M$ learned this lesson a long time ago, only chumps sell hardware.
Funny you'd put it in that light. When I worked for LSI I felt I had a secure job because nobody can pirate hardware, and at my current job I feel equally secure because of that same reason.
(No, emulation is not the same as hardware piracy. You can't emulate the physical functionality of a wireless card with software.)
I'd look in the case of my Dell if it didn't require me to unplug so I could lay it sideways on my desk, which of course comes after I've cleared my desk of two keyboards (yeah, too cheap to buy a DVI KVM), camcorder, camera accessories, optical media, cell phone accessories, books, mail, blah blah blah. But, I can easily gaze starry eyed through the plexi-glass wall inside my G5 and see those four thousand dollars at work. Whoever approved the vertically hinged Dell cases with the top and bottom buttons needs a lesson in practical hardware design.
Obviously the best course of action is to employ the Poser-Buster. Once the bad guys turn on their Poser-Buster-Buster then you move to phase two, the Poser-Buster-Buster-Buster. Heaven forbid they have a Poser-Buster-Buster-Buster-Buster...
I've been worried about the BIOS. One of the reasons that Apple gets things like Target Disk Mode, and I think the graphical BIOS level boot-loader, is because of Open FirmWare which lets devices provide their own drivers to the bios, rather than having them stored within the BIOS itself. I'm not 100% sure on how it all works, but I do know that no X86 BIOS has Target Disk Mode, which is *invaluable* when you're in a bind. I'm worried about losing that function...
You see people making movies about Converse shoes, people rapping about Surge soda, and doing all sorts of silly and creative things with their favorite products and the marketing department spins them up into revenue. In this case, yes, he got a bunch of boxes without paying for them and used them for an unintended purpose. Still, how much is this worth to their marketing department?? A hell of a lot more than they're going to get out of that guy if they sue him, I'll tell you that much. They should've had the marketing department spin it up, make a commercial about it, maybe even a whole ad campaign, and then they would've made a bunch of money without having to pay crazy costs to ad agencies to come up with some stupid idea like those Taco Bell commercials. It's free publicity, and the fact that they handed it off to the legal department is making it all bad publicity instead of good. Very bad choice on their part.
Maybe it's just me not knowing how to work slashcache, but only the first page of that article seems to work, and it has no technical information. All the links point off-site back to the cached archive, and their server isn't responding right now. I was hoping for a printable link with all the info on a single page, but alas it is not there... Anywhere else I can find this educational article which I will only be using for educational purposes?
Pretty much the same story here. I have two OS X systems and three Windows sytems on my desk right now, but to assume that I'm not a Linux user because there are no Linux desktops with which I surf slashdot is absurd. I have two different models of routers on my desk which use ucLinux, my T1 is routed through Redhat, my fileservers run Debian, I have an array of Linux livecd's for system recovery and other assorted tasks, etc.. None of those surf slashdot. In fact, I surf slashdot from one computer, and it's not running linux.
How about a poll to see who doesn't use linux, who does use linux, and who uses linux to surf slashdot?
I haven't seen either of the documentaries, but just reading your post I would have to agree with you. You have the principles of the matter sorted out well. Personally, I'd rather watch the move about cute, safe penguine life that allegedly does not matter, it seems so much more enriching.
I was going to say something along those lines. I don't know much about time, but the 6th item in the Wikipedia article linked to in the headline is is From Julian to Gregorian... So, yeah, the proof used to say that the Romans were the last people to mess with the calendar is actually proof otherwise.
I wish people would want to be correct rather than wanting to look smart. Not that I know that's what the article poster was doing, but... eh, well... that's getting way off topic.
Cheap and oudated? That't he w3c, dude. Wether it's doing the "right" thing becomes blurry when they're doing it, since they're the comparator of web standard rightness.
Cute. Fortunately I didn't have to count the errors, the validator did that for me. Here is the head of the output in textual form, since the lameness filter didn't like the HTML form:
File: Slashdot- News for nerds, stuff that matters.html
Encoding: utf-8
Doctype: HTML 3.2
Errors: 84
It's worth noting that the word "warning" was not even on the page that listed all of the errors, nor was the word "warn."
Yes, it gives you security through obscurity. Attacks that are susceptible to brute force can't really do much except that. That is why using an obscure password is better than using an obvious password. If you happen to know a quicker method than TCP connect scans for use against mass amounts of randomly selected targets then please, let us all know. You are correct that there are many different ways, but your presupposition that those other ways are quicker is surely wrong.
It's one thing to make typos in an IM, but it's another thing to make typos in a news article that thousands and thousands of people will be reading and even more, syndicating. Obviously things like correct facts and unbiased presentation of information is more important, and lack of them gives flamers more weight in their attacks than mere spelling mistakes, but incorrect spelling does hurt your rapport. Next time let your computer fix your mistakes for you; use the spell checker and have it learn words like "slashdotting" so future uses will be even more accurate.
I hadn't even heard of target disk mode until I got my powerbook, and now I frequently come across instances where I wish I had it for my PC's.
As for booting from USB and FiriWire, I know the new Dells have USB as an option on their F12 boot menu, and they'll show USB key drives as regular drives even when booting to older DOS prompts, like the Win98 CD.
In the case at hand that's just not true. It's no more false than using strong passwords. The added time it would take for a script to TCP connect scan every single port on an entire netblock or selection of random IP addresses does give you security. Assuming you are not restricting access based on IP#, nothing is 100% secure against a brute force attack and non-standard port usage is no exception, however, it is one more substancial hurdle for the attacker to clear. Hacking strong passwords as opposed to weak ones adds to the time it takes for a successful attack. Using nonstandard ports also adds to that time.
In the case where somebody is hand-crafting an attack against your box then yes, the use of non-standard ports would be a trivial hurdle.
I see these frequently on my Mac, and while I'm positive they'll never get in due to AllowUsers, it's incredibly irritating when my CPU starts heating up crunching encryption for long periods of time. That's usually how I realize what's going on, then I notice my CPU bar going steadily about 20% or so above usual usage, and my network bar with constant minimum traffic. Really, really irritating, and I honestly haven't got a good excuse for not switching to a non-standard port... In fact, I'll just do that right now. What would be awesome though is a counter-attack honey pot shell on my Mac. Then I could just let them have access and watch them go down.
Everybody else replying to this is like "But Windows Remote Desktop Connection is in WINDOWS! WAAAAH!!" as if you can't tunnel those through ssh from a linux box. They're ON. They DO allow you remote desktop connection. Yet they're still COMPLETELY secure... IF you do it right. I'm not worried at all.
Anybody using standard ports for their personal rig is asking for trouble.
Anybody who modded the parent insightful clearly missed his cynicism.
I can hear it now...
"Don't have a cool thousand dollars for a high end LCD TV?? Don't worry!! You can keep your old monitor and get a warm fuzzy feeling watching all your secure media content right within Windows(R) Longhorn(tm)!! And we DO mean fuzzy!!"
Even so, they call it the cloud for a reason, and that reason is that when a packet goes in to the cloud you can't tell where it's going because the route possibilities provided by router redundancy is seemingly infinite. If I can't dial 911 on my VOIP phone because my ISP is rebooting one router, or even several routers at once because of something like a power failure, I need a new ISP. Redundancy is there to provide alternate methods of service in critical situations. And if it truly is because of something ReallyBad(tm), I doubt I'll give a shit about the internet, and attempting communication would most likely be futile even with a land line.
Slashdot Mirror
(No, emulation is not the same as hardware piracy. You can't emulate the physical functionality of a wireless card with software.)
I'd look in the case of my Dell if it didn't require me to unplug so I could lay it sideways on my desk, which of course comes after I've cleared my desk of two keyboards (yeah, too cheap to buy a DVI KVM), camcorder, camera accessories, optical media, cell phone accessories, books, mail, blah blah blah. But, I can easily gaze starry eyed through the plexi-glass wall inside my G5 and see those four thousand dollars at work. Whoever approved the vertically hinged Dell cases with the top and bottom buttons needs a lesson in practical hardware design.
C'mon, that is way too mainstream and not very aesthetically dazzling. I'm sure they use an Applesaucer.
Obviously the best course of action is to employ the Poser-Buster. Once the bad guys turn on their Poser-Buster-Buster then you move to phase two, the Poser-Buster-Buster-Buster. Heaven forbid they have a Poser-Buster-Buster-Buster-Buster...
I've been worried about the BIOS. One of the reasons that Apple gets things like Target Disk Mode, and I think the graphical BIOS level boot-loader, is because of Open FirmWare which lets devices provide their own drivers to the bios, rather than having them stored within the BIOS itself. I'm not 100% sure on how it all works, but I do know that no X86 BIOS has Target Disk Mode, which is *invaluable* when you're in a bind. I'm worried about losing that function...
What's amazing to me is how the parent got modded redundant, but the 50 posts I saw asking "Did Apple know about this???" didn't.... Wonderful.
You see people making movies about Converse shoes, people rapping about Surge soda, and doing all sorts of silly and creative things with their favorite products and the marketing department spins them up into revenue. In this case, yes, he got a bunch of boxes without paying for them and used them for an unintended purpose. Still, how much is this worth to their marketing department?? A hell of a lot more than they're going to get out of that guy if they sue him, I'll tell you that much. They should've had the marketing department spin it up, make a commercial about it, maybe even a whole ad campaign, and then they would've made a bunch of money without having to pay crazy costs to ad agencies to come up with some stupid idea like those Taco Bell commercials. It's free publicity, and the fact that they handed it off to the legal department is making it all bad publicity instead of good. Very bad choice on their part.
Maybe it's just me not knowing how to work slashcache, but only the first page of that article seems to work, and it has no technical information. All the links point off-site back to the cached archive, and their server isn't responding right now. I was hoping for a printable link with all the info on a single page, but alas it is not there... Anywhere else I can find this educational article which I will only be using for educational purposes?
Pretty much the same story here. I have two OS X systems and three Windows sytems on my desk right now, but to assume that I'm not a Linux user because there are no Linux desktops with which I surf slashdot is absurd. I have two different models of routers on my desk which use ucLinux, my T1 is routed through Redhat, my fileservers run Debian, I have an array of Linux livecd's for system recovery and other assorted tasks, etc.. None of those surf slashdot. In fact, I surf slashdot from one computer, and it's not running linux.
How about a poll to see who doesn't use linux, who does use linux, and who uses linux to surf slashdot?
That's exactly what I was thinking. Sheesh, didn't they even consult the web admin to see what he thought? ...er, unless this is a PR stunt.
I haven't seen either of the documentaries, but just reading your post I would have to agree with you. You have the principles of the matter sorted out well. Personally, I'd rather watch the move about cute, safe penguine life that allegedly does not matter, it seems so much more enriching.
I was going to say something along those lines. I don't know much about time, but the 6th item in the Wikipedia article linked to in the headline is is From Julian to Gregorian... So, yeah, the proof used to say that the Romans were the last people to mess with the calendar is actually proof otherwise.
I wish people would want to be correct rather than wanting to look smart. Not that I know that's what the article poster was doing, but... eh, well... that's getting way off topic.
Cheap and oudated? That't he w3c, dude. Wether it's doing the "right" thing becomes blurry when they're doing it, since they're the comparator of web standard rightness.
It's worth noting that the word "warning" was not even on the page that listed all of the errors, nor was the word "warn."
They're so sure that they adhere to the standards they've blocked the w3c validator from validating their page.
That's ok. I saved the main page and uploaded it to the validator. Only 86 errors... no biggie...
Haha, man, that "smouldering ashes of your mail server" put the funniest picture in my mind. You just made my Monday a whole lot better. =D
Yes, it gives you security through obscurity. Attacks that are susceptible to brute force can't really do much except that. That is why using an obscure password is better than using an obvious password. If you happen to know a quicker method than TCP connect scans for use against mass amounts of randomly selected targets then please, let us all know. You are correct that there are many different ways, but your presupposition that those other ways are quicker is surely wrong.
It's one thing to make typos in an IM, but it's another thing to make typos in a news article that thousands and thousands of people will be reading and even more, syndicating. Obviously things like correct facts and unbiased presentation of information is more important, and lack of them gives flamers more weight in their attacks than mere spelling mistakes, but incorrect spelling does hurt your rapport. Next time let your computer fix your mistakes for you; use the spell checker and have it learn words like "slashdotting" so future uses will be even more accurate.
I hadn't even heard of target disk mode until I got my powerbook, and now I frequently come across instances where I wish I had it for my PC's.
As for booting from USB and FiriWire, I know the new Dells have USB as an option on their F12 boot menu, and they'll show USB key drives as regular drives even when booting to older DOS prompts, like the Win98 CD.
In the case at hand that's just not true. It's no more false than using strong passwords. The added time it would take for a script to TCP connect scan every single port on an entire netblock or selection of random IP addresses does give you security. Assuming you are not restricting access based on IP#, nothing is 100% secure against a brute force attack and non-standard port usage is no exception, however, it is one more substancial hurdle for the attacker to clear. Hacking strong passwords as opposed to weak ones adds to the time it takes for a successful attack. Using nonstandard ports also adds to that time.
In the case where somebody is hand-crafting an attack against your box then yes, the use of non-standard ports would be a trivial hurdle.
I see these frequently on my Mac, and while I'm positive they'll never get in due to AllowUsers, it's incredibly irritating when my CPU starts heating up crunching encryption for long periods of time. That's usually how I realize what's going on, then I notice my CPU bar going steadily about 20% or so above usual usage, and my network bar with constant minimum traffic. Really, really irritating, and I honestly haven't got a good excuse for not switching to a non-standard port... In fact, I'll just do that right now. What would be awesome though is a counter-attack honey pot shell on my Mac. Then I could just let them have access and watch them go down.
Everybody else replying to this is like "But Windows Remote Desktop Connection is in WINDOWS! WAAAAH!!" as if you can't tunnel those through ssh from a linux box. They're ON. They DO allow you remote desktop connection. Yet they're still COMPLETELY secure... IF you do it right. I'm not worried at all.
Anybody using standard ports for their personal rig is asking for trouble.
Anybody who modded the parent insightful clearly missed his cynicism.
I can hear it now... "Don't have a cool thousand dollars for a high end LCD TV?? Don't worry!! You can keep your old monitor and get a warm fuzzy feeling watching all your secure media content right within Windows(R) Longhorn(tm)!! And we DO mean fuzzy!!"
Even so, they call it the cloud for a reason, and that reason is that when a packet goes in to the cloud you can't tell where it's going because the route possibilities provided by router redundancy is seemingly infinite. If I can't dial 911 on my VOIP phone because my ISP is rebooting one router, or even several routers at once because of something like a power failure, I need a new ISP. Redundancy is there to provide alternate methods of service in critical situations. And if it truly is because of something ReallyBad(tm), I doubt I'll give a shit about the internet, and attempting communication would most likely be futile even with a land line.
No, I got it. But actually, I wouldn't be surprised if I hadn't because nobody has gotten any of my jokes today.