Judge the release of the video, and/or the cover up if there was one, all you want. Not that we have THOSE facts either, but it doesn't seem to stop anyone on here...
You're ignoring the very valid point that you watched that video sitting in your leather office chair, on your 27" LCD, without the fear that someone is shooting at you, as probably happens every day to these crews. They are FLYING A HELICOPTER and watching a grainy b&w video on a small display, and forced to make judgments that may cost them or others their lives. In your full-time role as router-jockey (or whatever you do), can you claim to understand even a fraction of the fear, danger, and difficulty these men deal with daily? The answer to that is NO, in case you were thinking anything else.
Have someone try to kill you every day for a year, THEN look at a grainy video while you fly through the air, and if you haven't shit your pants by then, well you *might* have the cred to start judging. Until then, STFU.
(And yes, I know Apache's have two pilots, one to fly and the other to handle the weapons. Doesn't change the point. And no, I don't support the slaughter of innocents; I was horrified to watch it unfold, but I KNEW WHAT WAS GOING ON IN ADVANCE. These guys have to make a judgment unlike anything you've ever had to do.)
Wow, that's a string of misguided replies, with the occasional person that actually knows what they're talking about. Full disclosure: I'm an engineer for Aruba Networks, and this is exactly the kind of thing I/we do regularly. I've personally done the Interop shows in Javitts Center in NYC, the All-Star Game at Yankee Stadium, and various other conferences with 1,000 or more people. As a company, we've done the wireless network at Black Hat for years (without one failure or hack), the HoPe conference, as well as most of the hotels and conference centers in Vegas. Oh yeah, and every US Air Force base in the world. If you want this to work, here are the unique features that ONLY Aruba Networks provides for high density deployments (all without needing software on the clients or CCX extensions in the NIC card)...
- Band Steering: Use dual-radio access points. The Aruba gear detects if a client supports both 2.4g and 5g, and moves the client automatically to the 5g band, which is cleaner and has more channels available.
- Spectrum Load Balancing: Every vendor offers load balancing: there are 10 users on AP-1/Channel 1, and 20 on AP-2/Channel 6, so put the next user on AP-1. This ignores the fact that the only resource you're really constrained by is the amount of spectrum in use, not the number of users on an AP. If those 10 users are using most of the spectrum of Channel 1, while Channel 6 isn't being used as heavily by the 20 users, you'll get better performance by balancing the user to the less-utilized spectrum, rather than the lowest user-count AP.
- Co-Channel Interference: The Aruba architecture knows when a client is within range of two APs on the same channel, and schedules transmissions out of the APs so they don't collide in the air.
- Adjacent channel interference: Aruba ecognizes that there *will* be some bleed between transmissions on adjacent channels, and manages transmissions to avoid that.
- Airtime Fairness: Aruba recognizes the different client phy types (802.11a, b, g, and n-2.4/n-5) and allocates certain amounts of airtime to each client, so those old 11b clients don't drag your 11n clients to a screeching halt.
- Channel Reuse: modifying the collision threshold on the channel to allow you to reuse channels in much closer proximity to one another than normally possible.
- Dynamic Multicast Optimization: The APs can detect a multicast stream and determine if it's better to send the stream to all multicast clients at one, but at the normal lowest data rate, or convert the stream to a series of unicast transmissions that can be sent to each client at a much higher rate.
- Mode-aware Adaptive Radio Management: Deploy as many APs as you want. The Aruba architecture will automatically turn on (or off!) individual radios based upon RF needs; too much RF is worse than not enough, in most cases.
- Client bandwidth contracts: Set a rate limit for each user, so one person can't use half your bandwidth.
- Policy Enforcement Firewall: Allow your users to only do what protocols you want (http, https, dhcp, dns), and block all the others. iTunes/Bonjour/MulticastDNS from Apple products will KILL your network otherwise.
Now, all of that said, here are some BAD ideas that people have suggested:
- Use all 14 channels!
------ Not only is this illegal almost everywhere, but most clients will use the operating system's country code and only use the channels that are supposed to be available. In the U.S. for example, only channels 1-11 are valid; client devices won't try to use channels 12-14.
- Use channels 1, 4, 7, 10 on one group of APs, then 2, 5, 8, 11 on the next set....
------ TERRIBLE idea. Because 802.11a
OK, you guys have posted some good ideas (and a lot of crap, which is why I come here). Let me include some more info to better explain my situation:
- I can shut the water off - I have family in the area that can check in - I will often be able to drive back if I need to - I will keep the house temp above freezing (55 or so?) - I will be coming back, say once a month, to support a local customer, as well as to see my family - I have too much "stuff" to move everything out to an apartment; the distance is also a factor here (i.e. no renting)
What I should have asked is, what kind of "instant alert" type things are there for this situation? Having someone stop by every few days is good, but when a pipe breaks, for example, if someone can get to the house within 30 minutes (compared to 4 days) that can mean the difference between losing everything and losing _some_ stuff.
How do I get nofitied when:
1) the temp drops below xx
2) water is detected in the basement
3) any other events I should know about immediately?
What bugs me is that this vulnerability wasn't "discovered" once IE7 was released; more than likely, these people knew the bug existed in IE6, and in the IE7 betas, they waited until IE7 was declared Gold, then went to press! If they acted correctly instead of trying to grab headlines, they would have notified MS in advance, to allow an opportunity to correct it.
Not absolving MS by any means, but this seems awfully self-serving be the "security researchers"...
"The Google Legacy" (Infonortics, $180.00 per download) is available in online PDF version only. An online order form and a sample chapter are also available.
I think they skipped all the steps between 1. Write book and went right to 6. Profit!!!
Friends said that he broke into the networks from his home computer to try to prove his theory that the US was covering up the existence of UFOs.
Any self-respecting hacker knows better than to launch attacks from his home computer. Didn't he know that many broadband DNS names almost lead people to your house?
17NorthElmSt.LV.Nevada.USA.cox.net
Additionally, he had friends?? Doesn't ring true...
This dude must be like really really huge to be the World's Biggest Hacker...
- Peeping Toms would be convicted of port scanning. - "My Windows blue-screened, I have to go sweep up the pieces now." - "I can't see outside right now, somebody's D.O.S.-ing my house..." - Hate cleaning windows? Do it the easy way: C:\> CLS - "Windows crashed" takes on a whole new meaning. - Think how drafty (and unsecure!) your house would be with all those holes in your Windows. - There's some kind of a Trojan joke here, but I can't put it together...
With all the past things people have done to hamsters (no Richard Gere jokes please), it's only a matter of time before one takes a ride on a personal rocket.
When the new police station/courthouse opened in town, it had one of those air-delivery mail systems, like your bank's drive-up teller window. Within two weeks, the newspaper printed an article that some people had been disciplined for sending a hamster all around the building!
Are you people ever happy with anything they do?
I know, they're generally evil, but the members here preach about the evils of unsecured software. Now you're criticizing the company for doing exactly what you asked?
kM
Maybe someone bought the old hard drives from a/. server, grabbed the admin passwords for the site, and keeps posting the old articles they recover!
It makes perfect sense. Surely the admins can't keep making these mistakes over and over...
err, nebbermind.
kM
I did a 6-month gig at a financial trading house outside NYC. I was filling in as a temp network manager until a replacement for the old one (he quit) could be found. They made their new hire, and I had one month left on my deal, so I stayed and helped the transition.
The director, who hired the manager, was a mainframe guy, and didn't know PCs at all, only big iron. One day, the director is trying to use PC-Anywhere to control a remote PC in England; PC-Anywhere is not running full screen on his local PC, so he can't see the entire remote desktop on his 17" monitor. He calls the new network manager in:
Director: How do I enlarge this window so I can see the whole desktop?
Manager: Lemme try something. (no luck at all)
Manager: Ah! I know the problem! You have a 17" monitor here, and the remote machine probably only has a 14" monitor on it, so that's as large as it can display."
The director looks at me skeptical.
ME: So then if you disconnected the monitor from the PC in England, you couldn't use PC-Anywhere? You'd just get a blank screen?
Director:
Manager: Let me try something other things...
I was happy to leave this contract... I took with me the most valuable piece of advice I've heard about contracting, from another consultant there: "Never work for a place where the primary product they produce is money!"
kM
It's so sad that it took so many responses before someone posted any link to LSL. I thought it would merit first post honors, perhaps I'm making LSL too important...:)
All points are valid... I doubt Mr. Grasso reaches the end of my letter anyway! I don't think I would, if I was reading it... lol
Jeez, one little grammar mistake and you gotta jump on it... from someone who starts his post with "Yeah"...:) I'll be sure to file that "helpful grammar correction" under "Shit I Don't Care About"...
Please write to Jack Grasso, Director of Public Relations, at mailto:jgrasso@uc-council.org.
My letter is below: (hpoe my facts are mostly accurate)
Good morning Mr. Grasso -
I am writing this morning to express my extreme dismay at the selection of VeriSign to run this RFID registry. As a professional in the technology field, I have dealt with VeriSign on many occasions, and have decided that I never will again, if at all possible. VeriSign has a history of putting the company first before all else, including privacy, not a great attribute for someone who will organize a system to track millions of things and people.
VeriSign has engaged in deceptive business practices, for example the "fake" invoices they sent out to clients of competing registrars, giving the false impression that the client had to pay VeriSign in order to renew their domain (VeriSign lost many lawsuits over this deceptive practice, and the FTC even got involved).
VeriSign most recently used the monopoly position on maintaining the.COM and.NET "Top-Level Domains" to bring web surfers that made a typo in a URL to a VeriSign-owned search engine, which sold advertising to other companies and promoted specific search results based upon their paid advertisers. In the process, the technological changes they made to do this caused the malfunction of millions of programs, primarily many anti-SPAM utilities.
In all these cases, VeriSign acted greedily to further the company's aims over what's good for the people who must use the services that VeriSign administers. Their track record of deception and the world-renowned sluggishness with which their company operates should be a red flag for anyone who understands the types of technology involved and the effects that VeriSign's moves has had on the Internet.
Please consider some additional viewpoints. There is a website known as SlashDot, located at http://slashdot.org, which has one of the largest user bases of any web site. Most of the users are tech workers, and the discussions on SlashDot are some of the most intelligent discussions I have ever read. A discussion on your organization's decision is in progress right now. Please read it at http://slashdot.org/article.pl?sid=04/01/13/125721 2&mode=thread&tid=158&tid=99
And please pass along to your management the unhappiness this move has brought to the vast majority of the people who actually understand what your technology does, what it is capable of, and the ways it can be abused.
The first game that really scared me. I was selling PCs and software at retail then, right out of high school. The first multi-CD game I can remember, it just kept throwing in creepy sounds and videos when you weren't expecting it. And the difficulty of the puzzles! That's how I learned the word 'tryst'.
Second follow up: Sierra's Phantasmagoria. 7 CD-ROMS, unheard of for that time. Still got 'em. It was genuinely creepy, unusual to play a girl for the lead character, let alone a hot girl! (C'mon, I know I'm not the only one who noticed that she jiggled when she ran...) The first game I can think of that used actual digitized video of people in the game itself.
Now what was her name...???
kM
Slashdot Mirror
Replying to my own post....
Judge the release of the video, and/or the cover up if there was one, all you want. Not that we have THOSE facts either, but it doesn't seem to stop anyone on here...
You're ignoring the very valid point that you watched that video sitting in your leather office chair, on your 27" LCD, without the fear that someone is shooting at you, as probably happens every day to these crews. They are FLYING A HELICOPTER and watching a grainy b&w video on a small display, and forced to make judgments that may cost them or others their lives. In your full-time role as router-jockey (or whatever you do), can you claim to understand even a fraction of the fear, danger, and difficulty these men deal with daily? The answer to that is NO, in case you were thinking anything else.
Have someone try to kill you every day for a year, THEN look at a grainy video while you fly through the air, and if you haven't shit your pants by then, well you *might* have the cred to start judging. Until then, STFU.
(And yes, I know Apache's have two pilots, one to fly and the other to handle the weapons. Doesn't change the point. And no, I don't support the slaughter of innocents; I was horrified to watch it unfold, but I KNEW WHAT WAS GOING ON IN ADVANCE. These guys have to make a judgment unlike anything you've ever had to do.)
Wow, that's a string of misguided replies, with the occasional person that actually knows what they're talking about. Full disclosure: I'm an engineer for Aruba Networks, and this is exactly the kind of thing I/we do regularly. I've personally done the Interop shows in Javitts Center in NYC, the All-Star Game at Yankee Stadium, and various other conferences with 1,000 or more people. As a company, we've done the wireless network at Black Hat for years (without one failure or hack), the HoPe conference, as well as most of the hotels and conference centers in Vegas. Oh yeah, and every US Air Force base in the world. If you want this to work, here are the unique features that ONLY Aruba Networks provides for high density deployments (all without needing software on the clients or CCX extensions in the NIC card)...
- Band Steering: Use dual-radio access points. The Aruba gear detects if a client supports both 2.4g and 5g, and moves the client automatically to the 5g band, which is cleaner and has more channels available.
- Spectrum Load Balancing: Every vendor offers load balancing: there are 10 users on AP-1/Channel 1, and 20 on AP-2/Channel 6, so put the next user on AP-1. This ignores the fact that the only resource you're really constrained by is the amount of spectrum in use, not the number of users on an AP. If those 10 users are using most of the spectrum of Channel 1, while Channel 6 isn't being used as heavily by the 20 users, you'll get better performance by balancing the user to the less-utilized spectrum, rather than the lowest user-count AP.
- Co-Channel Interference: The Aruba architecture knows when a client is within range of two APs on the same channel, and schedules transmissions out of the APs so they don't collide in the air.
- Adjacent channel interference: Aruba ecognizes that there *will* be some bleed between transmissions on adjacent channels, and manages transmissions to avoid that.
- Airtime Fairness: Aruba recognizes the different client phy types (802.11a, b, g, and n-2.4/n-5) and allocates certain amounts of airtime to each client, so those old 11b clients don't drag your 11n clients to a screeching halt.
- Channel Reuse: modifying the collision threshold on the channel to allow you to reuse channels in much closer proximity to one another than normally possible.
- Dynamic Multicast Optimization: The APs can detect a multicast stream and determine if it's better to send the stream to all multicast clients at one, but at the normal lowest data rate, or convert the stream to a series of unicast transmissions that can be sent to each client at a much higher rate.
- Mode-aware Adaptive Radio Management: Deploy as many APs as you want. The Aruba architecture will automatically turn on (or off!) individual radios based upon RF needs; too much RF is worse than not enough, in most cases.
- Client bandwidth contracts: Set a rate limit for each user, so one person can't use half your bandwidth.
- Policy Enforcement Firewall: Allow your users to only do what protocols you want (http, https, dhcp, dns), and block all the others. iTunes/Bonjour/MulticastDNS from Apple products will KILL your network otherwise.
If you want more information on the physics of these methods, check out this white paper which has more info than you'll want to read:
http://www.arubanetworks.com/pdf/technology/whitepapers/wp_ARM_EnterpriseWLAN.pdf
Now, all of that said, here are some BAD ideas that people have suggested:
- Use all 14 channels!
------ Not only is this illegal almost everywhere, but most clients will use the operating system's country code and only use the channels that are supposed to be available. In the U.S. for example, only channels 1-11 are valid; client devices won't try to use channels 12-14.
- Use channels 1, 4, 7, 10 on one group of APs, then 2, 5, 8, 11 on the next set....
------ TERRIBLE idea. Because 802.11a
I, for one, welcome our new Jamming Morphing Doughy Overlords.
OK, you guys have posted some good ideas (and a lot of crap, which is why I come here). Let me include some more info to better explain my situation:
- I can shut the water off
- I have family in the area that can check in
- I will often be able to drive back if I need to
- I will keep the house temp above freezing (55 or so?)
- I will be coming back, say once a month, to support a local customer, as well as to see my family
- I have too much "stuff" to move everything out to an apartment; the distance is also a factor here (i.e. no renting)
What I should have asked is, what kind of "instant alert" type things are there for this situation? Having someone stop by every few days is good, but when a pipe breaks, for example, if someone can get to the house within 30 minutes (compared to 4 days) that can mean the difference between losing everything and losing _some_ stuff.
How do I get nofitied when:
1) the temp drops below xx
2) water is detected in the basement
3) any other events I should know about immediately?
Thanks everyone!
What bugs me is that this vulnerability wasn't "discovered" once IE7 was released; more than likely, these people knew the bug existed in IE6, and in the IE7 betas, they waited until IE7 was declared Gold, then went to press! If they acted correctly instead of trying to grab headlines, they would have notified MS in advance, to allow an opportunity to correct it. Not absolving MS by any means, but this seems awfully self-serving be the "security researchers"...
Check the end of TFA:
"The Google Legacy" (Infonortics, $180.00 per download) is available in online PDF version only. An online order form and a sample chapter are also available.
I think they skipped all the steps between
1. Write book
and went right to
6. Profit!!!
kM
They must mean his weight...
From TFA:
Friends said that he broke into the networks from his home computer to try to prove his theory that the US was covering up the existence of UFOs.
Any self-respecting hacker knows better than to launch attacks from his home computer. Didn't he know that many broadband DNS names almost lead people to your house?
17NorthElmSt.LV.Nevada.USA.cox.net
Additionally, he had friends?? Doesn't ring true...
This dude must be like really really huge to be the World's Biggest Hacker...
I'm not sure, but it feels like there's More to this story Than Meets The Eye...
- Peeping Toms would be convicted of port scanning.
- "My Windows blue-screened, I have to go sweep up the pieces now."
- "I can't see outside right now, somebody's D.O.S.-ing my house..."
- Hate cleaning windows? Do it the easy way: C:\> CLS
- "Windows crashed" takes on a whole new meaning.
- Think how drafty (and unsecure!) your house would be with all those holes in your Windows.
- There's some kind of a Trojan joke here, but I can't put it together...
OK, I'm tired of this now. Someone else's turn...
kM
How will this affect evolution?
This is evolution.
kM
Hmm, new passwords were just set... musta been too late.
Their server is hosed up, go to their web site and you get the Control Panel page... free access!
This is like saying that starving people in "Third World" countries simply need access to cheaper silverware to eat with...
kM
With all the past things people have done to hamsters (no Richard Gere jokes please), it's only a matter of time before one takes a ride on a personal rocket.
When the new police station/courthouse opened in town, it had one of those air-delivery mail systems, like your bank's drive-up teller window. Within two weeks, the newspaper printed an article that some people had been disciplined for sending a hamster all around the building!
kM
Yeah but now that I've met those chicks, *I've* become a "Burning Man"... ...now where did I put that ointment...
Yeah, but shortly after meeting them, *I* became a "Burning Man"... ... now where did I put that tube of cream...
Are you people ever happy with anything they do? I know, they're generally evil, but the members here preach about the evils of unsecured software. Now you're criticizing the company for doing exactly what you asked? kM
Maybe someone bought the old hard drives from a /. server, grabbed the admin passwords for the site, and keeps posting the old articles they recover!
It makes perfect sense. Surely the admins can't keep making these mistakes over and over...
err, nebbermind.
kM
I did a 6-month gig at a financial trading house outside NYC. I was filling in as a temp network manager until a replacement for the old one (he quit) could be found. They made their new hire, and I had one month left on my deal, so I stayed and helped the transition. The director, who hired the manager, was a mainframe guy, and didn't know PCs at all, only big iron. One day, the director is trying to use PC-Anywhere to control a remote PC in England; PC-Anywhere is not running full screen on his local PC, so he can't see the entire remote desktop on his 17" monitor. He calls the new network manager in: Director: How do I enlarge this window so I can see the whole desktop? Manager: Lemme try something. (no luck at all) Manager: Ah! I know the problem! You have a 17" monitor here, and the remote machine probably only has a 14" monitor on it, so that's as large as it can display." The director looks at me skeptical. ME: So then if you disconnected the monitor from the PC in England, you couldn't use PC-Anywhere? You'd just get a blank screen? Director: Manager: Let me try something other things... I was happy to leave this contract... I took with me the most valuable piece of advice I've heard about contracting, from another consultant there: "Never work for a place where the primary product they produce is money!" kM
It's so sad that it took so many responses before someone posted any link to LSL. I thought it would merit first post honors, perhaps I'm making LSL too important...:)
All points are valid... I doubt Mr. Grasso reaches the end of my letter anyway! I don't think I would, if I was reading it... lol
:) I'll be sure to file that "helpful grammar correction" under "Shit I Don't Care About"...
Jeez, one little grammar mistake and you gotta jump on it... from someone who starts his post with "Yeah"...
Please write to Jack Grasso, Director of Public Relations, at mailto:jgrasso@uc-council.org.
.COM and .NET "Top-Level Domains" to bring web surfers that made a typo in a URL to a VeriSign-owned search engine, which sold advertising to other companies and promoted specific search results based upon their paid advertisers. In the process, the technological changes they made to do this caused the malfunction of millions of programs, primarily many anti-SPAM utilities.
1 2&mode=thread&tid=158&tid=99
My letter is below:
(hpoe my facts are mostly accurate)
Good morning Mr. Grasso -
I am writing this morning to express my extreme dismay at the selection of VeriSign to run this RFID registry. As a professional in the technology field, I have dealt with VeriSign on many occasions, and have decided that I never will again, if at all possible. VeriSign has a history of putting the company first before all else, including privacy, not a great attribute for someone who will organize a system to track millions of things and people.
VeriSign has engaged in deceptive business practices, for example the "fake" invoices they sent out to clients of competing registrars, giving the false impression that the client had to pay VeriSign in order to renew their domain (VeriSign lost many lawsuits over this deceptive practice, and the FTC even got involved).
VeriSign most recently used the monopoly position on maintaining the
In all these cases, VeriSign acted greedily to further the company's aims over what's good for the people who must use the services that VeriSign administers. Their track record of deception and the world-renowned sluggishness with which their company operates should be a red flag for anyone who understands the types of technology involved and the effects that VeriSign's moves has had on the Internet.
Please consider some additional viewpoints. There is a website known as SlashDot, located at http://slashdot.org, which has one of the largest user bases of any web site. Most of the users are tech workers, and the discussions on SlashDot are some of the most intelligent discussions I have ever read. A discussion on your organization's decision is in progress right now. Please read it at http://slashdot.org/article.pl?sid=04/01/13/12572
And please pass along to your management the unhappiness this move has brought to the vast majority of the people who actually understand what your technology does, what it is capable of, and the ways it can be abused.
Thank you for your time.
The first game that really scared me. I was selling PCs and software at retail then, right out of high school. The first multi-CD game I can remember, it just kept throwing in creepy sounds and videos when you weren't expecting it. And the difficulty of the puzzles! That's how I learned the word 'tryst'. Second follow up: Sierra's Phantasmagoria. 7 CD-ROMS, unheard of for that time. Still got 'em. It was genuinely creepy, unusual to play a girl for the lead character, let alone a hot girl! (C'mon, I know I'm not the only one who noticed that she jiggled when she ran...) The first game I can think of that used actual digitized video of people in the game itself. Now what was her name...??? kM