I get that a monoculture is bad, but... When was the last time AWS lost an entire data centre to a DDOS?
It's probably exactly what the attackers want, but as someone with a responsibility first to my employer, how can I ever recommend a company like Linode?
They need to figure this out, because every time one of these articles hits the news the reputation damage is pushing them further and further into a spiral.
> Most homes today are heated with electricity and having original light bulb means you as well add that consumption to heating and it is so on off from that (not so good ratio but still).
Speak for yourself. Everything here is natural gas, which is probably actually better than the coal they're using to generate our power.
As per Wikipedia, the expected life of an LED bulb is ~30,000 hours. The expected life of an incandescent is ~1,000 hours. Obviously, if you're paying a dollar each for the incandescents and $20 for the LED, you're going to pay 50% more over time by using the incandescents.
> but android is a pretty mediocre experience on anything not designed as touchscreen hardware, usually without a keyboard or mouse.
I've had a mouse and keyboard hooked up to my phone (with an OTG adapter). I honestly didn't find it bad at all. The scroll wheel worked, avoiding having to click and drag to scroll. Everything else worked as expected... Really, the only thing that was a bit weird was 'swiping' down from the top to get my notifications and stuff.
That may have been a dealbreaker at some point, but with Windows 8 around it's now no worse than the flagship OS from the world's largest software company. At least I'm familiar with the Android gestures...
I've searched for the link but can't seem to find it, but I saw a "confession bear" meme at work the other day from reddit (boo reddit, whatever) about some guy getting let go and saying that "his employer should have changed the passwords" because he made several changes, including putting the calendar a month out.
Coincidence? Maybe. Probably not.
He was not doing it to be "leet". The attitude he potrayed seemed to just be that it would be worth some internet credit.
I know everyone on here thinks they are far too smart, and this could never happen to them, but it can.
Nah. I *know* I'm far too smart. Many years ago I was driving my friends car down a major road through town (~60mph speed limit) with him in the passenger seat and slammed the gas to pass someone... It stuck. I was quickly picking up speed to run into the car that was four or five car lengths in front of me in the middle of dense traffic doing 60mph. If I had slammed the brakes, I would've caused a pileup. There was nowhere to bail to as I was in the left lane. It was shaping up to be a disaster involving a lot of wrecked cars and lots of people hurt.
I didn't panic. I stomped the accelerator a couple of times to try and loosen it up - nothing happened. So I told my friend "Hold the wheel.", leaned down and stretch my arm in and wiggled and pulled the accelerator loose. Sat back up, took the wheel, and kept driving.
I've had my accelerator stick in other cars (whether due to them being old or catching on the floor mats). I've also driven (and successfully stopped - repeatedly) cars with no vacuum assist left on the brakes (there was a large leak somewhere). Never anything approaching 'panic' or an accident.
Even the people who only *think* they are too smart are probably now prepared for this having thought about and discussed it repeatedly. At least the steps are somewhere in their mind - instead of having to try and come up with a solution on the spot.
Bank teller will only let me have a 4 digit PIN. Went to an ATM and used the 'change PIN' feature. Could get it up to twelve digits. I settled on 10. Changed banks, did the same thing.
I've yet to run into a single place where it doesn't work - I do get some really funny looks though when I start typing up a novel on the pin pad.
Sure, maybe I've got some sort of virus/trojan/spyware. It must be a particularly nasty one too, there's no noticeable spike in network traffic (so I must be spamming), nothing picked up by the IDS (from all those malicious port scanning and network attacks going on), no pop-ups (making them lots of money), nothing picked up by clamav on my fileserver (not infecting things allows it to spread more effectively) nor any changes in the md5 hashes of the vital system files and directory listings I monitor (allowing it to truly root my system).
Oh, and my router doesn't support uPnp.
Of course, you could play the card that it's possible it has so effectively rooted my system that the on-system checks (md5 hashes/listings) are compromised, and it doesn't perform any activities that would allow the other machine to pick it up.
But I'm not playing possibilities here, I'm playing probabilities. I find the chance that I've been infected by a piece of malware that would slip under my radar sufficiently low as to be acceptable. Consdering the one or two infections I have let slip by (by running executables I really shouldn't have) have been picked up almost instantly.
Especially considering how ridiculously ineffective most modern AV programs are and how much they negatively effect system performance. Merely monitoring the hash of vital system files and keeping an eye on changes in the list of files in Windows\System32 will probably be more effective.
"There are a few things that should be off-limits though: Race, gender, sexual orientation, religion, place of birth, etc."
Err, despite being politically incorrent, using religion and place of birth is probably a good idea.
How many Buddhists have blown things up? How many Taoists?
How many Christians? How many Muslims?
How many people born in Canada have gone abroad to blow things up?
How many people born in the middle east have gone abroad to blow things up?
Hell, given that most of the bombings are religiously motivated, and most religions don't tolerate gays, you could probably just clear most homosexuals right off the bat without worry.
Anyways, political correctness is stupid, blah blah blah.
Have you tried setting your "Comment Post Mode" to "Plain old text" instead of "HTML formatted"? Typically if you're not intending to use HTML to format your post HTML formatted is a poor option.
But 'eh, keep bitching. It only shows your ignorance.
"Leaving aside a few basic functionality that even cheap phones have such as copy/paste, Java, MMS, video recording..."
Cheap phones? Copy and paste? Java? MMS? Video recording? Sure. The cheap phones have all those features. And they're so poorly implemented as to be damn-near unusable.
I have a Motorola Krzr. When I bought it, it was mid-high end. It's now nearly a year old.
The "Copy/Paste" consists of an inconsistently implemented set of menu options with very little flexibility and no implementation where it counts (I can't copy something from a text message, for example.) It's instead available for more useless situations like copying my phone's ESN or OS Version.
The phone, despite having 32MB built-in storage, refuses to store more than ~120 text messages total. Which wouldn't be _that_ big of a deal if the "Auto-Cleanup" setting actually worked. Instead, it just fills up and up until I either manually clear it or it gets full and just starts dropping text messages. With my 32MB of storage I can only have 5 alarms set. With my 32MB of storage I can only record about 2 minutes of voice notes.
I can't set things in my calendar to repeat bi-weekly. Most of the menus in the phone that provide a list of preset options and a custom option (including the "Event Duration" selection of the calendar) provide a list of damn-near useless preset options. The phone provides no way to take any sort of textual notes.
Of course, why would I want to? Motorola's "iTap" is about the most fucking retarded piece of bullshit I've ever used. "Jarmo" comes before "Jason". Typing "me." will result in "ne1" (Thanks, I'm not an illiterate fuck, I like to use real words. You don't really provide me an easy option for that case.) Typing "Mandie", punctuation, "s" will result in "Mandie.s". There's a ton of other examples, but they're not needed. Simply put, the phone actually pretty effectively manages to always choose the WORST option. That is, in any given situation, it will very accurately choose the letter least likely to complete a real word. This is in contrast to my ancient as shit Nokia phone. The T9 on there was a lot more intelligent.
It provides little flexibility in setting up ring profiles. It provides a built-in (shitty) MP3 player while having no sort of standard audio output jack. It will not play any music through bluetooth headphones. The phone itself is a flip phone, but with outside buttons which continue to have functions while the phone is closed, resulting in my battery being drained as the phone sits in camera mode for an hour in my pocket. The Java support on it is slower than you'd ever believe and the text input and menus used for Java applications are completely dissimilar from the rest of the phone, just to further complicate things.
When I close it, the screen pushes on the keypad so every time I open it I can read my keypad's imprint off of my screen.
This phone is an unintuitive, poorly designed piece of garbage.
So, at this point, you're probably wondering what my point is and how this all relates to whether the iPhone is good or bad.
Simple. Most phones already on the market are utter garbage. Sure, the iPhone probably has its problems. Sure, it's not perfect in every single way, and sure, I've never used an iPhone and I'm talking out of my ass. I do know, though, if Apple put as much effort into the design and user interaction with the iPhone as they did with the iPod, it's gonna be miles and miles ahead of its competitors.
And yeah, being able to brag about your shiny new iPhone is pretty cool too.
Why is this incorrect information being repeated over and over?
In theory, yes, physical access equals full system access.
In the real world, there's encryptions, traps, etc. to deal with.
For example, my laptop. I use TrueCrypt to provide full disk encryption. Sure, you can theoretically get access to my data given physical access, but it's not feasible given current computer systems and encryption algorithms.
Even if the OS is completely unencrypted, the application data could be encrypted with no bypass.
Even if the encryption isn't an issue, you've still got to worry about traps and such. Once you reset that password, a cron job on the next boot might notice and delete all of the important data off of the machine.
So although citing this oft-repeated rule makes you sound smart, it's not true.
ND
Re:Problem at the root
on
Head First C#
·
· Score: 1
Yes, but I don't do server-side development in.NET/Java, I do client side application development, and what Java runtime do most people use? I'm gonna go ahead and venture a guess that it's the Sun runtime.
If you try and tell me that the Sun runtime _isn't_ slower than the.NET runtime, then I'm gonna need you to provide some pretty serious proof. The MINUTES I've spent waiting on a reasonable machine for a the Sun JVM to compile and start a tiny program is just fucking ridiculous.
So sure, there may be some decent server-side VMs, but as far as desktop applications go, Java is pretty much just a big turd.
My Laptop: Uses TrueCrypt whole disk encryption. Upon boot, the MBR asks for a password. Give it anything but the correct password and it wont boot. Put the drive in another computer, it wont boot. Mount the drive from a LiveCD, it'll look like a stream of randomness. Take the drive down to someone with an electron microscope and have them look at the platters... it'll look like randomness. There is no bypass. There is no way to boot that will allow you to reset this password.
Simply put, you cannot access the data on the hard-drive without the password or the ability to brute force a lot of pretty serious encryption. Your assertion is false.
My File Server: In many cases, it's not just booting the OS itself and access the drives that is the difficulty - you also need the ability to access some of the data and applications once the OS is booted.
My fileserver contains a 20GB file initialized to random data and encrypted with a key (A). There is a USB drive in the computer that is fully encrypted with another key (B). Key A is placed on the USB drive, which requires key B to access. Key B is stored offsite on a server in another country encrypted with symmetric algorithm. Every day at a specific time, the offsite server places another layer of encryption on key B by generating a random key. It notifies my file server of this key, which then stores it. The offsite server does not store this key.
When my fileserver wishes to mount the encrypted file, it requests the encrypted key (B) from the offsite server, and then decryptes it with the locally stored key to it. Once it has key B decrypted (all done in RAM), it mounts the flash drive, uses the key on the flash drive to mount the encrypted file then clears all keys from memory and dismounts the flash drive.
So, the net effect is that in order to get access to the encrypted file, the USB key must be plugged into the computer, and the file server must have a full list of keys for the remote server. If my file server goes offline or changes address or anything for one day, the partition becomes virtually inaccessible to all involved (I have a backup key hidden.)
In either case, there's no way to get at SHIT without already having access or some really fucking powerful computers to brute force it all.
Cheers, Adam
Re:Problem at the root
on
Head First C#
·
· Score: 1
Just in the time saved in waiting for all of those Java programs we could have been writing to compile and run, it was probably worth the thousands of man hours designing and implementing.NET.
If nothing else I always choose to use a.NET language where possible (eg, not needing the cross-platform component of Java) simply because I enjoy the massive speedup I experience.
I could be crazy, but I think there's some truth to names and personality traits being tied together somehow (it might just be that people give certain traits to people with certain names, and in treating them that way the person picks up the traits or something). Going through life, I tend to notice some real similarities between people with similar names, and drastic personality shifts usually occur around the same time as people starting to use a different form of their name.
In fact, one of my relatives had a book they showed me full of names and some fairly specific personality traits and such, and everyone I looked up that I knew fit the description nearly to a T.
I'm typing this from Opera with 36 tabs open using ~155MB of RAM. These aren't all just small mostly text pages, either. They've got graphics and CSS and content and media...
Not to mention Opera actually stores a pre-rendered version of your history as to make navigating back and forth instant along with all sorts of other fun stuff, like hanging on to multiple closed tabs so you can just hit "Edit->Undo" and open them back up if you close them by mistake.
Firefox is just bloated. Always has been, probably always will be. I don't know why everyone's so damn excited about it... all they've really done in the latest release is make it more like Opera.
That stupid as fuck address bar thing? Been in Opera for a little while (was only officially released in 9.5). And actually supports searching the in-page text as well, as Firefox plans to implement eventually (fairly far down in the comments).
Opera incudes a mail client, news reader, bittorrent client, a bunch of functionality only available in FF as plugins (mouse gestures, anyone?) and some I'm not even sure is available like tab thumbnail previews, full MDI and ACTUAL USEFUL TAB ORDERING. You'd be amazed how much time you can save when hitting Ctrl+Tab takes you to your most recently used tab instead of just whatever one happens to be next in the list. It also has the option to open new tabs next to your current one so that all of your related tabs will stay together.
All of this, and Opera's download is STILL smaller than Firefox's and it's STILL a faster browser and STILL has better standards compliance.
From this graph, the price of corn in 2004 peaked at approximately $3.35/bushel. The latest price of corn on there was approximately $4.30/bushel.
From this site, the approximate weight of one bushel of corn is 56 lbs. According to Google that's 25'401 grams.
If you cut all of the kernels off of the cob, boil them, and eat them without salt or any other seasonings, according to this chart, it will contain 66 calories per 82 grams.
This means one bushel contains approximately 20'445 calories.
According to this list, a 190 lb person running at 10mph (6 minute mile) will burn 1380 calories.
So, you'll get 14.8 miles worth of calories out of one bushel of corn.
So, in 2004 you'd be paying $0.226 per mile. Today you'd be paying $0.291 per mile. That's an increase of about 22.3%.
An increase from $75 (GURPS 4e, 2004) to $105 (D&D 4e, 2008) is 28.6%.
So given the questionable sources, estimations, etc I've used, I'd say that those numbers are close enough to conclude that the cost of the books has approximately followed the market.
If you're making/losing that much money due to your web presence, then it's your own fault for not having a redundant server set up. If you're making $1000/day in sales, you'd better consider shelling out another $80 or so for a second box for exactly this kind of situation.
There's only so much planning that can be done, because every so often a meteor's gonna come done and put a hole right through the middle of your server, and it's not up to your host to have 6" titanium reinforced roofing or anything. If your hosting is that important, BUY SOME REDUNDANCY.
As well, I've found the service and support has become significantly better since The Planet took over, but maybe it's just because I have reasonable expectations. Most of the people complaining seem to be the "OMG I'M LOSING TEN THOUSAND DOLLARS A DAY ON MY $80 HOSTING PLAN! YOU GUYS NEED TO MAKE IT WORK! NOW!" types.
Yes, some of my secret data may or may not be held in a volume hidden inside of the free space of a filesystem within a file hidden away and encrypted with Serpent-Twofish-AES. (TrueCrypt).
Of course, the only information I have held in there is the kind of stuff I wont even describe.
I keep all my porn in a file-backed device encrypted using geli (FreeBSD Handbook page on disk encryption) using a key located inside of an encrypted partition on a usb key so that the USB key must be present to mount the drive.
It's 2.5" form factor so it's probably meant for laptops which already have a means of locking drives, so I imagine it takes probably just takes advantage of this.
I don't think that's really as big of an issue as you think it is.
Anyone who's worried about protecting super-secret classified military secrets or something is worried about this.
Any company who just wants some way to help ensure that the thug that breaks into the company car and grabs the laptop onto which some idiot copied 220'000 SSNs wont be able to access them would be quite content with hardware encryption.
I don't know of it's an axiom of security, but it should be:
Most people don't give a half a shit about the data you're trying to secure.
Slashdot Mirror
I get that a monoculture is bad, but... When was the last time AWS lost an entire data centre to a DDOS?
It's probably exactly what the attackers want, but as someone with a responsibility first to my employer, how can I ever recommend a company like Linode?
They need to figure this out, because every time one of these articles hits the news the reputation damage is pushing them further and further into a spiral.
> Most homes today are heated with electricity and having original light bulb means you as well add that consumption to heating and it is so on off from that (not so good ratio but still).
Speak for yourself. Everything here is natural gas, which is probably actually better than the coal they're using to generate our power.
As per Wikipedia, the expected life of an LED bulb is ~30,000 hours. The expected life of an incandescent is ~1,000 hours. Obviously, if you're paying a dollar each for the incandescents and $20 for the LED, you're going to pay 50% more over time by using the incandescents.
> but android is a pretty mediocre experience on anything not designed as touchscreen hardware, usually without a keyboard or mouse.
I've had a mouse and keyboard hooked up to my phone (with an OTG adapter). I honestly didn't find it bad at all. The scroll wheel worked, avoiding having to click and drag to scroll. Everything else worked as expected... Really, the only thing that was a bit weird was 'swiping' down from the top to get my notifications and stuff.
That may have been a dealbreaker at some point, but with Windows 8 around it's now no worse than the flagship OS from the world's largest software company. At least I'm familiar with the Android gestures...
I've searched for the link but can't seem to find it, but I saw a "confession bear" meme at work the other day from reddit (boo reddit, whatever) about some guy getting let go and saying that "his employer should have changed the passwords" because he made several changes, including putting the calendar a month out.
Coincidence? Maybe. Probably not.
He was not doing it to be "leet". The attitude he potrayed seemed to just be that it would be worth some internet credit.
I know everyone on here thinks they are far too smart, and this could never happen to them, but it can.
Nah. I *know* I'm far too smart. Many years ago I was driving my friends car down a major road through town (~60mph speed limit) with him in the passenger seat and slammed the gas to pass someone... It stuck. I was quickly picking up speed to run into the car that was four or five car lengths in front of me in the middle of dense traffic doing 60mph. If I had slammed the brakes, I would've caused a pileup. There was nowhere to bail to as I was in the left lane. It was shaping up to be a disaster involving a lot of wrecked cars and lots of people hurt.
I didn't panic. I stomped the accelerator a couple of times to try and loosen it up - nothing happened. So I told my friend "Hold the wheel.", leaned down and stretch my arm in and wiggled and pulled the accelerator loose. Sat back up, took the wheel, and kept driving.
I've had my accelerator stick in other cars (whether due to them being old or catching on the floor mats). I've also driven (and successfully stopped - repeatedly) cars with no vacuum assist left on the brakes (there was a large leak somewhere). Never anything approaching 'panic' or an accident.
Even the people who only *think* they are too smart are probably now prepared for this having thought about and discussed it repeatedly. At least the steps are somewhere in their mind - instead of having to try and come up with a solution on the spot.
I'm not sure that's comforting.
Oh, funny. Mine didn't make the list.
Bank teller will only let me have a 4 digit PIN. Went to an ATM and used the 'change PIN' feature. Could get it up to twelve digits. I settled on 10. Changed banks, did the same thing.
I've yet to run into a single place where it doesn't work - I do get some really funny looks though when I start typing up a novel on the pin pad.
Sure, maybe I've got some sort of virus/trojan/spyware. It must be a particularly nasty one too, there's no noticeable spike in network traffic (so I must be spamming), nothing picked up by the IDS (from all those malicious port scanning and network attacks going on), no pop-ups (making them lots of money), nothing picked up by clamav on my fileserver (not infecting things allows it to spread more effectively) nor any changes in the md5 hashes of the vital system files and directory listings I monitor (allowing it to truly root my system).
Oh, and my router doesn't support uPnp.
Of course, you could play the card that it's possible it has so effectively rooted my system that the on-system checks (md5 hashes/listings) are compromised, and it doesn't perform any activities that would allow the other machine to pick it up.
But I'm not playing possibilities here, I'm playing probabilities. I find the chance that I've been infected by a piece of malware that would slip under my radar sufficiently low as to be acceptable. Consdering the one or two infections I have let slip by (by running executables I really shouldn't have) have been picked up almost instantly.
Especially considering how ridiculously ineffective most modern AV programs are and how much they negatively effect system performance. Merely monitoring the hash of vital system files and keeping an eye on changes in the list of files in Windows\System32 will probably be more effective.
But hey, what do I know.
"There are a few things that should be off-limits though:
Race, gender, sexual orientation, religion, place of birth, etc."
Err, despite being politically incorrent, using religion and place of birth is probably a good idea.
How many Buddhists have blown things up? How many Taoists?
How many Christians? How many Muslims?
How many people born in Canada have gone abroad to blow things up?
How many people born in the middle east have gone abroad to blow things up?
Hell, given that most of the bombings are religiously motivated, and most religions don't tolerate gays, you could probably just clear most homosexuals right off the bat without worry.
Anyways, political correctness is stupid, blah blah blah.
ND
Have you tried setting your "Comment Post Mode" to "Plain old text" instead of "HTML formatted"? Typically if you're not intending to use HTML to format your post HTML formatted is a poor option.
But 'eh, keep bitching. It only shows your ignorance.
Cheers,
ND
"Leaving aside a few basic functionality that even cheap phones have such as copy/paste, Java, MMS, video recording..."
Cheap phones? Copy and paste? Java? MMS? Video recording? Sure. The cheap phones have all those features. And they're so poorly implemented as to be damn-near unusable.
I have a Motorola Krzr. When I bought it, it was mid-high end. It's now nearly a year old.
The "Copy/Paste" consists of an inconsistently implemented set of menu options with very little flexibility and no implementation where it counts (I can't copy something from a text message, for example.) It's instead available for more useless situations like copying my phone's ESN or OS Version.
The phone, despite having 32MB built-in storage, refuses to store more than ~120 text messages total. Which wouldn't be _that_ big of a deal if the "Auto-Cleanup" setting actually worked. Instead, it just fills up and up until I either manually clear it or it gets full and just starts dropping text messages. With my 32MB of storage I can only have 5 alarms set. With my 32MB of storage I can only record about 2 minutes of voice notes.
I can't set things in my calendar to repeat bi-weekly. Most of the menus in the phone that provide a list of preset options and a custom option (including the "Event Duration" selection of the calendar) provide a list of damn-near useless preset options. The phone provides no way to take any sort of textual notes.
Of course, why would I want to? Motorola's "iTap" is about the most fucking retarded piece of bullshit I've ever used. "Jarmo" comes before "Jason". Typing "me." will result in "ne1" (Thanks, I'm not an illiterate fuck, I like to use real words. You don't really provide me an easy option for that case.) Typing "Mandie", punctuation, "s" will result in "Mandie.s". There's a ton of other examples, but they're not needed. Simply put, the phone actually pretty effectively manages to always choose the WORST option. That is, in any given situation, it will very accurately choose the letter least likely to complete a real word. This is in contrast to my ancient as shit Nokia phone. The T9 on there was a lot more intelligent.
It provides little flexibility in setting up ring profiles. It provides a built-in (shitty) MP3 player while having no sort of standard audio output jack. It will not play any music through bluetooth headphones. The phone itself is a flip phone, but with outside buttons which continue to have functions while the phone is closed, resulting in my battery being drained as the phone sits in camera mode for an hour in my pocket. The Java support on it is slower than you'd ever believe and the text input and menus used for Java applications are completely dissimilar from the rest of the phone, just to further complicate things.
When I close it, the screen pushes on the keypad so every time I open it I can read my keypad's imprint off of my screen.
This phone is an unintuitive, poorly designed piece of garbage.
So, at this point, you're probably wondering what my point is and how this all relates to whether the iPhone is good or bad.
Simple. Most phones already on the market are utter garbage. Sure, the iPhone probably has its problems. Sure, it's not perfect in every single way, and sure, I've never used an iPhone and I'm talking out of my ass. I do know, though, if Apple put as much effort into the design and user interaction with the iPhone as they did with the iPod, it's gonna be miles and miles ahead of its competitors.
And yeah, being able to brag about your shiny new iPhone is pretty cool too.
ND
Why is this incorrect information being repeated over and over?
In theory, yes, physical access equals full system access.
In the real world, there's encryptions, traps, etc. to deal with.
For example, my laptop. I use TrueCrypt to provide full disk encryption. Sure, you can theoretically get access to my data given physical access, but it's not feasible given current computer systems and encryption algorithms.
Even if the OS is completely unencrypted, the application data could be encrypted with no bypass.
Even if the encryption isn't an issue, you've still got to worry about traps and such. Once you reset that password, a cron job on the next boot might notice and delete all of the important data off of the machine.
So although citing this oft-repeated rule makes you sound smart, it's not true.
ND
Yes, but I don't do server-side development in .NET/Java, I do client side application development, and what Java runtime do most people use? I'm gonna go ahead and venture a guess that it's the Sun runtime.
If you try and tell me that the Sun runtime _isn't_ slower than the .NET runtime, then I'm gonna need you to provide some pretty serious proof. The MINUTES I've spent waiting on a reasonable machine for a the Sun JVM to compile and start a tiny program is just fucking ridiculous.
So sure, there may be some decent server-side VMs, but as far as desktop applications go, Java is pretty much just a big turd.
Demonstratably false and demonstratably silly.
I will present, for your perusal, two cases:
My Laptop: Uses TrueCrypt whole disk encryption. Upon boot, the MBR asks for a password. Give it anything but the correct password and it wont boot. Put the drive in another computer, it wont boot. Mount the drive from a LiveCD, it'll look like a stream of randomness. Take the drive down to someone with an electron microscope and have them look at the platters... it'll look like randomness. There is no bypass. There is no way to boot that will allow you to reset this password.
Simply put, you cannot access the data on the hard-drive without the password or the ability to brute force a lot of pretty serious encryption. Your assertion is false.
My File Server: In many cases, it's not just booting the OS itself and access the drives that is the difficulty - you also need the ability to access some of the data and applications once the OS is booted.
My fileserver contains a 20GB file initialized to random data and encrypted with a key (A). There is a USB drive in the computer that is fully encrypted with another key (B). Key A is placed on the USB drive, which requires key B to access. Key B is stored offsite on a server in another country encrypted with symmetric algorithm. Every day at a specific time, the offsite server places another layer of encryption on key B by generating a random key. It notifies my file server of this key, which then stores it. The offsite server does not store this key.
When my fileserver wishes to mount the encrypted file, it requests the encrypted key (B) from the offsite server, and then decryptes it with the locally stored key to it. Once it has key B decrypted (all done in RAM), it mounts the flash drive, uses the key on the flash drive to mount the encrypted file then clears all keys from memory and dismounts the flash drive.
So, the net effect is that in order to get access to the encrypted file, the USB key must be plugged into the computer, and the file server must have a full list of keys for the remote server. If my file server goes offline or changes address or anything for one day, the partition becomes virtually inaccessible to all involved (I have a backup key hidden.)
In either case, there's no way to get at SHIT without already having access or some really fucking powerful computers to brute force it all.
Cheers,
Adam
Just in the time saved in waiting for all of those Java programs we could have been writing to compile and run, it was probably worth the thousands of man hours designing and implementing .NET.
If nothing else I always choose to use a .NET language where possible (eg, not needing the cross-platform component of Java) simply because I enjoy the massive speedup I experience.
ND
It's because "Funny" mods don't give you any good karma. Someone likely modded you "Insightful" because they wanted you to have some karma.
I could be crazy, but I think there's some truth to names and personality traits being tied together somehow (it might just be that people give certain traits to people with certain names, and in treating them that way the person picks up the traits or something). Going through life, I tend to notice some real similarities between people with similar names, and drastic personality shifts usually occur around the same time as people starting to use a different form of their name.
In fact, one of my relatives had a book they showed me full of names and some fairly specific personality traits and such, and everyone I looked up that I knew fit the description nearly to a T.
So if I'm crazy, I'm not the only one :)
ND
You're wrong.
I'm typing this from Opera with 36 tabs open using ~155MB of RAM. These aren't all just small mostly text pages, either. They've got graphics and CSS and content and media...
Not to mention Opera actually stores a pre-rendered version of your history as to make navigating back and forth instant along with all sorts of other fun stuff, like hanging on to multiple closed tabs so you can just hit "Edit->Undo" and open them back up if you close them by mistake.
Firefox is just bloated. Always has been, probably always will be. I don't know why everyone's so damn excited about it... all they've really done in the latest release is make it more like Opera.
That stupid as fuck address bar thing? Been in Opera for a little while (was only officially released in 9.5). And actually supports searching the in-page text as well, as Firefox plans to implement eventually (fairly far down in the comments).
Speed? Opera has been pretty significantly faster than all these other browsers for a long time. One version of Opera or another holds the winning speed in almost every catagory across all the OSs tested (Windows, Mac, Linux).
Opera incudes a mail client, news reader, bittorrent client, a bunch of functionality only available in FF as plugins (mouse gestures, anyone?) and some I'm not even sure is available like tab thumbnail previews, full MDI and ACTUAL USEFUL TAB ORDERING. You'd be amazed how much time you can save when hitting Ctrl+Tab takes you to your most recently used tab instead of just whatever one happens to be next in the list. It also has the option to open new tabs next to your current one so that all of your related tabs will stay together.
All of this, and Opera's download is STILL smaller than Firefox's and it's STILL a faster browser and STILL has better standards compliance.
ND
Well:
From this graph, the price of corn in 2004 peaked at approximately $3.35/bushel. The latest price of corn on there was approximately $4.30/bushel.
From this site, the approximate weight of one bushel of corn is 56 lbs. According to Google that's 25'401 grams.
If you cut all of the kernels off of the cob, boil them, and eat them without salt or any other seasonings, according to this chart, it will contain 66 calories per 82 grams.
This means one bushel contains approximately 20'445 calories.
According to this list, a 190 lb person running at 10mph (6 minute mile) will burn 1380 calories.
So, you'll get 14.8 miles worth of calories out of one bushel of corn.
So, in 2004 you'd be paying $0.226 per mile. Today you'd be paying $0.291 per mile. That's an increase of about 22.3%.
An increase from $75 (GURPS 4e, 2004) to $105 (D&D 4e, 2008) is 28.6%.
So given the questionable sources, estimations, etc I've used, I'd say that those numbers are close enough to conclude that the cost of the books has approximately followed the market.
ND
If you're making/losing that much money due to your web presence, then it's your own fault for not having a redundant server set up. If you're making $1000/day in sales, you'd better consider shelling out another $80 or so for a second box for exactly this kind of situation.
There's only so much planning that can be done, because every so often a meteor's gonna come done and put a hole right through the middle of your server, and it's not up to your host to have 6" titanium reinforced roofing or anything. If your hosting is that important, BUY SOME REDUNDANCY.
As well, I've found the service and support has become significantly better since The Planet took over, but maybe it's just because I have reasonable expectations. Most of the people complaining seem to be the "OMG I'M LOSING TEN THOUSAND DOLLARS A DAY ON MY $80 HOSTING PLAN! YOU GUYS NEED TO MAKE IT WORK! NOW!" types.
ND
I'm pretty sure I can guess how the men came there. It was probably right after the women arrived. ;)
Yes, some of my secret data may or may not be held in a volume hidden inside of the free space of a filesystem within a file hidden away and encrypted with Serpent-Twofish-AES. (TrueCrypt).
Of course, the only information I have held in there is the kind of stuff I wont even describe.
I keep all my porn in a file-backed device encrypted using geli (FreeBSD Handbook page on disk encryption) using a key located inside of an encrypted partition on a usb key so that the USB key must be present to mount the drive.
ND
It's 2.5" form factor so it's probably meant for laptops which already have a means of locking drives, so I imagine it takes probably just takes advantage of this.
I don't think that's really as big of an issue as you think it is.
Anyone who's worried about protecting super-secret classified military secrets or something is worried about this.
Any company who just wants some way to help ensure that the thug that breaks into the company car and grabs the laptop onto which some idiot copied 220'000 SSNs wont be able to access them would be quite content with hardware encryption.
I don't know of it's an axiom of security, but it should be:
Most people don't give a half a shit about the data you're trying to secure.