You should always patch. But remember (always) that patching protects you only from known, documented vulnerabilities. It does not protect you from undocumented vulnerabilities -- those which haven't been patched. There maybe between zero and a lot of these for any component of the architecture.
Beyond just trying to make each component secure, consider individually the consequences of each being compromised. You don't get much provably secure stuff out there on store shelves, so assume everything may be vulnerable. Plan accordingly, so any one failure doesn't blow you wide open. And backup off-line. As other people have joked on this thread, the only secure network is switched off. Well having a snapshot of yesterday's data on off-line tape (or whatever) is just that: yesterday's network switched off.
This is documented a little differently in Blind Man's Bluff a book all about US submarine programs in the cold war. The situation is basically the same, but the applicant sweeps everything off the Admiral's desk onto the floor (IIRC). There isn't a specific mention of smashing a glass model of the U.S.S. Nautilus.
Incidentally, that book is an excellent read.
(Of course if I'm not remembering it right, strike me down for being arrogant.)
Don't you remember the Segway? How before it was even available, and before most people had even seen one it was being pronounced legal to ride on the sidewalks of major cities all over the US? How snappy lobbying suddenly made something OK without any real discussion?
"The company's base edition of Linux Server 4.0 software is licensed to accommodate up to 4 Itanium 2 processors."
OK, so it's good for a to 4-way system before you have to pay more money. But later...
"It supports 4GB of RAM..."
If you're paying out for a 4-way Itanium 2, wouldn't you (typically) want to handle more than 4GB RAM? I imagine there are applications that benefit from a 64-bit CPU but don't use much RAM, but I thought the core market was people using large amounts of data?
Or does it support more RAM and this article's just not great?
You download updates to the server, the client downloads updates to the application automatically whenever it starts up. Client updating is painless.
The Linux server (I guess the others, but haven't tried them) is written in Java. For me not 100% stable -- seems to fall over after a while, and sometimes hangs.
The client software hangs more often than it should. Not that often, but a lot more often than you're used to seeing your PS2 hang.
Haven't tried a lot of video. Played around with some DivX exports from Premiere that were fine, but I'll let someone else give useful detail.
Overall the reviewer has it about right. It supports the PS2 DVD remote, and is a lot easier and cheaper than setting up a PC to do the same thing. But it suffers from some useability issues. Not being able to edit a playlist while playing is a little annoying, but the start up is a much bigger problem. I find that several minutes to first song is a big drawback, and means that it gets used a lot less frequently than it might. That includes loading the disc to boot QCast and choosing a playlist.
Ability to explain to his techies why something might not be appropriate without demotivating them.
As a technical manager you often get presented with nifty "next best move" ideas by your staff. Some are great and should be executed, others would be good locally, but would cause a problem elsewhere. Your job, unglamourous as it is, is to keep up the overall batting average, whilst avoiding any egregious failings. That doesn't mean every suggestion from below should be acted upon.
Your job as a manager is to get the best out of your technical team in the service of the business. That means fending off stupid, ill-considered IT suggestions from non-IT people, but equally means not wasting time on whizz-bang technical notions that don't (and won't) help the business.
I realise this isn't your point, but it wasn't Starbucks putting wireless in. It was Mobilestar that fitted out Starbucks. Mobilestar then went bust fairly promptly, and was at fire sale prices to Voicestream (part of Deutsche Telekom) and relaunched under the T-mobile brand.
I tried it out on free trial a few months back. Works nicely, but the cost plans don't make sense for the casual user. Too expensive.
No idea what the T-Mobile:Starbucks revenue split is.
No, it's not like them giving you a discount in exchange for waving your rights. It has that appearance, but you'll end up paying more to have your rights. The cost for no rights won't be a discount on today's prices; the current price will just become "no rights". The new bracket, with rights, will be the more expensive option.
You make a dangerous mistake in thinking that isn't what would happen.
I'm not sure if you're suggesting this as such, and this isn't meant to be personal, but:
This is a terrible idea
It's giving up your rights in exchange for the opportunity to buy them back.
Let's say your neighborhood is safe. One day a mobster shows up and tells you it's become unsafe now, but it can be made safe again for a regular fee (which, hey, is very reasonable). It's the same deal: we'll take something away from you, and you have to buy it back.
I've been suprised out how recently Oracle "Unbreakable" ads have been running (here in the US). I'm not in the UK at the moment, but given that Oracle products got thumped anew pretty quickly after Oracle decided to brag about being "unbreakable" I'm surprised nobody has asked the ASA to jump on it.
What does that mean? Anyone resident in the US is subject to the same taxes as anyone else paid at the same rate. In fact, temporary immigrant worksers are worse off. H1-B workers also pay SS and Medicare taxes, but are not entitled to any SS or Medicare benefits.
If they're cheaper abroad, then they're cheaper. As has been pointed out here before, that's capitalism. That's what "enchancing shareholder value" is about.
People get too excited about port scanning. They also get exciting about network mapping that looks like port scanning (try tracerouting a lot of hosts).
Your ports will get scanned. Get over it. If it upsets you, look for ways to dump the traffic. Yes, it is an oft-used reconnaisance technique for profiling systems prior to attack. But if a portscan allows an attacker to mount a successful attack on the basis of finding open ports or a vulnerable OS, then your security is inadequate. It's your problem.
No, I don't think portscanning is "nice", but really, folks, it isn't going to go away, and you should be thinking more realistically about the defensive measures necessary to protect your systems.
Yes, really. It's not cracking anything, though. I find it amusing that the Slashdot crowd assumes that "hacking" means "cracking" even given the popular sport of deriding the mainstream press for confusing the two.
...new fangled and silly. I was 18 when I started using Mosaic at University, and thus it was hip and happening. But now it's all bells and whistles, and everyone went and got themselves in a big damned hurry. And youngsters these days, well...
Ever notice the difference in working with software that nearly works, and software that does work? It's a lot easier if you buy something that end-to-end works out of the box. Not remembering a lot of custom compile options, specific setup preferences. Pissing about in meetings deciding whether to use/usr/local/etc/ssh or/etc/ssh for SSH configs? And then making all those little tweaks work together. All that stuff costs staff time, which is really, really expensive, requires more knowledge management in house, and means you may or may not be in the mainstream -- and the closer you are to the mainstream, the easier it is to find cheap support.
And it's a familiar Linux environment for your admins.
(Of course, this all assumes that the new Red Hat stuff actually satisfies all that.)
OK, my previous comment was a bit asshole-ish. What I meant was, Tippett did the all the creature effects on Starship Troopers (Sony did the spacecraft). I'm told it was considered just too much extra expense to put all the soldiers in suits. Would have meant thousands more (complicated) rendered objects per scene. Anywhere you see a soldier wearing a helmet, they'd be wearing a full rendered suit. That's a lot more design, animation, and rendering time.
The armor went because it would have been too expensive to equip to render it. Starship Troopers was rendered on Indigo 2s, Challenge XLs etc. Would have taken a long time to have every soldier wearing a complicated rendered suit.
Hmm. Not sure where that 400MB came from, then. Except that it seemed like a reasonable number when I was discussing it with the folk who actually work with the plates. I'll check, since I distinctly remember the number being in high 300s and us deciding 400MB/s was a good round value to aim for on the I/O. See, this all came about when we were thinking through whether we could build a system with the necessary I/O ourselves, then write some software for it.
As for 720p, well perhaps I'm stretching "similar" rather -- again, I wasn't sure exactly what the res was. Of course it serves me right for not walking twenty feet to ask someone and check.
We're not doing a lot of fades at 720p, either. Our work on TV commercials tends to have a target res of TV -- i.e. NTSC. Of course, if you ever need to do it realtime at HD, you need something that can do two streams.
It's a lot of data, and it's a fast network. But it's manageable as local I/O.
In special effects work each frame is handled as an uncompressed TIFF at high res (I can't remember the exact bit depth and res). Previewing sequences means streaming these TIFF images. Adds up to about 400MB/s sustained (that's byte, not bit). HD video at 720p has similar requirements -- don't forget, you musn't drop any frames, and it has to arrive on time.
I work in such an effects shop, and we've had several demos of HD-capable digital disk recorders over the last few months. Two out of three were based on Linux, and worked well (the other was custom). Twin Ultra 320 channels with software RAID across the two channels, XFS as a filesystem. They each did the job with a 2U enclosure full of largely stock components (except the video I/O board) -- and that's 3.2GBit/s I/O to the drive array.
No, I know it's not important. So I'll add an "s" to the end of your name, sometimes. It won't bother you because, after all, it's not important that it's actually correct, just that I know who you are.
OK, so I can see how a university might come to use SSNs as an identifier. They're unique and everyone already has one. Easy.
But why are SSNs so sensitive? It's like a credit card number -- it's printed some places, gets bandied about in others. Not exactly confidential, and no intuitive or documented boundaries on who should be trusted to with it. So it's a scary number that can be used for bad things, but you'll have to give it out in many circumstances where you aren't fully aware of how it'll be used. Makes it tricky to know who has it, or to make an informed decision about where you use it.
Again, it's easy to see how the practice of using it as a credential has continued (and got worse), but when did it start?
Interesting. Much more interesting that just saying "he's an asshole", too. But it doesn't sound like he took a stupid risk. It sounds like he should have been taking a stupid risk, but it was surprisingly risk-free.
Also, there's nothing here to clear up that visible perimeter security would seem to be there to provide a false sense of security. If a major entrance is high fences and says "go away", it doesn't mean much if 0.5km away you can step over a piece of barbed wire; why the big fence?
You include most of a sensible response to the story in your post. But the actual story isn't what the journalist was up to, it's the response from LANL. It should be trivial for them to debunk this if everything you point out is valid, and to do so without being overly detailed about their security apparatus. But just saying, "No, we're secure, go away," is too arrogant. A better response would be, "Look, this isn't how it seems, and here's why..."
And the journalist may be grandstanding -- journalists always hope to be onto something big. But it doesn't matter about the journalist. It matters if there's a story (which is the question).
Slashdot Mirror
Beyond just trying to make each component secure, consider individually the consequences of each being compromised. You don't get much provably secure stuff out there on store shelves, so assume everything may be vulnerable. Plan accordingly, so any one failure doesn't blow you wide open. And backup off-line. As other people have joked on this thread, the only secure network is switched off. Well having a snapshot of yesterday's data on off-line tape (or whatever) is just that: yesterday's network switched off.
This is documented a little differently in Blind Man's Bluff a book all about US submarine programs in the cold war. The situation is basically the same, but the applicant sweeps everything off the Admiral's desk onto the floor (IIRC). There isn't a specific mention of smashing a glass model of the U.S.S. Nautilus.
Incidentally, that book is an excellent read.
(Of course if I'm not remembering it right, strike me down for being arrogant.)
You're quite right (anyway) that my point was about the process gone awry.
Don't you remember the Segway? How before it was even available, and before most people had even seen one it was being pronounced legal to ride on the sidewalks of major cities all over the US? How snappy lobbying suddenly made something OK without any real discussion?
"The company's base edition of Linux Server 4.0 software is licensed to accommodate up to 4 Itanium 2 processors."
OK, so it's good for a to 4-way system before you have to pay more money. But later...
"It supports 4GB of RAM..."
If you're paying out for a 4-way Itanium 2, wouldn't you (typically) want to handle more than 4GB RAM? I imagine there are applications that benefit from a 64-bit CPU but don't use much RAM, but I thought the core market was people using large amounts of data?
Or does it support more RAM and this article's just not great?
The Linux server (I guess the others, but haven't tried them) is written in Java. For me not 100% stable -- seems to fall over after a while, and sometimes hangs.
The client software hangs more often than it should. Not that often, but a lot more often than you're used to seeing your PS2 hang.
The spec details you're after are here.
Haven't tried a lot of video. Played around with some DivX exports from Premiere that were fine, but I'll let someone else give useful detail. Overall the reviewer has it about right. It supports the PS2 DVD remote, and is a lot easier and cheaper than setting up a PC to do the same thing. But it suffers from some useability issues. Not being able to edit a playlist while playing is a little annoying, but the start up is a much bigger problem. I find that several minutes to first song is a big drawback, and means that it gets used a lot less frequently than it might. That includes loading the disc to boot QCast and choosing a playlist.
As a technical manager you often get presented with nifty "next best move" ideas by your staff. Some are great and should be executed, others would be good locally, but would cause a problem elsewhere. Your job, unglamourous as it is, is to keep up the overall batting average, whilst avoiding any egregious failings. That doesn't mean every suggestion from below should be acted upon.
Your job as a manager is to get the best out of your technical team in the service of the business. That means fending off stupid, ill-considered IT suggestions from non-IT people, but equally means not wasting time on whizz-bang technical notions that don't (and won't) help the business.
It's paranoid to point it out, but you'd be very, very silly to use an untrusted source of random numbers in any cryptographic application.
'Course this might be dead handy for other things.
I realise this isn't your point, but it wasn't Starbucks putting wireless in. It was Mobilestar that fitted out Starbucks. Mobilestar then went bust fairly promptly, and was at fire sale prices to Voicestream (part of Deutsche Telekom) and relaunched under the T-mobile brand.
I tried it out on free trial a few months back. Works nicely, but the cost plans don't make sense for the casual user. Too expensive.
No idea what the T-Mobile:Starbucks revenue split is.
Check out this timeline.
No, it's not like them giving you a discount in exchange for waving your rights. It has that appearance, but you'll end up paying more to have your rights. The cost for no rights won't be a discount on today's prices; the current price will just become "no rights". The new bracket, with rights, will be the more expensive option.
You make a dangerous mistake in thinking that isn't what would happen.
I'm not sure if you're suggesting this as such, and this isn't meant to be personal, but:
This is a terrible idea
It's giving up your rights in exchange for the opportunity to buy them back.
Let's say your neighborhood is safe. One day a mobster shows up and tells you it's become unsafe now, but it can be made safe again for a regular fee (which, hey, is very reasonable). It's the same deal: we'll take something away from you, and you have to buy it back.
I've been suprised out how recently Oracle "Unbreakable" ads have been running (here in the US). I'm not in the UK at the moment, but given that Oracle products got thumped anew pretty quickly after Oracle decided to brag about being "unbreakable" I'm surprised nobody has asked the ASA to jump on it.
After all, it's not exactly an infrequent problem.
"nontaxed foreign visitors"
What does that mean? Anyone resident in the US is subject to the same taxes as anyone else paid at the same rate. In fact, temporary immigrant worksers are worse off. H1-B workers also pay SS and Medicare taxes, but are not entitled to any SS or Medicare benefits.
If they're cheaper abroad, then they're cheaper. As has been pointed out here before, that's capitalism. That's what "enchancing shareholder value" is about.
People get too excited about port scanning. They also get exciting about network mapping that looks like port scanning (try tracerouting a lot of hosts).
Your ports will get scanned. Get over it. If it upsets you, look for ways to dump the traffic. Yes, it is an oft-used reconnaisance technique for profiling systems prior to attack. But if a portscan allows an attacker to mount a successful attack on the basis of finding open ports or a vulnerable OS, then your security is inadequate. It's your problem.
No, I don't think portscanning is "nice", but really, folks, it isn't going to go away, and you should be thinking more realistically about the defensive measures necessary to protect your systems.
It's "hacking" satellite receivers.
Yes, really. It's not cracking anything, though. I find it amusing that the Slashdot crowd assumes that "hacking" means "cracking" even given the popular sport of deriding the mainstream press for confusing the two.
...new fangled and silly. I was 18 when I started using Mosaic at University, and thus it was hip and happening. But now it's all bells and whistles, and everyone went and got themselves in a big damned hurry. And youngsters these days, well...
The last 5%. Hell, perhaps even the last 1%.
/usr/local/etc/ssh or /etc/ssh for SSH configs? And then making all those little tweaks work together. All that stuff costs staff time, which is really, really expensive, requires more knowledge management in house, and means you may or may not be in the mainstream -- and the closer you are to the mainstream, the easier it is to find cheap support.
Ever notice the difference in working with software that nearly works, and software that does work? It's a lot easier if you buy something that end-to-end works out of the box. Not remembering a lot of custom compile options, specific setup preferences. Pissing about in meetings deciding whether to use
And it's a familiar Linux environment for your admins.
(Of course, this all assumes that the new Red Hat stuff actually satisfies all that.)
OK, my previous comment was a bit asshole-ish. What I meant was, Tippett did the all the creature effects on Starship Troopers (Sony did the spacecraft). I'm told it was considered just too much extra expense to put all the soldiers in suits. Would have meant thousands more (complicated) rendered objects per scene. Anywhere you see a soldier wearing a helmet, they'd be wearing a full rendered suit. That's a lot more design, animation, and rendering time.
Ahem.
I work for Tippett Studio. Where do you work?
Cheers.
The armor went because it would have been too expensive to equip to render it. Starship Troopers was rendered on Indigo 2s, Challenge XLs etc. Would have taken a long time to have every soldier wearing a complicated rendered suit.
Hmm. Not sure where that 400MB came from, then. Except that it seemed like a reasonable number when I was discussing it with the folk who actually work with the plates. I'll check, since I distinctly remember the number being in high 300s and us deciding 400MB/s was a good round value to aim for on the I/O. See, this all came about when we were thinking through whether we could build a system with the necessary I/O ourselves, then write some software for it.
As for 720p, well perhaps I'm stretching "similar" rather -- again, I wasn't sure exactly what the res was. Of course it serves me right for not walking twenty feet to ask someone and check.
We're not doing a lot of fades at 720p, either. Our work on TV commercials tends to have a target res of TV -- i.e. NTSC. Of course, if you ever need to do it realtime at HD, you need something that can do two streams.
It's a lot of data, and it's a fast network. But it's manageable as local I/O.
In special effects work each frame is handled as an uncompressed TIFF at high res (I can't remember the exact bit depth and res). Previewing sequences means streaming these TIFF images. Adds up to about 400MB/s sustained (that's byte, not bit). HD video at 720p has similar requirements -- don't forget, you musn't drop any frames, and it has to arrive on time.
I work in such an effects shop, and we've had several demos of HD-capable digital disk recorders over the last few months. Two out of three were based on Linux, and worked well (the other was custom). Twin Ultra 320 channels with software RAID across the two channels, XFS as a filesystem. They each did the job with a 2U enclosure full of largely stock components (except the video I/O board) -- and that's 3.2GBit/s I/O to the drive array.
...it's "Hawking".
No, I know it's not important. So I'll add an "s" to the end of your name, sometimes. It won't bother you because, after all, it's not important that it's actually correct, just that I know who you are.
OK, so I can see how a university might come to use SSNs as an identifier. They're unique and everyone already has one. Easy.
But why are SSNs so sensitive? It's like a credit card number -- it's printed some places, gets bandied about in others. Not exactly confidential, and no intuitive or documented boundaries on who should be trusted to with it. So it's a scary number that can be used for bad things, but you'll have to give it out in many circumstances where you aren't fully aware of how it'll be used. Makes it tricky to know who has it, or to make an informed decision about where you use it.
Again, it's easy to see how the practice of using it as a credential has continued (and got worse), but when did it start?
Interesting. Much more interesting that just saying "he's an asshole", too. But it doesn't sound like he took a stupid risk. It sounds like he should have been taking a stupid risk, but it was surprisingly risk-free.
Also, there's nothing here to clear up that visible perimeter security would seem to be there to provide a false sense of security. If a major entrance is high fences and says "go away", it doesn't mean much if 0.5km away you can step over a piece of barbed wire; why the big fence?
You include most of a sensible response to the story in your post. But the actual story isn't what the journalist was up to, it's the response from LANL. It should be trivial for them to debunk this if everything you point out is valid, and to do so without being overly detailed about their security apparatus. But just saying, "No, we're secure, go away," is too arrogant. A better response would be, "Look, this isn't how it seems, and here's why..."
And the journalist may be grandstanding -- journalists always hope to be onto something big. But it doesn't matter about the journalist. It matters if there's a story (which is the question).