Good luck on getting a root or intermediate CA certificate.
Most root CAs (at least the ones that are found in browsers' CA list) charge a fortune to let an ISP have an intermediate CA certificate that can signoff additional client CA certificates.
Plus, business sense forces the buyer of intermediate CA certificate to recoup the exhorbitant cost by charging all those who wants to have their CA tied to the intermediate CA server.
Not worth it. Just go self-signing and distribute the trusted root to the customer. A lot cheaper (its free).
I said "blind and deaf." And yet, you must have read it as "blind or deaf."
They are in essence, still deaf, and in need of assistance with telephone communication efforts.
I truly hope you don't work in the programming field for a mission critical systems, particularly of critical logic decision making (gosh, we lost so many space missions, ships, airplane, and cars to this kind of simple mistakes).
Ok... when are you going to fix the nearly 2-year old Linux Security Module (LSM)'s security vulnerability for inserting malicious kernel modules (aka virus or trojans)?
So, I'm thinking that these "sky-is-falling" guys that have been ranting, raving and waving red flags over at GRSecurity, RSBAC are starting to have a solid valid point on the inherent weakness of the LSM model.
I truly hope this is not the beginning of open season for Linux-virus/trojans.
As a vulnerability analyst, your computers will be dead quicker on the basis of your "sludge" statement than ANY of my computers in my server room would first fails (HW or SW).
I wouldn't throw ActiveX as far as I can see. It is the favorite of crackers and is considered by many in the IT security industry as inherently "dangerous regardless of settings."
So, I simply kill off ActiveX (aka use another OS flavor) so that I wouldn't have to "keep my enemy closer.".
As for non-IE plugins, at least, the end-user has control with its selection.
A bad non-IE plugin will get reputated off the plugin list. A bad IE plugin is stuck with you forever (despite the repeated and failed patching).
Good Luck on your high-risk endeavors, Dr. Xym.
Valve Server Down Until Further Notice
on
Steam Users Steamed
·
· Score: 2, Funny
SP LiveWire - Phoenix, AZ, USA.
Responding to 10,000 gamers complaining of non-access to game servers, the Maricopa County Sheriff Department investigated a break-in at the Valve DataCentre near Phoenix, AZ. The grisly finding by the deputies prompted them to call in the FBI Anti-terrorist Strike Force.
FBI ATSF raided the remaining part of SteamPowered computer control room and its server room. All the big fat system administrators were found passed out and lying about with excessive amount of twinkie wrappers strewed about.
FBI ASF spokesman, J. Edgar Hoover, III, reported that 5 kiddie terrorists, claded in black bulletproof body armor, were videotaped as storming the Valve lobby. FBI Counter-Strike Computer Task Force (CSCT) sergeant reported that the DRM were disabled so that only hacked CS can play.
It is not known how the SAs were force-fed the trademarked sugar snack or how they passed out in a "Half-Life" state without incurring any mortal injuries.
No groups has step forward to claim responsibility.
Imagine a cluster-fuck of freeloaders making nearly dirtcheap phone calls from restaurants, sidewalk cafes, coffeehouses anywhere in the world?
Those businesses are sure gonna be making mucho-dinero on the WiFi side (not to mention their regular business as well.)
A great way to simulate the local economy as well. We all know we need more of that, but the cellphone infrastructure-oriented industry vows not to see this happened.
That WiFi-VoIp shall flourish, unless the wireless industry (cellphone-oriented, that is) ogre is going to squash the baby ugly duckling and grind its bones (thru legislation, cheaper business model or dinosaurs-extinction) before WiFi-VoIP gets a chance to emerges into a beautiful swan.
I, for one, welcome the UMA/WiFi-VoIP cellphone overlord (and I hope its FCC chairman).
Noticed that I intentionally left out the following step:
5. Ask for paperless statements from finacial and insurance institutions.
I discourage this step because there are a good number of these institutions still sending these statement by unsecured SMTP protocol (email for the uninitiated).
Those information will get replicated (whether you wanted them to or not) on and by various mail servers configured to do so. And stored eventually on recordable medias.
Such recordable medias are but not limited to:
1. The sender's "Send" folder 2. The sender's MTA recorder (SarBox and HIPAA requires that) 3. The mail relay's recorder (if any) 4. hackers' sniffing the pipes 5. The receiver's ISP mail queue 6. The receiver's corporate mail queue (SarBox/HIPAA) 7. The receiver's hard drive (easy to lift with Google Search Box)
God knows what kind of institution DOESN'T practice individual privacy preservation on these recorded medias.
Lets count the times that an identity theft occurred NOT by your close ones (relatives, neighbors, friends).
28% is on-line 39% is off-line by strangers (78%/2) equals 67% by strangers.
So, 1/3 of the ID theft is by someone you know. 2/3 is strangers.
Tips to safeguard yourselves:
1. Look in your wallet/purse and remove SSN# from all ID cards
a) Medical card
b) Dental card
c) Old-man fraternity lodge
d) Military ID
e) and yes, your state drivers license (in dumb states only)
You can verbally give your SSN# to the cop/doctor/guard if and when you get challenged. And no, you won't be fined for tampering with the license. Three Federal Statues will protect you on this formerly malicious act (IANAL, but I did it).
2. Use shredders on the following containing account numbers, ID# or SSN#
a) bank statements
b) loan offers
c) utility bills
d) FAXes
e) virtually anything with your SSN# (and account #)
3. Perform lockout of your credit history. It is free to do. $10 to unlock it (how often do you apply for credits?)
4. Religiously apply for opt-out with insurance and financial institutions for your rights on Privacy Act. This hopefully eliminates sharing of your information.
Above steps goes a LONG WAY to drastically minimizing your vulnerability level and will go to bolstering your legal case against the identity theives, if and when, they get caught.
X10 wireline protocol has its shortcoming when one uses in a dual-phase household (two sets of 112-120VAC in alternate AC phases). It mandates installing a capacitor to act as a bridge.
Otherwise, one would have to have dual controller segment throughout the house.
It only takes two pieces of information about you to make a profile.
It may not be the profile you're thinking about but it surely is enough to peddle that über-information superdatabase to other poor info-starved marketers who will pay a pretty pence for a vector-data about you.
I'll leave it to you to guess what Google can do to muster up an amazing workups about your profile.
Now the harder part is keeping it away from those "giant sucking sound."
(Sorry, Olivia Newton-John, but) I'd say "Let's get Physical!"
I'm one sorry chap who experienced the following physical-related security issues.
1. Toddler sticking a penny/pence into the CD slot. Shattered CD, anyone? Put the toddler in the closet???
2. Bumping coffee, not only soaking the keyboard, but dripping in between the kitchen table crack (where the extra table leaf is stored) and onto the uncovered PC box below. Now its a coffee-cup holder off of my swivel chair's arm.
3. Flooding of basement; the site of a vanilla box half-submerged with all your data (AAAAAURGH!). Rack-em high.
4. Dropping a all sorts of tools into the uncovered PC box. Five to be exact, what's a hardware tweaker to do? I'd still leave the cover off anyway. Just placed further higher up.
5. Windows XP installation hosing the MBR to my LILO/GRUB sector. This one really smarts. I've gone Linux-based VMWARE instead and jailed that F*CKIN' Windows partitions.
6. Tripping over the power cord to my MAIN MAN (server, that is), resulting in unrepairable EXT2 data corruption (this is before the days of journaling yore, known as EXT3). Now, we have EXT3 and a power strip placed at 6' level.
7. Kid downloading free gameware (covertly loaded with SPYWARES!!!). Evicted the kid.
8. Get some freaky unexplained reboot issues (actually caused by living next to a Weather Radar tower honing into my overclocked PC). (Live on an upward hill) Fixed that by keeping the PC cover on. Later, moved away (the smarter move).
Nowaday, I avoid all of the above with a patented 15x20' office space out in my garage, in a non-flood zone, locked, naturally-lined with aluminum-foiled insulation and tripled pin-holed web-cam survellianced at undisclosed vector-point location.
System failures after software updates....not so much.
Anytime you deal with a consumer product with intent for massive deployment (i.e. DSL modem, Wireless Access Point router, cable [modem|set-top] box), test group's foremost priority is failsafe.
One dead-box or firmware vulnerability incident (impacting MANY MORE end-units) would be considered ultimately unacceptable and have been known to threaten the reputation of that company's entire product line, not to mention that company's reputation and financial bottomline.
Unfortunately, QA is not "the" highly recognized or reverent profession that it should be, ESPECIALLY when consumer product is being used for and by the uninitiated, untrained, and illiterate end-users. As for management not leaning on QA to protect their product line, I defer to Clubber Lang, "I pity the fool.")
Shut up, Fool Buck up. Don't be a crud. Be an engineer that we all espoused to be. Attain the "Right Stuff."
Slashdot Mirror
Beat the "dead horse"....some more.....not quite finish... ... yet .. ....hold on......just a sec....I'm not quite done yet..(gasp, wheeze, wheeze).......
... no, wait... Re-Animators!
And (wheeze) they must'a (gasp wheeze) call these career lobbyists...fat cats
'caused "it died, twice."
Good luck on getting a root or intermediate CA certificate.
Most root CAs (at least the ones that are found in browsers' CA list) charge a fortune to let an ISP have an intermediate CA certificate that can signoff additional client CA certificates.
Plus, business sense forces the buyer of intermediate CA certificate to recoup the exhorbitant cost by charging all those who wants to have their CA tied to the intermediate CA server.
Not worth it. Just go self-signing and distribute the trusted root to the customer. A lot cheaper (its free).
A real live person to send LSM vulnerability reports to.
WHAT? Are you blind?
I said "blind and deaf." And yet, you must have read it as "blind or deaf."
They are in essence, still deaf, and in need of assistance with telephone communication efforts.
I truly hope you don't work in the programming field for a mission critical systems, particularly of critical logic decision making (gosh, we lost so many space missions, ships, airplane, and cars to this kind of simple mistakes).
(sigh) Dang Slashdot newbies.
45.5 is used by Naval Baudot Teletype. Just think of those old jolly green giant teletype that sat banging out papers noisely.
It is also used predominately today by blind and deaf telephone users.
Ok... when are you going to fix the nearly 2-year old Linux Security Module (LSM)'s security vulnerability for inserting malicious kernel modules (aka virus or trojans)?
So, I'm thinking that these "sky-is-falling" guys that have been ranting, raving and waving red flags over at GRSecurity, RSBAC are starting to have a solid valid point on the inherent weakness of the LSM model.
I truly hope this is not the beginning of open season for Linux-virus/trojans.
Ah? Hmmmmm? Welll?
But there sure are boatful of "bloat"-ware galores!!!
With regard to forcing their spiteful employees using their own products, KaZaa ain't no preacher for the general populace.
As a vulnerability analyst, your computers will be dead quicker on the basis of your "sludge" statement than ANY of my computers in my server room would first fails (HW or SW).
I wouldn't throw ActiveX as far as I can see. It is the favorite of crackers and is considered by many in the IT security industry as inherently "dangerous regardless of settings."
So, I simply kill off ActiveX (aka use another OS flavor) so that I wouldn't have to "keep my enemy closer.".
As for non-IE plugins, at least, the end-user has control with its selection.
A bad non-IE plugin will get reputated off the plugin list. A bad IE plugin is stuck with you forever (despite the repeated and failed patching).
Good Luck on your high-risk endeavors, Dr. Xym.
SP LiveWire - Phoenix, AZ, USA.
Responding to 10,000 gamers complaining of non-access to game servers, the Maricopa County Sheriff Department investigated a break-in at the Valve DataCentre near Phoenix, AZ. The grisly finding by the deputies prompted them to call in the FBI Anti-terrorist Strike Force.
FBI ATSF raided the remaining part of SteamPowered computer control room and its server room. All the big fat system administrators were found passed out and lying about with excessive amount of twinkie wrappers strewed about.
FBI ASF spokesman, J. Edgar Hoover, III, reported that 5 kiddie terrorists, claded in black bulletproof body armor, were videotaped as storming the Valve lobby. FBI Counter-Strike Computer Task Force (CSCT) sergeant reported that the DRM were disabled so that only hacked CS can play.
It is not known how the SAs were force-fed the trademarked sugar snack or how they passed out in a "Half-Life" state without incurring any mortal injuries.
No groups has step forward to claim responsibility.
Does this qualifies us as naturally p0rn addicts... for the rest of us, ./'ers?
WOW! GPRS/GSM with WiFi feature really works!
Imagine a cluster-fuck of freeloaders making nearly dirtcheap phone calls from restaurants, sidewalk cafes, coffeehouses anywhere in the world?
Those businesses are sure gonna be making mucho-dinero on the WiFi side (not to mention their regular business as well.)
A great way to simulate the local economy as well. We all know we need more of that, but the cellphone infrastructure-oriented industry vows not to see this happened.
That WiFi-VoIp shall flourish, unless the wireless industry (cellphone-oriented, that is) ogre is going to squash the baby ugly duckling and grind its bones (thru legislation, cheaper business model or dinosaurs-extinction) before WiFi-VoIP gets a chance to emerges into a beautiful swan.
I, for one, welcome the UMA/WiFi-VoIP cellphone overlord (and I hope its FCC chairman).
Are we now talking about Georgi of Star Trek?
For a rabid Linux hacker, it is easy to bust that CAP by downloading DISTROs after DISTROs not to mention package updates after updates.
Try Gentoo Distro for starter.
Noticed that I intentionally left out the following step:
5. Ask for paperless statements from finacial and insurance institutions.
I discourage this step because there are a good number of these institutions still sending these statement by unsecured SMTP protocol (email for the uninitiated).
Those information will get replicated (whether you wanted them to or not) on and by various mail servers configured to do so. And stored eventually on recordable medias.
Such recordable medias are but not limited to:
1. The sender's "Send" folder
2. The sender's MTA recorder (SarBox and HIPAA requires that)
3. The mail relay's recorder (if any)
4. hackers' sniffing the pipes
5. The receiver's ISP mail queue
6. The receiver's corporate mail queue (SarBox/HIPAA)
7. The receiver's hard drive (easy to lift with Google Search Box)
God knows what kind of institution DOESN'T practice individual privacy preservation on these recorded medias.
Most of the financial and insurance institutions who implement paperless statements send it UNENCRYPTED over SMTP protocol.
DON'T DO THIS STEP.
Only extract the statement from the institutions' secured web pages.
Lets count the times that an identity theft occurred NOT by your close ones (relatives, neighbors, friends).
28% is on-line
39% is off-line by strangers (78%/2)
equals
67% by strangers.
So, 1/3 of the ID theft is by someone you know. 2/3 is strangers.
Tips to safeguard yourselves:
1. Look in your wallet/purse and remove SSN# from all ID cards
a) Medical card
b) Dental card
c) Old-man fraternity lodge
d) Military ID
e) and yes, your state drivers license (in dumb states only)
You can verbally give your SSN# to the cop/doctor/guard if and when you get challenged. And no, you won't be fined for tampering with the license. Three Federal Statues will protect you on this formerly malicious act (IANAL, but I did it).
2. Use shredders on the following containing account numbers, ID# or SSN#
a) bank statements
b) loan offers
c) utility bills
d) FAXes
e) virtually anything with your SSN# (and account #)
3. Perform lockout of your credit history. It is free to do. $10 to unlock it (how often do you apply for credits?)
4. Religiously apply for opt-out with insurance and financial institutions for your rights on Privacy Act. This hopefully eliminates sharing of your information.
Above steps goes a LONG WAY to drastically minimizing your vulnerability level and will go to bolstering your legal case against the identity theives, if and when, they get caught.
Carpa Diem!
True AV and AT (anti-trojan) SW engineers uses VMWARE for their studies and dissemination of malacious flotsam of codes floating around the internet.
But the article is "A Good Thing" because it shows EITHER that Wine isn't 100% Microcrap or is more robust against viruses.
Take your pick.
I, for one, welcome the ZigBee overlord.
X10 wireline protocol has its shortcoming when one uses in a dual-phase household (two sets of 112-120VAC in alternate AC phases). It mandates installing a capacitor to act as a bridge.
Otherwise, one would have to have dual controller segment throughout the house.
Which one will it be the first to procure the secured operating system?
IEEE BOSS
or
Coyote OS
My money is on Coyote.
It only takes two pieces of information about you to make a profile.
It may not be the profile you're thinking about but it surely is enough to peddle that über-information superdatabase to other poor info-starved marketers who will pay a pretty pence for a vector-data about you.
I'll leave it to you to guess what Google can do to muster up an amazing workups about your profile.
Now the harder part is keeping it away from those "giant sucking sound."
(Sorry, Olivia Newton-John, but) I'd say "Let's get Physical!"
I'm one sorry chap who experienced the following physical-related security issues.
1. Toddler sticking a penny/pence into the CD slot. Shattered CD, anyone? Put the toddler in the closet???
2. Bumping coffee, not only soaking the keyboard, but dripping in between the kitchen table crack (where the extra table leaf is stored) and onto the uncovered PC box below. Now its a coffee-cup holder off of my swivel chair's arm.
3. Flooding of basement; the site of a vanilla box half-submerged with all your data (AAAAAURGH!). Rack-em high.
4. Dropping a all sorts of tools into the uncovered PC box. Five to be exact, what's a hardware tweaker to do? I'd still leave the cover off anyway. Just placed further higher up.
5. Windows XP installation hosing the MBR to my LILO/GRUB sector. This one really smarts. I've gone Linux-based VMWARE instead and jailed that F*CKIN' Windows partitions.
6. Tripping over the power cord to my MAIN MAN (server, that is), resulting in unrepairable EXT2 data corruption (this is before the days of journaling yore, known as EXT3). Now, we have EXT3 and a power strip placed at 6' level.
7. Kid downloading free gameware (covertly loaded with SPYWARES!!!). Evicted the kid.
8. Get some freaky unexplained reboot issues (actually caused by living next to a Weather Radar tower honing into my overclocked PC). (Live on an upward hill) Fixed that by keeping the PC cover on. Later, moved away (the smarter move).
Nowaday, I avoid all of the above with a patented 15x20' office space out in my garage, in a non-flood zone, locked, naturally-lined with aluminum-foiled insulation and tripled pin-holed web-cam survellianced at undisclosed vector-point location.
Sheesh!
A typical Space router's store-n-forward protocols to choose from:
1. ZMODEM over LLC
2. TTCP over X.28
3. ATM over Psuedo-space-wire
4. Novell over IPX
Never underestimate the bandwidth power of a space shuttle carrying 20,000 DVD-Rs.
Why bother segregating and interrograting?
Anytime you deal with a consumer product with intent for massive deployment (i.e. DSL modem, Wireless Access Point router, cable [modem|set-top] box), test group's foremost priority is failsafe.
One dead-box or firmware vulnerability incident (impacting MANY MORE end-units) would be considered ultimately unacceptable and have been known to threaten the reputation of that company's entire product line, not to mention that company's reputation and financial bottomline.
Unfortunately, QA is not "the" highly recognized or reverent profession that it should be, ESPECIALLY when consumer product is being used for and by the uninitiated, untrained, and illiterate end-users. As for management not leaning on QA to protect their product line, I defer to Clubber Lang, "I pity the fool.")
Shut up, Fool Buck up. Don't be a crud. Be an engineer that we all espoused to be. Attain the "Right Stuff."