The original idea was Plato; he posited a social class of people in his ideal Republic who would guard over the regular citizens. He had ideas of trying to inculcate in them a sort of high-minded ideal of service which would keep them from being corrupt; even at the time it was considered to be a bit naive.
The latin quote is from Juvenal; a character in one of his satires was talking about hiring people to guard the chastity of his wife (daughter? can't remember), and stressing out because he was sure that she would put out for her guards first, so he'd need a second set of guards to watch the first guards, and so forth.
The problem is always the same; we rely on the guardians to be self-policing, and it doesn't always work. But when you open up the possibility of everyone stepping up and taking some of the burden of watching the watchers, it becomes possible to sidestep the problem. The watchers are being watched by the watched, in effect being policed by the people they are policing.
Yea, that's going to be real effective. Do you know how tough modern memory cards are?
Anything that will destroy a card will be extremely hard to pass off as an accident by a cop. "...The subject was being belligerent so I took his camera away from him, and then I accidentally dropped it, stomped on it for a few minutes, ran over it with my car, then set it on fire. Accidentally."
When you have one guy and one camera this is a possibility, but when you have a situation where there are dozens of cameras...
Even now most cell phones do video. Think what it will be like in 10 years. Look at what services like YouTube have done to peoples reflexive camera response; you have the camera, and you have a public forum to air the footage, so you whip that camera out at the least provokation, at the mere possibility that you might see something worth recording.
The government has a tiny fraction of the recording resources of the population, and they have more and more dangerous secrets. Who has the most to be afraid of in this situation?
Yea, that would be almost as stupid as spending more money to invade a country and secure their entire oil supply than that oil supply is actually worth.
I don't think that "Honeypot" means what you think it means. Having a honeypot on a "real" server would be like having a live chemical weapons training course in your house.
The whole point is study, and possibly early warning. I've got a "honeypot" (I'd call it a "canary") set up on my corporate DMZ which is made to look roughly like one of my second tier financial machines; it's only there to scream bloody murder if someone tries to log into it.
If someone does log into it, they'll know immediately it's a decoy, because the only thing running on it is a process which listens and responds on a few select ports to make it look like real stuff is running on the machine.
That's about the sum total usefulness of a honeypot for anyone who is interested in anything besides watching the methods to pwn machines evolve. It has nothing to do with exposing actual useful information to anyone.
I can't believe that they thought that query was so good it needed to be passed down. They'd have gotten a lot more benefit out of skimming a handful of articles that mentioned the guys name more than once.
It's a hippy litmus test. The Owl thing was something they used to pin on Gore, so if someone shows up in a newspaper article, with a mention of a "spotted owl" then there is some hippy crap going down.
Or, of course, the person could be using the term themselves to paint someone else as a hippy.
Not sure what you're getting at. If your action listeners are screwed up, that's an obvious problem with a straightforward solution, but if your UI just plain sucks, no program is going to tell you that.
You need to go find someone with aesthetic sense, and a minimum of technical knowledge, and you need to shut up and listen to them whine as they use your UI. When you've fixed enough stuff that they stop whining, bring in a couple more and listen to them whine. Eventually they won't whine, and at that point, you'll know you've got a good interface.
For gods sake though, don't get a fricking committee involved! They will all want to make a trivial change to put their mark on it, and all those changes will turn your unpolished interface into the sort of steaming crapheap that wouldn't meet the basic user-friendliness of the interface on a piece of stereo equipment.
So yea; get the users involved, distill their complaints, make changes, NO COMMITTEES. And the simpler the better. I should write a UI testing program that just runs for 10 minutes and then pops up, "Your interface has too many buttons. Simplify it please." The interface can almost always be simpler.
Navigational updates are a good thing...That stuff is only as useful as it is current, but it has big brother possibilities which I don't particularly care for, and I'm pretty mellow (for a geek) about potential violations of my privacy.
Microsoft especially has proven repeatedly that they are more than willing to sell out their customers...In my mind that's the real issue, above and beyond issues of utility or stability. Do you want them to have that kind of access to your life?
Is anyone else homicidally enraged by the new "adaptive volume control" that seems to be standard in new cars these days? Speed up, the radio gets louder, slow down the radio gets quieter.
I've driven in some cars where it's semi-bearable...I don't quite notice it for a while because it's gradual. And I've driven in others where the volume goes up and down like a cracked out kangaroo to the point where I end up having to stomp on the brakes, whip off the road and punch the radio until it stops.
What's that, the geek equivalent of wrapping it around a tree?
Just doesn't have the same ring to it..."So I jailbroke my Mustang, and then the new firmware bricked it, and now it's just sitting in my driveway saying, 'Please to fasten seat belt' over and over again...So...You wanna go sit in it?"
There needs to be a recovery plan in place, but it's often not practical to have complete redundancy of the "the sysadmin is dead long live the sysadmin" variety.
As long as the system is stable and there is a process for succession of admins, thats about as good as it gets. And there will be "gotcha!" moments, and crap like that, but that is true with all IT gigs.
I'm not sure you know how averages work, with regards to standardized tests. In states where very few people take the SAT, average scores are much higher because the only people who are taking it are taking it because they need it to get into college.
In states where higher numbers of students take it, the average score is much more, shall we say, average.
Basically what they're saying is that in a larger sample size, you're going to get a more average score, whereas a smaller sample will be more self-selecting and can skew higher.
This country doesn't count drug crime as a non-violent crime.
Unfortunately, the politicians find drugs a convenient scapegoat, and enact absurd legislation which ends up putting people behind bars who really don't belong there (imho).
You can try to change it if you like, but frankly it's going to require a pretty widespread pro-drug movement, and a lot of sympathy from the general public...Look how long it took them to re-legalize alcohol.
It's not how much you steal, it's how you steal it. If you pull a gun to steal a twinkie, you get more time and higher security than if you steal millions in some white collar scheme.
In the end, just being caught is often the end of your white collar crime spree, because it's really difficult to get yourself back in that position when you've got a record. But if you're a violent offender, you're equally a danger to society before and after jail.
Because there is a difference between sending spam and committing a violent crime?
There are countries where jail is jail, whether you're a mass murderer or a serial jaywalker. I kinda like living in a country where they're not going to throw me in with the violent offenders if I scam the IRS.
That risk is just a basic man-in-the-middle. My bank allows you to put in your username on page 1, and then directs you to page 2 which contains a specific picture. If it's one of the pictures I've chosen, I put in my password. If not, I know it's phony.
Both pages are SSL'd, so the unsecured page doesn't apply, but that system would defeat the attack mentioned in your link.
Slashdot Mirror
What are you, some kind of Godwin's Law Nazi? You know, Hitler was always accusing people of pushing the boundaries of Godwin's Law.
The original idea was Plato; he posited a social class of people in his ideal Republic who would guard over the regular citizens. He had ideas of trying to inculcate in them a sort of high-minded ideal of service which would keep them from being corrupt; even at the time it was considered to be a bit naive.
The latin quote is from Juvenal; a character in one of his satires was talking about hiring people to guard the chastity of his wife (daughter? can't remember), and stressing out because he was sure that she would put out for her guards first, so he'd need a second set of guards to watch the first guards, and so forth.
The problem is always the same; we rely on the guardians to be self-policing, and it doesn't always work. But when you open up the possibility of everyone stepping up and taking some of the burden of watching the watchers, it becomes possible to sidestep the problem. The watchers are being watched by the watched, in effect being policed by the people they are policing.
Yea, that's going to be real effective. Do you know how tough modern memory cards are?
Anything that will destroy a card will be extremely hard to pass off as an accident by a cop. "...The subject was being belligerent so I took his camera away from him, and then I accidentally dropped it, stomped on it for a few minutes, ran over it with my car, then set it on fire. Accidentally."
When you have one guy and one camera this is a possibility, but when you have a situation where there are dozens of cameras...
Even now most cell phones do video. Think what it will be like in 10 years. Look at what services like YouTube have done to peoples reflexive camera response; you have the camera, and you have a public forum to air the footage, so you whip that camera out at the least provokation, at the mere possibility that you might see something worth recording.
The government has a tiny fraction of the recording resources of the population, and they have more and more dangerous secrets. Who has the most to be afraid of in this situation?
Who watches the watchers? The point becomes moot when everyone is a watcher.
Yea, that would be almost as stupid as spending more money to invade a country and secure their entire oil supply than that oil supply is actually worth.
I don't think that "Honeypot" means what you think it means. Having a honeypot on a "real" server would be like having a live chemical weapons training course in your house.
The whole point is study, and possibly early warning. I've got a "honeypot" (I'd call it a "canary") set up on my corporate DMZ which is made to look roughly like one of my second tier financial machines; it's only there to scream bloody murder if someone tries to log into it.
If someone does log into it, they'll know immediately it's a decoy, because the only thing running on it is a process which listens and responds on a few select ports to make it look like real stuff is running on the machine.
That's about the sum total usefulness of a honeypot for anyone who is interested in anything besides watching the methods to pwn machines evolve. It has nothing to do with exposing actual useful information to anyone.
I can't believe that they thought that query was so good it needed to be passed down. They'd have gotten a lot more benefit out of skimming a handful of articles that mentioned the guys name more than once.
It's a hippy litmus test. The Owl thing was something they used to pin on Gore, so if someone shows up in a newspaper article, with a mention of a "spotted owl" then there is some hippy crap going down.
Or, of course, the person could be using the term themselves to paint someone else as a hippy.
Not sure what you're getting at. If your action listeners are screwed up, that's an obvious problem with a straightforward solution, but if your UI just plain sucks, no program is going to tell you that.
You need to go find someone with aesthetic sense, and a minimum of technical knowledge, and you need to shut up and listen to them whine as they use your UI. When you've fixed enough stuff that they stop whining, bring in a couple more and listen to them whine. Eventually they won't whine, and at that point, you'll know you've got a good interface.
For gods sake though, don't get a fricking committee involved! They will all want to make a trivial change to put their mark on it, and all those changes will turn your unpolished interface into the sort of steaming crapheap that wouldn't meet the basic user-friendliness of the interface on a piece of stereo equipment.
So yea; get the users involved, distill their complaints, make changes, NO COMMITTEES. And the simpler the better. I should write a UI testing program that just runs for 10 minutes and then pops up, "Your interface has too many buttons. Simplify it please." The interface can almost always be simpler.
Navigational updates are a good thing...That stuff is only as useful as it is current, but it has big brother possibilities which I don't particularly care for, and I'm pretty mellow (for a geek) about potential violations of my privacy.
Microsoft especially has proven repeatedly that they are more than willing to sell out their customers...In my mind that's the real issue, above and beyond issues of utility or stability. Do you want them to have that kind of access to your life?
Is anyone else homicidally enraged by the new "adaptive volume control" that seems to be standard in new cars these days? Speed up, the radio gets louder, slow down the radio gets quieter.
I've driven in some cars where it's semi-bearable...I don't quite notice it for a while because it's gradual. And I've driven in others where the volume goes up and down like a cracked out kangaroo to the point where I end up having to stomp on the brakes, whip off the road and punch the radio until it stops.
What's that, the geek equivalent of wrapping it around a tree?
Just doesn't have the same ring to it..."So I jailbroke my Mustang, and then the new firmware bricked it, and now it's just sitting in my driveway saying, 'Please to fasten seat belt' over and over again...So...You wanna go sit in it?"
It's just not going to draw the girls.
There needs to be a recovery plan in place, but it's often not practical to have complete redundancy of the "the sysadmin is dead long live the sysadmin" variety.
As long as the system is stable and there is a process for succession of admins, thats about as good as it gets. And there will be "gotcha!" moments, and crap like that, but that is true with all IT gigs.
I'm not sure you know how averages work, with regards to standardized tests. In states where very few people take the SAT, average scores are much higher because the only people who are taking it are taking it because they need it to get into college.
In states where higher numbers of students take it, the average score is much more, shall we say, average.
Basically what they're saying is that in a larger sample size, you're going to get a more average score, whereas a smaller sample will be more self-selecting and can skew higher.
Especially not to use a fricking Foxconn mobo...Jesus, I don't know how you could buy one of those and maintain your self respect anyway.
Ummm...This guy was in a minimum security prison. He escaped during a conjugal visit. He then went on to kill his wife and an innocent child.
And the point you take from this is that our prisons are barbaric? What the hell do use for prison in Europe? Eurodisney?
This guy was at Club Fed, not PMITA prison. not much vengeance there.
This country doesn't count drug crime as a non-violent crime.
Unfortunately, the politicians find drugs a convenient scapegoat, and enact absurd legislation which ends up putting people behind bars who really don't belong there (imho).
You can try to change it if you like, but frankly it's going to require a pretty widespread pro-drug movement, and a lot of sympathy from the general public...Look how long it took them to re-legalize alcohol.
It's not how much you steal, it's how you steal it. If you pull a gun to steal a twinkie, you get more time and higher security than if you steal millions in some white collar scheme.
In the end, just being caught is often the end of your white collar crime spree, because it's really difficult to get yourself back in that position when you've got a record. But if you're a violent offender, you're equally a danger to society before and after jail.
A moron? I guess we all suspected the kind of people who make their living spamming, but now we have proof.
Because there is a difference between sending spam and committing a violent crime?
There are countries where jail is jail, whether you're a mass murderer or a serial jaywalker. I kinda like living in a country where they're not going to throw me in with the violent offenders if I scam the IRS.
The SSL cert. That was the OPs point; if you don't have a cert, then you can't be warned that the cert is unsigned.
I've actually read good stuff about the sitekey; I'll see if I can dig it up.
That risk is just a basic man-in-the-middle. My bank allows you to put in your username on page 1, and then directs you to page 2 which contains a specific picture. If it's one of the pictures I've chosen, I put in my password. If not, I know it's phony.
Both pages are SSL'd, so the unsecured page doesn't apply, but that system would defeat the attack mentioned in your link.
BoA defaults to that, but you have the ability to change it.