If you've been involved in projects that are demonstrated to the fawning public and press when they are still smoke and mirrors I can see why you are posting as AC. But why don't you use your AC status to help protect the public as well as your own ass, and tell us what company it was so we can all avoid them.
IOS (arguably a much more immature product when demonstrated) gave the illusion of being ready for consumers.
Not really. I distinctly remember Jobs nonchalantly handing off a crashed phone for another one and making it look like a planned event. He fooled no one. The press called it out, (but of course let it slide), because it was Jobs after all.
No, you only see Almost ready products in public demos, never flaming disasters carefully masked. Most engineers worth their salt wouldn't even show pre-alpha products to management.
Its also a testament about demonstrating something way before it was ready. A specific sequence of events that had to occur in a given order to prevent it crashing? Really? Send your most visible exec out with total crap in his hands?
Couldn't they just wait till it actually worked? Its not like anyone was racing them to market in those days.
Keep in mind that if they decide your node IS worthy of being attacked, you won't have the resources to defend against every known and currently-unknown exploit, so you should assume you've already been compromised and mitigate accordingly.
If they think your node is worthy of attack, even a moderate defense will simply cause them to take it down or busy it up, such that users of interest move to another node.
He is worried that the assessments themselves will be very expensive. It is not the specialized classes that would cost extra, but the assessment that determines which classes to take make be more thorough if you can spend money for private testing. I am not commenting on whether I agree with him, but that is his contention.
Yes, and he is worried that there will spring up an entire industry, whose focused on keeping these assessments proprietary, and expensive, when exactly the opposite is called for.
The assessments should be generalized and packaged so that they can be administered by teachers, evaluated by computer, with follow up by counselors. Perhaps some retraining of school counselors, and teachers, is going to be necessary, but that is far cheaper than $30k evaluation sessions per child.
To be fair, they tell you nothing about setting up a home SMTP server, they merely show you how to get your Plushnet mail forwarded to your server after you get it set up. You are on your own as far as getting Postfix or Sendmail up and running.
But at least they are ahead of the game here compared to most US broadband providers.
To bounce back on topic, it is precisely inexpensive consumer devices such as the Raspberry Pi solution discussed and similar very small "wall wart" style computers that can come loaded with everything you need to run a web server, email server, VOIP and VPNs out of the box, after just entering some very basic information. Not much more complex than setting up your cell phone.
Like you, I suspect most users wouldn't want to put up with the Spam, Spam filtering with Spamassassin seems pretty solid, but it is the single biggest consumer of CPU and bandwidth on my home server. (But on the other hand if you pop your mail off of something like Google, directly into your own MDA you bypass most of the spam.)
But for the family photo album, or blogs or messaging, voip, video chat, the types of devices proposed in TFA could become quite popular. Who knows, Maybe Jabber will have a resurgence!
Actually some game engines don't chew up that much data when running as a server. We routinely run a small FPS game engine at night because we don't need the bandwidth in the evening.
There seem to always be 4 to 8 people rocketing away in there after 7pm.
You could host your own website or blog on your home service and never miss the bandwidth. So assuming you weren't going to disconnect your home Internet, all for the price of zero dollars per year. You could host your family photos an pithy blog on a wall wart sized appliance.
Till your ISP steps in. Too many ISPs forbid this for no rational reason.
I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"
This is true, their TOS generally forbid any services (listening ports for inbound connections) which pretty much means you can't host web servers or email servers. They actively scan for these, and contact you if they find them.
Yet, oddly they want to open a public wifi access point on every customer's cable drop so that their customers can have mobile wifi on mobile devices everywhere.
no, based on peer review. with these revelations by the NSA, there has been an even higher level of scrutiny has been out on SELinux. a much more likely vector of attack would be through companies that only distribute binary blobs for their hardware.
Really? I'd love to know who exactly has started a new peer review of SELinux, because I haven't heard of anything new.
While WHAT SELinux does is well understood, and clearly visible in the source code, and contains no opaque structures or code, we can't know for sure that it wasn't engineered to allow some security flaws that were already in place. In other words, most people agree it doesn't add new exploits, but it may in fact leave some intentionally un-closed.
The types of things SELinux controls are far ranging, including which programs and utilities can talk on the net, access data, right down to the inode level. Its been embedded in the kernel since 2.6, sometime after the SELinux release in 2009. But That was well within the NSA's age of evil empire if you ask me.
On the other hand, publishing nonsense can quickly be modded troll, if the journals have such a mechanize in place.
Moderating by scientists in the field seems better than letting some gatekeeper decide which new ideas get to see the light of day, and which get deep sixed simply because they are unpopular points of view at the moment.
How much actual damage can be done by publishing rubbish? (Its a serious question, because I don't pretend to know the answer). Aren't all results subject to verification by peers anyway?
It sounds like what he means is that anyone who wants to hide their data can just turn off their GPS, so you get a bunch of data about people who don't care that someone could know their location. The types of info that have "operational value" are usually the ones that users aren't aware that the NSA can get.
Sounds to me that they didn't have to try to use their own methods of obtaining location data because every single carrier in the country will hand it over as so called meta-data. The carriers know pretty much where you are even if you turn off GPS, and its close enough for NSA purposes. They just want to be able to know if Bad-Guy A is meeting with Bad-Guy B, or if either of them just went to the Fertilizer Dealer.
So rather than waste time asking for the locations data when they need it, they just get all of it all the time on everyone.
Not exactly true. Otherwise, posting any picture on the net would be illegal. Its almost impossible to take a picture in any city and not have at least one person appear in it.
There is only an expectation of a release if your photo will be used as an endorsement or an advertisement. I've appeared in hundreds of news photos, sports photos (due to having great seats close to the action).
I appear on several people's facebook pages even though I have no facebook account. If you step outside your home, you are fair game.
The article suggests it was a "Distributed attack"
the victim of the attack is remaining in the shadows, not wanting to be publicly identified. The target Website is protected by cloud security vendor Incapsula, which was able to withstand the massive distributed denial-of-service (DDoS) attack and keep the targeted Website up and running. which means it must have bounced off of some botnet used some means of amplifying the attack and make it appear to come from different targets. Had it not been so, they would know exactly where it came from.
Perhaps judging from the number of different sources, and the type of packets, they can calculate the number of control packets needed. If they know it required a one-for-one ratio of control packets to target packets, that is what they mean by un-amplified. But it doesn't mean they came via the same route.
The less noobs like yourself that use it, the less of a target the OS will be..
Hmmm, that sounds the the Bill Gates theory of OS vulnerability. Popular OSs get broken into not because they are vulnerable but just because they are popular.
I would have thought someone using FreeBSD would have a more enlightened understanding of security, and what makes one OS a target and another a brick wall.
You ALWAYS had the ability to go into the market place and buy private insurance. Now you will have a government mandated and controlled market of cheesy policies. It will be run like every other government program (a huge fiasco and money sucking disaster) and more/most insurers will drop out due to government meddling.
It amazes me that anyone can believe government does anything well in this day and age.
Slashdot Mirror
If you've been involved in projects that are demonstrated to the fawning public and press when they are still smoke and mirrors I can see why you are posting as AC. But why don't you use your AC status to help protect the public as well as your own ass, and tell us what company it was so we can all avoid them.
And they didn't learn from their failures, and did it again in 2010:
http://www.youtube.com/watch?v=znxQOPFg2mo
IOS (arguably a much more immature product when demonstrated) gave the illusion of being ready for consumers.
Not really. I distinctly remember Jobs nonchalantly handing off a crashed phone for another one and making it look
like a planned event. He fooled no one. The press called it out, (but of course let it slide), because it was Jobs after all.
No, you only see Almost ready products in public demos, never flaming disasters carefully masked.
Most engineers worth their salt wouldn't even show pre-alpha products to management.
Its also a testament about demonstrating something way before it was ready. A specific sequence of events that had to occur in a given order to prevent it crashing? Really? Send your most visible exec out with total crap in his hands?
Couldn't they just wait till it actually worked? Its not like anyone was racing them to market in those days.
Keep in mind that if they decide your node IS worthy of being attacked, you won't have the resources to defend against every known and currently-unknown exploit, so you should assume you've already been compromised and mitigate accordingly.
If they think your node is worthy of attack, even a moderate defense will simply cause them to take it down or busy it up, such that users of interest move to another node.
He is worried that the assessments themselves will be very expensive. It is not the specialized classes that would cost extra, but the assessment that determines which classes to take make be more thorough if you can spend money for private testing. I am not commenting on whether I agree with him, but that is his contention.
Yes, and he is worried that there will spring up an entire industry, whose focused on keeping these assessments proprietary, and expensive, when exactly the opposite is called for.
The assessments should be generalized and packaged so that they can be administered by teachers, evaluated by computer, with follow up by counselors.
Perhaps some retraining of school counselors, and teachers, is going to be necessary, but that is far cheaper than $30k evaluation sessions per child.
My ISP (Plusnet) is a division of the old state monopoly (BT), and they even have a page on how to set up a home email server: http://www.plus.net/support/email/smtp_mail.shtml [plus.net]
To be fair, they tell you nothing about setting up a home SMTP server, they merely show you how to get your Plushnet mail forwarded to your server after you get it set up. You are on your own as far as getting Postfix or Sendmail up and running.
But at least they are ahead of the game here compared to most US broadband providers.
To bounce back on topic, it is precisely inexpensive consumer devices such as the Raspberry Pi solution discussed and similar very small "wall wart" style computers that can come loaded with everything you need to run a web server, email server, VOIP and VPNs out of the box, after just entering some very basic information. Not much more complex than setting up your cell phone.
Like you, I suspect most users wouldn't want to put up with the Spam, Spam filtering with Spamassassin seems pretty solid, but it is the single biggest consumer of CPU and bandwidth on my home server. (But on the other hand if you pop your mail off of something like Google, directly into your own MDA you bypass most of the spam.)
But for the family photo album, or blogs or messaging, voip, video chat, the types of devices proposed in TFA could become quite popular. Who knows, Maybe Jabber will have a resurgence!
Actually some game engines don't chew up that much data when running as a server. We routinely run a small FPS game engine at night because we don't need the bandwidth in the evening.
There seem to always be 4 to 8 people rocketing away in there after 7pm.
You could host your own website or blog on your home service and never miss the bandwidth.
So assuming you weren't going to disconnect your home Internet, all for the price of zero dollars per year.
You could host your family photos an pithy blog on a wall wart sized appliance.
Till your ISP steps in. Too many ISPs forbid this for no rational reason.
I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"
This is true, their TOS generally forbid any services (listening ports for inbound connections) which pretty much means you can't host web servers or email servers. They actively scan for these, and contact you if they find them.
Yet, oddly they want to open a public wifi access point on every customer's cable drop so that their customers can have mobile wifi on mobile devices everywhere.
Seems sort of odd.
which always begin with 37.
no, based on peer review. with these revelations by the NSA, there has been an even higher level of scrutiny has been out on SELinux. a much more likely vector of attack would be through companies that only distribute binary blobs for their hardware.
Really? I'd love to know who exactly has started a new peer review of SELinux, because I haven't heard of anything new.
While WHAT SELinux does is well understood, and clearly visible in the source code, and contains no opaque structures or code, we can't know for sure that it wasn't engineered to allow some security flaws that were already in place. In other words, most people agree it doesn't add new exploits, but it may in fact leave some intentionally un-closed.
The types of things SELinux controls are far ranging, including which programs and utilities can talk on the net, access data, right down to the inode level. Its been embedded in the kernel since 2.6, sometime after the SELinux release in 2009. But That was well within the NSA's age of evil empire if you ask me.
On the other hand, publishing nonsense can quickly be modded troll, if the journals have such a mechanize in place.
Moderating by scientists in the field seems better than letting some gatekeeper decide which new ideas get to see the light of day, and which get deep sixed simply because they are unpopular points of view at the moment.
How much actual damage can be done by publishing rubbish? (Its a serious question, because I don't pretend to know the answer).
Aren't all results subject to verification by peers anyway?
Isn't the point of open access journals to let the Science world decide if the papers are any good rather than some gatekeeper?
How bout one you take yourself and send via a public network to someone else with no contractual agreement in place.
Because that's what's happening here.
It sounds like what he means is that anyone who wants to hide their data can just turn off their GPS, so you get a bunch of data about people who don't care that someone could know their location. The types of info that have "operational value" are usually the ones that users aren't aware that the NSA can get.
Sounds to me that they didn't have to try to use their own methods of obtaining location data because every single carrier in the country will hand it over as so called meta-data. The carriers know pretty much where you are even if you turn off GPS, and its close enough for NSA purposes.
They just want to be able to know if Bad-Guy A is meeting with Bad-Guy B, or if either of them just went to the Fertilizer Dealer.
So rather than waste time asking for the locations data when they need it, they just get all of it all the time on everyone.
Please cite the statute that says that.
Where is primary subject defined?
I call BS.
Not exactly true. Otherwise, posting any picture on the net would be illegal.
Its almost impossible to take a picture in any city and not have at least one person appear in it.
There is only an expectation of a release if your photo will be used as an endorsement or an advertisement.
I've appeared in hundreds of news photos, sports photos (due to having great seats close to the action).
I appear on several people's facebook pages even though I have no facebook account. If you step outside
your home, you are fair game.
Well that's what I thought, but he said he installed 9.2, and was complain it was slow.
I didn't find 9.2 to be slow at all.
The article suggests it was a "Distributed attack"
the victim of the attack is remaining in the shadows, not wanting to be publicly identified. The target Website is protected by cloud security vendor Incapsula, which was able to withstand the massive distributed denial-of-service (DDoS) attack and keep the targeted Website up and running.
which means it must have bounced off of some botnet used some means of amplifying the attack and make it appear to come from different targets. Had it not been so, they would know exactly where it came from.
Perhaps judging from the number of different sources, and the type of packets, they can calculate the number of control packets needed.
If they know it required a one-for-one ratio of control packets to target packets, that is what they mean by un-amplified.
But it doesn't mean they came via the same route.
The less noobs like yourself that use it, the less of a target the OS will be. .
Hmmm, that sounds the the Bill Gates theory of OS vulnerability. Popular OSs get broken into not because they are vulnerable but just because they are popular.
I would have thought someone using FreeBSD would have a more enlightened understanding of security,
and what makes one OS a target and another a brick wall.
What ever you are using is your problem.
Nothing has changed that I can see.
Which is slow, 9.2 or 10a1?
You ALWAYS had the ability to go into the market place and buy private insurance.
Now you will have a government mandated and controlled market of cheesy policies. It will be run like every other government program (a huge fiasco and money sucking disaster) and more/most insurers will drop out due to government meddling.
It amazes me that anyone can believe government does anything well in this day and age.