Sigh... These US citizens and a whole lot of foreigners are being assassinated in non-combat situations. The drones are being used precisely for this scenario: execute someone who isn't actually shooting at US soldiers while minimizing the risk of US soldiers getting injured. And a lot of these drones are being operated by non-military personnel too, so you are ok with the CIA and its contractors executing people, including US citizens? Will you still be ok if the CIA starts executing political extremists in the US simply becuase the president said that the protesters are terrorists who were thinking about violent actions?
That's not quite the question, you are assuming that the administration makes no mistakes when it makes such accusations. That's ridiculous because we KNOW the US government makes lots of mistakes. Why do people have so much faith in the government's ability to accurately identify and execute people who want to kill innocent civilians yet have no faith in the government to manage healthcare or run the IRS?
freezing what funds? you don't maintain deposit accounts a Paypal, the money passes through Paypal to an actual bank. Paypal choosing to stop doing business with Cryptome is not the same thing as freezing funds.
Well said.
I like Windows, I'm a Windows expert and I know how to deploy and manage it across large numbers of systems, but its short-sighted to prevent discussion of other options.
Good response AC. Go read Bit's other posts, a few are coherent but most lack arguements and many are full of insults like 'astroturfer.' Maybe his erratic behavior is caused some sort cyclical issue with medication or alcohol:)
3G service is everywhere down here. I don't know where you will be, how many countries you'll visit, etc. If you're going to spend a significant amount of time in specific countries consider getting a pre-paid 3G USB modem when you're going to be in one for a while. In Argentina Claro (http://www.claro.com.ar) offers such a service, I pay about $50 per month for unlimited data, I'm not sure how economical the pre-paid options are. Telecom costs very widely between countries down here, Argentina tends to be one of the most expensive.
Some good countermeasures have been suggested: firewall, patches, antimalware are all critical. Its a hassle but if you're using public WiFi you should change passwords for your financial accounts frequently. You should encrypt your sensitive data, and backup to an external disk regularly, laptop theft is fairly common.
Using an escrow service, its the safest way to make a major purchase with an untrusted party. I used http://www.escrow.com/ last year when I sold a domain name I had used for 15 years. It was quick, easy, and thier fee was tolerable.
They's spend several times what you estimate in savings rewriting thier internally developed applications. Then they'd spend even more figuring out how to replace all of the commercial apps.
The US government and many other organizations have had access to Windows source code for years. There are several source sharing programs at Microsoft for government customers, commercial customers, partners, and universies.
You misunderstood, it only took a few meetings and email threads spread over month or two to figure out the settings, the hard part was testing the 1,000s of client applications in use across the network. The settings break software from a lot of vendors.
What makes you think they aren't looking at Win7 already? Why do you assume that the people who figured out the configurations for XP and Vista can't work on Win7 while the people in operations deploy and maintain the settings on the hundreds of thousands of existing machines?
IMHO, you've oversimplified things.
NSA, DISA, and NIST were all publishing security guidance when I helped publish Microsoft's Windows 2000 Server Security Guide in late 2002. We started working with those 3 agencies and CIS to try to get all of our guidance more closely aligned. We published the Microsoft guides for XP & 2003 in the spring of 2003. Everyone learned a great deal from one another, there are some brilliant people in NIST CSD, the NSA Blue Team, and DISA FSO. We kept meeting to figure out how to improve all of our guidance and to pursuade the Windows team to change the defaults in XP SP2 & Vista. Around 2004 the USAF & their MCS team approached us, including NSA, DISA, & NIST, to help them jumpstart their new program for securing XP. That grew into the SDC, Kenny Heitkamp and Mr. Gilligan pursuaded the OMB to start the FDCC, which used the collective knowledge of Microsoft, USAF, NIST, DISA, and the NSA to work out the details of the FDCC.
At this point, the FDCC is consistent with Microsoft's guidance, but it covers more settings. The USAF's SDC is a bit more restrictive than the FDCC and it covers additional applications. DISA's checklists for XP & Vista are also a bit more restrictive than the FDCC.
I was a security program manager at Microsoft, I worked their for 7 years, from the worst of the worst during Nimda until a few years ago. I had a *small* roll in the company's learning how to do security more effectively. Since then I've been running my own consulting business, I've turn down projects every month becuase I'm too busy and I turn down full-time job offers with 6 digit salaries several times a year. Security Program Manager at Microsoft seems like a great thing to have a on a resume.
Its not that hard: http://www.marlborough-ma.gov/Res/familyhsng/MarlboroughMA_CityClerks/MarlboroughMA_ZoningOrds/article5.
The practice of storing chemicals and conducting scientific research does not appear to be covered by the city's zoning laws. The only zoning violation he *might* be guilty of is using more than 25% of his home's floorspace for business purposes. That hardly justifies confiscating and destroying everything. There may be other laws about the handling and storage of chemicals in the state, but those are not mentioned in the article. I think the city is wrong, they could have simply asked the guy what the chemicals are and what he has been doing with them.
As for spelling the city's name, my recollection is that both forms are used in Massachussettes, the long form on maps, city documents, and so on, the short form on highway signs and many news articles.
Aparently you don't travel much, they tell you to log into your computer. If you refuse they will do 2 things: confiscate the computer and deny entry. They might arrest you too. Many other countries do this, it happened to me crossing into Canada several years ago. I don't like it, but I travel and have to deal with it.
Encrypting the hard drive or portions of it isn't going to help much, they are trained to look and if they realize what you've done they'll demand that you give them access. If you refuse see previous paragraph
Who doesn't have a clue? As far as I know nobody has tried it, but barrel rolls don't put a lot of additional stress on the plane. Apparently Boeing's engineers think it could be done in a 747: http://www.straightdope.com/classics/a1_262.html.
It was done in a 707 50 years ago: http://www.youtube.com/watch?v=WJ546BEps-M but Boeing executives forbade any similar demonstrations by their pilots.
Re:It's not the standard, stupids
on
RTF Vs. OOXML
·
· Score: 1
Well put, I think its hypocritcal and unconstructive to try to undermine Microsoft through the courts, legislation, and standards bodies. All of these underhanded tactics will come back to haunt FOSS, IBM, and everyone else using them because new competitors will adopt the same tactics rather than creating something truly better than the leading technology. These are dangerous precedents that hinder inovation and creativity.
Its not enabled by default, its a feature that makes sense for servers that sit in a datacenter or a remote location. The PGP exec is correct, other full-disk encryption vendors offer similar features. Its not some sort of evil backdoor for Phil Zimmerman to come laugh at your paltry collection of porn.
If you're going to quote the RFC why omit what the RFC says about server behavior? Doesn't it state that the server must respond by broadcasting?
If 'giaddr' is 0x0 in the DHCPREQUEST message, the client is on
the same subnet as the server. The server MUST broadcast the
DHCPNAK message to the 0xffffffff broadcast address because the
client may not have a correct network address or subnet mask, and
the client may not be answering ARP requests.
If 'giaddr' is set in the DHCPREQUEST message, the client is on a
different subnet. The server MUST set the broadcast bit in the
DHCPNAK, so that the relay agent will broadcast the DHCPNAK to the
client, because the client may not have a correct network address
or subnet mask, and the client may not be answering ARP requests.
Read the RFC genius:
If 'giaddr' is 0x0 in the DHCPREQUEST message, the client is on
the same subnet as the server. The server MUST broadcast the
DHCPNAK message to the 0xffffffff broadcast address because the
client may not have a correct network address or subnet mask, and
the client may not be answering ARP requests.
If 'giaddr' is set in the DHCPREQUEST message, the client is on a
different subnet. The server MUST set the broadcast bit in the
DHCPNAK, so that the relay agent will broadcast the DHCPNAK to the
client, because the client may not have a correct network address
or subnet mask, and the client may not be answering ARP requests.
Slashdot Mirror
Sigh... These US citizens and a whole lot of foreigners are being assassinated in non-combat situations. The drones are being used precisely for this scenario: execute someone who isn't actually shooting at US soldiers while minimizing the risk of US soldiers getting injured. And a lot of these drones are being operated by non-military personnel too, so you are ok with the CIA and its contractors executing people, including US citizens? Will you still be ok if the CIA starts executing political extremists in the US simply becuase the president said that the protesters are terrorists who were thinking about violent actions?
That's not quite the question, you are assuming that the administration makes no mistakes when it makes such accusations. That's ridiculous because we KNOW the US government makes lots of mistakes. Why do people have so much faith in the government's ability to accurately identify and execute people who want to kill innocent civilians yet have no faith in the government to manage healthcare or run the IRS?
freezing what funds? you don't maintain deposit accounts a Paypal, the money passes through Paypal to an actual bank. Paypal choosing to stop doing business with Cryptome is not the same thing as freezing funds.
Well said. I like Windows, I'm a Windows expert and I know how to deploy and manage it across large numbers of systems, but its short-sighted to prevent discussion of other options.
Good response AC. Go read Bit's other posts, a few are coherent but most lack arguements and many are full of insults like 'astroturfer.' Maybe his erratic behavior is caused some sort cyclical issue with medication or alcohol:)
3G service is everywhere down here. I don't know where you will be, how many countries you'll visit, etc. If you're going to spend a significant amount of time in specific countries consider getting a pre-paid 3G USB modem when you're going to be in one for a while. In Argentina Claro (http://www.claro.com.ar) offers such a service, I pay about $50 per month for unlimited data, I'm not sure how economical the pre-paid options are. Telecom costs very widely between countries down here, Argentina tends to be one of the most expensive. Some good countermeasures have been suggested: firewall, patches, antimalware are all critical. Its a hassle but if you're using public WiFi you should change passwords for your financial accounts frequently. You should encrypt your sensitive data, and backup to an external disk regularly, laptop theft is fairly common.
I worry that they cheated you on your last purchase of tinfoil. It appears you made yourself a hat of wax paper instead...
Using an escrow service, its the safest way to make a major purchase with an untrusted party. I used http://www.escrow.com/ last year when I sold a domain name I had used for 15 years. It was quick, easy, and thier fee was tolerable.
I don't know.
They's spend several times what you estimate in savings rewriting thier internally developed applications. Then they'd spend even more figuring out how to replace all of the commercial apps.
The US government and many other organizations have had access to Windows source code for years. There are several source sharing programs at Microsoft for government customers, commercial customers, partners, and universies.
You misunderstood, it only took a few meetings and email threads spread over month or two to figure out the settings, the hard part was testing the 1,000s of client applications in use across the network. The settings break software from a lot of vendors.
What makes you think they aren't looking at Win7 already? Why do you assume that the people who figured out the configurations for XP and Vista can't work on Win7 while the people in operations deploy and maintain the settings on the hundreds of thousands of existing machines?
It has nothing to do with hisecws.inf. That security template was finally removed in Vista because it caused too much customer pain. Microsoft's guidance is available here: http://technet.microsoft.com/en-us/library/cc677002.aspx. The FDCC is here: http://fdcc.nist.gov/
IMHO, you've oversimplified things. NSA, DISA, and NIST were all publishing security guidance when I helped publish Microsoft's Windows 2000 Server Security Guide in late 2002. We started working with those 3 agencies and CIS to try to get all of our guidance more closely aligned. We published the Microsoft guides for XP & 2003 in the spring of 2003. Everyone learned a great deal from one another, there are some brilliant people in NIST CSD, the NSA Blue Team, and DISA FSO. We kept meeting to figure out how to improve all of our guidance and to pursuade the Windows team to change the defaults in XP SP2 & Vista. Around 2004 the USAF & their MCS team approached us, including NSA, DISA, & NIST, to help them jumpstart their new program for securing XP. That grew into the SDC, Kenny Heitkamp and Mr. Gilligan pursuaded the OMB to start the FDCC, which used the collective knowledge of Microsoft, USAF, NIST, DISA, and the NSA to work out the details of the FDCC. At this point, the FDCC is consistent with Microsoft's guidance, but it covers more settings. The USAF's SDC is a bit more restrictive than the FDCC and it covers additional applications. DISA's checklists for XP & Vista are also a bit more restrictive than the FDCC.
I was a security program manager at Microsoft, I worked their for 7 years, from the worst of the worst during Nimda until a few years ago. I had a *small* roll in the company's learning how to do security more effectively. Since then I've been running my own consulting business, I've turn down projects every month becuase I'm too busy and I turn down full-time job offers with 6 digit salaries several times a year. Security Program Manager at Microsoft seems like a great thing to have a on a resume.
What rules? I just read the city's zoning regulartions and this use of one's home is not prohibited: http://www.marlborough-ma.gov/Res/familyhsng/MarlboroughMA_CityClerks/MarlboroughMA_ZoningOrds/article5. What source are you citing?
Its not that hard: http://www.marlborough-ma.gov/Res/familyhsng/MarlboroughMA_CityClerks/MarlboroughMA_ZoningOrds/article5. The practice of storing chemicals and conducting scientific research does not appear to be covered by the city's zoning laws. The only zoning violation he *might* be guilty of is using more than 25% of his home's floorspace for business purposes. That hardly justifies confiscating and destroying everything. There may be other laws about the handling and storage of chemicals in the state, but those are not mentioned in the article. I think the city is wrong, they could have simply asked the guy what the chemicals are and what he has been doing with them. As for spelling the city's name, my recollection is that both forms are used in Massachussettes, the long form on maps, city documents, and so on, the short form on highway signs and many news articles.
Aparently you don't travel much, they tell you to log into your computer. If you refuse they will do 2 things: confiscate the computer and deny entry. They might arrest you too. Many other countries do this, it happened to me crossing into Canada several years ago. I don't like it, but I travel and have to deal with it. Encrypting the hard drive or portions of it isn't going to help much, they are trained to look and if they realize what you've done they'll demand that you give them access. If you refuse see previous paragraph
Who doesn't have a clue? As far as I know nobody has tried it, but barrel rolls don't put a lot of additional stress on the plane. Apparently Boeing's engineers think it could be done in a 747: http://www.straightdope.com/classics/a1_262.html. It was done in a 707 50 years ago: http://www.youtube.com/watch?v=WJ546BEps-M but Boeing executives forbade any similar demonstrations by their pilots.
Well put, I think its hypocritcal and unconstructive to try to undermine Microsoft through the courts, legislation, and standards bodies. All of these underhanded tactics will come back to haunt FOSS, IBM, and everyone else using them because new competitors will adopt the same tactics rather than creating something truly better than the leading technology. These are dangerous precedents that hinder inovation and creativity.
Not feasible if you plan on living somewhere on this planet and interacting with other people in any way.
Its not enabled by default, its a feature that makes sense for servers that sit in a datacenter or a remote location. The PGP exec is correct, other full-disk encryption vendors offer similar features. Its not some sort of evil backdoor for Phil Zimmerman to come laugh at your paltry collection of porn.
If you're going to quote the RFC why omit what the RFC says about server behavior? Doesn't it state that the server must respond by broadcasting? If 'giaddr' is 0x0 in the DHCPREQUEST message, the client is on the same subnet as the server. The server MUST broadcast the DHCPNAK message to the 0xffffffff broadcast address because the client may not have a correct network address or subnet mask, and the client may not be answering ARP requests. If 'giaddr' is set in the DHCPREQUEST message, the client is on a different subnet. The server MUST set the broadcast bit in the DHCPNAK, so that the relay agent will broadcast the DHCPNAK to the client, because the client may not have a correct network address or subnet mask, and the client may not be answering ARP requests.
Read the RFC genius: If 'giaddr' is 0x0 in the DHCPREQUEST message, the client is on the same subnet as the server. The server MUST broadcast the DHCPNAK message to the 0xffffffff broadcast address because the client may not have a correct network address or subnet mask, and the client may not be answering ARP requests. If 'giaddr' is set in the DHCPREQUEST message, the client is on a different subnet. The server MUST set the broadcast bit in the DHCPNAK, so that the relay agent will broadcast the DHCPNAK to the client, because the client may not have a correct network address or subnet mask, and the client may not be answering ARP requests.