If the password is hashed client side and the database gets exploited, you've just given access to everyone. Since they can just manually use the hash from the db to log in.
You'd need to do double hashing with per site salt to counteract it.
Or just use SSL like everyone else suggested. Somewhat easier and doesn't have that problem. Or you could manually SHA1 your passwords and use the hashed copy as your password for long and pseudorandom passwords.
Just as much as I have the right to think that everything that happens in their stadiums is copyrighted by myself. In other words, what they think is irrelevant.
He only thinks he wants a TV. What he actually needs is a 30cm Monster cable for the $10k. You can waste hours admiring it instead of wasting your time with TV.
Actually that would be a very interesting configuration in court.
The **AA would not be able to prove what wifi was used to commit the offence, and it makes it even more plausible that you hand out the guest account to anyone including neighbours who perhaps had net issues once.
Yes but the thing is cloud environments are a shared medium. If you just happen to get a node where someone is calculating Pi then your burstable CPU won't be as high as a node with light loads on it.
Now if no one else is using the node (e.g. Azure) then it will be blazing fast....and crash regularly. Yeah ok that was a cheap shot.:P
Erm you can connect the serial to the internet or private internal network or VPN.
The point of the serial connection is to limit the attack area. No ports, no other services running, nothing excessive which isn't needed to communicate the raw data. That was my point.
TX isn't necessarily bad with a serial line either for situations that require it. You just need a decent chunk of good code to authenticate everything and validate it.
Plugging it directly in to the internet isn't the right solution pretty much ever. Mind you thats only slightly worse than a serial line with dodgy code controlling it.
Even easier. Pull out a RS232 cable to run between a internet connected computer and the SCADA system.
You can still send detailed alerts and possibly even remotely monitor the site. Just keep it read only and use a teeny tiny bit of quality code and its safe.
TIFF is more of a meta format (think AVI - it can be uncompressed, or use a range of codecs). Its extreme flexibility makes it very easy to over look something in the code. It is always a buffer overflow that is created.
Slashdot Mirror
If the password is hashed client side and the database gets exploited, you've just given access to everyone.
Since they can just manually use the hash from the db to log in.
You'd need to do double hashing with per site salt to counteract it.
Or just use SSL like everyone else suggested. Somewhat easier and doesn't have that problem.
Or you could manually SHA1 your passwords and use the hashed copy as your password for long and pseudorandom passwords.
Oh that must mean its a free easily downloadable game then......huh no it isnt.
You are paying to see ads. Its supposed to be the other way around.
Course not.
Oh and in 6 months time they will add advertising to their games as well.
No the retail price won't change with that either.
Erm no? I use Linux and open PDFs with Okular.
What? You can't honestly tell me that you are using Acrobat? Even on Windows that's stupid.
The plan to get the NSA using our code is proceeding well.
Initiate phase 2: Open source all their data.
Oh wait did I say that out loud?
If a 100Mhz analog scope can't detect the stair steps, then there is absolutely no fucking way you have the slightest chance of detecting it.
100,000,000 Hz vs your ears at maybe 20,000 Hz.
See the difference?
Because vulnerabilities that don't allow jail breaking don't get fixed terribly quickly?
Few are locked properly. 95% get rooted with no troubles.
They didn't know about the N900? The one where you could ssh in and had xterm installed by default?
Yeah it had a real keyboard too. :P
Admire 17 of them then. Even better!
Oh sure. Everything that has been said about Macs and Linux still stands.
Now we all knew Java was riddled with holes. That too still stands.
Macs and Linux just happen to be able to run Java.
They have the right to think that.
Just as much as I have the right to think that everything that happens in their stadiums is copyrighted by myself.
In other words, what they think is irrelevant.
He only thinks he wants a TV. What he actually needs is a 30cm Monster cable for the $10k. You can waste hours admiring it instead of wasting your time with TV.
Actually that would be a very interesting configuration in court.
The **AA would not be able to prove what wifi was used to commit the offence, and it makes it even more plausible that you hand out the guest account to anyone including neighbours who perhaps had net issues once.
Yes but the thing is cloud environments are a shared medium.
If you just happen to get a node where someone is calculating Pi then your burstable CPU won't be as high as a node with light loads on it.
Now if no one else is using the node (e.g. Azure) then it will be blazing fast....and crash regularly. :P
Yeah ok that was a cheap shot.
Erm you can connect the serial to the internet or private internal network or VPN.
The point of the serial connection is to limit the attack area.
No ports, no other services running, nothing excessive which isn't needed to communicate the raw data.
That was my point.
TX isn't necessarily bad with a serial line either for situations that require it.
You just need a decent chunk of good code to authenticate everything and validate it.
Plugging it directly in to the internet isn't the right solution pretty much ever.
Mind you thats only slightly worse than a serial line with dodgy code controlling it.
Oh sorry I didn't realise everyone had a 70s mainframe back then. My mistake.
Heck did you know those mainframes had that feature? I didn't.
Even easier. Pull out a RS232 cable to run between a internet connected computer and the SCADA system.
You can still send detailed alerts and possibly even remotely monitor the site. Just keep it read only and use a teeny tiny bit of quality code and its safe.
Its using stuff like IP which is the stupid part.
TIFF is more of a meta format (think AVI - it can be uncompressed, or use a range of codecs).
Its extreme flexibility makes it very easy to over look something in the code. It is always a buffer overflow that is created.
Cut the foreign born crap (Aussie here). Just say they are incompetent and leave it at that. Its more accurate that way.
And everyone would be much happier.
Well yeah the hardware is probably fine. My Microsoft keyboard and mouse work great too.
Provided you keep Windows away from it of course. :)
And people say Windows is easier than Linux. :P
Erm that would involve using a lot of graphics horse power.....which Intel doesn't have.
That was the GP's entire point.