revenue model or at least public funding.
This "choking the internet" complaint seems to be a cop-out for the laziness of the ISPs toward getting off their butts and really competing to bring a smooth connection to its subscribers.
Yes, by all means, conduct an ad hominem attack on the ISPs rather than considering that this could possible be a difficult problem. Do you have any concept of how difficult it is to design and engineer a network that can handle all of that data and provide a high level of service to all of the end nodes? Then we have to include the cost of the equipment and maintenance, and factor in the time it takes to actually build the thing.
Consider this scenario... A pair of high-rise apartment buildings go up right next to each other. Each one has 15 apartments per floor and is 15 floors high. This is 225 units per building, and with 2 buildings brings it to 450 units. Now if each unit actually wants 10 Mbps so they can download HD video in a reasonable amount of time, this means that one area needs 2.25 Gbps of bandwidth.
Sure, this is reasonable for a local area network, but this isn't a LAN. Maybe all of the users are hitting the same server, but requesting different files. Since they are different files we can't cache locally, and we need every link (and router and switch), capable of handling that 2.25 Gbps. This is in addition to any other traffic that might be travelling those links or routers. Multiply this by all of the apartment buildings/condos/homes in a small city and you can see the problem.
High-performance networks that can handle all of these things are an active research area because we don't have any good solutions. You can't just magically add another switch to upgrade your service. This is a local solution and doesn't address the entire network, or even the network core. More bandwidth in fiber doesn't solve the problem, it just moves it to the switching/router space. We have a lot of different techniques to help switching, such as optical burst switching, but they are still difficult. For example, in OBS how long do you wait to aggregate the different packets? Too short a time and it isn't efficient enough, too long and the inter-packet delay is too high for real-time audio or video. If you set different time limits based on application type you add the overhead of examining the packets to determine what it is.
So before you accuse the ISPs of being lazy, why don't you come up with a solution that scales globally and doesn't cost a trillion dollars and take 50 years to deploy.
Create a backup of all your data. (In case installs or removals go badly.)
Turn on automatic updates if you haven't already. Install all updates.
Install Zone Alarm.
Install AVG Free and run a complete scan of your system.
Install Spybot and run a complete scan of your system. Also, look under Tools --> System Startup in the menu to see if there is anything "odd" being run at startup. (Requires advanced view mode.)
Install AdAware Personal. Perform a complete scan of your system.
You may be right about only having 1 spyware infection in 10 years, but the odds are against you. Better to check and know you are clean than assume you are.
Try finding a specific disk in a pile of 25,000 floppies. At least with compact flash you can let the computer search for the file(s) you need.
I believe it would have been part of a study conducted by Michael Fagan. He studied/conducted over 11,000 code inspections at IBM to find the most effective way to inspect/find bugs in code.
He found that the optimal number of people to have in the inspection process is 4. More people made the effectiveness go down. Each person also has a particular role, and the amount of time to prepare and perform the inspection were set. It took 2.5 hours to prepare and 2 hours to inspect 250 LOC. So 4.5 hours/person, or 18 staff hours, for 250 LOC. It also had to be specific people who took part - one was the author of the code, one was the designer, and one was the "consumer" (the one who was going to use your code). Everything also had to be tracable to some artifact/requirement, so everyone could examine it and decide if you had met the requirement/design.
Now, before anyone declares that it can be done in less time, or with fewer people, or that someone as good as you doesn't have to follow it, let me point something out...
There is solid data behind those numbers, (11,000 data points) and the inspections weren't done with a bunch of people who heard there was money to be made programming at some dot-com startup - they were software engineers at IBM. There is also information available from Motorola that after a group changed to the Fagan process they reduced development time by 50% and got 2x the features in and finished tested months early because most of the test cases were passed the first time. I forget how much money they saved, but it was enough to make Motorola declare it as their official methodology. (Then everyone thought they could "streamline" the process and went to what they thought would be faster, easier and better. IMHO - it wasn't.)
Finally, this process does not fit every coding situation. It would be good if it did, but if you have a customer who changes requirements every week it is impossible to reinspect everything. Of course, this is where I see the difference between programming and software engineering, but I won't ramble on about that today.
Their ship is pretty big, One- fourth the size of the moon, although an object that size in near-Earth orbitmight be expected to cause tidal waves, there are none!
Why do we need some sort of anti-gravity technology? The mass of the ship is much smaller than the moon. First, if it is 1/4 the diameter of the moon, (I assume diameter since they were viewing it as a radar image), this would make it 1/64 the volume of the moon, giving a 1/64 reduction in mass if they had the same density. Second, the ship is far less dense than the moon. Remember all of that empty space when they fly into the ship? With hallways, rooms, fly-ways and everything else, about 90% of the ship would be empty, or at least low density atmosphere for them to breath. This makes it about 1/640 of the mass of the moon. Of course, the ship materials may be more dense than the average moon rock, so we say they are 50% more dense, giving us the ship as 1/427 of the moon's mass.
This mass would require the ship to be be sqrt(427) or ~21 times closer to the Earth to have the same gravitational effect on Earth as the moon does (Gravity increases by the square of the distance). Using an average distance of 240,000 miles, this gives us a distance of 11,500 miles. I'm not sure how far they were from the Earth in the movie, but this is much closer than geosynchronous satellites.
So massive tidal waves are not a guaranteed by-product of the alien ship. The big point is that the density of a ship is not the same as a rock. While someone could construct it that way, this would leave little room for the activities you would want to perform on said ship, or would require construction out of truly dense materials. Gold spaceship anyone?
Finally, I agree that Sneakers rocked and Cryptonimicon would make a horrible movie; might be an OK mini-series though.
Most people train to exhale before aiming and not take another breath until the shot is taken (minimizes movement).
Then those people are training wrong.
I agree. I was a U.S. Marine Designated Marksman, (more urban/hostage rescue oriented than Marine Scout/Sniper), and holding your breath is bad for several reasons. First, you aren't guaranteed to be holding the same amount of air in your lungs each time, which makes acheiving the proper body position difficult. (Too long to explain here...) Second, if you are holding your breath you aren't as relaxed, and muscle tension will throw off your shot. Finally, the longer you hold your breath, the more, and harder, your heart beats. (Darn thing wants to get more oxygen to your cells.) At long ranges your pulse will throw off your shot pretty badly. (I have seen my crosshairs jump entirely off a 3' target at 500 yards due to my pulse.)
The Marines do not use the "exhale as you fire" rule since it requires exact timing to fire at the perfect spot in your breath. Instead, they teach to fire at the "natural respiratory pause" that occurs between each breath. Between each breath there is a second or two before you begin to inhale. (Check it out if you don't believe me...) If you breathe naturally, it is the same each time, so you don't have another aspect of shooting to control. It also gives you more time to apply pressure to the trigger, so you can avoid jerking the trigger and missing low.
If everything is done properly - body position, muscle relaxation, breathing, etc., you can actually pull the trigger with your eyes closed and hit your target.
In regards to the GP, the Marine Corps does a pretty good job of teaching how to shoot the M-16 in boot camp. If you can't hit a target at 500 yards, you aren't going to qualify with with the M-16 and you don't get to graduate from boot camp until you do. They spend 2 entire weeks on marksmanship - the first learning how to get into proper shooting positions, how to aim and spending time snapping-in (dry-firing at targets). The entire second week is spent on the range practicing, and on Friday you shoot the qualification course. Does that mean that every Marine is a dangerous sniper? No, but they are all proficient with it out to 500 yards, and can monitor the environment to determine the required windage. You also receive classes on range estimation, and practice engaging targets at unknown distances to get a feel for it. Finally, the front sight post is a good way to estimate range. Get a feel for how it looks compared to man-sized and shaped targets at known distances. Then extrapolate as needed. It isn't as good as a nice scope with mil-dots, but if you are close enough, you might miss them 2-3" high, (upper chest or neck), or low, (lower chest, solar plexus) but without a good medical team nearby, they are still dead.
I am a Ph.D. student in computer engineering at Iowa State, and our program may be of interest to you. We have several faculty members doing forensics research in areas such as detecting illegal pornography and attack attribution. The department also has a computer forensics lab, and offers a specific course in Computer Forensics that includes projects where drive images are examined using EnCase and FTK in order to locate and recover evidence.
Probably the best advice I can give on selecting any program is checking out the courses that are offered and what the faculty in that department are working on. It may take some time and effort, but can really pay off. An additional benefit with our program at Iowa State is that most of our computer security courses are offered through distance education. So if you are undecided, you can take a course or two and decide if it is something you want to pursue.
On the other hand, during a conflict, a carrier is a pretty juicy target, and one thing humans *are* good at in combat [apart from dying :( ] is being adaptible. It'd be a real shame if the plug fell out of the automated aircraft-landing computer because of a nearby explosion ...
I know that Lockheed-Martin engineers their naval systems to take more shock/damage than a human could take and be functional. I saw a video where the equipment was placed on a barge and explosives were detonated underwater only a few feet away. The barge was lifted up several feet, and the plume of water from the blast was over 50 feet high. That close, a human would be temporarily deaf and have a lot of inner-ear problems. The system continued working.
Also, while humans are incredibly adaptable, they can't always replace the equipment. For example, there is no way a person could replace the automated aircraft-landing computer from your example. While a person may be able to work "beyond their limits", there is no way for them to manually commmunicate to a remote plane attempting to land - they need equipment to do it.
Smaller crews are vastly less efficent at damage control and have much smaller margins for casualties before the ship ceases to be combat effective.
Very true. However, considering modern weaponry, weapons that would inflict the amount of damage that would require those extra damage control specialists, would probably render it combat ineffective, and in bad need of a shipyard. My guess is it won't be a torpedo hitting the most heavily armored part of the hull, it will be a missile slamming into the superstructure. Also, in the event that there is major, repairable damage, since it is an aircraft carrier, there should be plenty of escorts nearby that can offer assistance.
Imagine if you have a gastro outbreak onboard and 400 of your crew are down.
You are missing the point that at this scale you don't talk about absolute numbers, but percentages of the total crew. So if an epidemic would sideline 400 of the original 2000 crew (20%), then it would likely only affect 160 of the reduced crew of 800. So you only have to cover 160 watches instead of 400. Why is this? Some percentage won't eat the "bad" meal, some percentage will have a different food, and some percentage will be immune/not affected. You can't assume that it will affect the same overall number if your population size is different.
Plus most of these studies tend to ignore hte fact that less crew means more and longer watches for the duty stations that remain.
I haven't read these studies, (do you have any links), but it seems they would continue with the same watch schedule, and just reduce the number of stations required. The drop in efficiency that is a result of having too much time on duty is well studied, and I doubt that would be ignored. Now, what might be a factor is that it is "easier" to sit in a single location and monitor several things remotely, than to walk rounds and check on each one. This would reduce physical fatigue so longer watches could be maintained.
If VOIP was implemented, then they would consume more bandwidth, and would be charged comparably more.
True, but the cost-per-gigabyte was anything near the cost-per-voice-channel in a regular phone line, their costs would be too high to operate. Consider a voice channel only requires 8 Kbps, which means a 1.5 Mbps broadband connection could handle almost 200 voice channels. At $20 for a regularly price voice line, this would be $4000, far less than what is charged now.
Then how did we get by so far? Are the telcos and cable providers all going bankrupt?
No, they are not going bankrupt, but they also aren't swimming in untold billions of dollars. Look at (the new) AT&T financials. They had sales of US$44 billion, and a profit of US$4.5 billion. Not bad, but not great. What helps keep them afloat? Various tax breaks, government subsidies and things of that nature. See the taxes paid in AT&T's Q4 (-US$500 million).
Or maybe the real truth is that building the infrastructure incurs a tonne of upfront cost, but once that outlay is complete, the maintenance costs are significantly lower, and are easily recouped by providing customers (business and residential) with bandwidth, in addition to valuable services.
Unfortunately, just like most homeowners, they don't $X billion in cash to pay for everything up-front. (Again, SBC pays US$ 400 million a quarter in interest.) They have to borrow the money from somewhere to build the infrastructure and then pay the money back. Then they have to do more than just pay back the money they borrowed because, by the time they get it paid back, the infrastructure will begin to need repairs and upgrades, and they need to have money available for that. Charge too much, and you lose customers. Charge too little and you will get bought out. It is just like with chip fabricating; the chip costs $100 to make, but the R&D was a couple of billion, so they get sold at significantly more than $100.
There is a flaw in your position. Consider this statement:
Because I'd have sworn I paid for a telephone connection. If Google can provide me a telephone connection, why exactly should they be paying the ISP I already paid? Because you need a phone line at each end.
The reason it breaks down is there is overhead at -both- ends. You need to be able to contact Google, and Google needs to be able to receive your transmission and respond. There isn't just your equipment and account, there is Google's so they can be ready to receive requests and return the requested information.
I think the tiered or quality-of-service Internet is coming. Why? If you get broadband over your cable or phone line, the cost of the phone line or cable service is subsidizing the broadband. The broadband by itself doesn't require new lines to be placed. They piggyback on the existing infrastructure. Now, when you have VoIP, people still want the cheaper cost of broadband, but without the additional cost of their regular phone. Guess what - you are losing your subsidy on your broadband; the one that came from your regular phone line. You used to pay it, and now you don't want to. The money has to come from somewhere. That means higher prices.
So what does this have to do with Google? VoIP. If Google provides a free VoIP service, it means that a single broadband connection can support hundreds of regular voice channels. If 100 people stop using the regular phone service, the telecomm has to get that money back from somewhere, (and all the subsidies that help cover the broadband), so suddenly broadband needs to go up, by a lot, for the average consumer. Alternatively, they can make Google pay it all and keep their own customers happy.
I'm not saying this is great, and that the business model doesn't need to change, but if everyone switched to VoIP and dropped their normal phone lines, all the telecomms would go bankrupt, and all of their infrastructure would fail, and the Internet would fragment. It will take time for new models and pricing plans to be developed and implemented. In the immediate future, prices may change, there might be different levels and types of service, but the Internet will continue routing.
On a final note, this idea that we all deserve a lot of inexpensive bandwidth is unreasonable. There is a lot of infrastructure that is required and most of it we don't think about. How much does it cost to keep a service team in the middle of Wyoming in case a cross-country fiber line gets cut? Can stuff be rerouted? Yes, but it can also cause cascading failures as the nearby systems get overloaded. How much does it cost to dig a tunnel under an Interstate, or a river, (or an ocean for that matter), so service can be provided? How much does it cost to repair fiber that got cut by a boat's anchor? Sure, 90% is relatively easy and inexpensive, but that other 10% is incredibly expensive, difficult and time consuming - and just as important.
When I open a file in Kate, I want to be able to open a file remotely or locally. Should be no difference.
Yes and no.
Yes:
A file is just a collection of bytes that needs to be sent/received to/from an application to a storage location. File operations are file operations whether it is on a local file or a remote file.
No:
There is a big difference between the two when you examine the bigger picture. First, a remote file gets transmitted over the network and, depending on the method used, may be in the clear. Opening a confidential read-only file on the machine it is stored on may not be a big deal, but transmitting it across the network is. If you have a file at home that you want to FTP while you are at work, you may not want it to be visible to anyone sniffing the network.
Also, there are some details that might cause problems. If you edit a file with Emacs and save it, you create a file with a '~' at the end of the filename. If it is a remote file, where do you create that? Locally, or remotely? If locally, how do you guarantee enforcment of the permissions on the file? The local admin may be a different person. If remotely, what if you don't have permission to write to that directory? This problem might cause applications to crash.
Sure, used properly it is a very convenient way of viewing/accessing files. Unfortunately, everyone makes mistakes. Did you select the wrong tab and accidentaly send something in the clear, or to the wrong location? What if you can't undo your mistake? (Permission to create a file, but not delete it.) This is one of the dangers of integration - if it is handled the same, and looks the same, how do you avoid mistakes?
Personally, I like idea of handling files that way. However, I know I make mistakes, especially when I'm rushed, so I use different applications to do different things and access different locations. I may lose track of different tabs or windows, but I have yet to mix up what application I am using.
There are a lot of fields in the security area, some deal with networks, but many do not. You need to spend some time researching what "specialties" there are in the broader field.
.xls to a .jpg) or hidden in slack space on a drive. Sometimes this can be fairly straightforward, and sometimes it isn't.
For example, computer forensics is a specialty within the security field, and it can mean a lot of things. It could mean examining network logs to trace the source of a DDoS attack, or to determine the full scope of an attack. Ex. We know we were hacked, but did they get access to accounting or our development systems? Determining what was compromised is important and may require days of detailed analysis and little to no programming. Forensics may also mean using tools such as EnCase or Forensic ToolKit (FTK) to examine a captured hard drive for evidence. You may be looking for illegal pornography, stolen data or hidden records. Some of them may be deleted, obfuscated (such as changing a
A lot of areas in the security field require entirely different skillsets, so having an idea of what you want to do is vital. Using the forensics example, if you want to examine network logs, you need to have a very strong understanding of networking and protocols. If you want to examine hard drives for evidence, you need a strong understanding of file formats and how OSes and hard drives handle data. In general you need a good understanding of the law, especially evidence collection. This knowledge might be helpful if you want to conduct Sarbanes-Oxley (SOX) audits, but not nearly as much as a solid understanding of business principles, and the ability to understand how the internal information is handled and stored. All of these may be handled by the same forensics team, (or one very overworked individual), requiring a lot of knowledge and skills.
With that in mind, I would recommend taking some classes in the security field. The college I'm at (Iowa State University) has a great program in Information Assurance, and has some great core classes for learning about the field. They are available through our Engineering Distance Education group, and the profs take into account that there are off-campus/non-traditional students taking the courses.
Otherwise, my advice is to talk to people in the field and ask them what they do, what their time is spent on and what skills they need to do their job. Take some time to find out what is available before trying to gather the knowledge or the skills - they might not be that helpful in what you ultimately decide to do.
Very few people actually use windows- you ask them what kind of computer they have, and you'll hear "Dell" or "Packard Bell" or "Gateway" - maybe even an "IBM". These people have no idea what they're using or if anything might do what they want better.
Actually, if you asked me what kind of computer I have, I would reply "Dell". If you asked me what OS I use, I would reply that I dual-boot Windows XP and Fedora Core 4. So make sure you are asking the correct question. Just because you would answer your question with an OS, don't assume that everyone else considers their computer as a Windows or Linux box.
Also, don't assume that "the people" have no idea about their own computer or software. Many do, and the others aren't stupid, they aren't knowledgable, which is an entirely different thing. How many stores can you go to and see Mac or Linux computers being demoed? Very few. So why do you seem to blame them for not knowing their options? Maybe their neighborhood electronics store doesn't carry any, (or very few), Mac applications. The Mac versions may be better, but if you don't like buying online, or don't like waiting for it to be sent, this isn't an incentive to look at alternative OSes.
Finally, remember that most workplaces use Windows so a lot of people are familiar with the OS. Why should they learn how to use a new OS and new applications when what they have works for them? So maybe they have heard of Mac and Linux, but don't care - they are satisfied with their current applications and OS and have no real motivation to change. Not everyone has the background and knowledge so installing and configuring a new OS is something to do in an afternoon.
Some machine guns that are single-barrel, but have spares are the M-60, the M-240 and the SAW (squad automatic weapon). The barrel can be changed in 5 seconds or so, and allows for one to cool down while the other is in operation. I can easily fire 200 rounds through a barrel before I would want to change it. (I could do more, but then it may get too hot for a person to touch even with a protective glove.) The overheating issue is why there is a value called "sustained rate" for automatic weapons. This is how many rounds per minute you can fire it "forever".
Some sustained rates...
SAW: 85 rounds per minute
M240: 100 rounds per minute
M60: 100 rounds per minute
M-16: 15 rounds per minute (the M-16 has no replacement barrel, and isn't as heavy as the other barrels, so it can't be used as much.)
As a final bit of trivia from the US Army Study Guide, I found that the M-60 barrel should be changed every minute when used at the cyclic (max) rate of fire of 550 rounds per minute. I would guess you could get 2 minutes at this rate before overheating became a serious issue. So in an emergency, you could have 1100 rounds in 2 minutes, with each round going through 1-4 people depending on how it hit.
Moral of the story: Machine guns massacre people who are standing in lines (or cavalry) - read up on World War I to see how bloody the transition to modern warfare was.