They are working on them, and they will become more common, unless laws are passed forbidding them.
It's about companies wanting to protect their revenue stream by any means necessary...because they realize if they don't prevent music from being freely distributed, they won't have any business to protect.
For the most part, Choicepoint deals in public records...items that are available to the general public (if you have the time, energy, and knowledge of where to look).
However, there is some data they possess which isn't public records (DMV records mostly) which require special privledges to access. I would hope that they actually review who has access to that information, and not give it out to persons without legitimate needs.
I think the main concern is that fact that this data is aggregated for use, without any sort of controls on who can see it, and for what reason.
You state that as fact, yet full disclosure is probably the most widely accepted way of dealing with exploits--and the most widely advocated by security experts.
It's at the very least a matter that's open to a lot of debate.
Full Disclosure is one thing...
Actually posting usable exploit code or directions on how to do the exploit is another...and unacceptable. A simple "Gmail has issues with malformed headers, please beware" would have sufficed.
That's pretty pathetic to just release exploit code without giving the vendor a chance to respond. Heck...folks even give M$ a chance to build a patch before releasing exploit code...why not Google??
It's not about "easier"...it's about what's right.
But I used to be the network admin for an e-tailer, and we discouraged people from webcrawling our site. Not because our pricing was proprietary, or anything, but for the simple fact that I had to pay for all that damned bandwidth. Sure, one crawler doesn't add up to much, but we had as many as 20 crawlers at any one time, some of them obviously on T1+ links, and using every ounce of speed they could.
We did provide pre-formatted price lists for those people who asked, prepared daily, and available via FTP. That way, instead of having to wade through our HTML code and try and locate the pricing, they could get an SQL data file, or maybe a CSV file, or any one of a dozen formats...
Hmmm...my brand new ATI Radeon 9000 runs just fine on my Mac...and I had Warcraft3 right about the original release date...and I know a few people playing Shadowbane on the Mac...
I tossed my XP box away because I was tired of crashes, system hang-ups, and incompatible drivers...not to mention more security holes than a block of swiss cheese.
Until Microsoft *only* supports hardware like this (and makes requirements that the hardware be beefy enought to support power users). Then, Linux will be totally locked out....
I used to run network security for a prominent.com. In 2 years, we never got successfully penetrated. I stopped an awful lot of attacks, but I spent a lot of time, money and effort keeping the hackers out.
Use layered security...
Layer 1 - External Firewall - nothing comes in except exactly what you need where you need it to go to. HTTP only allowed in to the webservers, VPN to the VPN systems, etc. Tie an IDS into this firewall layer. SNORT works great...
Layer 2 - DMZ - Anything in this zone is considered compromised by default. Nothing further in should absolutely trust systems in this domain. Put at least one IDS in this zone..and make sure to not only check traffic from the outside, but track from this inside.
Layer 3 - Internal Firewall - Again...more security. Proxy servers, if you can, secured systems, more IDS systems, preferably a different one than the external one. Again, only let what data that you need to get through to get through.
Layer 4 - Internal network - VLAN's, IDS systems, and access lists. Make sure that traffic stays where it belongs, and make sure every system is backed up. Also, if you can afford it, Tripwire, or something along those lines...
CHECK YOUR LOGS If you don't review your logs regularly, you're begging to get hacked. You have to keep up on what's going on and update your defenses accordingly. A corollary...LOG EVERYTHING YOU CAN Disk space is cheap. Log everything...you may need it at some point...especially for after-attack forensics.
Make sure you are warned of possible intrusions somehow. My pager went off fairly often until I had my IDS systems tuned...but better an extra page and some minor panic than not knowing when a major hack happens...
What I used - Snort IDS, Cisco PIX firewalls, Linux box running IPFW, Cisco NetRanger IDS, Cisco Routers, 3Com & Cisco Switches, patched Windows boxes...(PATCH THOSE SYSTEMS OFTEN!)
I picked up a Canon S500 a year or so ago...I don't do a lot of printing, but it's withstood the dust, two moves (one cross-country) and a bit of banging around just fine. I finally had to replace the black cartridge, and 2 of the other three are about ready to go...
Although I'd love an HP LJ4....those things are well-nigh indestructible. Used to use them at work...They could print for hours on end....
Although, if I do get back into coding, I will try and find a dot-matrix printer...no way am I going to try and debug code on loose sheets of paper...even with IDE's.
What's wrong with a show that actually has a coherent storyline that fills out more than one episode??
I'm tired of neatly wrapped stories that end in 42 minutes...they're an insult to my intelligence, not to mention dangerous to my attention span...
I work in tech support at a major ISP.
At least twice a day I get a call from a customer who either has a friend who's e-mail was blocked, or is getting their e-mail blocked.
I spent a week hearing from the same customer every day about their travails with our abuse department. Their friend lived in a small town in Canada with limited ISP's. Their friend spent six months ISP-hopping, having to notify everyone about their new e-mail address, etc. and then waiting for the local spammer to find that ISP and having to repeat the process.
Some sort of more advanced filtering process is desperately needed. Blacklisting entire netblocks isn't going to stop spammers, as they can always find a new way to spam (see the new trend in Windows Messaging system spam). It's the legitimate users who get hurt. Better filtering technology will help, but I'm still in favor of charging users for e-mail.
Once the profit margin is reduced far enough, spam will cease.
Slashdot Mirror
Until DRM'ed CD's become the norm.
They are working on them, and they will become more common, unless laws are passed forbidding them.
It's about companies wanting to protect their revenue stream by any means necessary...because they realize if they don't prevent music from being freely distributed, they won't have any business to protect.
For the most part, Choicepoint deals in public records...items that are available to the general public (if you have the time, energy, and knowledge of where to look).
However, there is some data they possess which isn't public records (DMV records mostly) which require special privledges to access. I would hope that they actually review who has access to that information, and not give it out to persons without legitimate needs.
I think the main concern is that fact that this data is aggregated for use, without any sort of controls on who can see it, and for what reason.
You state that as fact, yet full disclosure is probably the most widely accepted way of dealing with exploits--and the most widely advocated by security experts. It's at the very least a matter that's open to a lot of debate. Full Disclosure is one thing... Actually posting usable exploit code or directions on how to do the exploit is another...and unacceptable. A simple "Gmail has issues with malformed headers, please beware" would have sufficed.
That's pretty pathetic to just release exploit code without giving the vendor a chance to respond. Heck...folks even give M$ a chance to build a patch before releasing exploit code...why not Google??
It's not about "easier"...it's about what's right.
But I used to be the network admin for an e-tailer, and we discouraged people from webcrawling our site. Not because our pricing was proprietary, or anything, but for the simple fact that I had to pay for all that damned bandwidth. Sure, one crawler doesn't add up to much, but we had as many as 20 crawlers at any one time, some of them obviously on T1+ links, and using every ounce of speed they could.
We did provide pre-formatted price lists for those people who asked, prepared daily, and available via FTP. That way, instead of having to wade through our HTML code and try and locate the pricing, they could get an SQL data file, or maybe a CSV file, or any one of a dozen formats...
Hmmm...my brand new ATI Radeon 9000 runs just fine on my Mac...and I had Warcraft3 right about the original release date...and I know a few people playing Shadowbane on the Mac... I tossed my XP box away because I was tired of crashes, system hang-ups, and incompatible drivers...not to mention more security holes than a block of swiss cheese.
It supports AGP...you can see the AGP slot in the pictures...
The poster didn't have an AGP card to use...most of the parts were salvaged from an old PCI-based PowerPC Mac.
Apple's been using AGP cards for a good 4 years now on their motherboards.
I normally run logs through greps, looking for patterns, and sort them to try and find multiple accesses by specific accounts.
Also, I use special programs to analyze logs and look for repeat invalid requests by users...Those are large tip-offs..
Also, check for repeat valid requests...those are often webcrawlers pounding your stie.
Until Microsoft *only* supports hardware like this (and makes requirements that the hardware be beefy enought to support power users). Then, Linux will be totally locked out....
*goes looking for fedora and bullwhip*
It's about freaking time...
Now when's the original Star Wars Trilogy coming out on DVD?
And why no commentary?? That's half the fun....
Use layered security...
Layer 1 - External Firewall - nothing comes in except exactly what you need where you need it to go to. HTTP only allowed in to the webservers, VPN to the VPN systems, etc. Tie an IDS into this firewall layer. SNORT works great...
Layer 2 - DMZ - Anything in this zone is considered compromised by default. Nothing further in should absolutely trust systems in this domain. Put at least one IDS in this zone..and make sure to not only check traffic from the outside, but track from this inside.
Layer 3 - Internal Firewall - Again...more security. Proxy servers, if you can, secured systems, more IDS systems, preferably a different one than the external one. Again, only let what data that you need to get through to get through.
Layer 4 - Internal network - VLAN's, IDS systems, and access lists. Make sure that traffic stays where it belongs, and make sure every system is backed up. Also, if you can afford it, Tripwire, or something along those lines...
CHECK YOUR LOGS If you don't review your logs regularly, you're begging to get hacked. You have to keep up on what's going on and update your defenses accordingly. A corollary...LOG EVERYTHING YOU CAN Disk space is cheap. Log everything...you may need it at some point...especially for after-attack forensics.
Make sure you are warned of possible intrusions somehow. My pager went off fairly often until I had my IDS systems tuned...but better an extra page and some minor panic than not knowing when a major hack happens...
What I used - Snort IDS, Cisco PIX firewalls, Linux box running IPFW, Cisco NetRanger IDS, Cisco Routers, 3Com & Cisco Switches, patched Windows boxes...(PATCH THOSE SYSTEMS OFTEN!)
and 90% of the useful ones.
Somehow, I'm really not comforted by this choice for "Privacy Czar".
Next thing you know, Jeff Bezos will be running the Patent Office and Bill Gates will be in charge of the DoJ case against Microsoft.
I picked up a Canon S500 a year or so ago...I don't do a lot of printing, but it's withstood the dust, two moves (one cross-country) and a bit of banging around just fine. I finally had to replace the black cartridge, and 2 of the other three are about ready to go... Although I'd love an HP LJ4....those things are well-nigh indestructible. Used to use them at work...They could print for hours on end.... Although, if I do get back into coding, I will try and find a dot-matrix printer...no way am I going to try and debug code on loose sheets of paper...even with IDE's.
Portscanning is annoyance for sysadmins...I regularly put IP's that scan my system into my firewall as permanently blocked...
I don't care if I *do* have the ports blocked, I don't want you doing that...it's my system and you can stay out.
What's wrong with a show that actually has a coherent storyline that fills out more than one episode?? I'm tired of neatly wrapped stories that end in 42 minutes...they're an insult to my intelligence, not to mention dangerous to my attention span...
I work in tech support at a major ISP. At least twice a day I get a call from a customer who either has a friend who's e-mail was blocked, or is getting their e-mail blocked. I spent a week hearing from the same customer every day about their travails with our abuse department. Their friend lived in a small town in Canada with limited ISP's. Their friend spent six months ISP-hopping, having to notify everyone about their new e-mail address, etc. and then waiting for the local spammer to find that ISP and having to repeat the process. Some sort of more advanced filtering process is desperately needed. Blacklisting entire netblocks isn't going to stop spammers, as they can always find a new way to spam (see the new trend in Windows Messaging system spam). It's the legitimate users who get hurt. Better filtering technology will help, but I'm still in favor of charging users for e-mail. Once the profit margin is reduced far enough, spam will cease.