Please post the name of your company so we can learn more about what kind of data you're storing and what kind of issues you are seeing. And so we can avoid using your services until you hire somebody competent. Thanks.
Income: $30,000
Standard Deduction: -$5,700
Taxable Income: $24,300
Tax on first $8,375 @ 10%: $838
Tax on remaining $15,925 @ 15%: $2,389
Total Tax: $3,227
Did you look up what current tax rates are? That person would pay about 37% more in tax under your plan ($4,409 vs $3,227). They'd have to put nearly $5,000 per year into savings just to end up with the _same_ tax burden.
On the other hand, a person making $250,000 per year and spending $150,000 of it would end up paying less than half of what they do now ($65,736 vs $32,009). Even if they spend every penny, they'll still only pay $55,000 for a savings of over $10,000.
RTFA... "To simulate movement and expression, animators bend or twist their objects ever so slightly between shots, a painstaking process that makes it difficult to achieve consistency from frame to frame. But now, software can help remedy that, with programs that help check the alignment of the camera and the lighting of the scene while letting the animator flip between recent images to see if the items are moving realistically. That part of the process — synchronizing the shots — was what made it difficult for amateurs to make a good movie."
Atlassian makes the source for all of their products available to anybody who buys a license. It doesn't cost anything extra, and even the $10 starter licenses come with full source.
You're correct - you can use Xlink Kai to play with other people over the Internet for free. It works fine and there are typically hundreds of Halo 2 players online at any given moment. It's also popular in countries where Xbox Live isn't available.
I'm not asking them to secure anybody's PC or home network. But there are measures that they can take on their web site to make it much more difficult for somebody to steal my money, even if my PC is completely compromised. Using an out-of-band confirmation would help. Another way would be to do anomaly detection - check IP addresses, transaction patterns, dollar amounts, where the money is going, etc. I'm sure there are other things they can do too.
It's very similar to credit cards. Banks are on the hook for credit card fraud. Regardless of how security-conscious I am, there is a chance that my wallet might get stolen or somebody might grab my credit card number out of a database somewhere. The bank knows this can and will happen, but in this case they're not allowed to hold me responsible for the losses. So instead they spend money on security measures to detect and limit the most common kinds of fraud. They created software that can quickly sniff out unusual buying patterns, transactions from other countries, shipping address different from billing address, etc.
But I think that at the moment their financial interest is in making online banking fast and convenient, not making it secure. Maybe someday people will begin to stop using online banking, but we're nowhere near that point yet. One sure way to drive people away today would be to implement mandatory two-factor authentication or other inconvenient security measures. A lot of people would take their business elsewhere. No bank is going to do that unless ALL of the banks are forced to do it. And that means either regulation or making them responsible for the losses.
Yes, that's pretty much the point of the article. As long as the banks aren't responsible for the losses, they have little incentive to spend money securing their systems. They just focus on generating as much business as possible, which means less focus on security and more focus on making things easy for users. If they were at least partially responsible for the losses, then they would not allow Joe Sixpack or anybody to do a funds transfer without SMS or some other better form of authentication. Or they would implement other measures like anomaly detection which have worked reasonably well in reducing credit card fraud losses.
Making it look like the initial login failed is one way, another is to tell you that your session timed out and that you need to reauthenticate to continue. If you're a very security-conscious customer you might catch on, but the overwhelming majority of people are going to be fooled by this. If the SMS message told you exactly what you were authorizing, it would go a long way towards defeating this kind of attack. Unless the attacker can intercept and modify the SMS message before it gets to you, you're going to see what's really going on.
SiteKey is practically useless. People either don't notice that the picture is missing, or they're so used to answering security questions that they just go ahead and do it without thinking.
The point is that as long as banks are not responsible for the losses, they have no incentive to implement strong security measures on their websites. A large number of the current attacks on customer PCs could be eliminated if banks didn't let people do everything with just a username and password. Imagine how bad credit card fraud would be today (or how few people would use credit cards) if you were responsible for fraudulent use and not the bank.
For it to work correctly, the SMS or other out-of-band message should include the details of the transaction that you're authenticating. Otherwise a MITM attacker could make you think you're just logging in when actually you're authorizing a wire transfer.
It is 100% Apple's fault for putting AT&T in a position where they don't have to compete with other carriers for iPhone business. If you were able to switch to Verizon or another carrier, you can bet AT&T would have upgraded their network a long time ago. AT&T is doing exactly as much as they have to.
If you don't want other people making money from your work, then you shouldn't release anything under the GPL. That's easy...
But is it legal to release any iPhone application under the GPL? Apple puts restrictions on what you can do with the application once you've downloaded it - i.e. you're not allowed to redistribute or modify it. Unless all of the copyright holders of the GPL code give their permission to release it under these more restrictive terms, that be a violation wouldn't it?
What Ubisoft did to Rainbow Six and Ghost Recon after they bought the Tom Clancy franchises is a travesty. They're in desparate need of a reboot back to their realistic, tactical roots. Recent games in both series have turned into poor imitations of action movies. The latest R6 game even had a climactic boss battle where you, on foot, have to take down an attack helicopter while dodging left and right on a tennis court to avoid its missiles.
If an attacker captures the encrypted message, they could save it and decrypt it at a later date if they are somehow able to obtain the recipient's key. With this system, the key is (supposedly) completely gone and not even the recipient can decrypt the message again.
Slashdot Mirror
Related: http://popcrush.com/weird-al-y...
Chrome is a WebKit browser too.
Yeah AD group policy can do this very easily, no scripts required. http://technet.microsoft.com/en-us/library/cc772491.aspx
Ludicrous gibs!
There are pictures, but unfortunately they're actual size.
Please post the name of your company so we can learn more about what kind of data you're storing and what kind of issues you are seeing. And so we can avoid using your services until you hire somebody competent. Thanks.
Income: $30,000
Standard Deduction: -$5,700
Taxable Income: $24,300
Tax on first $8,375 @ 10%: $838
Tax on remaining $15,925 @ 15%: $2,389
Total Tax: $3,227
Did you look up what current tax rates are? That person would pay about 37% more in tax under your plan ($4,409 vs $3,227). They'd have to put nearly $5,000 per year into savings just to end up with the _same_ tax burden.
On the other hand, a person making $250,000 per year and spending $150,000 of it would end up paying less than half of what they do now ($65,736 vs $32,009). Even if they spend every penny, they'll still only pay $55,000 for a savings of over $10,000.
RTFA... "To simulate movement and expression, animators bend or twist their objects ever so slightly between shots, a painstaking process that makes it difficult to achieve consistency from frame to frame. But now, software can help remedy that, with programs that help check the alignment of the camera and the lighting of the scene while letting the animator flip between recent images to see if the items are moving realistically. That part of the process — synchronizing the shots — was what made it difficult for amateurs to make a good movie."
Atlassian makes the source for all of their products available to anybody who buys a license. It doesn't cost anything extra, and even the $10 starter licenses come with full source.
That's just nonsense.. Without all those extended training sessions playing Forza, I'd never be able to drive safely on the highway at 90+ mph.
You're correct - you can use Xlink Kai to play with other people over the Internet for free. It works fine and there are typically hundreds of Halo 2 players online at any given moment. It's also popular in countries where Xbox Live isn't available.
I'm not asking them to secure anybody's PC or home network. But there are measures that they can take on their web site to make it much more difficult for somebody to steal my money, even if my PC is completely compromised. Using an out-of-band confirmation would help. Another way would be to do anomaly detection - check IP addresses, transaction patterns, dollar amounts, where the money is going, etc. I'm sure there are other things they can do too.
It's very similar to credit cards. Banks are on the hook for credit card fraud. Regardless of how security-conscious I am, there is a chance that my wallet might get stolen or somebody might grab my credit card number out of a database somewhere. The bank knows this can and will happen, but in this case they're not allowed to hold me responsible for the losses. So instead they spend money on security measures to detect and limit the most common kinds of fraud. They created software that can quickly sniff out unusual buying patterns, transactions from other countries, shipping address different from billing address, etc.
But I think that at the moment their financial interest is in making online banking fast and convenient, not making it secure. Maybe someday people will begin to stop using online banking, but we're nowhere near that point yet. One sure way to drive people away today would be to implement mandatory two-factor authentication or other inconvenient security measures. A lot of people would take their business elsewhere. No bank is going to do that unless ALL of the banks are forced to do it. And that means either regulation or making them responsible for the losses.
My computer is already in the basement.. I ran a 50' DVI cable and some USB extender cables that I picked up at Monoprice and it works great.
Yes, that's pretty much the point of the article. As long as the banks aren't responsible for the losses, they have little incentive to spend money securing their systems. They just focus on generating as much business as possible, which means less focus on security and more focus on making things easy for users. If they were at least partially responsible for the losses, then they would not allow Joe Sixpack or anybody to do a funds transfer without SMS or some other better form of authentication. Or they would implement other measures like anomaly detection which have worked reasonably well in reducing credit card fraud losses.
It'll give it to the attacker to log in with.. And it'll tell you that you entered the wrong code and that you need to try again.
Or it'll let you log in and quietly submit a transaction on your behalf every minute or two while you're logged on.
Making it look like the initial login failed is one way, another is to tell you that your session timed out and that you need to reauthenticate to continue. If you're a very security-conscious customer you might catch on, but the overwhelming majority of people are going to be fooled by this. If the SMS message told you exactly what you were authorizing, it would go a long way towards defeating this kind of attack. Unless the attacker can intercept and modify the SMS message before it gets to you, you're going to see what's really going on.
SiteKey is practically useless. People either don't notice that the picture is missing, or they're so used to answering security questions that they just go ahead and do it without thinking.
The point is that as long as banks are not responsible for the losses, they have no incentive to implement strong security measures on their websites. A large number of the current attacks on customer PCs could be eliminated if banks didn't let people do everything with just a username and password. Imagine how bad credit card fraud would be today (or how few people would use credit cards) if you were responsible for fraudulent use and not the bank.
For it to work correctly, the SMS or other out-of-band message should include the details of the transaction that you're authenticating. Otherwise a MITM attacker could make you think you're just logging in when actually you're authorizing a wire transfer.
It is 100% Apple's fault for putting AT&T in a position where they don't have to compete with other carriers for iPhone business. If you were able to switch to Verizon or another carrier, you can bet AT&T would have upgraded their network a long time ago. AT&T is doing exactly as much as they have to.
If you don't want other people making money from your work, then you shouldn't release anything under the GPL. That's easy...
But is it legal to release any iPhone application under the GPL? Apple puts restrictions on what you can do with the application once you've downloaded it - i.e. you're not allowed to redistribute or modify it. Unless all of the copyright holders of the GPL code give their permission to release it under these more restrictive terms, that be a violation wouldn't it?
I wish I was kidding. You can get a taste of the awesome dialog from this clip too.
http://www.youtube.com/watch?v=URwep-7Dcb0
What Ubisoft did to Rainbow Six and Ghost Recon after they bought the Tom Clancy franchises is a travesty. They're in desparate need of a reboot back to their realistic, tactical roots. Recent games in both series have turned into poor imitations of action movies. The latest R6 game even had a climactic boss battle where you, on foot, have to take down an attack helicopter while dodging left and right on a tennis court to avoid its missiles.
Yeah, with a little more planning it should be a breeze.
If an attacker captures the encrypted message, they could save it and decrypt it at a later date if they are somehow able to obtain the recipient's key. With this system, the key is (supposedly) completely gone and not even the recipient can decrypt the message again.