Well Yes and No. No - I don't agree that the subject matter that has been actually leaked was right for governments to have done in the first place. eg: The deliberate killing of innocent civilians in Iraq. That is wrong.
Yes - I do agree that leaking information is harmful to government and beneficial to enemies, because the enemies can use what the government did wrong as a recruiting tool to gain support against them. With all the negativity against governments having all this data, I would say that it is working pretty well for the enemies of the government.
Note - Being an enemy of the government doesn't necessarily mean you have done anything wrong, it just mean that you don't agree with the governments actions. For example, the EFF is an enemy of the government, even though they are not doing anything wrong.
TL;DR - Governments should stop doing things wrong instead of hiding what they do wrong, because it is what they do in the first place that was leaked which is aiding the 'enemy' (anyone who disagrees with the government) recruit other people against the government (anyone who supports Leaking of coverups), rather than the act of leaking in itself.
5 years ago it would be considered a "Hacking" crime to bring to light such a trivial adjustment to the way you access a website by changing it's URL in a small way, but now it is grounds for class action against the operator for actual lax security.
It would be like Obama completely bugging his wife's car, not because she is under the protection of the Secret Service, but because he wants to watch everything that she is up to without her knowledge. GPS Tracking, Sound, Video, the works - he can watch her every breath.
And then when she realises that he has been spying on her, he would say "Well you wouldn't mind if you have nothing to hide! I'm just cleaning out the dirty dishes!"
Synology have been moving from the personal to the enterprise space as of late with their "DiskStation" NAS line of products. Some of their high end "NAS" boxes can get pretty powerful. There is a function of the DiskStation is called "Cloud Station", essentially a Dropbox clone.
Basically what you would be doing is having your own on-premises 'Dropbox appliance'. It is very easy to setup/integrate with it's user-friendly interface for the admin, and then all you really need to do then is forward the ports and install the client software.
They should have saved this exploit for jailbreaking than to report it, comsidering the chances of an in-the-wild infection are low. Public charge stations are quite uncommon.
From the article, these are the following supported browsers: Microsoft Windows XP: Internet Explorer 6.0, Netscape 7.2, Firefox 1.0.3, Mozilla 1.7.7." Firefox is still available (Windows link) and is fairly independent from the underlying OS, so it would probably work on Vista+/Mac/Linux too (If you can find Mac/Linux links).
Still a pain to have to pick and choose browsers. It is easier for the average person to use the offline version.
Even easier for the hacker to compromise such an outdated website and input their benefits claim directly into the database tables (and already approved for their 10 fake identities of course).
Then how come you are posting as VertexCortex and not Anonymous coward, still needs to be a mechanism to make sure you are VertexCortex. Ideally you should be able go hit "Login" on your browser, and your browser automatically logs you in for you while using two factor in the background (once you have already two-factored with your browser when you sat down) so Slashdot knows 1. You are VertexCortex (to load your preferences and posting abilities as your name) and 2. You have proven yourself (It doesn't need to know how, it just needs to kniw that you have)
The thought process of a developer is that it is usually a user problem, and therefore it is the user that needs fixing, not the user.
The cold reality is that using passwords at all is the problem.
Passwords are an antiquated solution to a simple problem from the very start of multi-user computing. It is simple but exponentially ineffective as it scales.
The human mind is not set up to remember multiple, complex passwords. There are very few humans who are gifted with this ability to remember literally hundreds of different passwords without writing it down, I would put someone who can in the realm of an academic genius who can remember entire textbooks or recite Pi for hours before they eventually have to take a break for physical reasons.
Normal people write it down or keep it to a narrow set of passwords depending on which level of complexity the system will allow. Both bad security practice.
And passwords that expire every 45 days with annoying complexity requirments? You're going to drive users nuts trying to think of new ones each time that eventually they will come up with the simplist password the system will allow and increment by 1 each time they have to change eg: Password1, Password2, Password3, etc.
There are hacks out there, eg: KeePass and LastPass, but this is a workaround to the underlying problem. The websites that Force you to use Facebook are even worse (as they force you to handover all your personal details while you are at it, which just as easily can be used for identity fraud. Many Banks, Telcos etc. only authenticate with your DOB). OpenID is better but the implementation makes it common to sign in from the website your are trying to access, making it susceptible to being spoofed.
Realistically, we need to kill the password. Two factor authentication all the way. It needs ONE trust relationship between the user and the authenticator. This could be a user ID and a token. The authenticator can have then multiple trust relationships with participating websites.
The authenticator should only provide two data points: (1) The user ID of that website (different ID to other websites so that the user can be tracked with the same ID across websites) and (2) That the user has authenticated themselves. Thats it. Most websites don't need to know your name, DOB, Vanity username, email address or anything else about you. If they need this, ask - but only if actually required - and give the user a clear option to decline or provide only partial data.
The only thing that most websites or other computer systems need is a way to tell which user profile to load up, and that the user requesting it is really the same user. A password does not prove that,
He isn't offering the money as a token to indicate how strongly he believes in an idea. $100 isn't going to break the bank for him.
What is he really doing is offering the chance to boast "I won a bet against Stephen Hawking" (You know... The guy who is regarded by most people to be the smartest person in the world) as the prize for some very extreme research.
He is giving the encouragement to push the boundaries of what we know about science in the quest of knowledge, and this is exactly what science is about.
So even when he "loses" the bet, he wins, because he has helped science go further by challenging everything that we know, instead of just following what the "smartest" people think,
Seriously, can someone suggest some FOSS solutions that do just this. I have a whole bunch of mbox stores forked at different times. I want to put it all together, remove the duplicates and then run queries to weed out what I need and what to turf! I have hoarded for too long. Gmail came out in 2004 and they said "Archive instead of delete!"... Well now my Inbox is practically unmanageable! Google get most things right but not that one unfortunately.
With an operator no doubt facilitating illegal actions of their customers, and refusing to no doubt enfore court orders to disconnect their customers for said actions, couldn't a case be made to disconnect them from THEIR upstream providers because they are now acting illegally but not following court orders, presuming that their upstream providers follow court orders, and the upstream upstream until you get to a legitimate entity. It seems quite an shortcoming of the law that they can act with impunity while allowing their customers to bring down the very fabric of the world wide web.
Not sure what environment you are using, but it should be fairly similar for Linux/Mac. In Windows, you can go into the Display Properties and select which to be the primary monitor (which the task bar appears and which Windows open on by default), you can also click on a monitor picture to select it and use the UP/DOWN/LEFT/RIGHT keys to position the monitor relative to the other monitors exactly as it is physically so that the mouse cursor lines up when moving the mouse across monitors and to/from the correct edges.
I was hoping that they could go into prisons instead of being destroyed. But only prisoners and their scumbag visitors have to. Go through them. Prison staff and lawyers get safe ones when they need to be screened. Actually scratch that, send the lawyers through the back scatter too.
The Greens are rising in power because the major two are seen as pathetic, and voters are looking for the most sane party to fill this gap. Unfortunately the closest thing we have had to 'sane', is the Greens. While some of their policies are good, they are on a whole batshit crazy and is not acceptable option to most people, so they fall back onto the major two.
With The Pirate Party, if you just get past the name and actually look at the policies, they are not that bad.
Under two-party preferred system, their votes will probably be funnelled to the Greens, which would then be funnelled to Labor. At least it will be a start and show that the major two are falling in popularity.
Just imagine all of the PR points you could win just by letting us space nerds in on what you're doing. We'll work most of it out anyway, but take us through all the technical gore. What you are doing seems like the closest thing to launching a fully fledged rocket from your backyard using nothing but spare parts lying around, so we can definitely relate with you here.
The records are longer than the legal maximum retention period. You can't expect hospitals to keep every X-Ray you ever had forever, not only is there privacy issues (some people don't like the idea) the cost of unlimited data retention is enormous. He should have requested it while it was still within the legal time for it to be kept, otherwise anything more is just a favour to him that they can get it to him at all even with the fee, because it costs money to bring an obsolete system back online, as it was decommissioned since it is no longer required (past the legal maximum).
I'm sure the obsolete system was running just fine in parallel in new system while the records were still under legal obligation and without expensive fees.
It's better than most places that they will still have the obsolete system at all that CAN be bought online. Most places would have destroyed the data by now.
Apple for example, completely wiped the MobileMe data as soon as MobileMe was switched off. Actual conversion I had with them for someone else who didn't know it was been Shut Off until it actually stopped working: Apple: Yes Sir the Service has just stopped working because it has been decommissioned for iCloud. Me: How do I get the data back? Apple: Well we have put out notices to your MobileMe email (that they never use) for months that it is going to be shut down and you need to transition before then, now it's been shut down and we can't transition the data anymore. Me: How do I get the data back now? Apple: The data has been physically wiped from the servers and can't be retrieved even if we wanted to.
Microsoft have done it too with Microsoft Office Live Small Business.
Or Google, switch it off so you can see it's not working and then normally give you a year to download your data from a killed product.
Not fair to ask the CEO to cover the cost of his extraordinary required. If these records are important to him, pay, If not that important, don't. The choice is his.
Yes I'm sure that Network Security Specialists enjoy anything related to the word CYBER, it is like the New Wave era of HACKING (not to be confused with cracking)... or something like that
Slashdot Mirror
Well Yes and No.
No - I don't agree that the subject matter that has been actually leaked was right for governments to have done in the first place. eg: The deliberate killing of innocent civilians in Iraq. That is wrong.
Yes - I do agree that leaking information is harmful to government and beneficial to enemies, because the enemies can use what the government did wrong as a recruiting tool to gain support against them. With all the negativity against governments having all this data, I would say that it is working pretty well for the enemies of the government.
Note - Being an enemy of the government doesn't necessarily mean you have done anything wrong, it just mean that you don't agree with the governments actions. For example, the EFF is an enemy of the government, even though they are not doing anything wrong.
TL;DR - Governments should stop doing things wrong instead of hiding what they do wrong, because it is what they do in the first place that was leaked which is aiding the 'enemy' (anyone who disagrees with the government) recruit other people against the government (anyone who supports Leaking of coverups), rather than the act of leaking in itself.
WiFi is going to be cheaper.
5 years ago it would be considered a "Hacking" crime to bring to light such a trivial adjustment to the way you access a website by changing it's URL in a small way, but now it is grounds for class action against the operator for actual lax security.
It would be like Obama completely bugging his wife's car, not because she is under the protection of the Secret Service, but because he wants to watch everything that she is up to without her knowledge. GPS Tracking, Sound, Video, the works - he can watch her every breath.
And then when she realises that he has been spying on her, he would say "Well you wouldn't mind if you have nothing to hide! I'm just cleaning out the dirty dishes!"
"Is there a structural problem with computer-aided pilot's ability to fly visual approaches?"
No, Just Pilot error. The 777 has constantly landed at SFO everyday for years without issue and the cause of the Asiana has been well-documented.
Synology have been moving from the personal to the enterprise space as of late with their "DiskStation" NAS line of products. Some of their high end "NAS" boxes can get pretty powerful. There is a function of the DiskStation is called "Cloud Station", essentially a Dropbox clone.
Basically what you would be doing is having your own on-premises 'Dropbox appliance'. It is very easy to setup/integrate with it's user-friendly interface for the admin, and then all you really need to do then is forward the ports and install the client software.
They should have saved this exploit for jailbreaking than to report it, comsidering the chances of an in-the-wild infection are low. Public charge stations are quite uncommon.
From the article, these are the following supported browsers:
Microsoft Windows XP: Internet Explorer 6.0, Netscape 7.2, Firefox 1.0.3, Mozilla 1.7.7."
Firefox is still available (Windows link) and is fairly independent from the underlying OS, so it would probably work on Vista+/Mac/Linux too (If you can find Mac/Linux links).
Still a pain to have to pick and choose browsers. It is easier for the average person to use the offline version.
Even easier for the hacker to compromise such an outdated website and input their benefits claim directly into the database tables
(and already approved for their 10 fake identities of course).
Then how come you are posting as VertexCortex and not Anonymous coward, still needs to be a mechanism to make sure you are VertexCortex. Ideally you should be able go hit "Login" on your browser, and your browser automatically logs you in for you while using two factor in the background (once you have already two-factored with your browser when you sat down) so Slashdot knows 1. You are VertexCortex (to load your preferences and posting abilities as your name) and 2. You have proven yourself (It doesn't need to know how, it just needs to kniw that you have)
The thought process of a developer is that it is usually a user problem, and therefore it is the user that needs fixing, not the user.
The cold reality is that using passwords at all is the problem.
Passwords are an antiquated solution to a simple problem from the very start of multi-user computing. It is simple but exponentially ineffective as it scales.
The human mind is not set up to remember multiple, complex passwords. There are very few humans who are gifted with this ability to remember literally hundreds of different passwords without writing it down, I would put someone who can in the realm of an academic genius who can remember entire textbooks or recite Pi for hours before they eventually have to take a break for physical reasons.
Normal people write it down or keep it to a narrow set of passwords depending on which level of complexity the system will allow. Both bad security practice.
And passwords that expire every 45 days with annoying complexity requirments? You're going to drive users nuts trying to think of new ones each time that eventually they will come up with the simplist password the system will allow and increment by 1 each time they have to change eg: Password1, Password2, Password3, etc.
There are hacks out there, eg: KeePass and LastPass, but this is a workaround to the underlying problem. The websites that Force you to use Facebook are even worse (as they force you to handover all your personal details while you are at it, which just as easily can be used for identity fraud. Many Banks, Telcos etc. only authenticate with your DOB). OpenID is better but the implementation makes it common to sign in from the website your are trying to access, making it susceptible to being spoofed.
Realistically, we need to kill the password. Two factor authentication all the way. It needs ONE trust relationship between the user and the authenticator. This could be a user ID and a token. The authenticator can have then multiple trust relationships with participating websites.
The authenticator should only provide two data points: (1) The user ID of that website (different ID to other websites so that the user can be tracked with the same ID across websites) and (2) That the user has authenticated themselves. Thats it. Most websites don't need to know your name, DOB, Vanity username, email address or anything else about you. If they need this, ask - but only if actually required - and give the user a clear option to decline or provide only partial data.
The only thing that most websites or other computer systems need is a way to tell which user profile to load up, and that the user requesting it is really the same user. A password does not prove that,
He isn't offering the money as a token to indicate how strongly he believes in an idea. $100 isn't going to break the bank for him.
What is he really doing is offering the chance to boast "I won a bet against Stephen Hawking" (You know... The guy who is regarded by most people to be the smartest person in the world) as the prize for some very extreme research.
He is giving the encouragement to push the boundaries of what we know about science in the quest of knowledge, and this is exactly what science is about.
So even when he "loses" the bet, he wins, because he has helped science go further by challenging everything that we know, instead of just following what the "smartest" people think,
They are just saving it up for a real target, which could up come pretty soon. Those things aren't cheap.
Seriously, can someone suggest some FOSS solutions that do just this. I have a whole bunch of mbox stores forked at different times. I want to put it all together, remove the duplicates and then run queries to weed out what I need and what to turf! I have hoarded for too long. Gmail came out in 2004 and they said "Archive instead of delete!"... Well now my Inbox is practically unmanageable! Google get most things right but not that one unfortunately.
With an operator no doubt facilitating illegal actions of their customers, and refusing to no doubt enfore court orders to disconnect their customers for said actions, couldn't a case be made to disconnect them from THEIR upstream providers because they are now acting illegally but not following court orders, presuming that their upstream providers follow court orders, and the upstream upstream until you get to a legitimate entity. It seems quite an shortcoming of the law that they can act with impunity while allowing their customers to bring down the very fabric of the world wide web.
Not sure what environment you are using, but it should be fairly similar for Linux/Mac.
In Windows, you can go into the Display Properties and select which to be the primary monitor (which the task bar appears and which Windows open on by default), you can also click on a monitor picture to select it and use the UP/DOWN/LEFT/RIGHT keys to position the monitor relative to the other monitors exactly as it is physically so that the mouse cursor lines up when moving the mouse across monitors and to/from the correct edges.
Wow seriously. Try this one: http://www.youtube.com/watch?v=N3zKuLgH_l8
http://www.youtube.com/watch?v=TdnAaQ0n5-8
Poor justification, you should have proper backups instead of relying on RAID for backup
I was hoping that they could go into prisons instead of being destroyed. But only prisoners and their scumbag visitors have to. Go through them. Prison staff and lawyers get safe ones when they need to be screened. Actually scratch that, send the lawyers through the back scatter too.
Well they are both scripted
The Greens are rising in power because the major two are seen as pathetic, and voters are looking for the most sane party to fill this gap. Unfortunately the closest thing we have had to 'sane', is the Greens. While some of their policies are good, they are on a whole batshit crazy and is not acceptable option to most people, so they fall back onto the major two.
With The Pirate Party, if you just get past the name and actually look at the policies, they are not that bad.
Under two-party preferred system, their votes will probably be funnelled to the Greens, which would then be funnelled to Labor. At least it will be a start and show that the major two are falling in popularity.
Sack the guy and hire the chinese consulting firm directly if they are making code that good!
Just imagine all of the PR points you could win just by letting us space nerds in on what you're doing. We'll work most of it out anyway, but take us through all the technical gore. What you are doing seems like the closest thing to launching a fully fledged rocket from your backyard using nothing but spare parts lying around, so we can definitely relate with you here.
The records are longer than the legal maximum retention period. You can't expect hospitals to keep every X-Ray you ever had forever, not only is there privacy issues (some people don't like the idea) the cost of unlimited data retention is enormous. He should have requested it while it was still within the legal time for it to be kept, otherwise anything more is just a favour to him that they can get it to him at all even with the fee, because it costs money to bring an obsolete system back online, as it was decommissioned since it is no longer required (past the legal maximum).
I'm sure the obsolete system was running just fine in parallel in new system while the records were still under legal obligation and without expensive fees.
It's better than most places that they will still have the obsolete system at all that CAN be bought online. Most places would have destroyed the data by now.
Apple for example, completely wiped the MobileMe data as soon as MobileMe was switched off. Actual conversion I had with them for someone else who didn't know it was been Shut Off until it actually stopped working:
Apple: Yes Sir the Service has just stopped working because it has been decommissioned for iCloud.
Me: How do I get the data back?
Apple: Well we have put out notices to your MobileMe email (that they never use) for months that it is going to be shut down and you need to transition before then, now it's been shut down and we can't transition the data anymore.
Me: How do I get the data back now?
Apple: The data has been physically wiped from the servers and can't be retrieved even if we wanted to.
Microsoft have done it too with Microsoft Office Live Small Business.
Or Google, switch it off so you can see it's not working and then normally give you a year to download your data from a killed product.
Not fair to ask the CEO to cover the cost of his extraordinary required. If these records are important to him, pay, If not that important, don't. The choice is his.
Yes I'm sure that Network Security
Specialists enjoy anything related to the word
CYBER, it is like the New Wave era of
HACKING (not to be confused with
cracking)... or something like that