It's designed to filter noise off the power line and protect against power spikes on any line. Do you really expect it to filter noise on the ground line (the subject of the article)?
No, he was thinking Adams. He got his scale badly wrong; that's all. The hyper-dimensional mice were manipulating the giant computer of the Earth... not the Universe.
And that Asimov short was a real brain twister when I first read it.
I don't do science programming, but I'll mention here that I've recently come across SciPy - a science module for python. Many parts of it are simply wrappers around Fortran code. It's becoming popular in some circles.
(If someone is serious about science programming, they must look at Fortran. I'm only suggesting that they might want to look at SciPy too.)
I spent a month and a half living in an apartment beneath a woman with 2 small girls. She was extremely verbally abusive. She yelled at them constantly. I don't just mean frequently, I mean she simple didn't stop an unending stream of insults. I felt like worthless trash just listening to her through the ceiling. Those poor girls really needed some kind of protection.
I will always regret not calling Child Protective Services. There needed to be a social worker involved (minimum).
Your situation sounds worse. You know violence is involved, you just don't know if it has been directed at the kids. (odds are very high)
Yes, call the cops. Yes, call the local equivalent to CPS. If you need an ally, figure out which school they go to and who their teachers are. You may contact the schools councilor/psychologist. They'll know what to do. Besides, if a teacher is looking for signs of abuse, and sees it, they are required (in the US, at least) to report it.
Close. Bible bashing is a heated argument between two people of differing faiths where they each try to win by claiming specific passages in the Bible that back them up. It usually gets ugly. The Bible is reinterpreted and misinterpreted so thoroughly that it cannot be used to quell such a discussion. To use a net term - Bible bashing is a religious flame war where the ammo of choice is scripture.
It's a bad practice (I believe: an evil one). It should be avoided.
Your definition of Bible thumping is common and appropriate. I think the etymology of the term is different from those who engage in the practice, though. Many pastors literally slam their Bible into the podium as they preach (Making a loud "thump"). On the other hand, I don't think the major proselytizing religions usually do that. I'm not sure why that term stuck to the wrong group of people. (probably historical significance somewhere)
That is a complicated trick for a variety of reasons not the least of which is the face that the file system doesn't care if a file is data or executable code no matter where it is located in the file system.
Please elaborate. You sound more intelligent than this, so I assume I misunderstand you.
Most filesystems do keep tabs on which files are executable, and which ones are not. Of course, Windows defaults to executable, and the rest of the world defaults to not-executable. On the other end, processors now recognize the no-execute bit on memory. This makes it possible (easier?) to avoid accidentally running data in an executing program (ex: some buffer overflows). Of course, for these things to work properly, the OS bears a lot of responsibility.
What is needed, whether running Windows, Linux or MacOSX on the desktop, is a means to EFFECTIVELY prevent the installation of unauthorized software and data.
On Linux, the Distros needs to keep their repositories clean (they usually do) and users should generally avoid installing software that isn't in the repository. It's generally a very safe practice, and usually practical.
Even that could be compromised by a hacker who owned the treasurer's computer
Basically, he did own the Treasurer's computer, and that was the whole problem. In this case, the "air gap" should have been required to reset the judge's credentials.
This is akin to a bank which cashes a check requiring 2 signatures, even if the signatures are exactly the same (or a whole bunch of checks, actually). It looks more secure on the face of it, but it is equally secure to requiring one signature only.
I do like the idea of banks issuing tokens of some kind (or a list of one-use authorization passwords, etc).
They're foreign nationals. They don't care if anybody notices. Once they have the money, they're practically untraceable, untouchable. It sounds like they've done this before, and will do this again.
I have a much more likely scenario. They simply spread their malware everywhere, and waited to see what sensitive systems they'd netted! They needed to dupe people into sending money overseas to them. I doubt they have any non-electronic influence in the states. The story indicates that the fake company name has been repeatedly tarnished... meaning it's very likely that they've done this before and will do this again. It probably got on by worm or trojan. Once there, it sat dormant while the hackers figured out which computers were of value to attack.
Direct connection or not, that login shouldn't have been able to reset the other one. There are several reasons why two people needed to approve transfers from that account. Being able to unilaterally reset the Judges credentials is a big fat security hole in its own right.
Sometimes an attack must rely on more than one vulnerability. This is one of those. Thus, I didn't say that the bank is 100% responsible, only that they hold some responsibility.
They set up a system that required multiple credentials to transfer money, but one of those credentials could be used to reset the other? Give me a break!
This was a system deliberately setup to look more secure than it actually was. The Controller was relying on that extra protection the bank was offering. It seems the county was scammed twice!
note: I tried to separate the paragraphs...apparently the paragraph markup isn't working.
As you may notice by now, it does work. It just doesn't work very well in the preview. The paragraphs are separated onto their own lines, but space isn't added between them until you submit. quite a pain.
Part of the problem is the fact that SQL is being used for all types of data, even data for which RDBMS systems are not designed to handle. All we have is a hammer, and I for one, am tired of bashing in screws with it!
That is one view. It's nice and all, but incomplete. The issue is performance.
Any time you're dealing with a large quantity of data, it's always easiest to process or filter where it's located. Transmitting it, processing it, and transmitting back changes adds an unreasonable amount of overhead. Hence, SQL is a "Query" language. In other words, you have the RDBMS do reasonable data processing and filtering of records for you. Your application should only need to specify the operations performed, and should only process data if your computation is particularly unusual. This makes feasible computations that would otherwise be entirely unreasonable. (note that an application working on the same machine generally has the same issue as one working on a separate system. SQL servers present the application with a stream of data - pipe, socket, etc)
My opinion: SQL is horrendous. It's a pain to use, and many basic data transforms cannot be described in that language (at least without some huge, awful, convoluted command == maintenance nightmare).
While it would be trivial to utilize the LAN connection, I doubt they're going to. What would happen, though, is that the packets would travel to the router, be processed as if they're going to leave (NAT), the router would observe that the destination is itself, and would use port forwarding (or NAT again, depending) to send it back onto the LAN. The router becomes the bottle neck, but the packets don't need to leave the building.
Of course, I'm talking about most routers here. I've seen some that were too dumb to do this. In that case, BattleNet simply wouldn't work unless the game does LAN detection.
Right, and the performance characteristics of a decade old game played on the Internet as it was a decade ago is very relevant to this discussion.
(Sarcasm aside, and comparing to SC as opposed to Diablo II)
Think about it for a moment. What really needs to be transmitted? Only a player's decisions. The amount of data comprising the player's choices are very likely to remain on the same order of magnitude. Graphics and AI have both improved greatly since that time. Complexity of game mechanics has increased somewhat. Those don't need to be transmitted. If the client machines share the same randomizer seed, the code on each machine will reach the same conclusions once each of them receives feedback from the other player's. (Yes, they will probably need some kind of error synchronization method, and the bandwidth for that will scale with game mechanics complexity. It need not be the bulk of transmitted data, though.)
Your summary here needs help. I don't know anything about Haofang, but I know that your post is riddled with holes.
You seem to lack an understanding of TCP/IP. "Transmission Control Protocol" over "Internet Protocol" is used by, well, they whole Internet. How do you think you access Slashdot? You're not on the same LAN they are! (hint: HTTP travels across TCP/IP)
A limit of 255 would not be a TCP limit. 254 might be, but only if a VPN and a/24 subnet were involved. Of course, that too would be a silly, arbitrary limitation. You can have thousands of connections using the ubiquitous 192.16/16 subnet. You can have private networks with millions of machines using the 10/8 subnet. No, 255 isn't a TCP/IP limit. It is probably some other type of technical limit in their setup.
If they were serious, they wouldn't even need a checkbox. The host would upload it's private IP and a fingerprint, and clients would try to connect to that IP, and see if it offered the same finger print. If not, it would connect by the IP that BattleNet sees (aka public facing IP). Simple. I doubt they'll do anything like this, but they really should.
Most routers that I've really played with are smart enough to examine packets that are outbound, see that the destination address is it's own public IP, and route the packet back to the LAN (using port forwarding or NAT, depending on who sent the packet). The router is still the bottleneck, but at least the packets aren't leaving the building. That said, there are some routers that I've seen that aren't this smart. Everyone in the world can connect to a forwarded port... except those behind the router. Frustrating, broken behavior, but it exists.
No amount of fancy battle.net matchmaking features is going to get over the technical limitation of requiring every machine on a LAN to constantly communicate back and forth across the same shared pipe to blizzard's servers.
Actually, it does. The reason they require people to open a port on their router is to avoid piping all that data to Blizzard's servers. Each machine actually connects to the "host", bypassing Blizzard. Other posters have also pointed this out.
It's still a dumb move on their part for a variety of reasons that I won't get into here (some technical, some social). Being upset over this is just fine, but not for the reason everyone keeps mentioning.
I don't know this for myself, but several others have commented that BattleNet now requires you to open a port to host games. In essence, that means game traffic does not travel to their servers at all, but between clients and the "host". Only the lobby traffic need travel to their servers. In other words, they really don't have a great incentive to streamline their game protocol.
Slashdot Mirror
It's designed to filter noise off the power line and protect against power spikes on any line. Do you really expect it to filter noise on the ground line (the subject of the article)?
No, he was thinking Adams. He got his scale badly wrong; that's all. The hyper-dimensional mice were manipulating the giant computer of the Earth... not the Universe.
And that Asimov short was a real brain twister when I first read it.
Finance? Really? I thought that was Cobol.
I don't do science programming, but I'll mention here that I've recently come across SciPy - a science module for python. Many parts of it are simply wrappers around Fortran code. It's becoming popular in some circles.
(If someone is serious about science programming, they must look at Fortran. I'm only suggesting that they might want to look at SciPy too.)
I spent a month and a half living in an apartment beneath a woman with 2 small girls. She was extremely verbally abusive. She yelled at them constantly. I don't just mean frequently, I mean she simple didn't stop an unending stream of insults. I felt like worthless trash just listening to her through the ceiling. Those poor girls really needed some kind of protection.
I will always regret not calling Child Protective Services. There needed to be a social worker involved (minimum).
Your situation sounds worse. You know violence is involved, you just don't know if it has been directed at the kids. (odds are very high)
Yes, call the cops. Yes, call the local equivalent to CPS. If you need an ally, figure out which school they go to and who their teachers are. You may contact the schools councilor/psychologist. They'll know what to do. Besides, if a teacher is looking for signs of abuse, and sees it, they are required (in the US, at least) to report it.
Close. Bible bashing is a heated argument between two people of differing faiths where they each try to win by claiming specific passages in the Bible that back them up. It usually gets ugly. The Bible is reinterpreted and misinterpreted so thoroughly that it cannot be used to quell such a discussion. To use a net term - Bible bashing is a religious flame war where the ammo of choice is scripture.
It's a bad practice (I believe: an evil one). It should be avoided.
Your definition of Bible thumping is common and appropriate. I think the etymology of the term is different from those who engage in the practice, though. Many pastors literally slam their Bible into the podium as they preach (Making a loud "thump"). On the other hand, I don't think the major proselytizing religions usually do that. I'm not sure why that term stuck to the wrong group of people. (probably historical significance somewhere)
Good point. Unfortunately that's still the wild exception.
This isn't the first or last place they've hit. Half a million is only a portion of their "net proceeds".
"Nobody ever got fired for buying IBM." --> "Nobody ever got fired for buying Microsoft."
In other words, is the user intelligence variable dependant upon the OS variable? if you change the OS, does the user IQ change with it?
Dispite the GPP being an AC, I think you missed his point (which was valid).
That is a complicated trick for a variety of reasons not the least of which is the face that the file system doesn't care if a file is data or executable code no matter where it is located in the file system.
Please elaborate. You sound more intelligent than this, so I assume I misunderstand you.
Most filesystems do keep tabs on which files are executable, and which ones are not. Of course, Windows defaults to executable, and the rest of the world defaults to not-executable. On the other end, processors now recognize the no-execute bit on memory. This makes it possible (easier?) to avoid accidentally running data in an executing program (ex: some buffer overflows). Of course, for these things to work properly, the OS bears a lot of responsibility.
What is needed, whether running Windows, Linux or MacOSX on the desktop, is a means to EFFECTIVELY prevent the installation of unauthorized software and data.
On Linux, the Distros needs to keep their repositories clean (they usually do) and users should generally avoid installing software that isn't in the repository. It's generally a very safe practice, and usually practical.
Even that could be compromised by a hacker who owned the treasurer's computer
Basically, he did own the Treasurer's computer, and that was the whole problem. In this case, the "air gap" should have been required to reset the judge's credentials.
This is akin to a bank which cashes a check requiring 2 signatures, even if the signatures are exactly the same (or a whole bunch of checks, actually). It looks more secure on the face of it, but it is equally secure to requiring one signature only.
I do like the idea of banks issuing tokens of some kind (or a list of one-use authorization passwords, etc).
They're foreign nationals. They don't care if anybody notices. Once they have the money, they're practically untraceable, untouchable. It sounds like they've done this before, and will do this again.
I have a much more likely scenario. They simply spread their malware everywhere, and waited to see what sensitive systems they'd netted! They needed to dupe people into sending money overseas to them. I doubt they have any non-electronic influence in the states. The story indicates that the fake company name has been repeatedly tarnished... meaning it's very likely that they've done this before and will do this again. It probably got on by worm or trojan. Once there, it sat dormant while the hackers figured out which computers were of value to attack.
No, I am being fair.
Direct connection or not, that login shouldn't have been able to reset the other one. There are several reasons why two people needed to approve transfers from that account. Being able to unilaterally reset the Judges credentials is a big fat security hole in its own right.
Sometimes an attack must rely on more than one vulnerability. This is one of those. Thus, I didn't say that the bank is 100% responsible, only that they hold some responsibility.
They set up a system that required multiple credentials to transfer money, but one of those credentials could be used to reset the other? Give me a break! This was a system deliberately setup to look more secure than it actually was. The Controller was relying on that extra protection the bank was offering. It seems the county was scammed twice!
Check wikipedia - it has it right.
It might. But then again, you might have just edited it. I like wikipedia, but one should always take it's knowledge with a grain of salt.
note: I tried to separate the paragraphs...apparently the paragraph markup isn't working.
As you may notice by now, it does work. It just doesn't work very well in the preview. The paragraphs are separated onto their own lines, but space isn't added between them until you submit. quite a pain.
"When the only tool you have is a hammer..."
Part of the problem is the fact that SQL is being used for all types of data, even data for which RDBMS systems are not designed to handle. All we have is a hammer, and I for one, am tired of bashing in screws with it!
That is one view. It's nice and all, but incomplete. The issue is performance.
Any time you're dealing with a large quantity of data, it's always easiest to process or filter where it's located. Transmitting it, processing it, and transmitting back changes adds an unreasonable amount of overhead. Hence, SQL is a "Query" language. In other words, you have the RDBMS do reasonable data processing and filtering of records for you. Your application should only need to specify the operations performed, and should only process data if your computation is particularly unusual. This makes feasible computations that would otherwise be entirely unreasonable. (note that an application working on the same machine generally has the same issue as one working on a separate system. SQL servers present the application with a stream of data - pipe, socket, etc)
My opinion: SQL is horrendous. It's a pain to use, and many basic data transforms cannot be described in that language (at least without some huge, awful, convoluted command == maintenance nightmare).
Of course, I'm talking about most routers here. I've seen some that were too dumb to do this. In that case, BattleNet simply wouldn't work unless the game does LAN detection.
Right, and the performance characteristics of a decade old game played on the Internet as it was a decade ago is very relevant to this discussion.
(Sarcasm aside, and comparing to SC as opposed to Diablo II)
Think about it for a moment. What really needs to be transmitted? Only a player's decisions. The amount of data comprising the player's choices are very likely to remain on the same order of magnitude. Graphics and AI have both improved greatly since that time. Complexity of game mechanics has increased somewhat. Those don't need to be transmitted. If the client machines share the same randomizer seed, the code on each machine will reach the same conclusions once each of them receives feedback from the other player's. (Yes, they will probably need some kind of error synchronization method, and the bandwidth for that will scale with game mechanics complexity. It need not be the bulk of transmitted data, though.)
Your summary here needs help. I don't know anything about Haofang, but I know that your post is riddled with holes.
You seem to lack an understanding of TCP/IP. "Transmission Control Protocol" over "Internet Protocol" is used by, well, they whole Internet. How do you think you access Slashdot? You're not on the same LAN they are! (hint: HTTP travels across TCP/IP)
A limit of 255 would not be a TCP limit. 254 might be, but only if a VPN and a /24 subnet were involved. Of course, that too would be a silly, arbitrary limitation. You can have thousands of connections using the ubiquitous 192.16/16 subnet. You can have private networks with millions of machines using the 10/8 subnet. No, 255 isn't a TCP/IP limit. It is probably some other type of technical limit in their setup.
If they were serious, they wouldn't even need a checkbox. The host would upload it's private IP and a fingerprint, and clients would try to connect to that IP, and see if it offered the same finger print. If not, it would connect by the IP that BattleNet sees (aka public facing IP). Simple. I doubt they'll do anything like this, but they really should.
Most routers that I've really played with are smart enough to examine packets that are outbound, see that the destination address is it's own public IP, and route the packet back to the LAN (using port forwarding or NAT, depending on who sent the packet). The router is still the bottleneck, but at least the packets aren't leaving the building. That said, there are some routers that I've seen that aren't this smart. Everyone in the world can connect to a forwarded port... except those behind the router. Frustrating, broken behavior, but it exists.
(disclaimer, haven't' used BattleNet in years)
No amount of fancy battle.net matchmaking features is going to get over the technical limitation of requiring every machine on a LAN to constantly communicate back and forth across the same shared pipe to blizzard's servers.
Actually, it does. The reason they require people to open a port on their router is to avoid piping all that data to Blizzard's servers. Each machine actually connects to the "host", bypassing Blizzard. Other posters have also pointed this out.
It's still a dumb move on their part for a variety of reasons that I won't get into here (some technical, some social). Being upset over this is just fine, but not for the reason everyone keeps mentioning.
I don't know this for myself, but several others have commented that BattleNet now requires you to open a port to host games. In essence, that means game traffic does not travel to their servers at all, but between clients and the "host". Only the lobby traffic need travel to their servers. In other words, they really don't have a great incentive to streamline their game protocol.