PCI/CISP does have software process recommendations for securing credit card data, but it's largely recommendations for people processes and facility processes.
I believe the original requestor is asking about software to help automate/speed-up monitoring and scanning of content that's being put up on web sites by staff and/or students.
YMMV, but as a survivor of several panic attacks over the years I have found that they've usually been brought on by combinations of stress and lack of sleep. My suggestions:
Learn to compartmentalize: keep work/school worries at work/school, don't bring them home with you.
Realize you what can and can't do: There will always be some things beyond your control, so don't worry about them.
Don't lose sleep: If you're feeling tired during your days at work/school, go to bed earlier at night, try taking (natural) things to help you get to sleep like warm milk, valerian extract, whatever works for you.
I don't disagree that we're getting warmer, but I find it interesting that both you and the article are blaming CO2 for it. Water vapour is a more significant greenhouse gas than CO2. Did you know that there was an ice age at the end of the Ordovician period 430 million years ago when CO2 levels were more than 11 times greater than now?
The Australian government is federal, not state. The request was made by The Hon. Mark McGowan, Environment Minister for the state government of Western Australia.
Appearing before the Commons Committee on Environment and Sustainable Development last year, Carleton University paleoclimatologist Professor Tim Patterson testified, "There is no meaningful correlation between CO2 levels and Earth's temperature over this [geologic] time frame. In fact, when CO2 levels were over ten times higher than they are now, about 450 million years ago, the planet was in the depths of the absolute coldest period in the last half billion years."
I am not expecting to be loosing arrows from my bow any time soon, but I am hoping that the/. editors can stand to be losing some O's from the summary.:)
But that's not really a proxy server is it? Trying to implement that sort of functionality in a web page with server-side code is usually a pain due to the requirement of having to rewrite image/embed/object/stylesheet/etc URL's so that those things are accessed through your hacked-up page and not their original addresses (or their now-broken relative URLs), although it is simplified with things like the CFHTTP tag in ColdFusion.
If the school's content filtering is based purely on domain names then the above mechanism would get around them successfully, but a lot of content filtering systems also do keyword matching or Baysian filtering so you wouldn't really achieve much. Even so, "Top 10" reports of bandwidth users would likely turn-up someone using such a page to keep their access to war3z and p0rn sites.
That's a valid point. But then the problem arises that someone could easily argue that he never intended to use it to circumvent the school's filters.
Maybe so, but content filters are usually there for more than just censorship, which is the only thing you see people harp on about. They often serve as caching proxies to limit bandwidth usage, sometimes anti-virus filtering to protect the school's servers and workstations. And yes, censhorship to protect students from goat porn and such.
Bypassing the school's filters is increasing their security footprint and potentially exposing them to expensive bandwidth charges, as well as expensive labour costs to come in an remove viruses, trojans and other malware and maybe restore systems from backups or completely rebuild them. Should the student operating the proxy filter have to pay these bills if it was proven that their proxy server was responsible for them? You bet!
According to the summary the student moved her/his proxy around a few times as the school blocked it, so she/he was definitely being an ass about it.
There's a whopping huge difference between hosting a web site and hosting a proxy server. To me it sounds like the student hosting the proxy server was doing this to circumvent the school's access controls, so it's a precedent for intent, irrelevent of it being malicious or beneign.
If the school's network admins had half a brain then all access beyond the border routers would have been deny-by-default, allowing access only from their content-filtering server(s) and mail server(s) thus making this sort of thing impossible to do anyways./p
Windows security is all about restricting access to files and objects with user- and group-oriented Access Control Lists (DACLs and SACLs). When a user/automated-process logs in they are given an authentication token representing their account and group memberships (even their password version/iteration), and that token gets passed around to all processes and threads they touch as tasks proceed. Some processes (such as IIS) run under special LocalSystem/LocalService/NetworkService accounts and are able to impersonate other user accounts before making certain API calls (such as to open a file or directory on behalf of a web-connected user). There's nothing built-in to Windows to limit access based on the applications/processes themselves.
That being said there are some things that do application/process oriented security. ZoneAlarm, for example, is a third party application that sits between the Winsock API and the connected network(s) (it's a Network Filter driver if I recall correctly): it intercepts Winsock create/open socket calls, looks up the caller's process_id and information and then compares that process's information against its own internal access control lists to determine whether or not a socket can be opened for listening or outgoing connections.
The.NET framework also has some application-oriented access controls, but again this is built on top of Windows itself.
I can see a need for 3D on the web, VRML and QTVR objects giving you walk-throughs and views of real world products for example, but is there actually a need for a 3D Web?
If I'm looking for something on the web then I usually want to find it quickly. How does this help me find what I need? It seems to be an obstructive use of 3D technology, all because someone said "3D's cool, let's make a 3D web browser."
Looking for something? Use Google. Want 3D? Play WoW, Quake, Doom, NFS, etc.
Microsoft seems to be playing the wounded duck at the moment, trying to convince the public that Adobe won't allow them to implement PDF creation as a standard feature in their Office 2007 and Vista environments.
However, Adobe has published the Portable Document Format specifications since 1993, encouraging developers to create applications that both read and *write* PDF files. From page seven of the PDF Reference, Fifth Edition (v1.6, PDF format) we see the following:
Adobe will enforce its copyright. Adobe's intention is to maintain the integrity of the Portable Document Format standard. This enables the public to distinguish between the Portable Document Format and other interchange formats for electronic documents. However, Adobe desires to promote the use of the Portable Document Format for information interchange among diverse products and applications. Accordingly, Adobe gives anyone copyright permission, subject to the conditions stated below, to:
Prepare files whose content conforms to the Portable Document Format
Write drivers and applications that produce output represented in the Portable Document Format
Write software that accepts input in the form of the Portable Document Format and displays, prints, or otherwise interprets the contents
Copy Adobe's copyrighted list of data structures and operators, as well as the example code and PostScript language function definitions in the written specification, to the extent necessary to use the Portable Document Format for the purposes above
My guess would be that in typical Microsoft style, they are probably wanting to create their own incompatable extensions to PDF and Adobe has stepped-in and said no to them.
Hey numbnuts... this chip idea is for the illegals crossing the Mexican border. Not for the legal immigrants. You didn't even have to RTFA to know that as it's right in the goddamn article summary!
If you read any of the above then you'd notice that it's a proposal for guestworkers coming in from Columbia and Mexico, additionally to have their tags verfied at their places of employment. There would be no real obstacles stopping this from expanding to immigrants from other countries.
What I'd like to know is: who's going to pay for all of the RFID readers deployed in the field and the communications infrastructure to verify the tags with the Department of Immigration?
my grandmother signed up for the 3Mbps DSL plan through Verizon, however a speed test said she was only getting 750Kbps. Why pay for the extra bandwidth when she's not getting it?
She's only paying for 3Mbps to the ISP and inside their systems. As with all communications, once it gets outside her ISP's border routers the speed is no longer in their control. If she's accessing some kid's p0rn site running on his dad's 56kbps modem in India, she's not going to get any more than 56kbps down the pipe! Add to that latency inherent in certain protocols, overseas link delays, etc., and you'll almost never get full speed to anywhere truly remote from your location.
Torrents are a good example for speed variability. Popular torrents are extremely fast when they're first released but as they age they get slower and slower because fewer people are seeding them. This morning I was downloading the Dapper Drake 6.06 release at 150 kilobytes/sec on my 1.5Mbps DSL, but often I'm lucky to see torrents download at 20-30 kilobytes/sec.
if it breaks, points above the halfway mark fall fall upwards.
That's not actually correct. The entire ribbon is under tension due to the centrifugal force imparted on it by the counterweight (the station in space), so all of the ribbon above the break will "fall up" even if the break is only six feet above the sea level. I'd hate to be on the station if that occurs - you'd get flung out into space beyond reach any sort of timely rescue.
Folks, it's worth noting that tests to date have only been on the robot climbing systems themselves, using two inch wide composite fibreglass ribbons and not carbon nanotube ribbons. eg:
This week's testing involved a 12-foot (4-meter) diameter balloon. Safety lines held by team members kept the balloon from floating away. The ribbon dangling from the balloon was made of composite fiberglass, with the robot lifter running up and down the tether.
I expect that they'll eventually hit the 62GPa strength requirements for the metre-wide nanotube ribbons, but I'm not expecting that within the three years that Edwards is predicting.
I've been running XP (and 2000) as non-admin for a while now. Most tasks are fine, with the usual problems being post-installation for new apps and games after you've logged out as admin and actually want to use them. The most common problems I encounter are Registry-related, apps trying to open HKLM keys in read/write mode for example, and are primarily due to the software developers running as admin on their own machines and never testing with lesser-privilaged accounts. I usually contact the developers with specific information as to why their apps aren't working as non-admin, generally getting positive responses and updates to the offending apps. The best experience I ever had was with Holger Matz, developer of the FL Datastorm program (a companion app to the MS Freelancer game) who, after a couple of back-and-forth e-mails had a new release fixing the problems in 2 hours and 2 minutes. How's that for service!:) Unfortunately, most mom and pop users wouldn't have a clue how to use APIspy and Regspy to diagnose these sorts of problems.
The older (PPC, pre-Intel) Mac Mini's draw about 20W at full tilt. Have been using them with Debian-PPC in mobile robotics. Haven't tried the newer Intel versions yet - they probably suck more, and in more ways than one.
Although it has great corporate management capabilities, like a centralized program/dictionary update server and permissions on settings (so end users can't stop/break it), it's better than your average ghoul at sucking the life out of your desktop computers.
This not only allowed us to open new realms -- each site can hold approximately 40 -- it also allowed us to migrate existing realms over to the new, top-of-the-line hardware we used to build the site.
If there's only one server per site (data center) I think I can see what the problem is.:)
Slashdot Mirror
PCI/CISP does have software process recommendations for securing credit card data, but it's largely recommendations for people processes and facility processes.
I believe the original requestor is asking about software to help automate/speed-up monitoring and scanning of content that's being put up on web sites by staff and/or students.
YMMV, but as a survivor of several panic attacks over the years I have found that they've usually been brought on by combinations of stress and lack of sleep. My suggestions:
I don't disagree that we're getting warmer, but I find it interesting that both you and the article are blaming CO2 for it. Water vapour is a more significant greenhouse gas than CO2. Did you know that there was an ice age at the end of the Ordovician period 430 million years ago when CO2 levels were more than 11 times greater than now?
Did you even bother to read the article? It was produced for STA (Semiconductor Technology Associates), who developed the chip for the Astrometry Department of the U.S. Naval Observatory.
No doubt they're going to use it in some kind of telescopy application where every bit of digital resolution counts.
The Australian government is federal, not state. The request was made by The Hon. Mark McGowan, Environment Minister for the state government of Western Australia.
Mr. McGowan seems to have a thing against toads, with recent news including: the WA government paying for toad sniffing dogs (June 11); supporting staff Conservation and Land Management, volunteers of Stop The Toad Foundation and Kimberley Toadbusters and the Cane Toad Working Group (23 April); praising employees of a freight DC who found a cane toad in a shipment of bananas (17 March); and starting a $500,000 community awareness campaign to fight cane toads (20 February).
And there's a whole bunch more here. There's no shortage of gas turbine planes and pilots in our aeroclub, either.
I am not expecting to be loosing arrows from my bow any time soon, but I am hoping that the /. editors can stand to be losing some O's from the summary. :)
But that's not really a proxy server is it? Trying to implement that sort of functionality in a web page with server-side code is usually a pain due to the requirement of having to rewrite image/embed/object/stylesheet/etc URL's so that those things are accessed through your hacked-up page and not their original addresses (or their now-broken relative URLs), although it is simplified with things like the CFHTTP tag in ColdFusion.
If the school's content filtering is based purely on domain names then the above mechanism would get around them successfully, but a lot of content filtering systems also do keyword matching or Baysian filtering so you wouldn't really achieve much. Even so, "Top 10" reports of bandwidth users would likely turn-up someone using such a page to keep their access to war3z and p0rn sites.
Maybe so, but content filters are usually there for more than just censorship, which is the only thing you see people harp on about. They often serve as caching proxies to limit bandwidth usage, sometimes anti-virus filtering to protect the school's servers and workstations. And yes, censhorship to protect students from goat porn and such.
Bypassing the school's filters is increasing their security footprint and potentially exposing them to expensive bandwidth charges, as well as expensive labour costs to come in an remove viruses, trojans and other malware and maybe restore systems from backups or completely rebuild them. Should the student operating the proxy filter have to pay these bills if it was proven that their proxy server was responsible for them? You bet!
According to the summary the student moved her/his proxy around a few times as the school blocked it, so she/he was definitely being an ass about it.
There's a whopping huge difference between hosting a web site and hosting a proxy server. To me it sounds like the student hosting the proxy server was doing this to circumvent the school's access controls, so it's a precedent for intent, irrelevent of it being malicious or beneign.
If the school's network admins had half a brain then all access beyond the border routers would have been deny-by-default, allowing access only from their content-filtering server(s) and mail server(s) thus making this sort of thing impossible to do anyways./p
Windows security is all about restricting access to files and objects with user- and group-oriented Access Control Lists (DACLs and SACLs). When a user/automated-process logs in they are given an authentication token representing their account and group memberships (even their password version/iteration), and that token gets passed around to all processes and threads they touch as tasks proceed. Some processes (such as IIS) run under special LocalSystem/LocalService/NetworkService accounts and are able to impersonate other user accounts before making certain API calls (such as to open a file or directory on behalf of a web-connected user). There's nothing built-in to Windows to limit access based on the applications/processes themselves.
That being said there are some things that do application/process oriented security. ZoneAlarm, for example, is a third party application that sits between the Winsock API and the connected network(s) (it's a Network Filter driver if I recall correctly): it intercepts Winsock create/open socket calls, looks up the caller's process_id and information and then compares that process's information against its own internal access control lists to determine whether or not a socket can be opened for listening or outgoing connections.
The .NET framework also has some application-oriented access controls, but again this is built on top of Windows itself.
I can see a need for 3D on the web, VRML and QTVR objects giving you walk-throughs and views of real world products for example, but is there actually a need for a 3D Web?
If I'm looking for something on the web then I usually want to find it quickly. How does this help me find what I need? It seems to be an obstructive use of 3D technology, all because someone said "3D's cool, let's make a 3D web browser."
Looking for something? Use Google. Want 3D? Play WoW, Quake, Doom, NFS, etc.
Microsoft seems to be playing the wounded duck at the moment, trying to convince the public that Adobe won't allow them to implement PDF creation as a standard feature in their Office 2007 and Vista environments.
However, Adobe has published the Portable Document Format specifications since 1993, encouraging developers to create applications that both read and *write* PDF files. From page seven of the PDF Reference, Fifth Edition (v1.6, PDF format) we see the following:
My guess would be that in typical Microsoft style, they are probably wanting to create their own incompatable extensions to PDF and Adobe has stepped-in and said no to them.
Nowhere in the article summary, linked article nor the Silverman transcript does it say it's for illegal immigrants.
If you read any of the above then you'd notice that it's a proposal for guestworkers coming in from Columbia and Mexico, additionally to have their tags verfied at their places of employment. There would be no real obstacles stopping this from expanding to immigrants from other countries.
What I'd like to know is: who's going to pay for all of the RFID readers deployed in the field and the communications infrastructure to verify the tags with the Department of Immigration?
She's only paying for 3Mbps to the ISP and inside their systems. As with all communications, once it gets outside her ISP's border routers the speed is no longer in their control. If she's accessing some kid's p0rn site running on his dad's 56kbps modem in India, she's not going to get any more than 56kbps down the pipe! Add to that latency inherent in certain protocols, overseas link delays, etc., and you'll almost never get full speed to anywhere truly remote from your location.
Torrents are a good example for speed variability. Popular torrents are extremely fast when they're first released but as they age they get slower and slower because fewer people are seeding them. This morning I was downloading the Dapper Drake 6.06 release at 150 kilobytes/sec on my 1.5Mbps DSL, but often I'm lucky to see torrents download at 20-30 kilobytes/sec.
Folks, it's worth noting that tests to date have only been on the robot climbing systems themselves, using two inch wide composite fibreglass ribbons and not carbon nanotube ribbons. eg:
I expect that they'll eventually hit the 62GPa strength requirements for the metre-wide nanotube ribbons, but I'm not expecting that within the three years that Edwards is predicting.
I've been running XP (and 2000) as non-admin for a while now. Most tasks are fine, with the usual problems being post-installation for new apps and games after you've logged out as admin and actually want to use them. :)
The most common problems I encounter are Registry-related, apps trying to open HKLM keys in read/write mode for example, and are primarily due to the software developers running as admin on their own machines and never testing with lesser-privilaged accounts.
I usually contact the developers with specific information as to why their apps aren't working as non-admin, generally getting positive responses and updates to the offending apps. The best experience I ever had was with Holger Matz, developer of the FL Datastorm program (a companion app to the MS Freelancer game) who, after a couple of back-and-forth e-mails had a new release fixing the problems in 2 hours and 2 minutes. How's that for service!
Unfortunately, most mom and pop users wouldn't have a clue how to use APIspy and Regspy to diagnose these sorts of problems.
The older (PPC, pre-Intel) Mac Mini's draw about 20W at full tilt. Have been using them with Debian-PPC in mobile robotics. Haven't tried the newer Intel versions yet - they probably suck more, and in more ways than one.
Although it has great corporate management capabilities, like a centralized program/dictionary update server and permissions on settings (so end users can't stop/break it), it's better than your average ghoul at sucking the life out of your desktop computers.
Of all the days to not have mod points!