However, one thing to keep in mind is that currently the vast majority of "owned" windows boxes, were not infected by an remote exploit, but were infected by trojan horses.
Not disagreeing with you here, but cite your sources (I could use data like that).
What leads anyone to think it was anymore than the guy lost in in a taxi, or if the girl did take it, she sold it on to a second hand phone dealer for a few dollars.
Because they do it all the time. Tell you what, precious, take a trip to Israel and tell people you work for Northrupp Grumman. You'll get a lot of attention.
Much more important to consider is if the guy used the phone while he was in Beijing, there is an excellent chance that every keystroke, including passwords, was captured en route.
Um...you do know that when you press a key on your phone it doesn't have to get transmitted somewhere and then come back to be displayed on your screen...right?
Back in Chicago we had a plethora of good bulletin boards. There was a certain je ne se quois about those boards that you just don't find on the web, alas.
And I have yet to have as much fun playing WoW as I did playing LORD or BRE. MajorBBS was great when our local SysOp added network gaming functionality, so we could play 4-way Doom, Heretic, and Command & Conquer (was terrible for Quake though). Those were the days...
I disagree. Insofar as people should be able to hear and decide to beleive in any info they want, this "worldwide market of ideas" is a good thing...except that there is a lot of junk out there, and without the peer review process there is little to no evolutionary pressure on these ideas to force shitty ones to the bottom and good ones to the top. The actual pressure is provided by people who yell loudest that they are correct (which does, contrary to your assertion, correlate rather well with how much money you can throw at the problem).
Your approach would tend to minimize the advancement of good ideas and encourage the advancement of bad ones.
Your problem is that you think the problems you see with science are new ("...Youth sees the sun rise and forgets the previous day ever existed..."). This has always been how it is, because the alternatives are all worse. Few scientists and their ideas are respected in their time, and as many find fame for their ignominious deaths as their notable achievements. Science is conservative for a reason; you would have us err so that your ideas (or ideas you are sympathetic to) get equal time with well-established ones.
I'm starting to think you're just a really clever creationist or something.
Welcome to the wet, wild, wooly world of liesstatistics.
What Mcafee's methodology lets them claim is that if you closed your eyes and went to a random website, some percentage of the time it may expose you to risk. With such a low proportion in the.com domain, it basically means that you may as well treat it as a random event and not worry so much about.
The thing is, as you point out, the average user doesn't blindly go to random websites. There are maybe 20 sites I visit regularly, and none of them have ever been a problem. However, if I were a native Chinese speaker who most frequently visited.hk social networking sites, it might make sense to invest in some countermeasures.
To make sense of the conclusions, you have to put them in context. Mcafee's assertion that this difference in "dangerousness" means some domain registrars are "being insecure" indicates, to me, a lack of imagination and flair for interpreting the results of analysis. Don't even get me started on the fuzzy langauges and the inferential leaps they want you to make.
Yes, people have always CLAIMED to have hacked this or that, but in reality, most of the outlandish ones ("arm of the space shuttle?") are complete BS. That much has not changed.
I would say things are MORE vulnerable now than 20 years ago, because we depend more heavily upon the technology without addressing any of its issues.
Also, one last thing: It is entirely possible for the geek to get the girl now.
Perfect security can be expensive. There is not a whole lot of reason to invest in a $1m security stack to protect a $500k investment, however; most security is therefore "good enough" but is never actually "good."
Companies need to recognize that there are more stakeholders than they realize who have "investments" that they have to protect. This might mean passing the cost of security on to the customers, but for something like the health care or credit card industry this is not necessarily a big deal.
An excellent point, but your last statement is not entirely correct. The Coalition's efforts to combat Al Qaeda have scattered their leadership, so in order to accomplish their goals they have transformed into a sort of global consulting organization. They offer affiliate groups branding, strategic planning, ideological motivation, and training, a significant portion of which is conducted via the internet. "Al Qaeda it n Iraq" is a great example of this--a formerly independent organization that has aligned with AQ but which in reality is only loosely "controlled" by what we think of as Bin Laden's organization.
In any case, not allowing them to use free, high-availability sites like YouTube for these activities is probably a good idea, and easy enough to boot.
So how come you guys keep dumping poisons into the atmosphere and water supply, lying to and abusing your customers, and only stopping when you're forced to stop (and even then trying to buy politicians to escape punishment)?
HIPAA was written with the intent of safeguarding customers and their data by regulating the providers. Being the vendor who sells storage methods (e.g. Excel) does not make you liable. Being the vendor who actually maintains your records should put you under the same regulations as anyone else who handles sensitive data (but currently does not).
No, it's not--it's one metric out of several that you can use to determine if something is a cult.
Remember that the purpose is not to "label" something as a cult and THEN say it's bad. The purpose is to identify bad traits themselves.
Perhaps an analogy would be with alcoholism--you don't have a checklist to see if you or someone you know is an alcoholic, and only when you have enough totted up do you act--you see someone drinking before work, you call them on it.
Generally true, however, you do not need to see a training video on building IEDs to decide some "truth" about blowing people up. There are genuinely good reasons for dropping this kind of content when it is discovered (better reasons than dropping copyrighted material due to the DMCA, surely).
I'm not sure you have thought this through: The people who control everything cannot be trusted to tell us the truth--fine--but you want them to guarantee access to the truth as a basic right. It sounds like your solution to the problem is to add more problem.
We could be optimistic and assume the Chinese gov't is realizing that you don't have to tightly control the media in order to look good. You can instead simply let them see you actually do something good.
Rejewski did get help from other "nationalities": He got help from the French. At this time Turing was still an undergrad. I don't think he focused professionally on cryptanalysis until the late 30s when he started working for the British government.
Enigma was broken by a Polish cryptographer named Marian Rejewski. The Poles knew they were going to be overrun by the Germans and disclosed their work to the French and British.
Bletchley Park is where they automated the process of intercepting, decrypting, translating, and analyzing Axis communications. I can't think of any large-scale SIGINT operation that preceded Bletchley, and it was certainly vital to the war effort, but credit where it's due, etc.
No. I use MythTV (albeit through the analog hole); my computer tells the set-top box what channel to tune in, and converts whatever comes into the s-video jack to MPEG4.
There are digital capture cards that predate the broadcast flag, as well. They're just hard to find.
Quite right, but that difference is not under debate at the moment. Stick to one issue at a time--the argument "It doesn't feel pain, it's ok to kill it" is under fire here.
That's a genetic definition of "human." I think we're discussing a more philosophical definition of what it means to "be human."
There are other wrinkles. We agree other people are human and we do terrible things to them all the time...so why should a baby or fetus or clump of cells get special treatment?
Interesting that you bring up the free will thing, I have noticed the Lefty blogosphere all abuzz with the idea that free will is a canard ever since the last season finale of BSG.
Are there going to be gradations of brain activity, or is it more of an "either-or" decision? Historically, people with mental handicaps have been treated as if they have fewer rights, and people who possess greater intellects (or at least believe they do) sometimes have justified their domination over simply average people.
If it's just going to be a binary question, then what criteria do we use to say "You need to have all of these features or you're not thinking and therefore you're not human?" I think we really need to tread carefully to avoid question-begging: You have suggested that brain activity is a good metric, but why?
Sorry if I'm getting into the weeds here, interesting topic is all...
Actually the vast majority of botnet infections right spread by e-mail trojans and drive-by installs. These are not problems firewalls are meant to address. For the latter, you can sandbox your browser or at least keep your patches up to date. For the former, we expect people not to be idiots.
So, in reality, what you should say is that all the security advice on the planet cannot stop bot activity, no matter how smart people claim to be.
IIRC there is something about this in Mathematics and Sex but 1. It is easier for women to get laid, 2. 10% of men sleep with 90% of women, and 3. It is easier for women to get laid.
Say you're an attractive woman. You walk into a party. Instantly the vast majority of guys and an appreciable minority of women want to take you home.
Say you're an attractive guy. You walk into a party. Instantly the vast majority of women consider that they might signal to you in some subtle fashion that they are interested in talking and maybe going out on some dates and keeping you around if you're funny and then, yeah, there might be sex. Then there's the minority of men & women who want to just take you home.
We all want the same thing, but we go about it differently, and the playing field is definately not level.
Catherding is generally difficult only because, for some people, their bread & butter is being the guy who owns the data, not the guy who explores & explains the data.
We can easily see without any complicated analysis that things like "low socio-economic status" are indicators of likelihood to commit crimes.
This doesn't mean we need some kind of predictive algorithm so the cops know who to harass in order to prevent crime. It means we need to address the problem of socio-economic status itself.
No. The fact that the police are too inefficient to prevent murder means that they should focus their energies on catching crooks instead of invading our privacy to prevent crime.
Also I would point out that, while there are "tells" for when someone is feeling "nervous," they typically take a lifetime of dedicated study to learn. This is why there are few professional poker players; I doubt we're going to impart this kind of knowledge to our TSA workers with a 1-week orientation course. In addition, as pointed out by the expert who wrote this book, suicide bombers are probably NOT all that nervous; they are confident that what they're doing is right. So, all in all, investing heavily in TSA is probably not a good use of our money.
Slashdot Mirror
Not disagreeing with you here, but cite your sources (I could use data like that).
What leads anyone to think it was anymore than the guy lost in in a taxi, or if the girl did take it, she sold it on to a second hand phone dealer for a few dollars.
Because they do it all the time. Tell you what, precious, take a trip to Israel and tell people you work for Northrupp Grumman. You'll get a lot of attention.
Much more important to consider is if the guy used the phone while he was in Beijing, there is an excellent chance that every keystroke, including passwords, was captured en route.
Um...you do know that when you press a key on your phone it doesn't have to get transmitted somewhere and then come back to be displayed on your screen...right?
That does bring back memories.
Back in Chicago we had a plethora of good bulletin boards. There was a certain je ne se quois about those boards that you just don't find on the web, alas.
And I have yet to have as much fun playing WoW as I did playing LORD or BRE. MajorBBS was great when our local SysOp added network gaming functionality, so we could play 4-way Doom, Heretic, and Command & Conquer (was terrible for Quake though). Those were the days...
I disagree. Insofar as people should be able to hear and decide to beleive in any info they want, this "worldwide market of ideas" is a good thing...except that there is a lot of junk out there, and without the peer review process there is little to no evolutionary pressure on these ideas to force shitty ones to the bottom and good ones to the top. The actual pressure is provided by people who yell loudest that they are correct (which does, contrary to your assertion, correlate rather well with how much money you can throw at the problem).
Your approach would tend to minimize the advancement of good ideas and encourage the advancement of bad ones.
Your problem is that you think the problems you see with science are new ("...Youth sees the sun rise and forgets the previous day ever existed..."). This has always been how it is, because the alternatives are all worse. Few scientists and their ideas are respected in their time, and as many find fame for their ignominious deaths as their notable achievements. Science is conservative for a reason; you would have us err so that your ideas (or ideas you are sympathetic to) get equal time with well-established ones.
I'm starting to think you're just a really clever creationist or something.
Welcome to the wet, wild, wooly world of liesstatistics.
.com domain, it basically means that you may as well treat it as a random event and not worry so much about.
.hk social networking sites, it might make sense to invest in some countermeasures.
What Mcafee's methodology lets them claim is that if you closed your eyes and went to a random website, some percentage of the time it may expose you to risk. With such a low proportion in the
The thing is, as you point out, the average user doesn't blindly go to random websites. There are maybe 20 sites I visit regularly, and none of them have ever been a problem. However, if I were a native Chinese speaker who most frequently visited
To make sense of the conclusions, you have to put them in context. Mcafee's assertion that this difference in "dangerousness" means some domain registrars are "being insecure" indicates, to me, a lack of imagination and flair for interpreting the results of analysis. Don't even get me started on the fuzzy langauges and the inferential leaps they want you to make.
Yes, people have always CLAIMED to have hacked this or that, but in reality, most of the outlandish ones ("arm of the space shuttle?") are complete BS. That much has not changed.
I would say things are MORE vulnerable now than 20 years ago, because we depend more heavily upon the technology without addressing any of its issues.
Also, one last thing: It is entirely possible for the geek to get the girl now.
Perfect security can be expensive. There is not a whole lot of reason to invest in a $1m security stack to protect a $500k investment, however; most security is therefore "good enough" but is never actually "good."
Companies need to recognize that there are more stakeholders than they realize who have "investments" that they have to protect. This might mean passing the cost of security on to the customers, but for something like the health care or credit card industry this is not necessarily a big deal.
An excellent point, but your last statement is not entirely correct. The Coalition's efforts to combat Al Qaeda have scattered their leadership, so in order to accomplish their goals they have transformed into a sort of global consulting organization. They offer affiliate groups branding, strategic planning, ideological motivation, and training, a significant portion of which is conducted via the internet. "Al Qaeda it n Iraq" is a great example of this--a formerly independent organization that has aligned with AQ but which in reality is only loosely "controlled" by what we think of as Bin Laden's organization.
In any case, not allowing them to use free, high-availability sites like YouTube for these activities is probably a good idea, and easy enough to boot.
So how come you guys keep dumping poisons into the atmosphere and water supply, lying to and abusing your customers, and only stopping when you're forced to stop (and even then trying to buy politicians to escape punishment)?
HIPAA was written with the intent of safeguarding customers and their data by regulating the providers. Being the vendor who sells storage methods (e.g. Excel) does not make you liable. Being the vendor who actually maintains your records should put you under the same regulations as anyone else who handles sensitive data (but currently does not).
No, it's not--it's one metric out of several that you can use to determine if something is a cult.
Remember that the purpose is not to "label" something as a cult and THEN say it's bad. The purpose is to identify bad traits themselves.
Perhaps an analogy would be with alcoholism--you don't have a checklist to see if you or someone you know is an alcoholic, and only when you have enough totted up do you act--you see someone drinking before work, you call them on it.
Generally true, however, you do not need to see a training video on building IEDs to decide some "truth" about blowing people up. There are genuinely good reasons for dropping this kind of content when it is discovered (better reasons than dropping copyrighted material due to the DMCA, surely).
I'm not sure you have thought this through: The people who control everything cannot be trusted to tell us the truth--fine--but you want them to guarantee access to the truth as a basic right. It sounds like your solution to the problem is to add more problem.
We could be optimistic and assume the Chinese gov't is realizing that you don't have to tightly control the media in order to look good. You can instead simply let them see you actually do something good.
Rejewski did get help from other "nationalities": He got help from the French. At this time Turing was still an undergrad. I don't think he focused professionally on cryptanalysis until the late 30s when he started working for the British government.
Enigma was broken by a Polish cryptographer named Marian Rejewski. The Poles knew they were going to be overrun by the Germans and disclosed their work to the French and British.
Bletchley Park is where they automated the process of intercepting, decrypting, translating, and analyzing Axis communications. I can't think of any large-scale SIGINT operation that preceded Bletchley, and it was certainly vital to the war effort, but credit where it's due, etc.
No. I use MythTV (albeit through the analog hole); my computer tells the set-top box what channel to tune in, and converts whatever comes into the s-video jack to MPEG4.
There are digital capture cards that predate the broadcast flag, as well. They're just hard to find.
Quite right, but that difference is not under debate at the moment.
Stick to one issue at a time--the argument "It doesn't feel pain, it's ok to kill it" is under fire here.
That's a genetic definition of "human." I think we're discussing a more philosophical definition of what it means to "be human."
There are other wrinkles. We agree other people are human and we do terrible things to them all the time...so why should a baby or fetus or clump of cells get special treatment?
Interesting that you bring up the free will thing, I have noticed the Lefty blogosphere all abuzz with the idea that free will is a canard ever since the last season finale of BSG.
Are there going to be gradations of brain activity, or is it more of an "either-or" decision?
Historically, people with mental handicaps have been treated as if they have fewer rights, and people who possess greater intellects (or at least believe they do) sometimes have justified their domination over simply average people.
If it's just going to be a binary question, then what criteria do we use to say "You need to have all of these features or you're not thinking and therefore you're not human?" I think we really need to tread carefully to avoid question-begging: You have suggested that brain activity is a good metric, but why?
Sorry if I'm getting into the weeds here, interesting topic is all...
Yes, but running Norton, he won't have any free RAM for the rootkit to be loaded into.
Actually the vast majority of botnet infections right spread by e-mail trojans and drive-by installs. These are not problems firewalls are meant to address. For the latter, you can sandbox your browser or at least keep your patches up to date. For the former, we expect people not to be idiots.
So, in reality, what you should say is that all the security advice on the planet cannot stop bot activity, no matter how smart people claim to be.
IIRC there is something about this in Mathematics and Sex but
1. It is easier for women to get laid,
2. 10% of men sleep with 90% of women, and
3. It is easier for women to get laid.
Say you're an attractive woman. You walk into a party. Instantly the vast majority of guys and an appreciable minority of women want to take you home.
Say you're an attractive guy. You walk into a party. Instantly the vast majority of women consider that they might signal to you in some subtle fashion that they are interested in talking and maybe going out on some dates and keeping you around if you're funny and then, yeah, there might be sex. Then there's the minority of men & women who want to just take you home.
We all want the same thing, but we go about it differently, and the playing field is definately not level.
Catherding is generally difficult only because, for some people, their bread & butter is being the guy who owns the data, not the guy who explores & explains the data.
We can easily see without any complicated analysis that things like "low socio-economic status" are indicators of likelihood to commit crimes.
This doesn't mean we need some kind of predictive algorithm so the cops know who to harass in order to prevent crime. It means we need to address the problem of socio-economic status itself.
No. The fact that the police are too inefficient to prevent murder means that they should focus their energies on catching crooks instead of invading our privacy to prevent crime.
Also I would point out that, while there are "tells" for when someone is feeling "nervous," they typically take a lifetime of dedicated study to learn. This is why there are few professional poker players; I doubt we're going to impart this kind of knowledge to our TSA workers with a 1-week orientation course. In addition, as pointed out by the expert who wrote this book, suicide bombers are probably NOT all that nervous; they are confident that what they're doing is right. So, all in all, investing heavily in TSA is probably not a good use of our money.