We seem to be on a 4-6 week schedule for some systems. And we have a bunch of disparate systems which variously change in groups and individually, usually without any warning. You end up with a laundry list of passwords, mostly separated by the 'entropy number' which is somewhere in your password (or three passwords, each modified by an increasing integer). Usually when I try to log into a server, I end up going through a series of passwords to figure out where in my progression of passwords on that machine I might be.
I can't come up with a secure password that I change that often and still actually remember it.
Draconian password policies, IMO, make the network less usable, and possibly less secure.
You wouldn't believe how accurate that last paragraph is. Stupid policies DO make the network less useable (sometimes) and less secure (always). You provided the proof yourself, and you shouldn't doubt about it next time.
Making a too unrealistic password policy (in this case, there are other parts where policy might be stupidly harsh) will only make users subvert the security mechanism, like writing passwords and sticking them to monitors, or using easy formulas to make the passwords (1337-speak, anyone?).
The problem here is the difference between the real value of the thing being protected and the declared value of it. If you have something that is moderately valuable (stock data), but protect it like it was the most important thing in the universe (a doomsday machine), people will simply avoid the mechanisms, because they know it's something bothering just because. A modest security mechanism would have been respected and the valuable item would be safer.
Another possibility is that people with access does not correctly judge its value, thinking that something is not really as valuable as it is. In that case, the security mechanism will get subverted as if it were the situation explained in the paragraph above.
An example of the first case would be a security team forbidding a team of PROGRAMMERS to run "at" (a command to schedule tasks to run at a certain time), because "it might allow someone to run things at a not usual time of day" (it was a real case, the phrase was quoted almost as it has been said). The programmers' solution was simple, to program a delayed launch mechanism. Had they been allowed to use "at", the result would have been the same, plus the actions would have been logged.
The second example can be seen with a VPN that allows access to the office network (another real case). People tend not to see the potential harm that can be done with that, so they would be tempted to use stupid passwords for it. Therefore, we (the network administrators) explain to them that it is very important to keep the security, and we get to choose the VPN password and the change interval (and the users have no say in that choice). Even then we are aware that security with that passwords, so we encourage to report any compromise without ill consequences (barring some really stupid negligence). They are held responsible if the passwords are misused, though.
Security is usually a balance, and its correct level can be estimated (even if it's a rough estimate). Once the correct point is known, it is crucial to let the users know WHY it is there, and make sure nobody slacks.
About draconian password policies, you're right. 6 week is ludicrous. I have a 6 month password cycle. Normal users are able to choose anything they like (although we keep a minimum size of 5 characters), and could easily set it to something and the revert it to the old one (we tell them that). We make sure that the changes get logged, so we know who does the change-and-change-back routine. So, we know who the slackers are, and we get to choose the important passwords. I know that the important things in my area are guarded closely, because I know I can trust my team. If there are slackers
They went in, presented fake credentials, worked in the room a couple of hours, took two machines and nobody suspected a thing until someone noticed the servers were down.
As another Linux user I understand your feelings, but please consider what would linux be without basic utilities like ps and kill. Whenever I have to administer the (fortunately few) windows systems we have, that's just how I feel.
It's because process explorer (and the other tools) provides that basic functions that admins everywhere are rushing to get them (lest they get crippled by MS).
Instead of telling us the obvious, you might want to help instead, you do not know if sometime someone will dump a windows system for you to fix, and trust me, without the sysinternals tools you'll be in a world of pain, especially coming from unix (and nobody start speaking of task manager and taskkill, these tools are pieces of shit).
Isn't this like the throat mikes used by panzer crews in the second world war? I don't see why 50 year old tech should cost more than a few dollars. (Yes, sure they might be better than a WW2 tank mike, but USD 200 is preposterous).
The laptop was recovered, and data has not been accessd (they think). That's not the point.
First, they cannot know whether the data has been read or not, since they could have simply copied the disk, sector by sector (as anyone with data forensics experience knows, FBI included).
Second, the fact that the data this time was not accessed is not the important thing. The important thing is that the security policy regarding this type of data is not tight enough. Maybe the next time a laptop is stolen someone will bother to access the data, or someone wanting to access those records now will bother to steal an employee's laptop, knowing that there's a good chance of it having confidential records.
This recovery of the computer does not make the data any less compromised, and it might be a very good excuse to close the case and fix nothing.
I store the CDs in the spindle they came in. It is a very compact storage. They are messy to search in, though. I do keep an ID on every disc, and I could build an index indicating spindle id + position, I haven't done that yet (though I could, automatically at any time). I keep them hashed and I keep a second copy of the whole archive side by side, so in case of bit rot, I can rebuild the originals unless I'm very unlucky.
I think you're asking the impossible here. You want something compact, strong and easily searcheable. I'd say you cannot have all of them without some investment from you part. Why not keep the cds in folders with pages prepared to store a CD (I think you were calling that a "wallet", not sure if it's the same, but you should get the idea). Then you should make an index detailing folder number + page.
Having an ID on every CD helps a lot, though. You could just insert each CD in the drive once and have a program make a catalog for you, but even if you do it manually, you should be able to solve the searching problem, and then you can concentrate on durability and compactness.
Something else: take the most used CDs from your archive, make a copy and dump them in your computer desk top (the real one, not the virtual one). When you start using them, you'll make a least recently/frequently used cache without knowing. Since you're using copies you should have no problem with scratches, you'll get fast access, without compromising the main archive durability.
In any case, keep some empty jewel cases, you might need them to transport some CDs (even if they are only copies)
For me, Acrobat passed its apogee a few years ago. Acrobat Reader is such a huge piece of bloatware that I wouldn't touch it with a stick.
PDF, on the other hand, is not dead in the water. In fact it is a very useful "inter-entity" format (great if you want a document read almost anywhere). You just have to find the right reader/writer software. There are lightweight readers for a few platforms, as well as writers.
Please don't mix the standard with the software, it's not the same thing.
There's something fishy about these messages. Have you noticed that every group is sent twice? That would make a lot of sense if you were transmitting over the radio, because a group might arrive garbled. Posting each group twice on slashdot, however, makes no sense. The message will arrive correctly every time.
make a list and split your class into three groups. The ones who WILL pass the test, the ones who WON'T pass the test, and the ones who MIGHT pass the test.
That's very interesting, because I can see the same pattern in the class where I teach (TA in a university networking class).
There ARE students who will pass (they grok things), those who won't, and those who may (and do if they work real hard). We can often see the pattern just before the first exam. It is usually confirmed because the "might" group usually passes the make-up test, while the "won't" group do not.
The students usually don't know (or know very little) about what is taught in class, they simply learn faster or slower. Neglecting them would be a big mistake (and I think THAT's the problem with the aproach in the parent post). There might be some insightful thinking in that idea that just degenerated into the "ignore 2/3 of the students".
We do not slow the speed of the class or lower the standard, though. We fail whomever can't perform. Then again, I'm talking about university level, not high school.
I'd like to do a social experiment and write a virus that pops up a window asking the question: "Install Virus?". The options are "No Thanks" and "yeah sure, pwn me". Now, I'm usually an optimist, but I think the results of this study would be depressing.
Not as depressing as you think though. Since there is no "easy to spot yes" button, people will have to take time to understand "yeah sure, pwn me".
If you just were to replace that button with a straight "Yes", though, I'd say it would go straight from eye to finger without involving the brain in no time.
Why not just _let_ the users do what they want? It's their computer. They paid their money for it, and along with that made their choice of OS. If they did so ignorantly, that's still their responsiblity. I say let people click on IM's etc. and get viruses. The only malware I am worried about is the type that "cracks" into a system without the user having to run it.
I they were only damaging themselves, I would be 100% with you. Their actions, however, affect a lot of other people. Machines have to be cleaned/reinstalled by a computer geek (which IMHO should charge them top dollar for the service). The malware also tends to spread causing a big mess on the Internet (think a fast scan while searching for new hosts). The malware is also designed to do evil (and very annoying) things not related to its spreading mechanism (like spam relays). Because of idiots installing crapware, we are (among lots other things) buried in spam.
What's worse, lusers (yes, this term is VERY appropiate) refuse to take responsibility. They'll yell at the resident geek because "tha intarweb is not working right", but never acknowledge it's their own responsibility. That kind of user is the type that doesn't read a very obvious popup (or the owner's manual of anything) agreeing to have they machines pwned and then bitch around when nothing works.
Computers really need a bunch of "Hit me hard in the face" buttons (software AND hardware), location only noted in the operator's manual.
Evolution is not the same as lottery. Even though mutations are random, its results are not. That's what the scientists in TFA are investigating.
Let's review the experiment, I'll show you why it's not that random.
You take a few million bacteria. You zap the bug's ability to withstand heat and the you heat them up. Evolution says they will gain the ability to withstand heat again. However, there are certain mechanisms that allow the critters to survive.
Let's assume from now on that mutations give a beneficial or at last neutral trait (harmful traits kill the bugs). Of whatever traits that can be evolved, some are neutral, thus the bugs will gain nothing and will get cooked. I wouldn't bt on these mutations. Sam thing if they gain a beneficial trait, but not for this environment (cruel joke to evolve resistance to cold in a cooking pot).
Some will evolve heat resistance. Let's assume there are three mutations that solve the heat problem.
Solution A allows the bacteria to survive, but takes a lot of energy (or food or whatever). Solution B is cheap, easy to evolve, but can't be used in a very hot environment. Solution C is more complex, but lets the bugs survive in all temperature ranges.
If I were to heat them to a hot (but not too hot for solution B) temperature, the scientists in TFA say you will get solution B evolved. Even if they are all equally possible, any critter who gets A or C is at disadvantage compared to B (instead of using energy to build A or C, they use less energy to do B, and the rest to breed). Even if A is evolved first, whenever a mutant evolves B, it will take over (it will breed faster).
If you turn up the heat, solution C will be the best, A will still be at a disadvantage and B does not work.
So, even if all mutations are random, I would bet on either B or C depending on the temperature. If the pot is not very hot, I'll choose B and almost certainly guess right. If the temperature is above the solution B threshold, if I choose C, it is very likely I will be right too.
That's what the scientists have been doing, they cook the bugs and notice they evolve the same solutions every time.
Of course, there might be a solution D undiscovered. However, once discovered (by the scientists) it can be added to the list and evaluated with the others. That's why they should try the experiments lots of times.
More interestingly, Mills said that he fears a potential DOS against the entire internet would be to use an NTP hack to advance the clocks on all the caches, thus expiring their contents and causing the root servers to be flooded. This would effectively bring down DNS until the caches could be fixed.
Wouldn't that hack need to advance the clock in very small increments? I thought NTP servers (and clients) had a check that prevented them from resetting the clock a large amount of time (more than 10 minutes difference = server fault, IIRC).
You were on the right track, but you didn't dig deep enough. You were interrogating ARIN's whois database. It contains data about various types of entities (one being IP addresses). What you got was the data on that address. Some fields in the page you used were clickable. The logic is that the IP address belongs to a block and that block has an owner (and many other relationships). Should you have clicked on a block name, like NET-72-51-0-0-1, you would have gotten more information:
OrgName: Peer 1 Network Inc. OrgID: PER1 Address: 2nd Floor, 75 Broad Street City: New York StateProv: NY PostalCode: 10004 Country: US
Now, in this case it looks like an ISP (a/18 is really big). But at least you know something else. If you were to visit the webpage for its domain, you would notice it's some sort of big hosting service.
You should also take in consideration that it is possible to make a domain lookup (if you ask the right whois server), so you could also find out what "oingo.com" is.
Also, GP also recommended finding its mail servers (it's a DNS lookup for MX records, if you don't know how, you need to RTFM).
The idea behind biometrics is that some autentication device detects some characteristic of your body that's not easy to forge. The response of a RFID chip however, would be relatively easy to fake, and the intruder would not have to be himself chipped.
Chipping is no more than a fancy way of carrying an access card, a poor substitute for biometrics (really NOT a substitute). And even if it were a perfect substitute, biometrics is not a good method under some circumstances (like remote logging: was that someone speaking his passphrase on a microphone, or just a recording?).
Decision makers should leave the mothod of authentication to the experts (sane ones, excessive paranoia is detrimental too).
I hate XML. It's not easy for humans to read as a wire protocol. It's not easier for computers to read than binaries. So I don't see the point, since that's what it's used for almost exclusively.
I think XML has its uses. It is somewhat difficult to read for both humans and computers, but not that much. It's a good compromise since it should be easy to read with the right library, while still human readable for emergencies. I think it's good for machine readable files, like word processor documents and such.
What I do hate is developers thinking that XML is straight human readable. I hate people who uses straight XML config files (that I, being the administrator, have to edit by hand). On that part I'm 100% with you.
Anyway, ODF is XML. It's a bunch of XML files in a zip, so your criticism would apply to both ODF and MSXML.
What point is there to repurchasing the drives? Once the information is out, it's out. Anyone that would be interested isn't interested in the drives, they are interested in the data -- data that's easily copied and transmitted in a couple of minutes. All you are doing is paying people to get back a USB key, the data on which they've already sold someone else.
I was thinking the same, but then it came to me. The target of the theft was probably NOT the information, but the drive itself (to make an extra buck on the side). If that's the situation, the information was probably NOT copied. Then it would make sense to purchase the drives back.
Obviously now the situation is different, since we should assume the traders now know the information in them is valuable too. The right move would probably be to recover the drives, tighten security and getting the right contacts so the next batch of stolen drives can be bought ASAP (and probably at premium prices).
BTW, force will probably not work. If they TAKE those drives, the next batch will probably go to Al-Qaeda (or anyone who will pay top dollars for the information).
Because it would mess up legitimate clients, and there might be something important connecting to them (after all, that particular NTP server has taken the role of the national NTP, acording to TFA).
It is important that the company has been notified that they aren't welcome on the server. Suppose that you enter the local mall and do something that they don't like. You can't be charged for trespass. The mall can serve you with a letter that says you aren't allowed on their property any more. If you enter the mall again, you can be charged with trespass.
That dlink boxes are not welcome is perfectly clear. In order to get a ntp server, there are lists that contain not only the name, but also the access conditions. Whet P.H. Kamp cited in his open letter was his entry in the list, that clearly states that it is only for danish servers. The first thing anyone wanting ntp service would have done is check this (well, anyone except dlink, I guess).
That is the tricky part there. How do you know how close to the curb you are? If you have a good sense of spatial reasoning, you may have a "feel" for it, but a lot of people don't have that skill. The view shown in your mirrors is misleading.
If you don't have a good sense of spatial reasoning, maybe you should not drive at all.
After all, correctly estimating distance (and relative speed, too) is the difference between braking before an intersection, and a major crash.
Besides, parallel parking is really as simple as the three steps grandparent posted.
The appearance of these live desktop apps are shifting the protocols for mail access from established standads. Now, in order to access some mail provider's server you need a proprietary application, when really it should not be necesary (IMAP would do just fine). Google still provides POP access (although it is not good enough), but I'd bet that MS will only be accessible via web or its application.
Looks like the part about services being "decommoditized" mentioned in the halloween documents is becoming true.
Emmm. Kid, overall aggressiveness is not the only reason "millions of people" think GB is a NAZI. We (count me in, using a relaxed definition of "nazi") are seeing VERY disturbing things happenning, very similar to the things happened that made Hitler the Fuhrer of the Third Reich.
You should have noticed the changes in the US in the last years, starting from the destruction of the WTC (~fire of the Reichstadt) followed by the perceived election fraud (Diebold), the illegal arrests (Guantanamo) and the reduction of personal freedoms.
If this happened here (Argentina), people would be REALLY alarmed (go and find out what happened during the military regimes in South America). Military regimes have started with less than what's happening in the US.
It's fair to say that Bush is no NAZI in the strict sense, but let's say he's acting "a little funny" for a democratic president. In fact, the US also reminds me of 1984 (perpetual war, anyone?).
Anyway, you should also take notice of the events going on the inside of the US to know WHY lots of people are calling him a NAZI.
By the way, I guess we should call him "that fucking fascist that is making a mess and is going to wreck the whole world (starting with the rights of his own people)", but NAZI is a good approximation, and shorter.
Unlike, oh say Linux which is in a constant state of flux and change?
Considering what I use for production environments, I'd say my linux systems are pretty static. Windows, on the other hand, keeps getting patched and receiving minor changes (that sometimes screw thing up).
Linux OS can be pretty stable, unstable or anything in between. It's a matter of picking the right tool.
Honestly can someone educate me on the matter? What does the EU comission really want? Cheap Windows? Crippled Windows?
Mainly they want full specifications of the protocols and interfaces used in windows by MS, including any "secret" APIs, to be made available on reasonable terms to others. There is also a EUR 500 000 000 fine.
Crippled windows would be of no benefit. They're not interested in cheap windows directly, but the idea seems that if someone can make "cheap windows" components, they should be able to do so without MS stepping on them (that's what the APIs are for).
Can't they just fine them for their monopolistic practices and get over it?
Sure, they did. The problem is that the one time fine is only part of their punishment. MS could comply simply by paying EUR 2 million a day forever, but it would be crippling to MS and also not useful in solving the openness problem. Since opening the protocols as the EU is saying is very bad (cheap windows parts) MS does not want to comply. Hence the negotiation going right now.
If one is to suggest they move to *X, then EU would complain, well that is too hard, we'd just rather stick with MS. And you don't need to talk to me about proprietary formats. I work for a state institution, and let me tell you, proprietary formats are the least of our worries and inefficiencies.
Maybe you're not getting bitten right now, but proprietary protocols bite whenever you're weak. What are you going to do in a few years if you try to get away from MS apps? I'm getting bitten right now by active directory myself.
I am also from Europe, so I don't have "Yankee's are the best" attitude either.
You know, I like my OS with a browser, media player and text editor (OS X). If EU has a problem with that, fine them or take your business elsewhere...
I think you really want an OS, a browser, a media player and a text editor. Them coming with the OS is just a convenience, unless it's not the ones you want (like IE) and you cannot remove them. I also like these apps in my machine, but I like a way for me to choose what I want (SUSE and Debian in my case). Anyway, you're using OS X, you're not being precisely locked in. What would you say if you were stuck with outlook and IE?
There are two different things mentioned in the article that I think make the article less than what it should have been.
The first one is data being compromised. There's a clear example when the author found a USB drive in an airport. (He could read it without problems). The second one is data loss, also mentioned. The author mixes both concepts when he compares the loss of a USB drive (assuming it's not backed up) with the loss of records by a big company (that would probably be compromise).
Even though they look like the same problem (if I put all my important data in a standard USB drive, if I lose it the data gets lost and compromised at the same time), they're not. These risks are mitigated with different methods. When you start taking steps against either data loss or compromise, it is shown that the author's definition of "data loss" is not that clear.
Imagine I had all my important data on a USB drive, encrypted (but without backups). If I lost said drive, I would be left without some important data, but it would have not been compromised.
The opposite would have happened if I had backups, but no encryption.
If both encryption and backups were available, if would be (under most circumstances) a non-issue (except for the loss of a USD 20 drive).
All of that assuming the drive owner is honest, and not using it to smuggle data out of a secured area.
The author seems to treat data as a physical object, which is not.
Slashdot Mirror
You wouldn't believe how accurate that last paragraph is.
Stupid policies DO make the network less useable (sometimes) and less secure (always). You provided the proof yourself, and you shouldn't doubt about it next time.
Making a too unrealistic password policy (in this case, there are other parts where policy might be stupidly harsh) will only make users subvert the security mechanism, like writing passwords and sticking them to monitors, or using easy formulas to make the passwords (1337-speak, anyone?).
The problem here is the difference between the real value of the thing being protected and the declared value of it. If you have something that is moderately valuable (stock data), but protect it like it was the most important thing in the universe (a doomsday machine), people will simply avoid the mechanisms, because they know it's something bothering just because. A modest security mechanism would have been respected and the valuable item would be safer.
Another possibility is that people with access does not correctly judge its value, thinking that something is not really as valuable as it is. In that case, the security mechanism will get subverted as if it were the situation explained in the paragraph above.
An example of the first case would be a security team forbidding a team of PROGRAMMERS to run "at" (a command to schedule tasks to run at a certain time), because "it might allow someone to run things at a not usual time of day" (it was a real case, the phrase was quoted almost as it has been said). The programmers' solution was simple, to program a delayed launch mechanism. Had they been allowed to use "at", the result would have been the same, plus the actions would have been logged.
The second example can be seen with a VPN that allows access to the office network (another real case). People tend not to see the potential harm that can be done with that, so they would be tempted to use stupid passwords for it. Therefore, we (the network administrators) explain to them that it is very important to keep the security, and we get to choose the VPN password and the change interval (and the users have no say in that choice). Even then we are aware that security with that passwords, so we encourage to report any compromise without ill consequences (barring some really stupid negligence). They are held responsible if the passwords are misused, though.
Security is usually a balance, and its correct level can be estimated (even if it's a rough estimate). Once the correct point is known, it is crucial to let the users know WHY it is there, and make sure nobody slacks.
About draconian password policies, you're right. 6 week is ludicrous. I have a 6 month password cycle. Normal users are able to choose anything they like (although we keep a minimum size of 5 characters), and could easily set it to something and the revert it to the old one (we tell them that). We make sure that the changes get logged, so we know who does the change-and-change-back routine. So, we know who the slackers are, and we get to choose the important passwords. I know that the important things in my area are guarded closely, because I know I can trust my team. If there are slackers
What's a better example of stealing something in plain sight of everyone than stealing two mainframes with confidential data from a secured server room belonging to Australian customs.
They went in, presented fake credentials, worked in the room a couple of hours, took two machines and nobody suspected a thing until someone noticed the servers were down.
Anyone can top that?
As another Linux user I understand your feelings, but please consider what would linux be without basic utilities like ps and kill. Whenever I have to administer the (fortunately few) windows systems we have, that's just how I feel.
It's because process explorer (and the other tools) provides that basic functions that admins everywhere are rushing to get them (lest they get crippled by MS).
Instead of telling us the obvious, you might want to help instead, you do not know if sometime someone will dump a windows system for you to fix, and trust me, without the sysinternals tools you'll be in a world of pain, especially coming from unix (and nobody start speaking of task manager and taskkill, these tools are pieces of shit).
Isn't this like the throat mikes used by panzer crews in the second world war?
I don't see why 50 year old tech should cost more than a few dollars. (Yes, sure they might be better than a WW2 tank mike, but USD 200 is preposterous).
The laptop was recovered, and data has not been accessd (they think). That's not the point.
First, they cannot know whether the data has been read or not, since they could have simply copied the disk, sector by sector (as anyone with data forensics experience knows, FBI included).
Second, the fact that the data this time was not accessed is not the important thing. The important thing is that the security policy regarding this type of data is not tight enough. Maybe the next time a laptop is stolen someone will bother to access the data, or someone wanting to access those records now will bother to steal an employee's laptop, knowing that there's a good chance of it having confidential records.
This recovery of the computer does not make the data any less compromised, and it might be a very good excuse to close the case and fix nothing.
I store the CDs in the spindle they came in.
It is a very compact storage. They are messy to search in, though.
I do keep an ID on every disc, and I could build an index indicating spindle id + position, I haven't done that yet (though I could, automatically at any time). I keep them hashed and I keep a second copy of the whole archive side by side, so in case of bit rot, I can rebuild the originals unless I'm very unlucky.
I think you're asking the impossible here. You want something compact, strong and easily searcheable. I'd say you cannot have all of them without some investment from you part. Why not keep the cds in folders with pages prepared to store a CD (I think you were calling that a "wallet", not sure if it's the same, but you should get the idea). Then you should make an index detailing folder number + page.
Having an ID on every CD helps a lot, though. You could just insert each CD in the drive once and have a program make a catalog for you, but even if you do it manually, you should be able to solve the searching problem, and then you can concentrate on durability and compactness.
Something else: take the most used CDs from your archive, make a copy and dump them in your computer desk top (the real one, not the virtual one). When you start using them, you'll make a least recently/frequently used cache without knowing. Since you're using copies you should have no problem with scratches, you'll get fast access, without compromising the main archive durability.
In any case, keep some empty jewel cases, you might need them to transport some CDs (even if they are only copies)
For me, Acrobat passed its apogee a few years ago. Acrobat Reader is such a huge piece of bloatware that I wouldn't touch it with a stick.
PDF, on the other hand, is not dead in the water. In fact it is a very useful "inter-entity" format (great if you want a document read almost anywhere). You just have to find the right reader/writer software. There are lightweight readers for a few platforms, as well as writers.
Please don't mix the standard with the software, it's not the same thing.
There's something fishy about these messages.
Have you noticed that every group is sent twice? That would make a lot of sense if you were transmitting over the radio, because a group might arrive garbled. Posting each group twice on slashdot, however, makes no sense. The message will arrive correctly every time.
That's very interesting, because I can see the same pattern in the class where I teach (TA in a university networking class).
There ARE students who will pass (they grok things), those who won't, and those who may (and do if they work real hard). We can often see the pattern just before the first exam. It is usually confirmed because the "might" group usually passes the make-up test, while the "won't" group do not.
The students usually don't know (or know very little) about what is taught in class, they simply learn faster or slower. Neglecting them would be a big mistake (and I think THAT's the problem with the aproach in the parent post). There might be some insightful thinking in that idea that just degenerated into the "ignore 2/3 of the students".
We do not slow the speed of the class or lower the standard, though. We fail whomever can't perform. Then again, I'm talking about university level, not high school.
Not as depressing as you think though. Since there is no "easy to spot yes" button, people will have to take time to understand "yeah sure, pwn me".
If you just were to replace that button with a straight "Yes", though, I'd say it would go straight from eye to finger without involving the brain in no time.
I they were only damaging themselves, I would be 100% with you. Their actions, however, affect a lot of other people. Machines have to be cleaned/reinstalled by a computer geek (which IMHO should charge them top dollar for the service). The malware also tends to spread causing a big mess on the Internet (think a fast scan while searching for new hosts). The malware is also designed to do evil (and very annoying) things not related to its spreading mechanism (like spam relays). Because of idiots installing crapware, we are (among lots other things) buried in spam.
What's worse, lusers (yes, this term is VERY appropiate) refuse to take responsibility. They'll yell at the resident geek because "tha intarweb is not working right", but never acknowledge it's their own responsibility. That kind of user is the type that doesn't read a very obvious popup (or the owner's manual of anything) agreeing to have they machines pwned and then bitch around when nothing works.
Computers really need a bunch of "Hit me hard in the face" buttons (software AND hardware), location only noted in the operator's manual.
Evolution is not the same as lottery.
Even though mutations are random, its results are not.
That's what the scientists in TFA are investigating.
Let's review the experiment, I'll show you why it's not that random.
You take a few million bacteria.
You zap the bug's ability to withstand heat and the you heat them up.
Evolution says they will gain the ability to withstand heat again.
However, there are certain mechanisms that allow the critters to survive.
Let's assume from now on that mutations give a beneficial or at last neutral trait (harmful traits kill the bugs).
Of whatever traits that can be evolved, some are neutral, thus the bugs will gain nothing and will get cooked. I wouldn't bt on these mutations.
Sam thing if they gain a beneficial trait, but not for this environment (cruel joke to evolve resistance to cold in a cooking pot).
Some will evolve heat resistance. Let's assume there are three mutations that solve the heat problem.
Solution A allows the bacteria to survive, but takes a lot of energy (or food or whatever).
Solution B is cheap, easy to evolve, but can't be used in a very hot environment.
Solution C is more complex, but lets the bugs survive in all temperature ranges.
If I were to heat them to a hot (but not too hot for solution B) temperature, the scientists in TFA say you will get solution B evolved. Even if they are all equally possible, any critter who gets A or C is at disadvantage compared to B (instead of using energy to build A or C, they use less energy to do B, and the rest to breed). Even if A is evolved first, whenever a mutant evolves B, it will take over (it will breed faster).
If you turn up the heat, solution C will be the best, A will still be at a disadvantage and B does not work.
So, even if all mutations are random, I would bet on either B or C depending on the temperature. If the pot is not very hot, I'll choose B and almost certainly guess right. If the temperature is above the solution B threshold, if I choose C, it is very likely I will be right too.
That's what the scientists have been doing, they cook the bugs and notice they evolve the same solutions every time.
Of course, there might be a solution D undiscovered. However, once discovered (by the scientists) it can be added to the list and evaluated with the others. That's why they should try the experiments lots of times.
Wouldn't that hack need to advance the clock in very small increments?
I thought NTP servers (and clients) had a check that prevented them from resetting the clock a large amount of time (more than 10 minutes difference = server fault, IIRC).
You were on the right track, but you didn't dig deep enough.
/18 is really big). But at least you know something else. If you were to visit the webpage for its domain, you would notice it's some sort of big hosting service.
You were interrogating ARIN's whois database. It contains data about various types of entities (one being IP addresses). What you got was the data on that address. Some fields in the page you used were clickable. The logic is that the IP address belongs to a block and that block has an owner (and many other relationships). Should you have clicked on a block name, like NET-72-51-0-0-1, you would have gotten more information:
OrgName: Peer 1 Network Inc.
OrgID: PER1
Address: 2nd Floor, 75 Broad Street
City: New York
StateProv: NY
PostalCode: 10004
Country: US
NetRange: 72.51.0.0 - 72.51.63.255
CIDR: 72.51.0.0/18
NetName: PEER1-BLK-08
NetHandle: NET-72-51-0-0-1
Parent: NET-72-0-0-0-0
NetType: Direct Allocation
NameServer: NS1VAN.PEER1.NET
NameServer: NS2VAN.PEER1.NET
(......)
Which itself refers to even more data.
Now, in this case it looks like an ISP (a
You should also take in consideration that it is possible to make a domain lookup (if you ask the right whois server), so you could also find out what "oingo.com" is.
Also, GP also recommended finding its mail servers (it's a DNS lookup for MX records, if you don't know how, you need to RTFM).
The idea behind biometrics is that some autentication device detects some characteristic of your body that's not easy to forge. The response of a RFID chip however, would be relatively easy to fake, and the intruder would not have to be himself chipped.
Chipping is no more than a fancy way of carrying an access card, a poor substitute for biometrics (really NOT a substitute). And even if it were a perfect substitute, biometrics is not a good method under some circumstances (like remote logging: was that someone speaking his passphrase on a microphone, or just a recording?).
Decision makers should leave the mothod of authentication to the experts (sane ones, excessive paranoia is detrimental too).
I think XML has its uses. It is somewhat difficult to read for both humans and computers, but not that much. It's a good compromise since it should be easy to read with the right library, while still human readable for emergencies. I think it's good for machine readable files, like word processor documents and such.
What I do hate is developers thinking that XML is straight human readable. I hate people who uses straight XML config files (that I, being the administrator, have to edit by hand). On that part I'm 100% with you.
Anyway, ODF is XML. It's a bunch of XML files in a zip, so your criticism would apply to both ODF and MSXML.
I was thinking the same, but then it came to me. The target of the theft was probably NOT the information, but the drive itself (to make an extra buck on the side). If that's the situation, the information was probably NOT copied. Then it would make sense to purchase the drives back.
Obviously now the situation is different, since we should assume the traders now know the information in them is valuable too. The right move would probably be to recover the drives, tighten security and getting the right contacts so the next batch of stolen drives can be bought ASAP (and probably at premium prices).
BTW, force will probably not work. If they TAKE those drives, the next batch will probably go to Al-Qaeda (or anyone who will pay top dollars for the information).
Because it would mess up legitimate clients, and there might be something important connecting to them (after all, that particular NTP server has taken the role of the national NTP, acording to TFA).
Also it wouldn't solve his bandwidth problems.
That dlink boxes are not welcome is perfectly clear. In order to get a ntp server, there are lists that contain not only the name, but also the access conditions. Whet P.H. Kamp cited in his open letter was his entry in the list, that clearly states that it is only for danish servers. The first thing anyone wanting ntp service would have done is check this (well, anyone except dlink, I guess).
If you don't have a good sense of spatial reasoning, maybe you should not drive at all.
After all, correctly estimating distance (and relative speed, too) is the difference between braking before an intersection, and a major crash.
Besides, parallel parking is really as simple as the three steps grandparent posted.
I'm spotting a very disturbing trend here.
The appearance of these live desktop apps are shifting the protocols for mail access from established standads. Now, in order to access some mail provider's server you need a proprietary application, when really it should not be necesary (IMAP would do just fine). Google still provides POP access (although it is not good enough), but I'd bet that MS will only be accessible via web or its application.
Looks like the part about services being "decommoditized" mentioned in the halloween documents is becoming true.
Very bad news indeed.
Emmm.
Kid, overall aggressiveness is not the only reason "millions of people" think GB is a NAZI. We (count me in, using a relaxed definition of "nazi") are seeing VERY disturbing things happenning, very similar to the things happened that made Hitler the Fuhrer of the Third Reich.
You should have noticed the changes in the US in the last years, starting from the destruction of the WTC (~fire of the Reichstadt) followed by the perceived election fraud (Diebold), the illegal arrests (Guantanamo) and the reduction of personal freedoms.
If this happened here (Argentina), people would be REALLY alarmed (go and find out what happened during the military regimes in South America). Military regimes have started with less than what's happening in the US.
It's fair to say that Bush is no NAZI in the strict sense, but let's say he's acting "a little funny" for a democratic president. In fact, the US also reminds me of 1984 (perpetual war, anyone?).
Anyway, you should also take notice of the events going on the inside of the US to know WHY lots of people are calling him a NAZI.
By the way, I guess we should call him "that fucking fascist that is making a mess and is going to wreck the whole world (starting with the rights of his own people)", but NAZI is a good approximation, and shorter.
Considering what I use for production environments, I'd say my linux systems are pretty static. Windows, on the other hand, keeps getting patched and receiving minor changes (that sometimes screw thing up).
Linux OS can be pretty stable, unstable or anything in between. It's a matter of picking the right tool.
Mainly they want full specifications of the protocols and interfaces used in windows by MS, including any "secret" APIs, to be made available on reasonable terms to others. There is also a EUR 500 000 000 fine.
Crippled windows would be of no benefit.
They're not interested in cheap windows directly, but the idea seems that if someone can make "cheap windows" components, they should be able to do so without MS stepping on them (that's what the APIs are for).
Sure, they did. The problem is that the one time fine is only part of their punishment. MS could comply simply by paying EUR 2 million a day forever, but it would be crippling to MS and also not useful in solving the openness problem. Since opening the protocols as the EU is saying is very bad (cheap windows parts) MS does not want to comply. Hence the negotiation going right now.
Maybe you're not getting bitten right now, but proprietary protocols bite whenever you're weak. What are you going to do in a few years if you try to get away from MS apps? I'm getting bitten right now by active directory myself.
I think you really want an OS, a browser, a media player and a text editor. Them coming with the OS is just a convenience, unless it's not the ones you want (like IE) and you cannot remove them. I also like these apps in my machine, but I like a way for me to choose what I want (SUSE and Debian in my case). Anyway, you're using OS X, you're not being precisely locked in. What would you say if you were stuck with outlook and IE?
There are two different things mentioned in the article that I think make the article less than what it should have been.
The first one is data being compromised. There's a clear example when the author found a USB drive in an airport. (He could read it without problems). The second one is data loss, also mentioned. The author mixes both concepts when he compares the loss of a USB drive (assuming it's not backed up) with the loss of records by a big company (that would probably be compromise).
Even though they look like the same problem (if I put all my important data in a standard USB drive, if I lose it the data gets lost and compromised at the same time), they're not. These risks are mitigated with different methods. When you start taking steps against either data loss or compromise, it is shown that the author's definition of "data loss" is not that clear.
Imagine I had all my important data on a USB drive, encrypted (but without backups). If I lost said drive, I would be left without some important data, but it would have not been compromised.
The opposite would have happened if I had backups, but no encryption.
If both encryption and backups were available, if would be (under most circumstances) a non-issue (except for the loss of a USD 20 drive).
All of that assuming the drive owner is honest, and not using it to smuggle data out of a secured area.
The author seems to treat data as a physical object, which is not.