>> the long-awaited movie based on World of Warcraft
I laughed when I read that too. I don't think anyone, ever, has said, "the stories from Warcraft are so good that I'd pay to see them on the big screen while I passively sit around and watch them." Warcraft plots are just thin rationalizations for having two similar groups engage in tactical combat with one another, or set-ups for jokes. Even the cut-scenes are known to run long.
Blizzard, please stick to what you know, and hurry up with the StarCraft II WarChest set so I can finally pick it up the whole series for $29.99.
>> A number of modules, namely, accessible, browser and security, frequently appear among the most complex modules. Further investigation may be helpful in identifying why that is the case.
#1: If you're Google, you should be able to afford your own reliable connection to the Internet, or even to home base, by your keynoter. Especially if you're going to pimp your marketing on SlashDot. Even if it means bribing the union folks at Moscone to let you do it your way.
#2: You think the network environment is ideal out near all those "other 4.5 billion"?
>> could help safety officials to decide where to restrict public access at volcanoes such as Italy's Stromboli, where dozens of tourists arrive every night to watch spectacular fire fountain displays
Let's not go there, please. If we lose a couple of dozen tourists, that's an acceptable risk. Hell, there's many things all of us do (skydive, kayak, rock-climb, drive on interstates, eat cheeseburgers, visit hospitals) that expose us to risk...but without those risky experiences, life wouldn't be nearly as much fun.
Did the PR flack check who reads SlashDot before they posted something about "red shirts?" I'll bet we have more people who care about the Bajorans than the Trojans here...
>> Clearly the "fake cred" would never be a flag in the users table (or even in the same database/system). For example, it could be a process that scans your logfiles and alerts based on username.
That's my point. If you're already doing this, you don't need to inject fake credentials into your databases to detect unusually accurate snooping.
>> username/password combinations don't have to be the same
If you've implemented SSO on even groups of systems, they will be the same.:)
>> can be trapped higher up the chain in the code that processes authentication requests so that they can't actually be used to gain access to systems
To do that, you need to set a "fake" flag on the credentials, and bad guys can use that to filter out the fake creds from the store.
>> these act to dissuade attackers in the same way as "sting operations" act to dissuade Johns and car thieves
In other words...they mostly don't? As I said earlier, if your attacker will be trying multiple valid sets of credentials, you can detect them without needing this extra complexity. A smart attacker would also snoop your activity logs before using any stolen credentials to avoid locked or dormant accounts, and to see if he/she can figure out which accounts are automated, maintenance, or otherwise frequently used enough to be of interest. Even with that low level of recon would avoid the control you seek to introduce.
When you "seed your authentication databases with fake passwords", you've really just added a bunch of accounts with the same username/password across multiple systems. A smarter (less invasive) approach might be to compare actual hack attempts against existing or recent lists of known usernames; if they're close, that's a tip-off that someone knows more about your authentication store than he or she should.
a) Someone tries to use it as a meth lab. Shut down. b) Tenant in building complains. Shut down. c) Reporter finds that a convicted violent felon is doing something there everyday. Shut down.
I'm very happy that they have $6K, but that probably won't even carry the annual liability insurance for a "public" biology lab.
1) To wife: "If all goes well I'm taking a week off after the baby comes." 2) To work: "I'm taking all eight weeks off." 3) Enjoy seven weeks of 8-5 freedom.
>> there's software out there to (monitor communications or wipe my own device)
My current employer has a BYOD policy and software for this. My solution: never use a personal device for work purposes, especially never company email. Instead, I use a company-resident mail forwarding application to read my company email and to send alerts to a personal email address if it finds something that looks interesting enough and I've been out of the office long enough (e.g., more than a day). If I do get such an alert, I might VPN in to read the full email, or usually I'll just text or call someone. (They can also text me.)
>> the long-awaited movie based on World of Warcraft
I laughed when I read that too. I don't think anyone, ever, has said, "the stories from Warcraft are so good that I'd pay to see them on the big screen while I passively sit around and watch them." Warcraft plots are just thin rationalizations for having two similar groups engage in tactical combat with one another, or set-ups for jokes. Even the cut-scenes are known to run long.
Blizzard, please stick to what you know, and hurry up with the StarCraft II WarChest set so I can finally pick it up the whole series for $29.99.
>> U.S. Treasury Department: "universal human rights, including the right to freedom of expression"
The fine print: "...unless you advocate the rule of law based on the U.S. Constitution or the Bill of Rights."
>> why he thinks the fire was set
"Because I killed someone and their ghost is mad." I kid, I kid...
>> neat card in a stack
So...one card at a time, with a primarily forward/back interface...like PowerPoint?
>> On a large monitor, the grid spans three cards wide; on a smaller one, just two.
Oh no - didn't we just get Microsoft to retreat from THAT metaphor?
Obligatory Al Gore "Lock Box" Reference:
http://www.youtube.com/watch?v=F9pqmW-D14I&t=1m39s
>> A number of modules, namely, accessible, browser and security, frequently appear among the most complex modules. Further investigation may be helpful in identifying why that is the case.
Does this guy know what Firefox is?
>> "network environment here isn't friendly"
#1: If you're Google, you should be able to afford your own reliable connection to the Internet, or even to home base, by your keynoter. Especially if you're going to pimp your marketing on SlashDot. Even if it means bribing the union folks at Moscone to let you do it your way.
#2: You think the network environment is ideal out near all those "other 4.5 billion"?
>> could help safety officials to decide where to restrict public access at volcanoes such as Italy's Stromboli, where dozens of tourists arrive every night to watch spectacular fire fountain displays
Let's not go there, please. If we lose a couple of dozen tourists, that's an acceptable risk. Hell, there's many things all of us do (skydive, kayak, rock-climb, drive on interstates, eat cheeseburgers, visit hospitals) that expose us to risk...but without those risky experiences, life wouldn't be nearly as much fun.
"Nanny-staters, git off muh lawn!"
>> whether QuickOffice can topple Microsoft Office
Isn't the real battle Google Docs vs. Microsoft Office?
Did the PR flack check who reads SlashDot before they posted something about "red shirts?" I'll bet we have more people who care about the Bajorans than the Trojans here...
>> As well as providing the equipment necessary to fire missiles, defense contractors also want to offer customers the ability to defend against them.
Naturally. How else would you extract top dollar from both sides?
>> Clearly the "fake cred" would never be a flag in the users table (or even in the same database/system). For example, it could be a process that scans your logfiles and alerts based on username.
That's my point. If you're already doing this, you don't need to inject fake credentials into your databases to detect unusually accurate snooping.
>> username/password combinations don't have to be the same
If you've implemented SSO on even groups of systems, they will be the same. :)
>> can be trapped higher up the chain in the code that processes authentication requests so that they can't actually be used to gain access to systems
To do that, you need to set a "fake" flag on the credentials, and bad guys can use that to filter out the fake creds from the store.
>> these act to dissuade attackers in the same way as "sting operations" act to dissuade Johns and car thieves
In other words...they mostly don't? As I said earlier, if your attacker will be trying multiple valid sets of credentials, you can detect them without needing this extra complexity. A smart attacker would also snoop your activity logs before using any stolen credentials to avoid locked or dormant accounts, and to see if he/she can figure out which accounts are automated, maintenance, or otherwise frequently used enough to be of interest. Even with that low level of recon would avoid the control you seek to introduce.
When you "seed your authentication databases with fake passwords", you've really just added a bunch of accounts with the same username/password across multiple systems. A smarter (less invasive) approach might be to compare actual hack attempts against existing or recent lists of known usernames; if they're close, that's a tip-off that someone knows more about your authentication store than he or she should.
a) Someone tries to use it as a meth lab. Shut down.
b) Tenant in building complains. Shut down.
c) Reporter finds that a convicted violent felon is doing something there everyday. Shut down.
I'm very happy that they have $6K, but that probably won't even carry the annual liability insurance for a "public" biology lab.
>> Isn't there some utility that could be added to all systems and unify password management?
I can tell you've never worked in IT by the fact you asked that question.
>> Diagrams that should be spread over five or six pages are crammed onto one
And you still figured out what to do? Sounds like he knows what he's going then.
1) To wife: "If all goes well I'm taking a week off after the baby comes."
2) To work: "I'm taking all eight weeks off."
3) Enjoy seven weeks of 8-5 freedom.
Dear Mr. McAfee,
How can I avoid getting that annoying McAfee AntiVirus trial in all my Java installs?
(I kid. I kid.)
>> Two researchers conducted an experiment in their bathroom
A lot of my stories that end with "and then we were both grounded for a month" start that way too.
>> put clear water between
Smashing! I'll take a lorry-load of these. Just put them in the lift and I'll send the boxes down for the bin men.
>> there's software out there to (monitor communications or wipe my own device)
My current employer has a BYOD policy and software for this. My solution: never use a personal device for work purposes, especially never company email. Instead, I use a company-resident mail forwarding application to read my company email and to send alerts to a personal email address if it finds something that looks interesting enough and I've been out of the office long enough (e.g., more than a day). If I do get such an alert, I might VPN in to read the full email, or usually I'll just text or call someone. (They can also text me.)
>> Does the BBC have a satellite?
Sort of: http://www.bbc.co.uk/blogs/blogaboutthebbc/posts/Changes-to-BBC-Satellite-transponders-in-2013
Did you notice that all of the BBC's photos had "Copyright NASA" on them?
>> how chat apps have overtaken SMS. Yeah, they are cheap.
Chat apps are cheap? I thought they were all free.