"Additionally, an attacker would likely need significant resources and access to intercept, fingerprint and process the traffic in real time."
Hmm.. I don't quite recall but I seem to remember someone talking about ISP's being permitted to monetize collected data from customers..
People who are trying to make it more complicated than that are just looking for ways to get government more involved in what goes on inside the home.
The problem is that by letting the phones, tv's and all of this data collection is just a step or 2 away from the government more involved in what goes on inside of the home. Do you think for a second that these devices won't be compromised once the government sees the need? And while we are at it, is the government really that much worse than google, microsoft, apple or now amazon? the FBI compiles a dossier on their citizens, and conspiracy theorist (/.ers) go crazy with indignation. The private data collection companies however, can tell you how you drive, what you watch, or just about any other aspect of your life and people seem strangely comfortable with it, almost ok. The misconception is that either the corporation is benign or that the government won't access that data.
Do you remember when instead of telling us that the next trick will be impressive, They would just do the next trick and let us be amazed?
If you need an applause sign, you've officially failed.
Just sayin,
As the microsoft band owner (it had alot of sensors) I can say that the can't even integrate the stupid band app with things like mapmyfitness reliably. I couldn't imagine them doing this right.
I considered briefly buying one of these, plugging it in and putting it in my kids playroom..
Every couple of days' I'd come in and roll through enough hot-button watch words to keep them listening.
I'd put my head of custodial engineering, senior front desk receptionist, and half a dozen mac store geniuses on it.. never let it be said they didn't help in the investigation.. It's just to hard.
Defense in layers would have gone quite a ways to assist in this problem. I don't recommend chrome/firefox/etc because it's not IE, I recommend it because you can run script blockers etc that will cut down on the risk of infection. Most corporate machines I've seen disable firewalls and uac because it might interfere with workstation management, which is great until your sales team takes it out and puts it on some random network x at a hotel. Defending each machine individually with firewall, antivirus, and scriptblocking. Push patches out same day. Disable unused services on your workstation images.
Monitor your exchange server, run antivirus and block obvious attachment that could contain viruses. be careful about restricting pdf, doc, or other files which while potentially harmful will necessitate your users going around your protections to get the job done.
Employ access lists in your internal routers to segregate/restrict traffic between workstations and and tight firewall security on your perimeters. Once that is done, set up a honeypot or 3 that mimick your production components as an early warning system.
Lastly monitor your network traffic for trends. use DPI and stateful firewalls to keep ahead of the ball.
Just in, the EPA has determined that the dangerous chemical H2O is responsible for warming of the earth and if congress fails to regulate it, they will do it for them.
If all your trying to do is run some apps for email/web/im basic text, I would look at the eeepc's. I just picked up a 1000he last month and I'm happy dual booting xp home and eeebuntu. by default it likes my software and I get a solid (tested on 5 flights and various trip) 5.5 hours of battery running either linux or windows. the hardware is sub 400 dollars with a memory upgrade, light weight and should meet your basic needs. It doesn't have a CD/DVD player though so I'd recommend investing in at least a hand full of external dvd's and some thumb drives.
Joe continuously asks me "this computer I bought has vista, I hear it sucks, what should I do.
I usually ask Joe, what can't you do on the vista machine that you want to?
Joe almost always says "nothing" to which I say "then why change?"
The reality is that Vista IS bloated but the new baseline hardware has finally caught up. Vista had a horrible start because it was released on hardware woefully underpowered for the weight of Vista, poor driver support on release and some unpopular but somewhat necessary security features.
That said, the fact that you OS "upgrades" universally perform slower than the previous versions is somewhat crazy. It boggles the mind that efficiency in code is less than a afterthought in the majority of todays development cycles. If it runs to slow the solution is bigger hardware. If Moores Law ever comes to a crashing halt, I dont' know what our code monkeys will do.
I recently activated and on average, I see about 2 or 3 new players every couple of weeks. Looks like they have a few hundered players at a given time.. granted about 20 of those are bots..
Long passwords are trivial to enforce. In Active Directory, for instance, you simply set a policy. Done. Sure, whining users-- get used to it. It's your job to make sure the company has the resources it needs, and if they go down, it's your head on the chopping block
the number of passwords I see around my office on post-it-notes verifies this as a very valid approach. 12 character 2 up 2 down 2 symbols and 2 #'s that changes every 45 days is great. It insures that passwords will be forgotten and written down, that the overtaxed help desk will reset more passwords. You idiots in IT need to realize that computers are a TOOL to be used to make the job easier. Business doesn't exist to justify an IT budget. Good security is a balance between usability and security.
The tighter your security, the more strict you are about "locking down them stupid users" the more likey they are to have to circumvent as much of it as possible. A good rule of thumb, in my opinion is to look at your IT staff's machines, if they have disabled your SMS, turned off vital suite, modified their antivirus, and set themselves to admins on your machine, you likely need to rethink your strategy, because your users are doing the same thing.
I propose a few things, in light of your desire to protect the world from itself.
1. Automobiles should be govenered at 10mph, and made of plastic. This, combined with the 5pt harness and the required helmet/flame retardant suit, will SIGNIFICANTLY reduce the number of auto-fataliites. 2. Eliminate Gas/Electric Stoves: we have microwaves that are cappable of cooking anything to a greater or lesser degree. Why would you needlessly subject children or adults to the possiblity of being burnt on a hot stove? 3. Fine people for violations of the verbal morality code: This will clean up the airwaves for our children. fuck, people will bitch at first, but eventually they're asses will be to poor to say that shit.
Seriously, It's so easy to take the "what you don't want you child to wear a helmet? you must not care about them. WTF? You don't keep your kid in a bubble you must not love them. I don't make my daughter wear a helmet when she's running up and down the stairs, although I feel sometimes I should..(she's 3.5) and she has a helmet, because I don't want fined, but I think it's stupid to make her wear a helmet while riding a bigwheel in an empty school parkinglot (which has a sign that says NO WHEELED VEHICLES OF ANY KIND because they don't want skateboarders there). there DOES come a time when we're protecting our kids from themselves, and it's silly.
well that and the cool little keyfobs we use at work. A while ago, I took the chip out of mine, and replanted it into my pen, confuses people when your opening the door with an inkpen. Seems like a good case for "the pen is mightier" quote
the safest way is to download the updates for administrators who distribute updates from their server. burn that to a Cd, etc. baring that
I'd say try updating windows first, with the firewall on.. once you've fully patched windows, then move on to installing/configuring norton with the firewall off. you won't have the vulnerabilities that you need the antivirus software for when you update it. and you won't need it while you have the firewall.
My friend and I have a rivalry going on.. reguarding Linux vs Windows. I sent him the link, he sent me a retort..
My point-by-point response to this
article.
There are about 60,000 viruses known for Windows, 40 or so for the
Macintosh, about 5 for commercial Unix versions, and perhaps 40 for
Linux. Most of the Windows viruses are not important, but many hundreds
have caused widespread damage. Two or three of the Macintosh viruses were
widespread enough to be of importance. None of the Unix or Linux viruses
became widespread - most were confined to the laboratory.
>>Editor's note: unfortunately we have been made aware that this
quote by Dr. Peeling and Dr. Satchell is incorrect; the independent
WildList organization
produces a monthly in the wild list of viruses. While the
vast majority of viruses in their report are Windows-based, there are
still some Linux-based viruses (listed as Other) found in the
wild as well.>>
So, the very basis for stating that Mr.
Clark (a high ranking official with a well-known anti-virus company) is
wrong is flagged by the editor as being invalid. Am I the only one
who thinks this is not a small deal? It's also worth nothing that
this is the first of two such statements that the editor had to
mark as being factually unsound or misleading.
First, look at the two factors that cause
email viruses and worms to propagate: social engineering, and poorly
designed software.... Virus writers use social engineering to convince
people to do stupid things,.... Poorly designed software makes it easier
for social engineering to take place, but such software can also subvert
the efforts of a knowledgeable, security-minded individual or
organization.
Can anybody explain the use of the word
but in the previous sentence? (Look at the sentence
again if you're wondering what I mean.)
... It's easy to run executables in the
Windows world, and users who get an email with a subject line like
Check out this wicked screensaver! and an attachment, too
often click on it without thinking first, and bang! we're off to the
races and a new worm has taken over their systems.
Even worse, Microsoft's email software is able to infect a user's
computer when they do something as innocuous as read an email! Don't
believe me? Take a look at Microsoft Security Bulletins
MS99-032,
MS00-043,
MS01-015,
MS01-020,
MS02-068,
or
MS03-023,
for instance. Notice that's at least one for the last five years.
There is an upcoming editor's note about
this along with the following sentence.
Slashdot Mirror
Why change all of your services to cater to a group that has no money?
Because that group is not the customer. They are the product.
"Additionally, an attacker would likely need significant resources and access to intercept, fingerprint and process the traffic in real time." Hmm.. I don't quite recall but I seem to remember someone talking about ISP's being permitted to monetize collected data from customers..
People who are trying to make it more complicated than that are just looking for ways to get government more involved in what goes on inside the home.
The problem is that by letting the phones, tv's and all of this data collection is just a step or 2 away from the government more involved in what goes on inside of the home. Do you think for a second that these devices won't be compromised once the government sees the need? And while we are at it, is the government really that much worse than google, microsoft, apple or now amazon? the FBI compiles a dossier on their citizens, and conspiracy theorist (/.ers) go crazy with indignation. The private data collection companies however, can tell you how you drive, what you watch, or just about any other aspect of your life and people seem strangely comfortable with it, almost ok. The misconception is that either the corporation is benign or that the government won't access that data.
I see what you did there, Clever
Do you remember when instead of telling us that the next trick will be impressive, They would just do the next trick and let us be amazed? If you need an applause sign, you've officially failed. Just sayin,
As the microsoft band owner (it had alot of sensors) I can say that the can't even integrate the stupid band app with things like mapmyfitness reliably. I couldn't imagine them doing this right.
Who use ad and script blocking..
I considered briefly buying one of these, plugging it in and putting it in my kids playroom.. Every couple of days' I'd come in and roll through enough hot-button watch words to keep them listening.
to easily circumvented encryption. Seems more honest that way.
I'd put my head of custodial engineering, senior front desk receptionist, and half a dozen mac store geniuses on it.. never let it be said they didn't help in the investigation.. It's just to hard.
Interesting Implications! first
don't forget accessing usb storage, CD's DVD's and other media types.
Defense in layers would have gone quite a ways to assist in this problem. I don't recommend chrome/firefox/etc because it's not IE, I recommend it because you can run script blockers etc that will cut down on the risk of infection. Most corporate machines I've seen disable firewalls and uac because it might interfere with workstation management, which is great until your sales team takes it out and puts it on some random network x at a hotel. Defending each machine individually with firewall, antivirus, and scriptblocking. Push patches out same day. Disable unused services on your workstation images.
Monitor your exchange server, run antivirus and block obvious attachment that could contain viruses. be careful about restricting pdf, doc, or other files which while potentially harmful will necessitate your users going around your protections to get the job done.
Employ access lists in your internal routers to segregate/restrict traffic between workstations and and tight firewall security on your perimeters. Once that is done, set up a honeypot or 3 that mimick your production components as an early warning system.
Lastly monitor your network traffic for trends. use DPI and stateful firewalls to keep ahead of the ball.
Just in, the EPA has determined that the dangerous chemical H2O is responsible for warming of the earth and if congress fails to regulate it, they will do it for them.
If all your trying to do is run some apps for email/web/im basic text, I would look at the eeepc's.
I just picked up a 1000he last month and I'm happy dual booting xp home and eeebuntu. by default it likes my software and I get a solid (tested on 5 flights and various trip) 5.5 hours of battery running either linux or windows. the hardware is sub 400 dollars with a memory upgrade, light weight and should meet your basic needs. It doesn't have a CD/DVD player though so I'd recommend investing in at least a hand full of external dvd's and some thumb drives.
Joe continuously asks me "this computer I bought has vista, I hear it sucks, what should I do. I usually ask Joe, what can't you do on the vista machine that you want to? Joe almost always says "nothing" to which I say "then why change?" The reality is that Vista IS bloated but the new baseline hardware has finally caught up. Vista had a horrible start because it was released on hardware woefully underpowered for the weight of Vista, poor driver support on release and some unpopular but somewhat necessary security features. That said, the fact that you OS "upgrades" universally perform slower than the previous versions is somewhat crazy. It boggles the mind that efficiency in code is less than a afterthought in the majority of todays development cycles. If it runs to slow the solution is bigger hardware. If Moores Law ever comes to a crashing halt, I dont' know what our code monkeys will do.
I recently activated and on average, I see about 2 or 3 new players every couple of weeks. Looks like they have a few hundered players at a given time.. granted about 20 of those are bots..
How do you shift when you have 2 hands on the wheel?
Actually Most people I know that do development would love a chance to stump newbies will proving their intelectual superiority in the process.
Or rather; I before E except when it's an A
I propose a few things, in light of your desire to protect the world from itself.
1. Automobiles should be govenered at 10mph, and made of plastic. This, combined with the 5pt harness and the required helmet/flame retardant suit, will SIGNIFICANTLY reduce the number of auto-fataliites.
2. Eliminate Gas/Electric Stoves: we have microwaves that are cappable of cooking anything to a greater or lesser degree. Why would you needlessly subject children or adults to the possiblity of being burnt on a hot stove?
3. Fine people for violations of the verbal morality code: This will clean up the airwaves for our children. fuck, people will bitch at first, but eventually they're asses will be to poor to say that shit.
Seriously, It's so easy to take the "what you don't want you child to wear a helmet? you must not care about them. WTF? You don't keep your kid in a bubble you must not love them. I don't make my daughter wear a helmet when she's running up and down the stairs, although I feel sometimes I should..(she's 3.5) and she has a helmet, because I don't want fined, but I think it's stupid to make her wear a helmet while riding a bigwheel in an empty school parkinglot (which has a sign that says NO WHEELED VEHICLES OF ANY KIND because they don't want skateboarders there). there DOES come a time when we're protecting our kids from themselves, and it's silly.
well that and the cool little keyfobs we use at work. A while ago, I took the chip out of mine, and replanted it into my pen, confuses people when your opening the door with an inkpen. Seems like a good case for "the pen is mightier" quote
the safest way is to download the updates for administrators who distribute updates from their server. burn that to a Cd, etc. baring that
I'd say try updating windows first, with the firewall on.. once you've fully patched windows, then move on to installing/configuring norton with the firewall off. you won't have the vulnerabilities that you need the antivirus software for when you update it. and you won't need it while you have the firewall.
My friend and I have a rivalry going on.. reguarding Linux vs Windows. I sent him the link, he sent me a retort.. My point-by-point response to this article.
.... let's compare the numbers. ...
... Virus writers use social engineering to convince
people to do stupid things, .... Poorly designed software makes it easier
for social engineering to take place, but such software can also subvert
the efforts of a knowledgeable, security-minded individual or
organization.
... It's easy to run executables in the
Windows world, and users who get an email with a subject line like
Check out this wicked screensaver! and an attachment, too
often click on it without thinking first, and bang! we're off to the
races and a new worm has taken over their systems.
Jack Clarke, European product manager at McAfee, said, So we will be seeing more Linux viruses as the OS becomes more common and popular.
Mr. Clarke is wrong.
There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory. >>Editor's note: unfortunately we have been made aware that this quote by Dr. Peeling and Dr. Satchell is incorrect; the independent WildList organization produces a monthly in the wild list of viruses. While the vast majority of viruses in their report are Windows-based, there are still some Linux-based viruses (listed as Other) found in the wild as well.>>
So, the very basis for stating that Mr. Clark (a high ranking official with a well-known anti-virus company) is wrong is flagged by the editor as being invalid. Am I the only one who thinks this is not a small deal? It's also worth nothing that this is the first of two such statements that the editor had to mark as being factually unsound or misleading.
First, look at the two factors that cause email viruses and worms to propagate: social engineering, and poorly designed software.
Can anybody explain the use of the word but in the previous sentence? (Look at the sentence again if you're wondering what I mean.)
Even worse, Microsoft's email software is able to infect a user's computer when they do something as innocuous as read an email! Don't believe me? Take a look at Microsoft Security Bulletins MS99-032, MS00-043, MS01-015, MS01-020, MS02-068, or MS03-023, for instance. Notice that's at least one for the last five years.
There is an upcoming editor's note about this along with the following sentence.
And though Microsoft's latest versions of Outlook blocks most executable attachments by default, it's still possible to override those protections.
So, the complaint here is that it is possible for somebody to manually override the security settings put in place by Outlook? Does the autho