I guess the "we" are the people who realized that it was their civic duty to vote. Heck, I'll take quality over quantity any day. if you feel that your party got the short end of the stick, then you need to educate your friends and family on the importance of voting. I have very little time for people who moan about the government but yet can't be bothered to vote.
Yes, it sucks that a party got a majority with 24% of the eligible voter turn-out; I remember Chretien's numbers weren't impressive either. There's been an increased ambivalence towards elections. Maybe the Green party can win next time when the Gen Y and younger can vote online from their smartphones. That would be a refreshing change.
Absolutely not. Perhaps I'm naive or maybe idealistic, but it's your civic duty. If you can't get that through your skull, then perhaps you're not fit to make an informed decision on who to vote and important this process is.
Nor should you penalized for NOT voting, that is your (irresponsible) right. Your punishment is to endure a government for whom you chose to have no say in.
And there is no way to verify that his vote is actually his decision. And I'm not even talking about the guy with the gun pointing at his head telling him how to vote
I hear ya. Let's be realistic here. Yes, there is the potential for abuse and yes, one could argue that placing an elected official via nefarious means is potentially more harmful than a financial transaction. I wouldn't say it's apples to oranges, but more like apples to pears.
Will this be abused? Of course. The intent here is to a) improve voter turn-out especially in the younger generations, and b) improve the access to voting stations for folks in really remote areas (some folks have to drive for a few hours to vote, not simple in bad weather or when you have to take your kids with you on a long drive).
Online voting adds some risk of course, but also provides a lot of benefits IMHO. It's a balance and has to reflect the risk appetite that we as the voting folk are willing to accept. I ALWAYS vote, and you know what, I would vote online even though the polling station is a quick 5 mins from my house.
Having said that, I would like to see some details and as a member of the public would like the opportunity to provide some feedback.
There are some options that could mitigate some of the risks: a) deploy voting kiosks at libraries that connect to a system remotely (i.e. little or no data is stored locally, everything is signed digitally, etc) b) deploy a terminal app at libraries that can leverage existing computers (somewhat risky and unreliable) c) provide the access via a terminal app through the browser (potentially painful I know) d) limit access to voting systems to ISPs based in Canada (challenging, but could work to limit the exposure of the system)
And audit the hell out of the system. Not sure how far and deep one could go, but certainly try something.
interkin3tic, I've been meaning to talk to you about that. You should find yourself a safehouse or a relative close by, maybe lay low for awhile because you're probably wanted for using a cliched reference on/..
Agreed, between this fellow and BitCoin articles, it's becoming evident that there is some sort of undercurrent that actively manipulates/. or whereby/. actively contributes.
Or perhaps I'm just getting more cynical in my old age.
Valid points; from my own experience you will also find that client systems from US/Canada/UK? are considered "trusted". With all the junk going out there in the world, a few places are putting in geolocating in there, either blocking users, asking for a second factor, or just scrutinizing their access. It does reduce some of the noise.
Of course proxies, TOR, AOL users, etc, negate some of that but when you had a breach or want to justify your department, you'll do certain things. You take care of the unsophisticated and script kiddy stuff out of the equation.
Fair enough. Some will face some crazy sentences. Or perhaps, like many posts indicated, will just pay their way out of this one.
Having said that, whoever made the call to mimic a Western store should have also considered the consequences. I have very little sympathy for people who break the law (for their personal gain) and then complain when they get caught. Even if it's trademark or copyright legislation. Those folks tend not to regret the infringement but the fact that they got caught.
If you can't do the time, then don't do the crime.
Seriously? I doubt that somehow many would feel that strongly to switch browsers rather than to change a setting. I know I wouldn't. I like Firefox as my browser, I like Google as my search engine, heck I like Windows Vista 64-bit (ewww) as my OS.
Your average, no-knowledge-of-IT user is on IE or Safari. Those are the ones that will let their computer dictate the way they use it. BTW, not saying that savyy users aren't using IE/Safari by choice.
If most Firefox users saw "bing" as the default search; there would be a ton bing searches "Change Firefox default search" and the vast majority would be back on Google within a short little while. People are creatures of habit; a search engine may be enough of game changer that people may not just follow blindly like sheep/lemmings.
Of course Google wants Chrome to gain more market share. There is also an argument to have Google fund Mozilla to continue their work. Not to have a combined force to erode IE (or Safari), but to simply have an independent entity that develops standards and pushes the envelope. Having their financial tie will probably increase collaboration which a) helps Google in improving Chrome, b) gets good PR, c) as the article mentions brings in millions of users straight to their search engine and d) Google has not yet been invested by MBAs, so they may follow "if it ain't broke, don't fix it" approach rather than their formal "don't be evil".
I found a trojan of some sorts in the NT kernel; someone left the message "Created by Warren Robinett". Weird, only happens when I hit this invisible spot with Metasploit in the Kinect/Blender interface. I wonder if he's still employed by Microsoft.
The only suggestion I could make in this scenario would be to store the encryption key on an external dongle/smartcard/USB-key that requires a PIN/password to activate (and need it after x amount of time). That would address the issue about managing the inventory.
Now that does transfer the issue of key management to some other part of the great fed machinery. Still a messy endeavour.
No, you're not an idiot, those are valid questions.
As you indicated; these belong on isolated networks. Now "isolated" can mean a lot of things to different people. In some places it's a VLAN on a switch and bunch of (active) ports across the factory floor. Ports that may not enforce NAC or some other restriction. So, someone could plug in a device and get to it.
Also vendors may have access to these isolated networks via VPN or dedicated connections. Sometimes that's the best way to gain access to a company's network.
In some settings, WiFi may be the connectivity path which could be exploited. I work in healthcare where you see this more and more. I've seen vendors supply equipment with WEP-based WiFi crap.
And if it's not physically separated, i.e. logically (e.g. a DMZ) then there may be configuration or vulnerabilities to exploit.
My personal experience with a couple of mainstream commercial enterprise solutions, is their data recovery tools leave a LOT to be desired and seem to only work for us about a third of the time. Features and management tools get the attention; auditing and recovery are after-thoughts in most products. In a few instances where we had to engage a data recovery service, they charge quite a bit more when they find out that they're dealing with an encrypted disk (i.e. when we're going after a specifc folder or a bunch of files)
Anyways, it got to the point where one of my clients is now looking at expanding their archiving solution rather than spending the cash (and time!) to attempt to recover data on encrypted media.
Looked around the stories including their "infographic", not clear what they are using and how they've implemented it.
Do servers have pre-boot enabled? How did they change they operational processes? Are these HW-encrypted drives? What is the failure rate on the process?
Details like this are important. As it stands, they spent the cash and a lot of time, but no indication that they've implemented it properly. I wouldn't feel much safer. 5,000 hours is nothing to be honest for even a mid-size company. That's 2-3 techs working a whole year on it. Big deal. They could be just sitting in front of the monitor watching the progress bar.
You know, I could understand this if it was some jerk who has no relationship to Lucas or the movies making them and selling them as "Authentic Star Wars Stormtrooper Helmets," but that's clearly not the case. What should have happened is that George Lucas should have said, "You know, even if he's technically breaking copyright law, I'm going to give this guy a pass." Or if he were worried about holding onto his IP rights (even though there's a snowball's chance in hell of him losing them if he chooses not to pursue one single guy because of personal reasons), then he should have called the guy up and said, "Hey, how about giving me a token cut of the profit of each one sold for legal reasons, like say, one penny, and you can even tell people that they're authentic and authorized by George Lucas?" Oh yeah, because that would mean that their piles of millions of dollars would be shorter by a few thousand dollars, which is antithetical to the principle of being so damn greedy that it's not enough that you succeed, but everyone else must fail.
All of what you describe is what a sensible and decent person would have done. Agree 100%.
It's clear that George Lucas is not a decent or sensible person in the same sense that you and I (and I would argue the majority of people) understand. Seriously, how many millions/billions does one need. George should have said; "you did a great job for me back in 76, and yes, it's cool for you to make good money as well. You made this all possible." Lucas (and his corp) is an a**hole.
What they seemed to have missed is that the very foundation of privacy is identity. Simply knowing my postal code or birth date is meaningless without a name to associate it with.
I disagree. If I know which block you live in and I know your age, then I can make some pretty good guesses as to who you are. E.g. if I know that Mr X lives between 150 and 200 Main Street, is 28 years old born on the 12th of July, and has Steve Jobs, Perez Hilton and the local Pop DJ in his circle of "friends", then I know it's most likely the douchebag across the street that drives the Toyota Prius and listens to Lady Gaga from his iPad2 at a high volume, who happened to have a big gathering in his backyard a couple of weekends ago. Gawd, that guy drives me nuts.
Add to PC and DOB certain things like hobbies, medical conditions, membership (Shriners, sports team, etc), then you can build a pretty good picture of who the person most likely is.
So Dalvik has to be proven to be a clean-room implementation. Perhaps someone more versed in this tech can comment why this is not publicly known and can be proven to not use Sun's runtime. Wouldn't that piece be available to review in the open source project (http://code.google.com/p/dalvik/)?
Funny, whenever some talks about the bytes obtained rather than the number of documents, it tends to indicate that the information obtained was useless. Perhaps they found a 700MB Access file with the commercial ship traffic in the Atlantic Ocean.
Chances are it's not important what they found. NATO is a collection of countries with diverging view (e.g. Turkey&Greece, France&UK&US) and with a lot of attention-seeking military personnel who have been shunted to this multi-national effort. Anything juicy or of significance would have been exploited by internal personnel a long time ago.
I had a couple of apps that I wrote in Borland Pascal 7 that I tried to play with it, somehow the DOS (DPMI) extender just didn't work properly since I compiled them in protected mode to use paging . Now, this was with the previous edition of JPC.
Agree 100%. It's to their benefit, while many companies will most likely not contribute anything, there will be some that will do in order to provide functionality that they need or merely to address existing bugs/limitations.
I would add a 4th item though: - Hire/assign an Enterprise Marketing Droid. I appreciate Mozilla is an open and free-thinking org, but somestuffthat comes out of it sometimes freaks the hell out of risk-averse senior IT management. Call it "damage control".
Slashdot Mirror
I like the comonaut version better. It aligns better with the Marxist message that was an inherent part of the show.
I guess the "we" are the people who realized that it was their civic duty to vote. Heck, I'll take quality over quantity any day. if you feel that your party got the short end of the stick, then you need to educate your friends and family on the importance of voting. I have very little time for people who moan about the government but yet can't be bothered to vote.
Yes, it sucks that a party got a majority with 24% of the eligible voter turn-out; I remember Chretien's numbers weren't impressive either. There's been an increased ambivalence towards elections. Maybe the Green party can win next time when the Gen Y and younger can vote online from their smartphones. That would be a refreshing change.
Absolutely not. Perhaps I'm naive or maybe idealistic, but it's your civic duty. If you can't get that through your skull, then perhaps you're not fit to make an informed decision on who to vote and important this process is.
Nor should you penalized for NOT voting, that is your (irresponsible) right. Your punishment is to endure a government for whom you chose to have no say in.
And there is no way to verify that his vote is actually his decision. And I'm not even talking about the guy with the gun pointing at his head telling him how to vote
I hear ya. Let's be realistic here. Yes, there is the potential for abuse and yes, one could argue that placing an elected official via nefarious means is potentially more harmful than a financial transaction. I wouldn't say it's apples to oranges, but more like apples to pears.
Will this be abused? Of course. The intent here is to a) improve voter turn-out especially in the younger generations, and b) improve the access to voting stations for folks in really remote areas (some folks have to drive for a few hours to vote, not simple in bad weather or when you have to take your kids with you on a long drive).
Online voting adds some risk of course, but also provides a lot of benefits IMHO. It's a balance and has to reflect the risk appetite that we as the voting folk are willing to accept. I ALWAYS vote, and you know what, I would vote online even though the polling station is a quick 5 mins from my house.
Having said that, I would like to see some details and as a member of the public would like the opportunity to provide some feedback.
There are some options that could mitigate some of the risks:
a) deploy voting kiosks at libraries that connect to a system remotely (i.e. little or no data is stored locally, everything is signed digitally, etc)
b) deploy a terminal app at libraries that can leverage existing computers (somewhat risky and unreliable)
c) provide the access via a terminal app through the browser (potentially painful I know)
d) limit access to voting systems to ISPs based in Canada (challenging, but could work to limit the exposure of the system)
And audit the hell out of the system. Not sure how far and deep one could go, but certainly try something.
interkin3tic, I've been meaning to talk to you about that. You should find yourself a safehouse or a relative close by, maybe lay low for awhile because you're probably wanted for using a cliched reference on /..
Agreed, between this fellow and BitCoin articles, it's becoming evident that there is some sort of undercurrent that actively manipulates /. or whereby /. actively contributes.
Or perhaps I'm just getting more cynical in my old age.
Valid points; from my own experience you will also find that client systems from US/Canada/UK? are considered "trusted". With all the junk going out there in the world, a few places are putting in geolocating in there, either blocking users, asking for a second factor, or just scrutinizing their access. It does reduce some of the noise.
Of course proxies, TOR, AOL users, etc, negate some of that but when you had a breach or want to justify your department, you'll do certain things. You take care of the unsophisticated and script kiddy stuff out of the equation.
I'm not saying it's good or bad, I'm just saying.
Fair enough. Some will face some crazy sentences. Or perhaps, like many posts indicated, will just pay their way out of this one.
Having said that, whoever made the call to mimic a Western store should have also considered the consequences. I have very little sympathy for people who break the law (for their personal gain) and then complain when they get caught. Even if it's trademark or copyright legislation. Those folks tend not to regret the infringement but the fact that they got caught.
If you can't do the time, then don't do the crime.
Seriously? I doubt that somehow many would feel that strongly to switch browsers rather than to change a setting. I know I wouldn't. I like Firefox as my browser, I like Google as my search engine, heck I like Windows Vista 64-bit (ewww) as my OS.
Your average, no-knowledge-of-IT user is on IE or Safari. Those are the ones that will let their computer dictate the way they use it. BTW, not saying that savyy users aren't using IE/Safari by choice.
If most Firefox users saw "bing" as the default search; there would be a ton bing searches "Change Firefox default search" and the vast majority would be back on Google within a short little while. People are creatures of habit; a search engine may be enough of game changer that people may not just follow blindly like sheep/lemmings.
Of course Google wants Chrome to gain more market share. There is also an argument to have Google fund Mozilla to continue their work. Not to have a combined force to erode IE (or Safari), but to simply have an independent entity that develops standards and pushes the envelope. Having their financial tie will probably increase collaboration which a) helps Google in improving Chrome, b) gets good PR, c) as the article mentions brings in millions of users straight to their search engine and d) Google has not yet been invested by MBAs, so they may follow "if it ain't broke, don't fix it" approach rather than their formal "don't be evil".
Doesn't MS own a chunk of Apple?
I found a trojan of some sorts in the NT kernel; someone left the message "Created by Warren Robinett". Weird, only happens when I hit this invisible spot with Metasploit in the Kinect/Blender interface. I wonder if he's still employed by Microsoft.
Excellent points.
The only suggestion I could make in this scenario would be to store the encryption key on an external dongle/smartcard/USB-key that requires a PIN/password to activate (and need it after x amount of time). That would address the issue about managing the inventory.
Now that does transfer the issue of key management to some other part of the great fed machinery. Still a messy endeavour.
Well, it does fold in half.
FIVE times.
No, you're not an idiot, those are valid questions.
As you indicated; these belong on isolated networks. Now "isolated" can mean a lot of things to different people. In some places it's a VLAN on a switch and bunch of (active) ports across the factory floor. Ports that may not enforce NAC or some other restriction. So, someone could plug in a device and get to it.
Also vendors may have access to these isolated networks via VPN or dedicated connections. Sometimes that's the best way to gain access to a company's network.
In some settings, WiFi may be the connectivity path which could be exploited. I work in healthcare where you see this more and more. I've seen vendors supply equipment with WEP-based WiFi crap.
And if it's not physically separated, i.e. logically (e.g. a DMZ) then there may be configuration or vulnerabilities to exploit.
My personal experience with a couple of mainstream commercial enterprise solutions, is their data recovery tools leave a LOT to be desired and seem to only work for us about a third of the time. Features and management tools get the attention; auditing and recovery are after-thoughts in most products.
In a few instances where we had to engage a data recovery service, they charge quite a bit more when they find out that they're dealing with an encrypted disk (i.e. when we're going after a specifc folder or a bunch of files)
Anyways, it got to the point where one of my clients is now looking at expanding their archiving solution rather than spending the cash (and time!) to attempt to recover data on encrypted media.
Looked around the stories including their "infographic", not clear what they are using and how they've implemented it.
Do servers have pre-boot enabled? How did they change they operational processes? Are these HW-encrypted drives? What is the failure rate on the process?
Details like this are important. As it stands, they spent the cash and a lot of time, but no indication that they've implemented it properly. I wouldn't feel much safer.
5,000 hours is nothing to be honest for even a mid-size company. That's 2-3 techs working a whole year on it. Big deal. They could be just sitting in front of the monitor watching the progress bar.
You know, I could understand this if it was some jerk who has no relationship to Lucas or the movies making them and selling them as "Authentic Star Wars Stormtrooper Helmets," but that's clearly not the case. What should have happened is that George Lucas should have said, "You know, even if he's technically breaking copyright law, I'm going to give this guy a pass." Or if he were worried about holding onto his IP rights (even though there's a snowball's chance in hell of him losing them if he chooses not to pursue one single guy because of personal reasons), then he should have called the guy up and said, "Hey, how about giving me a token cut of the profit of each one sold for legal reasons, like say, one penny, and you can even tell people that they're authentic and authorized by George Lucas?" Oh yeah, because that would mean that their piles of millions of dollars would be shorter by a few thousand dollars, which is antithetical to the principle of being so damn greedy that it's not enough that you succeed, but everyone else must fail.
All of what you describe is what a sensible and decent person would have done. Agree 100%.
It's clear that George Lucas is not a decent or sensible person in the same sense that you and I (and I would argue the majority of people) understand.
Seriously, how many millions/billions does one need.
George should have said; "you did a great job for me back in 76, and yes, it's cool for you to make good money as well. You made this all possible."
Lucas (and his corp) is an a**hole.
What they seemed to have missed is that the very foundation of privacy is identity. Simply knowing my postal code or birth date is meaningless without a name to associate it with.
I disagree. If I know which block you live in and I know your age, then I can make some pretty good guesses as to who you are. E.g. if I know that Mr X lives between 150 and 200 Main Street, is 28 years old born on the 12th of July, and has Steve Jobs, Perez Hilton and the local Pop DJ in his circle of "friends", then I know it's most likely the douchebag across the street that drives the Toyota Prius and listens to Lady Gaga from his iPad2 at a high volume, who happened to have a big gathering in his backyard a couple of weekends ago. Gawd, that guy drives me nuts.
Add to PC and DOB certain things like hobbies, medical conditions, membership (Shriners, sports team, etc), then you can build a pretty good picture of who the person most likely is.
Thanks for sharing. It looks like same folks (or group) that developed Cryptree are also running Wuala.
I'll try it out. Servers are based out of EU and Switzerland; so no PATRIOT Act to worry about.
Thank you very much; you've explained the situation perfectly and this makes sense to me now. Greatly appreciate your response.
Okay, I'm sure Google should have done their due diligence in verifying that Dalvik's VM solution was in the clear.
http://en.wikipedia.org/wiki/Dalvik_(software)
So Dalvik has to be proven to be a clean-room implementation. Perhaps someone more versed in this tech can comment why this is not publicly known and can be proven to not use Sun's runtime. Wouldn't that piece be available to review in the open source project (http://code.google.com/p/dalvik/)?
Most Bitcoin stories are posted by an anonymous reader.
Funny, whenever some talks about the bytes obtained rather than the number of documents, it tends to indicate that the information obtained was useless. Perhaps they found a 700MB Access file with the commercial ship traffic in the Atlantic Ocean.
Chances are it's not important what they found. NATO is a collection of countries with diverging view (e.g. Turkey&Greece, France&UK&US) and with a lot of attention-seeking military personnel who have been shunted to this multi-national effort. Anything juicy or of significance would have been exploited by internal personnel a long time ago.
I had a couple of apps that I wrote in Borland Pascal 7 that I tried to play with it, somehow the DOS (DPMI) extender just didn't work properly since I compiled them in protected mode to use paging . Now, this was with the previous edition of JPC.
Anyone had any luck and can share their insights?
Agree 100%. It's to their benefit, while many companies will most likely not contribute anything, there will be some that will do in order to provide functionality that they need or merely to address existing bugs/limitations.
I would add a 4th item though:
- Hire/assign an Enterprise Marketing Droid. I appreciate Mozilla is an open and free-thinking org, but some stuffthat comes out of it sometimes freaks the hell out of risk-averse senior IT management. Call it "damage control".