It was a hardware keylogger, not a software program. The security lapse was physical. That's very hard to protect against, short of locking up all computers in steel boxes so as to prevent physical access.
There's another miss-perception here that I'd like to address though. This is a high school, not the CIA. Test information isn't a national secret, and doesn't need to be protected like one. You might be shocked, to know that those crappy desk drawers can be picked with a paperclip. Sorry, but just imagine what someone who wants to do evil could do if security is that lax. He just wanted some test questions. Imagine someone who wants records from the nurses office, wants to alter another students grades, etc. etc.
And where did altering students grades come from? This was a teachers workstation, not the machine that keeps track of grades. There weren't any security breaches in the nurses office either. I doubt there's very sensitive information about anything in a HS nurses office anyway. They're not allowed to even give a kid an asprin. You seem to assume that one hardware keylogger on one teachers computer blows the whole system apart.
He didn't break into the teachers office, he attatched the logger when the teacher wasn't looking. It's more like opening up the teachers desk drawer and finding an answer key than breaking and entering.
I also think you're over-reacting to what amounts to a category on slashdot. You seem to assume "your rights online" is all about your rights being trampled on, and furthermore "you" are the kid. Who says "you" can't be the teacher? The teacher has rights of privacy, and keyloggers violate those rights. You've put your own spin on a vague category (of which there are a limited amount of categories) and then drawn conclusions from essentially nothing.
And now we know what John Ashcroft is doing in his retirement...
I think you've gone a bit overboard. This is just about exactly equivalent to stealing the answer key to a paper test and copying it. No one is sent to jail for such a trivial crime, and I highly doubt he's going to be sent to jail in this case, despite your overeaction. There should be punishment, but jail would be the largest mistake anyone could make.
However, the one thing that humans can give is their perception of what they see and feel. This sort of information is something that no robot can possibly provide us.
And how is seeing and feeling worth multi-billions of dollars?
We honestly have no idea how much we would learn from being out exploring, but most of the advances of our race have come from exploring the unknown and taking risks.
Exploring has with few exceptions been driven by economics and need, not wonder. Columbus was looking for gold and a cheaper spice route. The people who crossed the land bridge into North America were looking for food. I suspect the same thing will occur for space. Mining operations for rare elements like Helium 3 will be what likely creates the colonization of space. Science needs, like you say are far cheaper to do with robots.
By adding some salt to the water however, you can encourage a chemical reaction to happen at a given electrode.
No, the salt is to reduce the electrical resistance of the water and create a greater current flow. Pure water actually has a high amount of electrical resistance. Oxygen will collect at the positive electrode, and hydrogen will collect at the negative (the article author is a bit confused and thinks this is methane).
You're correct about the rest of your summary though.
When after almost 700 years no one has been able to show how it was made, especially with all the advances in science and technology only showing how much more there is to the shroud, I keep a open mind that it could be authentic
It could be.. but there doesn't seem to be any real evidence that it is. 700 years sure sounds like a long time, but how much study has it actually undergone? Lack of finding out how it was created means nothing. How many people have been allowed to investigate the shroud, and how closely? If the carbon dating is so innaccurate, why not allow it to be tested again? I don't think the priests who keep this thing have much interest in finding out the truth, and really there's almost no scientific value in it beyond historical interest.
You say keep an open mind.. I guess, but keep that statement in context. I keep an open mind towards pink elephants on Alpha Centauri too.. With all our modern science we haven't been able to disprove said pink elephants. People too often use that phrase to justify whatever completely unsubstatiated belief they currently hold. As if taking a side against something with no evidence to support it is closing your mind.
Incompatible with each other. Maybe you can call this not knowing your audience (though I'd assume most people know the formats aren't compatible with each other), but it's not illiteracy.
And I am willing to bet that top ppl are surprised.
I'm willing to bet they aren't. The system only has a very limited key length (40 bits) and anyone with half a lick of knowledge knows that a 40 bit key is vulnerable to offline brute force cracking.
My guess is they knew the system could be pretty esily cracked, but combined with the very short range of RFID (I believe the researchers captured the key data on the order of several inches) it wasn't considered a major vulnerability.
Of course. But you sound like you're using the fallibility of science to justify what you already believe. In other words "it MUST be the real Jesus shrowd, not that I have any evidence it is.. but eventually science will show the counter-evidence is wrong because.. well it MUST be". That's not how science works. Sure, it's possible the science is faulty.. but you don't just assume it is because the evidence doesn't back up your own, unsubstatiated beliefs. That's just patently dishonest.
In science you take all the evidence and make a conclusion based on that with the understanding that it's not the final word on the matter. In other words, you don't get to use science only when it backs up what you want to believe, but claim faulty science when it doesn't.
This could affect things like planetary heat redistribution, reduced precipitation, etc.
I have a hard time buying that. Heat distribution and weather is mostly affected by high altitude winds like the jet stream, not the near surface winds used by windmills. Until anyone produces actuall evidence of significant enviromental effects of windmills it's just pure FUD.
The grandparent was saying that in Windows, it is easy to recover the Administrator's password. This is bad because you can log in without a recovery CD, and the Administrator won't notice (his password will still be the same). In Linux, obtaining the root password is not so easy by default (because shadow uses a DES+salt hash by default) and nearly impossible if you set it up properly (if you use MD5 hash, which is the default for SuSE - don't know about other distros).
You can turn the weak lanman hashes off in windows 2000 and above. That solves the password cracking problem (or at least makes it as difficult as linux). Anyway, if you have root access to a box you can pretty easily root-kit the machine, be it linux or windows. Create your own account, backdoor, or whatever and have unmonitored access.
NASA is all about engineers, not scientists. Therefore you get "Let's build a big space station. We'll figure out what to do with it later";
That was a result of politics, not engineers. The space shuttle was the same thing. Every other mission that Nasa has undertaken has had enormous scientific merit.
Most companies *do* have multiple versions of "the same document".
I'm not disputing that. What do I dispute is this is a major problem. I believe word encryption is used for casual security and not for any information that's would attract someone with the required knowledge and access to multiple versions to break the encryption. It's like the revelation that locked filing cabinets have weak security. If you never expected it to be super-secure, then it comes as no surprise when it isn't.
Re:What could firefox hacks possibly cover?
on
Firefox In Print
·
· Score: 3, Interesting
Firefox has a boatload of extensions and plugins. I could easily see a book talking about the ways to use all the extensions (and which ones are best).
1) That password you give your administrator account on your system can be hacked off in under 5 minutes with the Emergency Boot CD EBCD . So much for encryption.
That doesn't have anything to do with encryption. Anytime you have physical access to a computer all bets are off as far as security. You can do the exact same thing in linux, and most of the time you don't even need a CD. Just add a 1 to the kernel boot options and boot into single user mode. No password required, immediate root access. Sure, you can put a password on changing those bootloader options, but just slap in a linux emergency boot CD, and suddenly you have root access to all files.
Linux encrypted filesystems I know almost nothing about, but I've also never seen a distribution that supports it out of the box. There's probbably one out their, but it's not a mainstream linux feature.
While Microsoft should probbably fess up and fix the problem, is this really such a big deal? Who uses Microsoft word encryption, and for what? It still sounds like you'd require multiple versions of the same document. That means either access to the data store itself where the document was being edited, or the user has passed around multiple versions to others.
I guess what it comes down to is expectations of security. It should be obvious to not use word to protect national secrets. Secret love letters to your mistress are still probbably safe from your wife though (unless she happens to be a crypto-expert). In that case it's probbably easier to just use a keylogger, or install a trojan horse.
*sigh*, It's really sad when someone is just completely wrong and is so insisting that they're right about well known facts. It's as if you listened to Rush Limbaugh and just accepted whatever that pill popping moron said. But well, you did say it, so lets expose your ignorance. So snow and ice covers around 6% of the planet overall and would have to be on average 116 metres thick (assuming 100% compaction, which it isn't becuase ice is full of air) to achieve a 10 metre sea level rise does that sound right to you?
Uhh.. the Antartic ice thickness is on average about 2000 meters thick, and the largest measured is more than 4700 meters thick. I'd say that's a bit more than 116 meters. Melting the entire Arctic ice mass will have no effect whatsoever because its weight is already supported by the water it floats in, so it can be ignored - people do seem to forget that.
Except, as someone else already pointed out that would decreate the salinity of the oceans (since arctic ice has almost no salt in it). Ocean currents are largely driven by salinity differences. Ocean currents have an enormous responsibility for driving the climate we're currently are invested in. Media hype, anyone?
No, it's complete ignorance combined with hubris on your part. Find some facts before you go spouting off conclusions. One minute with google can stop you from looking like a complete fool. Yes, higher temperatures will probably accelerate evaporation and increase the rain cycle. But who *really* knows? It's all theory and conjecture - people need to stop treating it as fact.
Ahh yes.. "it's just a theory". So is heliocentric theory and gravitation. No one is *really* knows that the earth revolves around the sun, "it's just a theory". I guess we won't *really* know until half the coastal cities are underwater. Then we can be totally sure. Of course by that time we're screwed, but people like you can have your complete confidence then.
It does sound creepy, but a human brain is more than just human neurons fitting in a skull the size of a mouse. Also the media is famous for screwing up the important details of science stories (and while national geographic is probbably better than most, it's still not even really a science publication).
The problem isn't that everyone is going to die, the problem is that an 11 degree temperature rise will cause massive disruption in society. If the global temperature rose 11 degrees (remember this is a global average over the whole year, not what you'll experience) that would melt much of the Antarctic glacier. Sea levels would rise substantially and coastal cities would be underwater. The climate would change dramatically and the key areas for food production would likely change. We'd probbably get more frequent and powerfull Hurricanes and tornados.
The point is that we humans have a lot invested in how the climate is right now. A drastic change of 11 degrees over a relatively short period of time would be a global catastrophe that could cause an economic depression that's make the great depression look like an "economic downturn".
You're talking about slander. It's just about impossible to slander someone when:
There's not mention of the womans name, no picture of her, and you can't even see the license number. Hell, I don't even know what city this took place in, all I see is a picture of a big SUV.
Even if there _was_ such identifying information he only reported what happened, and that he thought the woman was a bitch. If that's slander, we've got big problems in this country with regard to free speech.
As far as the non-obvious disabilities, he mentions that on the website. Sorry, but I think you're the one being unreasonable. If you can't express your frustration about peoples behaviour (which is really what the story is about) just because the woman _might_ be actually disabled, well I don't want to live in that culture. Disabled people can be assholes too, and deserve no more sensitivity toward their behaviour than anyone else.
Wow, I've never heard such an ivory tower explanation of the use of "and I was like". I guess if you use complicated enough language you can make anything sound like it's brilliant prose.
Personally to my ears such phrases have always sounded to me like 16 year old high school talk. The same for the use of the word "retarded" for situations, events, etc. i.e. "that is SOO retarded!". Hey, if you want to sound like you're an uneducated high school kid, go right ahead and use phrases like that. Maybe sometimes that's appropriate.
Sure, I agree with everything you said. It just pisses me off when people make false comparisons trying to make something look worse than it is.
It was a hardware keylogger, not a software program. The security lapse was physical. That's very hard to protect against, short of locking up all computers in steel boxes so as to prevent physical access.
There's another miss-perception here that I'd like to address though. This is a high school, not the CIA. Test information isn't a national secret, and doesn't need to be protected like one. You might be shocked, to know that those crappy desk drawers can be picked with a paperclip.
Sorry, but just imagine what someone who wants to do evil could do if security is that lax. He just wanted some test questions. Imagine someone who wants records from the nurses office, wants to alter another students grades, etc. etc.
And where did altering students grades come from? This was a teachers workstation, not the machine that keeps track of grades. There weren't any security breaches in the nurses office either. I doubt there's very sensitive information about anything in a HS nurses office anyway. They're not allowed to even give a kid an asprin. You seem to assume that one hardware keylogger on one teachers computer blows the whole system apart.
He didn't break into the teachers office, he attatched the logger when the teacher wasn't looking. It's more like opening up the teachers desk drawer and finding an answer key than breaking and entering.
I also think you're over-reacting to what amounts to a category on slashdot. You seem to assume "your rights online" is all about your rights being trampled on, and furthermore "you" are the kid. Who says "you" can't be the teacher? The teacher has rights of privacy, and keyloggers violate those rights. You've put your own spin on a vague category (of which there are a limited amount of categories) and then drawn conclusions from essentially nothing.
And now we know what John Ashcroft is doing in his retirement...
I think you've gone a bit overboard. This is just about exactly equivalent to stealing the answer key to a paper test and copying it. No one is sent to jail for such a trivial crime, and I highly doubt he's going to be sent to jail in this case, despite your overeaction. There should be punishment, but jail would be the largest mistake anyone could make.
However, the one thing that humans can give is their perception of what they see and feel. This sort of information is something that no robot can possibly provide us.
And how is seeing and feeling worth multi-billions of dollars?
We honestly have no idea how much we would learn from being out exploring, but most of the advances of our race have come from exploring the unknown and taking risks.
Exploring has with few exceptions been driven by economics and need, not wonder. Columbus was looking for gold and a cheaper spice route. The people who crossed the land bridge into North America were looking for food. I suspect the same thing will occur for space. Mining operations for rare elements like Helium 3 will be what likely creates the colonization of space. Science needs, like you say are far cheaper to do with robots.
By adding some salt to the water however, you can encourage a chemical reaction to happen at a given electrode.
No, the salt is to reduce the electrical resistance of the water and create a greater current flow. Pure water actually has a high amount of electrical resistance. Oxygen will collect at the positive electrode, and hydrogen will collect at the negative (the article author is a bit confused and thinks this is methane).
You're correct about the rest of your summary though.
When after almost 700 years no one has been able to show how it was made, especially with all the advances in science and technology only showing how much more there is to the shroud, I keep a open mind that it could be authentic
It could be.. but there doesn't seem to be any real evidence that it is. 700 years sure sounds like a long time, but how much study has it actually undergone? Lack of finding out how it was created means nothing. How many people have been allowed to investigate the shroud, and how closely? If the carbon dating is so innaccurate, why not allow it to be tested again? I don't think the priests who keep this thing have much interest in finding out the truth, and really there's almost no scientific value in it beyond historical interest.
You say keep an open mind.. I guess, but keep that statement in context. I keep an open mind towards pink elephants on Alpha Centauri too.. With all our modern science we haven't been able to disprove said pink elephants. People too often use that phrase to justify whatever completely unsubstatiated belief they currently hold. As if taking a side against something with no evidence to support it is closing your mind.
Incompatible with each other. Maybe you can call this not knowing your audience (though I'd assume most people know the formats aren't compatible with each other), but it's not illiteracy.
And I am willing to bet that top ppl are surprised.
I'm willing to bet they aren't. The system only has a very limited key length (40 bits) and anyone with half a lick of knowledge knows that a 40 bit key is vulnerable to offline brute force cracking.
My guess is they knew the system could be pretty esily cracked, but combined with the very short range of RFID (I believe the researchers captured the key data on the order of several inches) it wasn't considered a major vulnerability.
I'd remind the readers that science is fallible.
Of course. But you sound like you're using the fallibility of science to justify what you already believe. In other words "it MUST be the real Jesus shrowd, not that I have any evidence it is.. but eventually science will show the counter-evidence is wrong because.. well it MUST be". That's not how science works. Sure, it's possible the science is faulty.. but you don't just assume it is because the evidence doesn't back up your own, unsubstatiated beliefs. That's just patently dishonest.
In science you take all the evidence and make a conclusion based on that with the understanding that it's not the final word on the matter. In other words, you don't get to use science only when it backs up what you want to believe, but claim faulty science when it doesn't.
Faith and science are two totally different and incompatible methods of acquiring knowledge.
Faith is not a method of aquiring knowledge, it's a method of retaining a belief.
This could affect things like planetary heat redistribution, reduced precipitation, etc.
I have a hard time buying that. Heat distribution and weather is mostly affected by high altitude winds like the jet stream, not the near surface winds used by windmills. Until anyone produces actuall evidence of significant enviromental effects of windmills it's just pure FUD.
The grandparent was saying that in Windows, it is easy to recover the Administrator's password. This is bad because you can log in without a recovery CD, and the Administrator won't notice (his password will still be the same). In Linux, obtaining the root password is not so easy by default (because shadow uses a DES+salt hash by default) and nearly impossible if you set it up properly (if you use MD5 hash, which is the default for SuSE - don't know about other distros).
You can turn the weak lanman hashes off in windows 2000 and above. That solves the password cracking problem (or at least makes it as difficult as linux). Anyway, if you have root access to a box you can pretty easily root-kit the machine, be it linux or windows. Create your own account, backdoor, or whatever and have unmonitored access.
NASA is all about engineers, not scientists. Therefore you get "Let's build a big space station. We'll figure out what to do with it later";
That was a result of politics, not engineers. The space shuttle was the same thing. Every other mission that Nasa has undertaken has had enormous scientific merit.
Most companies *do* have multiple versions of "the same document".
I'm not disputing that. What do I dispute is this is a major problem. I believe word encryption is used for casual security and not for any information that's would attract someone with the required knowledge and access to multiple versions to break the encryption. It's like the revelation that locked filing cabinets have weak security. If you never expected it to be super-secure, then it comes as no surprise when it isn't.
Firefox has a boatload of extensions and plugins. I could easily see a book talking about the ways to use all the extensions (and which ones are best).
Ab bar pna penpx ebg13.
1) That password you give your administrator account on your system can be hacked off in under 5 minutes with the Emergency Boot CD EBCD . So much for encryption.
That doesn't have anything to do with encryption. Anytime you have physical access to a computer all bets are off as far as security. You can do the exact same thing in linux, and most of the time you don't even need a CD. Just add a 1 to the kernel boot options and boot into single user mode. No password required, immediate root access. Sure, you can put a password on changing those bootloader options, but just slap in a linux emergency boot CD, and suddenly you have root access to all files.
Linux encrypted filesystems I know almost nothing about, but I've also never seen a distribution that supports it out of the box. There's probbably one out their, but it's not a mainstream linux feature.
While Microsoft should probbably fess up and fix the problem, is this really such a big deal? Who uses Microsoft word encryption, and for what? It still sounds like you'd require multiple versions of the same document. That means either access to the data store itself where the document was being edited, or the user has passed around multiple versions to others.
I guess what it comes down to is expectations of security. It should be obvious to not use word to protect national secrets. Secret love letters to your mistress are still probbably safe from your wife though (unless she happens to be a crypto-expert). In that case it's probbably easier to just use a keylogger, or install a trojan horse.
*sigh*, It's really sad when someone is just completely wrong and is so insisting that they're right about well known facts. It's as if you listened to Rush Limbaugh and just accepted whatever that pill popping moron said. But well, you did say it, so lets expose your ignorance.
So snow and ice covers around 6% of the planet overall and would have to be on average 116 metres thick (assuming 100% compaction, which it isn't becuase ice is full of air) to achieve a 10 metre sea level rise does that sound right to you?
Uhh.. the Antartic ice thickness is on average about 2000 meters thick, and the largest measured is more than 4700 meters thick. I'd say that's a bit more than 116 meters.
Melting the entire Arctic ice mass will have no effect whatsoever because its weight is already supported by the water it floats in, so it can be ignored - people do seem to forget that.
Except, as someone else already pointed out that would decreate the salinity of the oceans (since arctic ice has almost no salt in it). Ocean currents are largely driven by salinity differences. Ocean currents have an enormous responsibility for driving the climate we're currently are invested in.
Media hype, anyone?
No, it's complete ignorance combined with hubris on your part. Find some facts before you go spouting off conclusions. One minute with google can stop you from looking like a complete fool.
Yes, higher temperatures will probably accelerate evaporation and increase the rain cycle. But who *really* knows? It's all theory and conjecture - people need to stop treating it as fact.
Ahh yes.. "it's just a theory". So is heliocentric theory and gravitation. No one is *really* knows that the earth revolves around the sun, "it's just a theory". I guess we won't *really* know until half the coastal cities are underwater. Then we can be totally sure. Of course by that time we're screwed, but people like you can have your complete confidence then.
It does sound creepy, but a human brain is more than just human neurons fitting in a skull the size of a mouse. Also the media is famous for screwing up the important details of science stories (and while national geographic is probbably better than most, it's still not even really a science publication).
The problem isn't that everyone is going to die, the problem is that an 11 degree temperature rise will cause massive disruption in society. If the global temperature rose 11 degrees (remember this is a global average over the whole year, not what you'll experience) that would melt much of the Antarctic glacier. Sea levels would rise substantially and coastal cities would be underwater. The climate would change dramatically and the key areas for food production would likely change. We'd probbably get more frequent and powerfull Hurricanes and tornados.
The point is that we humans have a lot invested in how the climate is right now. A drastic change of 11 degrees over a relatively short period of time would be a global catastrophe that could cause an economic depression that's make the great depression look like an "economic downturn".
You're talking about slander. It's just about impossible to slander someone when:
There's not mention of the womans name, no picture of her, and you can't even see the license number. Hell, I don't even know what city this took place in, all I see is a picture of a big SUV.
Even if there _was_ such identifying information he only reported what happened, and that he thought the woman was a bitch. If that's slander, we've got big problems in this country with regard to free speech.
As far as the non-obvious disabilities, he mentions that on the website. Sorry, but I think you're the one being unreasonable. If you can't express your frustration about peoples behaviour (which is really what the story is about) just because the woman _might_ be actually disabled, well I don't want to live in that culture. Disabled people can be assholes too, and deserve no more sensitivity toward their behaviour than anyone else.
I don't think anyone has proven that Pi is a normal number, but I believe it's widely thought to be normal. More information available here.
Wow, I've never heard such an ivory tower explanation of the use of "and I was like". I guess if you use complicated enough language you can make anything sound like it's brilliant prose.
Personally to my ears such phrases have always sounded to me like 16 year old high school talk. The same for the use of the word "retarded" for situations, events, etc. i.e. "that is SOO retarded!". Hey, if you want to sound like you're an uneducated high school kid, go right ahead and use phrases like that. Maybe sometimes that's appropriate.