" The best security is to inform all users once a flaw is discovered."
No, it isn't.
The best security is for software vendors, security firms, and AV software providers to share information and work cooperatively to get AV updates to end users (average Joe Sixpack) while the OEM vendor works on a patch--and keep it out of the "public" eye.
Your internet-connected mom/gandmother/uncle/aunt would never know they were vulnerable anyway, even if the story was on the front page of every newspaper. Unless their machine is set up to automatically check for and install AV and security upgrades, the machine is proably already compromised. If it is so set up, they are covered.
Meanwhile, the script kiddies (as opposed to true criminal hackers) will never be the wiser until the AV updates and patches have already been out for quite a while, and therefore most if not all responsible users are protected.
I am ashamed to admit that I have what many would consider a dream job (magazine editor, telecommute, set my own work schedule), yet I still bitch about my job. That's just wrong, and I need to stop it. Attitude adjustment in progress.
You cannot "call up" the Guard on a moment's (or even a day's) notice. They are not all in one place at a base like regular troops. They are dispersed all over the place, working at their regular jobs as barbers, IT gurus, grocery store managers, or whatever. Each Guardsman must be literally "called up" (notified). Then each individual must make prepatory arrangements (literally find somebody to mind the store or milk the cows during his absence), collect his gear, then travel to the Guard post or other marshalling point.
All that takes time. Even if "called up" the day BEFORE the hurricane hit, it would still have taken several days for the Guard to get there.
Actually, they are moving toward this in a similar underhanded way. Here's is a related press release.
The "Right to Repair Act"
Your pickup engine has a minor problem, but the only clue is a cryptic "Check Engine" idiot light on the dash. The trouble could be as simple as a stuck PCV valve or faulty plug wire. It might be something more serious (read "costly") such as a confused computer control module, but without a way to read the engine diagnostic codes from the computers--and more importantly, to translate what the codes mean--even diagnosing the defect let alone performing do-it-yourself cost effective repair is impossible, and vehicle makers are downright stingy with the information. Even your local mechanic cannot get the information he needs; it is sealed inside the dealership repair shop--probably in a cipher lock safe.
There ought to be a law.
Well, they are working on one--the Motor Vehicle Owners Right to Repair Act.
Since the Act, HR2048, was reintroduced in Congress on May 3 by Rep. Joe Barton (R-TX), Rep. Edolphus Towns (D-NY), and Rep. Darrell Issa (R-CA), and 22 additional congressmen have signed on as co-sponsors in support of the bill.
HR2048 has garnered support and praise from many quarters, especially from the American Aftermarket Industry Association (AAIA).
"We want to thank Representatives Barton, Towns, and Issa for spearheading this crucial piece of legislation that affects everyone who works in the aftermarket," said Kathleen Schmatz, President and CEO of AAIA. "The momentum in support of this bill is incredible as evidenced by the support of 22 additional congressmen. However, our work is just beginning. Based on the strong opposition that the car companies have been expressing on Capital Hill, we will need many more legislators signing on the bill to get it through during the current Congress."
The Motor Vehicle Owners Right to Repair Act is truly a bi-partisan bill. Of the 25 congressmen who currently support it, 12 are Democrats, 12 are Republicans, and one is Independent.
The legislation would that require car companies make the same service information and special tools available to independent repair shops as they provide to franchised dealer networks. Architects of the Right to Repair Act added new language to clarify that car company trade secrets are protected unless that information is provided to the franchised new car dealer. New language also provides more detail on the role of the Federal Trade Commission in enforcing the legislation.
"It's not about taking trade secrets and proprietary information from the car companies. These are clearly protected in the legislation," Schmatz said. "It is about fair trade and protecting consumer choice."
Independent repair shops and aftermarket accessory makers are not the only or even the targeted beneficiaries of HR2048. The language of the bill is clear that vehicle *owners* should have access to information whereby to affect repairs. One section states emphatically that vehicle owners should have access to information for "making, or having made, the necessary diagnosis, service, and repair of their motor vehicles in a timely, convenient, reliable, and affordable manner."
Here are some facts from AAIA:
Why This Bill Is Needed
Current automotive technology is being used to successfully "lock out" car owners from being able to repair and maintain their own vehicles. Modern automobiles contain many computers that control virtually every component such as the braking system, steering mechanism, air bags, ignition, and the climate control system.
Lacking the ability to "talk" to the car's computers, owners or their auto technicians cannot accurately diagnose and repair mechanical problems.
This means that later model cars will only be serviced and repaired at automobile dealerships, which makes shopping around for the best prices and most convenien
Did something similar once under the misguided concept that "electricity is electricity." The 9-volt battery for my 2-way radio was out of juice, so I connected an AC "suicide cord" to the terminals and plugged it in. Rather than explode, the battery first started smoking, then REALLY smoking, then burst into flames--amazingly BIG flames--then started spewing sparks to rival a Roman candle.
I was suitably impressed to such a degree that I did it again to get the fireworks show for a chum to see.
Complete with continuous roll newsprint paper. Used the heck out of them when I worked for Reliance Telecom. Made "real computer sounds." I was always amused when some TV show or movie showed characters typing out on a CRT with teletype sound effects.
Also used Nixie tube display DVMs and freq counters, and an acncient Wang computer that had a modified IBM selectric typewtiter for a printer when I worked for Tracor Westronics.
I used a Yashica fixed-lens camera for years, including professional work. Had a genuine buld flash attachment with a fan-fold reflector. Graduated from that to a Pentax 1000, and finally to a Nikon D90.
Loved HP analog scopes, to which you could attach a logic analyzer that displayed everything in binary.
Had several tube amps and even a few tube radios and phonographs.
My first computer was an Intel SDK 85 breadboard setup with 7-segment HEX display and HEX keypad. Programmed it in HEX ASM code. Later got an ELF with a real CRT!
I had two. The first one had a 7-segment LED display, and the second a cool LCD. Used the heck out of both coding all sorts of stuff, from 8085 assembly and machine code to character generator PROMS (remember those?) and Data General mini-computer ASM stuff (Octal).
It's been a while, but I seem to remember the caclulator would do binary conversions, too.
My personal email blackholes all IPs listed in APNIC, LACNIC, RIPE, and the new AFRNIC, and I graylist all Comcast, Roadrunner, and Canadian IPs. If the From address matches the IP (e.g. somebody@rr.com and sent from a Roadrunner IP) I let it through. Cuts my spam load by about 75 percent.
DUnn about your setup, but I got a spam from a domain called "mylinuxisp.com." I entered on of its IP addresses (216.39.207.140) and it came up with a reputation as a spam source. The trend meter jumped from zero to a peak of 700 percent.
Somebody on that linux-driven network got zombied.
Well, it would seem that way, but the term "upward compatibility" was the standard, presumably meaning "upward compatible from old to new."
Sorta like "upload" and "download." It would seem logical to "download" from one's own machine to the taget machine, and vice-versa, but that ain't how the nomenclature works.
Back in the day, mainstream software providers included "upward compatibility" in all new software releases. In other words, any data or files created by the software from PP1 release would be readable by whatever the current version happened to be, including any in between.
Modern code developers seemingly have no concept of upward compatibility. More's the pity.
You do not know what the hell you are talking about. In fact, I daresay you have never taken an IQ test or you would know that such questions do not appear.
IQ test questions and problems test *cognitive abilities* and reasoning, among other things, *not* knowledge.
The only "biased" IQ test is a written one administered to an illiterate person--who may have very high intelligence, but simply cannot read or write; he lacks knowledge, not intellect.
Even though TFA is not specific, I suspect the guy used an industrial bore scope http://www.titantoolsupply.com/borescopes.html commonly used for inspecting the inner works of machinery, then paired it with a webcam. The camera itself never enters the body, just the small (.250-.500 inches) flexible bore scope.
I did something similar back in the late 80s to make an inexpensive optical targeting system for digitizing PCB hole patterns (reverse engineer kind of thing).
Well into the twentieth century, Africa's animals and indigenous peoples lived in balance with the habitat. Natural controls kept the human and animal populations balanced. Each human male married/mated with several wives (Holy double bigamy, Batman!) and fathered many children by each woman. Most died in infancy or at toddler age. The idea was to have perhaps dozens of children so that one or two might survive to adulthood.
Then came the Western do-gooders with "humanitatian aid"--modern medicine, improved agricultural practices, abundant food. Eden had arrived.
The indigenous males continued to impregnate multiple females, but now most of the infants survived to adulthood, thanks to "umanitarian aid. The human population exploded--and humans have to live somewhere, and you have to produce enough food to feed them all.
Can you say "habitat loss"?
The answer--the only workable answer to saving Africa's wildlife and restoring the balance is rediculously simple: Stop ALL "humanitarian aid" to African countries. The balance will be restored, and Africa becomes the Eden it once was.
Both describe, "Attempts to spread to systems which can be exploited by a vulnerability in Microsoft Windows Plug and Play Service (as described in Microsoft Security Bulletin MS05-039). If successful, the worm copies the file 2pac.txt to the remote machine."
Ditto this. It is what my wife uses--a wooden and rather attractive/decorative model that optionally folds/stores away when entertaining guests. Heck, sometimes she even eats off it.
Why anybody would swerve and risk their own life and the lives of others to avoid hitting a rabbit, squirrel, cat, et al is beyond rational comprehension.
I have always found Yahoo searches too "commerce heavy," leaning way to much to "Yahoo stores" and "Yahoo sites." The meaningful info is lost in the jumble. Google results are cleaner and easier to parse. So, more Yahoo results equals more furustrating/confusing results.
It is not that homosexuality is "unnatural." It is that homosexuality is not *normal*. Humans (and animals in some cases) fear abnormal behavior in any-thing/one, animal or human. In the days of yore, people feared the mentally ill (still do, to a large degree). People fear dogs that stagger about and foam at the mouth. People fear kids who pierce their bodies in weird places and dye their hair green. People once feared kids who wore leather jackets and rode motorcycles. And so on.
Mental illness and rabies are wholly natural, but not normal. Green hair and body piercing are neither natural nor normal in most societies. However, over time, harmless abberant behavior is eventually accepted and therefore becomes normal.
Slashdot Mirror
" The best security is to inform all users once a flaw is discovered."
No, it isn't.
The best security is for software vendors, security firms, and AV software providers to share information and work cooperatively to get AV updates to end users (average Joe Sixpack) while the OEM vendor works on a patch--and keep it out of the "public" eye.
Your internet-connected mom/gandmother/uncle/aunt would never know they were vulnerable anyway, even if the story was on the front page of every newspaper. Unless their machine is set up to automatically check for and install AV and security upgrades, the machine is proably already compromised. If it is so set up, they are covered.
Meanwhile, the script kiddies (as opposed to true criminal hackers) will never be the wiser until the AV updates and patches have already been out for quite a while, and therefore most if not all responsible users are protected.
Please give the parent a +5 Insightful.
I am ashamed to admit that I have what many would consider a dream job (magazine editor, telecommute, set my own work schedule), yet I still bitch about my job. That's just wrong, and I need to stop it. Attitude adjustment in progress.
You cannot "call up" the Guard on a moment's (or even a day's) notice. They are not all in one place at a base like regular troops. They are dispersed all over the place, working at their regular jobs as barbers, IT gurus, grocery store managers, or whatever. Each Guardsman must be literally "called up" (notified). Then each individual must make prepatory arrangements (literally find somebody to mind the store or milk the cows during his absence), collect his gear, then travel to the Guard post or other marshalling point.
All that takes time. Even if "called up" the day BEFORE the hurricane hit, it would still have taken several days for the Guard to get there.
Actually, they are moving toward this in a similar underhanded way. Here's is a related press release.
The "Right to Repair Act"
Your pickup engine has a minor problem, but the only clue is a cryptic "Check Engine" idiot light on the dash. The trouble could be as simple as a stuck PCV valve or faulty plug wire. It might be something more serious (read "costly") such as a confused computer control module, but without a way to read the engine diagnostic codes from the computers--and more importantly, to translate what the codes mean--even diagnosing the defect let alone performing do-it-yourself cost effective repair is impossible, and vehicle makers are downright stingy with the information. Even your local mechanic cannot get the information he needs; it is sealed inside the dealership repair shop--probably in a cipher lock safe.
There ought to be a law.
Well, they are working on one--the Motor Vehicle Owners Right to Repair Act.
Since the Act, HR2048, was reintroduced in Congress on May 3 by Rep. Joe Barton (R-TX), Rep. Edolphus Towns (D-NY), and Rep. Darrell Issa (R-CA), and 22 additional congressmen have signed on as co-sponsors in support of the bill.
HR2048 has garnered support and praise from many quarters, especially from the American Aftermarket Industry Association (AAIA).
"We want to thank Representatives Barton, Towns, and Issa for spearheading this crucial piece of legislation that affects everyone who works in the aftermarket," said Kathleen Schmatz, President and CEO of AAIA. "The momentum in support of this bill is incredible as evidenced by the support of 22 additional congressmen. However, our work is just beginning. Based on the strong opposition that the car companies have been expressing on Capital Hill, we will need many more legislators signing on the bill to get it through during the current Congress."
The Motor Vehicle Owners Right to Repair Act is truly a bi-partisan bill. Of the 25 congressmen who currently support it, 12 are Democrats, 12 are Republicans, and one is Independent.
The legislation would that require car companies make the same service information and special tools available to independent repair shops as they provide to franchised dealer networks. Architects of the Right to Repair Act added new language to clarify that car company trade secrets are protected unless that information is provided to the franchised new car dealer. New language also provides more detail on the role of the Federal Trade Commission in enforcing the legislation.
"It's not about taking trade secrets and proprietary information from the car companies. These are clearly protected in the legislation," Schmatz said. "It is about fair trade and protecting consumer choice."
Independent repair shops and aftermarket accessory makers are not the only or even the targeted beneficiaries of HR2048. The language of the bill is clear that vehicle *owners* should have access to information whereby to affect repairs. One section states emphatically that vehicle owners should have access to information for "making, or having made, the necessary diagnosis, service, and repair of their motor vehicles in a timely, convenient, reliable, and affordable manner."
Here are some facts from AAIA:
Why This Bill Is Needed
Current automotive technology is being used to successfully "lock out" car owners from being able to repair and maintain their own vehicles. Modern automobiles contain many computers that control virtually every component such as the braking system, steering mechanism, air bags, ignition, and the climate control system.
Lacking the ability to "talk" to the car's computers, owners or their auto technicians cannot accurately diagnose and repair mechanical problems.
This means that later model cars will only be serviced and repaired at automobile dealerships, which makes shopping around for the best prices and most convenien
Did something similar once under the misguided concept that "electricity is electricity." The 9-volt battery for my 2-way radio was out of juice, so I connected an AC "suicide cord" to the terminals and plugged it in. Rather than explode, the battery first started smoking, then REALLY smoking, then burst into flames--amazingly BIG flames--then started spewing sparks to rival a Roman candle.
I was suitably impressed to such a degree that I did it again to get the fireworks show for a chum to see.
Complete with continuous roll newsprint paper. Used the heck out of them when I worked for Reliance Telecom. Made "real computer sounds." I was always amused when some TV show or movie showed characters typing out on a CRT with teletype sound effects.
Also used Nixie tube display DVMs and freq counters, and an acncient Wang computer that had a modified IBM selectric typewtiter for a printer when I worked for Tracor Westronics.
Them was the days.
I used a Yashica fixed-lens camera for years, including professional work. Had a genuine buld flash attachment with a fan-fold reflector. Graduated from that to a Pentax 1000, and finally to a Nikon D90.
Loved HP analog scopes, to which you could attach a logic analyzer that displayed everything in binary.
Had several tube amps and even a few tube radios and phonographs.
My first computer was an Intel SDK 85 breadboard setup with 7-segment HEX display and HEX keypad. Programmed it in HEX ASM code. Later got an ELF with a real CRT!
(sigh) I miss them all.
I had two. The first one had a 7-segment LED display, and the second a cool LCD. Used the heck out of both coding all sorts of stuff, from 8085 assembly and machine code to character generator PROMS (remember those?) and Data General mini-computer ASM stuff (Octal).
It's been a while, but I seem to remember the caclulator would do binary conversions, too.
My personal email blackholes all IPs listed in APNIC, LACNIC, RIPE, and the new AFRNIC, and I graylist all Comcast, Roadrunner, and Canadian IPs. If the From address matches the IP (e.g. somebody@rr.com and sent from a Roadrunner IP) I let it through. Cuts my spam load by about 75 percent.
DUnn about your setup, but I got a spam from a domain called "mylinuxisp.com." I entered on of its IP addresses (216.39.207.140) and it came up with a reputation as a spam source. The trend meter jumped from zero to a peak of 700 percent.
Somebody on that linux-driven network got zombied.
Well, it would seem that way, but the term "upward compatibility" was the standard, presumably meaning "upward compatible from old to new."
Sorta like "upload" and "download." It would seem logical to "download" from one's own machine to the taget machine, and vice-versa, but that ain't how the nomenclature works.
Back in the day, mainstream software providers included "upward compatibility" in all new software releases. In other words, any data or files created by the software from PP1 release would be readable by whatever the current version happened to be, including any in between.
Modern code developers seemingly have no concept of upward compatibility. More's the pity.
What does an SAT question have to do with an IQ test?
Mea culpa. I guess I am just too accustomed to the idiots and flamers and /. and it colors my perceptions. No excuse, just an explanation.
You do not know what the hell you are talking about. In fact, I daresay you have never taken an IQ test or you would know that such questions do not appear.
IQ test questions and problems test *cognitive abilities* and reasoning, among other things, *not* knowledge.
The only "biased" IQ test is a written one administered to an illiterate person--who may have very high intelligence, but simply cannot read or write; he lacks knowledge, not intellect.
Even though TFA is not specific, I suspect the guy used an industrial bore scope http://www.titantoolsupply.com/borescopes.html commonly used for inspecting the inner works of machinery, then paired it with a webcam. The camera itself never enters the body, just the small (.250-.500 inches) flexible bore scope.
I did something similar back in the late 80s to make an inexpensive optical targeting system for digitizing PCB hole patterns (reverse engineer kind of thing).
Aww, come ON! Why is the parent modded "Flamebait" instead of "Funny"?
Jeez!
Well into the twentieth century, Africa's animals and indigenous peoples lived in balance with the habitat. Natural controls kept the human and animal populations balanced. Each human male married/mated with several wives (Holy double bigamy, Batman!) and fathered many children by each woman. Most died in infancy or at toddler age. The idea was to have perhaps dozens of children so that one or two might survive to adulthood.
Then came the Western do-gooders with "humanitatian aid"--modern medicine, improved agricultural practices, abundant food. Eden had arrived.
The indigenous males continued to impregnate multiple females, but now most of the infants survived to adulthood, thanks to "umanitarian aid. The human population exploded--and humans have to live somewhere, and you have to produce enough food to feed them all.
Can you say "habitat loss"?
The answer--the only workable answer to saving Africa's wildlife and restoring the balance is rediculously simple: Stop ALL "humanitarian aid" to African countries. The balance will be restored, and Africa becomes the Eden it once was.
I just did. We'll see how it goes.
Symantec has info on two variants: W32.Zotob.A http://securityresponse.symantec.com/avcenter/venc /data/w32.zotob.a.html and W32.Zotob.B http://securityresponse.symantec.com/avcenter/venc /data/w32.zotob.b.html
Both describe, "Attempts to spread to systems which can be exploited by a vulnerability in Microsoft Windows Plug and Play Service (as described in Microsoft Security Bulletin MS05-039). If successful, the worm copies the file 2pac.txt to the remote machine."
Ditto this. It is what my wife uses--a wooden and rather attractive/decorative model that optionally folds/stores away when entertaining guests. Heck, sometimes she even eats off it.
I wrote "rational" comprehension. Endangering other people or yourself in the name of "compassion" for an animal is not rational.
Why anybody would swerve and risk their own life and the lives of others to avoid hitting a rabbit, squirrel, cat, et al is beyond rational comprehension.
I have always found Yahoo searches too "commerce heavy," leaning way to much to "Yahoo stores" and "Yahoo sites." The meaningful info is lost in the jumble. Google results are cleaner and easier to parse. So, more Yahoo results equals more furustrating/confusing results.
I'll stick with Google, thank you.
It is not that homosexuality is "unnatural." It is that homosexuality is not *normal*. Humans (and animals in some cases) fear abnormal behavior in any-thing/one, animal or human. In the days of yore, people feared the mentally ill (still do, to a large degree). People fear dogs that stagger about and foam at the mouth. People fear kids who pierce their bodies in weird places and dye their hair green. People once feared kids who wore leather jackets and rode motorcycles. And so on.
Mental illness and rabies are wholly natural, but not normal. Green hair and body piercing are neither natural nor normal in most societies. However, over time, harmless abberant behavior is eventually accepted and therefore becomes normal.
But, what the heck do I know.