>Coca-Cola did once contain an estimated nine milligrams of cocaine per glass, but in 1903 it was removed.
What's strange about that is that for about 20 years afterward you could simply go to the drugstore and buy ounces of cocaine. It was one of the few drugs available that had any effective use at all. Coca drugs and Sulfa drugs, and then all the opiate-alcohol cure-all mixtures.
Germany may bet trying to reduce its association with nations that produce cocaine legally, and "nanogram" levels is not "zero."
Here I was under the delusion that places outside the USA were not hysterical about this stuff. I even thought Germany was one of those places where recreational drug use, while not legal, was generally tolerated.
Under 400 feet, 3+miles from any airport, not over any built-up area, and not annoying anyone (such as your local sheriff deputy who doesn't know or care about the limits of FAA regulations), those regs you cited do not apply.
On the other hand, it might be more fun to start this hobby within an organization that can get FAA 8130s, has a real budget, a CNC machine shop, chip fab plant, money, a big place to fly with Air Force approval, money, etc.
I work at a place that could get the COA/special 8130/7177 and whatever other certs would be needed to manufacture and sell an autonomous plane commercially, but everybody that would have an interest in such things is putting their time and effort into their *real* planes.
>You don't build more med schools unless there will be jobs for the graduates.
It's a bad example to use med schools, since of all people, a Medical Doctor will have an easier time than a person in most professions to make a self-employed living. Yes I know there is competition, and yes I know all about the expensive insurance and facilities a medical practice requires. But in the worst economic times, a competent Medical Doctor isn't missing any meals or standing in any bread lines. Driving a 7-series beamer and living in a 6 bedroom house in the foothills, maybe not. But come on -- know many doctors who are hurting for work?
If you're not contributing something to your employer of such value that it would not cost tens of thousands, if not hundreds of thousands of dollars to replace you, I'm sure you have much more serious reasons to be worried about "being fired on the spot" than whatever embarrassing-but-legal things you did in the distant past.
Do you have any concept of what it takes to find and hire a career-level professional, even in today's market? It's amazingly expensive and time-consuming and frustrating, and you are simply not going to see an HR administrator decide to fire someone without *solid* reasons *and* an argument that there is a return on the investment of terminating that person.
>I am sure that even the folks in HR realize that people change over time
I'm sure that the folks in HR are the ones who went to liberal arts colleges and didn't wear a stitch of clothes or have ten sober minutes the whole time.
There is a picture of me, blind drunk, talking to two police officers (who were working for my organization) because I had to arrange for them to take me to the bank with about $65,000 in cash, the drop from the tickets and beer sales of a large event that I was organizing. The picture was published in the local paper and I really thought it was a great shot... and of course since that was before the digital era, I cannot find it.
I'm *proud* of my drunken stupor years. What I don't understand is how your reputation and self-esteem have become so weak that you are worried about what others might think about things that have been recorded about you?
Be *proud* that you stood up against the war, or that you were a marijuana legalization activist, or whatever it is you're hiding from now. Don't be a hypocrite.
You could argue that this discriminates against males, since name-based background searches afford more protection to females, who routinely change their names. You could even say that it only favors the more attractive and/or more "social-norm" conformant females.
Even the dumbest script-kiddie attacks are smarter than raw permutations of characters. If you allow people to choose their own passwords, you *will* have a bias toward dictionary words (or just "pronounceable") which allows a statistical method that dramatically reduces the search space.
Distribute private keys. Enforce a policy where the private keys can be revoked. Use a physical token. Make it so the party logging in needs something they know (a private key) and something they don't know (the random number from the key fob).
It's easier to convince the People In Charge that this is necessary *after* a break-in.
It's better to simply *be* the Person In Charge and establish the policy, and enforce it.
Either you're serious about security or you're not.
One problem is that laypersons don't understand just how simple it is to break password authentication, and don't understand that if their password is a dictionary word or even a misspelling or l33t of a dictionary word, they've probably already been compromised. Going further, they don't consider that maybe the person doing the attack is a competitor or disgruntled former employee who *knows* the names and birthdates of all the spouses and children of the whole sales department.
Then there are people who won't take IT security seriously until they've lost a defense contract or a faced lawsuit over a leak of proprietary information.
>So what? Security through obscurity has pretty well been written off.
Just when I started to believe that, I had three different system administrators tell me to put SSH on a nonstandard port in response to dictionary attacks. Of course that buys you a few seconds maybe, but the bots are smart enough to nmap and find sshd running wherever you put it. My plan was to (hardware) firewall the host so that it only allowed specific source addresses and to disable passwords entirely. One of those admins, a service provider, was too lazy to use key authentication and whined about it. I wasn't impressed.
>Publishers care about this because the same content can be reshaped to fit their typesetting needs.
This pays off particularly well when neither the content creator nor the publisher knows ahead of time, the format of the finished work. My favorite real-world example was a bus schedule that had color-coded tabs on the edge of the page to mark sections. Problem is, you don't get to know the size of the page when you're laying it out. Good luck doing that in Word. Not that it's the easiest thing to do in LaTeX, but it was done.
I finally realized that I could answer the phone "Phoenix Emergency..." Sometimes they try to argue, but never for more than a few seconds, that they have not dialed 911.
You joke, but they do have a service where your domain's mx can be setup to use Gmail both for mx and for imap. I'm sure for a high-profile client, they could completely hide the fact that it's gmail. We have users who don't know they are on gmail. It's imap.ourdomain.com and smtp.ourdomain.com to them, and their users are name@ourdomain.com, not gmail.com.
>There's already spam-blocking and virus-scanning firewalls out there
I never got more spam than when I was behind a "Barracuda".
I never saw less spam than when I started using Gmail.
I persuaded my company to move our mail (@ourdomain) to gmail. It doesn't seem to be well known that you can use Gmail with your domain name, and they provide imap access for clients. It's a very cost-effective solution.
>Hell, if Google gave me the option of running all my personal mail servers messages through their spam filter before it hits my mailbox I'd pay for it.
They do, sort of. We did something similar, before we fully migrated to gmail (our domain, not gmail.com). We had a local mail server that would transfer via imap after messages were delivered to gmail, until all users were migrated and we shutdown our local mail server.
Slashdot Mirror
I'm willing to bet that you cannot create an image by any process that, projected on a screen, will fool me into believing it's a Kodachrome 64 slide.
>Coca-Cola did once contain an estimated nine milligrams of cocaine per glass, but in 1903 it was removed.
What's strange about that is that for about 20 years afterward you could simply go to the drugstore and buy ounces of cocaine.
It was one of the few drugs available that had any effective use at all. Coca drugs and Sulfa drugs, and then all the opiate-alcohol cure-all mixtures.
Germany may bet trying to reduce its association with nations that produce cocaine legally, and "nanogram" levels is not "zero."
Here I was under the delusion that places outside the USA were not hysterical about this stuff. I even thought Germany was one of those places where recreational drug use, while not legal, was generally tolerated.
Under 400 feet, 3+miles from any airport, not over any built-up area, and not annoying anyone (such as your local sheriff deputy who doesn't know or care about the limits of FAA regulations), those regs you cited do not apply.
On the other hand, it might be more fun to start this hobby within an organization that can get FAA 8130s, has a real budget, a CNC machine shop, chip fab plant, money, a big place to fly with Air Force approval, money, etc.
I work at a place that could get the COA/special 8130/7177 and whatever other certs would be needed to manufacture and sell an autonomous plane commercially, but everybody that would have an interest in such things is putting their time and effort into their *real* planes.
>I'd love to see some vendor shipping laptops "Tested with Ubuntu, Fedora, NetBSD and OpenSolaris".
I'd settle for full advance disclosure of chipset specs.
>The context here is theft. Petty theft, but theft all the same, and he had stolen items on him when caught.
One could argue that a sustained accusation of a crime without a conviction is slander.
Much harder to argue, though, if he did commit the crime.
>But, I have only ever some across one company who used them...
Very common in my sector (manufacture and overhaul of military aircraft).
>We laugh at the idea of the legal name being changed,
Why? The *women* do it *routinely*. One could argue that there is gender discrimination at work.
>You don't build more med schools unless there will be jobs for the graduates.
It's a bad example to use med schools, since of all people, a Medical Doctor will have an easier time
than a person in most professions to make a self-employed living. Yes I know there is competition, and yes
I know all about the expensive insurance and facilities a medical practice requires. But in the worst economic times,
a competent Medical Doctor isn't missing any meals or standing in any bread lines. Driving a 7-series beamer and living in a 6 bedroom house in the foothills, maybe not. But come on -- know many doctors who are hurting for work?
If you're not contributing something to your employer of such value that it would not cost tens of thousands, if not hundreds of thousands of dollars to replace you, I'm sure you have much more serious reasons to be worried about "being fired on the spot" than whatever embarrassing-but-legal things you did in the distant past.
Do you have any concept of what it takes to find and hire a career-level professional, even in today's market? It's amazingly expensive and time-consuming and frustrating, and you are simply not going to see an HR administrator decide to fire someone without *solid* reasons *and* an argument that there is a return on the investment of terminating that person.
>I am sure that even the folks in HR realize that people change over time
I'm sure that the folks in HR are the ones who went to liberal arts colleges and didn't wear a stitch of clothes or have ten sober minutes the whole time.
There is a picture of me, blind drunk, talking to two police officers (who were working for my organization) because I had to arrange for them to take me to the bank with about $65,000 in cash, the drop from the tickets and beer sales of a large event that I was organizing. The picture was published in the local paper and I really thought it was a great shot... and of course since that was before the digital era, I cannot find it.
I'm *proud* of my drunken stupor years. What I don't understand is how your reputation and self-esteem have become so weak that you are worried about what others might think about things that have been recorded about you?
Be *proud* that you stood up against the war, or that you were a marijuana legalization activist, or whatever it is you're hiding from now. Don't be a hypocrite.
You could argue that this discriminates against males, since name-based background searches afford more protection to females, who routinely change their names. You could even say that it only favors the more attractive and/or more "social-norm" conformant females.
>(A) People will increase risk by having to write them down, or
Firing offense in my shop.
>(B) People will try to stop using your system, which is a different but related kind of failure?
Employment is voluntary. Don't like our security policies? That's squarely in "keep your fat mouth shut" territory.
Even the dumbest script-kiddie attacks are smarter than raw permutations of characters.
If you allow people to choose their own passwords, you *will* have a bias toward dictionary words (or just "pronounceable") which allows a statistical method that dramatically reduces the search space.
IP Whitelist.
Private Keys+Hardware Token (no passwords weak or strong.)
IT Security Policy Breach is Firing Offense.
Problem solved.
In a defense environment, "Firing Offense" can be upgraded to "Felony Prosecution."
Distribute private keys. Enforce a policy where the private keys can be revoked. Use a physical token.
Make it so the party logging in needs something they know (a private key) and something they don't know (the random number from the key fob).
It's easier to convince the People In Charge that this is necessary *after* a break-in.
It's better to simply *be* the Person In Charge and establish the policy, and enforce it.
Either you're serious about security or you're not.
One problem is that laypersons don't understand just how simple it is to break password authentication, and don't understand that if their password is a dictionary word or even a misspelling or l33t of a dictionary word, they've probably already been compromised. Going further, they don't consider that maybe the person doing the attack is a competitor or disgruntled former employee who *knows* the names and birthdates of all the spouses and children of the whole sales department.
Then there are people who won't take IT security seriously until they've lost a defense contract or a faced lawsuit over a leak of proprietary information.
>So what? Security through obscurity has pretty well been written off.
Just when I started to believe that, I had three different system administrators tell me to put SSH on a nonstandard port in response to dictionary attacks. Of course that buys you a few seconds maybe, but the bots are smart enough to nmap and find sshd running wherever you put it. My plan was to (hardware) firewall the host so that it only allowed specific source addresses and to disable passwords entirely. One of those admins, a service provider, was too lazy to use key authentication and whined about it. I wasn't impressed.
>Not to mention that we already tried that "write once run anywhere" approach about a decade ago...
>And we all know how "that" turned out.
Really, really well? Better than any other portability endeavor in computing history?
>Publishers care about this because the same content can be reshaped to fit their typesetting needs.
This pays off particularly well when neither the content creator nor the publisher knows ahead of time, the format of the finished work. My favorite real-world example was a bus schedule that had color-coded tabs on the edge of the page to mark sections. Problem is, you don't get to know the size of the page when you're laying it out. Good luck doing that in Word. Not that it's the easiest thing to do in LaTeX, but it was done.
"If they really were inalienable, how come they're violated on a regular basis around the world?"
They were being violated on a regular basis in 1776, too.
I finally realized that I could answer the phone "Phoenix Emergency..."
Sometimes they try to argue, but never for more than a few seconds, that they have not dialed 911.
>Just use gmail. gmail.mil
You joke, but they do have a service where your domain's mx can be setup to use Gmail both for mx and for imap. I'm sure for a high-profile client, they could completely hide the fact that it's gmail. We have users who don't know they are on gmail. It's imap.ourdomain.com and smtp.ourdomain.com to them, and their users are name@ourdomain.com, not gmail.com.
>There's already spam-blocking and virus-scanning firewalls out there
I never got more spam than when I was behind a "Barracuda".
I never saw less spam than when I started using Gmail.
I persuaded my company to move our mail (@ourdomain) to gmail. It doesn't seem to be well known that you can use Gmail with your domain name, and they provide imap access for clients.
It's a very cost-effective solution.
>Hell, if Google gave me the option of running all my personal mail servers messages through their spam filter before it hits my mailbox I'd pay for it.
They do, sort of. We did something similar, before we fully migrated to gmail (our domain, not gmail.com). We had a local mail server that would transfer via imap after messages were delivered to gmail, until all users were migrated and we shutdown our local mail server.