Two factor and split responsibility for admins: i.e. the nuclear launch methodology.
Encrypt the database and split the keystore password between multiple groups. i.e. group 1 has the first 10 characters, group 2 the next 10, group 3 the last 10. Then you need at least collaboration between the three groups to access the dataset in its entirety. Make the data accessible via a UI that is limited in scope for record retrieval and auditable. Then encryption would have been the answer to their issue.
You don't know how the software is being used. Maybe it is Apache's commons-net which has a vulnerability in the FTP client while my software only uses the SMB client. Maybe the next revision up has API changes that break compatibility.
In the ideal world everything would be kept up to date but time is a finite resource and if there is not a compelling reason to update it seems silly to waste time on it.
Without additional context I would say "So what?".
Questions that need answering:
- Can end user change the default password?
- Do installation best practices from manufacturer dictate to change the default password?
- Who performs the installation and maintains the devices?
Without answers to these it is hard to say whether the issue lies with the manufacturer, the reseller or the end user.
I don't disagree that gas cars have certain disadvantages but Teslas would meet probably (and I am just throwing this out there) 95% of driving needs. They have a range of 200-270 miles per charge which doesn't cover the cross country trip but is certainly good enough for the daily commute and even a ~4 hour trip to out of state friends house. If the Tesla was $10,000 I bet that 50% of cars on the road would be a Tesla.
There is only two driving trips in the past three years that a Tesla would not worked well for with my family. Maybe we would have one gas car and one electric, although at $10,000 I would just use the money saved to fly us instead.
Nope, I can pretty much say you would get no benefit from the faster drive for transcoding. The cpu will be the limiter. You would see benefit for non-linear video editing where you are working with massive raw files but the conversion is going to be limited in other ways.
There are several companies that make electronic white boards. I have seen them in use a couple times and they are used in distance education. An example:
It depends on what was actually occurring. If Verizon / Comcast were degrading performance based on IP ranges or traffic type than this would help them. If, as it seems was the case, this was a peering agreement issue than the rules would do nothing to improve the situation.
I also found this crazy. I just lost a couple guys with 5 years experience to jobs paying $100k+ which we just could not match. Even the new college grads have been in the $70k range...
The MN job market certainly doesn't seem like it has tightened up to me.
I am having a hard time coming up with anyone that could take advantage of this. I would love gig coverage in my area. Even then, 80% of my internet activity happens on wireless which will not even come close to using 1Gbps let alone 10Gbps. On my wired connections, I occasionally hit my max of 50Mbps but, in most situations, the far end is still a limiter.
Large / medium business, sure. But a household of 4-6 people? Every one of them could be watching their own 4k content while simultaneously downloading isos and video chatting and still couldn't even come close to saturating the link.
The VPN thing in and of itself doesn't mean anything unless you can prove that the route it takes is the same. Internet routing, in general, is handled as best route not least congested route. If your direct route to Netflix goes through a congested peering point while the VPN connection has clean routes to you and netflix then the quality could certainly be better.
Except that your analogy does not at all describe the situation...
To put it in your terms, it is more like your sub shop has a bike delivery person and I have a delivery person. For no additional cost my delivery person will meet your delivery person half way. Occasionally this means that extra time will be taken in order to facilitate the hand off. Now, my delivery person goes to the sub shop and offers, for a fee, to guarantee that they will always deliver the sandwich the whole way in a timely manner.
I am not ignorant. I know there is dirty dealings going on here. But the ISPs do have some valid arguments in this...it is not a one sided argument. Net neutrality does not mean that everyone gets as much bandwidth as they want. It just means that packets and not treated unequally and are subject to the same congestion regardless of type or content. Like I said in my initial post, if they are treating the packets differently that is something I do not agree with but if we are simply talking a peering argument than the ISPs just need to work it out.
You seem to be under the impression that the bandwidth that is used to provide you with Netflix streaming is free. All this does is remove the peering bandwidth needed between the normal Netflix provider (Cogent I think) and Verizon.
This is not a black and white issue...there is some definite grey area here. Should Netflix be able to choose an ISP and expect to be able to provide service to their customers? Yes. Should Verizon provide unlimited asymetric bandwidth to that ISP without receiving compensation from the selected ISP? No. Should the selected ISP be charging that additional cost back to Netflix? I would think so.
The only thing that would change my mind here is whether the big ISPs were specifically limiting Netflix traffic, treating it differently than other traffic across the peering relationship. Otherwise this just becomes an issue of asymmetric peering arguments which happen all the time but have just entered the publics view because of the popularity of Netflix.
So, just to clarify I believe what the poster wants to do is this:
|||| Gaming Client PC ||||
|||| Local Windows Box ||||
|||| Internet 1 |||| Internet 2 ||||
|||| Hosted Linux Server ||||
|||| Gaming Server ||||
Local Windows Box acts as a router and duplicates all inbound traffic sending it out box Internet 1 and Internet 2. Hosted Linux Box receives traffic, picks whatever packet arrives first and forwards it and throws away the slower duplicate when it comes it.
It is an interesting idea. As far as I am aware routing protocols only do best route and fail over but I am not aware of any that always sends both routes.
Sometimes re-writing something just because it uses older technologies or isn't how you would design it is not worth it. Your customers may live by the "quirks" of your system and those code work-arounds may be there for a reason.
They had a story on the radio last night about this. The issue is that everyone (well, most everyone) was getting a passing grade. When they came in and gave an unexpected test the average score was 95%. The problem is that promotions were based on the grades. So, people were not cheating to pass but instead to be "perfect" in order to look better for promotion.
I don't disagree with your premise. Long term strategic planning is something that is very lacking these days. That being said, you can't just say "it will work out" which is kinda what Amazon seems to be doing.
Retail is a hard game. Sure Amazon has other things brewing but their bread and butter is retail. Microsoft, Apple, IBM, Google, they can get away with doing heavy R&D and having some bad quarters but in retail you really kinda need to stay at least a bit profitable.
Came here to say this. In addition, all this would lead to is contracting out all the low wage jobs. Walmart Store Staff, Inc. a separate but wholly owned subsidiary of Walmart Management, Inc.
Although I do think it is a good thing in that it helps strengthen the community support and trust of the police department I have a feeling that it will end at some point in the near future with a lawsuit....maybe I am just jaded but there is a reason that corporations tend to keep these details silent and have created the (poor in my opinion) rules around providing only the minimal amount of employment information after an employee is let go.
Baloney...well, mostly baloney. There are times when it makes sense to do things in house and there are times where it very much does not make sense. Why hire full time employees for project management, development, QA, etc for an 12 month project? Does you organization have the expertise to run such an effort? What do you do with everyone once the project is over?
Yes, you will want your own technical staff to be part of the process. Yes, it may make sense to do the maintenance / support in house. Yes, you should never do time and materials but instead fixed bid with penalties (this does mean you will need to have a very good spec up front). Yes, you should get several bids and do your homework on the companies providing the bids. However, none of this precludes using an outside contractor.
Sorry, you have things very wrong.
18Mbps MPEG2 is not very much bandwidth for 1080i60 or 720p60. It is quite compressed. I work in the video broadcast industry and the providers, if they are using MPEG2 video, typically push the HD video around at 100Mbps or higher for the core feeds. Not that 18Mbps HD video is bad...with the right equipment it actually can look quite good. But it is lossy. Bluray usually uses H.264 at 40Mbps, i.e. a significantly better algorithm for bandwidth / quality, at twice the data rate and even that is somewhat lossy.
The nature of a DOS attack (overwhelming your bandwidth / router with traffic) means it pretty much has to be handled upstream. Your ISP should be able to filter the traffic at their routers where they have the bandwidth / processing power to do so. Even if you get a super router it doesn't change the fact that they are using up your bandwidth with dud requests.
I appreciate that what they are doing is scary but the video doesn't seem to indicate what they had to do in order to get that level of power. It seems that they have wires hooked up between the laptop and dash so, for all we know, they could be feeding bad sensor data into the computers. Is there things that could be done to mitigate the risk....sure. But if that is really how they are messing with things (by tearing apart the dash and rewiring everything) it would seem cutting the break lines would be nearly as dangerous and a lot easier.
EMC Corporation is an American multinational corporation that offers data storage, information security, virtualization, and cloud computing products and services which enable businesses to store, manage, protect, and analyze massive volumes of data. EMC's target markets include large FORTUNE 500 companies as well as small business across various vertical markets.[2] It is headquartered in Hopkinton, Massachusetts.
They did 20 billion in revenue last year so they are not exactly an unheard of entity....especially with the large amount of IT folk that frequent slashdot.
Slashdot Mirror
Two factor and split responsibility for admins: i.e. the nuclear launch methodology.
Encrypt the database and split the keystore password between multiple groups. i.e. group 1 has the first 10 characters, group 2 the next 10, group 3 the last 10. Then you need at least collaboration between the three groups to access the dataset in its entirety. Make the data accessible via a UI that is limited in scope for record retrieval and auditable. Then encryption would have been the answer to their issue.
You don't know how the software is being used. Maybe it is Apache's commons-net which has a vulnerability in the FTP client while my software only uses the SMB client. Maybe the next revision up has API changes that break compatibility.
In the ideal world everything would be kept up to date but time is a finite resource and if there is not a compelling reason to update it seems silly to waste time on it.
Without additional context I would say "So what?".
Questions that need answering:
- Can end user change the default password?
- Do installation best practices from manufacturer dictate to change the default password?
- Who performs the installation and maintains the devices?
Without answers to these it is hard to say whether the issue lies with the manufacturer, the reseller or the end user.
I don't disagree that gas cars have certain disadvantages but Teslas would meet probably (and I am just throwing this out there) 95% of driving needs. They have a range of 200-270 miles per charge which doesn't cover the cross country trip but is certainly good enough for the daily commute and even a ~4 hour trip to out of state friends house. If the Tesla was $10,000 I bet that 50% of cars on the road would be a Tesla.
There is only two driving trips in the past three years that a Tesla would not worked well for with my family. Maybe we would have one gas car and one electric, although at $10,000 I would just use the money saved to fly us instead.
Nope, I can pretty much say you would get no benefit from the faster drive for transcoding. The cpu will be the limiter. You would see benefit for non-linear video editing where you are working with massive raw files but the conversion is going to be limited in other ways.
There are several companies that make electronic white boards. I have seen them in use a couple times and they are used in distance education. An example:
http://smarttech.com/Home+Page/Solutions/Business+Solutions?WT.ac=homepage_bus
It depends on what was actually occurring. If Verizon / Comcast were degrading performance based on IP ranges or traffic type than this would help them. If, as it seems was the case, this was a peering agreement issue than the rules would do nothing to improve the situation.
I also found this crazy. I just lost a couple guys with 5 years experience to jobs paying $100k+ which we just could not match. Even the new college grads have been in the $70k range... The MN job market certainly doesn't seem like it has tightened up to me.
I am having a hard time coming up with anyone that could take advantage of this. I would love gig coverage in my area. Even then, 80% of my internet activity happens on wireless which will not even come close to using 1Gbps let alone 10Gbps. On my wired connections, I occasionally hit my max of 50Mbps but, in most situations, the far end is still a limiter.
Large / medium business, sure. But a household of 4-6 people? Every one of them could be watching their own 4k content while simultaneously downloading isos and video chatting and still couldn't even come close to saturating the link.
The VPN thing in and of itself doesn't mean anything unless you can prove that the route it takes is the same. Internet routing, in general, is handled as best route not least congested route. If your direct route to Netflix goes through a congested peering point while the VPN connection has clean routes to you and netflix then the quality could certainly be better.
Except that your analogy does not at all describe the situation...
To put it in your terms, it is more like your sub shop has a bike delivery person and I have a delivery person. For no additional cost my delivery person will meet your delivery person half way. Occasionally this means that extra time will be taken in order to facilitate the hand off. Now, my delivery person goes to the sub shop and offers, for a fee, to guarantee that they will always deliver the sandwich the whole way in a timely manner.
I am not ignorant. I know there is dirty dealings going on here. But the ISPs do have some valid arguments in this...it is not a one sided argument. Net neutrality does not mean that everyone gets as much bandwidth as they want. It just means that packets and not treated unequally and are subject to the same congestion regardless of type or content. Like I said in my initial post, if they are treating the packets differently that is something I do not agree with but if we are simply talking a peering argument than the ISPs just need to work it out.
You seem to be under the impression that the bandwidth that is used to provide you with Netflix streaming is free. All this does is remove the peering bandwidth needed between the normal Netflix provider (Cogent I think) and Verizon.
This is not a black and white issue...there is some definite grey area here. Should Netflix be able to choose an ISP and expect to be able to provide service to their customers? Yes. Should Verizon provide unlimited asymetric bandwidth to that ISP without receiving compensation from the selected ISP? No. Should the selected ISP be charging that additional cost back to Netflix? I would think so.
The only thing that would change my mind here is whether the big ISPs were specifically limiting Netflix traffic, treating it differently than other traffic across the peering relationship. Otherwise this just becomes an issue of asymmetric peering arguments which happen all the time but have just entered the publics view because of the popularity of Netflix.
So, just to clarify I believe what the poster wants to do is this:
|||| Gaming Client PC ||||
|||| Local Windows Box ||||
|||| Internet 1 |||| Internet 2 ||||
|||| Hosted Linux Server ||||
|||| Gaming Server ||||
Local Windows Box acts as a router and duplicates all inbound traffic sending it out box Internet 1 and Internet 2. Hosted Linux Box receives traffic, picks whatever packet arrives first and forwards it and throws away the slower duplicate when it comes it.
It is an interesting idea. As far as I am aware routing protocols only do best route and fail over but I am not aware of any that always sends both routes.
Sometimes re-writing something just because it uses older technologies or isn't how you would design it is not worth it. Your customers may live by the "quirks" of your system and those code work-arounds may be there for a reason.
They had a story on the radio last night about this. The issue is that everyone (well, most everyone) was getting a passing grade. When they came in and gave an unexpected test the average score was 95%. The problem is that promotions were based on the grades. So, people were not cheating to pass but instead to be "perfect" in order to look better for promotion.
I don't disagree with your premise. Long term strategic planning is something that is very lacking these days. That being said, you can't just say "it will work out" which is kinda what Amazon seems to be doing. Retail is a hard game. Sure Amazon has other things brewing but their bread and butter is retail. Microsoft, Apple, IBM, Google, they can get away with doing heavy R&D and having some bad quarters but in retail you really kinda need to stay at least a bit profitable.
Came here to say this. In addition, all this would lead to is contracting out all the low wage jobs. Walmart Store Staff, Inc. a separate but wholly owned subsidiary of Walmart Management, Inc.
No, but the department can be sued like a corporation can.
Like I said, I think it is a good thing but that doesn't mean it won't fall to the lawyers.
Although I do think it is a good thing in that it helps strengthen the community support and trust of the police department I have a feeling that it will end at some point in the near future with a lawsuit....maybe I am just jaded but there is a reason that corporations tend to keep these details silent and have created the (poor in my opinion) rules around providing only the minimal amount of employment information after an employee is let go.
Baloney...well, mostly baloney. There are times when it makes sense to do things in house and there are times where it very much does not make sense. Why hire full time employees for project management, development, QA, etc for an 12 month project? Does you organization have the expertise to run such an effort? What do you do with everyone once the project is over? Yes, you will want your own technical staff to be part of the process. Yes, it may make sense to do the maintenance / support in house. Yes, you should never do time and materials but instead fixed bid with penalties (this does mean you will need to have a very good spec up front). Yes, you should get several bids and do your homework on the companies providing the bids. However, none of this precludes using an outside contractor.
Sorry, you have things very wrong. 18Mbps MPEG2 is not very much bandwidth for 1080i60 or 720p60. It is quite compressed. I work in the video broadcast industry and the providers, if they are using MPEG2 video, typically push the HD video around at 100Mbps or higher for the core feeds. Not that 18Mbps HD video is bad...with the right equipment it actually can look quite good. But it is lossy. Bluray usually uses H.264 at 40Mbps, i.e. a significantly better algorithm for bandwidth / quality, at twice the data rate and even that is somewhat lossy.
The nature of a DOS attack (overwhelming your bandwidth / router with traffic) means it pretty much has to be handled upstream. Your ISP should be able to filter the traffic at their routers where they have the bandwidth / processing power to do so. Even if you get a super router it doesn't change the fact that they are using up your bandwidth with dud requests.
Otherwise known as the Otis style jail.... Not sure that it really exists outside of Mayberry though.
I appreciate that what they are doing is scary but the video doesn't seem to indicate what they had to do in order to get that level of power. It seems that they have wires hooked up between the laptop and dash so, for all we know, they could be feeding bad sensor data into the computers. Is there things that could be done to mitigate the risk....sure. But if that is really how they are messing with things (by tearing apart the dash and rewiring everything) it would seem cutting the break lines would be nearly as dangerous and a lot easier.
From Wikipedia:
EMC Corporation is an American multinational corporation that offers data storage, information security, virtualization, and cloud computing products and services which enable businesses to store, manage, protect, and analyze massive volumes of data. EMC's target markets include large FORTUNE 500 companies as well as small business across various vertical markets.[2] It is headquartered in Hopkinton, Massachusetts.
EMC Page
They did 20 billion in revenue last year so they are not exactly an unheard of entity....especially with the large amount of IT folk that frequent slashdot.