I would like to see some credible evidence before I'll believe that contradictions exist in the Bible.
Perhaps you haven't investigated this too deeply. I would suggest taking a look at this enumeration of "apparent" contradictions.
I am not attempting to discredit the Bible or the religion it supports. I am simply pointing out there's a lot to analyse and contemplate on this particular subject.
Microsoft has been building a 'home of the future' about once a year for a while. This is their forth, I believe.
The Home of the Futurix is older than you know. I prefer counting from the emergence of systemic anomaly to the emergence of the next in which case this is the fourth version.
The first Home of the Futurix I designed was quite naturally perfect. It was a work of art. The inevitability of its doom is apparent to me now as a consequence of the imperfection inherent in every human being to not buy my products no matter how contrived or poor quality they may be.
I never said CTS was RSI. I simply stated that I disgree with the notion that repetitive motion doesn't lead to repetitive stress injury. CTS is a type of RSI, they claim typing (a highly repetitive action) does not necessarily cause CTS. That's pretty much saying repetition is not associated with RSI. Please read more carefully.
...both of my wrists are cramping up. The more I type, worse my wrists get. Sadly, I'm a programmer. That doesn't help things. I cannot agree with a study that tries to disassociate repetitive motion with RMI. That's just bologna.
Actually in long term the answer is Yes, because they do not want any west influence - thats the same like christians 600 hundred yrs. ago. Thats the offset between christian and moslem religions. So You have to wait something like 300 hundred years to get moslem religion to some civilized state. (if it will evolve the some way like christian one).
Wait, Christianity is "civilized"? You got your radical fundamentalists, your racists, your snake handlers, and your war-hawk right-wing leaders. Christianity is by no means civilized. On top of that, take a look at the world of Islam on the order of a thousand years ago. It was far more educated and "civilized" than any of the Christian world at the time (who were still practicing feudalism, witch burnings, inquisitions, etc).
Islam today sees a lot of political and social unrest because of the vast resources Islamic nations have: oil. You can be quite certain that the United States and other big oil consumers have quite a bit to do with that. The oppression which leads to violent radicals is no accident; it's engineered that way. That's why the US gives and has given tons of modern weapons (including WMD) to Israel, Iraq, Iran, Syria... well gee, a lot of the countries of a religion you claim is uncivilized.
Now, to what ends, you might ask? It's textbook Machiavelli politics. You have a large group of people kept oppressed and subjugated by a small group of people. Oil consuming nations give weapons and money to this small group of oppressors to make the population has a whole easier to deal with because they can get away with pleasing fewer people. As a result, the consumers set the price on oil, not the producers. The problem is that a lot of the little guys figured out who is really causing their problems. Because the situation is so bad, they turn to violence in an attempt to break the establishment.
Please get off your righteous high-horse. Christianity and Christian nations are not the only one's with a valid viewpoint. More importantly, they're not the only ones who should have a say in how the world works.
That... or how the hell he stopped the squidies when he was OUT of the Matrix (or so we thought)
Your observation they are still inside the Matrix is correct, backed up by several other events in the movie. Some of them are really subtle and I cannot recall. One is not so subtle and quite memorable:
The spoon bender in the first movie insisted "there is no spoon". Why is there no spoon? Because they are in the Matrix. The spoon becomes a symbol at this point for what does not exist as a result of where they are. The boy gives Neo another spoon as he's leaving Zion, but he does not change his message. He simply gives him the spoon. The message is unchanged: "there is no spoon", ergo, you're still inside the Matrix.
I think most people will agree, given that and the Sentinal scene in the end where Neo loses consciousness, that people in Zion are still inside the Matrix. Neo, having mastered control over Matrix reality, is "beginning to believe" here as well. How he might have realized this, I do not have any theory on. This concept will be crutial later on because I think it will apply to Agent Smith as well.
What's really going to bake your noodle is why do the machines need to destroy Zion with a conventional attack? They literally allow Zion to be created, fight with it for a while, then eventually send a massive army to wipe it out. If the machines controlled the Matrix, why not just "delete" Zion?
The answer? I believe that both the machines AND humans are trapped inside of a Matrix. Both of them are enslaved!
Think about what the Oracle said to Neo when they were talking about how he could trust her. Neo asks, "why are you helping us?" She replies, "I'm interested in one thing Neo, the future. And I know, the only way to get there is together."
From this I conclude that while there are some humans that realize their reality is fake, there are some programs that realize the same thing. Somehow there needs to be a collaboration between the two if they are somehow to free themselves.
There's some support for this in the teaser trailer.
You see an army of Agent Smiths that appear to be standing in the surface desert, with hover craft surrounding them. If Smith is merely a Matrix construct, how can he exist in the "real world"?
There is a scene with Neo and Smith fighting where they hit each other and both fly back. Amidst this, a shot is inserted of Morpheus stating with much shock and disbelief: "he fights for us!?"
If PKIs become relevant, we're going to see attacks on CAs (and not just the rather insecure SSL browser PKI).
Then those attacks will have to be quite sophisticated. PKI security is mathematically provable. Forgery, in so far as immitating someone who authorized to take a particular action, is a social engineering feat. Of course, one can always con an misinformed individual out of passphrases.
Furthermore, there is currently no large-scale PKI which tracks who is authorized to speak for which company (let alone IP address space!).
As I understand it, it was not a question of authorization but merely forgery. Someone claiming to be a person who was authorized without provided proof. I never said that PKI would solve the who can, just the who is. This case in particular was the latter of the two. Or perhaps I need to RTFA again.
All bulk data processing on the net is either done by machines
Automated authentication of authorized persons is nothing new. In fact, it's very old.:-P
And let me repeat the major problem: At some point, you have to check that a document dealing with address space allocation issues was sent by someone who is authorized to change the allocation.
OKay, now I am really wondering what is going through your head. I do not see where the major difficulty is of keeping a secure list of authorized personnel and then authenticating their messages/commands/etc. with PKI (or any other login mechanism).
Even if you have digital certificate which proves the identity of the sender (a questionable assumption)
How is that questionable? I don't think you know what you're talking about. Want to try and forge a message coming from my key? It's infeasible unless you're the NSA. If two parties meet, each verifies the identity of the other, then sign each other's keys, then The Factoring Problem must be solved or the one of the symmetric keys compromised in order for the system to break down. If the first happens, it's the end of a lot of computer security as we know it. If the second happens, the parties will generate new keys and secrets and resume.
still don't know if the sender is authorized for the transaction. Given that we deal with extremely critical infrastructure, I really don't care if I can sue someone afterwards. The goal has to be to avoid processing bogus transactions in the first place.
Once again, I still don't see how difficult it is to maintain a list of authorized personnel. Every multiuser system in the world does this.
I hope this makes it a little bit clearer why PKIs can't immediately solve such problems.
This would have been accomplished if you demonstrated why a manifest of authorized personnel is a difficult to implement or insecurable mechanism.
Apple, meanwhile, is countersuing to have the Unix trademark declared invalid because the term has become generic.
"Unix" has become just like "Xerox". I truly hope this is an open and shut win for Apple because this lawsuit is just plain bullshit. Everyone from magazines to manuals to all kinds of marketing material use the term "Unix" extensively. SysAdmin and;login: immediately come to mind. I'm sure there's dozens of others. If this "trademark" hasn't been enforced in any other cases, how can they possibly stand a chance to win against Apple?
The message digest is encrypted against the sender's public key so that anyone who knows and trusts the sender's public key can decrypt the digest and trust the authenticity of the message.
The parent poster is insightful, you are an idiot.
Unfortunately, your proposal is completely irrelevant. In the cases I know, the communication channel between the ISP and ARIN was not compromised. The ISP just sent bogus data, acting on forged customer requests.
No shit the channel was not compromised, but it was misused. So how do we solve the problem of determining if a message is authentic. *snaps fingers* I know! We use public key cryptography!
There isn't any cryptographic protocol that can solve such a problem, and that's why S-BGP and other "secure" BGP successors are almost completely irrelevant. Cryptography is not the answer to all attacks.
You are sadly mistaken. Cryptography is not just about obscuring the message, but also proving that the message is authentic.
Here's how the process works: 1. message is run through a digest 2. the digest is encrypted using the sender's private key against the recipient's public key (this is called the signature) 3. the message is sent with the signature attached 4. the recipient decrypts the signature to get the digest and performs the same digest operation on the message. If the signature cannot be decrypted, or the digests do not match, the message cannot be authenticated.
Both parties must trust the other's public key, so they met in person and signed the other's key. before they performed any transactions. Afterwards, if they can successfully encrypt and decrypt messages to and from the other, the authentication mechanism above works.
In general, cryptography is used for authentication in all kinds of places. You know hash function is a type of cypher? Passwords are *nix systems are stored hashed. Every time you enter a password, the system runs it through a hash function (likely MD5) and compares that to what is stored on disk. MD5 sums are used to validate the authenticity of software packages. Of course, the list of sums is often authenticated as described above (using PGP/GPG).
What the fuck are you talking about? Have you even the slightest comprehension of how the protocols PGP uses work?
Please, I emplore you to go read this introduction and maybe supplement it with this document before your brain conjours up another thought.
You do have the right idea, however. Public key authentication is useful for so many things and this is one of them. Basically, all parties involved have public and private key pairs established before any transactions take place. After that, all messages for transactions are then signed so the sender can prove their identity to the recipient. If the signature of the message is invalid, the message is ignored. The adversary in this case, spammers, are probably not sophisticated enough to acquire the private key of either party (assuming good cryptographic policy is adhered to) or solve the factoring dillema on which public key cryptography is based.
It all comes down to authentication. If you have a system in place where a message can be authenticated, you have that much more security. If not, you get situations like these where the stakes are high and forgeries are nearly trivial.
My knee-jerk reaction to "What can be done to improve the situation?" is to point out the obviousness of Linux. Tons of libraries. Lots of compilers. Piles of documentation. Mommy and daddy may not like the idea of a different operating system installed on their computer, however. A lot of people are fiercely opposed to anything that changes things they don't understand. That was always my experience. I was fearless, nobody else was.
So, let's give the kids a lot of pros of Linux on Windows. Send them to this web site. While Cygwin is good, it isn't great. You lack a lot of the flexibility (especially in terms of libraries) but it'd be very useful for beginner programmers who are only going to write programs using console based I/O and little else.
If you recall, we humans came up with this red dust stuff that killed the Visitors on contact...so they couldn't be on the surface of the planet--hope they answer that situation in the return.
The Visitors probably will have learned how to synthesize the antidote the humans gave to the traitors.
The insanity of 'white-hat' security companies will surely come to an end sooner rather than later. Securing the corporate or home network simply isn't that difficult anymore.
So that's why networks are so secure today, right? It's quite an assumption to say that random IT people know how to do security auditing and hardening.
But today, they are simply usurped by competent system and network administrators and the forethought of coders to write code with security in mind.
Well, that's the problem. There are very few competent system and network admins and coders who keep security in mind. Also, even if they are competent, what about peer review? No matter how good you are, you should always have someone else check out your setup and/or work. There's always vulnerabilities.
By the way, you keep working on this assumption that no security problem exists in the computer industry. You insist upon it, but provide no facts or backup when the contrary is obvious from anyone with their finger on the tech industry pulse.
Tell the guy in the suit you want to sell him a network security auditing tool (or service), because he doesn't have the man power to do it in house. He may be willing to pay. Tell the manager of a group of coders you want to sell her your competence and third party viewpoint of the security of their code. She may be willing to pay. Tell me you want to sell me a 250,000 dollar piece of network auditing code, or scan my network from the outside to tell me where my vulnerabilities lie without knowing my network already, or bebop around my 30,000+ user network analyzing a bunch of known signatures and I'll tell you to go back to the drawing board and tell me why your first answer wasn't to invest in a competent enough staff to make you obsolete.
That auditing fee is chicken feed to huge corporations who have massive networks that require auditing. Foundstone isn't the kind of company that's going to provide a service for a Joe's Software Company with 10 employees. By the way, Foundstone does thorough audits, not just scanning your "network from outside to tell me where my vulnerabilkities lie without knowing my network already". Get a clue.
For every company to have an "in-house Foundstone" would be prohibitively expensive. Foundstone sells massive amounts of security experience to be applied to the job. You cannot just get that "in-house" for cheaper than what Foundstone offers. Also, Foundstone provides education services to help in-house people do a better job of analysis. Once again, you are clueless about Foundstone's business.
You, sir, are an idiot. Who moderated this rubbish up to 5?
It took almost no effort to find the counterpoints on Foundstone's website. Funny the editors didn't stumble upon it as easily as I did. Why not try and get the facts straight? From the PDF for those to lazy to read:
According to Harvy Liss, President of VLSystems, which conducted the independent audit, "The vast majority of the software applications running on the 510 active Foundstone systems were properly licensed. Including operating systems and applications, several hundred software programs are currently in use by Foundstone and over 95% were identified as properly licensed. In our experience, having performed numerous software licensing audits, this is among the higher rates for pre-audit compliance."
For being such a small shop, Foundstone appears to do pretty well in this department.
Now, a pressing question is what about this is even news worthy? Slashdot is now helping rake a shop through the mud even though software piracy runs rampant in most businesses (especially those in the tech industry)? Are we now going to be subjected to stories like "company X accused of software piracy" where "company X" is any random org? Yes, "company X" probably has some pirated software floating around, but that doesn't mean they should get a slot on the front page. Besides, since when does the/. rally to accuse people of "intellectual property" violations when the political beat here is that IP is bullshit (which it is, but that's another argument)?
I just heard some sad news on talk radio - Political/Tech/Sci-Fi writer Bruce Sterling was found dead in his Texas
home this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss him - whether you agree with him or not [his article] makes for thought-provoking reading. Truly an American icon.
Bad Gollum: We're not gonna thank anyone, oh noo. Not you, not MTV, and not those pigs at WETA digital, or Peter Jackson my precious. Who do you think you are, you *BEEP*ng hack? Shame on you! Shame on you! Go f*BEEP* your self.
The line was "pixel-pushing pin-dicks at WETA Digital."
Bad Gollum: Frankly, nothing can compensate for the long hours and low pay and miserable experience we've had making this *BEEP*ing movie. And if you think *BEEP* you getting this top of gold popcorn is going to remotely make up for everything we've suffered, you're sadly *BEEP*ng mistaken. You're all bastards! MTV sucks! We hate you all!
It's "...this tub of golden popcorn...".
If you're going to post a transcript, at least try to get the good parts right.
The recirculation of Malcolm as icon during the late 1980s and 1990s got its biggest boost from the commercial marketplace, as retailers, publishers, and Hollywood cashed in on the popularity of hip-hop music and culture. And as Afrocentrism achieved respectability among black urban (and suburban) professionals, Malcolm's face and name became a central staple among the "Afro-Chic" products that made up their casual attire (see Afrocentricity).
The rush to purchase "X" paraphernalia affected not only African Americans but also suburban whites, Latinos, and Asian Americans fascinated with black youth cultures. Dubbed the "X" generation, ad agencies boldly marketed "X" products without even mentioning Malcolm. "Malcolmania" reached its high point with the release of Spike Lee's cinematic rendering of Malcolm's autobiography in 1992. Following Lee's lead, retailers sold millions of dollars worth of "X" caps, T-shirts, medallions, and posters emblazoned with Malcolm's name, body, or words.
Not surprisingly, the selling of Malcolm X in the 1990s generated pointed debate among African Americans. Some argued that marketing Malcolm undermined his message, while others insisted that the circulation of his image has prompted young people to search out his ideas. Some utilized his emphasis on black community development to support a new African American entrepreneurialism, while others insisted on seeing him as a radical democrat devoted to social justice. His anti-imperialism has dropped out of public memory, whereas his misogyny has been ignored by his supporters and spotlighted by his detractors.However these disputes evolve, it appears that Malcolm X's place in U.S. history, and in the collective memory of African Americans, is secure. Ironically, some of his centrality can be attributed to the mutability of his own viewpoint. Because his ideas were constantly being renewed and rethought during his short career, Malcolm has become a sort of tabula rasa, or blank slate, on which people of different positions can write their own interpretation of his politics and legacy. Chuck D of the rap group Public Enemy and Supreme Court Justice Clarence Thomas can both declare Malcolm X their hero. Truly an American icon.
Take the rescent Neverwinter Nights fiasco. It took Bioware forever to choose a platform to handle the graphics and even longer to choose one to handle the sound.
This has nothing to do with Linux being inferior in not compatible. Bioware made the mistake of choosing technologies that were not crossplatform with which to build their software. They used Fink for video and some other proprietary sound system for building NWN. Neither of which was ported to Linux and neither made the source code available to make a port possible. As a result, they had become dependent on technologies they had no control over. This was their stupidity, not a failure on the part of Linux.
If Bioware had used SDL and other open and portable technologies, they would be able to run on virtually any platform with minimal porting effort.
This is alagous to saying "I used to MFC to write my application instead of Qt (which exists on most GUI platforms today). As a result, it doesn't run on Linux because there is no MFC for Linux. I do not have the source for MFC and the vendor who supplies MFC will not port it. Ergo, Linux sucks."
** Microsoft loads gun, aims at foot, and pulls trigger.
The net result of this is the reduced availability of Internet Explorer to end users and web developers.
As a web developer, if I cannot get access to a web browser, I am not going to develop for it. It's just that simple. Even now I only put minimal effort towards supporting IE when I author for the web.
Other people who actively try to support IE will probably be inhibited from getting IE7+ by high costs of whatever version of Windows will carry it in the future.
A few months ago, I was considering a serious backup solution, but really didn't want to go with tape. So I went out and bought a Sony DVD+/-RW burner. I still have yet to really find a sweet-spot backup solution that can do incremental backups and other fun stuff. Are there any packages out there that will do it as easily as with tape?
Slashdot Mirror
I cannot possibly reply any more eloquently than Black Parrot does in this post.
I would like to see some credible evidence before I'll believe that contradictions exist in the Bible.
Perhaps you haven't investigated this too deeply. I would suggest taking a look at this enumeration of "apparent" contradictions.
I am not attempting to discredit the Bible or the religion it supports. I am simply pointing out there's a lot to analyse and contemplate on this particular subject.
Go read for yourself.
Microsoft has been building a 'home of the future' about once a year for a while. This is their forth, I believe.
The Home of the Futurix is older than you know. I prefer counting from the emergence of systemic anomaly to the emergence of the next in which case this is the fourth version.
The first Home of the Futurix I designed was quite naturally perfect. It was a work of art. The inevitability of its doom is apparent to me now as a consequence of the imperfection inherent in every human being to not buy my products no matter how contrived or poor quality they may be.
I never said CTS was RSI. I simply stated that I disgree with the notion that repetitive motion doesn't lead to repetitive stress injury. CTS is a type of RSI, they claim typing (a highly repetitive action) does not necessarily cause CTS. That's pretty much saying repetition is not associated with RSI. Please read more carefully.
...both of my wrists are cramping up. The more I type, worse my wrists get. Sadly, I'm a programmer. That doesn't help things. I cannot agree with a study that tries to disassociate repetitive motion with RMI. That's just bologna.
Actually in long term the answer is Yes, because they do not want any west influence - thats the same like christians 600 hundred yrs. ago. Thats the offset between christian and moslem religions. So You have to wait something like 300 hundred years to get moslem religion to some civilized state. (if it will evolve the some way like christian one).
Wait, Christianity is "civilized"? You got your radical fundamentalists, your racists, your snake handlers, and your war-hawk right-wing leaders. Christianity is by no means civilized. On top of that, take a look at the world of Islam on the order of a thousand years ago. It was far more educated and "civilized" than any of the Christian world at the time (who were still practicing feudalism, witch burnings, inquisitions, etc).
Islam today sees a lot of political and social unrest because of the vast resources Islamic nations have: oil. You can be quite certain that the United States and other big oil consumers have quite a bit to do with that. The oppression which leads to violent radicals is no accident; it's engineered that way. That's why the US gives and has given tons of modern weapons (including WMD) to Israel, Iraq, Iran, Syria... well gee, a lot of the countries of a religion you claim is uncivilized.
Now, to what ends, you might ask? It's textbook Machiavelli politics. You have a large group of people kept oppressed and subjugated by a small group of people. Oil consuming nations give weapons and money to this small group of oppressors to make the population has a whole easier to deal with because they can get away with pleasing fewer people. As a result, the consumers set the price on oil, not the producers. The problem is that a lot of the little guys figured out who is really causing their problems. Because the situation is so bad, they turn to violence in an attempt to break the establishment.
Please get off your righteous high-horse. Christianity and Christian nations are not the only one's with a valid viewpoint. More importantly, they're not the only ones who should have a say in how the world works.
That... or how the hell he stopped the squidies when he was OUT of the Matrix (or so we thought)
Your observation they are still inside the Matrix is correct, backed up by several other events in the movie. Some of them are really subtle and I cannot recall. One is not so subtle and quite memorable:
The spoon bender in the first movie insisted "there is no spoon". Why is there no spoon? Because they are in the Matrix. The spoon becomes a symbol at this point for what does not exist as a result of where they are. The boy gives Neo another spoon as he's leaving Zion, but he does not change his message. He simply gives him the spoon. The message is unchanged: "there is no spoon", ergo, you're still inside the Matrix.
I think most people will agree, given that and the Sentinal scene in the end where Neo loses consciousness, that people in Zion are still inside the Matrix. Neo, having mastered control over Matrix reality, is "beginning to believe" here as well. How he might have realized this, I do not have any theory on. This concept will be crutial later on because I think it will apply to Agent Smith as well.
What's really going to bake your noodle is why do the machines need to destroy Zion with a conventional attack? They literally allow Zion to be created, fight with it for a while, then eventually send a massive army to wipe it out. If the machines controlled the Matrix, why not just "delete" Zion?
The answer? I believe that both the machines AND humans are trapped inside of a Matrix. Both of them are enslaved!
Think about what the Oracle said to Neo when they were talking about how he could trust her. Neo asks, "why are you helping us?" She replies, "I'm interested in one thing Neo, the future. And I know, the only way to get there is together."
From this I conclude that while there are some humans that realize their reality is fake, there are some programs that realize the same thing. Somehow there needs to be a collaboration between the two if they are somehow to free themselves.
There's some support for this in the teaser trailer.
You see an army of Agent Smiths that appear to be standing in the surface desert, with hover craft surrounding them. If Smith is merely a Matrix construct, how can he exist in the "real world"?
There is a scene with Neo and Smith fighting where they hit each other and both fly back. Amidst this, a shot is inserted of Morpheus stating with much shock and disbelief: "he fights for us!?"
If PKIs become relevant, we're going to see attacks on CAs (and not just the rather insecure SSL browser PKI).
:-P
Then those attacks will have to be quite sophisticated. PKI security is mathematically provable. Forgery, in so far as immitating someone who authorized to take a particular action, is a social engineering feat. Of course, one can always con an misinformed individual out of passphrases.
Furthermore, there is currently no large-scale PKI which tracks who is authorized to speak for which company (let alone IP address space!).
As I understand it, it was not a question of authorization but merely forgery. Someone claiming to be a person who was authorized without provided proof. I never said that PKI would solve the who can, just the who is. This case in particular was the latter of the two. Or perhaps I need to RTFA again.
All bulk data processing on the net is either done by machines
Automated authentication of authorized persons is nothing new. In fact, it's very old.
And let me repeat the major problem: At some point, you have to check that a document dealing with address space allocation issues was sent by someone who is authorized to change the allocation.
OKay, now I am really wondering what is going through your head. I do not see where the major difficulty is of keeping a secure list of authorized personnel and then authenticating their messages/commands/etc. with PKI (or any other login mechanism).
Even if you have digital certificate which proves the identity of the sender (a questionable assumption)
How is that questionable? I don't think you know what you're talking about. Want to try and forge a message coming from my key? It's infeasible unless you're the NSA. If two parties meet, each verifies the identity of the other, then sign each other's keys, then The Factoring Problem must be solved or the one of the symmetric keys compromised in order for the system to break down. If the first happens, it's the end of a lot of computer security as we know it. If the second happens, the parties will generate new keys and secrets and resume.
still don't know if the sender is authorized for the transaction. Given that we deal with extremely critical infrastructure, I really don't care if I can sue someone afterwards. The goal has to be to avoid processing bogus transactions in the first place.
Once again, I still don't see how difficult it is to maintain a list of authorized personnel. Every multiuser system in the world does this.
I hope this makes it a little bit clearer why PKIs can't immediately solve such problems.
This would have been accomplished if you demonstrated why a manifest of authorized personnel is a difficult to implement or insecurable mechanism.
Apple, meanwhile, is countersuing to have the Unix trademark declared invalid because the term has become generic.
;login: immediately come to mind. I'm sure there's dozens of others. If this "trademark" hasn't been enforced in any other cases, how can they possibly stand a chance to win against Apple?
"Unix" has become just like "Xerox". I truly hope this is an open and shut win for Apple because this lawsuit is just plain bullshit. Everyone from magazines to manuals to all kinds of marketing material use the term "Unix" extensively. SysAdmin and
Enough with the frivilous lawsuits already!!
The message digest is encrypted against the sender's public key so that anyone who knows and trusts the sender's public key can decrypt the digest and trust the authenticity of the message.
Unfortunately, your proposal is completely irrelevant. In the cases I know, the communication channel between the ISP and ARIN was not compromised. The ISP just sent bogus data, acting on forged customer requests.
No shit the channel was not compromised, but it was misused. So how do we solve the problem of determining if a message is authentic. *snaps fingers* I know! We use public key cryptography!
There isn't any cryptographic protocol that can solve such a problem, and that's why S-BGP and other "secure" BGP successors are almost completely irrelevant. Cryptography is not the answer to all attacks.
You are sadly mistaken. Cryptography is not just about obscuring the message, but also proving that the message is authentic.
Here's how the process works:
1. message is run through a digest
2. the digest is encrypted using the sender's private key against the recipient's public key (this is called the signature)
3. the message is sent with the signature attached
4. the recipient decrypts the signature to get the digest and performs the same digest operation on the message.
If the signature cannot be decrypted, or the digests do not match, the message cannot be authenticated.
Both parties must trust the other's public key, so they met in person and signed the other's key. before they performed any transactions. Afterwards, if they can successfully encrypt and decrypt messages to and from the other, the authentication mechanism above works.
In general, cryptography is used for authentication in all kinds of places. You know hash function is a type of cypher? Passwords are *nix systems are stored hashed. Every time you enter a password, the system runs it through a hash function (likely MD5) and compares that to what is stored on disk. MD5 sums are used to validate the authenticity of software packages. Of course, the list of sums is often authenticated as described above (using PGP/GPG).
So please, come up to speed on these things!
What the fuck are you talking about? Have you even the slightest comprehension of how the protocols PGP uses work?
Please, I emplore you to go read this introduction and maybe supplement it with this document before your brain conjours up another thought.
You do have the right idea, however. Public key authentication is useful for so many things and this is one of them. Basically, all parties involved have public and private key pairs established before any transactions take place. After that, all messages for transactions are then signed so the sender can prove their identity to the recipient. If the signature of the message is invalid, the message is ignored. The adversary in this case, spammers, are probably not sophisticated enough to acquire the private key of either party (assuming good cryptographic policy is adhered to) or solve the factoring dillema on which public key cryptography is based.
It all comes down to authentication. If you have a system in place where a message can be authenticated, you have that much more security. If not, you get situations like these where the stakes are high and forgeries are nearly trivial.
My knee-jerk reaction to "What can be done to improve the situation?" is to point out the obviousness of Linux. Tons of libraries. Lots of compilers. Piles of documentation. Mommy and daddy may not like the idea of a different operating system installed on their computer, however. A lot of people are fiercely opposed to anything that changes things they don't understand. That was always my experience. I was fearless, nobody else was.
So, let's give the kids a lot of pros of Linux on Windows. Send them to this web site. While Cygwin is good, it isn't great. You lack a lot of the flexibility (especially in terms of libraries) but it'd be very useful for beginner programmers who are only going to write programs using console based I/O and little else.
If you recall, we humans came up with this red dust stuff that killed the Visitors on contact...so they couldn't be on the surface of the planet--hope they answer that situation in the return.
The Visitors probably will have learned how to synthesize the antidote the humans gave to the traitors.
The insanity of 'white-hat' security companies will surely come to an end sooner rather than later. Securing the corporate or home network simply isn't that difficult anymore.
So that's why networks are so secure today, right? It's quite an assumption to say that random IT people know how to do security auditing and hardening.
But today, they are simply usurped by competent system and network administrators and the forethought of coders to write code with security in mind.
Well, that's the problem. There are very few competent system and network admins and coders who keep security in mind. Also, even if they are competent, what about peer review? No matter how good you are, you should always have someone else check out your setup and/or work. There's always vulnerabilities.
By the way, you keep working on this assumption that no security problem exists in the computer industry. You insist upon it, but provide no facts or backup when the contrary is obvious from anyone with their finger on the tech industry pulse.
Tell the guy in the suit you want to sell him a network security auditing tool (or service), because he doesn't have the man power to do it in house. He may be willing to pay. Tell the manager of a group of coders you want to sell her your competence and third party viewpoint of the security of their code. She may be willing to pay. Tell me you want to sell me a 250,000 dollar piece of network auditing code, or scan my network from the outside to tell me where my vulnerabilities lie without knowing my network already, or bebop around my 30,000+ user network analyzing a bunch of known signatures and I'll tell you to go back to the drawing board and tell me why your first answer wasn't to invest in a competent enough staff to make you obsolete.
That auditing fee is chicken feed to huge corporations who have massive networks that require auditing. Foundstone isn't the kind of company that's going to provide a service for a Joe's Software Company with 10 employees. By the way, Foundstone does thorough audits, not just scanning your "network from outside to tell me where my vulnerabilkities lie without knowing my network already". Get a clue.
For every company to have an "in-house Foundstone" would be prohibitively expensive. Foundstone sells massive amounts of security experience to be applied to the job. You cannot just get that "in-house" for cheaper than what Foundstone offers. Also, Foundstone provides education services to help in-house people do a better job of analysis. Once again, you are clueless about Foundstone's business.
You, sir, are an idiot. Who moderated this rubbish up to 5?
Now, a pressing question is what about this is even news worthy? Slashdot is now helping rake a shop through the mud even though software piracy runs rampant in most businesses (especially those in the tech industry)? Are we now going to be subjected to stories like "company X accused of software piracy" where "company X" is any random org? Yes, "company X" probably has some pirated software floating around, but that doesn't mean they should get a slot on the front page. Besides, since when does the
I just heard some sad news on talk radio - Political/Tech/Sci-Fi writer Bruce Sterling was found dead in his Texas home this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss him - whether you agree with him or not [his article] makes for thought-provoking reading. Truly an American icon.
Bad Gollum: We're not gonna thank anyone, oh noo. Not you, not MTV, and not those pigs at WETA digital, or Peter Jackson my precious. Who do you think you are, you *BEEP*ng hack? Shame on you! Shame on you! Go f*BEEP* your self.
The line was "pixel-pushing pin-dicks at WETA Digital."
Bad Gollum: Frankly, nothing can compensate for the long hours and low pay and miserable experience we've had making this *BEEP*ing movie. And if you think *BEEP* you getting this top of gold popcorn is going to remotely make up for everything we've suffered, you're sadly *BEEP*ng mistaken. You're all bastards! MTV sucks! We hate you all!
It's "...this tub of golden popcorn...".
If you're going to post a transcript, at least try to get the good parts right.
That's awesome. I completely lost it at "those pixel pushing pin dicks at Weta Digital!"
The recirculation of Malcolm as icon during the late 1980s and 1990s got its biggest boost from the commercial marketplace, as retailers, publishers, and Hollywood cashed in on the popularity of hip-hop music and culture. And as Afrocentrism achieved respectability among black urban (and suburban) professionals, Malcolm's face and name became a central staple among the "Afro-Chic" products that made up their casual attire (see Afrocentricity).
The rush to purchase "X" paraphernalia affected not only African Americans but also suburban whites, Latinos, and Asian Americans fascinated with black youth cultures. Dubbed the "X" generation, ad agencies boldly marketed "X" products without even mentioning Malcolm. "Malcolmania" reached its high point with the release of Spike Lee's cinematic rendering of Malcolm's autobiography in 1992. Following Lee's lead, retailers sold millions of dollars worth of "X" caps, T-shirts, medallions, and posters emblazoned with Malcolm's name, body, or words.
Not surprisingly, the selling of Malcolm X in the 1990s generated pointed debate among African Americans. Some argued that marketing Malcolm undermined his message, while others insisted that the circulation of his image has prompted young people to search out his ideas. Some utilized his emphasis on black community development to support a new African American entrepreneurialism, while others insisted on seeing him as a radical democrat devoted to social justice. His anti-imperialism has dropped out of public memory, whereas his misogyny has been ignored by his supporters and spotlighted by his detractors.However these disputes evolve, it appears that Malcolm X's place in U.S. history, and in the collective memory of African Americans, is secure. Ironically, some of his centrality can be attributed to the mutability of his own viewpoint. Because his ideas were constantly being renewed and rethought during his short career, Malcolm has become a sort of tabula rasa, or blank slate, on which people of different positions can write their own interpretation of his politics and legacy. Chuck D of the rap group Public Enemy and Supreme Court Justice Clarence Thomas can both declare Malcolm X their hero. Truly an American icon.
Take the rescent Neverwinter Nights fiasco. It took Bioware forever to choose a platform to handle the graphics and even longer to choose one to handle the sound.
This has nothing to do with Linux being inferior in not compatible. Bioware made the mistake of choosing technologies that were not crossplatform with which to build their software. They used Fink for video and some other proprietary sound system for building NWN. Neither of which was ported to Linux and neither made the source code available to make a port possible. As a result, they had become dependent on technologies they had no control over. This was their stupidity, not a failure on the part of Linux.
If Bioware had used SDL and other open and portable technologies, they would be able to run on virtually any platform with minimal porting effort.
This is alagous to saying "I used to MFC to write my application instead of Qt (which exists on most GUI platforms today). As a result, it doesn't run on Linux because there is no MFC for Linux. I do not have the source for MFC and the vendor who supplies MFC will not port it. Ergo, Linux sucks."
That makes no fucking sense.
** Microsoft loads gun, aims at foot, and pulls trigger.
:-)
The net result of this is the reduced availability of Internet Explorer to end users and web developers.
As a web developer, if I cannot get access to a web browser, I am not going to develop for it. It's just that simple. Even now I only put minimal effort towards supporting IE when I author for the web.
Other people who actively try to support IE will probably be inhibited from getting IE7+ by high costs of whatever version of Windows will carry it in the future.
Thank you Microsoft, this is a big help.
A few months ago, I was considering a serious backup solution, but really didn't want to go with tape. So I went out and bought a Sony DVD+/-RW burner. I still have yet to really find a sweet-spot backup solution that can do incremental backups and other fun stuff. Are there any packages out there that will do it as easily as with tape?
There's always jokes about computer science students getting a "C" or "C++" on their course work.
This new langauge, interpreted int hat sense, is astonishingly appropriate for Microsoft.
(a fairy with high sex appeal)
So in otherwords, a "nymph".