Those are exactly the type of stories I'm talking about. If Bob Smith is arrested for rape, then he is a rapist, even if he is entirely innocent. If John Smith is known as a kiddie fiddler then no amount of innocents will rub that off of him in a society obsessed by paedophilia and child safety.
A little bit of hyperbole to make my point (*I guess that doesn't translate on the internet) but, yes, you only need a licence if you want regular contact with kids. But frankly the way society is going we're getting closer and closer to the point when some man talks to kids in the park and is arrested as a direct result.
Do you think it is really reasonable to have to have a licence if you want to be a football coach? The statistics don't even really suggest it will help given that most assaults are conducted by family or friends.
Exactly. I bet almost everyone in Slashdot could frame someone in such a way so even a police "expert" (who basically looks at modified, accessed, and created dates) couldn't tell it was fake. I've watched some of the computer crime cases on the Crime Channel and to be honest I find it scary that people can be convicted on such easily faked evidence.
e.g. Boot into Linux, mount the NTFS partition, add illicit images, and child porn sites to "index.dat." Then manually change the dates on the files (very trivial with the drive mounted like this). If you're really good you could add shortcuts into recently viewed documents and create a fake IE history.
Unfortunately in the UK they publish names of anyone accused of sex crimes in local newspapers so you can bet even with the husband in this case proved entirely innocent he might need to move house, have his car set alight, stones thrown through his windows, and have his name google-able to child porn charges. Plus the child services and new child protection scheme use just rumours to judge people so if he applied to, for example, because a football coach he might be denied (*you need a licence to talk to a child in the UK).
One question - Why was the wife or anyone else using the "family PC" not arrested? Or are only males arrested for child porn?
This is a great methodology of testing but to be honest I'm not sure it is within the scope of most software firms. While I'm sure we could all drop entirely random data into a parser and see if it fails, to REALLY conduct a test you have to do the same thing broken down by data element in the file format and then for each of those test both realistic and unrealistic test cases.
Then you throw on top of that UI and Web-Page fuzzing and you now have to somehow hook every element on a site and throw in random data which is not realistic with a large rich application.
"This cannot be patch because it isn't a vulnerability." Uhh yes it can, and sure it is. There are millions of bugs that were entirely by design and the designs adapted to eliminate them. I will grant that they might have to break the PDF spec' to fix it but frankly it is the right thing to do for everyone concerned.
This is Slashdot and we suggest the most insane stuff be Open Source (e.g. "Why isn't my Microwave under GPL?"). But yet when we have an absolutely perfect opportunity to suggest that cars should be REQUIRED to be Open Source for public safety we drop the ball. Come on guys, we can use the power of Open Source and "many eyes" to literally save lives. You could be the geek that finds that piece of code!
I'm yet to see any USB stick or memory card which I consider "secure." Most of them just use poor software tricks and hacks to secure data, and often do so far worse than off the shelf security software like TrueCrypt. To be honest the best security mechanism you could put on a USB stick would be a physical lock to slow someone down who DOESN'T want you to know they're accessing your drive (e.g. Wife, Coworker, Friends, etc). Just a little rolling combination lock with three digits would slow someone down by at least an hour.
The company I work out is currently having a huge headache moving from files into databases. We currently store everything in XML which gives us a great amount of freedom and adaptability. However most database solutions fix you to a single (or handful) of data definitions. Which you can kind of re-create XML be defining all kinds of crazy relationships, it gets hugely convoluted (to say the least).
I would LOVE to see a document/XML-live database. Just needs to do things that standard databases support (e.g. Security Model, Easy Mirroring, Search/Queries) to make it worth our while moving at all. Last I checked we're up to 260,000 XML files and approx 40 different distinct file "formats" (XML layouts).
If only he had raped or killed someone he might have got between 8-12 years... Damn evil hackers with their magic spells that I don't understand and thus am scared of!
Although this guy did have it coming (stealing CC numbers is clearly blackhat); it is still funny to watch how insanely disproportionality computer crimes in particular are handled. If it is just normal fraud then fine, two years, one in jail. But if it is Computer fraud then you're looking at AT LEAST double that.
I just hope these old people die off sooner or later.
Good news the UK government is getting involved in another large IT project... So we can assure ourself of two things, first off this will be hugely overbudget, and secondly it will never remotely do what they had originally intended. How is that NHS system coming? That nationwide police database? That system to monitor people entering and leaving the country?...
The UK government has a bad track record of IT. They do stuff by committee and hire tons of "consultants" who only seem to exist to get themselves more consultant work. Instead of just written an ironclad contract and giving the work to a third party they instead give it out to dozens of third parties with a big government organisation in the middle and then wonder why it won't fit together at the end.
The sad truth is that nobody ever asks IT guys who to complete IT projects. Can you imagine if nobody asked doctors how to cure sick people? Or asked the military how to win a war? Sigh, now I'm pressed. I need a drink.
It is a shame that ThePlanet is doing so badly. I've used them before for dedicated hosting and was very happy with the service I received. I will say that they are very "hands off" (which is generally good, but bad in this case). I think one has to remember that this is a chart of which ISPs are most responsive and active in stopping abuse originating from their network and not some kind of general review of the service they offer.
That being said I think all the ISPs listed should be unhappy about appearing on these lists and should actively be trying to fix their reputation or risk getting blacklisted.
Sounds like you have serious requirement overload. You need to go back and ask them what they ACTUALLY want.
For example, what is a "document?" Who is signing it? How long should the audit trail be? How many millions are you investing in this needlessly complex internal system?
What you're after simply doesn't exist and likely never will. Even if it did implementing it would be hugely expensive and time consuming.
What I don't understand is how this can replacing a paper system? Paper systems lack almost all of the features you requested... So clearly do do not NEED this stuff and thus we came around full circle to requirement overload.
People might think 3D sucks or isn't ready, but if anything gets movies to be shot with two cameras then I hugely support it. While I agree that today, right now, we lack the technology to display 3D well, we might have that technology soon and if we haven't shot our stuff correctly we won't be able to enjoy it that way.
Plus we might get digital media that allows us to "look around" during a live movie. Can you imagine watching Lord of The Rings about being able to turn your head to get an entirely new perspective of what is going on? Plus the cameras can be stitched together to get EVEN HIGHER resolution than HD.
You do realise the keep the original samples right? So they take a sample of DNA, store X points of data into a database, and then take the sample and store it in a massive warehouse. Why? According to them it is so they can re-sample it at higher detail later.
Didn't we already "solve" this problem in the airline industry by breaking down larger more complex software into separate physical components that can be more easily verified? Can we do the same with cars?
Just split one computer into half a dozen much smaller, simpler, little units and set the valid IO conditions for them, then have the components around them sanity check their output.
I'm a little surprised Zeus is only adding dynamic executables with version 1.4. This malware kit has been around a while and software has been doing this kind of thing since the very beginning. Maybe it tells us that a lot of Zeus' victims lack any kind of working AV? Or maybe it tells us that with things like Security Essentials being free and popular they're more worried about AV as a threat to their business?
I will say that a binary that changes its self every execution becomes very hard to detect unless your software really understands how a program is running from a mechanical standpoint. Even then you could still embed a dynamically encrypted package into another process's address space and decrypt it there.
Ultimately however it still comes down to the simple fact that there is one layer of defence on modern PCs and once that is bypassed you might have well reinstall your OS.
Agreed. It is shocking how sexist she is and how much she gets away with "because she was a women." Heck she was even short listed for her position BECAUSE she was a women.
Ultimately we differ in opinion because she believes the means justify the ends (e.g. positively biased for women will counterbalance history and everyone will be equal), where I believe we promote *equality* and the problem will fix its self in time.
She for example introduced a bill that mandated they employ women over men if both are equally qualified. They also placed no limits on how far this should go or when it should end. This bill directly impacts jobs that are already dominated by women so they cannot employ men.
Frankly this isn't a shock given our current government's tracks record.
- Licence to take kids to football practice
- Licence to own a dog (and third party liability insurance)
- CCTV Cameras on every street corner
- An "equality opportunity" amendment which promotes racist and sexist hiring (what the hell?)
- Virtual strip search at every airport
- ID Cards
- et al
Being extremely liberal is great. But some days I wish the UK had a little more of the things American conservatives love (e.g. Personal Freedom, less interference).
Which is all the more reason why the world as a whole should say "no" to the US's copyright laws and rules.
Software Patents in particular have crippled software development in such a way that if any corporation wants you gone then you are just gone. There is little defence even if their claims are totally without merit.
Slashdot Mirror
Those are exactly the type of stories I'm talking about. If Bob Smith is arrested for rape, then he is a rapist, even if he is entirely innocent. If John Smith is known as a kiddie fiddler then no amount of innocents will rub that off of him in a society obsessed by paedophilia and child safety.
A little bit of hyperbole to make my point (*I guess that doesn't translate on the internet) but, yes, you only need a licence if you want regular contact with kids. But frankly the way society is going we're getting closer and closer to the point when some man talks to kids in the park and is arrested as a direct result.
Do you think it is really reasonable to have to have a licence if you want to be a football coach? The statistics don't even really suggest it will help given that most assaults are conducted by family or friends.
Love you too.
Exactly.
I bet almost everyone in Slashdot could frame someone in such a way so even a police "expert" (who basically looks at modified, accessed, and created dates) couldn't tell it was fake. I've watched some of the computer crime cases on the Crime Channel and to be honest I find it scary that people can be convicted on such easily faked evidence.
e.g. Boot into Linux, mount the NTFS partition, add illicit images, and child porn sites to "index.dat." Then manually change the dates on the files (very trivial with the drive mounted like this). If you're really good you could add shortcuts into recently viewed documents and create a fake IE history.
Unfortunately in the UK they publish names of anyone accused of sex crimes in local newspapers so you can bet even with the husband in this case proved entirely innocent he might need to move house, have his car set alight, stones thrown through his windows, and have his name google-able to child porn charges. Plus the child services and new child protection scheme use just rumours to judge people so if he applied to, for example, because a football coach he might be denied (*you need a licence to talk to a child in the UK).
One question - Why was the wife or anyone else using the "family PC" not arrested? Or are only males arrested for child porn?
This is a great methodology of testing but to be honest I'm not sure it is within the scope of most software firms. While I'm sure we could all drop entirely random data into a parser and see if it fails, to REALLY conduct a test you have to do the same thing broken down by data element in the file format and then for each of those test both realistic and unrealistic test cases.
Then you throw on top of that UI and Web-Page fuzzing and you now have to somehow hook every element on a site and throw in random data which is not realistic with a large rich application.
Foxit Reader for Linux might support it.
"This cannot be patch because it isn't a vulnerability." Uhh yes it can, and sure it is. There are millions of bugs that were entirely by design and the designs adapted to eliminate them. I will grant that they might have to break the PDF spec' to fix it but frankly it is the right thing to do for everyone concerned.
This is Slashdot and we suggest the most insane stuff be Open Source (e.g. "Why isn't my Microwave under GPL?"). But yet when we have an absolutely perfect opportunity to suggest that cars should be REQUIRED to be Open Source for public safety we drop the ball. Come on guys, we can use the power of Open Source and "many eyes" to literally save lives. You could be the geek that finds that piece of code!
I'm yet to see any USB stick or memory card which I consider "secure." Most of them just use poor software tricks and hacks to secure data, and often do so far worse than off the shelf security software like TrueCrypt. To be honest the best security mechanism you could put on a USB stick would be a physical lock to slow someone down who DOESN'T want you to know they're accessing your drive (e.g. Wife, Coworker, Friends, etc). Just a little rolling combination lock with three digits would slow someone down by at least an hour.
Next challenge write an NMap probe that can defend them from this furious slashdotting that has thrown their site offline.
PS - I realise that makes no sense. But it sounds better than memcache filter or hammer control.
The company I work out is currently having a huge headache moving from files into databases. We currently store everything in XML which gives us a great amount of freedom and adaptability. However most database solutions fix you to a single (or handful) of data definitions. Which you can kind of re-create XML be defining all kinds of crazy relationships, it gets hugely convoluted (to say the least).
I would LOVE to see a document/XML-live database. Just needs to do things that standard databases support (e.g. Security Model, Easy Mirroring, Search/Queries) to make it worth our while moving at all. Last I checked we're up to 260,000 XML files and approx 40 different distinct file "formats" (XML layouts).
If only he had raped or killed someone he might have got between 8-12 years... Damn evil hackers with their magic spells that I don't understand and thus am scared of!
Although this guy did have it coming (stealing CC numbers is clearly blackhat); it is still funny to watch how insanely disproportionality computer crimes in particular are handled. If it is just normal fraud then fine, two years, one in jail. But if it is Computer fraud then you're looking at AT LEAST double that.
I just hope these old people die off sooner or later.
Did you watch it? This is really cool technology.
Frankly if I'm not coming to Slashdot to see the latest and greatest toys, technology, and, yes, products then what is the point...
Actually yes. They already are. If you are on low income you can apply for a grant to buy both a laptop AND internet connection.
Good news the UK government is getting involved in another large IT project... So we can assure ourself of two things, first off this will be hugely overbudget, and secondly it will never remotely do what they had originally intended. How is that NHS system coming? That nationwide police database? That system to monitor people entering and leaving the country? ...
The UK government has a bad track record of IT. They do stuff by committee and hire tons of "consultants" who only seem to exist to get themselves more consultant work. Instead of just written an ironclad contract and giving the work to a third party they instead give it out to dozens of third parties with a big government organisation in the middle and then wonder why it won't fit together at the end.
The sad truth is that nobody ever asks IT guys who to complete IT projects. Can you imagine if nobody asked doctors how to cure sick people? Or asked the military how to win a war? Sigh, now I'm pressed. I need a drink.
Indeed. And since we can almost certainly guarantee there is video, the question is will this appear in court or is the camera "damaged?"
It is a shame that ThePlanet is doing so badly. I've used them before for dedicated hosting and was very happy with the service I received. I will say that they are very "hands off" (which is generally good, but bad in this case). I think one has to remember that this is a chart of which ISPs are most responsive and active in stopping abuse originating from their network and not some kind of general review of the service they offer.
That being said I think all the ISPs listed should be unhappy about appearing on these lists and should actively be trying to fix their reputation or risk getting blacklisted.
Sounds like you have serious requirement overload. You need to go back and ask them what they ACTUALLY want.
For example, what is a "document?" Who is signing it? How long should the audit trail be? How many millions are you investing in this needlessly complex internal system?
What you're after simply doesn't exist and likely never will. Even if it did implementing it would be hugely expensive and time consuming.
What I don't understand is how this can replacing a paper system? Paper systems lack almost all of the features you requested... So clearly do do not NEED this stuff and thus we came around full circle to requirement overload.
People might think 3D sucks or isn't ready, but if anything gets movies to be shot with two cameras then I hugely support it. While I agree that today, right now, we lack the technology to display 3D well, we might have that technology soon and if we haven't shot our stuff correctly we won't be able to enjoy it that way.
Plus we might get digital media that allows us to "look around" during a live movie. Can you imagine watching Lord of The Rings about being able to turn your head to get an entirely new perspective of what is going on? Plus the cameras can be stitched together to get EVEN HIGHER resolution than HD.
You do realise the keep the original samples right?
So they take a sample of DNA, store X points of data into a database, and then take the sample and store it in a massive warehouse. Why? According to them it is so they can re-sample it at higher detail later.
Didn't we already "solve" this problem in the airline industry by breaking down larger more complex software into separate physical components that can be more easily verified? Can we do the same with cars?
Just split one computer into half a dozen much smaller, simpler, little units and set the valid IO conditions for them, then have the components around them sanity check their output.
I'm a little surprised Zeus is only adding dynamic executables with version 1.4. This malware kit has been around a while and software has been doing this kind of thing since the very beginning. Maybe it tells us that a lot of Zeus' victims lack any kind of working AV? Or maybe it tells us that with things like Security Essentials being free and popular they're more worried about AV as a threat to their business?
I will say that a binary that changes its self every execution becomes very hard to detect unless your software really understands how a program is running from a mechanical standpoint. Even then you could still embed a dynamically encrypted package into another process's address space and decrypt it there.
Ultimately however it still comes down to the simple fact that there is one layer of defence on modern PCs and once that is bypassed you might have well reinstall your OS.
Agreed.
It is shocking how sexist she is and how much she gets away with "because she was a women." Heck she was even short listed for her position BECAUSE she was a women.
Ultimately we differ in opinion because she believes the means justify the ends (e.g. positively biased for women will counterbalance history and everyone will be equal), where I believe we promote *equality* and the problem will fix its self in time.
She for example introduced a bill that mandated they employ women over men if both are equally qualified. They also placed no limits on how far this should go or when it should end. This bill directly impacts jobs that are already dominated by women so they cannot employ men.
Frankly this isn't a shock given our current government's tracks record.
- Licence to take kids to football practice
- Licence to own a dog (and third party liability insurance)
- CCTV Cameras on every street corner
- An "equality opportunity" amendment which promotes racist and sexist hiring (what the hell?)
- Virtual strip search at every airport
- ID Cards
- et al
Being extremely liberal is great. But some days I wish the UK had a little more of the things American conservatives love (e.g. Personal Freedom, less interference).
Which is all the more reason why the world as a whole should say "no" to the US's copyright laws and rules.
Software Patents in particular have crippled software development in such a way that if any corporation wants you gone then you are just gone. There is little defence even if their claims are totally without merit.